echo 'Unable to delete file'; } } else { echo 'File does not exist'; } } elseif (isset($_REQUEST['action']) && $_REQUEST['action'] == 'backuprestore') { checkacl('restoreb'); include $config['path'] . '/includes/backuprestore.php'; } elseif (isset($_REQUEST['action']) && $_REQUEST['action'] == 'logout') { session_unset(); session_destroy(); logevent('User ' . $_SESSION['user'] . ' logged out', 'activity'); header('Location: index.php'); } elseif (isset($_REQUEST['action']) && $_REQUEST['action'] == 'runbackup' && isset($_REQUEST['id']) && is_md5($_REQUEST['id'])) { checkacl('backnow'); logevent('User ' . $_SESSION['user'] . ' ran backup job manually', 'activity'); //making sure backup job is not terminated ignore_user_abort(true); set_time_limit(0); echo 'Backup task has been started, please do not close this window <pre>'; echo shell_exec(escapeshellcmd('php ' . $config['path'] . '/cron.php ' . $_REQUEST['id'])); echo '</pre>'; } elseif (isset($_REQUEST['action']) && $_REQUEST['action'] == 'activitylogs') { checkacl('alog'); $smarty->display($config['path'] . '/templates/header.tpl'); echo '<h4>Activity Logs</h4>'; $activitylogs = json_decode(file_get_contents($config['path'] . '/db/db-activitylog.json'), true); $activitylogs = array_reverse($activitylogs); echo '<table class="table table-bordered table-striped">'; echo '<tr><th>Data</th><th>Time</th><th>IP</th></tr>'; foreach ($activitylogs as $i => $log) {
@mysql_close($link); exit; } elseif (isset($killbutton)) { $result = mysql_query("SELECT email FROM users WHERE id={$id}", $link); if (mysql_numrows($result) == 1) { list($email) = mysql_result($result, 0); $arr = explode(",", $email); for ($i = 0; $i < count($arr); $i++) { $result = mysql_query("DELETE FROM mail WHERE rcpt='" . addslashes($arr[$i]) . "'", $link); } } $result = mysql_query("SELECT login FROM users WHERE id={$id}", $link); $login = mysql_result($result, 0, "login"); $result = mysql_query("DELETE FROM site WHERE u_id={$id}", $link); $result = mysql_query("DELETE FROM users WHERE id={$id}", $link); logevent("Удалил пользователя {$login}:{$id}."); Header("Location: index.php"); @mysql_close($link); exit; } // if ( false ) { // Header("Location: index.php"); // @mysql_close($link); // exit; // } // else { // if (isset($loginhidden)) {$login=$loginhidden;}; // $result = mysql_query("SELECT * FROM users WHERE id=$id", $link); // if ( mysql_numrows($result) == "0" ) // { // echo "$loginhidden not found";
$cipher = new Crypt_AES(CRYPT_AES_MODE_ECB); $cipher->setKey($backupjob['encryptionkey']); file_put_contents($config['path'] . '/files/' . $argv[1] . '.decrypted', $cipher->decrypt(file_get_contents($config['path'] . '/files/' . $argv[1]))); echo 'Transferring the file' . PHP_EOL; echo $sftp->put($argv[1], $config['path'] . '/files/' . $argv[1] . '.decrypted', NET_SFTP_LOCAL_FILE); unlink($config['path'] . '/files/' . $argv[1] . '.decrypted'); } else { echo 'Transferring the file' . PHP_EOL; echo $sftp->put($argv[1], $config['path'] . '/files/' . $argv[1], NET_SFTP_LOCAL_FILE); } $ctid = explode('vzdump-', trim($argv[1])); $ctid = explode('.tgz', $ctid[1]); echo $ssh->exec(escapeshellcmd('vzctl stop ' . $ctid[0])); echo $ssh->exec(escapeshellcmd('vzctl destroy ' . $ctid[0])); if (strpos($verifyproxmox, 'pve') !== false) { echo 'ProxMox detected, using vzrestore' . PHP_EOL; echo $ssh->exec(escapeshellcmd('vzrestore /' . $argv[1] . ' ' . $ctid[0])); } else { echo 'Standard OpenVZ detected, using vzdump restore' . PHP_EOL; echo $ssh->exec(escapeshellcmd('vzdump --restore /' . $argv[1] . ' ' . $ctid[0])); } echo $ssh->exec(escapeshellcmd('vzctl start ' . $ctid[0])); echo $ssh->exec(escapeshellcmd('rm -f /' . $argv[1])); } elseif ($backupjob['type'] == 'cpanel') { echo 'CDP.me does not support automatic cPanel backup restores at this moment, however you may download and restore the backup manually.' . PHP_EOL; } else { die('Backup type not found'); } echo 'Success! Backup restored.' . PHP_EOL; logevent('User restored backup', 'activity');
} $backups[count($backups)] = array('id' => $backupjob['id'], 'file' => $filename, 'size' => filesize($config['path'] . '/files/' . $filename), 'time' => $cpstarttime); file_put_contents($config['path'] . '/db/db-backups.json', json_encode($backups)); } else { $log .= 'Backup failed'; exitcron(); } } else { $log .= 'Backup type not valid' . PHP_EOL; exitcron(); } $timetaken = time() - $starttime; $log .= 'Backup completed in ' . $timetaken . ' seconds.' . PHP_EOL; if (isset($backupjob['expiry'])) { $backups = json_decode(file_get_contents($config['path'] . '/db/db-backups.json'), true); $log .= 'Processing backup auto-delete' . PHP_EOL; $expirecutofftime = time() - 86400 * $backupjob['expiry']; foreach ($backups as $backupkey => $backup) { if ($backup['id'] == $backupjob['id'] && $backup['time'] < $expirecutofftime) { if (file_exists($config['path'] . '/files/' . $backup['file']) && unlink($config['path'] . '/files/' . $backup['file'])) { unset($backups[$backupkey]); $log .= 'Successfully removed ' . $backup['file'] . PHP_EOL; } else { $log .= 'Error removing ' . $backup['file'] . PHP_EOL; } } } file_put_contents($config['path'] . '/db/db-backups.json', json_encode($backups)); } logevent('Backup for ' . $backupserver['host'] . ' completed.', 'backup'); exitcron();
} elseif ($type == "edit") { # ------------- Нажата кнопка "Сохранить" ---------------- if (isset($savebutton)) { $login = stripslashes(trim($_GET['nick'])); $group = addslashes(stripslashes(trim($_GET['group']))); $loginhidden = addslashes(stripslashes(trim($_GET['loginhidden']))); # ------{ критичный кусок: необходимы проверки, как при создании пользователя $result = mysql_query("UPDATE admins SET descr='" . addslashes($descr) . "', login='******' WHERE login='******'", $link); logevent("modify SA {$login}, {$descr})"); Header("Location: index.php?type=edit&login={$login}"); @mysql_close($link); exit; # ------конец критичного куска } } elseif (isset($deletebutton)) { $result = mysql_query("DELETE FROM admins WHERE login='******'", $link); logevent("delete SA {$login}"); Header("Location: index.php"); @mysql_close($link); exit; } if (false) { Header("Location: index.php"); @mysql_close($link); exit; } else { $result = mysql_query("SELECT * FROM {$group} WHERE login='******'", $link); if (mysql_numrows($result) == 0) { Header("Location: index.php"); @mysql_close($link); exit; }
// de-registers users for the event $sql = 'DELETE FROM lookup_users_events WHERE eventID = :eventID'; $s = $pdo->prepare($sql); $s->bindValue(':eventID', $_POST['id']); $s->execute(); // removes duty roster items for this event $sql = 'DELETE FROM duty_roster WHERE eventID = :eventID'; $s = $pdo->prepare($sql); $s->bindValue(':eventID', $_POST['id']); $s->execute(); // delete the event $sql = 'DELETE FROM events WHERE id = :id'; $s = $pdo->prepare($sql); $s->bindValue(':id', $_POST['id']); $s->execute(); logevent($user_info['id'], $_POST['id'], 'deleted event'); // display confirmation $title = "Event Deleted"; $longdesc = 'You have successfully deleted an event, de-registered users from that event, and deleted all duty roster items for that event.'; include '/home/simpleco/demo2/app/pages_eventadmin/confirmation.inc.html.php'; exit; } /* * ----------------------------------------------------------------------------- DEFAULT */ header("Location: ." . '?view_events'); exit;
exit; } /* * checks to see if user has required role */ if (!userHasRole(6)) { $title = 'Unauthorized User'; $longdesc = "You do not have permission to access this part of the site."; include $siteroot . 'demo2/app/pages_storeadmin/confirmation.inc.html.php'; exit; } /* * responds to logout attempt */ if (isset($_GET['logout'])) { logevent($user_info['id'], NULL, 'logout'); unset($_SESSION['loggedIn']); unset($_SESSION['email']); unset($_SESSION['password']); $longdesc = "You are now logged out."; include $siteroot . 'demo2/app/pages_storeadmin/confirmation.inc.html.php'; exit; } /* * -------------------------------------------------------------------- * | * store | * | * -------------------------------------------------------------------- */ // view items
$title = 'Please Log In'; $longdesc = "You need to log in to comment on an event."; include $siteroot . 'demo2/app/pages_public/confirmation.inc.html.php'; exit; } } // get the user's id from the email stored in session $userID = userID($_SESSION['email']); // get the event id from the post data $eventID = $_POST['id']; // sanitize the comment $comment = html($_POST['comment']); // create the comment shoutboxComment($eventID, $userID, $comment); // log the action logevent($userID, $eventID, 'created comment'); // display confirmation $title = "Comment Added"; $longdesc = "Your comment was successfully created."; include $siteroot . 'demo2/app/pages_public/confirmation.inc.html.php'; exit; } ////////////////////////////////////////////////////////////////////////// // con store ////////////////////////////////////////////////////////////////////////// // show store if (isset($_GET['constore'])) { $sql = 'SELECT * FROM store_categories'; $s = $pdo->query($sql); $categories = $s->fetchall(PDO::FETCH_ASSOC); include $siteroot . 'demo2/app/pages_public/store.inc.html.php';
if (!isset($_REQUEST['encryptionkey'])) { $_REQUEST['encryptionkey'] = null; } $backupjobs[count($backupjobs)] = array('id' => $id, 'source' => $_REQUEST['source'], 'directory' => $_REQUEST['directory'], 'expiry' => $_REQUEST['expiry'], 'encryption' => $_REQUEST['encryption'], 'encryptionkey' => $_REQUEST['encryptionkey'], 'type' => $_REQUEST['type']); file_put_contents($config['path'] . '/db/db-backupjobs.json', json_encode($backupjobs)); logevent('User ' . $_SESSION['user'] . ' added backup job', 'activity'); header('Location: index.php?action=backupjobs&created=true&id=' . $id); } elseif ($_REQUEST['backupjob'] == 'remove' && isset($_REQUEST['id'])) { checkacl('deljob'); foreach ($backupjobs as $key => $backupjob) { if ($backupjob['id'] == $_REQUEST['id']) { unset($backupjobs[$key]); } } file_put_contents($config['path'] . '/db/db-backupjobs.json', json_encode($backupjobs)); logevent('User ' . $_SESSION['user'] . ' removed backup job', 'activity'); header('Location: index.php?action=backupjobs'); } } else { $fileservers = array(); $sqlservers = array(); $cpanelservers = array(); foreach ($backupservers as $backupserver) { if ($backupserver['authtype'] == 'password' || $backupserver['authtype'] == 'key') { $fileservers[count($fileservers)] = $backupserver; } elseif ($backupserver['authtype'] == 'mysql') { $sqlservers[count($sqlservers)] = $backupserver; } elseif ($backupserver['authtype'] == 'cpanel') { $cpanelservers[count($cpanelservers)] = $backupserver; } }
// email admin a backup if (isset($_POST['action']) and $_POST['action'] == 'backup') { // create a backup of the mysql database backupDatabase(); // zip up the csv files $source = $siteroot . 'public_html/demo2/temp/'; $destination = $siteroot . 'public_html/demo2/temp/backup.zip'; Zip($source, $destination); // email the backup file $address = "*****@*****.**"; $subject = "Database Backup"; $body = 'A backup of the convention database is attached to this email.'; $attachment = $siteroot . 'public_html/demo2/temp/backup.zip'; require $siteroot . 'demo2/app/includes_php/send_mail.php'; // get the user id and log the event logevent($user_info['id'], NULL, 'created backup'); // delete the local backup files deleteBackup(); // display confirmation $title = "Backup Complete"; $longdesc = 'A backup file has been sent.'; include $siteroot . 'demo2/app/pages_admin/confirmation.inc.html.php'; exit; } ////////////////////////////////////////////////////////////////////////// // advertising ////////////////////////////////////////////////////////////////////////// // show advertising page if (isset($_GET['advertising'])) { $sql = 'SELECT ads_on FROM static_con_info';
$users[$userkey]['password'] = md5($_REQUEST['password']); } } } file_put_contents($config['path'] . '/db/db-users.json', json_encode($users)); logevent('User ' . $_SESSION['user'] . ' edited user ' . $_REQUEST['username'], 'activity'); header('Location: index.php?action=users'); } elseif ($_REQUEST['users'] == 'remove' && isset($_REQUEST['id'])) { checkacl('deluser'); foreach ($users as $userkey => $user) { if ($user['id'] == $_REQUEST['id']) { unset($users[$userkey]); } } file_put_contents($config['path'] . '/db/db-users.json', json_encode($users)); logevent('User ' . $_SESSION['user'] . ' removed user', 'activity'); header('Location: index.php?action=users'); } } else { $smarty->assign('users', $users); $smarty->assign('acls', $acls); if (isset($_REQUEST['id']) && is_array($users)) { foreach ($users as $user) { if ($user['id'] == $_REQUEST['id']) { $smarty->assign('userdetails', $user); } } } $smarty->display($config['path'] . '/templates/header.tpl'); $smarty->display($config['path'] . '/templates/users.tpl'); $smarty->display($config['path'] . '/templates/footer.tpl');
} if (isset($userdetails['2fo']) && $userdetails['2fo'] == 'true') { if (!isset($_POST['2fokey'])) { $_POST['2fokey'] = 0; } require $config['path'] . '/libs/googleauthenticator/GoogleAuthenticator.php'; $ga = new PHPGangsta_GoogleAuthenticator(); if (!$ga->verifyCode($userdetails['2fokey'], $_POST['2fokey'], 2)) { header('Location: index.php?login=failed&2fofail'); die; } } foreach ($acls as $acl) { if ($acl['id'] == $user['acl']) { $_SESSION['acl'] = $acl['perms']; } } $_SESSION['user'] = $_POST['username']; $_SESSION['ip'] = $_SERVER['REMOTE_ADDR']; $_SESSION['time'] = time(); logevent('User ' . $_SESSION['user'] . ' logged in', 'activity'); header('Location: index.php'); die; } else { header('Location: index.php?login=failed&fail'); } } else { $smarty->display($config['path'] . '/templates/header.tpl'); $smarty->display($config['path'] . '/templates/login.tpl'); $smarty->display($config['path'] . '/templates/footer.tpl'); }
if ($acl['id'] == $_REQUEST['aclid']) { $acls[$aclkey] = array('id' => $_REQUEST['aclid'], 'perms' => $_REQUEST['perms'], 'name' => trim($_REQUEST['name'])); } } file_put_contents($config['path'] . '/db/db-acl.json', json_encode($acls)); logevent('User ' . $_SESSION['user'] . ' edited ACL ' . $_REQUEST['aclid'], 'activity'); header('Location: index.php?action=useracl'); } elseif ($_REQUEST['acl'] == 'remove' && isset($_REQUEST['id'])) { checkacl('delacl'); foreach ($acls as $aclkey => $acl) { if ($acl['id'] == $_REQUEST['id']) { unset($acls[$aclkey]); } } file_put_contents($config['path'] . '/db/db-acl.json', json_encode($acls)); logevent('User ' . $_SESSION['user'] . ' removed ACL ' . $_REQUEST['id'], 'activity'); header('Location: index.php?action=useracl'); } } else { $smarty->assign('acls', $acls); $smarty->assign('aclarray', $aclarray); if (isset($_REQUEST['id']) && is_array($acls)) { foreach ($acls as $acl) { if ($acl['id'] == $_REQUEST['id']) { $smarty->assign('acldetails', $acl); } } } $smarty->display($config['path'] . '/templates/header.tpl'); $smarty->display($config['path'] . '/templates/useracl.tpl'); $smarty->display($config['path'] . '/templates/footer.tpl');