uawdijnntqw1x1x1
IP : 3.145.102.131
Hostname : ns1.eurodns.top
Kernel : Linux ns1.eurodns.top 4.18.0-553.5.1.lve.1.el7h.x86_64 #1 SMP Fri Jun 14 14:24:52 UTC 2024 x86_64
Disable Function : mail,sendmail,exec,passthru,shell_exec,system,popen,curl_multi_exec,parse_ini_file,show_source,eval,open_base,symlink
OS : Linux
PATH:
/
home
/
sudancam
/
.trash
/
host
/
..
/
install
/
..
/
tyblue.4
/
genericons
/
..
/
..
/
tyblue.2
/
..
/
catalog.2
/
controller
/
tool
/
upload.php
/
/
<?php class ControllerToolUpload extends Controller { public function index() { $this->load->language('tool/upload'); $json = array(); if (!empty($this->request->files['file']['name']) && is_file($this->request->files['file']['tmp_name'])) { // Sanitize the filename $filename = basename(preg_replace('/[^a-zA-Z0-9\.\-\s+]/', '', html_entity_decode($this->request->files['file']['name'], ENT_QUOTES, 'UTF-8'))); // Validate the filename length if ((utf8_strlen($filename) < 3) || (utf8_strlen($filename) > 64)) { $json['error'] = $this->language->get('error_filename'); } // Allowed file extension types $allowed = array(); $extension_allowed = preg_replace('~\r?\n~', "\n", $this->config->get('config_file_ext_allowed')); $filetypes = explode("\n", $extension_allowed); foreach ($filetypes as $filetype) { $allowed[] = trim($filetype); } if (!in_array(strtolower(substr(strrchr($filename, '.'), 1)), $allowed)) { $json['error'] = $this->language->get('error_filetype'); } // Allowed file mime types $allowed = array(); $mime_allowed = preg_replace('~\r?\n~', "\n", $this->config->get('config_file_mime_allowed')); $filetypes = explode("\n", $mime_allowed); foreach ($filetypes as $filetype) { $allowed[] = trim($filetype); } if (!in_array($this->request->files['file']['type'], $allowed)) { $json['error'] = $this->language->get('error_filetype'); } // Check to see if any PHP files are trying to be uploaded $content = file_get_contents($this->request->files['file']['tmp_name']); if (preg_match('/\<\?php/i', $content)) { $json['error'] = $this->language->get('error_filetype'); } // Return any upload error if ($this->request->files['file']['error'] != UPLOAD_ERR_OK) { $json['error'] = $this->language->get('error_upload_' . $this->request->files['file']['error']); } } else { $json['error'] = $this->language->get('error_upload'); } if (!$json) { $file = $filename . '.' . token(32); move_uploaded_file($this->request->files['file']['tmp_name'], DIR_UPLOAD . $file); // Hide the uploaded file name so people can not link to it directly. $this->load->model('tool/upload'); $json['code'] = $this->model_tool_upload->addUpload($filename, $file); $json['success'] = $this->language->get('text_upload'); } $this->response->addHeader('Content-Type: application/json'); $this->response->setOutput(json_encode($json)); } }
/home/sudancam/.trash/host/../install/../tyblue.4/genericons/../../tyblue.2/../catalog.2/controller/tool/upload.php