Fallagassrini Bypass Shell

echo"Fallagassrini ";
Current Path : /home/easwari/www/includes/classes/
Linux 141.162.178.68.host.secureserver.net 3.10.0-1160.114.2.el7.x86_64 #1 SMP Wed Mar 20 15:54:52 UTC 2024 x86_64
Current File : /home/easwari/www/includes/classes/class.Staff.php
<?php
/*    Class Function for Admin    */
class Staff extends MysqlFns
{
    static $Gname, $Uid, $Cid;
    public function Staff()
    {
        global $objSmarty, $config;
        include_once "class.split_page_results.php";
        $this->MysqlFns();
        date_default_timezone_set('Asia/Kolkata');
        

       /* if (!isset($_SESSION['UserName']) && !isset($_POST["username"])) {
            if (!isset($_COOKIE['UserName']) && !isset($_POST["username"])) {
                if (basename($_SERVER['PHP_SELF']) != "index.php") {
                    Redirect("index.php");
                }
            }
        }*/
    }

    function chkSLogin($objArray){
		
	  global $_SESSION;
		$login_session_duration = 3600; 
		$current_time = time(); 
	  if(isset($_SESSION['Web_loggedin_time']) || isset($_SESSION["Web_UserName"])){  
		if(((time() - $_SESSION['Web_loggedin_time']) > $login_session_duration)){ 
			Redirect("logout.php?session_expired=1");	
			//  echo "if";
		} 
		else
		{
			$SelQueryBook = "SELECT COUNT(*) AS bookCount FROM book_cart_temp WHERE member_id='".$_SESSION['Web_User_ID']."'";
        $SelResultBook = $this->ExecuteQuery($SelQueryBook, "select");
        $_SESSION['Web_BOOK']=$SelResultBook[0]['bookCount']; 
            // echo "else";exit;
			//  Redirect("logout.php?logout=true");	
			  return true;
		}
	    
	}
	else if(!isset($_SESSION["Web_UserName"]))
	{
		// echo "else hii";exit;
		 Redirect("index.php?logout=true");
		return false;
	}
}
    function chkStaffLogin($objArray=''){
//print_r($_POST);
global $objSmarty;

//echo $_POST["mobileNo"];exit;

  if (isset($_POST["mobileNo"]) &&  isset($_POST["password"]))
  {
//echo $_POST["mobileNo"];exit;
      //$Login = $_POST["mobileNo"];
      //$Password = $_POST["password"];
     $SelQuery = "SELECT * FROM members WHERE (`member_code` = '" . ($_POST["mobileNo"]) . "'  AND `password` = '" . ($_POST["password"]) . "') OR (`contact_number` like '%" . ($_POST["mobileNo"]) . "%'  AND `password` = '" . ($_POST["password"]) . "')"; 
      $SelResult = $this->ExecuteQuery($SelQuery, "select");
    
       $SelQueryBook = "SELECT COUNT(*) AS bookCount FROM book_cart_temp WHERE member_id='".$SelResult[0]['id']."'"; 
      $SelResultBook = $this->ExecuteQuery($SelQueryBook, "select");
	  
	 	if(!empty($SelResult)) {
		//session_destroy();

		session_start();
		



        $_SESSION['Web_User_ID'] = $StaffLogin = $SelResult[0]['id'];
        $_SESSION['Web_BOOK'] = $StaffLogin = $SelResultBook[0]['bookCount'];
       // $_SESSION['USER_GROUP'] = $StaffGroup = $SelResult[0]['usergroup'];
       // $_SESSION['USER_GROUPID'] = $StaffGroup = $GList[0]['slno'];
        $_SESSION['Web_UserName'] = $StaffGroup = $SelResult[0]['member_name'];
        $_SESSION['Web_Mobile'] = $StaffLogin = $SelResult[0]['contact_number'];
        $_SESSION['Web_Phone'] = $StaffLogin = $SelResult[0]['land_line'];
        $_SESSION['Web_Email'] = $StaffLogin = $SelResult[0]['emailid'];
        $_SESSION['Web_BranchId'] = $StaffLogin = $SelResult[0]['branch'];
		 $_SESSION['Web_branchname'] = $StaffLogin = $SelResult[0]['branch'];
         $_SESSION['Web_memberType'] = $StaffLogin = $SelResult[0]['member_type'];
         $_SESSION['Web_MemberCode'] = $StaffLogin = $SelResult[0]['member_code'];
         $_SESSION['Web_loggedin_time'] = time(); 


	
	//session_register("User_ID");
	/*User Login date and time details maintenance written in text file by shanmugakani*/	
$cdate = date('Y-m-d');
$ctime = date('h:i:sa');
	
    
$data = "User ID :".$SelResult[0]['id'].','."User Name:".$SelResult[0]['member_name'].','."Email:".$SelResult[0]['emailid'].','."Member Code:".$SelResult[0]['member_code'].','."Date:".$cdate.','."Time:".$ctime;
	
$fp = fopen('userLoginDateTimeDetails.txt', 'a');
fwrite($fp, $data);
fclose($fp);

		return true;
	  		}
	  	else {
	    $objSmarty->assign('ErrorMessage', "Invalid Mobile Number or Member Code or Password !");
	//	$objSmarty->assign('ErrorMessage', 'Email should not be blank');

		return false;
	  }
	  }
	}

  
    public function RolesLists()
    {
        global $objSmarty, $config;
        $tbl = $config['DBPrefix'];
        $SelQueryU = 'SELECT * FROM `user_group_master` WHERE `usergroupName` = "' . $_SESSION['Web_USER_GROUP'] . '" AND status="1"';
        $GList = $this->ExecuteQuery($SelQueryU, "select");
        $objSmarty->assign('GList', $GList);
//$SelQueryM    = 'SELECT * FROM `user_group_mapping` WHERE `groupName` = "'.$GList[0]['slNo'].'" AND menuType="Main Menu" AND  `isActive` = 1 ORDER BY priority ASC';
        $SelQueryM = 'SELECT user_group_mapping.menuType,user_group_mapping.url, user_group_mapping.faIcon, user_role_master.menuName , user_role_master.slNo FROM `user_group_mapping`,`user_role_master` WHERE groupName="' . $GList[0]['slNo'] . '" AND user_group_mapping.menuName= user_role_master.slNo AND  user_group_mapping.menuType="Main Menu" AND user_group_mapping.isActive = 1 ORDER BY user_group_mapping.priority ASC';
        $MainList = $this->ExecuteQuery($SelQueryM, "select");
        $objSmarty->assign('MainList', $MainList);
//$SelQueryS    = 'SELECT * FROM `user_group_mapping` WHERE `groupName` = "'.$GList[0]['slNo'].'"  AND menuType="Sub Menu" AND  `isActive` = 1';
        //$SelQueryS    = 'SELECT user_group_mapping.menuType,user_group_mapping.url,user_group_mapping.faIcon,user_role_master.menuName FROM `user_group_mapping`,`user_role_master` WHERE groupName="'.$GList[0]['slNo'].'" AND user_group_mapping.menuName= user_role_master.slNo AND  user_group_mapping.menuType="Sub Menu" AND user_group_mapping.isActive = 1 ORDER BY user_group_mapping.priority ASC';
        $SelQueryS = 'SELECT user_group_mapping.menuType,user_group_mapping.url,user_group_mapping.faIcon,user_role_master.menuName,user_role_master.parent_id FROM `user_group_mapping`,`user_role_master` WHERE groupName="' . $GList[0]['slNo'] . '" AND user_group_mapping.menuName= user_role_master.slNo AND  user_group_mapping.menuType="Sub Menu" AND user_group_mapping.isActive = 1 ORDER BY user_group_mapping.priority ASC';
        $SubList = $this->ExecuteQuery($SelQueryS, "select");
        $objSmarty->assign('SubList', $SubList);
//$SelQueryI    = 'SELECT * FROM `user_group_mapping` WHERE `groupName` = "'.$GList[0]['slNo'].'"  AND menuType="Icon" AND  `isActive` = 1 order by menuName desc';
        $SelQueryI = 'SELECT user_group_mapping.menuType,user_group_mapping.url,user_group_mapping.faIcon,user_role_master.menuName FROM `user_group_mapping`,`user_role_master` WHERE groupName="' . $GList[0]['slNo'] . '" AND user_group_mapping.menuName= user_role_master.slNo AND  user_group_mapping.menuType="Icon" AND user_group_mapping.isActive = 1 ORDER BY user_role_master.menuName DESC';
        $IconList = $this->ExecuteQuery($SelQueryI, "select");
        $objSmarty->assign('IconList', $IconList);
        //$SelQueryB    = 'SELECT * FROM `user_group_mapping` WHERE `groupName` = "'.$GList[0]['slNo'].'"  AND menuType="Button" AND  `isActive` = 1';
        $SelQueryB = 'SELECT user_group_mapping.menuType,user_group_mapping.url,user_group_mapping.faIcon,user_role_master.menuName FROM `user_group_mapping`,`user_role_master` WHERE groupName="' . $GList[0]['slNo'] . '" AND user_group_mapping.menuName= user_role_master.slNo AND  user_group_mapping.menuType="Button" AND user_group_mapping.isActive = 1';
        $ButtonList = $this->ExecuteQuery($SelQueryB, "select");
        $objSmarty->assign('ButtonList', $ButtonList);
    }
    function cartCount()
    {
        $SelQueryBook = "SELECT COUNT(*) AS bookCount FROM book_cart_temp WHERE member_id='".$_SESSION['Web_User_ID']."'"; 
        $SelResultBook = $this->ExecuteQuery($SelQueryBook, "select");
      $_SESSION['Web_BOOK']=$SelResultBook[0]['bookCount'];

    }
}
bypass 1.0, Devloped By El Moujahidin (the source has been moved and devloped)
Email: contact@elmoujehidin.net