T.ME/BIBIL_0DAY
CasperSecurity


Server : Apache/2
System : Linux server-15-235-50-60 5.15.0-164-generic #174-Ubuntu SMP Fri Nov 14 20:25:16 UTC 2025 x86_64
User : gositeme ( 1004)
PHP Version : 8.2.29
Disable Function : exec,system,passthru,shell_exec,proc_close,proc_open,dl,popen,show_source,posix_kill,posix_mkfifo,posix_getpwuid,posix_setpgid,posix_setsid,posix_setuid,posix_setgid,posix_seteuid,posix_setegid,posix_uname
Directory :  /home/gositeme/.cursor-server/data/User/History/d8b65c3/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Current File : /home/gositeme/.cursor-server/data/User/History/d8b65c3/EnuJ.php
<?php
session_start();
header('Content-Type: application/json');

// Check if user is logged in and is admin
if (!isset($_SESSION['user_id']) || !isset($_SESSION['is_admin']) || !$_SESSION['is_admin']) {
    http_response_code(403);
    echo json_encode(['error' => 'Admin access required']);
    exit;
}

require_once 'config/database.php';

$pdo = getDBConnection();

$action = $_GET['action'] ?? $_POST['action'] ?? '';

switch ($action) {
    case 'stats':
        getSystemStats($pdo);
        break;
    case 'audit':
        getAuditTrail($pdo);
        break;
    case 'users':
        getUsers($pdo);
        break;
    case 'login_as_user':
        loginAsUser($pdo);
        break;
    case 'update_user_credits':
        updateUserCredits($pdo);
        break;
    default:
        http_response_code(400);
        echo json_encode(['error' => 'Invalid action']);
        break;
}

function getSystemStats($pdo) {
    try {
        // Get total users
        $stmt = $pdo->prepare("SELECT COUNT(*) as total FROM users");
        $stmt->execute();
        $totalUsers = $stmt->fetch()['total'];

        // Get total tracks
        $stmt = $pdo->prepare("SELECT COUNT(*) as total FROM music_tracks");
        $stmt->execute();
        $totalTracks = $stmt->fetch()['total'];

        // Get active users (users with activity in last 7 days)
        $stmt = $pdo->prepare("
            SELECT COUNT(DISTINCT user_id) as total 
            FROM music_tracks 
            WHERE created_at >= DATE_SUB(NOW(), INTERVAL 7 DAY)
        ");
        $stmt->execute();
        $activeUsers = $stmt->fetch()['total'];

        // Get new users this week
        $stmt = $pdo->prepare("
            SELECT COUNT(*) as total 
            FROM users 
            WHERE created_at >= DATE_SUB(NOW(), INTERVAL 7 DAY)
        ");
        $stmt->execute();
        $newUsers = $stmt->fetch()['total'];

        // Get premium users
        $stmt = $pdo->prepare("
            SELECT COUNT(*) as total 
            FROM users 
            WHERE plan IN ('starter', 'pro')
        ");
        $stmt->execute();
        $premiumUsers = $stmt->fetch()['total'];

        // Get track status counts
        $stmt = $pdo->prepare("
            SELECT 
                COUNT(CASE WHEN status = 'complete' THEN 1 END) as completed,
                COUNT(CASE WHEN status = 'processing' THEN 1 END) as processing,
                COUNT(CASE WHEN status = 'failed' THEN 1 END) as failed
            FROM music_tracks
        ");
        $stmt->execute();
        $trackStats = $stmt->fetch();

        // Mock data for demo (replace with real data when available)
        $stats = [
            'totalUsers' => $totalUsers,
            'totalTracks' => $totalTracks,
            'activeUsers' => $activeUsers,
            'systemHealth' => 'Good',
            'newUsers' => $newUsers,
            'premiumUsers' => $premiumUsers,
            'flaggedContent' => 3, // Mock data
            'moderatedTracks' => $trackStats['completed'],
            'errorLogs' => 2, // Mock data
            'apiCalls' => 1567 // Mock data
        ];

        echo json_encode(['success' => true, 'stats' => $stats]);
    } catch (Exception $e) {
        http_response_code(500);
        echo json_encode(['error' => 'Failed to load statistics: ' . $e->getMessage()]);
    }
}

function getAuditTrail($pdo) {
    try {
        $filter = $_GET['filter'] ?? 'all';
        
        // In a real system, you would have an audit_logs table
        // For now, we'll create mock audit data based on existing data
        
        $auditData = [];
        
        // Get recent user activities
        $stmt = $pdo->prepare("
            SELECT 
                mt.id,
                mt.created_at as timestamp,
                u.email as user,
                'Music Generation' as action,
                'content' as category,
                CONCAT('Created track \"', mt.title, '\" using ', COALESCE(mt.model_version, 'V3'), ' model') as details,
                mt.status
            FROM music_tracks mt
            JOIN users u ON mt.user_id = u.id
            ORDER BY mt.created_at DESC
            LIMIT 50
        ");
        $stmt->execute();
        $tracks = $stmt->fetchAll();
        
        foreach ($tracks as $track) {
            $auditData[] = [
                'id' => $track['id'],
                'timestamp' => $track['timestamp'],
                'user' => $track['user'],
                'action' => $track['action'],
                'category' => $track['category'],
                'details' => $track['details'],
                'status' => $track['status'] === 'complete' ? 'success' : ($track['status'] === 'processing' ? 'pending' : 'failed')
            ];
        }
        
        // Add some system events
        $auditData[] = [
            'id' => 'sys_1',
            'timestamp' => date('Y-m-d H:i:s'),
            'user' => 'system',
            'action' => 'API Call',
            'category' => 'system',
            'details' => 'External API request to music generation service',
            'status' => 'success'
        ];
        
        $auditData[] = [
            'id' => 'sec_1',
            'timestamp' => date('Y-m-d H:i:s', strtotime('-1 hour')),
            'user' => $_SESSION['user_email'],
            'action' => 'Admin Login',
            'category' => 'security',
            'details' => 'Successful admin login from IP ' . $_SERVER['REMOTE_ADDR'],
            'status' => 'success'
        ];
        
        // Filter data based on category
        if ($filter !== 'all') {
            $auditData = array_filter($auditData, function($item) use ($filter) {
                return $item['category'] === $filter;
            });
        }
        
        // Sort by timestamp (newest first)
        usort($auditData, function($a, $b) {
            return strtotime($b['timestamp']) - strtotime($a['timestamp']);
        });
        
        echo json_encode(['success' => true, 'audit' => array_values($auditData)]);
    } catch (Exception $e) {
        http_response_code(500);
        echo json_encode(['error' => 'Failed to load audit trail: ' . $e->getMessage()]);
    }
}
?>

CasperSecurity Mini