403WebShell

��JFIF��H�H��Exif��MM�*�� 3��V��3��3�(��3��403WebShell403Webshell

Server IP : 74.208.127.88 / Your IP : 18.191.8.38
Web Server : Apache/2.4.41 (Ubuntu)
System : Linux ubuntu 5.4.0-163-generic #180-Ubuntu SMP Tue Sep 5 13:21:23 UTC 2023 x86_64
User : www-data ( 33)
PHP Version : 7.4.3-4ubuntu2.29
Disable Function : pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,pcntl_unshare,
MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : OFF | Sudo : ON | Pkexec : ON
Directory : /proc/self/root/var/www/html/app6/core/app/view/

Upload File :

[ Back ]

Current File : /proc/self/root/var/www/html/app6/core/app/view/polizasnew-view.php

<?php

class Conexion
{
	private $con;
	private $id;
	
	function __construct()
	{
		$this->con = mysqli_connect("localhost","root","","webfinanza") or die ("Error " . mysqli_error($this->con));
	}

	public function retrieveQuery($sql)
	{
		$query = $this->con->query($sql);
		$this->id = mysqli_insert_id($this->con);
		
		return $query;
	}
	
	public function retrieveArray($sql)
	{
		$array = array();
		$res = $this->retrieveQuery($sql);
		
		while($row = mysqli_fetch_array($res))
		{
			$array[] = $row;
		}
		
		return $array;
	}
	
	public function retrieveLastID()
	{
		return $this->id;
	}
	
	public function retrieveField($sql)
	{
		$retorno = '';
		$res = $this->retrieveQuery($sql);
		
		while($row = mysqli_fetch_array($res))
		{
			$retorno = $row[0];
		}
		
		return $retorno;
	}
}

?>


<?php
$con = new Conexion();

if(isset($_POST['cuenta'])){ $tCta = $_POST['cuenta']; }else{ if(isset($_REQUEST['ref'])){ $tCta = $_REQUEST['ref']; }else{ $tCta = $con->retrieveField("SELECT cuenta.id FROM cuenta WHERE cuenta.defecto = '1'"); } }
if(isset($_POST['fecini'])){ $fIni = $_POST['fecini']; $fFin = $_POST['fecfin']; }else{ $fIni = date('d-m-Y'); $fFin = $fIni; }

$f_ini = substr($fIni,6,4) . "-" . substr($fIni,3,2) . "-" . substr($fIni,0,2);
$f_fin = substr($fFin,6,4) . "-" . substr($fFin,3,2) . "-" . substr($fFin,0,2);

//QUERY PARA COMBO
$sqlCta = "SELECT cuenta.id, cuenta.descripcion FROM cuenta ORDER BY cuenta.descripcion ASC";

//QUERY PARA CONTENIDO
$sql  = "SELECT 1 AS mov, '' AS persona, '' AS moneda, '' AS concepto, '' AS cuenta, 0 AS id, '' AS tipo, '1900-01-01' AS fecha,SUM(movimiento.importe * IF(movimiento.tipo='P',1,-1)) AS saldo, 0 AS ingreso, 0 AS egreso, 'Saldo Anterior' AS descripcion FROM movimiento WHERE movimiento.idcuenta = $tCta AND movimiento.fecha < '$f_ini' UNION ALL ";
$sql .= "SELECT 0 AS mov, persona.nombres AS persona, moneda.descripcion AS moneda, concepto.descripcion AS concepto, cuenta.descripcion AS cuenta, movimiento.id, movimiento.tipo, movimiento.fecha, 0 AS saldo, if(movimiento.tipo='P',movimiento.importe,0) AS ingreso, if(movimiento.tipo='C',movimiento.importe,0) AS egreso, movimiento.descripcion FROM movimiento LEFT OUTER JOIN persona ON ( movimiento.idpersona = persona.id ) INNER JOIN moneda ON ( movimiento.idmoneda = moneda.id ) INNER JOIN concepto ON ( movimiento.idconcepto = concepto.id ) LEFT OUTER JOIN cuenta ON ( movimiento.idcuenta = cuenta.id ) WHERE movimiento.idcuenta = $tCta AND movimiento.fecha BETWEEN '$f_ini' AND '$f_fin' ORDER BY fecha ASC, tipo DESC, id ASC";

$datos = $con->retrieveArray($sql);
$cuentas = $con->retrieveArray($sqlCta);

	$tIng = 0;
	
	$tEgr = 0;
	$iSal = 0;
?>


<section class="content">
<div class="row">
	<div class="col-md-12">
<div class="btn-group pull-right">



<form name="frm" method="post">
<table border="0" width="96%" align="center" cellpadding="0" cellspacing="0">
	<tr>
        <td width="120px" align="left">Seleccione Cuenta:</td>
        <td width="200px">
        	<select name="cuenta" id="cuenta" class="combo" style="width:200px" onchange="document.forms[0].submit();">
            <?php for($i=0;$i<count($cuentas);$i++){ ?>
            <option value="<?php echo $cuentas[$i]['id']; ?>" <?php if($cuentas[$i]['id']==$tCta){ echo "selected"; } ?>><?php echo $cuentas[$i]['descripcion']; ?></option>
            <?php } ?>
            </select>
        </td>
        <td width="100px" align="right"><input type="text" value="<?php echo $fIni; ?>" name="fecini" id="fecini" style="width:80px; text-align:center"/></td>
        <td width="100px" align="right"><input type="text" value="<?php echo $fFin; ?>" name="fecfin" id="fecfin" style="width:80px; text-align:center"/></td>
        <td width="90px" align="right"><button type="submit" name="btnBusca" class="button icon search"><i class='fa fa-user'></i> Buscar</button></td>
		<td width="90px" align="right"><button type="button" onclick="document.location.href='./index.php?view=polizasnew1&id=' + document.getElementById('cuenta').value;" name="btnNuevo" class="button icon add">Nueva</button></td>
		<td width="90px" align="right"><button type="button" onclick="document.location.href='./index.php?view=indexBancos&id=' + document.getElementById('cuenta').value;" name="btnNuevo1" class="button icon add">Regresar</button></td>
    </tr>
</table>
</form>
	
</div>
		<h1>POLIZAS</h1>
<br>
		<?php

		$users = PersonData::getContacts();
		if(count($users)>0){
			// si hay usuarios
			?>
<div class="box box-primary">
<div class="box-body">
			<table class="table table-bordered datatable table-hover">
			<thead>
			<th>ID</th>
			<th>FECHA</th>
			<th>INGRESO</th>
			<th>EGRESO</th>
			<th>SALDO</th>
			<td width="15px"></td>
			<td width="150px">CONCEPTO</td>
			<td width="150px">PERSONA</td>
			<td>DETALLE</td>
			</thead>
			
			<?php for($i=0;$i<count($datos);$i++){ ?>
    <?php
	
	$iIng = $datos[$i]['ingreso']; 
	$tIng = $tIng + $iIng;
	$iEgr = $datos[$i]['egreso']; 
	$tEgr = $tEgr + $iEgr;
	$iSal = $iSal + $datos[$i]['saldo'] + $iIng - $iEgr;
	?>
    <tr height="25px" style="background-color: #<?php echo $color; ?>">
    	<td class="lista_celda" align="center"><?php echo $datos[$i]['id']; ?></td>
        <td class="lista_celda" align="center"><?php if($datos[$i]['id']!=0){ echo $datos[$i]['fecha']; } ?></td>
			<td class="lista_celda" align="right"><?php echo number_format($iIng,2); ?></td>
        <td class="lista_celda" align="right"><?php echo number_format($iEgr,2); ?></td>
        <td class="lista_celda" align="right"><?php echo number_format($iSal,2); ?></td>
        <td class="lista_celda"></td>
        <td class="lista_celda"><?php echo $datos[$i]['concepto']; ?></td>
        <td class="lista_celda"><?php echo $datos[$i]['persona']; ?></td>
        <td class="lista_celda"><?php echo $datos[$i]['descripcion']; ?></td>
    </tr>
    <?php } ?>
			</table>
			</div>
			</div>
			<?php



		}else{
			echo "<p class='alert alert-danger'>No hay Registros</p>";
		}


		?>


	</div>
</div>
</section>

Youez - 2016 - github.com/yon3zu
LinuXploit