OXIESEC PANEL
- Current Dir:
/
/
var
/
www
/
reader
/
knoblyExpressLandingPage
/
vendor
Server IP: 139.59.38.164
Upload:
Create Dir:
Name
Size
Modified
Perms
📁
..
-
08/21/2024 10:01:16 AM
rwxr-xr-x
📄
_get.section.collection.php
58.55 KB
08/21/2024 10:01:16 AM
rw-r--r--
📄
_get.section.create.php
21.82 KB
08/21/2024 10:01:16 AM
rw-r--r--
📄
_get.section.general.php
8.06 KB
08/21/2024 10:01:16 AM
rw-r--r--
📄
autoload.php
771 bytes
08/21/2024 10:01:14 AM
rw-r--r--
📁
aws
-
08/21/2024 10:01:20 AM
rwxr-xr-x
📁
bin
-
08/21/2024 10:01:17 AM
rwxr-xr-x
📄
bounceViewList.php
5.86 KB
08/21/2024 10:01:14 AM
rw-r--r--
📄
chk.logged.in.php
1.16 KB
08/21/2024 10:01:14 AM
rw-r--r--
📄
chk.login.php
1.31 KB
08/21/2024 10:01:14 AM
rw-r--r--
📁
composer
-
08/21/2024 10:01:18 AM
rwxr-xr-x
📄
d_get.section.collection.php
57.93 KB
08/21/2024 10:01:14 AM
rw-r--r--
📄
d_get.section.create.php
21.87 KB
08/21/2024 10:01:15 AM
rw-r--r--
📄
get.section.account.php
8.47 KB
08/21/2024 10:01:15 AM
rw-r--r--
📄
get.section.analytics.php
11.46 KB
08/21/2024 10:01:15 AM
rw-r--r--
📄
get.section.collection.php
58.52 KB
08/21/2024 10:01:15 AM
rw-r--r--
📄
get.section.community.php
5.89 KB
08/21/2024 10:01:15 AM
rw-r--r--
📄
get.section.create.php
22.41 KB
08/21/2024 10:01:15 AM
rw-r--r--
📄
get.section.curated.php
5.07 KB
08/21/2024 10:01:15 AM
rw-r--r--
📄
get.section.dashboard.php
3.31 KB
08/21/2024 10:01:15 AM
rw-r--r--
📄
get.section.feed.php
6.87 KB
08/21/2024 10:01:15 AM
rw-r--r--
📄
get.section.general.php
9.31 KB
08/21/2024 10:01:15 AM
rw-r--r--
📄
get.section.newsletter.php
9.25 KB
08/21/2024 10:01:16 AM
rw-r--r--
📄
get.section.request.article.php
5.82 KB
08/21/2024 10:01:16 AM
rw-r--r--
📄
get.section.settings.php
21.15 KB
08/21/2024 10:01:16 AM
rw-r--r--
📄
get.section.team.php
6.73 KB
08/21/2024 10:01:16 AM
rw-r--r--
📄
get.section.utils.php
4.1 KB
08/21/2024 10:01:16 AM
rw-r--r--
📁
guzzlehttp
-
08/21/2024 10:01:22 AM
rwxr-xr-x
📄
logout.php
428 bytes
08/21/2024 10:01:16 AM
rw-r--r--
📁
mtdowling
-
08/21/2024 10:01:23 AM
rwxr-xr-x
📁
phpmailer
-
08/21/2024 10:01:23 AM
rwxr-xr-x
📁
psr
-
08/21/2024 10:01:25 AM
rwxr-xr-x
📁
ralouphie
-
08/21/2024 10:01:25 AM
rwxr-xr-x
📄
sendgrid.php
3.62 KB
08/21/2024 10:01:16 AM
rw-r--r--
📁
symfony
-
08/21/2024 10:01:26 AM
rwxr-xr-x
📄
upload.php
2.4 KB
08/21/2024 10:01:16 AM
rw-r--r--
📄
verify.php
3.12 KB
08/21/2024 10:01:16 AM
rw-r--r--
📄
verify_email.php
7.13 KB
08/21/2024 10:01:16 AM
rw-r--r--
📁
wildbit
-
08/21/2024 10:01:26 AM
rwxr-xr-x
📄
z.get.section.feed.php
6.88 KB
08/21/2024 10:01:16 AM
rw-r--r--
Editing: _get.section.general.php
Close
<? // Cream: My Account session_start(); require_once '../inc/config.php'; $act = ''; if (!empty($_POST)) $act = isset($_POST["act"]) ? $_POST["act"] : ''; // Check if already exists on account creation if ($act == 'chkExist') { $signEmail = isset($_POST['signEmail']) ? $_POST['signEmail'] : ''; $sql = "SELECT id FROM user WHERE email='$signEmail'"; $result = mysqli_query($db, $sql); $numRows = mysqli_num_rows($result); if ($numRows == 0) { echo 'OK'; } } // Check if User exists if ($act == 'chkExistUser') { $chkEmail = isset($_POST['chkEmail']) ? $_POST['chkEmail'] : ''; $sql = "SELECT id FROM user WHERE email='$chkEmail'"; $result = mysqli_query($db, $sql); $numRows = mysqli_num_rows($result); if ($numRows > 0) { $row = mysqli_fetch_assoc($result); echo $row['id']; } } // Reset Password if ($act == 'resetPassword') { $editId = isset($_POST['editId']) ? $_POST['editId'] : ''; $resetEmail = isset($_POST['email']) ? $_POST['email'] : ''; $sql = "SELECT full_name FROM user WHERE email='$resetEmail'"; $result = mysqli_query($db, $sql); $numRows = mysqli_num_rows($result); if ($numRows > 0) { $resetURL = "https://www.knoblycream.com/reset.html?token=" . simpleEncDec($resetEmail); $row = mysqli_fetch_assoc($result); $userName = $row['full_name']; $tmpHTML = ""; $tmpHTML .= "<html>"; $tmpHTML .= "<body>"; $tmpHTML .= "<div style=\"font-family:Arial;font-size:12px;\">\r\n"; $tmpHTML .= "Dear $userName,<br><br>\r\n"; $tmpHTML .= "You recently requested to reset your password. Please click on the following link to reset your password:<br>\r\n"; $tmpHTML .= "<a href=\"$resetURL\">$resetURL</a><br><br>\r\n"; $tmpHTML .= "Please note that the above link will be active only for 30 minutes.<br><br>\r\n"; $tmpHTML .= "Warm Regards,<br>\r\n"; $tmpHTML .= "Knobly Cream<br>\r\n"; $tmpHTML .= "</body>"; $tmpHTML .= "</html>"; sendEmail($userName, $resetEmail, '', 'Knobly Cream', $tmpHTML); } echo 'OK'; } // Reset Password Confirm if ($act == 'resetPasswordConfirm') { $loginToken = isset($_POST['loginToken']) ? $_POST['loginToken'] : ''; $loginPwd = isset($_POST['loginPwd']) ? $_POST['loginPwd'] : ''; if ($loginToken <> '' && $loginPwd <> '') { $loginToken = simpleEncDec($loginToken, 'd'); $sql = "SELECT id,full_name FROM user WHERE email='$loginToken'"; $result = mysqli_query($db, $sql); $numRows = mysqli_num_rows($result); if ($numRows > 0) { $row = mysqli_fetch_assoc($result); $userId = $row['id']; $userName = $row['full_name']; $sql = "UPDATE user SET password='$loginPwd' WHERE id=$userId"; $result = mysqli_query($db, $sql); echo "Dear $userName: Your Password has been reset!<br>"; } else { echo 'Password could not be reset!'; } } } // Create Account if ($act == 'createAccount') { $signFullName = isset($_POST['signFullName']) ? $_POST['signFullName'] : ''; $signEmail = isset($_POST['signEmail']) ? $_POST['signEmail'] : ''; $signPwd = isset($_POST['signPwd1']) ? $_POST['signPwd1'] : ''; $signCompany = isset($_POST['signCompany']) ? $_POST['signCompany'] : ''; $signWebsite = isset($_POST['signWebsite']) ? $_POST['signWebsite'] : ''; $signBusinessType = isset($_POST['signBusinessType']) ? $_POST['signBusinessType'] : ''; $captcha = isset($_POST['h-captcha-response']) ? $_POST['h-captcha-response'] : ''; if ($captcha == '') die(); $data = array( 'secret' => "0x18cD9b63A86e1d4DC9Ae33a36344bFa4f68F3344", 'response' => $captcha ); $verify = curl_init(); curl_setopt($verify, CURLOPT_URL, "https://hcaptcha.com/siteverify"); curl_setopt($verify, CURLOPT_POST, true); curl_setopt($verify, CURLOPT_POSTFIELDS, http_build_query($data)); curl_setopt($verify, CURLOPT_RETURNTRANSFER, true); $response = curl_exec($verify); $responseData = json_decode($response); if ($responseData->success) { if ($signFullName != '' && $signEmail != '' && $signPwd != '' && $signBusinessType != '') { $sql = "INSERT INTO user(full_name,company,email,password,website,category_id,num_visits,date_created) VALUES('$signFullName','$signCompany','$signEmail','$signPwd','$signWebsite','$signBusinessType',1,Now())"; mysqli_query($db, $sql); $ip = getenv('HTTP_CLIENT_IP')?:getenv('HTTP_X_FORWARDED_FOR')?:getenv('HTTP_X_FORWARDED')?:getenv('HTTP_FORWARDED_FOR')?:getenv('HTTP_FORWARDED')?:getenv('REMOTE_ADDR'); $userId = mysqli_insert_id($db); $sql = "INSERT INTO user_login(user_id,ip,date_login) VALUES($userId,'$ip',Now())"; mysqli_query($db, $sql); $_SESSION['userId'] = $userId; $_SESSION['userName'] = $signFullName; $_SESSION['userEmail'] = $signEmail; $activateURL = "http://www.knoblycream.com/activate.php?token=" . simpleEncDec($signEmail); $tmpHTML = ""; $tmpHTML .= "<html>"; $tmpHTML .= "<body>"; $tmpHTML .= "<div style=\"font-family:Arial;font-size:12px;\">\r\n"; $tmpHTML .= "Dear $signFullName,<br><br>\r\n"; $tmpHTML .= "You recently created an account on Knobly Cream. Please click on the following link to activate your account:<br>\r\n"; $tmpHTML .= "<a href=\"$activateURL\">$activateURL</a><br><br>\r\n"; $tmpHTML .= "Warm Regards,<br>\r\n"; $tmpHTML .= "Knobly Cream<br>\r\n"; $tmpHTML .= "</body>"; $tmpHTML .= "</html>"; sendEmail($signFullName, $signEmail, '', 'Knobly Cream: Activate your Account!', $tmpHTML); echo 'OK'; } } } // Get Business Type if ($act == 'getBusinessType') { $returnArr = []; $sql = "SELECT id,category FROM category ORDER BY category"; $result = mysqli_query($db, $sql); $numRows = mysqli_num_rows($result); if ($numRows > 0) { for ($i=0;$i<$numRows;$i++) { $row = mysqli_fetch_array($result); array_push($returnArr, array($row['id'], $row['category'])); } } echo json_encode($returnArr); } // Show Forgot Password if ($act == 'showForgotPassword') { ?> <div class="popup" style="width:420px"> <div class="widget"> <div class="card"> <div class="card-header bg-dark"><h5 class="mb-0 text-light">Forgot Password</h5></div> </div> <div id="widget_B" style="padding:15px 25px"> <div class="form-group"> <label for="forgotLogin">Enter your Login</label> <input type="text" class="form-control" id="forgotLogin" name="forgotLogin" maxlength="100" /> <small class="form-text text-muted">Please enter the email with which you signed up</small> </div> </div> <div id="widget_F" style="border-top:1px solid #ebedf2;padding:20px 10px;"> <div class="col"> <button type="submit" class="btn btn-primary" onclick="return chkResetPassword()">Reset Password</button> <div id="panelStatus" class="float-right text-sm" style="margin-top:5px" align="right"></div> </div> </div> </div> </div> <? } // Create Lead if ($act == 'createLead') { $leadName = isset($_POST['leadName']) ? $_POST['leadName'] : ''; $leadCompany = isset($_POST['leadCompany']) ? $_POST['leadCompany'] : ''; $leadEmail = isset($_POST['leadEmail']) ? $_POST['leadEmail'] : ''; $leadMobile = isset($_POST['leadMobile']) ? $_POST['leadMobile'] : ''; $leadCollectionId = isset($_POST['leadCollectionId']) ? $_POST['leadCollectionId'] : ''; if ($leadCollectionId != '' && $leadName != '') { $ip = getenv('HTTP_CLIENT_IP')?:getenv('HTTP_X_FORWARDED_FOR')?:getenv('HTTP_X_FORWARDED')?:getenv('HTTP_FORWARDED_FOR')?:getenv('HTTP_FORWARDED')?:getenv('REMOTE_ADDR'); $sql = "INSERT INTO user_collection_lead(article_id,ip,full_name,company,email,mobile,date_created) VALUES($leadCollectionId,'$ip','$leadName','$leadCompany','$leadEmail','$leadMobile',Now())"; mysqli_query($db, $sql); echo 'OK'; } } // Show Go Pro if ($act == 'showGoPro') { ?> <div class="popup" style="width:420px"> <div class="widget"> <div class="card"> <div class="card-header bg-dark"><h5 class="mb-0 text-light">Go Pro Today</h5></div> </div> <div style="padding:15px 25px"> Send in your details by <a href="https://www.knoblycream.com/more.php?id=2655">clicking here</a>. We will get in touch with you and help you with Pro set ups and payment options. </div> </div> </div> <? }