!C99Shell v. 2.0 [PHP 7 Update] [25.02.2019]!

Software: nginx/1.18.0. PHP/7.4.29 

uname -a: Linux ip-172-31-23-220 5.15.0-1084-aws #91~20.04.1-Ubuntu SMP Fri May 2 07:00:04 UTC 2025
aarch64 

uid=33(www-data) gid=33(www-data) groups=33(www-data) 

Safe-mode: OFF (not secure)

/var/www/html/   drwxr-xr-x
Free 39.75 GB of 48.28 GB (82.35%)
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     log_action1.php (6.71 KB)      -rw-rw-r--
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
<?php
require 'connection.php';
session_start();


if ($_REQUEST["password"]) {

    $phone $_POST["email"];
    $new_password $_POST["password"];
    //$uid = $_SESSION['usr_id'];

    $sql "select * from user_details where phone='$phone' AND new_password='$new_password'";
    $result $con->query($sql);
    $count $result->num_rows;


    if ($count 0) {

        while ($row $result->fetch_assoc()) {

            $_SESSION['user_id'] = $row['user_id'];
            $_SESSION['user_name'] = $row['name'];

           // echo 1;

$sq="select * from student_reg where user_id='$uid'";
$resultsq=$con->query($sq);
$rowsql=$resultsq->fetch_assoc();
if($rowsql!=''){
    //echo 1;
    $pkgid=$_SESSION['package_id'];
    if($pkgid!='')
    {
        $pkgid=$_SESSION['package_id'];
        
         header("location:https://www.srishticampus.com/enroll.php?id=".$pkgid);
    }
    else
    {
        header("location:dashboard.php"); 
    }
   
    
}
else if($rowsql==''){
    //echo 2;
    
    header("location:https://srishticampus.com/signup-new-login.php");
    // header("location:index.php");
}
$pkgid=$_SESSION['package_id'];
            //header("location:dashboard.php");
                if($pkgid!='')
                {
                    $pkgid=$_SESSION['package_id'];
                    
                     header("location:https://www.srishticampus.com/enroll.php?id=".$pkgid);
                }
                else
                {
                    header("location:dashboard.php"); 
                }
        }
    } else {
       // echo 0;

        $failed "Something went wrong!";
        header("location:index.php?failed=".$failed);
    }
}


if ($_REQUEST["login_otp"]) {

    $login_otp $_POST["login_otp"];
    $uid $_SESSION['usr_id'];

    $sql "select * from user_details where otp='$login_otp' AND user_id='$uid'";
    $result $con->query($sql);
    $count $result->num_rows;


    if ($count 0) {

        while ($row $result->fetch_assoc()) {

            $_SESSION['user_id'] = $row['user_id'];
            $_SESSION['user_name'] = $row['name'];

           // echo 1;

$sq="select * from student_reg where user_id='$uid'";
$resultsq=$con->query($sq);
$rowsql=$resultsq->fetch_assoc();
if($rowsql!=''){
    //echo 1;
    $pkgid=$_SESSION['package_id'];
    if($pkgid!='')
    {
        $pkgid=$_SESSION['package_id'];
        
         header("location:https://www.srishticampus.com/enroll.php?id=".$pkgid);
    }
    else
    {
        header("location:dashboard.php"); 
    }
   
    
}
else if($rowsql==''){
    //echo 2;
    
    header("location:https://srishticampus.com/signup-new-login.php");
    // header("location:index.php");
}
$pkgid=$_SESSION['package_id'];
            //header("location:dashboard.php");
                if($pkgid!='')
                {
                    $pkgid=$_SESSION['package_id'];
                    
                     header("location:https://www.srishticampus.com/enroll.php?id=".$pkgid);
                }
                else
                {
                    header("location:dashboard.php"); 
                }
        }
    } else {
       // echo 0;

        $failed "Something went wrong!";
        header("location:index.php?failed=".$failed);
    }
}

if ($_POST["email"]) {


    $email $_POST["email"];

    $emailPattern '/^[_a-z0-9-]+(\.[_a-z0-9-]+)*@[a-z0-9-]+(\.[a-z0-9-]+)*(\.[a-z]{2,4})$/';
    $mobilePattern "/^[6-9][0-9]{9}$/";
    if (preg_match($emailPattern$email)) {
        $type "email";
    } else if (preg_match($mobilePattern$email)) {
        $type "phone";
    } else {
        $type "invalid";
    }
    if ($type == "email" || $type == "phone") {
        if ($type == "phone") {
            $sql "select * from user_details where phone='$email' ";
        } else {
            $sql "select * from user_details where email='$email' ";
        }
        //$sql="select * from user_details where email='$email' AND status='1'";

        $result $con->query($sql);
        $count $result->num_rows;
        if ($count 0) {

            //otp generation
            $otp rand(100000999999);
            if ($type == "phone") {
                $update "update user_details set otp='$otp' where phone='$email'";
            } else {
                $update "update user_details set otp='$otp' where email='$email'";
            }
            $con->query($update);

            while ($row $result->fetch_assoc()) {
                $name $row['name'];
                $_SESSION['usr_id'] = $row['user_id'];
                //sending mail
                if ($type == "email") {
                    $to $email;
                    

                    $from_email "srishticampusteam@gmail.com";
                    //$from_email = "srishticampusteam@srishtis.com";

                    $subject 'Srishti Campus OTP for Login';
                    $title 'Welcome to Srishti Campus!';

                    $message 'Dear ' $name ',<br><br><p> Please use this OTP to login to your Srishti Campus account.</p>
          <p>OTP : ' $otp '</p><br><br>
          <p> This is a system generated email, please do not reply back to this email. For more questions please contact us in srishticampusteam@srishtis.com</p>
            Thanks,<br>Team Srishti Campus';

                    $headers "MIME-Version: 1.0" "\r\n";
                    $headers .= "Content-type:text/html;charset=UTF-8" "\r\n";

                    // More headers
                    $headers .= 'From: <srishticampusteam@gmail.com>' "\r\n";

                    mail($to$subject$message$headers);
                     echo 11;
                } else {
                    $message='Dear '.$name.', Please use OTP '.$otp.' to login to your Srishti Campus account. This OTP can be used only once. Please DO NOT disclose it with anyone.';
                    send_otp_sms($email,$message,'signin');
                    // echo 1;
                    header("location:tst_login2.php");
                }
            }
        } else {

            $sql "DELETE FROM `user_details` WHERE `email`='$email' AND `status`='0'";
            $con->query($sql);
            $failed="User Not Exist";
            //echo 2;
            //header("location:index.php");
            header("location:https://srishticampus.com/signup-new-login.php?failed=".$failed);
        }
    } else {
       // echo 3;
        $failed="User Not Exist";
        header("location:https://srishticampus.com/signup-new-login.php?failed=".$failed);
        //header("location:index.php");
    }
}
?>

:: Command execute ::

Enter:
 
Select:
 

:: Search ::
  - regexp 
:: Upload ::
 
[ Read-Only ]

:: Make Dir ::
 
[ Read-Only ]
:: Make File ::
 
[ Read-Only ]

:: Go Dir ::
 
:: Go File ::
 

--[ c99shell v. 2.0 [PHP 7 Update] [25.02.2019] maintained by KaizenLouie | C99Shell Github | Generation time: 0.0064 ]--