Файловый менеджер - Редактировать - C:/wwwroot/www.game-competition.com/admin/functions/functions.php
�азад
<?php require_once 'config.php'; require_once '../../app/includes/constant.php'; require_once '../../app/includes/app_start.php'; // require_once '../../app/includes/function_general.php'; function Secure_DATA($e) { return $e; } // Game Adding, Deleting And Updating Action if (isset($_POST['upload_game'])) { $game_name = mysqli_real_escape_string($con, $_POST['game_name']); $game_desc = mysqli_real_escape_string($con, $_POST['game_description']); $game_frame_url = mysqli_real_escape_string($con, $_POST['game_frame_url']); $game_status = mysqli_real_escape_string($con, $_POST['game_status']); $game_category = mysqli_real_escape_string($con, $_POST['game_category']); $game_banner_url = mysqli_real_escape_string($con, $_POST['game_banner_url']); $game_instructions = mysqli_real_escape_string($con, $_POST['game_instructions']); $game_played = random_int(500, 2200); $game_sort = random_int(100, 200); $game_repeats_load = 1; $game_quality = round(random_int(80000000, 98000000)/100000000, 8); if (isset($_FILES['game_image'])) { if ($_FILES['game_image']['error'] == 0) { $file_name = rand(111111111, 999999999) . $_FILES['game_image']['name']; if (move_uploaded_file($_FILES['game_image']['tmp_name'], "../../static/uploads/" . $file_name)); { $game_image_url = $site_url . 'static/uploads/' . $file_name; } } else { $game_image_url = mysqli_real_escape_string($con, $_POST['game_image_url']); } } else { $game_image_url = mysqli_real_escape_string($con, $_POST['game_image_url']); } $sql = "INSERT INTO `zon_games`(`game_name`, `game_description`, `game_instructions`, `game_image_url`, `game_url`, `game_published`, `game_category`, `game_banner_url`, `game_played`, `game_sort`, `game_quality`) VALUES ('$game_name','$game_desc','$game_instructions','$game_image_url','$game_frame_url', '$game_status', '$game_category', '$game_banner_url',$game_played,$game_sort, $game_quality)"; if (mysqli_query($con, $sql)) { @header("location: ../games.php"); } } if (isset($_POST['update_game'])) { $game_id = mysqli_real_escape_string($con, $_POST['game_id']); $game_name = mysqli_real_escape_string($con, $_POST['game_name']); $game_desc = mysqli_real_escape_string($con, $_POST['game_description']); $game_frame_url = mysqli_real_escape_string($con, $_POST['game_frame_url']); $game_status = mysqli_real_escape_string($con, $_POST['game_status']); $game_category = mysqli_real_escape_string($con, $_POST['game_category']); $game_banner_url = mysqli_real_escape_string($con, $_POST['game_banner_url']); $game_instructions = mysqli_real_escape_string($con, $_POST['game_instructions']); $game_played = $_POST['game_played']; $game_sort =$_POST['game_sort']; $game_repeats_load = 1; $game_quality = $_POST['game_quality'];//round(random_int(80000000, 98000000)/100000000, 8); if (isset($_FILES['game_image'])) { if ($_FILES['game_image']['error'] == 0) { $file_name = rand(111111111, 999999999) . $_FILES['game_image']['name']; if (move_uploaded_file($_FILES['game_image']['tmp_name'], "../../static/uploads/" . $file_name)); { $game_image_url = $site_url . 'static/uploads/' . $file_name; } } else { $game_image_url = mysqli_real_escape_string($con, $_POST['game_image_url']); } } else { $game_image_url = mysqli_real_escape_string($con, $_POST['game_image_url']); } $sql = "UPDATE `zon_games` SET `game_name`='$game_name', `game_description`='$game_desc', `game_instructions`='$game_instructions', `game_image_url`='$game_image_url', `game_url`='$game_frame_url', `game_published`='$game_status', `game_category`='$game_category', `game_banner_url`='$game_banner_url', `game_played`=$game_played, `game_sort`=$game_sort, `game_quality`=$game_quality WHERE id=$game_id"; if (mysqli_query($con, $sql)) { @header("location: ../games.php"); } } if (isset($_POST['add_category'])) { $category_name = mysqli_real_escape_string($con, $_POST['game_category']); $category_slug = mysqli_real_escape_string($con, $_POST['game_category_slug']); $cat_sort = $_POST['cat_sort']; if (mysqli_query($con, "insert into zon_category (`name`, `slug`, `cat_sort`) values ('$category_name' , '$category_slug', '$cat_sort') ")) { @header("location: ../categories.php"); } } if (isset($_POST['update_category'])) { $category_name = mysqli_real_escape_string($con, $_POST['game_category']); $category_slug = mysqli_real_escape_string($con, $_POST['game_category_slug']); $category_id = mysqli_real_escape_string($con, $_POST['category_id']); $cat_sort = $_POST['cat_sort']; if (mysqli_query($con, "update zon_category set `name`='$category_name', `slug`='$category_slug', `cat_sort`=$cat_sort where id=$category_id")) { @header("location: ../categories.php"); } } if (isset($_GET) && !empty($_GET['token_id']) && !empty($_GET['action']) && !empty($_GET['content_type'])) { if ($_GET['content_type'] == 'game') { $action = $_GET['action']; $token_id = $_GET['token_id']; if ($action == 'delete') { if (mysqli_query($con, "DELETE FROM zon_games where id=$token_id")) { @header("location: ../games.php"); } } } } if (isset($_GET) && !empty($_GET['token_id']) && !empty($_GET['action']) && !empty($_GET['content_type'])) { if ($_GET['content_type'] == 'category') { $action = $_GET['action']; $token_id = $_GET['token_id']; if ($action == 'delete') { if (mysqli_query($con, "delete from zon_category where id=$token_id")) { @header("location: ../categories.php"); } } else { echo "Failed"; } } } if (isset($_GET) && !empty($_GET['token_id']) && !empty($_GET['action']) && !empty($_GET['content_type']) && !empty($_GET['url'])) { if ($_GET['content_type'] == 'game') { $url = $_GET['url']; $action = $_GET['action']; $token_id = $_GET['token_id']; if ($action == 'delete') { if (mysqli_query($con, "delete from zon_games where id=$token_id")) { @header("location: $url.php"); } } else { echo "Failed"; } } } if (isset($_POST) && isset($_POST['ads_up_add'])) { $ad_name = mysqli_real_escape_string($con, $_POST['ad_name']); $id = Secure_DATA($_POST['ad_id']); $ad_code = mysqli_real_escape_string($con, $_POST['ad_code']); $ad_off = $_POST['ad_contr']; $sql = "UPDATE zon_ads set `code`='$ad_code', `ad_name`='$ad_name', `status`= 0 where id=$id"; if (!empty($ad_off)) { $sql = "UPDATE zon_ads set `code`='$ad_code', `ad_name`='$ad_name', `status`=1 where id=$id"; } if (mysqli_query($con, $sql)) { @header("location: ../advertisement.php"); } } if (isset($_POST) && isset($_POST['add_page'])) { $page_title = mysqli_escape_string($con, $_POST['page_title']); $page_desc = mysqli_escape_string($con, $_POST['page_desc']); $page_content = mysqli_escape_string($con, $_POST['page_content']); $query = "INSERT INTO `zon_pages` (`title`, `desc`, `content`) VALUES ('$page_title', '$page_desc', '$page_content') "; if (mysqli_query($con, $query)) { @header("location: ../pages.php"); } } if (isset($_GET) && !empty($_GET['token_id']) && !empty($_GET['action']) && !empty($_GET['content_type']) && !empty($_GET['url'])) { if ($_GET['content_type'] == 'page') { $url = $_GET['url']; $action = $_GET['action']; $token_id = $_GET['token_id']; if ($action == 'delete') { if (mysqli_query($con, "delete from zon_pages where id=$token_id")) { @header("location: $url"); } } else { echo "Failed"; } } } if (isset($_POST) && isset($_POST['update_page'])) { $page_title = mysqli_escape_string($con, $_POST['page_title']); $page_desc = mysqli_escape_string($con, $_POST['page_desc']); $page_content = mysqli_escape_string($con, $_POST['page_content']); $id = mysqli_escape_string($con, $_POST['id']); $query = "UPDATE `zon_pages` SET `title`='$page_title', `desc`='$page_desc', `content`='$page_content' where id=$id"; if (mysqli_query($con, $query)) { @header("location: ../pages.php"); } } if (isset($_GET) && !empty($_GET['token_id']) && !empty($_GET['action']) && !empty($_GET['content_type']) && !empty($_GET['url'])) { if ($_GET['content_type'] == 'comment') { $url = $_GET['url']; $action = $_GET['action']; $token_id = $_GET['token_id']; if ($action == 'delete') { if (mysqli_query($con, "delete from zon_comments where id=$token_id")) { @header("location: $url.php"); } } else { echo "Failed"; } } } if (isset($_GET) && !empty($_GET['token_id']) && !empty($_GET['action']) && !empty($_GET['content_type']) && !empty($_GET['url'])) { if ($_GET['content_type'] == 'user') { $url = $_GET['url']; $action = $_GET['action']; $token_id = $_GET['token_id']; if ($action == 'delete') { if (mysqli_query($con, "delete from zon_users where id=$token_id")) { @header("location: $url.php"); } } else { echo "Failed"; } } } if (isset($_POST) && isset($_POST['customize_button'])) { // $sidebar_show = Secure_DATA($_POST['sidebar_show']); $section_games_limit = Secure_DATA($_POST['section_games_limit']); $featured_game_slider = Secure_DATA($_POST['featured_game_slider']); $popular_views = Secure_DATA($_POST['popular_views']); $site_color = Secure_DATA($_POST['site_color']); $site_dark_bg_color = Secure_DATA($_POST['site_dark_bg_color']); $site_light_bg_color = Secure_DATA($_POST['site_light_bg_color']); $header_type = Secure_DATA($_POST['header_type']); $heder_category_limit = Secure_DATA($_POST['heder_category_limit']); $site_theme = Secure_DATA($_POST['site_theme']); $blog_slider = Secure_DATA($_POST['blog_slider']); $animate_class = Secure_DATA($_POST['animate_class']); $cursor_color = Secure_DATA($_POST['cursor_color']); $custom_cursor = Secure_DATA($_POST['custom_cursor']); // echo('site_theme:'. $site_theme . ", blog_slider:" . $blog_slider . $header_type); if (mysqli_query($con, "UPDATE zon_config SET site_theme='$site_theme', blog_slider=$blog_slider, section_games_limit=$section_games_limit, featured_game_slider=$featured_game_slider, popular_views=$popular_views, site_color='$site_color', site_dark_bg_color='$site_dark_bg_color', site_light_bg_color='$site_light_bg_color', header_type='$header_type', heder_category_limit=$heder_category_limit, animate_class='$animate_class', cursor_color='$cursor_color', custom_cursor=$custom_cursor ")) { header("location: ../customize.php"); } }
| ver. 1.4 |
Github
|
.
| PHP 7.3.33 | Генераци� �траницы: 0 |
proxy
|
phpinfo
|
�а�тройка