function wifiapp_service()
{
$stsp = XNODE_getpathbytarget("/runtime", "phyinf", "uid", "BAND24G-1.1", 0);
$phy1 = XNODE_getpathbytarget("", "phyinf", "uid", "BAND24G-1.1", 0);
$wifi1 = XNODE_getpathbytarget("/wifi", "entry", "uid", query($phy1 . "/wifi"), 0);
/* Is the phyinf active? */
$active1 = query($phy1 . "/active");
if ($active1 != 1) {
return;
}
$winfname = query($stsp . "/name");
$ssid = query($wifi1 . "/ssid");
$authtype = query($wifi1 . "/authtype");
$encrtype = query($wifi1 . "/encrtype");
$psk = query($wifi1 . "/nwkey/psk/key");
$wep_defkey = query($wifi1 . "/nwkey/wep/defkey");
$ascii = query($wifi1 . "/nwkey/wep/ascii");
$wep_key_1 = query($wifi1 . "/nwkey/wep/key:1");
$wep_key_2 = query($wifi1 . "/nwkey/wep/key:2");
$wep_key_3 = query($wifi1 . "/nwkey/wep/key:3");
$wep_key_4 = query($wifi1 . "/nwkey/wep/key:4");
if ($ascii == 1) {
$wep_key_1 = ascii($wep_key_1);
$wep_key_2 = ascii($wep_key_2);
$wep_key_3 = ascii($wep_key_3);
$wep_key_4 = ascii($wep_key_4);
}
// WPS config START
$wscd_conf = "/var/wsc.conf";
$wps_en = query($wifi1 . "/wps/enable");
$wps_configured = query($wifi1 . "/wps/configured");
$wps_pin = query($wifi1 . "/wps/pin");
if ($wps_pin == "") {
$wps_pin = query("/runtime/devdata/pin");
}
/* Factory default PIN. (label) */
$dtype = "urn:schemas-wifialliance-org:device:WFADevice:1";
$dpath = XNODE_getpathbytarget("/runtime/upnp", "dev", "deviceType", $dtype, 0);
if ($dpath != "") {
$UUID_tmp = query($dpath . "/guid");
$UUID = cut($UUID_tmp, "0", "-") . cut($UUID_tmp, "1", "-") . cut($UUID_tmp, "2", "-") . cut($UUID_tmp, "3", "-") . cut($UUID_tmp, "4", "-");
$uuid = tolower($UUID);
$modelname = query($dpath . "/devdesc/device/modelName");
$modelnum = query($dpath . "/devdesc/device/modelNumber");
$serialnum = query($dpath . "/devdesc/device/serialNumber");
$vendor = query($dpath . "/devdesc/device/manufacturer");
$vendorurl = query($dpath . "/devdesc/device/manufacturerURL");
$modeldesc = query($dpath . "/devdesc/device/modelDescription");
}
// WPS config END
$iapp = query($phy1 . "/media/iapp");
$phy2 = XNODE_getpathbytarget("", "phyinf", "uid", "BAND24G-1.2", 0);
$phy3 = XNODE_getpathbytarget("", "phyinf", "uid", "BAND24G-1.3", 0);
$phy4 = XNODE_getpathbytarget("", "phyinf", "uid", "BAND24G-1.4", 0);
$phy5 = XNODE_getpathbytarget("", "phyinf", "uid", "BAND24G-1.5", 0);
$mssid1active = query($phy2 . "/active");
$mssid2active = query($phy3 . "/active");
$mssid3active = query($phy4 . "/active");
$mssid4active = query($phy5 . "/active");
if ($iapp == 1) {
$infstr = "";
if ($mssid1active == 1) {
$infstr = $infstr . "wlan0-va0 ";
}
if ($mssid2active == 1) {
$infstr = $infstr . "wlan0-va1 ";
}
if ($mssid3active == 1) {
$infstr = $infstr . "wlan0-va2 ";
}
if ($mssid4active == 1) {
$infstr = $infstr . "wlan0-va3 ";
}
}
//-----------------------------IAPP & iwcontrol setting------------------------------------------------------------------//
fwrite("a", $_GLOBALS["START"], 'xmldbc -k "WSCWAITUP"\\n');
fwrite("a", $_GLOBALS["START"], 'shell="/var/run/wscwaitup.sh"\\n');
fwrite("a", $_GLOBALS["START"], 'rm -f $shell\\n');
fwrite("a", $_GLOBALS["START"], 'killall iwcontrol\\n');
fwrite("a", $_GLOBALS["START"], 'rm -f /var/run/iwcontrol.pid\\n');
fwrite("a", $_GLOBALS["START"], 'killall wscd\\n');
fwrite("a", $_GLOBALS["START"], 'rm -f /var/run/wscd-wlan0.pid\\n');
fwrite("a", $_GLOBALS["START"], 'killall iapp\\n');
fwrite("a", $_GLOBALS["START"], 'rm -f /var/wscd-' . $winfname . '.fifo\\n');
if ($iapp == 1 && $wps_en != 1) {
fwrite("a", $_GLOBALS["START"], 'iapp br0 ' . $winfname . ' ' . $infstr . '\\n');
}
//--------------------------WSC/WPS setting------------------------------------------------------------------------------//
if ($wps_en == 1) {
// WSCD config START //
if ($wps_configured == 1) {
fwrite("w", $wscd_conf, 'mode = 5\\n');
//MODE_AP_PROXY_REGISTRAR//a
if ($authtype == "OPEN") {
fwrite("a", $wscd_conf, 'auth_type = 1\\n');
//AUTH_OPEN=1
} else {
if ($authtype == "SHARED") {
fwrite("a", $wscd_conf, 'auth_type = 4\\n');
//AUTH_SHARED=4
} else {
if ($authtype == "WPAPSK") {
fwrite("a", $wscd_conf, 'auth_type = 2\\n');
//AUTH_WPAPSK=2
} else {
if ($authtype == "WPA2PSK") {
fwrite("a", $wscd_conf, 'auth_type = 32\\n');
//AUTH_WPA2PSK=0x20
// } else if($authtype=="WPA+2PSK"){
} else {
//WPA+2PSK
fwrite("a", $wscd_conf, 'auth_type = 34\\n');
}
}
}
}
if ($encrtype == "NONE") {
fwrite("a", $wscd_conf, 'encrypt_type = 1\\n');
//ENCRYPT_NONE=1
} else {
if ($encrtype == "WEP") {
fwrite("a", $wscd_conf, 'encrypt_type = 2\\n');
//ENCRYPT_WEP=2
} else {
if ($encrtype == "TKIP") {
fwrite("a", $wscd_conf, 'encrypt_type = 4\\n');
//ENCRYPT_TKIP=4
} else {
if ($encrtype == "AES") {
fwrite("a", $wscd_conf, 'encrypt_type = 8\\n');
//ENCRYPT_AES=8
// } else if($encrtype=="TKIP+AES"){
} else {
//TKIP+AES
fwrite("a", $wscd_conf, 'encrypt_type = 12\\n');
}
}
}
}
fwrite("a", $wscd_conf, 'manual_config = 0\\n');
if ($encrtype == "WEP") {
fwrite("a", $wscd_conf, 'wep_transmit_key = ' . $wep_defkey . '\\n');
fwrite("a", $wscd_conf, 'network_key = ' . $wep_key_1 . '\\n');
fwrite("a", $wscd_conf, 'wep_key2 = ' . $wep_key_2 . '\\n');
fwrite("a", $wscd_conf, 'wep_key3 = ' . $wep_key_3 . '\\n');
fwrite("a", $wscd_conf, 'wep_key4 = ' . $wep_key_4 . '\\n');
// } else if($authtype=="WPAPSK" || $authtype=="WPA2PSK" || $authtype=="WPA+2PSK"){
} else {
fwrite("a", $wscd_conf, 'network_key = ' . $psk . '\\n');
}
fwrite("a", $wscd_conf, 'ssid = ' . $ssid . '\\n');
} else {
fwrite("w", $wscd_conf, 'mode = 1\\n');
//MODE_AP_UNCONFIG//
fwrite("a", $wscd_conf, 'auth_type = 32\\n');
//AUTH_WPAPSK=2 + AUTH_WPA2PSK=0x20
fwrite("a", $wscd_conf, 'encrypt_type = 8\\n');
//ENCRYPT_TKIP=4 + ENCRYPT_AES=8
fwrite("a", $wscd_conf, 'manual_config = 0\\n');
if ($ssid == "") {
$ssid1 = query("/runtime/devdata/lanmac");
$defssid = "";
$defssid = $defssid . cut($ssid1, "3", ":");
$defssid = $defssid . cut($ssid1, "4", ":");
$defssid = $defssid . cut($ssid1, "5", ":");
fwrite("a", $wscd_conf, 'ssid = ap-pc-' . $defssid . '\\n');
} else {
fwrite("a", $wscd_conf, 'ssid = ' . $ssid . '\\n');
}
}
fwrite("a", $wscd_conf, 'upnp = 1\\n');
fwrite("a", $wscd_conf, 'config_method = 134\\n');
fwrite("a", $wscd_conf, 'connection_type = 1\\n');
fwrite("a", $wscd_conf, 'pin_code = ' . $wps_pin . '\\n');
fwrite("a", $wscd_conf, 'rf_band = 1\\n');
fwrite("a", $wscd_conf, 'config_by_ext_reg = 1\\n');
fwrite("a", $wscd_conf, 'device_name = "' . $modelname . '"\\n');
fwrite("a", $wscd_conf, 'use_ie = 1\\n');
fwrite("a", $wscd_conf, 'auth_type_flags = 39\\n');
//AUTH_OPEN=1, AUTH_WPAPSK=2, AUTH_SHARED=4, AUTH_WPA2PSK=0x20 //
fwrite("a", $wscd_conf, 'encrypt_type_flags = 15\\n');
//ENCRYPT_NONE=1, ENCRYPT_WEP=2, ENCRYPT_TKIP=4, ENCRYPT_AES=8 //
fwrite("a", $wscd_conf, 'uuid = ' . $uuid . '\\n');
fwrite("a", $wscd_conf, 'device_name = "' . $modelname . '"\\n');
fwrite("a", $wscd_conf, 'manufacturer = "' . $vendor . '"\\n');
fwrite("a", $wscd_conf, 'manufacturerURL = "' . $vendorurl . '"\\n');
fwrite("a", $wscd_conf, 'modelURL = "' . $vendorurl . '"\\n');
fwrite("a", $wscd_conf, 'model_name = "' . $modelname . '"\\n');
fwrite("a", $wscd_conf, 'model_num = "' . $modelnum . '"\\n');
fwrite("a", $wscd_conf, 'serial_num = "' . $serialnum . '"\\n');
fwrite("a", $wscd_conf, 'modelDescription = "' . $modeldesc . '"\\n');
fwrite("a", $wscd_conf, 'device_attrib_id = 1\\n');
fwrite("a", $wscd_conf, 'device_oui = 0050f204\\n');
fwrite("a", $wscd_conf, 'device_category_id = 6\\n');
fwrite("a", $wscd_conf, 'device_sub_category_id = 1\\n');
fwrite("a", $wscd_conf, 'device_password_id = 0\\n');
fwrite("a", $wscd_conf, 'tx_timeout = 5\\n');
fwrite("a", $wscd_conf, 'resent_limit = 2\\n');
fwrite("a", $wscd_conf, 'reg_timeout = 120\\n');
fwrite("a", $wscd_conf, 'block_timeout = 60\\n');
fwrite("a", $wscd_conf, 'WPS_START_LED_GPIO_number = 2\\n');
fwrite("a", $wscd_conf, 'WPS_END_LED_unconfig_GPIO_number = 0\\n');
fwrite("a", $wscd_conf, 'WPS_END_LED_config_GPIO_number = 0\\n');
fwrite("a", $wscd_conf, 'WPS_PBC_overlapping_GPIO_number = 1\\n');
fwrite("a", $wscd_conf, 'PBC_overlapping_LED_time_out = 30\\n');
fwrite("a", $wscd_conf, 'No_ifname_for_flash_set = 2\\n');
fwrite("a", $wscd_conf, 'disable_auto_gen_ssid = 1\\n');
fwrite("a", $wscd_conf, 'disable_hidden_ap = 1\\n');
fwrite("a", $wscd_conf, 'button_hold_time = 3\\n');
fwrite("a", $wscd_conf, 'fix_wzc_wep = 1\\n');
fwrite("a", $wscd_conf, 'WPS_SUCCESS_LED_time_out = 300\\n');
// WSCD config END //
fwrite("a", $_GLOBALS["START"], 'mkdir /var/wps\\n');
fwrite("a", $_GLOBALS["START"], 'cp /etc/simplecfg*.xml /var/wps/\\n');
// fwrite("a", $_GLOBALS["START"], 'flash upd-wsc-conf /etc/wscd.conf /var/wsc.conf\n');
fwrite("a", $_GLOBALS["START"], 'shell="/var/run/wscwaitup.sh"\\n');
fwrite("a", $_GLOBALS["START"], 'echo "#!/bin/sh" > $shell\\n');
fwrite("a", $_GLOBALS["START"], 'echo "if [ -f "/var/run/BRIDGE-1.UP" ] || [ -f "/var/run/LAN-1.UP" ]; then" >> $shell\\n');
fwrite("a", $_GLOBALS["START"], 'echo "\\tsleep 1" >> $shell\\n');
fwrite("a", $_GLOBALS["START"], 'echo "\\troute del -net 239.255.255.250 netmask 255.255.255.255 br0" >> $shell\\n');
fwrite("a", $_GLOBALS["START"], 'echo "\\troute add -net 239.255.255.250 netmask 255.255.255.255 br0" >> $shell\\n');
if ($iapp == 1) {
fwrite("a", $_GLOBALS["START"], 'echo "\\tiapp br0 ' . $winfname . ' ' . $infstr . '" >> $shell\\n');
}
fwrite("a", $_GLOBALS["START"], 'echo "\\twscd -start -c /var/wsc.conf -w ' . $winfname . ' -fi /var/wscd-' . $winfname . '.fifo -daemon" >> $shell\\n');
fwrite("a", $_GLOBALS["START"], 'echo "\\tsleep 1" >> $shell\\n');
fwrite("a", $_GLOBALS["START"], 'echo "\\tiwcontrol ' . $winfname . ' ' . $infstr . '" >> $shell\\n');
fwrite("a", $_GLOBALS["START"], 'echo "\\trm -f $shell" >> $shell\\n');
fwrite("a", $_GLOBALS["START"], 'echo "else" >> $shell\\n');
fwrite("a", $_GLOBALS["START"], 'echo "\\tsleep 1" >> $shell\\n');
fwrite("a", $_GLOBALS["START"], 'echo "\\txmldbc -t WSCWAITUP:1:\'sh $shell\' > /dev/console" >> $shell\\n');
fwrite("a", $_GLOBALS["START"], 'echo "fi" >> $shell\\n');
fwrite("a", $_GLOBALS["START"], 'xmldbc -t "WSCWAITUP:1:sh $shell" > /dev/console\\n');
// fwrite("a", $_GLOBALS["START"], 'wscd -start -c /var/wsc.conf -w '.$winfname.' -fi /var/wscd-'.$winfname.'.fifo -daemon\n');
fwrite("a", $_GLOBALS["START"], 'event WPSPIN add "/etc/scripts/wps_tmp.sh pin"\\n');
fwrite("a", $_GLOBALS["START"], 'event WPSPBC.PUSH add "/etc/scripts/wps_tmp.sh pbc"\\n');
fwrite("a", $_GLOBALS["STOP"], 'event WPSPBC.PUSH add true\\n');
fwrite("a", $_GLOBALS["STOP"], 'event WPSPIN add true\\n');
fwrite("a", $_GLOBALS["STOP"], 'xmldbc -k "WSCWAITUP"\\n');
fwrite("a", $_GLOBALS["STOP"], 'shell="/var/run/wscwaitup.sh"\\n');
fwrite("a", $_GLOBALS["STOP"], 'rm -f $shell\\n');
fwrite("a", $_GLOBALS["STOP"], 'killall wscd\\n');
fwrite("a", $_GLOBALS["STOP"], 'rm -f /var/run/wscd-wlan0.pid\\n');
if ($iapp == 1) {
fwrite("a", $_GLOBALS["STOP"], 'killall iapp\\n');
}
fwrite("a", $_GLOBALS["STOP"], 'killall iwcontrol\\n');
fwrite("a", $_GLOBALS["STOP"], 'rm -f /var/run/iwcontrol.pid\\n');
}
if ($iapp == 1 && $wps_en != 1) {
fwrite("a", $_GLOBALS["START"], 'iwcontrol ' . $winfname . ' ' . $infstr . '\\n');
fwrite("a", $_GLOBALS["STOP"], 'killall iwcontrol\\n');
fwrite("a", $_GLOBALS["STOP"], 'rm -f /var/run/iwcontrol.pid\\n');
fwrite("a", $_GLOBALS["STOP"], 'rm -f /var/wscd-' . $winfname . '.fifo\\n');
}
}
<?php
/**
* @author Trung Hieu
* @copyright 2010
*/
define('CNT', true);
include 'cnt-includes/functions.php';
if ($_POST['search'] && $_POST['search'] != ' ') {
header('Location: search/' . ascii($_POST['search']) . '.html');
} else {
echo 'Hacking attempt';
}
define('CNT', true);
include '../cnt-includes/config.php';
include '../cnt-includes/functions.php';
if (check_log() == true & check_level() >= 3) {
if ($_GET['type'] == 'add' && strlen($_POST['name']) >= 3 && strlen($_POST['code']) >= 1) {
$descrip = '';
for ($i = 0; $i < 10; $i++) {
if ($_POST['a'][$i] && $_POST['b'][$i]) {
if ($descrip == '') {
$descrip = $_POST['a'][$i] . ': ' . $_POST['b'][$i];
} else {
$descrip .= ' / ' . $_POST['a'][$i] . ': ' . $_POST['b'][$i];
}
}
}
@mysql_query("INSERT INTO cnt_products (product_name, product_name_ascii, product_code, product_price, product_free, product_total, product_quality, product_warranty, product_image, product_fullimg, product_descrip, product_info, product_cat) VALUES ('" . $_POST['name'] . "', '" . ascii($_POST['name']) . "', '" . $_POST['code'] . "', " . $_POST['price'] . ", " . ($_POST['free'] ? $_POST['free'] : 0) . ", " . $_POST['total'] . ", '" . $_POST['quality'] . "', " . ($_POST['warranty'] ? $_POST['warranty'] : 0) . ", '" . $_POST['img'] . "', '" . str_replace('thumbs-', '', $_POST['img']) . "', '" . $descrip . "', '" . $_POST['content'] . "', " . $_POST['cat'] . ")");
header('Location: index.php?m=3');
} elseif ($_GET['type'] == 'edit' && strlen($_POST['name']) >= 3 && strlen($_POST['code']) >= 1) {
$descrip = '';
for ($i = 0; $i < 10; $i++) {
if ($_POST['a'][$i] && $_POST['b'][$i]) {
if ($descrip == '') {
$descrip = $_POST['a'][$i] . ': ' . $_POST['b'][$i];
} else {
$descrip .= ' / ' . $_POST['a'][$i] . ': ' . $_POST['b'][$i];
}
}
}
@mysql_query("UPDATE cnt_products SET product_name = '" . $_POST['name'] . "', product_code = '" . $_POST['code'] . "', product_price = " . $_POST['price'] . ", product_free = " . $_POST['free'] . ", product_cat = " . $_POST['cat'] . ", product_total = " . $_POST['total'] . ", product_warranty = " . $_POST['warranty'] . ", product_quality = '" . $_POST['quality'] . "', product_image = '" . $_POST['img'] . "', product_fullimg = '" . str_replace('thumbs-', '', $_POST['img']) . "', product_descrip = '" . $descrip . "', product_info = '" . $_POST['content'] . "' WHERE id = " . $_POST['id']);
header('Location: index.php?m=3');
} elseif ($_GET['type'] == 'del' && $_POST['action'] == 1 && $_POST['id']) {
| Copyright © CNT |
| Phone: 0986.901.797 |
| Y!m: banmai_xanhmai |
| Website: CongNgheTre.Vn |
| Email: PeakOfMusic@Gmail.Com |
\*-----------------------------------*/
define('CNT', true);
include '../cnt-includes/config.php';
include '../cnt-includes/functions.php';
if (check_log() == true & check_level() >= 2) {
if ($_GET['type'] == 'qadd' && strlen($_POST['title']) >= 3 && strlen($_POST['content']) >= 3) {
@mysql_query("INSERT INTO cnt_posts (post_name, post_name_ascii, post_content, post_cat, post_time, post_user) VALUES ('" . $_POST['title'] . "', '" . ascii($_POST['title']) . "', '" . $_POST['content'] . "', '" . $_POST['cat'] . "', " . time() . ", " . $_SESSION['user']['id'] . ")");
header('Location: index.php?m=1');
} elseif ($_GET['type'] == 'add' && strlen($_POST['title']) >= 3 && strlen($_POST['content']) >= 3) {
$_POST['comment'] = $_POST['comment'] ? $_POST['comment'] : 0;
@mysql_query("INSERT INTO cnt_posts (post_name, post_name_ascii, post_quote, post_content, post_cat, post_comment, post_image, post_file, post_time, post_user) VALUES ('" . $_POST['title'] . "', '" . ascii($_POST['title']) . "', '" . $_POST['quote'] . "', '" . $_POST['content'] . "', " . $_POST['cat'] . ", " . $_POST['comment'] . ", '" . $_POST['img'] . "', '" . $_POST['file'] . "', " . time() . ", " . $_SESSION['user']['id'] . ")");
header('Location: index.php?m=1');
} elseif ($_GET['type'] == 'edit') {
$_POST['comment'] = $_POST['comment'] ? $_POST['comment'] : 0;
@mysql_query("UPDATE cnt_posts SET post_name = '" . $_POST['title'] . "', post_quote = '" . $_POST['quote'] . "', post_content = '" . $_POST['content'] . "', post_cat = " . $_POST['cat'] . ", post_comment = " . $_POST['comment'] . ", post_image = '" . $_POST['img'] . "', post_file = '" . $_POST['file'] . "' WHERE id = " . $_POST['id']);
header('Location: index.php?m=1');
} elseif ($_GET['type'] == 'del' && $_POST['action'] == 1 && $_POST['id']) {
$total = count($_POST['id']);
for ($i = 0; $i < $total; $i++) {
@mysql_query("DELETE FROM cnt_posts WHERE id = " . $_POST['id'][$i]);
}
header('Location: index.php?m=1');
} else {
header('Location: index.php?m=1');
}
} else {
header('Location: index.php?m=1&sm=2');
} elseif ($_GET['type'] == 'edit') {
@mysql_query("UPDATE cnt_cats SET cat_name = '" . $_POST['name'] . "', cat_info = '" . $_POST['desc'] . "', cat_order = " . $_POST['order'] . ", cat_sub = " . $_POST['sub'] . " WHERE id = " . $_POST['id']);
header('Location: index.php?m=1&sm=2');
} elseif ($_GET['type'] == 'del' && $_POST['action'] == 1 && $_POST['id']) {
$total = count($_POST['id']);
for ($i = 0; $i < $total; $i++) {
@mysql_query("DELETE FROM cnt_cats WHERE id = " . $_POST['id'][$i]);
}
header('Location: index.php?m=1&sm=2');
} else {
header('Location: index.php?m=1&sm=2');
}
} elseif (check_log() == true && check_level() >= 3 && $_POST['type'] == 2) {
if ($_GET['type'] == 'add' && strlen($_POST['name']) >= 3 && $_POST['order']) {
@mysql_query("INSERT INTO cnt_cats (cat_name, cat_name_ascii, cat_info, cat_type, cat_order, cat_sub) VALUES ('" . $_POST['name'] . "', '" . ascii($_POST['name']) . "', '" . $_POST['desc'] . "', " . $_POST['type'] . ", " . $_POST['order'] . ", " . $_POST['sub'] . ")");
header('Location: index.php?m=3&sm=2');
} elseif ($_GET['type'] == 'edit') {
@mysql_query("UPDATE cnt_cats SET cat_name = '" . $_POST['name'] . "', cat_info = '" . $_POST['desc'] . "', cat_order = " . $_POST['order'] . ", cat_sub = " . $_POST['sub'] . " WHERE id = " . $_POST['id']);
header('Location: index.php?m=3&sm=2');
} elseif ($_GET['type'] == 'del' && $_POST['action'] == 1 && $_POST['id']) {
$total = count($_POST['id']);
for ($i = 0; $i < $total; $i++) {
@mysql_query("DELETE FROM cnt_cats WHERE id = " . $_POST['id'][$i]);
}
header('Location: index.php?m=3&sm=2');
} else {
header('Location: index.php?m=3&sm=2');
}
} else {
echo "Hacking attempt";
<?php
/*-----------------------------------*\
| Copyright © CNT |
| Phone: 0986.901.797 |
| Y!m: banmai_xanhmai |
| Website: CongNgheTre.Vn |
| Email: PeakOfMusic@Gmail.Com |
\*-----------------------------------*/
define('CNT', true);
include '../cnt-includes/config.php';
include '../cnt-includes/functions.php';
if (check_log() == true && check_level() >= 4) {
if ($_GET['type'] == 'add' && strlen($_POST['title']) >= 3 && strlen($_POST['content']) >= 3) {
@mysql_query("INSERT INTO cnt_posts (post_name, post_name_ascii, post_content, post_type, post_time, post_user) VALUES ('" . $_POST['title'] . "', '" . ascii($_POST['title']) . "', '" . $_POST['content'] . "', 2, " . time() . ", " . $_SESSION['user']['id'] . ")");
header('Location: index.php?m=7');
} elseif ($_GET['type'] == 'edit') {
@mysql_query("UPDATE cnt_posts SET post_name = '" . $_POST['title'] . "', post_content = '" . $_POST['content'] . "' WHERE id = " . $_POST['id']);
header('Location: index.php?m=7');
} elseif ($_GET['type'] == 'del' && $_POST['action'] == 1 && $_POST['id']) {
$total = count($_POST['id']);
for ($i = 0; $i < $total; $i++) {
@mysql_query("DELETE FROM cnt_posts WHERE id = " . $_POST['id'][$i]);
}
header('Location: index.php?m=7');
} else {
header('Location: index.php?m=7');
}
} else {
echo "Hacking attempt";
}
/**
* Generate a URL friendly "slug" from a given string.
*
* @param string $title
* @param string $separator
* @return string
*/
function str_slug($title, $separator = '-')
{
$title = ascii($title);
// Convert all dashes/underscores into separator
$flip = $separator == '-' ? '_' : '-';
$title = preg_replace('![' . preg_quote($flip) . ']+!u', $separator, $title);
// Remove all characters that are not the separator, letters, numbers, or whitespace.
$title = preg_replace('![^' . preg_quote($separator) . '\\pL\\pN\\s]+!u', '', mb_strtolower($title));
// Replace all separator characters and whitespace by a single separator
$title = preg_replace('![' . preg_quote($separator) . '\\s]+!u', $separator, $title);
return trim($title, $separator);
}
