One Hat Cyber Team

Your IP : 172.69.130.198

Server IP : 188.114.97.3

Server : Linux thuru 6.5.11-4-pve #1 SMP PREEMPT_DYNAMIC PMX 6.5.11-4 (2023-11-20T10:19Z) x86_64

Server Software : Apache/2.4.51 (Unix) OpenSSL/1.0.2k-fips

PHP Version : 7.3.33

Buat File | Buat Folder

Dir : ~/home/thuruk/public_html/App/New/users/

Edit File: userRegistration.php

<?php
   
         include("../connections.php"); //database connection

// $sessionId	= mysql_real_escape_string($_POST['session_id']);
        $target_dir = "Images";
        
        $session = mysqli_real_escape_string($connect,$_POST['session_id']);
        
		$username		= mysqli_real_escape_string($connect,$_POST['name']);
		$mobile_number =mysqli_real_escape_string($connect,$_POST['mobile_number']);
        $city		= mysqli_real_escape_string($connect,$_POST['city']);
		$password=md5(mysqli_real_escape_string($connect,$_POST['password']));
		$email=   mysqli_real_escape_string($connect,$_POST['email']);
		$date = date('y-m-d');
        $query="";
		$json;
		if($session!="5f0e6bfbafe255ds003434349") {
			$json['status'] = 400;
			$json['msg'] = 'Session Expired';
		} else {
			$rsData = array();
			
			if(isset($_POST['image'])){
		    
		    	$image = $_POST['image'];
                $name =$target_dir."/".$_POST['imagename'];
                $realImage = base64_decode($image);
                $imageUrl =$name;
                file_put_contents($name,$realImage);
        
                $url = "http://thurukepakaru.com/App/New/".$name;
      		    $query="INSERT INTO `users`(`user_id`, `name`, `city`, `email`,`password`,`created_date`,`profile`,`status`) VALUES ('$mobile_number','$username','$city','$email','$password','$date','$url','pending')";	
		}else{
		    
		    $query="INSERT INTO `users`(`user_id`, `name`, `city`, `email`, `password`,`created_date`,`profile`,`status`) VALUES ('$mobile_number','$username','$city','$email','$password','$date','','pending')";	
		    
		}
		
		   
		   $rs = mysqli_query($connect,$query) or die(mysqli_error($connect));
          
          
		   
		   //Following qQUery Will Send Otp to User
		   
		  $otp_number = str_pad(mt_rand(0, 9999), 4, '0', STR_PAD_LEFT);
        
          $new_number ='94'.$mobile_number;
          $message =$otp_number;

$curl1 = curl_init();
 /*
          curl_setopt($curl1, CURLOPT_URL,'https://richcommunication.dialog.lk/api/sms/inline/send?q=994c2a181323d6d&destination='.$new_number.'message='.$message.'&from=Test');
          
              curl_setopt($curl1, CURLOPT_FAILONERROR, true);
              curl_setopt($curl1, CURLOPT_FOLLOWLOCATION, true);
              curl_setopt($curl1, CURLOPT_RETURNTRANSFER, true);
           
              $output1 = curl_exec($curl1);
              
          
          
                         $curl1 = curl_init();*/
 
                    curl_setopt($curl1, CURLOPT_URL,'https://richcommunication.dialog.lk/api/sms/inline/send?q=068484db4b14388&destination='.$new_number.'&message='.$message.'&from=ThuruKep');
              
              // curl_setopt($curl1, CURLOPT_URL,'https://richcommunication.dialog.lk/api/sms/inline/send?q//=75b0d5013208a40&destination=94713505429&message=hello&from=CloudX.LK');
              curl_setopt($curl1, CURLOPT_FAILONERROR, true);
              curl_setopt($curl1, CURLOPT_FOLLOWLOCATION, true);
              curl_setopt($curl1, CURLOPT_RETURNTRANSFER, true);
           
              $output1 = curl_exec($curl1);
          
          
          
          
        
          	  $otp_query="INSERT INTO `user_otp`( `user_id`, `otp_number`,`status`) VALUES ('$mobile_number','$otp_number','pending')";
            
              mysqli_query($connect,$otp_query) or die(mysqli_error($connect));
 
		
		   if($rs){
			    $rsData['result'] = "success";
			}else{
			    $rsData['result'] = "fail";
			}
			$json['status'] = 200;
			$json['msg'] = 'Success';
			$json['data'] = $rsData;
		}
//		header("Content-Type: application/json");
		
		echo json_encode($json);

?>