!C99Shell v. 2.0 [PHP 7 Update] [25.02.2019]!

Software: nginx/1.23.4. PHP/5.6.40-65+ubuntu20.04.1+deb.sury.org+1 

uname -a: Linux foro-restaurado-2 5.15.0-1040-oracle #46-Ubuntu SMP Fri Jul 14 21:47:21 UTC 2023
aarch64 

uid=33(www-data) gid=33(www-data) groups=33(www-data) 

Safe-mode: OFF (not secure)

/usr/share/nginx/html/phpbb3/forumrunner/include/   drwxrwxr-x
Free 83.36 GB of 96.73 GB (86.19%)
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     attach.php (4.45 KB)      -rw-rw-r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
<?php
/**
*
* @author Robert Johnston
*
* @package Forum Runner
* @version CVS/SVN: $Id: $
* @copyright (c) 2010 End of Time Studios, LLC
* @license http://opensource.org/licenses/gpl-license.php GNU Public License
*
*/

chdir(MCWD);
chdir('../');

$phpbb_root_path = (defined('PHPBB_ROOT_PATH')) ? PHPBB_ROOT_PATH './';
$phpEx substr(strrchr(__FILE__'.'), 1);
include($phpbb_root_path 'common.' $phpEx);
include($phpbb_root_path 'includes/functions_posting.' $phpEx);
include($phpbb_root_path 'includes/functions_display.' $phpEx);
include($phpbb_root_path 'includes/message_parser.' $phpEx);

fr_set_debug();

// Start session management
$user->session_begin();
$auth->acl($user->data);
$user->setup(array('posting''mcp''viewtopic'));

$user->page['root_script_path'] = str_replace('/forumrunner'''$user->page['root_script_path']);

function
do_upload_attachment ()
{
    global $config$template$user$auth$db$phpbb_root_path$phpEx$cache;

    $forum_id request_var('forumid'0);
    $attachment_ids split(';'request_var('attachmentids'''));

    $sql 'SELECT f.* FROM ' FORUMS_TABLE ' f WHERE f.forum_id = ' $forum_id;
    $result $db->sql_query($sql);
    $post_data $db->sql_fetchrow($result);
    $db->sql_freeresult($result);

    if (!$post_data)
    {
    trigger_error('NO_POST_MODE');
    }

    // Need to login to passworded forum first?
    if ($post_data['forum_password'])
    {
    if (!fr_login_forum_box(array(
        'forum_id'            => $forum_id,
        'forum_password'    => $post_data['forum_password'])
    )) {
        trigger_error(ERR_NEED_PASSWORD);
    }
    }

    if (!$auth->acl_get('f_read'$forum_id))
    {
    trigger_error('USER_CANNOT_READ');
    }

    if (!($auth->acl_get('f_attach'$forum_id) && $auth->acl_get('u_attach') && $config['allow_attachments'])) {
    trigger_error('ATTACHMENT_FUNCTIONALITY_DISABLED');
    }

    // We need to fake an attachment to use the phpBB framework
    // Fix mimetype
    if (strpos(strtolower($_FILES['attachment']['name']), '.jpe') !== false || 
    strpos(strtolower($_FILES['attachment']['name']), '.jpg') !== false)
    {
    $_FILES['attachment']['type'] = 'image/jpeg';
    } else if (strpos(strtolower($_FILES['attachment']['name']), '.png') !== false) {
    $_FILES['attachment']['type'] = 'image/png';
    } else if (strpos(strtolower($_FILES['attachment']['name']), '.gif') !== false) {
    $_FILES['attachment']['type'] = 'image/gif';
    } else {
    trigger_error(ATTACHED_IMAGE_NOT_IMAGE);
    }

    $_POST['add_file'] = true;
    $message_parser = new parse_message();

    // Pull any other attachments
    if ($attachment_ids) {
    $sql 'SELECT a.* FROM ' ATTACHMENTS_TABLE ' a WHERE ' .
        $db->sql_in_set('a.attach_id'$attachment_ids);
    $result $db->sql_query($sql);
    while ($other_attachment_data $db->sql_fetchrow($result)) {
        $message_parser->attachment_data[] = array(
        'attach_id' => $other_attachment_data['attach_id'],
        'is_orphan' => $other_attachment_data['is_orphan'],
        'real_filename' => $other_attachment_data['real_filename'],
        'attach_comment' => $other_attachment_data['attach_comment'],
        );
    }
    $db->sql_freeresult($result);
    }

    $message_parser->parse_attachments('attachment'$mode$forum_idfalsefalsetrue);

    if (count($message_parser->warn_msg)) {
    json_error($message_parser->warn_msg[0]);
    }

    return array(
    'attachmentid' => $message_parser->attachment_data[0]['attach_id'],
    );
}

function
do_delete_attachment ()
{
    global $config$template$user$auth$db$phpbb_root_path$phpEx$cache;

    $attachmentid request_var('attachmentid'0);

    if (!$attachmentid) {
    json_error(ERR_ATTACH_NO_DELETE);
    }

    include_once($phpbb_root_path 'includes/functions_admin.' $phpEx);

    $sql 'SELECT attach_id, physical_filename, thumbnail
    FROM ' ATTACHMENTS_TABLE '
    WHERE attach_id = ' $attachmentid '
    AND is_orphan = 1
    AND poster_id = ' $user->data['user_id'];
    $result $db->sql_query($sql);
    $row $db->sql_fetchrow($result);
    $db->sql_freeresult($result);

    if ($row)
    {
    phpbb_unlink($row['physical_filename'], 'file');

    if ($row['thumbnail'])
    {
        phpbb_unlink($row['physical_filename'], 'thumbnail');
    }

    $db->sql_query('DELETE FROM ' ATTACHMENTS_TABLE ' WHERE attach_id = ' $attachmentid);
    }
    
    return array( 
    'success' => 1,
    );
}

:: Command execute ::

Enter:
 
Select:
 

:: Search ::
  - regexp 
:: Upload ::
 
[ ok ]

:: Make Dir ::
 
[ ok ]
:: Make File ::
 
[ ok ]

:: Go Dir ::
 
:: Go File ::
 

--[ c99shell v. 2.0 [PHP 7 Update] [25.02.2019] maintained by HackingTool | HackingTool | Generation time: 0.0033 ]--