Tn Jones Shell Bypass
:
3.139.87.39
:
160.187.54.56 / upgov.net
:
Linux 160-187-54-56.cprapid.com 4.18.0-553.22.1.lve.1.el7h.x86_64 #1 SMP Tue Oct 8 14:36:03 UTC 2024 x86_64
:
/
home
/
upgov
/
www
/
rmpyrll
/
Upload File:
files >> /home/upgov/www/rmpyrll/admin_billupload_next.php
<?php date_default_timezone_set("Asia/Kolkata"); ?> <?php include("connection.php"); session_start(); if (!isset($_SESSION['user']) || ($_SESSION['password'] == '')) { header("location:payrolLogin/ramalogin.php"); exit(); } if(isset($_SESSION['user'])) { $username=$_SESSION['user']; } $user_query = mysql_query("SELECT * FROM loginrama where user='$username' ")or die(mysql_error()); $user_row = mysql_fetch_array($user_query); $username = $user_row['user']; ?> <?php include("connection.php"); $msg=""; if(isset($_REQUEST['submit'])) { $dept=$_REQUEST['dept1']; $sche=$_REQUEST['sche1']; $hos=$_REQUEST['host1']; $district=$_REQUEST['dist1']; $month=$_REQUEST['month1']; $filedate=date("d-m-y,h:i:s"); $hvalue=$_REQUEST['idd']; $bill_invoice=$_REQUEST['bill_invoice']; $bill_wages=$_REQUEST['bill_wages']; $bill_sc=$_REQUEST['bill_sc']; $bill_st=$_REQUEST['bill_st']; $bill_amt=$_REQUEST['bill_amt']; $bill_date=$_REQUEST['mm'].'/'.$_REQUEST['dd'].'/'.$_REQUEST['yy']; $sql=mysql_query("UPDATE invoice_1219 SET wages='$bill_wages',service_charge='$bill_sc',gst='$bill_st',g_total='$bill_amt' WHERE bill_id='$bill_invoice'"); $sql1=mysql_query("insert into payment_table_temp(department,scheme,sub_loc,district,month,bill_amt,bill_date,text1,text2,text3,text4,text5,text6) values ('$dept','$sche','$hos','$district','$month','$bill_amt','$bill_date','$text1','$text2','$text3','$text4','$text5','$text6');")or die("Exist in our Record<br>insert into payment_table_temp(department,scheme,sub_loc,district,month,bill_amt,bill_date,text1,text2,text3,text4,text5,text6) values ('$dept','$sche','$hos','$district','$month','$bill_amt','$bill_date','$text1','$text2','$text3','$text4','$text5','$text6')"); $sq=mysql_query("select * from health where department LIKE '$dept' and scheme LIKE '$sche' and district LIKE '$district' AND hospital='$hos' and month LIKE '$month' and bill <> '' and bill is not null")or die("Details already Exist in our Record"); $r = mysql_fetch_array($sq); $a1=$r['department']; $a=$r['scheme']; $b=$r['district']; $c=$r['month']; $d=$r['bill']; if(mysql_num_rows($sq)>0) { $msg="<font color='red'>ALready Uploaded BILL in this Month</font><img src='$d'/ width='200' height='100'>]"; } else { $uploadDir = 'document/'; $image_name = time()."-".$month; $extension = end(explode(".", $_FILES["bill"]["name"])); if ($_FILES["bill"]["error"] > 0){ echo "" . $_FILES["bill"]["error"]; }else{ $bill= $uploadDir . $image_name . $_FILES["bill"]["name"]; move_uploaded_file($_FILES["bill"]["tmp_name"], $bill); } ////////////email process $Email_Id=$_REQUEST['email']; $office=$_REQUEST['officeno']; $headers .= 'From: <account@ramaipl.com>' . "\r\n"; $headers .= 'Cc: account@ramaipl.com' . "\r\n"; $emailSubject = "$sche Bill $month"; //Sender ID,While using route4 sender id should be 6 characters long. $emailContent = "Dear Sir/ Ma'am\r\n This is to inform you that bill has been uploaded for the month of $month.\r\nPlease visit http://ramapayroll.upgov.net and find the bill.\r\n \r\n We request you to forward the process for payment.\r\n \r\n Thank & Regards \r\n Rama Infotech Pvt ltd Lucknow "; //$infor1 = " नमस्कार सर / मैडम , \r\n \r\n रामा इंफोटेक की ओर से कार्यरत संविदा कर्मियों की माह $month का बिल हमारे वेब पोर्टल http://ramapayroll.upgov.net से प्राप्त कर लें |\r\n कृपया बिल के अनुसार भुगतान की प्रक्रिया को आगे बढ़ायें \r\n बिल प्राप्त करने के लिए दी गई लिंक पर क्लिक करें http://ramapayroll.upgov.net \r\n बिल से सम्बंधित समस्या हेतु $office पर संपर्क करें "; //$encoded_text1 = mb_convert_encoding($infor1, "UTF-8", "UTF-8"); //$emailContent=urlencode($encoded_text1); mail($Email_Id,$emailSubject, $headers ,$emailContent); ////////////////////////////////sms process if($sql=mysql_query("update health SET bill='$bill',billformdate='$filedate' where department='$dept' and scheme='$sche' and district='$district' AND hospital='$hos' and month='$month'")) { echo "<script>"; echo "location.href='admin_billreport.php'"; echo "</script>"; $mobileNumber = $_REQUEST['mo1']; $mobileNumber1 = $_REQUEST['mo2']; $senderId = "BE-RAMAIT"; //$otp_code = strtoupper(bin2hex(openssl_random_pseudo_bytes(3))); // generate OTP PIN. //Your message to send, Add URL encoding here. //$infor = " नमस्कार,\r\n \r\n रामा इंफोटेक की ओर से कार्यरत संविदा कर्मियों की माह $month का बिल हमारे वेब पोर्टल http://ramapayroll.upgov.net से प्राप्त कर कृपया भुगतान की प्रक्रिया को आगे बढ़ाए | धन्यवाद"; //$encoded_text = mb_convert_encoding($infor, "UTF-8", "auto"); $message = urlencode("Dear sir/ma'am \r\n Bill has been uploaded for the month of $month.\r\n Please visit http://ramapayroll.upgov.net to find the bill and forward the process for payment.\r\n\r\n Rama Infotech Pvt Ltd lucknow."); //Define route //Prepare you post parameters $postData = array( 'mobiles' => $mobileNumber, 'mobiles' => $mobileNumber1, 'message' => $message, 'sender' => $senderId, ); //API URL $url="http://103.16.143.17/api/swsend.asp?username=ramainfo&password=rama@32123&sender=BE-RAMAIT&sendto=91$mobileNumber,91$mobileNumber1&message=$message"; // init the resource $ch = curl_init(); curl_setopt_array($ch, array( CURLOPT_URL => $url, CURLOPT_RETURNTRANSFER => true, CURLOPT_POST => true, CURLOPT_POSTFIELDS => $postData //,CURLOPT_FOLLOWLOCATION => true )); //Ignore SSL certificate verification curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); //get response $output = curl_exec($ch); //Print error if any if(curl_errno($ch)) { echo 'error:' . curl_error($ch); } curl_close($ch); echo $output; $msg="<font color='navy'>Record saved</font>"; } else { $msg="ALready exist in record"; } } } ?> <!DOCTYPE html> <html> <head> <title>Payroll</title> <link href="css/bootstrap.css" rel='stylesheet' type='text/css'/> <!-- jQuery (necessary for Bootstrap's JavaScript plugins) --> <script src="js/jquery.min.js"></script> <meta name="viewport" content="width=device-width, initial-scale=1"> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <meta name="keywords" content="Payroll Responsive web template, Bootstrap Web Templates, Flat Web Templates, Andriod Compatible web template, Smartphone Compatible web template, free webdesigns for Nokia, Samsung, LG, SonyErricsson, Motorola web design" /> <script type="application/x-javascript"> addEventListener("load", function() { setTimeout(hideURLbar, 0); }, false); function hideURLbar(){ window.scrollTo(0,1); } </script> <link rel="stylesheet" href="css/flexslider.css" type="text/css" media="screen" /> <link href="css/style.css" rel="stylesheet" type="text/css" media="all" /> <!---- start-smoth-scrolling----> <script type="text/javascript" src="js/move-top.js"></script> <script type="text/javascript" src="js/easing.js"></script> <script src="js/jquery.easydropdown.js"></script> <script src="js/cbpViewModeSwitch.js" type="text/javascript"></script> <script> function ValidateFileUpload() { var fuData = document.getElementById('bill'); var FileUploadPath = fuData.value; if (FileUploadPath == '') { alert("Please upload an image"); } else { var Extension = FileUploadPath.substring(FileUploadPath.lastIndexOf('.') + 1).toLowerCase(); if (Extension == "gif" || Extension == "png" || Extension == "bmp" || Extension == "jpeg" || Extension == "jpg" || Extension == "pdf") { if (fuData.files && fuData.files[0]) { var size = fuData.files[0].size; if(size >= 2000000) { alert("Maximum file 800 Kb width (1000 pixel) * height (1000pixel)"); document.getElementById('bill').value=""; document.getElementById('bill').focus(); return; }else{ var reader = new FileReader(); reader.onload = function(e) { $('#blah').attr('src', e.target.result); } reader.readAsDataURL(fuData.files[0]); } } } else { alert("Photo only allows file types of GIF, PNG, JPG, JPEG and BMP and PDF. "); document.getElementById('bill').value=""; document.getElementById('bill').focus(); } } } function billprocess() { var wages=parseInt(document.getElementById("bill_wages").value); var sertext=Math.round((wages/100)*18); var X=Math.round((sertext)+(wages)); document.getElementById("bill_st").value=sertext; document.getElementById("bill_amt").value=X; } </script> </head> <body> <div class="header"> <div class="container"> <div class="logo"> <a href="index.html"><img src="images/logo.png" alt=""/></a> </div> <div class="top-menu"> <span class="menu"> </span> </div> <div id="sb-search" class="sb-search"> <h4 align="right"><a href="logout.php"><img src="images/logout.jpg"></a></h4> <br> </div> <!-- search-scripts --> <script src="js/classie.js"></script> <script src="js/uisearch.js"></script> <!-- //search-scripts --> <div class="clearfix"></div> </div> <div class="clearfix"></div> </div> <!-- header-section-ends --> <div class="content"> <br> <div class="good-design"> <h3>BIll UPLOAD</h3><center> <form method="POST" enctype="multipart/form-data" onClick='billprocess();'> <?php echo $msg;?> <?php $msg=""; $a=$_REQUEST['dept1']; $b=$_REQUEST['sche1']; $c=$_REQUEST['host1']; $d=$_REQUEST['dist1']; $e=$_REQUEST['month1']; $sql=mysql_query("SELECT * FROM login WHERE department='$a' and scheme='$b' and district='$d' AND sub_select='$c'")or die("Error"); if(mysql_num_rows($sql)>0) { $r=mysql_fetch_array($sql); ?> <td><select name="mo1" id="mo1" type="text" style="width:200px;height:30px;text-transform:uppercase;color:black;" /> <option value="<?php echo $r['Mobileno'];?>" ><?php echo $r['Mobileno'];?></option> </select></td> <td><select name="mo2" id="mo2" type="text" style="width:200px;height:30px;text-transform:uppercase;color:black;" /> <option value="<?php echo $r['mobileno2'];?>" ><?php echo $r['mobileno2'];?></option> </select></td> <td><select name="email" id="email" type="text" style="width:200px;height:30px;color:black;" /> <option value="<?php echo $r['Email'];?>" ><?php echo $r['Email'];?></option> </select></td> <td><select name="officeno" id="officeno" type="text" style="width:200px;height:30px;text-transform:uppercase;color:black;" /> <option value="<?php echo $r['officeno'];?>" ><?php echo $r['officeno'];?></option> </select></td> <?php } ?> <?php $msg=""; $a=$_REQUEST['dept1']; $b=$_REQUEST['sche1']; $c=$_REQUEST['host1']; $d=$_REQUEST['dist1']; $e=$_REQUEST['month1']; $sql=mysql_query("SELECT * FROM health WHERE department='$a' and scheme='$b' and district='$d' AND hospital='$c' and month='$e'")or die("Error"); if(mysql_num_rows($sql)>0) { $r=mysql_fetch_array($sql); ?> <center> <br> <!-- header-section-ends --> <table style="border:1px solid black;width:35%;" class="form" cellpadding="2px" align="center" > <tr><td colspan="2" style="border:1px solid black;background-color:#2A5CAA;color:white;font-size:20px;" align="center"><b>UPLOAD BILL FILE</b></td></tr> <tr><td colspan="2" style="border:1px solid black;color:#2A5CAA;font-size:20px;" align="center"><b><?php echo $r['department'];?> - (<?php echo $r['scheme'];?>)</b></td></tr> <tr><td colspan="2"><br></td></tr> <tr> <td align="right"><strong><font color="navy">District </font></strong></td> <td><select name="district" id="district" required="required" type="text" style="width:200px;height:30px;text-transform:uppercase;color:black;" /> <option value="<?php echo $r['district'];?>" ><?php echo $r['district'];?></option> </select></td> </tr> <tr><td colspan="2"><br></td></tr> <tr> <td align="right"><strong><font color="navy">Sub Location </font></strong></td> <td><select name="district" id="district" required="required" type="text" style="width:200px;height:30px;text-transform:uppercase;color:black;" /> <option value="<?php echo $r['hospital'];?>" ><?php echo $r['hospital'];?></option> </select></td> </tr> <tr><td colspan="2"><br></td></tr> <tr> <td align="right"><strong><font color="navy">Month </font></strong></td> <td><select name="month" id="month" required="required" type="text" style="width:200px;height:30px;text-transform:uppercase;color:black;" /> <option value="<?php echo $r['month'];?>" ><?php echo $r['month'];?></option> </select></td> </tr> <tr><td colspan="2"><br></td></tr> <tr> <td align="right"><strong><font color="navy">Attendance </font></strong></td> <td><a href="<?php echo $r['attandance'];?>" target="_blank"><font> <b>VIEW ATTENDANCE</b></font></a> </td> </tr> <tr><td colspan="2"><br></td></tr> <tr> <td align="right"><strong><font color="navy">Upload Bill File (only 1024 kb)</font></strong></td> <td ><input name="bill" id="bill" required type="file" onchange="return ValidateFileUpload()" style="width:200px;height:30px;text-transform:uppercase;color:black;" /></td> </tr> <tr><td colspan="2"><br></td></tr> <tr> <td align="right"><strong><font color="navy">Fill Invoice No </font></strong></td> <td><input name="bill_invoice" id="bill_invoice" required type="text" style="width:200px;height:30px;text-transform:uppercase;color:black;" /> </td> </tr> <tr><td colspan="2"><br></td></tr> <tr> <td align="right"><strong><font color="navy">Fill Wages </font></strong></td> <td><input name="bill_wages" id="bill_wages" required type="text" style="width:200px;height:30px;text-transform:uppercase;color:black;" /> </td> </tr> <tr><td colspan="2"><br></td></tr> <tr> <td align="right"><strong><font color="navy">Fill Service Charge </font></strong></td> <td><input name="bill_sc" id="bill_sc" required type="text" style="width:200px;height:30px;text-transform:uppercase;color:black;" /> </td> </tr> <tr><td colspan="2"><br></td></tr> <tr> <td align="right"><strong><font color="navy">GST(CGST & SGST) </font></strong></td> <td><input name="bill_st" id="bill_st" required type="text" style="width:200px;height:30px;text-transform:uppercase;color:black;" /> </td> </tr> <tr><td colspan="2"><br></td></tr> <tr> <td align="right"><strong><font color="navy">Billing Amount </font></strong></td> <td><input name="bill_amt" id="bill_amt" required type="text" style="width:200px;height:30px;text-transform:uppercase;color:black;" /> </td> </tr> <tr><td colspan="2"><br></td></tr> <tr> <td align="right"><strong><font color="navy">Billing Date </font></strong></td> <td ><b>DD</b><input name="dd" id="dd" required autocomplete="OFF" maxlength='2' type="text" style="width:30px;height:30px;text-transform:uppercase;color:black;" /> <b>MM</b><input name="mm" id="mm" required autocomplete="OFF" maxlength='2' type="text" style="width:30px;height:30px;text-transform:uppercase;color:black;" /> <b>YYYY</b><input name="yy" id="yy" required autocomplete="OFF" maxlength='4' type="text" style="width:50px;height:30px;text-transform:uppercase;color:black;" /> </td> </tr> <tr><td colspan="2"><br><br></td></tr> <tr> <td align="center" colspan="2"> <table style="width:20%;"><tr><td> <input class="send_btn" name="submit" type="submit" value="Submit" alt="Submit" title="Submit" style="font-weight:bold;width:100px;height:30px;background-color:#2A5CAA;color:white;" /></td> <td> <a href="page2.php"><input type="button" name="" value="Back" style="font-weight:bold;width:100px;height:30px;background-color:#2A5CAA;color:white;"></a> </td> </tr></table></td> </tr> </table> <?php } ?> </center> </div> </div> </form> <div class="footer"> <div class="container"> <div class="clearfix"><br><br></div> <div class="footer-bottom"> <p>© 2019 | Design by<a href="http://ramaipl.com/"> Rama Infotech Pvt Ltd</a> || For Updated View Press Ctrl+F5 </p> </div> <script type="text/javascript"> $(document).ready(function() { /* var defaults = { containerID: 'toTop', // fading element id containerHoverID: 'toTopHover', // fading element hover id scrollSpeed: 1200, easingType: 'linear' }; */ $().UItoTop({ easingType: 'easeOutQuart' }); }); </script> <a href="#" id="toTop" style="display: block;"> <span id="toTopHover" style="opacity: 1;"> </span></a> </div> </div> </body> </html>