HEX
Server: Apache
System: Linux msm5694.mjhst.com 3.10.0-1160.119.1.el7.x86_64 #1 SMP Tue Jun 4 14:43:51 UTC 2024 x86_64
User: camjab_ssh (1000)
PHP: 5.3.29
Disabled: NONE
$ pwd: /home/httpd/html/porn.tw/public_html/billers/
Upload Files
File: /home/httpd/html/porn.tw/public_html/billers/verotel_rum.php
<?
include('../admin/db.php');
//echo crypt('test', base64_encode('test'));
if(!$verotelPostbackEnabled) { 
	exit("Please enable Verotel postback in script configuration"); 
}
$SUCCESS = 'APPROVED';
$FAILURE = 'ERROR';
$log = mysqli_real_escape_string($dblink,print_r($_REQUEST,true));
dbQuery("INSERT INTO biller_log SET `date` = NOW(), biller = 'Verotel', ip = '".$_SERVER['REMOTE_ADDR']."', data = '$log'");

$_REQUEST = mysql_real_escape_array($_REQUEST); 

if($_REQUEST['trn'] == 'add' || $_REQUEST['trn'] == 'modify') {
	$result = mysqli_query($dblink,"SELECT * FROM users WHERE username = '$_REQUEST[usercode]'");
	if(mysqli_num_rows($result) > 0) {
		if(mysqli_query($dblink,"UPDATE users SET premium = 1, password = md5('$_POST[passcode]'), salt = '' WHERE username = '$_REQUEST[usercode]'")) {
			echo $SUCCESS;
		}
		else {
			echo $FAILURE;
		}
	}
	else {
		if(mysqli_query($dblink,"INSERT INTO users (username, password, premium) VALUES ('$_REQUEST[usercode]', md5('$_REQUEST[passcode]'),1)")) {
			echo $SUCCESS;		
		}
		else {
			echo $FAILURE;
		}
	}
} elseif($_REQUEST['trn'] == 'REMOVE') {
	if(mysqli_query($dblink,"DELETE FROM users username = '$_REQUEST[usercode]'")) {
		echo $SUCCESS;
	}
	else {
		echo $FAILURE;
	}
} else { 
	echo $SUCCESS; //default to success message so we don't throw errors on other functions we aren't using here.
}
?>
@ Telegram