.:: :[ AK-74 Security Team Web-shell ]: ::.
phpinfo()
PHP
<?php include("include/config.php"); include("include/connect.php"); include("include/function.php"); header("Content-Type: text/html; charset=utf-8"); include("include/blockMember.php"); if ($_POST['bMemberEdit'] <> '') { /*if (isset($_COOKIE["$configCookieNameBan"])) { ?> <script language="javascript"> alert('IP นี้ถูก Ban ไม่สามารถใช้งานระบบได้'); window.location = '<?php echo $configMyFileFirstPage?>'; </script> <?php exit(); }*/ /*if (!checkBandIP($_SERVER['REMOTE_ADDR'])) { setcookie($configCookieNameBan, 'Ban', time()+3600*60*24*30*3); ?> <script language="javascript"> alert('IP นี้ถูก Ban ไม่สามารถใช้งานระบบได้'); window.location = '/logout.php'; </script> <?php exit(); }*/ if (!checkBandEmail($_SESSION['s_member_id'])) { ?> <script language="javascript"> alert('Email ของคุณไม่สามารถใช้งานกับเว็บไซต์นี้ได้\nเนื่องจาก Email นี้ถูก Ban'); window.location = '/logout.php'; </script> <?php exit(); } // end if (!checkBandEmail($_SESSION['s_member_id'])) { $addSlashesField = array('oldPassword', 'newPassword', 'enews_receive'); foreach ($addSlashesField as $fieldValue) { if (!get_magic_quotes_gpc()) $_POST[$fieldValue] = addslashes($_POST[$fieldValue]); } $sql = " SELECT COUNT(member_id) AS num FROM member WHERE password = '".base64_encode($_POST['oldPassword'])."' AND member_id = '".$_SESSION['s_member_id']."' "; $query = sql_query($sql); $rec = sql_fetch_array($query); if ($rec['num'] == 0) { ?> <script language="javascript"> alert('ไม่สามารถดำเนินการแก้ข้อมูลของคุณได้\nเนื่องจากข้อมูลของคุณไม่ถูกต้องกรุณาตรวจสอบใหม่'); window.location = '/<?php echo $configMyFileFirstPage?>?mode=<?php echo base64_encode('editProfile')?>'; </script> <?php exit(); } // end if ($rec['num'] > 0) { $text = ''; if (trim($_POST['newPassword']) <> '') $text .= ", password = '".base64_encode($_POST['newPassword'])."' "; if ($_POST['enews_receive'] == 1) $text.= ", enews_receive = '".$_POST['enews_receive']."' "; if ($text != '') { $sql = "UPDATE member SET ".mb_substr($text, 1, mb_strlen($text,'utf8'),'utf8'); $sql.= " WHERE member_id = '".$_SESSION['s_member_id']."'"; sql_query($sql); } /*if ($_POST['delPost']) { $sql = "DELETE FROM member_post WHERE member_id = '".$_SESSION['s_member_id']."' "; sql_query($sql); } // end if ($_POST['delPost']) {*/ ?> <script language="javascript"> alert('แก้ไขข้อมูลเสร็จเรียบร้อยแล้ว'); window.location = '/<?php echo $configMyFileFirstPage?>'; </script> <?php exit(); } else { // end if ($_POST['bMemberEdit'] <> '') { ?> <script language="javascript"> window.location = '/<?php echo $configMyFileFirstPage?>'; </script> <?php exit(); } ?>
Rename:
-