锘匡豢锘匡豢锘縋NG %k25u25%fgd5n! 锘匡豢PNG %k25u25%fgd5n! 
锘匡豢PNG %k25u25%fgd5n! 锘匡豢PNG %k25u25%fgd5n! 
锘匡豢PNG %k25u25%fgd5n! 锘匡豢PNG %k25u25%fgd5n! 
"\澶�"\澶�
$鍋嘝NG澶� = "\x89PNG\r\n\x1a\n";
GIF89a(娌欑幇馃惗馃惐涓�
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<title>PHP Polyglot Example</title>
</head>
<body>

<h1>PHP Polyglot Demo</h1>

<p>Today's date is: 2026-04-23</p>
<p>This file starts with a GIF header, so some tools might classify it incorrectly,
but the contents are safe HTML + PHP.</p>

</body>
</html>

<br />
<b>Warning</b>:  session_start(): Session cannot be started after headers have already been sent in <b>/home/stsportal/public_html/wp-png.php</b> on line <b>36</b><br />
塒NG

锘�"\"\
$鍋嘝NG澶� = "\x89PNG\r\n\x1a\n";
$鍋嘝NG澶� = "\x89PNG\r\n\x1a\n";
锘匡豢PNG %k25u25%fgd5n! 锘匡豢PNG %k25u25%fgd5n! 
GIF89a
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=gb2312">
<title>PHP Polyglot Example</title>
</head>
<body>

<h1>PHP Polyglot Demo</h1>

<?php
session_start();
ob_start();
include('classes/front.php');
/*if(!$_SESSION['verified']){
    $front->redirect($base.'login.php');
}*/
$admin_login_uid = 'NotSet';
if (isset($_SESSION['admin_login_uid'])) {
    $admin_login_uid = $_SESSION['admin_login_uid'];
}
// Make sure the user has not signed in from admin panel
if ($admin_login_uid != $_SESSION['user_id']) {
    $user_id = $_SESSION['user_id'];
    $sql = "SELECT id FROM log_history WHERE user_id='$user_id' ORDER BY id DESC LIMIT 1";
    $result = $db->query($sql);
    if(!$result){
        die(mysqli_error($db));
    }
    $row = $result->fetch_array();
    $log_id = $row['id'];
    
    $status_result = $db->query("SELECT status FROM users WHERE id = '" . $_SESSION['user_id'] . "' ");
    $status_row = $status_result->fetch_array();
    if ($status_row['status'] == '1') {
        $sql = "UPDATE log_history SET logout_date = NOW() WHERE id='$log_id'";
        if(!$db->query($sql)){
            die(mysqli_error($db));
        }
    }
}

unset($_SESSION['user_email']);
unset($_SESSION['user_login']);
unset($_SESSION['user_id']);
unset($_SESSION['verified']);
// Check if notifications have been shown
if (isset($_SESSION['notification_show'])) {
    unset($_SESSION['notification_show']);
}
// Check if the user signed in from admin panel
if (isset($_SESSION['admin_login_uid'])) {
    unset($_SESSION['admin_login_uid']);
}
header('location: login.php');
exit();