MOON
Server: Apache
System: Linux ip-208-109-13-31.ip.secureserver.net 3.10.0-1160.119.1.el7.tuxcare.els4.x86_64 #1 SMP Sat Aug 31 06:58:57 UTC 2024 x86_64
User: durgeshpandey215 (1013)
PHP: 8.1.29
Disabled: NONE
$ pwd: /home/durgeshpandey215/public_html/zeeroprice.skilladders.com/
Upload Files
File: /home/durgeshpandey215/public_html/zeeroprice.skilladders.com/product-edit-submit.php
<? require "application_top.php";
require "protect.php";
$pid = (isset($_REQUEST['pid']) && ($_REQUEST['pid']))? decode($_REQUEST['pid']) : 0;
$sellerid = isset($_SESSION['useridsess'])?$_SESSION['useridsess']:"";
if(isset($_REQUEST['catid'])){

	$catid = isset($_REQUEST['catid'])? $_REQUEST['catid'] : "";
	$subcatid = isset($_REQUEST['subcatid'])? $_REQUEST['subcatid'] : "";
	$ititle = isset($_REQUEST['ititle'])? cleartext(titlecase($_REQUEST['ititle'])) : "";
	$description = isset($_REQUEST['description'])? cleartext($_REQUEST['description']) : "";
	$qty = 1;
	$tilldate = isset($_REQUEST['tilldate'])? date('Y-m-d',strtotime($_REQUEST['tilldate'])) : "";
	$updatedon = date('Y-m-d H:i:s');
		
	$dbdataArr = array(
		'catid'=>$catid,
		'subcatid'=>$subcatid,
		'ititle'=>$ititle,
		'description'=>$description,
		'qty'=>$qty,
		'ip'=>$_SERVER["REMOTE_ADDR"],
		'updatedon'=>$updatedon,
		'tilldate'=>$tilldate
	);
	
	//-----------------UPLOAD PIC DATA-----------------------

for($i=1;$i<=4;$i++){
${'inputpic'.$i} = (isset($_REQUEST['inputpic'.$i])&&($_REQUEST['inputpic'.$i]))? $_REQUEST['inputpic'.$i] : "";
if(${'inputpic'.$i}){
$extension = pathinfo($_REQUEST['filename'.$i], PATHINFO_EXTENSION);
${'filename'.$i} = date('dmHis').rand(100,999).".".$extension;

	if (strpos(${'inputpic'.$i}, 'data:image/jpeg;base64,') === 0) {
	${'inputpic'.$i} = str_replace('data:image/jpeg;base64,', '', ${'inputpic'.$i});  
	}
	if (strpos(${'inputpic'.$i}, 'data:image/png;base64,') === 0) {
	${'inputpic'.$i} = str_replace('data:image/png;base64,', '', ${'inputpic'.$i}); 
	}
	if (strpos(${'inputpic'.$i}, 'data:image/bmp;base64,') === 0) {
	${'inputpic'.$i} = str_replace('data:image/bmp;base64,', '', ${'inputpic'.$i}); 
	}
	${'inputpic'.$i} = str_replace(' ', '+', ${'inputpic'.$i});
	$data = base64_decode(${'inputpic'.$i});
	
	$file = 'images/products/'.${'filename'.$i};
	if (file_put_contents($file, $data)){
	//update db table
	$dbdataArr['pic'.$i] = ${'filename'.$i};
	}
}
}
//----------------------------------------

	$db->where('pid',$pid);
	$db->where('sellerid',$sellerid);
	$db->update('products',$dbdataArr);
	$_SESSION['msg'] = "Product edited Sucussfully!";
	header("location:".$_SERVER['HTTP_REFERER']);exit;
}
?>
@ Telegram