HEX
Server: Apache
System: Linux hostingsrv18.dondominio.com 6.12.90+deb13.1-amd64 #1 SMP PREEMPT_DYNAMIC Debian 6.12.90-2 (2026-05-27) x86_64
User: (335769)
PHP: 8.1.34
Disabled: system,passthru,popen,proc_close,proc_get_status,proc_nice,proc_open,proc_terminate,shell_exec,exec,ini_alter,show_source,pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,mail,eval
$ pwd: /hosting/www/kipepeo.es/public/Fotos/
Upload Files
File: /hosting/www/kipepeo.es/public/Fotos/addpic.php
<?php
/*************************
  Coppermine Photo Gallery
  ************************
  Copyright (c) 2003-2016 Coppermine Dev Team
  v1.0 originally written by Gregory Demar

  This program is free software; you can redistribute it and/or modify
  it under the terms of the GNU General Public License version 3
  as published by the Free Software Foundation.

  ********************************************
  Coppermine version: 1.6.03
  $HeadURL$
**********************************************/

define('IN_COPPERMINE', true);

define('ADDPIC_PHP', true);
define('DB_INPUT_PHP', true);

require('include/init.inc.php');
require('include/picmgmt.inc.php');

if (!GALLERY_ADMIN_MODE) {
    die('Access denied');
}

$aid = $superCage->get->getInt('aid');

/**
 * TODO: $_GET['pic_file'] cannot be cleaned sensibly with current methods available. Refactor.
 */
$matches   = $superCage->get->getMatched('pic_file', '/^[0-9A-Za-z=\+\/]+$/');
$pic_file  = base64_decode($matches[0]);
$dir_name  = dirname($pic_file) . '/';
$file_name = basename($pic_file);

// Setup for auto-orient if requested
if ($superCage->get->getInt('ao')) {
	$CONFIG['autorient'] = 1;
}

// Replace the windows directory separator with /
$dir_name = str_replace('\\\\', '/', $dir_name);
$dir_name = str_replace('\\', '/', $dir_name);

// Create the holder $picture_name by translating the file name.
// Translate any forbidden character into an underscore.
$source    = './' . $CONFIG['fullpath'] . $dir_name . $file_name;
$file_name = CPGPluginAPI::filter('upload_file_name', $file_name);
$sane_name = replace_forbidden($file_name);

rename($source, './' . $CONFIG['fullpath'] . $dir_name . $sane_name);

$sql = "SELECT pid FROM {$CONFIG['TABLE_PICTURES']} WHERE filepath='" . addslashes($dir_name) . "' AND filename='" . addslashes($file_name) . "' LIMIT 1";

$result = cpg_db_query($sql);

if ($result->numRows()) {
    $status = 'DUPE';
} elseif (($result = add_picture($aid, $dir_name, $sane_name)) === true) {
    $status = 'OK';
} else {
    $status = $result['error'];
}

if (ob_get_length()) {
    ob_end_clean();
}

echo $status;

//EOF
@ Telegram