}
}
}
if (!USER && $pref['user_tracking'] == "session" && varset($pref['password_CHAP'], 0)) {
if ($pref['password_CHAP'] == 2) {
// *** Add in the code to swap the display tags
// $js_body_onload[] = "expandit('loginmenuchap','nologinmenuchap');";
$js_body_onload[] = "expandit('loginmenuchap');";
$js_body_onload[] = "expandit('nologinmenuchap');";
}
echo "<script type='text/javascript' src='" . e_JS . "chap_script.js'></script>\n";
$js_body_onload[] = "getChallenge();";
}
//XXX - do we still need it? Now we have better way of doing this - admin tools (see below)
if (function_exists('headerjs')) {
echo headerjs();
}
// Admin UI - send header content if any - headerjs() replacement
$tmp = e107::getAdminUI();
if ($tmp) {
// Note: normally you shouldn't send JS content here, former is (much better) handled by JS manager (both files and inline)
echo $tmp->getHeader();
}
unset($tmp);
// [JSManager] Load JS Includes - Zone 4 - After e_meta, headerjs, before Admin UI headers
e107::getJs()->renderJs('header', 4);
e107::getJs()->renderJs('header_inline', 4);
// ---------- Favicon ---------
$sitetheme = e107::getPref('sitetheme');
if (file_exists(e_THEME . $sitetheme . "/favicon.ico")) {
echo "<link rel='icon' href='" . e_THEME_ABS . $sitetheme . "/favicon.ico' type='image/x-icon' />\n<link rel='shortcut icon' href='" . e_THEME_ABS . $sitetheme . "/favicon.ico' type='image/xicon' />\n";
include_lan(e_LANGUAGEDIR . e_LANGUAGE . '/lan_usersettings.php');
require_once e_HANDLER . 'ren_help.php';
require_once e_HANDLER . 'user_extended_class.php';
// require_once (e_HANDLER.'user_handler.php');
require_once e_HANDLER . 'validator_class.php';
$ue = new e107_user_extended();
$userMethods = e107::getUserSession();
require_once e_HANDLER . 'ren_help.php';
include_once e107::coreTemplatePath('usersettings');
//correct way to load a core template.
// include_once (e_CORE.'shortcodes/batch/usersettings_shortcodes.php');
$usersettings_shortcodes = e107::getScBatch('usersettings');
e107::js('inline', "\n\t\tfunction addtext_us(sc)\n\t\t{\n\t\t\tdocument.getElementById('dataform').image.value = sc;\n\t\t}\n");
// include JS, headerjs not called in header anymore
$js = e107::getJs();
$js->footerInline(headerjs());
$photo_to_delete = '';
$avatar_to_delete = '';
$ue_fields = '';
$promptPassword = false;
$error = FALSE;
$extraErrors = array();
$eufVals = array();
$savePassword = '';
$inp = USERID;
// Initially assume that user is modifying their own data.
$_uid = false;
// FALSE if user modifying their own data; otherwise ID of data being modified
$adminEdit = FALSE;
// FALSE if editing own data. TRUE if admin edit
if (is_numeric(e_QUERY)) {
$maindirs = array('admin' => $ADMIN_DIRECTORY, 'files' => $FILES_DIRECTORY, 'images' => $IMAGES_DIRECTORY, 'themes' => $THEMES_DIRECTORY, 'plugins' => $PLUGINS_DIRECTORY, 'handlers' => $HANDLERS_DIRECTORY, 'languages' => $LANGUAGES_DIRECTORY, 'downloads' => $DOWNLOADS_DIRECTORY, 'docs' => $DOCS_DIRECTORY);
foreach ($maindirs as $maindirs_key => $maindirs_value) {
$coredir[$maindirs_key] = substr($maindirs_value, 0, -1);
}
require_once 'core_image.php';
$rs = new form();
set_time_limit(18000);
$e_sub_cat = 'fileinspector';
if (isset($_GET['scan'])) {
session_write_close();
while (@ob_end_clean()) {
}
//header("Content-type: text/html; charset=".CHARSET, true);
//$css_file = file_exists(e_THEME.$pref['admintheme'].'/'.$pref['admincss']) ? e_THEME.$pref['admintheme'].'/'.$pref['admincss'] : e_THEME.$pref['admintheme'].'/'.$pref['admincss'];
$fi = new file_inspector();
echo "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.1//EN\" \"http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd\">\r\n\t <html xmlns='http://www.w3.org/1999/xhtml' xml:lang='en'> \r\n\t <head> \t\r\n\t <title>Results</title> \r\n\t " . $fi->headerCss() . " " . headerjs() . "\r\n\t <body style='background-color:white'>\n";
// echo "<br />loading..";
// echo "..";
//flush();
$_POST = $_GET;
if ($_GET['exploit']) {
$fi->exploit();
} else {
$fi->scan_results();
}
echo "</body></html>";
exit;
} else {
$fi = new file_inspector();
require_once e_ADMIN . 'auth.php';
if (e_QUERY) {
$maindirs = array('admin' => $ADMIN_DIRECTORY, 'files' => $FILES_DIRECTORY, 'images' => $IMAGES_DIRECTORY, 'themes' => $THEMES_DIRECTORY, 'plugins' => $PLUGINS_DIRECTORY, 'handlers' => $HANDLERS_DIRECTORY, 'languages' => $LANGUAGES_DIRECTORY, 'downloads' => $DOWNLOADS_DIRECTORY, 'docs' => $DOCS_DIRECTORY);
foreach ($maindirs as $maindirs_key => $maindirs_value) {
$coredir[$maindirs_key] = substr($maindirs_value, 0, -1);
}
require_once 'core_image.php';
//$rs = new form;
set_time_limit(18000);
$e_sub_cat = 'fileinspector';
if (isset($_GET['scan'])) {
session_write_close();
while (@ob_end_clean()) {
}
//header("Content-type: text/html; charset=".CHARSET, true);
//$css_file = file_exists(e_THEME.$pref['admintheme'].'/'.$pref['admincss']) ? e_THEME.$pref['admintheme'].'/'.$pref['admincss'] : e_THEME.$pref['admintheme'].'/'.$pref['admincss'];
$fi = new file_inspector();
echo "<!DOCTYPE html>\r\n\t <html> \r\n\t <head> \t\r\n\t <title>Results</title> \r\n\t " . $fi->headerCss() . " " . headerjs() . "\r\n\t <body style='background-color:#EEEEEE'>\n";
// define('e_IFRAME', true);
// require_once(e_ADMIN."auth.php");
// echo "<br />loading..";
// echo "..";
//flush();
$_POST = $_GET;
if (vartrue($_GET['exploit'])) {
$fi->exploit();
} else {
$fi->scan_results();
}
// require_once(e_ADMIN."footer.php");
echo "</body></html>";
exit;
} else {
