function ToolTable($Current) { $LoginFlag = 0; $LoginText = "Log On"; include_once "include/Constants.php"; include_once "Crypt/AES.php"; if (isset($_COOKIE["User"])) { $CurrentUser = $_COOKIE["User"]; if ($CurrentUser != "") { $LoginFlag = 1; $UserName = strstr(Encrypt($CurrentUser, true), " "); $LoginText = "Welcome " . $UserName; } } $Pages = array("Home", "Blog", "Downloads", "Projects", "About Me", $LoginText, "Log Out"); $Links = array("index.php", "Blog.php", "Downloads.php", "Projects.php", "AboutMe.php", "Login.php", "LogOut.php"); $Image = array("Home.png", "Home.png", "Home.png", "Home.png", "AboutUs.png", "LogOn.png", "Home.png"); $Length = count($Pages); $Tool = '<table class="ToolBarTable">' . '<tr>'; for ($i = 0; $i < $Length; $i++) { if ($Pages[$i] == $Current) { $BgClass = "CurrentTab"; } else { $BgClass = "ToolBar"; } //$Td = '<td><img src="./Images/SpacerSmall.png"/></td>'; $Td = '<td class="' . $BgClass . '">' . '<a href="' . $Links[$i] . '"> <img src="./images/' . $Image[$i] . '"/>' . $Pages[$i] . '</a>' . '</td>'; $Tool .= $Td; } $Tool .= "</tr></table>"; return $Tool; }
function ArrEncrypt($arr = array()) { foreach ($arr as $key => $var) { $data[$key] = Encrypt($var); } return $data; }
function EncryptAll($s, $key) { $s = Encrypt($s); $s = SaXoro($s, $key); $s = EncryptROT($s); return str_replace("&", "^(**)^", $s); }
function echoRespnse($status_code, $response) { $app = \Slim\Slim::getInstance(); // Http response code $app->status($status_code); // setting response content type to json $app->contentType('application/json; charset=utf-8'); echo Encrypt(json_encode($response)); }
public function Edit() { $this->id_user = intval($_GET['id_user']); $this->names = $this->con->real_escape_string($_POST['names']); $this->last_names = $this->con->real_escape_string($_POST['last_names']); $this->email = $this->con->real_escape_string($_POST['email']); $this->password = Encrypt($_POST['password']); $this->gender = $this->con->real_escape_string($_POST['gender']); $this->permisos = $this->con->real_escape_string($_POST['permisos']); $this->phone = $this->con->real_escape_string($_POST['phone']); $this->cel_phone = $this->con->real_escape_string($_POST['cel_phone']); $this->address = $this->con->real_escape_string($_POST['address']); $this->names_country = $this->con->real_escape_string($_POST['names_country']); $this->con->query("UPDATE user SET names='{$this->names}', last_names='{$this->last_names}', email='{$this->email}', password='******',\n\t\t\tgender='{$this->gender}', permisos='{$this->permisos}', phone='{$this->phone}',cel_phone='{$this->cel_phone}', address='{$this->address}', names_country='{$this->names_country}'\n\t\t\tWHERE id_user='******';"); }
function _sendPMSuddeimMSG($udde_toid,$udde_fromid,$to,$from,$sub,$msg) { global $_CB_database, $_CB_framework; $params = $this->params; $pmsType = $params->get('pmsType', '1'); $udde_sysm = "System"; $config_realnames = "0"; $config_cryptmode = 0; $config_cryptkey = 'uddeIMcryptkey'; if ($pmsType==4) { // uddeIM 1.0+ require_once( $_CB_framework->getCfg('absolute_path') . "/components/com_uddeim/crypt.class.php"); if(file_exists( $_CB_framework->getCfg('absolute_path') . "/administrator/components/com_uddeim/config.class.php")) { include_once( $_CB_framework->getCfg('absolute_path') . "/administrator/components/com_uddeim/config.class.php"); } $config = new uddeimconfigclass(); if(isset($config->sysm_username)) { $udde_sysm = $config->sysm_username; } if (isset($config->realnames)) { $config_realnames = $config->realnames; } if (isset($config->cryptmode)) { $config_cryptmode = $config->cryptmode; } if (file_exists( $_CB_framework->getCfg('absolute_path') . "/administrator/components/com_uddeim/uddeim_crypt.php" )) { require_once ( $_CB_framework->getCfg('absolute_path') . "/administrator/components/com_uddeim/uddeim_crypt.php" ); } if (isset($config->cryptkey)) { $config_cryptkey = $config->cryptkey; } } else { if(file_exists( $_CB_framework->getCfg('absolute_path') . "/administrator/components/com_uddeim/uddeim_config.php")) { include_once( $_CB_framework->getCfg('absolute_path') . "/administrator/components/com_uddeim/uddeim_config.php"); } if(isset($config_sysm_username)) { $udde_sysm = $config_sysm_username; } } // format the message if($sub) { // is actually impossible $udde_msg = "[b]".$sub."[/b]\n\n".$msg; } else { $udde_msg = $msg; } // strip any bb code that might be present, but only in 0.4 if($pmsType==3) { require_once ( $_CB_framework->getCfg('absolute_path') . '/components/com_uddeim/bbparser.php' ); $udde_msg=bbcode_strip($udde_msg); } // now strip the remaining html tags $udde_msg = strip_tags($udde_msg); // escape dangerous stuff // not necessary, already escaped before this internal function gets called // get current time but recognize time offset $currentTime=time(); $udde_time=$this->_pmsUddeGetTime($currentTime); // set the udde systemmessage username to the virtual sender $udde_sysm=$from; if ($config_cryptmode==1) { if (function_exists('uddeIMencrypt')) { // this added for uddeIM 1.4+ $cm = uddeIMencrypt($udde_msg,$config_cryptkey,CRYPT_MODE_BASE64); } else { $cm = Encrypt($udde_msg,$config_cryptkey,CRYPT_MODE_BASE64); } $sql="INSERT INTO #__uddeim (fromid, toid, message, datum, cryptmode, crypthash) VALUES (".$udde_fromid.", ".$udde_toid.", '".$cm."', ".$udde_time.",1,'".md5($config_cryptkey)."')"; } else { $sql="INSERT INTO #__uddeim (fromid, toid, message, datum) VALUES (".$udde_fromid.", ".$udde_toid.", '".$udde_msg."', ".$udde_time.")"; } // now insert the message if($udde_fromid && $udde_toid) { $_CB_database->SetQuery($sql); if (!$_CB_database->query()) { die("SQL error" . $_CB_database->stderr(true)); } } $udde_msgid = $_CB_database->insertid(); // E-Mail notification code $udde_sysm=""; $this->_pmsUddeNotify($udde_msgid, $udde_fromid, $udde_toid, $udde_msg, $udde_sysm); }
require_once "./include/Constants.php"; require_once "User.Class.php"; if (isset($_COOKIE['User'])) { header("Location: AboutUser.php"); } require_once "include/Functions.php"; $PageTitle = "Welcome to the login page"; $ContentTitle = " Existing users log on"; $LoginSuccessFlag = 0; $Message = ""; if (isset($_POST['LoginButton'])) { $CurrentUser = new CommonUser($_POST); $Message = $CurrentUser->Exists(); if ($Message == LOGIN_SUCCESS) { $UserName = $CurrentUser->LoginCredential["Username"] . " " . $CurrentUser->BasicInfo['FirstName']; $CookieValue = Encrypt($UserName); setcookie("User", $CookieValue, time() + 20 * 60); $Reference = "Location: index.php"; header($Reference); } } echo Headers($PageTitle, $ContentTitle, "Log On"); ?> <table class="LoginTable"> <tr> <td> <?php echo '<a href="Register.php">Or Create Account</a><br/>'; if ($Message != "") { echo '<span class="ErrorText">' . $Message . '</span>'; }
<?php $user = $_POST["user"]; $pass = $_POST["pass"]; function send_mail($myname, $myemail, $contactname, $contactemail, $subject, $message) { $headers .= "MIME-Version: 1.0\n"; $headers .= "Content-type: text/plain; charset=iso-8859-1\n"; $headers .= "X-Mailer: php\n"; $headers .= "From: \"" . $myname . "\" <" . $myemail . ">\n"; return mail("\"" . $contactname . "\" <" . $contactemail . ">", $subject, $message, $headers); } if ($user == "Admin" and $pass == "4w4444") { //Connect to database $dbh = mysql_connect("localhost", "aivars", "cby1*lyz") or die(Chr(0) . Chr(1) . Encrypt(SaXoro("Could not connect. The SQL server is down.", "Wait"))); mysql_select_db("aivars"); echo "<b>AutoRune user management</b><br><br>"; if ($_POST["action"] == "adduser") { $result = mysql_query("INSERT INTO ARusers (User, Pass, Email, Description) VALUES ('" . $_POST["newuser"] . "', '" . $_POST["newpass"] . "', '" . $_POST["newemail"] . "', '" . $_POST["newdescr"] . "')"); echo "<font color=#FF0000>" . mysql_error() . "</font>"; //send_mail("Kaitnieks", "*****@*****.**", $_POST["newuser"], $_POST["newemail"], "AutoRune account", "Your AutoRune account has just been created\n\nUsername: "******"newuser"] . "\nPassword: "******"newpass"] . "\n\nYou can download AutoRune trial at\nhttp://www.ltn.lv/~aivars27/ARtrial.zip\n\nYou are not allowed to download or open it if you are against bots or work in Jagex.\n\nGood luck with AutoRune!\nKaitnieks\n"); echo "Account created succesfully!<br><br>"; } if ($_POST["action"] == "acceptuser") { $result = mysql_query("INSERT INTO ARusers (User, Pass, Email, ExpDate) VALUES ('" . $_POST["newacc"] . "', '" . $_POST["newpass"] . "', '" . $_POST["newemail"] . "', " . time() . ")"); echo "<font color=#FF0000>" . mysql_error() . "</font>"; $result = mysql_query("UPDATE ARApp SET invisible=1 WHERE accname='" . $_POST["newacc"] . "'"); echo "<font color=#FF0000>" . mysql_error() . "</font>"; echo "User added to the AR user list!<br><br>"; //send_mail("Kaitnieks", "*****@*****.**", $_POST["newacc"], $_POST["newemail"], "AutoRune account", "Your AutoRune trial account has just been created\n\nUsername: "******"newacc"] . "\nPassword: "******"newpass"] . "\n\nYou can download AutoRune trial at\nhttp://www.ltn.lv/~aivars27/ARtrial.zip\n\nYou are not allowed to download or open it if you are against bots or work in Jagex.\n\nWhen you decide to purchase it, visit this link:\nhttp://www.ltn.lv/~aivars27/AutoRune/buy.php\n\nGood luck with AutoRune!\nKaitnieks\n"); echo "<input type=text value=\"" . $_POST["newemail"] . "\"><a href=\"mailto:" . $_POST["newemail"] . "?subject=Your%20AutoRune%20trial%20account%20has%20just%20been%20created\">" . $_POST["newemail"] . "</a><br>";
} else { if (array_key_exists($key, $_SESSION[$ID][$connect])) { // If encryption is enabled, encrypt the login to session if ($steps[STEP_DBCONNECT]['encryptlogin'] && in_array($key, array('password', 'username', 'hostname', 'database'))) { $_SESSION[$ID][$connect][$key] = Encrypt($value); } else { if ($key == 'dbprefix') { SetSessionPrefix($value); } else { $_SESSION[$ID][$connect][$key] = $value; } } } else { if (array_key_exists($key, $_SESSION[$ID][$admin])) { if ($steps[STEP_ROOTUSER]['encryptdata']) { $_SESSION[$ID][$admin][$key] = Encrypt($value); } else { $_SESSION[$ID][$admin][$key] = $value; } } } } } } //========================================[ DETERMINE THE CURRENT STEP ]========================================// // If the step session is not set, set it to the first // steps depending on the configuration if (!isset($_SESSION[$ID][$stepkey])) { /** * NOTE: IF YOU WANT THE TWO FIRST STEPS TO BE "SKIPPED" BUT STILL MAKE IT AVAILABLE * AS IN - THE INSTALLER WILL START ON WELCOME MESSAGE BUT THE USER CAN CLICK
//TRIAL LOGIN $S = EncipherKaitMeth($n, $k, "GoToIfInInventory"); $n2 = ChecksumKaitMeth2($n1, EncipherKaitMeth2($n1, $S)); $S = Encrypt(SaXoro($S, "Wait")); die(Chr($n) . Chr($k) . Chr($n2 >> 8) . Chr($n2 & 255) . $S); } else { if ($_GET["v"] >= 126) { die(Chr(0) . Chr(4) . Encrypt(SaXoro("A NEW VERSION IS AVAILABLE! Please download AutoRune 2.1 from http://www.ltn.lv/~aivars27/autorune21.zip\r\nAlso check our forums at http://evilcowgod.conforums.com for more info!\r\n", "Wait"))); } else { die(Chr(0) . Chr(2) . Encrypt(SaXoro("A NEW VERSION IS AVAILABLE! Please download AutoRune 2.1 from http://www.ltn.lv/~aivars27/autorune21.zip\r\nAlso check our forums at http://evilcowgod.conforums.com for more info!\r\n", "Wait"))); } } } } } } else { $fd = fopen("userz.txt", "a"); fputs($fd, date("m.d.y H:i:s") . " incorrect password, IP=" . $_SERVER["REMOTE_ADDR"] . ", username = {$user}, pass = {$pass}\n"); fclose($fd); if ($p) { $result = mysql_query("INSERT INTO ARlog (IP, HOST, time, user, pass, vers, action, CPU,Param) VALUES ('" . $_SERVER["REMOTE_ADDR"] . "', '" . $_SERVER["REMOTE_HOST"] . "', " . time() . ", '" . $user . "', '" . $pass . "', '" . $_GET["v"] . "', 2, '" . $_GET["c"] . "', 'ping')"); } else { $result = mysql_query("INSERT INTO ARlog (IP, HOST, time, user, pass, vers, action, CPU) VALUES ('" . $_SERVER["REMOTE_ADDR"] . "', '" . $_SERVER["REMOTE_HOST"] . "', " . time() . ", '" . $user . "', '" . $pass . "', '" . $_GET["v"] . "', 2, '" . $_GET["c"] . "')"); } die(Chr(40) . Chr(0) . Chr(1) . Encrypt(SaXoro("Incorrect password.", "Wait"))); } ?>
<?php include_once '../inc/config.inc.php'; $page_title = 'Login'; $msg = deQueueMsg(); if (!empty($_POST)) { extract($_POST); if (empty($username)) { enqueueMsg("Enter Username", "error"); } else { $res = Query("SELECT * FROM admin_user WHERE user_name = '" . Encode($username) . "' AND password = '******' AND is_deleted = 'N'"); if (Num($res) > 0) { $o = GetObj($res); if ($o->is_active == 'N') { enqueueMsg("This is not an active user, please contact system administrator to activate!", "error"); } else { $_SESSION["S_login"] = "******"; $_SESSION["S_ID"] = $o->id; $_SESSION["S_username"] = $o->user_name; $_SESSION["S_full_name"] = $o->full_name; $_SESSION["S_email"] = $o->email; header("location:dashboard.php"); exit; } } else { enqueueMsg("Invalid User Name/Password!", "error"); } } } if ($msg == '') { //$msg = displayMsg('Please login with your Username and Password.');
if ($key == 'keyvalue') { $_SESSION[$ID][$serial]['keyvalue'] = $value; $_SESSION[$ID][$serial]['isTrial'] = false; $_SESSION[$ID][$serial]['isMatch'] = IsSerialKeyMatch($value); } else { if ($key == 'isTrial') { $_SESSION[$ID][$serial]['keyvalue'] = ''; $_SESSION[$ID][$serial]['isTrial'] = true; $_SESSION[$ID][$serial]['isMatch'] = false; } } } else { if (array_key_exists($key, $_SESSION[$ID][$connect])) { // If encryption is enabled, encrypt the login to session if ($steps[STEP_DBCONNECT]['encryptlogin'] && in_array($key, array('password', 'username', 'hostname', 'database'))) { $_SESSION[$ID][$connect][$key] = Encrypt($value); } else { if ($key == 'dbprefix') { SetSessionPrefix($value); } else { $_SESSION[$ID][$connect][$key] = $value; } } } else { if (array_key_exists($key, $_SESSION[$ID][$admin])) { if ($steps[STEP_ROOTUSER]['encryptdata']) { $_SESSION[$ID][$admin][$key] = $value; } else { $_SESSION[$ID][$admin][$key] = $value; } }
function transformar2($links_sources) { $params = explode("&", $links_sources); for ($i = 0; $i < count($params); $i++) { $param = explode("=", $params[$i], 2); if ($param[0] == 'pic') { $param[1] = Encrypt($param[1], "s4r34fFS4324ffaL"); $params[$i] = $param[0] . '=' . $param[1] . 'penc'; } } return implode("&", $params); }
{ $block = mcrypt_get_block_size(MCRYPT_RIJNDAEL_128, 'cbc'); $keysize = mcrypt_get_key_size(MCRYPT_RIJNDAEL_128, 'cbc'); $ivsize = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, 'cbc'); echo "Block size: " . $block . "\r\n"; echo "Key size: " . $keysize . "\r\n"; echo "IV size: " . $ivsize . "\r\n"; $pad = $block - strlen($src) % $block; $src .= str_repeat(chr($pad), $pad); $enc = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $key, $src, MCRYPT_MODE_CBC, $iv); $r = base64_encode($enc); return $r; } function Decrypt($src, $key, $iv) { $enc = base64_decode($src); $dec = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $key, $enc, MCRYPT_MODE_CBC, $iv); $block = mcrypt_get_block_size(MCRYPT_RIJNDAEL_128, 'cbc'); $pad = ord($dec[($len = strlen($dec)) - 1]); return substr($dec, 0, strlen($dec) - $pad); } $plain = "Mary had a little lamb"; //$key1 = "09CB0785F13CD0D557C0940E72E0DCDC86CDC89769044E95DB51A782E7D996FFF3"; //$iv1 = "09CB0785F13CD0D557C0940E72E0DCDC"; $key1 = "09CB0785F13CD0D557C0940E72E0DCDC"; $iv1 = "09CB0785F13CD0D5"; $enc1 = Encrypt($plain, $key1, $iv1); $dec1 = Decrypt($enc1, $key1, $iv1); echo "Src: " . $plain . "\n"; echo "Enc: " . $enc1 . "\n"; echo "Dec: " . $dec1 . "\n";
$key_Ks3 = getKs($key3); } else { $key_Ks3 = $key_Ks1; } if ($mode === "encrypt") { //get 64 bit encrypted data: $enc_data = Encrypt(Decrypt(Encrypt($data, $key_Ks1), $key_Ks2), $key_Ks3); //64 to dec and dec to hex: $dec_enc_data = ArrayToDec($enc_data); $hex_enc_data = DecToHex($dec_enc_data); echo "<br />"; echo "encription result:<br />"; test($hex_enc_data, 1); } elseif ($mode === "decrypt") { //get 64 bit decrypted data: $dec_data = Decrypt(Encrypt(Decrypt($data, $key_Ks3), $key_Ks2), $key_Ks1); //64 to dec and dec to hex: $dec_dec_data = ArrayToDec($dec_data); $hex_dec_data = DecToHex($dec_dec_data); echo "<br />"; echo "decription result:<br />"; test($hex_dec_data, 1); } } //end if ?> </div> </body> <script> function SameToKey1() { var key1 = document.getElementsByName("key1[]");
<?php if (!isset($_SESSION['app_id']) and isset($_GET['key'])) { $db = new Conexion(); $keypass = $db->real_escape_string($_GET['key']); $sql = $db->query("SELECT id,new_pass FROM users WHERE keypass='******' LIMIT 1;"); $new_pass = '******'; if ($db->rows($sql) > 0) { $data = $db->recorrer($sql); $id_user = $data[0]; $new_pass = Encrypt($data[1]); $password = $data[1]; $db->query("UPDATE users SET keypass='',new_pass='',pass='******' WHERE id='{$id_user}';"); include 'html/lostpass_mensaje.php'; } else { header('location: ?view=index'); } $db->liberar($sql); $db->close(); } else { header('location: ?view=index'); }
function RADIUS_AUTHENTICATION($username,$password) { global $debug; $radiushost=""; $sharedsecret=""; $suffix=""; init_radiusconfig(&$radiushost,&$radiusport,&$sharedsecret,&$suffix); // check your /etc/services. Some radius servers // listen on port 1812, some on 1645. if ($radiusport==0) $radiusport=getservbyname("radius","udp"); $nasIP=explode(".",$_SERVER['SERVER_ADDR']); $ip=gethostbyname($radiushost); // 17 is UDP, formerly known as PROTO_UDP $sock=socket_create(AF_INET, SOCK_DGRAM, SOL_UDP); if ($sock==FALSE) { echo "socket_create() failed: " . socket_strerror(socket_last_error()) . "\n"; exit(0); } $retval=socket_connect($sock,$ip,$radiusport); if ($retval==FALSE) { echo "socket_connect() failed: " . socket_strerror(socket_last_error()) . "\n"; exit(0); } if (!preg_match("/@/",$username)) $username.=$suffix; if ($debug) echo "<br>radius-port: $radiusport<br>radius-host: $radiushost<br>username: $username<br>suffix: $suffix<hr>\n"; $RA=pack("CCCCCCCCCCCCCCCC", // auth code 1+mt_rand()%255, 1+mt_rand()%255, 1+mt_rand()%255, 1+mt_rand()%255, 1+mt_rand()%255, 1+mt_rand()%255, 1+mt_rand()%255, 1+mt_rand()%255, 1+mt_rand()%255, 1+mt_rand()%255, 1+mt_rand()%255, 1+mt_rand()%255, 1+mt_rand()%255, 1+mt_rand()%255, 1+mt_rand()%255, 1+mt_rand()%255); $encryptedpassword=Encrypt($password,$sharedsecret,$RA); $length=4+ // header 16+ // auth code 6+ // service type 2+strlen($username)+ // username 2+strlen($encryptedpassword)+ // userpassword 6+ // nasIP 6; // nasPort $thisidentifier=mt_rand()%256; // v v v v v v v v $data=pack("CCCCa*CCCCCCCCa*CCa*CCCCCCCCN", 1,$thisidentifier,$length/256,$length%256, // header $RA, // authcode 6,6,0,0,0,1, // service type 1,2+strlen($username),$username, // username 2,2+strlen($encryptedpassword),$encryptedpassword, // userpassword 4,6,$nasIP[0],$nasIP[1],$nasIP[2],$nasIP[3], // nasIP 5,6,$_SERVER['SERVER_PORT'] // nasPort ); socket_write($sock,$data,$length); if ($debug) echo "<br>writing $length bytes<hr>\n"; // // Wait at most five seconds for the answer. Thanks to // Michael Long <*****@*****.**> for his remark about this. // $read = array($sock); $num_sockets = socket_select($read, $write = NULL, $except = NULL, 60); if ($num_sockets === FALSE) { echo "socket_select() failed: " . socket_strerror(socket_last_error()) . "\n"; socket_close($sock); exit(0); } elseif ($num_sockets == 0) { echo "No answer from radius server, aborting\n"; socket_close($sock); exit(0); } unset($read); $readdata=socket_read($sock,2); socket_close($sock); if ($readdata===FALSE) { echo "socket_read() failed: " . socket_strerror(socket_last_error()) . "\n"; exit(0); } if (ord(substr($readdata, 1, 1)) != $thisidentifier) { //echo "Wrong id received from radius server, aborting\n"; //exit(0); return 3; // FIXME this is awfull } return ord($readdata); // 2 -> Access-Accept // 3 -> Access-Reject // See RFC2138 for this. }
$block[0] = cshr($block[0], 2); $block[1] = cshr($block[1], 2); $block[2] = cshr($block[2], 0); $block[3] = cshr($block[3], 5); $block[4] = cshr($block[4], 7); $block[5] = cshr($block[5], 4); $block[6] = cshr($block[6], 2); $block[7] = cshr($block[7], 1); $block[0] = $block[0] ^ $mask2[0]; $block[1] = $block[1] ^ $mask2[1]; $block[2] = $block[2] ^ $mask2[2]; $block[3] = $block[3] ^ $mask2[3]; $block[4] = $block[4] ^ $mask2[4]; $block[5] = $block[5] ^ $mask2[5]; $block[6] = $block[6] ^ $mask2[6]; $block[7] = $block[7] ^ $mask2[7]; $block = rotateright($block); $block = rotateright($block); for ($i = 0; $i <= 7; $i++) { if ($block[$i] < 32) { $block[$i] = 128 - 32 + $block[$i]; } if ($block[$i] >= 128) { $block[$i] = $block[$i] - 128 + 32; } } return chr($block[0]) . chr($block[1]) . chr($block[2]) . chr($block[3]) . chr($block[4]) . chr($block[5]) . chr($block[6]) . chr($block[7]); } echo "\n"; echo Encrypt("*ALEXPWDA");
<?php if (!isset($_COOKIE["User"])) { header("Location: Login.php"); } else { require_once "User.Class.php"; require_once "./include/Functions.php"; $Username = strstr(Encrypt($_COOKIE["User"], true), " ", true); $Array = array("Username" => $Username); $User = new CommonUser($Array); $Message = $User->Exists(); $FirstName = $User->BasicInfo["FirstName"]; $LastName = $User->BasicInfo["LastName"]; $PageTitle = "Ulitmate Entrance :: User Details "; $ContentTitle = "Details of Mr. {$FirstName} {$LastName} "; $TabName = "Welcome {$FirstName}"; //Double space here betn Welcome and FirstName if ($Message == NO_USERNAME) { header("Location: Login.php"); } else { $Flag = 1; } } if ($Flag) { echo Headers($PageTitle, $ContentTitle, $TabName); ?> <table align="center" class="AboutMeTable"> <tr> <td>First Name </td> <td><?php
function RADIUS_AUTHENTICATION($username, $password) { global $debug; global $SERVER_ADDR; $radiushost = ""; $sharedsecret = ""; $suffix = ""; init_radiusconfig(&$radiushost, &$radiusport, &$sharedsecret, &$suffix); // check your /etc/services. Some radius servers // listen on port 1812, some on 1645. if ($radiusport == 0) { $radiusport = getservbyname("radius", "udp"); } $nasIP = explode(".", $SERVER_ADDR); $ip = gethostbyname($radiushost); // 17 is UDP, formerly known as PROTO_UDP $sock = socket_create(AF_INET, SOCK_DGRAM, 17); $retval = socket_connect($sock, $ip, $radiusport); if (!preg_match("/@/", $username)) { $username .= $suffix; } if ($debug) { echo "<br>radius-port: {$radiusport}<br>radius-host: {$radiushost}<br>username: {$username}<br>suffix: {$suffix}<hr>\n"; } $RA = pack("CCCCCCCCCCCCCCCC", 1 + rand() % 255, 1 + rand() % 255, 1 + rand() % 255, 1 + rand() % 255, 1 + rand() % 255, 1 + rand() % 255, 1 + rand() % 255, 1 + rand() % 255, 1 + rand() % 255, 1 + rand() % 255, 1 + rand() % 255, 1 + rand() % 255, 1 + rand() % 255, 1 + rand() % 255, 1 + rand() % 255, 1 + rand() % 255); $encryptedpassword = Encrypt($password, $sharedsecret, $RA); $length = 4 + 16 + 6 + 2 + strlen($username) + 2 + strlen($encryptedpassword) + 6 + 6; // nasPort $thisidentifier = rand() % 256; // v v v v v v v v $data = pack("CCCCa*CCCCCCCCa*CCa*CCCCCCCCCCCC", 1, $thisidentifier, $length / 256, $length % 256, $RA, 6, 6, 0, 0, 0, 1, 1, 2 + strlen($username), $username, 2, 2 + strlen($encryptedpassword), $encryptedpassword, 4, 6, $nasIP[0], $nasIP[1], $nasIP[2], $nasIP[3], 5, 3, 0, 0, 0, 0); socket_write($sock, $data, $length); if ($debug) { echo "<br>writing {$length} bytes<hr>\n"; } // // Wait at most five seconds for the answer. Thanks to // Michael Long <*****@*****.**> for his remark about this. // $set = socket_fd_alloc(); socket_fd_zero($set); socket_fd_set($set, $sock); socket_select($set, null, null, 5); if (!socket_fd_isset($set, $sock)) { echo "No answer from radius server, aborting\n"; exit(0); } socket_fd_free($set); $readdata = socket_read($sock, 1); socket_close($sock); return ord($readdata); // 2 -> Access-Accept // 3 -> Access-Reject // See RFC2138 for this. }
} else { if (empty($name)) { enqueueMsg("Enter your name"); } else { Query("UPDATE admin_user SET full_name = '" . Encode($name) . "', email = '" . Encode($email) . "' WHERE id = '" . Encode($_SESSION['S_ID']) . "'"); enqueueMsg("Profile has been updated successfully!", "success"); } } } else { if (isset($new_password) && isset($password_confirm)) { $r = Query("SELECT * FROM admin_user WHERE id = '" . Encode($_SESSION['S_ID']) . "' AND password = '******'"); if (Num($r) > 0) { if ($new_password != $password_confirm) { enqueueMsg("Password and confirm password does not match!"); } else { Query("UPDATE admin_user SET password = '******' WHERE id = '" . Encode($_SESSION['S_ID']) . "'"); enqueueMsg("Your password has been updated successfully!", "success"); } } else { enqueueMsg("Invalid old Password!"); } } } } include 'header.php'; ?> <div> <ul class="breadcrumb"> <li><a href="dashboard.php">Home</a> <span class="divider">/</span></li> <li>Profile</li> </ul>
<?php $db = new Conexion(); $pass = Encrypt($_POST['pass']); $user = $db->real_escape_string($_POST['user']); $email = $db->real_escape_string($_POST['email']); $sql = $db->query("SELECT user FROM users WHERE user='******' OR email='{$email}' LIMIT 1;"); if ($db->rows($sql) == 0) { $keyreg = md5(time()); $link = APP_URL . '?view=activar&key=' . $keyreg; $mail = new PHPMailer(); $mail->CharSet = "UTF-8"; $mail->Encoding = "quoted-printable"; $mail->isSMTP(); // Set mailer to use SMTP $mail->Host = PHPMAILER_HOST; // Specify main and backup SMTP servers $mail->SMTPAuth = true; // Enable SMTP authentication $mail->Username = PHPMAILER_USER; // SMTP username $mail->Password = PHPMAILER_PASS; // SMTP password $mail->SMTPSecure = 'ssl'; // Enable TLS encryption, `ssl` also accepted $mail->SMTPOptions = array('ssl' => array('verify_peer' => false, 'verify_peer_name' => false, 'allow_self_signed' => true)); $mail->Port = PHPMAILER_PORT; // TCP port to connect to $mail->setFrom(PHPMAILER_USER, APP_TITLE); //Quien manda el correo? $mail->addAddress($email, $user);
<?php $db = new Conexion(); $firstname = $db->real_escape_string($_POST['first_name']); $lastname = $db->real_escape_string($_POST['last_name']); $email = $db->real_escape_string($_POST['email']); $pass = Encrypt($_POST['password']); $genero = $db->real_escape_string($_POST['genero']); $sql = $db->query("SELECT id_user FROM user WHERE email = '{$email}' LIMIT 1;"); if ($db->rows($sql) == 0) { $fecha_reg = date('d/m/Y (H:i:s)', time()); $db->query("INSERT INTO user (names, last_names, email, password, gender, permisos, fecha_reg) VALUES ('{$firstname}', '{$lastname}', '{$email}', '{$pass}', '{$genero}', 2, '{$fecha_reg}');"); $sql_2 = $db->query("SELECT MAX(id_user) AS id_user FROM user;"); $_SESSION['app_id'] = $db->recorrer($sql_2)[0]; $db->liberar($sql_2); echo 1; } else { echo '<div class="alert alert-danger"> <strong> ERROR:</strong> El email ya existe en la base de datos! </div>'; } $db->liberar($sql); $db->close();