CasperSecurity

Current Path : /var/www/acasv2.uiet.co.in/v.2.0/api/request/library/library_item/
Upload File :
Current File : /var/www/acasv2.uiet.co.in/v.2.0/api/request/library/library_item/library_item_insert_api.php

<?php

	session_start();
	
	include '../../../../web/connection/connection.php';
	
	$connection = new createConnection();
	$connection->connect();
	
	
	$item_type = $_REQUEST['item_type'];
	$ddc_section = $_REQUEST['section'];
	$ddc_division = $_REQUEST['division'];
	$ddc_mainclass = $_REQUEST['mainclass'];
	$author1 = $_REQUEST['author1'];
	$author2 = $_REQUEST['author2'];
	$author3 = $_REQUEST['author3'];
	$author4 = $_REQUEST['author4'];
	$author5 = $_REQUEST['author5'];
	$supplier = $_REQUEST['supplier'];
	$publisher = $_REQUEST['publisher'];
	$subject = $_REQUEST['subject'];
	$branch = $_REQUEST['branch'];
	$edition = $_REQUEST['edition'];
	$title = $_REQUEST['title'];
	$year_publication = $_REQUEST['year_publication'];
	$volume = $_REQUEST['volume'];
	$item_price = $_REQUEST['item_price'];
	$rack_no = $_REQUEST['rack_no'];
	$item_quantity = $_REQUEST['item_quantity'];
	$hardcopy_softcopy = $_REQUEST['hardcopy_softcopy'];
	$softcopy_type = $_REQUEST['softcopy_type'];
	$item_softcopy = $_REQUEST['item_softcopy'];
	$can_download = $_REQUEST['can_download'];
	
	$cover_image=$_FILES['cover_image']['name'];//
	$imgtype=pathinfo($signame,PATHINFO_EXTENSION);//check image type
	$maxsize=2097152;//set maximum size for an image
	$tempname = $_FILES['cover_image']['tmp_name'];
    move_uploaded_file($tempname,"../ombudsman_appointment/grievdoc/$cover_image");
	
	$date = date('Y-m-d');
	$userId = $_SESSION['userId'];
	$is_active = 'yes';
	
	$itmselect="SELECT * FROM item_type WHERE item_type_name = '$item_type'";
	$itmquery =mysqli_query($connection->myconn, $itmselect);
	$itmresult=mysqli_fetch_assoc($itmquery);	
	$item_type_id = $itmresult['item_type_id'];
	
	
	$secselect="SELECT * FROM ddc_section WHERE ddc_section_description = '$ddc_section'";
	$secquery =mysqli_query($connection->myconn, $secselect);
	$secresult=mysqli_fetch_assoc($secquery);	
	$ddc_section_id = $secresult['ddc_section_id'];
	
	$divselect="SELECT * FROM ddc_division WHERE ddc_division_description = '$ddc_section'";
	$divquery =mysqli_query($connection->myconn, $divselect);
	$divresult=mysqli_fetch_assoc($divquery);	
	$ddc_division_id = $divresult['ddc_division_id'];
	
	
	$mainselect="SELECT * FROM ddc_mainclass WHERE ddc_mainclass_description = '$ddc_mainclass'";
	$mainquery =mysqli_query($connection->myconn, $mainselect);
	$mainresult=mysqli_fetch_assoc($mainquery);	
	$ddc_mainclass_id = $mainresult['ddc_mainclass_id'];
	
	$supselect="SELECT * FROM supplier WHERE supplier_name = '$supplier'";
	$supquery =mysqli_query($connection->myconn, $supselect);
	$supresult=mysqli_fetch_assoc($supquery);	
	$supplier_id = $supresult['supplier_id'];
	
	$subselect="SELECT * FROM subject WHERE subject_name = '$subject'";
	$subquery =mysqli_query($connection->myconn, $subselect);
	$subresult=mysqli_fetch_assoc($subquery);	
	$subject_id = $subresult['subject_id'];
	
	$brnselect="SELECT * FROM branchs WHERE branch_name = '$branch'";
	$brnquery =mysqli_query($connection->myconn, $brnselect);
	$brnresult=mysqli_fetch_assoc($brnquery);	
	$branch_id = $brnresult['branch_id'];
	
	$edselect="SELECT * FROM edition WHERE edition_name = '$edition'";
	$edquery =mysqli_query($connection->myconn, $edselect);
	$edresult=mysqli_fetch_assoc($edquery);	
	$edition_id = $edresult['edition_id'];

   
	$newInsert ="INSERT INTO  library_item(item_type_id,ddc_section_id,title,authors_id1,authors_id2,authors_id3,authors_id4,authors_id5,publisher_id,year_publication,volume,edition_id,item_price,supplier_id,rack_no,cover_image,item_quantity,subject_id,branch_id,hardcopy_softcopy,softcopy_type,item_softcopy,can_download,created_on,created_by,is_active)
		VALUES('$item_type_id','$ddc_section_id','$title','$authors_id1','$authors_id2','$authors_id3','$authors_id4','$authors_id5','$publisher_id','$year_publication','$volume','$edition_id','$item_price','$supplier_id','$rack_no','$cover_image','$item_quantity','$subject_id','$branch_id','$hardcopy_softcopy,'$softcopy_type','$item_softcopy','$can_download','$date','".(int)$userId."','$is_active')";
				
	if($newInsert == TRUE){
		
		
	$_SESSION['ERROR_MSG'] = "Success";
		$_SESSION['MSG_ALRT'] = "TRUE";
		header('location: library_item.php');
		
	
	} else {
		$_SESSION['ERROR_MSG'] = "Unsuccess";
		$_SESSION['MSG_ALRT'] = "FALSE";
		header('location: library_item.php');
	}
?>
Hacker Blog, Shell İndir, Sql İnjection, XSS Attacks, LFI Attacks, Social Hacking, Exploit Bot, Proxy Tools, Web Shell, PHP Shell, Alfa Shell İndir, Hacking Training Set, DDoS Script, Denial Of Service, Botnet, RFI Attacks, Encryption
Telegram @BIBIL_0DAY