Uname:Linux ip-11-115-0-196 6.8.0-1039-aws #41~22.04.1-Ubuntu SMP Thu Sep 11 10:54:48 UTC 2025 x86_64

403WebShell
403Webshell
Server IP : 13.126.101.145  /  Your IP : 216.73.217.50
Web Server : Apache/2.4.52 (Ubuntu)
System : Linux ip-11-115-0-196 6.8.0-1039-aws #41~22.04.1-Ubuntu SMP Thu Sep 11 10:54:48 UTC 2025 x86_64
User : www-data ( 33)
PHP Version : 8.3.17
Disable Function : NONE
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : OFF  |  Sudo : ON  |  Pkexec : ON
Directory :  /var/www/html/rentals_updated/wp-content/themes/hello-elementor-child/custom/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /var/www/html/rentals_updated/wp-content/themes/hello-elementor-child/custom/api.php
<?php
error_reporting(0);
include('../../../../wp-config.php');
global $wpdb;
if ($_REQUEST['type'] == 'email') {
    $lead_email = $_POST['lead_email'];
    $leadEmail = $wpdb->get_results("SELECT lead_email FROM wp_leads WHERE lead_email = '" . $lead_email . "'");
    if (count($leadEmail) > 0) {
        echo 1;
    } else {
        echo 2;
    }
}
if ($_REQUEST['type'] == 'phone') {
    $lead_phone = $_POST['lead_phone'];
    $leadphone = $wpdb->get_results("SELECT lead_phone FROM wp_leads WHERE lead_phone = '" . $lead_phone . "'");
    if (count($leadphone) > 0) {
        echo 1;
    } else {
        echo 2;
    }
}

if ($_REQUEST['type'] == 'emailwp') {
    $lead_email = $_POST['lead_email'];
    $leadEmail = $wpdb->get_results("SELECT user_email FROM wp_users WHERE user_email = '" . $lead_email . "'");
    if (count($leadEmail) > 0) {
        echo 1;
    } else {
        echo 2;
    }
}
if ($_REQUEST['type'] == 'phonewp') {
    global $wpdb;
    $lead_phone = $_POST['lead_phone'];
    $result = $wpdb->get_results("SELECT user_id FROM wp_usermeta WHERE meta_key = 'user_phone' and meta_value = $lead_phone");
    if (count($result) > 0) {
        echo 1;
    } else {
        echo 2;
    }
}
if ($_REQUEST['type'] == 'getotp') {
    try {
        $user_phone = isset($_POST['user_phone']) ? trim($_POST['user_phone']) : null;

        $otp = rand(1111, 9999);
        $tablename = 'wp_otp_verification';
        $date = date('Y-m-d H:i:s');

        $data = array(
            'mobile_number' => $user_phone,
            'otp' => $otp,
            'otp_createdon' => $date,
            'otp_status' => 0
        );

        // Log start

        $leadphone = $wpdb->get_results("SELECT mobile_number FROM wp_otp_verification WHERE mobile_number = '$user_phone'");

        if (count($leadphone) > 0) {
            $data_update = array('otp' => $otp, 'otp_createdon' => $date, 'otp_status' => 0);
            $data_where = array('mobile_number' => $user_phone);
            $res = $wpdb->update($tablename, $data_update, $data_where);
        } else {
            $res = $wpdb->insert($tablename, $data);
        }

        // Send SMS
        $curl = curl_init();
        curl_setopt_array($curl, array(
            CURLOPT_URL => 'http://boancomm.net/boansms/boansmsinterface.aspx',
            CURLOPT_RETURNTRANSFER => true,
            CURLOPT_ENCODING => '',
            CURLOPT_MAXREDIRS => 10,
            CURLOPT_TIMEOUT => 0,
            CURLOPT_FOLLOWLOCATION => true,
            CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
            CURLOPT_CUSTOMREQUEST => 'POST',
            CURLOPT_POSTFIELDS => 'mobileno=' . $user_phone . '&smsmsg=Dear%20Customer%20' . $otp . '%20is%20Gmmco%20Ltd%20OTP%20to%20verify%20your%20mobile%20number%20for%20Website%20related%20services%20to%20reach%20you&uname=gmmco&pwd=gmmco11&pid=1194',
            CURLOPT_HTTPHEADER => array(
                'Content-Type: application/x-www-form-urlencoded'
            ),
        ));

        $response = curl_exec($curl);
        curl_close($curl);
        echo $res ? 0 : 1;

    } catch (Throwable $e) {
        http_response_code(500);
        echo json_encode(['error' => 'Server error']);
    }
}

if ($_REQUEST['type'] == 'resendotp') {
    $user_phone = $_POST['user_phone'];
    $otp = rand(1111, 9999);
    $tablename = 'wp_otp_verification';
    $date = date('Y-m-d H:i:s');
    $data = array(
        'mobile_number' => $user_phone,
        'otp' => $otp,
        'otp_createdon' => $date,
        'otp_status' => 0
    );

    $table_name = 'wp_otp_verification';
    $data_update = array('otp' => $otp, 'otp_createdon' => $date, 'otp_status' => 0);
    $data_where = array('mobile_number' => $user_phone);
    $res = $wpdb->update($table_name, $data_update, $data_where);
    $curl = curl_init();

    curl_setopt_array($curl, array(
        CURLOPT_URL => 'http://boancomm.net/boansms/boansmsinterface.aspx',
        CURLOPT_RETURNTRANSFER => true,
        CURLOPT_ENCODING => '',
        CURLOPT_MAXREDIRS => 10,
        CURLOPT_TIMEOUT => 0,
        CURLOPT_FOLLOWLOCATION => true,
        CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
        CURLOPT_CUSTOMREQUEST => 'POST',
        CURLOPT_POSTFIELDS => 'mobileno=' . $user_phone . '&smsmsg=Dear%20Customer%20' . $otp . '%20is%20Gmmco%20Ltd%20OTP%20to%20verify%20your%20mobile%20number%20for%20Website%20related%20services%20to%20reach%20you&uname=gmmco&pwd=gmmco11&pid=1194',
        CURLOPT_HTTPHEADER => array(
            'Content-Type: application/x-www-form-urlencoded'
        ),
    ));

    $response = curl_exec($curl);

    curl_close($curl);
    if ($res) {
        echo 0;
    } else {
        echo 1;
    }
}
if ($_REQUEST['type'] == 'validateotp') {
    $user_phone = $_POST['user_phone'];
    $otp = $_POST['otp'];
    $result = $wpdb->get_results("SELECT mobile_number FROM wp_otp_verification WHERE mobile_number = '" . $user_phone . "' and otp ='" . $otp . "' and otp_status = 0");

    if (count($result) == 1) {
        $table_name = 'wp_otp_verification';
        $data_update = array('otp_status' => 2);
        $data_where = array('mobile_number' => $user_phone);
        $res = $wpdb->update($table_name, $data_update, $data_where);

        if ($res) {
            echo 3; // Otp Validated Successfully
        } else {
            echo 5; // Error Occurs
        }
    } else if (count($result) == 0) {
        $res = $wpdb->get_results("SELECT mobile_number FROM wp_otp_verification WHERE mobile_number = '" . $user_phone . "' and otp ='" . $otp . "' and otp_status = 1");
        if (count($res) == 1) {
            echo 2; // Otp Expired
        } else {
            echo 4; // Invalid OTP;
        }
    }

}
if ($_REQUEST['type'] == 'expireotp') {
    $user_phone = $_POST['user_phone'];
    $table_name = 'wp_otp_verification';
    $data_update = array('otp_status' => 1);
    $data_where = array('mobile_number' => $user_phone);
    $res = $wpdb->update($table_name, $data_update, $data_where);

    if ($res) {
        echo 1; // Otp Validated Successfully
    } else {
        echo 2; // Error Occurs
    }
}
/** for login script**/
if ($_REQUEST['type'] == 'getmobileotp' || $_REQUEST['type'] == 'resendloginotp') {
    $user_phone = $_POST['user_phone'];
    $otp = rand(1111, 9999);

    $user_details = $wpdb->get_results("SELECT user_id FROM wp_usermeta WHERE meta_key = 'user_phone' and meta_value = '" . $user_phone . "'");

    if (count($user_details) > 0) {
        $user_id = $user_details[0]->user_id;
        update_user_meta($user_id, 'user_otp', $otp);
        $curl = curl_init();

        curl_setopt_array($curl, array(
            CURLOPT_URL => 'http://boancomm.net/boansms/boansmsinterface.aspx',
            CURLOPT_RETURNTRANSFER => true,
            CURLOPT_ENCODING => '',
            CURLOPT_MAXREDIRS => 10,
            CURLOPT_TIMEOUT => 0,
            CURLOPT_FOLLOWLOCATION => true,
            CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
            CURLOPT_CUSTOMREQUEST => 'POST',
            CURLOPT_POSTFIELDS => 'mobileno=' . $user_phone . '&smsmsg=Dear%20Customer%20' . $otp . '%20is%20Gmmco%20Ltd%20OTP%20to%20verify%20your%20mobile%20number%20for%20Website%20related%20services%20to%20reach%20you&uname=gmmco&pwd=gmmco11&pid=1194',
            CURLOPT_HTTPHEADER => array(
                'Content-Type: application/x-www-form-urlencoded'
            ),
        ));

        $response = curl_exec($curl);

        curl_close($curl);
        if ($response) {
            echo 0;
        } else {
            echo 1;
        }
    } else {
        echo 3; // invalid mobile number
    }
}
if ($_REQUEST['type'] == 'expireloginotp') {
    $user_phone = $_POST['user_phone'];
    $user_details = $wpdb->get_results("SELECT user_id FROM wp_usermeta WHERE meta_value = '" . $user_phone . "'");
    $user_id = $user_details[0]->user_id;
    if ($user_id) {
        update_user_meta($user_id, 'user_otp_verified', 1);
        echo 1;
    } else {
        echo 2;
    }

}
if ($_REQUEST['type'] == 'validateloginotp') {
    $user_phone = $_POST['user_phone'];
    $otp = $_POST['otp'];
    //echo "SELECT user_id FROM wp_usermeta WHERE meta_key = 'user_phone' and meta_value = '".$user_phone."'";
    $user_details = $wpdb->get_results("SELECT user_id FROM wp_usermeta WHERE meta_key = 'user_phone' and meta_value = '" . $user_phone . "'");
    $user_id = $user_details[0]->user_id;
    //echo "SELECT meta_value as user_otp FROM wp_usermeta WHERE meta_key = 'user_otp' and user_id = '".$user_id."'";
    //echo "SELECT meta_value as user_otp FROM wp_usermeta WHERE meta_key = 'user_otp' and user_id = '".$user_id."'";
    $otp_details = $wpdb->get_results("SELECT meta_value as user_otp FROM wp_usermeta WHERE meta_key = 'user_otp' and user_id = '" . $user_id . "'");
    $user_otp = $otp_details[0]->user_otp;
    if ($otp == $user_otp) {
        $otp_verify_details = $wpdb->get_results("SELECT meta_value as user_otp_verified FROM wp_usermeta WHERE meta_key = 'user_otp_verified' and user_id = '" . $user_id . "'");
        $otp_verify = $otp_verify_details[0]->user_otp_verified;
        if ($otp_verify_details != 1) {
            echo 3; // otp verified
        } else {
            echo 2;   // otp expired         
        }
    } else {
        echo 4; // invalid otp
    }
}

Youez - 2016 - github.com/yon3zu
LinuXploit