T.ME/BIBIL_0DAY
CasperSecurity


Server : Apache/2
System : Linux server-15-235-50-60 5.15.0-164-generic #174-Ubuntu SMP Fri Nov 14 20:25:16 UTC 2025 x86_64
User : gositeme ( 1004)
PHP Version : 8.2.29
Disable Function : exec,system,passthru,shell_exec,proc_close,proc_open,dl,popen,show_source,posix_kill,posix_mkfifo,posix_getpwuid,posix_setpgid,posix_setsid,posix_setuid,posix_setgid,posix_seteuid,posix_setegid,posix_uname
Directory :  /home/gositeme/public_html/quickqr/admin/datatable-json/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Current File : /home/gositeme/public_html/quickqr/admin/datatable-json/blog-comments.php
<?php
/*
Copyright (c) 2020 Devendra Katariya (bylancer.com)
*/
require_once('includes.php');

// initilize all variable
$params = $columns = $order = $totalRecords = $data = array();
$params = $_REQUEST;
if ($params['order'][0]['column'] == 0) {
    $params['order'][0]['dir'] = "desc";
}
//define index of column
$columns = array(
    0 => 'created_at',
    1 => 'name',
    2 => 'comment',
    3 => 'blog_id',
    4 => 'created_at',
);

$where = $sqlTot = $sqlRec = "";

// check search value exist
if (!empty($params['search']['value'])) {
    if (isset($_GET['status'])) {
        $where .= " WHERE ";
        $where .= " comment LIKE '%" . $params['search']['value'] . "%' ";
        $where .= " OR name LIKE '" . $params['search']['value'] . "%' ";
        $where .= " OR email LIKE '" . $params['search']['value'] . "%' ";
    } elseif (isset($_GET['hide'])) {
        $where .= " WHERE ";
        $where .= " comment LIKE '%" . $params['search']['value'] . "%' ";
        $where .= " OR name LIKE '" . $params['search']['value'] . "%' ";
        $where .= " OR email LIKE '" . $params['search']['value'] . "%' ";
    } else {
        $where .= " WHERE ";
        $where .= " comment LIKE '%" . $params['search']['value'] . "%' ";
        $where .= " OR name LIKE '" . $params['search']['value'] . "%' ";
        $where .= " OR email LIKE '" . $params['search']['value'] . "%' ";
    }
}


// getting total number records without any search
$sql = "SELECT * FROM `" . $config['db']['pre'] . "blog_comment`";
$sqlTot .= $sql;
$sqlRec .= $sql;
//concatenate search sql if value exist
if (isset($where) && $where != '') {
    $sqlTot .= $where;
    $sqlRec .= $where;
} else {
    if (isset($_GET['status'])) {
        $where .= " Where ( b.status = '" . $_GET['status'] . "' )";
        $sqlTot .= $where;
        $sqlRec .= $where;
    }
}

$sqlRec .= " ORDER BY " . $columns[$params['order'][0]['column']] . " " . $params['order'][0]['dir'] . " LIMIT " . $params['start'] . " ," . $params['length'] . " ";
//echo $sqlRec;

$queryTot = $pdo->query($sqlTot);
$totalRecords = $queryTot->rowCount();
$queryRecords = $pdo->query($sqlRec);

//iterate on results row and create new index array of data
foreach ($queryRecords as $row) {
    $id = $row['id'];
    $name = $row['name'];
    $email = $row['email'];
    $cmnt = $row['comment'];
    $status = '';
    if ($row['active'] == "0") {
        $status = '<span class="label label-warning">Unapproved</span>';
    } elseif ($row['active'] == "1") {
        $status = '<span class="label label-success">Approved</span>';
    }
    $info = ORM::for_table($config['db']['pre'] . 'blog')->find_one($row['blog_id']);

    $row0 = '<td>
                <label class="css-input css-checkbox css-checkbox-default">
                    <input type="checkbox" class="service-checker" value="' . $id . '" id="row_' . $id . '" name="row_' . $id . '"><span></span>
                </label>
            </td>';
    $row1 = '<td class="text-center">
                <p class="font-500">' . $name . '</p>
                <small>' . $email . '</small>
            </td>';
    $row2 = '<td class="hidden-xs">' . $cmnt . '</td>';
    $row3 = '<td><a href="' . $config['site_url'] . 'blog/' . $info['id'] . '" target="_blank">' . $info['title'] . '</a></td>';
    $row4 = '<td class="hidden-xs">' . $status . '</td>';
    $row5 = '<td class="hidden-xs">' . date('d, M Y H:i:s', strtotime($row['created_at'])) . '</td>';
    $row6 = '<td class="text-center">
                <div class="btn-group">'.
        ($row['active'] == "0"?'<a href="#" title="Approve" class="btn btn-xs btn-default item-approve" data-ajax-action="approveComment"> <i class="ion-check"></i> </a>':'').'
                    <a href="#" title="Delete" class="btn btn-xs btn-default item-js-delete" data-ajax-action="deleteComment"><i class="ion-close"></i></a>
                </div>
            </td>';
    $value = array(
        "DT_RowId" => $id,
        0 => $row0,
        1 => $row1,
        2 => $row2,
        3 => $row3,
        4 => $row4,
        5 => $row5,
        6 => $row6
    );
    $data[] = $value;

    //print_r($value);

}

$json_data = array(
    "draw" => intval($params['draw']),
    "recordsTotal" => intval($totalRecords),
    "recordsFiltered" => intval($totalRecords),
    "data" => $data   // total data array
);

echo json_encode($json_data);  // send data as json format
?>

CasperSecurity Mini