403Webshell
Server IP : 51.89.169.208  /  Your IP : 18.216.230.65
Web Server : Apache
System : Linux ns3209505.ip-198-244-202.eu 4.18.0-553.27.1.el8_10.x86_64 #1 SMP Tue Nov 5 04:50:16 EST 2024 x86_64
User : yellowleaf ( 1019)
PHP Version : 7.4.33
Disable Function : exec,passthru,shell_exec,system
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : ON  |  Pkexec : ON
Directory :  /home/yellowleaf/public_html/members/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /home/yellowleaf/public_html/members/review.php
<?
$path  = $_SERVER['DOCUMENT_ROOT'];
include_once $path . '/connect_db.php';
include 'accesscontrol.php';
// css for menu
$styleManage = 'color:#ff6131;background-color:#fff;border-top:1px solid #c9c9c9;font-weight:bold;';
$adid = $_GET['adid'];
// check if advert beleongs to members
if (advert_check($adid, $memberid) === false) {
	header('Location: index.html');
	exit();
}
// for opening times
if ($_GET['s'] == 'y' && isset($_GET['revid'])) {

	$revid = $_GET['revid'];
	$q3 = "UPDATE reviews SET rev_spam='1', rev_confirm='0'  WHERE rev_id='{$revid}'";
	$r3 = $connect->query($q3) or die($connect->error);
	$success = TRUE;
}

$r6 = $connect->query("SELECT review_on FROM ads WHERE adid ='{$adid}'");
$review_on = $r6->fetch_array();

if ($review_on['review_on'] == '1') {
	$rev_on_style = 'display:none;';
} else {
	$rev_off_style = 'display:none;';
}

$r7 = $connect->query("SELECT * FROM reviews WHERE rev_ad_id ='{$adid}' AND rev_spam='0' ORDER BY rev_id DESC LIMIT 20");
// $r7 = $connect->query("SELECT * FROM reviews WHERE rev_ad_id ='{$adid}' AND rev_confirm='1' AND rev_spam='0' ORDER BY rev_id DESC LIMIT 20");
$rev_numRow = $r7->num_rows;
if ($rev_numRow > 0) {
	while ($rev_row = $r7->fetch_array()) {
		if ($rev_row['rev_spam'] == '0') {
			$bgCol = "background-color:#fafafa;";
		} else {
			$bgCol = "background-color:#fff0f0;";
		}
		$reviewContent .= '<div style="' . $bgCol . 'padding:0px 40px 20px;margin-top:20px;" class="curv7">';
		$reviewContent .= '<table class="revTbl" width="100%">';
		$ratings[] = $rev_row['rev_rating'];
		//if($rev_row['rev_reply']!=''){$revStyleCss1='border-bottom:1px solid #999;';}else{$revStyleCss='padding-bottom:40px;border-bottom:1px solid #999;';}
		$reviewContent .= '<tr><td valign="top" style="padding-top:20px;' . $revStyleCss . '">';
		$reviewContent .= '<div style="font-size:18pt;color:#294576;">' . $rev_row['rev_name'] . '</div>';
		$reviewContent .= '<div style="margin-top:6px;font-size:10pt;color:#666;"><b>Review given on: </b>' . date('d/m/Y', $rev_row['rev_date']) . '</div>';
		$reviewContent .= '<div class="curv7" style="margin-top:15px;background-color:#fff;padding:15px;border:1px solid #a8a8a8;">' . htmlentities($rev_row['rev_comment']) . '</div></td>';
		$reviewContent .= '<td valign="middle" style="text-align:center;width:155px;padding-top:20px;padding-left:20px;' . $revStyleCss . '"><div style="font-size:20pt;font-weight:bold">';
		$reviewContent .= $rev_row['rev_rating'] . '/5<br><img class="rate_' . $rev_row['rev_rating'] . '" src="/img/img_trans.gif" width="1" height="1" /></div></td></tr>';

		if ($rev_row['rev_reply'] != '') {
			$reviewContent .= '<tr><td colspan="2" style="padding:20px 0px 0px 60px;' . $revStyleCss1 . '">';
			$reviewContent .= '<div class="curv7" style="background-color:#eee;padding:15px;border:1px solid #a8a8a8;margin-right:30px"><b>Your Response ...</b><br>';
			$reviewContent .= htmlentities($rev_row['rev_reply']) . '</div>';
			$reviewContent .= '</td></tr>';
		} else {
			$reviewContent .= '<tr><td colspan="2" style="padding:20px 0px 5px;text-align:right;' . $revStyleCss1 . '">';
			if ($rev_row['rev_spam'] == '0') {
				$reviewContent .= '<a href="review_reply.html?adid=' . $adid . '&revid=' . $rev_row['rev_id'] . '" style="margin-top:10px;float:none;margin-right:10px;" class="blueBtn fancyBtn">Reply to this review >></a>';
				$reviewContent .= '<a onclick="return confirm(\'Are you sure you want to mark this review as spam?\');" href="review.html?adid=' . $adid . '&s=y&revid=' . $rev_row['rev_id'] . '" style="margin-top:10px;float:none;" class="redBtn fancyBtn">Mark as Spam!</a>';
			} else {
				$reviewContent .= '<span style="color:#5d322c;font-weight:bold;">Marked as Spam</span>';
			}
			$reviewContent .= '</td></tr>';
		}

		$revStyleCss = '';
		$revStyleCss1 = '';
		$bgCol = '';
		$reviewContent .= '</table></div>';
	}
	$arr_sum = array_sum($ratings);
	$mean = $arr_sum  / $rev_numRow;
	$average = round($mean * 2) / 2; // round to the nearest half
	$averageCss = str_replace(".", "-", $average);
	$advert_rating = '<img class="rate_' . $averageCss . '" src="/img/img_trans.gif" width="1" height="1" /><meta itemprop="rating" content="' . $average . '" /> ';
} else {
	$reviewContent = '<div style="border-top:1px solid #ddd;padding-top:25px;font-weight:bold;text-align:center;color:#888;">You have no reviews for this advert.</div>';
}
?>
<!DOCTYPE html>
<html>

<head>
	<meta http-equiv="Content-Type" content="text/html; charset=windows-1252">
	<title>YellowLeaf UK</title>
	<link href='https://unpkg.com/boxicons@2.0.9/css/boxicons.min.css' rel='stylesheet'>
	<link rel="stylesheet" href="/header-footer/global.css">
	<link rel="stylesheet" href="index.css">
	<style>
		.form-group {
			display: block;
		}

		.form-group input {
			border-radius: 4px;
			padding: 0 16px;
		}

		.form-group textarea {
			border-radius: 4px;
			padding: 12px 16px;
		}

		.det_cnt {
			padding: 30px;
			border-bottom: 1px solid #cecece;
		}

		.det_head {
			color: #15c;
			font-size: 14pt;
			margin-bottom: 5px;
			font-weight: bold;
		}

		.det_info {
			color: #222;
			line-height: 21px;
		}

		.opTbl td {
			padding: 10px
		}

		.smlPic {
			width: 130px;
			margin: 0px;
		}

		.imgShadd {
			-moz-box-shadow: 0px 2px 3px 0px #666;
			-webkit-box-shadow: 0px 2px 3px 0px #666;
			box-shadow: 0px 2px 3px 0px #666;
		}

		.bxShadd {
			-moz-box-shadow: 0px 2px 6px 0px #E4E4E4;
			-webkit-box-shadow: 0px 2px 6px 0px #E4E4E4;
			box-shadow: 0px 2px 6px 0px #E4E4E4;
		}

		.picCn {
			height: 80px;
			overflow: hidden;
			margin-bottom: 15px;
		}

		.promoTbl td {
			padding: 20px 0px;
			<?= $promCss ?>
		}

		.rate_0 {
			width: 101px;
			height: 19px;
			background: url(/img/stars.png) 0 0;
		}

		.rate_0-5 {
			width: 101px;
			height: 19px;
			background: url(/img/stars.png) 0 -20px;
		}

		.rate_1 {
			width: 101px;
			height: 19px;
			background: url(/img/stars.png) 0 -39px;
		}

		.rate_1-5 {
			width: 101px;
			height: 19px;
			background: url(/img/stars.png) 0 -58px;
		}

		.rate_2 {
			width: 101px;
			height: 19px;
			background: url(/img/stars.png) 0 -77px;
		}

		.rate_2-5 {
			width: 101px;
			height: 19px;
			background: url(/img/stars.png) 0 -96px;
		}

		.rate_3 {
			width: 101px;
			height: 19px;
			background: url(/img/stars.png) 0 -115px;
		}

		.rate_3-5 {
			width: 101px;
			height: 19px;
			background: url(/img/stars.png) 0 -134px;
		}

		.rate_4 {
			width: 101px;
			height: 19px;
			background: url(/img/stars.png) 0 -153px;
		}

		.rate_4-5 {
			width: 101px;
			height: 19px;
			background: url(/img/stars.png) 0 -172px;
		}

		.rate_5 {
			width: 101px;
			height: 19px;
			background: url(/img/stars.png) 0 -191px;
		}

		.rev-settings-box {
			display: flex;
			align-items: center;
		}
		.rev-settings-box > * {
			margin-right: 8px;
		}

		.button-sm {
			padding: 6px 12px;
		}
	</style>
</head>

<body>

	<? include 'member_menu.php'; ?>

	<!-- NAVBAR -->
	<section id="content">
		<!-- NAVBAR -->
		<nav>
			<i class='bx bx-menu toggle-sidebar'></i>
			<a href="/members/logout.html" class="logout">
				<i class='bx bx-log-out'></i>
				Logout
			</a>
		</nav>
		<!-- NAVBAR -->

		<!-- MAIN -->
		<main>
			<div class="container">
				<?
				// business details
				$ad_sql = $connect->query("SELECT * FROM ads WHERE memberid ='{$memberid}' AND adid='{$adid}'");
				$ad_row = $ad_sql->fetch_array();
				?>
				<h1 class="title">Latest Reviews for <?= $ad_row['companyname'] ?></h1>
				<p>Showing upto 20 latest reviews</p>
				<!-- <ul class="breadcrumbs">
				<li><a href="#">Home</a></li>
				<li class="divider">/</li>
				<li><a href="#" class="active">Dashboard</a></li>
				</ul> -->
				<div class="main-content">
					<div class="main-box">
						<div class="rev-settings-box">
							<div>Show Reviews:</div>
							<div id="review_on" class="button button-outline-yellow button-sm" style="<?= $rev_on_style ?>" onclick="review_change(<?= $adid ?>,1)">Enable Reviews</div>
							<div id="review_off" class="button button-outline-yellow button-sm" style="<?= $rev_off_style ?>" onclick="review_change(<?= $adid ?>,0)">Disable Reviews</div>
						</div>
						<? if ($rev_numRow != 0) { ?>
							<div style="float:left;display:inline;"><?= $advert_rating ?></div>
							<div style="float:left;margin-top:2px;margin-left:9px;font-size:11pt;color:#444;font-weight:bold;" itemprop="rating" itemscope itemtype="http://data-vocabulary.org/Rating">
								<span itemprop="average">Overall Rating <?= $average ?></span> out of <span itemprop="best">5</span>. Based on <span itemprop="count"><?= $rev_numRow ?></span> user reviews.
							</div>
						<? } ?>
						<br><br>
						<? if ($success == TRUE) { ?>
							<div style="margin-top:10px;" class="successDvBx">Review has been marked as spam.</div>
						<? } ?>
						<div id="rev_content" style="<?= $rev_off_style ?>">
							<?= $reviewContent ?>
						</div>
					</div>
				</div>
			</div>
		</main>
		<!-- MAIN -->
	</section>
	<!-- NAVBAR -->

	<script src="https://code.jquery.com/jquery-3.6.0.min.js" integrity="sha256-/xUj+3OJU5yExlq6GSYGSHk7tPXikynS7ogEvDej/m4=" crossorigin="anonymous"></script>
	<script src="js/ajax_review.js"></script>
	<script src="script.js"></script>
</body>

</html>

Youez - 2016 - github.com/yon3zu
LinuXploit