403Webshell
Server IP : 104.21.80.248  /  Your IP : 172.71.28.155
Web Server : Apache/2.4.25 (Win32) OpenSSL/1.0.2j PHP/5.6.30
System : Windows NT WIN-ECQAAA40806 6.2 build 9200 (Windows Server 2012 Standard Edition) i586
User : SYSTEM ( 0)
PHP Version : 5.6.30
Disable Function : NONE
MySQL : ON  |  cURL : ON  |  WGET : OFF  |  Perl : OFF  |  Python : OFF  |  Sudo : OFF  |  Pkexec : OFF
Directory :  E:/Inetpub/www/news/csr/main/core/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : E:/Inetpub/www/news/csr/main/core/ContactSubmit.php
<?php
/* 
=========================================================================================
Copyright PikePHP - https://www.pikephp.com
=========================================================================================
*/

require_once '../config.php';

$subject = filter_input(INPUT_POST, 'subject', FILTER_SANITIZE_STRING);
$name = filter_input(INPUT_POST, 'name', FILTER_SANITIZE_STRING);
$email = filter_input(INPUT_POST, 'email', FILTER_SANITIZE_EMAIL);
$message = filter_input(INPUT_POST, 'message', FILTER_SANITIZE_STRING);
$message2 = urlencode($message);

if ($name=="")
	{
	header("Location: ../contact.php?msg=error_name&name=$name&subject=$subject&message=$message2#form");
	exit();
	}

if ($email=="")
	{
	header("Location: ../contact.php?msg=error_email&name=$name&subject=$subject&message=$message2#form");
	exit();
	}

if($cfg_google_recaptcha_contact_enabled==1) 
{	
	// Google Recaptcha2 validation
	if(isset($_POST['g-recaptcha-response']) && !empty($_POST['g-recaptcha-response'])):
        //get verify response data
        $verifyResponse = file_get_contents('https://www.google.com/recaptcha/api/siteverify?secret='.$cfg_google_recaptcha_secret_key.'&response='.$_POST['g-recaptcha-response']);
        $responseData = json_decode($verifyResponse);
        if($responseData->success):
            
			$now = date("Y-m-d H:i:s");
			$ip = $_SERVER['REMOTE_ADDR'];

			$query = "INSERT INTO ".DB_PREFIX."contact_messages (message_id, name, email, subject, message, time, ip, is_read) VALUES (NULL, ?, ?, ?, ?, ?, ?, 0)"; 
			$stmt = $conn->prepare($query);
			$stmt->bindParam(1, $name, PDO::PARAM_STR);
			$stmt->bindParam(2, $email, PDO::PARAM_STR);
			$stmt->bindParam(3, $subject, PDO::PARAM_STR);
			$stmt->bindParam(4, $message, PDO::PARAM_STR);
			$stmt->bindParam(5, $now, PDO::PARAM_STR);
			$stmt->bindParam(6, $ip, PDO::PARAM_STR);
			$stmt->execute();

        else:
            header("Location: ../contact.php?msg=error_captcha&name=$name&email=$email&subject=$subject&message=$message2#form");
			exit();
        endif;
    else:
        header("Location: ../contact.php?msg=error_captcha&name=$name&email=$email&subject=$subject&message=$message2#form");
		exit();
    endif;
}

header("Location: ../contact.php?msg=ok#form");
exit;

Youez - 2016 - github.com/yon3zu
LinuXploit