403WebShell

h( )($6;EbBLkfu�_l� ''8;DUFKV3Dd#,?ANk&5G$/(5M\^�ms��Sb�,;R''6c2I�!\��kx�Ve�[i��Me�IYO7:nOL~�Kr�qrv�I:�BM�y��s}r��K��x)1�6@r*2�89ma��&��'ti��{~#��t)1�2<�0:^5�W.uFzQ/u}�v��vv�u��U37yDJeEJo(/�5Ds'1�:Jlu�iy�iy�hw�1;:S`^BMLOQQn,4�7C�8C�>Lfe�]k�[i�Zg��IW�LZ�EP;,.��Tc�q(0) G,/]/1��w�r��l&-t*3�<<�u��#��j&.u��J68\8?"#$%&'()*+,-./0 !
Notice: Undefined index: dl in /var/www/html/web/simple.mini.php on line 1
403WebShell403Webshell

Server IP : 10.254.12.21 / Your IP : 10.254.12.21
Web Server : Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/5.6.40
System : Linux arit.skru.ac.th 3.10.0-1160.76.1.el7.x86_64 #1 SMP Wed Aug 10 16:21:17 UTC 2022 x86_64
User : apache ( 48)
PHP Version : 5.6.40
Disable Function : NONE
MySQL : ON | cURL : ON | WGET : OFF | Perl : ON | Python : ON | Sudo : ON | Pkexec : ON
Directory : /var/www/html/trr/sample/

Upload File :

[ Back ]

Current File : /var/www/html/trr/sample/lifestyle_add_db.php

<?ob_start();?>
<?php include 'check_mode_admin.php';?>
<?php include 'admin_dbconnect.php';?>
<?php include 'header.php';?>
<?php
if ($_POST["submit"])
{
	if ($_FILES["lifestyle_photo"]["name"])
	{
		$lifestyle_photo = $lifestyle_image_path_db . $_FILES["lifestyle_photo"]["name"];
	}
	else
	{
		$lifestyle_photo = "";
	}
	/*if($_POST["ref_personSub_id"])
	{
		$strSQL = "SELECT * FROM ref_person_sub WHERE ref_personSub_id = " . $_POST["ref_personSub_id"];
		$objQuery = mysql_query($strSQL);
		$objResult = mysql_fetch_array($objQuery);
		if($objResult)
		{
			$ref_personSub_id = $objResult["ref_personSub_id"];
			$ref_personMain_id = $objResult["ref_personMain_id"];
		}
		else
		{
			$ref_personSub_id = 1;		
			$ref_personMain_id = 1;
		}
	}
	else
	{
		$ref_personSub_id = 1;		
		$ref_personMain_id = 1;	
	}*/
	if (phpversion() >= 5.4)
	{
	$strSQL = "INSERT INTO lifestyle ";
	$strSQL .="(ref_lifestyleTypeMain_id,ref_lifestyle_pop_id,ref_lifestyle_ref_id,lifestyle_ethicGroup_name,lifestyle_photo,lifestyle_selfCall,lifestyle_otherCall,lifestyle_languages,lifestyle_historical,lifestyle_intro,lifestyle_history,lifestyle_humanLife,lifestyle_relative,lifestyle_relativName,lifestyle_costume,lifestyle_houseStyle,lifestyle_birth,lifestyle_marriage,lifestyle_newyear,lifestyle_beach_tradition,lifestyle_religion_trust,lifestyle_thaiGhost_tradition,lifestyle_spirit_sacred,lifestyle_rite,lifestyle_music_arts,lifestyle_song,lifestyle_legend,lifestyle_situation,lifestyle_changes_problems,lifestyle_networking) ";
	$strSQL .="VALUES ";
	$strSQL .="(". $_POST["ref_lifestyleTypeMain_id"] . "," . $_POST["ref_lifestyle_pop_id"] . "," . $_POST["ref_lifestyle_ref_id"] . ",'".addslashes($_POST["lifestyle_ethicGroup_name"])."','".addslashes($lifestyle_photo)."' ";
	$strSQL .=",'".addslashes($_POST["lifestyle_selfCall"])."','".addslashes($_POST["lifestyle_otherCall"])."','".addslashes($_POST["lifestyle_languages"])."' ";
	$strSQL .=",'".addslashes($_POST["lifestyle_historical"])."','".addslashes($_POST["lifestyle_intro"])."','". addslashes($_POST["lifestyle_history"]) ."' ";
	$strSQL .=",'". addslashes($_POST["lifestyle_humanLife"]) ."','".addslashes($_POST["lifestyle_relative"]). "','" . addslashes($_POST["lifestyle_relativName"]) . "','" . addslashes($_POST["lifestyle_costume"]) . "' ";
	$strSQL .=",'" . addslashes($_POST["lifestyle_houseStyle"]) ."','".addslashes($_POST["lifestyle_birth"]) ."','".addslashes($_POST["lifestyle_marriage"]) ."','".addslashes($_POST["lifestyle_newyear"]) . "' ";
	$strSQL .=",'" . addslashes($_POST["lifestyle_beach_tradition"]) ."','".addslashes($_POST["lifestyle_religion_trust"]) ."','".addslashes($_POST["lifestyle_thaiGhost_tradition"]) ."','".addslashes($_POST["lifestyle_spirit_sacred"]) . "' ";	
	$strSQL .=",'" . addslashes($_POST["lifestyle_rite"]) ."','".addslashes($_POST["lifestyle_music_arts"]) ."','".addslashes($_POST["lifestyle_song"]) ."','".addslashes($_POST["lifestyle_legend"]) . "' ";
	$strSQL .=",'" . addslashes($_POST["lifestyle_situation"]) ."','".addslashes($_POST["lifestyle_changes_problems"]) ."','".addslashes($_POST["lifestyle_networking"]) . "' )";		
	}
	else
	{	
	$strSQL = "INSERT INTO lifestyle ";
	$strSQL .="(ref_lifestyleTypeMain_id,ref_lifestyle_pop_id,ref_lifestyle_ref_id,lifestyle_ethicGroup_name,lifestyle_photo,lifestyle_selfCall,lifestyle_otherCall,lifestyle_languages,lifestyle_historical,lifestyle_intro,lifestyle_history,lifestyle_humanLife,lifestyle_relative,lifestyle_relativName,lifestyle_costume,lifestyle_houseStyle,lifestyle_birth,lifestyle_marriage,lifestyle_newyear,lifestyle_beach_tradition,lifestyle_religion_trust,lifestyle_thaiGhost_tradition,lifestyle_spirit_sacred,lifestyle_rite,lifestyle_music_arts,lifestyle_song,lifestyle_legend,lifestyle_situation,lifestyle_changes_problems,lifestyle_networking) ";
	$strSQL .="VALUES ";
	$strSQL .="(". $_POST["ref_lifestyleTypeMain_id"] . "," . $_POST["ref_lifestyle_pop_id"] . "," . $_POST["ref_lifestyle_ref_id"] . ",'".$_POST["lifestyle_ethicGroup_name"]."','".$lifestyle_photo."' ";
	$strSQL .=",'".$_POST["lifestyle_selfCall"]."','".$_POST["lifestyle_otherCall"]."','".$_POST["lifestyle_languages"]."' ";
	$strSQL .=",'".$_POST["lifestyle_historical"]."','".$_POST["lifestyle_intro"]."','". $_POST["lifestyle_history"] ."' ";
	$strSQL .=",'". $_POST["lifestyle_humanLife"] ."','".$_POST["lifestyle_relative"]. "','" . $_POST["lifestyle_relativName"] . "','" . $_POST["lifestyle_costume"] . "' ";
	$strSQL .=",'" . $_POST["lifestyle_houseStyle"] ."','".$_POST["lifestyle_birth"] ."','".$_POST["lifestyle_marriage"] ."','".$_POST["lifestyle_newyear"] . "' ";
	$strSQL .=",'" . $_POST["lifestyle_beach_tradition"] ."','".$_POST["lifestyle_religion_trust"] ."','".$_POST["lifestyle_thaiGhost_tradition"] ."','".$_POST["lifestyle_spirit_sacred"] . "' ";	
	$strSQL .=",'" . $_POST["lifestyle_rite"] ."','".$_POST["lifestyle_music_arts"] ."','".$_POST["lifestyle_song"] ."','".$_POST["lifestyle_legend"] . "' ";
	$strSQL .=",'" . $_POST["lifestyle_situation"] ."','".$_POST["lifestyle_changes_problems"] ."','".$_POST["lifestyle_networking"] . "' )";	
	}	
	$objQuery = mysql_query($strSQL) or die ("Error Query [".$strSQL."]");
	if($objQuery)
	{
		//echo "บันทึกข้อมูลแล้ว";
		//header("location:index.php", true, 301);
		$strSQL2 = "SELECT * FROM lifestyle WHERE (lifestyle_ethicGroup_name='" . $_POST["lifestyle_ethicGroup_name"] ."')";
		$objQuery2 = mysql_query($strSQL2) or die ("Error Query [".$strSQL2."]");
		if($objResult2 = mysql_fetch_array($objQuery2))
		{
			$lifestyle_ethieGroup_id = $objResult2["lifestyle_ethieGroup_id"];
		}
		else
		{
			$lifestyle_ethieGroup_id="";
		}
		
		//upload ภาพปก
		if(move_uploaded_file($_FILES["lifestyle_photo"]["tmp_name"],$lifestyle_image_path_upload . $_FILES["lifestyle_photo"]["name"]))
		{
			echo "บันทึกไฟล์ภาพเรียบร้อยแล้ว<BR>";
		}
		else  
		{
			echo "ไม่สามารถบันทึกไฟล์ภาพได้<BR>";
		}

		$redirect_url = "lifestyle_detail.php?lifestyle_ethieGroup_id=" . $lifestyle_ethieGroup_id;
		header("location:$redirect_url");
	}
	else
	{
		echo "ไม่สามารถบันทึกข้อมูลได้";
	}
}
?>

Youez - 2016 - github.com/yon3zu
LinuXploit