MOON
Server: Apache
System: Linux e2e-78-16.ssdcloudindia.net 3.10.0-1160.45.1.el7.x86_64 #1 SMP Wed Oct 13 17:20:51 UTC 2021 x86_64
User: imensosw (1005)
PHP: 7.4.33
Disabled: exec,passthru,shell_exec,system
$ pwd: /home/imensosw/public_html/imenso.co/timesheet/api/
Upload Files
File: /home/imensosw/public_html/imenso.co/timesheet/api/imensoapi.php
<?php 

ob_start();

require_once '../lib/lib.inc.php';

logit(INFO, 'stating');

$resp = new stdClass();
$resp->error = false;
$resp->msg = [];

if(!dbConnect()){
	$resp->error = "Database error";
}

$api = new API();

logit(INFO, "REQUEST: " . print_r($_REQUEST,1));

switch ($_REQUEST["action"]) {

    case "load":

        $api->load();
    break;

	case "launchload":
        $api->launchLoad();
    break;
    case "checklogin":
        $api->checkLogin();
    break;
    case "sendforgot":
        $api->sendForgot();
    break;
    case "checkforgot":
        $api->checkForgot();
    break;
    case "changepassword":
        if($api->checkChangePassword())
        {
           $api->changePassword();
        }
    break;
   
    // case "getLibraryCourses":
    // 	$api->getLibraryCourses();
    // break;

    default:

    $resp->error = "No command found";
    logit(INFO, "GOT TO DEFAULT");
} //-es



if ($resp->error) {
	error();
} else {
	respond();
}


class API
{
    public function __construct()
    {
		global $resp;
        $this->resp = &$resp;
				$this->init();
    } //- ef
    private function init() {
	} //- init

	public function load() {

	} //- init

	public function launchLoad() {

	} //- init

    public function checkLogin()
    {
        /*print_r($_REQUEST);
        die();*/
    	if(verifyLogin($_REQUEST["username"],$_REQUEST["password"]))
            {

                $in = array (
                    ":email" => $_REQUEST["username"]
                );

                $sql = "SELECT * FROM users WHERE email =:email";
                if ($rc=dbPdoQuery($sql,$in) AND $row = dbPdoFetch($rc)) {

                    $d = date("Y-M-D s") . $_REQUEST["username"];
                   $d = sha1($d);
                    $in1 = array (
                        ":token" =>  $d ,
                        ":id" => $row["id"],
                        //":login_time"=>date('Y-m-d H:i:s')
                    );

                $this->resp->token =$row['token'];
                $this->resp->id =$row["id"];
                $this->resp->access_level =$row['usertype'];
               
                $login_time=$row['login_time'];
                $login_time = strtotime($login_time);
                $login_time = strtotime("+1 day", $login_time);

                 if(time()>=$login_time)
                {
                    $this->resp->token = $d;
                
                    $in1 = array (
                            ":token" =>  $d ,
                            ":id" => $row["id"],
                            ":login_time"=>date('Y-m-d H:i:s')
                        );
                    $sql="UPDATE users SET token = :token,login_time=:login_time WHERE id=:id";
                    $rc = dbPdoQuery($sql,$in1);
                }



              } else {
                logit(WARN,"Did not get proper login");
                $this->resp->msg = "Username or password not found.";
               }

             }
           else {
                logit(WARN,"Did not get proper login");
                $this->resp->msg = "Username or password not found.";
            }

        } //- checkLogin


}



 ?>
@ Telegram