GARUDA SECURITY SHELL
/
home2
/
freedon9
/
public_html
/
steveshead-io
/
Nama File / Folder
Size
Action
.well-known
--
NONE
admin
--
NONE
ai
--
NONE
api
--
NONE
cgi-bin
--
NONE
css
--
NONE
email-templates
--
NONE
fonts
--
NONE
images
--
NONE
includes
--
NONE
ipn
--
NONE
js
--
NONE
lib
--
NONE
login
--
NONE
pagebuilder
--
NONE
review_imgs
--
NONE
revolution
--
NONE
sqli
--
NONE
templates
--
NONE
uploads
--
NONE
video
--
NONE
.gitignore
0.015KB
Hapus
Edit
Rename
Syafriall.zip
17.04MB
Hapus
Edit
Rename
anjay.php
870.527KB
Hapus
Edit
Rename
cart.php
17.365KB
Hapus
Edit
Rename
checkout.php
47.519KB
Hapus
Edit
Rename
coming_soon.php
0.561KB
Hapus
Edit
Rename
comments.php
10.653KB
Hapus
Edit
Rename
config.php
1.242KB
Hapus
Edit
Rename
contact.php
3.98KB
Hapus
Edit
Rename
create_post.php
9.706KB
Hapus
Edit
Rename
dos.php
1.298KB
Hapus
Edit
Rename
download.php
1.419KB
Hapus
Edit
Rename
edit_post.php
9.858KB
Hapus
Edit
Rename
edit_profile.php
8.036KB
Hapus
Edit
Rename
error_log
870.052KB
Hapus
Edit
Rename
fatah.zip
827.265KB
Hapus
Edit
Rename
gelay.php
6.812KB
Hapus
Edit
Rename
get.php
1.115KB
Hapus
Edit
Rename
google3473e54e277d3222.html
0.052KB
Hapus
Edit
Rename
heart.svg
1.268KB
Hapus
Edit
Rename
igfi.py
85.205KB
Hapus
Edit
Rename
index.php
36.886KB
Hapus
Edit
Rename
kontol.py
1.019KB
Hapus
Edit
Rename
logout.php
0.955KB
Hapus
Edit
Rename
myaccount.php
4.171KB
Hapus
Edit
Rename
ngrok
25.56MB
Hapus
Edit
Rename
ngrok.tgz
8.66MB
Hapus
Edit
Rename
null.php
2.963KB
Hapus
Edit
Rename
nw
2.011KB
Hapus
Edit
Rename
onexdelta5.4.zip
245.401KB
Hapus
Edit
Rename
order-details-template.php
2.656KB
Hapus
Edit
Rename
pbit.zip
385.884KB
Hapus
Edit
Rename
phpinfo.php
0.042KB
Hapus
Edit
Rename
placeorder.php
1.096KB
Hapus
Edit
Rename
post.php
20.266KB
Hapus
Edit
Rename
post_draft.php
19.659KB
Hapus
Edit
Rename
posts.php
6.966KB
Hapus
Edit
Rename
posts_author.php
7.579KB
Hapus
Edit
Rename
posts_category.php
7.458KB
Hapus
Edit
Rename
posts_draft.php
7.07KB
Hapus
Edit
Rename
privacy.php
23.539KB
Hapus
Edit
Rename
product.php
7.315KB
Hapus
Edit
Rename
products.php
8.238KB
Hapus
Edit
Rename
profile.php
4.78KB
Hapus
Edit
Rename
profile_pic_upload.php
13.636KB
Hapus
Edit
Rename
psqli.sh
208.997KB
Hapus
Edit
Rename
pwreset.php
3.24KB
Hapus
Edit
Rename
r57.php
101.077KB
Hapus
Edit
Rename
red_heart.svg
0.619KB
Hapus
Edit
Rename
reviews.php
9.789KB
Hapus
Edit
Rename
search.php
8.298KB
Hapus
Edit
Rename
sel.php
2.348KB
Hapus
Edit
Rename
telexa.js
0.986KB
Hapus
Edit
Rename
template.php
0.179KB
Hapus
Edit
Rename
templates.php
10.743KB
Hapus
Edit
Rename
todo.txt
0.069KB
Hapus
Edit
Rename
ve.zip
1.99MB
Hapus
Edit
Rename
webshell.php
0.76KB
Hapus
Edit
Rename
<=Back
<?php include 'admin/includes/controller.php'; include 'includes/functions.php'; // Error Handling ini_set('error_reporting', E_ALL & ~E_DEPRECATED); if (isset($session->id)) { $stmt = $db->prepare("SELECT * FROM users WHERE id = ?"); $stmt->execute([$session->id]); $user = $stmt->fetch(); $comment_author = $user['firstname'] . ' ' . $user['lastname']; } // Below function will convert datetime to time elapsed string. function time_elapsed_string($datetime, $full = false) { $now = new DateTime; $ago = new DateTime($datetime); $diff = $now->diff($ago); $diff->w = floor($diff->d / 7); $diff->d -= $diff->w * 7; $string = array('y' => 'year', 'm' => 'month', 'w' => 'week', 'd' => 'day', 'h' => 'hour', 'i' => 'minute', 's' => 'second'); foreach ($string as $k => &$v) { if ($diff->$k) { $v = $diff->$k . ' ' . $v . ($diff->$k > 1 ? 's' : ''); } else { unset($string[$k]); } } if (!$full) $string = array_slice($string, 0, 1); return $string ? implode(', ', $string) . ' ago' : 'just now'; } function show_comment($comment, $comments = [], $filters = []) { global $db; // Convert new lines to <br> and escape special characters $content = nl2br(htmlspecialchars($comment['content'], ENT_QUOTES)); // Allowed html tags, feel free to add tags to the arrays $content = str_ireplace( ['<i>', '</i>', '<b>', '</b>', '<u>', '</u>', '<code>', '</code>', '<pre>', '</pre>'], ['<i>', '</i>', '<b>', '</b>', '<u>', '</u>', '<code>', '</code>', '<pre>', '</pre>'], $content ); // Apply the filters if ($filters) { $content = str_ireplace(array_column($filters, 'word'), array_column($filters, 'replacement'), $content); } // Get comment author avatar $comment_username = preg_replace('/\s*/', '', $comment['name']); $comment_username = strtolower($comment_username); $qry = $db->prepare("SELECT * FROM users WHERE username = ?"); $qry->execute([$comment_username]); $pic = $qry->fetchAll(); // Comment template $html = ' <div class="comment bg-white p-3 mb-3"> <div class="img">'; foreach ($pic as $avatar) { $html .= '<img class="rounded-circle" src = "' . (!empty($avatar['profile_pic']) ? htmlspecialchars($avatar['profile_pic']) : default_profile_image) . '" width = "48" height = "48" alt = "Comment Profile Image" >'; } $html .= '</div> <div class="con"> <div> <h3 class="name">' . htmlspecialchars($comment['name'], ENT_QUOTES) . '</h3> <span class="date">' . time_elapsed_string($comment['submit_date']) . '</span> </div> <p class="comment_content"> ' . $content . ' ' . ($comment['approved'] ? '' : '<br><br><i>(Awaiting approval)</i>') . ' </p> <div class="comment_footer"> <span class="num">' . $comment['votes'] . '</span> <a href="#" class="vote" data-vote="up" data-comment-id="' . $comment['id'] . '"> <i class="arrow up"></i> </a> <div class="post-votes-separator"></div> <a href="#" class="vote" data-vote="down" data-comment-id="' . $comment['id'] . '"> <i class="arrow down"></i> </a> <a class="reply_comment_btn ms-3 border rounded px-3" href="#" data-comment-id="' . $comment['id'] . '">Reply</a> </div> ' . show_write_comment_form($comment['id']) . ' <div class="replies"> ' . show_comments($comments, $filters, $comment['id']) . ' </div> </div> </div>'; return $html; } function show_comments($comments, $filters, $parent_id = -1) { $html = ''; if ($parent_id != -1) { array_multisort(array_column($comments, 'submit_date'), SORT_ASC, $comments); } foreach ($comments as $comment) { if ($comment['parent_id'] == $parent_id) { $html .= show_comment($comment, $comments, $filters); } } return $html; } function show_write_comment_form($parent_id = -1) { global $comment_author; $html = ' <div class="write_comment" data-comment-id="' . $parent_id . '"> <form> <input name="parent_id" type="hidden" value="' . $parent_id . '"> <input name="name" type="text" placeholder="Your Name" value="' . $comment_author . '"> <textarea name="content" placeholder="Write your comment here..." required></textarea> <input class="d-none" name="img_url" type="url" placeholder="Photo Icon URL (optional)"> <button class="btn btn-primary mb-3" type="submit">Submit</button> </form> </div> '; return $html; } // Page ID needs to exist as it is used to determine which comments are for which page. if (isset($_GET['page_id'])) { // Retrieve the filters $stmt = $db->prepare('SELECT * FROM filters'); $stmt->execute(); $filters = $stmt->fetchAll(PDO::FETCH_ASSOC); // IF the user submits the write comment form if (isset($_POST['name'], $_POST['content'], $_POST['parent_id'], $_POST['img_url'])) { // Insert a new comment $stmt = $db->prepare('INSERT INTO comments (page_id, parent_id, name, content, submit_date, img, approved) VALUES (?,?,?,?,NOW(),?,?)'); $approved = comments_approval ? 0 : 1; $stmt->execute([$_GET['page_id'], $_POST['parent_id'], $_POST['name'], $_POST['content'], $_POST['img_url'], $approved]); // Retrieve the comment $stmt = $db->prepare('SELECT * FROM comments WHERE id = ?'); $stmt->execute([$db->lastInsertId()]); $comment = $stmt->fetch(PDO::FETCH_ASSOC); // Create a notification for the admin $date = date('Y-m-d H:i:s'); $qry = "INSERT INTO alerts (name, type, message, status, date) VALUES (?,?,?,?,?)"; $new_user_stmt = $db->prepare($qry); $new_user_stmt->execute(['System Alert', 'alert', 'New Comment Posted by ' . $_POST['name'] . ' on <a href="/post.php?id=' . $_GET['page_id'] . '">post ID ' . $_GET['page_id']. '</a>', 'unread', $date]); // Send notification email to admin notifyAdmin('New Comment Added', 'A new comment has been added by ' . $_POST['name'] . ' on <a href="/post.php?id=' . $_GET['page_id'] . '">post ID' . $_GET['page_id']. '</a>. Please go to the admin panel and moderate it.'); // Output the comment exit(show_comment($comment)); } // IF the user clicks one of the vote buttons if (isset($_GET['vote'], $_GET['comment_id'])) { // Check if the cookie exists for this comment if (!isset($_COOKIE['vote_' . $_GET['comment_id']])) { // Cookie does not exists, update the votes column and increment/decrement the value $stmt = $db->prepare('UPDATE comments SET votes = votes ' . ($_GET['vote'] == 'up' ? '+' : '-') . ' 1 WHERE id = ?'); $stmt->execute([$_GET['comment_id']]); // Set vote cookie, this will prevent the users from voting multiple times on the same comment, cookie expires in 10 years setcookie('vote_' . $_GET['comment_id'], 'true', time() + (10 * 365 * 24 * 60 * 60), '/'); } // Retrieve the number of votes from the comments table $stmt = $db->prepare('SELECT votes FROM comments WHERE id = ?'); $stmt->execute([$_GET['comment_id']]); $comment = $stmt->fetch(PDO::FETCH_ASSOC); // Output the votes exit($comment['votes']); } // If the limit variables exist, add the LIMIT clause to the SQL statement $comments_per_pagination_page = isset($_GET['comments_to_show']) ? $_GET['comments_to_show'] : 30; $limit = isset($_GET['current_pagination_page']) ? 'LIMIT :current_pagination_page' : ''; // By default, order by the submit data (newest) $sort_by = 'ORDER BY submit_date DESC, submit_date DESC'; if (isset($_GET['sort_by'])) { // User has changed the sort by, update the sort_by variable $sort_by = $_GET['sort_by'] === 'newest' ? 'ORDER BY submit_date DESC' : $sort_by; $sort_by = $_GET['sort_by'] === 'oldest' ? 'ORDER BY submit_date ASC' : $sort_by; $sort_by = $_GET['sort_by'] === 'votes' ? 'ORDER BY votes DESC, submit_date DESC' : $sort_by; } // Get all comments by the Page ID ordered by the submit date $stmt = $db->prepare('SELECT * FROM comments WHERE page_id = :page_id AND approved = 1 ' . $sort_by . ' ' . $limit); if ($limit) { $stmt->bindValue(':current_pagination_page', (int)$_GET['current_pagination_page'] * (int)$comments_per_pagination_page, PDO::PARAM_INT); } // Bind the page ID to our query $stmt->bindValue(':page_id', $_GET['page_id'], PDO::PARAM_INT); $stmt->execute(); $comments = $stmt->fetchAll(PDO::FETCH_ASSOC); // Get the overall rating and total number of comments $stmt = $db->prepare('SELECT COUNT(*) AS total_comments FROM comments WHERE page_id = ? AND approved = 1'); $stmt->execute([$_GET['page_id']]); $comments_info = $stmt->fetch(PDO::FETCH_ASSOC); } else { exit('No page ID specified!'); } ?> <div class="comment_header"> <span class="total mt-3"><?= ($comments_info['total_comments'] == 1) ? $comments_info['total_comments'] . ' Comment' : $comments_info['total_comments'] . ' Comments' ?></span> <form method="POST"> <label for="sort_by"></label> <select class="form-select" name="sort_by" id="sort_by"> <option value="" disabled<?= !isset($_GET['sort_by']) ? ' selected' : '' ?>>Sort By</option> <option value="votes" <?= isset($_GET['sort_by']) && $_GET['sort_by'] === 'votes' ? ' selected' : '' ?>>Votes</option> <option value="newest" <?= isset($_GET['sort_by']) && $_GET['sort_by'] === 'newest' ? ' selected' : '' ?>>Newest</option> <option value="oldest" <?= isset($_GET['sort_by']) && $_GET['sort_by'] === 'oldest' ? ' selected' : '' ?>>Oldest</option> </select> </form> <a href="#" class="write_comment_btn btn btn-sm btn-secondary fw-light mt-3 ms-3" data-comment-id="-1">Write Comment</a> </div> <?= show_write_comment_form() ?> <div class="comments_wrapper"> <?= show_comments($comments, $filters) ?> </div> <?php if (count($comments) < $comments_info['total_comments']) : ?> <a href="#" class="show_more_comments">Show More</a> <?php endif; ?> <script type="text/javascript" src="js/comments.js"></script>
Liking