PHP WebShell

• .. (вверх)
• [DIR] ..
• [FILE] analytics_preferences.php
• [FILE] change_password.php
• [FILE] dismiss_trust_banner.php
• [FILE] limits.php
• [FILE] notifications.php
• [FILE] revoke_device.php
• [FILE] revoke_session.php
• [FILE] security_privacy.php
• [FILE] sessions.php
• [FILE] trust_device.php

Просмотр файла: analytics_preferences.php

<?php
// user/security/analytics_preferences.php
require_once __DIR__ . '/../../config/bootstrap.php';

if (empty($_SESSION['user_id'])) {
  header("Location: /login.php");
  exit();
}

$userId = (int)$_SESSION['user_id'];
$errors = [];
$success = '';

function table_exists(mysqli $conn, string $table): bool {
  $sql = "SELECT COUNT(*) FROM INFORMATION_SCHEMA.TABLES
          WHERE TABLE_SCHEMA = DATABASE() AND TABLE_NAME = ? LIMIT 1";
  if ($st = $conn->prepare($sql)) {
    $st->bind_param('s', $table);
    $st->execute();
    $st->bind_result($c);
    $st->fetch();
    $st->close();
    return ((int)$c) > 0;
  }
  return false;
}

function pref_get(mysqli $conn, int $userId, string $key, string $default = '1'): string {
  $val = null;
  if ($st = $conn->prepare("SELECT preference__value FROM user_preferences WHERE user_id=? AND preference_key=? LIMIT 1")) {
    $st->bind_param('is', $userId, $key);
    $st->execute();
    $st->bind_result($val);
    $st->fetch();
    $st->close();
  }
  if ($val === null || $val === '') return $default;
  return (string)$val;
}

function pref_set(mysqli $conn, int $userId, string $key, string $value): bool {
  $sql = "INSERT INTO user_preferences (user_id, preference_key, preference__value)
          VALUES (?,?,?)
          ON DUPLICATE KEY UPDATE preference__value=VALUES(preference__value)";
  if ($st = $conn->prepare($sql)) {
    $st->bind_param('iss', $userId, $key, $value);
    $ok = $st->execute();
    $st->close();
    return (bool)$ok;
  }
  return false;
}

$canSave = table_exists($conn, 'user_preferences');

// Load current
$current = 1; // default ON
if ($canSave) {
  $v = pref_get($conn, $userId, 'analytics_enabled', '1');
  $current = ($v === '1') ? 1 : 0;
}

if ($_SERVER['REQUEST_METHOD'] === 'POST') {
  if (!$canSave) {
    $errors[] = "Preferences storage is not enabled yet (missing user_preferences table).";
  } else {
    $newVal = isset($_POST['analytics_enabled']) ? '1' : '0';

    if (pref_set($conn, $userId, 'analytics_enabled', $newVal)) {
      $success = "Analytics preference saved.";
      $current = ($newVal === '1') ? 1 : 0;
    } else {
      $errors[] = "Unable to save preference. Please try again.";
    }
  }
}
?>

<? include '../common/header.php'; ?>

<div class="container mt-3">
  <div class="row">

    <? include '../common/nav.php'; ?>

    <main class="col-md-9 col-lg-10 px-md-5 mb-5">
      <? include '../common/page-header.php'; ?>

      <div class="container my-5 px-md-5 ms-md-4">
        <div class="d-flex align-items-center justify-content-between mb-3">
          <div>
            <h5 class="mb-0">Analytics and personalization</h5>
            <div class="text-muted small">Control analytics collection for product improvement.</div>
          </div>
          <a href="/user/security/security_privacy.php" class="btn btn-sm btn-outline-secondary">
            <i class="bi bi-arrow-left"></i> Back
          </a>
        </div>

        <?php if ($success): ?>
          <div class="alert alert-success"><?= htmlspecialchars($success) ?></div>
        <?php endif; ?>

        <?php if (!empty($errors)): ?>
          <div class="alert alert-danger">
            <strong>Please fix the following:</strong>
            <ul class="mb-0">
              <?php foreach ($errors as $e): ?><li><?= htmlspecialchars($e) ?></li><?php endforeach; ?>
            </ul>
          </div>
        <?php endif; ?>

        <h6 class="section-title">Analytics</h6>

        <div class="card-soft">
          <form method="post" action="">
            <div class="form-check form-switch mb-3">
              <input class="form-check-input" type="checkbox" name="analytics_enabled" id="analytics_enabled"
                <?= $current ? 'checked' : '' ?> <?= $canSave ? '' : 'disabled' ?>>
              <label class="form-check-label" for="analytics_enabled">
                Allow analytics
                <div class="text-muted small">Helps improve performance, reliability, and user experience.</div>
              </label>
            </div>

            <button type="submit" class="btn btn-dark" <?= $canSave ? '' : 'disabled' ?>>
              <i class="bi bi-save2"></i> Save changes
            </button>

            <?php if (!$canSave): ?>
              <div class="form-text text-warning mt-2">
                Saving is disabled until <code>user_preferences</code> exists.
              </div>
            <?php endif; ?>
          </form>
        </div>

      </div>
    </main>
  </div>
</div>

<script src="https://cdn.jsdelivr.net/npm/bootstrap@5.3.3/dist/js/bootstrap.bundle.min.js"></script>
<script src="https://code.jquery.com/jquery-3.6.0.min.js"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/OwlCarousel2/2.3.4/owl.carousel.min.js"></script>

<? include '../common/footer.php'; ?>

Выполнить команду