function isWriteable($canContinue, $file, $mode, $desc) { @chmod($file, $mode); $good = is_writable($file) ? 1 : 0; Message($desc . ' is writable: ', $good); return $canContinue && $good; }
function __construct() { global $db, $navid; if (empty($_SESSION["user"])) { Message("您没有登陆或者登陆超时", "login.php"); } $zs = $db->fetch_assoc("select UserID,UserName,UserLevel,EndTime from ##_user where UserName = '******'"); if (!is_array($zs)) { Message("您没有登陆或者登陆超时", "login.php"); } $this->uid = $zs["UserID"]; $this->UserLevel = $zs["UserLevel"]; $this->EndTime = $zs["EndTime"]; }
function MakeFont($fontfile, $enc = 'cp1252', $embed = true) { // Generate a font definition file if (get_magic_quotes_runtime()) { @set_magic_quotes_runtime(0); } ini_set('auto_detect_line_endings', '1'); if (!file_exists($fontfile)) { Error('Font file not found: ' . $fontfile); } $ext = strtolower(substr($fontfile, -3)); if ($ext == 'ttf' || $ext == 'otf') { $type = 'TrueType'; } elseif ($ext == 'pfb') { $type = 'Type1'; } else { Error('Unrecognized font file extension: ' . $ext); } $map = LoadMap($enc); if ($type == 'TrueType') { $info = GetInfoFromTrueType($fontfile, $embed, $map); } else { $info = GetInfoFromType1($fontfile, $embed, $map); } $basename = substr(basename($fontfile), 0, -4); if ($embed) { if (function_exists('gzcompress')) { $file = $basename . '.z'; SaveToFile($file, gzcompress($info['Data']), 'b'); $info['File'] = $file; Message('Font file compressed: ' . $file); } else { $info['File'] = basename($fontfile); Notice('Font file could not be compressed (zlib extension not available)'); } } MakeDefinitionFile($basename . '.php', $type, $enc, $embed, $map, $info); Message('Font definition file generated: ' . $basename . '.php'); }
echo Message("Invalid token."); $error = 1; } if ($user->lucky_hour == 1) { echo Message("You've already had a hit this lucky hour."); $error = 1; } if ($hitrows > 0) { echo Message("Someone have already won in this lucky hour."); $error = 1; } if ($error != 1) { $result = mysql_query("INSERT INTO `lucky_hour` (winner, pokemon)" . "VALUES ('{$uid}', '{$pokemon->name}')"); $user->money = $user->money + $newgold; $givehit = mysql_query("UPDATE `users` SET `money` = '{$user->money}' WHERE `id`='{$uid}'"); echo Message("\n\t\t\tYou got a lucky!<br> \n\t\t\tYou've won \$" . number_format($newgold) . "!<br> \n\t\t\tAND <br> \n\t\t\t<b>" . $pokemon->name . "</b><br>\n\t\t\t<b>Level: " . $level . "</b><br>\n\t\t\t<img src='/images/pokemon/" . $pokemon->name . ".png'>\n\t\t"); } $givehit = mysql_query("UPDATE `users` SET `lucky_hour` = '1' WHERE `id`='{$uid}'"); } if ($timeleft < 1 && $secondz < 1) { $newtime = 3600 + time(); $resethit = setConfigValue('lucky_hour', $newtime); $timeleft = howlongtila($newtime); $givehit = mysql_query("UPDATE `users` SET `lucky_hour` = '0'"); $resethitzz = mysql_query("DELETE FROM `lucky_hour`"); $secondz = 0; } ?> <br>
$exp_name = $fs["title"]; $exp_dir = $fs["dir"]; if ($fs["checked"] == "1") { $checked = "checked=\"checked\""; } else { $checked = ""; } $loopstr .= "<tr>\r\n\t\t\t<td><label for=\"{$exp_dir}\"><input id=\"{$exp_dir}\" name=\"{$exp_dir}\" class=\"yhmmm\" type=\"checkbox\" value=\"1\" {$checked} /><font size=\"+1\">{$exp_name}</font></label></td>"; } break; case "scan": $user = new user(); foreach ($_POST as $v => $k) { $arr["url"] = $url; $arr["status"] = 1; $arr["user"] = $_SESSION["user"]; $arr["report_id"] = $taskid; $fs = $db->query("select title from ##_exploit where dir='{$v}'"); if (mysql_num_rows($fs) == 0) { continue; } else { $arr["task"] = $v; $db->insert_into("##_task_list", $arr); setcookie("scan_url", $url, time() + 3600 * 24); unset($arr); } } Message("添加任务成功!", "index.php"); break; } include 'html/index.html';
private function show_message($tipo, $message) { require_once 'include/Message.php'; $this->show_all(); Message($tipo, $message); }
$GCount = $Points['TotalCount']; $GPoints = $Points['TotalPoint']; $QryInsertStats = "INSERT INTO {{table}} SET "; $QryInsertStats .= "`id_owner` = '" . $CurAlly['id'] . "', "; $QryInsertStats .= "`id_ally` = '0', "; $QryInsertStats .= "`stat_type` = '2', "; // 1 pour joueur , 2 pour alliance $QryInsertStats .= "`stat_code` = '1', "; // de 1 a 5 mis a jour de maniere automatique $QryInsertStats .= "`tech_points` = '" . $TTechPoints . "', "; $QryInsertStats .= "`tech_count` = '" . $TTechCount . "', "; $QryInsertStats .= "`tech_old_rank` = '" . $OldTechRank . "', "; $QryInsertStats .= "`build_points` = '" . $TBuildPoints . "', "; $QryInsertStats .= "`build_count` = '" . $TBuildCount . "', "; $QryInsertStats .= "`build_old_rank` = '" . $OldBuildRank . "', "; $QryInsertStats .= "`defs_points` = '" . $TDefsPoints . "', "; $QryInsertStats .= "`defs_count` = '" . $TDefsCount . "', "; $QryInsertStats .= "`defs_old_rank` = '" . $OldDefsRank . "', "; $QryInsertStats .= "`fleet_points` = '" . $TFleetPoints . "', "; $QryInsertStats .= "`fleet_count` = '" . $TFleetCount . "', "; $QryInsertStats .= "`fleet_old_rank` = '" . $OldFleetRank . "', "; $QryInsertStats .= "`total_points` = '" . $GPoints . "', "; $QryInsertStats .= "`total_count` = '" . $GCount . "', "; $QryInsertStats .= "`total_old_rank` = '" . $OldTotalRank . "', "; $QryInsertStats .= "`stat_date` = '" . $StatDate . "';"; doquery($QryInsertStats, 'statpoints'); } Message($lang['adm_done'], $lang['adm_stat_title']); } else { AdminMessage($lang['sys_noalloaw'], $lang['sys_noaccess']); }
function login() { global $db; $username = $_POST['username']; $password = $_POST['password']; //print_r($_POST); if (!empty($username) and !empty($password)) { $sql = "SELECT * FROM `user` where username='******' and passwd='{$password}'"; $results = $db->fetch_assoc($sql); $rows = $db->db_num_rows($sql); if ($rows > 0 and $results['status'] == 1) { $_SESSION['username'] = $results['username']; $_SESSION['r_ip'] = $_SERVER['REMOTE_ADDR']; $up_arr['lasttime'] = time(); $update = $db->update("user", $up_arr, "username='******'"); Message(" {$username} 登录成功! 正在跳转... ", "?m=index", 0, 3000); } else { if ($rows > 0 and $results['status'] == 0) { Message(" 账号被禁用,请联系管理员 ", "?m=login", 0, 3000); } } } }
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>[zeromail]フォームメール確認</title> <meta http-equiv="Content-Language" content="ja" /> <meta http-equiv="pragma" content="no-cache" /> <meta name="robots" content="noindex,nofollow" /> <meta http-equiv="Content-Style-Type" content="text/css" /> <meta http-equiv="Content-Script-Type" content="text/javascript" /> <link href="zeromail.css" rel="stylesheet" type="text/css" /> </head> <body> <div id="container"> <h1>ZeroMail ContactForm</h1> <h2>フォームメール確認</h2> <form action="zeromail.php" method="post" class="zeromail"> <p class="message"><?php Message(); //メッセージ ?> </p> <fieldset> <legend>Contact details</legend> <table summary="送信内容確認" id="confirm"> <?php ConfDisp(); //確認表示。行しか出ないのでtableタグ内に書く ?> </table> <div class="button"> <?php Button(); //ボタン表示。form内に置くこと。
<?php require_once dirname(__FILE__) . '/include/config.inc.php'; if ($_SESSION["user"] == 'x') { if ($_GET['do'] == 'update') { $key = md5(time()); $db->query("update ##_reg_key set reg_key='{$key}' where id=1"); Message("生成成功", "reg_key.php"); } $reg = $db->fetch_assoc("select reg_key from ##_reg_key where id=1"); $reg_key = $reg['reg_key']; $loopstr .= "<tr>\r\n\t\t\t\t<td align=center><span class=\"price\">{$reg_key}<span></td>\r\n\t\t\t\t<td align=center><a href=\"?do=update\">更新</a></td>"; include 'html/reg_key.html'; }
echo 'Exception: ' . $e->getMessage() . "\n"; exit(4); } } /* * MAIN */ $cmdinput = parseArgs($argv); if (isset($cmdinput['create'])) { $create = $cmdinput['create']; // no email sent with create argument default to scs if ($create == 1) { $create = '*****@*****.**'; } $sysid = newIncident($create); print "{$sysid}\n"; } elseif (isset($cmdinput['update']) && isset($cmdinput['attach'])) { $update = $cmdinput['update']; $payload = $cmdinput['attach']; Attachment($update, $payload); } elseif (isset($cmdinput['update']) && !isset($cmdinput['attach']) && isset($cmdinput['message'])) { $update = $cmdinput['update']; $message = $cmdinput['message']; Message($update, $message); } else { usage(); } exit(0); ?>
include '_header.php'; printHeader('50/50 Money game'); $uid = (int) $_SESSION['userid']; $user1 = mysql_query("SELECT * FROM `users` WHERE `id`='" . $_SESSION['userid'] . "'"); $user = mysql_fetch_object($user1); $_POST['multiple'] = abs((int) $_POST['multiple']); $_POST['bet_id'] = mysql_real_escape_string($_POST['bet_id']); $_POST['amount'] = abs((int) $_POST['amount']); $_POST['amount'] = mysql_real_escape_string($_POST['amount']); $minimum = $_POST['amount']; if ($_POST['multiple'] != "" && $_POST['multiple'] < 1) { echo Message("Invalid amount of multiple bets."); $error = 1; } if ($_POST['multiple'] != "" && $_POST['multiple'] > 5) { echo Message("Invalid amount of multiple bets."); $error = 1; } if ($_POST['takebet'] != "") { $_POST['bet_id'] = abs((int) $_POST['bet_id']); $result = mysql_query("SELECT * FROM `5050` WHERE `id`='" . $_POST['bet_id'] . "'"); $worked = mysql_fetch_array($result); $amount = $worked['money']; if ($worked['id'] < 1) { echo "Someone took that bet before you."; $error = 1; } if ($worked['money'] > 0) { if ($worked['uid'] == $user->id) { echo "You cannot take your own bet"; $error = 1;
<?php require_once dirname(__FILE__) . '/include/config.inc.php'; ini_set("session.cookie_httponly", 1); if (isset($_POST["submit"])) { $username = $_POST["userid"]; if (empty($username) || empty($_POST["pwd"])) { Message("请填写用户名和密码"); } $fs = $db->fetch_assoc("select UserID,IsLock,UserPwd from ##_user where UserName = '******'"); if (is_array($fs)) { $pwd = substr(md5($_POST["pwd"]), 4, 24); if ($pwd != $fs["UserPwd"]) { $db->query("update ##_user set LoginErrorNum = LoginErrorNum + 1 where UserID = {$fs["UserID"]}"); user::AddLog("登陆失败", 0, $fs["UserID"]); Message("您输入用户名或密码不正确,请重新输入"); } if ($fs["IsLock"] == 1) { Message("您的账号已被锁定"); } $db->query("update `##_user` SET `LastLoginTime` = '" . time() . "',`LastLoginIP`='" . ld_ipaddress() . "',`LoginTimes` = LoginTimes+1,LoginErrorNum=0 where UserID = {$fs["UserID"]}"); $_SESSION["user"] = $username; $user = new user(); $user->AddLog("登陆成功", 1); Message("登陆成功", "index.php"); } else { Message("您输入用户名或密码不正确,请重新输入"); } } include 'html/login.htm';
if (empty($username) || empty($_POST["pwd"]) || empty($_POST["telnum"])) { Message("请填写用户名和密码和联系手机"); } if (empty($_POST["regkey"])) { Message("请填写注册码,获取注册码请联系QQ:2376457928"); } if (!ld_is_mobile($telnum)) { Message("手机号码格式不正确"); } if ($db->checknumsql("select UserID from ##_user where UserName = '******'")) { Message("此用户名已经存在,请重新输入用户名"); } $reg = $db->fetch_assoc("select reg_key from ##_reg_key where id=1"); $reg_key = $reg['reg_key']; if ($reg_key != $_POST["regkey"]) { Message("注册码有误,获取注册码请联系QQ:2376457928"); } $pwd = substr(md5($_POST["pwd"]), 4, 24); $temptime = $cfg["reguserday"] * 86400; $arr["UserName"] = $username; $arr["UserPwd"] = $pwd; $arr["AddTime"] = time(); $arr["EndTime"] = time() + $temptime; $arr["UserLevel"] = $cfg["reguserlevel"]; $arr["telnum"] = $telnum; $db->insert_into("##_user", $arr); $key = md5(time()); $db->query("update regkey set reg_key='{$key}' where id=1"); echo "<script>alert('注册成功');window.top.location.href='index.php'</script>"; exit; }
#------------------------------------------------------------------------------- } else { #------------------------------------------------------------------------------- if (!@UnLink($File)) { Error(SPrintF('Не возможно удалить файл (%s)', $File)); } #------------------------------------------------------------------------------- } #------------------------------------------------------------------------------- } #------------------------------------------------------------------------------- } #------------------------------------------------------------------------------- //SetCookie('Email','*****@*****.**',Time() + 31536000,'/'); #------------------------------------------------------------------------------- Message('Завершение по установке выполнено'); #------------------------------------------------------------------------------- $__STEP_ID = 11; #------------------------------------------------------------------------------- } #------------------------------------------------------------------------------- } #------------------------------------------------------------------------------- } #------------------------------------------------------------------------------- #------------------------------------------------------------------------------- if (Count($__ERRORS)) { $__STEP_ID--; } #------------------------------------------------------------------------------- #-------------------------------------------------------------------------------
<?php /** * DelDeclaration.php * * @version 1.0 * @copyright 2008 By IGalaxy for XNova */ define('INSIDE', true); define('INSTALL', false); $xnova_root_path = './../'; include $xnova_root_path . 'extension.inc'; include $xnova_root_path . 'common.' . $phpEx; includeLang('overview'); extract($_GET); if (isset($delete)) { doquery("DELETE FROM {{table}} WHERE `declarator_name` = '" . $delete . "';", 'declared'); Message("Les déclarations de " . $delete . " ont été supprimées avec succè.<br><a href=\"declare_list.php\">Retour</a>."); } elseif ($deleteall == 'yes') { doquery("TRUNCATE TABLE {{table}}", 'declared'); }