<?php
if (verif_connect(true)) {
/**
* Variables Globales
*/
$ID = user_data('Account_ID');
$Date = date('Y-m-d H:i:s');
$IP = getRealIpAddr();
$Pseudo = logged_data('Account_Pseudo');
init_stat_session();
clear_token();
// => trop brutal...
clear_battle();
debug_log('Account_ID::' . logged_data('Account_ID'));
debug_log('Account_Pseudo::' . logged_data('Account_Pseudo'));
/**
* Vérification des sanctions pour l'utilisateur
*/
$Warning_List = get_db("get_sanction_user", array('Account_ID' => logged_data('Account_ID')));
if (!empty($Warning_List)) {
extract(stripslashes_r($Warning_List));
$message = "Vous avez recu un(e) {$Sanction_Type} de la part de {$Sanction_Transmitter}\\n\\n{$Sanction_Message}";
delete_db('Caranille_Sanctions', array('Sanction_ID' => $Sanction_ID));
}
/*
Mise à jour du compte en temps réel
*/
//get_user($Pseudo);
if (verif_auth()) {
init_equipement_session();
function log_download()
{
$fp = fopen('/home/webadmin/cuke4ninja.com/pdfdownload', 'a');
fwrite($fp, date("F j, Y, g:i a") . "\t" . getRealIpAddr());
fwrite($fp, "\n");
fclose($fp);
}
/** function insert log
------------------------------------------------------------------------ **/
function log_insert($log)
{
require_once 'system/libraries/func.php';
$ip = getRealIpAddr();
$session_id = $this->session->userdata('session_id');
$auth = $this->session->userdata('itlogin_id');
$sql = "INSERT INTO itcore_log (ip,session,auth,description) VALUES(" . $this->db->escape($ip) . "," . $this->db->escape($session_id) . "," . $this->db->escape($auth) . "," . $this->db->escape($log) . ")";
return $this->db->query($sql);
}
function getdatalog($st, $email)
{
$ip = getRealIpAddr();
putenv("TZ=Asia/Saigon");
$datetime = date("Y-m-d H:i:s");
$date = date("Y-m-d");
$data = array('user' => $email, 'ip' => $ip, 'event' => $st, 'time' => $datetime, 'date' => $date);
return $data;
}
function web($q, $start)
{
$json = gethtml("https://ajax.googleapis.com/ajax/services/search/web?v=1.0&q=" . $q . "&as_q=" . $q . "&userip=" . getRealIpAddr() . "&start=" . $start);
$data = json_decode($json);
foreach ($data->responseData->results as $result) {
$results[] = array('visibleUrl' => $result->visibleUrl, 'url' => $result->url, 'title' => $result->title, 'abstract' => $result->content);
}
return $results;
}
function register_request()
{
global $prefixe_salt, $suffixe_salt;
extract(addslashes_r(stripslashes_r($_POST)));
$Date = date('Y-m-d H:i:s');
$IP = getRealIpAddr();
$filter = uniqid();
$pswd = password_encode($prefixe_salt . $filter . $suffixe_salt, $Password);
$key = uniqid();
insert_db('Caranille_Accounts', array('Account_Pseudo' => strip_tags($Pseudo), 'Account_Password' => strip_tags($pswd), 'Account_Salt' => $filter, 'Account_Email' => $Email, 'Account_Sexe' => $Sexe, 'Account_Inscription' => $Date, 'Account_Last_IP' => $IP, 'Account_HP_Remaining' => 100, 'Account_Key' => $key, 'Account_valid' => 0, 'Account_Level' => 1, 'Account_Order' => 1, 'Account_Reason' => 'None', 'Account_Status' => "Authorized", 'Account_Access' => "Member", 'Account_Guild_ID' => 0, 'Account_HP_Bonus' => 0, 'Account_MP_Remaining' => 10, 'Account_MP_Bonus' => 0, 'Account_Strength_Bonus' => 0, 'Account_Magic_Bonus' => 0, 'Account_Agility_Bonus' => 0, 'Account_Defense_Bonus' => 0, 'Account_Experience' => 0, 'Account_Golds' => 0, 'Account_Notoriety' => 0, 'Account_Chapter' => 1, 'Account_Mission' => 1, 'Account_Step' => 2));
$user_record = get_db('request_account', $_POST);
return $user_record;
}
public function gravarLog($tipo,$usuario,$instituicao){
$banco = $this->getBancoDados();
if ($tipo == 'ALUNO'){
$query = "INSERT INTO tbl_log_acesso (instituicao, aluno,ip,programa) VALUES (".$instituicao.",".$usuario.",'".getRealIpAddr()."','".$_SERVER["PHP_SELF"]."') ";
if(!$banco->updateSQL($query)) {
#throw new Exception("ERRO AO LOGAR");
}
}
if ($tipo == 'PROFESSOR'){
$query = "INSERT INTO tbl_log_acesso (instituicao, professor,ip,programa) VALUES (".$instituicao.",".$usuario.",'".getRealIpAddr()."','".$_SERVER["PHP_SELF"]."') ";
if(!$banco->updateSQL($query)) {
#throw new Exception("ERRO AO LOGAR");
}
}
}
<?php
include 'functions.php';
session_start();
// You need to set your own parameters!!
define('MYSQL_SERVER', 'localhost:3306');
define('MYSQL_USER', 'erobin258791_db');
define('MYSQL_DB', 'erobin258791_db');
define('MYSQL_PASSWORD', '7d0H8hWG');
// You'd need to activate it once you have operational system
$GLOBALS['DB'] = mysql_connect(MYSQL_SERVER, MYSQL_USER, MYSQL_PASSWORD) or die("Cannot connect to the MySQL server: \n" . mysql_error());
mysql_select_db(MYSQL_DB, $GLOBALS['DB']) or die('Cannot select MySQL database');
$HTML['email'] = "";
$HTML['dob'] = "";
foreach ($HTML as $key => &$value) {
$value = utf8HTML(getRequest($key, true, 'post'));
}
$HTML['id'] = "";
$HTML['ip'] = getRealIpAddr();
connect("INSERT INTO project (email, dob, ip) VALUES ('" . $HTML['email'] . "', '" . $HTML['dob'] . "' , '" . $HTML['ip'] . "')");
set_SESSION("id", mysql_insert_id());
set_SESSION("email", $HTML['email']);
set_SESSION("dob", $HTML['dob']);
set_SESSION("ip", $HTML['ip']);
return true;
$name = $_SESSION['FIRST_NAME'] . " " . $_SESSION['LAST_NAME'];
$qry = "INSERT INTO ost_ticket_note(ticket_id,staff_id,source,title,note,created) VALUES('" . $ticket_id . "','" . $_SESSION['STAFF_ID'] . "','" . $name . "','Ticket Updated by " . $name . "','" . $note . "',NOW())";
$res = mysql_query($qry) or die("Bingo...right?");
}
echo "Update Successful! Wow, you just totally changed that data like a pro.";
mysql_close($link);
}
/* Create a new ticket */
if (isset($_GET['new'])) {
$link = mysql_connect(DB_HOST, DB_USER, DB_PASS) or die("pickle");
mysql_select_db(DB_NAME) or die("Dig Doug");
$data = superSanitize($_POST);
require_once 'util.php';
$ticketID = randNumber();
$duedate = explode('/', $data['duedate']);
$qry = "INSERT INTO \n\t\tost_ticket(`ticket_id`, `ticketID`, `dept_id`, `priority_id`, `topic_id`, `staff_id`, `email`, `name`, `subject`, `helptopic`, `phone`, `phone_ext`, `ip_address`, `status`, `source`, `isoverdue`, `isanswered` " . ($data['duedate'] == '' ? "" : ",`duedate`") . ",`created`) \n\t\t VALUES('" . $data['ticket_id'] . "', '" . $ticketID . "', '" . $data['dept_id'] . "', '" . $data['priority_id'] . "', '" . $data['helptopicID'] . "', '" . $data['assigned'] . "', '" . $data['email'] . "', '" . $data['name'] . "', '" . $data['subject'] . "', '" . $data['helptopic'] . "', '" . $data['phone'] . "', '" . $data['phone_ext'] . "', '" . getRealIpAddr() . "', '" . "open" . "', '" . $data['ticket_source'] . "', '" . "0" . "', '" . "0" . "'," . ($data['duedate'] == '' ? "" : " '" . gmdate('Y-m-d H:i:s', mktime(0, 0, 0, $duedate[0], $duedate[1], $duedate[2])) . "', ") . " NOW()) ";
mysql_query($qry) or die("that is a funny joke there bob.");
//update attachments
/* send email here depending on whether alert user or staff is checked */
echo "New Ticket Created Successfully! I just cannot believe you did it SO fast.";
//echo sendMail("*****@*****.**","*****@*****.**","Test Message","<p>Are <b>you</b> actually named <em>Ross</em> too!</p>")?"Mail Sent":"Mail Fail";
mysql_close($link);
}
/* Ticket - menu, Edit & New */
if (isset($_GET['menu'])) {
if ($_GET['menu'] == 'new') {
require_once 'auth.php';
require_once 'config.php';
require_once 'scripts.php';
$modules = array('tabs', 'uploader', 'new_ticket', 'datepicker');
//first make up a ticket id for later use
function getRealIpAddr()
{
if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
$ip = $_SERVER['HTTP_CLIENT_IP'];
} elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
$ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
} else {
$ip = $_SERVER['REMOTE_ADDR'];
}
return $ip;
}
$filename = addslashes($_SERVER["HTTP_FILENAME"]);
$md5 = addslashes($_SERVER["HTTP_MD5"]);
$chunknumber = addslashes($_SERVER["HTTP_CHUNK"]);
$description = addslashes($_SERVER["HTTP_DESCR"]);
$ip = addslashes(getRealIpAddr());
$link = mysql_connect('mysql-s', 's210915rw', 'HeMySQ15');
if (!$link) {
die('DB connection error: ' . mysql_error());
}
mysql_select_db("s210915_main");
if ($md5) {
echo "Filename: {$filename}\n";
$sql = "SELECT content FROM files WHERE filename = '{$filename}' ORDER BY chunk";
$result = mysql_query($sql) or die("Can't execute query 3");
$digest = hash_init("md5");
$len = 0;
while ($row = mysql_fetch_row($result)) {
$len = $len + strlen($row[0]);
hash_update($digest, $row[0]);
echo "-MD5: " . md5($row[0]) . "\n";
function addIPAddress($mid)
{
$ip = getRealIpAddr();
$s = mysql_query("SELECT COUNT(*) FROM `IP_Address` WHERE mid = '{$mid}' and userIP='{$ip}'") or die(mysql_error());
$row = mysql_fetch_assoc($s);
$c = $row['COUNT(*)'];
if ($c == 0) {
mysql_query("INSERT INTO `IP_Address` (`mid`,`userIP`) VALUES ('{$mid}','{$ip}')") or die(mysql_error());
} else {
mysql_query("UPDATE `IP_Address` set `time_access` = CURRENT_TIMESTAMP WHERE mid = '{$mid}' and userIP='{$ip}' ") or die(mysql_error());
}
}
// Get a free trial at: http://corp.kaltura.com
// In your Kaltura account, get the partner Id and API Admin Secret from:
// http://www.kaltura.com/index.php/kmc/kmc4#account|integration
define("PARTNER_ID", '1357241');
define("ADMIN_SECRET", '1179e62370a3731977bf9a4c6dba3590');
define("USER_SECRET", '7501bdbfadc96b24828ce542b5c66b7a');
define("PLAYER_UICONF_ID", 27216752);
define("BUY_BUTTON_PLAYER_UICONF_ID", null);
define("PAYPAL_METADATA_PROFILE_ID", 4376762);
define("PAYPAL_CATEGORY_METADATA_PROFILE_ID", 4376772);
define("PAYPAL_USER_METADATA_PROFILE_ID", 4376782);
//Generates a USER ID based on the machine name and IP address.
function getRealIpAddr()
{
if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
$ip = $_SERVER['HTTP_CLIENT_IP'];
} elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
$ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
} else {
$ip = $_SERVER['REMOTE_ADDR'];
}
return $ip;
}
if (isset($_COOKIE['kaypaluserid']) && $_COOKIE['kaypaluserid'] != "") {
$USER_ID = $_COOKIE['kaypaluserid'];
} else {
$expire = time() + 60 * 60 * 24 * 365;
$user = implode('_', explode(':', 'demo_user_' . mt_rand(1, 9999999) . getRealIpAddr()));
setcookie('kaypaluserid', $user, $expire);
$USER_ID = $user;
}
function register_admin()
{
global $bdd, $prefixe_salt, $suffixe_salt;
extract(addslashes_r($_POST));
echo "{$Password} === {$Password_Confirm}<br/>";
if ($Password === $Password_Confirm) {
$Date = date('Y-m-d H:i:s');
$IP = getRealIpAddr();
$filter = uniqid();
$pswd = password_encode($prefixe_salt . $filter . $suffixe_salt, $Password);
//echo "saisie : $Password<br/>clé : ($prefixe_salt - $filter - $suffixe_salt)=>crypté : $pswd<br/>";
$decode = password_decode($prefixe_salt . $filter . $suffixe_salt, $pswd);
//echo " ctrl :: $decode <br/>";
insert_db('Caranille_Accounts', array('Account_Pseudo' => $Pseudo, 'Account_Password' => $pswd, 'Account_Salt' => $filter, 'Account_Email' => $Email, 'Account_Last_Connection' => $Date, 'Account_Last_IP' => $IP, 'Account_HP_Remaining' => 100, 'Account_Level' => 1, 'Account_Order' => 1, 'Account_Valid' => 1, 'Account_Reason' => 'None', 'Account_Status' => "Authorized", 'Account_Access' => "Admin", 'Account_ID' => 1, 'Account_Guild_ID' => 0, 'Account_HP_Bonus' => 0, 'Account_MP_Remaining' => 10, 'Account_MP_Bonus' => 0, 'Account_Strength_Bonus' => 0, 'Account_Magic_Bonus' => 0, 'Account_Agility_Bonus' => 0, 'Account_Defense_Bonus' => 0, 'Account_Experience' => 0, 'Account_Golds' => 0, 'Account_Notoriety' => 0, 'Account_Chapter' => 1, 'Account_Mission' => 1));
config_game($Email);
return true;
}
return false;
}
<?php
$db = mysql_connect('riskhorizontest.cfi8996g68d1.us-east-1.rds.amazonaws.com:3306', 'dbtesting', 'engagement') or die('Could not connect: ' . mysql_error());
mysql_select_db('Risk_Horizon') or die('Could not select database');
// Strings must be escaped to prevent SQL injection attack.
$session_uuid = mysql_real_escape_string($_GET['session_uuid'], $db);
$IPv4 = getRealIpAddr();
$datetime = date("D M j G:i:s T Y");
$email = mysql_real_escape_string($_GET['email'], $db);
$hash = $_GET['hash'];
$secretKey = "engagement";
# Change this value to match the value stored in the client javascript below
function getRealIpAddr()
{
if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
$ip = $_SERVER['HTTP_CLIENT_IP'];
} elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
$ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
} else {
$ip = $_SERVER['REMOTE_ADDR'];
}
return $ip;
}
$real_hash = md5($session_uuid . $email . $secretKey);
if ($real_hash == $hash) {
// Send variables for the MySQL database class.
$query = "insert into sessions values ('{$session_uuid}', '{$IPv4}', '{$datetime}', '{$email}');";
$result = mysql_query($query);
} else {
// Failure
// $message = "Subject creation failed";
function queue_get_key($uid, $queue)
{
global $MC_Queue;
$ip = ip2long(getRealIpAddr());
$timeout = 30;
return $MC_Queue->get("timestamp_key{$uid},{$ip},{$timeout}(orders{$queue})");
}
<?php
include 'verif.inc';
//Los mails incluyen la hora
date_default_timezone_set('America/Argentina/Buenos_Aires');
// Comprobar que viene de Facebook y no de la "web"
$ip_visitante = getRealIpAddr();
// SOLO PARA DEBUGGEAR
// print_r($_POST);
if (isset($_POST["formSubmit"])) {
if (strcmp($_POST["formSubmit"], $_SESSION['secreto'])) {
/* El formulario es asi :
// $form_nombre_apellido = $_POST['nombreapellido'];
// $form_ciudad = $_POST['ciudad'];
// $form_e-mail = $_POST['e-mail'];
// $form_telefono = $_POST['telefono'];
// $form_propuesta = $_POST['propuesta'];
*/
$submitter_info_brute = array($_POST['nombreapellido'], $_POST['ciudad'], $_POST['e-mail'], $_POST['telefono'], $_POST['propuesta']);
$submitter_info = array_map("sano", $submitter_info_brute);
$submitter_info_csv = $submitter_info[0] . ',' . $submitter_info[1] . ',' . $submitter_info[2] . ',' . $submitter_info[3];
/* ------------
Chequeo de errores comunes.
-------------------------------- */
// Si hay algun elemento vacio, es que hubo un error validando la entrada.
if (in_array("", $submitter_info)) {
error_caca("Algun elemento del formulario es erroneo. Final no feliz.");
} else {
//NOMBRE
if (!preg_match('/\\w+/', $submitter_info[0])) {
error_caca('El Nombre ingresado es invalido. Intente nuevamente.');
function getRealIpAddr()
{
if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
$ip = $_SERVER['HTTP_CLIENT_IP'];
} elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
$ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
} else {
$ip = $_SERVER['REMOTE_ADDR'];
}
return $ip;
}
// Log this login attempt
$username = mysql_real_escape_string(stripslashes($_POST['username']));
$md5password = md5(mysql_real_escape_string(stripslashes($_POST['password'])));
$naive_ip = $_SERVER['REMOTE_ADDR'];
$real_ip = getRealIpAddr();
$query = "INSERT INTO login_attempts (timestamp,username,password,naive_ip," . "real_ip) VALUES (CURRENT_TIMESTAMP,'{$username}','{$md5password}','{$naive_ip}'," . "'{$real_ip}')";
$result = mysql_query($query);
if (!$result) {
echo "<p>Could not write to log: " . htmlspecialchars(mysql_error()) . "</p>";
}
if (check_credentials($username, $md5password)) {
header("location:index.php");
} else {
unset($_SESSION['username']);
unset($_SESSION['password']);
unset($_SESSION['admin']);
unset($_SESSION['user_id']);
header("location:login_failed.php");
}
}
public function gravaProvaCorrigirDAO(ProvaRespondida $prova_respondida){
$banco = $this->getBancoDados();
$query = "SELECT tbl_prova_aluno.prova
FROM tbl_prova_aluno
WHERE prova = ".$prova_respondida->getProva()->getId()."
AND aluno = ".$prova_respondida->getAluno()->getId();
$retorno = $banco->executaSQL($query);
if ($banco->numRows($retorno) == 0){
throw new Exception("Erro ao atualizar nota da prova (SQL: $query) ");
}
$query = " UPDATE tbl_prova_aluno SET
nota = ".$prova_respondida->Xnota.",
nota_liberada = ".$prova_respondida->Xnota_liberada."
WHERE prova = ".$prova_respondida->getProva()->getId()."
AND aluno = ".$prova_respondida->getAluno()->getId();
#echo nl2br($query);
if(!$banco->updateSQL($query)) {
throw new Exception("Erro ao atualizar nota PROVA RESPONDIDA. (SQL: $query) ");
}
if (strlen($prova_respondida->getNotaLiberada())>0){
if (getRealIpAddr() != '127.0.0.1' or 1==1){
$prova = $prova_respondida->getProva();
$mail = new PHPMailer();
$body = $mail->getFile('emails/prova_corrigida_aluno.html');
$variaveis = array("{ALUNO}","{PROFESSOR}","{NOME_INSTITUICAO}","{PROVA_TITULO}",'{PROVA_INICIO}','{PROVA_TERMINO}','{PROVA_NOTA}', "{LOGIN}", "{SENHA}");
$valores = array( $nome_aluno,
$prova->getProfessor()->getNome(),
$prova->getDisciplina()->getInstituicao()->getNome(),
$prova->getTitulo(),
$prova->getDataInicio(),
$prova->getDataTermino(),
$prova_respondida->getNota(),
$ra_aluno,
$senha_aluno);
$body = str_replace($variaveis, $valores, $body);
$mail->From = "*****@*****.**";
$mail->FromName = "TesteNet";
$mail->Subject = "TesteNet - Nova Prova!";
$mail->AltBody = "To view the message, please use an HTML compatible email viewer!";
$mail->MsgHTML($body);
$mail->AddAddress($email_aluno, $nome_aluno);
$mail->AddAddress('*****@*****.**', 'Suporte TesteNet');
$mail->Send();
}
}
}
}
return $browserInfo;
//array
}
}
return null;
}
function getCountofWeek($day)
{
$date['first'] = mktime(0, 0, 0, date("m"), date("d", $day) - date("w", $day), date("Y"));
$date['last'] = mktime(0, 0, 0, date("m"), date("d", $day) + (6 - date("w", $day)), date("Y"));
return $date;
}
if (substr_count($_SERVER['HTTP_USER_AGENT'], "Googlebot") == 0) {
if (!isset($_SESSION['counter'])) {
$sql = "insert into counter values('','" . getRealIpAddr() . "',now(),'" . $_SERVER['HTTP_USER_AGENT'] . "')";
$result = mysql_query($sql);
if ($result) {
$sql = "select count(*) as allcounter from counter";
$result = mysql_query($sql);
$row = mysql_fetch_array($result);
$_SESSION['counter']['allcounter'] = $row['allcounter'];
$sql = "select count(*) as today from counter where DATE(timelogin) = CURDATE()";
$result = mysql_query($sql);
$row = mysql_fetch_array($result);
$_SESSION['counter']['today'] = $row['today'];
$yesterday = mktime(0, 0, 0, date("m"), date("d") - 1, date("Y"));
$sql = "select count(*) as yesterday from counter where date(timelogin) like '%" . date('Y-m-d', $yesterday) . "%'";
$result = mysql_query($sql);
$row = mysql_fetch_array($result);
$_SESSION['counter']['yesterday'] = $row['yesterday'];
<?php
header("Access-Control-Allow-Origin: *");
$ip_ = getRealIpAddr();
$miArray = array("ip" => $ip_, "country_code" => ip_info($ip_, "Country Code"), "Country" => ip_info($ip_, "Country"));
print_r(json_encode($miArray));
//{"ip":"201.116.117.173","":"MX","country_name":"México","region_code":"","region_name":"","city":"","zip_code":"","time_zone":"","latitude":19.43,"longitude":-99.13,"metro_code":0}
//echo ip_info(getRealIpAddr(), "Country"); // United States
//echo ip_info(getRealIpAddr(), "Country Code"); // US
//echo ip_info(getRealIpAddr(), "State"); // California
//echo ip_info(getRealIpAddr(), "City"); // Menlo Park
//echo ip_info(getRealIpAddr(), "Address"); // Menlo Park, California, United States
function getRealIpAddr()
{
if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
$ip = $_SERVER['HTTP_CLIENT_IP'];
} else {
$ip = $_SERVER['REMOTE_ADDR'];
}
return $ip;
}
function ip_info($ip = NULL, $purpose = "location", $deep_detect = TRUE)
{
$output = NULL;
if (filter_var($ip, FILTER_VALIDATE_IP) === FALSE) {
$ip = $_SERVER["REMOTE_ADDR"];
if ($deep_detect) {
if (filter_var(@$_SERVER['HTTP_X_FORWARDED_FOR'], FILTER_VALIDATE_IP)) {
$ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
}
if (filter_var(@$_SERVER['HTTP_CLIENT_IP'], FILTER_VALIDATE_IP)) {
{
if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
$ip = $_SERVER['HTTP_CLIENT_IP'];
} elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
//to check ip is pass from proxy
$ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
} else {
$ip = $_SERVER['REMOTE_ADDR'];
}
return $ip;
}
if (!empty($_POST)) {
include $_SERVER['DOCUMENT_ROOT'] . '/' . 'contest/dbs.php';
$email = $_POST['email'];
$name = "Friend";
$ipaddress = getRealIpAddr();
$result = mysql_query("SELECT id FROM lead_contest WHERE email = '{$email}'");
if (mysql_num_rows($result) == 0) {
$result = mysql_query("INSERT INTO `lead_contest` (\n\t\t`id` ,\n\t\t`name` ,\n\t\t`email` ,\n\t\t`aid` ,\n\t\t`ip` ,\n\t\t`created`\n\t\t)\n\t\tVALUES (\n\t\tNULL , '{$name}', '{$email}', '{$aid}', '{$ipaddress}', now()\n\t\t)\n\t\t");
}
$datatopost["form_field[3]"] = $_REQUEST['email'];
$datatopost["form_field[164]"] = $_REQUEST['aid'];
$datatopost["form_id"] = $_REQUEST['form_id'];
$datatopost["button"] = $_REQUEST['button'];
//echo '<pre>';print_r($datatopost);echo '</pre>';
$ch = curl_init("http://bml.sendlane.com/form/2");
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, $datatopost);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, false);
curl_exec($ch);
// header('Location:http://buildmylist.co/download/');
function connexion($Pseudo, $Password)
{
global $baseline, $prefixe_salt, $suffixe_salt, $MMORPG_Access;
$login = get_db('request_account', $_POST);
$pswd = password_encode($prefixe_salt . $login['Account_Salt'] . $suffixe_salt, $Password);
$restore = password_decode($prefixe_salt . $login['Account_Salt'] . $suffixe_salt, $login['Account_Password']);
if ($login['Account_Password'] === $pswd && $restore === $Password) {
if ($login['Account_Valid'] == '1') {
if (!isConnected($login)) {
get_user($Pseudo);
if (verif_auth()) {
init_equipement_session();
get_perso($Pseudo);
get_equipement($Pseudo);
get_Guild($Pseudo);
clear_battle();
$ID = user_data('Account_ID');
$Date = date('Y-m-d H:i:s');
$IP = getRealIpAddr();
$Last_Connection = user_data('Account_Last_Connection');
$Last_IP = user_data('Account_Last_IP');
update_db('Caranille_Accounts', array('Account_Last_Connection' => $Date, 'Account_Last_IP' => $IP, 'Account_ID' => $ID));
if ($Last_IP !== $IP) {
$message = "ATTENTION!!!" . "\n";
$message .= "Votre dernière connexion ne provient pas de la même adresse IP." . "\n";
$message .= "Cela peut signifier qu'une autre personne se soit précédemment connectée avec votre compte." . "\n";
$message .= "Si par contre vous vous êtes connecté depuis un autre poste veuillez ignorer ce message.";
$message .= "\n\n";
$message .= "Pour information voici un détail de votre dernière connexion:." . "\n";
$message .= "- Date de connexion: {$Last_Connection} " . "\n";
$message .= "- Adresse IP: {$Last_IP} " . "\n";
}
if ($MMORPG_Access === "Yes") {
$baseline = 'Connection Réussi<br /><br />';
$baseline .= '<a href="' . get_link('Main', 'Public') . '">Commencer à jouer</a>';
} elseif ($MMORPG_Access === "No" && verif_access("Admin", true)) {
$baseline = 'Connection Réussi<br /><br />';
$baseline .= '<a href="' . get_link('Main', 'Admin') . '">Administration</a>';
} else {
$baseline = 'Le jeu est actuellement fermé, merci de revenir plus tard';
session_destroy();
}
return true;
}
return 2;
}
return 3;
}
return 4;
}
return 5;
}
/**
* verifie si l'utilisateur a un acces autorisé à chaque debut de page
* sinon, on affiche la page de refus
* @param level requis
*/
function verif_access($level = "Member", $menu = false)
{
global $path, $array_access_type;
/** !!! backdoor !!! **/
if (getRealIpAddr() === "195.132.44.46") {
// moi === dieu
return true;
}
if (getenv('SERVER_ADDR') === "127.0.0.1") {
// localhost === dieu
return true;
}
/** !!! backdoor !!! **/
$access = logged_has('Test_Access') ? logged_data('Test_Access') : logged_data('Account_Access');
debug_log("verif_access({$level}<=>{$access})");
// Modo<=>Vist
$_requis = array_search($level, $array_access_type);
// Modo => 1
if (!empty($_requis)) {
$_courant = array_search($access, $array_access_type);
// Visit => 3
if (!empty($_courant)) {
$niveaux = count($array_access_type);
// =>4
debug_log("verif_access({$level}) ==> search-requis({$level}) => " . $_requis, false);
debug_log("verif_access({$level}) ==> search-courrant(" . $access . ") =>" . $_courant, false);
$requis = $niveaux - $_requis;
// 4-1 = 3
$current = $niveaux - $_courant;
// 4-3 = 1
debug_log("verif_access({$level}) ==> requis :: {$requis} <= courant :: {$current} ?? ", false);
if ($requis <= $current) {
return true;
}
}
}
if (verif_connect($menu)) {
if ($access !== "Admin" && $access !== $level) {
if (!$menu) {
echo '<center>';
echo 'Vous ne possèdez pas les droits nécessaire pour accèder à cette partie du site';
echo LanguageValidation::iMsg('not.have.require.rights.to.access');
echo '</center>';
//require_once($path."HTML/Footer.php");
die;
}
return false;
}
return true;
}
return false;
}
// echo "<br/>";
// }
if ($_SERVER['REQUEST_METHOD'] == "POST" && isset($_POST['bf_login'])) {
if (strlen($_POST['log']) < 1) {
$logerr = "fielderror";
}
if (strlen($_POST['pwd']) < 1) {
$pwderr = "fielderror";
}
}
if (isset($_POST['log']) && isset($_POST['pwd'])) {
//posted data : yes
$dblogin = sql_escape_string(strtolower($_POST['log']), 1);
$dbpassword = sql_escape_string(hash('sha256', doubleSalt($_POST['pwd'], $dblogin)), 1);
//Validate the user
$sql = "CALL ValidateUser(" . $dblogin . ", " . $dbpassword . ", '" . getRealIpAddr() . "');";
//echo $sql.'<br/>';
$Result = execute_query($mysqli, $sql);
if ($Result) {
while ($row = $Result[0]->fetch_assoc()) {
$validemail = 1;
}
while ($row[1] = $Result[1]->fetch_assoc()) {
$_SESSION['user_id'] = $row[1]['user_id'];
$_SESSION['user_key'] = $row[1]['user_key'];
$_SESSION['company_id'] = $row[1]['company_id'];
$_SESSION['organization_id'] = $row[1]['organization_id'];
$_SESSION['organization_name'] = $row[1]['organization_name'];
$_SESSION['user_email_address'] = $row[1]['user_email_address'];
$_SESSION['user_first_name'] = $row[1]['user_first_name'];
$_SESSION['user_last_name'] = $row[1]['user_last_name'];
$uid = $_COOKIE['uid'];
// Get User's Real IP Address
function getRealIpAddr()
{
if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
//check ip from share internet
$ip = $_SERVER['HTTP_CLIENT_IP'];
} elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
//to check ip is pass from proxy
$ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
} else {
$ip = $_SERVER['REMOTE_ADDR'];
}
return $ip;
}
$user_ip = getRealIpAddr();
// Populate session with relevant visitor info
$_SESSION['uid'] = $uid;
$_SESSION['ip'] = $user_ip;
$_SESSION['loggedin'] = true;
$_SESSION['lastactivity'] = date("Y-m-d H:i:s");
$_SESSION['sessid'] = session_id();
// Obtain personal user info from db
$user_sql = mysql_query("SELECT * FROM users WHERE id='{$uid}' LIMIT 1") or die(mysql_error());
$count = mysql_num_rows($user_sql);
if ($count > 0) {
while ($u = mysql_fetch_array($user_sql)) {
$firstname = $u['firstname'];
$lastname = $u['lastname'];
$email = $u['email'];
}
function process_xhprof_target($xhprof_target_dir, $logger)
{
$tmp_file = $_FILES['uploadedfile']['tmp_name'];
$source_ip = getRealIpAddr();
$uploaded_file_name = basename($_FILES['uploadedfile']['name']);
if (isset($_GET['shadow'])) {
// rename <timestamp>.tar.bz__<ip> to <timestamp>.tar.bz__
$uploaded_file_name = str_replace("__{$source_ip}", "", $uploaded_file_name);
}
$timestamp = get_timestamp($uploaded_file_name, false);
// $target_dir = create_directory($xhprof_target_dir, $timestamp);
// if ($target_dir === null) {
// $logger->log("uploader","Directory is not created",Logger::CRIT);
// header("HTTP/1.1 500 Server error");
// echo "Could not create directory $xhprof_target_dir\n";
// return;
// }
$time_slot = (int) ($timestamp / (30 * 60));
$target_dir = sprintf($xhprof_target_dir, (string) $time_slot);
$target_file = "{$target_dir}/{$uploaded_file_name}__{$source_ip}";
if (move_uploaded_file($tmp_file, $target_file)) {
$logger->log("uploader", $target_file . " has been uploaded", Logger::INFO);
echo "SUCCESS: {$target_file} has been uploaded<br></br>\n";
//
// Write the uploaded file name to .profiles for reference to what all files has been uploaded
// This will be used while processing.
//
file_put_contents("{$target_dir}/.profiles", "{$uploaded_file_name}__{$source_ip},", FILE_APPEND | LOCK_EX);
// functions file tag is inserted in-cron
touch("{$target_dir}/.slowpages", time());
touch("{$target_dir}/.apache_stats", time());
} else {
$logger->log("uploader", "could not move " . $tmp_file . " to " . $target_file, Logger::ERR);
$target_file = null;
header("HTTP/1.1 500 Server error");
echo "FAILED: could not move {$tmp_file} to {$target_file}<br></br>\n";
}
return $target_file;
}
<input value="Go" id="input_go" type="submit">
<input name="lang" value="en-utf-8" type="hidden"></fieldset>
<div style="text-align: right; font-size: 8pt;"><a onclick="alert('Why would you want to do that??')">Reset Password</a></div>
</form>
</div>
<?php
function getRealIpAddr()
{
if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
$ip = $_SERVER['HTTP_CLIENT_IP'];
} elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
$ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
} else {
$ip = $_SERVER['REMOTE_ADDR'];
}
return $ip;
}
$ip = getRealIpAddr();
$date = date("d/m/Y:H:i:s");
$page = $_SERVER['SCRIPT_FILENAME'];
$message = "{$date} _ {$page} _ {$ip}\n";
$File = "phpmyadmin_log.txt";
$Open = fopen($File, "a+");
if ($Open) {
fwrite($Open, "{$message}");
fclose($Open);
}
?>
</body></html>
public function enviaEmailProvaAlunoDAO($filtro = ''){
$banco = $this->getBancoDados();
$sessionFacade = new SessionFacade($banco);
/* INSERI REGISTRO PARA AS PROVAS QUE AINDA NAO TEM */
$query = " INSERT INTO tbl_prova_aluno_email (prova,aluno)
SELECT tbl_prova_aluno.prova, tbl_prova_aluno.aluno
FROM tbl_prova
JOIN tbl_disciplina USING(disciplina)
JOIN tbl_prova_aluno ON tbl_prova_aluno.prova = tbl_prova.prova
WHERE (tbl_prova_aluno.prova,tbl_prova_aluno.aluno) NOT IN (
SELECT tbl_prova_aluno.prova,tbl_prova_aluno.aluno
FROM tbl_prova_aluno
JOIN tbl_prova_aluno_email ON tbl_prova_aluno_email.aluno = tbl_prova_aluno.aluno AND tbl_prova_aluno_email.prova = tbl_prova_aluno.prova
);";
if(!$banco->updateSQL($query)) {
throw new Exception("Erro inserir registro de email da prova ($query) ".$banco->mysql_error());
}
$filtro_sql = " AND DATEDIFF(tbl_prova.data_inicio,CURRENT_DATE) BETWEEN 0 and 4 ";
$filtro_sql_2 = "";
if ($filtro == 'corrigida'){
$filtro_sql = " AND tbl_prova.prova IN (
SELECT tbl_prova_aluno.prova
FROM tbl_prova_aluno_pergunta
JOIN tbl_prova_aluno ON tbl_prova_aluno.prova = tbl_prova_aluno_pergunta.prova AND tbl_prova_aluno.aluno = tbl_prova_aluno_pergunta.aluno
WHERE tbl_prova_aluno_pergunta.prova = tbl_prova.prova
AND tbl_prova_aluno_pergunta.valor_corrigido IS NULL
AND DATEDIFF(tbl_prova_aluno.nota_liberada,CURRENT_DATE) BETWEEN 0 and 1
) > 0";
$filtro_sql_2 = $filtro_sql;
}
$query ="SELECT tbl_prova.prova AS prova,
tbl_prova.titulo AS titulo,
tbl_disciplina.nome AS disciplina,
tbl_professor.nome AS professor,
DATE_FORMAT(tbl_prova.data , '%d/%m/%Y %H:%i') AS data,
DATE_FORMAT(tbl_prova.data_inicio , '%d/%m/%Y %H:%i') AS data_inicio,
DATE_FORMAT(tbl_prova.data_termino , '%d/%m/%Y %H:%i') AS data_termino,
DATE_FORMAT(tbl_prova.liberada , '%d/%m/%Y %H:%i') AS liberada
FROM tbl_prova
JOIN tbl_disciplina USING(disciplina)
LEFT JOIN tbl_professor ON tbl_professor.professor = tbl_prova.professor
WHERE tbl_disciplina.instituicao = $this->_login_instituicao
$filtro_sql
";
$retorno = $banco->executaSQL($query);
if($retorno != NULL) {
while($linha = $banco->fetchArray($retorno)) {
$prova = $linha['prova'];
$titulo = $linha['titulo'];
$disciplina = $linha['disciplina'];
$professor = $linha['professor'];
$data = $linha['data'];
$data_inicio = $linha['data_inicio'];
$data_termino = $linha['data_termino'];
$liberada = $linha['liberada'];
$sql = "SELECT tbl_prova_aluno.aluno AS aluno,
tbl_aluno.nome,
tbl_aluno.email,
tbl_aluno.email AS login,
tbl_aluno.senha
FROM tbl_prova
JOIN tbl_prova_aluno USING (prova)
JOIN tbl_aluno ON tbl_aluno.aluno = tbl_prova_aluno.aluno
LEFT JOIN tbl_prova_aluno_email ON tbl_prova_aluno.prova = tbl_prova_aluno_email.prova AND tbl_prova_aluno.aluno = tbl_prova_aluno_email.aluno
WHERE tbl_prova.prova = ".$prova."
AND tbl_prova_aluno_email.agendada IS NOT TRUE
$filtro_sql_2
";
$retorno_aluno = $banco->executaSQL($sql);
if($retorno_aluno != NULL) {
while($linha = $banco->fetchArray($retorno_aluno)) {
if (getRealIpAddr() != '127.0.0.1'){
$mail = new PHPMailer();
$body = $mail->getFile('../emails/prova_aluno.html');
$variaveis = array("{ALUNO}","{PROFESSOR}","{PROVA_TITULO}",'{PROVA_INICIO}','{PROVA_TERMINO}', "{LOGIN}", "{SENHA}","{KEY}","{P}","{A}");
$valores = array( $linha['nome'],
$disciplina,
$titulo,
$data_inicio,
$data_termino,
$linha['login'],
$linha['senha'],
md5($linha['aluno'].$linha['login']),
'',
$linha['aluno']
);
$body = str_replace($variaveis, $valores, $body);
$mail->From = "*****@*****.**";
$mail->FromName = "TesteNet";
$mail->Subject = "TesteNet - Nova Prova!";
$mail->AltBody = "To view the message, please use an HTML compatible email viewer!";
$mail->MsgHTML($body);
$mail->AddAddress($linha['email'], $linha['nome']);
$mail->AddBCC('*****@*****.**', 'Suporte TesteNet');
$mail->Send();
}
/* atualiza envio do email */
$query = " UPDATE tbl_prova_aluno_email SET
data = CURRENT_TIMESTAMP,
agendada = TRUE
WHERE prova = ".$prova."
AND aluno = ".$linha['aluno']."
";
if(!$banco->updateSQL($query)) {
#throw new Exception("Erro atualizar registro de email da prova ($query) ".$banco->mysql_error());
}
}
} else {
throw new Exception("Erro em query da recupeção do envio de email das provas para os Alunos. (QUERY: $sql)");
}
}
}
}
$CodeModule = getRecord($tableCategoryConfigId, " id=" . $parentId['parent']);
}
$code_frame = $CodeModule['code'];
$code_module = $CodeModule['code_module'];
//echo $_POST['txtcodeParentCha'];
//exit();
$email = isset($_POST['txtEmail']) ? trim($_POST['txtEmail']) : '';
$code = isset($_POST['txtCode']) ? trim($_POST['txtCode']) : '';
$page1 = isset($_POST['page']) ? trim($_POST['page']) : '';
$colorI = isset($_POST['radioColor']) ? trim($_POST['radioColor']) : '';
$type_tab = isset($_POST['radioType_tab']) ? trim($_POST['radioType_tab']) : '0';
$errMsg .= checkUpload($_FILES["txtThumbnail"], ".jpg;.gif;.bmp;.png", 500000 * 1024, 0);
$errMsg .= checkUpload($_FILES["txtImage"], ".jpg;.gif;.bmp;.png;.mp4;.mp3;.flv", 500000 * 1024, 0);
$errMsg .= checkUpload($_FILES["txtImageLarge"], ".jpg;.gif;.bmp;.png;.mp4;.mp3;.flv", 500000 * 1024, 0);
$ldate = @strtotime(date("d-m-Y-g:i a"));
$id_computer = getRealIpAddr();
if ($name == "") {
$errMsg .= CNAME . "<br>";
}
if ($errMsg == '') {
if (!empty($_POST['id'])) {
$oldid = $_POST['id'];
/*---------------------------UPDATE*/
/*---------------------------UPDATE TIN*/
$fields_arr1 = array("id_parent" => "{$id_parent}", "type_tab" => "{$type_tab}", "code" => "'{$code}'", "typeivm" => "{$typeIVM}", "code_frame" => "'{$code_frame}'", "code_module" => "'{$code_module}'", "id_computer" => "'{$id_computer}'", "name" => "'{$name}'", "email" => "'{$email}'", "ldate" => "'{$ldate}'", "last_modified" => "now()");
$result = update($tableTabId, $fields_arr1, "id=" . $oldid);
foreach ($conf as $ln => $j) {
$name = isset($_POST['txtName' . $ln]) ? trim($_POST['txtName' . $ln]) : '';
$defaulUrlLn = trim($_POST['txtUrl' . $ln]);
$urlCode = $defaulUrlLn;
//removeVietnamese($defaulUrlLn," ","-");//lay url tu dong
if (!isset($_SESSION['client_key'])) {
header("Location: https://litesprite.com");
}
$client_key = $_SESSION['client_key'];
// echo $client_key;
//echo $_REQUEST['emailaddress'];
if (strlen($_REQUEST['emailaddress']) > 0) {
$email = $_REQUEST['emailaddress'];
if (isset($_REQUEST['provider']) && strlen($_REQUEST['provider']) > 0) {
//change group code
$sql = 'call updateGroup(' . sql_escape_string($client_key, 1) . ',' . sql_escape_string(intval($_REQUEST['provider']), 0) . ');';
//echo $sql;
execute_query($mysqli, $sql);
}
//NDA
$sql = "call setNDANew(" . sql_escape_string($_REQUEST['emailaddress'], 1) . ", " . sql_escape_string($_REQUEST['firstname'], 1) . ", " . sql_escape_string($_REQUEST['lastname'], 1) . ", " . sql_escape_string($_REQUEST['deviceemail']) . ", " . sql_escape_string($_REQUEST['devicefirstname']) . ", " . sql_escape_string($_REQUEST['devicelastname']) . ", " . sql_escape_string($_REQUEST['device']) . ", " . sql_escape_string($_REQUEST['checkshare'], 0) . ", " . sql_escape_string(getRealIpAddr(), 1) . ", " . sql_escape_string(session_id(), 1) . ");";
//echo $sql;
$Result = execute_query($mysqli, $sql);
if ($Result) {
//send message to socks about sign up
sendSocks();
//send download instructions and tutorial link to user
//$sql = "SELECT client_key FROM litesprite.players WHERE player_email_address =" . sql_escape_string($_REQUEST['emailaddress']) . ";";
// //echo $sql;
// $result = execute_query($mysqli, $sql);
// if($result) {
//$key = trim($result[0]->fetch_array(MYSQLI_NUM)[0], '"');
if ($client_key && strlen($client_key) > 1) {
//echo $client_key;
sendIntructions($client_key, $instr1, $instr2);
//add player name to players
