PHP WebShell

• .. (вверх)
• [DIR] ..
• [FILE] 2fa.php
• [FILE] 2fa_actions.php
• [FILE] sessions.php
• [FILE] sessions_actions.php
• [FILE] throttle.php
• [FILE] throttle_actions.php

Просмотр файла: sessions.php

<?php
// backyard/models/security/sessions.php
if (!isset($conn)) { include_once '../../config/db_config.php'; }

function sc_list_sessions(mysqli $conn, string $user_q=''): array {
    $rows = [];
    $where = "1=1";
    if ($user_q !== '') {
        $qs = mysqli_real_escape_string($conn, $user_q);
        $where = "(u.email LIKE '%{$qs}%' OR u.phone LIKE '%{$qs}%' OR u.first_name LIKE '%{$qs}%' OR u.last_name LIKE '%{$qs}%' OR u.user_id='{$qs}')";
    }
    $sql = "
      SELECT s.usession_id, s.user_id, u.email, u.first_name, u.last_name,
             s.php_session_id, s.ip_address, s.user_agent, s.device_label,
             s.is_remembered, s.created_at, s.last_seen_at, s.expires_at, s.revoked_at, s.logout_reason
      FROM user_sessions s
      LEFT JOIN users u ON u.user_id = s.user_id
      WHERE {$where}
      ORDER BY s.created_at DESC
      LIMIT 200
    ";
    if($res = mysqli_query($conn,$sql)){
        while($r = mysqli_fetch_assoc($res)) $rows[]=$r;
        mysqli_free_result($res);
    }
    return $rows;
}

function sc_list_devices(mysqli $conn, string $user_q=''): array {
    $rows = [];
    $where = "1=1";
    if ($user_q !== '') {
        $qs = mysqli_real_escape_string($conn, $user_q);
        $where = "(u.email LIKE '%{$qs}%' OR u.phone LIKE '%{$qs}%' OR u.first_name LIKE '%{$qs}%' OR u.last_name LIKE '%{$qs}%' OR u.user_id='{$qs}')";
    }
    $sql = "
      SELECT d.udevice_id, d.user_id, u.email, u.first_name, u.last_name,
             d.device_id, d.device_fingerprint, d.device_label,
             d.first_seen_at, d.last_seen_at, d.first_ip, d.last_ip,
             d.trusted, d.trusted_until
      FROM user_devices d
      LEFT JOIN users u ON u.user_id = d.user_id
      WHERE {$where}
      ORDER BY d.first_seen_at DESC
      LIMIT 200
    ";
    if($res = mysqli_query($conn,$sql)){
        while($r = mysqli_fetch_assoc($res)) $rows[]=$r;
        mysqli_free_result($res);
    }
    return $rows;
}

function sc_revoke_session(mysqli $conn, int $sid): array {
    $sid=(int)$sid;
    $q="UPDATE user_sessions SET revoked_at=NOW(), logout_reason='admin' WHERE usession_id={$sid} AND revoked_at IS NULL LIMIT 1";
    if(!mysqli_query($conn,$q)) return ['ok'=>false,'msg'=>'Failed'];
    return ['ok'=>true];
}

function sc_trust_device(mysqli $conn, int $did, ?string $until, bool $trusted): array {
    $did = (int)$did;
    if ($trusted) {
        $untilSql = $until ? ("'".mysqli_real_escape_string($conn,$until)."'") : "NULL";
        $q = "UPDATE user_devices SET trusted=1, trusted_until={$untilSql} WHERE udevice_id={$did} LIMIT 1";
    } else {
        $q = "UPDATE user_devices SET trusted=0, trusted_until=NULL WHERE udevice_id={$did} LIMIT 1";
    }
    if(!mysqli_query($conn,$q)) return ['ok'=>false,'msg'=>'Failed'];
    return ['ok'=>true];
}

Выполнить команду