AnonSec Shell
Server IP : 172.67.216.113  /  Your IP : 172.71.28.145   [ Reverse IP ]
Web Server : Apache
System : Linux cpanel01wh.bkk1.cloud.z.com 2.6.32-954.3.5.lve1.4.59.el6.x86_64 #1 SMP Thu Dec 6 05:11:00 EST 2018 x86_64
User : cp648411 ( 1354)
PHP Version : 7.2.34
Disable Function : NONE
Domains : 0 Domains
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /home2/cp648411/public_html/ilawasia.onnud20.com/Attachment/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ HOME ]     [ BACKUP SHELL ]     [ JUMPING ]     [ MASS DEFACE ]     [ SCAN ROOT ]     [ SYMLINK ]     

Current File : /home2/cp648411/public_html/ilawasia.onnud20.com/Attachment/Create_old.php
<?php
$ck='not';
include("../include/checkLogin.php");
include("../include/class.php");
include("../include/table_name.php");
$date_year = date("Y");
$date_month = date("m");
require_once("../class/coreClass.php");
$core_db = new coreClass;
/*
echo "<pre>";
print_r($_POST);
echo "</pre>";
echo "<pre>";
print_r($_FILES);
echo "</pre>";
exit();
*/
if(@$_POST["ParentId"]==''){$AttachmentNumber = $core_db->GenDocumentNumberOnlyYear($GenDoc);}
if($_POST["ParentId"]!=''){

  $sql_Attac = array('table'=>$name_table,'where'=>"ParentId = '".@$_POST["ParentId"]."'");
  $view_sql_Attac = $view_db->view($sql_Attac);
  $row_Attac = $view_db->q($view_sql_Attac);
}
echo "<pre>";
print_r($AttachmentNumber);
echo "</pre>";

exit();
if($_FILES["File"]["error"] == 0)
{
  $path = "../Upload/";
  $subPath = "Attachment/".@$AttachmentNumber['gdn']."/";
  $Directory = $path . $subPath;
  if (!file_exists($Directory)) {mkdir($Directory, 0777, true);}
  $name_file = $image_class->file_up($_FILES["File"],$Directory,$subPath);
//  @unlink($path.$name_file);
}

//$AttachmentNumber=@$_POST["ParentId"];
$caseId='';$customerId='';
if(@$_POST['CaseNumber']!=''){
  $sql_case = array('table'=>$name_table2,'where'=>"CaseNumber = '".@$_POST["CaseNumber"]."'");
  $view_sql_case = $view_db->view($sql_case);
  $request_case = $view_db->q_ro($view_sql_case);
  $num_case = $view_db->q_nr($view_sql_case);
  $row_case = $view_db->q($view_sql_case);
  if(@$num_case==0){
    $_SESSION['Error'] = 'Case is not found';
  }
}
if(@$_POST['CustomerCode']!=''){
  $sql_customer = array('table'=>$name_table51,'where'=>"NamesCode = '".@$_POST["CustomerCode"]."'");
  $view_sql_customer = $view_db->view($sql_customer);
  $request_customer = $view_db->q_ro($view_sql_customer);
  $num_customer = $view_db->q_nr($view_sql_customer);
  $row_customer = $view_db->q($view_sql_customer);
  if(@$num_customer==0){
    $_SESSION['Error'] = 'Customer is not found';
  }
}


$GenDoc=2;
//echo $subPath.$name_file;
$a = "";
$list = array(
  'table'=>$name_table,
  'AttachmentNumber'=>"'".$AttachmentNumber['gdn2']."'",
  'Seq'=>"'".(@$_POST["ParentId"]=='')?0:""."'",
  'ParentId'=>"'".@$_POST["ParentId"]."'",
  'DocumentType'=>"'".@$_POST["DocumentType"]."'",
  'DocumentDate'=>"'".@$date."'",
  'DocumentName'=>"'".@$_POST["DocumentName"]."'",
  'AttachmentDate'=>"'".@$date."'",
  'FilePath'=>"'".@$name_file."'",
  'CaseId'=>"'".@$_POST["Status"]."'",
  'CustomerId'=>"'".@$_POST["Status"]."'",
  'CreateBy'=>"'".@$_SESSION["UserInfo"][0]['UserId']."'",
  'CreateDateTime'=>"'".@$_POST["Status"]."'",
  'UpdateBy'=>"'".@$a."'",
  'CreateDateTime'=>"'".@$date."'"
);
/*
echo "<pre>";
print_r($list);
echo "</pre>";
exit();
*/
$add = $actiondata_db->add_db($list);
if($add['suc']==1){

  
  $list = array(
    'table'=>$name_table3,
    'DocumentNumberId'=>$GenDoc,
    'Year'=>$AttachmentNumber['date_year'],
    'Month'=>$AttachmentNumber['date_month'],
    'Number'=>$AttachmentNumber['running']
  );
  $add = $actiondata_db->edit_db($list);

  echo $_SESSION['Success']='Update payment terms successful';
  //echo "<script>window.location.href='index.php'</script>";
}else{
  echo $_SESSION['er']='false';
  //echo "<script>window.location.href='index.php</script>";
}

//$_SESSION['ccc'] = $_POST;
 ?>

Anon7 - 2022
AnonSec Team