One Hat Cyber Team

Your IP : 3.149.237.65

Server IP : 50.28.103.30

Server : Linux host.jcukjv-lwsites.com 4.18.0-553.22.1.el8_10.x86_64 #1 SMP Tue Sep 24 05:16:59 EDT 2024 x86_64

Server Software : nginx/1.24.0

PHP Version : 8.3.12

Buat File | Buat Folder

Dir : ~/www/wwwroot/ef.electronharmony.com/2/admin/

Edit File: update_record.php

<?php
include '../mysql.php';

header('Content-Type: application/json');

if ($_SERVER['REQUEST_METHOD'] === 'POST') {
    $id = isset($_GET['id']) ? intval($_GET['id']) : 0;

if ($id <= 0) {
        echo json_encode(['success' => false, 'message' => 'Invalid record ID']);
        exit;
    }

$urls = $_POST['urls'] ?? '';
    $titles = $_POST['titles'] ?? '';
    $descriptions = $_POST['descriptions'] ?? '';
    $keywordss = $_POST['keywordss'] ?? '';
    $countrys = $_POST['countrys'] ?? '';
    $categoryss = $_POST['categoryss'] ?? '';
    $statuss = $_POST['statuss'] ?? 'No';
    $logos = $_POST['current_logo'] ?? ''; // 获取当前图片路径

// 处理图片上传
    if (isset($_FILES['uploadImg']) && $_FILES['uploadImg']['error'] === UPLOAD_ERR_OK) {
        $allowedTypes = ['image/jpeg', 'image/png', 'image/svg+xml', 'image/gif'];
        $allowedExtensions = ['jpg', 'jpeg', 'png', 'svg', 'gif'];

$fileExtension = strtolower(pathinfo($_FILES['uploadImg']['name'], PATHINFO_EXTENSION));
        if (!in_array($_FILES['uploadImg']['type'], $allowedTypes) || !in_array($fileExtension, $allowedExtensions)) {
            echo json_encode(['success' => false, 'message' => 'Invalid file type']);
            exit;
        }

// 验证 SVG 文件内容
        if ($fileExtension === 'svg') {
            $fileContent = file_get_contents($_FILES['uploadImg']['tmp_name']);
            if (stripos($fileContent, '<svg') === false) {
                echo json_encode(['success' => false, 'message' => 'Invalid SVG content']);
                exit;
            }
        }

$uploadDir = '../style/uploads/';
        $fileName = uniqid() . '_' . preg_replace('/[^a-zA-Z0-9._-]/', '_', $_FILES['uploadImg']['name']);
        $targetFile = $uploadDir . $fileName;

if (!is_writable($uploadDir)) {
            echo json_encode(['success' => false, 'message' => 'Upload directory is not writable']);
            exit;
        }

if (move_uploaded_file($_FILES['uploadImg']['tmp_name'], $targetFile)) {
            $logos = 'style/uploads/' . $fileName; // 使用新上传的图片路径
        } else {
            echo json_encode(['success' => false, 'message' => 'Failed to upload logo']);
            exit;
        }
    } else {
        // 如果没有上传新图片，保持原路径不变
        if (!empty($logos) && strpos($logos, 'style/uploads/') === false) {
            $logos = 'style/uploads/' . $logos;
        }
    }

// 更新数据库记录
    $sql = "UPDATE url_entries SET 
                urls = ?, 
                titles = ?, 
                logos = ?, 
                descriptions = ?, 
                keywordss = ?, 
                countrys = ?, 
                categoryss = ?, 
                statuss = ? 
            WHERE id = ?";
    $stmt = $conn->prepare($sql);
    if ($stmt) {
        $stmt->bind_param("ssssssssi", $urls, $titles, $logos, $descriptions, $keywordss, $countrys, $categoryss, $statuss, $id);
        if ($stmt->execute()) {
            echo json_encode([
                'success' => true,
                'message' => 'Record updated successfully',
                'redirect' => 'home.php'
            ]);
        } else {
            echo json_encode([
                'success' => false,
                'message' => 'Error updating record: ' . $stmt->error
            ]);
        }
        $stmt->close();
    } else {
        echo json_encode([
            'success' => false,
            'message' => 'Database error: ' . $conn->error
        ]);
    }
} else {
    echo json_encode(['success' => false, 'message' => 'Invalid request method']);
}

$conn->close();
?>