XCS Multi Management of XPanel

Author: aliione

.idea/workspace.xml

@@ -0,0 +1,36 @@
+
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="utf-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1">
+
+    <title>Not Found</title>
+
+    <!-- Fonts -->
+    <link rel="preconnect" href="https://fonts.gstatic.com">
+    <link href="https://fonts.googleapis.com/css2?family=Nunito&display=swap" rel="stylesheet">
+
+    <style>
+        /*! normalize.css v8.0.1 | MIT License | github.com/necolas/normalize.css */html{line-height:1.15;-webkit-text-size-adjust:100%}body{margin:0}a{background-color:transparent}code{font-family:monospace,monospace;font-size:1em}[hidden]{display:none}html{font-family:system-ui,-apple-system,BlinkMacSystemFont,Segoe UI,Roboto,Helvetica Neue,Arial,Noto Sans,sans-serif,Apple Color Emoji,Segoe UI Emoji,Segoe UI Symbol,Noto Color Emoji;line-height:1.5}*,:after,:before{box-sizing:border-box;border:0 solid #e2e8f0}a{color:inherit;text-decoration:inherit}code{font-family:Menlo,Monaco,Consolas,Liberation Mono,Courier New,monospace}svg,video{display:block;vertical-align:middle}video{max-width:100%;height:auto}.bg-white{--bg-opacity:1;background-color:#fff;background-color:rgba(255,255,255,var(--bg-opacity))}.bg-gray-100{--bg-opacity:1;background-color:#f7fafc;background-color:rgba(247,250,252,var(--bg-opacity))}.border-gray-200{--border-opacity:1;border-color:#edf2f7;border-color:rgba(237,242,247,var(--border-opacity))}.border-gray-400{--border-opacity:1;border-color:#cbd5e0;border-color:rgba(203,213,224,var(--border-opacity))}.border-t{border-top-width:1px}.border-r{border-right-width:1px}.flex{display:flex}.grid{display:grid}.hidden{display:none}.items-center{align-items:center}.justify-center{justify-content:center}.font-semibold{font-weight:600}.h-5{height:1.25rem}.h-8{height:2rem}.h-16{height:4rem}.text-sm{font-size:.875rem}.text-lg{font-size:1.125rem}.leading-7{line-height:1.75rem}.mx-auto{margin-left:auto;margin-right:auto}.ml-1{margin-left:.25rem}.mt-2{margin-top:.5rem}.mr-2{margin-right:.5rem}.ml-2{margin-left:.5rem}.mt-4{margin-top:1rem}.ml-4{margin-left:1rem}.mt-8{margin-top:2rem}.ml-12{margin-left:3rem}.-mt-px{margin-top:-1px}.max-w-xl{max-width:36rem}.max-w-6xl{max-width:72rem}.min-h-screen{min-height:100vh}.overflow-hidden{overflow:hidden}.p-6{padding:1.5rem}.py-4{padding-top:1rem;padding-bottom:1rem}.px-4{padding-left:1rem;padding-right:1rem}.px-6{padding-left:1.5rem;padding-right:1.5rem}.pt-8{padding-top:2rem}.fixed{position:fixed}.relative{position:relative}.top-0{top:0}.right-0{right:0}.shadow{box-shadow:0 1px 3px 0 rgba(0,0,0,.1),0 1px 2px 0 rgba(0,0,0,.06)}.text-center{text-align:center}.text-gray-200{--text-opacity:1;color:#edf2f7;color:rgba(237,242,247,var(--text-opacity))}.text-gray-300{--text-opacity:1;color:#e2e8f0;color:rgba(226,232,240,var(--text-opacity))}.text-gray-400{--text-opacity:1;color:#cbd5e0;color:rgba(203,213,224,var(--text-opacity))}.text-gray-500{--text-opacity:1;color:#a0aec0;color:rgba(160,174,192,var(--text-opacity))}.text-gray-600{--text-opacity:1;color:#718096;color:rgba(113,128,150,var(--text-opacity))}.text-gray-700{--text-opacity:1;color:#4a5568;color:rgba(74,85,104,var(--text-opacity))}.text-gray-900{--text-opacity:1;color:#1a202c;color:rgba(26,32,44,var(--text-opacity))}.uppercase{text-transform:uppercase}.underline{text-decoration:underline}.antialiased{-webkit-font-smoothing:antialiased;-moz-osx-font-smoothing:grayscale}.tracking-wider{letter-spacing:.05em}.w-5{width:1.25rem}.w-8{width:2rem}.w-auto{width:auto}.grid-cols-1{grid-template-columns:repeat(1,minmax(0,1fr))}@-webkit-keyframes spin{0%{transform:rotate(0deg)}to{transform:rotate(1turn)}}@keyframes  spin{0%{transform:rotate(0deg)}to{transform:rotate(1turn)}}@-webkit-keyframes ping{0%{transform:scale(1);opacity:1}75%,to{transform:scale(2);opacity:0}}@keyframes  ping{0%{transform:scale(1);opacity:1}75%,to{transform:scale(2);opacity:0}}@-webkit-keyframes pulse{0%,to{opacity:1}50%{opacity:.5}}@keyframes  pulse{0%,to{opacity:1}50%{opacity:.5}}@-webkit-keyframes bounce{0%,to{transform:translateY(-25%);-webkit-animation-timing-function:cubic-bezier(.8,0,1,1);animation-timing-function:cubic-bezier(.8,0,1,1)}50%{transform:translateY(0);-webkit-animation-timing-function:cubic-bezier(0,0,.2,1);animation-timing-function:cubic-bezier(0,0,.2,1)}}@keyframes  bounce{0%,to{transform:translateY(-25%);-webkit-animation-timing-function:cubic-bezier(.8,0,1,1);animation-timing-function:cubic-bezier(.8,0,1,1)}50%{transform:translateY(0);-webkit-animation-timing-function:cubic-bezier(0,0,.2,1);animation-timing-function:cubic-bezier(0,0,.2,1)}}@media (min-width:640px){.sm\:rounded-lg{border-radius:.5rem}.sm\:block{display:block}.sm\:items-center{align-items:center}.sm\:justify-start{justify-content:flex-start}.sm\:justify-between{justify-content:space-between}.sm\:h-20{height:5rem}.sm\:ml-0{margin-left:0}.sm\:px-6{padding-left:1.5rem;padding-right:1.5rem}.sm\:pt-0{padding-top:0}.sm\:text-left{text-align:left}.sm\:text-right{text-align:right}}@media (min-width:768px){.md\:border-t-0{border-top-width:0}.md\:border-l{border-left-width:1px}.md\:grid-cols-2{grid-template-columns:repeat(2,minmax(0,1fr))}}@media (min-width:1024px){.lg\:px-8{padding-left:2rem;padding-right:2rem}}@media (prefers-color-scheme:dark){.dark\:bg-gray-800{--bg-opacity:1;background-color:#2d3748;background-color:rgba(45,55,72,var(--bg-opacity))}.dark\:bg-gray-900{--bg-opacity:1;background-color:#1a202c;background-color:rgba(26,32,44,var(--bg-opacity))}.dark\:border-gray-700{--border-opacity:1;border-color:#4a5568;border-color:rgba(74,85,104,var(--border-opacity))}.dark\:text-white{--text-opacity:1;color:#fff;color:rgba(255,255,255,var(--text-opacity))}.dark\:text-gray-400{--text-opacity:1;color:#cbd5e0;color:rgba(203,213,224,var(--text-opacity))}}
+    </style>
+
+    <style>
+        body {
+            font-family: 'Nunito', sans-serif;
+        }
+    </style>
+</head>
+<body class="antialiased">
+<div class="relative flex items-top justify-center min-h-screen bg-gray-100 dark:bg-gray-900 sm:items-center sm:pt-0">
+    <div class="max-w-xl mx-auto sm:px-6 lg:px-8">
+        <div class="flex items-center pt-8 sm:justify-start sm:pt-0">
+            <div class="px-4 text-lg text-gray-500 border-r border-gray-400 tracking-wider">
+                403</div>
+
+            <div class="ml-4 text-lg text-gray-500 uppercase tracking-wider">limited access</div>
+        </div>
+    </div>
+</div>
+</body>
+</html>

Web Panel/.idea/.gitignore

@@ -0,0 +1,13 @@
+Options +FollowSymLinks
+RewriteEngine on
+Options -indexes
+RewriteCond %{REQUEST_FILENAME} !-d
+RewriteCond %{REQUEST_FILENAME} !-f
+RewriteCond %{REQUEST_FILENAME} !-l
+
+RewriteRule ^(.+)$ index.php?url=$1 "[B= ?,L]"
+
+
+#<Filesmatch ".(php)$" >
+#order deny,allow
+#deny from all

Web Panel/.idea/Xcs-Multi-Management-XPanel.iml

@@ -0,0 +1,15 @@
+<?php
+$port = "22";
+$username = "admin";
+$password = "123456";
+$dbname = "XPanel";
+$lang = "fa-ir";
+
+define("DB_TYPE", "mysql");
+define("DB_HOST", "127.0.0.1");
+define("DB_NAME", $dbname);
+define("DB_USER", $username);
+define("DB_PASS", $password);
+define("PORT", $port);
+define("LANG", $lang);
+date_default_timezone_set("Asia/Tehran");

Web Panel/.idea/modules.xml

@@ -0,0 +1,6 @@
+<?php
+$protocol = isset($_SERVER['HTTPS']) ? 'https' : 'http';
+$http_host=$_SERVER['HTTP_HOST'];
+define('path', $protocol.'://'.$http_host.'/');
+$fakeurl = "https://google.com";
+define('fakeurl', $fakeurl);

Web Panel/index.php

@@ -0,0 +1,155 @@
+<?php
+include_once("Models/Api_Model.php");
+class Api extends Controller
+{
+    public function __construct()
+    {
+        parent::__construct();
+
+        $this->model = new Api_Model();
+        $key = htmlentities($_GET['key']);
+        $token = $this->model->check_token($key);
+        if($token == 'allowed'){
+            $this->index();
+        }else{
+
+            echo 'invalid api key';
+
+        }
+
+    }
+    public function index()
+    {
+        //list user
+        if(isset($_GET['method']) && $_GET['method'] == "listuser"){
+            $list_user = $this->model->list_user();
+            $this->response($list_user) ;
+        }
+
+        //sort status user
+        if(isset($_GET['method']) && $_GET['method'] == "users" && !empty($_GET['status'])){
+            $status_user = $this->model->status_user($_GET['status']);
+            $this->response($status_user) ;
+        }
+
+        //add user
+        if(isset($_GET['method']) && $_GET['method'] == "adduser"){
+            $username = htmlentities($_POST['username']);
+            $password = htmlentities($_POST['password']);
+            $email = htmlentities($_POST['email']);
+            $mobile = htmlentities($_POST['mobile']);
+            $multiuser = htmlentities("1") ;
+            if(isset($_POST['multiuser'])){
+                $multiuser = htmlentities($_POST['multiuser']);
+            }
+            $connection_start = htmlentities($_POST['connection_start']);
+            $traffic = htmlentities('0');
+            if(isset($_POST['traffic'])){
+                $traffic = htmlentities($_POST['traffic']);
+            }
+            $type_traffic = htmlentities($_POST['type_traffic']);
+            $expdate = htmlentities($_POST['expdate']);
+            $desc = htmlentities($_POST['desc']);
+            if(!empty($connection_start)) { $st_date=''; }
+            else { $st_date=date("Y-m-d"); }
+            if ($type_traffic == "gb") {
+                $traffic = $traffic * 1024;
+            } else {
+                $traffic = $traffic;
+            }
+            if(!empty($username) and !empty($password)) {
+                $data_sybmit = array(
+                    'username' => $username,
+                    'password' => $password,
+                    'email' => $email,
+                    'mobile' => $mobile,
+                    'multiuser' => $multiuser,
+                    'startdate' => $st_date,
+                    'finishdate' => $expdate,
+                    'finishdate_one_connect' => $connection_start,
+                    'enable' => 'true',
+                    'traffic' => $traffic,
+                    'referral' => '',
+                    'info' => $desc
+                );
+                $this->model->submit_index($data_sybmit);
+            }
+            else
+            {
+                echo "invalid empty username and password";
+            }
+
+        }
+
+        //show user
+        if(isset($_GET['method']) && $_GET['method'] == "user" && !empty($_GET['username'])){
+            $usernme = htmlentities($_GET['username']);
+            $show_user = $this->model->show_user($usernme);
+            $this->response($show_user) ;
+        }
+        //edit user
+        if(isset($_GET['method']) && $_GET['method'] == "edituser"){
+            $username = htmlentities($_POST['username']);
+            $password = htmlentities($_POST['password']);
+            $email = htmlentities($_POST['email']);
+            $mobile = htmlentities($_POST['mobile']);
+            $multiuser = htmlentities($_POST['multiuser']);
+            $traffic = htmlentities($_POST['traffic']);
+            $type_traffic = htmlentities($_POST['type_traffic']);
+            $expdate = htmlentities($_POST['expdate']);
+            $desc = htmlentities($_POST['desc']);
+            if ($type_traffic == "gb") {
+                $traffic = $traffic * 1024;
+            } else {
+                $traffic = $traffic;
+            }
+            if(!empty($username) && !empty($password)) {
+                $data_sybmit = array(
+                    'username' => $username,
+                    'password' => $password,
+                    'email' => $email,
+                    'mobile' => $mobile,
+                    'multiuser' => $multiuser,
+                    'finishdate' => $expdate,
+                    'traffic' => $traffic,
+                    'info' => $desc
+                );
+                $edit_user = $this->model->edit_user($data_sybmit);
+                $this->response($edit_user);
+            }
+            else
+            {
+                echo "invalid empty username and password";
+            }
+        }
+        // delete user
+        if(isset($_GET['method']) && $_GET['method'] == "deleteuser"){
+            $usernme = htmlentities($_POST['username']);
+            if(!empty($usernme)) {
+                $data_sybmit = array(
+                    'username' => $usernme
+                );
+                $this->model->delete_user($data_sybmit);
+            }
+            else
+            {
+                echo "invalid empty username";
+            }
+        }
+
+
+    }
+
+    function response($data){
+
+        $res= [
+            'status' => 200,
+            'data'   => $data
+
+        ];
+        header('Content-Type: application/json; charset=utf-8');
+        echo json_encode($res,  JSON_PRETTY_PRINT | JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES);
+
+    }
+
+}

Web Panel/panel/.htaccess

@@ -0,0 +1,13 @@
+<?php
+include_once("Models/Index_Model.php");
+
+class Checkip extends Controller
+{
+	function __construct()
+	{
+		parent::__construct();
+        $this->model = new Index_Model();
+
+        $this->view->Render("Checkip/index");
+	}
+}