Jack Cyber-security graduate student interested in researching privacy and security issues.

Book Raw Response

Raw response

prepare("select name from users where email=?"); $stmt-bind_param('s',$_SESSION["admin"]); $stmt->execute(); $result = $stmt->get_result(); $row = $result->fetch_assoc(); $user = $row['name']; if($_GET["type"]=="users") { $stmt=$conn- prepare("select name,email from users"); $stmt->execute(); $result = $stmt->get_result(); $content = 'Users Data'; while($row=$result->fetch_assoc()) { $content = $content.''; } $content = $content.'name'.$row["name"].'email'.$row["email"].''; $filename = rand(1,100000).'.html'; $file = fopen('/var/www/html/admin/export/'.$filename,'w'); fwrite($file,$content); fclose($file); $pdf = rand(10,100000).'.pdf'; exec("/usr/local/bin/html-pdf /var/www/html/admin/export/".$filename." /var/www/html/admin/export/".$pdf); sleep(2); header("Content- Description: File Transfer"); header("Content-Type: application/pdf"); header("Content-Disposition: attachment; filename=\"". basename($pdf) ."\""); readfile("/var/www/html/admin/export/".$pdf); unlink("/var/www/html/admin/export/".$filename); unlink("/var/www/html/admin/export/".$pdf); exit(); } elseif($_GET["type"]=="collections") { $stmt=$conn->prepare("select name,author,link from collections"); $stmt->execute(); $result = $stmt->get_result(); $content = ''; while($row=$result->fetch_assoc()) { $content = $content.''; } $content = $content.''.$row["name"].' '.$row["author"].' '.$row["link"].''; $filename = rand(1,100000).'.html'; $file = fopen('/var/www/html/admin/export/'.$filename,'w'); fwrite($file,$content); fclose($file); $pdf = rand(10,100000).'.pdf'; exec("/usr/local/bin/html-pdf /var/www/html/admin/export/".$filename." /var/www/html/admin/export/".$pdf); sleep(2); header("Content- Description: File Transfer"); header("Content-Type: application/pdf"); header("Content-Disposition: attachment; filename=\"". basename($pdf) ."\""); readfile("/var/www/html/admin/export/".$pdf); unlink("/var/www/html/admin/export/".$filename); unlink("/var/www/html/admin/export/".$pdf); exit(); } else { ?>