.:: :[ AK-74 Security Team Web-shell ]: ::.
phpinfo()
PHP
<?php exit(); include("include/config.php"); include("include/connect.php"); include("include/function.php"); @header("Content-Type: text/html; charset=utf-8"); if (($_GET['member_id'] != '') && ($_GET['username'] != '')) { $fieldlist = array('member_id', 'image', 'image_full', 'email', 'age', 'gender', 'province', 'message', 'room', 'hi5_link', 'facebook_link', 'bb_pin', 'alarm_status'); $sql = " SELECT member.member_id AS member_id, image, image_full, email, age, gender, province, message, room, hi5_link, facebook_link, bb_pin, alarm_status FROM member INNER JOIN member_post ON member.member_id = member_post.member_id AND member.member_id = '".$_GET['member_id']."' "; $query = sql_query($sql); if (sql_num_rows($query) == 0) { ?> <script type="text/javascript"> alert('ไม่พบข้อมูล'); window.location = '/<?php echo $configMyFileFirstPage?>'; </script> <?php exit(); } $rec = sql_fetch_array($query); foreach ($fieldlist as $value) { $$value = $rec["$value"]; } // end foreach $setGender = ($gender == 'ไม่ระบุ')?'กะเทย, กระเทย':$gender; /* // เช็คว่าเป็น VIP หรือไม่ หากเป็นจะมีรูป Tab VIP $checkVIP = false; if (count($a_vip_tag) > 0) { foreach ($a_vip_tag as $value) { if (checkVipTag($member_id, $value)) { $checkVIP = true; break; } // end if } // end foreach } // end if (count($a_vip_tag) > 0) {*/ $checkVIP = ($_GET['vip'] == 1) ? true : false; if ($alarm_status == 0) { if (@in_array($gender, $a_gender_extra)) { $message = trim(scanInvectiveExtra($message,'** ')); } else { if ($checkVIP) $message = trim(scanInvectiveExtra($message,'** ')); else $message = trim(scanInvective($message,'** ')); } // end if (@in_array($gender, $a_gender_extra)) { } else { // end if ($alarm_status == 0) { $message = str_replace('##', $a_gender_word["$gender"], $configTextPostAlarm); } // end if } // end if (($_GET['member_id'] != '') && ($_GET['username'] != '')) { $web_title = $web_description = $setGender.' '.mb_substr($message, 0, 25, 'utf8').' : Ladyboy, หาเพื่อนคุยmsn'; $web_keyword = $setGender.', Ladyboy, หาเพื่อนคุยmsn'; ?> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <meta http-equiv="content-language" content="th" /> <title><?php echo $web_title?></title> <meta name="keywords" content="<?php echo $web_keyword?>"> <meta name="description" content="<?php echo $web_description?>"> <link type="text/css" rel="stylesheet" href="/css/ladyboy.css" /> <link type="text/css" rel="stylesheet" href="/css/myStyle.css" /> <script type="text/javascript" src="/src/jquery-1.4.2.min.js"></script> <script type="text/javascript" src="/src/jquery.timers.js"></script> <script type="text/javascript" src="/Scripts/AC_RunActiveContent.js"></script> <script type="text/javascript" src="/src/jscript.js"></script> </head> <body bgcolor="#000000"> <table width="970" border="0" align="center" cellpadding="0" cellspacing="0"> <tr> <td width="970" valign="top"><?php include("head.php"); ?></td> </tr> <tr> <td valign="top"><table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td width="140" valign="top"><img src="/images/bar-my_page.gif" width="140" height="46" align="absmiddle" /></td> <td valign="top"><h1 style="margin-top:20px;"> <?php echo $setGender?> <?php $strlen = mb_strlen($message, 'utf8'); if ($strlen > 25) $textFill = '...'; echo mb_substr($message, 0, 25, 'utf8').$textFill; ?> : Ladyboy, หาเพื่อนคุยmsn</h1></td> </tr> </table></td> </tr> <tr> <td><table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td><table width="970" border="0" cellspacing="0" cellpadding="0"> <tr> <td width="450" style="padding-left:15px;" valign="top"><table width="450" border="0" cellspacing="0" cellpadding="0" bgcolor="#F7D2FF"> <tr> <td width="451"><img src="/images/top-form.gif" width="450" height="11" /></td> </tr> <tr> <td><a href="register.php" target="_blank"></a> <table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr valign="top"> <td width="170"><div align="center"><a href="msnim:add?contact=<?php echo $email?>"><?php $alt = ($gender == 'ไม่ระบุ')?'เกย์':$gender; $alt .= ', Gay, หาเพื่อนเกย์'; $imagePath = ''; if ( $image_full <> '' ) { $imagePath = 'uploads/memberPost/full/'.$image_full; } elseif ($image <> '') { $imagePath = 'uploads/memberPost/'.$image; } if ( ($imagePath <> '') && (file_exists($imagePath)) ) { $aSize = getimagesize($imagePath); if ($aSize[0] > $configMemberPostFullWidth) $aSize[0] = $configMemberPostFullWidth; if ($aSize[1] > $configMemberPostFullHeight) $aSize[1] = $configMemberPostFullHeight; if ( ($aSize[0] == '') || ($aSize[0] < 10) ) $aSize[0] = $configMemberPostFullWidth; if ( ($aSize[1] == '') || ($aSize[1] < 10) ) $aSize[1] = $configMemberPostFullHeight; echo '<img src="/'.$imagePath.'" width="'.$aSize[0].'" height="'.$aSize[1].'" border="0" title="'.$alt.'" alt="'.$alt.'" />'; } else { // end if ( ($imagePath <> '') && (file_exists($imagePath)) ) { //echo '<img src="'.$a_gender_full_icon["$gender"].'" width="'.$configMemberPostFullWidth.'" height="'.$configMemberPostFullWidth.'" border="0" title="'.$alt.'" alt="'.$alt.'" />'; if (trim($facebook_link) == '') { echo '<img src="'.$a_gender_full_icon["$gender"].'" width="'.$configMemberPostFullWidth.'" height="'.$configMemberPostFullWidth.'" border="0" title="'.$alt.'" alt="'.$alt.'" />'; } else { // end if (trim($facebook_link) == '') { if (preg_match('/id=/i', $facebook_link)) { $aData = explode('id=', $facebook_link); echo '<img src="https://graph.facebook.com/'.end($aData).'/picture" border="0">'; } elseif (preg_match('/\//', $facebook_link)) { // end if (preg_match('/?id=/i', $facebook_link)) { $aData = explode('/', $facebook_link); echo '<img src="https://graph.facebook.com/'.end($aData).'/picture" border="0">'; } else { // end elseif (preg_match('/\//', $facebook_link)) { echo '<img src="'.$a_gender_full_icon["$gender"].'" width="'.$configMemberPostFullWidth.'" height="'.$configMemberPostFullWidth.'" border="0" title="'.$alt.'" alt="'.$alt.'" />'; } } // if (trim($facebook_link) == '') { } // if ( ($imagePath <> '') && (file_exists($imagePath)) ) { ?></a></div></td> <td class="black"><strong>Email :</strong> <?php /*if ($checkVIP) { ?> <img src="/images/vip.gif" border="0" align="absmiddle" title="VIP" alt="VIP" /> <?php } // if ($checkVIP) {*/ ?><a href="msnim:add?contact=<?php echo $email?>"><?php echo $email?></a><br /> <strong>เพศ :</strong> <?php echo $gender?><br /> <strong>อายุ :</strong> <?php echo $age?> ปี<br /> <strong>จังหวัด :</strong> <?php echo $province?><br /> <strong>ข้อความ :</strong> <?php if ($alarm_status == 0) { $textFill = ''; if (@in_array($gender, $a_gender_extra)) { echo scanInvectiveExtra($message,'** '); } else { if ($checkVIP) echo scanInvectiveExtra($message,'** '); else echo scanInvective($message,'** '); } // end if (@in_array($gender, $a_gender_extra)) { } else { // end if ($alarm_status == 0) { echo str_replace('##', $a_gender_word["$gender"], $configTextPostAlarm); } // end if ?> <br /> <strong>มีห้อง :</strong> <?php echo ( $room == '1' )?'มี':'<strong>-</strong>'?><br /> <strong>Hi5 : </strong> <?php echo ( ($hi5_link <> '') && (preg_match('/.hi5.com/i',$hi5_link)) )?'http://'.$hi5_link:'<strong>-</strong>'?><br /> <strong>Facebook :</strong> <?php echo ( ($facebook_link <> '') && (preg_match('/facebook.com/i',$facebook_link)) && (trim($facebook_link) <> 'facebook.com') )?'http://'.$facebook_link:'<strong>-</strong>'?><br /> <strong>BB Pin :</strong> <?php echo ( $bb_pin <> '' )?$bb_pin:'<strong>-</strong>'?></td> </tr> </table></td> </tr> <tr> <td><img src="/images/bottom-form.gif" width="450" height="11" /></td> </tr> </table></td> <td width="520" style="padding-left:3px;" valign="top"><?php include("top.php"); ?></td> </tr> </table> </td> </tr> <tr> <td> </td> </tr> <tr> <td height="34"> </td> </tr> <tr> <td style="padding-bottom:11px"><?php include("bottomBanner.php"); ?></td> </tr> <tr> <td valign="middle"><?php include("bottom.php"); ?></td> </tr> </table></td> </tr> </table> <span id="hiddenDiv"></span> </body> </html>
Rename:
-