PHP WebShell

• .. (вверх)
• [DIR] ..
• [FILE] single-walllet.php

Просмотр файла: single-walllet.php

<?php
include_once '../../includes/phpqrcode/qrlib.php';

if (isset($_GET['ussgwt'], $_GET['coin']) && !empty($userid)) {
    $wallet_id = $_GET['ussgwt'];
    $coin = strtoupper(trim($_GET['coin']));

    // Prepare the query
    $stmt = $conn->prepare("
        SELECT coin, label, wallet_add, bank_name, wallet_qr, balance 
        FROM user_wallets 
        WHERE user_id = ? AND wallet_id = ? AND coin = ?
        LIMIT 1
    ");
    $stmt->bind_param("iss", $userid, $wallet_id, $coin);
    $stmt->execute();
    $result = $stmt->get_result();

    if ($row = $result->fetch_assoc()) {
        $coin = strtoupper($row['coin']);
        $coin_label = $row['label'] ?? '';
        $wallet_address = $row['wallet_add'] ?? '';
        $bank_name = $row['bank_name'] ?? '';
        $wallet_qr = $row['wallet_qr'] ?? '';
        $wallet_balance = (float)($row['balance'] ?? 0);
    } else {
        // Handle not found case
        $coin_label = $wallet_address = '';
        $wallet_balance = 0;
    }

    //$stmt->close();
}


if (empty($wallet_qr)) {
    $wallet_address_clean = trim($wallet_address); // Use only for safe filenames

    $year = date('Y');
    $month = date('m');
    $qrDir = "../../assets/qr_codes/$year/$month";
    if (!is_dir($qrDir)) {
        mkdir($qrDir, 0755, true);
    }

    $qrFileName = "$wallet_address_clean.png";
    $qrFilePath = "$qrDir/$qrFileName";

    // Generate QR code
    QRcode::png($wallet_address, $qrFilePath); // Use original (not trimmed) in the QR content

    // Set relative path for DB
    $wallet_qr = "$year/$month/$qrFileName";

    // Now update DB using original $wallet_address
    $updateQR = $conn->prepare("UPDATE user_wallets SET wallet_qr = ? WHERE user_id = ? AND wallet_add = ? AND coin = ?");
    $updateQR->bind_param("siss", $wallet_qr, $userid, $wallet_address, $coin);
    $updateQR->execute();
    $updateQR->close();
}
$stmt->close();

?>

Выполнить команду