ACC SHELL

Path : /srv/www/vhosts/vaszahradnik/old/
File Upload :
Current File : /srv/www/vhosts/vaszahradnik/old/editpage.php

<?php

$user=$_COOKIE["jwv_user_login"];
$pass=$_COOKIE["jwv_user_password"];


#$user=$HTTP_COOKIE_VARS['JWV_user'][login];
#$pass=$HTTP_COOKIE_VARS['JWV_user'][password];
define ("USER", $user);
define ("PASSWORD", $pass);
  #echo $user.':'.$pass.'<br>';

define ("SERVER", "localhost");
define ("DBNAME", "vaszahradnikcom");

$ttl=130;
setcookie ("jwv_user_login",$user,time()+$ttl*60);
setcookie ("jwv_user_password",$pass,time()+$ttl*60);


$link=mysql_connect(SERVER,USER,PASSWORD,DBNAME);
if (!$link) {echo 'Please re-login'; die;}

MySQL_Select_DB("JWV");
mysql_query("SET NAMES 'cp1250'");



function get_data($var_name) {
    global $$var_name;
    $raw = $GLOBALS['HTTP_RAW_POST_DATA'];
    $pairs = explode('(_|_)',$raw);

    for($i=0;$i<sizeof($pairs);$i++) {
             $unencoded = urldecode($pairs[$i]);
          if (strstr($unencoded,$var_name)) $$var_name=substr($unencoded,strpos($unencoded,"=")+1);



    }

}

get_data('n');
get_data('header');
get_data('content');
get_data('hid');




function decode($string)
{
$res=$string;
 $res=str_replace("%u011B","",$res);
 $res=str_replace("%u011A","",$res);
 $res=str_replace("%u0161","",$res);
 $res=str_replace("%u0160","",$res);
 $res=str_replace("/","\/",$res);


 $res=str_replace("%u010D","",$res);
 $res=str_replace("%u010C","",$res);
 $res=str_replace("%u0159","",$res);
 $res=str_replace("%u0158","",$res);
 $res=str_replace("%u017E","",$res);
 $res=str_replace("%u017D","",$res);
 $res=str_replace("%u016F","",$res);
 $res=str_replace("%u016E","",$res);
 $res=str_replace("%u010F","",$res);
 $res=str_replace("%u010E","",$res);
 $res=str_replace("%u0165","",$res);
 $res=str_replace("%u0164","",$res);
 $res=str_replace("%u0148","",$res);
 $res=str_replace("%u0147","",$res);
 $res=str_replace("'","\'",$res);


 return $res;
}




$query="UPDATE vaszahradnikcom.structure SET  Content='".decode($content)."', Header='".decode($header)."', Shows ='".(($hid=='true')?'N':'Y')."'   WHERE N='".$n."';";



#echo $GLOBALS['HTTP_RAW_POST_DATA'];
#$query="select top 1 with ties * from table1";

$seznam=mysql_query($query);
#echo decode($content);
#echo mysql_Error();





#header('Location:addpage.php?n=10');


?>

ACC SHELL 2018