UnknownSec Bypass
403
:
/
var
/
www
/
cotutilitydash
/ [
drwxrwxr-x
]
Menu
Upload
Mass depes
Mass delete
Terminal
Info server
About
name :
user_permission.php
<?php include "header.php"?> <?php include "sidemenu.php"?> <?php $query = " select * from permissiontb where formname='user_permission.php' and userid='".$_SESSION['userid']."' and isdeleted=0"; $result = mysqli_query($conn, $query); while ($row=mysqli_fetch_array($result)) { $data["show"] = $row["pshow"]; } if($data["show"]==1) { }else{ ?> <script type='text/javascript'> window.location.href = 'dashboard.php' </script> <?php } ?> <div id="page-wrapper"> <div class="col-md-12 graphs"> <div class="xs"> <h3>Manage User Permission</h3> <div class="well1 white"> <input type="hidden" class="form-control1" id="hdid" name="hdid"> <fieldset> <div class="form-group"> <label class="control-label">Select User</label> <select class="form-control1 ng-invalid ng-invalid-required" ng-model="model.select" required="" id="username" name="username" onchange="getuserpermisiondetails()"> </select> </div> <div class="form-group"> <button type="submit" class="btn btn-primary" id="btnsave" onclick="savepuserpermission();">SAVE</button> <button type="reset" class="btn btn-default" onclick="ClearAll();">Reset</button> </div> </fieldset> </div> <div class="bs-example4 tab-content" data-example-id="simple-responsive-table"> <h3>Pages & Permission List</h3> <div class="table-responsive"> <table class=" table table-bordered content-table"> <thead> <td>S.No.</td> <td>Form Name</td> <td>Form show Name</td> <td>Add</td> <td>Edit</td> <td>Delete</td> <td>Show</td> </thead> <tbody id="root"> </tbody> </table> </div> </div> </div> <script> function ClearAll() { $('#username').val("Select User Name"); document.getElementById("btnsave").innerHTML = "SAVE"; //localStorage.clear(); getuserpermisiondetails(); } function getformdetails() { let newarr = JSON.parse(localStorage.getItem("userp_data")); for (let k in newarr) { let arr = JSON.parse(localStorage.getItem("userp_data")); arr.splice(k); localStorage.setItem('userp_data', JSON.stringify(arr)); } select(); localStorage.clear(); let identifier = 1; $.ajax({ method: 'POST', url: 'get_formdetails.php', data: '&identifier=' + identifier, dataType: "JSON", success: function(res) { let arr = JSON.parse(localStorage.getItem("userp_data")); for (var i = 0; i < res.length; i++) { let formname = res[i].formname; let formshowname = res[i].formshowname; let add = res[i].add; let edit = res[i].edit; let del = res[i].delete; let show = res[i].show; let arrdata = { formname: formname, formshowname: formshowname, add: add, edit: edit, del: del, show: show }; if (arr == null) { arr = [] } arr.push(arrdata); localStorage.setItem('userp_data', JSON.stringify(arr)); } select(); // $('#consultant').val(data.examid); } }); } function getuserpermisiondetails() { let newarr = JSON.parse(localStorage.getItem("userp_data")); for (let k in newarr) { let arr = JSON.parse(localStorage.getItem("userp_data")); arr[k].add = 0; arr[k].edit = 0; arr[k].del = 0; arr[k].show = 0; localStorage.setItem('userp_data', JSON.stringify(arr)); } select(); // localStorage.clear(); let identifier = 2; var username = document.getElementById("username").value; $.ajax({ method: 'POST', url: 'get_formdetails.php', data: '&identifier=' + identifier + '&username=' + username, dataType: "JSON", success: function(res) { if (res.length > 0) { localStorage.clear(); } let arr = JSON.parse(localStorage.getItem("userp_data")); for (var i = 0; i < res.length; i++) { let formname = res[i].formname; let formshowname = res[i].formshowname; let add = res[i].add; let edit = res[i].edit; let del = res[i].delete; let show = res[i].show; let arrdata = { formname: formname, formshowname: formshowname, add: add, edit: edit, del: del, show: show }; if (arr == null) { arr = [] } arr.push(arrdata); localStorage.setItem('userp_data', JSON.stringify(arr)); } document.getElementById("btnsave").innerHTML = "UPDATE"; select(); // $('#consultant').val(data.examid); } }); } function select() { let newarr = JSON.parse(localStorage.getItem("userp_data")); if (newarr != null) { let html = ''; let sno = 1; var total = 0; for (let k in newarr) { t = 0; let chkadd = newarr[k].add == 1 ? "checked='checked'" : ""; let chkedit = newarr[k].edit == 1 ? "checked='checked'" : ""; let chkdel = newarr[k].del == 1 ? "checked='checked'" : ""; let chkshow = newarr[k].show == 1 ? "checked='checked'" : ""; html = html + `<tr><td>${sno}</td><td>${newarr[k].formname} </td> <td>${newarr[k].formshowname}</td> <td> <input type='checkbox' + ${chkadd} name="techno[]" value=${newarr[k].add} onchange="updateadd(${sno},this.value);" ></td> <td> <input type='checkbox'+ ${chkedit} name="techno[]" value=${newarr[k].edit} onchange="updateedit(${sno},this.value);"> </td> <td><input type='checkbox'+ ${chkdel} name="techno[]" value=${newarr[k].del} onchange="updatedel(${sno},this.value);" > </td><td><input type='checkbox' + ${chkshow} name="techno[]" value=${newarr[k].show} onchange="updateshow(${sno},this.value);"></td> </tr>`; sno++; }; document.getElementById('root').innerHTML = html; id = "No"; } } function updateadd(rid, val1) { let id = rid - 1; let arr = JSON.parse(localStorage.getItem("userp_data")); if (val1 == 0) arr[rid - 1].add = 1; else { arr[rid - 1].add = 0; } localStorage.setItem('userp_data', JSON.stringify(arr)); select(); } function updateedit(rid, val1) { let id = rid - 1; let arr = JSON.parse(localStorage.getItem("userp_data")); if (val1 == 0) arr[rid - 1].edit = 1; else { arr[rid - 1].edit = 0; } localStorage.setItem('userp_data', JSON.stringify(arr)); select(); } function updatedel(rid, val1) { let id = rid - 1; let arr = JSON.parse(localStorage.getItem("userp_data")); if (val1 == 0) arr[rid - 1].del = 1; else { arr[rid - 1].del = 0; } localStorage.setItem('userp_data', JSON.stringify(arr)); select(); } function updateshow(rid, val1) { let id = rid - 1; let arr = JSON.parse(localStorage.getItem("userp_data")); if (val1 == 0) arr[rid - 1].show = 1; else { arr[rid - 1].show = 0; } localStorage.setItem('userp_data', JSON.stringify(arr)); select(); } function getusername(val) { $.ajax({ type: "Post", url: "get_onlyusername.php", success: function(res) { var data = JSON.parse(res); var sel = $("#username"); sel.empty(); $("#username").append('<option>Select User Name</option>'); for (var i = 0; i < data.length; i++) { if (data[i].tid == val) { sel.append('<option value="' + data[i].tid + '" selected=true>' + data[i] .tname + '</option>'); } else { sel.append('<option value="' + data[i].tid + '">' + data[i].tname + '</option>'); } } // $('#particular').editableSelect(); /// $("#state").html(data); } }); } $("input[type='checkbox']").on('change', function() { alert("aa"); $(this).val(this.checked ? "TRUE" : "FALSE"); }) function savepuserpermission() { var flag = true; var username = document.getElementById("username").value; if (username == "Select User Name") { alert("Please select user name"); document.getElementById("username").focus(); return; } var btnopration = document.getElementById("btnsave").innerHTML; let arr = JSON.parse(localStorage.getItem("userp_data")); if (arr != null) { var text = "Do you want to " + btnopration + " user permission"; if (confirm(text) == false) { flag = false; return false; } $.ajax({ type: "Post", url: "curd_userpermission.php", data: { userdata: JSON.stringify(arr), username: username, btnopration: btnopration }, success: function(res) { if (res == 1) { alert("user permission save successfully"); select(); //localStorage.clear(); // window.location.href = "manage_procedure.php"; } else if (res == 2) { alert("user permission update successfully"); select(); window.location.href = "user_permission.php"; // document.getElementById("btnsave").innerHTML = "SAVE"; // localStorage.clear(); // window.location.href = "manage_procedure.php"; } else { alert("There is problem to save the user permission"); } } }); } else { alert(""); } } $(document).ready(function() { getusername(""); getformdetails(); }); function show() { var inputField1 = document.getElementById("area"); if (inputField1.value == "Select Area") { flag = false; alert("Please select area."); document.getElementById("area").focus(); return false; } var inputField1 = document.getElementById("area"); if (inputField1.value == "Select Area") { flag = false; alert("Please select area."); document.getElementById("area").focus(); return false; } var inputField2 = document.getElementById("txtfromdate"); if (inputField2.value == "") { flag = false; alert("Please select from date."); document.getElementById("txtfromdate").focus(); return false; } var inputField3 = document.getElementById("txttodate"); if (inputField3.value == "") { flag = false; alert("Please select to date."); document.getElementById("txttodate").focus(); return false; } var area = document.getElementById("area").value; var subarea = document.getElementById("subarea").value; var fromdate = document.getElementById("txtfromdate").value var todate = document.getElementById("txttodate").value $('#customer_data').DataTable().destroy(); $('#customer_data').DataTable({ "processing": true, "serverSide": true, "searching": false, "ajax": { url: "fetch.php", type: "POST", data: { area: area, fromdate: fromdate, todate: todate, subarea: subarea } }, dom: 'lBfrtip', buttons: [ 'excel', 'csv', 'pdf', 'copy' ], "lengthMenu": [ [10, 25, 50, -1], [10, 25, 50, "All"] ] }); } </script> <?php include "footer.php"?>
Copyright © 2025 - UnknownSec