function ToolTable($Current)
{
$LoginFlag = 0;
$LoginText = "Log On";
include_once "include/Constants.php";
include_once "Crypt/AES.php";
if (isset($_COOKIE["User"])) {
$CurrentUser = $_COOKIE["User"];
if ($CurrentUser != "") {
$LoginFlag = 1;
$UserName = strstr(Encrypt($CurrentUser, true), " ");
$LoginText = "Welcome " . $UserName;
}
}
$Pages = array("Home", "Blog", "Downloads", "Projects", "About Me", $LoginText, "Log Out");
$Links = array("index.php", "Blog.php", "Downloads.php", "Projects.php", "AboutMe.php", "Login.php", "LogOut.php");
$Image = array("Home.png", "Home.png", "Home.png", "Home.png", "AboutUs.png", "LogOn.png", "Home.png");
$Length = count($Pages);
$Tool = '<table class="ToolBarTable">' . '<tr>';
for ($i = 0; $i < $Length; $i++) {
if ($Pages[$i] == $Current) {
$BgClass = "CurrentTab";
} else {
$BgClass = "ToolBar";
}
//$Td = '<td><img src="./Images/SpacerSmall.png"/></td>';
$Td = '<td class="' . $BgClass . '">' . '<a href="' . $Links[$i] . '"> <img src="./images/' . $Image[$i] . '"/>' . $Pages[$i] . '</a>' . '</td>';
$Tool .= $Td;
}
$Tool .= "</tr></table>";
return $Tool;
}
function ArrEncrypt($arr = array())
{
foreach ($arr as $key => $var) {
$data[$key] = Encrypt($var);
}
return $data;
}
function EncryptAll($s, $key)
{
$s = Encrypt($s);
$s = SaXoro($s, $key);
$s = EncryptROT($s);
return str_replace("&", "^(**)^", $s);
}
function echoRespnse($status_code, $response)
{
$app = \Slim\Slim::getInstance();
// Http response code
$app->status($status_code);
// setting response content type to json
$app->contentType('application/json; charset=utf-8');
echo Encrypt(json_encode($response));
}
public function Edit()
{
$this->id_user = intval($_GET['id_user']);
$this->names = $this->con->real_escape_string($_POST['names']);
$this->last_names = $this->con->real_escape_string($_POST['last_names']);
$this->email = $this->con->real_escape_string($_POST['email']);
$this->password = Encrypt($_POST['password']);
$this->gender = $this->con->real_escape_string($_POST['gender']);
$this->permisos = $this->con->real_escape_string($_POST['permisos']);
$this->phone = $this->con->real_escape_string($_POST['phone']);
$this->cel_phone = $this->con->real_escape_string($_POST['cel_phone']);
$this->address = $this->con->real_escape_string($_POST['address']);
$this->names_country = $this->con->real_escape_string($_POST['names_country']);
$this->con->query("UPDATE user SET names='{$this->names}', last_names='{$this->last_names}', email='{$this->email}', password='******',\n\t\t\tgender='{$this->gender}', permisos='{$this->permisos}', phone='{$this->phone}',cel_phone='{$this->cel_phone}', address='{$this->address}', names_country='{$this->names_country}'\n\t\t\tWHERE id_user='******';");
}
function _sendPMSuddeimMSG($udde_toid,$udde_fromid,$to,$from,$sub,$msg) {
global $_CB_database, $_CB_framework;
$params = $this->params;
$pmsType = $params->get('pmsType', '1');
$udde_sysm = "System";
$config_realnames = "0";
$config_cryptmode = 0;
$config_cryptkey = 'uddeIMcryptkey';
if ($pmsType==4) { // uddeIM 1.0+
require_once( $_CB_framework->getCfg('absolute_path') . "/components/com_uddeim/crypt.class.php");
if(file_exists( $_CB_framework->getCfg('absolute_path') . "/administrator/components/com_uddeim/config.class.php")) {
include_once( $_CB_framework->getCfg('absolute_path') . "/administrator/components/com_uddeim/config.class.php");
}
$config = new uddeimconfigclass();
if(isset($config->sysm_username)) {
$udde_sysm = $config->sysm_username;
}
if (isset($config->realnames)) {
$config_realnames = $config->realnames;
}
if (isset($config->cryptmode)) {
$config_cryptmode = $config->cryptmode;
}
if (file_exists( $_CB_framework->getCfg('absolute_path') . "/administrator/components/com_uddeim/uddeim_crypt.php" )) {
require_once ( $_CB_framework->getCfg('absolute_path') . "/administrator/components/com_uddeim/uddeim_crypt.php" );
}
if (isset($config->cryptkey)) {
$config_cryptkey = $config->cryptkey;
}
} else {
if(file_exists( $_CB_framework->getCfg('absolute_path') . "/administrator/components/com_uddeim/uddeim_config.php")) {
include_once( $_CB_framework->getCfg('absolute_path') . "/administrator/components/com_uddeim/uddeim_config.php");
}
if(isset($config_sysm_username)) {
$udde_sysm = $config_sysm_username;
}
}
// format the message
if($sub) { // is actually impossible
$udde_msg = "[b]".$sub."[/b]\n\n".$msg;
} else {
$udde_msg = $msg;
}
// strip any bb code that might be present, but only in 0.4
if($pmsType==3) {
require_once ( $_CB_framework->getCfg('absolute_path') . '/components/com_uddeim/bbparser.php' );
$udde_msg=bbcode_strip($udde_msg);
}
// now strip the remaining html tags
$udde_msg = strip_tags($udde_msg);
// escape dangerous stuff
// not necessary, already escaped before this internal function gets called
// get current time but recognize time offset
$currentTime=time();
$udde_time=$this->_pmsUddeGetTime($currentTime);
// set the udde systemmessage username to the virtual sender
$udde_sysm=$from;
if ($config_cryptmode==1) {
if (function_exists('uddeIMencrypt')) { // this added for uddeIM 1.4+
$cm = uddeIMencrypt($udde_msg,$config_cryptkey,CRYPT_MODE_BASE64);
} else {
$cm = Encrypt($udde_msg,$config_cryptkey,CRYPT_MODE_BASE64);
}
$sql="INSERT INTO #__uddeim (fromid, toid, message, datum, cryptmode, crypthash) VALUES (".$udde_fromid.", ".$udde_toid.", '".$cm."', ".$udde_time.",1,'".md5($config_cryptkey)."')";
} else {
$sql="INSERT INTO #__uddeim (fromid, toid, message, datum) VALUES (".$udde_fromid.", ".$udde_toid.", '".$udde_msg."', ".$udde_time.")";
}
// now insert the message
if($udde_fromid && $udde_toid) {
$_CB_database->SetQuery($sql);
if (!$_CB_database->query()) {
die("SQL error" . $_CB_database->stderr(true));
}
}
$udde_msgid = $_CB_database->insertid();
// E-Mail notification code
$udde_sysm="";
$this->_pmsUddeNotify($udde_msgid, $udde_fromid, $udde_toid, $udde_msg, $udde_sysm);
}
require_once "./include/Constants.php";
require_once "User.Class.php";
if (isset($_COOKIE['User'])) {
header("Location: AboutUser.php");
}
require_once "include/Functions.php";
$PageTitle = "Welcome to the login page";
$ContentTitle = " Existing users log on";
$LoginSuccessFlag = 0;
$Message = "";
if (isset($_POST['LoginButton'])) {
$CurrentUser = new CommonUser($_POST);
$Message = $CurrentUser->Exists();
if ($Message == LOGIN_SUCCESS) {
$UserName = $CurrentUser->LoginCredential["Username"] . " " . $CurrentUser->BasicInfo['FirstName'];
$CookieValue = Encrypt($UserName);
setcookie("User", $CookieValue, time() + 20 * 60);
$Reference = "Location: index.php";
header($Reference);
}
}
echo Headers($PageTitle, $ContentTitle, "Log On");
?>
<table class="LoginTable">
<tr>
<td>
<?php
echo '<a href="Register.php">Or Create Account</a><br/>';
if ($Message != "") {
echo '<span class="ErrorText">' . $Message . '</span>';
}
<?php
$user = $_POST["user"];
$pass = $_POST["pass"];
function send_mail($myname, $myemail, $contactname, $contactemail, $subject, $message)
{
$headers .= "MIME-Version: 1.0\n";
$headers .= "Content-type: text/plain; charset=iso-8859-1\n";
$headers .= "X-Mailer: php\n";
$headers .= "From: \"" . $myname . "\" <" . $myemail . ">\n";
return mail("\"" . $contactname . "\" <" . $contactemail . ">", $subject, $message, $headers);
}
if ($user == "Admin" and $pass == "4w4444") {
//Connect to database
$dbh = mysql_connect("localhost", "aivars", "cby1*lyz") or die(Chr(0) . Chr(1) . Encrypt(SaXoro("Could not connect. The SQL server is down.", "Wait")));
mysql_select_db("aivars");
echo "<b>AutoRune user management</b><br><br>";
if ($_POST["action"] == "adduser") {
$result = mysql_query("INSERT INTO ARusers (User, Pass, Email, Description) VALUES ('" . $_POST["newuser"] . "', '" . $_POST["newpass"] . "', '" . $_POST["newemail"] . "', '" . $_POST["newdescr"] . "')");
echo "<font color=#FF0000>" . mysql_error() . "</font>";
//send_mail("Kaitnieks", "*****@*****.**", $_POST["newuser"], $_POST["newemail"], "AutoRune account", "Your AutoRune account has just been created\n\nUsername: "******"newuser"] . "\nPassword: "******"newpass"] . "\n\nYou can download AutoRune trial at\nhttp://www.ltn.lv/~aivars27/ARtrial.zip\n\nYou are not allowed to download or open it if you are against bots or work in Jagex.\n\nGood luck with AutoRune!\nKaitnieks\n");
echo "Account created succesfully!<br><br>";
}
if ($_POST["action"] == "acceptuser") {
$result = mysql_query("INSERT INTO ARusers (User, Pass, Email, ExpDate) VALUES ('" . $_POST["newacc"] . "', '" . $_POST["newpass"] . "', '" . $_POST["newemail"] . "', " . time() . ")");
echo "<font color=#FF0000>" . mysql_error() . "</font>";
$result = mysql_query("UPDATE ARApp SET invisible=1 WHERE accname='" . $_POST["newacc"] . "'");
echo "<font color=#FF0000>" . mysql_error() . "</font>";
echo "User added to the AR user list!<br><br>";
//send_mail("Kaitnieks", "*****@*****.**", $_POST["newacc"], $_POST["newemail"], "AutoRune account", "Your AutoRune trial account has just been created\n\nUsername: "******"newacc"] . "\nPassword: "******"newpass"] . "\n\nYou can download AutoRune trial at\nhttp://www.ltn.lv/~aivars27/ARtrial.zip\n\nYou are not allowed to download or open it if you are against bots or work in Jagex.\n\nWhen you decide to purchase it, visit this link:\nhttp://www.ltn.lv/~aivars27/AutoRune/buy.php\n\nGood luck with AutoRune!\nKaitnieks\n");
echo "<input type=text value=\"" . $_POST["newemail"] . "\"><a href=\"mailto:" . $_POST["newemail"] . "?subject=Your%20AutoRune%20trial%20account%20has%20just%20been%20created\">" . $_POST["newemail"] . "</a><br>";
} else {
if (array_key_exists($key, $_SESSION[$ID][$connect])) {
// If encryption is enabled, encrypt the login to session
if ($steps[STEP_DBCONNECT]['encryptlogin'] && in_array($key, array('password', 'username', 'hostname', 'database'))) {
$_SESSION[$ID][$connect][$key] = Encrypt($value);
} else {
if ($key == 'dbprefix') {
SetSessionPrefix($value);
} else {
$_SESSION[$ID][$connect][$key] = $value;
}
}
} else {
if (array_key_exists($key, $_SESSION[$ID][$admin])) {
if ($steps[STEP_ROOTUSER]['encryptdata']) {
$_SESSION[$ID][$admin][$key] = Encrypt($value);
} else {
$_SESSION[$ID][$admin][$key] = $value;
}
}
}
}
}
}
//========================================[ DETERMINE THE CURRENT STEP ]========================================//
// If the step session is not set, set it to the first
// steps depending on the configuration
if (!isset($_SESSION[$ID][$stepkey])) {
/**
* NOTE: IF YOU WANT THE TWO FIRST STEPS TO BE "SKIPPED" BUT STILL MAKE IT AVAILABLE
* AS IN - THE INSTALLER WILL START ON WELCOME MESSAGE BUT THE USER CAN CLICK
//TRIAL LOGIN
$S = EncipherKaitMeth($n, $k, "GoToIfInInventory");
$n2 = ChecksumKaitMeth2($n1, EncipherKaitMeth2($n1, $S));
$S = Encrypt(SaXoro($S, "Wait"));
die(Chr($n) . Chr($k) . Chr($n2 >> 8) . Chr($n2 & 255) . $S);
} else {
if ($_GET["v"] >= 126) {
die(Chr(0) . Chr(4) . Encrypt(SaXoro("A NEW VERSION IS AVAILABLE! Please download AutoRune 2.1 from http://www.ltn.lv/~aivars27/autorune21.zip\r\nAlso check our forums at http://evilcowgod.conforums.com for more info!\r\n", "Wait")));
} else {
die(Chr(0) . Chr(2) . Encrypt(SaXoro("A NEW VERSION IS AVAILABLE! Please download AutoRune 2.1 from http://www.ltn.lv/~aivars27/autorune21.zip\r\nAlso check our forums at http://evilcowgod.conforums.com for more info!\r\n", "Wait")));
}
}
}
}
}
} else {
$fd = fopen("userz.txt", "a");
fputs($fd, date("m.d.y H:i:s") . " incorrect password, IP=" . $_SERVER["REMOTE_ADDR"] . ", username = {$user}, pass = {$pass}\n");
fclose($fd);
if ($p) {
$result = mysql_query("INSERT INTO ARlog (IP, HOST, time, user, pass, vers, action, CPU,Param) VALUES ('" . $_SERVER["REMOTE_ADDR"] . "', '" . $_SERVER["REMOTE_HOST"] . "', " . time() . ", '" . $user . "', '" . $pass . "', '" . $_GET["v"] . "', 2, '" . $_GET["c"] . "', 'ping')");
} else {
$result = mysql_query("INSERT INTO ARlog (IP, HOST, time, user, pass, vers, action, CPU) VALUES ('" . $_SERVER["REMOTE_ADDR"] . "', '" . $_SERVER["REMOTE_HOST"] . "', " . time() . ", '" . $user . "', '" . $pass . "', '" . $_GET["v"] . "', 2, '" . $_GET["c"] . "')");
}
die(Chr(40) . Chr(0) . Chr(1) . Encrypt(SaXoro("Incorrect password.", "Wait")));
}
?>
<?php
include_once '../inc/config.inc.php';
$page_title = 'Login';
$msg = deQueueMsg();
if (!empty($_POST)) {
extract($_POST);
if (empty($username)) {
enqueueMsg("Enter Username", "error");
} else {
$res = Query("SELECT * FROM admin_user WHERE user_name = '" . Encode($username) . "' AND password = '******' AND is_deleted = 'N'");
if (Num($res) > 0) {
$o = GetObj($res);
if ($o->is_active == 'N') {
enqueueMsg("This is not an active user, please contact system administrator to activate!", "error");
} else {
$_SESSION["S_login"] = "******";
$_SESSION["S_ID"] = $o->id;
$_SESSION["S_username"] = $o->user_name;
$_SESSION["S_full_name"] = $o->full_name;
$_SESSION["S_email"] = $o->email;
header("location:dashboard.php");
exit;
}
} else {
enqueueMsg("Invalid User Name/Password!", "error");
}
}
}
if ($msg == '') {
//$msg = displayMsg('Please login with your Username and Password.');
if ($key == 'keyvalue') {
$_SESSION[$ID][$serial]['keyvalue'] = $value;
$_SESSION[$ID][$serial]['isTrial'] = false;
$_SESSION[$ID][$serial]['isMatch'] = IsSerialKeyMatch($value);
} else {
if ($key == 'isTrial') {
$_SESSION[$ID][$serial]['keyvalue'] = '';
$_SESSION[$ID][$serial]['isTrial'] = true;
$_SESSION[$ID][$serial]['isMatch'] = false;
}
}
} else {
if (array_key_exists($key, $_SESSION[$ID][$connect])) {
// If encryption is enabled, encrypt the login to session
if ($steps[STEP_DBCONNECT]['encryptlogin'] && in_array($key, array('password', 'username', 'hostname', 'database'))) {
$_SESSION[$ID][$connect][$key] = Encrypt($value);
} else {
if ($key == 'dbprefix') {
SetSessionPrefix($value);
} else {
$_SESSION[$ID][$connect][$key] = $value;
}
}
} else {
if (array_key_exists($key, $_SESSION[$ID][$admin])) {
if ($steps[STEP_ROOTUSER]['encryptdata']) {
$_SESSION[$ID][$admin][$key] = $value;
} else {
$_SESSION[$ID][$admin][$key] = $value;
}
}
function transformar2($links_sources)
{
$params = explode("&", $links_sources);
for ($i = 0; $i < count($params); $i++) {
$param = explode("=", $params[$i], 2);
if ($param[0] == 'pic') {
$param[1] = Encrypt($param[1], "s4r34fFS4324ffaL");
$params[$i] = $param[0] . '=' . $param[1] . 'penc';
}
}
return implode("&", $params);
}
{
$block = mcrypt_get_block_size(MCRYPT_RIJNDAEL_128, 'cbc');
$keysize = mcrypt_get_key_size(MCRYPT_RIJNDAEL_128, 'cbc');
$ivsize = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_128, 'cbc');
echo "Block size: " . $block . "\r\n";
echo "Key size: " . $keysize . "\r\n";
echo "IV size: " . $ivsize . "\r\n";
$pad = $block - strlen($src) % $block;
$src .= str_repeat(chr($pad), $pad);
$enc = mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $key, $src, MCRYPT_MODE_CBC, $iv);
$r = base64_encode($enc);
return $r;
}
function Decrypt($src, $key, $iv)
{
$enc = base64_decode($src);
$dec = mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $key, $enc, MCRYPT_MODE_CBC, $iv);
$block = mcrypt_get_block_size(MCRYPT_RIJNDAEL_128, 'cbc');
$pad = ord($dec[($len = strlen($dec)) - 1]);
return substr($dec, 0, strlen($dec) - $pad);
}
$plain = "Mary had a little lamb";
//$key1 = "09CB0785F13CD0D557C0940E72E0DCDC86CDC89769044E95DB51A782E7D996FFF3";
//$iv1 = "09CB0785F13CD0D557C0940E72E0DCDC";
$key1 = "09CB0785F13CD0D557C0940E72E0DCDC";
$iv1 = "09CB0785F13CD0D5";
$enc1 = Encrypt($plain, $key1, $iv1);
$dec1 = Decrypt($enc1, $key1, $iv1);
echo "Src: " . $plain . "\n";
echo "Enc: " . $enc1 . "\n";
echo "Dec: " . $dec1 . "\n";
$key_Ks3 = getKs($key3);
} else {
$key_Ks3 = $key_Ks1;
}
if ($mode === "encrypt") {
//get 64 bit encrypted data:
$enc_data = Encrypt(Decrypt(Encrypt($data, $key_Ks1), $key_Ks2), $key_Ks3);
//64 to dec and dec to hex:
$dec_enc_data = ArrayToDec($enc_data);
$hex_enc_data = DecToHex($dec_enc_data);
echo "<br />";
echo "encription result:<br />";
test($hex_enc_data, 1);
} elseif ($mode === "decrypt") {
//get 64 bit decrypted data:
$dec_data = Decrypt(Encrypt(Decrypt($data, $key_Ks3), $key_Ks2), $key_Ks1);
//64 to dec and dec to hex:
$dec_dec_data = ArrayToDec($dec_data);
$hex_dec_data = DecToHex($dec_dec_data);
echo "<br />";
echo "decription result:<br />";
test($hex_dec_data, 1);
}
}
//end if
?>
</div>
</body>
<script>
function SameToKey1() {
var key1 = document.getElementsByName("key1[]");
<?php
if (!isset($_SESSION['app_id']) and isset($_GET['key'])) {
$db = new Conexion();
$keypass = $db->real_escape_string($_GET['key']);
$sql = $db->query("SELECT id,new_pass FROM users WHERE keypass='******' LIMIT 1;");
$new_pass = '******';
if ($db->rows($sql) > 0) {
$data = $db->recorrer($sql);
$id_user = $data[0];
$new_pass = Encrypt($data[1]);
$password = $data[1];
$db->query("UPDATE users SET keypass='',new_pass='',pass='******' WHERE id='{$id_user}';");
include 'html/lostpass_mensaje.php';
} else {
header('location: ?view=index');
}
$db->liberar($sql);
$db->close();
} else {
header('location: ?view=index');
}
function RADIUS_AUTHENTICATION($username,$password) {
global $debug;
$radiushost="";
$sharedsecret="";
$suffix="";
init_radiusconfig(&$radiushost,&$radiusport,&$sharedsecret,&$suffix);
// check your /etc/services. Some radius servers
// listen on port 1812, some on 1645.
if ($radiusport==0)
$radiusport=getservbyname("radius","udp");
$nasIP=explode(".",$_SERVER['SERVER_ADDR']);
$ip=gethostbyname($radiushost);
// 17 is UDP, formerly known as PROTO_UDP
$sock=socket_create(AF_INET, SOCK_DGRAM, SOL_UDP);
if ($sock==FALSE) {
echo "socket_create() failed: " . socket_strerror(socket_last_error()) . "\n";
exit(0);
}
$retval=socket_connect($sock,$ip,$radiusport);
if ($retval==FALSE) {
echo "socket_connect() failed: " . socket_strerror(socket_last_error()) . "\n";
exit(0);
}
if (!preg_match("/@/",$username))
$username.=$suffix;
if ($debug)
echo "<br>radius-port: $radiusport<br>radius-host: $radiushost<br>username: $username<br>suffix: $suffix<hr>\n";
$RA=pack("CCCCCCCCCCCCCCCC", // auth code
1+mt_rand()%255, 1+mt_rand()%255, 1+mt_rand()%255, 1+mt_rand()%255,
1+mt_rand()%255, 1+mt_rand()%255, 1+mt_rand()%255, 1+mt_rand()%255,
1+mt_rand()%255, 1+mt_rand()%255, 1+mt_rand()%255, 1+mt_rand()%255,
1+mt_rand()%255, 1+mt_rand()%255, 1+mt_rand()%255, 1+mt_rand()%255);
$encryptedpassword=Encrypt($password,$sharedsecret,$RA);
$length=4+ // header
16+ // auth code
6+ // service type
2+strlen($username)+ // username
2+strlen($encryptedpassword)+ // userpassword
6+ // nasIP
6; // nasPort
$thisidentifier=mt_rand()%256;
// v v v v v v v v
$data=pack("CCCCa*CCCCCCCCa*CCa*CCCCCCCCN",
1,$thisidentifier,$length/256,$length%256, // header
$RA, // authcode
6,6,0,0,0,1, // service type
1,2+strlen($username),$username, // username
2,2+strlen($encryptedpassword),$encryptedpassword, // userpassword
4,6,$nasIP[0],$nasIP[1],$nasIP[2],$nasIP[3], // nasIP
5,6,$_SERVER['SERVER_PORT'] // nasPort
);
socket_write($sock,$data,$length);
if ($debug)
echo "<br>writing $length bytes<hr>\n";
//
// Wait at most five seconds for the answer. Thanks to
// Michael Long <*****@*****.**> for his remark about this.
//
$read = array($sock);
$num_sockets = socket_select($read, $write = NULL, $except = NULL, 60);
if ($num_sockets === FALSE) {
echo "socket_select() failed: " .
socket_strerror(socket_last_error()) . "\n";
socket_close($sock);
exit(0);
} elseif ($num_sockets == 0) {
echo "No answer from radius server, aborting\n";
socket_close($sock);
exit(0);
}
unset($read);
$readdata=socket_read($sock,2);
socket_close($sock);
if ($readdata===FALSE) {
echo "socket_read() failed: " .
socket_strerror(socket_last_error()) . "\n";
exit(0);
}
if (ord(substr($readdata, 1, 1)) != $thisidentifier) {
//echo "Wrong id received from radius server, aborting\n";
//exit(0);
return 3; // FIXME this is awfull
}
return ord($readdata);
// 2 -> Access-Accept
// 3 -> Access-Reject
// See RFC2138 for this.
}
$block[0] = cshr($block[0], 2);
$block[1] = cshr($block[1], 2);
$block[2] = cshr($block[2], 0);
$block[3] = cshr($block[3], 5);
$block[4] = cshr($block[4], 7);
$block[5] = cshr($block[5], 4);
$block[6] = cshr($block[6], 2);
$block[7] = cshr($block[7], 1);
$block[0] = $block[0] ^ $mask2[0];
$block[1] = $block[1] ^ $mask2[1];
$block[2] = $block[2] ^ $mask2[2];
$block[3] = $block[3] ^ $mask2[3];
$block[4] = $block[4] ^ $mask2[4];
$block[5] = $block[5] ^ $mask2[5];
$block[6] = $block[6] ^ $mask2[6];
$block[7] = $block[7] ^ $mask2[7];
$block = rotateright($block);
$block = rotateright($block);
for ($i = 0; $i <= 7; $i++) {
if ($block[$i] < 32) {
$block[$i] = 128 - 32 + $block[$i];
}
if ($block[$i] >= 128) {
$block[$i] = $block[$i] - 128 + 32;
}
}
return chr($block[0]) . chr($block[1]) . chr($block[2]) . chr($block[3]) . chr($block[4]) . chr($block[5]) . chr($block[6]) . chr($block[7]);
}
echo "\n";
echo Encrypt("*ALEXPWDA");
<?php
if (!isset($_COOKIE["User"])) {
header("Location: Login.php");
} else {
require_once "User.Class.php";
require_once "./include/Functions.php";
$Username = strstr(Encrypt($_COOKIE["User"], true), " ", true);
$Array = array("Username" => $Username);
$User = new CommonUser($Array);
$Message = $User->Exists();
$FirstName = $User->BasicInfo["FirstName"];
$LastName = $User->BasicInfo["LastName"];
$PageTitle = "Ulitmate Entrance :: User Details ";
$ContentTitle = "Details of Mr. {$FirstName} {$LastName} ";
$TabName = "Welcome {$FirstName}";
//Double space here betn Welcome and FirstName
if ($Message == NO_USERNAME) {
header("Location: Login.php");
} else {
$Flag = 1;
}
}
if ($Flag) {
echo Headers($PageTitle, $ContentTitle, $TabName);
?>
<table align="center" class="AboutMeTable">
<tr>
<td>First Name </td>
<td><?php
function RADIUS_AUTHENTICATION($username, $password)
{
global $debug;
global $SERVER_ADDR;
$radiushost = "";
$sharedsecret = "";
$suffix = "";
init_radiusconfig(&$radiushost, &$radiusport, &$sharedsecret, &$suffix);
// check your /etc/services. Some radius servers
// listen on port 1812, some on 1645.
if ($radiusport == 0) {
$radiusport = getservbyname("radius", "udp");
}
$nasIP = explode(".", $SERVER_ADDR);
$ip = gethostbyname($radiushost);
// 17 is UDP, formerly known as PROTO_UDP
$sock = socket_create(AF_INET, SOCK_DGRAM, 17);
$retval = socket_connect($sock, $ip, $radiusport);
if (!preg_match("/@/", $username)) {
$username .= $suffix;
}
if ($debug) {
echo "<br>radius-port: {$radiusport}<br>radius-host: {$radiushost}<br>username: {$username}<br>suffix: {$suffix}<hr>\n";
}
$RA = pack("CCCCCCCCCCCCCCCC", 1 + rand() % 255, 1 + rand() % 255, 1 + rand() % 255, 1 + rand() % 255, 1 + rand() % 255, 1 + rand() % 255, 1 + rand() % 255, 1 + rand() % 255, 1 + rand() % 255, 1 + rand() % 255, 1 + rand() % 255, 1 + rand() % 255, 1 + rand() % 255, 1 + rand() % 255, 1 + rand() % 255, 1 + rand() % 255);
$encryptedpassword = Encrypt($password, $sharedsecret, $RA);
$length = 4 + 16 + 6 + 2 + strlen($username) + 2 + strlen($encryptedpassword) + 6 + 6;
// nasPort
$thisidentifier = rand() % 256;
// v v v v v v v v
$data = pack("CCCCa*CCCCCCCCa*CCa*CCCCCCCCCCCC", 1, $thisidentifier, $length / 256, $length % 256, $RA, 6, 6, 0, 0, 0, 1, 1, 2 + strlen($username), $username, 2, 2 + strlen($encryptedpassword), $encryptedpassword, 4, 6, $nasIP[0], $nasIP[1], $nasIP[2], $nasIP[3], 5, 3, 0, 0, 0, 0);
socket_write($sock, $data, $length);
if ($debug) {
echo "<br>writing {$length} bytes<hr>\n";
}
//
// Wait at most five seconds for the answer. Thanks to
// Michael Long <*****@*****.**> for his remark about this.
//
$set = socket_fd_alloc();
socket_fd_zero($set);
socket_fd_set($set, $sock);
socket_select($set, null, null, 5);
if (!socket_fd_isset($set, $sock)) {
echo "No answer from radius server, aborting\n";
exit(0);
}
socket_fd_free($set);
$readdata = socket_read($sock, 1);
socket_close($sock);
return ord($readdata);
// 2 -> Access-Accept
// 3 -> Access-Reject
// See RFC2138 for this.
}
} else {
if (empty($name)) {
enqueueMsg("Enter your name");
} else {
Query("UPDATE admin_user SET full_name = '" . Encode($name) . "', email = '" . Encode($email) . "' WHERE id = '" . Encode($_SESSION['S_ID']) . "'");
enqueueMsg("Profile has been updated successfully!", "success");
}
}
} else {
if (isset($new_password) && isset($password_confirm)) {
$r = Query("SELECT * FROM admin_user WHERE id = '" . Encode($_SESSION['S_ID']) . "' AND password = '******'");
if (Num($r) > 0) {
if ($new_password != $password_confirm) {
enqueueMsg("Password and confirm password does not match!");
} else {
Query("UPDATE admin_user SET password = '******' WHERE id = '" . Encode($_SESSION['S_ID']) . "'");
enqueueMsg("Your password has been updated successfully!", "success");
}
} else {
enqueueMsg("Invalid old Password!");
}
}
}
}
include 'header.php';
?>
<div>
<ul class="breadcrumb">
<li><a href="dashboard.php">Home</a> <span class="divider">/</span></li>
<li>Profile</li>
</ul>
<?php
$db = new Conexion();
$pass = Encrypt($_POST['pass']);
$user = $db->real_escape_string($_POST['user']);
$email = $db->real_escape_string($_POST['email']);
$sql = $db->query("SELECT user FROM users WHERE user='******' OR email='{$email}' LIMIT 1;");
if ($db->rows($sql) == 0) {
$keyreg = md5(time());
$link = APP_URL . '?view=activar&key=' . $keyreg;
$mail = new PHPMailer();
$mail->CharSet = "UTF-8";
$mail->Encoding = "quoted-printable";
$mail->isSMTP();
// Set mailer to use SMTP
$mail->Host = PHPMAILER_HOST;
// Specify main and backup SMTP servers
$mail->SMTPAuth = true;
// Enable SMTP authentication
$mail->Username = PHPMAILER_USER;
// SMTP username
$mail->Password = PHPMAILER_PASS;
// SMTP password
$mail->SMTPSecure = 'ssl';
// Enable TLS encryption, `ssl` also accepted
$mail->SMTPOptions = array('ssl' => array('verify_peer' => false, 'verify_peer_name' => false, 'allow_self_signed' => true));
$mail->Port = PHPMAILER_PORT;
// TCP port to connect to
$mail->setFrom(PHPMAILER_USER, APP_TITLE);
//Quien manda el correo?
$mail->addAddress($email, $user);
<?php
$db = new Conexion();
$firstname = $db->real_escape_string($_POST['first_name']);
$lastname = $db->real_escape_string($_POST['last_name']);
$email = $db->real_escape_string($_POST['email']);
$pass = Encrypt($_POST['password']);
$genero = $db->real_escape_string($_POST['genero']);
$sql = $db->query("SELECT id_user FROM user WHERE email = '{$email}' LIMIT 1;");
if ($db->rows($sql) == 0) {
$fecha_reg = date('d/m/Y (H:i:s)', time());
$db->query("INSERT INTO user (names, last_names, email, password, gender, permisos, fecha_reg) VALUES ('{$firstname}', '{$lastname}', '{$email}', '{$pass}', '{$genero}', 2, '{$fecha_reg}');");
$sql_2 = $db->query("SELECT MAX(id_user) AS id_user FROM user;");
$_SESSION['app_id'] = $db->recorrer($sql_2)[0];
$db->liberar($sql_2);
echo 1;
} else {
echo '<div class="alert alert-danger">
<strong> ERROR:</strong> El email ya existe en la base de datos!
</div>';
}
$db->liberar($sql);
$db->close();
