LittleDemon WebShell


Linux in-mum-web1499.main-hosting.eu 5.14.0-503.40.1.el9_5.x86_64 #1 SMP PREEMPT_DYNAMIC Mon May 5 06:06:04 EDT 2025 x86_64
Path : /home/u901718425/domains/cdn.urbanpillar.in/public_html/
File Upload :
Command :
Current File : /home/u901718425/domains/cdn.urbanpillar.in/public_html/uploadImage.php

<?php
include_once "conn.php";


$res = [];
if ($_POST) {
    // id is only needed for update and identify the record, so we remove it from the array
    if(!isset($_POST['f_id']) && !$_POST['is'] && !$_POST['upload_by']){
        $res[0] = 'error';
        $res[1] = 'plase fill the fileds';
    }else{
    
   
$pool = new ConnectionPool();
$connection1 = $pool->getConnection();
if ($connection1) {
    $pdo = $connection1;
}
    


    // set date and time to Indian time 
    date_default_timezone_set("Asia/Calcutta");
    $date = date("Y-m-d H:i:s");

    // add date to the array of data by default
    $_POST['date'] = $date;

    // Handle image upload
    if (isset($_FILES['image']) && $_FILES['image']['error'] == UPLOAD_ERR_OK) {
        $imagePath = uploadImage($_FILES);
        $_POST['image'] = $imagePath;
    }

    $cols = array();
    foreach ($_POST as $key => $val) {
        $cols[] = strtolower($key) . "= :$key";
    }

    // create SQL query to put keys and data to complete the query
    $set = implode(", ", $cols);
    date_default_timezone_set("Asia/Calcutta");
    $date = date_create();
    $date = date_format($date,"Y-m-d H:i:s");
    try {
        // Define the SQL query
        $insertQuery = "SELECT MAX(`id`) FROM `image`;
        SET @max_id = (SELECT MAX(`id`) FROM `image`);
        INSERT INTO `image`(`id`, `f_id`, `path`, `default`, `is`, `updated_by`, `date`) VALUES (@max_id + 1,?,?,?,?,?,?);";
        $insertStmt = $pdo->prepare($insertQuery);
        $result =  $insertStmt->execute([$_POST['f_id'], $_POST['image'], 0, $_POST['is'], $_POST['updated_by'], $date]);
        
        $lastInsertedId = $insertStmt->fetch(PDO::FETCH_ASSOC)['MAX(`id`)'] + 1;
        // You don't need to fetch results for an UPDATE query
        $res[0] = 'success';
        $res[1] =  $result;
        $res['id'] = $lastInsertedId;
    } catch (PDOException $e) {
        // Handle any connection or query errors
         $res[0] = 'error';
         $res[1] = $e;
    } finally {
        // Release the connection back to the pool
        $pool->releaseConnection($connection1);
    }
}

echo json_encode($res);
}

function convert_img_to_webp($file, $targetDir) {
    $sourceFile = pathinfo($file, PATHINFO_FILENAME);
    $outputFile = $targetDir . $sourceFile . '.webp';

    $image = @imagecreatefromstring(file_get_contents($file));

    if ($image !== false) {
        imagewebp($image, $outputFile);
        imagedestroy($image);
        return $outputFile;
    }

    return false;
}

function uploadImage($file)
{
            $filename = $_FILES['image']['name'];
            $tempPath = $_FILES['image']['tmp_name'];
            $targetDir = 'uploads/' . date('Y/m/d') . '/';
            $targetPath = $targetDir .'urbanpillar_'.$_POST['title']."_".rand()."_". basename($filename);

            // Create the directory structure if it doesn't exist
            if (!is_dir($targetDir)) {
                mkdir($targetDir, 0777, true);
            }

            // Move the file to the specified path
            move_uploaded_file($tempPath, $targetPath);

            // // Convert to WebP if it's not already
            // if (pathinfo($filename, PATHINFO_EXTENSION) != 'webp') {
            //     $targetPath = convert_img_to_webp($targetPath, $targetDir);
            // }

        return $targetPath;
}
?>

LittleDemon - FACEBOOK
[ KELUAR ]