HEX
Server: Apache
System: Linux 185.122.168.184.host.secureserver.net 5.14.0-570.52.1.el9_6.x86_64 #1 SMP PREEMPT_DYNAMIC Wed Oct 15 06:39:08 EDT 2025 x86_64
User: barbeatleanalyti (1024)
PHP: 8.1.33
Disabled: NONE
$ pwd: /home/barbeatleanalyti/public_html/mbaris.beatleanalytics.com/assets/include/
Upload Files
File: /home/barbeatleanalyti/public_html/mbaris.beatleanalytics.com/assets/include/backendFunction.php
 <?php 
 	if (isset($_POST['addusersubmit']))
	{
		$username  = $_POST['addUserName'];
		$useremail = $_POST['addUserEmail'];
		$userphone = $_POST['addUserPhone'];
		$userpass  = $_POST['addUserPassword'];
		$usergroup = $_POST['addUserGroup'];
		$datepicker = $_POST['datepicker'];
		$validate   = strtotime($datepicker);
		$vdate 		= date('Y-m-d H:i:s' , $validate);
		if ($usergroup == 'SU_admin')
		{
			$uniq = rand(1,1000);
			$unqId = 'AD_'.$uniq;
		}
		elseif ($usergroup == 'owner')
		{
			$uniq = rand(1,1000);
			$unqId = 'OW_'.$uniq;
		}
		elseif ($usergroup == 'manager')
		{
			$uniq = rand(1,1000);
			$unqId = 'MA_'.$uniq;
		}
		elseif ($usergroup == 'line_manager')
		{
			$uniq = rand(1,1000);
			$unqId = 'LIMA_'.$uniq;
		}
 
		$array = array();
		$target_dir = "userPics/";
		$target_file = time().'_'.'UserProfile.jpg';
	 
		$imageFileType = pathinfo($_FILES['filetoupload']['name'],PATHINFO_EXTENSION);
		
		if($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg" && $imageFileType != "gif" ) 
		{
			echo 'e1';
		}
		else
		{
			$dirfile = $target_dir.$target_file; 
			move_uploaded_file($_FILES['filetoupload']['tmp_name'],$dirfile);
			
			$returndata = $ParentObj->addNewUser($username,$useremail,$userphone,$userpass,$usergroup,$unqId,$target_file,$usergroup,$vdate);
			
		}
	}
	
	
	if (isset($_POST['editusersubmit']))
	{
		$username  = $_POST['addUserName'];
		$useremail = $_POST['addUserEmail'];
		$userphone = $_POST['addUserPhone'];
		$userpass  = $_POST['addUserPassword'];
		$usergroup = $_POST['addUserGroup'];
		$datepicker = $_POST['datepicker'];
		$validate   = strtotime($datepicker);
		$vdate 		= date('Y-m-d H:i:s' , $validate);
		$UID		= $_POST['UID'];
		
		if (!empty($_FILES['filetoupload']['name']))
		{
			$target_dir = "userPics/";
			$target_file = time().'_'.'UserProfile.jpg';
			$imageFileType = pathinfo($_FILES['filetoupload']['name'],PATHINFO_EXTENSION);
			
			if($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg" && $imageFileType != "gif" ) 
			{
				echo 'e1';
			}
			else
			{
				$dirfile = $target_dir.$target_file; 
				move_uploaded_file($_FILES['filetoupload']['tmp_name'],$dirfile);
			}
			$returndata = $ParentObj->UpdateNewUser($username,$useremail,$userphone,$userpass,$UID,$usergroup,$target_file,$usergroup,$vdate);
			
		}		
		else 
		{
			$target_file = $_POST['oldimg'];
			$returndata = $ParentObj->UpdateNewUser($username,$useremail,$userphone,$userpass,$UID,$usergroup,$target_file,$usergroup,$vdate);
		}
	}
 ?>
@ Telegram