403Webshell
Server IP : 101.255.104.117  /  Your IP : 101.255.104.117
Web Server : Apache/2.4.34 (Win32) OpenSSL/1.0.2o PHP/5.6.38
System : Windows NT DESKTOP-5B8S0D4 6.2 build 9200 (Windows 8 Professional Edition) i586
User : user ( 0)
PHP Version : 5.6.38
Disable Function : NONE
MySQL : ON  |  cURL : ON  |  WGET : OFF  |  Perl : OFF  |  Python : OFF  |  Sudo : OFF  |  Pkexec : OFF
Directory :  D:/xampp182/htdocs/sarpras/html/dashboardxml/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : D:/xampp182/htdocs/sarpras/html/dashboardxml/Upload.inc.php
<?php
$nmForm = "index.php?Upload";
$nmForm2 = "index.php?Library";
$nmTable = "web_image";
$fileInput = "";

if(isset($_POST["Delete"])) {
	$exe = _del($nmTable,"image_id",$_POST["image_id"],0);
}

if(isset($_POST["Save"])) {
	$image_id = maxId("image_id",$nmTable);
	$images = $_FILES["fileInput"]["name"];
	if($images) {
		$rename = explode(".",$images);
		if(count($rename) > 1) {
			$images = "img_".$image_id.".".$rename[1];
			move_uploaded_file($_FILES["fileInput"]["tmp_name"],"mediamanager/" . $images);
		}
	}
	
//
error_reporting(0);

$change="";
$abc="";


 define ("MAX_SIZE","1000");
 function getExtension($str) {
         $i = strrpos($str,".");
         if (!$i) { return ""; }
         $l = strlen($str) - $i;
         $ext = substr($str,$i+1,$l);
         return $ext;
 }

 $errors=0;
  
 if($_SERVER["REQUEST_METHOD"] == "POST")
 {
 	$image =$_FILES["fileInput"]["name"];
	$uploadedfile = $_FILES["fileInput"]['tmp_name'];
     
 
 	if ($image) 
 	{
 	
 		$filename = stripslashes($_FILES["fileInput"]['name']);
 	
  		$extension = getExtension($filename);
 		$extension = strtolower($extension);
		
		
 if (($extension != "jpg") && ($extension != "jpeg") && ($extension != "png") && ($extension != "gif")) 
 		{
		
 			$change='<div class="msgdiv">Unknown Image extension </div> ';
 			$errors=1;
 		}
 		else
 		{

 $size=filesize($_FILES["fileInput"]['tmp_name']);


if ($size > MAX_SIZE*1024)
{
	$change='<div class="msgdiv">You have exceeded the size limit!</div> ';
	$errors=1;
}


if($extension=="jpg" || $extension=="jpeg" )
{
$uploadedfile = $_FILES["fileInput"]['tmp_name'];
$src = imagecreatefromjpeg($uploadedfile);

}
else if($extension=="png")
{
$uploadedfile = $_FILES["fileInput"]['tmp_name'];
$src = imagecreatefrompng($uploadedfile);

}
else 
{
$src = imagecreatefromgif($uploadedfile);
}

echo $scr;

list($width,$height)=getimagesize($uploadedfile);


$newwidth=640;
$newheight=($height/$width)*$newwidth;
$tmp=imagecreatetruecolor($newwidth,$newheight);


$newwidth1=120;
$newheight1=($height/$width)*$newwidth1;
$tmp1=imagecreatetruecolor($newwidth1,$newheight1);

imagecopyresampled($tmp,$src,0,0,0,0,$newwidth,$newheight,$width,$height);

imagecopyresampled($tmp1,$src,0,0,0,0,$newwidth1,$newheight1,$width,$height);


// $filename = "images/". $_FILES["fileInput"]['name'];
$filename = "mediamanager/". $images;
$filename1 = "mediamanager/small_". $images;
// $images = $filename;




imagejpeg($tmp,$filename,100);

imagejpeg($tmp1,$filename1,100);

imagedestroy($src);
imagedestroy($tmp);
imagedestroy($tmp1);
}}

}

//If no errors registred, print the success message
 if(isset($_POST['Submit']) && !$errors) 
 {
 
   // mysql_query("update {$prefix}users set img='$big',img_small='$small' where user_id='$user'");
 	$change=' <div class="msgdiv">Image Uploaded Successfully!</div>';
 }
//

	$tbField[0] = "image_id";
	$tbField[1] = "image_path";
	$tbField[2] = "image_create_by";
	
	$tbIsi[0] = $image_id;
	$tbIsi[1] = "'".$images."'";
	$tbIsi[2] = "'".$_SESSION["user-id"]."'";
	
	
	$nmField = compile_array($tbField);
	$isiField = compile_array($tbIsi);

	$exe = _ins($nmTable,$nmField,$isiField,0);
	echo "<script>window.alert('".$ssm."');</script>";
}

?>
<script>
function show_pict(a,b) {
	document.getElementById('imagesview').innerHTML="<img src='mediamanager/"+a+"'>";
	document.getElementById('image_id').value=b;
}
</script>


		<!-- BEGIN BASE-->
		<div id="base">

			<!-- BEGIN OFFCANVAS LEFT -->
			<div class="offcanvas">
			</div><!--end .offcanvas-->
			<!-- END OFFCANVAS LEFT -->

			<!-- BEGIN CONTENT-->
			<div id="content">
				<section>
					<div class="section-header">
						<ol class="breadcrumb">
							<li class="active">Upload Media</li>
						</ol>
					</div>
					<div class="section-body">
						<form class="form-horizontal row-fluid" method="POST" action="<?php echo $nmForm;?>" enctype="multipart/form-data">

						<!-- BEGIN HORIZONTAL FORM - BASIC ELEMENTS-->
						<div class="card">
							<div class="card-body">
									<div class="form-group">
										<label for="regular13" class="col-sm-2 control-label">Select media</label>
										<div class="col-sm-10">
											<input type="hidden" name="image_id" id="image_id" value="<?php echo $image_id;?>">
											<input class="form-control" accept="image/png, image/gif, image/jpeg" name="fileInput" id="fileInput" type="file">
										</div>
									</div>
							</div><!--end .card-body -->
						</div><!--end .card -->
						<!-- END HORIZONTAL FORM - BASIC ELEMENTS-->

					</div>

					<!-- BEGIN SECTION ACTION -->
					<div class="section-action style-primary">
						<div class="section-action-row">
							<a class="btn ink-reaction btn-icon-toggle" href="<?php echo $nmForm2;?>"><i class="fa fa-chevron-left"></i></a>
						</div>
						<div class="section-floating-action-row">
							<button type="submit" name="Save" class="btn ink-reaction btn-floating-action btn-lg btn-accent"><i class="md md-send"></i></button>
						</div>
						</form>   
					</div>
					<!-- END SECTION ACTION -->

				</section>
			</div><!--end #content-->
			<!-- END CONTENT -->

Youez - 2016 - github.com/yon3zu
LinuXploit