One Hat Cyber Team
Your IP :
172.16.0.254
Server IP :
58.26.163.33
Server :
Windows NT DGPENSV2LPKMN 10.0 build 14393 (Windows Server 2016) AMD64
Server Software :
Apache/2.4.46 (Win64) OpenSSL/1.1.1h PHP/7.3.25
PHP Version :
7.3.25
Buat File
|
Buat Folder
Eksekusi
Dir :
C:
/
xampp7
/
htdocs
/
edgpens
/
kod
/
Edit File:
audit_trail_240205.php
<?php if(empty($page)){ include("../access.php"); } ?> <?php $modal_name = str_replace("/", "-", $page); $user = get_user_full($_SESSION['session']); $roles = (int)$user['idRoles']; $idUser = (int)$user['idUser']; $searchme = $_GET['search']; ?> <!-- Blank Header --> <div class="content-header"> <div class="row"> <div class="col-sm-6"> <div class="header-section"> <h1>AUDIT TRAIL</h1> </div> </div> <div class="col-sm-6 hidden-xs"> <div class="header-section"> <!-- <ul class="breadcrumb breadcrumb-top"> --> <!-- <li>Extra Pages</li> --> <!-- <li><a href="">Blank</a></li> --> <!-- </ul> --> </div> </div> </div> </div> <!-- END Blank Header --> <!-- Get Started Block --> <div class="block full"> <!-- Get Started Title --> <div class="block-title"> <div class="block-options pull-right"> <div class="btn btn-effect-ripple btn-info print-me" data-toggle="tooltip" data-original-title="Print" onclick="myFunction()"><i class="fa fa-print"></i></div> </div> <h2>Audit Trail</h2> </div> <?php // if() // $stmt = $mysqli->stmt_init(); // $stmt->prepare("SELECT // a.* // FROM // audit_trail a // LEFT JOIN // user_list b ON b.idUser = a.idUser // WHERE 1 // "); // $stmt->bind_param("s",$permohonan_main = $ii); // $stmt->execute(); $searchme = (isset($_GET['searchme'])) ? $_GET['searchme'] : '' ; $user = (isset($_GET['user'])) ? $_GET['user'] : '' ; $role = (isset($_GET['role'])) ? $_GET['role'] : '' ; $from = (isset($_GET['from'])) ? $_GET['from'] : '' ; $to = (isset($_GET['to'])) ? $_GET['to'] : '' ; $descr = (isset($_GET['descr'])) ? $_GET['descr'] : '' ; if($searchme == 'y'){ $param_data = array(); $comb1 = ""; if($roles == 5){ if(!empty($user)){ $comb1 .= " AND a.idUser = ? "; $param_data['idUser'] = $user; } }else{ $comb1 .= " AND a.idUser = ? "; $param_data['idUser'] = $_GET['user']; } if(!empty($role)){ $comb1 .= " AND b.idRoles = ? "; $param_data['idRoles'] = $role; } if(!empty($from)){ $from_exp = explode('-', $from); $comb1 .= " AND DATE_FORMAT(a.exec_time,'%Y-%m-%d') >= ? "; $param_data['exec_date1'] = $from_exp[2].'-'.$from_exp[1].'-'.$from_exp[0]; } if(!empty($to)){ $to_exp = explode('-', $to); $comb1 .= " AND DATE_FORMAT(a.exec_time,'%Y-%m-%d') <= ? "; $param_data['exec_date2'] = $to_exp[2].'-'.$to_exp[1].'-'.$to_exp[0]; } if(!empty($descr)){ $comb1 .= " AND a.descr like ? "; $param_data['descr'] = '%'.$descr.'%'; } // if(!empty($user)){ // $comb1 .= " AND a.nameUser LIKE ? "; // $param_data['nameUser'] = "%{$user}%"; // } // if(!empty($idrole)){ // $comb1 .= " AND a.idRoles = ? "; // $param_data['idRoles'] = $idrole; // } if($roles == 2 || $roles == 3) $comb2 = " AND descr != ''"; $sql = " SELECT a.*, b.nameUser FROM audit_trail a LEFT JOIN user_list b ON b.idUser = a.idUser WHERE 1 {$comb1} {$comb2} ORDER BY id DESC "; $data = mysqli_prepare_all($sql,$param_type = "auto",$param_data); // print_r($sql.$param_data); // // while($row_data = $data->fetch_assoc()) { // echo nl2br($row_data['running_sql'])."<br>"; // } // exit(); }else{ } ?> <div id="modal-checkout" class="modal fade <?php echo $modal_name;?>" tabindex="-1" role="dialog" aria-hidden="true"> <div class="modal-dialog modal-lg"> <div class="modal-content"> <form class="push form-horizontal" id="form-validation" action="index.php?page=kod/blank_page" method="post"> <!-- if delete. check post name delete --> <div class="modal-header"> <button type="button" class="close" data-dismiss="modal" aria-hidden="true">×</button> <h4 class="modal-title"><strong>Checkout</strong></h4> </div> <div class="modal-body"><!-- modal-body --> <div class="form-group"> <label class="col-md-3 control-label" for="val-username">Username <span class="text-danger">*</span></label> <div class="col-md-6"> <input type="text" id="val-username" name="val-username" class="form-control validation" data-validation="default" placeholder="Choose a nice username.."> </div> </div> <div class="form-group"> <label class="col-md-3 control-label" for="val-email">Email <span class="text-danger">*</span></label> <div class="col-md-6"> <input type="text" id="val-email" name="val-email" class="form-control validation" data-validation="default" placeholder="Enter your valid email.."> </div> </div> <div class="form-group"> <label class="col-md-3 control-label" for="val-suggestions">Suggestions <span class="text-danger">*</span></label> <div class="col-md-9"> <textarea id="val-suggestions" name="val-suggestions" rows="7" class="form-control validation" data-validation="default" placeholder="Share your ideas with us.."></textarea> </div> </div> <div class="form-group"> <label class="col-md-3 control-label" for="val-skill">Best Skill <span class="text-danger">*</span></label> <div class="col-md-6"> <select id="val-skill" name="val-skill" class="form-control validation" data-validation="default"> <option value="">Please select</option> <option value="html">HTML</option> <option value="css">CSS</option> <option value="javascript">Javascript</option> <option value="ruby">Ruby</option> <option selected='selected' value="php">PHP</option> <option value="asp">ASP.NET</option> <option value="python">Python</option> <option value="mysql">MySQL</option> </select> </div> </div> <div class="form-group"> <label class="col-md-3 control-label" for="val-digits">Digits <span class="text-danger">*</span></label> <div class="col-md-6"> <input type="text" id="val-digits" name="val-digits" class="form-control validation" data-validation="default_digit" placeholder="3"> </div> </div> <div class="form-group"> <label class="col-md-3 control-label" for="val-number">Number <span class="text-danger">*</span></label> <div class="col-md-6"> <input type="text" id="val-number" name="val-number" class="form-control validation" data-validation="default_number" placeholder="3.0"> </div> </div> <div class="form-group"> <label class="col-md-3 control-label"><a href="#modal-terms" data-toggle="modal">Agree to Terms</a> <span class="text-danger">*</span></label> <div class="col-md-8"> <label class="switch switch-primary" for="val-terms"> <input type="checkbox" id="val-terms" name="val-terms" checked="checked" class="validation" data-validation="default" value="1"> <span data-toggle="tooltip" title="I agree to the terms"></span> </label> </div> </div> </div><!-- [end] modal-body --> <input type="hiddenx" name="type_submit" value="add"> <input type="hiddenx" name="val-id" value=""> <div class="modal-footer"> <!-- <h4 class="pull-left">$ <strong class="text-primary-dark">689</strong><small>.00</small></h4> --> <button type="submit" class="btn btn-effect-ripple btn-success"><i class="fa fa-check"></i> Complete Purchase</button> </div> </form> </div> </div> </div> <form method="get" action="index.php" id="search-validation"> <input class="not_autoset" type="hidden" name="page" value="<?php echo $page;?>"> <input class="not_autoset" type="hidden" name="searchme" value="y"> <div class="row"> <div class="form-group col-md-4"> <label for="example-nf-email">User</label> <select name="user" class="form-control select-select2 select2_custom"> <?php if($roles == 2 || $roles == 3){ $comb1 = " AND iduser = '{$idUser}'"; }else{ $comb1 = ""; echo "<option value=''>- ALL -</option>"; } $sql1 = " SELECT a.* FROM user_list a WHERE 1 {$comb1} ORDER BY nameUser ASC "; $data1 = mysqli_prepare_all($sql1,$param_type = "auto",$param_data = array()); while($row1 = $data1->fetch_assoc()) { ?> <option value="<?php echo $row1['idUser'];?>" <?php if($user == $row1['idUser']){ echo "selected='selected'"; } ?>><?php echo $row1['nameUser']; ?></option> <?php } ?> </select> </div> <?php if($roles !== 2 && $roles !== 3){ ?> <div class="form-group col-md-4"> <label for="example-nf-email">Role</label> <select name="role" class="form-control select-select2 select2_custom"> <option value="">- ALL -</option> <?php $sql1 = " SELECT a.* FROM user_roles a ORDER BY idRoles ASC "; $data1 = mysqli_prepare_all($sql1,$param_type = "auto",$param_data = array()); while($row1 = $data1->fetch_assoc()) { ?> <option value="<?php echo $row1['idRoles']; ?>" <?php if($role == $row1['idRoles']){ echo "selected='selected'"; } ?>><?php echo $row1['nama']; ?></option> <?php } ?> </select> </div> <?php }?> <div class="form-group col-md-4"> <label for="example-nf-email">Date</label> <div class="input-group"> <div class="input-group-addon">From</div> <input type="text" id="from" name="from" class="form-control input-datepicker" data-validation="default" data-date-format="dd-mm-yyyy" placeholder="dd-mm-yyyy" value="<?php echo $from;?>"> <div class="input-group-addon">To</div> <input type="text" id="to" name="to" class="form-control input-datepicker" data-validation="default" data-date-format="dd-mm-yyyy" placeholder="dd-mm-yyyy" value="<?php echo $to;?>"> </div> </div> <div class="form-group col-md-4"> <label for="example-nf-email">Description</label> <input class="form-control" type="text" name="descr" value="<?php echo $descr;?>"> </div> </div> <div class="row"> <div class="form-group form-actions col-md-12"> <div class="input-group input-group-sm"> <span class="input-group-btn"> <!-- <div class="btn-group input-group-sm"> --> <button type="submit" class="btn btn-sm btn-effect-ripple btn-default"><i class="fa fa-search"></i> Search</button> <a class="btn btn-sm btn-effect-ripple btn-warning" href="?page=<?php echo $page;?>" style="border-radius: 0px 3px 3px 0px"><i class="fa fa-refresh"></i></a> <!-- </div> --> </span> <!-- <span class="form-control input-sm" > asd </span> --> <!-- <span class="form-control text-primary" style="color: auto;border-color: transparent;"> --> <!-- asd --> <!-- </span> --> </div> <!-- <input type="text" class="form-control" name=""> --> <!-- <div class="form-control text-warning pull-right" style="padding: 1px;margin-left: 2px"> <span class="alert alert-sm alert-info " style="width: 100%; height: auto; display: inline-block;padding:4px;background-color: #dddddd;color: #252d2f"> Please Make a Search. </span> </div> --> <!-- </div> --> <!-- </div> --> <!-- <div class="col-md-6"> --> <!-- <div class="alert alert-sm alert-info"> --> <!-- asd --> <!-- </div> --> <!-- </div> --> <!-- </div> --> </div> </div> </form> <hr style="margin-top: 0px"> <?php // print_r($data->lengths); if(!$data->lengths){ ?> <div class="table-responsive"> <form method="post" data-modal-target="<?php echo $modal_name;?>"> <input name="type_submit" type="hidden" value="delete"> <table id="example-datatable" class="table table-striped table-bordered table-hover table-condensed"> <thead> <tr> <th style="width: 50px;" class="text-right">No.</th> <?php if($roles !== 2 && $roles !== 3) {?><th style="width: 200px;">Running SQL</th><?php }?> <th class="text-left">Description</th> <?php if($roles !== 2 && $roles !== 3) {?><th class="text-left" style="width: 150px;">User</th><?php }?> <th class="text-center" style="width: 150px;">Date & Time</th> </tr> </thead> <tbody> <?php $labels['0']['class'] = "label-success"; $labels['0']['text'] = "Active"; $labels['1']['class'] = "label-info"; $labels['1']['text'] = "On hold.."; $labels['2']['class'] = "label-danger"; $labels['2']['text'] = "Disabled"; $labels['3']['class'] = "label-warning"; $labels['3']['text'] = "Pending.."; ?> <?php $i = 1; while($row_data = $data->fetch_assoc()) { // editdata seperti send get value, split by | // cth : <namainput>#<value> | <namaselect>#<value> $editdata = "val-username#AppUser{$i}|" ."val-email#app.user{$i}@example.com|" ."val-suggestions#asd|" ."val-skill#asd|" ."val-digits#asd|" ."val-number#asd|" ."val-terms#true|" ."val-id#{$i}"; ?> <tr class=""> <td class="text-right"><?php echo $i++; ?></td> <?php if($roles !== 2 && $roles !== 3) {?> <td class=""> <div class="btn-xs fa fa-chevron-down text-warning animate pull-right expandme"></div> <span class="expandme overflowme"><?php echo nl2br($row_data['running_sql']); ?></span> </td> <?php } ?> <td class="text-left"><?php echo $row_data['descr']; ?></td> <?php if($roles !== 2 && $roles !== 3) {?> <td><?php echo $row_data['nameUser']; ?></td> <?php } ?> <td class="text-center"><?php echo $row_data['exec_time']; ?></td> </tr> <?php } ?> </tbody> </table> </form> </div> <?php }else{ ?> <div class="alert alert-sm alert-warning">Please Make A Search.</div> <?php } ?> <style type="text/css"> div.expandme{ cursor: pointer; } span.overflowme{ text-overflow: ellipsis; display: block; width: 100px; max-height: 40px; white-space: nowrap; overflow: hidden; } </style> <script src="js/pages/formsValidation.js"></script> <script type="text/javascript"> function myFunction() { if($(".alert-warning").is(":visible")){ alert("Please Make A Search..."); }else{ var $frm = $('<form action="reports/print_report.php" method="post" target="_blank"></form>').appendTo('body'); $($("#search-validation").html()).appendTo($frm); $('<input type="text" name="type" value="audit">').appendTo($frm); if($frm.html() !== ''){ $frm.find(".btn-default").trigger("click"); $frm.remove(); } } }; $(document).ready(function(){ // $("span.expandme").on("click",function(){ // $(this).parent("td").find("div.expandme").trigger("click"); // }) $.select2_custom(); $("div.expandme").on("click",function(){ var t_class = $(this).parent("td").find("span.expandme"); if(t_class.hasClass("overflowme")){ $(this).removeClass("fa-chevron-down").addClass("fa-chevron-up"); t_class.removeClass("overflowme"); } else{ $(this).removeClass("fa-chevron-up").addClass("fa-chevron-down"); t_class.addClass("overflowme"); } }) $("#example-datatable").setdatatable(); }); </script> </div> <!-- End Started Block -->
Simpan