I am a hacker in the dark of a very cold night
path :/var/www/html/vorne.webheaydemo.com
upload file:
List of files:
| name file |
size |
edit |
permission |
action |
| .editorconfig | 276 KB | March 05 2024 07:12:34 | 0666 |
|
| .env | 1385 KB | May 24 2024 16:43:55 | 0666 |
|
| .env.example | 1088 KB | March 05 2024 07:12:34 | 0666 |
|
| .gitattributes | 190 KB | March 05 2024 07:12:34 | 0666 |
|
| .gitignore | 245 KB | March 05 2024 07:12:34 | 0666 |
|
| .htaccess | 947 KB | July 04 2023 21:25:08 | 0664 |
|
| .rnd | 1024 KB | March 13 2024 04:51:14 | 0666 |
|
| README.md | 472 KB | March 22 2024 10:35:00 | 0666 |
|
| app | - | March 05 2024 07:12:34 | 0777 |
|
| artisan | 1739 KB | March 05 2024 07:12:34 | 0666 |
|
| bootstrap | - | March 05 2024 07:12:34 | 0777 |
|
| composer.json | 2829 KB | May 13 2024 12:10:04 | 0666 |
|
| composer.lock | 417205 KB | March 19 2024 12:13:14 | 0666 |
|
| config | - | July 03 2025 02:53:36 | 0777 |
|
| database | - | March 05 2024 07:12:34 | 0777 |
|
| index.php | 1816 KB | May 13 2024 10:32:36 | 0666 |
|
| lang | - | May 13 2024 14:53:26 | 0777 |
|
| manifest.json | 913 KB | May 14 2024 03:57:26 | 0664 |
|
| package.json | 398 KB | March 05 2024 07:12:34 | 0666 |
|
| phpunit.xml | 1206 KB | March 05 2024 07:12:34 | 0666 |
|
| public | - | July 03 2025 02:37:20 | 0777 |
|
| resources | - | May 13 2024 12:09:36 | 0777 |
|
| routes | - | March 05 2024 07:12:34 | 0777 |
|
| service-worker.js | 924 KB | March 05 2024 07:12:34 | 0666 |
|
| storage | - | March 05 2024 10:03:52 | 0777 |
|
| symlink.php | 218 KB | March 05 2024 07:12:34 | 0666 |
|
| tests | - | March 05 2024 07:12:34 | 0777 |
|
| vendor | - | March 19 2024 12:13:14 | 0777 |
|
| vite.config.js | 326 KB | March 05 2024 07:12:34 | 0666 |
|
validate([
'credentials' => "required|string|max:100",
]);
$column = "username";
if(check_email($request->credentials)) $column = "email";
$user = User::where($column,$request->credentials)->first();
if(!$user) {
throw ValidationException::withMessages([
'credentials' => __("User doesn't exists"),
]);
}
$token = generate_unique_string("user_password_resets","token",80);
$code = generate_random_code();
try{
UserPasswordReset::where("user_id",$user->id)->delete();
$password_reset = UserPasswordReset::create([
'user_id' => $user->id,
'token' => $token,
'code' => $code,
]);
$user->notify(new PasswordResetEmail($user,$password_reset));
}catch(Exception $e) {
return back()->with(['error' => [__('Something went wrong! Please try again')]]);
}
return redirect()->route('user.password.forgot.code.verify.form',$token)->with(['success' => [__('Verification code sended to your email address')]]);
}
public function showVerifyForm($token) {
$page_title = setPageTitle("Verify User");
$password_reset = UserPasswordReset::where("token",$token)->first();
if(!$password_reset) return redirect()->route('user.password.forgot')->with(['error' => [__('Password Reset Token Expired')]]);
$resend_time = 0;
if(Carbon::now() <= $password_reset->created_at->addMinutes(GlobalConst::USER_PASS_RESEND_TIME_MINUTE)) {
$resend_time = Carbon::now()->diffInSeconds($password_reset->created_at->addMinutes(GlobalConst::USER_PASS_RESEND_TIME_MINUTE));
}
$user_email = $password_reset->user->email ?? "";
return view('user.auth.forgot-password.verify',compact('page_title','token','user_email','resend_time'));
}
/**
* OTP Verification.
*
* @param \Illuminate\Http\Request $request
* @return \Illuminate\Http\Response
*/
public function verifyCode(Request $request,$token)
{
$request->merge(['token' => $token]);
$validated = Validator::make($request->all(),[
'token' => "required|string|exists:user_password_resets,token",
'code' => "required|numeric|exists:user_password_resets,code",
])->validate();
$basic_settings = BasicSettingsProvider::get();
$otp_exp_seconds = $basic_settings->otp_exp_seconds ?? 0;
$password_reset = UserPasswordReset::where("token",$token)->first();
if(Carbon::now() >= $password_reset->created_at->addSeconds($otp_exp_seconds)) {
foreach(UserPasswordReset::get() as $item) {
if(Carbon::now() >= $item->created_at->addSeconds($otp_exp_seconds)) {
$item->delete();
}
}
return redirect()->route('user.password.forgot')->with(['error' => [__('Session expired. Please try again')]]);
}
if($password_reset->code != $validated['code']) {
throw ValidationException::withMessages([
'code' => "Verification Otp is Invalid",
]);
}
return redirect()->route('user.password.forgot.reset.form',$token);
}
/**
* Display the specified resource.
*
* @param int $id
* @return \Illuminate\Http\Response
*/
public function resendCode($token)
{
$password_reset = UserPasswordReset::where('token',$token)->first();
if(!$password_reset) return back()->with(['error' => ['Request token is invalid']]);
if(Carbon::now() <= $password_reset->created_at->addMinutes(GlobalConst::USER_PASS_RESEND_TIME_MINUTE)) {
throw ValidationException::withMessages([
'code' => 'You can resend verification code after '.Carbon::now()->diffInSeconds($password_reset->created_at->addMinutes(GlobalConst::USER_PASS_RESEND_TIME_MINUTE)). ' seconds',
]);
}
DB::beginTransaction();
try{
$update_data = [
'code' => generate_random_code(),
'created_at' => now(),
'token' => $token,
];
DB::table('user_password_resets')->where('token',$token)->update($update_data);
$password_reset->user->notify(new PasswordResetEmail($password_reset->user,(object) $update_data));
DB::commit();
}catch(Exception $e) {
DB::rollback();
return back()->with(['error' => ['Something went wrong! Please try again']]);
}
return redirect()->route('user.password.forgot.code.verify.form',$token)->with(['success' => [__('Verification code resend success')]]);
}
public function showResetForm($token) {
$page_title = setPageTitle("Reset Password");
return view('user.auth.forgot-password.reset',compact('page_title','token'));
}
public function resetPassword(Request $request,$token) {
$basic_settings = BasicSettingsProvider::get();
$passowrd_rule = "required|string|min:6|confirmed";
if($basic_settings->secure_password) {
$passowrd_rule = ["required",Password::min(8)->letters()->mixedCase()->numbers()->symbols()->uncompromised(),"confirmed"];
}
$request->merge(['token' => $token]);
$validated = Validator::make($request->all(),[
'token' => "required|string|exists:user_password_resets,token",
'password' => $passowrd_rule,
])->validate();
$password_reset = UserPasswordReset::where("token",$token)->first();
if(!$password_reset) {
throw ValidationException::withMessages([
'password' => __("Invalid Request. Please try again"),
]);
}
try{
$password_reset->user->update([
'password' => Hash::make($validated['password']),
]);
$password_reset->delete();
}catch(Exception $e) {
return back()->with(['error' => [__('Something went wrong! Please try again')]]);
}
return redirect()->route('user.login')->with(['success' => [__('Password reset success. Please login with new password')]]);
}
}