function setForceLogout($uid) { global $mysqli; $fl = '' . time() . ',' . $_SERVER['REMOTE_ADDR'] . ''; $M_query = "UPDATE users SET forcelogout='{$fl}' WHERE id='" . $uid . "';"; error_log($M_query); $M_result = $mysqli->query($M_query); logEvent('users', 'force-logout', encodeHex("SESSION: ['" . implode("','", array_keys($_SESSION)) . "'], {'" . implode("', '", $_SESSION) . "'}, POST: ['" . implode("','", array_keys($_POST)) . "'], {'" . implode("', '", $_POST) . "'}, M_query: `{$M_query}`")); }
function cleanInput($type, $input) { if ($type == "comment") { return encodeHex($input); } else { if ($type == "prepared") { return cleanPrepared($input); } else { global $mysqli; return $mysqli->real_escape_string(cleanPrepared(preg_replace($type, '', cleanPrepared($input)))); } } }
function decodeBase58($base58) { $origbase58 = $base58; $chars = "123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz"; $return = "0"; for ($i = 0; $i < strlen($base58); $i++) { $current = (string) strpos($chars, $base58[$i]); $return = (string) bcmul($return, "58", 0); $return = (string) bcadd($return, $current, 0); } $return = encodeHex($return); //leading zeros for ($i = 0; $i < strlen($origbase58) && $origbase58[$i] == "1"; $i++) { $return = "00" . $return; } if (strlen($return) % 2 != 0) { $return = "0" . $return; } return $return; }
sro('/Pages/restricted/admin.php'); die(""); } global $suid, $mysqli; $uid = cleanInput('/[^0-9]/', $_POST['keyfield']); if ("{$uid}" == "{$suid}") { logEvent("audelete", "current-user", encodeHex("SESSION: ['" . implode("','", array_keys($_SESSION)) . "'], {'" . implode("', '", $_SESSION) . "'}, POST: ['" . implode("','", array_keys($_POST)) . "'], {'" . implode("', '", $_POST) . "'} : {$uid} == {$suid}")); die("Cannot delete current user."); } else { if ($uid == '1') { logEvent("audelete", "admin-user", encodeHex("SESSION: ['" . implode("','", array_keys($_SESSION)) . "'], {'" . implode("', '", $_SESSION) . "'}, POST: ['" . implode("','", array_keys($_POST)) . "'], {'" . implode("', '", $_POST) . "'} : {$uid}, {$suid}")); die("Cannot delete user."); } else { $M_query = "SELECT * FROM users WHERE id='{$uid}';"; $M_result = $mysqli->query($M_query) or die("error"); $M_count = $M_result->num_rows; if ($M_count == 1) { $M_row = $M_result->fetch_assoc(); $toAdd = encodeHex("users: ['" . implode("','", array_keys($M_row)) . "'], {'" . implode("', '", $M_row) . "'}"); $M_query1 = "DELETE FROM users WHERE id='{$uid}'"; $M_result1 = $mysqli->query($M_query1); $M_query2 = "INSERT INTO deleted (fid, data) VALUES ('{$uid}', '{$toAdd}')"; $M_result2 = $mysqli->query($M_query2); logEvent("audelete", "success", encodeHex("SESSION: ['" . implode("','", array_keys($_SESSION)) . "'], {'" . implode("', '", $_SESSION) . "'}, POST: ['" . implode("','", array_keys($_POST)) . "'], {'" . implode("', '", $_POST) . "'} : {$uid}, {$suid}, M_query: `{$M_query}`, M_count: `{$M_count}`, M_row: ['" . implode("','", array_keys($M_row)) . "'], {'" . implode("', '", $M_row) . "'}, toAdd: {$toAdd}, M_query1: {$M_query1}, M_query2: {$M_query2}")); print "success"; } else { logEvent("audelete", "no-user", encodeHex("SESSION: ['" . implode("','", array_keys($_SESSION)) . "'], {'" . implode("', '", $_SESSION) . "'}, POST: ['" . implode("','", array_keys($_POST)) . "'], {'" . implode("', '", $_POST) . "'} : {$uid}, {$suid}, M_query: `{$M_query}`, M_count: `{$M_count}`")); die("No such user"); } } }
$M_query = "SELECT * FROM users WHERE username='******';"; $M_result = $mysqli->query($M_query); $M_count = $M_result->num_rows; if ($M_count != 1) { logEvent('pswd-change', 'no-user', encodeHex("SESSION: ['" . implode("','", array_keys($_SESSION)) . "'], {'" . implode("', '", $_SESSION) . "'}, POST: ['" . implode("','", array_keys($_POST)) . "'], {'" . implode("', '", $_POST) . "'}, M_query: `{$M_query}`")); die('{"result": "Incorrect username."}'); } $M_row = $M_result->fetch_assoc(); if (strlen($password) != strlen(hash('md5', 'pi'))) { $password = strtolower(hash('md5', hasher(hasher($_POST['p'])) . hasher(hasher($username)))); } $password = strtolower(hash('md5', hasher(hasher($M_row['createip'] . $password . $M_row['id'])))); $ip = $_SERVER['REMOTE_ADDR']; $current = $ip; if ($M_row['password'] != $password) { logEvent('pswd-change', 'bad-password', encodeHex("SESSION: ['" . implode("','", array_keys($_SESSION)) . "'], {'" . implode("', '", $_SESSION) . "'}, POST: ['" . implode("','", array_keys($_POST)) . "'], {'" . implode("', '", $_POST) . "'}, password: `{$password}`, M_query: `{$M_query}`, M_row: ['" . implode("','", array_keys($M_row)) . "'], {'" . implode("', '", $M_row) . "'}")); die('{"result": "Incorrect old password."}'); } if (strlen($newpassw) != strlen(hash('md5', 'pi'))) { $newpassw = strtolower(hash('md5', hasher(hasher($_POST['p'])) . hasher(hasher($username)))); } $newpassw = strtolower(hash('md5', hasher(hasher($M_row['createip'] . $newpassw . $M_row['id'])))); $M_query6 = "UPDATE users SET password='******' WHERE id='" . $M_row['id'] . "';"; $M_result6 = $mysqli->query($M_query6); if ($M_result6) { logEvent('pswd-change', 'success', encodeHex("SESSION: ['" . implode("','", array_keys($_SESSION)) . "'], {'" . implode("', '", $_SESSION) . "'}, POST: ['" . implode("','", array_keys($_POST)) . "'], {'" . implode("', '", $_POST) . "'}, M_query: `{$M_query}`, M_row: ['" . implode("','", array_keys($M_row)) . "'], {'" . implode("', '", $M_row) . "'}, M_query6: `{$M_query6}`")); print '{"result": "success"}'; } else { logEvent('pswd-change', 'misc-error', encodeHex("SESSION: ['" . implode("','", array_keys($_SESSION)) . "'], {'" . implode("', '", $_SESSION) . "'}, POST: ['" . implode("','", array_keys($_POST)) . "'], {'" . implode("', '", $_POST) . "'}, M_query: `{$M_query}`, M_row: ['" . implode("','", array_keys($M_row)) . "'], {'" . implode("', '", $M_row) . "'}, M_query6: `{$M_query6}`")); die('{"result": "Error saving password."}'); }
die('3'); } $M_query = "SELECT * FROM users WHERE username='******';"; $M_result = $mysqli->query($M_query); $M_count = $M_result->num_rows; if ($M_count == 1) { $M_row = $M_result->fetch_assoc(); $udata = $M_row['udata']; if ($udata === null || $udata === "null") { $udata = "{}"; } $udata = json_decode($udata, true); $udata[$key] = $value; $udata = json_encode($udata); $M_query6 = "UPDATE users SET udata=? WHERE id=?;"; $stmt = $mysqli->prepare($M_query6); $stmt->bind_param("si", $udata, $M_row["id"]); $M_result6 = $stmt->execute(); if ($M_result6) { logEvent('udata-set', 'success', encodeHex("SESSION: ['" . implode("','", array_keys($_SESSION)) . "'], {'" . implode("', '", $_SESSION) . "'}, POST: ['" . implode("','", array_keys($_POST)) . "'], {'" . implode("', '", $_POST) . "'}, M_query: `{$M_query}`, M_row: ['" . implode("','", array_keys($M_row)) . "'], {'" . implode("', '", $M_row) . "'}, M_query6: `{$M_query6}`")); $sudata = $_SESSION["udata"] = $udata; print "success"; } else { logEvent('udata-set', 'misc-error', encodeHex("SESSION: ['" . implode("','", array_keys($_SESSION)) . "'], {'" . implode("', '", $_SESSION) . "'}, POST: ['" . implode("','", array_keys($_POST)) . "'], {'" . implode("', '", $_POST) . "'}, M_query: `{$M_query}`, M_row: ['" . implode("','", array_keys($M_row)) . "'], {'" . implode("', '", $M_row) . "'}, M_query6: `{$M_query6}`")); die('1'); } } else { logEvent('udata-set', 'no-user', encodeHex("SESSION: ['" . implode("','", array_keys($_SESSION)) . "'], {'" . implode("', '", $_SESSION) . "'}, POST: ['" . implode("','", array_keys($_POST)) . "'], {'" . implode("', '", $_POST) . "'}, M_query: `{$M_query}`")); die('2'); } }
logEvent('login', 'banned-user', encodeHex("SESSION: ['" . implode("','", array_keys($_SESSION)) . "'], {'" . implode("', '", $_SESSION) . "'}, POST: ['" . implode("','", array_keys($_POST)) . "'], {'" . implode("', '", $_POST) . "'}, M_query: `{$M_query}`, M_row: ['" . implode("','", array_keys($M_row)) . "'], {'" . implode("', '", $M_row) . "'}")); die('{ "result": "Bad username."}'); } $ip = $_SERVER['REMOTE_ADDR']; $current = $ip; $current = json_decode($M_row['currentip'] ? $M_row['currentip'] : '[]', true); $current[] = $ip; $current = json_encode($current); if ($M_row['old_password'] == $password || $password2 != '' && $M_row['password'] == $password2) { $_SESSION['li'] = 'true'; $_SESSION['username'] = $username; $_SESSION['uid'] = $M_row['id']; $_SESSION['rank'] = $M_row['rank']; $_SESSION['udata'] = $M_row['udata']; if ($M_row['password'] == '') { $M_query6 = "UPDATE users SET currentip='{$current}', password='******',old_password='' WHERE id='" . $M_row['id'] . "';"; } else { $M_query6 = "UPDATE users SET currentip='{$current}',old_password='' WHERE id='" . $M_row['id'] . "';"; } $M_result6 = $mysqli->query($M_query6); if ($M_result6) { logEvent('login', 'success', encodeHex("SESSION: ['" . implode("','", array_keys($_SESSION)) . "'], {'" . implode("', '", $_SESSION) . "'}, POST: ['" . implode("','", array_keys($_POST)) . "'], {'" . implode("', '", $_POST) . "'}, M_query: `{$M_query}`, M_row: ['" . implode("','", array_keys($M_row)) . "'], {'" . implode("', '", $M_row) . "'}, M_query6: `{$M_query6}`")); print '{ "result": "success"}'; } else { logEvent('login', 'ip-error', encodeHex("SESSION: ['" . implode("','", array_keys($_SESSION)) . "'], {'" . implode("', '", $_SESSION) . "'}, POST: ['" . implode("','", array_keys($_POST)) . "'], {'" . implode("', '", $_POST) . "'}, M_query: `{$M_query}`, M_row: ['" . implode("','", array_keys($M_row)) . "'], {'" . implode("', '", $M_row) . "'}, M_query6: `{$M_query6}`")); die('{ "result": "Unknown error."}'); } } else { logEvent('login', 'bad-password', encodeHex("SESSION: ['" . implode("','", array_keys($_SESSION)) . "'], {'" . implode("', '", $_SESSION) . "'}, POST: ['" . implode("','", array_keys($_POST)) . "'], {'" . implode("', '", $_POST) . "'}, password: `{$password}`, M_query: `{$M_query}`, M_row: ['" . implode("','", array_keys($M_row)) . "'], {'" . implode("', '", $M_row) . "'}")); die('{ "result": "Wrong password."}'); }
} else { logEvent('profile', 'password-mismatch', encodeHex("SESSION: ['" . implode("','", array_keys($_SESSION)) . "'], {'" . implode("', '", $_SESSION) . "'}, GET: ['" . implode("','", array_keys($_GET)) . "'], {'" . implode("', '", $_GET) . "'}, M_query: `{$M_query}`, M_count: `{$M_count}`, M_row: ['" . implode("','", array_keys($M_row)) . "'], {'" . implode("', '", $M_row) . "'}")); die("Passwords are not the same."); } } else { logEvent('profile', 'password-multiple-users', encodeHex("SESSION: ['" . implode("','", array_keys($_SESSION)) . "'], {'" . implode("', '", $_SESSION) . "'}, GET: ['" . implode("','", array_keys($_GET)) . "'], {'" . implode("', '", $_GET) . "'}, M_query: `{$M_query}`, M_count: `{$M_count}`")); die("error"); } } else { $val = cleanInput('/[^0-9a-zA-Z]/', $_GET['val']); $tmp = json_decode($user['settings'], true); $val = encodeHex($_GET['val']); $tmp[$id] = $val; $settings = json_encode($tmp); $M_query = "UPDATE users SET settings='{$settings}' WHERE id='{$uid}';"; } } error_log($M_query); global $mysqli; $M_result = $mysqli->query($M_query); if ($M_result) { print 'success'; logEvent('profile', 'success', encodeHex("SESSION: ['" . implode("','", array_keys($_SESSION)) . "'], {'" . implode("', '", $_SESSION) . "'}, GET: ['" . implode("','", array_keys($_GET)) . "'], {'" . implode("', '", $_GET) . "'}, M_query: `{$M_query}`")); } else { logEvent('profile', 'query-fail', encodeHex("SESSION: ['" . implode("','", array_keys($_SESSION)) . "'], {'" . implode("', '", $_SESSION) . "'}, GET: ['" . implode("','", array_keys($_GET)) . "'], {'" . implode("', '", $_GET) . "'}, M_query: `{$M_query}`")); die("error"); } } else { logEvent('profile', 'missing-id', encodeHex("SESSION: ['" . implode("','", array_keys($_SESSION)) . "'], {'" . implode("', '", $_SESSION) . "'}, GET: ['" . implode("','", array_keys($_GET)) . "'], {'" . implode("', '", $_POST) . "'}")); die("error"); }
} $id = ''; $join = time(); $seccode = hash('sha256', rand() . $username . rand() . $join . rand() . $ip . rand()); if ($classid === NULL) { $M_query2 = "INSERT INTO users (username, password, email, createip, joindate, rank) VALUES ('{$username}', '{$password}', '{$email}', '{$ip}', '{$join}', '4')"; } else { $M_query2 = "INSERT INTO users (username, password, email, createip, joindate, rank, class) VALUES ('{$username}', '{$password}', '{$email}', '{$ip}', '{$join}', '4', '{$classid}')"; } $M_result2 = $mysqli->query($M_query2); if (!$M_result2) { logEvent('signup', 'create-error', encodeHex("SESSION: ['" . implode("','", array_keys($_SESSION)) . "'], {'" . implode("', '", $_SESSION) . "'}, POST: ['" . implode("','", array_keys($_POST)) . "'], {'" . implode("', '", $_POST) . "'}, M_query: `{$M_query}`, M_querye: '`{$M_querye}`, M_query1: `{$M_query1}`, M_query2: `{$M_query2}`")); die('{"result": "Unknown error occurred creating account. Please try again."}'); } $M_query3 = "SELECT * FROM users WHERE username='******' AND email='{$email}' AND createip='{$ip}' AND joindate='{$join}';"; $M_result3 = $mysqli->query($M_query3); if (!$M_result3) { logEvent('signup', 'select-error', encodeHex("SESSION: ['" . implode("','", array_keys($_SESSION)) . "'], {'" . implode("', '", $_SESSION) . "'}, POST: ['" . implode("','", array_keys($_POST)) . "'], {'" . implode("', '", $_POST) . "'}, M_query: `{$M_query}`, M_querye: '`{$M_querye}`, M_query1: `{$M_query1}`, M_query2: `{$M_query2}`, M_query3: `{$M_query3}`")); die('{"result": "Unknown error occurred creating account. Please try again."}'); } $M_row3 = $M_result3->fetch_assoc(); $password = strtolower(hash('md5', hasher(hasher($M_row3['createip'] . $password . $M_row3['id'])))); $M_query4 = "UPDATE users SET password='******' WHERE username='******' AND email='{$email}' AND createip='{$ip}' AND joindate='{$join}' AND id='" . $M_row3['id'] . "';"; $M_result4 = $mysqli->query($M_query4); if ($M_result4) { logEvent('signup', 'success', encodeHex("SESSION: ['" . implode("','", array_keys($_SESSION)) . "'], {'" . implode("', '", $_SESSION) . "'}, POST: ['" . implode("','", array_keys($_POST)) . "'], {'" . implode("', '", $_POST) . "'}, M_query: `{$M_query}`, M_querye: '`{$M_querye}`, M_query1: `{$M_query1}`, M_query2: `{$M_query2}`, M_query3: `{$M_query3}`, M_query4: `{$M_query4}`")); print '{"result": "success"}'; } else { logEvent('signup', 'modify-error', encodeHex("SESSION: ['" . implode("','", array_keys($_SESSION)) . "'], {'" . implode("', '", $_SESSION) . "'}, POST: ['" . implode("','", array_keys($_POST)) . "'], {'" . implode("', '", $_POST) . "'}, M_query: `{$M_query}`, M_querye: '`{$M_querye}`, M_query1: `{$M_query1}`, M_query2: `{$M_query2}`, M_query3: `{$M_query3}`, M_query4: `{$M_query4}`")); die('{"result": "Unknown error occurred creating account. Please try again."}'); }
<?php require_once '/var/www/config.php'; sro('/Includes/mysql.php'); sro('/Includes/session.php'); sro('/Includes/functions.php'); if (!hasACL('admin_panel', 'W', 'S')) { sro('/Pages/restricted/admin.php'); die(""); } $uid = cleanInput('/[^0-9]/', $_GET['uid']); global $mysqli; $fl = time() . ',*'; $M_query = "UPDATE users SET forcelogout='{$fl}' WHERE id='" . $uid . "';"; error_log($M_query); $M_result = $mysqli->query($M_query); if ($M_result) { logEvent('users', 'force-logout', encodeHex("SESSION: ['" . implode("','", array_keys($_SESSION)) . "'], {'" . implode("', '", $_SESSION) . "'}, GET: ['" . implode("','", array_keys($_GET)) . "'], {'" . implode("', '", $_GET) . "'}, M_query: `{$M_query}`")); print "success"; } else { die($mysqli->error); }