AnonSec Shell
Server IP :  /  Your IP : 10.244.4.16   [ Reverse IP ]
Web Server : nginx/1.25.3
System : Linux escuela-portal-app-54f56585bc-kst6g 5.15.0-1084-azure #93-Ubuntu SMP Sat Mar 15 14:12:29 UTC 2025 x86_64
User : root ( 0)
PHP Version : 8.2.13
Disable Function : pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wifcontinued,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_get_handler,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,pcntl_async_signals,
Domains : 0 Domains
MySQL : OFF  |  cURL : ON  |  WGET : OFF  |  Perl : ON  |  Python : OFF  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /var/www/app/app/Http/Controllers/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ HOME ]     [ BACKUP SHELL ]     [ JUMPING ]     [ MASS DEFACE ]     [ SCAN ROOT ]     [ SYMLINK ]     

Current File : /var/www/app/app/Http/Controllers//AppController.php
<?php

namespace App\Http\Controllers;

use App\Models\Menu;
use App\Models\User;
use Illuminate\Http\Request;

class AppController extends Controller
{

    public function index(Request $request)
    {
        $user = new User();

        return view('app')
            ->with('user', $user)
            ->with('AT', $request->session()->get('access_token'));
    }

    public function index_public(Request $request)
    {
        $user = new User(true);
        return view('website.app');
    }

    public function getMenu(Request $request)
    {
        $user = new User();

        $permissions = $user->getPermissions();

        // Se comenta la validación de permisos para el menú mientra se finalizan todas las opciones.
        // DB::enableQueryLog();

        $menu_ppal = Menu::query()
            ->where('parent_id', '=', 0)
            ->orderBy('ordering', 'asc')
            ->orderBy('id', 'asc')
            ->get()
            ->toArray();

        $arr_menu = [];
        foreach ($menu_ppal as $menu) {
            $menu_permission = !empty($menu['key_permission']) ? explode("|", $menu['key_permission']) : [];
            if ($this->checkPermissions($menu_permission, $permissions)) {
                $arr_menu[] = $menu;
            }
        }

        foreach ($arr_menu as &$menu) {
            $menu_childs = Menu::query()
                ->where('parent_id', '=', $menu['id'])
                ->orderBy('ordering', 'asc')
                ->orderBy('id', 'asc')
                ->get()
                ->toArray();

            $menu['childs'] = [];
            foreach ($menu_childs as $menuc) {
                $menuc_permission = !empty($menuc['key_permission']) ? explode("|", $menuc['key_permission']) : [];
                if ($this->checkPermissions($menuc_permission, $permissions)) {
                    $menu['childs'][] = $menuc;
                }
            }

        }

        return response()->json($arr_menu);
    }

    public function checkPermissions($menu_permission, $permissions)
    {
        $add = false;
        if (!empty($menu_permission)) {
            foreach ($menu_permission as $mp) {
                if (in_array($mp, $permissions)) {
                    $add = true;
                }
            }
        } else {
            $add = true;
        }

        return $add;
    }
}

Anon7 - 2022
AnonSec Team