OverLord Shell

Path : G:/PleskVhosts/jaincensus.com/macciaweb.ultraliant.com/businessforum/
File Upload :
Current File : G:/PleskVhosts/jaincensus.com/macciaweb.ultraliant.com/businessforum/useradd_save.php

<?php session_start();
if(!isset($_SESSION['company_id']) || !isset($_SESSION['company_name'])){session_destroy();echo "login.php";exit;}
if(!in_array(2,$_SESSION['role'])){echo "404.php";exit;}
if($_SERVER['REQUEST_METHOD']!='POST' || empty($_POST)){echo "404.php";exit;}
require_once("../db/conn.php");

$username=trim(preg_replace('/[^a-zA-Z0-9]+/','',$_POST['username']));
$password=md5($connection->real_escape_string(trim($_POST['password_confirmation'])));
$password2=md5($connection->real_escape_string(trim($_POST['password'])));
$fullname=trim($_POST['fullname']);
$email=filter_var(filter_input(INPUT_POST, 'email', FILTER_SANITIZE_EMAIL), FILTER_VALIDATE_EMAIL);
$phone=trim(preg_replace('/[^0-9]+/','',$_POST['phone']));
$role="";
foreach($_POST['section'] as $secval){
	if($secval%2==0)$role.=($secval-1).",";
	$role.=$secval.",";
}
$role=rtrim($role,',');

$selr=$connection->query("SELECT usersrno FROM busdir_mst_users WHERE username='".$username."' OR email='".$email."'");
if($selr->num_rows!=0)echo "Duplicate Username or Email";
else{
	$addq="INSERT INTO busdir_mst_users(username,password,name,email,phone,role,createdby,createdon) VALUES('$username','$password','$fullname','$email','$phone',";
	if(!empty($role))$addq.="'$role',";else $addq.="NULL,";
	$addq.="'".$_SESSION['company_id']."',NOW())";
	$addr=$connection->query($addq);
	if($addr)echo "success";
	else echo "An unknown error occured. Please try again.";
}
$selr->free();
$connection->close();
?>

xRyukZ - Copyright 2k19