<?php
if (!defined('AURACMS_FUNC')) {
Header("Location: index.php");
exit;
}
function transcal(){
}
function kotakjudul($title, $content) {
global $theme;
if (isset ($_SESSION['LevelAkses'])){
$thefile = addslashes(file_get_contents("themes/administrator/boxmenu.html"));
}else{
$thefile = addslashes(file_get_contents("themes/".$theme."/boxmenu.html"));
}
$thefile = "\$r_file=\"".$thefile."\";";
eval($thefile);
echo $r_file;
}
function modul($posisi){
global $koneksi_db,$STYLE_INCLUDE,$SCRIPT_INCLUDE;
$total = 0;
$numb = 0;
if (isset($_GET['pilih'])) {
$pilih = mysql_real_escape_string(strip_tags($_GET['pilih']));
$numb = mysql_num_rows(mysql_query("SELECT `id` FROM `actions` WHERE `modul_hrd` = '$pilih'"));
$modulku = mysql_query("SELECT * FROM `actions` LEFT JOIN `modul_hrd` ON (`modul_hrd`.`id` = `actions`.`modul_id`) WHERE `actions`.`modul_hrd` = '$pilih' AND `actions`.`posisi` = '$posisi' ORDER BY `actions`.`order`");
$total = mysql_num_rows($modulku);
while($viewmoduls = mysql_fetch_assoc($modulku)) {
}
$rtn = substr($rtn, 0, strlen($rtn) - 3);
$rtn .= "</td></tr></table>";
return $rtn;
}
}
}
}
//stoping xss,union and clike injection
if (!function_exists('stripos')) {
function stripos_clone($haystack, $needle, $offset = 0)
{
$return = strpos(strtoupper($haystack), strtoupper($needle), $offset);
if ($return === false) {
return false;
} else {
return true;
}
}
} else {
// But when this is PHP5, we use the original function
function stripos_clone($haystack, $needle, $offset = 0)
{
$return = stripos($haystack, $needle, $offset = 0);
if ($return === false) {
return false;
} else {
return true;
}
}
}
function reply($pid, $pollID, $mode, $order, $thold)
{
include_once "header.php";
global $userinfo, $user, $cookie, $datetime, $bgcolor1, $bgcolor2, $bgcolor3, $AllowableHTML, $anonymous, $prefix, $anonpost, $module_name, $db, $nuke_editor;
cookiedecode($user);
getusrinfo($user);
if (!isset($mode) or empty($mode)) {
if (isset($userinfo['umode'])) {
$mode = $userinfo['umode'];
} else {
$mode = "thread";
}
}
if (!isset($order) or empty($order)) {
if (isset($userinfo['uorder'])) {
$order = $userinfo['uorder'];
} else {
$order = 0;
}
}
if (!isset($thold) or empty($thold)) {
if (isset($userinfo['thold'])) {
$thold = $userinfo['thold'];
} else {
$thold = 0;
}
}
$pid = intval($pid);
$pollID = intval($pollID);
$order = htmlentities($order);
$thold = htmlentities($thold);
$mode = htmlentities($mode);
if ($anonpost == 0 and !is_user($user)) {
OpenTable();
echo "<center><font class=title><b>" . _SURVEYCOM . "</b></font></center>";
CloseTable();
echo "<br>";
OpenTable();
echo "<center>" . _NOANONCOMMENTS . "<br><br>" . _GOBACK . "</center>";
CloseTable();
} else {
if ($pid != 0) {
list($date, $name, $email, $subject, $comment, $score) = $db->sql_query("select date, name, email, subject, comment, score from " . $prefix . "_pollcomments where tid='{$pid}'")->fetch_row();
$name = filter($name, "nohtml");
$email = filter($email, "nohtml");
$subject = filter($subject, "nohtml");
$comment = filter($comment);
$score = intval($score);
} else {
list($subject) = $db->sql_query("select pollTitle FROM " . $prefix . "_poll_desc where pollID='{$pollID}'")->fetch_row();
$subject = filter($subject, "nohtml");
}
if (empty($comment)) {
$comment = $temp_comment;
}
$titlebar = "<b>{$subject}</b>";
if (empty($name)) {
$name = $anonymous;
}
if (empty($subject)) {
$subject = "[" . _NOSUBJECT . "]";
}
formatTimestamp($date);
OpenTable();
echo "<center><font class=\"title\"><b>" . _SURVEYCOM . "</b></font></center>";
CloseTable();
echo "<br>";
OpenTable();
echo "<center><font class=\"content\"><b>{$subject}</b></center><br>";
if (empty($comment)) {
echo "<center><i>" . _DIRECTCOM . "</i></font></center><br>";
} else {
echo "<br>{$comment}</font>";
}
CloseTable();
if (!isset($pid) || !isset($pollID)) {
echo "Something is not right. This message is just to keep things from messing up down the road";
exit;
}
if ($pid == 0) {
list($subject) = $db->sql_query("select pollTitle from " . $prefix . "_poll_desc where pollID='{$pollID}'")->fetch_row();
} else {
list($subject) = $db->sql_query("select subject from " . $prefix . "_pollcomments where tid='{$pid}'")->fetch_row();
}
$subject = filter($subject, "nohtml");
echo "<br>";
OpenTable();
echo "<form action=\"modules.php?name={$module_name}&file=comments\" method=\"post\">";
echo "<font class=\"content\"><b>" . _YOURNAME . ":</b></font> ";
if (is_user($user)) {
cookiedecode($user);
echo "<font class=\"content\"><a href=\"modules.php?name=Your_Account\">{$cookie['1']}</a> [ <a href=\"modules.php?name=Your_Account&op=logout\">" . _LOGOUT . "</a> ]</font>";
} else {
echo "<font class=\"content\">{$anonymous}</font>";
$xanonpost = 1;
}
echo "<br><br><font class=\"content\"><B>" . _SUBJECT . ":</B></FONT><BR>";
if (!stripos_clone($subject, "Re:")) {
$subject = "Re: " . substr($subject, 0, 81) . "";
}
echo "<INPUT TYPE=\"text\" NAME=\"subject\" SIZE=50 maxlength=85 value=\"{$subject}\"><BR>";
echo "<br><br><font class=\"content\"><B>" . _UCOMMENT . ":</B></FONT><BR>" . "<TEXTAREA wrap=virtual cols=70 rows=15 name=comment></TEXTAREA><br>";
if ($nuke_editor == 0) {
echo "<font class=\"content\">" . _ALLOWEDHTML . "<br>";
while (list($key, ) = each($AllowableHTML)) {
echo " <" . $key . ">";
}
echo "</font><br><br>";
} else {
echo "" . _HTMLNOTALLOWED . "</font><br><br>";
}
if (is_user($user) and $anonpost == 1) {
echo "<INPUT type=checkbox name=xanonpost> " . _POSTANON . "<br>";
}
echo "<INPUT type=\"hidden\" name=\"pid\" value=\"{$pid}\">" . "<INPUT type=\"hidden\" name=\"pollID\" value=\"{$pollID}\">" . "<INPUT type=\"hidden\" name=\"mode\" value=\"{$mode}\">" . "<INPUT type=\"hidden\" name=\"order\" value=\"{$order}\">" . "<INPUT type=\"hidden\" name=\"thold\" value=\"{$thold}\">" . "<br><INPUT type=submit name=op value=\"" . _PREVIEW . "\"> " . "<INPUT type=submit name=op value=\"" . _OK . "\"></FORM>";
CloseTable();
}
include_once "footer.php";
}
$result2 = $db->sql_query("DELETE FROM " . $prefix . "_referer");
}
}
if (!isset($mop)) {
$mop = "modload";
}
if (!isset($mod_file)) {
$mod_file = "index";
}
$name = trim($name);
if (isset($file)) {
$file = trim($file);
}
$mod_file = trim($mod_file);
$mop = trim($mop);
if (stripos_clone($name, "..") || isset($file) && stripos_clone($file, "..") || stripos_clone($mod_file, "..") || stripos_clone($mop, "..")) {
die("You are so cool...");
} else {
$ThemeSel = get_theme();
if (file_exists("themes/{$ThemeSel}/module.php")) {
include "themes/{$ThemeSel}/module.php";
if (is_active("{$default_module}") and file_exists("modules/{$default_module}/" . $mod_file . ".php")) {
$name = $default_module;
}
}
if (file_exists("themes/{$ThemeSel}/modules/{$name}/" . $mod_file . ".php")) {
$modpath = "themes/{$ThemeSel}/";
}
$modpath .= "modules/{$name}/" . $mod_file . ".php";
if (file_exists($modpath)) {
include $modpath;
<?
include "config.php";
if(!function_exists('stripos')) {//stripos fonk varmý yok mu diye bakýyoruz
function stripos_clone($haystack, $needle, $offset=0) {
return strpos(strtoupper($haystack), strtoupper($needle), $offset);//yoksa strips_clone u tanýmladýk
}
} else {
function stripos_clone($haystack, $needle, $offset=0) {
return stripos($haystack, $needle, $offset=0);
}
}
if(isset($_SERVER['QUERY_STRING'])) {//isset ile bir sorgu gelmiþ mi dedik geldiyse iþimize devam ediyoruz
$queryString = strtolower($_SERVER['QUERY_STRING']);//sürekli uzun yazýyý yazmamak için az kýsalttýk
if (stripos_clone($queryString,'%select%20') OR stripos_clone($queryString,'%20union%20') OR stripos_clone($queryString,'union/*') OR stripos_clone($queryString,'c2nyaxb0') OR stripos_clone($queryString,'+union+') OR stripos_clone($queryString,'http://') OR stripos_clone($queryString,'https://') OR (stripos_clone($queryString,'cmd=') AND !stripos_clone($queryString,'&cmd')) OR (stripos_clone($queryString,'exec') AND !stripos_clone($queryString,'execu')) OR stripos_clone($queryString,'union') OR stripos_clone($queryString,'concat') OR stripos_clone($queryString,'ftp://')) {
$ip = $_SERVER['REMOTE_ADDR'];
$sayfa = $queryString;
$time = time();
$sql = "INSERT INTO ban VALUES (NULL,'$ip','$sayfa', '$time')";
$query = mysql_query($sql);
die('
<title>UYARI!</title>
<style type="text/css">
<!--
body,td,th {
color: #FFFFFF;
}
body {
background-color: #000000;
background-image: url('.$site.'/images/kurukafa.jpg);
background-repeat: no-repeat;
/************************************************************************/
/* PHP-NUKE: Web Portal System */
/* =========================== */
/* */
/* Copyright (c) 2007 by Francisco Burzi */
/* http://phpnuke.org */
/* */
/* This program is free software. You can redistribute it and/or modify */
/* it under the terms of the GNU General Public License as published by */
/* the Free Software Foundation; either version 2 of the License. */
/************************************************************************/
if (!defined('MODULE_FILE')) {
die("You can't access this file directly...");
}
require_once "mainfile.php";
if (stripos_clone($_SERVER['QUERY_STRING'], '%25')) {
header("Location: index.php");
}
$module_name = basename(dirname(__FILE__));
get_lang($module_name);
$pagetitle = "- " . _RECOMMEND . "";
if (!is_user($user)) {
Header("Location: modules.php?name={$module_name}&file=article&sid={$sid}");
fdie();
}
function FriendSend($sid)
{
global $user, $cookie, $prefix, $db, $user_prefix, $module_name;
$sid = intval($sid);
if (!isset($sid)) {
fdie();
function reply($pid, $sid, $mode, $order, $thold)
{
//include("config.php"); // globalized - Quake
include "header.php";
global $prefix, $module_name, $user, $cookie, $datetime, $bgcolor1, $bgcolor2, $bgcolor3, $db, $anonpost, $anonymous, $admin;
cookiedecode($user);
getusrinfo($user);
$sid = intval($sid);
$pid = intval($pid);
if ($anonpost == 0 and !is_user($user)) {
OpenTable();
echo "<center><font class=title><b>" . _COMMENTREPLY . "</b></font></center>";
CloseTable();
echo "<br>";
OpenTable();
echo "<center>" . _NOANONCOMMENTS . "<br><br>" . _GOBACK . "</center>";
CloseTable();
} else {
if ($pid != 0) {
$row = $db->sql_fetchrow($db->sql_query("SELECT date, name, email, subject, comment, score FROM " . $prefix . "_comments WHERE tid='{$pid}'"));
$date = $row['date'];
$name = filter($row['name'], "nohtml");
$email = filter($row['email'], "nohtml");
$subject = filter($row['subject'], "nohtml");
$comment = filter($row['comment']);
$score = intval($row['score']);
} else {
$row2 = $db->sql_fetchrow($db->sql_query("SELECT time, title, hometext, bodytext, informant, notes FROM " . $prefix . "_stories WHERE sid='{$sid}'"));
$date = $row2['time'];
$subject = filter($row2['title'], "nohtml");
$temp_comment = filter($row2['hometext']);
$comment2 = filter($row2['bodytext']);
$name = filter($row2['informant'], "nohtml");
$notes = filter($row2['notes']);
}
if (empty($comment)) {
$comment = $temp_comment . "<br><br>{$comment2}";
}
OpenTable();
echo "<center><font class=title><b>" . _COMMENTREPLY . "</b></font></center>";
CloseTable();
echo "<br>";
OpenTable();
if (empty($name)) {
$name = $anonymous;
}
if (empty($subject)) {
$subject = "[" . _NOSUBJECT . "]";
}
formatTimestamp($date);
echo "<b>{$subject}</b> <font class=\"content\">";
if (!empty($temp_comment)) {
echo "(" . _SCORE . " {$score})";
}
if (!empty($email)) {
echo "<br>" . _BY . " <a href=\"mailto:{$email}\">{$name}</a> <font class=\"content\"><b>({$email})</b></font> " . _ON . " {$datetime}";
} else {
echo "<br>" . _BY . " {$name} " . _ON . " {$datetime}";
}
echo "<br><br>{$comment}<br><br>";
if ($pid == 0) {
if (!empty($notes)) {
echo "<b>" . _NOTE . "</b> <i>{$notes}</i><br><br>";
} else {
echo "";
}
}
if (!isset($pid) || !isset($sid)) {
echo "Something is not right. This message is just to keep things from messing up down the road";
fdie();
}
if ($pid == 0) {
$row3 = $db->sql_fetchrow($db->sql_query("SELECT title FROM " . $prefix . "_stories WHERE sid='{$sid}'"));
$subject = filter($row3['title'], "nohtml");
} else {
$row4 = $db->sql_fetchrow($db->sql_query("SELECT subject FROM " . $prefix . "_comments WHERE tid='{$pid}'"));
$subject = filter($row4['subject'], "nohtml");
}
CloseTable();
echo "<br>";
OpenTable();
echo "<form action=\"modules.php?name={$module_name}&file=comments\" method=\"post\">";
echo "<font class=option><b>" . _YOURNAME . ":</b></font> ";
if (is_user($user)) {
cookiedecode($user);
echo "<a href=\"modules.php?name=Your_Account\">{$cookie['1']}</a> <font class=\"content\">[ <a href=\"modules.php?name=Your_Account&op=logout\">" . _LOGOUT . "</a> ]</font><br><br>";
} else {
echo "<font class=\"content\">{$anonymous}";
echo " [ <a href=\"modules.php?name=Your_Account\">" . _NEWUSER . "</a> ]<br><br>";
}
echo "<font class=\"option\"><b>" . _SUBJECT . ":</b></font><br>";
if (!stripos_clone($subject, "Re:")) {
$subject = "Re: " . substr($subject, 0, 81) . "";
}
echo "<input type=\"text\" name=\"subject\" size=\"50\" maxlength=\"85\" value=\"{$subject}\"><br><br>";
echo "<font class=\"option\"><b>" . _UCOMMENT . ":</b></font><br>" . "<textarea wrap=\"virtual\" cols=\"70\" rows=\"15\" name=\"comment\"></textarea><br>";
if ($nuke_editor == 0) {
echo "<font class=\"content\">" . _ALLOWEDHTML . "<br>";
while (list($key, ) = each($AllowableHTML)) {
echo " <" . $key . ">";
}
echo "</font><br><br>";
} else {
echo "" . _HTMLNOTALLOWED . "</font><br><br>";
}
if (is_user($user) and $anonpost == 1) {
echo "<input type=\"checkbox\" name=\"xanonpost\"> " . _POSTANON . "<br>";
}
if (!isset($mode) or empty($mode)) {
if (isset($userinfo['umode'])) {
$mode = $userinfo['umode'];
} else {
$mode = "thread";
}
}
if (!isset($order) or empty($order)) {
if (isset($userinfo['uorder'])) {
$order = $userinfo['uorder'];
} else {
$order = 0;
}
}
if (!isset($thold) or empty($thold)) {
if (isset($userinfo['thold'])) {
$thold = $userinfo['thold'];
} else {
$thold = 0;
}
}
echo "<input type=\"hidden\" name=\"pid\" value=\"{$pid}\">\n" . "<input type=\"hidden\" name=\"sid\" value=\"{$sid}\">\n" . "<input type=\"hidden\" name=\"mode\" value=\"{$mode}\">\n" . "<input type=\"hidden\" name=\"order\" value=\"{$order}\">\n" . "<input type=\"hidden\" name=\"thold\" value=\"{$thold}\">\n" . "<input type=\"submit\" name=\"op\" value=\"" . _PREVIEW . "\">\n" . "<input type=\"submit\" name=\"op\" value=\"" . _OK . "\"> " . _GOBACK . "\n" . "</font></form>\n";
CloseTable();
}
include "footer.php";
}
$nukeuser = addslashes($nukeuser);
} else {
$nukeuser = "";
}
$result = $db->sql_query("SELECT active, view FROM " . $prefix . "_modules WHERE title='" . addslashes($name) . "'");
list($mod_active, $view) = $result->fetch_row();
$mod_active = intval($mod_active);
$view = intval($view);
if ($mod_active == 1 or $mod_active == 0 and is_admin($admin)) {
if (!isset($mop) or $mop != $_REQUEST['mop']) {
$mop = "modload";
}
if (!isset($file) or $file != $_REQUEST['file']) {
$file = "index";
}
if (stripos_clone($file, "..") or stripos_clone($mop, "..")) {
die("You are so cool...");
}
$ThemeSel = get_theme();
if (file_exists("themes/{$ThemeSel}/modules/{$name}/" . $file . ".php")) {
$modpath = "themes/{$ThemeSel}/";
} else {
$modpath = "";
}
if ($view == 0) {
$modpath .= "modules/{$name}/" . $file . ".php";
if (file_exists($modpath)) {
include $modpath;
} else {
include "header.php";
OpenTable();
if (isset($_POST['fop'])) {
$fop = $_POST['fop'];
}
if (isset($_COOKIE['admin'])) {
$admin = $_COOKIE['admin'];
}
if (isset($aid)) {
if (!empty($aid) and (!isset($admin) or empty($admin)) and $op != 'login') {
unset($aid);
unset($admin);
die("Access Denied");
}
}
require_once "mainfile.php";
$checkurl = $_SERVER['REQUEST_URI'];
if (stripos_clone($checkurl, 'AddAuthor') or stripos_clone($checkurl, 'VXBkYXRlQXV0aG9y') or stripos_clone($checkurl, 'QWRkQXV0aG9y') or stripos_clone($checkurl, 'UpdateAuthor') or stripos_clone($checkurl, "?admin") or stripos_clone($checkurl, "&admin")) {
die("Illegal Operation");
}
get_lang("admin");
function create_first($name, $url, $email, $pwd, $user_new)
{
global $prefix, $db, $user_prefix, $Default_Theme;
$first = $db->sql_numrows($db->sql_query("SELECT * FROM " . $prefix . "_authors"));
if ($first == 0) {
$pwd = htmlentities($pwd);
$pwd = md5($pwd);
$the_adm = "God";
$email = validate_mail($email);
$db->sql_query("INSERT INTO " . $prefix . "_authors VALUES ('" . addslashes($name) . "', '{$the_adm}', '" . addslashes($url) . "', '" . addslashes($email) . "', '{$pwd}', '0', '1', '')");
if ($user_new == 1) {
$user_regdate = date("M d, Y");
