HEX
Server: Apache
System: Linux msm5694.mjhst.com 3.10.0-1160.119.1.el7.x86_64 #1 SMP Tue Jun 4 14:43:51 UTC 2024 x86_64
User: camjab_ssh (1000)
PHP: 5.3.29
Disabled: NONE
$ pwd: /home/httpd/html/tubeshemale.com/public_html/
Upload Files
File: /home/httpd/html/tubeshemale.com/public_html/edit_profile.php
<?
session_start();
include('admin/db.php');
if(!$_SESSION[userid]) {
	header("Location: /login.php");
	exit();
}

if($_POST) {
	$uniq = uniqid();
	$newpassword = mysql_real_escape_string($_POST[newpassword]); 
	$age = mysql_real_escape_string(htmlentities($_POST[age])); 
	$gender = mysql_real_escape_string(htmlentities($_POST[gender])); 
	$description = mysql_real_escape_string(htmlentities($_POST[description])); 
	$location = mysql_real_escape_string(htmlentities($_POST[location]));
	$email = mysql_real_escape_string(htmlentities($_POST[email])); 
	$custom = mysql_real_escape_string(serialize($_POST[custom])); 
	mysql_query("UPDATE users SET email = '$email', location = '$location', age = '$age', gender = '$gender', description = '$description', custom = '$custom' WHERE record_num = '$_SESSION[userid]'");
	$message = "Your information has been updated.";
	
	if($_POST[newpassword]) {
		$newpass = mysql_real_escape_string(md5($_POST[newpassword])); 
		mysql_query("UPDATE users SET password = '$newpass' WHERE record_num = '$_SESSION[userid]'");
	}
	if($_FILES[file][tmp_name]) { 
		if(filesize($_FILES[file][tmp_name]) > 51200) {
			$message = "Your avatar is too big. It can be a maximum of 50kb in GIF,JPG, or PNG format.";
		}
		else {
			$ext = explode(".",strtolower($_FILES[file][name])); 
			$ext = array_reverse($ext); 
			if($ext[0] != 'jpg' && $ext[0] != 'jpeg' && $ext[0] != 'png' && $ext[0] != 'gif') { 
				$message = "You may only upload image files.";
			}
			else {
				$filename = $uniq.'.'.$ext[0]; 
				$target = $misc_path."/".$filename;
				move_uploaded_file($_FILES[file][tmp_name],$target);
				list($width, $height, $type, $attr) = getimagesize($target);
				//if($width > $thumbwidth || $height > $thumbheight) {
				//	$message = "Your image may be a maximum of $thumbwidth"."x".$thumbheight;
				//	@unlink($target); 
				//}
				//else {
					mysql_query("UPDATE users SET avatar = '$filename' WHERE record_num = '$_SESSION[userid]'");	
					$message = "Your information has been updated.";
				//}
			}
		}
	}
}
$result = mysql_query("SELECT * FROM users WHERE record_num = '$_SESSION[userid]'");
$row = mysql_fetch_array($result); 

$custom = unserialize($row[custom]); 
$title = 'Edit Profile';
$headertitle = 'Edit Profile';
if($isMobile) {
	include($basepath.'/templates/mobile.overall_header.php');
}
else {
	include($basepath.'/templates/template.overall_header.php');
}
?>
<? if($message) { echo "<p>$message</p>"; } ?>
<form action="" method="post" enctype="multipart/form-data" name="form1" id="form1">
  <table width="560" border="0" align="left">
    <tr>
      <td width="143">Change Password</td>
      <td width="407"><input type="text" name="newpassword" id="textfield" value='' /></td>
    </tr>
    <tr>
      <td width="143">Email Address</td>
      <td width="407"><input type="text" name="email" id="textfield" value='<? echo $row[email]; ?>' /></td>
    </tr>
    <tr>
      <td width="143">Location</td>
      <td width="407"><input type="text" name="location" id="textfield" value='<? echo $row[location]; ?>' /></td>
    </tr>
    <tr>
      <td>Age</td>
      <td><select name="age" id="select" style='width: 50px;'>
   <? for($i = 18; $i < 100; $i++) {
   		if($row[age] == $i) { $selected = 'selected'; } else { $selected = ''; }
		echo "<option $selected value='$i'> $i </option>";  
	  }
	  ?>
      </select>
      </td>
    </tr>
    <tr>
      <td>Gender</td>
      <td><select name="gender" id="select2">
      	<option <? if($row[gender] == 'Male') { echo 'selected'; } ?> value='Male'>Male</option>
        <option <? if($row[gender] == 'Female') { echo 'selected'; } ?> value='Female'>Female</option>
      </select>
      </td>
    </tr>
    
<?
foreach($custom_user_fields as $k=>$v) {
?>
<tr>
      <td><? echo $k; ?></td>
      <td>
      <? if(is_array($v)) { ?>
      <select name="custom[<? echo $k; ?>]">
      		<? foreach($v as $i) { 
				if($custom[$k] == $i) { $selected = 'selected'; } else { $selected = ''; }
			?>
            <option <? echo $selected; ?>><? echo $i; ?></option>
            <? } ?>
      </select>
      <? } else { ?>
      <input type="text" name="custom[<? echo $k; ?>]" id="textfield" value='<? echo htmlentities($custom[$k]); ?>' />
      <? } ?>
      </td>
    </tr>
<? } ?>
    
    
    
    <tr>
      <td valign="top">A Bit About Yourself...</td>
      <td><textarea name="description" id="textarea" cols="45" rows="8"><? echo $row[description]; ?></textarea></td>
    </tr>
    <tr>
      <td>Upload Avatar (<? echo $thumbwidth; ?>x<? echo $thumbheight; ?>, max 50kb)</td>
      <td><input type="file" name="file" id="fileField" /></td>
    </tr>
    <? if($row[avatar] != '') { ?>
    <tr>
      <td>Current Avatar</td>
      <td align='left'><img src='<? echo $misc_url; ?>/<? echo $row[avatar]; ?>' width=<? echo $thumbwidth; ?> height=<? echo $thumbheight; ?> /></td>
    </tr>
    <? } ?>
    <tr>
      <td colspan="2" align="center"><input type="submit" name="button" id="button" value="Save" /></td>
    </tr>
  </table>
</form>
<br class="clearfloat" />
<? 
if($isMobile) {
	include($basepath.'/templates/mobile.overall_footer.php');
}
else {
	include($basepath.'/templates/template.overall_footer.php');
}
?>
@ Telegram