function db_login($user, $pass)
{
$login = "******";
$result = @mysql_query($login) or die('<pre>' . mysql_error() . '</pre>');
if ($result && mysql_num_rows($result) == 1) {
// Login Successful...
blobMessagePush("You have logged in as '" . $user . "'");
blobLogin($user);
blobRedirect('index.php');
}
}
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
define('BLOB_WEB_PAGE_TO_ROOT', '../');
require_once BLOB_WEB_PAGE_TO_ROOT . 'blob/includes/blobPage.inc.php';
blobPageStartup(array('authenticated'));
$page = blobPageNewGrab();
blobDatabaseConnect();
$user = blobCurrentUser();
$user_id = blobGetUserID($user);
if (isset($_GET['user'])) {
$page['title'] .= $page['title_separator'] . 'Follow User';
$page['page_id'] = 'followuser';
$user = $_GET['user'];
$user = mysql_real_escape_string($user);
// Check if the user exists
if (!blobExistUser($user)) {
blobMessagePush("'" . $user . "' does not exist!");
blobRedirect('follow.php');
}
$fullName = blobGetUserFullName($user);
$avatar = getAvatar($user);
$followHTML = blobFollowUser($user);
$profilepage = BLOB_WEB_PAGE_TO_ROOT . 'profile/view.php?user='******'body'] .= "\r\n<div class=\"body_padded\">\r\n\t<h2>Following User: {$user}</h2>\r\n\r\n\t<div class=\"vulnerable_code_area\">\r\n\t\t<div style=\"float: left; padding-right: 10px; border-right: 2px solid #C0C0C0;\">\r\n\t\t\t<img src=\"{$avatar}\" width=\"100\" />\r\n\t\t</div>\r\n\t\t<div style=\"margin-left: 120px;\">\r\n\t\t\t" . blobInternalLinkUrlGet($profilepage, $fullName) . "\r\n\t\t\t<br /><br />\r\n\t\t\t{$followHTML}\r\n\t\t\t<br /><br />\r\n\t\t</div>\r\n\t</div>\r\n\r\n\t<br />\r\n\t<b>View user's profile:</b> " . blobInternalLinkUrlGet($profilepage, $fullName) . "\r\n\t<br /><br /><br />\r\n\r\n</div>\r\n";
} else {
$page['title'] .= $page['title_separator'] . 'User List';
$page['page_id'] = 'othersprofile';
$page['body'] .= "\r\n<div class=\"body_padded\">\r\n\t<h2>User List</h2>\r\n\r\n\t" . blobUserList() . "\r\n\t<br /> <br />\r\n\r\n</div>\r\n";
}
blobHtmlEcho($page);
}
}
}
}
if (isset($_POST['deleteUser'])) {
$un = $_POST['username'];
$un = stripslashes($un);
$un = mysql_real_escape_string($un);
if ($un == "") {
blobMessagePush("Please enter a User name!");
blobRedirect(".");
} else {
if (!blobExistUser($un)) {
blobMessagePush("This username does not exist!");
blobRedirect(".");
} else {
if ($un == $user) {
blobMessagePush("That's You!");
blobRedirect(".");
} else {
$qry = "DELETE FROM `users` WHERE user='******';";
$result = @mysql_query($qry) or die('<pre>' . mysql_error() . '</pre>');
blobMessagePush("User '{$un}' deleted!");
blobRedirect('.');
}
}
}
}
$userList = blobGetSiteUsers();
$page['body'] .= "\r\n<div class=\"body_padded\">\r\n\t<h2>Admin Area</h2>\r\n\r\n\t<hr><center>\r\n\t<div class=\"table-wrap\">\r\n\t<p class=\"heading\"><b>User List [+/-]</b></p>\r\n\t<div class=\"content\">\r\n\t{$userList}\r\n\t</div>\r\n\t</div>\r\n\t</center><hr>\r\n\t<br />\r\n\t<div class=\"vulnerable_code_area\">\r\n\t\t<form method=\"post\" name=\"updateuserlevel\">\r\n\t\t\t<h3>Update User level</h3>\r\n\t\t\t<label for=\"user\">Username</label> <input type=\"text\" class=\"loginInput\" style=\"width:220px;\" size=\"10\" name=\"username\">\r\n\t\t\t<span><select class=\"button\" name=\"levelNumber\"><option value=\"0\">Normal User</option><option value=\"1\">Admin</option></select></span>\r\n\t\t\t<input class=\"button\" name=\"updateLevel\" type=\"submit\" value=\"Update Level\" \">\r\n\t\t</form>\r\n\t</div>\r\n\r\n\t<div class=\"vulnerable_code_area\">\r\n\t\t<form method=\"post\" name=\"deleteUser\">\r\n\t\t\t<h3>Delete User</h3>\r\n\t\t\t<label for=\"user\">Username</label> <input type=\"text\" class=\"loginInput\" style=\"width:220px;\" size=\"10\" name=\"username\">\r\n\t\t\t<span style=\"margin-left: 20px;\"></span>\r\n\t\t\t<input class=\"button\" name=\"deleteUser\" type=\"submit\" value=\"Delete User\" \">\r\n\t\t</form>\r\n\t</div>\r\n\r\n\t<div class=\"vulnerable_code_area\">\r\n\t\t<form method=\"get\" action=\"status.php\">\r\n\t\t\t<h3>View Status</h3>\r\n\t\t\t<label for=\"user\">User ID</label> <input type=\"text\" class=\"loginInput\" style=\"width:220px;\" size=\"10\" name=\"user\">\r\n\t\t\t<span style=\"margin-left: 20px;\"></span>\r\n\t\t\t<input class=\"button\" type=\"submit\" value=\"View Status\" \">\r\n\t\t</form>\r\n\t</div>\r\n\r\n\t<div class=\"clear\"></div>\r\n\r\n\r\n\t<br />\r\n\r\n</div>\r\n";
blobHtmlEcho($page);
}
}
$qry = "UPDATE `users` SET avatar='{$profUrl}' WHERE user='******';";
$result = @mysql_query($qry) or die('<pre>' . mysql_error() . '</pre>');
blobMessagePush("Updated the new Image!");
}
if ($profile["fn"] != $fn || $profile["ln"] != $ln || $key_new != $key) {
$qry = "UPDATE `users` SET first_name='{$fn}', last_name='{$ln}', sec_key='{$key_new}' WHERE user='******';";
$result = @mysql_query($qry) or die('<pre>' . mysql_error() . '</pre>');
blobMessagePush("Profile updated");
} else {
blobMessagePush("Profile was not updated");
}
if ($pass != "") {
$pass = stripslashes($pass);
$pass = mysql_real_escape_string($pass);
$pass = md5($pass);
$qry = "UPDATE `users` SET password='******' WHERE user='******';";
$result = @mysql_query($qry) or die('<pre>' . mysql_error() . '</pre>');
blobMessagePush("Password changed. You Need to re-login");
blobRedirect('../logout.php');
}
blobRedirect('edit.php');
}
$page = blobPageNewGrab();
$page['title'] .= $page['title_separator'] . 'Edit Profile: ' . $user;
$page['page_id'] = 'editprofile';
$page['onload'] = "onLoad=\"document.form.firstname.focus()\"";
$page['script'] .= "<script language=\"javascript\">function doEnable(){ document.form.key.readOnly=false; document.form.key_edit_btn.disabled=true; }</script>";
$page['body'] .= "\r\n<div class=\"body_padded\" align=\"center\">\r\n <h2>Edit Profile: {$user}</h2>\r\n\r\n <div class=\"main_body_box\" style=\"width: 400px;\">\r\n <form action=\"edit.php\" name=\"form\" method=\"post\" enctype=\"multipart/form-data\">\r\n <input type=\"hidden\" name=\"edit.php\" value=\"edit.php\" />\r\n\r\n\t<fieldset>\r\n\t<div style=\"float: left\">\r\n\t\t\t<label for=\"firstname\">First Name <font color=\"red\">*</font></label> <input type=\"text\" class=\"loginInput\" size=\"20\" name=\"firstname\" value=\"{$profile["fn"]}\"><br />\r\n\t\t\t</div>\r\n\t\t\t<div style=\"float: left\">\r\n\t\t\t<label for=\"lastname\">Last Name <font color=\"red\">*</font></label> <input type=\"text\" class=\"loginInput\" size=\"20\" name=\"lastname\" value=\"{$profile["ln"]}\"><br />\r\n\t\t\t</div>\r\n\t\t\t<div style=\"float: left\">\r\n\t\t\t<label for=\"pass\">Password <font color=\"red\">(Not changed if blank)</font></label> <input type=\"password\" class=\"loginInput\" AUTOCOMPLETE=\"off\" size=\"20\" name=\"password\">\r\n\t\t\t</div>\r\n\t\t\t<div style=\"float: left\">\r\n\t\t\t<label for=\"key\">Secret Key <font color=\"red\"><input type=\"button\" value=\"Edit\" name=\"key_edit_btn\" onclick=\"doEnable()\"></font></label> <input type=\"text\" readonly class=\"loginInput\" AUTOCOMPLETE=\"off\" size=\"20\" id=\"key\" name=\"key\" value=\"{$key}\">\r\n\t\t\t</div>\r\n\t\t\t<div style=\"float: left; padding-right: 10px; border-right: 2px solid #C0C0C0;\">\r\n\t\t\t\t<img src=\"{$avatar}\" width=\"100\" />\r\n\t\t\t</div>\r\n\t\t\t<div style=\"float: left; margin-left: 120px; margin-top: -70px;\">\r\n\t\t\t\t<label for=\"pass\">Profile Image <font color=\"red\"><br />(Not changed if blank)</font></label> <br /><input type=\"file\" class=\"loginInput\" class=\"button\" name=\"file\" id=\"file\" /><br />\r\n\t\t\t</div>\r\n\t\t\t<div style=\"float: left; width: 100%;\">\r\n\t\t\t<p class=\"submit\"><input class=\"button\" type=\"submit\" value=\"Edit Profile\" name=\"EditProfile\"> \r\n\t\t\t<input class=\"button\" type=\"submit\" value=\"Delete Profile\" name=\"DeleteProfile\"></p>\r\n\t\t\t</div>\r\n\t</fieldset>\r\n\r\n\t</form>\r\n\r\n </div>\r\n</div>\r\n\r\n";
blobHtmlEcho($page);
<?php
/*
* blob is a micro-blogging service where you can share notices
* about yourself with friends, family, and colleagues!
*
* Copyright (C) 2011 Avinash Joshi <*****@*****.**>
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
define('BLOB_WEB_PAGE_TO_ROOT', '../');
require_once BLOB_WEB_PAGE_TO_ROOT . 'blob/includes/blobPage.inc.php';
blobRedirect(BLOB_WEB_PAGE_TO_ROOT . 'profile/view.php');
blobRegMessagePush("key", $key);
}
blobRedirect('join.php');
}
}
$qry = "INSERT INTO users (user_id, first_name, last_name, user, password, sec_key, avatar) VALUES ( 'NULL', '{$fn}', '{$ln}', '{$user}', '{$pass}', '{$key}', '{$profUrl}') ;";
$result = @mysql_query($qry) or die('<pre>' . mysql_error() . '</pre>');
$user_id = blobGetUserID($user);
$qry = "UPDATE `users` SET follow='{$user_id}' WHERE user='******';";
$result = @mysql_query($qry) or die('<pre>' . mysql_error() . '</pre>');
if ($result) {
// Registration Successful...
blobMessagePush("You have registered as '" . $user . "'");
blobRedirect('login.php');
}
// Registration failed
blobMessagePush("Registration failed");
blobRedirect('join.php');
}
$fn_pop = blobRegMessagePop("fn");
$ln_pop = blobRegMessagePop("ln");
$user_pop = blobRegMessagePop("user");
$pass_pop = blobRegMessagePop("pass");
$key_pop = blobRegMessagePop("key");
$page = blobPageNewGrab();
$page['title'] .= $page['title_separator'] . 'Join';
$page['page_id'] = 'join';
$page['onload'] = "onLoad=\"document.form.firstname.focus()\"";
$page['body'] .= " <div class=\"body_padded\" align=\"center\">\r\n <h2>Join Greenify</h2>\r\n\r\n <div class=\"main_body_box\" style=\"width: 350px;\">\r\n <form action=\"join.php\" name=\"form\" method=\"post\" enctype=\"multipart/form-data\">\r\n\r\n\t<fieldset>\r\n\t<div style=\"float: left\">\r\n\t\t\t<input type=\"hidden\" size=\"20\" name=\"join.php\" value=\"join.php\">\r\n\t\t\t<label for=\"firstname\">First Name <font color=\"red\">*</font></label> <input type=\"text\" class=\"loginInput\" size=\"20\" name=\"firstname\" value=\"{$fn_pop}\"><br />\r\n\t\t\t<label for=\"lastname\">Last Name <font color=\"red\">*</font></label> <input type=\"text\" class=\"loginInput\" size=\"20\" name=\"lastname\" value=\"{$ln_pop}\"><br />\r\n\t\t\t<label for=\"user\">Username <font color=\"red\">*</font></label> <input type=\"text\" class=\"loginInput\" size=\"20\" name=\"username\" value=\"{$user_pop}\"><br />\r\n\t\t\t<label for=\"pass\">Password <font color=\"red\">*</font></label> <input type=\"password\" class=\"loginInput\" AUTOCOMPLETE=\"off\" size=\"20\" name=\"password\" value=\"{$pass_pop}\"><br />\r\n\t\t\t<label for=\"user\">Secret Key <font color=\"red\">*</font> <small>Will be used during password reset</small></label> <input type=\"text\" class=\"loginInput\" size=\"20\" name=\"key\" value=\"{$key_pop}\"><br />\r\n\t\t\t<label for=\"pass\">Profile Image <font color=\"red\">*</font></label> <input type=\"file\" class=\"loginInput\" class=\"button\" name=\"file\" id=\"file\" /><br />\r\n\t\t\t<p class=\"submit\"><input class=\"button\" type=\"submit\" value=\"Join\" name=\"Join\"></p>\r\n\t</div>\r\n\t</fieldset>\r\n\r\n\t</form>\r\n\r\n </div>\r\n</div>\r\n\r\n";
$right = "\r\n<center><b>Already have a blob account?</b><br /><br />\r\nEasy, free, and instant updates. Get access to the information that interests you most.\r\n<br><br>\r\n<div class=\"join\">\r\n<form action=\"login.php\">\r\n<input id=\"login\" value=\"Login!\" type=\"submit\">\r\n</form>\r\n</div>\r\n";
blobNoLoginHtmlEcho($page, $right);
function blobPageReload()
{
blobRedirect($_SERVER['PHP_SELF']);
}
blobRedirect('forgot.php');
}
$user = stripslashes($user);
$user = mysql_real_escape_string($user);
$pass = stripslashes($pass);
$pass = mysql_real_escape_string($pass);
$key = stripslashes($key);
$key = mysql_real_escape_string($key);
if (blobExistUser($user)) {
$old_key = getSecKey($user);
if ($old_key == $key) {
$pass = md5($pass);
$qry = "UPDATE `users` SET password='******' WHERE user='******';";
$result = @mysql_query($qry) or die('<pre>' . mysql_error() . '</pre>');
blobMessagePush("Password changed!");
blobRedirect('login.php');
} else {
blobMessagePush("Security Key does not match!");
}
} else {
blobMessagePush("This user does not exist!");
}
blobRedirect('forgot.php');
}
$page = blobPageNewGrab();
$page['title'] .= $page['title_separator'] . 'Forgot Password';
$page['page_id'] = 'forgotpass';
$page['onload'] = "onLoad=\"document.form.username.focus()\"";
$page['body'] .= "\r\n\t<div class=\"body_padded\" align=\"center\">\r\n\t\t<h2>Forgot Password!</h2>\r\n\t\t<div class=\"main_body_box\" style=\"width: 400px;\">\r\n\t\t\t<form action=\"forgot.php\" name=\"form\" method=\"post\" enctype=\"multipart/form-data\"> <fieldset>\r\n\t\t\t<input type=\"hidden\" name=\"forgot.php\" value=\"forgot.php\" />\r\n\t\t\t\t<div style=\"float: left\">\r\n\t\t\t\t\t<label for=\"username\">User Name <font color=\"red\">*</font></label> <input type=\"text\" class=\"loginInput\" size=\"20\" name=\"username\" value=\"\"><br />\r\n\t\t\t\t</div>\r\n\t\t\t\t<div style=\"float: left\">\r\n\t\t\t\t\t<label for=\"pass\">New Password <font color=\"red\">*</font></label> <input type=\"password\" class=\"loginInput\" AUTOCOMPLETE=\"off\" size=\"20\" name=\"password\">\r\n\t\t\t\t</div>\r\n\t\t\t\t<div style=\"float: left\">\r\n\t\t\t\t\t<label for=\"key\">Secret Key <font color=\"red\">*</font></label> <input type=\"text\" class=\"loginInput\" AUTOCOMPLETE=\"off\" size=\"20\" name=\"key\">\r\n\t\t\t\t</div>\r\n\t\t\t\t<div style=\"float: left; width: 100%;\">\r\n\t\t\t\t\t<p class=\"submit\"><input class=\"button\" type=\"submit\" value=\"Change Password\" name=\"EditPassword\"></p>\r\n\t\t\t\t</div>\r\n\t\t\t</fieldset> </form>\r\n\t\t</div>\r\n\t</div>";
$right = "\r\n<center><strong>New to blob?</strong></center>\r\n<br />\r\n<div class=\"join\">\r\n<form action=\"register.php\">\r\n<input id=\"join\" value=\"Join!\" type=\"submit\">\r\n</form>\r\n</div><br />\r\n<center><b>Already have a blob account?</b><br /><br />\r\n<div class=\"join\">\r\n<form action=\"login.php\">\r\n<input id=\"login\" value=\"Login!\" type=\"submit\">\r\n</form>\r\n</div>\r\n<br /><br />Easy, free, and instant updates. Get access to the information that interests you most.\r\n";
blobNoLoginHtmlEcho($page, $right);
* blob is a micro-blogging service where you can share notices
* about yourself with friends, family, and colleagues!
*
* Copyright (C) 2011 Avinash Joshi <*****@*****.**>
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
define('BLOB_WEB_PAGE_TO_ROOT', '');
require_once BLOB_WEB_PAGE_TO_ROOT . 'blob/includes/blobPage.inc.php';
if (!blobIsLoggedIn()) {
// The user shouldn't even be on this page
// blobMessagePush( "You were not logged in!!" );
blobRedirect('login.php');
}
blobLogout();
blobMessagePush("You have logged out");
blobRedirect('login.php');
?>
*/
define('BLOB_WEB_PAGE_TO_ROOT', '../');
require_once BLOB_WEB_PAGE_TO_ROOT . 'blob/includes/blobPage.inc.php';
blobPageStartup(array('authenticated'));
$page = blobPageNewGrab();
$page['title'] .= $page['title_separator'] . 'View Profile';
$page['page_id'] = 'viewprofile';
blobDatabaseConnect();
$user = blobCurrentUser();
if (isset($_GET['user']) && $_GET['user'] != $user) {
$user = $_GET['user'];
//$user = mysql_real_escape_string($user);
// Check if the user exists
if (!blobExistUser($user)) {
blobMessagePush("'" . $user . "' does not exist!");
blobRedirect('view.php');
}
$fullName = blobGetUserFullName($user);
$avatar = getAvatar($user);
$followHTML = blobCanFollowHTML($user);
if (blobCanFollow($user)) {
$showStatusHTML = "<div id=\"comments_main\"><div id=\"comments\"><pre width=\"77\">You will be able to see his updates only if you follow the user!</pre> </div></div>";
} else {
$showStatusHTML = blobShowUserStatus($user);
}
$page['body'] .= "\r\n<div class=\"body_padded\">\r\n\t<h2>User Profile: {$user}</h2>\r\n\r\n\t<div class=\"vulnerable_code_area\">\r\n\t\t<div style=\"float: left; padding-right: 10px; border-right: 2px solid #C0C0C0;\">\r\n\t\t\t<img src=\"{$avatar}\" width=\"100\" />\r\n\t\t</div>\r\n\t\t<div style=\"margin-left: 120px;\">\r\n\t\t\t{$fullName}\r\n\t\t\t<br /><br />\r\n\t\t\t{$followHTML}\r\n\t\t</div>\r\n\t</div>\r\n\r\n\t<div class=\"clear\"></div>\r\n\t<pre>User's status updates:</pre>\r\n\t{$showStatusHTML}\r\n\t<br /><br /><br />\r\n\r\n</div>\r\n";
} else {
$user_id = blobGetUserID($user);
$fullName = blobGetUserFullName($user);
$avatar = getAvatar($user);
$showStatusHTML = blobShowUserStatus($user);
require_once BLOB_WEB_PAGE_TO_ROOT . 'blob/includes/blobPage.inc.php';
blobPageStartup(array('authenticated'));
$page = blobPageNewGrab();
$page['title'] .= $page['title_separator'] . 'What\'s on your mind?';
$page['page_id'] = 'home';
$page['onload'] = "onLoad=\"document.statusupdate.statusMsg.focus()\"";
blobDatabaseConnect();
$user = blobCurrentUser();
$user_id = blobGetUserID($user);
if (isset($_POST['btnUpdate'])) {
if ($_POST['statusMsg'] == "") {
blobMessagePush("Status cannot be empty!");
blobRedirect('index.php');
}
$message = trim($_POST['statusMsg']);
// Sanitize message input
$message = stripslashes($message);
$message = mysql_real_escape_string($message);
// Sanitize name input
$name = mysql_real_escape_string($name);
$query = "INSERT INTO status (user_id, status, date_set) VALUES ('{$user_id}','{$message}', NOW());";
$result = mysql_query($query) or die('<pre>' . mysql_error() . '</pre>');
}
if (isset($_GET['delete'])) {
$status_id = $_GET['delete'];
$status = blobDeleteStatus($status_id);
blobMessagePush($status);
blobRedirect('index.php');
}
$page['body'] .= "\r\n\t<div class=\"body_padded\">\r\n\t\t<h2>What's on your mind?</h2>\r\n\t\t<div class=\"vulnerable_code_area\">\r\n\t\t\t<form method=\"post\" name=\"statusupdate\">\r\n\t\t\t\t<input type=\"hidden\" name=\"index.php\" value=\"index.php\" />\r\n\t\t\t\t<table width=\"550\" border=\"0\" cellpadding=\"2\" cellspacing=\"1\">\r\n\t\t\t\t\t<tr>\r\n\t\t\t\t\t\t<td><textarea style=\"padding: 5px;\" name=\"statusMsg\" cols=\"60\" rows=\"3\" maxlength=\"140\"></textarea></td>\r\n\t\t\t\t\t</tr>\r\n\t\t\t\t\t<tr>\r\n\t\t\t\t\t\t<td><input class=\"button\" name=\"btnUpdate\" type=\"submit\" value=\"Update Status\" > ( Max 140 characters )</td>\r\n\t\t\t\t\t</tr>\r\n\t\t\t\t</table>\r\n\t\t\t</form>\r\n\t\t</div>\r\n\t\t<div class=\"clear\"></div>\r\n\t\t<pre>Your previous status updates:</pre>\r\n\t\t" . blobShowUserStatus($user) . "\r\n\t\t<br />\r\n\t</div>";
blobHtmlEcho($page);
