Tul xxx Tul
User / IP
:
216.73.217.33
Host / Server
:
45.84.207.204 / aircan.me
System
:
Linux lt-bnk-web1726.main-hosting.eu 5.14.0-611.36.1.el9_7.x86_64 #1 SMP PREEMPT_DYNAMIC Tue Mar 3 11:23:52 EST 2026 x86_64
Command
|
Upload
|
Create
Mass Deface
|
Jumping
|
Symlink
|
Reverse Shell
Ping
|
Port Scan
|
DNS Lookup
|
Whois
|
Header
|
cURL
:
/
home
/
u931257429
/
domains
/
aircan.me
/
public_html
/
gimnasiofitnes
/
app
/
Controllers
/
Viewing: Home.php
<?php namespace App\Controllers; use CodeIgniter\HTTP\ResponseInterface; use App\Models\AboutSectionModel; use App\Models\ClassModel; use App\Models\CompanyModel; use App\Models\InstructorModel; use App\Models\MembershipTypeModel; class Home extends BaseController { private $companyModel; public function initController(\CodeIgniter\HTTP\RequestInterface $request, \CodeIgniter\HTTP\ResponseInterface $response, \Psr\Log\LoggerInterface $logger) { parent::initController($request, $response, $logger); $this->companyModel = model('CompanyModel'); } public function index() { $classModel = model('ClassModel'); $membershipTypeModel = model('MembershipTypeModel'); $aboutModel = model('AboutSectionModel'); $instructorModel = model('InstructorModel'); $classes = $classModel->select('classes.*, instructors.name as instructor_name') ->join('instructors', 'instructors.id = classes.instructor_id') ->findAll(); $data = [ 'classes' => $classes, 'company' => $this->companyModel->first(), 'plans' => $membershipTypeModel->where('status', 'active')->findAll(), 'about' => $aboutModel->first(), 'instructors' => $instructorModel->findAll(), ]; // Mover la lógica de horario al controlador para que el servidor lo procese de una vez $dayMapping = [ 'Monday' => 'Lunes', 'Tuesday' => 'Martes', 'Wednesday' => 'Miércoles', 'Thursday' => 'Jueves', 'Friday' => 'Viernes', 'Saturday' => 'Sábado', 'Sunday' => 'Domingo' ]; $colors = ['bg-red-500', 'bg-blue-500', 'bg-purple-500', 'bg-orange-500', 'bg-green-500', 'bg-yellow-500', 'bg-indigo-500']; $scheduleData = []; foreach ($classes as $index => $cls) { $startTimeStr = $cls['start_time'] ?? '08:00:00'; $endTimeStr = $cls['end_time'] ?? '09:00:00'; $classDays = array_filter(array_map('trim', explode(',', (string)($cls['day_of_week'] ?? '')))); if (empty($classDays)) { $classDays = ['Monday']; } try { $startTime = new \DateTime($startTimeStr); $endTime = new \DateTime($endTimeStr); $diff = $startTime->diff($endTime); $duration = ($diff->h > 0 ? $diff->h . "h " : "") . ($diff->i > 0 ? $diff->i . "min" : ""); foreach ($classDays as $dayCode) { $scheduleData[] = [ 'id' => (string)$cls['id'] . '-' . $dayCode, 'day' => $dayMapping[$dayCode] ?? $dayCode, 'startTime' => $startTime->format("h:i A"), 'endTime' => $endTime->format("h:i A"), 'time' => $startTime->format("h:i A") . " - " . $endTime->format("h:i A"), 'name' => $cls['name'], 'instructor' => $cls['instructor_name'] ?? 'N/A', 'desc' => $cls['description'] ?? '', 'duration' => $duration ?: 'N/A', 'intensity' => 'Entrenamiento', 'color' => $colors[$index % count($colors)] ]; } } catch (\Exception $e) { continue; } } $data['jsonSchedule'] = json_encode($scheduleData); return view('index', $data); } public function manifest() { $company = $this->companyModel->first() ?? []; $name = trim((string) ($company['name'] ?? 'Gym')); $payload = [ 'id' => app_url(), 'name' => $name, 'short_name' => mb_substr($name, 0, 12), 'description' => trim((string) ($company['message'] ?? ('Accede rápidamente a ' . $name . ' desde tu dispositivo.'))), 'start_url' => app_url(), 'scope' => app_url(), 'display' => 'standalone', 'background_color' => '#0a0a0a', 'theme_color' => '#0a0a0a', 'orientation' => 'portrait', 'lang' => 'es', 'dir' => 'ltr', 'prefer_related_applications' => false, 'icons' => [ [ 'src' => app_url('pwa-icon/192'), 'sizes' => '192x192', 'type' => 'image/png', 'purpose' => 'any maskable', ], [ 'src' => app_url('pwa-icon/512'), 'sizes' => '512x512', 'type' => 'image/png', 'purpose' => 'any maskable', ], ], ]; return $this->response ->setHeader('Content-Type', 'application/manifest+json; charset=utf-8') ->setBody(json_encode($payload, JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES)); } public function pwaIcon($size = 192) { $size = (int) $size; if ($size <= 0) { $size = 192; } $size = min(max($size, 64), 512); $company = $this->companyModel->first() ?? []; $name = trim((string) ($company['name'] ?? 'Gym')); $logoPath = FCPATH . 'assets/admin/images/logo.png'; $canvas = imagecreatetruecolor($size, $size); imagesavealpha($canvas, true); $transparent = imagecolorallocatealpha($canvas, 0, 0, 0, 127); imagefill($canvas, 0, 0, $transparent); $background = imagecolorallocate($canvas, 10, 10, 10); imagefilledrectangle($canvas, 0, 0, $size, $size, $background); if (file_exists($logoPath)) { $source = @imagecreatefrompng($logoPath); if ($source !== false) { $srcWidth = imagesx($source); $srcHeight = imagesy($source); $padding = (int) round($size * 0.12); $targetWidth = $size - ($padding * 2); $targetHeight = $size - ($padding * 2); $ratio = min($targetWidth / max($srcWidth, 1), $targetHeight / max($srcHeight, 1)); $drawWidth = (int) round($srcWidth * $ratio); $drawHeight = (int) round($srcHeight * $ratio); $dstX = (int) round(($size - $drawWidth) / 2); $dstY = (int) round(($size - $drawHeight) / 2); imagealphablending($canvas, true); imagesavealpha($canvas, true); imagecopyresampled($canvas, $source, $dstX, $dstY, 0, 0, $drawWidth, $drawHeight, $srcWidth, $srcHeight); imagedestroy($source); } } else { $textColor = imagecolorallocate($canvas, 204, 255, 0); $letters = strtoupper(mb_substr($name, 0, 1)); imagestring($canvas, 5, (int) round(($size / 2) - 4), (int) round(($size / 2) - 7), $letters, $textColor); } ob_start(); imagepng($canvas); $png = (string) ob_get_clean(); imagedestroy($canvas); return $this->response ->setStatusCode(ResponseInterface::HTTP_OK) ->setHeader('Content-Type', 'image/png') ->setHeader('Cache-Control', 'public, max-age=86400') ->setBody($png); } public function serviceWorker() { $cacheVersion = 'gym-app-v' . date('Ymd'); $script = "const CACHE_NAME = '{$cacheVersion}';\n" . "const APP_URLS = [\n" . " '" . app_url() . "',\n" . " '" . app_url('manifest.webmanifest') . "',\n" . " '" . app_url('pwa-icon/192') . "',\n" . " '" . app_url('pwa-icon/512') . "',\n" . " '" . app_url('assets/frontend/css/style.css') . "',\n" . " '" . app_url('assets/frontend/js/script.js') . "',\n" . " '" . app_url('assets/admin/images/logo.png') . "'\n" . "];\n\n" . "self.addEventListener('install', (event) => {\n" . " event.waitUntil(caches.open(CACHE_NAME).then((cache) => cache.addAll(APP_URLS)).catch(() => Promise.resolve()));\n" . " self.skipWaiting();\n" . "});\n\n" . "self.addEventListener('activate', (event) => {\n" . " event.waitUntil(caches.keys().then((keys) => Promise.all(keys.filter((key) => key !== CACHE_NAME).map((key) => caches.delete(key)))));\n" . " self.clients.claim();\n" . "});\n\n" . "self.addEventListener('fetch', (event) => {\n" . " if (event.request.method !== 'GET') {\n" . " return;\n" . " }\n" . " event.respondWith(caches.match(event.request).then((cached) => {\n" . " if (cached) {\n" . " return cached;\n" . " }\n" . " return fetch(event.request).then((response) => {\n" . " if (!response || response.status !== 200 || response.type !== 'basic') {\n" . " return response;\n" . " }\n" . " const responseClone = response.clone();\n" . " caches.open(CACHE_NAME).then((cache) => cache.put(event.request, responseClone));\n" . " return response;\n" . " }).catch(() => cached);\n" . " }));\n" . "});\n"; return $this->response ->setStatusCode(ResponseInterface::HTTP_OK) ->setHeader('Content-Type', 'application/javascript; charset=utf-8') ->setHeader('Service-Worker-Allowed', '/') ->setBody($script); } public function permisos() { $data['company'] = $this->companyModel->first(); return view('permisos', $data); } public function consultarCarnet($dni) { $userModel = model('UserModel'); $user = $userModel->where('dni', $dni)->where('role_id IS NULL', null, false)->first(); if (!$user) { return $this->response->setJSON(['status' => 'error', 'msg' => 'No se encontró ningún cliente con ese DNI']); } if ($user['can_download_card'] == 0) { return $this->response->setJSON(['status' => 'error', 'msg' => 'Lo sentimos, para activar la descarga de tu carnet digital es necesario proceder con el pago del mismo. Por favor, contacta con administración para regularizar tu estado.']); } // Obtener membresía activa $membershipModel = model('MembershipModel'); $membership = $membershipModel->select('membership_types.name as plan_name, memberships.status') ->join('membership_types', 'membership_types.id = memberships.membership_type_id') ->where('memberships.user_id', $user['id']) ->where('memberships.status', 'active') ->first(); $user['membership_name'] = $membership ? $membership['plan_name'] : 'Sin Membresía Activa'; $user['company'] = $this->companyModel->first(); return $this->response->setJSON(['status' => 'success', 'user' => $user]); } public function actualizarFotoCarnet() { $dni = trim((string) $this->request->getPost('dni')); if ($dni === '') { return $this->response->setJSON(['status' => 'error', 'msg' => 'Debe indicar un DNI válido.']); } $userModel = model('UserModel'); $user = $userModel->where('dni', $dni)->where('role_id IS NULL', null, false)->first(); if (!$user) { return $this->response->setJSON(['status' => 'error', 'msg' => 'No se encontró ningún cliente con ese DNI.']); } if ((int) ($user['can_download_card'] ?? 0) === 0) { return $this->response->setJSON(['status' => 'error', 'msg' => 'No tienes habilitada la edición del carnet. Contacta con administración.']); } $validation = \Config\Services::validation(); $validation->setRules([ 'avatar' => [ 'rules' => 'uploaded[avatar]|max_size[avatar,4096]|is_image[avatar]|mime_in[avatar,image/jpg,image/jpeg,image/png,image/webp]', 'errors' => [ 'uploaded' => 'Debe seleccionar una foto.', 'max_size' => 'La foto no debe superar 4MB.', 'is_image' => 'El archivo seleccionado no es una imagen válida.', 'mime_in' => 'Formato no permitido. Usa JPG, JPEG, PNG o WEBP.', ], ], ]); if (!$validation->withRequest($this->request)->run()) { $errors = $validation->getErrors(); return $this->response->setJSON([ 'status' => 'error', 'msg' => array_values($errors)[0] ?? 'No se pudo validar la imagen.', ]); } $avatarFile = $this->request->getFile('avatar'); if (!$avatarFile || !$avatarFile->isValid()) { return $this->response->setJSON(['status' => 'error', 'msg' => 'No se pudo procesar la imagen seleccionada.']); } $uploadPath = FCPATH . 'assets/admin/uploads/avatars'; if (!is_dir($uploadPath)) { mkdir($uploadPath, 0755, true); } $newAvatarName = $avatarFile->getRandomName(); $avatarFile->move($uploadPath, $newAvatarName); $oldAvatar = (string) ($user['avatar'] ?? ''); if ($oldAvatar !== '' && $oldAvatar !== 'default.png' && file_exists($uploadPath . DIRECTORY_SEPARATOR . $oldAvatar)) { @unlink($uploadPath . DIRECTORY_SEPARATOR . $oldAvatar); } $userModel->update($user['id'], ['avatar' => $newAvatarName]); return $this->response->setJSON([ 'status' => 'success', 'msg' => 'Foto actualizada correctamente.', 'avatar' => $newAvatarName, ]); } }
Coded With 💗 by
0x6ick