} } } if (!USER && $pref['user_tracking'] == "session" && varset($pref['password_CHAP'], 0)) { if ($pref['password_CHAP'] == 2) { // *** Add in the code to swap the display tags // $js_body_onload[] = "expandit('loginmenuchap','nologinmenuchap');"; $js_body_onload[] = "expandit('loginmenuchap');"; $js_body_onload[] = "expandit('nologinmenuchap');"; } echo "<script type='text/javascript' src='" . e_JS . "chap_script.js'></script>\n"; $js_body_onload[] = "getChallenge();"; } //XXX - do we still need it? Now we have better way of doing this - admin tools (see below) if (function_exists('headerjs')) { echo headerjs(); } // Admin UI - send header content if any - headerjs() replacement $tmp = e107::getAdminUI(); if ($tmp) { // Note: normally you shouldn't send JS content here, former is (much better) handled by JS manager (both files and inline) echo $tmp->getHeader(); } unset($tmp); // [JSManager] Load JS Includes - Zone 4 - After e_meta, headerjs, before Admin UI headers e107::getJs()->renderJs('header', 4); e107::getJs()->renderJs('header_inline', 4); // ---------- Favicon --------- $sitetheme = e107::getPref('sitetheme'); if (file_exists(e_THEME . $sitetheme . "/favicon.ico")) { echo "<link rel='icon' href='" . e_THEME_ABS . $sitetheme . "/favicon.ico' type='image/x-icon' />\n<link rel='shortcut icon' href='" . e_THEME_ABS . $sitetheme . "/favicon.ico' type='image/xicon' />\n";
include_lan(e_LANGUAGEDIR . e_LANGUAGE . '/lan_usersettings.php'); require_once e_HANDLER . 'ren_help.php'; require_once e_HANDLER . 'user_extended_class.php'; // require_once (e_HANDLER.'user_handler.php'); require_once e_HANDLER . 'validator_class.php'; $ue = new e107_user_extended(); $userMethods = e107::getUserSession(); require_once e_HANDLER . 'ren_help.php'; include_once e107::coreTemplatePath('usersettings'); //correct way to load a core template. // include_once (e_CORE.'shortcodes/batch/usersettings_shortcodes.php'); $usersettings_shortcodes = e107::getScBatch('usersettings'); e107::js('inline', "\n\t\tfunction addtext_us(sc)\n\t\t{\n\t\t\tdocument.getElementById('dataform').image.value = sc;\n\t\t}\n"); // include JS, headerjs not called in header anymore $js = e107::getJs(); $js->footerInline(headerjs()); $photo_to_delete = ''; $avatar_to_delete = ''; $ue_fields = ''; $promptPassword = false; $error = FALSE; $extraErrors = array(); $eufVals = array(); $savePassword = ''; $inp = USERID; // Initially assume that user is modifying their own data. $_uid = false; // FALSE if user modifying their own data; otherwise ID of data being modified $adminEdit = FALSE; // FALSE if editing own data. TRUE if admin edit if (is_numeric(e_QUERY)) {
$maindirs = array('admin' => $ADMIN_DIRECTORY, 'files' => $FILES_DIRECTORY, 'images' => $IMAGES_DIRECTORY, 'themes' => $THEMES_DIRECTORY, 'plugins' => $PLUGINS_DIRECTORY, 'handlers' => $HANDLERS_DIRECTORY, 'languages' => $LANGUAGES_DIRECTORY, 'downloads' => $DOWNLOADS_DIRECTORY, 'docs' => $DOCS_DIRECTORY); foreach ($maindirs as $maindirs_key => $maindirs_value) { $coredir[$maindirs_key] = substr($maindirs_value, 0, -1); } require_once 'core_image.php'; $rs = new form(); set_time_limit(18000); $e_sub_cat = 'fileinspector'; if (isset($_GET['scan'])) { session_write_close(); while (@ob_end_clean()) { } //header("Content-type: text/html; charset=".CHARSET, true); //$css_file = file_exists(e_THEME.$pref['admintheme'].'/'.$pref['admincss']) ? e_THEME.$pref['admintheme'].'/'.$pref['admincss'] : e_THEME.$pref['admintheme'].'/'.$pref['admincss']; $fi = new file_inspector(); echo "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.1//EN\" \"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd\">\r\n\t <html xmlns='http://www.w3.org/1999/xhtml' xml:lang='en'> \r\n\t <head> \t\r\n\t <title>Results</title> \r\n\t " . $fi->headerCss() . " " . headerjs() . "\r\n\t <body style='background-color:white'>\n"; // echo "<br />loading.."; // echo ".."; //flush(); $_POST = $_GET; if ($_GET['exploit']) { $fi->exploit(); } else { $fi->scan_results(); } echo "</body></html>"; exit; } else { $fi = new file_inspector(); require_once e_ADMIN . 'auth.php'; if (e_QUERY) {
$maindirs = array('admin' => $ADMIN_DIRECTORY, 'files' => $FILES_DIRECTORY, 'images' => $IMAGES_DIRECTORY, 'themes' => $THEMES_DIRECTORY, 'plugins' => $PLUGINS_DIRECTORY, 'handlers' => $HANDLERS_DIRECTORY, 'languages' => $LANGUAGES_DIRECTORY, 'downloads' => $DOWNLOADS_DIRECTORY, 'docs' => $DOCS_DIRECTORY); foreach ($maindirs as $maindirs_key => $maindirs_value) { $coredir[$maindirs_key] = substr($maindirs_value, 0, -1); } require_once 'core_image.php'; //$rs = new form; set_time_limit(18000); $e_sub_cat = 'fileinspector'; if (isset($_GET['scan'])) { session_write_close(); while (@ob_end_clean()) { } //header("Content-type: text/html; charset=".CHARSET, true); //$css_file = file_exists(e_THEME.$pref['admintheme'].'/'.$pref['admincss']) ? e_THEME.$pref['admintheme'].'/'.$pref['admincss'] : e_THEME.$pref['admintheme'].'/'.$pref['admincss']; $fi = new file_inspector(); echo "<!DOCTYPE html>\r\n\t <html> \r\n\t <head> \t\r\n\t <title>Results</title> \r\n\t " . $fi->headerCss() . " " . headerjs() . "\r\n\t <body style='background-color:#EEEEEE'>\n"; // define('e_IFRAME', true); // require_once(e_ADMIN."auth.php"); // echo "<br />loading.."; // echo ".."; //flush(); $_POST = $_GET; if (vartrue($_GET['exploit'])) { $fi->exploit(); } else { $fi->scan_results(); } // require_once(e_ADMIN."footer.php"); echo "</body></html>"; exit; } else {