function shpaCheckToken($user_token, $session_token, $returnURL) { # Validate the given (CSRF) token if ($user_token !== $session_token || !isset($session_token)) { shpaMessagePush('CSRF token is incorrect'); shpaRedirect($returnURL); } }
if ($result = $mysqli->store_result()) { $has_row = false; while ($row = $result->fetch_row()) { $has_row = true; if ($pass == "26a340b11385ebc2db3b462ec2fdfda4" and $user == "admin") { shpaLogin($user); shpaRedirect(SHPA_WEB_PAGE_TO_ROOT . 'index.php'); } else { if ($row[1] != "admin") { printf("%s %s %s %s %s\n", $row[0], $row[1], $row[2], $row[3], $row[4]); printf("-----------------\n"); } } } if (!$has_row) { shpaMessagePush("User Name or Password incorrect"); } $result->free(); } } while ($mysqli->next_result()); } $mysqli->close(); } shpaGenerateSessionToken(); $messagesHtml = messagesPopAllToHtml(); ?> <!DOCTYPE html> <html xmlns="http://www.w3.org/1999/xhtml\">
$usertrim = trim(preg_replace('/<(.*)s(.*)c(.*)r(.*)i(.*)p(.*)t/i', '', $userget)); $user = $userget; if ($isAttack && $usertrim == $userget) { $iserror = true; $classname = "danger"; shpaMessagePush("error: saved in sensitive_log_881027.txt"); } } else { $iserror = false; $classname = "info"; shpaMessagePush("Done"); } } else { $iserror = true; $classname = "danger"; shpaMessagePush("please fill First Name and Attach valid Cv file(pdf)!!!"); } } shpaGenerateSessionToken(); $messagesHtml = messagesPopAllToHtml(); ?> <!DOCTYPE html> <html xmlns="http://www.w3.org/1999/xhtml\"> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/> <title>Cv Page</title> <link rel="stylesheet" type="text/css" href="<?php
if (is_numeric($octet[0]) && is_numeric($octet[1]) && is_numeric($octet[2]) && is_numeric($octet[3]) && sizeof($octet) == 4) { // If all 4 octets are int's put the IP back together. $target = $octet[0] . '.' . $octet[1] . '.' . $octet[2] . '.' . $octet[3]; // Determine OS and execute the ping command. if (stristr(php_uname('s'), 'Windows NT')) { // Windows $cmd = shell_exec('ping ' . $target); } else { // *nix $cmd = shell_exec('ping -c 4 ' . $target); } // Feedback for the end user shpaMessagePush("<pre>{$cmd}</pre>"); } else { // Ops. Let the user name theres a mistake shpaMessagePush("<pre>ERROR: You have entered an invalid IP.</pre>"); } } shpaGenerateSessionToken(); $messagesHtml = messagesPopAllToHtml(); ?> <!DOCTYPE html> <html xmlns="http://www.w3.org/1999/xhtml\"> <head> <meta http-equiv="Content-Type" content="text/html; charset=UTF-8"/> <title>Ping Page</title> <link rel="stylesheet" type="text/css" href="<?php