|
Server : Apache/2 System : Linux vps.phamthanh.local 3.10.0-1160.102.1.el7.x86_64 #1 SMP Tue Oct 17 15:42:21 UTC 2023 x86_64 User : benhviencoc7 ( 1008) PHP Version : 5.6.40 Disable Function : exec,system,passthru,shell_exec,proc_close,proc_open,dl,popen,show_source,posix_kill,posix_mkfifo,posix_getpwuid,posix_setpgid,posix_setsid,posix_setuid,posix_setgid,posix_seteuid,posix_setegid,posix_uname Directory : /home/benhviencoc7/domains/benhviendkkvcampha.vn/private_html/adminvn/ |
Upload File : |
<?php
/*----------------------------------------*\
| Copyright © C-ILY |
| Phone: 0983.998.994 |
| Y!m: notepad.html |
| Email: truongpv87@gmail.com |
\*----------------------------------------*/
define('CILY',true);
include('../#includes/config.php');
if(check_log() == true) {
if($_GET['type'] == 'add' && strlen($_POST['content']) >= 10 && $_POST['captcha'] == $_SESSION['captcha']){
@mysql_query("INSERT INTO cily_comments (comment_content, comment_pid, comment_user, comment_time) VALUES ('".addsla($_POST['content'])."', ".$_POST['pid'].", ".$_SESSION['user']['id'].", ".time().")");
header('Location: '.$_POST['back']);
}
elseif($_GET['type'] == 'reply' && check_level() >= 2){
@mysql_query("INSERT INTO cily_comments (comment_content, comment_pid, comment_sid, comment_user, comment_read, comment_time) VALUES ('".addsla($_POST['content'])."', ".$_POST['pid'].", ".$_POST['id'].", ".$_SESSION['user']['id'].", '0', ".time().")");
header('Location: index.php?m=2');
}
elseif($_GET['type'] == 'edit' && check_level() >= 2){
@mysql_query("UPDATE cily_comments SET comment_content = '".addsla($_POST['content'])."' WHERE id = ".$_POST['id']);
header('Location: index.php?m=2');
}
elseif($_GET['type'] == 'del' && $_POST['action'] == 1 && $_POST['id'] && check_level() >= 2){
$total = count($_POST['id']);
for($i=0; $i<$total; $i++) {
@mysql_query("DELETE FROM cily_comments WHERE id = ".$_POST['id'][$i]);
}
Redirect("","index.php?m=2");
}
else header('Location: index.php?m=2');
}
else echo "Hacking attempt";
?>