403WebShell

403Webshell

Server IP : 202.29.229.35 / Your IP : 3.129.194.130
Web Server : Apache
System : Linux aapanel2 4.15.0-213-generic #224-Ubuntu SMP Mon Jun 19 13:30:12 UTC 2023 x86_64
User : www ( 1001)
PHP Version : 5.5.38
Disable Function : passthru,exec,system,putenv,chroot,chgrp,chown,shell_exec,popen,proc_open,pcntl_exec,ini_alter,ini_restore,dl,openlog,syslog,readlink,symlink,popepassthru,pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,imap_open,apache_setenv
MySQL : ON | cURL : ON | WGET : OFF | Perl : OFF | Python : OFF | Sudo : OFF | Pkexec : OFF
Directory : /www/wwwroot/www.ivecr2.ac.th/system_admin/

Upload File :

[ Back ]

Current File : /www/wwwroot/www.ivecr2.ac.th/system_admin/subject_nameInsert.php

<?php 
session_start();
if($_SESSION['r_statuslogin'] != 1){
 echo '<script language="javascript">alert("สำหรับผู้ดูแลระบบเท่านั้น")</script>';
 echo'<meta http-equiv="refresh" content="0;url=../index.php">';
 exit();
}
						
						$adID=$_POST['adID'];
						$aduser=$_POST['aduser'];
						$adpass=md5($_POST['adpass']);
						$adFname=$_POST['adFname'];
						$adLname=$_POST['adLname'];
						$addepartmentID=$_POST['selectwork'];
						
						$tmp_name=$_FILES["picamdin"]["tmp_name"];
						$filename=$_FILES["picamdin"]["name"];
						
					
						$sqldpt="select * from  tbl_departmentall where daNodpt='$addepartmentID' ";
						$resultsqldpt=mysql_query($sqldpt,$connect1);
						$rsdpt=mysql_fetch_array($resultsqldpt);
						
							$no_dpt=$rsdpt['daNo'];
							$addepartment=$rsdpt['daFname'];
							$daNickname=$rsdpt['daNickname'];
							
						
						if($tmp_name<>""){
							$ext=strtolower(end(explode(".",$filename)));
							if($ext=="jpg" or $ext=="gif" or $ext=="png"){
								}else{
								echo "<script language='javascript'>alert('นามสกุลไฟล์ไม่ถูกต้อง   ไฟล์ต้องเป็น  .jpg/.png/.gif เท่านั้น')</script>";
								echo '<meta http-equiv="refresh"content="0;url=?i=subject_nameaFrm">';
								exit();
								}
								if($tmp_name ==""){
									$filedoc_ori = "";
								}else{
									$filedoc_ori="pic".date("Ymdhis").".".$ext;
								}
						}
		
						$sqlwork1="insert into tbladmin values (null,'$aduser','$adpass','$adFname','$adLname','$addepartment','$addepartmentID','$filedoc_ori','$no_dpt')";
						$resqlwork1=mysql_query($sqlwork1,$connect1);
						//echo "==>".$sqlwork1;
					if($resqlwork1){
						copy($tmp_name,"file_pictureadmin/".$filedoc_ori);
						echo "<script language='javascript'>alert('บันทึกข้อมูลเรียบร้อยแล้ว')</script>";
						echo '<meta http-equiv="refresh" content="0;url=?i=subject_nameall">';
					}else{
						echo "<script language='javascript'>alert('ไม่สามารถบันทึกข้อมูลได้')</script>";
						echo '<meta http-equiv="refresh" content="0;url=?i=subject_nameaFrm">';
						exit();
					}
						
?>

Youez - 2016 - github.com/yon3zu
LinuXploit