/home/smartonegroup/public_html/system/system/controllers/editor.php

<?php

/*
|--------------------------------------------------------------------------
| Controller
|--------------------------------------------------------------------------
|
*/

_auth();
$action = $routes[1];
$user = authenticate_admin();

switch ($action) {
    case 'no_file':
        echo '<?php' . PHP_EOL;

        break;

    case 'language.php':
        $contents = file_get_contents($ib_language_file_path);

        if ($contents === false) {
            ib_die('// Unable to Open File: ' . $ib_language_file_path);
        } else {
            echo $contents;
        }

        break;

    case 'invoice_printer.php':
        $file_path = 'system/lib/invoices/render.php';

        $contents = file_get_contents($file_path);

        if ($contents === false) {
            ib_die('// Unable to Open File: ' . $file);
        } else {
            echo $contents;
        }

        break;

    case 'invoice_pdf.php':
        $file_path = 'system/lib/invoices/pdf-x2.php';

        $contents = file_get_contents($file_path);

        if ($contents === false) {
            ib_die('// Unable to Open File: ' . $file);
        } else {
            echo $contents;
        }

        break;

    case 'save':
        $file = _post('file');

        if ($file == 'no_file') {
            i_close($_L['Please Choose a File']);
        }

        if (APP_STAGE == "Demo") {
            ib_die('Unable to Save file in Demo Mode');
        }

        $data = request()->all();

        $codes = $data['codes'] ?? [];

        $available_files_to_edit = [
            'language.php' => $ib_language_file_path,
            'invoice_printer.php' => 'system/lib/invoices/render.php',
            'invoice_pdf.php' => 'system/lib/invoices/pdf-x2.php',
        ];

        if (isset($available_files_to_edit[$file])) {
            $path = $available_files_to_edit[$file];

            if (file_exists($path)) {
                $fp = fopen($path, 'w');
                fwrite($fp, $codes);
                fclose($fp);

                echo $_L['Data Updated'];
            } else {
                echo 'Failed';
            }
        } else {
            i_close('Invalid File ' . $file);
        }

        break;

    default:
        echo '// File not found.';
}

[D] default
[F] accounts.php
[F] admin.php
[F] ai.php
[F] ajax.date-summary.php
[F] ajax.expense-calendar.php
[F] ajax.income-calendar.php
[F] api.php
[F] app_store.php
[F] appearance.php
[F] assets.php
[F] autologin.php
[F] calendar.php
[F] cart.php
[F] client.php
[F] clientapi.php
[F] cms.php
[F] contacts.php
[F] contracts.php
[F] cp.php
[F] customers.php
[F] dashboard-alt.php
[F] dashboard.php
[F] default.php
[F] delete.php
[F] documents.php
[F] editor.php
[F] end_users.php
[F] export.php
[F] files.php
[F] form.php
[F] generate.php
[F] handler.php
[F] help.php
[F] hrm.php
[F] index.html
[F] inventory.php
[F] invoices.php
[F] item.php
[F] items.php
[F] iview.php
[F] json.php
[F] kb.php
[F] leads.php
[F] login.php
[F] logout.php
[F] media.php
[F] orders.php
[F] password_manager.php
[F] plugins.php
[F] print.php
[F] profile.php
[F] projects.php
[F] ps.php
[F] purchases.php
[F] quotes.php
[F] reorder.php
[F] reports.php
[F] sales.php
[F] schema-updates.php
[F] search.php
[F] settings.php
[F] sms.php
[F] subscriptions.php
[F] supplier.php
[F] suppliers.php
[F] sys_imgcrop.php
[F] tags.php
[F] tasks.php
[F] tax.php
[F] tickets.php
[F] transactions.php
[F] updating.php
[F] util.php
[F] webhook.php