_ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/ \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \
( U | - | 2 | 3 | 2 )-( S | o | u | r | c | e )-( C | o | d | e )
\_/ \_/ \_/ \_/ \_/ \_/ \_/ \_/ \_/ \_/ \_/ \_/ \_/ \_/ \_/
*/
if (!defined('IN_INSTALLER09_ADMIN')) {
$HTMLOUT = '';
$HTMLOUT .= "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\"\n\t\t\"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\">\n\t\t<html xmlns='http://www.w3.org/1999/xhtml'>\n\t\t<head>\n\t\t<title>Error!</title>\n\t\t</head>\n\t\t<body>\n\t<div style='font-size:33px;color:white;background-color:red;text-align:center;'>Incorrect access<br />You cannot access this file directly.</div>\n\t</body></html>";
echo $HTMLOUT;
exit;
}
require_once INCL_DIR . 'user_functions.php';
require_once INCL_DIR . 'html_functions.php';
require_once CLASS_DIR . 'class_check.php';
$class = get_access(basename($_SERVER['REQUEST_URI']));
class_check($class);
$lang = array_merge($lang, load_language('ad_stats_extra'));
$inbound = array_merge($_GET, $_POST);
if (!isset($inbound['mode'])) {
$inbound['mode'] = '';
}
$form_code = '';
$month_names = array(1 => $lang['stats_ex_jan'], $lang['stats_ex_jan'], $lang['stats_ex_feb'], $lang['stats_ex_mar'], $lang['stats_ex_apr'], $lang['stats_ex_may'], $lang['stats_ex_jun'], $lang['stats_ex_jul'], $lang['stats_ex_sep'], $lang['stats_ex_oct'], $lang['stats_ex_nov'], $lang['stats_ex_dec']);
switch ($inbound['mode']) {
case 'show_reg':
result_screen('reg');
break;
case 'show_topic':
result_screen('topic');
break;
case 'topic':
* A bittorrent tracker source based on TBDev.net/tbsource/bytemonsoon.
* Project Leaders: Mindless, putyn.
*
*/
if (!defined('IN_INSTALLER09_ADMIN')) {
$HTMLOUT = '';
$HTMLOUT .= "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\"\n\t\t\"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\">\n\t\t<html xmlns='http://www.w3.org/1999/xhtml'>\n\t\t<head>\n\t\t<title>Error!</title>\n\t\t</head>\n\t\t<body>\n\t<div style='font-size:33px;color:white;background-color:red;text-align:center;'>Incorrect access<br />You cannot access this file directly.</div>\n\t</body></html>";
echo $HTMLOUT;
exit;
}
require_once INCL_DIR . 'user_functions.php';
require_once INCL_DIR . 'bbcode_functions.php';
require_once INCL_DIR . 'html_functions.php';
require_once INCL_DIR . 'pager_functions.php';
require_once CLASS_DIR . 'class_check.php';
class_check(UC_SYSOP);
$lang = array_merge($lang);
$HTMLOUT = "";
function mysql_fetch_all($query, $default_value = array())
{
$r = sql_query($query);
$result = array();
if ($err = is_object($GLOBALS["___mysqli_ston"]) ? mysqli_error($GLOBALS["___mysqli_ston"]) : (($___mysqli_res = mysqli_connect_error()) ? $___mysqli_res : false)) {
return $err;
}
if (@mysqli_num_rows($r)) {
while ($row = mysqli_fetch_array($r)) {
$result[] = $row;
}
}
if (count($result) == 0) {
|--------------------------------------------------------------------------|
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/ \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \
( U | - | 2 | 3 | 2 )-( S | o | u | r | c | e )-( C | o | d | e )
\_/ \_/ \_/ \_/ \_/ \_/ \_/ \_/ \_/ \_/ \_/ \_/ \_/ \_/ \_/
*/
//== pdq Class Checker and Verify Staff
if (!defined('IN_INSTALLER09_ADMIN')) {
$HTMLOUT = '';
$HTMLOUT .= "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\"\n\t\t\"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\">\n\t\t<html xmlns='http://www.w3.org/1999/xhtml'>\n\t\t<head>\n\t\t<title>Error!</title>\n\t\t</head>\n\t\t<body>\n\t<div style='font-size:33px;color:white;background-color:red;text-align:center;'>Incorrect access<br />You cannot access this file directly.</div>\n\t</body></html>";
echo $HTMLOUT;
exit;
}
require_once INCL_DIR . 'user_functions.php';
require_once CLASS_DIR . 'class_check.php';
class_check(UC_MAX);
$lang = array_merge($lang, load_language('ad_staff_config'));
function write_staffs2()
{
global $lang;
//==ids
$t = '$INSTALLER09';
$iconfigfile = "<" . "?php\n/**\n{$lang['staffcfg_file_created']}" . date('M d Y H:i:s') . ".\n{$lang['staffcfg_mod_by']}\n**/\n";
$ri = sql_query("SELECT id, username, class FROM users WHERE class BETWEEN " . UC_STAFF . " AND " . UC_MAX . " ORDER BY id ASC") or sqlerr(__FILE__, __LINE__);
$iconfigfile .= "" . $t . "['allowed_staff']['id'] = array(";
while ($ai = mysqli_fetch_assoc($ri)) {
$ids[] = $ai['id'];
$usernames[] = "'" . $ai["username"] . "' => 1";
}
$iconfigfile .= "" . join(",", $ids);
$iconfigfile .= ");";
| $Author$ putyn,Bigjoos
| $URL$
| $warned
|
+------------------------------------------------
*/
if (!defined('IN_INSTALLER09_ADMIN')) {
$HTMLOUT = '';
$HTMLOUT .= "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\"\r\n\t\t\"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\">\r\n\t\t<html xmlns='http://www.w3.org/1999/xhtml'>\r\n\t\t<head>\r\n\t\t<title>Error!</title>\r\n\t\t</head>\r\n\t\t<body>\r\n\t<div style='font-size:33px;color:white;background-color:red;text-align:center;'>Incorrect access<br />You cannot access this file directly.</div>\r\n\t</body></html>";
echo $HTMLOUT;
exit;
}
require_once INCL_DIR . 'user_functions.php';
require_once INCL_DIR . 'html_functions.php';
require_once CLASS_DIR . 'class_check.php';
class_check(UC_STAFF);
$lang = array_merge($lang);
$HTMLOUT = '';
function mkint($x)
{
return (int) $x;
}
$stdfoot = array('js' => array('wz_tooltip'));
$this_url = $_SERVER["SCRIPT_NAME"];
$do = isset($_GET["do"]) && $_GET["do"] == "disabled" ? "disabled" : "warned";
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$r = isset($_POST["ref"]) ? $_POST["ref"] : $this_url;
$_uids = isset($_POST["users"]) ? array_map('mkint', $_POST["users"]) : 0;
if ($_uids == 0 || count($_uids) == 0) {
stderr("Err", "Looks like you didn't select any user !");
}
*
*/
/*******************************************************
//=== shit list for staff to keep track of bad or suspected members personally
for BTDev 2010ish
*******************************************************/
if (!defined('IN_INSTALLER09_ADMIN')) {
$HTMLOUT = '';
$HTMLOUT .= "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\"\n\t\t\"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\">\n\t\t<html xmlns='http://www.w3.org/1999/xhtml'>\n\t\t<head>\n\t\t<title>Error!</title>\n\t\t</head>\n\t\t<body>\n\t<div style='font-size:33px;color:white;background-color:red;text-align:center;'>Incorrect access<br />You cannot access this file directly.</div>\n\t</body></html>";
echo $HTMLOUT;
exit;
}
require_once INCL_DIR . 'user_functions.php';
require_once INCL_DIR . 'bbcode_functions.php';
require_once CLASS_DIR . 'class_check.php';
class_check(UC_ADMINISTRATOR);
$lang = array_merge($lang);
$HTMLOUT = $message = $title = '';
//=== check if action2 is sent (either $_POST or $_GET) if so make sure it's what you want it to be
$action2 = isset($_POST['action2']) ? $_POST['action2'] : (isset($_GET['action2']) ? $_GET['action2'] : '');
$good_stuff = array('new', 'add', 'delete');
$action2 = $action2 && in_array($action2, $good_stuff, true) ? $action2 : '';
//=== action2 switch... do what must be done!
switch ($action2) {
//=== action2: new
case 'new':
$shit_list_id = isset($_GET['shit_list_id']) ? intval($_GET['shit_list_id']) : 0;
$return_to = str_replace('&', '&', htmlsafechars($_GET['return_to']));
$mc1->delete_value('shit_list_' . $CURUSER['id']);
if ($shit_list_id == $CURUSER["id"]) {
stderr("Error", "Cant add yerself");
| $URL$
| $snatched overview
|
+------------------------------------------------
*/
if (!defined('IN_INSTALLER09_ADMIN')) {
$HTMLOUT = '';
$HTMLOUT .= "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\"\r\n\t\t\"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\">\r\n\t\t<html xmlns='http://www.w3.org/1999/xhtml'>\r\n\t\t<head>\r\n\t\t<title>Error!</title>\r\n\t\t</head>\r\n\t\t<body>\r\n\t<div style='font-size:33px;color:white;background-color:red;text-align:center;'>Incorrect access<br />You cannot access this file directly.</div>\r\n\t</body></html>";
echo $HTMLOUT;
exit;
}
require_once INCL_DIR . 'user_functions.php';
require_once INCL_DIR . 'html_functions.php';
require_once INCL_DIR . 'pager_functions.php';
require_once CLASS_DIR . 'class_check.php';
class_check(UC_MODERATOR);
$lang = array_merge($lang, load_language('ad_snatched_torrents'));
$HTMLOUT = "";
function get_snatched_color($st)
{
global $lang;
$secs = $st;
$mins = floor($st / 60);
$hours = floor($mins / 60);
$days = floor($hours / 24);
$week = floor($days / 7);
$month = floor($week / 4);
if ($month > 0) {
$week_elapsed = floor(($st - $month * 4 * 7 * 24 * 60 * 60) / (7 * 24 * 60 * 60));
$days_elapsed = floor(($st - $week * 7 * 24 * 60 * 60) / (24 * 60 * 60));
$hours_elapsed = floor(($st - $days * 24 * 60 * 60) / (60 * 60));
* Copyright (C) 2010 Installer09 v.2
* A bittorrent tracker source based on TBDev.net/tbsource/bytemonsoon.
* Project Leaders: Mindless,putyn,kidvision.
**/
if (!defined('IN_INSTALLER09_ADMIN')) {
$HTMLOUT = '';
$HTMLOUT .= "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\"\r\n\t\t\"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\">\r\n\t\t<html xmlns='http://www.w3.org/1999/xhtml'>\r\n\t\t<head>\r\n\t\t<title>Error!</title>\r\n\t\t</head>\r\n\t\t<body>\r\n\t<div style='font-size:33px;color:white;background-color:red;text-align:center;'>Incorrect access<br />You cannot access this file directly.</div>\r\n\t</body></html>";
echo $HTMLOUT;
exit;
}
require_once INCL_DIR . 'user_functions.php';
require_once INCL_DIR . 'bbcode_functions.php';
require_once INCL_DIR . 'pager_functions.php';
require_once INCL_DIR . 'html_functions.php';
require_once CLASS_DIR . 'class_check.php';
class_check(UC_SYSOP, true, true);
$lang = array_merge($lang, load_language('ad_pmview'));
$stdfoot = array('js' => array('checkall'));
$HTMLOUT = '';
if (isset($_POST["delmp"])) {
$do = "DELETE FROM messages WHERE id IN (" . implode(", ", $_POST['delmp']) . ")";
$res = sql_query($do);
header("Refresh: 0; url=staffpanel.php?tool=pmview&action=pmview");
stderr("Success", "The messages where successfully deleted!");
}
$HTMLOUT .= '<script type="text/javascript">
/*<![CDATA[*/
var checkflag = "false";
var marked_row = new Array;
function check(field) {
if (checkflag == "false") {
| Project Leaders: Mindless,putyn. |
|--------------------------------------------------------------------------|
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/ \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \
( U | - | 2 | 3 | 2 )-( S | o | u | r | c | e )-( C | o | d | e )
\_/ \_/ \_/ \_/ \_/ \_/ \_/ \_/ \_/ \_/ \_/ \_/ \_/ \_/ \_/
*/
if (!defined('IN_INSTALLER09_ADMIN')) {
$htmlout = '';
$htmlout .= "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\"\n\t\t\"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\">\n\t\t<html xmlns='http://www.w3.org/1999/xhtml'>\n\t\t<head>\n\t\t<title>Error!</title>\n\t\t</head>\n\t\t<body>\n\t<div style='font-size:33px;color:white;background-color:red;text-align:center;'>Incorrect access<br />You cannot access this file directly.</div>\n\t</body></html>";
echo $htmlout;
exit;
}
require_once INCL_DIR . 'user_functions.php';
require_once CLASS_DIR . 'class_check.php';
class_check(UC_MAX, true, true);
$lang = array_merge($lang, load_language('ad_systemview'));
$htmlout = '';
if (isset($_GET['phpinfo']) and $_GET['phpinfo']) {
@ob_start();
phpinfo();
$parsed = @ob_get_contents();
@ob_end_clean();
preg_match("#<body>(.*)</body>#is", $parsed, $match1);
$php_body = $match1[1];
// PREVENT WRAP: Most cookies
$php_body = str_replace("; ", ";<br />", $php_body);
// PREVENT WRAP: Very long string cookies
$php_body = str_replace("%3B", "<br />", $php_body);
// PREVENT WRAP: Serialized array string cookies
$php_body = str_replace(";i:", ";<br />i:", $php_body);
if (preg_match('/^([0-9]+)$/', $s) == 1) {
return true;
} else {
return false;
}
}
$sub = $_POST['sub'];
if ($_POST['name'] == NULL) {
$error['name'] = '1';
} else {
$name = $_POST['name'];
if ($_POST['class1'] == NULL) {
$error['class'] = '1';
} else {
$class = $_POST['class1'];
if (!class_check($class)) {
$error['class'] = '3';
} else {
if ($_POST['birthday'] == NULL) {
$error['birthday'] = '1';
} else {
$birthday = $_POST['birthday'];
if (!birthday_check($birthday)) {
$error['birthday'] = '3';
} else {
if ($_POST['email'] == NULL) {
$error['email'] = '1';
} else {
$email = $_POST['email'];
if (!email_check($email)) {
$error['email'] = '3';
if (preg_match('/^([0-9]{2,2})+([a-dA-d]{1,1})+([1-5]{1,1})$/', $s) == 1) {
return true;
} else {
return false;
}
}
if ($_POST['userid'] == NULL || !is_number($_POST['userid'])) {
$error['id'] = '1';
} else {
if ($_POST['username'] == NULL) {
$error['name'] = '1';
} else {
if ($_POST['userclass'] == NULL) {
$error['class'] = '1';
} else {
if (!class_check($_POST['userclass'])) {
$error['class'] = '2';
} else {
if ($_POST['userbirthday'] == NULL) {
$error['birthday'] = '1';
} else {
if (!birthday_check($_POST['userbirthday'])) {
$error['birthday'] = '2';
} else {
if ($_POST['useremail'] == NULL) {
$error['email'] = '1';
} else {
if (!email_check($_POST['useremail'])) {
$error['email'] = '2';
} else {
if ($_POST['userscode'] == NULL) {
$numrow = @mysql_affected_rows();
$records["customActionMessage"] = "Xóa " . $numrow . " tài khoản thành công";
break;
}
}
$sql = "SELECT * FROM `user` WHERE 1";
if ($_REQUEST['user_id'] != NULL) {
$sql .= " AND `id` LIKE '%" . $_REQUEST['user_id'] . "%'";
}
if ($_REQUEST['user_code'] != NULL) {
$sql .= " AND `scode` LIKE '%" . $_REQUEST['user_code'] . "%'";
}
if ($_REQUEST['user_name'] != NULL) {
$sql .= " AND `name` LIKE '%" . $_REQUEST['user_name'] . "%'";
}
if ($_REQUEST['user_class'] != NULL && class_check($_REQUEST['user_class'])) {
$sql .= " AND `class` LIKE '%" . $_REQUEST['user_class'] . "%'";
}
if ($_REQUEST['user_borrowing'] != NULL) {
$sql .= " AND `borrowing` LIKE '%" . $_REQUEST['user_borrowing'] . "%'";
}
if ($_REQUEST['user_verify'] != '0' && $_REQUEST['user_verify'] != NULL) {
if ($_REQUEST['book_verify'] == '1') {
$sql .= " AND `verify` ='1'";
} else {
$sql .= " AND `verify` ='0'";
}
}
switch ($_REQUEST['order']['0']['column']) {
case '1':
$sql .= " ORDER BY `id` " . $_REQUEST['order']['0']['dir'];