UnknownSec Bypass
403
:
/
var
/
www
/
cotutilitydash
/ [
drwxrwxr-x
]
Menu
Upload
Mass depes
Mass delete
Terminal
Info server
About
name :
manage_user.php
<?php include "header.php"?> <?php include "sidemenu.php"?> <?php $query = " select * from permissiontb where formname='manage_user.php' and userid='".$_SESSION['userid']."' and isdeleted=0"; $result = mysqli_query($conn, $query); while ($row=mysqli_fetch_array($result)) { $data["show"] = $row["pshow"]; } if($data["show"]==1) { }else{ ?> <script type='text/javascript'> window.location.href = 'dashboard.php' </script> <?php } ?> <div id="page-wrapper"> <div class="col-md-12 graphs"> <div class="xs"> <!-- <h3>Manage User</h3> --> <!-- <div class="form-group"> <div class="row"> <div class="col-md-6 grid_box1"> <h3>Manage User</h3> </div> <div class="col-md-6" align="right"> <a class="btn btn-primary" href="#" style="margin: 5px"><i class="fa fa-lock"></i> Logout</a> </div> <div class="clearfix"> </div> </div> </div> --> <table width="100%"> <tr> <td width="50%"> <h3>Manage User</h3> </td> <td width="50%" align="right"> <a class="btn btn-primary" href="list_user.php" style="margin: 5px"><i class="fa fa-list"></i> User List</a> </td> </tr> </table> <div class="well1 white"> <input type="hidden" class="form-control1" id="hdid" name="hdid"> <fieldset> <div class="form-group"> <div class="row"> <div class="col-md-6 grid_box1"> <label class="control-label">Name</label> <input type="text" class="form-control1" id="name" name="name" placeholder="Name"> </div> <div class="col-md-6"> <label class="control-label">Mobile No.</label> <input type="text" class="form-control1" id="mobile" name="mobile" placeholder="Mobile No."> </div> <div class="clearfix"> </div> </div> </div> <div class="form-group"> <div class="row"> <div class="col-md-6 grid_box1"> <label class="control-label">User Name</label> <input type="text" class="form-control1" placeholder="User Name" id="username" name="username"> </div> <div class="col-md-6"> <label class="control-label">Password</label> <input type="text" class="form-control1" placeholder="Password" id="psw" name="psw"> </div> <div class="clearfix"> </div> </div> </div> <div class="form-group"> <div class="row"> <div class="col-md-12 grid_box1"> <label class="control-label">User Type</label> <select class="form-control1 ng-invalid ng-invalid-required" ng-model="model.select" required="" id="usertype" name="usertype"> <option value="Supervisor">Supervisor</option> <option value="Admin">Admin</option> </select> </div> <!-- <div class="col-md-6"> <label class="control-label">Select Sub Area</label> <select class="form-control1 ng-invalid ng-invalid-required" ng-model="model.select" required=""> <option value="? undefined:undefined ?"></option> <option value="Select a pirate">Select a pirate</option> <option value="Monkey D. Luffy">Monkey D. Luffy</option> <option value="Roronoa Zoro">Roronoa Zoro</option> <option value="Tony Tony Chopper">Tony Tony Chopper</option> <option value="Nico Robin">Nico Robin</option> <option value="Bon Clay">Bon Clay</option> </select> </div> --> <div class="clearfix"> </div> </div> </div> <!-- <div class="form-group filled"> <label class="control-label">Select Area</label> <select class="form-control1 ng-invalid ng-invalid-required" ng-model="model.select" required=""> <option value="? undefined:undefined ?"></option> <option value="Select a pirate">Select a pirate</option> <option value="Monkey D. Luffy">Monkey D. Luffy</option> <option value="Roronoa Zoro">Roronoa Zoro</option> <option value="Tony Tony Chopper">Tony Tony Chopper</option> <option value="Nico Robin">Nico Robin</option> <option value="Bon Clay">Bon Clay</option> </select> </div> <div class="form-group"> <label class="control-label">Sub Area Name</label> <input type="text" class="form-control1 ng-invalid ng-invalid-required ng-touched" required=""> </div> --> <div class="form-group"> <button type="submit" class="btn btn-primary" id="btnsave" name="btnsave" onclick="curduser();">SAVE</button> <button type="reset" class="btn btn-default" onclick="ClearAll();">Reset</button> </div> </fieldset> </div> <!-- <div class="bs-example4 tab-content" data-example-id="simple-responsive-table"> <h3>User List</h3> <div class="table-responsive"> <table id="studtable" class="table table-bordered"> <thead> <tr> <th>#</th> <th>Table heading</th> <th>Table heading</th> <th>Table heading</th> <th>Table heading</th> <th>Table heading</th> <th>Table heading</th> </tr> </thead> <tbody> <tr> <th scope="row">1</th> <td>Table cell</td> <td>Table cell</td> <td>Table cell</td> <td>Table cell</td> <td>Table cell</td> <td>Table cell</td> </tr> <tr> <th scope="row">2</th> <td>Table cell</td> <td>Table cell</td> <td>Table cell</td> <td>Table cell</td> <td>Table cell</td> <td>Table cell</td> </tr> <tr> <th scope="row">3</th> <td>Table cell</td> <td>Table cell</td> <td>Table cell</td> <td>Table cell</td> <td>Table cell</td> <td>Table cell</td> </tr> </tbody> </table> </div> </div> --> </div> <script> function ClearAll() { $('#hdid').val(""); $('#name').val(""); $('#mobile').val(""); $('#username').val(""); $('#psw').val(""); $('#usertype').val(""); $('#btnsave').text("SAVE"); window.location.href = "manage_user.php"; checkpermission(); } function checkpermission() { var formname = "manage_user.php"; try { var urlgetcode = 'get_permissiondetails.php'; $.ajax({ method: 'POST', url: urlgetcode, data: '&formname=' + formname, dataType: 'json', async: true, cache: false, success: function(data) { var btntext = document.getElementById("btnsave").innerHTML; if (btntext == "SAVE") { if (data.add == 0) { $(btnsave).prop("disabled", true); alert( "You do not have permission to add user please contact to administrator"); return; } else { $(btnsave).prop("disabled", false); } } else if (btntext == "UPDATE") { if (data.edit == 0) { $(btnsave).prop("disabled", true); alert( "You do not have permission to edit user please contact to administrator"); return; } else { $(btnsave).prop("disabled", false); } } else if (btntext == "REMOVE") { if (data.delete == 0) { $(btnsave).prop("disabled", true); //alert("You do not have permission to remove user please contact to administrator"); return; } else { $(btnsave).prop("disabled", false); } } }, error: function(request) { alert(request.responseText); } }); } catch (Error) { alert(Error); } return; } function getUrlVars() { var vars = [], hash; var hashes = window.location.href.slice(window.location.href.indexOf('?') + 1).split('&'); for (var i = 0; i < hashes.length; i++) { hash = hashes[i].split('='); vars.push(hash[0]); vars[hash[0]] = hash[1]; } return vars; } function getuserdetails() { var id = getUrlVars()['id']; var op = getUrlVars()['op']; if (id != "") { $.ajax({ method: 'POST', url: 'get_userdetails.php', data: '&id=' + id, dataType: "JSON", success: function(data) { $('#hdid').val(data.id); $('#name').val(data.name); $('#mobile').val(data.mobileno); $('#username').val(data.username); $('#psw').val(data.upassword); $('#usertype').val(data.usertype); if (op == "Update") { $('#btnsave').text("UPDATE"); } else if (op == "Delete") { $('#btnsave').text("REMOVE"); } checkpermission(); } }); } } $(document).ready(function() { checkpermission(); getuserdetails(); $("#studtable").DataTable({ bLengthChange: true, "iDisplayLength": 10, bInfo: false, responsive: true, "bAutoWidth": false }); }); function curduser() { var flag = true; var inputField1 = document.getElementById("name"); if (inputField1.value == "") { flag = false; alert("Please enter name."); document.getElementById("name").focus(); return false; } var inputField2 = document.getElementById("mobile"); if (inputField2.value == "") { flag = false; alert("Please enter mobile."); document.getElementById("mobile").focus(); return false; } var inputField3 = document.getElementById("username"); if (inputField3.value == "") { flag = false; alert("Please enter user name."); document.getElementById("username").focus(); return false; } var inputField4 = document.getElementById("psw"); if (inputField4.value == "") { flag = false; alert("Please enter password."); document.getElementById("psw").focus(); return false; } var inputField5 = document.getElementById("usertype"); if (inputField5.value == "") { flag = false; alert("Please select user type."); document.getElementById("usertype").focus(); return false; } var name = document.getElementById("name").value; var mobile = document.getElementById("mobile").value; var username = document.getElementById("username").value; var psw = document.getElementById("psw").value; var usertype = document.getElementById("usertype").value; var id = document.getElementById("hdid").value; var btnopration = document.getElementById("btnsave").innerHTML; var identifier = 1; try { if (flag == true) { var text = "Do you want to " + btnopration + " user"; if (confirm(text) == false) { flag = false; return false; } var urlgetcode = 'mst_curd_user.php'; $.ajax({ method: 'POST', url: urlgetcode, data: '&name=' + name + '&mobile=' + mobile + '&username=' + username + '&psw=' + psw + '&usertype=' + usertype + '&id=' + id + '&btnopration=' + btnopration + '&identifier=' + identifier, dataType: 'json', async: true, cache: false, success: function(data) { alert(data); window.location.href = "manage_user.php"; $('#hdid').val(""); // $('#testdepartmentname').val(""); }, error: function(request) { alert(request.responseText); } }); } } catch (Error) { alert(Error); } return; } </script> <?php include "footer.php"?>
Copyright © 2025 - UnknownSec