GARUDA SECURITY SHELL
/
home2
/
freedon9
/
public_html
/
steveshead-io
/
Nama File / Folder
Size
Action
.well-known
--
NONE
admin
--
NONE
ai
--
NONE
api
--
NONE
cgi-bin
--
NONE
css
--
NONE
email-templates
--
NONE
fonts
--
NONE
images
--
NONE
includes
--
NONE
ipn
--
NONE
js
--
NONE
lib
--
NONE
login
--
NONE
pagebuilder
--
NONE
review_imgs
--
NONE
revolution
--
NONE
sqli
--
NONE
templates
--
NONE
uploads
--
NONE
video
--
NONE
.gitignore
0.015KB
Hapus
Edit
Rename
Syafriall.zip
17.04MB
Hapus
Edit
Rename
anjay.php
870.527KB
Hapus
Edit
Rename
checkout.php
47.519KB
Hapus
Edit
Rename
coming_soon.php
0.561KB
Hapus
Edit
Rename
config.php
1.242KB
Hapus
Edit
Rename
contact.php
3.98KB
Hapus
Edit
Rename
create_post.php
9.706KB
Hapus
Edit
Rename
dos.php
1.298KB
Hapus
Edit
Rename
download.php
1.419KB
Hapus
Edit
Rename
edit_post.php
9.858KB
Hapus
Edit
Rename
edit_profile.php
8.036KB
Hapus
Edit
Rename
error_log
870.052KB
Hapus
Edit
Rename
gelay.php
6.812KB
Hapus
Edit
Rename
get.php
1.115KB
Hapus
Edit
Rename
heart.svg
1.268KB
Hapus
Edit
Rename
igfi.py
85.205KB
Hapus
Edit
Rename
logout.php
0.955KB
Hapus
Edit
Rename
myaccount.php
4.171KB
Hapus
Edit
Rename
ngrok
25.56MB
Hapus
Edit
Rename
null.php
2.963KB
Hapus
Edit
Rename
nw
2.011KB
Hapus
Edit
Rename
onexdelta5.4.zip
245.401KB
Hapus
Edit
Rename
order-details-template.php
2.656KB
Hapus
Edit
Rename
phpinfo.php
0.042KB
Hapus
Edit
Rename
placeorder.php
1.096KB
Hapus
Edit
Rename
posts.php
6.966KB
Hapus
Edit
Rename
posts_author.php
7.579KB
Hapus
Edit
Rename
posts_category.php
7.458KB
Hapus
Edit
Rename
product.php
7.315KB
Hapus
Edit
Rename
products.php
8.238KB
Hapus
Edit
Rename
profile.php
4.78KB
Hapus
Edit
Rename
psqli.sh
208.997KB
Hapus
Edit
Rename
r57.php
101.077KB
Hapus
Edit
Rename
red_heart.svg
0.619KB
Hapus
Edit
Rename
reviews.php
9.789KB
Hapus
Edit
Rename
search.php
8.298KB
Hapus
Edit
Rename
telexa.js
0.986KB
Hapus
Edit
Rename
template.php
0.179KB
Hapus
Edit
Rename
todo.txt
0.069KB
Hapus
Edit
Rename
ve.zip
1.99MB
Hapus
Edit
Rename
<=Back
<?php $pagename = 'create_post'; include 'admin/includes/controller.php'; include 'includes/header.php'; include 'includes/navigation.php'; if ($user_details['userlevel'] < 3) { header("Location: /"); } $msg = ''; if ($_SERVER["REQUEST_METHOD"] == "POST") { if (empty($_POST["category"])) { $msg .= "Category is required<br>"; } if (empty($_POST["heading"])) { $msg .= "Heading is required<br>"; } if (empty($_POST["text"])) { $msg .= "Text is required<br>"; } } if (empty($msg)) { $status = isset($_POST['submit']) ? 'published' : 'draft'; if (isset($_POST['submit']) || isset($_POST['draft'])) { $author = $_POST['author']; $date = date('Y-m-d H:i:s'); $image = $_FILES['fileToUpload']['name']; $category = $_POST['category']; $heading = $_POST['heading']; $text = $_POST['text']; $target_dir = "uploads/"; $target_file = $target_dir . basename($_FILES["fileToUpload"]["name"]); $uploadOk = 1; $imageFileType = strtolower(pathinfo($target_file, PATHINFO_EXTENSION)); if (!empty($image)) { // Check if image file is a actual image or fake image $check = getimagesize($_FILES["fileToUpload"]["tmp_name"]); if ($check !== false) { $uploadOk = 1; } else { $msg .= "File is not an image. "; $uploadOk = 0; } // Check if file already exists if (file_exists($target_file)) { $msg .= "Sorry, file already exists."; $uploadOk = 0; } // Check file size if ($_FILES["fileToUpload"]["size"] > 500000) { $msg .= "Sorry, your file is too large."; $uploadOk = 0; } // Allow certain file formats if ($imageFileType !== "jpg" && $imageFileType !== "png" && $imageFileType !== "jpeg" && $imageFileType !== "gif") { $msg .= "Sorry, only JPG, JPEG, PNG & GIF files are allowed."; $uploadOk = 0; } // Check if $uploadOk is set to 0 by an error if ($uploadOk == 0) { $msg .= " Your file was not uploaded."; // if everything is ok, try to upload file } else { if (move_uploaded_file($_FILES["fileToUpload"]["tmp_name"], $target_file)) { $sql = "INSERT INTO posts (account_id, author, username, date, image, category, heading, text, updated, status) VALUES (?,?,?,?,?,?,?,?,?,?)"; $db->prepare($sql)->execute([$_SESSION['id'], $author, $_SESSION['username'], $date, $image, $category, $heading, $text, $date, $status]); if ($status == 'published') { $_SESSION['message'] = "<div class='text-success'><h6 class='mb-0'>Post updated successfully</h6></div>"; } else { $_SESSION['message'] = "<div class='text-success'><h6 class='mb-0'>Post saved as draft</h6></div>"; } } else { $msg .= "Sorry, there was an error."; } } } else { $image = 'placeholder.jpg'; $sql = "INSERT INTO posts (account_id, author, username, date, image, category, heading, text, updated, status) VALUES (?,?,?,?,?,?,?,?,?,?)"; $db->prepare($sql)->execute([$_SESSION['id'], $author, $_SESSION['username'], $date, $image, $category, $heading, $text, $date, $status]); if ($status == 'published') { $_SESSION['message'] = "<div class='text-success'><h6 class='mb-0'>Post updated successfully</h6></div>"; } else { $_SESSION['message'] = "<div class='text-success'><h6 class='mb-0'>Post saved as draft</h6></div>"; } } } } ?> <script src="https://cdn.tiny.cloud/1/pumeoohukkw6yore8rs2frkuj2dhp2ol4mdfzk67k4ivhloc/tinymce/5/tinymce.min.js" referrerpolicy="origin"></script> <!-- start section --> <section class="bg-light-gray overflow-visible"> <div class="container"> <div class="z-index-6 bg-white box-shadow-large padding-8-rem-all md-padding-5-rem-all xs-padding-4-rem-tb xs-padding-2-rem-lr wow animate__fadeIn" data-wow-delay="0.4s"> <div class="row justify-content-center"> <div class="col-12 col-xl-6 col-lg-7 text-center margin-4-half-rem-bottom md-margin-3-rem-bottom"> <span class="alt-font letter-spacing-minus-1-half text-extra-medium d-block margin-5px-bottom">Fill out the form to create a new post!</span> <h4 class="alt-font font-weight-600 text-extra-dark-gray">Create New Post</h4> <?php if (isset($_SESSION['message'])) { echo $_SESSION['message']; unset($_SESSION['message']); } ?> <?php if (!empty($msg)) { echo "<div class='text-danger'>" . $msg . "</div>"; } ?> </div> <div class="col-12"> <!-- start form --> <form action="create_post.php" method="POST" enctype="multipart/form-data"> <div class="row row-cols-1 row-cols-md-2"> <div class="col-lg-12 margin-4-rem-bottom sm-margin-25px-bottom"> <div class="row"> <div class="col-lg-6"> <?php $data = $db->query("SELECT * FROM categories")->fetchAll(); ?> <select class="form-select p-3 bg-white margin-25px-bottom required" name="category" aria-label="Default select example"> <option selected>Select a Category</option> <?php foreach ($data as $row) : ?> <option value="<?= htmlspecialchars($row['name']) ?>"><?= htmlspecialchars($row['name']) ?></option> <?php endforeach; ?> </select> </div> <div class="col-lg-6"> <input class="medium-input bg-white margin-25px-bottom required" type="text" name="author" value="<?= htmlspecialchars($user_details['firstname']) . ' ' . htmlspecialchars($user_details['lastname']) ?>" placeholder="Author" readonly> </div> <div class="col-lg-12"> <input class="medium-input bg-white margin-25px-bottom required" type="text" name="heading" placeholder="Heading"> </div> </div> <input class="form-control form-control-lg fw-light" type="file" name="fileToUpload" id="fileToUpload" placeholder="Image"> </div> <div class="col-lg-12 margin-4-rem-bottom sm-margin-20px-bottom"> <textarea class="medium-textarea bg-white h-130px" name="text" id="floatingText" style="height: 100px"></textarea> <script> tinymce.init({ selector: 'textarea', plugins: 'advlist autolink lists link image charmap print preview hr anchor pagebreak paste table imagetools media codesample code', toolbar_mode: 'floating', toolbar: 'undo redo | styleselect | bold italic | alignleft aligncenter alignright alignjustify | outdent indent numlist bullist media codesample code', height: "480", codesample_global_prismjs: true, images_upload_url: 'includes/postAcceptor.php', images_upload_base_path: '/', images_upload_credentials: true, video_template_callback: function(data) { return '<video width="' + data.width + '" height="' + data.height + '"' + (data.poster ? ' poster="' + data.poster + '"' : '') + ' controls="controls">\n' + '<source src="' + data.source + '"' + (data.sourcemime ? ' type="' + data.sourcemime + '"' : '') + ' />\n' + (data.altsource ? '<source src="' + data.altsource + '"' + (data.altsourcemime ? ' type="' + data.altsourcemime + '"' : '') + ' />\n' : '') + '</video>'; } }); </script> </div> <div class="col text-start sm-margin-25px-bottom"></div> <div class="col text-center text-md-end"> <input class="btn btn-sm btn-success d-table d-lg-inline-block lg-margin-15px-bottom md-margin-auto-lr" name="submit" type="submit" value="Create Post"> <input class="btn btn-sm btn-warning d-table d-lg-inline-block lg-margin-15px-bottom md-margin-auto-lr" name="draft" type="submit" value="Save Draft"> </div> </div> </form> <!-- end form --> </div> </div> </div> </div> </section> <!-- end section --> <?php include 'includes/footer.php'; ?>
Liking