HEX
Server: LiteSpeed
System: Linux php-prod-3.spaceapp.ru 5.15.0-151-generic #161-Ubuntu SMP Tue Jul 22 14:25:40 UTC 2025 x86_64
User: xnsbl7462 (1008)
PHP: 7.4.33
Disabled: pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,pcntl_unshare,
$ pwd: /home/retile.ru/public_html/
Upload Files
File: /home/retile.ru/public_html/post_one.php
<?php

require $_SERVER['DOCUMENT_ROOT'] . '/config.php';
require_once(DIR_SYSTEM . 'engine/action.php');
require_once(DIR_SYSTEM . 'engine/controller.php');
require_once(DIR_SYSTEM . 'engine/event.php');
require_once(DIR_SYSTEM . 'engine/loader.php');
require_once(DIR_SYSTEM . 'engine/registry.php');
require_once(DIR_SYSTEM . 'library/db/mysqli.php');
require_once(DIR_SYSTEM . 'library/db.php');
require_once(DIR_SYSTEM . 'library/language.php');
require_once(DIR_SYSTEM . 'library/config.php');
require_once(DIR_SYSTEM . 'library/session.php');

// Upload
$allowed = array('png', 'jpg', 'gif', 'svg', 'zip', 'txt', 'doc', 'docx', 'cdr', 'ai', 'eps');
if (isset($_FILES['upl']) && $_FILES['upl']['error'] == 0) {
    $extension = pathinfo($_FILES['upl']['name'], PATHINFO_EXTENSION);
    if (!in_array(strtolower($extension), $allowed)) {
        echo '{"status":"error"}';
        exit;
    }
    if (move_uploaded_file($_FILES['upl']['tmp_name'], 'uploads/' . $_FILES['upl']['name'])) {
        echo '{"status":"success"}';
        exit;
    }
}
/*
$db = new DB(DB_DRIVER, DB_HOSTNAME, DB_USERNAME, DB_PASSWORD, DB_DATABASE);

$obTbPhn = $db->query("SELECT COUNT(*) AS `count` FROM `feedback_list` WHERE `date`='" . date("Y-m-d") . "' AND `phone`='".trim($_POST['Телефон'])."'");

if ($obTbPhn->row['count'] == '0') {
    $nosend = false;
    $db->query("INSERT INTO `feedback_list` (`phone`, `date`) VALUES ('".trim($_POST['Телефон'])."', '" . date("Y-m-d") . "')");
} else {
    $nosend = true;
}

if($nosend) {
    echo 'Не пройдена валидация запроса!';
    exit;
}
*/

$string = file_get_contents('php://input');

$arPost = explode('&', $string);
foreach($arPost as $k => $aPost) {
    $arPost[$k] = urldecode($aPost);
    [$key, $value] = explode('=', $arPost[$k]);

    if(empty($_POST[$key])) {
        $_POST[$key] = $value;
    }
}

// Registry
$registry = new Registry();

$event = new Event($registry);
$registry->set('event', $event);

$config = new Config();
$config->load('default');
$registry->set('config', $config);

$load = new Loader($registry);
$registry->set('load', $load);

// Database
if ($config->get('db_autostart')) {
    $registry->set('db', new DB($config->get('db_engine'), $config->get('db_hostname'), $config->get('db_username'), $config->get('db_password'), $config->get('db_database'), $config->get('db_port')));
}

// Session
$session = new Session($config->get('session_engine'), $registry);
$registry->set('session', $session);

// Language
$language = new Language($config->get('language_directory'));
$registry->set('language', $language);

if ($config->get('session_autostart')) {

    if (isset($_COOKIE[$config->get('session_name')])) {
        $session_id = $_COOKIE[$config->get('session_name')];
    } else {
        $session_id = '';
    }

    $session->start($session_id);

    setcookie($config->get('session_name'), $session->getId(), ini_get('session.cookie_lifetime'), ini_get('session.cookie_path'), ini_get('session.cookie_domain'));
}

$captcha = $load->controller('extension/captcha/basic/validate');

var_dump($captcha); exit;

if ($captcha) {
    $json['error']['captcha'] = $captcha;
    exit;
}

// Mail
// Если скрытое поле заполнено
if ($_POST['name'] != '') {
    die('BOTS!');
} else {
    unset($_POST['name'], $_POST['captcha'], $_POST['Политика принята']);
    // Обработка формы
    function send_mime_mail($name_from, // имя отправителя
                            $email_from, // email отправителя
                            $name_to, // имя получателя
                            $email_to, // email получателя
                            $data_charset, // кодировка переданных данных
                            $send_charset, // кодировка письма
                            $subject, // тема письма
                            $body // текст письма
    )
    {
        $to = mime_header_encode($name_to, $data_charset, $send_charset)
            . ' <' . $email_to . '>';
        $subject = mime_header_encode($subject, $data_charset, $send_charset);
        $from = mime_header_encode($name_from, $data_charset, $send_charset)
            . ' <' . $email_from . '>';
        if ($data_charset != $send_charset) {
            $body = iconv($data_charset, $send_charset, $body);
        }
        $headers = "From: $from\r\n";
        $headers .= "Content-type:text/html; charset=$send_charset\r\n";
        return mail($to, $subject, $body, $headers);
    }

////////////////////////////////////////////
    function mime_header_encode($str, $data_charset, $send_charset)
    {
        if ($data_charset != $send_charset) {
            $str = iconv($data_charset, $send_charset, $str);
        }
        return '=?' . $send_charset . '?B?' . base64_encode($str) . '?=';
    }

//////////////////////////////////////
    $i = 0;
    while (list($cle, $val) = each($_POST)) {
        $key[$i] = $cle;
        $value[$i] = $val;
        $i++;
    }
    $message = "";
    for ($i = 0; $i < count($key); $i++)
        $message .= "<strong>" . $key[$i] . ": </strong>" . $value[$i] . "<p />";

    if (send_mime_mail('Бесплатная консультация',
            'admin@retile.ru',
            "ADMIN",
            "info@retile.ru",
            'UTF-8',
            'KOI8-R',
            'Запрос консультации с сайта retile.ru',
            $message) == true) {
        echo '';
    } else
        echo '';
    exit;
}
?>
@ Telegram