MOON
Server: Apache
System: Linux ip-208-109-13-31.ip.secureserver.net 3.10.0-1160.119.1.el7.tuxcare.els4.x86_64 #1 SMP Sat Aug 31 06:58:57 UTC 2024 x86_64
User: durgeshpandey215 (1013)
PHP: 8.1.29
Disabled: NONE
$ pwd: /home/durgeshpandey215/public_html/zeeroprice.skilladders.com/
Upload Files
File: /home/durgeshpandey215/public_html/zeeroprice.skilladders.com/product-addnew-submit.php
<? require "application_top.php";
require "protect.php";

$sellerid = isset($_SESSION['useridsess'])?$_SESSION['useridsess']:"";
if(isset($_REQUEST['catid'])){

	$catid = isset($_REQUEST['catid'])? $_REQUEST['catid'] : "";
	$subcatid = isset($_REQUEST['subcatid'])? $_REQUEST['subcatid'] : "";
	$ititle = isset($_REQUEST['ititle'])? cleartext(titlecase($_REQUEST['ititle'])) : "";
	$description = isset($_REQUEST['description'])? cleartext($_REQUEST['description']) : "";
	$gwfrom = isset($_REQUEST['gwfrom'])? cleartext($_REQUEST['gwfrom']) : "";
	$sex = isset($_REQUEST['sex'])? cleartext($_REQUEST['sex']) : "";
	$mysize = isset($_REQUEST['mysize'])? $_REQUEST['mysize'] : "";
	$mrp = isset($_REQUEST['mrp'])? cleartext($_REQUEST['mrp']) : "";
	$minprice = isset($_REQUEST['minprice'])? $_REQUEST['minprice'] : "";
	$qty = 1;
	$tilldate = isset($_REQUEST['tilldate'])? date('Y-m-d',strtotime($_REQUEST['tilldate'])) : "";
	$postedon = date('Y-m-d H:i:s');
	
	$dbdataArr = array(
		'sellerid'=>$sellerid,
		'catid'=>$catid,
		'subcatid'=>$subcatid,
		'ititle'=>$ititle,
		'description'=>$description,
		'mrp'=>$mrp,
		'minprice'=>$minprice,
		'reducedPrice'=>$mrp,
		'qty'=>$qty,
		'ip'=>$_SERVER["REMOTE_ADDR"],
		'postedon'=>$postedon,
		'updatedon'=>$postedon,
		'tilldate'=>$tilldate,
		'istatus'=>1,
	);
	
//-----------------UPLOAD PIC DATA-----------------------

for($i=1;$i<=4;$i++){
${'inputpic'.$i} = (isset($_REQUEST['inputpic'.$i])&&($_REQUEST['inputpic'.$i]))? $_REQUEST['inputpic'.$i] : "";
if(${'inputpic'.$i}){
$extension = pathinfo($_REQUEST['filename'.$i], PATHINFO_EXTENSION);
${'filename'.$i} = date('dmHis').rand(100,999).".".$extension;

	if (strpos(${'inputpic'.$i}, 'data:image/jpeg;base64,') === 0) {
	${'inputpic'.$i} = str_replace('data:image/jpeg;base64,', '', ${'inputpic'.$i});  
	}
	if (strpos(${'inputpic'.$i}, 'data:image/png;base64,') === 0) {
	${'inputpic'.$i} = str_replace('data:image/png;base64,', '', ${'inputpic'.$i}); 
	}
	if (strpos(${'inputpic'.$i}, 'data:image/bmp;base64,') === 0) {
	${'inputpic'.$i} = str_replace('data:image/bmp;base64,', '', ${'inputpic'.$i}); 
	}
	${'inputpic'.$i} = str_replace(' ', '+', ${'inputpic'.$i});
	$data = base64_decode(${'inputpic'.$i});
	
	$file = 'images/products/'.${'filename'.$i};
	if (file_put_contents($file, $data)){
	//update db table
	$dbdataArr['pic'.$i] = ${'filename'.$i};
	}
}
}
//----------------------------------------

	if($db->insert('products',$dbdataArr)){
	$_SESSION['msg'] = "Product Added Sucussfully! It will be reviewed and made live soon";
	}else{
	$_SESSION['msg'] = $db->getLastError();	
	}
	header("location:".$_SERVER['HTTP_REFERER']);exit;
}
?>
@ Telegram