| Server IP : 51.89.169.208 / Your IP : 3.148.107.92 Web Server : Apache System : Linux ns3209505.ip-198-244-202.eu 4.18.0-553.27.1.el8_10.x86_64 #1 SMP Tue Nov 5 04:50:16 EST 2024 x86_64 User : yellowleaf ( 1019) PHP Version : 7.4.33 Disable Function : exec,passthru,shell_exec,system MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : ON | Sudo : ON | Pkexec : ON Directory : /home/yellowleaf/public_html/staff/ |
Upload File : |
<?php
error_reporting(E_ALL & ~E_WARNING & ~E_NOTICE);
include_once $_SERVER['DOCUMENT_ROOT'].'/connect_db.php';
include_once 'function.php';
$loginid = 0;
$permission = "";
if($_COOKIE['access-token'])
{
$cook = json_decode(base64_decode($_COOKIE['access-token']));
$loginid = $cook->id;
$query = "SELECT id,username,role,password,created_at,status FROM users WHERE id='{$loginid}' LIMIT 1";
$query_prepare = $connect->query($query);
$row = $query_prepare->fetch_array(MYSQLI_ASSOC);
$un = $row['username'];
if($row)
{
$folders = $_SERVER['REQUEST_URI'];
$url_data = explode('/',$folders);
$path = array_key_exists(2, $url_data) ? $url_data[2] :$url_data[0];
if($cook->password == md5($row['password'].$row['role'].$row['created_at'])){
if($row['role'] !='admin')
{
if($path=='users' || $path=='logs' )
{
echo"<h1>Access denied</h1>";
echo"<a href='$_SERVER[HTTP_REFERER]'>Back</a>";
$permission = "none";
exit;
}else{
}
}else{
}
}else{
header('Location: /staff/login.php');
exit;
}
}else
{
header('Location: /staff/login.php');
exit;
}
}else{
header('Location: /staff/login.php');
exit;
}
?>