smm.picotech.app - c99shell

!C99Shell v. 2.5 [PHP 8 Update] [24.05.2025]!
Software: Apache. PHP/8.1.30 uname -a: Linux server1.tuhinhossain.com 5.15.0-151-generic #161-Ubuntu SMP Tue Jul 22 14:25:40 UTC 2025 x86_64 uid=1002(picotech) gid=1003(picotech) groups=1003(picotech),0(root) Safe-mode: OFF (not secure) /home/picotech/domains/smabpro.picotech.app/public_html/app/Http/Controllers/ drwxr-xr-x Free 28.57 GB of 117.98 GB (24.21%) Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Self remove Logout

<?php

namespace App\Http\Controllers;
use App\Models\BloodOrder;
use App\Models\Plan;
use App\Models\User;
use App\Models\Utility;
use File;
use Spatie\Permission\Models\Role;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\DB;

class BloodOrderController extends Controller
{
    public function index(){

        if(!check_blood_collector()){
            return abort('404');
        }

        if(\Auth::user()->type == 'customer'){
            $data['bloodOrders'] = BloodOrder::where('created_by',\Auth::user()->creatorId())->where('customer_id', \Auth::user()->id)->get();
            return view('bloodorder.index',$data);
        }

        if ( \Auth::user()->can('show blood order')) {
                $data['bloodOrders'] = BloodOrder::where('created_by',\Auth::user()->creatorId())->get();
            return view('bloodorder.index',$data);
        }else{
            return redirect()->back()->with('error', __('Permission denied.'));
        }
    }

    public function collectorIndex(){
        if(!check_blood_collector()){
            return abort('404');
        }

        if ( \Auth::user()->can('show blood order')) {
            $data['bloodOrders'] = BloodOrder::where('collector_id',\Auth::user()->id)->get();
            return view('bloodorder.index',$data);
        }else{
            return redirect()->back()->with('error', __('Permission denied.'));
        }
    }
    public function collectorRequest(){

        if(!check_blood_collector()){
            return abort('404');
        }

        if ( \Auth::user()->can('show blood order')) {
            $data['bloodOrders'] = BloodOrder::where('created_by',\Auth::user()->created_by)->where('status', 'pending')->get();
            return view('bloodorder.request',$data);
        }else{
            return redirect()->back()->with('error', __('Permission denied.'));
        }
    }
    public function bloodOrderAccept($id){
        if(!check_blood_collector()){
            return abort('404');
        }

        if ( \Auth::user()->can('show blood order')) {
            $bloodOrder = BloodOrder::where('id', $id)->where('created_by',\Auth::user()->created_by)->where('status', 'pending')->firstOrFail();

            $bloodOrder->collector_id=\Auth::user()->id;
            $bloodOrder->status='accepted';
            $bloodOrder->save();


            return redirect()->back()->with('success', __('Blood Order successfully accepted.'));
        }else{
            return redirect()->back()->with('error', __('Permission denied.'));
        }
    }
    public function create(){
        if(!check_blood_collector()){
            return abort('404');
        }

        if (\Auth::user()->can('create blood order')) {
            return view('bloodorder.create');
        }else{
            return redirect()->back()->with('error', __('Permission denied.'));
        }

    }
    public function store(Request $request){
      DB::beginTransaction();
      if(!check_blood_collector()){
        return abort('404');
    }


        try {
            $validator = \Validator::make(
                $request->all(), [
                    'name' => 'required',
                ]
            );
            if($validator->fails())
            {
                $messages = $validator->getMessageBag();

                return redirect()->back()->with('error', $messages->first());
            }

            $total_customers = User::where('type', 'customer')->where('created_by', \Auth::user()->creatorId())->count();
            $total_customers = $total_customers == 0 ? 0 : $total_customers + 1;
            $companyUserPlan = \App\Models\Plan::getPlan(\Auth::user()->show_dashboard());
            if ($companyUserPlan && $companyUserPlan->max_customers != -1 && $companyUserPlan->max_customers < $total_customers) {
                return redirect()->back()->with('error', __('Your customer limit is over, Please upgrade plan.'));
            }

            $objUser = \Auth::user()->creatorId();
            $objUser = User::find($objUser);
            $user = User::find(\Auth::user()->created_by);
            $plan = Plan::find($objUser->plan);
            $role_name = 'customer';
            $user = User::where('type', 'customer')
                ->where('id', $request->customer_id)
                ->where('created_by', \Auth::user()->creatorId())
                ->first();


            $default_language = DB::table('settings')
                ->select('value')
                ->where('name', 'default_language')
                ->where('created_by', '=', \Auth::user()->creatorId())
                ->first();


            if (!$user) {

                $plan = Plan::find($objUser->plan);
                $userpassword = 1234;
                if ($plan) {
                    $user = new User();
                    $user->name = $request->name;
                    $user->email = $request->email;
                    $user->phone_number = $request->phone_number;
                    $user->password = !empty ($userpassword) ? \Hash::make($userpassword) : null;
                    $user->lang = !empty ($default_language) ? $default_language->value : 'en';
                    $user->email_verified_at = now();
                    $user->is_enable_login = 1;
                    $user->created_by = \Auth::user()->creatorId();
                    $user->type = 'customer';
                    $role_r = Role::findByName('customer');
                    $user->assignRole($role_r);
                    $user->save();
                }

            }

                $bloodorder = new BloodOrder();
                $bloodorder->customer_id = $user->id;
                $bloodorder->address = $request->address;
                $bloodorder->created_by = \Auth::user()->creatorId();
                if ($request->hasFile('file_upload')) {

                    $filenameWithExt = $request->file('file_upload')->getClientOriginalName();
                    $filename = pathinfo($filenameWithExt, PATHINFO_FILENAME);
                    $extension = $request->file('file_upload')->getClientOriginalExtension();
                    $fileNameToStore = $filename . '_' . time() . '.' . $extension;
                    $settings = Utility::getStorageSetting();
                    if ($settings['storage_setting'] == 'local') {
                        $dir = 'uploads/avatar/';
                    } else {
                        $dir = 'uploads/avatar';
                    }
                    $file_path = $dir . $fileNameToStore;

                    if (File::exists($file_path)) {
                        File::delete($file_path);
                    }

                    $url = '';
                    $path = Utility::upload_file($request, 'file_upload', $fileNameToStore, $dir, []);

                    if ($path['flag'] == 1) {
                        $url = $path['url'];
                    } else {
                        return redirect()->route('bloodorder.index', \Auth::user()->id)->with('error', __($path['msg']));
                    }
                }

                if (!empty ($request->file_upload)) {
                    $bloodorder->file_upload = $fileNameToStore;
                }

                $bloodorder->save();
                DB::commit();

            return redirect()->back()->with('success', __('Blood Order successfully created.'));
        } catch (\Exception $e) {
            DB::rollback();
            return redirect()->back()->with('error', $e->getMessage());
        }
    }
    public function edit($id)
    {
        if(!check_blood_collector()){
            return abort('404');
        }

        if (\Auth::user()->can('edit blood order')) {
            $data['bloodOrder'] = BloodOrder::findOrFail($id);
            return view('bloodorder.edit',$data);
        }else{
            return redirect()->back()->with('error', __('Permission denied.'));
        }

    }
    public function update(Request $request){
        $bloodorder = BloodOrder::findOrFail($request->id);
        $validator = \Validator::make(
            $request->all(), [
                'name' => 'required',
                'email' => 'required',
                'status' => 'required|in:active,inactive',
            ]
        );
        if($validator->fails())
        {
            $messages = $validator->getMessageBag();

            return redirect()->back()->with('error', $messages->first());
        }
        $user = User::findOrFail($bloodorder->customer_id);

        $user->name = $request->name;
        $user->phone_number = $request->phone_number;
        $user->save();

        $bloodorder->address = $request->address;
        $bloodorder->status = $request->status;
        if ($request->hasFile('file_upload')) {

            $filenameWithExt = $request->file('file_upload')->getClientOriginalName();
            $filename = pathinfo($filenameWithExt, PATHINFO_FILENAME);
            $extension = $request->file('file_upload')->getClientOriginalExtension();
            $fileNameToStore = $filename . '_' . time() . '.' . $extension;
            $settings = Utility::getStorageSetting();
            if ($settings['storage_setting'] == 'local') {
                $dir = 'uploads/files/';
            } else {
                $dir = 'uploads/files';
            }
            $file_path = $dir . $fileNameToStore;

            if(File::exists($file_path)) {
                File::delete($file_path);
            }

            $url = '';
            $path = Utility::upload_file($request, 'file_upload', $fileNameToStore, $dir, []);

            if ($path['flag'] == 1) {
                $url = $path['url'];
            } else {
                return redirect()->route('bloodorder.index', \Auth::user()->id)->with('error', __($path['msg']));
            }
        }

        if (!empty($request->file_upload)) {
            $bloodorder->file_upload = $fileNameToStore;
        }
        $bloodorder->save();

        return redirect()->back()->with('success', __('Blood Order successfully updated.'));
    }
    public function destroy($id){
        if (\Auth::user()->can('delete blood order')) {
            $bloodorder = BloodOrder::findOrFail($id);
            $user = User::findOrFail($bloodorder->customer_id);
            $bloodorder->delete();
            $user->delete();
            return redirect()->back()->with('success', __('Blood Order successfully deleted.'));
        }else{
            return redirect()->back()->with('error', __('Permission denied.'));
        }

    }

    public function blood_order_search_by_customer(Request $request){
        if(!check_blood_collector()){
            return abort('404');
        }
        
        $customers = User::where('type', 'customer')
            ->where('created_by', \Auth::user()->creatorId())
            ->where('name', 'LIKE', "%$request->customer_name%")->get();

            foreach ($customers as $customer) {
                $search_data[] = [
                    'id' => $customer->id,
                    'name' => $customer->name,
                    'phone_number' => $customer->phone_number,
                    'email' => $customer->email,
                ];
            }

            return response()->json(['status' => 'success', 'data' => $search_data]);
    }
}
:: Command execute ::
Enter:	Select: