АEсЙєнОLwebshll2019

Current Path : /home/webyoo/www/backup/allback/docteur-site/cv/sym/a/hanessiim/site/admin/

Current File : /home/webyoo/www/backup/allback/docteur-site/cv/sym/a/hanessiim/site/admin/insert_new_member.php

<?php
include_once "start.php";
$id_member=$_POST['id_member'];
$email=$_POST['email'];
$mdp=$_POST['mdp'];
// $first_name=$_POST['first_name'];
$last_name=$_POST['last_name'];
// $surname=$_POST['surname'];
// $address=$_POST['address'];
// $phone=$_POST['phone'];
$active=$_POST['active'];
$admin=$_POST['admin'];

$nb = 0;
$mess = "";
if($id_member!=""){ //first_name = '".$first_name."', ,`name` = '".$surname."',`address` = '".$address."',phone = '".$phone."'
	$query = mysqli_query($link,"UPDATE syna_users SET last_name = '".$last_name."',email = '".$email."',mdp = '".$mdp."',active = ".$active.",admin = ".$admin." WHERE id = '".$id_member."'");
	$row = mysqli_fetch_array($query, MYSQLI_ASSOC);
	$id_client = $id_member;
	$mess = "";
}else{
	if($email!=""){
		$sqlclient = mysqli_query($link,"SELECT * FROM syna_users where email = '".$email."'");
		$nb = mysqli_num_rows($sqlclient);
		if($nb == 0){
			//first_name = '".$first_name."', , `name` = '".$surname."', `address` = '".$address."', phone = '".$phone."'
		$query = mysqli_query($link,"INSERT INTO syna_users SET last_name = '".$last_name."',email = '".$email."',mdp = '".$mdp."', active = ".$active.", admin = ".$admin.", date_creation = NOW()");
		$row = mysqli_fetch_array($query, MYSQLI_ASSOC);
		$id_client = mysqli_insert_id($link);
		$mess = "";
		//connexion direct
		$_SESSION['user']['id'] = $id_client;
		$_SESSION['user']['name'] = $last_name;
		$_SESSION['user']['admin'] = $admin;

		}else{
			$mess = "This email address already exits!";
		}
	}
}
echo $mess;
?>

web shell, Coded By 2019