HEX
Server: Microsoft-IIS/8.5
System: Windows NT YDAWBH120 6.3 build 9600 (Windows Server 2012 R2 Standard Edition) AMD64
User: tentjecom_web (0)
PHP: 7.4.14
Disabled: NONE
$ pwd: D:/HostingSpaces/PvdBoogaard/indoorski.nl/backup/oude-site/cms/
Upload Files
File: D:/HostingSpaces/PvdBoogaard/indoorski.nl/backup/oude-site/cms/thumbnail.php
<?php

//error_reporting(0);

$TemplateName = preg_replace('/[^a-zA-Z0-9\-_ ]/','',$_GET['tpl']);
$TemplateColor = preg_replace('/[^a-zA-Z0-9\-_ ]/','',$_GET['color']); // (colors have an underscore)
$TemplateImageFile = dirname(__FILE__).'/templates/'.$TemplateName . '/previews/'.$TemplateColor.".jpg";
$CacheTemplateImageFile =  dirname(__FILE__) . '/tmp/tplthumbs/'.$TemplateName.'_'.$TemplateColor.'.jpg';
$maxwidth = '200';
$maxheight = '200';

// check cache first
if(file_exists($CacheTemplateImageFile)){

	// jpeg image
	header("Content-type: image/jpeg");

	echo file_get_contents($CacheTemplateImageFile);
	die();
}elseif(file_exists($TemplateImageFile)) {
	if(!is_dir(dirname(__FILE__) . '/tmp/tplthumbs/')){
		@mkdir(dirname(__FILE__) . '/tmp/tplthumbs/', 0777);
		@chmod(dirname(__FILE__) . '/tmp/tplthumbs/', 0777);
	}
	include_once(dirname(__FILE__) .'/lib/autoload.php');
	include_once(dirname(__FILE__) .'/lib/functions.misc.php');
	include_once(dirname(__FILE__) .'/lib/functions.strings.php');
	include_once(dirname(__FILE__) .'/lib/functions.filesystem.php');

	// jpeg image
	header("Content-type: image/jpeg");

	$image = ResizeGDImages($TemplateImageFile,$CacheTemplateImageFile,$maxheight,$maxwidth);

	if(!file_exists($CacheTemplateImageFile)){
		echo $image;
	}else{
		@chmod($CacheTemplateImageFile, 0777);
		echo file_get_contents($CacheTemplateImageFile);
	}
	die();

}else {
	OutputNoImage();
}

function OutputNoImage(){
	header("Content-type: image/gif");
	include(dirname(__FILE__).'/api/iwp.php');
	IWP::Init('paths');
	echo file_get_contents(IWP_ADMIN_PATH.'/images/nopreview200.gif');
	die();
}
@ Telegram