Al-HUWAITI Shell
Al-huwaiti


Server : Apache
System : Linux 122.228.205.92.host.secureserver.net 5.14.0-362.18.1.el9_3.x86_64 #1 SMP PREEMPT_DYNAMIC Mon Jan 29 07:05:48 EST 2024 x86_64
User : ondostategov ( 1002)
PHP Version : 8.1.33
Disable Function : NONE
Directory :  /home/ondostategov/public_html/scholarshipboardondostate/ossms/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Current File : /home/ondostategov/public_html/scholarshipboardondostate/ossms/process_document_1.php
<?php
	include('conn.php');
	session_start();

	
	if(isset($_SESSION['user_id'])){
		$user_id = $_SESSION['user_id'];
	}
	
	
	function check_input($data){
		$data=trim($data);
		$data=stripslashes($data);
		$data=htmlspecialchars($data);
		return $data;
	}

	$document=check_input($_POST['document_name']);
	$path_parts = pathinfo($_FILES["document"]["name"]);
	$ext = $path_parts['extension'];
	
	$filename = $user_id."_".$document. ".".$ext;
    $uploadDir = 'documents/';
	$savedPicture =  $uploadDir . $filename;
	
	$target_file = $uploadDir . basename($_FILES["document"]["name"]);
	$uploadOk = 1;
	$imageFileType = strtolower(pathinfo($target_file,PATHINFO_EXTENSION));
	
	
	
	if($savedPicture)
	{
		unlink($savedPicture);	
	}
	// Check file size
	if ($_FILES["document"]["size"] > 500000) {
		$_SESSION['err_msg'] = "Sorry, your file is too large.";
		header('location:dashboard_document.php');
		$uploadOk = 0;
		exit;
	}
	// Allow certain file formats
	if($imageFileType != "jpg" && $imageFileType != "jpeg" && $imageFileType !="pdf" && $imageFileType != "doc" && $imageFileType!= "docx"  ) {
		$_SESSION['err_msg'] = "Sorry only PDF, Word Documents (.doc, .docx) or JPEG files are allowed.";
		header('location:dashboard_document.php');
		$uploadOk = 0;
		
	}
	$user_id = $_SESSION['user_id'];
	$document_id = $document;
	
	$res1=mysqli_query( $conn, "SELECT * FROM uploaded_documents WHERE user_id='$user_id' and document_id = '$document_id'" );
	$userRow1=mysqli_fetch_array($res1);
	
	$documentpath = $userRow1['document_path'];
					
	if(mysqli_num_rows($res1) == 0){
				if (move_uploaded_file($_FILES["document"]["tmp_name"], $savedPicture)) {
						$_SESSION['success_msg'] = "Document uploaded successfully.";
						// save path in database
						$query = "insert into uploaded_documents  (id, user_id, document_id, document_path) values ('','$user_id','$document','$savedPicture')";
			
						mysqli_query($conn, $query) or die('Error, query failed');
						
						$_SESSION['path']=$savedPicture;
						header('location:dashboard_document.php');
				} else {
						$_SESSION['err_msg'] = "Sorry, there was an error uploading your file.";
						header('location:dashboard_document.php');
				}
	}else{
			if (move_uploaded_file($_FILES["document"]["tmp_name"], $savedPicture)) {
						$_SESSION['success_msg'] = "Document uploaded successfully.";
						// save path in database
						$query = "update uploaded_documents  set document_path = '$savedPicture' WHERE user_id='$user_id' and document_id = '$document_id' ";
			
						mysqli_query($conn, $query) or die('Error, query failed');
						
						$_SESSION['path']=$savedPicture;
						header('location:dashboard_document.php');
				} else {
						$_SESSION['err_msg'] = "Sorry, there was an error uploading your file.";
						header('location:dashboard_document.php');
				}
	}

	
		
		
	

?>

Al-HUWAITI Shell