SkidSec WebShell

Server Address : 172.31.38.4

Web Server : Apache/2.4.58 (Ubuntu)

Uname : Linux ip-172-31-38-4 6.14.0-1017-aws #17~24.04.1-Ubuntu SMP Wed Nov 5 10:48:17 UTC 2025 x86_64

PHP Version : 7.4.33

<?php if (!defined('BASEPATH')) exit('No direct script access allowed'); require_once APPPATH.'modules/generic/controllers/Generic.php'; /** * Author : Amit Kashte */ class Jury extends Generic{ function __construct() { parent::__construct(); $this->load->model("Mdl_jury"); $this->load->helper("captcha"); } /** * Login From : new */ function index(){ if(!Modules::run("security/validJury")){ $data['template'] = "jury-auth"; $data['scriptFile'] = 'jury-login'; $data['viewFile'] = 'login'; $data['module'] = "jury"; echo Modules::run('template/load', $data); }else{ redirect("jury/dashboard","refresh"); } } /** * Declaration */ function declaration(){ if(!Modules::run("security/validJury")){ $data['template'] = "jury-auth"; $data['viewFile'] = 'declaration'; $data['module'] = "jury"; echo Modules::run('template/load', $data); }else{ redirect("jury/dashboard","refresh"); } } /** * Validate captcha */ function captcha_check($captcha){ if($captcha == ""){ $this->form_validation->set_message("captcha_check","Captcha is required"); return false; }else{ $code = $this->session->userdata("captcha_code"); if($captcha !== $code){ $this->form_validation->set_message("captcha_check","Invalid Captcha"); return false; }else{ return true; } } } /** * Jury Login : new */ function loginAction(){ $content = $this->input->post(); // echo "<pre>"; // print_r($content); // echo "</pre>";die; $this->form_validation->set_rules("username","Username","trim|xss_clean|required", array( "required" => "Username is required" )); $this->form_validation->set_rules("password","Password","trim|xss_clean|required", array( "required" => "Password is required." )); $this->form_validation->set_rules("terms","Terms","trim|xss_clean|required", array( 'required' => 'You must select the terms & conditions' )); if($this->form_validation->run($this) == FALSE){ $errors = $this->form_validation->error_array(); echo json_encode($errors); exit; }else{ $username = strip_tags($content["username"]); $password = strip_tags($content["password"]); $jury = $this->Mdl_jury->retrieve("jury_master",array("username" => $username)); if($jury !== "NA"){ if($jury[0]->status == "active"){ $check = Modules::run("security/verifyPassoword", $password, $jury[0]->password_enc); if($check){ $jurySessionData = array( "jury_id"=>$jury[0]->jury_id, "image"=>$jury[0]->image, "name"=>$jury[0]->name, "code"=>$jury[0]->code ); $this->session->set_userdata("jury", $jurySessionData); $redirect = "jury/dashboard"; $this->session->unset_userdata("captcha_code"); echo json_encode(array("status"=>"redirect","redirect"=>$redirect)); exit; }else{ echo json_encode(array("status"=>"alert","title"=>"Oops! an Error occured","icon"=>"error","message"=>"Username and password does not match.")); exit; } }else{ echo json_encode(array("status"=>"alert","title"=>"Access Denied!","icon"=>"error","message"=>"Your account is deactive. Contact your administrator for more information.")); exit; } }else{ echo json_encode(array("status"=>"alert","title"=>"Oops! an Error occured","icon"=>"error","message"=>"Username and password does not match.")); exit; } } } /** * Forgot Password Form ( new ) */ function forgotPassword(){ if(!Modules::run("security/validJury")){ $data['template'] = "jury-auth"; $data['scriptFile'] = 'jury-login'; $data['viewFile'] = 'forgot-password'; $data['module'] = "jury"; echo Modules::run('template/load', $data); }else{ redirect("jury/dashboard","refresh"); } } /** * Jury Recover Password Action : new */ function recoverPasswordAction(){ $content = $this->input->post(); $this->form_validation->set_rules("username","Username","trim|xss_clean|required", array( 'required' => "Username is required" )); if($this->form_validation->run($this) == FALSE){ $errors = $this->form_validation->error_array(); echo json_encode($errors); exit; }else{ $username = strip_tags($content["username"]); $jury = $this->Mdl_jury->retrieve("jury_master",array("username" => $username)); if($jury !== "NA"){ if($jury[0]->status == "active"){ if( $jury[0]->email !== "" ){ $mailData = array( 'viewFile' => 'jury-password-recovery', 'to' => $jury[0]->email, 'cc' => '', 'bcc' => '', 'subject' => 'Aster Guardians Global Nursing Award Password Reset', "name" => $jury[0]->name, "password_text" => $jury[0]->password_text ); Modules::run('email/mailer', $mailData); $this->session->unset_userdata('captcha_code'); $redirect = "jury"; echo json_encode(array("status"=>"success","title"=>"Mail Sent","icon"=>"success","message"=> "Password has been sent on your registered email id.","redirect"=>$redirect)); exit; }else{ echo json_encode(array("status"=>"alert","title"=>"Failed","icon"=>"error","message"=>'Your email id is not updated. Contact administrator for more information.')); exit; } }else{ echo json_encode(array("status"=>"alert","title"=>"Access Denied!","icon"=>"error","message"=>'Your account is deactive. Contact your administrator for more information.')); exit; } }else{ echo json_encode(array("status"=>"alert","title"=>"No such Account","icon"=>"error","message"=> "Jury with username '$username' does not exist.")); exit; } } } /** * Jury Logout Action */ function logout(){ $this->session->unset_userdata("jury"); redirect("jury","refresh"); } /** * Dashboard page */ function dashboard(){ if(!Modules::run("security/validJury")){ redirect("jury","refresh"); } $data["template"] = "jury"; $data["viewFile"] = "account/dashboard"; $data["module"] = "jury"; echo Modules::run("template/load", $data); } /** * Jury Profile Form */ function myProfile(){ if(! Modules::run("security/validJury")){ redirect("jury","refresh"); } $jurySession = $this->session->userdata("jury"); $data["jury"] = $this->Mdl_jury->retrieve("jury_master",array("jury_id"=>$jurySession["jury_id"])); $data["template"] = "jury"; $data["scriptFile"] = "jury-account"; $data["viewFile"] = "account/my-profile"; $data["module"] = "jury"; echo Modules::run("template/load", $data); } /** * Update Profile Action */ function updateProfileAction(){ $content = $this->input->post(); $token= $this->session->userdata("token"); if($content["csrfToken"] == $token){ $this->form_validation->set_rules("name","Name","trim|xss_clean|required", array( 'required' => "Name is required" )); if($content["juryUsername"] !== $content["username"]){ $this->form_validation->set_rules("username","Username","trim|xss_clean|required|is_unique[jury_master.username]", array( 'required' => 'Username is required', 'is_unique' => 'Username already exist' )); }else{ $this->form_validation->set_rules("username","Username","trim|xss_clean|required", array( 'required' => "Username is required" )); } if($content["juryEmail"] !== $content["email"]){ $this->form_validation->set_rules("email","Email","trim|xss_clean|required|valid_email|is_unique[jury_master.email]", array( 'required' => 'Email is required', 'valid_email' => 'Email is invalid', 'is_unique' => 'Email already in use' )); }else{ $this->form_validation->set_rules("email","Email","trim|xss_clean|required|valid_email", array( 'required' => "Email is required", 'valid_email' => 'Email is invalid' )); } $this->form_validation->set_rules("newPassword","New Password","trim|xss_clean"); if( $content['newPassword'] !== "" ){ $this->form_validation->set_rules("confirmPassword","Confirm Password","trim|xss_clean|required|matches[newPassword]", array( 'required' => "Re-enter password", 'matches' => "Password do not match. Please re-enter your password" )); }else{ $this->form_validation->set_rules("confirmPassword","Confirm Password","trim|xss_clean"); } if($this->form_validation->run() == FALSE){ $errors = $this->form_validation->error_array(); echo json_encode($errors); exit; }else{ if( $content["newPassword"] !== "" ){ $password = Modules::run("security/makeHash",strip_tags($content["newPassword"])); $juryData = array( "name" => strip_tags($content["name"]), "email" => strip_tags($content["email"]), "username" => strip_tags($content["username"]), "password_enc" => $password, "password_text" => strip_tags($content["newPassword"]), "modified_at" => date("Y-m-d H:i:s") ); }else{ $juryData = array( "name" => strip_tags($content["name"]), "email" => strip_tags($content["email"]), "username" => strip_tags($content["username"]), "modified_at" => date("Y-m-d H:i:s") ); } $update = $this->Mdl_jury->update("jury_master",array("jury_id"=>$content["juryId"]),$juryData); $jurySession = $this->session->userdata("jury"); $jurySession["name"] = strip_tags($content["name"]); $this->session->set_userdata('jury', $jurySession); echo json_encode(array("status"=>"success","title"=>"Success","icon"=>"success","message"=>'Profile details updated successfully.',"redirect"=>'jury/dashboard')); exit; } }else{ echo json_encode(array("status"=>"alert","title"=>"Oops! an Error occured","icon"=>"error","message"=>"Your session has expired. Please reload & try again.")); exit; } } /** * Contact Us page */ function contact(){ if(! Modules::run("security/validJury")){ redirect("jury","refresh"); } $data["template"] = "jury"; $data["viewFile"] = "account/contact"; $data["module"] = "jury"; echo Modules::run("template/load", $data); } /** * Listing page */ function listPage(){ $this->adminSession('5'); $template = 'admin'; $data['scriptFile'] = 'jury'; $data['viewFile'] = 'jury/list'; $data['module'] = "jury"; echo Modules::run('template/'.$template, $data); } /** * Get records */ function records(){ $records = $this->Mdl_jury->get_datatables("jury"); $data = array(); $no = $_POST['start']; $max_limit = sizeof($records); foreach ($records as $val){ $row = array(); $row[] = '<input type="checkbox" name="selectedRows[]" id="'.$val->jury_id.'" value="'.$val->jury_id.'">'; $url = base_url().'jury/update/'.$val->jury_id; $row[] = '<a class="btn btn-circle btn-success" href="'.$url.'"></a>'; if($val->status == 'active'){ $row[] = 'ACTIVE'; }else{ $row[] = 'DEACTIVE'; } $row[] = $val->code; $row[] = $val->name; $row[] = $val->email; $row[] = date("d-m-Y",strtotime($val->created_at)); $data[] = $row; } $output = array( "draw" => $_POST['draw'], "recordsTotal" => $this->Mdl_jury->count_all("jury"), "recordsFiltered" => $this->Mdl_jury->count_filtered("jury"), "data" => $data, ); echo json_encode($output); } /** * Add */ function add(){ $this->adminSession('5'); $template = 'admin'; $data['viewFile'] = "jury/add"; $data['scriptFile'] = "jury"; $data['module'] = "jury"; echo Modules::run('template/'.$template, $data); } /** * Add Action */ function addAction(){ $content = $this->input->post(); $token= $this->session->userdata("token"); if($content["csrfToken"] == $token){ $this->form_validation->set_rules("code","Code","trim|xss_clean|required|max_length[10]|is_unique[jury_master.code]", array( "required" => "Code is required", "max_length" => "Code is incorrect", "is_unique" => "Code already in use." )); $this->form_validation->set_rules("name","Name","trim|xss_clean|required", array( 'required' => "Name is required" )); $this->form_validation->set_rules("email","Email","trim|xss_clean|required|valid_email|is_unique[jury_master.email]", array( 'required' => 'Email is required', 'valid_email' => 'Email is invalid', 'is_unique' => 'Email already in use' )); $this->form_validation->set_rules("username","Username","trim|xss_clean|required|is_unique[jury_master.username]", array( 'required' => 'Username is required', 'is_unique' => 'Username already taken.' )); $this->form_validation->set_rules("password_text","Password","trim|xss_clean|required", array( 'required' => "Password is required" )); if($this->form_validation->run() == FALSE){ $errors = $this->form_validation->error_array(); echo json_encode($errors); exit; }else{ $adminSession = $this->session->userdata("admin"); $password_enc = Modules::run('security/makeHash',strip_tags($content['password_text'])); $data = array( "image" => "assets/admin/images/default.png", "code" => strip_tags($content["code"]), "name" => strip_tags($content["name"]), "email" => strip_tags($content["email"]), "username" => strip_tags($content["username"]), "password_text" => strip_tags($content["password_text"]), "password_enc" => $password_enc, "status" => "active", "admin_id" => $adminSession["admin_id"], "created_at" => date("Y-m-d H:i:s"), "modified_at" => date("Y-m-d H:i:s") ); $insert = $this->Mdl_jury->insert("jury_master",$data); $mailData = array( "viewFile" => "jury/jury-account-creation", "to" => strip_tags($content['email']), "cc" => "", "bcc" => "", "subject" => "Jury Credentials for Aster Guardians Global Nursing Award, 2024", "name" => strip_tags($content["name"]), "username" => strip_tags($content["username"]), "password" => strip_tags($content["password_text"]), "isAttachment" => false ); //$isSent = Modules::run('email/mailer', $mailData); echo json_encode(array("status"=>"success","title"=>"Success","icon"=>"success","message"=>"Jury account created successfully","redirect"=>"jury/list")); exit; } }else{ echo json_encode(array("status"=>"alert","title"=>"Oops! an Error occured","icon"=>"error","message"=>"Your session has expired. Please reload & try again.")); exit; } } /** * Update */ function update($id){ $this->adminSession("5"); $jury_details = $this->Mdl_jury->retrieve("jury_master",array("jury_id"=>$id)); if($jury_details == "NA"){ redirect("errors","refresh"); }else{ $template = "admin"; $data["jury"] = $jury_details; $data["viewFile"] = "jury/update"; $data["scriptFile"] = "jury"; $data["module"] = "jury"; echo Modules::run("template/".$template, $data); } } /** * Update Action */ function updateAction(){ $content = $this->input->post(); $token= $this->session->userdata("token"); if($content["csrfToken"] == $token){ if($content["juryCode"] !== $content["code"]){ $this->form_validation->set_rules("code","Code","trim|xss_clean|required|max_length[10]|is_unique[jury_master.code]", array( "required" => "Code is required", "max_length" => "Code is incorrect", "is_unique" => "Code already in use." )); }else{ $this->form_validation->set_rules("code","Code","trim|xss_clean|required|max_length[10]", array( "required" => "Code is required", "max_length" => "Code is incorrect" )); } $this->form_validation->set_rules("name","Name","trim|xss_clean|required", array( "required" => "Name is required" )); if($content["juryEmail"] !== $content["email"]){ $this->form_validation->set_rules("email","Email","trim|xss_clean|required|valid_email|is_unique[jury_master.email]", array( "required" => "Email is required", "valid_email" => "Email is invalid", "is_unique" => "Email already in use" )); }else{ $this->form_validation->set_rules("email","Email","trim|xss_clean|required|valid_email", array( "required" => "Email is required", "valid_email" => "Email is invalid" )); } if($content["juryUsername"] !== $content["username"]){ $this->form_validation->set_rules("username","Username","trim|xss_clean|required|is_unique[jury_master.username]", array( "required" => "Username is required", "is_unique" => "Username already exist" )); }else{ $this->form_validation->set_rules("username","Username","trim|xss_clean|required", array( "required" => "Username is required" )); } $this->form_validation->set_rules("password_text","Password","trim|xss_clean|required", array( "required" => "Password is required" )); $this->form_validation->set_rules("status","Status","trim|xss_clean|required", array( "required" => "Select status" )); if($this->form_validation->run() == FALSE){ $errors = $this->form_validation->error_array(); echo json_encode($errors); exit; }else{ $adminSession = $this->session->userdata("admin"); $password_enc = Modules::run("security/makeHash",strip_tags($content["password_text"])); $data = array( "code" => strip_tags($content["code"]), "name" => strip_tags($content["name"]), "email" => strip_tags($content["email"]), "username" => strip_tags($content["username"]), "password_text" => strip_tags($content["password_text"]), "password_enc" => $password_enc, "status" => strip_tags($content["status"]), "admin_id" => $adminSession["admin_id"], "modified_at" => date("Y-m-d H:i:s") ); $update = $this->Mdl_jury->update("jury_master",array("jury_id"=>$content["jury_id"]),$data); echo json_encode(array("status"=>"success","title"=>"Success","icon"=>"success","message"=>"Jury details updated successfully","redirect"=>"jury/list")); exit; } }else{ echo json_encode(array("status"=>"alert","title"=>"Oops! an Error occured","icon"=>"error","message"=>"Your session has expired. Please reload & try again.")); exit; } } /** * Delete Action */ function deleteAction(){ $records = explode(",",$this->input->post('values')); foreach($records as $val){ $jury = $this->Mdl_jury->retrieve("jury_master",array("jury_id"=>$val)); if($jury !== "NA"){ $this->Mdl_jury->delete('jury_master',array("jury_id"=>$val)); } } echo json_encode(array("status"=>"success")); exit; } /** * Assign applications */ function assign(){ $this->adminSession("5"); $data["template"] = "admin"; $data["viewFile"] = "jury/assign"; $data["scriptFile"] = "jury"; $data["module"] = "jury"; echo Modules::run("template/load", $data); } /** * Excel validation */ public function excel_check(){ $allowed_mime_type_arr = array('xls','xlsx','XLS','XLSX'); if(isset($_FILES['excel']['name']) && $_FILES['excel']['name'] !== ""){ $filename = $_FILES['excel']['name']; $ext = pathinfo($filename, PATHINFO_EXTENSION); if(in_array($ext, $allowed_mime_type_arr)){ return true; }else{ $this->form_validation->set_message('excel_check', 'Select excel file'); return false; } }else{ $this->form_validation->set_message('excel_check', 'File required'); return false; } } /** * Add Mappings */ function importAction(){ $content = $this->input->post(); $this->form_validation->set_rules('excel','Excel','callback_excel_check'); if($this->form_validation->run($this) == FALSE){ $errors = $this->form_validation->error_array(); echo json_encode($errors); exit; }else{ $admin_session = $this->session->userdata('admin'); if(!empty($_FILES['excel']['name'])){ $path = $_FILES["excel"]["tmp_name"]; $totalRecords = 0; $reader = new \PhpOffice\PhpSpreadsheet\Reader\Xlsx(); $spreadsheet = $reader->load($path); $sheetData = $spreadsheet->getActiveSheet()->toArray(); unset($sheetData[0]); foreach ($sheetData as $data) { $column = 1; $applicationNumber = trim($data[$column]); $juryCodeOne = trim($data[++$column]); $juryCodeTwo = trim($data[++$column]); $juryCodeThree = trim($data[++$column]); $juryCodeFour = trim($data[++$column]); $juryCodeFive = trim($data[++$column]); $juryCodeSix = trim($data[++$column]); // echo "<pre>"; // print_r($juryCodeFive); // echo "</pre>";die; $application = $this->Mdl_jury->retrieveByCol("applications_id, code","users_application_details", array( "application_number" => $applicationNumber, "status" => "submitted", "ey_assessment" => "approved" )); if( $application !== "NA" ){ $mapping = $this->Mdl_jury->retrieveByCol("mapping_id","jury_application_mapping", array( "applications_id" => $application[0]->applications_id, "application_number" => $applicationNumber )); $juryOne = $this->Mdl_jury->isExist("jury_master", array( "code" => strtoupper($juryCodeOne) )) ? strtoupper($juryCodeOne) : ""; $juryTwo = $this->Mdl_jury->isExist("jury_master", array( "code" => strtoupper($juryCodeTwo) )) ? strtoupper($juryCodeTwo) : ""; $juryThree = $this->Mdl_jury->isExist("jury_master", array( "code" => strtoupper($juryCodeThree) )) ? strtoupper($juryCodeThree) : ""; $juryFour = $this->Mdl_jury->isExist("jury_master", array( "code" => strtoupper($juryCodeFour) )) ? strtoupper($juryCodeFour) : ""; $juryFive = $this->Mdl_jury->isExist("jury_master", array( "code" => strtoupper($juryCodeFive) )) ? strtoupper($juryCodeFive) : ""; $jurySix = $this->Mdl_jury->isExist("jury_master", array( "code" => strtoupper($juryCodeSix) )) ? strtoupper($juryCodeSix) : ""; if( $mapping == "NA" ){ $mapping_data = array( "applications_id" => $application[0]->applications_id, "application_code" => $application[0]->code, "application_number" => $applicationNumber, "jury_one_code" => $juryOne, "jury_two_code" => $juryTwo, "jury_three_code" => $juryThree, "jury_four_code" => $juryFour, "jury_five_code" => $juryFive, "jury_six_code" => $jurySix, "created_at" => date("Y-m-d H:i:s"), "modified_at" => date("Y-m-d H:i:s") ); $insert = $this->Mdl_jury->insert("jury_application_mapping", $mapping_data); }else{ $mapping_data = array( "applications_id" => $application[0]->applications_id, "application_code" => $application[0]->code, "application_number" => $applicationNumber, "jury_one_code" => $juryOne, "jury_two_code" => $juryTwo, "jury_three_code" => $juryThree, "jury_four_code" => $juryFour, "jury_five_code" => $juryFive, "jury_six_code" => $jurySix, "modified_at" => date("Y-m-d H:i:s") ); $update = $this->Mdl_jury->update("jury_application_mapping", array("mapping_id" => $mapping[0]->mapping_id ), $mapping_data); } $totalRecords++; } } echo json_encode(array("status"=>"success","title"=>"Success","icon"=>"success","message"=>"$totalRecords records updated successfully","redirect"=>"jury/assign")); exit; }else{ echo json_encode(array("excel"=>"File required")); exit; } } } }