UnknownSec Bypass
403
:
/
var
/
www
/
cotutilitydash
/ [
drwxrwxr-x
]
Menu
Upload
Mass depes
Mass delete
Terminal
Info server
About
name :
testupload.php
<?php include "header.php"?> <?php include "sidemenu.php"?> <div id="page-wrapper"> <div class="col-md-12 graphs"> <div class="xs"> <table width="100%"> <tr> <td width="50%"> <h3>File Record Details</h3> </td> <td width="50%" align="right"> <a class="btn btn-primary" href="upload_excelfile.php" style="margin: 5px"><i class="fa fa-list"></i> Back To Upload File</a> </td> </tr> </table> <div class="well1 white"> <?php require_once 'vendorexcel/autoload.php'; use PhpOffice\PhpSpreadsheet\Reader\Xlsx; use PhpOffice\PhpSpreadsheet\Reader\Xlsx\ColumnAndRowAttributes; function alphabet_to_number($string) { $string = strtoupper($string); $length = strlen($string); $number = 0; $level = 1; while ($length >= $level ) { $char = $string[$length - $level]; $c = ord($char) - 64; $number += $c * (26 ** ($level-1)); $level++; } return $number; } //require('config.php'); $creationdatetime = date("Y-m-d H:m:s"); if(isset($_POST['Submit'])){ $userid= $_SESSION['userid']; //$mimes = ['application/vnd.ms-excel','text/xls','text/xlsx','application/vnd.oasis.opendocument.spreadsheet']; // $mimes = array('text/xls', 'text/xlsx', 'application/excel', 'application/vnd.msexcel', 'application/vnd.ms-excel', 'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet'); $excelMimes = array('text/xls', 'text/xlsx', 'application/excel', 'application/vnd.msexcel', 'application/vnd.ms-excel', 'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet'); if(in_array($_FILES["file"]["type"], $excelMimes)){ // $uploadFilePath = 'uploads/'.basename($_FILES['file']['name']); //move_uploaded_file($_FILES['file']['tmp_name'], $uploadFilePath); //if(is_uploaded_file($_FILES['file']['tmp_name'])) //{ $reader = new Xlsx(); $spreadsheet = $reader->load($_FILES['file']['tmp_name']); $worksheet = $spreadsheet->getActiveSheet(); $worksheet_arr = $worksheet->toArray(); $highestRow = $worksheet->getHighestDataRow(); echo "The highest row is $highestRow"; $highestColumn = $worksheet->getHighestColumn(); echo "The highest column is $highestColumn"; $hcol= alphabet_to_number($highestColumn); //for($i=0;$i<$highestRow;$i++) ///{ //} //} $acutaldata=0; $duplicatedata=0; $duphtml="<table border='1' class='table table-bordered'>"; $duphtml.="<tr> <th>Date</th> <th>Area</th> <th>Sub Area</th> <th>Total Consumption</th> </tr> "; $html="<table border='1' class='table table-bordered'>"; $html.="<tr> <th>Date</th> <th>Area</th> <th>Sub Area</th> <th>Total Consumption</th> </tr> "; /* For Loop for all sheets */ for($i=1;$i<$highestRow;$i++){ for($j=3;$j<$hcol;$j++) { $flag=false; $html.="<tr>"; $date=""; $area=""; $subarea=""; $totalconsumption=0; $date = isset($worksheet_arr[0][$j]) ? $worksheet_arr[0][$j] : ''; if(strtotime($date)){ $flag=true; $odate=date_create($date); $condate=date_format($odate,"Y-m-d"); } $area = trim(isset($worksheet_arr[$i][0])) ? trim($worksheet_arr[$i][0]) : ''; $equipment =trim(isset($worksheet_arr[$i][1])) ? trim($worksheet_arr[$i][1]) : ''; $subarea = trim(isset($worksheet_arr[$i][2])) ? trim($worksheet_arr[$i][2]) : ''; $totalconsumption = trim(isset($worksheet_arr[$i][$j])) ? trim($worksheet_arr[$i][$j]) : ''; $areaid="0"; $equipmentid="0"; $subareaid="0"; $query="Select id from mastertb where area='".$area."' and identifier=1 and isdeleted='".$gnotdeleted."'"; $result = mysqli_query($conn, $query); while ($row=mysqli_fetch_array($result)) { $areaid = $row["id"]; } $query=" Select id from mastertb where area='".$area."' and equipment='".$equipment."' and identifier=3 and isdeleted='".$gnotdeleted."'"; $result = mysqli_query($conn, $query); while ($row=mysqli_fetch_array($result)) { $equipmentid = $row["id"]; } $query=" Select id from mastertb where area='".$area."' and subarea='".$subarea."' and equipment='".$equipment."' and identifier=2 and isdeleted='".$gnotdeleted."'"; $result = mysqli_query($conn, $query); while ($row=mysqli_fetch_array($result)) { $subareaid = $row["id"]; } $query="select * from consumptiontb Where consuptiondate='".$condate."' and areaid='".$areaid."' and equipmentid= '".$equipmentid."' and subareaid='".$subareaid."' and isdeleted='" . $gnotdeleted . "' "; $cnt= get_noof_rows($conn,$query); if($cnt==0 && $areaid!=0 && $subareaid!=0 && $equipmentid!=0 and $flag==true && $totalconsumption!=0) { $html.="<td>".$date."</td>"; $html.="<td>".$area."</td>"; $html.="<td>".$equipment."</td>"; $html.="<td>".$subarea."</td>"; $html.="<td>".$totalconsumption."</td>"; $html.="</tr>"; $query = "insert into consumptiontb(consuptiondate,areaid,equipmentid,subareaid,totalconsumption,isdeleted,userid,creationdatetime) values('".$condate."','".$areaid."','".$equipmentid."','".$subareaid."','".$totalconsumption."',0,'".$userid."','".$creationdatetime."')"; $result=insertrecord($conn,$query); $acutaldata=$acutaldata+1; } else { $duphtml.="<td>".$date."</td>"; $duphtml.="<td>".$area."</td>"; $duphtml.="<td>".$equipment."</td>"; $duphtml.="<td>".$subarea."</td>"; $duphtml.="<td>".$totalconsumption."</td>"; $duphtml.="</tr>"; $duplicatedata=$duplicatedata+1; } //$mysqli->query($query); } } if($acutaldata!=0) { echo "<br />Data Save Successfully"; $html.="</table>"; echo $html; } if($duplicatedata!=0) { echo "<br />This Consumption Data is already exist or data is not in correct format"; $duphtml.="</table>"; echo $duphtml; } }else { die("<br/>Sorry, File type is not allowed. Only Excel file."); } } ?> </div> <!-- <div class="bs-example4 tab-content" data-example-id="simple-responsive-table"> </div> --> </div> <?php include "footer.php"?>
Copyright © 2025 - UnknownSec