? GR0V Shell

GR0V shell

Linux www.koreapackagetour.com 2.6.32-042stab145.3 #1 SMP Thu Jun 11 14:05:04 MSK 2020 x86_64

Path : /home/admin/public_html/modules/users/
File Upload :
Current File : /home/admin/public_html/modules/users/mod_user.php

<?
class user extends MySql
{
	function Access($module){
		global $user_login;
		$module=strtolower($module);
		if($user_login['Access']=='Administrator'){
			return true;
		}
		if($user_login['Login_Status']!='True'){
			return false;
		}
		$this->Query("SELECT * FROM modules WHERE module_name='".$module."'  AND usertype_access_id='".$user_login['Type']."'");
		$numRow=$this->numRows();
		if($numRow==0){
			return false;
		}
		return true;

	}

	function Initial()
	{
		global $user_login;
		$client_ip=getClientIp();
		$SessionID=md5($this->getSessionID());
		$current_time=time();
		if($user_login['Login_Status']!=true){$su="Guest";}else{$su=$user_login['Login'];}
		$time=time()-21600000;
		$this->setQuery("DELETE FROM session  WHERE session_time<$time");
		$this->freeQuery();
		$this->setQuery("SELECT * FROM session  WHERE session_ip='$client_ip' AND session_user='$su'");
		$this->QueryReturn();
		if($this->numRows()==0){
			$useronline=array(
				'ip'=>getClientIp(),
				'user'=>$su,
				'time'=>time(),
				'url'=>$_SERVER['QUERY_STRING']
			);
			$this->Insert('useronline',$useronline);
			$this->setQuery("INSERT INTO session  (session_id,session_time,session_ip,session_user) VALUES ('$SessionID','$current_time','$client_ip','$su')");
			//$user['s_uid']=$SessionID;
			if(!$this->QueryReturn()){
				Error($this->mysqlError());}
			}
		}//end function user

		function getSessionID(){
			mt_srand ((double) microtime() * 1000000);
			$pass_len = mt_rand (20,40);
			$allchar = "abcdefghijklnmopqrstuvwxyzABCDEFGHIJKLNMOPQRSTUVWXYZ0123456789";
			$str = "" ;
			for ( $i = 0; $i<$pass_len ; $i++ ){
				$str .= substr( $allchar, mt_rand (0,62), 1 ) ;
			}
			$timestamp= time();
			$str=$str.$timestamp;
			return($str);
		}

		function login($UserNameLogin,$UserPasswordLogin)
		{
			global $user_login;
			$md5Pass=md5($UserPasswordLogin);
			//$md5Pass=$UserPasswordLogin;
			$this->setQuery("SELECT * FROM users where user_login= '$UserNameLogin' AND user_password = '$md5Pass'");
			//print_r($this);
			$result=$this->QueryReturn();

			if($this->numRows()==""){
				echo "<SCRIPT>alert('ชื่อผู้ใช้งาน หรือ รหัสผ่านไม่ถูกต้อง'); window.history.back(); </SCRIPT>\n";
				exit();
			}else{
				$arr=mysql_fetch_array($result);

				$this->setQuery("SELECT * FROM user_profile where user_id= '{$arr['user_id']}'");
				$result2=$this->QueryReturn();
				$arr2=mysql_fetch_array($result2);

				/*if($arr['user_block']=='Yes'){
				$error="Access Denine";
				echo "<script>jAlert('Access Denine', 'Error');</script>";
				exit();
			}
			if($arr['user_type']!='1'){
			$error="Admin Only";
			echo "<script>jAlert('Admin Only', 'Error');</script>";
			exit();
		}*/

		//$_IpLogin=getClientIp();

		$_SESSION["user_login"]['ID']           =$arr['user_id'];
		$_SESSION["user_login"]['Login_Status'] ="True";
		$_SESSION["user_login"]['Login']        =$arr['user_login'];
		$_SESSION["user_login"]['Password']     =$arr['user_password'];
		$_SESSION["user_login"]['Type']         =$arr['user_type'];
		$_SESSION["user_login"]['Nickname']     =$arr2['nickname'];
		$_SESSION["user_login"]['Name']         =$arr['user_name'];
		//print_r($_SESSION["user_login"]);
		//$user_login['Group_Root']=$this->getRootParent($arr['user_type']);
		//$access=$this->getDataOneRow('usertype',$arr['user_type'],'usertype_id');
		//$user_login['Access']=$access['usertype_name'];
		$this->setQuery("UPDATE users SET user_last_visit_time='".time()."' WHERE user_login='".$arr['user_login']."'");
		$this->freeQuery();
		$this->setQuery("UPDATE users SET user_last_login_ip='".getClientIp()."' WHERE user_login='".$arr['user_login']."'");
		$this->freeQuery();
		//$this->setQuery("UPDATE session set session_user='$UserNameLogin' where session_ip='$_IpLogin'");
		//$this->freeQuery();
		echo"<meta http-equiv=\"refresh\" content=\"0;url=\"".$_SERVER[PHP_SELF]."\">";
		//header("Location:index1.php");
	}
}//end function login
function getRootParent($group){
	$parent=$this->getRow('usertype',"WHERE usertype_id='$group'");
	if($parent['usertype_parent']!=''){
		$root=$this->getRootParent($parent['usertype_parent']);
	}else{
		return $parent['usertype_id'];
	}
	return $root;
}
function logout()
{
	global $user_login;
	//$_IpLogin=getClientIp();
	//$this->setQuery("DELETE FROM session  where session_user='".$user_login['Login']."'");
	//$this->QueryReturn();
	$url=str_replace('?mod=logout', '', $_SERVER[PHP_SELF]);
	session_start();
	session_destroy();
	
	//echo"<meta http-equiv=\"refresh\" content=\"0;url=\"".ucfirst(pathinfo($_SERVER['PHP_SELF'], PATHINFO_FILENAME))."\">";
	if ($url=="/reviewer.php")
	echo"<meta http-equiv=\"refresh\" content=\"0;url=\"index.php\">";
	else
	header("Location:$url");
}//end function logout

function add_new_account(){
$data=Array(
	'user_login'=>$_POST['username'],
	'user_password'=>md5($_POST['password']),
	'user_name'=>$_POST['name'],
	'user_type'=>$_POST['cat_id'],
);
	$chk_user=$this->check_data($table='users',$field='user_login',$_POST['username']);
if($chk_user==1){
	echo "<SCRIPT>alert('username มีการใช้แล้วกรุณาลองชื่ออื่น'); window.history.back(); </SCRIPT>\n";
	exit();
}
if($_POST['password']!=$_POST['password2']){
	echo "<SCRIPT>alert('รหัสผ่านและรหัสผ่านยืนยันไม่ตรงกัน'); window.history.back(); </SCRIPT>\n";
	exit();
}
if($_POST['name']!=''&&$_POST['username']!=''&&$_POST['cat_id']!=''&&$_POST['password']==$_POST['password2']){
if($this->Insert('users',$data)){
	$new_name=$_POST['username'];
	$id=$this->getDataOneRow('users',$new_name,'user_login');
	$data2=Array(
		'user_id'=>$id['user_id'],
		//'photo'=>$photo,
		'name'=>$_POST['firstname'],
		'lastname'=>$_POST['lastname'],
		'nickname'=>$_POST['name'],
		'telephone'=>$_POST['tel'],
		'email1'=>$_POST['email'],
	);
	if($this->Insert('user_profile',$data2)){
		echo "<SCRIPT>alert('ลงทะเบียนเรียบร้อย');</SCRIPT>\n";
	echo"<meta http-equiv=\"refresh\" content=\"0;url=blog.php\">";
}
else{
	echo"<meta http-equiv=\"refresh\" content=\"0;url=register.php?msg=0\">";
}
}else{
	echo"<meta http-equiv=\"refresh\" content=\"0;url=admin.php?mod=user&msg=0\">";
}
}else{
	echo "<SCRIPT>alert('Require Fields Data'); window.history.back(); </SCRIPT>\n";
	exit();

}
}//end new Account
function edit_user(){
	//check_data_edit($table,$field,$data,$id_field,$id)
	$chk_user=$this->check_data_edit($table='users',$field='user_login',$_POST['username'],'user_id',$_POST['user_id']);
	$this->Query("SELECT name,lastname FROM user_profile  WHERE  user_id!='".$_POST['user_id']."' AND name='".$_POST['name']."' AND lastname='".$_POST['lastname']."'");
	$chk_name_lastname=$this->numRows();
	//	$chk_email=$this->check_data_edit($table='users',$field='user_email',$_POST['email'],'user_id',$_POST['user_id']);
	if($chk_user==1){
		echo "<SCRIPT>alert('Username is ready to use'); window.history.back(); </SCRIPT>\n";
		exit();
	}

	if($chk_name_lastname==1){
		echo "<SCRIPT>alert('ชื่อ-นามสกุล ".$_POST['name']."  ".$_POST['lastname']." นี้มีในระบบแล้ว'); window.history.back(); </SCRIPT>\n";
		exit();
	}
	/*
	if($chk_email==1){
	echo "<SCRIPT>alert('Email is ready to use'); window.history.back(); </SCRIPT>\n";
	exit();
}
*/
if($_POST['password']!=''){

	if($_POST['password']!=$_POST['repassword']){
		echo "<SCRIPT>alert('รหัสผ่านไม่ตรงกัน'); window.history.back(); </SCRIPT>\n";
		exit();
	}else{
		$pass=md5($_POST['password']);
		$this->Query("update users set user_password='$pass' where user_id='".$_POST['user_id']."'");
	}
}//end check _POST['password']!=''
if($_POST['username']!=''){
	$data=Array(
		'user_login'=>$_POST['username'],
		'user_name'=>$_POST['name'],
		'user_email'=>$_POST['email1'],
		'user_type'=>$_POST['usertype'],
		'user_block'=>$_POST['block']
	);
	if($this->Update('users',$data,"where user_id='".$_POST['user_id']."'")){
		$chk=$this->check_data($table='user_profile',$field='user_id',$_POST['user_id']);

		$picname=uploadfiles('photo',$_POST['username'],$file_dir='../user_photo',$limit_size,$numfiles=1);
		if($picname[0]==''){
			$picname[0]=$_POST['edit_photo'];
		}else{
			$img_src="../user_photo/".$picname[0];
			make_thumb($img_src,'../user_photo/thumbs/'.$picname[0],150);
		}
		$data3=Array('photo'=>$picname[0]);
		$this->Update('user_profile',$data3,"where user_id='".$_POST['user_id']."'");
		if($chk!=0){
			$data2=Array(
				'name'=>$_POST['name'],
				'lastname'=>$_POST['lastname'],
				'nickname'=>$_POST['nickname'],
				'day'=>$_POST['day'],
				'month'=>$_POST['month'],
				'year'=>$_POST['year'],
				'gender'=>$_POST['gender'],
				'address'=>$_POST['address'],
				'road'=>$_POST['road'],
				'sub_district'=>$_POST['sub_district'],
				'district'=>$_POST['district'],
				'province'=>$_POST['province'],
				'zipcode'=>$_POST['zipcode'],
				'telephone'=>$_POST['telephone'],
				'mobile'=>$_POST['mobile'],
				'email1'=>$_POST['email1'],
				'email2'=>$_POST['email2'],
				'job'=>$_POST['job'],
			);
			$this->Update('user_profile',$data2,"where user_id='".$_POST['user_id']."'");
		}else{
			$data2=Array(
				'photo'=>$picname[0],
				'name'=>$_POST['name'],
				'lastname'=>$_POST['lastname'],
				'nickname'=>$_POST['nickname'],
				'day'=>$_POST['day'],
				'month'=>$_POST['month'],
				'year'=>$_POST['year'],
				'gender'=>$_POST['gender'],
				'address'=>$_POST['address'],
				'road'=>$_POST['road'],
				'sub_district'=>$_POST['sub_district'],
				'district'=>$_POST['district'],
				'province'=>$_POST['province'],
				'zipcode'=>$_POST['zipcode'],
				'telephone'=>$_POST['telephone'],
				'mobile'=>$_POST['mobile'],
				'email1'=>$_POST['email1'],
				'email2'=>$_POST['email2'],
				'job'=>$_POST['job'],
				'user_id'=>$_POST['user_id'],
			);
			$this->Insert('user_profile',$data2);
		}
		echo $picname[0];
		echo"<meta http-equiv=\"refresh\" content=\"0;url=reviewer.php?mod=user&msg=2\">";
	}else{
		echo $picname[0];
		echo"<meta http-equiv=\"refresh\" content=\"0;url=reviewer.php?mod=user&msg=6\">";
	}
}else{
	echo "<SCRIPT>alert('Require Fields Data'); window.history.back(); </SCRIPT>\n";
	exit();
}
}//end edit user
function del_user(){
	global $user_login;
	$user_id=$_GET['id'];
	$chk_admin=$this->getDataOneRow('users',$user_id,'user_id');
	/*if($chk_admin['user_type']==1){
	echo "<SCRIPT>alert('Cannot Delete Administator'); window.history.back(); </SCRIPT>\n";
	exit();
}*/
if($user_login['Type']==1){
	$rs=$this->Query("delete from users where user_id='$user_id'");
	if($rs){
		$this->Query("DELETE FROM user_profile WHERE user_id='$user_id'");
		echo"<meta http-equiv=\"refresh\" content=\"0;url=reviewer.php?mod=user&msg=3\">";
	}else{
		echo"<meta http-equiv=\"refresh\" content=\"0;url=reviewer.php?mod=user&msg=5\">";
	}
}else{
	echo"<meta http-equiv=\"refresh\" content=\"0;url=reviewer.php?mod=user&msg=4\">";
}

}
}//end class user


?>

T1KUS90T
  root-grov@210.1.60.28:~$