|
Server IP : 2a02:4780:3:1493:0:3736:a38e:7 / Your IP : 216.73.216.60 Web Server : LiteSpeed System : Linux sg-nme-web1393.main-hosting.eu 4.18.0-553.77.1.lve.el8.x86_64 #1 SMP Wed Oct 8 14:21:00 UTC 2025 x86_64 User : u926327694 ( 926327694) PHP Version : 7.4.33 Disable Function : NONE MySQL : OFF | cURL : ON | WGET : ON | Perl : OFF | Python : OFF Directory (0755) : /home/u926327694/domains/smsoft.in/public_html/demo/Inventory/../ |
| [ Home ] | [ C0mmand ] | [ Upload File ] |
|---|
<?php
// First we execute our common code to connection to the database and start the session
require("common.php");
// At the top of the page we check to see whether the user is logged in or not
if(!isset($_SESSION['Mng_User']))
{
// If they are not, we redirect them to the login page.
header("Location: login.php");
// Remember that this die statement is absolutely critical. Without it,
// people can view your members-only content without logging in.
die("Redirecting to login.php");
}
// Everything below this point in the file is secured by the login system
// We can display the user's username to them by reading it from the session array. Remember that because
// a username is user submitted content we must use htmlentities on it before displaying it to the user.
?>
<?php include "config/config.php"; ?>
<!DOCTYPE html>
<html>
<head>
<!-- start: Meta -->
<meta charset="utf-8">
<title>Students List</title> <meta name="description" content="Bootstrap Metro Dashboard">
<meta name="author" content="Dennis Ji">
<meta name="keyword" content="Metro, Metro UI, Dashboard, Bootstrap, Admin, Template, Theme, Responsive, Fluid, Retina">
<!-- end: Meta -->
<!-- start: Mobile Specific -->
<meta name="viewport" content="width=device-width, initial-scale=1">
<!-- end: Mobile Specific -->
<!-- start: CSS -->
<link id="bootstrap-style" href="css/bootstrap.min.css" rel="stylesheet">
<link href="css/bootstrap-responsive.min.css" rel="stylesheet">
<link id="base-style" href="css/style.css" rel="stylesheet">
<link id="base-style-responsive" href="css/style-responsive.css" rel="stylesheet">
<link href='http://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&subset=latin,cyrillic-ext,latin-ext' rel='stylesheet' type='text/css'>
<!-- end: CSS -->
<!-- The HTML5 shim, for IE6-8 support of HTML5 elements -->
<!--[if lt IE 9]>
<script src="http://html5shim.googlecode.com/svn/trunk/html5.js"></script>
<link id="ie-style" href="css/ie.css" rel="stylesheet">
<![endif]-->
<!--[if IE 9]>
<link id="ie9style" href="css/ie9.css" rel="stylesheet">
<![endif]-->
<!-- start: Favicon -->
<link rel="shortcut icon" href="img/favicon.ico">
<!-- end: Favicon -->
<style type="text/css">
<!--
.style1 {
color: #3300CC;
font-weight: bold;
}
.style2 {
color: #FF0000;
font-weight: bold;
}
.style4 {
color: #CC00FF;
font-weight: bold;
}
-->
</style>
<script src="https://code.jquery.com/jquery-3.3.1.js"></script>
<script src="https://cdn.datatables.net/1.10.16/js/jquery.dataTables.min.js"></script>
<script src="https://cdn.datatables.net/buttons/1.5.1/js/dataTables.buttons.min.js"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/jszip/3.1.3/jszip.min.js"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/pdfmake/0.1.32/pdfmake.min.js"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/pdfmake/0.1.32/vfs_fonts.js"></script>
<script src="https://cdn.datatables.net/buttons/1.5.1/js/buttons.html5.min.js"></script>
<link rel="stylesheet" type="text/css" href="https://cdn.datatables.net/1.10.16/css/jquery.dataTables.min.css"/>
<link rel="stylesheet" type="text/css" href="https://cdn.datatables.net/buttons/1.5.1/css/buttons.dataTables.min.css"/>
<script type="text/javascript">
$.fn.dataTable.ext.errMode = 'none';
$(document).ready(function() {
$('#example').DataTable( {
dom: 'Bfrtip',
buttons: [
'copyHtml5',
'excelHtml5',
'csvHtml5',
'pdfHtml5'
]
} );
} );
$(document).ready(function() {
$('#example1').DataTable( {
dom: 'Bfrtip',
buttons: [
'copyHtml5',
'excelHtml5',
'csvHtml5',
'pdfHtml5'
]
} );
} );
$(document).ready(function() {
$('#example2').DataTable( {
dom: 'Bfrtip',
buttons: [
'copyHtml5',
'excelHtml5',
'csvHtml5',
'pdfHtml5'
]
} );
} );
$(document).ready(function() {
$('#example3').DataTable( {
dom: 'Bfrtip',
buttons: [
'copyHtml5',
'excelHtml5',
'csvHtml5',
'pdfHtml5'
]
} );
} );
$(document).ready(function() {
$('#example4').DataTable( {
dom: 'Bfrtip',
buttons: [
'copyHtml5',
'excelHtml5',
'csvHtml5',
'pdfHtml5'
]
} );
} );
</script>
<script src="js/jquery-migrate-1.0.0.min.js"></script>
<script src="js/jquery-ui-1.10.0.custom.min.js"></script>
<script src="js/jquery.ui.touch-punch.js"></script>
<script src="js/modernizr.js"></script>
<script src="js/bootstrap.min.js"></script>
<script src="js/jquery.cookie.js"></script>
<script src='js/fullcalendar.min.js'></script>
<script src="js/excanvas.js"></script>
<script src="js/jquery.flot.js"></script>
<script src="js/jquery.flot.pie.js"></script>
<script src="js/jquery.flot.stack.js"></script>
<script src="js/jquery.flot.resize.min.js"></script>
<script src="js/jquery.chosen.min.js"></script>
<script src="js/jquery.uniform.min.js"></script>
<script src="js/jquery.cleditor.min.js"></script>
<script src="js/jquery.noty.js"></script>
<script src="js/jquery.elfinder.min.js"></script>
<script src="js/jquery.raty.min.js"></script>
<script src="js/jquery.iphone.toggle.js"></script>
<script src="js/jquery.uploadify-3.1.min.js"></script>
<script src="js/jquery.gritter.min.js"></script>
<script src="js/jquery.imagesloaded.js"></script>
<script src="js/jquery.masonry.min.js"></script>
<script src="js/jquery.knob.modified.js"></script>
<script src="js/jquery.sparkline.min.js"></script>
<script src="js/counter.js"></script>
<script src="js/retina.js"></script>
<script src="js/custom.js"></script>
</head>
<body onLoad="myFunction()">
<!-- start: Header -->
<?php
include "menu_f.php"; ?>
<!-- start: Header -->
<div class="container-fluid-full">
<div class="row-fluid">
<!-- start: Main Menu -->
<div id="sidebar-left" class="span2">
<div class="nav-collapse sidebar-nav">
<ul class="nav nav-tabs nav-stacked main-menu">
<li><a href="dashboard.php"><i class="icon-bar-chart"></i><span class="hidden-tablet"> Dashboard</span></a></li>
<?php include "menu.php"; ?>
</ul>
</div>
</div>
<!-- end: Main Menu -->
<noscript>
<div class="alert alert-block span10">
<h4 class="alert-heading">Warning!</h4>
<p>You need to have <a href="http://en.wikipedia.org/wiki/JavaScript" target="_blank">JavaScript</a> enabled to use this site.</p>
</div>
</noscript>
<!-- start: Content -->
<div id="content" class="span10">
<ul class="breadcrumb">
<li>
<i class="icon-home"></i>
<a href="dashboard.php">Home</a>
<i class="icon-angle-right"></i>
</li>
<li><a href="#">Manage Users</a></li>
</ul>
<div class="box-content">
<div class="row-fluid sortable">
<div class="box span12">
<div class="box-header" data-original-title>
<h2><i class="halflings-icon white user"></i><span class="break"></span>Add User<br><br></h2>
<div class="box-icon">
</div>
</div>
<div class="box-content" >
<form action="" method="post" >
<table border="0" align="center" style="width:100%;">
<tr>
<td>
<div class="form-group">
<label>UserName</label>
<input type="text" name="txtUserName" class="form-control SpecialNotAllow" required="required" />
</div>
</td>
<td>
<div class="form-group">
<label>Password</label>
<input type="text" name="txtpassword" class="form-control" required="required" pattern="(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{8,}" title="Must contain at least one number and one uppercase and lowercase letter, and at least 8 or more characters" />
</div>
</td>
<td>
<div class="form-group">
<label>Modules</label>
<select class="form-control ddlModules" name="ddlModules" required="required">
<option value="">--Select--</option>
<option value="Fees_Management">Fees Management</option>
<option value="Account">Account Management</option>
<option value="Student_Management">Student Management</option>
<option value="Teacher">Teacher</option>
<option value="Account_Views">Account Views</option>
</select>
</div>
</td>
<td>
<div class="form-group">
<label>Select Year</label>
<select class="form-control" name="PastYear">
<option value="" selected='selected'>2023</option>
<option value="_22">2022</option>
<option value="_21">2021</option>
<option value="_19">2019</option>
<option value="_18">2018</option>
<option value="_17">2017</option>
</select>
</div>
</td>
<td>
<div class="form-group">
<label style="width:100%;"> </label>
<button class="btn btn-primary" name="btnAddUser">Submit</button>
</div>
</td>
</tr>
<tr class="user_permission" style="display:none;">
<td>
<label>
<input class="checkbox" type="checkbox" name="user_permission[]" value="class_division" checked="checked" />Class / Division
</label>
<label>
<input class="checkbox" type="checkbox" name="user_permission[]" value="head" checked="checked" />Head
</label>
<label>
<input class="checkbox" type="checkbox" name="user_permission[]" value="update_student" checked="checked" />Update / View Student
</label>
<label>
<input class="checkbox" type="checkbox" name="user_permission[]" value="pay_fees" checked="checked" />Pay Fees
</label>
<label>
<input class="checkbox" type="checkbox" name="user_permission[]" value="balance_reports" checked="checked" />Balance Reports
</label>
<label>
<input class="checkbox" type="checkbox" name="user_permission[]" value="discount" checked="checked" />Discount
</label>
</td>
<td>
<label>
<input class="checkbox" type="checkbox" name="user_permission[]" value="sub_head" checked="checked" />Sub Head
</label>
<label>
<input class="checkbox" type="checkbox" name="user_permission[]" value="fees_receipt_head" checked="checked" />Fees Receipt Head
</label>
<label>
<input class="checkbox" type="checkbox" name="user_permission[]" value="apply_fees_code" checked="checked" />Apply Fees Code
</label>
<label>
<input class="checkbox" type="checkbox" name="user_permission[]" value="payment_approve" checked="checked" />Payment Approve
</label>
<label>
<input class="checkbox" type="checkbox" name="user_permission[]" value="inventory" checked="checked" />Inventory
</label>
</td>
<td>
<label>
<input class="checkbox" type="checkbox" name="user_permission[]" value="bank" checked="checked" />Bank
</label>
<label>
<input class="checkbox" type="checkbox" name="user_permission[]" value="new_student" checked="checked" />New Student
</label>
<label>
<input class="checkbox" type="checkbox" name="user_permission[]" value="remove_fees_code" checked="checked" />Remove Fees Code
</label>
<label>
<input class="checkbox" type="checkbox" name="user_permission[]" value="daily_reports" checked="checked" />Daily Reports
</label>
<label>
<input class="checkbox" type="checkbox" name="user_permission[]" value="utility" checked="checked" />Utility
</label>
</td>
<td>
</td>
</tr>
</table>
</form>
</div>
</div>
</div>
<div class="row-fluid sortable" >
<div class="box span12">
<div class="box-header" data-original-title>
<h2><i class="halflings-icon white user"></i><span class="break"></span>Users</h2>
<div class="box-icon">
</div>
</div>
<div class="box-content">
<table id="example" class="table table-striped table-bordered bootstrap-datatable datatable">
<thead>
<tr>
<th>UserName</th>
<th>Password</th>
<th>Module</th>
<th>Delete</th>
</tr>
</thead>
<tbody>
<?php
$sel_user=mysqli_query($con,"select username,type,id,passwordText from users");
while($res_user=mysqli_fetch_array($sel_user))
{
?>
<tr>
<td><?php echo $res_user['username'] ?></td>
<td><?php echo $res_user['passwordText'] ?></td>
<td><?php echo $res_user['type'] ?></td>
<td>
<a href="delete-user.php?id=<?php echo $res_user['id'] ?>" onclick="return confirm('Are sure delete user ?')">Delete</a>
</td>
</tr>
<?php
}
?>
</tbody>
</table>
</div>
</div> </div> </div>
</div>
<!--/.fluid-container-->
<!-- end: Content -->
</div><!--/#content.span10-->
</div><!--/fluid-row-->
<div class="clearfix"></div>
<div class="clearfix"></div>
<footer>
<p>
<span style="text-align:left;float:left">© 2018 <a href="http://evisioninfotech.in" alt="Bootstrap_Metro_Dashboard">e vision infotech</a></span>
</p>
</footer>
<script type="text/javascript">
$(function () {
$(".SpecialNotAllow").keypress(function (e) {
var keyCode = e.keyCode || e.which;
var regex = /^[A-Za-z0-9]+$/;
//Validate TextBox value against the Regex.
var isValid = regex.test(String.fromCharCode(keyCode));
if (!isValid) {
return false;
}
return isValid;
});
$(".user_permission").hide();
$(".ddlModules").change(function (e) {
if($(this).val()=="Fees_Management")
{
$(".user_permission").show();
}
else
{
$(".user_permission").hide();
}
});
});
</script>
</body>
</html>
<?php
if(isset($_POST['btnAddUser']))
{
$username=$_POST['txtUserName'];
$Spassword=$_POST['txtpassword'];
$PastYear=$_POST['PastYear'];
$Module=$_POST['ddlModules'];
$salt = dechex(mt_rand(0, 2147483647)) . dechex(mt_rand(0, 2147483647));
$password = hash('sha256', $Spassword . $salt);
for($round = 0; $round < 65536; $round++)
{
$password = hash('sha256', $password . $salt);
}
if($_POST['PastYear']==Date('y'))
{
$edit_permission=mysqli_query($con,"ALTER TABLE `users` CHANGE `email` `email` VARCHAR(255) NULL");
$add_column=mysqli_query($con,"ALTER TABLE `users` ADD `passwordText` VARCHAR(255) NOT NULL AFTER `type`");
if($edit_permission)
{
$insert=mysqli_query($con,"INSERT INTo users(username,password,type,passwordText,salt) VALUES ('$username','$password','$Module','$Spassword','$salt')");
if($insert)
{
if($Module=="Fees_Management")
{
$user_id=mysqli_insert_id($con);
$user_permission=$_POST['user_permission'];
foreach($user_permission as $menu)
{
mysqli_query($con,"INSERT INTo user_permission(user_id,menu,status) VALUES ($user_id,'$menu',1)");
}
}
echo"<script>alert('User has been added...'); window.location='manage-users.php';</script>";
}
else
{
echo"<script>alert('Unable to add user...'); window.location='manage-users.php';</script>";
}
}
else
{
echo"<script>alert('Unable to add user...'); window.location='manage-users.php';</script>";
}
}
else
{
$dbYear = $_POST['PastYear'];
require_once('config/rootphp.php');
$rootObj=new rootphp();
$rootObj->connect();
$response=$rootObj->getFeesDB();
$dbUsername = $response['dbUsernameFees'];
$dbPassword = $response['dbPassword'];
$dbName=$response['dbFees'];
$new_con=mysqli_connect($servername,$dbUsername.$dbYear,$dbPassword,$dbName.$dbYear);
if($new_con){
$edit_permission=mysqli_query($new_con,"ALTER TABLE `users` CHANGE `email` `email` VARCHAR(255) NULL");
$add_column=mysqli_query($new_con,"ALTER TABLE `users` ADD `passwordText` VARCHAR(255) NOT NULL AFTER `type`");
if($edit_permission)
{
$insert=mysqli_query($new_con,"INSERT INTo users(username,password,type,passwordText,salt) VALUES ('$username','$password','$Module','$Spassword','$salt')");
if($insert)
{
if($Module=="Fees_Management")
{
$user_id=mysqli_insert_id($new_con);
$user_permission=$_POST['user_permission'];
foreach($user_permission as $menu)
{
mysqli_query($new_con,"INSERT INTo user_permission(user_id,menu,status) VALUES ($user_id,'$menu',1)");
}
}
echo"<script>alert('User has been added...'); window.location='manage-users.php';</script>";
}
else
{
echo"<script>alert('Unable to add user...'); window.location='manage-users.php';</script>";
}
}
else
{
echo"<script>alert('Unable to add user...'); window.location='manage-users.php';</script>";
}
}
else{
echo"<script>alert('Database Connection failed for past year contact to administrator...'); window.location='manage-users.php';</script>";
}
}
}
?>