function doUpdate($arrayValues, $checkVars) { global $con; global $lang; global $config; global $dbTables; $errorField = ''; $queryMsg = "UPDATE " . $dbTables['config'] . " SET "; foreach ($arrayValues as $id => $value) { $optionsCheck['' . $value . ''] = secureVar(trim($_POST['' . $value . '']), 'html'); if ($checkVars) { if ($optionsCheck['' . $value . ''] == '' || empty($optionsCheck['' . $value . ''])) { if ($optionsCheck['' . $value . ''] != 0) { $errorField .= $lang['' . $value . ''] . ' ' . $lang['isEmpty'] . '<br />'; } } } if ($errorField == '') { $con->connect(); $queryMsg .= "{$value}='" . secureVar($optionsCheck['' . $value . ''], 'sql') . "', "; $con->close(); } } $queryMsg = substr($queryMsg, 0, -2); if ($errorField == '') { $con->connect(); $queryMsg .= " where id='" . $config['id'] . "';"; if ($con->modify($queryMsg)) { echo "<div class=\"msgSuccess\">" . $lang['changeSuccess'] . "</div>"; } else { $con->printError(); echo "<div class=\"msgError\">" . $lang['dataError'] . "</div>"; } $con->close(); } else { echo "<div class=\"msgError\">{$errorField}</div>"; } }
redirectToUrlIfNecessary(); loadImage($logo, $idSite); } /* * page variables */ $a_vars = getRequestVar('a_vars', array(), 'array'); /* * visitor config, as saved in the database */ $userAgent = secureVar(@$_SERVER['HTTP_USER_AGENT']); $os = getOs($userAgent); $a_browser = getBrowserInfo($userAgent); $resolution = getRequestVar('res', 'unknown', 'string'); $colorDepth = getRequestVar('col', 32, 'numeric'); $browserLang = secureVar(@$_SERVER['HTTP_ACCEPT_LANGUAGE']); $localTime = getRequestVar('h', date("H"), 'numeric') . ':' . getRequestVar('m', date("i"), 'numeric') . ':' . getRequestVar('s', date("s"), 'numeric'); // assign pageCategory default value of the parse_url::path?query $pageUrlParamsProcessed = processParams($pageUrl, $siteParams); // fix add site.com because else parse_url bugs with ':' in query string if (!ereg('^http://', $pageUrlParamsProcessed)) { $urlParse = parse_url('http://site.com' . $pageUrlParamsProcessed); } else { $urlParse = parse_url($pageUrlParamsProcessed); } if (isset($urlParse['path'])) { $pageNameDefault = substr($urlParse['path'], 1); } if (isset($urlParse['query'])) { $pageNameDefault .= '?' . $urlParse['query']; }
if (empty($bannedIPs) || !in_array($banCheck['ipnumber'], $bannedIPs)) { // Add IP to ban table $queryMsg = "INSERT INTO " . $dbTables['ip'] . " (id, ip) VALUES (NULL, '" . secureVar($banCheck['ipnumber'], 'sql') . "');"; if ($con->modify($queryMsg)) { echo "<div class=\"msgSuccess\">" . $lang['changeSuccess'] . "</div>"; } else { $con->printError(); echo "<div class=\"msgError\">" . $lang['dataError'] . "</div>"; } } else { echo "<div class=\"msgError\">" . $banCheck['ipnumber'] . ' ' . $lang['ipBanned'] . "</div>"; } $con->close(); } elseif ($banCheck['banType'] == 'remove') { $con->connect(); $queryMsg = "DELETE FROM " . $dbTables['ip'] . " WHERE ip='" . secureVar($banCheck['ipnumber'], 'sql') . "';"; if ($con->modify($queryMsg)) { echo "<div class=\"msgSuccess\">" . $lang['changeSuccess'] . "</div>"; } else { $con->printError(); echo "<div class=\"msgError\">" . $lang['dataError'] . "</div>"; } $con->close(); } } } echo "\n\t<form method=\"post\" action=\"index.php?a=banIP\">\n\t\t<fieldset>\n\t\t\t<p>" . $lang['ipnumber'] . " : <input type=\"text\" name=\"ipnumber\" />\n\t\t\t\t<input type=\"hidden\" name=\"hiddenField\" value=\"\" />\n\t\t\t\t<input type=\"hidden\" name=\"banType\" value=\"add\" />\n\t\t\t\t<input type=\"submit\" name=\"submit\" value=\"" . $lang['ban'] . "\" />\n\t\t\t</p>\n\t\t</fieldset>\n\t</form>"; $con->connect(); $queryMsg = "select ip from " . $dbTables['ip'] . ";"; $con->getRows($queryMsg); if ($con->getNumRows() > 0) {
<?php if (@$magic != "0xDEADBEEF") { die("This file cannot be executed directly"); } require_once '../classes/functions.php'; @($instLang = secureVar($_GET['lang'], 'html')); if (empty($instLang)) { $instLang = 'en'; } switch ($instLang) { case 'en': $instLangValue = 'english.php'; break; case 'fr': $instLangValue = 'french.php'; break; case 'ar': $instLangValue = 'arabic.php'; break; case 'tr': $instLangValue = 'turkish.php'; break; case 'jp': $instLangValue = 'japanese.php'; break; case 'fi': $instLangValue = 'finnish.php'; break; case 'de': $instLangValue = 'german.php';
/** * returns first element of a comma separated list * * @param string $ip * * @return string first element before ',' */ function getFirstIpFromList($ip) { $p = strpos($ip, ','); if ($p !== false) { return secureVar(substr($ip, 0, $p)); } else { return secureVar($ip); } }
function produceSearchMsg($tableName, $searchString, $ua) { global $dbTables; // Explode search data into words (explode by blank space) $searchData = explode(" ", trim($searchString)); //$queryMsg = "select * from " . $tableName . " where "; $queryMsg = "select posts.*, reply.id as rid, reply.post_id as post_id, reply.date as rdate, reply.message as rmessage, reply.name as rname from " . $tableName . " posts LEFT JOIN " . $dbTables['reply'] . " reply ON (posts.id = reply.post_id) where"; // Search each word foreach ($searchData as $searchSingleData) { // Search is anything + search data + anything $searchSingleData = "%" . $searchSingleData . "%"; if ($ua) { $queryMsg .= " posts.useragent LIKE '" . secureVar($searchSingleData, 'sql') . "' ||"; } else { $queryMsg .= " posts.name LIKE '" . secureVar($searchSingleData, 'sql') . "' || posts.message LIKE '" . secureVar($searchSingleData, 'sql') . "' ||"; } } // Remove additional || $queryMsg = substr($queryMsg, 0, strLen($queryMsg) - 3); $queryMsg .= " group by posts.date desc;"; return $queryMsg; }
if ($passCheck['newPassword'] != $passCheck['confirmNewPassword']) { $errorField .= $lang['newPassMatch'] . '<br />'; } if ($errorField != '') { echo "<div class=\"msgError\">{$errorField}</div>"; } else { $passCheck['newPassword'] = $passCheck['newPassword']; $passCheck['oldPassword'] = $passCheck['oldPassword']; $con->connect(); $con->getRows("Select password, salt from " . $dbTables['admin'] . " where id='" . secureVar(base64_decode($_SESSION['id']), 'sql') . "';"); foreach ($con->queryResult as $res) { if (hash('sha256', $passCheck['oldPassword'] . base64_decode($res['salt'])) == $res['password']) { $newSalt = substr(hash('sha1', uniqid(rand(), true)), 0, 5); $newPassword = hash('sha256', $passCheck['newPassword'] . $newSalt); $saveSalt = base64_encode($newSalt); $queryMsg = "update " . $dbTables['admin'] . " set password='******'sql') . "', salt='" . secureVar($saveSalt, 'sql') . "' where id='" . secureVar(base64_decode($_SESSION['id']), 'sql') . "';"; if ($con->modify($queryMsg)) { echo "<div class=\"msgSuccess\">" . $lang['changeSuccess'] . "</div>"; } else { $con->printError(); echo "<div class=\"msgError\">" . $lang['dataError'] . "</div>"; } } else { echo "<div class=\"msgError\">" . $lang['wrongOldPass'] . "</div>"; } break; } $con->close(); } } echo "\n\t<form method=\"post\" action=\"index.php?a=changePass\">\n\t\t<fieldset>\n\t\t\t<table border=\"0\">\n\t\t\t\t<tr>\n\t\t\t\t\t<td>" . $lang['oldPassword'] . "</td>\n\t\t\t\t\t<td><input type=\"password\" name=\"oldPassword\" /></td>\n\t\t\t\t</tr>\n\t\t\t\t<tr>\n\t\t\t\t\t<td>" . $lang['newPassword'] . "</td>\n\t\t\t\t\t<td><input type=\"password\" name=\"newPassword\" /></td>\n\t\t\t\t</tr>\n\t\t\t\t<tr>\n\t\t\t\t\t<td>" . $lang['confirmNewPassword'] . "</td>\n\t\t\t\t\t<td><input type=\"password\" name=\"confirmNewPassword\" /></td>\n\t\t\t\t</tr>\n\t\t\t</table>\n\t\t\t<p>\n\t\t\t\t<input type=\"hidden\" name=\"hiddenField\" value=\"\" />\n\t\t\t\t<input type=\"submit\" name=\"submit\" value=\"" . $lang['change'] . "\" />\n\t\t\t</p>\n\t\t</fieldset>\n\t</form>";
$con->close(); } elseif ($submitId == $lang['modify']) { $censoredCheck['censoredOriginal'] = secureVar(trim($_POST['censoredOriginal']), 'html'); $censoredCheck['censoredReplacement'] = secureVar(trim($_POST['censoredReplacement']), 'html'); $errorField = ''; if ($censoredCheck['censoredOriginal'] == '' || empty($censoredCheck['censoredOriginal'])) { $errorField .= $lang['censoredOriginal'] . ' ' . $lang['isEmpty'] . '<br />'; } if ($censoredCheck['censoredReplacement'] == '' || empty($censoredCheck['censoredReplacement'])) { $errorField .= $lang['censoredReplacement'] . ' ' . $lang['isEmpty'] . '<br />'; } if ($errorField != '') { echo "<div class=\"msgError\">{$errorField}</div>"; } else { $con->connect(); $queryMsg = "update " . $dbTables['censored'] . " set original='" . secureVar($censoredCheck['censoredOriginal'], 'sql') . "', replacement='" . secureVar($censoredCheck['censoredReplacement'], 'sql') . "' where id='" . secureVar($censoredID, 'sql') . "';"; if ($con->modify($queryMsg)) { echo "<div class=\"msgSuccess\">" . $lang['changeSuccess'] . "</div>"; } else { $con->printError(); echo "<div class=\"msgError\">" . $lang['dataError'] . "</div>"; } $con->close(); } } } } echo '<span class="titleMsg">' . $lang['addCensored'] . '</span>'; echo "\n\t<form method=\"post\" action=\"index.php?a=censored\">\n\t\t<fieldset>\n\t\t\t<table border=\"0\">\n\t\t\t\t<tr>\n\t\t\t\t\t<td>" . $lang['censoredOriginal'] . "</td>\n\t\t\t\t\t<td><input type=\"text\" name=\"censoredOriginal\" /></td>\n\t\t\t\t</tr>\n\t\t\t\t<tr>\n\t\t\t\t\t<td>" . $lang['censoredReplacement'] . "</td>\n\t\t\t\t\t<td><input type=\"text\" name=\"censoredReplacement\" /></td>\n\t\t\t\t</tr>\n\t\t\t</table>\n\t\t\t<p>\n\t\t\t\t<input type=\"hidden\" name=\"hiddenField\" value=\"\" />\n\t\t\t\t<input type=\"hidden\" name=\"censoredType\" value=\"addCensored\" />\n\t\t\t\t<input type=\"submit\" name=\"submit\" value=\"" . $lang['add'] . "\" />\n\t\t\t</p>\n\t\t</fieldset>\n\t</form>"; $queryMsg = "select id, original, replacement from " . $dbTables['censored'] . ";"; $con->connect();
$errorField .= $lang['dbPassword'] . ' ' . $lang['isEmpty'] . '<br />';*/ if ($optionsCheck['dbPrefix'] == '' || empty($optionsCheck['dbPrefix'])) { $errorField .= $lang['dbPrefix'] . ' ' . $lang['isEmpty'] . '<br />'; } if ($errorField == '') { $data_file = "<?php\n\nif (__FILE__ == \$_SERVER['SCRIPT_FILENAME'])\n\tdie(\"This file cannot be executed directly\");\n\n\$data['dbHost'] = \"" . base64_encode($optionsCheck['dbHost']) . "\";\n\$data['dbUsername'] = \"" . base64_encode($optionsCheck['dbUsername']) . "\";\n\$data['dbPassword'] = \"" . base64_encode($optionsCheck['dbPassword']) . "\";\n\$data['dbDatabase'] = \"" . base64_encode($optionsCheck['dbDatabase']) . "\";\n\$data['dbPrefix'] = \"" . base64_encode($optionsCheck['dbPrefix']) . "\";\n\n?>"; echo $lang['manualDbFileCreation'] . "<br />\n\t\t\t\t<textarea rows='11' cols='70' onfocus='this.select()'>" . $data_file . "</textarea>"; } } if ($errorField != '') { echo "<div class=\"msgError\">{$errorField}</div>"; } } require '../configuration.php'; echo '<table border="0" width="100%"><tr><td>'; $generatePaths = secureVar($_GET['paths'], 'html'); $chPaths['backupFolder'] = $config['backupFolder']; $chPaths['smiliesFolder'] = $config['smiliesFolder']; $chPaths['langFolder'] = $config['langFolder']; $chPaths['themesFolder'] = $config['themesFolder']; if (!empty($generatePaths) && isset($generatePaths)) { $chPaths['backupFolder'] = realpath("./backup"); $chPaths['smiliesFolder'] = realpath("../images/custom"); $chPaths['langFolder'] = realpath("../languages"); $chPaths['themesFolder'] = realpath("../themes"); } echo ' <form method="post" action="index.php?a=advOptions"> <fieldset> <table> <tr>
$newEmailNotif = 0; } if ($res['auto_censor'] == "true") { $newCensor = 1; } else { $newCensor = 0; } $chPaths['backupFolder'] = realpath("../admin/backup"); $chPaths['smiliesFolder'] = realpath("../images/custom"); $chPaths['langFolder'] = realpath("../languages"); $chPaths['themesFolder'] = realpath("../themes"); $themeRetro = 'retro'; if ($lang['dir'] == 'rtl') { $themeRetro = 'retroRTL'; } $queryMsg = "Insert into " . $dbTables['config'] . "\n\t\t\t\t\t(id,offline,offlineMessage,guestbookLang,guestbookTheme,mobileTheme,pagesFormat,numPostsPerPage,adminLang,dateFormat,gbTitle,checkEmail,maxCharField,maxCharMsg,floodTime,moderateMsg,checkCaptcha,headTitle,resizeImg,imgWidth,imgHeight,metaKeywords,metaDescription,backupFolder,smiliesFolder,langFolder,themesFolder,receiveEmailNotification,email,autoCensor,debug,timezone,reCaptcha,reCaptchapubk,reCaptchaprvk)\n\t\t\t\t\t values (\n\t\t\t\t\t'" . secureVar($res['id'], 'sql') . "',\n\t\t\t\t\t'" . secureVar($newOffline, 'sql') . "',\n\t\t\t\t\t'" . secureVar($res['offline_message'], 'sql') . "',\n\t\t\t\t\t'" . secureVar($instLang, 'sql') . "',\n\t\t\t\t\t'" . secureVar($themeRetro, 'sql') . "',\n\t\t\t\t\t'" . secureVar('mobile', 'sql') . "',\n\t\t\t\t\t'" . secureVar($res['spages'], 'sql') . "',\n\t\t\t\t\t'" . secureVar($res['pages'], 'sql') . "',\n\t\t\t\t\t'" . secureVar($instLang, 'sql') . "',\n\t\t\t\t\t'" . secureVar($res['date_format'], 'sql') . "',\n\t\t\t\t\t'" . secureVar($res['title'], 'sql') . "',\n\t\t\t\t\t'" . secureVar(0, 'sql') . "',\n\t\t\t\t\t'" . secureVar($res['max_char_field'], 'sql') . "',\n\t\t\t\t\t'" . secureVar($res['max_char_message'], 'sql') . "',\n\t\t\t\t\t'" . secureVar($res['flood_time'], 'sql') . "',\n\t\t\t\t\t'" . secureVar($newModerate, 'sql') . "',\n\t\t\t\t\t'" . secureVar($newCaptcha, 'sql') . "',\n\t\t\t\t\t'" . secureVar($res['head'], 'sql') . "',\n\t\t\t\t\t'" . secureVar($newResize, 'sql') . "',\n\t\t\t\t\t'" . secureVar($res['img_width'], 'sql') . "',\n\t\t\t\t\t'" . secureVar($res['img_height'], 'sql') . "',\n\t\t\t\t\t'" . secureVar($res['keyword'], 'sql') . "',\n\t\t\t\t\t'" . secureVar($res['description'], 'sql') . "',\n\t\t\t\t\t'" . secureVar($chPaths['backupFolder'], 'sql') . "',\n\t\t\t\t\t'" . secureVar($chPaths['smiliesFolder'], 'sql') . "',\n\t\t\t\t\t'" . secureVar($chPaths['langFolder'], 'sql') . "',\n\t\t\t\t\t'" . secureVar($chPaths['themesFolder'], 'sql') . "',\n\t\t\t\t\t'" . secureVar($newEmailNotif, 'sql') . "',\n\t\t\t\t\t'" . secureVar($res['email'], 'sql') . "',\n\t\t\t\t\t'" . secureVar($newCensor, 'sql') . "',\n\t\t\t\t\t'" . secureVar(0, 'sql') . "',\n\t\t\t\t\t'',\n\t\t\t\t\t'',\n\t\t\t\t\t'',\n\t\t\t\t\t''\n\t\t\t\t\t);"; if (!$con->modify($queryMsg)) { $resultConfig = false; $con->printError(); } } echo 'Configuration.....'; if ($resultConfig) { echo $lang['ok']; } else { echo $lang['no']; } echo '<br />'; $con->close(); if ($resultCensored && $resultConfig && $resultIP && $resultPosts && $resultReply && $resultSmilies && $resultTrash) { echo "<div class=\"msgSuccess\">" . $lang['convertionDone'] . "</div>";
$boxContent->assign("CAPTCHA_FIELD", $_SESSION['captchaField']); $boxContent->assign("LANG_CAPTCHA", $lang['captcha']); $boxContent->assign("CAPTCHA", $captcha); $boxContent->parse('sign.signForm.captcha'); } if ($config['reCaptcha']) { $boxContent->assign("CAPTCHA", $captcha); $boxContent->parse('sign.signForm.recaptcha'); } $publishPage = true; $con->connect(); $con->getRows("Select ip from " . $dbTables['ip'] . ";"); if ($con->getNumRows() > 0) { foreach ($con->queryResult as $res) { if (preg_match("/^" . $res['ip'] . "/", $_SERVER['REMOTE_ADDR'])) { $errorFieldBanIP = secureVar($_SERVER['REMOTE_ADDR'], 'html') . ' ' . $lang['bannedIP'] . '<br />'; $publishPage = false; break; } } } if (!$publishPage) { $boxContent->assign("IP_BANNED", $errorFieldBanIP); $boxContent->parse('sign.bannedIP'); } else { if (!$signOk) { $boxContent->parse('sign.signForm'); } } $boxContent->parse('sign'); $boxContent = $boxContent->text('sign');
/** * useless from now on? 2.2RC1 */ function getNearestLang() { $country = getCountry(getHostnameExt(getHost(getIp())), secureVar(@$_SERVER['HTTP_ACCEPT_LANGUAGE'])); foreach ($this->langAvailable as $key => $langInfo) { if ($langInfo[3] == $country) { return $key; } } return $this->langAvailable['default_lang']; }
<?php if (@$magic != "0xDEADBEEF") { die("This file cannot be executed directly"); } $boxContent = new XTemplate('./themes/' . $config['guestbookTheme'] . '/content/stats.tpl'); include_once 'classes/manage/stats.class.php'; $stats = new Stats(); $durationId = secureVar($_GET['d'], 'html'); $lastMonthSeconds = time() - 2629743; if ($durationId == 'lastmonth') { $queryMsg = "select useragent from " . $dbTables['posts'] . " where publish='1' and date>=" . $lastMonthSeconds . ";"; $lastMonthURL = $lang['lastMonth']; $allTimeURL = '<a href="index.php?a=stats&d=alltime">' . $lang['allTime'] . '</a>'; } else { $queryMsg = "select useragent from " . $dbTables['posts'] . " where publish='1';"; $lastMonthURL = '<a href="index.php?a=stats&d=lastmonth">' . $lang['lastMonth'] . '</a>'; $allTimeURL = $lang['allTime']; } $con->connect(); $con->getRows($queryMsg); $totalNumber = 0; $totalFlags = $con->getNumRows(); if ($totalFlags > 0) { if ($con->getNumRows() > 0) { foreach ($con->queryResult as $res) { $stats->calculateStats($res['useragent']); $totalNumber++; } } $con->close();
<?php if (@$magic != "0xDEADBEEF") { die("This file cannot be executed directly"); } echo '<div class="mainTitle">' . $lang['optimize'] . ' ' . $lang['database'] . '</div>'; echo '<div class="helpPopup ' . $alignHelp . '"><a href="#" onclick="openHelp(\'optimize\');">' . $lang['help'] . '</a></div>'; $submitId = secureVar($_POST['submit'], 'html'); $optimizeResults = array(); if (!empty($submitId) && isset($submitId)) { $queryMsg = "OPTIMIZE TABLE " . $dbTables['config'] . ", " . $dbTables['admin'] . ", " . $dbTables['censored'] . ", " . $dbTables['ip'] . ", " . $dbTables['smilies'] . ", " . $dbTables['posts'] . ", " . $dbTables['reply'] . ", " . $dbTables['trash'] . ", " . $dbTables['backupLog'] . ";"; $con->connect(); if ($con->getRows($queryMsg)) { echo "<div class=\"msgSuccess\">" . $lang['optimizationSuccess'] . "</div>"; } else { $con->printError(); echo "<div class=\"msgError\">" . $lang['dataError'] . "</div>"; } $con->close(); } $queryMsg = "ANALYZE TABLE " . $dbTables['config'] . ", " . $dbTables['admin'] . ", " . $dbTables['censored'] . ", " . $dbTables['ip'] . ", " . $dbTables['smilies'] . ", " . $dbTables['posts'] . ", " . $dbTables['reply'] . ", " . $dbTables['trash'] . ", " . $dbTables['backupLog'] . ";"; $con->connect(); if ($con->getRows($queryMsg)) { foreach ($con->queryResult as $res) { $optimizeResults[] = $res['Msg_text']; } } $con->close(); $optimizeNeeded = false; foreach ($optimizeResults as $key => $value) { if (strripos($value, 'up to date') == false) {
/** * returns the $varName value from the array in the cookie * * @param string $varName * * @return string|false */ function getVar($varName) { if (is_array($this->a_content) && isset($this->a_content[$varName])) { return secureVar($this->a_content[$varName]); } else { return false; } }
echo "<a href='#' onclick=\"window.open ('includes/content/doBackup.php', 'Backup', config='height=200, width=200, toolbar=no, menubar=no, scrollbars=no, resizable=no, location=no, directories=no, status=no');\">" . $lang['backupDatabase'] . "</a>"; echo '</div>'; if (base64_decode($_SESSION['privilege']) == 1) { echo '<span class="titleMsg">' . $lang['restoreDatabase'] . '</span>'; echo "<form method=\"post\" action=\"index.php?a=backup\" enctype='multipart/form-data'>\n\t\t\t<fieldset>\n\t\t\t\t<div class='startBox'> " . $lang['sqlFile'] . " : \n\t\t\t\t\t<input type=\"file\" name=\"uploadField\" />\n\t\t\t\t\t<input type=\"hidden\" name=\"hiddenField\" value=\"\" />\n\t\t\t\t\t<input type=\"hidden\" name=\"backupType\" value=\"restore\" />\n\t\t\t\t\t<input type=\"submit\" name=\"submit\" value=\"" . $lang['restore'] . "\" />\n\t\t\t\t</div>\n\t\t\t</fieldset>\n\t\t</form>"; } $con->connect(); $queryMsg = "select date, operation from " . $dbTables['backupLog'] . " order by date desc;"; $con->getRows($queryMsg); if ($con->getNumRows() > 0) { echo '<span class="titleMsg">' . $lang['bLog'] . '</span>'; echo '<table border="0"> <tr class="topInfosActions"> <td>' . $lang['bDate'] . '</td> <td>' . $lang['bOperation'] . '</td> </tr>'; foreach ($con->queryResult as $res) { echo "<tr class=\"topInfos\">\n\t\t\t\t<td>" . date($config['dateFormat'], secureVar($res['date'], 'html')) . "</td>\n\t\t\t\t<td>"; if ($res['operation'] == "b") { echo $lang['backupDatabase']; } elseif ($res['operation'] == "r") { echo $lang['restoreDatabase']; } else { echo $lang['unkownOperation']; } echo "</td></tr>"; } echo '<tr><td colspan="2" align="right"><a href="index.php?a=backup&action=clear">' . $lang['bClear'] . '</a></td></tr> </table>'; } $con->close();
/** * get a variable from the $_REQUEST superglobal * * it tests the var type and exit if the variable doesn't have default value and * if the type doesn't match * * @param string $varName name of the variable * @param string $varDefault default value. If '', and if the type doesn't match, exit() ! * @param string $varType variable type */ function getRequestVar($varName, $varDefault = null, $varType = "string") { $varDefault = secureVar(stripslashesPmv($varDefault)); if (!isset($_REQUEST[$varName]) || empty($_REQUEST[$varName])) { if ($varDefault === null) { trigger_error("Error : \$varName '{$varName}' doesn't have value in \$_REQUEST and doesn't have a" . " \$varDefault value", E_USER_ERROR); exit; return; } else { if ($varType == "numeric") { $varType = "string"; } settype($varDefault, $varType); return $varDefault; } } else { $content = secureVar(stripslashesPmv($_REQUEST[$varName])); if ($varType == 'string') { if (is_string($content)) { $ok = true; } } elseif ($varType == 'numeric' || $varType == 'int' || $varType == 'float') { if (is_numeric($content)) { $ok = true; } } elseif ($varType == 'array') { if (is_array($content)) { $ok = true; } } else { $ok = true; } if (!isset($ok)) { if ($varDefault === null) { trigger_error("Error : \$varName '{$varName}' doesn't have a correct type in \$_REQUEST and doesn't " . "have a \$varDefault value", E_USER_ERROR); exit; return; } else { if ($varType == "numeric") { $varType = "string"; } settype($varDefault, $varType); return $varDefault; } } else { return $content; } } }
echo "\n\t\t\t\t<body onload=\"document.getElementById('unhashedPassword').focus()\">\n\t\t\t\t<script type=\"text/javascript\" src=\"../javascript/webtoolkit.sha256.js\"></script>\n\t\t\t\t<br /><br />\n\t\t\t\t<div class=\"logo\">\n\t\t\t\t\t<img src=\"../images/logo/angora_medium.png\" alt=\"Angora logo\" />\n\t\t\t\t</div>\n\t\t\t\t<div class=\"login\">\n\t\t\t\t\t<form method=\"post\" action=\"index.php?a=login\">\n\t\t\t\t\t\t<fieldset>\n\t\t\t\t\t\t\t<table border=\"0\">\n\t\t\t\t\t\t\t\t<tr>\n\t\t\t\t\t\t\t\t\t<td>" . $lang['password'] . "</td>\n\t\t\t\t\t\t\t\t\t<td><input type=\"password\" name=\"unhashedPassword\" id=\"unhashedPassword\" autocomplete=\"off\" onkeyup=\"this.form.password.value = SHA256(SHA256(this.form.unhashedPassword.value + '" . base64_decode($_SESSION['salt']) . "') + '" . $_SESSION['challenge'] . "')\" /></td>\n\t\t\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t\t</table>\n\t\t\t\t\t\t\t<p>\n\t\t\t\t\t\t\t\t<input type=\"hidden\" name=\"hiddenField\" value=\"\" />\n\t\t\t\t\t\t\t\t<input type=\"hidden\" name=\"password\" value=\"\" />\n\t\t\t\t\t\t\t\t<input type=\"hidden\" name=\"step\" value=\"pass\" />\n\t\t\t\t\t\t\t\t<input type=\"hidden\" name=\"ip\" value=\"" . $_SERVER['REMOTE_ADDR'] . "\" />\n\t\t\t\t\t\t\t\t<input type=\"hidden\" name=\"useragent\" value=\"" . $_SERVER['HTTP_USER_AGENT'] . "\" />\n\t\t\t\t\t\t\t\t<input type=\"submit\" name=\"submit\" value=\"" . $lang['login'] . "\" />\n\t\t\t\t\t\t\t</p>\n\t\t\t\t\t\t</fieldset>\n\t\t\t\t\t</form>\n\t\t\t\t</div>\n\t\t\t\t\n\t\t\t\t<div class=\"forgotPass\"><a href=\"index.php?a=forgotPass\">" . $lang['forgotPass'] . "</a></div>"; } } break; case 'pass': $loginCheck['password'] = secureVar(trim($_POST['password']), 'html'); $errorField = ''; if ($loginCheck['password'] == '' || empty($loginCheck['password'])) { $errorField .= $lang['password'] . ' ' . $lang['isEmpty'] . '<br />'; } if ($errorField != '') { echo "<div class=\"msgError\">{$errorField}</div>"; printLogin(); } else { $con->connect(); $con->getRows("Select * from " . $dbTables['admin'] . " where username='******'username'], 'sql') . "';"); if ($con->getNumRows() <= 0) { echo '<div class="msgError">' . $loginCheck['username'] . ' ' . $lang['doesntExist'] . '</div>'; printLogin(); exit; } foreach ($con->queryResult as $res) { $salt = base64_decode($res['salt']); $admin['password'] = hash('sha256', $res['password'] . $_SESSION['challenge']); if ($admin['password'] == $loginCheck['password']) { $_SESSION['id'] = base64_encode($res['id']); $_SESSION['privilege'] = base64_encode($res['privilege']); $_SESSION['username'] = $res['username']; $_SESSION['iden'] = TRUE; $_SESSION['HTTP_USER_AGENT'] = hash('sha1', $_SERVER['HTTP_USER_AGENT']); $loginCheck['iden'] = true;
if ($con->modify($queryMsg)) { echo "<div class=\"msgSuccess\">" . $lang['adminConfigurationDone'] . "</div>"; $savedEmail = base64_encode($installCheck['adminEmail']); $chPaths['backupFolder'] = realpath("../admin/backup"); $chPaths['smiliesFolder'] = realpath("../images/custom"); $chPaths['langFolder'] = realpath("../languages"); $chPaths['themesFolder'] = realpath("../themes"); $checkCaptcha = 0; if (extension_loaded('gd')) { $checkCaptcha = 1; } $themeRetro = 'retro'; if ($lang['dir'] == 'rtl') { $themeRetro = 'retroRTL'; } $queryMsg = "INSERT INTO " . $dbTables['config'] . " (id,offline,offlineMessage,guestbookLang,guestbookTheme,mobileTheme,pagesFormat,numPostsPerPage,adminLang,dateFormat,gbTitle,checkEmail,maxCharField,maxCharMsg,floodTime,moderateMsg,checkCaptcha,headTitle,resizeImg,imgWidth,imgHeight,metaKeywords,metaDescription,backupFolder,smiliesFolder,langFolder,themesFolder,receiveEmailNotification,email,autoCensor,debug) VALUES \n\t\t\t\t(0, '0', 'The guestbook is offline!', '" . secureVar($instLang, 'sql') . "', '" . secureVar($themeRetro, 'sql') . "', 'mobile', 'several', '5', '" . secureVar($instLang, 'sql') . "', 'd-m-Y H:i:s', 'My guestbook', '0', '35', '500', '30', '0', '" . secureVar($checkCaptcha, 'sql') . "', 'Angora 1.0', '0', '100', '100', '', '', '" . secureVar($chPaths['backupFolder'], 'sql') . "', '" . secureVar($chPaths['smiliesFolder'], 'sql') . "', '" . secureVar($chPaths['langFolder'], 'sql') . "', '" . secureVar($chPaths['themesFolder'], 'sql') . "', '0', '" . secureVar($savedEmail, 'sql') . "', '0', '0')"; if ($con->modify($queryMsg)) { echo "<div class=\"msgSuccess\">" . $lang['generalConfigurationDone'] . "</div>"; // Creation of data.php file echo "<div class=\"title\">" . $lang['fileCreation'] . "</div>"; $data_file = "<?php\n\nif (@\$magic != \"0xDEADBEEF\")\n\tdie(\"This file cannot be executed directly\");\n\n\$data['dbHost'] = \"" . base64_encode($installCheck['host']) . "\";\n\$data['dbUsername'] = \"" . base64_encode($installCheck['username']) . "\";\n\$data['dbPassword'] = \"" . base64_encode($installCheck['password']) . "\";\n\$data['dbDatabase'] = \"" . base64_encode($installCheck['database']) . "\";\n\$data['dbPrefix'] = \"" . base64_encode($installCheck['prefix']) . "\";\n\n?>"; echo $lang['manualDbFileCreation'] . "<br />\n\t\t\t\t\t\t<textarea rows='11' cols='70' onfocus='this.select()'>" . $data_file . "</textarea>"; // Remember to delete setup folder !! echo "<div class=\"title\">" . $lang['finishing'] . "</div>"; echo '<div>' . $lang['deleteSetup'] . '<br />' . $lang['yesYouCan'] . ' : <br /> <a href="../index.php">' . $lang['newGuestbook'] . '</a> <br /> <a href="../admin/">' . $lang['adminCenter'] . '</a>'; } else { echo "<div class=\"msgError\">" . $lang['dataError'] . "</div>"; echo '<div id="previous"><a href="index.php?a=config&lang=' . $instLang . '">' . $lang['previous'] . '</a></div>';
$boxContent->assign("POST_ID", secureVar($res['id'], 'html')); $boxContent->assign("COUNTRY", $countryName->getCountry($res['country'])); $boxContent->assign("COUNTRY_ICON", "images/countries/" . secureVar($res['country'], 'html') . ".png"); $boxContent->assign("NAME", secureVar($res['name'], 'html')); $boxContent->assign("LOCATION", secureVar($res['location'], 'html')); $boxContent->assign("MESSAGE", $messageValue); $boxContent->assign("USER_AGENT", secureVar($res['useragent'], 'html')); $boxContent->assign("RATING", secureVar($res['rating'], 'html')); $boxContent->assign("RATING_ICON", "images/stars/" . secureVar($res['rating'], 'html') . ".gif"); $boxContent->assign("PAGE_ADDR", "index.php?id=" . secureVar($res['id'], 'html')); $boxContent->assign("COUNTRY_ADDR", "index.php?cc=" . secureVar($res['country'], 'html')); $boxContent->assign("BROWSER_ICON", "images/browsers/icon_" . $userAgent->getBrowser() . ".png"); $boxContent->assign("OS_ICON", "images/os/icon_" . $userAgent->getOS() . ".png"); // Admin reply if ($res['rid'] != NULL) { $messageValue = Message::formatMessage(secureVar($res['rmessage'], 'html'), $censoredList, $censoredLists); $messageValue = Message::formatSmilies($messageValue, null, $smiliesReplacement); $boxContent->assign("AD_NAME", secureVar(base64_decode($res['rname']), 'html')); $boxContent->assign("AD_DATE", date($config['dateFormat'], secureVar($res['rdate'], 'html'))); $boxContent->assign("AD_MESSAGE", $messageValue); $boxContent->parse('posts.fetch_posts.fetch_adminReply'); } $boxContent->parse('posts.fetch_posts'); } } else { $boxContent->assign("NO_MESSAGES", $lang['noPostsToYourQuery']); $boxContent->parse('posts.no_posts'); } $con->close(); $boxContent->parse('posts'); $boxContent = $boxContent->text('posts');
session_regenerate_id(); $magic = "0xDEADBEEF"; $lang = array(); include_once '../classes/error/error.class.php'; include_once 'includes/checks.php'; require_once '../configuration.php'; include_once '../classes/functions.php'; date_default_timezone_set($config['timezone']); startCompression(); // Debug informations if ($config['debug']) { $startTime = getTime(); } include_once "../languages/" . $config['adminLang'] . "/admin.php"; echo "<!DOCTYPE html \n PUBLIC \"-//W3C//DTD XHTML 1.0 Strict//EN\"\n \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd\">\n\n<html xmlns=\"http://www.w3.org/1999/xhtml\" xml:lang=\"" . $lang['lang'] . "\" lang=\"" . $lang['lang'] . "\" dir=\"" . $lang['dir'] . "\">\n\n<head>\n<link rel=\"stylesheet\" href=\"includes/style/layout.css\" type=\"text/css\" />\n<link rel=\"stylesheet\" href=\"includes/style/style.css\" type=\"text/css\" />\n<meta http-equiv=\"Content-Type\" lang=\"" . $lang['lang'] . "\" content=\"text/html; charset=" . $lang['charset'] . "\" />\n<title>" . $config['headTitle'] . "</title>"; $pageName = secureVar($_GET['a'], 'html'); if (empty($pageName) || $pageName == '' || $pageName == 'login') { echo "<script type=\"text/javascript\" src=\"../javascript/webtoolkit.sha256.js\"></script>\n\t</head><body>"; require_once 'includes/content/login.php'; } elseif ($pageName == 'logout') { echo "</head><body>"; require_once 'includes/content/logout.php'; } elseif ($pageName == 'forgotPass') { echo "</head><body>"; require_once 'includes/content/forgotPass.php'; } else { $float = 'floatLeft'; $alignHelp = 'alignRight'; if ($lang['dir'] == 'rtl') { $float = 'floatRight'; $alignHelp = 'alignLeft';
$errorField .= $lang['newPassword'] . ' ' . $lang['isEmpty'] . '<br />'; } if ($adminCheck['confirmNewPassword'] == '' || empty($adminCheck['confirmNewPassword'])) { $errorField .= $lang['confirmNewPassword'] . ' ' . $lang['isEmpty'] . '<br />'; } if ($adminCheck['newPassword'] != $adminCheck['confirmNewPassword']) { $errorField .= $lang['newPassMatch'] . '<br />'; } if ($errorField != '') { echo "<div class=\"msgError\">{$errorField}</div>"; } else { $newSalt = substr(hash('sha1', uniqid(rand(), true)), 0, 5); $newPassword = hash('sha256', $adminCheck['newPassword'] . $newSalt); $saveSalt = base64_encode($newSalt); $con->connect(); $queryMsg = "update " . $dbTables['admin'] . " set password='******'sql') . "', salt='" . secureVar($saveSalt, 'sql') . "' where id='" . secureVar($adminID, 'sql') . "';"; if ($con->modify($queryMsg)) { echo "<div class=\"msgSuccess\">" . $lang['changeSuccess'] . "</div>"; } else { $con->printError(); echo "<div class=\"msgError\">" . $lang['dataError'] . "</div>"; } $con->close(); } } } } } echo '<span class="titleMsg">' . $lang['addAdmin'] . '</span>'; echo "\n\t<form method=\"post\" action=\"index.php?a=admin\">\n\t\t<fieldset>\n\t\t\t<table border=\"0\">\n\t\t\t\t<tr>\n\t\t\t\t\t<td>" . $lang['adminName'] . "</td>\n\t\t\t\t\t<td><input type=\"text\" name=\"adminName\" /></td>\n\t\t\t\t</tr>\n\t\t\t\t<tr>\n\t\t\t\t\t<td>" . $lang['newPassword'] . "</td>\n\t\t\t\t\t<td><input type=\"password\" name=\"newPassword\" /></td>\n\t\t\t\t</tr>\n\t\t\t\t<tr>\n\t\t\t\t\t<td>" . $lang['confirmNewPassword'] . "</td>\n\t\t\t\t\t<td><input type=\"password\" name=\"confirmNewPassword\" /></td>\n\t\t\t\t</tr>\n\t\t\t\t<tr>\n\t\t\t\t\t<td>" . $lang['superAdminPassword'] . "</td>\n\t\t\t\t\t<td><input type=\"password\" name=\"superAdminPassword\" /></td>\n\t\t\t\t</tr>\n\t\t\t</table>\n\t\t\t<p>\n\t\t\t\t<input type=\"hidden\" name=\"hiddenField\" value=\"\" />\n\t\t\t\t<input type=\"hidden\" name=\"adminType\" value=\"addNewAdmin\" />\n\t\t\t\t<input type=\"submit\" name=\"submit\" value=\"" . $lang['add'] . "\" />\n\t\t\t</p>\n\t\t</fieldset>\n\t</form>"; echo '<span class="titleMsg">' . $lang['modifyAdmins'] . '</span>';
} $con->close(); } } } } echo '<span class="titleMsg">' . $lang['addSmiley'] . '</span>'; echo "\n\t<form method=\"post\" action=\"index.php?a=smilies\">\n\t\t<fieldset>\n\t\t\t<table border=\"0\">\n\t\t\t\t<tr>\n\t\t\t\t\t<td>" . $lang['smileyName'] . "</td>\n\t\t\t\t\t<td><input type=\"text\" name=\"smileyName\" /></td>\n\t\t\t\t</tr>\n\t\t\t\t<tr>\n\t\t\t\t\t<td>" . $lang['smileyCode'] . "</td>\n\t\t\t\t\t<td><input type=\"text\" name=\"smileyCode\" /></td>\n\t\t\t\t</tr>\n\t\t\t\t<tr>\n\t\t\t\t\t<td>" . $lang['smileyPath'] . "</td>\n\t\t\t\t\t<td><input type=\"text\" name=\"smileyPath\" size=\"40\" /></td>\n\t\t\t\t</tr>\n\t\t\t</table>\n\t\t\t<p>\n\t\t\t\t<input type=\"hidden\" name=\"hiddenField\" value=\"\" />\n\t\t\t\t<input type=\"hidden\" name=\"smiliesType\" value=\"addaSmiley\" />\n\t\t\t\t<input type=\"submit\" name=\"submit\" value=\"" . $lang['add'] . "\" />\n\t\t\t</p>\n\t\t</fieldset>\n\t</form>"; echo "<script type=\"text/javascript\">\n\t\t\tfunction toggle(obj) {\n\t\t\t\tvar el = document.getElementById('i' + obj);\n\t\t\t\tvar el1 = document.getElementById('m' + obj);\n\t\t\t\tif ( el.style.display != 'none' ) {\n\t\t\t\t\tel.style.display = 'none';\n\t\t\t\t\tel1.src = '../images/posts/toggle.gif';\n\t\t\t\t}\n\t\t\t\telse {\n\t\t\t\t\tel.style.display = '';\n\t\t\t\t\tel1.src = '../images/posts/toggle1.gif';\n\t\t\t\t}\n\t\t\t}\n\t\t</script>"; echo '<a href="javascript:toggle(1)"><img src="../images/posts/toggle.gif" alt="Toogle" id="m1" /> ' . $lang['uploadSmilies'] . '</a>'; echo '<div id="i1" style="display : none;">'; if ($handle = opendir($config['smiliesFolder'])) { while (false !== ($file = readdir($handle))) { if ($file != "." && $file != "..") { echo ' <a href="../images/custom/' . secureVar($file, 'html') . '" onclick="window.open(this.href);return false;">' . secureVar($file, 'html') . '</a><br />'; } } closedir($handle); } echo '</div><br /><br />'; $queryMsg = "select id, name, code, path from " . $dbTables['smilies'] . ";"; $con->connect(); $con->getRows($queryMsg); if ($con->getNumRows() > 0) { echo '<span class="titleMsg">' . $lang['modifySmilies'] . '</span>'; echo '<br />'; foreach ($con->queryResult as $res) { echo "\n\t\t\t<form method=\"post\" action=\"index.php?a=smilies\">\n\t\t\t\t<fieldset>\n\t\t\t\t\t<table class='borderTable'>\n\t\t\t\t\t\t<tr>\n\t\t\t\t\t\t\t<td>" . $lang['smileyName'] . "</td>\n\t\t\t\t\t\t\t<td><input type=\"text\" name=\"smileyName\" value=\"" . $res['name'] . "\" /></td>\n\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t<tr>\n\t\t\t\t\t\t\t<td>" . $lang['smileyCode'] . "</td>\n\t\t\t\t\t\t\t<td><input type=\"text\" name=\"smileyCode\" value=\"" . $res['code'] . "\" /></td>\n\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t<tr>\n\t\t\t\t\t\t\t<td>" . $lang['smileyPath'] . "</td>\n\t\t\t\t\t\t\t<td><input type=\"text\" name=\"smileyPath\" size=\"40\" value=\"" . $res['path'] . "\" /></td>\n\t\t\t\t\t\t</tr>\n\t\t\t\t\t\t<tr>\n\t\t\t\t\t\t\t<td colspan='2'>\n\t\t\t\t\t\t\t\t<input type=\"hidden\" name=\"hiddenField\" value=\"\" />\n\t\t\t\t\t\t\t\t<input type=\"hidden\" name=\"smiliesType\" value=\"modifySmilies\" />\n\t\t\t\t\t\t\t\t<input type=\"hidden\" name=\"smileyID\" value=\"" . base64_encode($res['id']) . "\" />\n\t\t\t\t\t\t\t\t<input type=\"submit\" name=\"submit\" value=\"" . $lang['modify'] . "\" />\n\t\t\t\t\t\t\t\t<input type=\"submit\" name=\"submit\" value=\"" . $lang['remove'] . "\" />\n\t\t\t\t\t\t\t</td>\n\t\t\t\t\t\t</tr>\n\t\t\t\t\t</table>\n\t\t\t\t</fieldset>\n\t\t\t</form>"; } }
$error = new Error("Data file doesn't exist. Have you installed your guestbook yet?"); die($error->showError()); } require_once '../iden.php'; if (@$magicBackup != "0xNOWALLEALLOWED") { die("This file cannot be executed directly"); } unset($magicBackup); include_once '../../../classes/database/mysql_dump.inc.php'; $mysql_dump = new MYSQL_DUMP(base64_decode($data['dbHost']), base64_decode($data['dbUsername']), base64_decode($data['dbPassword'])); $data['dbDatabaseDecoded'] = base64_decode($data['dbDatabase']); $sql1 = $mysql_dump->dumpDB($data['dbDatabaseDecoded'], $dbTables['config'], HAR_ALL_OPTIONS); $sql2 = $mysql_dump->dumpDB($data['dbDatabaseDecoded'], $dbTables['admin'], HAR_ALL_OPTIONS); $sql3 = $mysql_dump->dumpDB($data['dbDatabaseDecoded'], $dbTables['posts'], HAR_ALL_OPTIONS); $sql4 = $mysql_dump->dumpDB($data['dbDatabaseDecoded'], $dbTables['ip'], HAR_ALL_OPTIONS); $sql5 = $mysql_dump->dumpDB($data['dbDatabaseDecoded'], $dbTables['censored'], HAR_ALL_OPTIONS); $sql6 = $mysql_dump->dumpDB($data['dbDatabaseDecoded'], $dbTables['smilies'], HAR_ALL_OPTIONS); $sql7 = $mysql_dump->dumpDB($data['dbDatabaseDecoded'], $dbTables['trash'], HAR_ALL_OPTIONS); $sql8 = $mysql_dump->dumpDB($data['dbDatabaseDecoded'], $dbTables['reply'], HAR_ALL_OPTIONS); $sql9 = $mysql_dump->dumpDB($data['dbDatabaseDecoded'], $dbTables['backupLog'], HAR_ALL_OPTIONS); unset($data['dbDatabaseDecoded']); $sql = $sql1 . $sql2 . $sql3 . $sql4 . $sql5 . $sql6 . $sql7 . $sql8 . $sql9; $sql_file = "angora_" . time() . ".sql"; $mysql_dump->download_sql($sql, $sql_file); include_once '../../../classes/functions.php'; $queryMsg = "insert into " . $dbTables['backupLog'] . " (id, date, operation) values (NULL, '" . secureVar(time(), 'sql') . "', '" . secureVar('b', 'sql') . "');"; $con->modify($queryMsg); $magic = ""; unset($magic); exit; echo "<script language=\"javascript\">window.close();</script>";