ÿØÿàJFIFÿÛ„ ( %"1"%)+...383,7(-.- 404 Not Found
Sh3ll
OdayForums


Server : Apache/2.4.6 (CentOS) OpenSSL/1.0.2k-fips PHP/7.4.20
System : Linux st2.domain.com 3.10.0-1127.10.1.el7.x86_64 #1 SMP Wed Jun 3 14:28:03 UTC 2020 x86_64
User : apache ( 48)
PHP Version : 7.4.20
Disable Function : NONE
Directory :  /var/www/html/oladi/code/ajax/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Current File : /var/www/html/oladi/code/ajax/auth_code.php
<?php
global $DB,$ip;
$txt_auth_code = $CORE->input['txt_auth_code'] ?? '';
$guest_id = $CORE->input['guest_id'] ?? 0;
$row_check = $DB->fetch_row($DB->query("SELECT * FROM tb_authcode WHERE guest_id='$guest_id'"));
if($row_check['authcode_code']==$txt_auth_code){
    $password = $row_check['guest_password'];
    $password_hash = password_hash($password, PASSWORD_DEFAULT, ['cost' => 12]);
    $email = $row_check['guest_email'];
    $row_guest = $DB->fetch_row($DB->query("SELECT * FROM tb_guest WHERE guest_id='$guest_id'"));
    $arr_insert_user = array(
        'user_key' => $email, 'user_password_default' => '', 'user_password_hash' => $password_hash, 'user_image' => $row_guest['guest_avatar'], 'user_type' => 'guest', 'user_last_login' => date('Y-m-d H:i:s'), 'user_ip' => $ip, 'user_rule' => '', 'user_status' => 'active', 'user_jointime' => time(), 'user_comment_status' => 'active'
    );
    $user_id = $DB->do_insert('tb_user', $arr_insert_user);
    $arr_update_guest = array(
        'user_id' => $user_id,'guest_email'=>$email
    );
    $DB->do_update('tb_guest', $arr_update_guest, " WHERE guest_id='" . $guest_id . "' ");
    //login info
    $row_check_user = $DB->fetch_row($DB->query("SELECT * FROM tb_user WHERE user_id='$user_id' "));

    $token = array_merge($row_guest, $row_check_user);
    unset($token['user_password_default'], $token['user_password_hash']);

    if ($row_guest['guest_avatar'] != '' and $row_guest['guest_avatar'] != 'NULL') {
        $token['user_image'] = $row_guest['guest_avatar'];
    } else {
        $token['user_image'] = 'layout/adminlte320rc/dist/img/letter/' . strtolower(substr($row_guest['guest_email'], 0, 1)) . '.png';
    }
    $token['user_name'] = $row_guest['guest_email'];
    $token['fullname'] = $row_guest['guest_fullname'];
    $token['user_last_login'] = date('d/m/Y h:i A');
    $token['user_type'] = $row_check_user['user_type'];
    $token['from_ip'] = $ip;

    $_SESSION['local_token'] = JWT::encode($token,'NHG#789-2017');
    setcookie('cookie_local_token_new', $_SESSION['local_token'], time()+31536000, "/");

    $DB->query("UPDATE tb_user SET user_last_login=NOW(),user_ip='$ip' WHERE user_id='$user_id' ");
    $DB->query("DELETE FROM tb_follow WHERE follow_ip='$ip' AND user_id='0' ");
    $DB->query("DELETE FROM tb_authcode WHERE guest_id='$guest_id' ");
    $url_ref = $_SESSION['url_ref'];
    $arr['url_ref'] = $url_ref;
    $arr['status'] = 'success';
    unset($_SESSION['url_ref']);
}else{
    $arr['url_ref'] = '';
    $arr['status'] = 'fail';
}
echo json_encode($arr);
exit();
?>

ZeroDay Forums Mini