JEMBOT MAWOT Bypass Shell
<?php
include_once '../php/dao/include_dao.php';
include_once './php/App.php';
session_start();
if (isset($_SESSION['sessionActive']) && $_SESSION['sessionActive'] == true) {
if (!isset($_SESSION['app'])) {
$_SESSION['app'] = new App();
$_SESSION['app']->loadInfo('accueil');
}
$app = $_SESSION['app'];
if (isset($_GET['page']) == true) {
$app->loadInfo($_GET['page']);
}
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="UTF-8">
<title>Ciné Manager - Gestion <?php echo $app->getTitre(); ?></title>
<link media="screen" rel="stylesheet" href="css/screen.css" type="text/css" />
<link href="script/jquery-ui/jquery-ui.css" rel="stylesheet">
<link href="script/jquery-ui/jquery-ui-timepicker.css" rel="stylesheet">
<script src="script/jquery-ui/external/jquery/jquery.js"></script>
<script src="script/jquery-ui/jquery-ui.js"></script>
<script src="script/jquery-ui/jquery-ui-timepicker-addon.js"></script>
<script src="script/script.js" type="text/javascript"></script>
<script>
$(document).ready(function () {
execAjax('<?php echo $app->getMenuRep() ?>', '#menuObj', '', 0);
execAjax('<?php echo $app->getContentRep() ?>', '#content', '', 0);
});
</script>
<link rel="icon" href="images/favicon.png" type="image/x-icon" />
<link rel="shortcut icon" href="images/favicon.png" type="image/x-icon" />
</head>
<body>
<div id="wrapper">
<div id="banner">
<img src="images/logo.png"/> <div>Ciné Manager</div>
</div>
<div id="menu">
<button id="button" onclick="affichMenu();">MENU</button>
<div id="nav" >
<ul>
<li><a href="?page=genre"><img src="images/genre.png"/></a> <a href="?page=genre"> Gestion des genres</a></li>
<li><a href="?page=film"><img src="images/film.png"/></a> <a href="?page=film"> Gestion des films</a></li>
<li><a href="login.php?op=logout"><img src="images/quitter.png"/></a> <a href="login.php?op=logout"> Déconnexion</a></li>
</ul>
</div>
<div id="menuObj"></div>
</div>
<div id="content">
</div>
</div>
<script>
$("#button").button();
$("#nav").hide();
function affichMenu() {
if ($("#nav").is(":visible")) {
$("#nav").toggle("fade");
} else {
$("#nav").toggle("fade");
}
}
// $("button").click(function () {
// $.ajax({
// type: 'POST',
// data: {
// username: 'OyoKooN', // Les donnees que l'on souhaite envoyer au serveur au format JSON
// age: 19,
// admin: true
// },
// url: "example.php",
// success: function (result) {
// $("#content").html(result);
// }
// });
// });
</script>
</body>
</html>
<?php
} else {
header('Location: login.php');
}
?>
xxxxx1.0, XXX xxxx