One Hat Cyber Team
Your IP :
216.73.216.240
Server IP :
162.240.106.28
Server :
Linux server.ganesand.com 3.10.0-1160.80.1.el7.x86_64 #1 SMP Tue Nov 8 15:48:59 UTC 2022 x86_64
Server Software :
Apache
PHP Version :
7.1.33
Buat File
|
Buat Folder
Eksekusi
Dir :
~
/
home
/
thoa
/
www
/
admin
/
View File Name :
mg_agent.php
<? error_reporting(0); session_start(); include 'config.php'; $_POST['username']=$_SESSION['username']; $_POST['password']=$_SESSION['password']; $sql=mysql_query("select * from admin where USERNAME='".$_POST['username']."' and PASSWORD='".$_POST['password']."'"); if(mysql_num_rows($sql)==1) { /* $con = mysql_connect('localhost', 'root', ''); mysql_select_db("ecomm", $con); */ $AID = $_GET['AID']; $view = mysql_query("select * from agentdetails where AID = '".$AID."'"); // for editing $data = mysql_fetch_array($view); if($_GET['SAI']){ $STS = $_GET['AG_STS']; if($STS == 0){ $upd_sts = mysql_query("UPDATE agentdetails SET AG_STS ='0' WHERE AID ='".$_GET['SAI']."'"); //for changing status } else{ $upd_sts = mysql_query("UPDATE agentdetails SET AG_STS ='1' WHERE AID ='".$_GET['SAI']."'"); } } if($_GET['SAI1']){ $STS = $_GET['AG_OFFICE']; if($STS == 0){ $upd_sts = mysql_query("UPDATE agentdetails SET AG_OFFICE ='0' WHERE AID ='".$_GET['SAI1']."'"); //for changing status } else{ $upd_sts = mysql_query("UPDATE agentdetails SET AG_OFFICE ='1' WHERE AID ='".$_GET['SAI1']."'"); } } if($_GET['del_id']){ ?> <?php $del = mysql_query("delete from agentdetails where AID='".$_GET['del_id']."'"); //for deleting status if($del){?> <script> alert("Agent detail deleted sucessfully"); window.location= "mg_agent.php"; </script> <?php } if(!$del){?> <script> alert("Agent detail Not deleted sucessfully"); window.location= "mg_agent.php"; </script> <?php } } if($_POST['submit']){ $uname = mysql_real_escape_string($_POST['uname']); $pass = mysql_real_escape_string($_POST['pass']); $cname = mysql_real_escape_string($_POST['cname']); $dob = mysql_real_escape_string($_POST['dob']); $passport = mysql_real_escape_string($_POST['passport']); $copname = mysql_real_escape_string($_POST['copname']); $cusid = mysql_real_escape_string($_POST['cusid']); $mobile = mysql_real_escape_string($_POST['mobile']); $phone = mysql_real_escape_string($_POST['phone']); $email = mysql_real_escape_string($_POST['email']); $address = mysql_real_escape_string($_POST['address']); $pcode = mysql_real_escape_string($_POST['pcode']); $country = mysql_real_escape_string($_POST['country']); $state = mysql_real_escape_string($_POST['state']); $city = mysql_real_escape_string($_POST['city']); $cimage = ($_FILES['cimage']['name']); $tmp_img = $_FILES['cimage']['tmp_name']; move_uploaded_file($tmp_img, "../images/agents/".$cimage); if($_GET['AID']==""){ $ins = mysql_query("insert into agentdetails (AG_NAME,AG_PASS,NAME,DOB,PASSPORT,COMP_NAME,ADDR,PIN,MOBILE,PHONE,EMAIL,A_CODE,A_IMAGE,CID,SID,CTYID) values('$uname','$pass','$cname','$dob','$passport','$copname','$address','$pcode','$mobile','$phone','$email','$cusid','$cimage','$country','$state','$city')"); $display = "Assalamu alaikum. We thanking you for creating New Agent account on Sha Haj Service.\nUserID: ".$uname.".\nPassword: " .$pass. ".\nVisit Our Website: https://www.shahajservice.com. Keep safe in your control UserID & Password. For more details contact: SHA HAJ SERVICE through 24X6: 94451 50009."; $i=1; if($i=='1') { $username = 'SHAHAJ'; $key = '9fc19b3ab1XX'; $mobile = $mobile; $sender = 'SHAHAJ'; $accusage = '1'; $smstext = $display; $message = urlencode($smstext); $data1 = 'user='.$username.'&key='.$key."&mobile=".$mobile."&message=".$message."&senderid=".$sender."&accusage=".$accusage ; $ch = curl_init('http://mobicomm.dove-sms.com/submitsms.jsp?'.$data1); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $response = curl_exec($ch); curl_close($ch); $i++; } ?><script>alert("Inserted sucessfully"); </script><? } if($_GET['AID']!=""){ { if($_FILES['cimage']['name']!="") { $upd = mysql_query("update agentdetails set AG_NAME='$uname', AG_PASS='$pass', NAME='$cname',DOB='$dob',PASSPORT='$passport',COMP_NAME='$copname',ADDR='$address',PIN='$pcode',MOBILE='$mobile',PHONE='$phone',EMAIL='$email',A_CODE='$cusid',A_IMAGE='$cimage',CID='$country',SID='$state',CTYID='$city' WHERE AID ='".$AID."'"); } else { $upd = mysql_query("update agentdetails set AG_NAME='$uname', AG_PASS='$pass', NAME='$cname',DOB='$dob',PASSPORT='$passport',COMP_NAME='$copname',ADDR='$address',PIN='$pcode',MOBILE='$mobile',PHONE='$phone',EMAIL='$email',A_CODE='$cusid',CID='$country',SID='$state',CTYID='$city' WHERE AID ='".$AID."'"); } } if($upd){?> <? $display = "Assalamu alaikum. We thanking you for updating Agent account on Sha Haj Service.\nUserID: ".$uname.".\nPassword: " .$pass. ".\nVisit Our Website: https://www.shahajservice.com. Keep safe in your control UserID & Password. For more details contact: SHA HAJ SERVICE through 24X6: 94451 50009."; $i=1; if($i=='1') { $username = 'SHAHAJ'; $key = '9fc19b3ab1XX'; $mobile = $mobile; $sender = 'SHAHAJ'; $accusage = '1'; $smstext = $display; $message = urlencode($smstext); $data1 = 'user='.$username.'&key='.$key."&mobile=".$mobile."&message=".$message."&senderid=".$sender."&accusage=".$accusage ; $ch = curl_init('http://mobicomm.dove-sms.com/submitsms.jsp?'.$data1); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $response = curl_exec($ch); curl_close($ch); $i++; } ?> <script>alert("updated sucessfully"); window.location ="mg_agent.php" </script> <?php } if(!$upd){?> <script>alert("Not updated sucessfully"); window.location ="mg_agent.php" </script> <?php } } } ?> <script> function del(id){ var del = confirm("Are you sure Want to delete"); if(del){ window.location.href = "mg_agent.php?del_id="+id+"&del=1"; } else{ window.location.href = "mg_agent.php"; } } </script> <!DOCTYPE html> <html> <head> <meta charset="utf-8"> <meta name="viewport" content="width=device-width, initial-scale=1"> <title>Admin Panel</title> <link href="css/bootstrap.min.css" rel="stylesheet"> <link href="css/datepicker3.css" rel="stylesheet"> <link href="css/styles.css" rel="stylesheet"> <link href="css/bootstrap-table.css" rel="stylesheet"> <!--[if lt IE 9]> <script src="js/html5shiv.js"></script> <script src="js/respond.min.js"></script> <![endif]--> </head> <script type="text/javascript" src="js/tinymce/tinymce.min.js"></script> <script type="text/javascript"> tinymce.init({ selector: "textarea", themes: "modern", plugins: [ "advlist autolink lists link image charmap print preview anchor", "searchreplace visualblocks code fullscreen", "insertdatetime media table contextmenu paste" ], toolbar: "insertfile undo redo | styleselect | bold italic | alignleft aligncenter alignright alignjustify | bullist numlist outdent indent | link image" }); </script> <script> function getstate(cid){ $.ajax({ type: "GET", url: "../get_state.php?cid="+cid, success: function(result){ $("#state").html(result); } }); } function getcity(sid){ alert $.ajax({ type: "GET", url: "../get_city.php?sid="+sid, success: function(result){ $("#city").html(result); } }); } </script> <body> <nav class="navbar navbar-inverse navbar-fixed-top" role="navigation"> <div class="container-fluid"> <div class="navbar-header"> <button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target="#sidebar-collapse"> <a href="#"> <span class="sr-only">Toggle navigation</span> <span class="icon-bar"></span> <span class="icon-bar"></span> <span class="icon-bar"></span> </a> </button> <a class="navbar-brand" href="#">Admin</a> <ul class="user-menu"> <li class="dropdown pull-right"> <a href="#" class="dropdown-toggle" data-toggle="dropdown"><span class="glyphicon glyphicon-user"></span> User <span class="caret"></span></a> <ul class="dropdown-menu" role="menu"> <li><a href="#"><span class="glyphicon glyphicon-user"></span> Profile</a></li> <li><a href="#"><span class="glyphicon glyphicon-cog"></span> Settings</a></li> <li><a href="logou.php"><span class="glyphicon glyphicon-log-out"></span> Logout</a></li> </ul> </li> </ul> </div> </div><!-- /.container-fluid --> </nav> <div id="sidebar-collapse" class="col-sm-3 col-lg-2 sidebar"> <form role="search"> <div class="form-group"> <input type="text" class="form-control" placeholder="Search"> </div> </form> <? include('header.php');?> </div><!--/.sidebar--> <div class="col-sm-9 col-sm-offset-3 col-lg-10 col-lg-offset-2 main"> <div class="row"> <ol class="breadcrumb"> <li><a href="dash.php"><span class="glyphicon glyphicon-home"></span></a></li> <li class="active">Manage Agent Login Details</li> </ol> </div><!--/.row--> <div class="row"> <div class="col-lg-12"> <h2 class="page-header">Add Agent Details</h2> </div> </div><!--/.row--> <section class="content"> <div class="row"> <!-- left column --> <div class="col-xs-12"> <!-- general form elements --> <div class="box box-primary"> <!-- form start --> <div class="container"> <form role="form" method="post" action="" enctype="multipart/form-data"> <div class="box-body"> <div class="form-group col-sm-11"> <label for="exampleInputEmail1">User Name</label> <input type="text" class="form-control" name="uname" placeholder="Enter Username" value="<?php echo $data['AG_NAME']; ?>"> </div> <!-- /.box-body --> <div class="form-group col-sm-11"> <label for="exampleInputEmail1">Password</label> <input type="text" class="form-control" name="pass" placeholder="Enter Password" value="<?php echo $data['AG_PASS']; ?>"> </div> <div class="form-group col-sm-11"> <label for="exampleInputEmail1">Customer Name</label> <input type="text" class="form-control" name="cname" value="<?php echo $data['NAME']; ?>"> </div> <div class="form-group col-sm-11"> <label for="exampleInputEmail1">Date Of Birth</label> <input type="date" class="form-control" name="dob" value="<?php echo $data['DOB']; ?>"> </div> <div class="form-group col-sm-11"> <label for="exampleInputEmail1">Passport No.</label> <input type="text" class="form-control" name="passport" value="<?php echo $data['PASSPORT']; ?>"> </div> <div class="form-group col-sm-11"> <label for="exampleInputEmail1">Company Name</label> <input type="text" class="form-control" name="copname" value="<?php echo $data['COMP_NAME']; ?>"> </div> <div class="form-group col-sm-11"> <label for="exampleInputEmail1">Customer ID</label> <input type="text" class="form-control" name="cusid" value="<?php echo $data['A_CODE']; ?>"> </div> <div class="form-group col-sm-11"> <label for="exampleInputFile">Customer Image</label> <input type="file" name="cimage" id="exampleInputFile"> <?php if($AID){?> <img src = "../images/agents/<?php echo $data['A_IMAGE'];?>" height="100" width="100"></img> <?php }?> </div> <div class="form-group col-sm-11"> <label for="exampleInputEmail1">Mobile Number</label> <input type="text" class="form-control" name="mobile" value="<?php echo $data['MOBILE']; ?>"> </div> <div class="form-group col-sm-11"> <label for="exampleInputEmail1">Phone Number</label> <input type="text" class="form-control" name="phone" value="<?php echo $data['PHONE']; ?>"> </div> <div class="form-group col-sm-11"> <label for="exampleInputEmail1">Email-ID</label> <input type="email" class="form-control" name="email" value="<?php echo $data['EMAIL']; ?>"> </div> <div class="form-group col-sm-11"> <label for="exampleInputEmail1">Address</label> <textarea name="address" class="form-control" id="pageBody" rows="8"><?php echo $data['ADDR']; ?></textarea> </div> <div class="col-lg-11 col-md-12 col-sm-12 col-xs-12"> <div class="form-group"> <label for="sel1">Select Country:</label> <? if($AID) {?> <select id="sel1" name="country" class="form-control" onchange="getstate(this.value);"> <?php $queryc=mysql_query("select * from agentdetails where AID = '".$AID."'"); while($rowc=mysql_fetch_array($queryc)) {?> <?php $fetch = mysql_query("select * from country where CID ='".$rowc['CID']."'");?> <?php while($dr = mysql_fetch_array($fetch)){?> <option value="<?php echo $dr['CID'];?>"><?php echo $dr['CNAME'];?></option> <?php $fet = mysql_query("select * from country");?> <?php while($drop = mysql_fetch_array($fet)){?> <option value="<?php echo $drop['CID'];?>"><?php echo $drop['CNAME'];?></option> <?php }?> <?php }?> </select> <?}}else{?> <?php $fet = mysql_query("select * from country");?> <select class="form-control" id="sel1" name="country" onchange="getstate(this.value);"> <option>Select</option> <?php while($drop = mysql_fetch_array($fet)){?> <option value="<?php echo $drop['CID'];?>"><?php echo $drop['CNAME'];?></option> <?php }?> </select> <?}?> </div> </div> <? if($AID) {?> <div class="col-lg-11 col-md-12 col-sm-12 col-xs-12"> <div class="form-group"> <label for="sel1">Selected State:</label> <select id="state" name="state" class="form-control" onchange="getcity(this.value);" > <?php $queryc=mysql_query("select * from agentdetails where AID = '".$AID."'"); while($rowc=mysql_fetch_array($queryc)) {?> <?php $fetch = mysql_query("select * from state where SID ='".$rowc['SID']."'");?> <?php while($dr = mysql_fetch_array($fetch)){?> <option value="<?php echo $dr['SID'];?>"><?php echo $dr['SNAME'];?></option> <?php }?> </select> <?}?></div></div><?}else{?> <div id="state" > </div> <?}?> <? if($AID) {?> <div class="col-lg-11 col-md-12 col-sm-12 col-xs-12"> <div class="form-group"> <label for="sel1">Selected City:</label> <select id="city" name="city" class="form-control" > <?php $queryc=mysql_query("select * from agentdetails where AID = '".$AID."'"); while($rowc=mysql_fetch_array($queryc)) {?> <?php $fetch = mysql_query("select * from city where CTYID ='".$rowc['CTYID']."'");?> <?php while($dr = mysql_fetch_array($fetch)){?> <option value="<?php echo $dr['CTYID'];?>"><?php echo $dr['CTNAME'];?></option> <?php }?> </select> <?}?></div></div><?}else{?> <div id="city"> </div> <?}?> <div class="form-group col-sm-11"> <label for="exampleInputEmail1">Pincode</label> <input type="text" class="form-control" name="pcode" value="<?php echo $data['PIN']; ?>"> </div> <div class="box-footer col-sm-11"> <button type="submit" name="submit" value="submit" class="btn btn-primary">Submit & Resend SMS</button> <button type="reset" class="btn btn-primary">Reset</button> </div> </div> </form> </div> </div> </div> </div> </section> <hr> <div class="row" style="position: absolute;width:100%"> <div class="col-lg-12"> <div class="panel panel-default"> <div class="panel-heading">Agent Login Table</div> <div class="panel-body"> <table data-toggle="table" data-show-refresh="true" data-show-toggle="true" data-show-columns="true" data-search="true" data-select-item-name="toolbar1" data-pagination="true" data-sort-name="name" data-sort-order="desc"> <thead> <tr> <th data-field="state" data-checkbox="true" >Item ID</th> <th data-field="id" data-sortable="true">Item ID</th> <th data-field="nname" data-sortable="true">Customer Name</th> <th data-field="cname" data-sortable="true">Company Name</th> <th data-field="status" data-sortable="true">Status</th> <th data-field="action" data-sortable="true">Account Activate</th> <th data-field="office" data-sortable="true">Office Activate</th> </tr> </thead> <tbody> <?php $table = mysql_query("select * from agentdetails"); $AID=1; while($row=mysql_fetch_array($table)) { ?> <tr> <td></td> <td><?php echo $AID;?></td> <td><?php echo $row['NAME'];?> <? if($row['AG_LOG']==1) {?> <y style="color:green;"> Online</y> <?} else {?> <y style="color:red;"> Offline </y> <?}?></td> <td><?php echo $row['COMP_NAME'];?></td> <td><a href= "mg_agent.php?AID=<?php echo $row['AID'];?>">Edit</a>/<a href="#" onclick="del(<?php echo $row['AID'];?>)">Delete</a></td> <td><?php if($row['AG_STS']==1) {?> <a href = "mg_agent.php?AG_STS=0&SAI=<?php echo $row['AID'];?>">Active</a> <?php } else {?> <a href = "mg_agent.php?AG_STS=1&SAI=<?php echo $row['AID'];?>">InActive </a> <?php } ?></td> <td><?php if($row['AG_OFFICE']==1) {?> <a href = "mg_agent.php?AG_OFFICE=0&SAI1=<?php echo $row['AID'];?>">Active</a> <?php } else {?> <a href = "mg_agent.php?AG_OFFICE=1&SAI1=<?php echo $row['AID'];?>">InActive </a> <?php } ?></td> </tr> <?php $AID++; }?> </tbody> </table> </div> </div> </div> </div> </div> <!--/.main--> <script src="js/jquery-1.11.1.min.js"></script> <script src="js/bootstrap.min.js"></script> <script src="js/chart.min.js"></script> <script src="js/chart-data.js"></script> <script src="js/easypiechart.js"></script> <script src="js/easypiechart-data.js"></script> <script src="js/bootstrap-datepicker.js"></script> <script src="js/bootstrap-table.js"></script> <script> $(document).ready(function() { $('ul.subcat').hide(); $('li').click(function(event) { event.stopPropagation(); $('> ul', this).toggle(); }); }); </script> </body> </html> <? } else { $queryu=mysql_query("select * from admin where ID='1'"); $rowu=mysql_fetch_array($queryu); if($rowu) { $rowu['A_LOG']; $log = $rowu['A_LOG'] - 1; $upd_sts = mysql_query("UPDATE admin SET A_LOG ='$log' where ID='1'"); } header("Location: home.php"); } ?>