.:: :[ AK-74 Security Team Web-shell ]: ::.
phpinfo()
PHP
<?php $sql = " SELECT image, username, camera, gender, age, birthday, province, hi5_link, facebook_link, facebook_id, room, bb_pin, line_id, instagram, enews_receive, post_record, record_time, date_count, admin, gallery_enable, gallery_image, alarm_image_date FROM member WHERE member_id = '".$_SESSION['s_member_id']."' "; $query = sql_query($sql); $rec = sql_fetch_array($query); $fieldlist = array('image','username','camera','gender','age','province','hi5_link','facebook_link','facebook_id','room','bb_pin', 'line_id', 'instagram','birthday','enews_receive','post_record','record_time','date_count','admin','gallery_enable','gallery_image','alarm_image_date'); foreach ($fieldlist as $value) { $$value = $rec["$value"]; } // end foreach ?> <link type="text/css" rel="stylesheet" href="css/ladyboy.css" /> <link type="text/css" rel="stylesheet" href="css/myStyle.css" /> <?php if ($gallery_enable == 1) { if ($gallery_image == '') { for($i=0; $i<$configGalleryImgQty; $i++) { $aData[] = ''; } // end for($i=0; $i<$configGalleryImgQty; $i++) { $gallery_image = implode('::', $aData); $sql = " UPDATE member SET gallery_image = '" . $gallery_image . "' WHERE member_id = '".$_SESSION['s_member_id']."' "; sql_query($sql); } // end if ($gallery_image == '') { ?> <style> /*input[type=file] { display:block; height:0; width:0; }*/ #gallery_image { display:block; height:0; width:0; } #tbl-gallery-image img { cursor:pointer; } </style> <script type="text/javascript" src="/src/jquery.form.js"></script> <div id="divFileGallery"<?php echo ' style="position:absolute; display:none;"'?>> <form id="formFileGallery" name="formFileGallery" enctype="multipart/form-data" method="post" action=""> <input type="hidden" name="current_login_member_id" id="current_login_member_id" value="<?php echo $_SESSION['s_member_id']?>"> <input type="file" name="gallery_image" id="gallery_image"> <div id="LoadingGallery"></div> <input type="hidden" name="select_gallery_no" id="select_gallery_no"> <div id="tbl-gallery-image"></div> </form> </div><?php } // end if ($gallery_enable == 1) { ?> <table width="450" border="0" cellspacing="0" cellpadding="0" style="background-color:#F7D2FF"> <form action="memberPostForm_add.php" method="post" enctype="multipart/form-data" name="form1" id="formMemberPost" onsubmit="return checkMemberPost()"> <tr> <td><img src="images/top-form.gif" width="450" height="11" /></td> </tr> <tr> <td valign="top"><table width="450" border="0" cellspacing="0" cellpadding="0"> <tr> <td colspan="2" align="center" valign="top" style="padding-bottom:11px;"><table width="100%" border="0" cellspacing="0" cellpadding="0"> <tr> <td width="67%" valign="top" nowrap="nowrap" class="black"> สวัสดีคุณ <strong> <?php echo $username?> </strong> <br /> คุณโพสต์มาแล้ว <?php echo $post_record?> ครั้ง<br /> เวลาที่อยู่ในระบบ <?php /*$textTime = ''; if ($record_time > 0) { $check_time = (int)($record_time / (60*24*30*12)); if ($check_time > 0) { $textTime .= $check_time.' ปี '; $record_time = (int)($record_time % (60*24*30*12)); } // end if ($check_time > 0) { } // end if ($record_time > 0) if ($record_time > 0) { $check_time = (int)($record_time / (60*24*30)); if ($check_time > 0) { $textTime .= $check_time.' เดือน '; $record_time = (int)($record_time % (60*24*30)); } // end if ($check_time > 0) { } if ($record_time > 0) { $check_time = (int)($record_time / (60*24)); if ($check_time > 0) { $textTime .= $check_time.' วัน '; $record_time = (int)($record_time % (60*24)); } // end if ($check_time > 0) { } if ($record_time > 0) { $check_time = (int)($record_time / 60); if ($check_time > 0) { $textTime .= $check_time.' ชั่วโมง '; $record_time = (int)($record_time % 60); if ($record_time > 0) $textTime .= $record_time.' นาที'; } else { $textTime .= $record_time.' นาที'; } // end if ($check_time > 0) { } echo $textTime;*/ echo $date_count.' วัน'; ?></td> <td width="33%" align="right" valign="top"><a href="/<?php echo $configMyFileFirstPage?>?mode=<?php echo base64_encode('editProfile')?>">แก้ไขข้อมูลส่วนตัว</a> </td> </tr> </table> <?php if ($alarm_image_date != '0000-00-00') { list($y, $m, $d) = explode('-', $alarm_image_date); $mktime = mktime(0, 0, 0, $m, ($d + $configBanImageDayQty), $y); $canPostImageDate = @date("Y-m-d", $mktime); $checkCurrentDate = @date("Y-m-d"); if ($canPostImageDate > $checkCurrentDate) { ?><div class="black" style="padding:10px 0 0 10px; text-align:left;"> <div style="color:#ff0000; font-weight:bold;">Image Block <?php echo $configBanImageDayQty?> Day!</div> <strong>บัญชีผู้ใช้ของคุณจะไม่สามารถแก้ไขรูปได้เป็นเวลา 3 วัน</strong> <br> เนื่องจากคุณได้ทำผิดกฎของเว็บไซต์ โดยการโพสรูปลามกอนาจาร<br> ดังนั้น <?php echo $configWebmasterName?> จึงขอสงวนสิทธิ์ในการเปลี่ยนแปลงแก้ไขรูปของคุณเป็นเวลา <?php echo $configBanImageDayQty?> วัน </div> <?php } // end if ($canPostImageDate > $checkCurrentDate) { } // end if ($alarm_image_date != '0000-00-00') { ?> </td> </tr> <tr> <td width="82" valign="top" align="center"> <?php $imagePath = 'uploads/memberPost/'.$image; if ( ($image <> '') && (file_exists($imagePath)) ) { echo '<img src="'.$imagePath.'" border="0">'; } else { // end if ( ($image <> '') && (file_exists($imagePath)) ) { if (trim($facebook_link) == '') { echo '<img src="'.$a_gender_icon["$gender"].'" width="60" height="60">'; } else { // end if (trim($facebook_link) == '') { if (preg_match('/id=/i', $facebook_link)) { $aData = explode('id=', $facebook_link); echo '<img src="https://graph.facebook.com/'.end($aData).'/picture" border="0">'; } elseif (preg_match('/\//', $facebook_link)) { // end if (preg_match('/?id=/i', $facebook_link)) { $aData = explode('/', $facebook_link); echo '<img src="https://graph.facebook.com/'.end($aData).'/picture" border="0">'; } elseif ($facebook_id != '') { echo '<img src="https://graph.facebook.com/'.$facebook_id.'/picture" border="0">'; } else { // end elseif (preg_match('/\//', $facebook_link)) { echo '<img src="'.$a_gender_icon["$gender"].'" width="60" height="60" border="0">'; } } // if (trim($facebook_link) == '') { } // if ( ($image <> '') && (file_exists($imagePath)) ) { ?></td> <td width="368" valign="top" class="black" style="padding-left:3px;">เลือกรูป <input type="file" name="file1" id="file1"<?php if (($alarm_image_date != '0000-00-00') && ($canPostImageDate > $checkCurrentDate)) {?> disabled="disabled"<?php }?>> <input type="checkbox" name="camera" value="1" id="camera" /> <strong>มีกล้อง</strong> <?php if ($gallery_enable == 1) { ?><div style="padding:10px 0 10px 0; height:100px;"> Gallery<br> <br> <img src="images/spacer.png" id="areaFileGallery"> </div> <script type="text/javascript"> $(document).ready(function(){ $('#divFileGallery').css('top', ($('#areaFileGallery').offset().top)); $('#divFileGallery').css('left', $('#areaFileGallery').offset().left); $('#divFileGallery').show(); getDisplayGallery('<?php echo $gallery_image?>'); // Upload Gallery image $('#gallery_image').bind('change', function(){ if (checkFormFileGallery(this, <?php echo $configMemberPostSize?>)) { $('#tbl-gallery-image').hide(); $('#LoadingGallery').html('<img src="/images/loading.gif" alt="Uploading....">'); $('#formFileGallery').attr('action','/ajaxFiles/addGalleryImage.php'); $("#formFileGallery").ajaxForm(function(data){ callbackCheckFormFileGallery(data); }).submit(); } }); $('.gallery-group').show(); }); </script> <?php } // end if ($gallery_enable == 1) { ?> <div align="left" style="padding-top:5px">เพศ <select name="gender" id="gender"> <?php foreach ($a_gender as $key => $value) { ?> <option value="<?php echo $value?>" <?php if ( ($value == $gender) && ($gender <> '') ) echo "selected";?>><?php echo $value?></option> <?php } // end foreach ?> </select> อายุ <select name="age" id="age"> <?php if ($age == 0) { list($yourY, $yourM, $yourD) = explode('-',$birthday); $mktime = mktime(0,0,0,$yourM,$yourD,$yourY); $nowmktime = mktime(0,0,0,date("m"),date("d"),date("Y")); $mktime = $nowmktime - $mktime; $age = round($mktime/(365*24*60*60)); } // end if($age == 0) for ($i=15; $i<=60; $i++) { ?> <option value="<?php echo $i?>" <?php if ($age == $i) echo "selected";?>><?php echo $i?> ปี</option> <?php } // end for ?> </select> จังหวัด <select name="province" id="province"> <?php foreach ($a_configProvince as $value) { ?> <option value="<?php echo $value?>" <?php if ($province == $value) echo "selected";?>><?php echo $value?></option> <?php } // end while ?> </select> </div></td> </tr> <tr> <td colspan="2" valign="top" style="padding-top:11px;"><table width="450" border="0" cellpadding="0" cellspacing="0"> <tr> <td width="113" class="black" style="padding-bottom:11px; padding-right:5px;"> <strong>ข้อความ</strong></td> <td colspan="3" class="black" style="padding-bottom:11px;"><input name="message" type="text" id="message" size="50" maxlength="<?php echo (@in_array($_SESSION['s_member_id'], $a_member_VIP)) ? $configMemberPostMaxlength : $configMemberPostNormalMaxlength?>" value="<?php echo $_SESSION['s_message_post']?>" /></td> </tr> <tr> <td class="black" style="padding-bottom:11px; padding-right:5px;"> <strong>Hi5</strong></td> <td colspan="3" class="black" style="padding-bottom:11px;">http:// <input name="hi5_link" type="text" size="40" id="hi5_link" value="<?php echo $hi5_link?>" /></td> </tr> <tr> <td class="black" style="padding-bottom:11px; padding-right:5px;"> <strong>Facebook</strong></td> <td colspan="3" class="black" style="padding-bottom:11px;">http:// <input name="facebook_link" type="text" size="40" id="facebook_link" value="<?php echo $facebook_link?>" /><?php if ($enews_receive == 1) { ?><input type="hidden" name="enews_receive" id="enews_receive" value="<?php echo $enews_receive?>"/><?php } // end if ($enews_receive == 1) ?></td> </tr> <tr> <td class="black" style="padding-bottom:11px; padding-right:5px;"> <strong>Line</strong></td> <td colspan="3" class="black" style="padding-bottom:11px;"><input name="line_id" type="text" id="line_id" value="<?php echo $line_id?>" size="20" maxlength="20" ></td> </tr> <tr> <td class="black" style="padding-bottom:11px; padding-right:5px;"> <strong>Instagram</strong></td> <td colspan="3" class="black" style="padding-bottom:11px;"><input name="instagram" type="text" id="instagram" value="<?php echo $instagram?>" size="20" maxlength="50"></td> </tr> <?php if ($enews_receive <> 1) { ?> <tr> <td class="black" style="padding-bottom:11px; padding-right:5px;"> <strong>จดหมายข่าว</strong></td> <td colspan="3" class="black" style="padding-bottom:11px;"><input name="enews_receive" type="checkbox" id="enews_receive" value="1" /> ฉันตกลงรับข่าวสารจาก Msn Ladyboy</td> </tr> <?php } // end if ($enews_receive == 1) { ?> <tr> <td class="black" style="padding-bottom:11px; padding-right:5px;"> <strong>มีห้อง</strong></td> <td width="24" class="black" style="padding-bottom:11px;"><input name="room" type="checkbox" id="room" value="1" <?php if ($room==1) echo "checked";?> /></td> <td width="75" align="right" class="black" style="padding-bottom:11px; padding-right:5px;"><strong>BB PIN</strong></td> <td width="238" class="black" style="padding-bottom:11px;"><input name="bb_pin" type="text" id="bb_pin" value="<?php echo $bb_pin?>" size="8" maxlength="8" /></td> </tr> <tr> <td colspan="4"><div align="center"> <input name="bMemberPost" type="submit" value="โพสต์ !!" id="bMemberPost" /> <a href="/logout.php" onclick="return confirm('ยืนยันการออกจากระบบ')">ออกจากระบบ</a> <?php //board_post_id = 1 =========> gay?> <input type="hidden" name="board_post_id" id="board_post_id" value="1" /> </div></td> </tr> <tr> <td colspan="4"> </td> </tr> <tr> <td colspan="4"> <div align="center" class="black"><SPAN class=style1 ><FONT color=#ff0000><b>*กรุณาใช้รูปและข้อความที่สุภาพ*</b></FONT></SPAN><br> * ทุกครั้งที่คุณโพสต์ ชื่อของคุณจะได้อยู่เป็นลำดับที่ 1 ของรายการ * </div></td> </tr> </table></td> </tr> </table></td> </tr> <tr> <td><img src="images/bottom-form.gif" width="450" height="11" /></td> </tr> </form> </table> <?php unset($_SESSION['s_message_post']); ?>
Rename:
-