ikan Uploader :
Directory : /var/www/html/shardahospital.org/shardalms/api/application/core/
Upload File : |
| Current File : /var/www/html/shardahospital.org/shardalms/api/application/core/MY_Controller.php |
<?php
if (!function_exists('getallheaders')) {
function getallheaders() {
$headers = [];
/* foreach ($_SERVER as $name => $value) {
if (substr($name, 0, 5) == 'HTTP_') {
$headers[str_replace(' ', '-', ucwords(strtolower(str_replace('_', ' ', substr($name, 5)))))] = $value;
}
} */
foreach($_SERVER as $name => $value) {
if($name != 'HTTP_MOD_REWRITE' && (substr($name, 0, 5) == 'HTTP_' || $name == 'CONTENT_LENGTH' || $name == 'CONTENT_TYPE')) {
$name = str_replace(' ', '-', ucwords(strtolower(str_replace('_', ' ', str_replace('HTTP_', '', $name)))));
//if($name == 'Content-Type') $name = 'Content-type';
$headers[$name] = $value;
}
}
return $headers;
}
}
class MY_Controller extends CI_Controller {
function __construct() {
parent::__construct();
//header('Access-Control-Allow-Origin: *');
$origin=$this->input->server('HTTP_ORIGIN');
header('Access-Control-Allow-Origin: '.$origin);
header('Access-Control-Allow-Credentials: true');
header('Access-Control-Allow-Headers: Content-Type, Origin, Accept, AuthToken');
if($this->input->method() == 'options') {
header('HTTP/1.1 200 OK');
header('Access-Control-Allow-Headers: Content-Type, Origin, Accept, AuthToken');
header('Access-Control-Allow-Methods: POST, GET, OPTIONS');
header('Access-Control-Max-Age: 86400');
die;
}
$headers=getallheaders();
if(strpos($headers['Content-Type'], 'application/json')!==FALSE){
$data=json_decode(file_get_contents("php://input"), true);
$_POST=$data?$data:[];
unset($data);
}
date_default_timezone_set('Asia/Kolkata');
define('IS_AJAX', $this->input->is_ajax_request()?TRUE:FALSE);
define('IS_POST', $this->input->method()=='post'?TRUE:FALSE);
$this->db->query("SET sql_mode=''");
$this->load->model('common_model', 'common');
$ctrl=$this->uri->rsegments[1];
$cfunc=$this->uri->rsegments[2];
$dtl=$this->loggedData();
define('USER_ID', $dtl['id']);
define('USER_TYPE', $dtl['type']);
define('USER_EMAIL', $dtl['email']?$dtl['email']:'');
define('LEAD_RESTRICT', (int)$dtl['lead_restrict']);
define('IS_ADMIN', USER_TYPE=='ADMIN');
define('IS_PUBLISHER', USER_TYPE=='PUBLISHER');
define('IS_CONSULTANT', USER_TYPE=='CONSULTANT');
$caller_ids=$_COOKIE['caller_ids'];
if(($caller_ids && USER_TYPE==="CALLER_MANAGER") && $ctrl!=='dataset'){
$caller_ids=json_decode($caller_ids, true);
define("CALLER_IDS", implode(",", $caller_ids));
}else{
define("CALLER_IDS", "");
}
if(USER_ID){
if($cfunc!="login" && $cfunc!="logout"){
$resp=$this->checkIp(USER_ID);
if(!$resp['success']){
$resp['NotLogged']=1;
$this->json_data($resp);
}
}
}
//if(IS_POST){
$this->req=array('required'=>'%s required', 'is_unique'=>'This %s is already used', 'numeric'=>'%s must be numeric', 'integer'=>'%s must be integer');
$this->load->library('form_validation');
//}
/** */
define('Lead_View_ByYou', $this->is_access('lead_view')?false:$this->is_access('lead_view_byyou'));
define('Online_Leads', $this->is_access('online_leads'));
define('Offline_Leads', $this->is_access('offline_leads'));
define('Campus_Offline_Leads', $this->is_access('campus_offline_leads'));
/** \ */
if(ENVIRONMENT=='development'){
define('WebinarUrl', 'http://localhost/pro/lms/webinar/');
}else{
define('WebinarUrl', 'https://admissions.sharda.ac.in/webinar/');
}
if($cfunc!="logout" && $cfunc!="login"){
session_write_close();
}
}
function checkIp($user_id){
$ip=$_SERVER['HTTP_X_FORWARDED_FOR'];
if($ip){
$ips=$this->db->select("allowed_ips")->get_where("users", ['id'=>$user_id])->row("allowed_ips");
if($ips){
$ips=trim_array(explode(",", $ips));
if(!in_array($ip, $ips)){
return ['success'=>0, 'msg'=>'Your network is not allowed!', 'code'=>'IP_NOT_ALLOWED'];
}
}
}
return ['success'=>1];
}
function loggedData(){
$dtl=get_session(USR_SESSION_NAME);
return $dtl?$dtl:[];
}
function json_data($res, $jsonNumChk=false){
header('Content-Type: application/json; charset=utf-8');
$res=$res?$res:array();
/*if($this->config->item('csrf_protection')===TRUE){
$res['csrf_token']=$this->security->get_csrf_token_name();
$res['csrf_hash']=$this->security->get_csrf_hash();
}*/
//array_walk_recursive($res, function(&$item) { $item = !is_numeric($item)?utf8_encode($item):$item; });
die(json_encode($res, JSON_PARTIAL_OUTPUT_ON_ERROR));
}
function img_ext_check($v, $param='image'){
if($_FILES[$param]['name'] and !check_image_ext($_FILES[$param]['name'])){
$this->form_validation->set_message('img_ext_check', 'Please upload .jpg, .jpeg, .gif or .png file only');
return FALSE;
}else{
return TRUE;
}
}
function valid_date($v){
if($v && !is_valid_date($v)){
$this->form_validation->set_message("valid_date", "Invalid date format (%s)!");
return FALSE;
}
return TRUE;
}
function valid_name($str){
if(trim($str)){
$is_only_alpha=( ! preg_match("/^([-a-z_ ])+$/i", $str)) ? FALSE : TRUE ;
if(!$is_only_alpha){
$this->form_validation->set_message("valid_name", "Only alphabet and space are allowed in %s");
}
return $is_only_alpha;
}else{
return TRUE;
}
}
function is_access($module){
if(USER_TYPE=='ADMIN'){
//return TRUE;
}
$this->load->model('auth_model', 'auth');
$modules=$this->auth->modules(USER_ID);
if(!is_array($module)){
$arg_modules[]=$module;
}else{
$arg_modules=$module;
}
foreach($arg_modules as $m){
if(isset($modules[$m])){
return TRUE;
}
}
return FALSE;
}
function checkAccess($module){
if(!$this->is_access($module)){
$this->json_data(array('success'=>'F', 'msg'=>'You are not allowed to access this page'));
}
}
}
//EOF
Kontol Shell Bypass