function __construct($option = null, $state = 'off') { global $smarty; switch ($state) { case 1: case 'on': ob_start(); switch ($option) { case 'os': os_info(); break; case 'browser': browser_info(); break; case 'session': session_info(); break; case 'server': server_info(); break; case 'request': request_info(); break; case 'class': class_info(); break; case 'includes': includes_info(); break; case 'mail': mail_info(); break; case 'system': default: system_info(); break; } $output = ob_get_clean(); $smarty->assign('output', $output); $smarty->display(DEBUG_PATH . 'debug.phtml'); break; case 0: case 'off': default: break; } }
default: switch ($action) { case 1: logout(); break; case 2: config_form(); break; case 3: download(); break; case 4: view(); break; case 5: server_info(); break; case 6: execute_cmd(); break; case 7: edit_file_form(); break; case 8: chmod_form(); break; case 9: shell_form(); break; case 10: upload_form();
function systable($seconds) { global $s_systable, $s_login; list($family, $version) = server_info($s_login['server']); define('SERVER_FAMILY', $family); define('SERVER_VERSION', $version); $s_systable['refresh'] = $seconds; if ($seconds != 0) { $systable = get_systable($s_systable); $html = get_systable_html($systable, $s_systable); } else { $html = ''; } globalize_session_vars(); return jsrsArrayToString(array($html), $delim = '~'); }
/** * Affichage de la page de sélection de liste ou insertion du select de choix de liste dans * le coin inférieur gauche de l'administration * * @param integer $auth_type * @param boolean $display * @param string $jump_to * * @access public * @return void */ function build_listbox($auth_type, $display = true, $jump_to = '') { global $admindata, $auth, $session, $lang; $tmp_box = ''; $liste_id_ary = $auth->check_auth($auth_type); if (empty($jump_to)) { $jump_to = './' . htmlspecialchars(basename(server_info('PHP_SELF'))); $query_string = server_info('QUERY_STRING'); if ($query_string != '') { $jump_to .= '?' . htmlspecialchars($query_string); } } foreach ($auth->listdata as $liste_id => $data) { if (in_array($liste_id, $liste_id_ary)) { $selected = $admindata['session_liste'] == $liste_id ? ' selected="selected"' : ''; $tmp_box .= sprintf("<option value=\"%d\"%s>%s</option>\n\t", $liste_id, $selected, cut_str($data['liste_name'], 30)); } } if ($tmp_box == '') { if ($display) { $message = $lang['Message']['No_liste_exists']; if ($admindata['admin_level'] == ADMIN) { $message .= '<br /><br />' . sprintf($lang['Click_create_liste'], '<a href="' . sessid('./view.php?mode=liste&action=add') . '">', '</a>'); } $this->message($message); } return ''; } $list_box = '<select id="liste" name="liste">'; if (!$display) { $list_box .= '<option value="0">' . $lang['Choice_liste'] . '</option>'; } $list_box .= $tmp_box . '</select>'; $this->addHiddenField('sessid', $session->session_id); if ($display) { $this->page_header(); $this->set_filenames(array('body' => 'select_liste_body.tpl')); $this->assign_vars(array('L_TITLE' => $lang['Title']['select'], 'L_SELECT_LISTE' => $lang['Choice_liste'], 'L_VALID_BUTTON' => $lang['Button']['valid'], 'LISTE_BOX' => $list_box, 'S_HIDDEN_FIELDS' => $this->getHiddenFields(), 'U_FORM' => sessid($jump_to))); $this->pparse('body'); $this->page_footer(); } else { $this->set_filenames(array('list_box_body' => 'list_box.tpl')); $this->assign_vars(array('L_VIEW_LIST' => $lang['View_liste'], 'L_BUTTON_GO' => $lang['Button']['go'], 'S_LISTBOX' => $list_box, 'S_HIDDEN_FIELDS' => $this->getHiddenFields(), 'U_LISTBOX' => sessid($jump_to))); $this->assign_var_from_handle('LISTBOX', 'list_box_body'); } }
// connecting the database, the handle is used as a global variable, // the connection is closed in inc/script_end.inc.php if ($s_connected == TRUE && !isset($_GET['unconnected'])) { $dbhandle = db_connect(); if ($dbhandle === FALSE) { $ib_error = fbird_errmsg(); $s_connected = FALSE; $s_tables_valid = FALSE; $s_wt['table'] = ''; } if (empty($s_charsets)) { $s_charsets = get_charsets(); } } // determine server family and version list($family, $version) = server_info($s_login['server']); define('SERVER_FAMILY', $family); define('SERVER_VERSION', $version); if ($s_binpath != BINPATH) { // check the availabillity of the isql binary if (!is_dir(BINPATH) || !is_file(BINPATH . 'isql') && !is_file(BINPATH . 'isql.exe')) { $warning = sprintf($WARNINGS['BAD_ISQLPATH'], BINPATH); } // check if TMPPATH is an existing, writeable directory if (!is_dir(TMPPATH) || !is_writeable(TMPPATH)) { $warning .= sprintf($WARNINGS['BAD_TMPPATH'], TMPPATH); } $s_binpath = BINPATH; } if (DEBUG_HTML) { ob_start();
/** * Intialisation de la classe, récupération de l'ip .. * * @return void */ function session() { global $nl_config; // // Récupération de l'IP // $client_ip = server_info('REMOTE_ADDR'); $proxy_ip = server_info('HTTP_X_FORWARDED_FOR'); if (empty($client_ip)) { $client_ip = '127.0.0.1'; } if (preg_match('/^\\d+\\.\\d+\\.\\d+\\.\\d+/', $proxy_ip, $match)) { $private_ip = $match[0]; /* * Liens utiles sur les différentes plages d'ip : * * @link http://www.commentcamarche.net/internet/ip.php3 * @link http://www.usenet-fr.net/fur/comp/reseaux/masques.html */ // // Liste d'ip non valides // $pattern_ip = array(); $pattern_ip[] = '/^0\\..*/'; // Réseau 0 n'existe pas $pattern_ip[] = '/^127\\.0\\.0\\.1/'; // ip locale // Plages d'ip spécifiques à l'intranet $pattern_ip[] = '/^10\\..*/'; $pattern_ip[] = '/^172\\.1[6-9]\\..*/'; $pattern_ip[] = '/^172\\.2[0-9]\\..*/'; $pattern_ip[] = '/^172\\.3[0-1]\\..*/'; $pattern_ip[] = '/^192\\.168\\..*/'; // Plage d'adresse de classe D réservée pour les flux multicast et de classe E, non utilisée $pattern_ip[] = '/^22[4-9]\\..*/'; $pattern_ip[] = '/^2[3-5][0-9]\\..*/'; $client_ip = preg_replace($pattern_ip, $client_ip, $private_ip); } $this->user_ip = $this->encode_ip($client_ip); preg_match('/^http(s)?:\\/\\/(.*?)\\/?$/i', $nl_config['urlsite'], $match); $this->cfg_cookie['cookie_name'] = $nl_config['cookie_name']; $this->cfg_cookie['cookie_path'] = $nl_config['cookie_path']; $this->cfg_cookie['cookie_domain'] = ''; //$match[2]; $this->cfg_cookie['cookie_secure'] = !empty($match[1]) ? 1 : 0; }
function system_info() { os_info(); browser_info(); session_info(); server_info(); request_info(); class_info(); includes_info(); mail_info(); }
// $session = new Session(); $admindata = $session->check($liste); load_settings($admindata); // //// End // if (!defined('IN_LOGIN')) { if (!$admindata) { $redirect = '?redirect=' . basename(server_info('PHP_SELF')); $redirect .= server_info('QUERY_STRING') != '' ? rawurlencode('?' . server_info('QUERY_STRING')) : ''; Location('login.php' . $redirect); } $auth = new Auth(); // // Si la liste en session n'existe pas, on met à jour la session // if (!isset($auth->listdata[$admindata['session_liste']])) { $admindata['session_liste'] = 0; $sql = "UPDATE " . SESSIONS_TABLE . "\n\t\t\tSET session_liste = 0 \n\t\t\tWHERE session_id = '" . $session->session_id . "' \n\t\t\t\tAND admin_id = " . $admindata['admin_id']; if (!$db->query($sql)) { trigger_error('Impossible de mettre à jour le session_liste', ERROR); } } if ($secure && strtoupper(server_info('REQUEST_METHOD')) == 'POST') { $sessid = !empty($_POST['sessid']) ? trim($_POST['sessid']) : ''; if ($session->new_session || $sessid != $session->session_id) { $output->message('Invalid_session'); } } }
if ($postsize = @ini_get('post_max_size')) { $postsize = get_integer_byte_value($postsize); if ($postsize < $upload_max_size) { $upload_max_size = $postsize; } } define('FILE_UPLOADS_ON', TRUE); define('MAX_FILE_SIZE', $upload_max_size); } else { define('FILE_UPLOADS_ON', FALSE); define('MAX_FILE_SIZE', 0); } // // Infos sur l'utilisateur // $user_agent = server_info('HTTP_USER_AGENT'); if ($user_agent != '') { if (stristr($user_agent, 'win')) { define('WA_USER_OS', 'win'); } else { if (stristr($user_agent, 'mac')) { define('WA_USER_OS', 'mac'); } else { if (stristr($user_agent, 'linux')) { define('WA_USER_OS', 'linux'); } else { define('WA_USER_OS', 'other'); } } } if (stristr($user_agent, 'opera')) {
/** * Location() * * Fonction de redirection du script avec url absolue, d'apr�s les * sp�cifications HTTP/1.1 * * @param string $url Url relative de redirection * * @return void */ function Location($url) { global $db, $output; if (function_exists('sessid') && defined('IN_ADMIN')) { $url = sessid($url); } // // On ferme la connexion � la base de donn�es, si elle existe // if (isset($db) && is_object($db)) { $db->close(); } $use_refresh = preg_match("#Microsoft|WebSTAR|Xitami#i", server_info('SERVER_SOFTWARE')); $absolute_url = make_script_url() . (defined('IN_ADMIN') ? 'admin/' : ''); $absolute_url .= unhtmlspecialchars($url); header(($use_refresh ? 'Refresh: 0; URL=' : 'Location: ') . $absolute_url); // // Si la fonction header() ne donne rien, on affiche une page de redirection // $message = '<p>If your browser doesn\'t support meta redirect, click <a href="' . $url . '">here</a> to go on next page.</p>'; $output->redirect($url, 0); $output->basic($message, 'Redirection'); }
} // +-------------------------------------------------- // | File Manager Actions // +-------------------------------------------------- if ($loggedon==$auth_pass){ switch ($frame){ case 1: break; // Empty Frame case 2: frame2(); break; case 3: frame3(); break; default: switch($action){ case 1: logout(); break; case 2: config_form(); break; case 3: download(); break; case 4: view(); break; case 5: server_info(); break; // case 6: execute(); break; case 7: edit_file_form(); break; case 8: chmod_form(); break; // case 9: shell_form(); break; case 10: upload_form(); break; default: frameset(); } } } else { if (isset($senha)) login(); else form_login(); } // +-------------------------------------------------- // | Config Class // +--------------------------------------------------