[ Avaa Bypassed ]

Upload:

Command:

hmhc3928@3.144.110.15: ~ $ 
<?php

class MyDB extends SQLite3{
  function __construct(){
    $this->open('resources.db');
  }
}


    $db = new MyDB();
    $deleted = false;
    $OK = false;

    // if confirm deletion button has been clicked, delete record
    if (isset($_POST['delete'])) {
        $sql = 'DELETE FROM resources WHERE ID = :id';
        $stmt = $db->prepare($sql);
        $stmt->bindParam(':id', $id);
        $id = $_GET['id'];
        $stmt->execute();

        if ($db->changes() > 0) {
          $deleted = true;
        } else {
            $error = 'There was a problem deleting the record. '; 
        }
    }

    if (isset($_POST['cancel_delete']))  {
      header("Location: http://".$_SERVER['HTTP_HOST']."/admin/links/#".$_POST['id']);
      exit;
    }
    if ($deleted || !isset($_GET['id']))  {
      header("Location: http://".$_SERVER['HTTP_HOST']."/admin/links/");
      exit;
    }
    // if any SQL query fails, display error message
    if (isset($stmt) && !$OK && !$deleted) {
      $error .= $stmt->error;
    }

?>

<!DOCTYPE html>
<html>
<head>
    <title>Delete Link | Links | Admin | The Family &amp; Community Resource Centre</title>
  <meta name="keywords" content="" />
  <meta name="description" content="" />
  <?php require_once($_SERVER['DOCUMENT_ROOT'].'/require/head.php');?>
  <link href="//maxcdn.bootstrapcdn.com/bootstrap/3.1.1/css/bootstrap.min.css" rel="stylesheet">

  <style>
    th{
      text-align: left;
    }

    h5 {
      margin: 0;
      padding: 0;
    }
    span.buttons{
      float: right;
    }
    .pagination li{
      margin: 0;
      padding: 0;
    }

    form .btn {
        margin-top:24px;
    } 

  </style>
</head>

<body>

<div class="wrapper">

  <?php require_once($_SERVER['DOCUMENT_ROOT'].'/require/header.php');?>

  <section class="middle">
    
    <article style="width:100%;">
      <h2>FCRC Links</h2>
      <h3>Delete Link</h3>
                <hr>    

<p class="warning">Please confirm that you want to delete the following item. This action cannot be undone.</p>
<form id="form" method="post" action="">
    <p>
  <?php if(isset($_GET['id'])) { ?>
      <input type="submit" name="delete" value="Confirm Deletion" class="btn btn-success">
  <?php } ?>
      <input name="cancel_delete" type="submit" id="cancel_delete" value="Cancel" class="btn btn-warning">
  <?php if(isset($_GET['id'])) { ?>
      <input name="id" type="hidden" value="<?php echo $_GET['id']; ?>">
  <?php } ?>
    </p>
</form>

<?php
 $sql = "SELECT * from resources WHERE ID = :id";
      $stmt = $db->prepare($sql);
      $stmt->bindParam(':id', $id);
      $id = $_GET['id'];

  $ret = $stmt->execute();
    while($row = $ret->fetchArray(SQLITE3_ASSOC) ){  
      echo '<table class="table table-bordered table-condensed">';
      echo '<tr>';
      echo '  <th colspan="2" >'.$row['section'].($row['category'] !=NULL? ' / '.$row['category'] : '').($row['topic'] !=NULL? ' / '.$row['topic'] : '').'</th>';
      echo '<tr>';
      echo '    <td style="width: 60%;"><h5><small>Title</small></h5>'.($row['title'] !=NULL? $row['title'] : 'None').'</td>';
      echo '    <td style="width: 40%;"><h5><small>Organization</small></h5>'.($row['organization'] !=NULL? $row['organization'] : 'None').'</td>';
      echo '</tr>';
      echo '<tr>';
      echo '    <td><h5><small>URL</small></h5>'.($row['link'] !=NULL? $row['link'] : 'None').'</td>';
      echo '    <td><h5><small>Phone</small></h5>'.($row['phone'] !=NULL? $row['phone'] : 'None').'</td>';
      echo '</tr>';
      echo '<tr>';
      echo '    <td colspan="2"><h5><small>Description</small></h5>'.($row['description'] !=NULL? $row['description'] : 'None').'</td>';
      echo '</tr>';
      echo '<tr>';
      echo '    <td><h5><small>Documents</small></h5>';
        if($row['document one title'] != NULL || $row['document one link'] != NULL){
          echo '<div>'.$row['document one title'].' - '.$row['document one link'].'</div>';
        }
        if($row['document two title'] != NULL || $row['document two link'] != NULL){
          echo '<div>'.$row['document two title'].' - '.$row['document two link'].'</div>';
        }
        if($row['document three title'] != NULL || $row['document three link'] != NULL){
          echo '<div>'.$row['document three title'].' - '.$row['document three link'].'</div>';
        }
        if($row['document one title'] == NULL && $row['document one link'] == NULL && $row['document two title'] == NULL && $row['document two link'] == NULL && $row['document three title'] == NULL || $row['document three link'] == NULL){
          echo '<div>None</div>';
        }
      echo '</td>';
      echo '    <td><h5><small>Dates</small></h5>Created:'.date("y-m-d h:i:s A", $row['created']).'<br>Modified:'.date("y-m-d h:i:s A", $row['modified']).'</td>';
      echo '</tr>';
      echo '</table>';
    }

   
  
  $db->close();
?>




    </article>
  </section><!-- #middle-->



</div><!-- #wrapper --> 
 
<?php require_once $_SERVER['DOCUMENT_ROOT'].'/require/footer.php';?>

Filemanager

DIR : / home/ hmhc3928/ public_html_community/ admin/ links/
Name Type Size Permission Actions
css Folder 0755
js Folder 0755
php Folder 0755
add.php File 7.39 KB 0644
delete.php File 4.91 KB 0644
edit.php File 8.31 KB 0644
index.php File 16.47 KB 0644
resources.db File 194 KB 0644