Tul xxx Tul
User / IP
:
216.73.216.227
Host / Server
:
45.84.207.204 / aircan.me
System
:
Linux lt-bnk-web1726.main-hosting.eu 5.14.0-611.36.1.el9_7.x86_64 #1 SMP PREEMPT_DYNAMIC Tue Mar 3 11:23:52 EST 2026 x86_64
Command
|
Upload
|
Create
Mass Deface
|
Jumping
|
Symlink
|
Reverse Shell
Ping
|
Port Scan
|
DNS Lookup
|
Whois
|
Header
|
cURL
:
/
home
/
u931257429
/
domains
/
aircan.me
/
public_html
/
inmobiliaria
/
admin
/
Viewing: builderadd.php
<?php session_start(); require("config.php"); if(!isset($_SESSION['auser'])) { header("location:index.php"); exit; } $error=""; $msg=""; if(isset($_POST['insert'])) { $name = isset($_POST['name']) ? trim($_POST['name']) : ''; $email = isset($_POST['email']) ? trim($_POST['email']) : ''; $phoneInput = isset($_POST['phone']) ? trim($_POST['phone']) : ''; $phoneHasPlus = ($phoneInput !== '' && $phoneInput[0] === '+'); $phoneDigits = preg_replace('/\D+/', '', $phoneInput); $phone = ($phoneHasPlus ? '+' : '') . $phoneDigits; $pass = isset($_POST['pass']) ? trim($_POST['pass']) : ''; $uimage = isset($_FILES['uimage']['name']) ? $_FILES['uimage']['name'] : ''; $temp_name = isset($_FILES['uimage']['tmp_name']) ? $_FILES['uimage']['tmp_name'] : ''; if(!empty($name) && !empty($email) && !empty($phoneInput) && !empty($pass) && !empty($uimage)) { if(!$phoneHasPlus || !preg_match('/^\+[1-9]\d{7,14}$/', $phone)) { $error = "<p class='alert alert-warning'>Phone number must include country code (example: +573001234567)</p>"; } else { $nameEsc = mysqli_real_escape_string($con, $name); $emailEsc = mysqli_real_escape_string($con, $email); $phoneEsc = mysqli_real_escape_string($con, $phone); $dup = mysqli_query($con, "SELECT 1 FROM user WHERE uemail='{$emailEsc}' LIMIT 1"); if($dup && mysqli_num_rows($dup) > 0) { $error = "<p class='alert alert-warning'>Email Id already Exist</p>"; } else { $passHash = sha1($pass); $passEsc = mysqli_real_escape_string($con, $passHash); $uimageEsc = mysqli_real_escape_string($con, $uimage); $utype = 'builder'; $sql = "INSERT INTO user (uname,uemail,uphone,upass,utype,uimage) VALUES ('{$nameEsc}','{$emailEsc}','{$phoneEsc}','{$passEsc}','{$utype}','{$uimageEsc}')"; $result = mysqli_query($con, $sql); if($result) { move_uploaded_file($temp_name, "user/{$uimage}"); $msg = "<p class='alert alert-success'>Builder Created</p>"; header("Location:userbuilder.php?msg=" . urlencode($msg)); exit; } else { $error = "<p class='alert alert-warning'>Builder Not Created</p>"; } } } } else { $error = "<p class='alert alert-warning'>Please Fill all the fields</p>"; } } ?> <!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0, user-scalable=0"> <title>LM Homes | Builder</title> <!-- Favicon --> <link rel="shortcut icon" type="image/png" href="../images/logo/logo.png"> <!-- Bootstrap CSS --> <link rel="stylesheet" href="assets/css/bootstrap.min.css"> <!-- Fontawesome CSS --> <link rel="stylesheet" href="assets/css/font-awesome.min.css"> <!-- Feathericon CSS --> <link rel="stylesheet" href="assets/css/feathericon.min.css"> <!-- Main CSS --> <link rel="stylesheet" href="assets/css/style.css"> <!-- Modern Admin 2026 CSS --> <link rel="stylesheet" href="assets/css/modern-admin-2026.css"> <!--[if lt IE 9]> <script src="assets/js/html5shiv.min.js"></script> <script src="assets/js/respond.min.js"></script> <![endif]--> </head> <body> <!-- Main Wrapper --> <!-- Header --> <?php include("header.php"); ?> <!-- /Sidebar --> <!-- Page Wrapper --> <div class="page-wrapper"> <div class="content container-fluid"> <!-- Page Header --> <div class="page-header"> <div class="row"> <div class="col"> <h3 class="page-title">Builder</h3> <ul class="breadcrumb"> <li class="breadcrumb-item"><a href="dashboard.php">Dashboard</a></li> <li class="breadcrumb-item"><a href="userbuilder.php">Builder</a></li> <li class="breadcrumb-item active">Add</li> </ul> </div> </div> </div> <!-- /Page Header --> <div class="row"> <div class="col-md-12"> <div class="card"> <div class="card-header"> <h4 class="card-title">Add Builder</h4> <?php echo $error; ?> <?php echo $msg; ?> </div> <div class="card-body"> <form method="post" enctype="multipart/form-data"> <div class="row"> <div class="col-xl-6"> <div class="form-group row"> <label class="col-lg-3 col-form-label">Name</label> <div class="col-lg-9"> <input type="text" class="form-control" name="name" required> </div> </div> <div class="form-group row"> <label class="col-lg-3 col-form-label">Email</label> <div class="col-lg-9"> <input type="email" class="form-control" name="email" required> </div> </div> <div class="form-group row"> <label class="col-lg-3 col-form-label">Contact</label> <div class="col-lg-9"> <input type="tel" class="form-control" name="phone" placeholder="e.g. +573001234567" required inputmode="tel" maxlength="16" pattern="\+[1-9][0-9]{7,14}" title="Include country code with + and digits only, e.g. +573001234567"> </div> </div> <div class="form-group row"> <label class="col-lg-3 col-form-label">Password</label> <div class="col-lg-9"> <input type="password" class="form-control" name="pass" required> </div> </div> <div class="form-group row"> <label class="col-lg-3 col-form-label">Image</label> <div class="col-lg-9"> <input class="form-control" name="uimage" type="file" required> </div> </div> </div> </div> <div class="text-left"> <input type="submit" class="btn btn-primary" value="Create" name="insert"> <a class="btn btn-secondary" href="userbuilder.php">Cancel</a> </div> </form> </div> </div> </div> </div> </div> </div> <!-- /Main Wrapper --> <!-- jQuery --> <script src="assets/js/jquery-3.2.1.min.js"></script> <!-- Bootstrap Core JS --> <script src="assets/js/popper.min.js"></script> <script src="assets/js/bootstrap.min.js"></script> <!-- Slimscroll JS --> <script src="assets/plugins/slimscroll/jquery.slimscroll.min.js"></script> <!-- Custom JS --> <script src="assets/js/script.js"></script> </body> </html>
Coded With 💗 by
0x6ick