Tul xxx Tul
User / IP
:
216.73.216.159
Host / Server
:
45.84.207.204 / aircan.me
System
:
Linux lt-bnk-web1726.main-hosting.eu 5.14.0-611.36.1.el9_7.x86_64 #1 SMP PREEMPT_DYNAMIC Tue Mar 3 11:23:52 EST 2026 x86_64
Command
|
Upload
|
Create
Mass Deface
|
Jumping
|
Symlink
|
Reverse Shell
Ping
|
Port Scan
|
DNS Lookup
|
Whois
|
Header
|
cURL
:
/
home
/
u931257429
/
domains
/
aircan.me
/
public_html
/
construcciones
/
admin
/
app
/
Models
/
Viewing: Project.php
<?php class Project extends BaseModel { protected string $table = 'projects'; protected array $fillable = [ 'title', 'slug', 'description', 'location', 'surface', 'year', 'bedrooms', 'bathrooms', 'status_text', 'client_name', 'start_date', 'end_date', 'main_image', 'category_id', 'service_id', 'is_featured', 'status', 'order_position', 'deleted_at', 'updated_at' ]; public function getAll(): array { $statement = $this->db->query( 'SELECT projects.*, project_categories.name AS category_name, services.title AS service_title FROM projects LEFT JOIN project_categories ON project_categories.id = projects.category_id LEFT JOIN services ON services.id = projects.service_id WHERE projects.deleted_at IS NULL ORDER BY projects.order_position ASC, projects.created_at DESC' ); return $statement->fetchAll(); } public function getPublic(): array { $statement = $this->db->query( "SELECT projects.*, project_categories.name AS category_name, services.title AS service_title FROM projects LEFT JOIN project_categories ON project_categories.id = projects.category_id LEFT JOIN services ON services.id = projects.service_id WHERE projects.deleted_at IS NULL AND projects.status = 'activo' ORDER BY projects.is_featured DESC, projects.order_position ASC, projects.created_at DESC" ); return $statement->fetchAll(); } public function toggleStatus(int $id): bool { $statement = $this->db->prepare("UPDATE {$this->table} SET status = IF(status = 'activo', 'inactivo', 'activo') WHERE id = :id"); return $statement->execute(['id' => $id]); } public function syncService(int $serviceId, array $projectIds): void { // Unlink all projects currently linked to this service $stmt = $this->db->prepare("UPDATE {$this->table} SET service_id = NULL WHERE service_id = :service_id"); $stmt->execute(['service_id' => $serviceId]); // Link the selected projects $validIds = array_filter(array_map('intval', $projectIds)); if (!empty($validIds)) { $placeholders = implode(',', array_fill(0, count($validIds), '?')); $params = array_merge([$serviceId], $validIds); $stmt = $this->db->prepare("UPDATE {$this->table} SET service_id = ? WHERE id IN ($placeholders)"); $stmt->execute($params); } } public function getById(int $id): ?array { $statement = $this->db->prepare('SELECT * FROM projects WHERE id = :id AND deleted_at IS NULL LIMIT 1'); $statement->execute(['id' => $id]); return $statement->fetch() ?: null; } public function getBySlug(string $slug): ?array { $statement = $this->db->prepare("SELECT projects.*, project_categories.name AS category_name FROM projects LEFT JOIN project_categories ON project_categories.id = projects.category_id WHERE projects.slug = :slug AND projects.deleted_at IS NULL AND projects.status = 'activo' LIMIT 1"); $statement->execute(['slug' => $slug]); return $statement->fetch() ?: null; } public function createProject(array $data): int { return $this->create($data); } public function updateProject(int $id, array $data): bool { $data['updated_at'] = date('Y-m-d H:i:s'); return $this->update($id, $data); } public function softDelete(int $id): bool { return $this->update($id, ['deleted_at' => date('Y-m-d H:i:s'), 'status' => 'inactivo']); } public function slugExists(string $slug, ?int $ignoreId = null): bool { $sql = 'SELECT COUNT(*) FROM projects WHERE slug = :slug AND deleted_at IS NULL'; $params = ['slug' => $slug]; if ($ignoreId) { $sql .= ' AND id != :id'; $params['id'] = $ignoreId; } $statement = $this->db->prepare($sql); $statement->execute($params); return (int) $statement->fetchColumn() > 0; } public function uploadMainImage(array $file, ?string $oldFile = null): ?string { if (empty($file['name']) || ($file['error'] ?? UPLOAD_ERR_NO_FILE) !== UPLOAD_ERR_OK) { return null; } if (!$this->validImage($file)) { return null; } $extensions = ['image/jpeg' => 'jpg', 'image/png' => 'png', 'image/webp' => 'webp']; $mime = mime_content_type($file['tmp_name']); $filename = 'project_' . date('YmdHis') . '_' . bin2hex(random_bytes(6)) . '.' . $extensions[$mime]; $directory = ROOT_PATH . '/storage/uploads/projects'; if (!is_dir($directory)) mkdir($directory, 0775, true); $destination = $directory . '/' . $filename; if (!move_uploaded_file($file['tmp_name'], $destination)) return null; $this->deleteOldFile($oldFile); return 'storage/uploads/projects/' . $filename; } public function validImage(array $file): bool { if (($file['error'] ?? UPLOAD_ERR_NO_FILE) !== UPLOAD_ERR_OK) return false; $extension = strtolower(pathinfo($file['name'], PATHINFO_EXTENSION)); if (in_array($extension, ['php', 'js', 'html', 'svg', 'phtml', 'phar'], true)) return false; return in_array(mime_content_type($file['tmp_name']), ['image/jpeg', 'image/png', 'image/webp'], true); } private function deleteOldFile(?string $path): void { if (!$path) return; $target = realpath(ROOT_PATH . '/' . ltrim($path, '/')); $base = realpath(ROOT_PATH . '/storage/uploads/projects'); if ($target && $base && str_starts_with($target, $base) && is_file($target)) unlink($target); } }
Coded With 💗 by
0x6ick