403WebShell

403Webshell
Server IP : 104.21.80.248 / Your IP : 172.71.28.156
Web Server : Apache/2.4.25 (Win32) OpenSSL/1.0.2j PHP/5.6.30
System : Windows NT WIN-ECQAAA40806 6.2 build 9200 (Windows Server 2012 Standard Edition) i586
User : SYSTEM ( 0)
PHP Version : 5.6.30
Disable Function : NONE
MySQL : ON | cURL : ON | WGET : OFF | Perl : OFF | Python : OFF | Sudo : OFF | Pkexec : OFF
Directory : /Inetpub/www/myschool/benjama/modules/user/
Upload File :
[ Back ]
Current File : /Inetpub/www/myschool/benjama/modules/user/signature.php
<?

//CheckUser($_SESSION['user_user'], $_SESSION['user_pwd']);
//print_r($_SESSION);
//print_r($_POST) ;

//ini_set('display_errors', 1);
//ini_set('display_startup_errors', 1);
//error_reporting(E_ALL);
?>
<? if($_POST['update'] == '1' ){
//======================================================== BEGIN ===== UPLOAD 1 ============
	if (is_uploaded_file($_FILES['filesw']['tmp_name'])) { 
	$filesw_name = substr ($filesw, -4);
	$filesw_name=$idedit;
	#ตรวจสอบชนิดของไฟล์
	$sizefile = $_FILES["filesw"]["size"]; 
	if($sizefile>80960) {
			echo "<script language='javascript'>" ;
			echo "alert('กรุณาใช้รูปภาพ น้อยกว่า 80  kb ')" ;
			echo "</script>" ;
			echo "<script language='javascript'>javascript:history.back()</script>";
			exit();
	}
			
		//copy($_FILES['filesw']['tmp_name'],"laysen/". $filesw_name.".jpg" );	
		
		$image_info = getimagesize($_FILES['filesw']['tmp_name']);
		$width = $new_width = $image_info[0];
		$height = $new_height = $image_info[1];
		$type = $image_info[2];
		if( $type != IMAGETYPE_JPEG){
			echo "<script language='javascript'>" ;
			echo "alert('กรุณาใช้รูปภาพ น้อยกว่า 80  kb ')" ;
			echo "</script>" ;
			echo "<script language='javascript'>javascript:history.back()</script>";
			exit();
		}
		$image = ImageCreateFromJPEG($_FILES['filesw']['tmp_name']);
		// Create a new, resized image
		$new_height = 70;
		$new_width = intval( $width / ($height / $new_height) );
		//echo  $new_width ;
		$new_image = ImageCreateTrueColor($new_width, $new_height);
		// Resize the image with resampling
        //imagecopyresampled($new_image, $image, 0, 0, 0, 0, $newWidth, $newHeight, $width, $height);       
		ImageCopyResampled($new_image, $image, 0, 0, 0, 0, $new_width, $new_height, $width, $height);
		$new_image_name = "laysen/". $filesw_name.".jpg" ;
		echo $new_image_name  ;
		//ImageJPEG($image, $new_image_name  , 100);
		ImageJPEG($new_image, $new_image_name  , 100);
            // 6. Clean up memory
        ImageDestroy($image);
        ImageDestroy($new_image);
			
}
//======================================================== END ======= UPLOAD 1 ============
} ?>
      <table align="right"cellspacing="0" cellpadding="0" width="500" border="0">
        <tbody>
          <tr>
            <td valign=top>
<?
		$db->connectdb(DB_NAME,DB_USERNAME,DB_PASSWORD);
		$sql = "SELECT * FROM ".TB_user." WHERE username='".$_SESSION['user_user']."' " ;
		$res['user'] = $db->select_query($sql);
		$arr['user'] = $db->fetch($res['user']);
		$db->closedb ();
		//echo $sql ;
		//print_r($arr[user]);
?>
                   <table width="100%" align="center" cellspacing="0" cellpadding="0" border="0">
                          <tr>
                          <td>
						<BR>
 <!-- แสดงผลรายการ -->
<?
  if($_GET['op'] == "minepass_edit" AND $_GET['action'] == "edit"){
	//////////////////////////////////////////// กรณีแก้ไขข้อมูลส่วนตัว
	//if( CheckLevel($_SESSION['user_user'],$_GET[op])){
		$db->connectdb(DB_NAME,DB_USERNAME,DB_PASSWORD);
		$res['user'] = $db->select_query("SELECT * FROM ".TB_user." WHERE id='".$_GET['id']."' ");
		$arr['user'] = $db->fetch($res['user']);
		
				//ทำการแก้ไขข้อมูลลงดาต้าเบส
				
				$db->update_db(TB_user,array(
			    "update_date"=>"".TIMESTAMP.""						
//				)," username='$Admin_User' ");
			)," id='$_GET[id]' ");				
				$db->closedb ();
				$ProcessOutput = "<BR><BR>";
				$ProcessOutput .= "<CENTER>ลายเซ็นของ <BR>".$arr['user']['category_name']."<BR></A>";
				$ProcessOutput .= "<FONT COLOR=\"#336600\"><B>เปลี่ยนเรียบร้อยแล้ว</B><BR><BR><a href=\"javascript:window.open('','_self');window.close()\" >ปิดหน้าต่างนี้ แล้วกด CTRL+F5 เพื่อเปลี่ยนลายเซ็น</a>";
				$ProcessOutput .= "</CENTER>";
				$ProcessOutput .= "<BR><BR>";
	//}else{
		//กรณีไม่ผ่าน
	//	$ProcessOutput = $PermissionFalse ;
	//}
	echo $ProcessOutput ;
}
else if($_GET['op'] == "minepass_edit"){
	//////////////////////////////////////////// กรณีแก้ไขข้อมูลส่วนตัว

		if($_GET['id'] == '') $_GET['id'] = $_GET['&showedit'] ;
		//ดึงค่าของผู้ดูแลระบบออกมา
		$db->connectdb(DB_NAME,DB_USERNAME,DB_PASSWORD);
		$res['user'] = $db->select_query("SELECT * FROM ".TB_user." WHERE id='".$_GET['id']."' ");		
		//$arr[user] = $db->fetch($res[user]);
		$db->closedb ();
?>
                           <form method="post" name="frmregis" action="?name=user&amp;file=signature&amp;op=minepass_edit&amp;action=edit&id=<?=$_GET['id'];?>" enctype="multipart/form-data" onSubmit="return checkregis()">
                                        <table width="500">
											<tr>
											<td align=center>จัดการลายเซ็น<BR>ของ <BR><?=$arr['user']['category_name'];?>	</td>
											<tr>
                                            <td align=center width=400>
											<BR>
											<BR>
											<input name="filesw" type="file" id="filesw" size="30">
											</td>
											</tr>
											<tr>
                                            <td align=center>
											<BR><BR>
											<input name="idedit" type="hidden" id="idedit" value="<?=$arr[user][id];?>">
											<input name="update" type="hidden" id="update" value="1">
											<input type="submit" name="Submit" value="บันทึกการแก้ไข"onClick="javascript:self.opener.location.reload();closepopup()"/>
											</td>
                                          </tr>
                                        </table>
                                    </form>
<?

}
?>
		</td>
		</tr>
    </table>
    <br>
</form>
	</td>
	</tr>
 </tbody>
</table>
Youez - 2016 - github.com/yon3zu
LinuXploit