BLACKSITE
:
216.73.217.4
:
104.37.75.190 / alpenpass.ca
:
Linux server3.pointsplan.com 5.14.0-503.38.1.el9_5.x86_64 #1 SMP PREEMPT_DYNAMIC Fri Apr 18 08:52:10 EDT 2025 x86_64
:
/
home
/
apca
/
www
/
Upload File:
files >> /home/apca/www/edit-admin.php
<?php session_start(); //error_reporting(0); date_default_timezone_set('America/Vancouver'); include('includes/config.php'); if($_GET['id']){ $passReq=""; $pasReqAlert=""; }else{ $passReq=" required "; $pasReqAlert=" <span style='color:red'>*</span> "; } if(strlen($_SESSION['alogin'])==0) { header('location:index.php'); } else{ if(isset($_POST['submit'])) { $FullName=$_POST['FullName']; $EmailId=$_POST['Email1']; if(strlen($_POST['Password'])>=6){ $Password=$_POST['Password']; } if(!$Password AND $_GET['id']){ $sql = "SELECT Password FROM tblusers WHERE id = :id"; $query = $dbh->prepare($sql); $query->bindParam(':id', $_GET['id'], PDO::PARAM_STR); $query->execute(); // Fetch result as an associative array $result = $query->fetch(PDO::FETCH_ASSOC); $Password = $result['Password']; } $id=$_REQUEST['id']; $status=$_POST['status']; $UpdationDate= date("Y-m-d H:i"); echo "Got to line ".__LINE__." in ".__FILE__." id is $id and EmailIdis $EmailId <br /><br />"; if ($_POST['process'] != 'add') { $sql = "UPDATE tblusers SET FullName = :FullName, EmailId = :EmailId, Password = :Password, status = :status, UpdationDate = :UpdationDate WHERE id = :id"; $query = $dbh->prepare($sql); $query->bindParam(':id', $id, PDO::PARAM_STR); $query->bindParam(':FullName', $FullName, PDO::PARAM_STR); $query->bindParam(':EmailId', $EmailId, PDO::PARAM_STR); $query->bindParam(':Password', md5($Password), PDO::PARAM_STR); $query->bindParam(':status', $status, PDO::PARAM_STR); $query->bindParam(':UpdationDate', $UpdationDate, PDO::PARAM_STR); if (!$query->execute()) { $error = $query->errorInfo(); die("Query failed: " . $error[2]); } if ($query->rowCount() > 0) { echo "Data updated successfully."; } else { echo "No rows were updated. Check if the `id` exists or if the data is already the same. id is $id and EmailId is $EmailId"; } }else{ $sql = "INSERT INTO tblusers (FullName, EmailId, Password, status, UpdationDate) VALUES (:FullName, :EmailId, :Password, :status, :UpdationDate)"; $query = $dbh->prepare($sql); // Bind parameters $query->bindParam(':FullName', $FullName, PDO::PARAM_STR); $query->bindParam(':EmailId', $EmailId, PDO::PARAM_STR); $query->bindParam(':Password', $Password, PDO::PARAM_STR); $query->bindParam(':status', $status, PDO::PARAM_STR); $query->bindParam(':UpdationDate', $UpdationDate, PDO::PARAM_STR); $query->execute(); // Debug for SQL errors if ($query->errorCode() !== '00000') { $errorInfo = $query->errorInfo(); echo "SQL Error: " . $errorInfo[2]; exit; } $lastInsertId = $dbh->lastInsertId(); echo "Last Insert ID: " . $lastInsertId; if ($lastInsertId) { $msg .= "User posted successfully"; } else { $error = "Something went wrong. Please try again"; } } } ?> <!doctype html> <html lang="en" class="no-js"> <head> <meta charset="UTF-8"> <meta http-equiv="X-UA-Compatible" content="IE=edge"> <meta name="viewport" content="width=device-width, initial-scale=1, minimum-scale=1, maximum-scale=1"> <meta name="description" content=""> <meta name="author" content=""> <meta name="theme-color" content="#3e454c"> <title>Alpenpass Motorcycle Rental Portal | Admin User Info</title> <!-- Font awesome --> <link rel="stylesheet" href="css/font-awesome.min.css"> <!-- Sandstone Bootstrap CSS --> <link rel="stylesheet" href="css/bootstrap.min.css"> <!-- Bootstrap Datatables --> <link rel="stylesheet" href="css/dataTables.bootstrap.min.css"> <!-- Bootstrap social button library --> <link rel="stylesheet" href="css/bootstrap-social.css"> <!-- Bootstrap select --> <link rel="stylesheet" href="css/bootstrap-select.css"> <!-- Bootstrap file input --> <link rel="stylesheet" href="css/fileinput.min.css"> <!-- Awesome Bootstrap checkbox --> <link rel="stylesheet" href="css/awesome-bootstrap-checkbox.css"> <!-- Admin Stye --> <link rel="stylesheet" href="css/style.css"> <script type="text/javascript" src="nicEdit.js"></script> <script type="text/javascript"> bkLib.onDomLoaded(function() { nicEditors.allTextAreas() }); </script> <style> .errorWrap { padding: 10px; margin: 0 0 20px 0; background: #fff; border-left: 4px solid #dd3d36; -webkit-box-shadow: 0 1px 1px 0 rgba(0,0,0,.1); box-shadow: 0 1px 1px 0 rgba(0,0,0,.1); } .succWrap{ padding: 10px; margin: 0 0 20px 0; background: #CCFFCC; border-left: 4px solid #5cb85c; -webkit-box-shadow: 0 1px 1px 0 rgba(0,0,0,.1); box-shadow: 0 1px 1px 0 rgba(0,0,0,.1); } input{ margin-top: 10px; } label{ margin-top: 10px; } .imgBlock{ display: block; margin-top: 5px; margin-bottom: 5px; } .sel{ margin-top: 20px; padding:15px 30px; text-align:center; border-color: #dfd7ca; } </style> </head> <body> <?php include('includes/header.php');?> <div class="ts-main-content"> <?php include('includes/leftbar.php');?> <div class="content-wrapper"> <div class="container-fluid"> <div class="row"> <div class="col-md-12"> <?php if($_REQUEST['process']=='add'){ echo"<h2 class=\"page-title\">Add User</h2>"; }else{ echo"<div class='col-sm-3'><h2 class=\"page-title\">Edit Users</h2></div>"; } ?> <div class="row"> <div class="col-md-12"> <div class="panel panel-default" style="padding-bottom: 30px;"> <div class="panel-heading">User Info</div> <div class="panel-body"> <?php $msg.=($_GET['message'])? $_GET['message'] : ""; if($msg){?><div class="succWrap"><strong>SUCCESS</strong>:<?php echo htmlentities($msg); ?> </div><?php } ?> <?php $id = isset($_GET['id']) ? intval($_GET['id']) : 0; $results = null; // Initialize $results to null if ($id > 0) { // Run the SQL query only if $id is greater than 0 $sql = "SELECT tblusers.* FROM tblusers WHERE tblusers.id = :id"; $query = $dbh->prepare($sql); $query->bindParam(':id', $id, PDO::PARAM_INT); $query->execute(); if ($query->rowCount() > 0) { $result = $query->fetch(PDO::FETCH_OBJ); // Fetch only the first result } } ?> <form method="post" class="form-horizontal" enctype="multipart/form-data"> <input type="hidden" name="id" value="<?php echo $_GET['id'];?>"/> <div class="form-group"> <label class="col-sm-1 control-label">Full Name<span style="color:red">*</span></label> <div class="col-sm-3"> <input type="hidden" name="process" value="<?php echo $_GET['process']; ?>"> <input type="text" name="FullName" class="form-control" value="<?php echo htmlentities($result->FullName)?>" required> </div> <label class="col-sm-1 control-label">Email Address<span style="color:red">*</span></label> <div class="col-sm-3"> <input type="text" name="Email1" class="form-control" value="<?php echo htmlentities($result->EmailId)?>" style="width:300px;" required> </div> <label class="col-sm-1 control-label">Password <?php echo $pasReqAlert; ?></label> <div class="col-sm-2"> <input type="text" name="Password" class="form-control" value="" accept="<?php echo $passReq; ?>"> <p>You must enter a password for a new user.<br />Leave blank if you don't want to change the password for an existing user.</p> </div> </div> <div class="form-group"><br /> <div class="col-sm-8 col-sm-offset-2" > <button class="btn btn-primary submit" name="submit" type="submit" value="submit" style="margin-top:4%">Save changes</button> </div> </div> </form> </div> </div> </div> </div> </div> </div> </div> </div> </div> </div> <!-- Loading Scripts --> <script src="js/jquery.min.js"></script> <script src="js/bootstrap-select.min.js"></script> <script src="js/bootstrap.min.js"></script> <script src="js/jquery.dataTables.min.js"></script> <script src="js/dataTables.bootstrap.min.js"></script> <script src="js/Chart.min.js"></script> <script src="js/fileinput.js"></script> <script src="js/chartData.js"></script> <script src="js/main.js"></script> <script> $('button[type=submit]').bind('click', function () { $('textarea').each(function(){ nicEditors.findEditor(this.id).saveContent(); }); }); </script> </body> </html> <?php } ?>