One Hat Cyber Team
Your IP :
172.16.0.254
Server IP :
58.26.163.33
Server :
Windows NT DGPENSV2LPKMN 10.0 build 14393 (Windows Server 2016) AMD64
Server Software :
Apache/2.4.46 (Win64) OpenSSL/1.1.1h PHP/7.3.25
PHP Version :
7.3.25
Buat File
|
Buat Folder
Eksekusi
Dir :
C:
/
xampp7
/
htdocs
/
edgpens
/
utility
/
View File Name :
agent.php
<?php if(empty($page)){ include("../access.php"); } ?> <?php $modal_name = str_replace("/", "-", $page); $param_data = array(); $comb1 = ""; $name = (isset($_GET['val-name'])) ? $_GET['val-name'] : '' ; $idrole = (isset($_GET['val-roles'])) ? $_GET['val-roles'] : '' ; $aktif = (isset($_GET['val-aktif'])) ? $_GET['val-aktif'] : '' ; $user = get_user_full($_SESSION['session']); $idUser = (int)$user['idUser']; // rename("upload/syarikat_temp/96354ZYEAK.jpg", "upload/syarikat/96354ZYEAK.jpg"); // function ismscURL2($link){ // $http = curl_init($link); // curl_setopt($http, CURLOPT_RETURNTRANSFER, TRUE); // $http_result = curl_exec($http); // $http_status = curl_getinfo($http, CURLINFO_HTTP_CODE); // curl_close($http); // return $http_result; // } // // if(isset($_POST["submit"])){ // $destination = urlencode('0179809121'); // $message = 123; // $message = html_entity_decode($message, ENT_QUOTES, 'utf-8'); // $message = urlencode($message); // $username = urlencode("fifwaysms"); // $password = urlencode("F1fw4y123"); // $sender_id = urlencode("66300"); // $type = (int)$_POST['type']; // $fp = "https://www.isms.com.my/isms_send.php"; // $fp .= "?un=$username&pwd=$password&dstno=$destination&msg=$message&type=$type&sendid=$sender_id&type=1&agreedterm=YES"; // //echo $fp; // $result = ismscURL2($fp); // echo $result; // // } ?> <!-- Blank Header --> <div class="content-header"> <div class="row"> <div class="col-sm-6"> <div class="header-section"> <h1><i class="gi gi-group"></i> AGENT REGISTRATION APPROVAL</h1> </div> </div> <div class="col-sm-6 hidden-xs"> <div class="header-section"> <!-- <ul class="breadcrumb breadcrumb-top"> --> <!-- <li>Extra Pages</li> --> <!-- <li><a href="">Blank</a></li> --> <!-- </ul> --> </div> </div> </div> </div> <!-- END Blank Header --> <!-- Get Started Block --> <div class="block full"> <!-- Get Started Title --> <div class="block-title"> <div class="block-options pull-right"> <div class="btn btn-effect-ripple btn-warning search-me" data-toggle="tooltip" data-original-title="Search"><i class="fa fa fa-search"></i></div> <a class="btn btn-sm btn-effect-ripple btn-default" data-toggle="tooltip" data-original-title="Refresh" href="index.php?page=<?php echo $page;?>"><i class="fa fa-refresh"></i></a> <!-- <div class="btn btn-effect-ripple btn-default reset-me" data-toggle="tooltip" data-original-title="Reset"><i class="fa fa-refresh"></i></div> --> </div> <h2>Agents List</h2> </div> <!-- [QUERY_STRING] --> <?php $success = 0; if($_POST): $do = $_POST['type_submit']; //print_r($_POST); //exit(); $idUserApply = $_POST['val-id']; $nama = mysqli_real_escape_string($mysqli_link,strtoupper($_POST['val-name'])); $status = $_POST['val-syarikat-status']; $idSyarikat = $_POST['val-syarikat-id']; $oldid = $_POST['val-syarikat-oldid']; if($do=="add"){ // $qAdd="INSERT INTO user_list (nameUser, emailUser, idSyarikat, mobileNo, idRoles, idPelabuhan, flagUser, flagApprove, dateCreated, dateVerified, dateModified) VALUES ('$nama', '$user', '$syarikat', '$phoneNo', '$roles', '$pelabuhan', '$flagAktif', 'Y', NOW(), NOW(), NOW())"; // mysqli_query($mysqli_link,$qAdd) or die(mysqli_connect_error()); $sql = " INSERT INTO user_list ( nameUser, passwordUser, emailUser, idSyarikat, mobileNo, idRoles, flagDGApproval, idPelabuhan, flagUser, flagApprove, dateCreated, dateVerified, dateModified, datePassword ) VALUES ( ?, ?, ?, ?, ?, ?, ?, ?, ?, 'Y', NOW(), NOW(), NOW(), NOW() )"; $param_type = "sssssssss"; $param_data = array( "nameUser" => $nama, "passwordUser" => md5('abcd1234'), "emailUser" => $user, "idSyarikat" => $syarikat, "mobileNo" => $phoneNo, "idRoles" => $roles, "flagDGApproval" => $dg, "idPelabuhan" => $pelabuhan, "flagUser" => $flagAktif ); $data = mysqli_prepare_audit($sql,$param_type,$param_data,"AGENTS APPROVAL (APPROVED)"); $success = 1; $msg = "RECORD ADDED!"; } else if($do=="edit"){ $sql = "SELECT * FROM user_list WHERE emailUser IN (SELECT emailUser FROM user_register WHERE idUser=?)"; $param_data = array( "idUser" => $idUserApply ); $data = mysqli_prepare_all($sql,$param_type = "auto",$param_data); $fetch_data = $data->fetch_assoc(); if(empty($fetch_data)){ if($_POST['flagApprove']=='Y'){ $sql = " INSERT INTO user_list ( idSyarikat, emailUser, passwordUser, nameUser, mobileNo, idRoles, flagUser, date_start ) SELECT ?, emailUser, passwordUser, nameUser, mobileNo, idRoles, 1, NOW() FROM user_register WHERE 1 AND idUser=?"; $param_type = "auto"; $param_data = array( "idSyarikat" => $oldid, "idUser" => $idUserApply ); $data = mysqli_prepare_audit($sql,$param_type,$param_data,"AGENTS APPROVAL (APPROVED)"); $idUserNew = $data[0]; if($_POST['val-syarikat-status']=='N'){ $sql = " INSERT INTO kod_syarikat ( company_no, company_cert, nama, alamat, noTel, noFax, idJenisSyarikat, flagAktif, flagApprove, idUserApply, tarikhApply, idUserApprove, tarikhApprove ) SELECT company_no, company_cert, nama, alamat, noTel, noFax, idJenisSyarikat, 'Y', 'Y', ?, NOW(), ?, NOW() FROM kod_syarikattemp WHERE 1 AND idSyarikat=?"; $param_type = "auto"; $param_data = array( "idUserApply" => $idUserNew, "idUserApprove" => $idUser, "idSyarikat" => $idSyarikat ); $data = mysqli_prepare_audit($sql,$param_type,$param_data,"AGENTS APPROVAL (NEW COMPANY)"); $idSyarikat = $data[0]; $sql = "UPDATE user_list SET idSyarikat=? WHERE idUser=?"; $param_data = array( $idSyarikat, $idUserNew ); $types = str_repeat('s', count($param_data)); $stmt = $mysqli->stmt_init(); $stmt->prepare($sql); $stmt->bind_param($types, ...$param_data); $stmt->execute() or die(mysqli_error($mysqli)); $stmt->close(); }else{ $sql = " UPDATE kod_syarikat a LEFT JOIN (SELECT * FROM kod_syarikattemp WHERE idSyarikat=?) b ON b.oldid=a.idSyarikat SET a.company_no = IF(a.company_no='',b.company_no,a.company_no), a.company_cert = b.company_cert, a.nama = b.nama, a.alamat = b.alamat, a.noTel = b.noTel, a.noFax = b.noFax, a.idUserApply = ?, a.tarikhApply = b.tarikhApply, a.idUserApprove = ?, a.tarikhApprove = NOW() WHERE a.idSyarikat = ? "; $param_type = "auto"; $param_data = array( "idSyarikat1" => $idSyarikat, "idUserApply" => $idUserNew, "idUserApprove" => $idUser, "idSyarikat2" => $oldid ); $data = mysqli_prepare_audit($sql,$param_type,$param_data,"AGENTS APPROVAL (UPDATE COMPANY)"); $sql = "SELECT company_cert FROM kod_syarikattemp WHERE idSyarikat=?"; $param_data = array( "idSyarikat" => $idSyarikat ); $data = mysqli_prepare_all($sql,$param_type = "auto",$param_data); $fetch_data = $data->fetch_assoc(); // echo "upload/syarikat_temp/".$fetch_data['company_cert']; rename("upload/syarikat_temp/".$fetch_data['company_cert'], "upload/syarikat/".$fetch_data['company_cert']); } $s_temp = "S01"; $u_stat = "2"; }else{ $s_temp = "S04"; $u_stat = "1"; } $sql = "UPDATE user_register SET flagApprove=?,status='{$u_stat}' WHERE idUser=?"; $param_data = array( $_POST['flagApprove'], $idUserApply ); $types = str_repeat('s', count($param_data)); $stmt = $mysqli->stmt_init(); $stmt->prepare($sql); $stmt->bind_param($types, ...$param_data); $stmt->execute() or die(mysqli_error($mysqli)); $stmt->close(); $sql = "DELETE FROM utiliti_session WHERE idUser=? AND usertype=2"; $param_data = array( $idUserApply ); $types = str_repeat('s', count($param_data)); $stmt = $mysqli->stmt_init(); $stmt->prepare($sql); $stmt->bind_param($types, ...$param_data); $stmt->execute() or die(mysqli_error($mysqli)); $stmt->close(); $sql = "SELECT * FROM user_register WHERE idUser=?"; $param_data = array( "idUser" => $idUserApply ); $data = mysqli_prepare_all($sql,$param_type = "auto",$param_data); $fetch_data = $data->fetch_assoc(); $destination = $fetch_data['mobileNo']; $sql = "SELECT * FROM kod_template WHERE kod='{$s_temp}'"; $param_data = array(); $data = mysqli_prepare_all($sql,$param_type = "auto",$param_data); $fetch_data = $data->fetch_assoc(); $message = $fetch_data['text']; $message = html_entity_decode($message, ENT_QUOTES, 'utf-8'); $message = urlencode($message); $fp = "http://www.isms.com.my/isms_send.php?un=&pwd=&dstno=$destination&msg=$message"; ismscURL($fp); $success = 1; $msg = "RECORD UPDATED!"; }else{ $sql = "UPDATE user_register SET flagApprove=? WHERE idUser=?"; $param_data = array( 'T', $idUserApply ); $types = str_repeat('s', count($param_data)); $stmt = $mysqli->stmt_init(); $stmt->prepare($sql); $stmt->bind_param($types, ...$param_data); $stmt->execute() or die(mysqli_error($mysqli)); $stmt->close(); $success = 1; $msg = "USER EXIST!"; } } else if($do=="edit_pass"){ foreach($_POST['myid'] as $value){ $sql = " UPDATE user_list SET passwordUser = ?, dateModified = NOW() WHERE idUser = ? "; $param_type = "ss"; $param_data = array( "passwordUser" => md5('abcd1234'), "idUser" => $value ); $data = mysqli_prepare_audit($sql,$param_type,$param_data); $success = 1; $msg = "RECORD UPDATED!"; } } else if($do=="delete"){ foreach($_POST['myid'] as $value){ $sql = "DELETE FROM user_list WHERE idUser=?"; $param_type = "s"; $param_data = array( "idUser" => $value ); $data = mysqli_prepare_audit($sql,$param_type,$param_data); } $success = 3; } if($success == 1){ $_SESSION['success'] = 1; $_SESSION['success_msg'] = $msg; }else if($success == 2){ $_SESSION['success'] = 2; $_SESSION['success_msg'] = "OPS! SOMETHING WRONG"; }else if($success == 3){ $_SESSION['success'] = 3; $_SESSION['success_msg'] = "RECORD DELETED!"; } endif; if($success){ echo "<script>window.location.replace('index.php?page=utility/agent&success={$success}');</script>"; exit(); } ?> <div id="modal-search" class="modal fade" tabindex="-1" role="dialog" aria-hidden="true"> <div class="modal-dialog modal-md"> <div class="modal-content"> <form class="push form-horizontal" id="search-validation" action="index.php?page=utility/agent" method="get"> <!-- if delete. check post name delete --> <input type="hidden" name="page" value="<?php echo $page;?>"> <div class="modal-header"> <button type="button" class="close" data-dismiss="modal" aria-hidden="true"><span aria-hidden="true">×</span></button> <h4 class="modal-title"><i class="fa fa fa-search"></i> <strong>SEARCH</strong></h4> </div> <div class="modal-body"><!-- modal-body --> <div class="form-group"> <label class="col-md-3 control-label" for="val-name">Name</label> <div class="col-md-7"> <input type="text" id="val-name" name="val-name" class="form-control validation" data-validation="default" placeholder="Name" value="<?php echo $name;?>"> </div> </div> </div><!-- [end] modal-body --> <div class="modal-footer"> <!-- <h4 class="pull-left">$ <strong class="text-primary-dark">689</strong><small>.00</small></h4> --> <button type="submit" class="btn btn-effect-ripple btn-primary">Submit</button> <button type="reset" class="btn btn-effect-ripple btn-default btn-reset"><span class="btn-ripple animate" style="height: 61px; width: 61px; top: -15.3px; left: 11.8667px;"></span>Reset</button> <button type="button" class="btn btn-effect-ripple btn-danger" data-dismiss="modal">Close</button> </div> </form> </div> </div> </div> <div id="modal-form" class="modal fade <?php echo $modal_name;?>" tabindex="-1" role="dialog" aria-hidden="true"> <div class="modal-dialog modal-lg" style="width: 1024px"> <div class="modal-content"> <form class="push form-horizontal" id="form-validation" action="index.php?page=utility/agent" method="post"> <!-- if delete. check post name delete --> <div class="modal-header"> <button type="button" class="close" data-dismiss="modal" aria-hidden="true"><span aria-hidden="true">×</span></button> <h4 class="modal-title"><strong>REGISTRATION APPROVAL</strong></h4> </div> <div class="modal-body"><!-- modal-body --> <ul class="nav nav-pills nav-justified nav-pills-custom" data-toggle="tabs"> <!-- <ul class="nav nav-tabs" data-toggle="tabs"> --> <li class="active tab-click"><a href="#profile">Registration Form</a></li> <li class="tab-click" data-approve='Y'><a href="#apr" class="btn btn-default"><b>Approval</b></a></li> </ul> <div class="tab-content"> <div class="tab-pane active" id="profile"></div> <div class="tab-pane" id="apr"> <hr> <div class="form-group"> <label class="col-md-3 control-label" for="flagApprove">Approve This? <span class="text-danger">*</span></label> <div class="col-md-6"> <select class="form-control validation" data-validation="default" name="flagApprove" id="flagApprove"> <option value="">- Please Select -</option> <option value="T">No</option> <option value="Y">Yes</option> </select> </div> </div> </div> </div> <hr> <center> <button type="submit" class="btn btn-effect-ripple btn-primary">Submit</button> <button type="button" class="btn btn-effect-ripple btn-danger" data-dismiss="modal">Close</button> </center> </div><!-- [end] modal-body --> <input type="hidden" name="type_submit" value="add"> <input type="hidden" name="val-id" value=""> <input type="hidden" name="val-syarikat-id" value=""> <input type="hidden" name="val-syarikat-oldid" value=""> <input type="hidden" name="val-syarikat-status" value=""> <!-- <div class="modal-footer"> --> <!-- <h4 class="pull-left">$ <strong class="text-primary-dark">689</strong><small>.00</small></h4> --> <!-- </div> --> </form> </div> </div> </div> <div class="table-responsive"> <form method="post" data-modal-target="<?php echo $modal_name;?>"> <input name="type_submit" type="hidden" value="delete"> <table id="example-datatable" class="table table-striped table-bordered table-condensed table-vcenter table-hover"> <thead> <tr> <th class="text-center" style="width: 40px;">No.</th> <th>NAME</th> <th>EMAIL</th> <th>COMPANY</th> <th class="text-center" style="width: 100px;">DATE APPLY</th> <th class="text-center no_sorting" style="width: 80px;"><i class="fa fa-flash"></i></th> </tr> </thead> <tbody> <?php $labels['1']['class'] = "label-success"; $labels['1']['text'] = "Active"; $labels['2']['class'] = "label-warning"; $labels['2']['text'] = "Blocked"; $labels['3']['class'] = "label-danger"; $labels['3']['text'] = "Inactive"; ?> <?php if(!empty($name)){ $comb1 .= " AND a.nameUser LIKE ? "; $param_data['nameUser'] = "%{$name}%"; } $sql = "SELECT a.*, b.nama as nama_syarikat, b.status AS status_syarikat, b.oldid, DATE_FORMAT(b.tarikhApply, '%d-%m-%Y') AS tarikhApply FROM user_register a LEFT JOIN kod_syarikattemp b ON b.idSyarikat=a.idSyarikat WHERE a.flagUser=2 AND a.flagApprove='N' {$comb1}"; $data = mysqli_prepare_all($sql,$param_type = "auto",$param_data); while($rowKod = $data->fetch_assoc()){ $editdata = "val-syarikat#$rowKod[idSyarikat]|" ."val-syarikat-status#$rowKod[status_syarikat]|" ."val-syarikat-id#$rowKod[idSyarikat]|" ."val-syarikat-oldid#$rowKod[oldid]"; $cnt=$cnt+1; ?> <tr> <!-- <td class="text-center" style="display: none"></td> --> <td class="text-center"><label class="csscheckbox csscheckbox-primary" style="display: none"><input type="checkbox" name="myid[]" value="<?php echo $rowKod['idUser'];?>"><span></span></label><?=$cnt?></td> <td><?=strtoupper($rowKod['nameUser']);?></td> <td><?=$rowKod['emailUser']?></td> <td class="text-left"><?=strtoupper($rowKod['nama_syarikat']);?></td> <td class="text-center"><?=$rowKod['tarikhApply']?></td> <td class="text-center"> <a href="javascript:void(0)" title="Edit Record" class="btn btn-effect-ripple btn-xs btn-success edit-me" data-modal-target="<?php echo $modal_name;?>" data-editdata="<?php echo $editdata;?>" data-myid="<?php echo $rowKod['idUser'];?>"><i class="fa fa-pencil"></i></a> </td> </tr> <?php }mysqli_free_result($resKod); ?> </tbody> </table> </form> </div> <script src="js/pages/formsValidation.js"></script> <script type="text/javascript"> $(document).ready(function(){ $("#example-datatable").setdatatable('{ "autoWidth": false }'); $("#example-datatable tbody").on("click", ".edit-me", function(){ // console.log(1); var modal_name = "."+$(this).data("modal-target"); var editdata = $(this).data("editdata"); var myid = $(this).data("myid"); var type = $(this).data("type"); var getthis = 0; var targetdata = editdata.split("|"); var got_name = 0; $.each(targetdata,function(i,v){ var target = v.split("#"); // console.log("span."+target[0]); $(modal_name).find("span."+target[0]).text(target[1]); if(target[0] === 'name2') got_name++; if(target[0] === 'name3') got_name++; }); if(got_name > 0) $(modal_name).find(".alert").show(); else $(modal_name).find(".alert").hide(); $.ajax({url: "utility/agent_detail.php?ii="+myid, success: function(result){ $(modal_name).find(".tab-pane[id=profile]").html(result); }}).done(function(){ $(document).trigger("resize"); }); $(modal_name).modal({keyboard:true}); $(modal_name).find("input").not(":button, :submit, :reset").val("").prop("checked",false); $(modal_name).find("select").prop("selected",false); $(modal_name).find('.help-block').remove(); $(modal_name).find('.form-group').removeClass('has-success has-error'); $("#form-validation").setvalidation(editdata); $("#form-validation > [name='type_submit']").val("edit"); $("#form-validation > [name='val-id']").val(myid); $("#form-validation > [name='val-type']").val(type); // } // console.log($._data($("#form-validation").get(0), "events")); }); $(".tab-click").on("click",function(){ $(document).trigger("resize"); }) $(document).on("submit","#form-validation",function(e){ var tab_approve = $(".tab-click.active").data("approve"); // alert(tab_approve); if(!tab_approve){ $(".tab-click :eq(1)").trigger("click"); e.preventDefault(); } }); }); </script> </div>