This project does not seem to handle request data directly as such no vulnerable execution paths were found.
include
, or for example
via PHP's auto-loading mechanism.
These results are based on our legacy PHP analysis, consider migrating to our new PHP analysis engine instead. Learn more
1 | <!DOCTYPE html> |
||
2 | <html xmlns="http://www.w3.org/1999/xhtml" lang="en" xml:lang="en"> |
||
3 | <head> |
||
4 | <meta charset="UTF-8"/> |
||
5 | <meta name="viewport" content="width=device-width, initial-scale=1.0"/> |
||
6 | <meta http-equiv="X-UA-Compatible" content="IE=edge"/> |
||
7 | <title> |
||
8 | <?php |
||
9 | $user_header = $this->session->userdata('user_header'); |
||
10 | if (isset($user_header) && $user_header != '') { ?> |
||
11 | <? start_block_marker('page-title') ?><? end_block_marker() ?> | <?php echo $user_header; ?> |
||
0 ignored issues
–
show
|
|||
12 | <?php |
||
13 | } else { ?> |
||
14 | <? start_block_marker('page-title') ?><? end_block_marker() ?> | ASTPP - Open Source Voip Billing Solution |
||
15 | <?php |
||
16 | } |
||
17 | ?> |
||
18 | </title> |
||
19 | <link rel="icon" href="<? echo base_url(); ?>assets/images/favicon.ico"/> |
||
20 | <script language="javascript" type="text/javascript"> |
||
21 | var base_url = '<?php echo base_url(); ?>'; |
||
22 | function seetext(x){ |
||
23 | x.type = "text"; |
||
24 | } |
||
25 | function hidepassword(x){ |
||
26 | x.type = "password"; |
||
27 | } |
||
28 | function processForm(id,table) { |
||
29 | var url="<?php echo base_url(); ?>get_status/"+id; |
||
30 | var status='false'; |
||
31 | if($('#switch'+id).attr('checked')){ |
||
32 | status='true'; |
||
33 | } |
||
34 | $.ajax({ |
||
35 | type:"POST", |
||
36 | url:url, |
||
37 | data:{"status":status,"id":id,"table":table}, |
||
38 | }); |
||
39 | } |
||
40 | </script> |
||
41 | |||
42 | <link href="<?= base_url() ?>assets/css/checkbox.css" rel="stylesheet"/> |
||
43 | <link href="<?= base_url() ?>assets/css/bootstrap.min.css" rel="stylesheet"/> |
||
44 | <link rel="stylesheet" href="<?php echo base_url(); ?>assets/css/bootstrap-select.css"/> |
||
45 | <link href="<?= base_url() ?>assets/css/sidebar_style.css" rel="stylesheet" type="text/css"/> |
||
46 | <link href="<?php echo base_url(); ?>/assets/css/jquery.datetimepicker.css" rel="stylesheet" /> |
||
47 | <link rel="stylesheet" media="all" type="text/css" href="<?php echo base_url(); ?>/assets/css/tabcontent.css"/> |
||
48 | <link href="<?= base_url() ?>assets/fonts/font-awesome-4.5.0/css/font-awesome.css" rel="stylesheet"/> |
||
49 | <link href="<?= base_url() ?>assets/css/global-style.css" rel="stylesheet" type="text/css"/> |
||
50 | <link href="<?php echo base_url(); ?>assets/css/facebox.css" rel="stylesheet" media="all" /> |
||
51 | <link rel="stylesheet" href="<?php echo base_url(); ?>assets/css/flexigrid.css" type="text/css"/> |
||
52 | <script type="text/javascript" src="<?php echo base_url(); ?>assets/js/jquery-1.7.1.js"></script> |
||
53 | <script type="text/javascript" src="<?php echo base_url(); ?>assets/js/bootstrap.min.js"></script> |
||
54 | <script type="text/javascript" src="<?php echo base_url(); ?>/assets/js/jquery.datetimepicker.js"></script> |
||
55 | <script type="text/javascript" src="<?php echo base_url(); ?>/assets/js/fileinput.js"></script> |
||
56 | <script type="text/javascript" src="<?php echo base_url(); ?>assets/js/tabcontent.js"></script> |
||
57 | <script type="text/javascript" src="<?php echo base_url(); ?>assets/js/respond.js"></script> |
||
58 | <script type="text/javascript" src="<?php echo base_url(); ?>assets/js/respond.src.js"></script> |
||
59 | <script type="text/javascript" src="<?php echo base_url(); ?>assets/js/facebox.js"></script> |
||
60 | <script type="text/javascript" src="<?php echo base_url(); ?>assets/js/flexigrid.js"></script> |
||
61 | <script type="text/javascript" src="<?php echo base_url(); ?>assets/js/module_js/generate_grid.js"></script> |
||
62 | <noscript> |
||
63 | <div id="noscript-warning"> |
||
64 | <?php echo gettext('ASTPP work best with JavaScript enabled'); ?> |
||
65 | </div> |
||
66 | </noscript> |
||
67 | <? start_block_marker('extra_head') ?> |
||
68 | <? end_block_marker() ?> |
||
69 | |||
70 | <script> |
||
71 | |||
72 | function PopupCenter(url, title, w, h) { |
||
73 | var dualScreenLeft = window.screenLeft != undefined ? window.screenLeft : screen.left; |
||
74 | var dualScreenTop = window.screenTop != undefined ? window.screenTop : screen.top; |
||
75 | width = window.innerWidth ? window.innerWidth : document.documentElement.clientWidth ? document.documentElement.clientWidth : screen.width; |
||
76 | height = window.innerHeight ? window.innerHeight : document.documentElement.clientHeight ? document.documentElement.clientHeight : screen.height; |
||
77 | top = window.innerHeight ? window.innerHeight : document.documentElement.clientHeight ? document.documentElement.clientHeight : screen.height; |
||
78 | var left = ((width / 2) - (w / 2)) + dualScreenLeft; |
||
79 | var top = ((height / 2) - (h / 2)) + dualScreenTop; |
||
80 | var newWindow = window.open(url, title, ' width=' + w + ', height=' + h + ', top=' + top + ', left=' + left); |
||
81 | if (window.focus) { |
||
82 | newWindow.focus(); |
||
83 | } |
||
84 | } |
||
85 | SyntaxHighlighter.all(); |
||
86 | jQuery(document).ready(function() { |
||
87 | $("select").searchable(); |
||
88 | }); |
||
89 | </script> |
||
90 | </head> |
||
91 | <body> |
||
92 | <header> |
||
93 | <div class="container"> |
||
94 | <div class="navbar-header pull-left col-md-12_new"> |
||
95 | <div class="navbar-header col-md-9_new"> |
||
96 | <? if ($this->session->userdata('userlevel_logintype') != '0') { |
||
97 | $user_logo = $this->session->userdata('user_logo'); |
||
98 | if ( ! isset($user_logo) && $user_logo == '') { |
||
99 | echo "logo.png"; |
||
100 | } |
||
101 | |||
102 | ?> |
||
103 | <a class="navbar-brand no-padding margin-t-15" href="<?php echo base_url(); ?>dashboard/"> |
||
104 | <img id="logo" alt="dashboard" src="<?php echo base_url(); ?>upload/<?= $user_logo?>" width="187" height="71" border="0"> |
||
105 | <? } else { |
||
106 | $user_logo = $this->session->userdata('user_logo'); |
||
107 | if ( ! isset($user_logo) && $user_logo == '') { |
||
108 | echo "logo.png"; |
||
109 | } |
||
110 | ?> |
||
111 | <a class="navbar-brand no-padding margin-t-15" href="<?php echo base_url(); ?>user/user/"> |
||
112 | <img id="logo" alt="user_logo" src="<?php echo base_url(); ?>upload/<?= $user_logo?>" width="187" height="71" border="0"> |
||
113 | <? }?> |
||
114 | </a> |
||
115 | |||
116 | <button type="button" class="navbar-toggle collapsed" data-toggle="collapse" data-target=".navbar-collapse"> |
||
117 | <span class="sr-only">Toggle navigation</span> |
||
118 | <span class="icon-bar"></span> |
||
119 | <span class="icon-bar"></span> |
||
120 | <span class="icon-bar"></span> |
||
121 | </button> |
||
122 | |||
123 | |||
124 | </div> |
||
125 | </div> |
||
126 | <div class="col-md-1 col-md-1_new no-padding pull-right"> |
||
127 | |||
128 | <div class="navbar-header pull-right profile_border col-md-12 no-padding"> |
||
129 | |||
130 | <ul class="navbar-profile"> |
||
131 | <li> |
||
132 | |||
133 | <?php |
||
134 | $acc_info=$this->session->userdata('accountinfo'); |
||
135 | if($this->session->userdata('userlevel_logintype') != '0'){?> |
||
136 | <a href="<?php echo base_url();?>dashboard/" class=""> <? } else{?> |
||
137 | <a href="<?php echo base_url();?>user/user/" class=""> |
||
138 | <? } |
||
139 | if($this->session->userdata('logintype')!=2){ |
||
140 | $result=(array)$this->db->get_where('accounts',array("id"=>$acc_info['id']),1)->first_row(); |
||
141 | $variable =$result['posttoexternal']==1 ? 'Credit' : gettext('Bal'); |
||
142 | $amount=$result['posttoexternal']==1 ? $result['credit_limit'] :$result['balance']; |
||
143 | $value= $this->common_model->calculate_currency($amount,'','',true); |
||
144 | if($value >0){ |
||
145 | $color='#397A13'; |
||
146 | } |
||
147 | if($value < 0){ |
||
148 | $color='#EE0E43'; |
||
149 | } |
||
150 | if($value == 0){ |
||
151 | $color='#1A1919'; |
||
152 | } |
||
153 | $balance_str = '<span style="color:'.$color.'; font-size: 10px;"><b>('.$variable.' : '.$value.')</b></span>'; |
||
154 | }else{ |
||
155 | $balance_str = ''; |
||
156 | } |
||
157 | |||
158 | $logged_user=$acc_info['first_name']." ".$acc_info['last_name']; |
||
159 | ?> |
||
160 | <span> |
||
161 | <span class="profile_name"> |
||
162 | <?= $logged_user?> |
||
163 | </span> |
||
164 | <label class="profile_label no-margin"><?php echo $balance_str;?> |
||
165 | </label> |
||
166 | </span> |
||
167 | </a> |
||
168 | <ul class="dropdown-box"> |
||
169 | <? if($this->session->userdata('userlevel_logintype') != '0' && $this->session->userdata('userlevel_logintype') != '3'){?> |
||
170 | <li><a href="<?php echo base_url();?>dashboard/"><i class="fa fa-home"></i> <?php echo gettext('Dashboard'); ?></a></li> |
||
171 | <? } else{?> |
||
172 | <li><a href="<?php echo base_url();?>user/user/"><i class="fa fa-home"></i> <?php echo gettext('Dashboard'); ?></a></li> |
||
173 | <? }?> |
||
174 | |||
175 | <? if($this->session->userdata('userlevel_logintype') != '-1'){ |
||
176 | ?> |
||
177 | <li><a href="<?php echo base_url();?>user/user_myprofile/"><i class= "fa fa-user"></i> |
||
178 | <?php echo gettext('My Profile'); ?></a></li> |
||
179 | <? |
||
180 | }?> |
||
181 | |||
182 | <? if($this->session->userdata('userlevel_logintype') == '-1'){?> |
||
183 | <li style="-moz-border-radius: 5px 5px 5px 5px;-webkit-border-radius: 5px 5px 5px 5px;border-radius: 5px 5px 5px 5px;"><a href="http://bugs.astppbilling.org/" target="_blank"><i class= "fa fa-bug"></i> <?php echo gettext('Report a Bug'); ?></a></li> |
||
184 | <?}?> |
||
185 | <? if($this->session->userdata('userlevel_logintype') == '-1'){?> |
||
186 | <li><a href="https://astppdoc.atlassian.net/wiki/display/ASTPP/Welcome+to+ASTPP" target="_blank"><i class="fa fa-file-text"></i> Documentation</a></li> |
||
187 | <li><a href="http://www.astppbilling.org/sip-dialer" target="_blank"><i class="fa fa-mobile fa-lg" aria-hidden="true"></i> Get App</a></li> |
||
188 | <?}?> |
||
189 | |||
190 | <li><a href="<?php echo base_url();?>logout"><i class="fa fa-power-off"></i> Log out</a></li> |
||
191 | </ul> |
||
192 | </li> |
||
193 | </ul> |
||
194 | </div> |
||
195 | </div> |
||
196 | <div class="col-md-9 col-xs-9 no-padding"> |
||
197 | <div class="col-md-12 col-xs-7 no-padding "> |
||
198 | |||
199 | <div id="navbar" class="navbar navbar-white pull-right" role="navigation"> |
||
200 | <div class="container no-padding"> |
||
201 | <div class="navbar-collapse collapse no-padding"> |
||
202 | <ul class="nav navbar-nav pull-right"> |
||
203 | |||
204 | <?php |
||
205 | $menu_info = unserialize($this->session->userdata("menuinfo")); |
||
206 | foreach($menu_info as $menu_key => $menu_values){ |
||
207 | ?> |
||
208 | |||
209 | <?php |
||
210 | View Code Duplication | if(common_model::$global_config['system_config']['opensips']== 0 && $menu_key !='SIP Devices'){ |
|
211 | echo '<li><a href="">'.gettext($menu_key).'<b class="caret"></b></a>'; |
||
212 | } |
||
213 | View Code Duplication | if(common_model::$global_config['system_config']['opensips']== 1 && $menu_key != 'Opensips'){ |
|
214 | echo '<li><a href="">'.gettext($menu_key).'<b class="caret"></b></a>'; |
||
215 | } |
||
216 | ?> |
||
217 | |||
218 | <ul class="dropdown-menu"> |
||
219 | <? foreach($menu_values as $sub_menu_key => $sub_menu_values){?> |
||
220 | |||
221 | <? if($sub_menu_key === 0){ ?> |
||
222 | <? foreach($sub_menu_values as $sub_key => $sub_menu_lables){ |
||
223 | if((common_model::$global_config['system_config']['paypal_status']== 1 && strtolower($sub_menu_lables["menu_label"]) =='recharge') ||(common_model::$global_config['system_config']['opensips']== 1 && $sub_menu_lables["menu_label"] =='Opensips')|| |
||
224 | (common_model::$global_config['system_config']['opensips']== 0 && $sub_menu_lables["menu_label"] =='SIP Devices') || |
||
225 | (($acc_info['type'] == '3' || $acc_info['type'] == '0') && $acc_info['allow_ip_management'] == '1' && strtolower($sub_menu_lables["menu_label"]) == 'ip settings')){ |
||
226 | }else{?> |
||
227 | <li><a href="<?php echo base_url().$sub_menu_lables["module_url"];?>"><?php echo gettext($sub_menu_lables["menu_label"]);?></a></li> |
||
228 | <?}?> |
||
229 | <?} ?> |
||
230 | <?php }else{ |
||
231 | if(common_model::$global_config['system_config']['opensips']==0 && $menu_key !='System Configuration'){ ?> |
||
232 | <li><a href=""><span><?=$sub_menu_key;?></span><i class="fa fa-caret-right pull-right"></i></a> |
||
233 | <? } if(common_model::$global_config['system_config']['opensips']==1) {?> |
||
234 | <li><a href=""><span><?=$sub_menu_key;?></span><i class="fa fa-caret-right pull-right"></i></a> |
||
235 | <?php }if(($acc_info['type']==3 || $acc_info['type']== 0) && $acc_info['allow_ip_management']== 1 && strtolower($sub_menu_lables["menu_label"]) !='ip settings'){ ?> |
||
236 | <li><a href=""><span><?=$sub_menu_key;?></span><i class="fa fa-caret-right pull-right"></i></a> |
||
237 | <? } |
||
238 | ?> |
||
239 | <div class="col-4"><div class="col-md-6 no-padding"> |
||
240 | <ul class="col-12 padding-x-8"> |
||
241 | <? foreach($sub_menu_values as $sub_menu_lables){ |
||
242 | if($sub_menu_lables['menu_label'] != 'Configuration'){ |
||
243 | View Code Duplication | if(common_model::$global_config['system_config']['opensips']==0 && $sub_menu_lables["menu_label"] !='SIP Devices'){ |
|
244 | ?> |
||
245 | <li><a href="<?php echo base_url().$sub_menu_lables["module_url"];?>"><?php echo gettext($sub_menu_lables["menu_label"]);?></a></li> |
||
246 | <? } |
||
247 | View Code Duplication | if(common_model::$global_config['system_config']['opensips']== 1 && $sub_menu_key !='opensips'){ ?> |
|
248 | <li><a href="<?php echo base_url().$sub_menu_lables["module_url"];?>"><?=$sub_menu_lables["menu_label"];?></a></li> |
||
249 | <? } |
||
250 | } |
||
251 | } ?> |
||
252 | </ul></div></div> |
||
253 | <?} |
||
254 | } ?> |
||
255 | </ul> |
||
256 | </li> |
||
257 | <? } |
||
258 | echo '<li> </li>'; |
||
259 | ?> |
||
260 | </ul> |
||
261 | </div> |
||
262 | </div> |
||
263 | </div> |
||
264 | </div> |
||
265 | </div> |
||
266 | </div> |
||
267 | </header> |
||
268 | <span class="afer_row"> |
||
269 | <span id="content"> |
||
270 |
Short opening tags are disabled in PHP’s default configuration. In such a case, all content of this file is output verbatim to the browser without being parsed, or executed.
As a precaution to avoid these problems better use the long opening tag
<?php
.