Sunda Cyber Army


* Sunda Cyber Army 2k17 *
Indonesia Defacer ~

© | FaceBook | Youtube | ©
?? | HackersId | DefacerId | ??
?? | Website | ??
?? | Tools | ??

Path : /proc/self/cwd/
File Upload :
Current File : //proc/self/cwd/edit_files.php

<?php
if(empty($_REQUEST['id'])) {
    echo "You reached this page in error.";
    exit();
}

$host = "webdev.iyaclasses.com";
$user = "dent";
$userpw = "";
$db="dent_dvdimages";

include "../pdloginvariables.php";

$mysql = new mysqli(
    $host,
    $userid,
    $userpw,
    $db
);

if($mysql->connect_errno) {
    echo "db connection error : " . $mysql->connect_error;
    exit();
}

$recordsql = "  SELECT * FROM movieView2 " .
    " WHERE dvd_title_id=" . $_REQUEST['id'];

$genresql = ' SELECT * from genres';

$recordresults = $mysql->query($recordsql);
$recordinfo = $recordresults->fetch_assoc();

$genreresults = $mysql->query($genresql);

echo "Editing movie " . $recordinfo['title'];
?>

<form action="update_files.php" method="get">
    Title: <input type="text" name="title"
                  value="<?php echo $recordinfo['title']; ?>"/><br>
    ImageURL: <input type="text" name="imageurl" style="width: 500px"
                     value="<?php echo $recordinfo['imageurl']; ?>"/><br>

    Genre:    <select name="genre">
        <?php
        echo "<option selected='1' value='".
            $recordinfo['genre_id'] . "'>" .
            $recordinfo['genre'] . "</option>";

        while ($currentrow = $genreresults->fetch_assoc()){
            echo "<option " .
                " value='" . $currentrow['genre_id'] . "'>" .
                $currentrow['genre'] . "</option>";
        }
        ?></select><br>
    <input type="hidden"  name="id"
           value="<?php echo $recordinfo['dvd_title_id'];?>">

    <input type="submit">
</form>