private static function pdoErrors($e) { $c = __('Conection failed'); $c2 = __('Check your database configuration file'); switch ($e->getCode()) { case '0': trigger_error($c . ' :: ' . __('No conection parameters') . ' :: ' . $c2, E_USER_WARNING); break; case '2002': trigger_error($c . ' :: ' . __('Incorrect Host') . ' :: ' . $c2, E_USER_WARNING); break; case '1044': trigger_error($c . ' :: ' . __('Incorrect Username') . ' :: ' . $c2, E_USER_WARNING); break; case '1045': trigger_error($c . ' :: ' . __('Incorrect Password') . ' :: ' . $c2, E_USER_WARNING); break; case '1049': trigger_error($c . ' :: ' . __('Incorrect Database Name') . ' :: ' . $c2, E_USER_WARNING); break; case '42S02': $table = explode("'", $e->errorInfo[2]); trigger_error($c . ' :: ' . inject(__('Table %tablename% not found in database'), array('tablename' => '<strong>' . $table[1] . '</strong>')), E_USER_WARNING); break; case '42S22': $column = explode("'", $e->errorInfo[2]); trigger_error($c . ' :: ' . inject(__('Column %columnname% not found in database'), array('columnname' => '<strong>' . $column[1] . '</strong>')), E_USER_WARNING); break; default: trigger_error(__('SQL Error') . ' :: ' . $e->getMessage(), E_USER_WARNING); break; } }
public static function templateEdit() { extract(\Supernova\View::$values); $name = \Supernova\Core::$elements['controller']; $title = inject(__("Edit %name%: %item%"), array("name" => $name, "item" => ${$name})); $form = \Supernova\Form::create(array("model" => $name, "values" => ${$name})); $link = \Supernova\Helper::link(array("href" => \Supernova\Route::generateUrl(array("prefix" => \Supernova\Core::$elements['prefix'], "controller" => $name, "action" => "index")), "text" => __("<< Back"))); return "\n <h3>{$title}</h3>\n {$form}\n {$link}\n "; }
/** * Verifica si las dependencias necesarias estan cargadas en PHP */ public static function moduleCheck() { try { foreach (self::$dependences as $extension) { if (!extension_loaded($extension)) { throw new Exception($extension); } } } catch (Exception $e) { debug(inject(__('extension %1 not loaded'), array("%1" => $e->getMessage()))); \Supernova\View::callError(500); } }
function fullupdate() { $GLOBALS["FULL"] = true; $pidfile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".pid"; $unix = new unix(); $pid = @file_get_contents($pidfile); if ($unix->process_exists($pid, __FILE__)) { writelogsBLKS("Warning: Already running pid {$pid}", __FUNCTION__, __FILE__, __LINE__); return; } @file_put_contents($pidfile, getmypid()); update(); downloads(); inject(); }
function bf_check_user($username) { $log_ip = $_SERVER['REMOTE_ADDR']; $current = time(); $query = sprintf(BF_IP, $log_ip, $current - 300, $current); $result = execute_query($query, "check_user", 1, 0); $tentativas = $result->count(); while ($line = $result->fetch_row()) { if ($line[0] > $current) { return (int) (($line[0] - $current) / 60); } } $result->free(); if ($tentativas > 9) { $query = sprintf(BF_ADD, "Random Try", $log_ip, $current, $current + 600); $result = execute_query($query, "check_user", 1, 0); return (int) (600 / 60); } if (inject($username)) { return 0; } $query = sprintf(BF_USER, $username, $current - 300, $current); $result = execute_query($query, "check_user", 1, 0); $tentativas = $result->count(); while ($line = $result->fetch_row()) { if ($line[0] > $current) { return (int) (($line[0] - $current) / 60); } } $result->free(); if ($tentativas > 2) { $query = sprintf(BF_ADD, $username, $log_ip, $current, $current + 300); $result = execute_query($query, "check_user", 1, 0); return (int) (300 / 60); } return 0; }
} } } if (!empty($POST_opt)) { if ($POST_opt == 1 && isset($POST_frm_name) && !strcmp($POST_frm_name, "login")) { $bf_check = bf_check_user(trim($POST_username)); if ($bf_check > 0) { $msg = sprintf($lang['BLOCKED'], $bf_check); erro_de_login(); alert($msg); } if (empty($POST_username) || empty($POST_login_pass)) { erro_de_login(); alert($lang['INCORRECT_CHARACTER']); } if (inject($POST_username) || inject($POST_login_pass)) { erro_de_login(); bf_error(trim($POST_username)); alert($lang['INCORRECT_CHARACTER']); } $session = $_SESSION[$CONFIG_name . 'sessioncode']; if ($CONFIG_auth_image && function_exists("gd_info") && strtoupper($POST_code) != substr(strtoupper(md5("Mytext" . $session['login'])), 0, 6)) { erro_de_login(); bf_error(trim($POST_username)); alert($lang['INCORRECT_CODE']); } if (strlen($POST_username) > 23 || strlen($POST_username) < 4) { erro_de_login(); bf_error(trim($POST_username)); alert($lang['USERNAME_LENGTH']); }
an e-mail to cerescp@gmail.com */ session_start(); include_once 'config.php'; // loads config variables include_once 'query.php'; // imports queries include_once 'functions.php'; if (!empty($_SESSION[$CONFIG_name . 'account_id']) && $CONFIG_reset_enable) { if ($_SESSION[$CONFIG_name . 'account_id'] > 0) { if (!empty($GET_opt)) { if ($GET_opt == 1) { if (is_online()) { alert($lang['NEED_TO_LOGOUT_F']); } if (inject($GET_GID1)) { alert($lang['RESETLOOK_RESET_LOOK']); } if (isset($GET_equip) && $GET_equip > 0) { $query = sprintf(LOOK_EQUIP, $GET_GID1, $_SESSION[$CONFIG_name . 'account_id']); $result = execute_query($query, "resetlook.php"); $query = sprintf(LOOK_INVENTORY, $GET_GID1); $result = execute_query($query, "resetlook.php"); alert($lang['RESETLOOK_EQUIP_OK']); } if (isset($GET_hair_color) && $GET_hair_color > 0) { $query = sprintf(LOOK_HAIR_COLOR, $GET_GID1, $_SESSION[$CONFIG_name . 'account_id']); $result = execute_query($query, "resetlook.php"); alert($lang['RESETLOOK_HAIRC_OK']); } if (isset($GET_hair_style) && $GET_hair_style > 0) {
<?php session_start(); include_once 'config.php'; include_once 'functions.php'; if (!isset($_SESSION[$CONFIG['Name'] . 'member_id']) || $_SESSION[$CONFIG['Name'] . 'member_id'] <= 0) { redir("news.php", "main_div", "Debes estar logeado con tu cuenta de Miembro para accesar aca"); } if (!isset($_SESSION[$CONFIG['Name'] . 'account_id']) || $_SESSION[$CONFIG['Name'] . 'account_id'] <= 0) { redir("cuentas.php", "main_div", "Debes seleccionar una cuenta de juego para accesar aca."); } if (!empty($_GET['opt']) && $_GET['opt'] == 1 && !inject($_GET['thisip'])) { // Buscando Quien es por IP opentable("Quien es <b>" . $_GET['thisip'] . "</b> ?"); echo ' <center> <hr> | <span title="regresar..." style="cursor:pointer" onMouseOver="this.style.color=#FF3300" onMouseOut="this.style.color=#000000" onClick="return LINK_ajax(\'logaccesos.php\',\'main_div\');">Regresar al Registro</span> | <hr> </center> <table width="550"> <tr> <td align="center" colspan="5" class="head"><b>Por Registros de Ultimo Acceso:</b><br><br></td> </tr> <tr> <td align="left" class="head">Personaje</td> <td> </td> <td align="left" class="head">Clase</td> <td> </td> <td align="left" class="head">Acceso Final</td> </tr>
function ParseDirectory($path) { if (!is_dir($path)) { echo "{$path} No such directory\n"; return; } $sock = new sockets(); $unix = new unix(); $uuid = $unix->GetUniqueID(); if ($uuid == null) { echo "No uuid\n"; return; } $handle = opendir($path); $q = new mysql_squid_builder(); $f = false; while (false !== ($dir = readdir($handle))) { if ($dir == ".") { continue; } if ($dir == "..") { continue; } if (!is_file("{$path}/{$dir}/domains")) { echo "{$path}/{$dir}/domains no such file\n"; continue; } $category = sourceCategoryToArticaCategory($dir); if ($category == null) { echo "{$path}/{$dir}/domains no such category\n"; continue; } $table = "category_" . $q->category_transform_name($category); if (!$q->TABLE_EXISTS($table)) { echo "{$category} -> no such table {$table}\n"; continue; } inject($category, $table, "{$path}/{$dir}/domains"); } $tables = $q->LIST_TABLES_CATEGORIES(); while (list($table, $www) = each($tables)) { $sql = "SELECT COUNT(zmd5) as tcount FROM {$table} WHERE sended=0 and enabled=1"; $ligne = mysql_fetch_array($q->QUERY_SQL($sql)); $prefix = "INSERT IGNORE INTO categorize (zmd5 ,pattern,zDate,uuid,category) VALUES"; if ($ligne["tcount"] > 0) { echo "{$table} {$ligne["tcount"]} items to export\n"; $results = $q->QUERY_SQL("SELECT * FROM {$table} WHERE sended=0 and enabled=1"); while ($ligne2 = mysql_fetch_array($results, MYSQL_ASSOC)) { $f[] = "('{$ligne2["zmd5"]}','{$ligne2["pattern"]}','{$ligne2["zDate"]}','{$uuid}','{$ligne2["category"]}')"; $c++; if (count($f) > 3000) { $q->QUERY_SQL($prefix . @implode(",", $f)); if (!$q->ok) { echo $q->mysql_error . "\n"; return; } $f = array(); } } $q->QUERY_SQL("UPDATE {$table} SET sended=1 WHERE sended=0"); } } if (count($f) > 0) { $q->QUERY_SQL($prefix . @implode(",", $f)); $f = array(); } }
To contact any of the authors about special permissions send an e-mail to cerescp@gmail.com */ session_start(); include_once 'config.php'; // loads config variables include_once 'query.php'; // imports queries include_once 'adminquery.php'; include_once 'functions.php'; if (!isset($_SESSION[$CONFIG_name . 'level']) || $_SESSION[$CONFIG_name . 'level'] < $CONFIG['cp_admin']) { die("Not Authorized"); } if (isset($GET_frm_name) && isset($GET_id)) { if (notnumber($GET_id) || inject($GET_login) || inject($GET_password) || inject($GET_email)) { alert($lang['INCORRECT_CHARACTER']); } $query = sprintf(ACCOUNTS_SEARCH_ACCOUNT_ID, trim($GET_id)); $result = execute_query($query, 'adminaccedit.php'); if ($line = $result->fetch_row()) { if ($GET_sex != 'M' && $GET_sex != 'F') { $GET_sex = $line[2]; } if ($GET_level > 99 || $GET_level < 0) { $GET_level = $line[4]; } if ($_SESSION[$CONFIG_name . 'level'] <= $line[4] || $GET_level >= $_SESSION[$CONFIG_name . 'level'] && $_SESSION[$CONFIG_name . 'level'] != 99) { $GET_level = $line[4]; } $query = sprintf(ACCEDIT_UPDATE, $GET_login, $GET_password, $GET_sex, $GET_email, $GET_level, trim($GET_id));
include_once(dirname(__FILE__)."/ressources/class.dansguardian.inc"); include_once(dirname(__FILE__)."/ressources/class.squid.inc"); include_once(dirname(__FILE__)."/ressources/class.squidguard.inc"); include_once(dirname(__FILE__)."/ressources/class.mysql.inc"); include_once(dirname(__FILE__).'/framework/class.unix.inc'); include_once(dirname(__FILE__)."/framework/frame.class.inc"); if(posix_getuid()<>0){die("Cannot be used in web server mode\n\n");} if(count($argv)>0){ $imploded=implode(" ",$argv); if(preg_match("#--verbose#",$imploded)){$GLOBALS["VERBOSE"]=true;$GLOBALS["debug"]=true;ini_set_verbosed(); } if(preg_match("#--reload#",$imploded)){$GLOBALS["RELOAD"]=true;} if(preg_match("#--shalla#",$imploded)){$GLOBALS["SHALLA"]=true;} if(preg_match("#--catto=(.+?)\s+#",$imploded,$re)){$GLOBALS["CATTO"]=$re[1];} if($argv[1]=="--inject"){echo inject($argv[2],$argv[3]);exit;} if($argv[1]=="--conf"){echo conf();exit;} if($argv[1]=="--ufdbguard-compile"){echo UFDBGUARD_COMPILE_SINGLE_DB($argv[2]);exit;} if($argv[1]=="--ufdbguard-dbs"){echo UFDBGUARD_COMPILE_DB();exit;} if($argv[1]=="--ufdbguard-miss-dbs"){echo ufdbguard_recompile_missing_dbs();exit;} if($argv[1]=="--ufdbguard-recompile-dbs"){echo ufdbguard_recompile_dbs();exit;} if($argv[1]=="--ufdbguard-schedule"){ufdbguard_schedule();exit;} if($argv[1]=="--list-missdbs"){BuildMissingUfdBguardDBS(false,true);exit;} if($argv[1]=="--cron-compile"){cron_compile();exit;} if($argv[1]=="--ufdbguard-status"){print_r(UFDBGUARD_STATUS());exit;} }
<?php session_start(); include_once 'config.php'; include_once 'functions.php'; if (!empty($_GET['opt'])) { if (inject($_GET['buscar'])) { redir("lognames.php", "main_div", "Caracteres invalidos en el termino de Busqueda."); } $consulta = "\r\n\t\t\tSELECT\r\n\t\t\t\t`old_name`, `new_name`, `date`\r\n\t\t\tFROM\r\n\t\t\t\t`cp_nameslog`\r\n\t\t\tWHERE\r\n\t\t\t\t`old_name` LIKE '%" . $_GET['buscar'] . "%' OR `new_name` LIKE '%" . $_GET['buscar'] . "%'\r\n\t\t\tORDER BY\r\n\t\t\t\t`id` DESC\r\n\t\t\tLIMIT 50\r\n\t\t"; } else { $consulta = "\r\n\t\t\tSELECT\r\n\t\t\t\t`old_name`, `new_name`, `date`\r\n\t\t\tFROM\r\n\t\t\t\t`cp_nameslog`\r\n\t\t\tORDER BY\r\n\t\t\t\t`id` DESC\r\n\t\t\tLIMIT 50\r\n\t\t"; } $log = $mysql->query($consulta, $CONFIG['DBLogs']); opentable("Registro de Cambio de Nombres"); ?> <table width="550"> <tr> <td align="center" class="head"> Buscar en el Registro de Cambios </td> </tr> <tr> <td align="center"> <form id="busqueda" onsubmit="return GET_ajax('lognames.php','main_div','busqueda')"> <input type="text" name="buscar"maxlength="24" size="24" onKeyPress="return force(this.name,this.form.id,event);"> <input type="hidden" name="opt" value=1> <input type="submit" value="Buscar"> </form> </td>
include_once 'config.php'; // loads config variables include_once 'query.php'; // imports queries include_once 'functions.php'; include_once 'mail.php'; if (!$CONFIG_password_recover || $CONFIG_password_recover && $CONFIG_md5_pass) { redir("motd.php", "main_div", "Disabled"); } if (!empty($GET_opt)) { if ($GET_opt == 1 && isset($GET_frm_name) && !strcmp($GET_frm_name, "recover")) { $session = $_SESSION[$CONFIG_name . 'sessioncode']; if ($CONFIG_auth_image && function_exists("gd_info") && strtoupper($GET_code) != substr(strtoupper(md5("Mytext" . $session['recover'])), 0, 6)) { alert($lang['INCORRECT_CODE']); } if (inject($GET_email)) { alert($lang['INCORRECT_CHARACTER']); } $query = sprintf(RECOVER_PASSWORD, $GET_email); $result = execute_query($query, 'recover.php'); if (!$result->count()) { alert($lang['UNKNOWN_MAIL']); } for ($i = 0; $result->fetch_row(); $i++) { $accounts[$i][0] = $result->row[0]; $accounts[$i][1] = $result->row[1]; $accounts[$i][2] = $result->row[2]; } $answer = email($accounts); erro_de_login(1); redir("motd.php", "main_div", $answer);
} if (isset($_POST['opt']) && $_POST['opt'] == 1) { if (strlen($_POST['cpass']) < 6 || strlen($_POST['cpass']) > 23 || inject($_POST['cpass'])) { redir("password.php", "main_div", "La Clave Actual no es del largo correcto o contiene caracteres no permitidos.<br>Click aqui para volver a intentarlo."); } $result = $mysql->query("\r\n\t\t\tSELECT\r\n\t\t\t\t`user_pass`\r\n\t\t\tFROM\r\n\t\t\t\t`login`\r\n\t\t\tWHERE\r\n\t\t\t\t`account_id` = '" . $_SESSION[$CONFIG['Name'] . 'account_id'] . "' AND\r\n\t\t\t\t`member_id` = '" . $_SESSION[$CONFIG['Name'] . 'member_id'] . "'\r\n\t\t", $CONFIG['DBMain']); if (!($acc = $mysql->fetchrow($result))) { redir("cuentas.php", "main_div", "La Cuenta no corresponde a tu Membresia o hay problemas para obtener la informacion actual.<br>Click aqui para seleccionar la cuenta de nuevo."); } if (strcmp($acc[0], $_POST['cpass'])) { redir("password.php", "main_div", "La Clave que ingresate como Actual, no corresponde a la de la Cuenta.<br>Click aqui para volver a intentarlo."); } if (strlen($_POST['npass']) < 6 || strlen($_POST['npass']) > 23 || inject($_POST['npass'])) { redir("password.php", "main_div", "La Clave Nueva no es del largo correcto o contiene caracteres no permitidos.<br>Click aqui para volver a intentarlo."); } if (strlen($_POST['rpass']) < 6 || strlen($_POST['rpass']) > 23 || inject($_POST['rpass'])) { redir("password.php", "main_div", "La Confirmacion de Clave no es del largo correcto o contiene caracteres no permitidos.<br>Click aqui para volver a intentarlo."); } if (strcmp($_POST['npass'], $_POST['rpass'])) { redir("password.php", "main_div", "La Clave Nueva y la Confirmacion no son iguales. <br>Click aqui para volver a intentarlo."); } // Todo comprobado, Realizando el Cambio $mysql->query("\r\n\t\t\tUPDATE\r\n\t\t\t\t`login`\r\n\t\t\tSET\r\n\t\t\t\t`user_pass` = '" . $_POST['npass'] . "'\r\n\t\t\tWHERE\r\n\t\t\t\t`account_id` = '" . $_SESSION[$CONFIG['Name'] . 'account_id'] . "'\r\n\t\t", $CONFIG['DBMain']); redir("cuentas.php", "main_div", "Tu clave ha sido cambiada con Exito.<br>Click aqui para volver al menu de Cuentas."); } else { opentable("Cambio de Clave de Juego"); ?> <form id="changepass" onsubmit="return POST_ajax('password.php','main_div','changepass');"> <table width="550"> <tr> <td align="center" height="30" valign="middle">
alert($lang['PASSWORD_LENGTH_OLD']); } if (!strcmp($POST_password, $POST_username)) { // passwords e username iguais alert($lang['PASSWORD_REJECTED']); } if (strcmp($POST_password, $POST_confirm)) { alert($lang['PASSWORD_NOT_MATCH']); } if ($CONFIG_safe_pass && thepass(trim($POST_password))) { alert($lang['PASSWORD_REJECTED']); } if (strlen($POST_email) < 7 || !strstr($POST_email, '@') || !strstr($POST_email, '.')) { alert($lang['EMAIL_NEEDED']); } if (strlen($POST_birthdate) < 8 || inject($POST_birthday)) { alert($lang['INVALID_BIRTHDAY']); } $query = sprintf(CHECK_USERID, trim($POST_username)); $result = execute_query($query, 'account.php'); if ($result->count()) { alert($lang['USERNAME_IN_USE']); } if ($POST_sex) { $POST_sex = 'F'; } else { $POST_sex = 'M'; } if ($CONFIG_md5_pass) { $POST_password = md5($POST_password); }
session_start(); include_once 'config.php'; include_once 'functions.php'; if (!isset($_SESSION[$CONFIG['Name'] . 'member_id']) || $_SESSION[$CONFIG['Name'] . 'member_id'] <= 0) { redir("news.php", "main_div", "Debes estar logeado con tu cuenta de Miembro para accesar aca"); } if (isset($_POST['opt'])) { if ($_POST['opt'] == 1 && isset($_POST['frm_name']) && !strcmp($_POST['frm_name'], 'account')) { // Revisando Datos para creacion de Cuenta $userid = trim($_POST['userid']); $pass = trim($_POST['apass']); $sex = $_POST['sex']; if (strlen($userid) < 6 || strlen($userid) > 23 || inject($userid)) { redir("newaccount.php", "main_div", "El nombre de usuario es Invalido o tiene caracteres inapropiados.<br>Click aqui para continuar"); } if (strlen($pass) < 6 || strlen($pass) > 23 || inject($pass)) { redir("newaccount.php", "main_div", "La Clave es Invalido o tiene caracteres inapropiados.<br>Click aqui para continuar"); } if (strcmp($pass, trim($_POST['cpass']))) { redir("newaccount.php", "main_div", "Las Claves de Cuenta y Confirmacion no son iguales.<br>Click aqui para continuar"); } if (!strcmp($pass, $userid)) { redir("newaccount.php", "main_div", "La Clave no puede ser igual al Login.<br>Click aqui para continuar"); } $email = $_SESSION[$CONFIG['Name'] . 'email']; $member_id = $_SESSION[$CONFIG['Name'] . 'member_id']; $last_ip = $_SERVER['REMOTE_ADDR']; if ($mysql->countrows($mysql->query("SELECT `account_id` FROM `login` WHERE `userid` = '{$userid}'", $CONFIG['DBMain'])) > 0) { redir("newaccount.php", "main_div", "El Login ya esta en uso en la Base de Datos, utiliza otro.<br>Click aqui para continuar"); } $mysql->query("\r\n\t\t\t\tINSERT INTO `login`\r\n\t\t\t\t\t(`userid`, `user_pass`, `sex`, `email`, `last_ip`, `member_id`)\r\n\t\t\t\tVALUES\r\n\t\t\t\t\t('{$userid}', '{$pass}', '{$sex}', '{$email}', '{$last_ip}', '{$member_id}')\r\n\t\t\t", $CONFIG['DBMain']);
include_once 'config.php'; // loads config variables include_once 'query.php'; // imports queries include_once 'adminquery.php'; include_once 'functions.php'; if (!isset($_SESSION[$CONFIG_name . 'level']) || $_SESSION[$CONFIG_name . 'level'] < $CONFIG['cp_admin']) { die("Not Authorized"); } if (!isset($GET_frm_name) && !isset($GET_page)) { opentable("View Accounts"); echo "\r\n\t<form id=\"accounts\" onSubmit=\"return GET_ajax('adminaccounts.php','accounts_div','accounts');\">\r\n\t\t<table>\r\n\t\t\t<tr>\r\n\t\t\t\t<td>Search</td><td>\r\n\t\t\t\t<input type=\"text\" name=\"termo\" maxlength=\"23\" size=\"23\">\r\n\t\t\t\t<select name=\"tipo\">\r\n\t\t\t\t<option value=\"1\">account_id\r\n\t\t\t\t<option selected value=\"2\">login\r\n\t\t\t\t<option value=\"3\">email\r\n\t\t\t\t<option value=\"4\">IP\r\n\t\t\t\t</select></td><td>\r\n\t\t\t\t<input type=\"submit\" name=\"search\" value=\"search\"></td>\r\n\t\t\t\t<td><span title=\"Show All\" style=\"cursor:pointer\" onMouseOver=\"this.style.color='#FF3300'\" onMouseOut=\"this.style.color='#000000'\" onClick=\"return LINK_ajax('adminaccounts.php?page=0','accounts_div');\">Show All</span></td>\r\n\t\t\t</tr>\r\n\t\t</table>\r\n\t</form>\r\n\r\n\t<div id=\"accounts_div\" style=\"color:#000000\">"; $begin = 1; } if (isset($GET_tipo)) { if (inject($GET_tipo)) { alert($lang['INCORRECT_CHARACTER']); } if (strlen($GET_termo) < 3) { alert("Please type at least 3 chars"); } switch ($GET_tipo) { case 1: $query = sprintf(ACCOUNTS_SEARCH_ACCOUNT_ID, trim($GET_termo)); break; case 3: $query = sprintf(ACCOUNTS_SEARCH_EMAIL, trim($GET_termo)); break; case 4: $query = sprintf(ACCOUNTS_SEARCH_IP, trim($GET_termo)); break;
an e-mail to cerescp@gmail.com */ session_start(); include_once 'config.php'; // loads config variables include_once 'query.php'; // imports queries include_once 'functions.php'; if (!empty($_SESSION[$CONFIG_name . 'account_id'])) { if ($_SESSION[$CONFIG_name . 'account_id'] > 0) { if (!empty($POST_opt)) { if ($POST_opt == 1 && isset($POST_frm_name) && !strcmp($POST_frm_name, "password")) { if (strcmp($POST_newpass, $POST_confirm) != 0) { alert($lang['PASSWORD_NOT_MATCH']); } if (inject($POST_login_pass) || inject($POST_newpass)) { alert($lang['INCORRECT_CHARACTER']); } if (strlen($POST_login_pass) < 4 || strlen($POST_login_pass) > 23) { alert($lang['PASSWORD_LENGTH_OLD']); } if ($CONFIG_safe_pass && (strlen(trim($POST_newpass)) < 6 || strlen(trim($POST_newpass)) > 23)) { alert($lang['PASSWORD_LENGTH']); } if (strlen(trim($POST_newpass)) < 4 || strlen(trim($POST_newpass)) > 23) { alert($lang['PASSWORD_LENGTH_OLD']); } if ($CONFIG_safe_pass && thepass(trim($POST_newpass))) { alert($lang['PASSWORD_REJECTED']); } if ($CONFIG_md5_pass) {
an e-mail to cerescp@gmail.com */ session_start(); include_once 'config.php'; // loads config variables include_once 'query.php'; // imports queries include_once 'functions.php'; if (!empty($_SESSION[$CONFIG_name . 'account_id'])) { if ($_SESSION[$CONFIG_name . 'account_id'] > 0) { if (!empty($POST_opt)) { if ($POST_opt == 1 && isset($POST_frm_name) && !strcmp($POST_frm_name, "changemail")) { if (strlen($POST_email) < 7 || !strstr($POST_email, '@') || !strstr($POST_email, '.')) { alert($lang['CHANGEMAIL_MAIL_INVALID']); } if (inject($POST_email) || inject($POST_login_pass)) { alert($lang['INCORRECT_CHARACTER']); } if (strlen($POST_login_pass) < 4 || strlen($POST_login_pass) > 23) { alert($lang['PASSWORD_LENGTH_OLD']); } if ($CONFIG_md5_pass) { $POST_login_pass = md5($POST_login_pass); } $query = sprintf(CHANGE_EMAIL, $POST_email, $POST_login_pass, $_SESSION[$CONFIG_name . 'account_id']); $result = execute_query($query, 'changemail.php'); } } $query = sprintf(CHECK_EMAIL, $_SESSION[$CONFIG_name . 'account_id']); $result = execute_query($query, 'changemail.php'); $cemail = $result->fetch_row();
if (!isset($_SESSION[$CONFIG['Name'] . 'member_id']) || $_SESSION[$CONFIG['Name'] . 'member_id'] <= 0) { redir("news.php", "main_div", "Debes estar logeado con tu cuenta de Miembro para accesar aca"); } if (!isset($_SESSION[$CONFIG['Name'] . 'account_id']) || $_SESSION[$CONFIG['Name'] . 'account_id'] <= 0) { redir("cuentas.php", "main_div", "Primero selecciona una cuenta de juego para proceder.<br>Click aqui para seleccionar otra cuenta."); } $account_id = $_SESSION[$CONFIG['Name'] . 'account_id']; $cash_points = 0; if ($result = $mysql->fetchrow($mysql->query("SELECT `cash_points` FROM `login` WHERE `account_id` = '{$account_id}'", $CONFIG['DBMain']))) { $cash_points = $result[0]; } if (isset($_POST['opt']) && $_POST['opt'] == 1) { if (strlen($_POST['reference']) < 1 || strlen($_POST['reference']) > 40 || inject($_POST['reference'])) { redir("donate.php", "main_div", "Error en el Numero de Referencia (caracteres invalidos o largo incorrecto)<br>Click aqui para volver a intentar."); } if (strlen($_POST['place']) < 1 || strlen($_POST['place']) > 40 || inject($_POST['place'])) { redir("donate.php", "main_div", "Error en el Lugar de Deposito (caracteres invalidos o largo incorrecto)<br>Click aqui para volver a intentar."); } if (!isset($_POST['amount']) || notnumber($_POST['amount']) || $_POST['amount'] <= 0) { redir("donate.php", "main_div", "Valor incorrecto de Monto<br>Click aqui para volver a intentar."); } if (!isset($_POST['moneda']) || notnumber($_POST['moneda']) || $_POST['moneda'] < 0 || $_POST['moneda'] > 2) { redir("donate.php", "main_div", "Valor incorrecto de Moneda<br>Click aqui para volver a intentar."); } // Reportando $mysql->query("\r\n\t\t\tINSERT INTO `cp_donatives`\r\n\t\t\t\t(`reference`, `amount`, `coin`, `place`, `status`, `account_id`, `date`, `nombre`, `email`)\r\n\t\t\tVALUES\r\n\t\t\t\t('" . $_POST['reference'] . "', '" . $_POST['amount'] . "', '" . $_POST['moneda'] . "', '" . $_POST['place'] . "', '0', '{$account_id}', NOW(), '" . $_SESSION[$CONFIG['Name'] . 'nombre'] . "', '" . $_SESSION[$CONFIG['Name'] . 'email'] . "')\r\n\t\t", $CONFIG['DBLogs']); redir("donate.php", "main_div", "Tu donativo ha sido reportado, cuando el Staff lo confirme, sera trasladado a tu Fondo de Cuenta.<br>Click aqui para ver los donativos."); } opentable("Reporte de Donativos de Miembro"); ?> <table width="550">
/** * * * @param int $position */ public function show($region = 'content', $position = 0, $where = 0) { $position ? inject($region, $this->render(), $position, $where) : append($region, $this->render()); }
<td align="center" height="20" valign="top"> <input type="text" name="code" maxlength="6" size="6" onkeypress="return force(this.name, this.form.id, event);"> </td> </tr> <tr> <td align="center" height="30" valign="middle"> <input type="submit" value="Solicitar Clave"> </td> </tr> </table> </form> <?php } else { $email = trim($_POST['email']); $code = $_POST['code']; if (inject($email) || strlen($email) < 7 || !strstr($_POST['email'], '@')) { // Email invalido ?> <b><font color="Red" size="2">Dirección de Correo con Caracteres no Válidos!!</font></b> </td> </tr> <tr> <td align="center" valign="middle" height="60"> La dirección de correo que ingresaste, o bien no es válida o tiene caracteres inapropiados para la seguridad del servidor.<br> Regresa e intentalo de nuevo en <span title="Recuperar clave de Miembro" style="cursor:pointer" onMouseOver="this.style.color='#0000FF'" onMouseOut="this.style.color='#0000FF'" onClick="LINK_ajax('recover.php','main_div');"></b>Recuperar Clave</b></span>. <?php } elseif (strtoupper($code) != substr(strtoupper(md5("Gaiaro" . $_SESSION[$CONFIG['Name'] . 'securitycode'])), 0, 6)) { // Codigo de Seguridad Diferente ?> <b><font color="Red" size="2">Código de Seguridad no concuerda!!</font></b> </td>
include_once 'functions.php'; if (!isset($_SESSION[$CONFIG['Name'] . 'member_id']) || $_SESSION[$CONFIG['Name'] . 'member_id'] <= 0) { redir("news.php", "main_div", "Debes estar logeado con tu cuenta de Miembro para accesar aca"); } if (isset($_POST['opt']) && $_POST['opt'] == 1) { // Cambiando contraseƱa if (strlen($_POST['cpass']) < 6 || strlen($_POST['cpass']) > 40 || inject($_POST['cpass'])) { redir("editmember.php", "main_div", "Valor invalido en el campo de clave actual.<br>Intenta nuevamente."); } if (!($result = $mysql->fetcharray($mysql->query("SELECT `mpass` FROM `members` WHERE `member_id` = '" . $_SESSION[$CONFIG['Name'] . 'member_id'] . "'", $CONFIG['DBMain'])))) { redir("editmember.php", "main_div", "Problema en la Base de Datos, intente de nuevo.<br>Intenta nuevamente."); } if (strcmp($result['mpass'], $_POST['cpass'])) { redir("editmember.php", "main_div", "La clave actual no coincide con la de tu cuenta!!.<br>Intenta nuevamente."); } if (strlen($_POST['npass']) < 6 || strlen($_POST['npass']) > 40 || inject($_POST['npass'])) { redir("editmember.php", "main_div", "Valor invalido en el campo de clave nueva.<br>Intenta nuevamente."); } if (strcmp($_POST['npass'], $_POST['rpass'])) { redir("editmember.php", "main_div", "La clave nueva no coincide con la verificacion!!.<br>Intenta nuevamente."); } $mysql->query("UPDATE `members` SET `mpass` = '" . $_POST['npass'] . "' WHERE `member_id` = '" . $_SESSION[$CONFIG['Name'] . 'member_id'] . "'", $CONFIG['DBMain']); // E-Mail to Member $asunto = 'Evangelis Ragnarok - Cambio de Clave Membresia'; $message = ""; $message .= "Este mensaje es para notificarle que su cuenta ha cambiado de Clave.\n\n"; $message .= "La nueva clave es : " . $_POST['npass'] . ".\n\n\n"; $message .= "Servidor Evangelis Ragnarok.\n"; $message .= "High Rates Premium.\n"; sendmail($_SESSION[$CONFIG['Name'] . 'email'], $asunto, $message); redir("cuentas.php", "main_div", "La Clave de Membresia ha sido cambiada con exito!!.<br>Clic aqui para seleccionar una Cuenta.");
public function test_inject_with_arity_3() { assert_equal(25, inject(array(1, 2, 3, 4, 5), 0, function ($m, $k, $v) { return $m + $k + $v; })); }
if (preg_match("#--verbose#", $imploded)) { $GLOBALS["VERBOSE"] = true; $GLOBALS["debug"] = true; ini_set_verbosed(); } if (preg_match("#--reload#", $imploded)) { $GLOBALS["RELOAD"] = true; } if (preg_match("#--shalla#", $imploded)) { $GLOBALS["SHALLA"] = true; } if (preg_match("#--catto=(.+?)\\s+#", $imploded, $re)) { $GLOBALS["CATTO"] = $re[1]; } if ($argv[1] == "--inject") { echo inject($argv[2], $argv[3]); exit; } if ($argv[1] == "--conf") { echo conf(); exit; } if ($argv[1] == "--ufdbguard-compile") { echo UFDBGUARD_COMPILE_SINGLE_DB($argv[2]); exit; } if ($argv[1] == "--ufdbguard-dbs") { echo UFDBGUARD_COMPILE_DB(); exit; } if ($argv[1] == "--ufdbguard-miss-dbs") {
/** * Show */ public function show($region = NULL, $position = 0, $where = 0) { !$region && ($region = $this->options && is_string($this->options->render) ? $this->options->render : 'content'); $position ? inject($region, $this->render(), $position, $where) : append($region, $this->render()); }
<?php session_start(); include_once 'config.php'; include_once 'functions.php'; if (!isset($_SESSION[$CONFIG['Name'] . 'member_id']) || $_SESSION[$CONFIG['Name'] . 'member_id'] <= 0) { redir("news.php", "main_div", "Debes estar logeado con tu cuenta de Miembro para accesar aca"); } if (isset($_GET['acc'])) { if (!inject($_GET['acc']) && strlen($_GET['acc']) > 0) { // Verificacion si el userid corresponde al MemberID $userid = $_GET['acc']; $member_id = $_SESSION[$CONFIG['Name'] . 'member_id']; if ($account = $mysql->fetcharray($mysql->query("\r\n\t\t\t\tSELECT\r\n\t\t\t\t\t`account_id`, `level`, `userid`, `sex`\r\n\t\t\t\tFROM\r\n\t\t\t\t\t`login`\r\n\t\t\t\tWHERE\r\n\t\t\t\t\tBINARY `userid` = '{$userid}' AND `state` <> '5' AND `member_id` = '{$member_id}'\r\n\t\t\t", $CONFIG['DBMain']))) { $_SESSION[$CONFIG['Name'] . 'account_id'] = $account['account_id']; $_SESSION[$CONFIG['Name'] . 'userid'] = $userid; $_SESSION[$CONFIG['Name'] . 'level'] = $account['level']; $_SESSION[$CONFIG['Name'] . 'sex'] = $account['sex']; $_SESSION[$CONFIG['Name'] . 'tradelog'] = 0; $_SESSION[$CONFIG['Name'] . 'trades'] = array(); echo ' <script type="text/javascript"> LINK_ajax(\'login.php\',\'login_div\'); load_menu(); </script> '; } } } opentable("Mis Cuentas de Jugador"); ?>
} if ($CONFIG_max_accounts) { $query = sprintf(MAX_ACCOUNTS); $result = execute_query($query, 'account.php'); $maxaccounts = $result->fetch_row(); if ($maxaccounts[0] >= $CONFIG_max_accounts) { redir("motd.php", "main_div", $lang['ACCOUNT_MAX_REACHED']); } } if (isset($POST_opt)) { if ($POST_opt == 1 && isset($POST_frm_name) && !strcmp($POST_frm_name, "account")) { $session = $_SESSION[$CONFIG_name . 'sessioncode']; if ($CONFIG_auth_image && function_exists("gd_info") && strtoupper($POST_code) != substr(strtoupper(md5("Mytext" . $session['account'])), 0, 6)) { alert($lang['INCORRECT_CODE']); } if (inject($POST_username) || inject($POST_password) || inject($POST_email)) { alert($lang['INCORRECT_CHARACTER']); } if (strlen(trim($POST_username)) < 4 || strlen(trim($POST_username)) > 23) { alert($lang['USERNAME_LENGTH']); } if ($CONFIG_safe_pass && (strlen(trim($POST_password)) < 6 || strlen(trim($POST_password)) > 23)) { alert($lang['PASSWORD_LENGTH']); } if (strlen(trim($POST_password)) < 4 || strlen(trim($POST_password)) > 23) { alert($lang['PASSWORD_LENGTH_OLD']); } if (!strcmp($POST_password, $POST_username)) { // passwords e username iguais alert($lang['PASSWORD_REJECTED']); }
an e-mail to cerescp@gmail.com */ session_start(); include_once 'config.php'; // loads config variables include_once 'query.php'; // imports queries include_once 'functions.php'; if (!empty($_SESSION[$CONFIG_name . 'account_id'])) { if ($_SESSION[$CONFIG_name . 'account_id'] > 0) { if (!empty($GET_opt)) { if ($GET_opt == 1 && $CONFIG_marry_enable) { if (is_online()) { alert($lang['NEED_TO_LOGOUT_F']); } if (inject($GET_GID1) && inject($GET_GID2)) { alert($lang['INCORRECT_CHARACTER']); } if (isset($GET_divorce) && $GET_divorce > 0) { $query = sprintf(PARTNER_ONLINE, $GET_GID2); $result = execute_query($query, "marriage.php"); if ($result->fetch_row()) { alert($lang['MARRIAGE_COUPLE_OFF']); } $query = sprintf(PARTNER_NULL, $GET_GID1); $result = execute_query($query, "marriage.php"); $query = sprintf(PARTNER_NULL, $GET_GID2); $result = execute_query($query, "marriage.php"); $query = sprintf(PARTNER_RING, $GET_GID1); $result = execute_query($query, "marriage.php"); $query = sprintf(PARTNER_RING, $GET_GID2);
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. To contact any of the authors about special permissions send an e-mail to cerescp@gmail.com */ include_once 'config.php'; // loads config variables $load = "English.php"; if (isset($GET_lang)) { $load = $GET_lang . ".php"; } else { if (isset($_COOKIE['language'])) { $load = $_COOKIE['language'] . ".php"; } else { if (isset($CONFIG_language)) { $load = $CONFIG_language . ".php"; } } } if (!is_file("./language/" . $load) || strpos($load, "..") !== false || inject($load)) { $load = "English.php"; } include $load; while (list($key, $val) = each($lang)) { $lang[$key] = htmlentities($val); }