PHP WebShell
Текущая директория: /var/www/bitcardoApp/backyard/models/users
Просмотр файла: index.php
<?php
// backyard/models/users/index.php
// Safe helper (avoid redeclare)
if (!function_exists('h')) {
function h($s){ return htmlspecialchars((string)$s, ENT_QUOTES, 'UTF-8'); }
}
function users_get_basic(mysqli $conn, int $user_id): ?array {
$sql = "SELECT user_id, customer_code, email, phone, first_name, last_name, user_status, created_at, updated_at
FROM users WHERE user_id = {$user_id} LIMIT 1";
if ($res = mysqli_query($conn, $sql)) {
$row = mysqli_fetch_assoc($res);
mysqli_free_result($res);
return $row ?: null;
}
return null;
}
function users_get_wallets(mysqli $conn, int $user_id): array {
$out = [];
$sql = "SELECT wallet_id, coin, type, label, balance, wallet_status, created_at, updated_at
FROM user_wallets WHERE user_id = {$user_id} ORDER BY type, coin";
if ($res = mysqli_query($conn, $sql)) {
while ($r = mysqli_fetch_assoc($res)) { $out[] = $r; }
mysqli_free_result($res);
}
return $out;
}
function users_get_recent_trades(mysqli $conn, int $user_id, int $limit = 10): array {
$out = [];
$sql = "SELECT ct.trade_id, ct.batch_ref, ct.card_ref, ct.trade_ref, ct.card_value, ct.card_curr,
ct.est_payout_ngn, ct.trade_status, ct.trade_created,
cb.card_brand, gc.demon
FROM card_trade ct
LEFT JOIN card_brands cb ON cb.cbrand_id = ct.cbrand_id
LEFT JOIN gift_cards gc ON gc.gc_id = ct.gc_id
WHERE ct.user_id = {$user_id}
ORDER BY ct.trade_created DESC
LIMIT {$limit}";
if ($res = mysqli_query($conn, $sql)) {
while ($r = mysqli_fetch_assoc($res)) { $out[] = $r; }
mysqli_free_result($res);
}
return $out;
}
function users_get_recent_tx(mysqli $conn, int $user_id, int $limit = 10): array {
$out = [];
$sql = "SELECT trans_id, coin, amount, type, status, reference, created_at
FROM transactions
WHERE user_id = {$user_id}
ORDER BY created_at DESC
LIMIT {$limit}";
if ($res = mysqli_query($conn, $sql)) {
while ($r = mysqli_fetch_assoc($res)) { $out[] = $r; }
mysqli_free_result($res);
}
return $out;
}
function users_get_sessions(mysqli $conn, int $user_id, int $limit = 10): array {
$out = [];
$sql = "SELECT usession_id, ip_address, user_agent, device_label, is_remembered, created_at, last_seen_at, expires_at, revoked_at
FROM user_sessions
WHERE user_id = {$user_id}
ORDER BY COALESCE(last_seen_at, created_at) DESC
LIMIT {$limit}";
if ($res = mysqli_query($conn, $sql)) {
while ($r = mysqli_fetch_assoc($res)) { $out[] = $r; }
mysqli_free_result($res);
}
return $out;
}
function users_get_devices(mysqli $conn, int $user_id): array {
$out = [];
$sql = "SELECT udevice_id, device_id, device_fingerprint, device_label, first_seen_at, first_ip, last_seen_at, last_ip, trusted, trusted_until
FROM user_devices
WHERE user_id = {$user_id}
ORDER BY COALESCE(last_seen_at, first_seen_at) DESC";
if ($res = mysqli_query($conn, $sql)) {
while ($r = mysqli_fetch_assoc($res)) { $out[] = $r; }
mysqli_free_result($res);
}
return $out;
}
function users_get_security(mysqli $conn, int $user_id): array {
$twofa = null; $otp_recent = [];
$sql = "SELECT utotp_id, enabled, verified_at, created_at FROM user_totp WHERE user_id = {$user_id} LIMIT 1";
if ($res = mysqli_query($conn, $sql)) {
$twofa = mysqli_fetch_assoc($res) ?: null;
mysqli_free_result($res);
}
$sql2 = "SELECT uotp_id, channel, selector, expires_at, consumed_at, attempts, created_at
FROM user_otps WHERE user_id = {$user_id}
ORDER BY created_at DESC LIMIT 10";
if ($res2 = mysqli_query($conn, $sql2)) {
while ($r = mysqli_fetch_assoc($res2)) { $otp_recent[] = $r; }
mysqli_free_result($res2);
}
return ['totp'=>$twofa, 'otps'=>$otp_recent];
}
function badge_class($status){
$s = strtoupper((string)$status);
if (in_array($s, ['ACTIVE'])) return 'bg-success';
if (in_array($s, ['INACTIVE','SUSPENDED'])) return 'bg-danger';
return 'bg-secondary';
}
Выполнить команду
Для локальной разработки. Не используйте в интернете!