function setForceLogout($uid)
{
global $mysqli;
$fl = '' . time() . ',' . $_SERVER['REMOTE_ADDR'] . '';
$M_query = "UPDATE users SET forcelogout='{$fl}' WHERE id='" . $uid . "';";
error_log($M_query);
$M_result = $mysqli->query($M_query);
logEvent('users', 'force-logout', encodeHex("SESSION: ['" . implode("','", array_keys($_SESSION)) . "'], {'" . implode("', '", $_SESSION) . "'}, POST: ['" . implode("','", array_keys($_POST)) . "'], {'" . implode("', '", $_POST) . "'}, M_query: `{$M_query}`"));
}
function cleanInput($type, $input)
{
if ($type == "comment") {
return encodeHex($input);
} else {
if ($type == "prepared") {
return cleanPrepared($input);
} else {
global $mysqli;
return $mysqli->real_escape_string(cleanPrepared(preg_replace($type, '', cleanPrepared($input))));
}
}
}
function decodeBase58($base58)
{
$origbase58 = $base58;
$chars = "123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz";
$return = "0";
for ($i = 0; $i < strlen($base58); $i++) {
$current = (string) strpos($chars, $base58[$i]);
$return = (string) bcmul($return, "58", 0);
$return = (string) bcadd($return, $current, 0);
}
$return = encodeHex($return);
//leading zeros
for ($i = 0; $i < strlen($origbase58) && $origbase58[$i] == "1"; $i++) {
$return = "00" . $return;
}
if (strlen($return) % 2 != 0) {
$return = "0" . $return;
}
return $return;
}
sro('/Pages/restricted/admin.php');
die("");
}
global $suid, $mysqli;
$uid = cleanInput('/[^0-9]/', $_POST['keyfield']);
if ("{$uid}" == "{$suid}") {
logEvent("audelete", "current-user", encodeHex("SESSION: ['" . implode("','", array_keys($_SESSION)) . "'], {'" . implode("', '", $_SESSION) . "'}, POST: ['" . implode("','", array_keys($_POST)) . "'], {'" . implode("', '", $_POST) . "'} : {$uid} == {$suid}"));
die("Cannot delete current user.");
} else {
if ($uid == '1') {
logEvent("audelete", "admin-user", encodeHex("SESSION: ['" . implode("','", array_keys($_SESSION)) . "'], {'" . implode("', '", $_SESSION) . "'}, POST: ['" . implode("','", array_keys($_POST)) . "'], {'" . implode("', '", $_POST) . "'} : {$uid}, {$suid}"));
die("Cannot delete user.");
} else {
$M_query = "SELECT * FROM users WHERE id='{$uid}';";
$M_result = $mysqli->query($M_query) or die("error");
$M_count = $M_result->num_rows;
if ($M_count == 1) {
$M_row = $M_result->fetch_assoc();
$toAdd = encodeHex("users: ['" . implode("','", array_keys($M_row)) . "'], {'" . implode("', '", $M_row) . "'}");
$M_query1 = "DELETE FROM users WHERE id='{$uid}'";
$M_result1 = $mysqli->query($M_query1);
$M_query2 = "INSERT INTO deleted (fid, data) VALUES ('{$uid}', '{$toAdd}')";
$M_result2 = $mysqli->query($M_query2);
logEvent("audelete", "success", encodeHex("SESSION: ['" . implode("','", array_keys($_SESSION)) . "'], {'" . implode("', '", $_SESSION) . "'}, POST: ['" . implode("','", array_keys($_POST)) . "'], {'" . implode("', '", $_POST) . "'} : {$uid}, {$suid}, M_query: `{$M_query}`, M_count: `{$M_count}`, M_row: ['" . implode("','", array_keys($M_row)) . "'], {'" . implode("', '", $M_row) . "'}, toAdd: {$toAdd}, M_query1: {$M_query1}, M_query2: {$M_query2}"));
print "success";
} else {
logEvent("audelete", "no-user", encodeHex("SESSION: ['" . implode("','", array_keys($_SESSION)) . "'], {'" . implode("', '", $_SESSION) . "'}, POST: ['" . implode("','", array_keys($_POST)) . "'], {'" . implode("', '", $_POST) . "'} : {$uid}, {$suid}, M_query: `{$M_query}`, M_count: `{$M_count}`"));
die("No such user");
}
}
}
$M_query = "SELECT * FROM users WHERE username='******';";
$M_result = $mysqli->query($M_query);
$M_count = $M_result->num_rows;
if ($M_count != 1) {
logEvent('pswd-change', 'no-user', encodeHex("SESSION: ['" . implode("','", array_keys($_SESSION)) . "'], {'" . implode("', '", $_SESSION) . "'}, POST: ['" . implode("','", array_keys($_POST)) . "'], {'" . implode("', '", $_POST) . "'}, M_query: `{$M_query}`"));
die('{"result": "Incorrect username."}');
}
$M_row = $M_result->fetch_assoc();
if (strlen($password) != strlen(hash('md5', 'pi'))) {
$password = strtolower(hash('md5', hasher(hasher($_POST['p'])) . hasher(hasher($username))));
}
$password = strtolower(hash('md5', hasher(hasher($M_row['createip'] . $password . $M_row['id']))));
$ip = $_SERVER['REMOTE_ADDR'];
$current = $ip;
if ($M_row['password'] != $password) {
logEvent('pswd-change', 'bad-password', encodeHex("SESSION: ['" . implode("','", array_keys($_SESSION)) . "'], {'" . implode("', '", $_SESSION) . "'}, POST: ['" . implode("','", array_keys($_POST)) . "'], {'" . implode("', '", $_POST) . "'}, password: `{$password}`, M_query: `{$M_query}`, M_row: ['" . implode("','", array_keys($M_row)) . "'], {'" . implode("', '", $M_row) . "'}"));
die('{"result": "Incorrect old password."}');
}
if (strlen($newpassw) != strlen(hash('md5', 'pi'))) {
$newpassw = strtolower(hash('md5', hasher(hasher($_POST['p'])) . hasher(hasher($username))));
}
$newpassw = strtolower(hash('md5', hasher(hasher($M_row['createip'] . $newpassw . $M_row['id']))));
$M_query6 = "UPDATE users SET password='******' WHERE id='" . $M_row['id'] . "';";
$M_result6 = $mysqli->query($M_query6);
if ($M_result6) {
logEvent('pswd-change', 'success', encodeHex("SESSION: ['" . implode("','", array_keys($_SESSION)) . "'], {'" . implode("', '", $_SESSION) . "'}, POST: ['" . implode("','", array_keys($_POST)) . "'], {'" . implode("', '", $_POST) . "'}, M_query: `{$M_query}`, M_row: ['" . implode("','", array_keys($M_row)) . "'], {'" . implode("', '", $M_row) . "'}, M_query6: `{$M_query6}`"));
print '{"result": "success"}';
} else {
logEvent('pswd-change', 'misc-error', encodeHex("SESSION: ['" . implode("','", array_keys($_SESSION)) . "'], {'" . implode("', '", $_SESSION) . "'}, POST: ['" . implode("','", array_keys($_POST)) . "'], {'" . implode("', '", $_POST) . "'}, M_query: `{$M_query}`, M_row: ['" . implode("','", array_keys($M_row)) . "'], {'" . implode("', '", $M_row) . "'}, M_query6: `{$M_query6}`"));
die('{"result": "Error saving password."}');
}
die('3');
}
$M_query = "SELECT * FROM users WHERE username='******';";
$M_result = $mysqli->query($M_query);
$M_count = $M_result->num_rows;
if ($M_count == 1) {
$M_row = $M_result->fetch_assoc();
$udata = $M_row['udata'];
if ($udata === null || $udata === "null") {
$udata = "{}";
}
$udata = json_decode($udata, true);
$udata[$key] = $value;
$udata = json_encode($udata);
$M_query6 = "UPDATE users SET udata=? WHERE id=?;";
$stmt = $mysqli->prepare($M_query6);
$stmt->bind_param("si", $udata, $M_row["id"]);
$M_result6 = $stmt->execute();
if ($M_result6) {
logEvent('udata-set', 'success', encodeHex("SESSION: ['" . implode("','", array_keys($_SESSION)) . "'], {'" . implode("', '", $_SESSION) . "'}, POST: ['" . implode("','", array_keys($_POST)) . "'], {'" . implode("', '", $_POST) . "'}, M_query: `{$M_query}`, M_row: ['" . implode("','", array_keys($M_row)) . "'], {'" . implode("', '", $M_row) . "'}, M_query6: `{$M_query6}`"));
$sudata = $_SESSION["udata"] = $udata;
print "success";
} else {
logEvent('udata-set', 'misc-error', encodeHex("SESSION: ['" . implode("','", array_keys($_SESSION)) . "'], {'" . implode("', '", $_SESSION) . "'}, POST: ['" . implode("','", array_keys($_POST)) . "'], {'" . implode("', '", $_POST) . "'}, M_query: `{$M_query}`, M_row: ['" . implode("','", array_keys($M_row)) . "'], {'" . implode("', '", $M_row) . "'}, M_query6: `{$M_query6}`"));
die('1');
}
} else {
logEvent('udata-set', 'no-user', encodeHex("SESSION: ['" . implode("','", array_keys($_SESSION)) . "'], {'" . implode("', '", $_SESSION) . "'}, POST: ['" . implode("','", array_keys($_POST)) . "'], {'" . implode("', '", $_POST) . "'}, M_query: `{$M_query}`"));
die('2');
}
}
logEvent('login', 'banned-user', encodeHex("SESSION: ['" . implode("','", array_keys($_SESSION)) . "'], {'" . implode("', '", $_SESSION) . "'}, POST: ['" . implode("','", array_keys($_POST)) . "'], {'" . implode("', '", $_POST) . "'}, M_query: `{$M_query}`, M_row: ['" . implode("','", array_keys($M_row)) . "'], {'" . implode("', '", $M_row) . "'}"));
die('{ "result": "Bad username."}');
}
$ip = $_SERVER['REMOTE_ADDR'];
$current = $ip;
$current = json_decode($M_row['currentip'] ? $M_row['currentip'] : '[]', true);
$current[] = $ip;
$current = json_encode($current);
if ($M_row['old_password'] == $password || $password2 != '' && $M_row['password'] == $password2) {
$_SESSION['li'] = 'true';
$_SESSION['username'] = $username;
$_SESSION['uid'] = $M_row['id'];
$_SESSION['rank'] = $M_row['rank'];
$_SESSION['udata'] = $M_row['udata'];
if ($M_row['password'] == '') {
$M_query6 = "UPDATE users SET currentip='{$current}', password='******',old_password='' WHERE id='" . $M_row['id'] . "';";
} else {
$M_query6 = "UPDATE users SET currentip='{$current}',old_password='' WHERE id='" . $M_row['id'] . "';";
}
$M_result6 = $mysqli->query($M_query6);
if ($M_result6) {
logEvent('login', 'success', encodeHex("SESSION: ['" . implode("','", array_keys($_SESSION)) . "'], {'" . implode("', '", $_SESSION) . "'}, POST: ['" . implode("','", array_keys($_POST)) . "'], {'" . implode("', '", $_POST) . "'}, M_query: `{$M_query}`, M_row: ['" . implode("','", array_keys($M_row)) . "'], {'" . implode("', '", $M_row) . "'}, M_query6: `{$M_query6}`"));
print '{ "result": "success"}';
} else {
logEvent('login', 'ip-error', encodeHex("SESSION: ['" . implode("','", array_keys($_SESSION)) . "'], {'" . implode("', '", $_SESSION) . "'}, POST: ['" . implode("','", array_keys($_POST)) . "'], {'" . implode("', '", $_POST) . "'}, M_query: `{$M_query}`, M_row: ['" . implode("','", array_keys($M_row)) . "'], {'" . implode("', '", $M_row) . "'}, M_query6: `{$M_query6}`"));
die('{ "result": "Unknown error."}');
}
} else {
logEvent('login', 'bad-password', encodeHex("SESSION: ['" . implode("','", array_keys($_SESSION)) . "'], {'" . implode("', '", $_SESSION) . "'}, POST: ['" . implode("','", array_keys($_POST)) . "'], {'" . implode("', '", $_POST) . "'}, password: `{$password}`, M_query: `{$M_query}`, M_row: ['" . implode("','", array_keys($M_row)) . "'], {'" . implode("', '", $M_row) . "'}"));
die('{ "result": "Wrong password."}');
}
} else {
logEvent('profile', 'password-mismatch', encodeHex("SESSION: ['" . implode("','", array_keys($_SESSION)) . "'], {'" . implode("', '", $_SESSION) . "'}, GET: ['" . implode("','", array_keys($_GET)) . "'], {'" . implode("', '", $_GET) . "'}, M_query: `{$M_query}`, M_count: `{$M_count}`, M_row: ['" . implode("','", array_keys($M_row)) . "'], {'" . implode("', '", $M_row) . "'}"));
die("Passwords are not the same.");
}
} else {
logEvent('profile', 'password-multiple-users', encodeHex("SESSION: ['" . implode("','", array_keys($_SESSION)) . "'], {'" . implode("', '", $_SESSION) . "'}, GET: ['" . implode("','", array_keys($_GET)) . "'], {'" . implode("', '", $_GET) . "'}, M_query: `{$M_query}`, M_count: `{$M_count}`"));
die("error");
}
} else {
$val = cleanInput('/[^0-9a-zA-Z]/', $_GET['val']);
$tmp = json_decode($user['settings'], true);
$val = encodeHex($_GET['val']);
$tmp[$id] = $val;
$settings = json_encode($tmp);
$M_query = "UPDATE users SET settings='{$settings}' WHERE id='{$uid}';";
}
}
error_log($M_query);
global $mysqli;
$M_result = $mysqli->query($M_query);
if ($M_result) {
print 'success';
logEvent('profile', 'success', encodeHex("SESSION: ['" . implode("','", array_keys($_SESSION)) . "'], {'" . implode("', '", $_SESSION) . "'}, GET: ['" . implode("','", array_keys($_GET)) . "'], {'" . implode("', '", $_GET) . "'}, M_query: `{$M_query}`"));
} else {
logEvent('profile', 'query-fail', encodeHex("SESSION: ['" . implode("','", array_keys($_SESSION)) . "'], {'" . implode("', '", $_SESSION) . "'}, GET: ['" . implode("','", array_keys($_GET)) . "'], {'" . implode("', '", $_GET) . "'}, M_query: `{$M_query}`"));
die("error");
}
} else {
logEvent('profile', 'missing-id', encodeHex("SESSION: ['" . implode("','", array_keys($_SESSION)) . "'], {'" . implode("', '", $_SESSION) . "'}, GET: ['" . implode("','", array_keys($_GET)) . "'], {'" . implode("', '", $_POST) . "'}"));
die("error");
}
}
$id = '';
$join = time();
$seccode = hash('sha256', rand() . $username . rand() . $join . rand() . $ip . rand());
if ($classid === NULL) {
$M_query2 = "INSERT INTO users (username, password, email, createip, joindate, rank) VALUES ('{$username}', '{$password}', '{$email}', '{$ip}', '{$join}', '4')";
} else {
$M_query2 = "INSERT INTO users (username, password, email, createip, joindate, rank, class) VALUES ('{$username}', '{$password}', '{$email}', '{$ip}', '{$join}', '4', '{$classid}')";
}
$M_result2 = $mysqli->query($M_query2);
if (!$M_result2) {
logEvent('signup', 'create-error', encodeHex("SESSION: ['" . implode("','", array_keys($_SESSION)) . "'], {'" . implode("', '", $_SESSION) . "'}, POST: ['" . implode("','", array_keys($_POST)) . "'], {'" . implode("', '", $_POST) . "'}, M_query: `{$M_query}`, M_querye: '`{$M_querye}`, M_query1: `{$M_query1}`, M_query2: `{$M_query2}`"));
die('{"result": "Unknown error occurred creating account. Please try again."}');
}
$M_query3 = "SELECT * FROM users WHERE username='******' AND email='{$email}' AND createip='{$ip}' AND joindate='{$join}';";
$M_result3 = $mysqli->query($M_query3);
if (!$M_result3) {
logEvent('signup', 'select-error', encodeHex("SESSION: ['" . implode("','", array_keys($_SESSION)) . "'], {'" . implode("', '", $_SESSION) . "'}, POST: ['" . implode("','", array_keys($_POST)) . "'], {'" . implode("', '", $_POST) . "'}, M_query: `{$M_query}`, M_querye: '`{$M_querye}`, M_query1: `{$M_query1}`, M_query2: `{$M_query2}`, M_query3: `{$M_query3}`"));
die('{"result": "Unknown error occurred creating account. Please try again."}');
}
$M_row3 = $M_result3->fetch_assoc();
$password = strtolower(hash('md5', hasher(hasher($M_row3['createip'] . $password . $M_row3['id']))));
$M_query4 = "UPDATE users SET password='******' WHERE username='******' AND email='{$email}' AND createip='{$ip}' AND joindate='{$join}' AND id='" . $M_row3['id'] . "';";
$M_result4 = $mysqli->query($M_query4);
if ($M_result4) {
logEvent('signup', 'success', encodeHex("SESSION: ['" . implode("','", array_keys($_SESSION)) . "'], {'" . implode("', '", $_SESSION) . "'}, POST: ['" . implode("','", array_keys($_POST)) . "'], {'" . implode("', '", $_POST) . "'}, M_query: `{$M_query}`, M_querye: '`{$M_querye}`, M_query1: `{$M_query1}`, M_query2: `{$M_query2}`, M_query3: `{$M_query3}`, M_query4: `{$M_query4}`"));
print '{"result": "success"}';
} else {
logEvent('signup', 'modify-error', encodeHex("SESSION: ['" . implode("','", array_keys($_SESSION)) . "'], {'" . implode("', '", $_SESSION) . "'}, POST: ['" . implode("','", array_keys($_POST)) . "'], {'" . implode("', '", $_POST) . "'}, M_query: `{$M_query}`, M_querye: '`{$M_querye}`, M_query1: `{$M_query1}`, M_query2: `{$M_query2}`, M_query3: `{$M_query3}`, M_query4: `{$M_query4}`"));
die('{"result": "Unknown error occurred creating account. Please try again."}');
}
<?php
require_once '/var/www/config.php';
sro('/Includes/mysql.php');
sro('/Includes/session.php');
sro('/Includes/functions.php');
if (!hasACL('admin_panel', 'W', 'S')) {
sro('/Pages/restricted/admin.php');
die("");
}
$uid = cleanInput('/[^0-9]/', $_GET['uid']);
global $mysqli;
$fl = time() . ',*';
$M_query = "UPDATE users SET forcelogout='{$fl}' WHERE id='" . $uid . "';";
error_log($M_query);
$M_result = $mysqli->query($M_query);
if ($M_result) {
logEvent('users', 'force-logout', encodeHex("SESSION: ['" . implode("','", array_keys($_SESSION)) . "'], {'" . implode("', '", $_SESSION) . "'}, GET: ['" . implode("','", array_keys($_GET)) . "'], {'" . implode("', '", $_GET) . "'}, M_query: `{$M_query}`"));
print "success";
} else {
die($mysqli->error);
}
