One Hat Cyber Team
Your IP :
18.188.236.18
Server IP :
192.185.194.254
Server :
Linux raider.websitewelcome.com 4.19.286-203.ELK.el7.x86_64 #1 SMP Wed Jun 14 04:33:55 CDT 2023 x86_64
Server Software :
Apache
PHP Version :
7.4.33
Buat File
|
Buat Folder
Eksekusi
Dir :
~
/
home2
/
glenar
/
www
/
web
/
Panel
/
ajax
/
View File Name :
website.php
<?php ob_start(); require_once('../class/Admin/Admin.class.php'); require_once('../class/AdminGroups/AdminGroups.class.php'); require_once('../class/Regional/Regional.class.php'); require_once('../class/Website/Website.class.php'); $AdminGroups = new UserGroups(); $Users = new Users(); $Regional = new Regional(); $Website = new Website(); if(isset($_POST['action']) && $_POST['action'] == "slideshow") { $title = $_POST['title']; $url = $_POST['url']; $lang = $_POST['Lang']; $temp = explode(".", $_FILES["pic"]["name"]); $newfilename = "pic" . rand(10, 1000) . '.' . end($temp); $type = end($temp); $t = time(); $date = date("Y-m-d",$t); $date = str_replace("-","",$date); $target_path = '../../upload/' . $date; $Pic = "upload/" .$date ."/".$newfilename; if(is_dir($target_path)){ $target_path = $target_path . "/" . $newfilename; if (move_uploaded_file($_FILES['pic']['tmp_name'], $target_path)) { echo ""; }else{ echo "no upload"; } }else{ $result = mkdir($target_path); if($result == 1){ $target_path = $target_path . "/" . $newfilename; if (move_uploaded_file($_FILES['pic']['tmp_name'], $target_path)) { echo ""; }else{ echo "no upload"; } } } $result = $Website->AddSlide($title,$Pic,$url,$lang); header('Content-Type: application/json'); $result = json_decode($result ,true); header('location: ../slideshow_new.php?msg=' . $result['message']); }elseif (isset($_POST['action']) && $_POST['action'] == "contant"){ if (isset($_POST['title'], $_POST['detail'], $_POST['Type'])) { if ( $_POST['title'] != "" && $_POST['detail'] != "" && $_POST['Type'] != "" ) { //Get the temp file path $tmpFilePath = $_FILES['pic']['tmp_name']; //Make sure we have a file path if ($tmpFilePath != "") { $data = $_POST; $UserID = $_POST['UserID']; $temp = explode(".", $_FILES["pic"]["name"]); $newfilename = "contant" . rand(10000, 999999) . '.' . end($temp); $type = end($temp); $target_path = "../../upload/" . $newfilename; if (move_uploaded_file($tmpFilePath, $target_path)) { echo ""; } } $data = $_POST; $title = $data['title']; $detail = $data['detail']; $locate = 1; $type = $data['Type']; $result = $Website->AddContant($title,$detail,$newfilename,$locate,$type); header('Content-Type: application/json'); $result = json_decode($result ,true); header('location: ../contant_new.php?msg=' . $result['message']); }else{ header('Content-Type: application/json'); $Result['success'] = false; $Result['message'] = 'لطفا تمامی موارد را پر کنید'; echo json_encode($Result); } } }elseif (isset($_POST['action']) && $_POST['action'] == "offer"){ if (isset($_POST['title'], $_POST['detail'], $_POST['Type'])) { if ($_POST['title'] != "" && $_POST['detail'] != "" && $_POST['Type'] != "" ) { //Get the temp file path $tmpFilePath = $_FILES['pic']['tmp_name']; //Make sure we have a file path if ($tmpFilePath != "") { $data = $_POST; $UserID = $_POST['UserID']; $temp = explode(".", $_FILES["pic"]["name"]); $newfilename = "offer" . rand(10000, 999999) . '.' . end($temp); $type = end($temp); $target_path = "../../upload/" . $newfilename; if (move_uploaded_file($tmpFilePath, $target_path)) { echo ""; } } $data = $_POST; $title = $data['title']; $offer = $data['offer']; $detail = $data['detail']; $locate = 1; $type = $data['Type']; $expair = $data['expair']; $result = $Website->AddOffer('0',$title,$detail,$newfilename,$offer,$expair,$type); header('Content-Type: application/json'); $result = json_decode($result ,true); header('location: ../offer_new.php?msg=' . $result['message']); }else{ header('Content-Type: application/json'); $Result['success'] = false; $Result['message'] = 'لطفا تمامی موارد را پر کنید'; echo json_encode($Result); } } }elseif (isset($_POST['action']) && $_POST['action'] == "editusergroup"){ if (isset($_POST['name'])) { if ($_POST['name'] != "") { $data = $_POST; $id = $data['id']; $name = $data['name']; $privilage = array(); $privilage = $data['priv']; $result = $AdminGroups->EditAdminGroup($id, $name, '1',$privilage); header('Content-Type: application/json'); echo $result; }else{ header('Content-Type: application/json'); $Result['success'] = false; $Result['message'] = 'لطفا تمامی موارد را پر کنید'; echo json_encode($Result); } } } elseif (isset($_POST['action']) && $_POST['action'] == "setting"){ if (isset($_POST['Lang'])) { if ($_POST['Lang'] != "") { $data = $_POST; $Lang = $data['Lang']; $Title = $data['title']; $Description = $data['desc']; $TodayText = $data['todaytext']; if(isset($_FILES["logo"]) && $_FILES["logo"]["name"] != ""){ $temp = explode(".", $_FILES["logo"]["name"]); $newfilename = "pic" . rand(10, 1000) . '.' . end($temp); $type = end($temp); $t = time(); $date = date("Y-m-d",$t); $date = str_replace("-","",$date); $target_path = '../../upload/' . $date; $Pic = "upload/" .$date ."/".$newfilename; if(is_dir($target_path)){ $target_path = $target_path . "/" . $newfilename; if (move_uploaded_file($_FILES['logo']['tmp_name'], $target_path)) { echo ""; }else{ echo "no upload"; } }else{ $result = mkdir($target_path); if($result == 1){ $target_path = $target_path . "/" . $newfilename; if (move_uploaded_file($_FILES['logo']['tmp_name'], $target_path)) { echo ""; }else{ echo "no upload"; } } } }else { $Pic = $_POST['oldpic']; } $result = $Website->EditSetting($Lang, $Title, $Description,$Pic,$TodayText); header('Content-Type: application/json'); echo $result; header('location: ../Pages/Website/setting_option.php'); }else{ header('Content-Type: application/json'); $Result['success'] = false; $Result['message'] = 'لطفا تمامی موارد را پر کنید'; echo json_encode($Result); } } }