403Webshell
Server IP : 119.59.102.212  /  Your IP : 18.117.197.188
Web Server : Apache/2
System : Linux narin 2.6.32-042stab142.1 #1 SMP Tue Jan 28 23:44:17 MSK 2020 x86_64
User : yangkam ( 1022)
PHP Version : 5.6.40
Disable Function : exec,system,passthru,shell_exec,proc_close,proc_open,dl,popen,show_source,posix_kill,posix_mkfifo,posix_getpwuid,posix_setpgid,posix_setsid,posix_setuid,posix_setgid,posix_seteuid,posix_setegid,posix_uname
MySQL : ON  |  cURL : ON  |  WGET : OFF  |  Perl : OFF  |  Python : OFF  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /home/yangkam/domains/yangkam.go.th/public_html/coremain/module/gbook/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /home/yangkam/domains/yangkam.go.th/public_html/coremain/module/gbook/commit.php
<?php
if ($_SESSION['dbname'] == "nversion_77") {
  $navig['blog'] = "$web_gbook[0]";
  $navig['blog'] = "ช่องทางแสดงความคิดเห็น";
  navigator($navig);
  echo "<br>";
  bar_header("ช่องทางแสดงความคิดเห็น"); // Bar_Header
  fieldset_top("ช่องทางแสดงความคิดเห็น");
} else {
  $navig['blog'] = "$web_gbook[0]";
  $navig['blog'] = "สมุดเยี่ยมชม";
  navigator($navig);
  echo "<br>";
  bar_header("สมุดเยี่ยมชม"); // Bar_Header
  fieldset_top("สมุดเยี่ยมชม");
}

import_request_variables('pG', 'p_');
if($p_evar!="")										{	     $Message=trim($p_evar);				}
if($p_text!="")										{	     $text=trim($p_text);					}
if($p_Name!="")										{	     $Name=trim($p_Name);					}
if($p_Email!="")									{	     $Email=trim($p_Email);					}
$IP = getenv("REMOTE_ADDR");
$time_today = date("H:i:s");
if($p_from_pic!="")									{	    $from_pic=trim($p_from_pic);			}
if(isset($p_from_pic)) $from_pic=trim($p_from_pic);
// is the one accessing this page logged in or not?

if (!isset($p_from_pic))
  $from_pic = "";
if ($_SESSION['try2login'] != md5($from_pic)) {
//  if (session_is_registered('try2login')) {
//    session_unregister('try2login');
//  }
  if(isset($_SESSION['try2login'])){
    unset($_SESSION['try2login']);
  }
  echo"<center><br>ป้อนรหัสลับไม่ถูกต้องกรุณาป้อนใหม่อีกครั้ง<br>ก่อนป้อนใหม่ให้กดปุ่ม F5 เพื่อสร้างรหัสลับใหม่<br><br>";
  echo"<a href='javascript:history.back()'><font color='ff0000'>[ป้อนรหัสลับใหม่]</font></center></a><br>";
//  include('coremain/footer.php');
}
//if (session_is_registered('try2login')) {
//  session_unregister('try2login');
//}
if(isset($_SESSION['try2login'])){
  unset($_SESSION['try2login']);
}

global $Date;

function thai_date() {
  $thaiday = array("อาทิตย์", "จันทร์", "อังคาร", "พุธ", "พฤหัสบดี", "ศุกร์", "เสาร์");
  $thaimonth = array("ม.ค.", "ก.พ.", "มี.ค.", "เม.ย.", "พ.ค.", "มิ.ย.", "ก.ค.", "ส.ค.", "ก.ย.", "ต.ค.", "พ.ย.", "ธ.ค.");
  $Date = $thaiday[date("w")] . " " . date("j") . " " . $thaimonth[date("m") - 1] . " ";
  $Ythai = date("Y") + 543;
  $Date .= $Ythai;
  return $Date;
}

$Date = thai_date();
$IP = $REMOTE_ADDR;


// หาค่า id สูงสุด + 1
$sqlmax1 = "select max(No+1) from cms_gbook";
$resultmax1 = mysql_query($sqlmax1);
$datamax1 = mysql_fetch_row($resultmax1);
if ($datamax1[0] == "") {
  $datamax1[0] = "1";
}

$ex1 = explode("http://", $Message);
$ex2 = explode("Hi", $Message);

if ($ex1[1] != "" || $ex2[1] != "" || $Message == "") {
  echo "<center><br><br><font color='ff0000'>ล่อแหลมต่อระบบ ไม่อนุญาตให้ลงนาม</font><br><br></center>";
  exit;
} else {
  $sql_add = "INSERT INTO cms_gbook (No, Message, Name, Email, IP, URL, Date) VALUES ('$datamax1[0]', '$Message', '$Name', '$Email', '$IP', '$time_today', '$Date')";
  $result = mysql_query($sql_add) or die("Errror");
}
echo "<br><br><center>ข้อมูลได้ถูกบันทึกแล้ว<br><br><br></center>";

echo "<meta http-equiv='refresh' content='2; url=index.php?mod=gbook&path=gbook'>";
fieldset_down();
?>

Youez - 2016 - github.com/yon3zu
LinuXploit