403Webshell
Server IP : 51.89.169.208  /  Your IP : 3.148.107.92
Web Server : Apache
System : Linux ns3209505.ip-198-244-202.eu 4.18.0-553.27.1.el8_10.x86_64 #1 SMP Tue Nov 5 04:50:16 EST 2024 x86_64
User : yellowleaf ( 1019)
PHP Version : 7.4.33
Disable Function : exec,passthru,shell_exec,system
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : ON  |  Pkexec : ON
Directory :  /home/yellowleaf/public_html/edit/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /home/yellowleaf/public_html/edit/edit_1.html
<? 
require('../../connect.php'); 

$adid=$_GET['adid'];
$memberid=$_GET['memberid'];
$companyname=$_GET['adname'];
// css for menu
$styleManage = 'color:#ff6131;background-color:#fff;border-top:1px solid #c9c9c9;font-weight:bold;';
if(isset($_POST['submit'])){

	$companyname=$_POST['companyname'];
	$address1=$_POST['address1'];	
	$address2=$_POST['address2'];
	$postcode=$_POST['postcode'];
	$longitude=$_POST['lon'];
	$latitude=$_POST['lat'];
	$telephone=$_POST['telephone'];
	$fax=$_POST['fax'];
	$url=$_POST['url'];
	$edit_file=$_POST['edit_file'];
	
	if($edit_file=="yes"){
	$fieldname = 'imgfile'; // the field name on the upload form
	$folder= 'uploads'; // folder for main image
	$folderSmall= 'small'; // folder for resized image
	$newwidth = 100; //custom width for resized image
	$time = time(); // current time
	$fname=$time.'-'.$_FILES[$fieldname]['name']; // new set file name with time
	$small_fname="s".$fname;
	include 'image_upload.php';
	echo img_up($fieldname,$folder,$folderSmall,$newwidth,$fname,$small_fname); // image upload function from included file
	$imageExist="image = '{$fname}',";
	}
	
	$q3 = "UPDATE ads SET
	       companyname = '$companyname',
	       street1 = '$address1',
	       street2 = '$address2',
	       postcode = '$postcode',
	       tel = '$telephone',
		   fax = '$fax',
		   url = '$url',
           postdate = '$time',
           longitude = '$longitude',
           latitude = '$latitude'
		   WHERE adid = '$adid' AND `memberid` = '$memberid'";

	$r3 = mysql_query($q3) or die(mysql_error());
	$success=TRUE;
	
}

$add_que_sql = mysql_query("SELECT * FROM ads WHERE memberid ='{$memberid}' AND adid ='{$adid}'");
$add_row = mysql_fetch_array($add_que_sql);

$cat_sql = mysql_query("SELECT * FROM cats WHERE cat_id='{$add_row['cat_1']}' OR cat_id='{$add_row['cat_2']}' OR cat_id='{$add_row['cat_3']}' OR cat_id='{$add_row['cat_4']}'");
while($cat_row = mysql_fetch_array($cat_sql)){
$cats.=$cat_row['cat_name'].'|';
$catnames[$cat_row['cat_id']]=$cat_row['cat_name'];
}
$cat_piece = explode("|", $cats);
?>
<!DOCTYPE html>
<html>

<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
<title>YellowLeaf UK</title>
<link href="../../style.css" rel="stylesheet" type="text/css">
<link href="../style_staff.css" rel="stylesheet" type="text/css">
<script>
function hideCat(id){
document.getElementById('cat_'+id+'_hid').value='';
document.getElementById('cat_'+id).value='';
}
<!--
function CheckRegister(){
 var em = /@/;
 var pc = /[^ +](.*) (.*)/;
 if(document.RegForm.companyname.value==""){
  window.alert('Please enter your business name.');
  document.RegForm.companyname.focus();
  return false;
 }
  if(document.RegForm.address1.value==""){
  window.alert('Please enter your business address.');
  document.RegForm.address1.focus();
  return false;
 }
  if(document.RegForm.postcode.value==""){
  window.alert('Please enter your business postcode.');
  document.RegForm.postcode.focus();
  return false;
 }

 if(!pc.test(document.RegForm.postcode.value)){
  window.alert('Invalid postcode.');
  document.RegForm.postcode.focus();
  return false;
 }
  if(document.RegForm.telephone.value==""){
  window.alert('Please enter your business telephone number.');
  document.RegForm.telephone.focus();
  return false;
 } 
}

//-->
</script>
</head>

<body>

<? include '../staff_header.php'; include 'edit_menu.php';?>
<table class="tbwdth">
	<tr>
		<td valign="top">
		<div class="cnHead">Manage Advert</div>
		<?if($success==TRUE){?>
		<div class="successDvBx">
		Update Successful. Your details have been saved. <br><a href="edit_2.html?adid=<?=$adid?>">Click here to go to Section 2 ></a>
		</div>
		<?}?>
		<form name="RegForm" action="edit_1.html?adid=<?=$adid?>&memberid=<?=$memberid?>" method="POST" enctype="multipart/form-data" onsubmit="return CheckRegister();" autocomplete="off">
			<table class="cnTbl" width="100%">
				<tr>
					<td class="cnWidth cnTitle" style="padding-left:25px">Business Name:Business Name*:<br>
					<div class="cnTitleDesc">Please enter your business name.</div><input name="companyname" type="text" class="txbox" size="40" value="<?=$add_row['companyname']?>" /></td>
				</tr>
				<tr>
					<td>
					<hr noshade color="#C9C9C9" size="1">
					</td>
				</tr>
				<tr>
					<td class="cnTitle" style="padding-left:25px">
					Address 1*:<br>
					<div class="cnTitleDesc">Please enter the address of your business.</div>
					<input class="txbox" type="text" class="txbox" size="40" id="address1" value="<?=$add_row['street1']?>" name="address1"><br><br>
					Address 2:<br>
					<div class="cnTitleDesc">Please enter the 2nd address of your business.</div>
					<input class="txbox" type="text" class="txbox" size="40" id="address2" value="<?=$add_row['street2']?>" name="address2"></td>
				</tr>
				<tr>
					<td>
					<hr noshade color="#C9C9C9" size="1">
					</td>
				</tr>
				<tr>
					<td class="cnTitle" style="padding-left:25px">Postcode*:<br>
					<div class="cnTitleDesc">Please enter your business postcode.</div>
					<input name="postcode" type="text" class="txbox" size="40" value="<?=$add_row['postcode']?>" /><br><br>
					<div class="cnTitleDesc">Longitude:</div>
					<input name="lon" type="text" class="txbox" size="40" value="<?=$add_row['longitude']?>" />
					<div class="cnTitleDesc">Latitude:</div>
					<input name="lat" type="text" class="txbox" size="40" value="<?=$add_row['latitude']?>" />
					
					</td>
				</tr>
				<tr>
					<td>
					<hr noshade color="#C9C9C9" size="1">
					</td>
				</tr>
				<tr>
					<td class="cnTitle" style="padding-left:25px">Telephone*:<br>
				<div class="cnTitleDesc">Please enter your business telephone number.</div>
				<input name="telephone" type="text" class="txbox" size="40" value="<?=$add_row['tel']?>" onkeyup="this.value=this.value.replace(/[^\d ]/,'')" /></td>
				</tr>
				<tr>
					<td>
					<hr noshade color="#C9C9C9" size="1">
					</td>
				</tr>
				<tr>
					<td class="cnTitle" style="padding-left:25px">FAX:<br>
					<div class="cnTitleDesc">Please enter your business FAX number.</div>
					<input name="fax" type="text" class="txbox" size="40" value="<?=$add_row['fax']?>" onkeyup="this.value=this.value.replace(/[^\d ]/,'')" /></td>
				</tr>
				<tr>
					<td>
					<hr noshade color="#C9C9C9" size="1">
					</td>
				</tr>
				<tr>
					<td class="cnTitle" style="padding-left:25px">Website URL (optional):<br>
				<div class="cnTitleDesc">Please enter your business website URL.</div>
				<input name="url" type="text" class="txbox" size="40" value="<?=$add_row['url']?>" /></td>
				</tr>
				<tr>
					<td>
					<hr noshade color="#C9C9C9" size="1">
					</td>
				</tr>
				<tr>
					<td>
					<span style="font-size:9pt;color:#666;">* mandatory fields that must be filled in.</span>
					</td>
				</tr>
				</table>
			<input class="blueBtn fancyBtn" style="border:0px;float:left;" type="submit" value="Update >" name="submit">
		</form>
		</td>
	</tr>
</table>

</body>

</html>

Youez - 2016 - github.com/yon3zu
LinuXploit