KGRKJGETMRETU895U-589TY5MIGM5JGB5SDFESFREWTGR54TY
Server : Apache/2.4.41 (Ubuntu)
System : Linux vmi1525618.contaboserver.net 5.4.0-105-generic #119-Ubuntu SMP Mon Mar 7 18:49:24 UTC 2022 x86_64
User : www-data ( 33)
PHP Version : 8.2.12
Disable Function : NONE
Directory :  /var/www/navinclasses.studylms.in/app/Http/Controllers/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Current File : /var/www/navinclasses.studylms.in/app/Http/Controllers/PdfController.php
<?php

namespace App\Http\Controllers;

// ini_set('memory_limit', -1);
use File;
use App\Models\Log;
use AWS\S3\S3Client;
use App\Models\Product;
use App\Models\Category;
use App\Models\Pdf_test;
use App\Models\S3bucket;
use Aws\S3\PostObjectV4;

use Illuminate\Http\Request;
use Aws\Exception\AwsException;
use Aws\S3\Exception\S3Exception;
use Aws\S3\S3Client as S3S3Client;
use Illuminate\Support\Facades\DB;
use App\Models\Student_test_upload;
use Illuminate\Support\Facades\Session;
use Aws\CognitoIdentity\CognitoIdentityClient;


class PdfController extends Controller
{
	/**
	 * Display a listing of the resource.
	 *
	 * @return \Illuminate\Http\Response
	 */
	public function index()
	{
		$data['mainMenu'] = 'pdfManagement';
		$data['subMenu'] = 'pdfList';
		$data['folder_name'] = 'practicepdfs';

		if (isset($_GET['query']) && strlen($_GET['query']) > 1) {

			$search_text = $_GET['query'];
			$data['products'] = DB::table('pdf_tests')->where('filename', 'LIKE', '%' . $search_text . '%')->paginate(10);
		} else {
			$data['products'] = DB::table('pdf_tests')->paginate(10);
		}
		return view('admin.pdf-test.pdf-list', $data);
	}

	/**
	 * Show the form for creating a new resource.
	 *
	 * @return \Illuminate\Http\Response
	 */
	public function create()
	{
		$data['mainMenu'] = 'pdfManagement';
		$data['subMenu'] = 'pdfList';
		return view('admin.pdf-test.upload-pdf', $data);
	}



	public function aws_temp_url(Request $request)
	{
		if (empty($_POST['file'])) {
			echo json_encode(['code' => 201, 'status' => false]);
			exit;
		}

		$accessKey = env('AWS_S3_ACCESS_KEY');
		$secretKey = env('AWS_S3_SECRET_KEY');
		$region = env('AWS_REGION');
		$host = env('AWS_HOST');
		$bucket = env('AWS_BUCKET');


		$s3 = new S3S3Client([
			'version' => 'latest',
			'region' => $region,
			'endpoint' => $host,
			'credentials' => [
				'key' => $accessKey,
				'secret' => $secretKey
			]
		]);

		$s3->putBucketCors([
			'Bucket' => $bucket, // REQUIRED
			'CORSConfiguration' => [ // REQUIRED
				'CORSRules' => [ // REQUIRED
					[
						'AllowedMethods' => ['POST', 'GET', 'HEAD', 'DELETE', 'PUT'], // REQUIRED
						'AllowedHeaders' => ['*'],
						'AllowedOrigins' => ['*'], // REQUIRED
						'ExposeHeaders' => ['ETag'],
						'MaxAgeSeconds' => 0
					],
				],
			]
		]);

		$folderName = "practicepdfs";
		$fileName = $_POST['file'];
		$formInputs = ['acl' => 'private'];
		$fileType = "application/pdf";
		$fileKeyVal = $folderName . '/' . $fileName;


		$options = [
			['acl' => 'private'],
			['bucket' => $bucket],
			['starts-with', '$key', $fileKeyVal],
			['success_action_status' => '201'],
			['x-amz-expires' => '3600'],
			['Content-Type' => $fileType]
		];

		$expires = '+2 hours';

		$postObject = new PostObjectV4($s3, $bucket, $formInputs, $options, $expires);

		$formAttributes = $postObject->getFormAttributes();

		$formInputs = $postObject->getFormInputs();

		return json_encode(['code' => 200, 'status' => true, 'formAttributes' => $formAttributes, 'formInputs' => $formInputs]);
	}

	public function listObjects(Request $request)
	{
		$admin_id = $request->session()->get('loggedIn')['id'];
		$accessKey = env('AWS_S3_ACCESS_KEY');
		$secretKey = env('AWS_S3_SECRET_KEY');
		$region = env('AWS_REGION');
		$host = env('AWS_HOST');
		$bucket = env('AWS_BUCKET');
		$folderName = $_GET['foldername'];


		$s3 = new S3S3Client([
			'version' => 'latest',
			'region' => $region,
			'endpoint' => $host,
			'credentials' => [
				'key' => $accessKey,
				'secret' => $secretKey
			]
		]);

		$s3->putBucketCors([
			'Bucket' => $bucket, // REQUIRED
			'CORSConfiguration' => [ // REQUIRED
				'CORSRules' => [ // REQUIRED
					[
						'AllowedMethods' => ['POST', 'GET', 'HEAD', 'DELETE', 'PUT'], // REQUIRED
						'AllowedHeaders' => ['*'],
						'AllowedOrigins' => ['*'], // REQUIRED
						'ExposeHeaders' => ['ETag'],
						'MaxAgeSeconds' => 0
					],
				],
			]
		]);

		$batchInsert = array();

		try {
			$videos = $s3->getPaginator('ListObjects', [
				'Bucket' => $bucket,
				'Prefix' => $folderName
			]);

			foreach ($videos as $video) {
				foreach ($video['Contents'] as $object) {
					$folder = explode('/', $object['Key']);

					if ($folder[0] == $folderName && ($object['Size'] > 0)) {
						$aInsert = array(
							'filename'  => basename($object['Key']),
							'path'      => $object['Key'],
							'size'      => $object['Size'],
							'etag'      => trim($object['ETag'], '"'),
							'type'      => 'pdf',
							'admin_id'  => $admin_id,
							'date'      => $object['LastModified']->format(\DateTime::ISO8601),
						);
						array_push($batchInsert, $aInsert);
					}
				}
			}
			if (!empty($batchInsert)) {
				Pdf_test::where(['admin_id' => $admin_id])->delete();
			}
			Pdf_test::insert($batchInsert);
		} catch (S3Exception $e) {
			echo $e->getMessage() . PHP_EOL;
		}
	}


	public function studentUploadFileList(Request $request)
	{
		$data['mainMenu'] = 'pdfManagement';
		$data['subMenu'] = 'studentFileList';
		$admin_id = $request->session()->get('loggedIn')['id'];

		if (isset($_GET['query']) && strlen($_GET['query']) > 1) {

			$search_text = $_GET['query'];


			$data['products'] = Student_test_upload::where('users.name', 'LIKE', '%' . $search_text . '%')
				->orwhere('users.email', 'LIKE', '%' . $search_text . '%')
				->orwhere('users.phone', 'LIKE', '%' . $search_text . '%')
				->where(['users.admin_id' => $admin_id])
				->join('users', 'student_test_uploads.student_id', '=', 'users.user_unique_id')
				->orderBy('id', 'DESC')
				->paginate(10, ['student_test_uploads.*', 'users.name', 'users.email', 'users.phone']);
		} else {

			$data['products'] = Student_test_upload::where(['users.admin_id' => $admin_id])
				->join('users', 'student_test_uploads.student_id', '=', 'users.user_unique_id')
				->orderBy('id', 'DESC')
				->paginate(10, ['student_test_uploads.*', 'users.name', 'users.email', 'users.phone']);
		}

		// dd($data['products']);

		return view('admin.pdf-test.student-file-list', $data);
	}

	public function deleteObject($etag)
	{
		if (!empty($etag)) {

			$videos = Pdf_test::where(['etag' => $etag])->first();

			$path = $videos->path;


			$accessKey = env('AWS_S3_ACCESS_KEY');
			$secretKey = env('AWS_S3_SECRET_KEY');
			$region = env('AWS_REGION');
			$host = env('AWS_HOST');
			$bucket = env('AWS_BUCKET');


			$s3 = new S3S3Client([
				'version' => 'latest',
				'region' => $region,
				'endpoint' => $host,
				'credentials' => [
					'key' => $accessKey,
					'secret' => $secretKey
				]
			]);

			$s3->putBucketCors([
				'Bucket' => $bucket, // REQUIRED
				'CORSConfiguration' => [ // REQUIRED
					'CORSRules' => [ // REQUIRED
						[
							'AllowedMethods' => ['POST', 'GET', 'HEAD', 'DELETE', 'PUT'], // REQUIRED
							'AllowedHeaders' => ['*'],
							'AllowedOrigins' => ['*'], // REQUIRED
							'ExposeHeaders' => ['ETag'],
							'MaxAgeSeconds' => 0
						],
					],
				]
			]);

			try {
				$result = $s3->deleteObject([
					'Bucket' => $bucket,
					'Key' => $path
				]);
				// echo json_encode([['code' => 200], ['status' => true]]);

				Pdf_test::where(['etag' => $etag])->delete();
				// Log Data Entry ===========
				$logData = array(
					'user_id' 		=> Session::get('loggedIn')['id'],
					'activity' 		=> "Pdf_test  VideoID" . $etag . " deleted",
					'created_at'	=> date('Y-m-d H:i:s')
				);
				Log::create($logData);
				// End Log =============

				return back()->with('error', 'You Select Category Type!');
			} catch (S3Exception $e) {
				echo $e->getMessage() . PHP_EOL;
			}
		}
	}
}

Anon7 - 2021