shell bypass 403
<?php
namespace App\Http\Controllers\Admin;
use App\Http\Controllers\Controller;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Validator;
use Illuminate\Support\Facades\DB;
use Illuminate\Support\Response;
use Illuminate\Support\Str;
use App\Models\ProductCategory;
use App\Models\Product;
use App\Models\Color;
use App\Models\Size;
use App\Models\ProductColor;
use App\Models\ProductSize;
class ProductCantroller extends Controller
{
//
public function __construct()
{
$this->middleware('auth');
$this->middleware('isAdmin');
}
public function index()
{
// $data['posts'] = Post::all();
$data['products'] = DB::select("SELECT p.`product_id`, p.`product_category_id`, p.`product_front_title`, p.`product_heading`, p.`product_sub_heading`, p.`product_slug`, p.`product_short_description`, p.`product_long_description`, p.`product_table`, p.`product_origional_price`, p.`product_selling_price`, p.`product_image`, p.`product_gallery`, p.`product_quantity`, p.`product_tax`, p.`product_status`, c.`category_heading` as catName from `products` as p left join `productcategories` c on c.category_id = p.product_category_id order by `product_id` asc");
return view('admin/product',$data);
}
public function add()
{
$data['categories'] = ProductCategory::all();
$data['colors'] = Color::all();
$data['sizes'] = Size::all();
return view('admin/add_product',$data);
}
public function insert(Request $req)
{
if($req->productStatus == true)
{
$status = 1;
}
else
{
$status = 0;
}
$validation = Validator::make($req->all(),[
'productTitle' => 'required|max:100',
'productHeading' => 'required|max:100',
'productPrice' => 'required',
// 'productImage' => 'image|mimes:jpg,png,jpeg|max:2048',
// 'productbackImage' => 'image|mimes:jpg,png,jpeg|max:2048',
'productGallery[]' => 'image|mimes:jpg,png,jpeg|max:2048',
],[
'productTitle.required' => 'Product Title Is Required',
'productTitle.max' => 'Product Title Max Limit 100',
'productHeading.required' => 'Product Heading Is Required',
'productHeading.max' => 'Product Heading Max Limit 100',
'productPrice.required' => 'Product Price Is Required',
'productImage.image' => 'Product Image Must In Image Formate',
'productImage.mimes' => 'Product Image Type In JPG, PNG & JPEG',
'productImage.max' => 'Product Image Maximum Size Is 2048',
'productbackImage.image' => 'Product Back Image Must In Image Formate',
'productbackImage.mimes' => 'Product Back Image Type In JPG, PNG & JPEG',
'productbackImage.max' => 'Product Back Image Maximum Size Is 2048',
'productGallery.image' => 'Product Gallery Image Must In Image Formate',
'productGallery.mimes' => 'Product Gallery Image Type In JPG, PNG & JPEG',
'productGallery.max' => 'Product Gallery Image Maximum Size Is 2048',
]);
if (!$validation->passes())
{
return response()->json(['error'=>$validation->errors()]);
}
else
{
$AddProduct = new Product;
$AddProduct->product_category_id = $req->productCat;
$AddProduct->product_front_title = $req->productTitle;
$AddProduct->product_heading = $req->productHeading;
$AddProduct->product_sub_heading = $req->productSubHeading;
$AddProduct->product_slug = Str::slug($req->productTitle);
$AddProduct->product_short_description = $req->productDesc;
$AddProduct->product_long_description = $req->productLongDesc;
$AddProduct->product_table = $req->productTable;
$AddProduct->product_origional_price = $req->productPrice;
$AddProduct->product_selling_price = $req->productSellingPrice;
$AddProduct->product_quantity = $req->productQuantity;
$AddProduct->product_tax = $req->productTax;
$AddProduct->product_status = $status;
if($req->hasFile('productImage'))
{
$file = $req->file('productImage');
$extension = $file->getClientOriginalExtension();
$fileName = time().'.'.$extension;
$file->storeAs('public/images',$fileName);
$AddProduct->product_image = $fileName;
}
if($req->hasFile('productbackImage'))
{
$file = $req->file('productbackImage');
$extension = $file->getClientOriginalExtension();
$fileName = rand(2222,9999).'.'.$extension;
$file->storeAs('public/images',$fileName);
$AddProduct->product_back_image = $fileName;
}
if($req->file('productGallery'))
{
$gallery = [];
foreach ($req->file('productGallery') as $key => $file) {
$extension = $file->getClientOriginalExtension();
$fileName = rand(1111,9999).'.'.$extension;
$file->storeAs('public/images',$fileName);
$gallery[] = $fileName;
}
$images = json_encode($gallery);
$AddProduct->product_gallery = $images;
}
$AddProduct->save();
$colors = $req->input('productColor');
if($colors)
{
foreach($colors as $color)
{
$values = array('product_id' => $AddProduct->product_id,'color_id' => $color);
DB::table('product_colors')->insert($values);
}
}
$sizes = $req->input('productSize');
if($sizes)
{
foreach($sizes as $size)
{
$values = array('product_id' => $AddProduct->product_id,'size_id' => $size);
DB::table('product_sizes')->insert($values);
}
}
return response()->json(['success'=>'Product Added Successfully']);
}
}
public function edit($id)
{
$data['edit'] = Product::find($id);
$data['categories'] = ProductCategory::all();
$data['colors'] = Color::all();
$data['pro_color'] = ProductColor::where('product_id', $id)->get();
$data['sizes'] = Size::all();
$data['pro_size'] = ProductSize::where('product_id', $id)->get();
return view('admin/edit_product',$data);
}
public function update(Request $req)
{
if($req->EditProductStatus == true)
{
$status = 1;
}
else
{
$status = 0;
}
$validation = Validator::make($req->all(),[
'EditProductTitle' => 'required|max:100',
'EditProductHeading' => 'required|max:100',
'EditProductPrice' => 'required',
// 'EditProductImage' => 'image|mimes:jpg,png,jpeg|max:2048',
// 'EditProductbackImage' => 'image|mimes:jpg,png,jpeg|max:2048',
'EditProductGallery[]' => 'image|mimes:jpg,png,jpeg|max:2048',
],[
'EditProductTitle.required' => 'Product Title Is Required',
'EditProductTitle.max' => 'Product Title Max Limit 100',
'EditProductHeading.required' => 'Product Heading Is Required',
'EditProductHeading.max' => 'Product Heading Max Limit 100',
'EditProductPrice.required' => 'Product Price Is Required',
'EditProductImage.image' => 'Product Image Must In Image Formate',
'EditProductImage.mimes' => 'Product Image Type In JPG, PNG & JPEG',
'EditProductImage.max' => 'Product Image Maximum Size Is 2048',
'EditProductbackImage.image' => 'Product Back Must In Image Formate',
'EditProductbackImage.mimes' => 'Product Back Image Type In JPG, PNG & JPEG',
'EditProductbackImage.max' => 'Product Back Image Maximum Size Is 2048',
'EditProductGallery.image' => 'Product Gallery Image Must In Image Formate',
'EditProductGallery.mimes' => 'Product Gallery Image Type In JPG, PNG & JPEG',
'EditProductGallery.max' => 'Product Gallery Image Maximum Size Is 2048',
]);
if (!$validation->passes())
{
return response()->json(['error'=>$validation->errors()]);
}
else
{
$id = $req->EditProductId;
$UpdtProduct = Product::find($id);
$UpdtProduct->product_category_id = $req->EditProductCat;
$UpdtProduct->product_front_title = $req->EditProductTitle;
$UpdtProduct->product_heading = $req->EditProductHeading;
$UpdtProduct->product_sub_heading = $req->EditProductSubHeading;
$UpdtProduct->product_slug = Str::slug($req->EditProductTitle);
$UpdtProduct->product_short_description = $req->EditProductDesc;
$UpdtProduct->product_long_description = $req->EditProductLongDesc;
$UpdtProduct->product_table = $req->EditProductTable;
$UpdtProduct->product_origional_price = $req->EditProductPrice;
$UpdtProduct->product_selling_price = $req->EditProductSellingPrice;
$UpdtProduct->product_quantity = $req->EditProductQuantity;
$UpdtProduct->product_tax = $req->EditProductTax;
$UpdtProduct->product_status = $status;
if($req->hasFile('EditProductImage'))
{
$file = $req->file('EditProductImage');
$extension = $file->getClientOriginalExtension();
$fileName = time().'.'.$extension;
$file->storeAs('public/images',$fileName);
$UpdtProduct->product_image = $fileName;
}
elseif($req->RemoveProductImage == true)
{
$UpdtProduct->product_image = null;
}
else
{
$UpdtProduct->product_image = $req->PrevProductImage;
}
if($req->hasFile('EditProductbackImage'))
{
$file = $req->file('EditProductbackImage');
$extension = $file->getClientOriginalExtension();
$fileName = rand(2222,9999).'.'.$extension;
$file->storeAs('public/images',$fileName);
$UpdtProduct->product_back_image = $fileName;
}
elseif($req->RemoveProductbackImage == true)
{
$UpdtProduct->product_back_image = null;
}
else
{
$UpdtProduct->product_back_image = $req->PrevProductbackImage;
}
if($req->file('EditProductGallery'))
{
$gallery = [];
foreach ($req->file('EditProductGallery') as $key => $file) {
$extension = $file->getClientOriginalExtension();
$fileName = rand(1111,9999).'.'.$extension;
$file->storeAs('public/images',$fileName);
$gallery[] = $fileName;
}
$images = json_encode($gallery);
$UpdtProduct->product_gallery = $images;
}
elseif($req->RemoveGalleryImage == true)
{
$UpdtProduct->product_gallery = null;
}
else
{
$UpdtProduct->product_gallery = $req->PrevGalleryImage;
}
$UpdtProduct->save();
$colors = $req->input('productColor');
if($colors)
{
$delcolor = ProductColor::where('product_id', $id);
$delcolor->delete();
foreach($colors as $color)
{
$values = array('product_id' => $UpdtProduct->product_id,'color_id' => $color);
DB::table('product_colors')->insert($values);
}
}
else
{
$delcolor = ProductColor::where('product_id', $id);
$delcolor->delete();
}
$sizes = $req->input('productSize');
if($sizes)
{
$delsize = ProductSize::where('product_id', $id);
$delsize->delete();
foreach($sizes as $size)
{
$values = array('product_id' => $UpdtProduct->product_id,'size_id' => $size);
DB::table('product_sizes')->insert($values);
}
}
else
{
$delsize = ProductSize::where('product_id', $id);
$delsize->delete();
}
return response()->json(['success'=>'Product Updated Successfully']);
}
}
public function delete(Request $req)
{
$id = $req->id;
$DeleteProduct = Product::find($id);
$DeleteProduct->delete();
}
}