OXIESEC PANEL
- Current Dir:
/
/
var
/
www
/
cream
/
groupchat
/
backup
/
backup
Server IP: 139.59.38.164
Upload:
Create Dir:
Name
Size
Modified
Perms
📁
..
-
05/19/2025 10:07:13 AM
rwxrwxr-x
📄
bfunction.php
11.61 KB
05/19/2025 10:07:13 AM
rw-rw-r--
📄
bgroup.php
14.44 KB
05/19/2025 10:07:13 AM
rw-rw-r--
📄
bindex.php
26.59 KB
05/19/2025 10:07:13 AM
rw-rw-r--
📄
create_group.php
1.03 KB
05/19/2025 10:07:13 AM
rw-rw-r--
📄
dashboard.php
8.53 KB
05/19/2025 10:07:13 AM
rw-rw-r--
📄
db_connect.php
614 bytes
05/19/2025 10:07:13 AM
rw-rw-r--
📄
delete_chat.php
369 bytes
05/19/2025 10:07:13 AM
rw-rw-r--
📄
delete_group.php
362 bytes
05/19/2025 10:07:13 AM
rw-rw-r--
📁
dump
-
05/19/2025 10:07:13 AM
rwxrwxr-x
📄
exit_group.php
404 bytes
05/19/2025 10:07:13 AM
rw-rw-r--
📄
function.php
12.33 KB
05/19/2025 10:07:13 AM
rw-rw-r--
📄
group.php
19.26 KB
05/19/2025 10:07:13 AM
rw-rw-r--
📄
index.php
27.94 KB
05/19/2025 10:07:13 AM
rw-rw-r--
📄
memberSearch.php
1.32 KB
05/19/2025 10:07:13 AM
rw-rw-r--
📄
register.php
5.08 KB
05/19/2025 10:07:13 AM
rw-rw-r--
📄
sendreview.php
626 bytes
05/19/2025 10:07:13 AM
rw-rw-r--
📄
signin.php
5.52 KB
05/19/2025 10:07:13 AM
rw-rw-r--
📄
signout.php
295 bytes
05/19/2025 10:07:13 AM
rw-rw-r--
📄
test.php
2 KB
05/19/2025 10:07:13 AM
rw-rw-r--
📄
test1.html
1.4 KB
11/28/2024 01:24:17 PM
rw-rw-r--
📄
test1.php
125 bytes
05/19/2025 10:07:13 AM
rw-rw-r--
📄
update_member.php
729 bytes
05/19/2025 10:07:13 AM
rw-rw-r--
📄
validate.logged.php
580 bytes
05/19/2025 10:07:13 AM
rw-rw-r--
Editing: function.php
Close
<?php include 'db_connect.php'; function display_messages($conn, $group_id) { $message_id = ''; $message = ''; $posted_on = ''; $user_name = ''; try { // SQL query with placeholders $sql = "SELECT m.message_id, m.message, m.posted_on, u.full_name FROM messages m JOIN user u ON m.user_id = u.id WHERE m.group_id = ? AND m.delete_status='N';"; // $sql = "SELECT m.message, m.posted_on, mb.user_name FROM messages m JOIN members mb WHERE m.group_id = ? ;"; $stmt = $conn->prepare($sql); $stmt->bind_param('i', $group_id); // 'i' indicates the type of the parameter (integer) // Execute query $stmt->execute(); // Bind result variables $stmt->bind_result($message_id, $message, $posted_on, $user_name); $chat = []; while ($stmt->fetch()) { $chat[] = [ 'message_id' => $message_id, 'message' => $message, 'time' => $posted_on, 'user_name' => htmlspecialchars_decode($user_name) ]; } // Close statement $stmt->close(); return $chat; } catch (mysqli_sql_exception $e) { echo "Error: " . $e->getMessage(); } } function display_groups($conn, $user_id) { $groups =[]; $group_id = ''; $group_name = ''; try { // Prepare SQL query // $sql = "SELECT g.group_id, g.group_name FROM groups g INNER JOIN members mb ON g.group_id = mb.group_id WHERE mb.user_id = ?"; $sql = "SELECT g.group_id, g.group_name FROM groups g INNER JOIN group_members gm ON g.group_id = gm.group_id WHERE gm.user_id = ? AND g.status = 'active' AND gm.exit_status = 'No'"; $stmt = $conn->prepare($sql); $stmt->bind_param('i', $user_id); // Execute query $stmt->execute(); // Bind result variables $stmt->bind_result($group_id, $group_name); // Fetch results into an associative array while ($stmt->fetch()) { $groups[] = [ 'group_id' => $group_id, 'group_name' => $group_name ]; } // Close statement $stmt->close(); return $groups; } catch (mysqli_sql_exception $e) { echo "Error: " . $e->getMessage(); } } function display_group_name($conn, $group_id) { $group_name = ''; try { // Prepare SQL query $sql = "SELECT group_name FROM groups WHERE group_id = ?"; $stmt = $conn->prepare($sql); if (!$stmt) { throw new Exception("Prepare failed: (" . $conn->errno . ") " . $conn->error); } // Bind parameters $stmt->bind_param('i', $group_id); // Execute query $stmt->execute(); // Bind result variables $stmt->bind_result($group_name); // Fetch value $stmt->fetch(); // Close statement $stmt->close(); // Return the group name return $group_name; } catch (Exception $e) { // Handle errors echo "Error: " . $e->getMessage(); return null; // or handle error as needed } } function create_group($conn, $group_name, $group_description, $owner_id, $group_membersId, $group_image) { $created_at = date('Y-m-d H:i:s'); try { // Prepare SQL statement with placeholders $sql = "INSERT INTO groups (group_name, group_description, created_at, owner_id, group_image) VALUES (?, ?, ?, ?, ?)"; $stmt = $conn->prepare($sql); // Bind parameters to statement $stmt->bind_param("sssis", $group_name, $group_description, $created_at, $owner_id, $group_image); // Execute statement $stmt->execute(); // Get the last inserted ID (group_id in this case) $group_id = strval($stmt->insert_id); // Close statement $stmt->close(); if (!in_array($owner_id, $group_membersId)) { $group_membersId[] = $owner_id; // Add owner_id to group_membersId } foreach ($group_membersId as $user_id) { add_members_to_the_group($conn, $user_id, $group_id); } } catch (mysqli_sql_exception $e) { echo "Error: " . $e->getMessage(); } } function delete_group($conn, $group_id) { $deleted_at = date('Y-m-d H:i:s'); try { $sql = "UPDATE groups SET deleted_on = ?, status = 'inactive' WHERE group_id = ?"; $stmt = $conn->prepare($sql); $stmt->bind_param('si', $deleted_at, $group_id); $stmt->execute(); $stmt->close(); // Optionally, you can return a success message if needed echo "Group deleted successfully. Group id=" . $group_id; } catch (mysqli_sql_exception $e) { // Handle database errors echo "Error: " . $e->getMessage(); } } function add_members_to_the_group($conn, $user_id, $group_id) { try { $joined_on = date('Y-m-d H:i:s'); // Prepare SQL statement with placeholders $sql = "INSERT INTO group_members (user_id, group_id, joined_on) VALUES (?, ?, ?)"; $stmt = $conn->prepare($sql); // Bind parameters to statement $stmt->bind_param("sss", $user_id, $group_id, $joined_on); // Execute statement $stmt->execute(); } catch (mysqli_sql_exception $e) { echo "Error: " . $e->getMessage(); } } function find_user($conn, $user_id) { $user_name = ''; try { // Prepare SQL query $sql = "SELECT full_name FROM user WHERE id = ?"; $stmt = $conn->prepare($sql); // Bind parameters $stmt->bind_param("i", $user_id); // Assuming user_id is an integer (change "i" if it's a different type) // Execute query $stmt->execute(); // Bind result variables $stmt->bind_result($user_name); // Fetch the user_name $stmt->fetch(); // Close statement $stmt->close(); // Return the user_name return $user_name; } catch (mysqli_sql_exception $e) { // Handle any exceptions or errors echo "Error: " . $e->getMessage(); // You may choose to log the error or handle it in another way return ''; // Return empty string or handle as appropriate in your application } } function convertStringToArray($input) { // Trim any leading/trailing whitespace $input = trim($input); // Check if the input contains a comma if (strpos($input, ',') !== false) { // If it contains a comma, split the string into an array $array = explode(',', $input); // Trim whitespace from each element in the array $array = array_map('trim', $array); } else { // If there is no comma, treat the input as a single number $array = [$input]; } return $array; } function members_to_add($conn, $group_id) { $all_members = display_all_members($conn); $present_members = display_group_members($conn, $group_id); $present_ids = array_column($present_members, 'user_id'); $all_members = array_filter($all_members, function ($member) use ($present_ids) { return !in_array($member['user_id'], $present_ids); }); return $all_members; } function display_all_members($conn) { $user_id = ''; $user_name = ''; $email = ''; try { $sql = "SELECT id, full_name, email FROM user"; $stmt = $conn->prepare($sql); // Execute query $stmt->execute(); // Bind result variables $stmt->bind_result($user_id, $user_name, $email); // Fetch results into an associative array while ($stmt->fetch()) { $data[] = [ 'user_id' => $user_id, 'user_name' => $user_name, 'user_email' => $email ]; } // Close statement $stmt->close(); // print_r($data); return $data; } catch (mysqli_sql_exception $e) { echo "Error: " . $e->getMessage(); } } function display_group_members($conn, $group_id) { $user_id = ''; $user_name = ''; $email = ''; $data = []; try { // $sql = "SELECT id, full_name, email FROM user WHERE group"; $sql = "SELECT u.id, u.full_name, u.email FROM user u INNER JOIN group_members gm ON u.id = gm.user_id WHERE gm.group_id = ? "; $stmt = $conn->prepare($sql); $stmt->bind_param("i", $group_id); // Assuming user_id is an integer (change "i" if it's a different type) // Execute query $stmt->execute(); // Bind result variables $stmt->bind_result($user_id, $user_name, $email); // Fetch results into an associative array while ($stmt->fetch()) { $data[] = [ 'user_id' => $user_id, 'user_name' => $user_name, 'user_email' => $email ]; } // Close statement $stmt->close(); // print_r($data); return $data; } catch (mysqli_sql_exception $e) { echo "Error: " . $e->getMessage(); } } // function replace_urls_with_links($text) // { // // Regular expression to match URLs // $regex = '/\b(?:https?:\/\/)?(?:www\.)?[a-zA-Z0-9\-]+\.[a-zA-Z]{2,}(?:\/\S*)?\b/i'; // // Replace URLs with HTML <a> tags // $text_with_links = preg_replace_callback($regex, function ($matches) { // $url = $matches[0]; // // Check if the URL starts with http:// or https:// // if (!preg_match("~^(?:f|ht)tps?://~i", $url)) { // // If no protocol is specified, add http:// at the beginning // $url = "http://" . $url; // } // return '<a href="#" onclick="redirectTo(\'' . $url . '\'); return false;">' . $matches[0] . '</a>'; // }, $text); // return $text_with_links; // } function replace_urls_with_links($text) { // Regular expression to match URLs terminated by a space or end of string $regex = '/(?:https?:\/\/(?:www\.)?[a-zA-Z0-9\-\.]+\.[a-zA-Z]{2,}(?:\/[^\s]*)?(?:\.[a-zA-Z]{2,})?)/'; // Replace URLs with HTML <a> tags $text_with_links = preg_replace_callback($regex, function ($matches) { $url = $matches[0]; // Check if the URL starts with http:// or https:// if (!preg_match("~^(?:f|ht)tps?://~i", $url)) { // If no protocol is specified, add http:// at the beginning $url = "http://" . $url; } // Encode special characters in the URL for HTML $url = htmlspecialchars($url, ENT_QUOTES, 'UTF-8'); return '<a href="#" onclick="redirectTo(\'' . $url . '\'); return false;">' . $matches[0] . '</a>'; }, $text); return $text_with_links; } function exit_group($conn, $user_id, $group_id) { $exited_on = date('Y-m-d H:i:s'); try { // $sql = "UPDATE groups SET deleted_on = ?, status = 'inactive' WHERE group_id = ?"; $sql = "UPDATE group_members SET exited_on = ?, exit_status = 'Yes' WHERE user_id = ? AND group_id = ?"; $stmt = $conn->prepare($sql); $stmt->bind_param('sii', $exited_on, $user_id, $group_id); $stmt->execute(); $stmt->close(); // Optionally, you can return a success message if needed echo "Exited the group successfully. Group id=" . $group_id . " user_id=". $user_id; } catch (mysqli_sql_exception $e) { // Handle database errors echo "Error: " . $e->getMessage(); } } function delete_chat($conn, $message_id){ date_default_timezone_set('UTC'); $deleted_at = date('Y-m-d H:i:s'); echo $deleted_at; try{ $sql = "UPDATE messages SET deleted_on = ?, delete_status = 'Y' WHERE message_id = ? "; $stmt = $conn->prepare($sql); $stmt->bind_param('si', $deleted_at, $message_id); $stmt->execute(); $stmt->close(); echo "deleted chat successfully. ". $message_id ; } catch (mysqli_sql_exception $e) { // Handle database errors echo "Error: " . $e->getMessage(); } }