shell bypass 403
<x-admin.header />
<x-admin.sidebar />
<style>
.input-field .img-upload-btn
{
margin: 10px;
}
td.col-img
{
display: flex;
}
td.col-img h6
{
position: relative;
margin: 10px 0px 0px 10px !important;
}
</style>
<div class="main-content">
<div class="graph-card card-table" id="UserList">
<div class="card-head">
<div class="text-content">
<h5>{{ count($users) }} Users</h5>
</div>
<div class="card-drp">
<div class="btn-content btn-group" role="group" aria-label="Basic example">
<a href="add_user"><button type="button" class="btn active">Add New</button></a>
</div>
</div>
</div>
<div class="card-body">
<div class="table-responsive table-scroll">
<table class="table-management">
<thead>
<tr>
<th>#</th>
<th>User Name</th>
<th>User Email</th>
<th>Actions</th>
</tr>
</thead>
<tbody>
@foreach($users as $key => $user)
<tr>
<td>
{{$key + 1}}
</td>
<td>
{{ $user->name }}
</td>
<td>
{{ $user->email }}
</td>
<td>
<button class="refresh-btn edit-btnn" data-tooltip="Edit"
data-user_id="{{$user->id}}",
data-user_name="{{$user->name}}",
data-user_email="{{$user->email}}",
data-user_pswd="{{$user->password}}">
<i class="fa-regular fa-pencil"></i>
</button>
@if($user->id != auth::user()->id)
<button class="delete-btn btn_del" value="{{$user->id}}" data-tooltip="Delete">
<i class="fa-regular fa-xmark"></i>
</button>
@endif
</td>
</tr>
@endforeach
</tbody>
</table>
</div>
<div class="pagination">
</div>
</div>
</div>
</div>
<!-- Model Start Here -->
<div class="modal fade" id="edit-user" data-bs-backdrop="static" data-bs-keyboard="false" tabindex="-1" aria-labelledby="edit-dialogLabel" aria-hidden="true">
<div class="modal-dialog modal-dialog-centered">
<div class="modal-content">
<form id="update-form">
@csrf
<div class="modal-header">
<h5 class="modal-title" id="edit-dialogLabel">Update User</h5>
<button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="Close"></button>
</div>
<div class="modal-body">
<div class="form-content">
<div class="row">
<div class="col-12">
<input type="hidden" name="UserId" id="UserId">
</div>
<div class="col-12">
<div class="input-field">
<label for="">Change Name</label>
<input class="custom-input" type="text" name="UserName" id="UserName" value="">
</div>
</div>
<div class="col-12">
<div class="input-field">
<label for="">Change Email</label>
<input class="custom-input" type="email" name="UserEmail" id="UserEmail" value="">
</div>
</div>
<input class="custom-input" type="hidden" name="PrevPassword" id="PrevPassword" value="" readonly>
<div class="col-12">
<div class="input-field">
<label for="">Change Password</label>
<input class="custom-input" type="password" name="NewPassword" id="NewPassword" value="">
</div>
</div>
<div class="col-12">
<div class="input-field">
<label for="">Conform Password</label>
<input class="custom-input" type="password" name="ConformPassword" id="ConformPassword" value="">
</div>
</div>
</div>
</div>
</div>
<div class="modal-footer">
<button type="button" class="btn btn-cancel" data-bs-dismiss="modal">Cancel</button>
<button type="submit" class="btn btn-process">Update Changes</button>
</div>
</form>
</div>
</div>
</div>
<script>
$(".edit-btnn").click(function () {
$("#edit-user").modal('show');
var id = $(this).data('user_id');
var name = $(this).data('user_name');
var email = $(this).data('user_email');
var password = $(this).data('user_pswd');
$("#UserId").val(id);
$("#UserName").val(name);
$("#UserEmail").val(email);
$("#PrevPassword").val(password);
});
</script>
<!-- Model End Here -->
<!-- Update Work Start Here -->
<script>
$(document).ready(function(){
$("#update-form").on('submit',function(e){
e.preventDefault();
// var Id = $("#UserId").val();
// var Name = $("#UserName").val();
// var Email = $("#UserEmail").val();
// var PrevPassword = $("#PrevPassword").val();
// var Password = $("#NewPassword").val();
// var ConformPswd = $("#ConformPassword").val();
// if(!Name)
// {
// toastr.error("Name Is Required","Error",{timeOut: 1500});
// return false;
// };
// if(!Email)
// {
// toastr.error("Email Is Required","Error",{timeOut: 1500});
// return false;
// };
// // if(!Password)
// // {
// // toastr.error("Password Is Required","Error",{timeOut: 1500});
// // return false;
// // };
// // if(!ConformPswd)
// // {
// // toastr.error("Enter Conform Password","Error",{timeOut: 1500});
// // return false;
// // };
// if(Password != ConformPswd)
// {
// toastr.error("Password Not Match","Error",{timeOut: 1500});
// return false;
// };
// var data = {
// 'id' : Id,
// 'name' : Name,
// 'email' : Email,
// 'prevpass' : PrevPassword,
// 'password' : Password,
// }
var data = new FormData(this);
$.ajaxSetup({
headers: {
'X-CSRF-TOKEN': $('meta[name="csrf-token"]').attr('content')
}
});
$.ajax({
url: "update_user",
method: "POST",
data: data,
cache: false,
contentType: false,
processData: false,
success:function(data)
{
if($.isEmptyObject(data.error))
{
toastr.success("User Update Successfully","Updated",{timeOut: 1500});
document.getElementById('update-form').reset();
window.location = "user";
}
else if(data.error.UserName)
{
toastr.error(data.error.UserName,"Error",{timeOut: 1500});
return false;
}
else if(data.error.UserEmail)
{
toastr.error(data.error.UserEmail,"Error",{timeOut: 1500});
return false;
}
else if(data.error.NewPassword)
{
toastr.error(data.error.NewPassword,"Error",{timeOut: 1500});
return false;
}
},
error:function()
{
toastr.error("SomeThing Went Wrong...","Error");
return false;
},
});
});
});
</script>
<!-- Update Work End Here -->
<!-- Delete Work Start Here -->
<script>
$(document).ready(function(){
$('body').on('click', '.btn_del', function(e){
e.preventDefault();
var id = $(this).val();
$.ajax({
url: "delete_user",
method: "GET",
data: {'id': id},
cache: false,
success:function()
{
toastr.success("User Deleted Successfuly","Deleted",{timeOut: 1500});
$("#UserList").load(location.href+" #UserList>*","");
},
error:function()
{
toastr.error("SomeThing Went Wrong...","Error");
return false;
},
});
});
});
</script>
<!-- Delete Work End Here -->
<x-admin.footer />