One Hat Cyber Team

Your IP : 172.16.0.254

Server IP : 58.26.163.33

Server : Windows NT DGPENSV2LPKMN 10.0 build 14393 (Windows Server 2016) AMD64

Server Software : Apache/2.4.46 (Win64) OpenSSL/1.1.1h PHP/7.3.25

PHP Version : 7.3.25

Buat File | Buat Folder

Dir : C:/xampp7/htdocs/edgpens_220704/

Edit File: ajax.php

<?php

session_start();

include 'odbc.php';

if ($_SESSION['session'])
		$session=updateSession($_SESSION["session"]);
	else
	    $session='';

if(!$session)
		exit();

$do 	= $_GET['do'];

if($do == 'get_vessel'){
		$stmt  			= $mysqli->stmt_init();
		$stmt->prepare("SELECT a.*,b.nama AS nama_syarikat, c.nama AS nama_jeniskapal, if(a.tarikhLuputISSC = '0000-00-00','',DATE_FORMAT(a.tarikhLuputISSC,'%d-%m-%Y')) AS tarikhLuputISSC2 FROM kod_kapal a LEFT JOIN kod_syarikat b ON b.idSyarikat = a.idSyarikat, kod_jenis_kapal c WHERE a.idKapal=? AND a.idJenisKapal=c.idJenisKapal ");
		$stmt->bind_param("s",$_POST['idKapal']);
		$stmt->execute();
		$result 		= $stmt->get_result();
		$stmt->close();
		$row=$result->fetch_assoc();

$failissc 			= $row['fail_issc'];
		$row['linkissc'] 	= "1";
		if (file_exists("upload/vessel/{$row['idKapal']}/{$failissc}") && !empty($failissc)) {$row['linkissc']="upload/vessel/{$row['idKapal']}/{$failissc}";}

echo json_encode($row);
	}else if($do == 'clear_file_kapal') {

$ii 	= $_POST['ii'];
		$type 	= $_POST['type'];
		$file 	= $_POST['file'];

$sql 	= "UPDATE kod_kapal SET fail_issc='' WHERE idKapal = ?";

$stmt  			= $mysqli->stmt_init();
		$stmt->prepare($sql);
		$stmt->bind_param("s",$ii);
		$stmt->execute();

unlink("upload/vessel/{$ii}/{$file}");

}else if($do == 'clear_file') {

$ii 	= $_POST['ii'];
		$type 	= $_POST['type'];
		$file 	= $_POST['file'];

if($type == 'crew')
			$sql 	= "UPDATE permohonan_main SET failKrew='' WHERE idPermohonan = ?";
		else if($type == 'passenger')
			$sql 	= "UPDATE permohonan_main SET failPenumpang='' WHERE idPermohonan = ?";
		else if($type == 'vessel')
			$sql 	= "UPDATE permohonan_main SET failPenumpang='' WHERE idPermohonan = ?";
		else if($type == 'lp_news')
			$sql 	= "UPDATE lp_news SET fail='' WHERE idNews = ?";
		else if($type == 'lp_law')
			$sql 	= "UPDATE lp_law SET fail='' WHERE idLaw = ?";
		else if($type == 'lp_declaration')
			$sql 	= "UPDATE lp_declaration SET fail='' WHERE idDeclaration = ?";
		else if($type == 'selfregister')
			$sql 	= "UPDATE kod_syarikattemp SET company_cert='' WHERE idSyarikat = MD5(CONCAT('id',?))";

$stmt  			= $mysqli->stmt_init();
		$stmt->prepare($sql);
		$stmt->bind_param("s",$ii);
		$stmt->execute();

if($type == 'vessel')
			unlink("upload/vessel/{$ii}/{$file}");
		else if($type == 'crew' || $type == 'passenger')
			unlink("upload/application/{$ii}/{$file}");
		else if($type == 'lp_news' || $type == 'lp_law' || $type == 'lp_declaration')
			unlink("upload/lp/{$file}");
		else if($type == 'selfregister')
			unlink("upload/syarikat_temp/{$file}");

}else if($do == 'list_purpose') {
		$stmt  			= $mysqli->stmt_init();
		$stmt->prepare("SELECT nama FROM kod_call_purpose WHERE flagAktif = 'Y' ");
		$stmt->execute();
		$result 		= $stmt->get_result();
		$stmt->close();
		$list 	= [];
		while($aa = $result->fetch_assoc()){
			array_push($list, $aa['nama']);
		}
		// $myFile = "upload/purpose.json";
		// $fh = fopen($myFile, 'w') or die("can't open file");
		// $stringData = "asd";
		// fwrite($fh, json_encode($list));
		// fclose($fh);
	}else if($do == 'testme') {
		$stmt  			= $mysqli->stmt_init();
		$stmt->prepare("SELECT a.idUser,a.emailUser FROM user_list a WHERE a.idUser=? ");
		$stmt->bind_param("s",$_GET['id']);
		$stmt->execute();
		$result 		= $stmt->get_result();
		$stmt->close();
		$row=$result->fetch_all();
		echo json_encode($row);
	}else if($do == 'resubmit') {

$ii 	= $_POST['ii'];
		$sql 	= "UPDATE user_register SET flagApprove='N' WHERE MD5(idUser) = ?";
		$stmt 	= $mysqli->stmt_init();
		$stmt->prepare($sql);
		$stmt->bind_param("s",$ii);
		$stmt->execute();
	}
?>