AnonSec Shell
Server IP : 149.202.105.228  /  Your IP : 216.73.216.134
Web Server : Apache
System : Linux webm129.cluster030.gra.hosting.ovh.net 5.15.167-ovh-vps-grsec-zfs-classid #1 SMP Tue Sep 17 08:14:20 UTC 2024 x86_64
User : atfycaf ( 116275)
PHP Version : 7.4.33
Disable Function : _dyuweyrj4,_dyuweyrj4r,dl
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /home/a/t/f/atfycaf/www/admin/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ HOME ]     

Current File : /home/a/t/f/atfycaf/www/admin/pagesBG.php
<?php
include "globalVars.php";
if (in_array(31, $adminPriv) || in_array(32, $adminPriv) || in_array(33, $adminPriv)) {
} else {
	header("Location: $ADurl");
}

include "header.php";

if (isset($_POST["updateImage"])) {
	$updateBGID		= $_POST["deleteBGID"];
	?>
	<form action="pagesBGEdit-1.html" method="post" id="propertyNext">
		<input type="hidden" name="bgID" value="<?php echo $updateBGID ?>" />
	</form>
	<script type="text/javascript">
		document.getElementById('propertyNext').submit();
	</script>
	<?php
} elseif (isset($_POST["updateVideo"])) {
	$updateBGID		= $_POST["deleteBGID"];
	?>
	<form action="pagesBGVideoEdit.html" method="post" id="propertyNext">
		<input type="hidden" name="bgID" value="<?php echo $updateBGID ?>" />
	</form>
	<script type="text/javascript">
		document.getElementById('propertyNext').submit();
	</script>
	<?php
} else {
	if (isset($_POST["deleteImage"])) {
		$deleteBGID		= $_POST["deleteBGID"];

		$searchBGQuery = mysqli_query($conn, "SELECT * FROM pageBG WHERE id = '$deleteBGID'");
		while ($sBQ = mysqli_fetch_array($searchBGQuery)) {
			$imageVideo	= $sBQ["imageVideo"];
			$imageURL	= $sBQ["bgImage"];
		}
		if ($imageVideo == 0) {
			$deleteImage		= $SERVER_ROOT .'/images/pagesBG/' . $imageURL;
			$deleteTitle		= substr_replace($deleteImage, "-title", "-4", 0);
			$deleteOriginal		= substr_replace($deleteImage, "-original", "-4", 0);
			$deleteThumb		= substr_replace($deleteImage, "-thumb", "-4", 0);

			unlink($deleteImage);
			unlink($deleteOriginal);
		} else {
			$deleteVideo		= $SERVER_ROOT .'/images/pagesBG/' . $imageURL;
			$deleteTitle		= substr_replace($deleteVideo, "-title", "-4", 0);
			$deleteThumb		= substr_replace($deleteVideo, "-thumb.jpg", "-4", 4);

			unlink($deleteVideo);
		}

		unlink($deleteTitle);
		unlink($deleteThumb);
			

		mysqli_query($conn, "DELETE FROM pageBG WHERE id = '$deleteBGID'");

		$slideTitleQuery = mysqli_query($conn, "SELECT bgTitle FROM pageBGTitle_en WHERE id = '$deleteBGID'") or die (mysqli_error($conn));
		while ($sTQ = mysqli_fetch_array($slideTitleQuery)) {
			$bgTitle	= $sTQ["bgTitle"];
		}
		foreach($langURLArray as $dbLang) {
			mysqli_query($conn, "DELETE FROM pageBGTitle_". $dbLang ." WHERE id = '$deleteBGID'");

			$trackDate		= date("Y-m-d H:i:s");
			mysqli_query($conn, "INSERT INTO userActions (dateCreated, adminID, pageTracking, databaseUpdated, updateDetails) VALUES ('$trackDate', '$adminID', 'admin/pagesBG.html', 'pageBG', 'The User ". addslashes($adminName) ." &lt;$adminEmail&gt; deleted the background slide ID: $deleteBGID (". addslashes($bgTitle) .")')");
		}

		?>
		<h2>Update the Page Background</h2>
		<p>The Page Background has been successfully deleted</p>

		<?php
	}
	?>

	<h2>Update the Page Background <span class="infoButton"><img src="<?php echo $ADurl ?>images/infoButton.png" width="14" height="14" alt="Help" title="Help" border="0" /><span>You can upload as many photos or videos as you desire here.</span></span></h2>

	<?php
	if (in_array("31", $adminPriv)) {
		?>
	<div class="form50">
		<a href="pagesBGNew-1.html" class="submitButton">New Photo Background</a>
	</div>
	<div class="form50">
		<a href="pagesBGVideoNew.html" class="submitButton">New Video Background</a>
	</div>
		<?php
	}
	?>

	<div class="descStTab">
		<?php
		$currentBGsQuery = mysqli_query($conn, "SELECT * FROM pageBG ORDER BY id DESC");
		while ($cBQ = mysqli_fetch_array($currentBGsQuery)) {
			$imageID	= $cBQ["id"];
			$imageVideo	= $cBQ["imageVideo"];
			if ($imageVideo == 0) {
				$imageURL	= substr_replace($cBQ["bgImage"], "-thumb", "-4", 0);
			} else {
				$imageURL	= substr_replace($cBQ["bgImage"], "-thumb.jpg", "-4", 4);
			}
			$imageOrig	= $SERVER_ROOT ."/images/pagesBG/". substr_replace($cBQ["bgImage"], "-original", "-4", 0);
			$imageFURL	= $cBQ["bgImage"];
			$imageTitleQuery = mysqli_query($conn, "SELECT bgTitle FROM pageBGTitle_en WHERE id = '$imageID'");
			while ($iTQ = mysqli_fetch_array($imageTitleQuery)) {
				$imageTitle	= $iTQ["bgTitle"];
			}
			$randID		= mt_rand(1,99999999);
			?>
		<div class="bgThumb">
			<div class="bgThumbImg">
				<a href="<?php echo $Iurl ."pagesBG/". $imageFURL ?>?rV=<?php echo $randID ?>" target="_blank"><img src="<?php echo $Iurl ."pagesBG/". $imageURL ?>?rV=<?php echo $randID ?>" width="148" alt="<?php echo $imageTitle ?> - Click to view full size" title="<?php echo $imageTitle ?> - Click to view full size" /></a>
			</div>
			<form action="pagesBG.html" method="post">
				<input type="hidden" name="deleteBGID" value="<?php echo $imageID ?>" />
			<?php
			if (in_array("33", $adminPriv)) {
				?>
				<input type="submit" name="deleteImage" class="deleteImage" value="Delete" />
				<?php
			}
			if (in_array("32", $adminPriv)) {
				if ( ($imageVideo == 0) && (file_exists($imageOrig)) ) {
					?>
				<input type="submit" name="updateImage" class="updateImage" value="Update" />
					<?php
				} elseif ($imageVideo == 1) {
					?>
				<input type="submit" name="updateVideo" class="updateImage" value="Update" />
					<?php
				}
			}
			?>
			</form>
		</div> 
			<?php
		}
	?>
	</div>
	<?php
}
?>


<?php
include "footer.php";
?>

Anon7 - 2022
AnonSec Team