403Webshell
Server IP : 51.89.169.208  /  Your IP : 3.135.190.163
Web Server : Apache
System : Linux ns3209505.ip-198-244-202.eu 4.18.0-553.27.1.el8_10.x86_64 #1 SMP Tue Nov 5 04:50:16 EST 2024 x86_64
User : yellowleaf ( 1019)
PHP Version : 7.4.33
Disable Function : exec,passthru,shell_exec,system
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : ON  |  Pkexec : ON
Directory :  /home/yellowleaf/public_html/members/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /home/yellowleaf/public_html/members/NEW_editbusiness2.html
<?php 
$path  = $_SERVER['DOCUMENT_ROOT'];
include_once $path.'/connect_db.php';
include 'accesscontrol.php';
$adid=addslashes($_GET['adid']);
if(advert_check($adid,$memberid)===false){
	header('Location: index.html');exit();
}
if(isset($_POST['submit'])){
	$vaild = true;
	$description=addslashes($_POST['description']);
	$services=addslashes($_POST['services']);
	$refund=addslashes($_POST['refund']);
	$establishment=addslashes($_POST['establishment']);
	$areas_cover=addslashes($_POST['areas_cover']);
	if(!$description)
	{
	   $vaild = false;
	   $errordescription = 'error';
	}
	
	
	$fieldname = 'image_upload_box';
	if(is_uploaded_file($_FILES[$fieldname]['tmp_name'])){
		$fieldname ='image_upload_box';
		$image_temp = $_FILES[$fieldname]["tmp_name"];
		$allowed_ext = array('jpeg','jpg','png','gif');
		$image_ext = strtolower(end(explode('.', $_FILES[$fieldname]['name'])));
		$destination = 'uploads/logo/';
		$image_file = $adid.'.'.$image_ext;
		if (in_array($image_ext, $allowed_ext) === false) {
			$vaild = false;
			$errorimage = '<span class="error">- Your photo must be either a JPG, PNG or GIF file format. Other file types are not allowed.</span>';
		}
		if($_FILES[$fieldname]["size"] > 4000000){
			$vaild = false;
			$errorimage='<span class="error">- Image file size must be less than 4 MB.</span>';
		}
		if(empty($errorimage)){
			include "img_upload.class.php";
			$image = new UploadImage();
			$image->load($image_temp);
			$image->resizeToWidthMaxHeight(300,150);
			$image->save($destination.$image_file);
			$imageExist=", image = '{$image_file}'";
		}
		
	}

	$connect->query("UPDATE ads SET description='$description' {$imageExist} WHERE `adid` = '$adid' AND `memberid` = '{$memberid}'");
	if($vaild == true){
	   echo "<script>location.href='editbusiness3.html?adid={$adid}';</script>";exit;
	}
}

$add_que_sql = $connect->query("SELECT * FROM ads WHERE memberid ='{$memberid}' AND adid ='{$adid}'");
$add_row = $add_que_sql->fetch_assoc();
?>
<!DOCTYPE html>
<html lang="en">
   <head>
	  <title>YellowLeaf - Homepage</title>
      <meta charset="UTF-8">
      <meta http-equiv="X-UA-Compatible" content="IE=edge">
      <meta name="viewport" content="width=device-width, initial-scale=1.0">
      <link rel="stylesheet" href="/header-footer/global.css">
	  <link rel="stylesheet" href="submit-advert.css">
	  <link rel="stylesheet" href="index.css">
      <script src="https://code.jquery.com/jquery-3.6.0.min.js" integrity="sha256-/xUj+3OJU5yExlq6GSYGSHk7tPXikynS7ogEvDej/m4=" crossorigin="anonymous"></script>
	  <style>
		.error { color: #ff0000f7;}
	  </style>
</head>
<? include 'member_menu.php'; ?>
<section id="content" style="margin-botton: 50px;">
	<!-- NAVBAR -->
	<nav>
		<i class='bx bx-menu toggle-sidebar'></i>
		<a href="/members/logout.html" class="logout">
			<i class='bx bx-log-out'></i>
			Logout
		</a>
	</nav>
	<!-- NAVBAR -->
        <div class="container">
            <div class="advert-wrapper">

                <div class="advert-main">
                    <div class="advert-main-title">Submit Advert</div>
                    <div class="submit-advert-tab">
                        <span >1</span>
                        <span class="active">2</span>
                        <span>3</span>
                        <span>4</span>
                        <span>5</span>
                        <span>6</span>
                    </div>
                    <form class="submit-advert-form"  action="" method="POST" enctype="multipart/form-data">
						<?=$postbusiness_error?>
                        <div class="submit-advert-form-group">
                            <label for="name">Upload logo (optional):</label>
                            <p class="submit-advert-label-description ">Please upload the logo of your business.</p>
							
							<input name="image_upload_box" class="form-control" type="file">
							<?=$errorimage?>
							
                        </div>
                      
						
                        <div class="submit-advert-form-group">
                            <label for="address">Description For Your Business:</label>
                            <p class="submit-advert-label-description <?=$errordescription?>">Please enter a brief description about your business.</p>
                            <textarea id="description" name="description" cols="30" rows="5" class="form-control"><?=$add_row['description']?></textarea>
                        </div>
                        
                        <button type="submit" name="submit" class="btn btn-yellow">Next</button>
                    </form>
                </div>
            </div>
        </div>
    </section>

Youez - 2016 - github.com/yon3zu
LinuXploit