shell bypass 403
UnknownSec Shell
:
/
home
/
delvin
/
public_html
/
dev2.delv-in.com
/
views
/ [
drwxr-xr-x
]
upload
mass deface
mass delete
console
info server
name :
v_admin_consSched.php
<?php date_default_timezone_set('Canada/Pacific'); $Consult_Schedule = new Consult_Schedule; $Consult_Bookings = new Consult_Bookings; $weekDaysArr = array('Sun', 'Mon', 'Tue', 'Wed', 'Thu', 'Fri', 'Sat'); $timezonesArr = array("Canada/Pacific"=>"Pacific", "Canada/Mountain"=>"Mountain", "Canada/Central"=>"Central", "Canada/Eastern"=>"Eastern", "Canada/Atlantic"=>"Atlantic", "Canada/Newfoundland"=>"Newfoundland"); $timeZoneConvertArr = array("Canada/Pacific"=>"0", "Canada/Mountain"=>"1", "Canada/Central"=>"2", "Canada/Eastern"=>"3", "Canada/Atlantic"=>"4", "Canada/Newfoundland"=>"4.5"); if ($_POST['submitBut'] == '←'){ $dateTS = strtotime(date('M j, Y', $_POST['dateTS']) . " - 1 month"); $_POST['day'] = ''; $_POST['t'] = ''; } else if ($_POST['submitBut'] == '→'){ $dateTS = strtotime(date('M j, Y', $_POST['dateTS']) . " + 1 month"); $_POST['day'] = ''; $_POST['t'] = ''; } else if (isset($_POST['dateTS'])){ $dateTS = $_POST['dateTS']; } else { $dateTS = mktime(0, 0, 0, date('n'), 1, date('Y')); } $startTS = mktime(0, 0, 0, date('n', $dateTS), 1, date('Y', $dateTS)); $endTS = mktime(23, 59, 59, date('n', $dateTS), date('t', $dateTS), date('Y', $dateTS)); $firstWkDay = date('w', $dateTS); ?> <div class='col-12 pad_4_t pad_12_b'> <div class='col75'> <h1>Schedule Time Blocks for Consultations</h1> </div> <div class='col25 right'> <form action='' method='post'> <input type='hidden' name='dateTS' value='<?php echo $dateTS; ?>'> <input type='hidden' name='t' value='<?php echo $_POST['t']; ?>'> <input type='hidden' name='day' value='<?php echo $_POST['day']; ?>'> <input type='hidden' name='conSchedID' value=''> <input type='submit' name='submitBut' value='Open a Block' class='btn btn_add btn-mini'> </form> </div> </div> <?php echo " <div class='month_cal'> <div class='col-12'> <div class='col50'> <h2>" . date('F Y', $dateTS) ."</h2> </div> <div class='col50 right'> <form action='' method='post'> <input type='hidden' name='dateTS' value='". $dateTS ."'> <input type='hidden' name='t' value='". $_POST['t'] ."'> <input type='hidden' name='day' value='". $_POST['day'] ."'> <input type='submit' name='submitBut' value='←' class='btn-cal'> <input type='submit' name='submitBut' value='→' class='btn-cal'> </form> </div> </div>"; $rows = $Consult_Schedule->get('', $startTS, $endTS); $blocks = array(); // block details $openDays = array(); // days with blocks foreach ($rows as $row){ // echo __line__."<pre>"; print_r($row); echo "</pre>"; // echo __line__.": conSchedID=". $row['conSchedID'].", start=" . date('h:i M j/y', $row['startTS']) .", end=" . date('h:i M j/y', $row['endTS']).", conBookID=". $row['conBookID'] ."<br>"; $openDays[date('j', $row['startTS'])] = $row; $blocks[date('j', $row['startTS'])][date('Hi', $row['startTS'])] = $row; } echo " <table class='calendar_table'> <tr>"; for ($i=0; $i<=6; $i++){ echo " <th class='centre'>". $weekDaysArr[$i] . "</th>"; } echo " </tr> <tr>"; $day = ''; for ($d=1; $d<= date('t', $dateTS); $d= $d+6){ for ($w=0; $w<=6; $w++){ if (date('w', $dateTS) == $w && $d == 1){ $day = 1; } else if ($day > date('t', $dateTS)){ $day = ''; } echo "<td>"; if ($_POST['day'] == $day && $day > 0){ echo "<input type='button' value='". $day ."' class='btn_calDay'>"; } else if (isset($openDays[$day])){ echo " <form action='' method='post'> <input type='hidden' name='dateTS' value='". $dateTS ."'> <input type='hidden' name='t' value='". strtotime(date('M', $dateTS) ." " . $day .", ". date('Y', $dateTS)) ."'> <input type='submit' name='day' value='". $day ."' class='btn_calendar'> </form>"; } else { echo $day; } echo "</td>"; if ($day >= 1){ $day++; } if ($w == 6){ echo "</tr> <tr>"; } } } echo " </table> </div>"; // echo "<div class='col-12'>" // . __line__.": " . intval($_POST['t']) . "<pre>"; print_r($openDays); echo "</pre> // </div>"; echo " <div class='day_slots'> "; if ($_POST['t'] > 0){ echo " <div class='col-12'> <h2>" . date('l, F j', $_POST['t']) . "</h2> </div>"; foreach ($blocks as $j => $block){ // print_r($block); foreach ($block as $startTime => $db){ if (date('j', intval($_POST['t'])) == $j){ $duration = ($db['endTS'] - $db['startTS']) / 60; echo " <div class='col-12 pad_4_t'> <div class='col50 pad_4_r'>"; if (!isset($db['conBookID'])){ echo " <input type='submit' name='submitBut' value='" . date('g:i a', $db['startTS']) . " - " . date('g:i a', $db['endTS']). "' class='sched_block' onclick='show_div(\"block".$db['conSchedID']."\")'> <form action='' method='post'> <input type='hidden' name='dateTS' value='". $dateTS ."'> <input type='hidden' name='t' value='". $_POST['t'] ."'> <input type='hidden' name='day' value='". $_POST['day'] ."'> <input type='hidden' name='conSchedID' value='" . $db['conSchedID'] ."'> <div id='block". $db['conSchedID'] . "' style='display: none' class='cal_form_box'> <h3>Book a Free " . $duration . " Minute Consultation at " . date('g:i a', $db['startTS']) ." on " . date('l, F j', $db['startTS']) ."</h3> <div class='col-12 pad_4_t centre'> <input type='text' name='clName' placeholder='Your name' value=''> </div> <div class='col-12 pad_4_t centre'> <input type='text' name='clEmail' placeholder='Your email address' value=''> </div> <div class='col-12 pad_4_t centre'> <input type='text' name='clOrg' placeholder='Name of your practice' value=''> </div> <div class='col-12 pad_4_t centre'> <input type='submit' name='submitBut' value='Confirm' class='btn btn_save'> <input type='submit' name='submitBut' value='Cancel' class='btn btn_cancel'> </div> </div> </form>"; } else { echo " <input type='button' value='" . date('g:i a', $db['startTS']) . " - " . date('g:i a', $db['endTS']). "' class='sched_block_booked' onclick='show_div(\"block".$db['conSchedID']."\")'> <div id='block". $db['conSchedID'] . "' style='display: none' class='cal_form_box pad_12_l pad_12_t'> <h3>" . $duration ." Minute Consultation <br>" . date('g:i a', $db['startTS']) ." " . date('l, F j', $db['startTS']) ; if ($timeZoneConvertArr[$db['clLocation']] > 0){ echo "<br> (" . date('g:i a', $db['startTS'] + $timeZoneConvertArr[$db['clLocation']]*60*60)." " . $timezonesArr[$db['clLocation']]. " time)"; } echo "</h3> <div class='col-12 pad_12_t'> " . $db['clName'] ." </div> <div class='col-12 pad_4_t'> <a href='mailto:" . $db['clEmail'] . "'>" . $db['clEmail'] ."</a> </div> <div class='col-12 pad_4_t'> " . $db['clOrg'] . " </div> <div class='col-12 top_line'> ". $db['note'] . " </div> <div class='col-12 pad_4_t centre'> <form action='' method='post'> <input type='hidden' name='dateTS' value='". $dateTS ."'> <input type='hidden' name='t' value='". $_POST['t'] ."'> <input type='hidden' name='day' value='". $_POST['day'] ."'> <input type='hidden' name='conBookID' value='" . $db['conBookID'] ."'> <input type='hidden' name='conSchedID' value='" . $db['conSchedID'] ."'> <input type='submit' name='submitBut' value='Edit' class='btn btn-mini btn_edit'> <input type='button' value='Close' class='btn btn_cancel btn-mini' onclick='hide_div(\"block".$db['conSchedID']."\")'> </form> </div> </div>"; } echo " </div> <div class='col25 centre'> <form action='' method='post'> <input type='hidden' name='conSchedID' value='". $db['conSchedID'] ."'> <input type='hidden' name='dateTS' value='". $dateTS ."'> <input type='hidden' name='t' value='". $_POST['t'] ."'> <input type='hidden' name='day' value='". $_POST['day'] ."'> <input type='submit' name='submitBut' value='Edit' class='btn btn-mini btn_edit'> <input type='submit' name='submitBut' value='Delete' class='btn btn-mini btn_delete'> </form> </div> <div class='col25 centre'>"; if ($db['conBookID'] > 0){ echo " <div id='bkID" . $db['conBookID'] . "' style='display: none' class='delBkConf'> <form action='' method='post'> <input type='hidden' name='conBookID' value='". $db['conBookID'] ."'> <input type='hidden' name='dateTS' value='". $dateTS ."'> <input type='hidden' name='t' value='". $_POST['t'] ."'> <input type='hidden' name='day' value='". $_POST['day'] ."'> <p>Are you sure you want to delete the " . date('g:i a', $db['startTS']) . " booking?<br>This cannot be undone!</p> <div class='col-12 centre'> <input type='submit' name='submitBut' value='Confirm Delete Booking' class='btn btn-mini btn_delete'> <input type='submit' name='submitBut' value='Cancel' class='btn btn-mini btn_cancel'> </div> </form> </div> <input type='button' name='submitBut' value='Delete Booking' class='btn btn-mini btn_delete' onclick='show_div(\"bkID" . $db['conBookID'] . "\")' >"; } echo " </div> </div>"; } } } } echo " </div> "; ?>
© 2026 UnknownSec