One Hat Cyber Team
Your IP :
3.133.110.34
Server IP :
192.185.194.254
Server :
Linux raider.websitewelcome.com 4.19.286-203.ELK.el7.x86_64 #1 SMP Wed Jun 14 04:33:55 CDT 2023 x86_64
Server Software :
Apache
PHP Version :
7.4.33
Buat File
|
Buat Folder
Eksekusi
Dir :
~
/
home2
/
glenar
/
www
/
web
/
Panel
/
class
/
Admin
/
View File Name :
Admin.class.php
<?php /** * Created by Mohammad Sadegh Namani * Date: 8/2/2018 AD * Time: 15:02 */ $ROOT = dirname(dirname(dirname(dirname(__FILE__)))); require_once($ROOT.'/Panel/class/General/General.class.php'); class Users { /* * Gender:0 => خانم * Gender:1 => آقا * Status:0 => غیرفعال * Status:1 => فعال * UserType:1 => مدیر سایت * UserType:2 => مدیر فروش * UserType:3 => اسپانسر * UserType:4 => گیشه */ public function AddAdmin($Username, $Password, $Name, $Gender, $About, $Profile, $IsSupervisor, $GroupID, $UserType) { //تعریف کاربر $General = new General(); $con = $General->Connect(); $time = time(); $Password = md5($Password); mysqli_query($con, "INSERT INTO `adm.admins` VALUES(NULL, '$Username', '$Password', '$Name', '$Gender', '$About', '$Profile', '$IsSupervisor', '$GroupID', '$UserType', '1', '$time')"); if (mysqli_affected_rows($con) > 0) { $Result['success'] = true; $Result['message'] = 'کاربر ' . $Username . ' ایجاد شد.'; $ResultArray = json_encode($Result); return $ResultArray; } else { $Result['success'] = false; $Result['message'] = 'عملیات ناموفق<br> خطا:' . mysqli_error($con); $ResultArray = json_encode($Result); return $ResultArray; } } public function EditAdmin($ID, $Username, $Password, $Name, $Gender, $About, $Profile, $IsSupervisor, $GroupID, $UserType, $Status) { //اصلاح اطلاعات کاربر $General = new General(); $con = $General->Connect(); $query = mysqli_query($con, "UPDATE `adm.admins` SET `Username`='$Username', `Name`='$Name', `Gender`='$Gender', `About`='$About', `Profile`='$Profile', `IsSupervisor`='$IsSupervisor', `GroupID`='$GroupID', `UserType`='$UserType', `Status`='$Status' WHERE (`ID`='$ID')"); if ($query) { $Result['success'] = true; $Result['message'] = 'اطلاعات کاربر ' . $Username . 'بروزرسانی شد.'; $ResultArray = json_encode($Result); return $ResultArray; } else { $Result['success'] = true; $Result['message'] = 'عملیات ناموفق<br> خطا:' . mysqli_error($con); $ResultArray = json_encode($Result); return $ResultArray; } } public function DeleteAdmin($ID,$ESID) { //حذف کاربر $General = new General(); $con = $General->Connect(); mysqli_query($con, "DELETE FROM `adm.admins` WHERE (`ID`='$ID')"); if (mysqli_affected_rows($con) > 0) { $Result['success'] = true; $Result['message'] = 'عملیات با موفقیت انجام شد'; $ResultArray = json_encode($Result); return $ResultArray; } else { $Result['success'] = false; $Result['message'] = 'عملیات ناموفق<br> خطا:' . mysqli_error($con); $ResultArray = json_encode($Result); return $ResultArray; } } public function SelectAdmins($ID,$Username,$GroupID, $UserType,$Status,$ORDER_BY,$ORDER_TYPE,$LIMIT){ $General = new General(); $con = $General->Connect(); if($LIMIT != ''){ $LIMIT = "LIMIT $LIMIT"; } if($ORDER_BY != ''){ $ORDER_BY = "ORDER BY $ORDER_BY"; } $Condition = ''; if($ID != '') { $Condition = " (`ID`='$ID')"; } if($Username != '') { if($Condition != '') { $Condition = $Condition . ' AND '; } $Condition = $Condition . "(`Username`='$Username')"; } if($GroupID != '') { if($Condition != '') { $Condition = $Condition . ' AND '; } $Condition = $Condition . "(`GroupID`='$GroupID')"; } if($UserType != '') { if($Condition != '') { $Condition = $Condition . ' AND '; } $Condition = $Condition . "(`UserType`='$UserType')"; } if($Status != '') { if($Condition != '') { $Condition = $Condition . ' AND '; } $Condition = $Condition . "(`Status`='$Status')"; } if($Condition != '') { $Query = mysqli_query($con, "SELECT * FROM `adm.admins` WHERE $Condition $ORDER_BY $ORDER_TYPE $LIMIT"); } else{ $Query = mysqli_query($con, "SELECT * FROM `adm.admins` $ORDER_BY $ORDER_TYPE $LIMIT"); } return $Query; } public function DoLogin($Username, $Password, $redirect){ //ورود به سیستم $General = new General(); ############ Start of validation ############ $CV_error = array(); $CV_result = $General->CVInput('نام کاربری',$Username,'','','','1'); if($CV_result == $Username){ $Username = $CV_result; } else{ $CV_error[] = $CV_result; } $CV_result = $General->CVInput('رمزعبور',$Password,'','6','','1'); if($CV_result == $Password){ $md5_Password = md5($CV_result); } else{ $CV_error[] = $CV_result; } ############ End of validation ############ if(empty($CV_error)){ $con = $General->Connect(); $user_info = mysqli_query($con,"SELECT * FROM `adm.admins` WHERE (`Username`='$Username' AND `Password`='$md5_Password') LIMIT 1"); if(mysqli_num_rows($user_info)>0){ $row_user_info = mysqli_fetch_assoc($user_info); if($row_user_info['Status'] == '1'){ //Login successful if (session_status() == PHP_SESSION_NONE) { session_start(); } $AdminID = $row_user_info['ID']; $Name = $row_user_info['Name']; $Gender = $row_user_info['Gender']; $GroupID = $row_user_info['GroupID']; $UserType = $row_user_info['UserType']; $IsSupervisor= $row_user_info['IsSupervisor']; $_SESSION['AdminID'] = $AdminID; $_SESSION['AdminName'] = $Name; $_SESSION['Gender'] = $Gender; $_SESSION['GroupID'] = $GroupID; $_SESSION['UserType'] = $UserType; $_SESSION['IsSupervisor'] = $IsSupervisor; $_SESSION['AdminUsername'] = $Username; $Result['success'] = true; $Result['redirect'] = $redirect; $Result['message'] = 'ورود با موفقیت است.'; $ResultArray = json_encode($Result); return $ResultArray; } else{ $Result['success'] = false; $Result['redirect'] = ''; $Result['message'] = 'کاربر ' . $Username . 'غیرفعال شده است.'; $ResultArray = json_encode($Result); return $ResultArray; } } else{ $Result['success'] = false; $Result['redirect'] = ''; $Result['message'] = 'نام کاربری یا رمزعبور صحیح نیست.'; $ResultArray = json_encode($Result); return $ResultArray; } } else{ $msg = ''; foreach ($CV_error as $CE){ $msg = $msg . '<br>' . $CE; } $Result['success'] = false; $Result['redirect'] = ''; $Result['message'] = $msg; $ResultArray = json_encode($Result); return $ResultArray; } } public function Logout($AutoRedirect){ session_destroy(); $location = 'location: ./login.php'; header($location); } public function ChangePassword($AdminID, $OldPassword, $NewPassword) { if (session_status() == PHP_SESSION_NONE) { session_start(); } $General = new General(); $con = $General->Connect(); ############ Start of validation ############ $CV_error = array(); $CV_result = $General->CVInput('شناسه کاربر', $AdminID, 'number', '', '', '1'); if ($CV_result == $AdminID) { $AdminID = $CV_result; } else { $CV_error[] = $CV_result; } $CV_result = $General->CVInput('رمز قدیمی', $OldPassword, '', '', '', '1'); if ($CV_result == $OldPassword) { $OldPassword = $CV_result; } else { $CV_error[] = $CV_result; } $CV_result = $General->CVInput('رمزعبور', $NewPassword, '', '6', '', '1'); if ($CV_result == $NewPassword) { $NewPassword = md5($CV_result); } else { $CV_error[] = $CV_result; } ############ End of validation ############ if (empty($CV_error)) { $OldPass = mysqli_query($con, "SELECT `Password` FROM `adm.admins` WHERE (`ID`='$AdminID') LIMIT 1"); $row_OldPass = mysqli_fetch_assoc($OldPass); if ($row_OldPass['Password'] != md5($OldPassword)) { $Result['success'] = false; $Result['message'] = 'رمز قدیمی وارد شده صحیح نیست.'; $ResultArray = json_encode($Result); return $ResultArray; } $query = mysqli_query($con, "UPDATE `adm.admins` SET `Password`='$NewPassword' WHERE (`ID`='$AdminID')"); if ($query) { $Result['success'] = true; $Result['message'] = 'تغییر رمز با موفقیت انجام شد.'; $ResultArray = json_encode($Result); return $ResultArray; } else { $Result['success'] = false; $Result['message'] = 'عملیات ناموفق<br> خطا:' . mysqli_error($con); $ResultArray = json_encode($Result); return $ResultArray; } } else { $msg = ''; foreach ($CV_error as $CE) { $msg = $msg . '<br>' . $CE; } $Result['success'] = false; $Result['message'] = $msg; $ResultArray = json_encode($Result); return $ResultArray; } } } ?>