403Webshell
Server IP : 109.234.162.214  /  Your IP : 216.73.216.222
Web Server : Apache
System : Linux servd162214.srv.odns.fr 4.18.0-372.26.1.lve.1.el8.x86_64 #1 SMP Fri Sep 16 14:08:19 EDT 2022 x86_64
User : carpe ( 1178)
PHP Version : 8.0.30
Disable Function : NONE
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /home/carpe/public_html/space/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /home/carpe/public_html/space/inserer.php
<?php

session_start();
ob_start();

include "database.php";

if (!isset($_SESSION['authenticated']) || $_SESSION['authenticated'] !== true) {
        header('Location: check.php');
}else{
        $username = $_SESSION['username'];
        //echo "Nom d'utilisateur : $username <br>";
}
if (isset($_SESSION['admin'])) {
        echo "<div id='switch'><a href='reservations.php'>Admin</a></div>";
}
echo "<div id='deco'><form method='POST' action='check.php'><input type='submit' name='decoo' value='Deconnexion'></form></div>";

if(isset($_POST['decoo'])){
    session_destroy();
}

if(isset($_POST['lastsend'])){
         header('Location: home3.php');
    
    $_SESSION['suceed'] = "Réservation effectuée avec succes !";
    
}



?>
<!DOCTYPE html>
<html>
<head>
	<meta charset="utf-8">
	<meta name="viewport" content="width=device-width, initial-scale=1">
	<title>Outer Space </title>
	<link rel="preconnect" href="https://fonts.googleapis.com">
<link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
<link href="https://fonts.googleapis.com/css2?family=Poppins:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap" rel="stylesheet">
</head>
<style>
body{
    margin:0;
    padding:0;
    background-color:#121214;
    
    width:100%;
    height:80vh;
    color:white;
    font-family: "Poppins", sans-serif;
    font-weight: 400;
    font-style: normal;
    display:flex;
    justify-content:center;
    align-items:center;
    flex-wrap:wrap;
}
.space{
    width:600px;
}


#deco{
    position:absolute;
    z-index:999;
    bottom:0;
    background:#121214;

    color:white;
    box-shadow: -3px 3px 7px black;
    cursor:pointer;
    right:0;
}
#deco input{
    text-decoration:none;
    color:white;
    background:none;
    border:none;
    font-size:1rem;
    padding:10px;
    cursor:pointer;
}

.centrer{
    width:100%;
    text-align:center;
}

h1{
    font-size:4rem;
    width:100%;
    text-align:center;
}

form{
    width:100%;
    display:flex;
    justify-content:center;
    align-items:center;
}

form input{
    margin:20px;
}

#retour{
    position:absolute;
    bottom:0;
    left:0;
    margin:50px;
    cursor:pointer;
}


a{
    text-decoration:none;
    color:white;
}

#switch{
    position:absolute;
    z-index:999;
    top:0;
    background:#121214;
    padding:10px;
    color:white;
    box-shadow: -3px 3px 7px black;
    cursor:pointer;
    right:0;
}

#buy{
    margin-left:20px;
}

</style>
<body>
    <h1>Bienvenu dans <?php
        $oui = $_POST['id_vaisseau'];
        $k = "select * from vaisseaux where id_vaisseau = $oui ";
        $result_k = $mysqli->query($k);
        while ($infos_k = $result_k->fetch_assoc()) {
            echo $infos_k['nom_vaisseau'];
        }
    ?></h1>
    <?php

            $oui = $_POST['id_vaisseau'];
            $non = $_POST['id_trajet'];
            //echo $oui;
            //echo $non;
            $p = "select * from places where id_vaisseau = $oui AND id_place NOT IN(select id_place from pr)";
            $result_p = $mysqli->query($p);
            echo "<img src='vaisseau". $oui .".png' class  ='space'>";
            echo "<h2 class='centrer'>Choississez votre place</h2>";
            echo "<form method='POST' action='inserer.php'>
            <input type='hidden' name='id_vaisseau' value='$oui'>
            <input type='hidden' name='id_trajet' value='$non'>
            <select name='place'>";
            while ($infos_p = $result_p->fetch_assoc()) {
                echo "<option value='".$infos_p['id_place']."'>Place n°".$infos_p['num_place']." Type : ". $infos_p['type']." classe</option>";
                 //echo "<input type='hidden' name='type' value='".$infos_p['type']."'>";
                 //echo "heyeyyyy";
            }
            echo "</select><input type='submit' name='send6' value='Choisir'></form>";


    
    
    ?>
    <h2 id ="retour"><a href="home3.php">Retour</a></h2>
</body>
</html>

<?php

if(isset($_POST['send6'])){
    
    $id_place= $_POST['place'];
    
    $c = "select * from places where id_place = '$id_place'";
    $result_c = $mysqli->query($c);
    while ($infos_c = $result_c->fetch_assoc()) {
        $type = $infos_c['type'];
    }
    
    $o = "select id_client from clients where mail = '$username'";
    $result_o = $mysqli->query($o);
    while ($infos_o = $result_o->fetch_assoc()) {
        $ok= $infos_o['id_client'];
    }
    //echo "Reservation Réussie";
    $date = date("Y-m-d");
    $prix2 = "select * from trajets where id_trajet = $oui ";
    $result_prix = $mysqli->query($prix2);
    while ($infos_prix = $result_prix->fetch_assoc()) {
        $duree = $infos_prix['duree'];
    }
    
    if($type=='premiere'){
        $prix = 100;
    }
    if($type=='seconde'){
        $prix = 80;
    }
    
    echo "Payer ";
    echo $prix;
    echo " euros ?";
    echo "<form method='POST' action='inserer.php'>
    <input type='submit' name='lastsend' value='Payer'>
    </form>";
    
    
    $a = "INSERT INTO `reservations`(`id_client`, `date`, `id_vaisseau`, `id_trajet`, `prix`) VALUES ('$ok','$date','$oui','$non','$prix')";
    $result_a = $mysqli->query($a);
    

    
    $r = "INSERT INTO `pr`(`id_place`) VALUES ('$id_place')";
    $result_r = $mysqli->query($r);
    

    
   
    

}




?>

Youez - 2016 - github.com/yon3zu
LinuXploit