FSecurity.Org • Hack Forum • Warez Forum • Hack Forumu • İnstagram çalma • Hacker forum • Warez Forumu • Hack sitesi • Warez Scriptler

KucukHacker0088 Shell

Current Path : G:/PleskVhosts/mpcdp.in/cmamp.mpcdp.in/CP/

Windows NT SG2NWVPWEB022 10.0 build 17763 (Windows Server 2016) i586
Upload File :
Current File : G:/PleskVhosts/mpcdp.in/cmamp.mpcdp.in/CP/CPMasterProject-Exec.php

<?php
if (isset($_POST['BtnAdd']))
	{
	$mStart = $_GET['start'];
	$mProjectID = $_GET['ProjectID'];
	header("location: CPMasterProject.php?start=$mStart&ProjectID=$mProjectID&mMode=Add");
	}
else if (isset($_POST['BtnModify']))
	{
	$mStart = $_GET['start'];
	$mProjectID = $_GET['ProjectID'];
	header("location: CPMasterProject.php?start=$mStart&ProjectID=$mProjectID&mMode=Modify");
	}
else if (isset($_POST['BtnSave']))
	{
	require_once('CPConfig.php');
	
	if (isset($_GET['mMode']))
		{
		$mMode = $_GET['mMode'];
		}
	else
		{
		$mMode = '';
		}
	
	$mStart = $_GET['start'];
	$mProjectID = $_GET['ProjectID'];
	
 $link = mysql_connect($hostname, $username, $password) ;
$db= mysql_select_db($dbname);
	$ProjectName = addslashes(str_replace("'", "&#39;", $_POST['TxtProjectName']));
	$ProjectDescription = addslashes(str_replace("'", "&#39;", $_POST['TxtProjectDescription']));
	$ProjectRemarks = addslashes(str_replace("'", "&#39;", $_POST['TxtProjectRemarks']));
	
	if ($ProjectName == '')
		{
		session_start();
		$_SESSION['mProjectName'] = str_replace("'", "&#39;", $_POST['TxtProjectName']);
		$_SESSION['mProjectDescription'] = str_replace("'", "&#39;", $_POST['TxtProjectDescription']);
		$_SESSION['mProjectRemarks'] = str_replace("'", "&#39;", $_POST['TxtProjectRemarks']);
		
		header("location: CPMasterProject.php?start=$mStart&ProjectID=$mProjectID&mMode=$mMode&mError=Invalid Name...");
		exit;
		}
		
	if ($mMode == 'Add')
		{
		$PDocumentPath = 'Project/';
		$PDocumentName = basename($_FILES['PDocumentPath']['name']);
		$PDocumentFile = $PDocumentPath . $PDocumentName;
		move_uploaded_file($_FILES['PDocumentPath']['tmp_name'], $PDocumentFile);
		
		$qry = "INSERT INTO masterproject(ProjectName, ProjectDescription, ProjectRemarks, PDocumentPath, PDocumentName) VALUES('$ProjectName', '$ProjectDescription', '$ProjectRemarks', '$PDocumentPath', '$PDocumentName')";
		}
	else if ($mMode == 'Modify')
		{
		$PDocumentPath = 'Project/';
		$PDocumentName = basename($_FILES['PDocumentPath']['name']);
		$PDocumentFile = $PDocumentPath . $PDocumentName;
		move_uploaded_file($_FILES['PDocumentPath']['tmp_name'], $PDocumentFile);
		
		$qry = "UPDATE masterproject SET ProjectName='$ProjectName', ProjectDescription='$ProjectDescription', ProjectRemarks='$ProjectRemarks'";
		if ($PDocumentName != '')
			{
			$qry = $qry . ", PDocumentName='$PDocumentName'";
			}
		$qry = $qry . " WHERE ProjectID=$mProjectID";
		}
	
	$result = @mysql_query($qry);
	
	if($result) 
		{
		CreateScrollHTMLFile();
		header("location: CPMasterProject.php?start=$mStart&ProjectID=$mProjectID&mMode=Save");
		}
	else 
		{
		die("Query failed");
		}
	}
else if (isset($_POST['BtnCancel']))
	{
	$mStart = $_GET['start'];
	$mProjectID = $_GET['ProjectID'];
	header("location: CPMasterProject.php?start=$mStart&ProjectID=$mProjectID&mMode=Cancel");
	}
else if (isset($_POST['BtnDelete']))
	{
	require_once('CPConfig.php');
	
	$mStart = $_GET['start'];
	$mProjectID = $_GET['ProjectID'];
	
	$link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD);
	$db = mysql_select_db(DB_DATABASE);
	
	$qry = "DELETE FROM masterproject WHERE ProjectID = '$mProjectID'";
	$result = @mysql_query($qry);
	
	if($result) 
		{
		header("location: CPMasterProject.php?start=$mStart&mMode=Delete");
		}
	}

function CreateScrollHTMLFile()
	{
	$filename = 'SSProject.html';
	$html_original = file_get_contents($filename);
	
	$projectStartEnd = explode("<!--ProjectStartEnd-->",$html_original);
	$projectStart = $projectStartEnd[0] . "<!--ProjectStartEnd-->";
	$projectEnd = "<!--ProjectStartEnd-->" . $projectStartEnd[2];
	$fp = fopen($filename, "w");
	$appended_text = "";
	
	if (is_writable($filename)) 
		{
		require_once('CPConfig.php');
		$link = mysql_connect(DB_HOST, DB_USER, DB_PASSWORD);
		$db = mysql_select_db(DB_DATABASE);
		
		@$column_name='ProjectID Desc';
		
		$eu = 0; 
		$limit = 10;
		
		$bgcolor="#ffffff";
		
		$query="SELECT * FROM masterproject ";
		
		if(isset($column_name) and strlen($column_name)>0)
			{
			$query = $query . " order by $column_name";
			}
		$query = $query . " limit $eu, $limit ";
		$result=mysql_query($query);
		
		echo mysql_error();
		
		while($noticia = mysql_fetch_array($result))
			{
			if($bgcolor=='#f1f1f1')
				{
				$bgcolor='#ffffff';
				}
			else
				{
				$bgcolor='#f1f1f1';
				}
			$appended_text = $appended_text . "<table cellpadding='0' cellspacing='0' border='0'><tr>";
			if ($noticia['PDocumentName'] == "")
				{
				$appended_text = $appended_text . "<td class='StyleTableBodyMembership'><a href='#'><strong>$noticia[ProjectName]</strong><br />$noticia[ProjectDescription]</a></td>";
				}
			else
				{
				$appended_text = $appended_text . "<td class='StyleTableBodyMembership'><a href='CPDownload.php?filename=$noticia[PDocumentPath]$noticia[PDocumentName]'><strong>$noticia[ProjectName]</strong><br />$noticia[ProjectDescription]</a></td>";
				}
			$appended_text = $appended_text . "</tr></table><br />";
			}
		}
	
	fwrite($fp, $projectStart . $appended_text . $projectEnd); 
	fclose($fp); 
	}

?>

Discord hacker0088#9402

FSecurity.org
IP Adresiniz :D