HEX
Server: Apache/2.4.41 (Amazon) OpenSSL/1.0.2k-fips PHP/5.6.40
System: Linux ip-172-31-40-18 4.14.146-93.123.amzn1.x86_64 #1 SMP Tue Sep 24 00:45:23 UTC 2019 x86_64
User: apache (48)
PHP: 5.6.40
Disabled: NONE
$ pwd: /var/www/html/pmw24/app/application/controllers/admin/
Upload Files
File: /var/www/html/pmw24/app/application/controllers/admin/Settings.php
<?php
defined('BASEPATH') OR exit('No direct script access allowed');

class Settings extends MY_Controller {

	public function __construct() {
		parent::__construct();
		$this->redirect_guest();
		$this->load->model('admin/madmin');
		$this->load->library('general');
	}
    public function changepassword(){
		$this->_load_view();
	}
	public function changeuserpasswd(){
		$this->form_validation->set_error_delimiters('<span class="error">', '</span>');
		$this->form_validation->set_rules('oldpassw','Old password','trim|required');
		$this->form_validation->set_rules('newpassw','New password','trim|required');
		$this->form_validation->set_rules('confpassw','Confirm password','trim|required');
		if($this->form_validation->run()== FALSE){
			$this->_load_view();
		}else{
			$admin_user=$this->session->userdata('admin');
            $oldpassw=$this->input->post('oldpassw');
			$enc_oldpassw=sha1($oldpassw);
			$newpassw=$this->input->post('newpassw');
			$enc_newpassw=sha1($newpassw);
			$confpassw=$this->input->post('confpassw');
			if($enc_oldpassw!=$admin_user['password']){
				$this->session->set_flashdata('error_msg','Old password is not correct');
				$this->_load_view();
			}else{
				if($newpassw!=$confpassw){
				$this->session->set_flashdata('error_msg','New password does not match with confirm password');
				$this->_load_view();	
				}else{
				$data=array('password'=>$enc_newpassw);
				$condition=array('admin_id'=>$admin_user['id']);	
				//print_r($condition);die;
				$this->general->update('admins',$condition,$data);	
				$this->session->set_flashdata('success_msg','Password has been changed successfully');
				redirect('admin/settings/changepassword','refersh'); 
				}
			}
		}
	}
	public function changeprofile(){
		$admin=$this->session->userdata('admin');
		$data=$this->madmin->user_details($admin['admin_id']);
		$this->_load_profile_view($data);
	}
	public function changeuserprofile(){
		$this->form_validation->set_error_delimiters('<span class="error">', '</span>');
		$admin=$this->session->userdata('admin');
		$this->form_validation->set_rules('name','Name','trim|required');
		$this->form_validation->set_rules('phoneno','Phoneno','trim|required');
		if($this->form_validation->run()== FALSE){
			$data=$this->madmin->user_details($admin['admin_id']);
			$this->_load_profile_view($data);
		}else{
			if(empty($_FILES['imgInp']['name'])){
				$udata['name']=$this->input->post('name');
				$udata['phoneno']=$this->input->post('phoneno');	
			}else{ 
				$img=$this->image_upload();
				if($img['status']==1){
					$udata['name']=$this->input->post('name');
					$udata['profile_image']=$img['result'];
					$udata['phoneno']=$this->input->post('phoneno');	
				}else{
					$this->session->set_flashdata('error_msg',$img['result']);
					redirect('admin/settings/changeprofile','refersh'); 	
				}	
			}
			$condition=array('admin_id'=>$admin['admin_id']);
			$this->madmin->update($condition,$udata);
			$data=$this->madmin->user_details($admin['admin_id']);
			$this->session->set_userdata('admin',$data);
			$this->session->set_flashdata('success_msg','Profile updated successfully');
			redirect('admin/settings/changeprofile','refersh'); 
		}
	}
	
	public function updatesetting(){
		$this->form_validation->set_rules('comission','Comission','required');		
		if($this->form_validation->run()== FALSE){
			$data=$this->madmin->setting_value();
			$this->_load_setting_comission_view($data);
		}else{
			$setting_id = $this->input->post('setting_id');
			$udata['setting_value'] = $this->input->post('comission');
			$condition=array('setting_id'=>$setting_id);
			$this->madmin->update_setting($condition,$udata);			
			$this->session->set_flashdata('success_msg','Comission updated successfully');
			redirect('admin/settings/commssionsetting','refersh'); 
		}
	}
	
	private function _load_setting_comission_view($setting) {
		$data = array();
		$data['setting']=$setting;
		$data['content'] = 'admin/comissionsetting';
		$this->load->view('admin/layouts/index',$data);
	}
	
	private function image_upload(){ 
		$img='imgInp';
		$config['upload_path'] = './public/admin_assets/images/profilepics';
		$config['allowed_types'] = 'gif|jpg|png';
		//$config['max_size']	= '100';
		//$config['max_width']  = '1024';
		//$config['max_height']  = '768';
		$config['encrypt_name']  = true;
		$this->load->library('upload', $config);
		if ( ! $this->upload->do_upload($img)){
			$message = array('result' => $this->upload->display_errors(),'status'=>0);
		}else{ 
			$data = array('upload_data' => $this->upload->data());
			$message = array('result' => $data['upload_data']['file_name'],'status'=>1);
		}
		return $message;
	}
    private function _load_view() {
		$data = array();
		$data['content'] = 'admin/changepassword';
		$this->load->view('admin/layouts/index',$data);
	}
	private function _load_profile_view($user) {
		$data = array();
		$data['user']=$user;
		$data['content'] = 'admin/changeprofile';
		$this->load->view('admin/layouts/index',$data);
	}
}
@ Telegram