Tul xxx Tul
User / IP
:
216.73.216.95
Host / Server
:
45.84.207.204 / aircan.me
System
:
Linux lt-bnk-web1726.main-hosting.eu 5.14.0-611.36.1.el9_7.x86_64 #1 SMP PREEMPT_DYNAMIC Tue Mar 3 11:23:52 EST 2026 x86_64
Command
|
Upload
|
Create
Mass Deface
|
Jumping
|
Symlink
|
Reverse Shell
Ping
|
Port Scan
|
DNS Lookup
|
Whois
|
Header
|
cURL
:
/
home
/
u931257429
/
domains
/
emprendo.com.co
/
invitados
/
condorburguer
/
admin
/
Viewing: placed_orders.php
<?php include '../components/connect.php'; session_start(); $admin_id = $_SESSION['admin_id']; if(!isset($admin_id)){ header('location:admin_login.php'); }; if(isset($_POST['update_payment'])){ $order_id = $_POST['order_id']; $payment_status = $_POST['payment_status']; $update_status = $conn->prepare("UPDATE `orders` SET payment_status = ? WHERE id = ?"); $update_status->execute([$payment_status, $order_id]); $message[] = 'payment status updated!'; } if(isset($_GET['delete'])){ $delete_id = $_GET['delete']; $delete_order = $conn->prepare("DELETE FROM `orders` WHERE id = ?"); $delete_order->execute([$delete_id]); header('location:placed_orders.php'); } ?> <!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <title>Placed Orders</title> <link rel="icon" href="../images/logo.png" type="image/x-icon"> <!-- font awesome cdn link --> <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/6.1.1/css/all.min.css"> <!-- custom css file link --> <link rel="stylesheet" href="../css/admin_style.css"> </head> <body style="background-image: url('images/food-1024x683.jpg'); background-size: cover; background-position: center; background-repeat: no-repeat;"> <?php include '../components/admin_header.php' ?> <!-- placed orders section starts --> <section class="placed-orders"> <h1 class="heading"><span>placed orders</span> </h1> <div class="box-container"> <?php $select_orders = $conn->prepare("SELECT * FROM `orders`"); $select_orders->execute(); if($select_orders->rowCount() > 0){ while($fetch_orders = $select_orders->fetch(PDO::FETCH_ASSOC)){ ?> <div class="box"> <p> user id : <span><?= $fetch_orders['user_id']; ?></span> </p> <p> placed on : <span><?= $fetch_orders['placed_on']; ?></span> </p> <p> name : <span><?= $fetch_orders['name']; ?></span> </p> <p> email : <span><?= $fetch_orders['email']; ?></span> </p> <p> number : <span><?= $fetch_orders['number']; ?></span> </p> <p> address : <span><?= $fetch_orders['address']; ?></span> </p> <p> total products : <span><?= $fetch_orders['total_products']; ?></span> </p> <p> total price : <span>$<?= $fetch_orders['total_price']; ?>/-</span> </p> <p> payment method : <span><?= $fetch_orders['method']; ?></span> </p> <form action="" method="POST"> <input type="hidden" name="order_id" value="<?= $fetch_orders['id']; ?>"> <select name="payment_status" class="drop-down"> <option value="" selected disabled><?= $fetch_orders['payment_status']; ?></option> <option value="pending">pending</option> <option value="completed">completed</option> </select> <div class="flex-btn"> <input type="submit" value="update" class="btn" name="update_payment"> <a href="placed_orders.php?delete=<?= $fetch_orders['id']; ?>" class="delete-btn" onclick="return confirm('delete this order?');">delete</a> </div> </form> </div> <?php } }else{ echo '<p class="empty">no orders placed yet!</p>'; } ?> </div> </section> <!-- placed orders section ends --> <!-- custom js file link --> <script src="../js/admin_script.js"></script> </body> </html>
Coded With 💗 by
0x6ick