// | |
// | You should have received a copy of the GNU General Public License |
// | along with TBDevYSE; if not, write to the Free Software Foundation, |
// | Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA |
// +--------------------------------------------------------------------------+
// | Do not remove above lines! |
// +--------------------------------------------------------------------------+
*/
require_once "include/bittorrent.php";
function bark($msg)
{
stderr("Произошла ошибка", $msg);
}
dbconn();
loggedinorreturn();
if (!mkglobal("email:oldpassword:chpassword:passagain")) {
bark("missing form data");
}
// $set = array();
$updateset = array();
$changedemail = 0;
if ($chpassword != "") {
if (strlen($chpassword) > 40) {
bark("Извините, ваш пароль слишком длинный (максимум 40 символов)");
}
if ($chpassword != $passagain) {
bark("Пароли не совпадают. Попробуйте еще раз.");
}
if ($CURUSER["passhash"] != md5($CURUSER["secret"] . $oldpassword . $CURUSER["secret"])) {
bark("Вы ввели неправильный старый пароль.");
}
/**
*
* @Author Neptune
* @Credits All credit to Retro for the great idea of his updated modtask.php
* @Project TBDev.net
* @Category Addon Mods
* @Date Monday, Jan 5, 2009
*/
require 'include/bittorrent.php';
require 'include/bbcode_functions.php';
require 'include/user_functions.php';
define('MIN_CLASS', UC_MODERATOR);
define('NFO_SIZE', 65535);
$possible_extensions = array('nfo', 'txt');
if (!mkglobal('id:name:descr:type')) {
die;
}
$id = 0 + $id;
if (!is_valid_id($id)) {
stderr('Error', 'Invalid ID!');
}
dbconn();
maxcoder();
if (!logged_in()) {
header("HTTP/1.0 404 Not Found");
// moddifed logginorreturn by retro//Remember to change the following line to match your server
print "<html><h1>Not Found</h1><p>The requested URL /{$_SERVER['PHP_SELF']} was not found on this server.</p><hr /><address>Apache/1.1.11 " . $SITENAME . " Server at " . $_SERVER['SERVER_NAME'] . " Port 80</address></body></html>\n";
die;
}
/**
}
if ($type == "signup" && mkglobal("email")) {
if (!validemail($email)) {
stderr($tracker_lang['error'], "Это не похоже на реальный email адрес.");
}
stdhead($tracker_lang['signup_successful']);
stdmsg($tracker_lang['signup_successful'], $use_email_act ? sprintf($tracker_lang['confirmation_mail_sent'], htmlspecialchars_uni($email)) : sprintf($tracker_lang['thanks_for_registering'], $SITENAME));
stdfoot();
} elseif ($type == "sysop") {
stdhead($tracker_lang['sysop_activated']);
if (isset($CURUSER)) {
stdmsg($tracker_lang['sysop_activated'], sprintf($tracker_lang['sysop_account_activated'], $DEFAULTBASEURL));
} else {
print "<p>Your account has been activated! However, it appears that you could not be logged in automatically. A possible reason is that you disabled cookies in your browser. You have to enable cookies to use your account. Please do that and then <a href=\"login.php\">log in</a> and try again.</p>\n";
}
mkglobal('email');
stdfoot();
} elseif ($type == "confirmed") {
stdhead($tracker_lang['account_activated']);
stdmsg($tracker_lang['account_activated'], $tracker_lang['this_account_activated']);
stdfoot();
} elseif ($type == "confirm") {
if (isset($CURUSER)) {
stdhead("Подтверждение регистрации");
print "<h1>Ваш аккаунт успешно подтвержден!</h1>\n";
print "<p>Ваш аккаунт теперь активирован! Вы автоматически вошли. Теперь вы можете <a href=\"{$DEFAULTBASEURL}/\"><b>перейти на главную</b></a> и начать использовать ваш аккаунт.</p>\n";
print "<p>Прежде чем начать использовать {$SITENAME} мы рекомендуем вам прочитать <a href=\"rules.php\"><b>правила</b></a> и <a href=\"faq.php\"><b>ЧаВо</b></a>.</p>\n";
stdfoot();
} else {
stdhead("Signup confirmation");
print "<h1>Account successfully confirmed!</h1>\n";
/**
* https://github.com/Bigjoos/
* Licence Info: GPL
* Copyright (C) 2010 U-232 v.3
* A bittorrent tracker source based on TBDev.net/tbsource/bytemonsoon.
* Project Leaders: Mindless, putyn.
*
*/
//==bookmark.php - by pdq
require_once dirname(__FILE__) . DIRECTORY_SEPARATOR . 'include' . DIRECTORY_SEPARATOR . 'bittorrent.php';
require_once INCL_DIR . 'user_functions.php';
dbconn();
loggedinorreturn();
$lang = array_merge(load_language('global'));
$HTMLOUT = '';
if (!mkglobal("torrent")) {
stderr("Error", "missing form data");
}
$userid = (int) $CURUSER['id'];
if (!is_valid_id($userid)) {
stderr("Error", "Invalid ID.");
}
if ($userid != $CURUSER["id"]) {
stderr("Error", "Access denied.");
}
$torrentid = 0 + $_GET["torrent"];
if (!is_valid_id($torrentid)) {
die;
}
if (!isset($torrentid)) {
stderr("Error", "Failed. No torrent selected");
| A bittorrent tracker source based on TBDev.net/tbsource/bytemonsoon. |
|--------------------------------------------------------------------------|
| Project Leaders: Mindless, Autotron, whocares, Swizzles. |
|--------------------------------------------------------------------------|
_ _ _ _ _ _ _ _ _ _ _ _ _ _ _
/ \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \
( U | - | 2 | 3 | 2 )-( S | o | u | r | c | e )-( C | o | d | e )
\_/ \_/ \_/ \_/ \_/ \_/ \_/ \_/ \_/ \_/ \_/ \_/ \_/ \_/ \_/
*/
require_once __DIR__ . DIRECTORY_SEPARATOR . 'include' . DIRECTORY_SEPARATOR . 'bittorrent.php';
require_once INCL_DIR . 'user_functions.php';
require_once INCL_DIR . 'html_functions.php';
require_once INCL_DIR . 'bbcode_functions.php';
require_once CLASS_DIR . 'page_verify.php';
global $CURUSER;
if (!mkglobal("id")) {
die;
}
$id = 0 + $id;
if (!$id) {
die;
}
/** who is modding by pdq **/
if (isset($_GET['unedit']) && $_GET['unedit'] == 1 && $CURUSER['class'] >= UC_STAFF) {
$returl = "details.php?id={$id}";
if (isset($_POST["returnto"])) {
$returl .= "&returnto=" . urlencode($_POST["returnto"]);
}
header("Refresh: 1; url={$returl}");
$mc1->delete_value('editedby_' . $id);
exit;
$HTMLOUT = '';
$HTMLOUT .= "<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\"\r\n\t\t\"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\">\r\n\t\t<html xmlns='http://www.w3.org/1999/xhtml'>\r\n\t\t<head>\r\n\t\t<title>Error!</title>\r\n\t\t</head>\r\n\t\t<body>\r\n\t<div style='font-size:33px;color:white;background-color:red;text-align:center;'>Incorrect access<br />You cannot access this file directly.</div>\r\n\t</body></html>";
print $HTMLOUT;
exit;
}
require_once INCL_DIR . 'user_functions.php';
require_once INCL_DIR . 'html_functions.php';
if (!min_class(UC_ADMINISTRATOR)) {
// or just simply: if (!min_class(UC_STAFF))
header("Location: {$TBDEV['baseurl']}/index.php");
}
$lang = array_merge($lang);
$select = '';
$HTMLOUT = '';
if ($_SERVER["REQUEST_METHOD"] == "POST") {
mkglobal("subforum:descr:place:minclassread:minclasswrite:minclasscreate");
if (empty($subforum) || empty($descr) || empty($place)) {
stderr("Err", "You missed something !");
} else {
mysql_query("INSERT INTO forums(`name`,`description` ,`minclassread` ,`minclasswrite` ,`minclasscreate`,`place`,`forid`) VALUES(" . join(",", array_map("sqlesc", array($subforum, $descr, $minclassread, $minclasswrite, $minclasscreate, $place, $place))) . ")") or sqlerr(__FILE__, __LINE__);
if (mysql_insert_id()) {
header('Refresh: 3; url=' . $TBDEV['baseurl'] . '/admin.php?action=msubforums');
stderr("Success", "Forum added");
} else {
header('Refresh: 2; url=' . $TBDEV['baseurl'] . '/admin.php?action=msubforums');
}
stderr("Err", "Something was wrong");
}
} else {
$HTMLOUT .= begin_frame();
//== First build the list with all the subforums
<?
require_once("include/bittorrent.php");
hit_start();
dbconn();
hit_count();
if (!mkglobal("type"))
die();
if ($type == "signup" && mkglobal("email")) {
stdhead("Skráning notanda");
stdmsg("Skráning tókst!",
"Það hefur verið sendur póstur á netfangið sem þú skráðir, fylgið hlekknum sem þar er til að virkja aðganginn.");
stdfoot();
}
elseif ($type == "confirmed") {
stdhead("Aðgangur nú þegar virkur");
print("<h1>Aðgangur nú þegar virkur</h1>\n");
print("<p>Þessi aðgangur hefur nú þegar verið virkur, þú getur skráð þig inn á <a href=\"login.php\">innskráningarsíðunni</a></p>\n");
stdfoot();
}
elseif ($type == "confirm") {
if (isset($CURUSER)) {
stdhead("Virkjun aðgangs");
print("<h1>Virkjun á aðgangi þínum tókst!</h1>\n");
print("<p>Aðgangur þinn hefur verið gerður virkur! Þú varst skráður inn sjálfkrafa. Þú getur nú farið á <a href=\"/\"><b>aðalsíðuna</b></a> og byrjað að nota aðganginn þinn.</p>\n");
print("<p>Áður en þú notar Istorrent ber þér skylda að lesa <a href=\"rules.php\"><b>reglurnar</b></a> og <a href=\"faq.php\"><b>SOS</b></a>.</p>\n");
<?php
require_once './config.php';
require_once './class/conn.class.php';
include './include/function.php';
$con = new conn();
if (!mkglobal('user:password:openid')) {
exit(json_encode(array('status' => 'fail', 'errmsg' => '非法操作')));
}
$sql = "SELECT * FROM `weixin` WHERE `openid` = '{$openid}'";
$result = $con->query($sql);
if (!empty($result)) {
exit(json_encode(array('status' => 'fail', 'errmsg' => '已绑定账户!')));
}
$sql = "SELECT * FROM `users` WHERE `username` = '{$user}' ";
$result = $con->query($sql);
if ($result != NULL) {
$rs = $result[0];
if ($rs['status'] == 'pending') {
echo json_encode(array('status' => 'fail', 'errmsg' => '账户未激活'));
exit;
}
if ($rs['passhash'] != md5($rs['secret'] . $password . $rs['secret'])) {
var_dump($rs);
echo md5($rs['secret'] . $password . $rs['secret']);
echo json_encode(array('status' => 'fail', 'errmsg' => '密码错误!'));
exit;
}
$sql = "INSERT INTO `weixin` (`ptid` , `openid` ) VALUES ('{$rs['id']}','{$openid}')";
if ($con->query($sql)) {
echo json_encode(array('status' => 'success', 'errmsg' => '成功!'));
$lang = array_merge(load_language('global'), load_language('takelogin'));
// 09 failed logins thanks to pdq - Retro
function failedloginscheck()
{
global $INSTALLER09;
$total = 0;
$ip = getip();
$res = sql_query("SELECT SUM(attempts) FROM failedlogins WHERE ip=" . sqlesc($ip)) or sqlerr(__FILE__, __LINE__);
list($total) = mysqli_fetch_row($res);
if ($total >= $INSTALLER09['failedlogins']) {
sql_query("UPDATE failedlogins SET banned = 'yes' WHERE ip=" . sqlesc($ip)) or sqlerr(__FILE__, __LINE__);
stderr("Login Locked!", "You have been <b>Exceeded</b> the allowed maximum login attempts without successful login, therefore your ip address <b>(" . htmlsafechars($ip) . ")</b> has been locked for 24 hours.");
}
}
// End
if (!mkglobal('username:password' . ($INSTALLER09['captcha_on'] ? ":captchaSelection:" : ":") . 'submitme')) {
die('Something went wrong');
}
if ($submitme != 'X') {
stderr('Ha Ha', 'You Missed, You plonker !');
}
if ($INSTALLER09['captcha_on'] && !$gotkey) {
if (empty($captchaSelection) || $_SESSION['simpleCaptchaAnswer'] != $captchaSelection) {
header('Location: login.php');
exit;
}
}
function bark($text = 'Username or password incorrect')
{
global $lang, $INSTALLER09, $mc1;
$sha = sha1($_SERVER['REMOTE_ADDR']);
| =============================================
| by CoLdFuSiOn
| (c) 2003 - 2009 TBDev.Net
| http://www.tbdev.net
| =============================================
| svn: http://sourceforge.net/projects/tbdevnet/
| Licence Info: GPL
+------------------------------------------------
| $Date$
| $Revision$
| $Author$
| $URL$
+------------------------------------------------
*/
require_once 'include/bittorrent.php';
if (!mkglobal('username:password:captcha')) {
die;
}
session_start();
if (empty($captcha) || $_SESSION['captcha_id'] != strtoupper($captcha)) {
header('Location: login.php');
exit;
}
dbconn();
$lang = array_merge(load_language('global'), load_language('takelogin'));
function bark($text = 'Username or password incorrect')
{
global $lang;
stderr($lang['tlogin_failed'], $text);
}
$res = mysql_query("SELECT id, passhash, secret, enabled FROM users WHERE username = "******" AND status = 'confirmed'");
//== 09 failed logins thanks to pdq - Retro
function failedloginscheck()
{
global $INSTALLER09;
$total = 0;
$ip = sqlesc(getip());
$res = sql_query("SELECT SUM(attempts) FROM failedlogins WHERE ip={$ip}") or sqlerr(__FILE__, __LINE__);
list($total) = mysql_fetch_row($res);
if ($total >= $INSTALLER09['failedlogins']) {
mysql_query("UPDATE failedlogins SET banned = 'yes' WHERE ip={$ip}") or sqlerr(__FILE__, __LINE__);
stderr("Login Locked!", "You have been <b>Exceeded</b> the allowed maximum login attempts without successful login, therefore your ip address <b>(" . htmlspecialchars($ip) . ")</b> has been locked for 24 hours.");
}
}
//==End
failedloginscheck();
if (!mkglobal("qlogin") || strlen($qlogin = htmlspecialchars($qlogin)) != 96) {
die(n00b);
}
function bark($text = "<b>Oops</b>: Theres been an error - w00t!")
{
stderr("Error", $text);
}
$hash1 = substr($qlogin, 0, 32);
$hash2 = substr($qlogin, 32, 32);
$hash3 = substr($qlogin, 64, 32);
$hash1 .= $hash2 . $hash3;
$res = sql_query("SELECT id, username, passhash, enabled FROM users WHERE hash1 = " . sqlesc($hash1) . " AND class >= " . UC_MODERATOR . " AND status = 'confirmed' LIMIT 1");
$row = mysql_fetch_assoc($res);
if (!$row) {
$ip = sqlesc(getip());
$added = sqlesc(time());
// | Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA |
// +--------------------------------------------------------------------------+
// | Do not remove above lines! |
// +--------------------------------------------------------------------------+
*/
require_once 'include/bittorrent.php';
dbconn();
if ($_SERVER['REQUEST_METHOD'] == 'POST') {
if ($use_captcha) {
$b = get_row_count('captcha', 'WHERE imagehash = ' . sqlesc($_POST['imagehash']) . ' AND imagestring = ' . sqlesc($_POST['imagestring']));
sql_query('DELETE FROM captcha WHERE imagehash = ' . sqlesc($_POST['imagehash'])) or die(mysql_error());
if ($b == 0) {
stderr($tracker_lang['error'], 'Вы ввели неправильный код подтверждения.');
}
}
if (!mkglobal('useremail:subject:message')) {
stderr($tracker_lang['error'], 'Вы не заполнили все поля формы! Вернитесь назад и попробуйте еще раз.');
}
if (!validemail($useremail)) {
stderr($tracker_lang['error'], 'Это не похоже на реальный email адрес.');
}
$ip = getip();
$username = $CURUSER['username'] ? $CURUSER['username'] : '******';
if ($CURUSER) {
$userid = $CURUSER['id'];
} else {
$userid = 0;
}
$body = <<<EOD
Сообщение через обратную связь на {$website_name}:
//== 09 failed logins thanks to pdq - Retro
function failedloginscheck()
{
global $INSTALLER09;
$total = 0;
$ip = getip();
$res = sql_query("SELECT SUM(attempts) FROM failedlogins WHERE ip=" . sqlesc($ip)) or sqlerr(__FILE__, __LINE__);
list($total) = mysqli_fetch_row($res);
if ($total >= $INSTALLER09['failedlogins']) {
sql_query("UPDATE failedlogins SET banned = 'yes' WHERE ip=" . sqlesc($ip)) or sqlerr(__FILE__, __LINE__);
stderr("Login Locked!", "You have <b>Exceeded</b> the allowed maximum login attempts without successful login, therefore your ip address <b>(" . htmlsafechars($ip) . ")</b> has been locked out for 24 hours.");
}
}
//==End
failedloginscheck();
if (!mkglobal("qlogin") || strlen($qlogin = $qlogin) != 96) {
die(n00b);
}
function bark($text = 'Username or password incorrect')
{
global $lang, $INSTALLER09, $mc1;
$sha = sha1($_SERVER['REMOTE_ADDR']);
$dict_key = 'dictbreaker:::' . $sha;
$flood = $mc1->get_value($dict_key);
if ($flood === false) {
$mc1->cache_value($dict_key, 'flood_check', 20);
} else {
die('Minimum 8 seconds between login attempts :)');
}
stderr($lang['tlogin_failed'], $text);
}
*/
require_once __DIR__ . DIRECTORY_SEPARATOR . 'include' . DIRECTORY_SEPARATOR . 'bittorrent.php';
require_once INCL_DIR . 'user_functions.php';
require_once INCL_DIR . 'password_functions.php';
dbconn();
// Begin the session
ini_set('session.use_trans_sid', '0');
session_start();
global $CURUSER;
if (!$CURUSER) {
get_template();
}
$lang = array_merge(load_language('global'), load_language('recover'));
$stdhead = array('js' => array('jquery', 'jquery.simpleCaptcha-0.2'));
if ($_SERVER["REQUEST_METHOD"] == "POST") {
if (!mkglobal('email' . ($INSTALLER09['captcha_on'] ? ":captchaSelection" : "") . '')) {
stderr("Oops", "Missing form data - You must fill all fields");
}
if ($INSTALLER09['captcha_on']) {
if (empty($captchaSelection) || $_SESSION['simpleCaptchaAnswer'] != $captchaSelection) {
header('Location: recover.php');
exit;
}
}
$email = trim($_POST["email"]);
if (!validemail($email)) {
stderr("{$lang['stderr_errorhead']}", "{$lang['stderr_invalidemail']}");
}
$res = sql_query("SELECT * FROM users WHERE email=" . sqlesc($email) . " LIMIT 1") or sqlerr(__FILE__, __LINE__);
$arr = mysqli_fetch_assoc($res) or stderr("{$lang['stderr_errorhead']}", "{$lang['stderr_notfound']}");
$sec = mksecret();
* @Date Monday, Aug 2, 2010
*/
require_once dirname(__FILE__) . DIRECTORY_SEPARATOR . 'include' . DIRECTORY_SEPARATOR . 'bittorrent.php';
require_once INCL_DIR . 'user_functions.php';
require_once CLASS_DIR . 'page_verify.php';
require_once INCL_DIR . 'function_memcache.php';
define('MIN_CLASS', UC_STAFF);
define('NFO_SIZE', 65535);
dbconn();
loggedinorreturn();
$lang = array_merge(load_language('global'), load_language('takeedit'));
$newpage = new page_verify();
$newpage->check('teit');
$torrent_cache = $torrent_txt_cache = '';
$possible_extensions = array('nfo', 'txt');
if (!mkglobal('id:name:body:type')) {
die('Id,descr,name or type missing');
}
$id = isset($_POST['id']) ? (int) $_POST['id'] : 0;
if (!is_valid_id($id)) {
stderr($lang['takedit_failed'], $lang['takedit_no_data']);
}
/**
*
* @Function valid_torrent_name
* @Notes only safe characters are allowed..
* @Begin
*/
function valid_torrent_name($torrent_name)
{
$allowedchars = 'abcdefghijklmnopqrstuvwxyz ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789.-_[]*()';
loggedinorreturn();
function ratios($up, $down)
{
if ($down > 0) {
$ratio = number_format($up / $down, 3);
return "<font color='" . get_ratio_color($ratio) . "'>{$ratio}</font>";
} else {
if ($up > 0) {
return "Inf.";
} else {
return "---";
}
}
return;
}
mkglobal("captcha");
session_start();
if (empty($captcha) || $_SESSION['captcha_id'] != strtoupper($captcha)) {
stderr("Error", "Wrong word verification. Go back and try again!");
exit;
}
$n_pms = isset($_POST["n_pms"]) ? $_POST["n_pms"] : false;
if ($n_pms) {
////// MM ///
if ($CURUSER['class'] < UC_MODERATOR) {
stderr("Error", "Permission denied");
}
$msg = trim($_POST["msg"]);
if (!$msg) {
stderr("Error", "Please enter something!");
}
if (empty($answer)) {
stderr("{$lang['stderr_errorhead']}", "{$lang['stderr_error6']}");
}
if ($fetch['hintanswer'] != md5($answer)) {
$ip = getip();
$useragent = $_SERVER['HTTP_USER_AGENT'];
$msg = "" . htmlspecialchars($fetch['username']) . ", on " . get_date(time(), '', 1, 0) . ", {$lang['main_message']}" . "\n\n{$lang['main_message1']} " . $ip . " (" . @gethostbyaddr($ip) . ")" . "\n {$lang['main_message2']} " . $useragent . "\n\n {$lang['main_message3']}\n {$lang['main_message4']}\n";
$subject = "Failed password reset";
mysql_query('INSERT INTO messages (receiver, msg, subject, added) VALUES (' . sqlesc((int) $fetch['id']) . ', ' . sqlesc($msg) . ', ' . sqlesc($subject) . ', ' . sqlesc(time()) . ')') or sqlerr(__FILE__, __LINE__);
stderr("{$lang['stderr_errorhead']}", "{$lang['stderr_error7']}");
} else {
$HTMLOUT .= "<form method='post' action='?step=3'>\r\n<table border='1' cellspacing='0' cellpadding='10'>\r\n<tr><td class='rowhead'>{$lang['main_new_pass']}</td>\r\n<td><input type='password' size='40' name='newpass' /></td></tr>\r\n<tr><td class='rowhead'>{$lang['main_new_pass_confirm']}</td><td><input type='password' size='40' name='newpassagain' /></td></tr>\r\n<tr><td colspan='2' align='center'><input type='submit' value='{$lang['main_changeit']}' class='btn' />\r\n<input type='hidden' name='id' value='" . (int) $fetch['id'] . "' /></td></tr></table></form>";
print stdhead('Reset Lost Password') . $HTMLOUT . stdfoot();
}
} elseif ($step == '3') {
if (!mkglobal('id:newpass:newpassagain')) {
die;
}
$select = mysql_query('SELECT id, editsecret FROM users WHERE id = ' . sqlesc($id)) or sqlerr(__FILE__, __LINE__);
$fetch = mysql_fetch_assoc($select) or stderr("{$lang['stderr_errorhead']}", "{$lang['stderr_error8']}");
if (empty($newpass)) {
stderr("{$lang['stderr_errorhead']}", "{$lang['stderr_error9']}");
}
if ($newpass != $newpassagain) {
stderr("{$lang['stderr_errorhead']}", "{$lang['stderr_error10']}");
}
if (strlen($newpass) < 6) {
stderr("{$lang['stderr_errorhead']}", "{$lang['stderr_error11']}");
}
if (strlen($newpass) > 40) {
stderr("{$lang['stderr_errorhead']}", "{$lang['stderr_error12']}");
<?php
require_once "include/bittorrent.php";
require_once "include/bbcode_functions.php";
dbconn();
maxcoder();
$res = sql_query("SELECT COUNT(*) FROM users") or sqlerr(__FILE__, __LINE__);
$arr = mysql_fetch_row($res);
if ($arr[0] >= $maxusers) {
stderr("Error", "Sorry, user limit reached. Please try again later.");
}
if (!mkglobal("wantusername:wantpassword:passagain:email:captcha:passhint:hintanswer")) {
die;
}
session_start();
if (empty($captcha) || $_SESSION['captcha_id'] != strtoupper($captcha)) {
header('Location: index.php');
exit;
}
function bark($msg)
{
stdhead();
stdmsg("Signup failed!", $msg);
stdfoot();
exit;
}
function isportopen($port)
{
$sd = @fsockopen($_SERVER["REMOTE_ADDR"], $port, $errno, $errstr, 1);
if ($sd) {
fclose($sd);
<?php
require_once "include/bittorrent.php";
dbconn();
require_once get_langfile_path();
loggedinorreturn();
function bark($msg)
{
global $lang_takeedit;
genbark($msg, $lang_takeedit['std_edit_failed']);
}
if (!mkglobal("id:name:descr:type")) {
global $lang_takeedit;
bark($lang_takeedit['std_missing_form_data']);
}
$id = 0 + $id;
if (!$id) {
die;
}
$res = sql_query("SELECT category, owner, filename, save_as, anonymous, picktype, picktime, added FROM torrents WHERE id = " . mysql_real_escape_string($id));
$row = mysql_fetch_array($res);
$torrentAddedTimeString = $row['added'];
if (!$row) {
die;
}
if ($CURUSER["id"] != $row["owner"] && get_user_class() < $torrentmanage_class) {
bark($lang_takeedit['std_not_owner']);
}
$oldcatmode = get_single_value("categories", "mode", "WHERE id=" . sqlesc($row['category']));
$updateset = array();
//$fname = $row["filename"];
<?php
require_once "include/bittorrent.php";
require_once "include/user_functions.php";
function bark($msg)
{
genbark($msg, "Update failed!");
}
dbconn();
loggedinorreturn();
if (!mkglobal("email:chpassword:passagain:chmailpass")) {
bark("missing form data");
}
// $set = array();
$updateset = array();
$changedemail = 0;
if ($chpassword != "") {
if (strlen($chpassword) > 40) {
bark("Sorry, password is too long (max is 40 chars)");
}
if ($chpassword != $passagain) {
bark("The passwords didn't match. Try again.");
}
$sec = mksecret();
$passhash = md5($sec . $chpassword . $sec);
$updateset[] = "secret = " . sqlesc($sec);
$updateset[] = "passhash = " . sqlesc($passhash);
logincookie($CURUSER["id"], $passhash);
}
if ($email != $CURUSER["email"]) {
if (!validemail($email)) {
<?php
require_once "include/bittorrent.php";
header("Content-Type: text/html; charset=utf-8");
if (!mkglobal("username:password")) {
die;
}
dbconn();
require_once get_langfile_path("", false, get_langfolder_cookie());
cur_user_check();
function bark($text = "")
{
global $lang_takelogin;
$text = $text == "" ? $lang_takelogin['std_login_fail_note'] : $text;
stderr($lang_takelogin['std_login_fail'], $text, false);
}
if ($iv == "yes") {
check_code($_POST['imagehash'], $_POST['imagestring'], 'login.php', true);
}
if (get_magic_quotes_gpc()) {
$username = stripslashes($username);
}
$res = sql_query("SELECT id, passhash, secret, enabled, status FROM users WHERE username = "******"'" . mysql_real_escape_string($username) . "'");
$row = mysql_fetch_array($res);
if (!$row) {
failedlogins();
}
if ($row['status'] == 'pending') {
failedlogins($lang_takelogin['std_user_account_unconfirmed']);
}
if ($row["passhash"] != md5($row["secret"] . $password . $row["secret"])) {
stderr("{$lang['stderr_errorhead']}", "{$lang['stderr_error7']}");
} else {
$sec = mksecret();
$sechash = md5($sec . $fetch['id'] . $fetch['hintanswer']);
sql_query("UPDATE users SET editsecret = " . sqlesc($sec) . " WHERE id = " . sqlesc($id));
$mc1->begin_transaction('MyUser_' . $fetch["id"]);
$mc1->update_row(false, array('editsecret' => $sec));
$mc1->commit_transaction($INSTALLER09['expires']['curuser']);
$mc1->begin_transaction('user' . $fetch["id"]);
$mc1->update_row(false, array('editsecret' => $sec));
$mc1->commit_transaction($INSTALLER09['expires']['user_cache']);
$HTMLOUT .= "<form method='post' action='?step=3'>\n <table border='1' cellspacing='0' cellpadding='10'>\n <tr><td class='rowhead'>{$lang['main_new_pass']}</td>\n <td><input type='password' size='40' name='newpass' /></td></tr>\n <tr><td class='rowhead'>{$lang['main_new_pass_confirm']}</td><td><input type='password' size='40' name='newpassagain' /></td></tr>\n <tr><td colspan='2' align='center'><input type='submit' value='{$lang['main_changeit']}' class='btn' />\n <input type='hidden' name='id' value='" . (int) $fetch['id'] . "' />\n <input type='hidden' name='hash' value='" . $sechash . "' /></td></tr></table></form>";
echo stdhead('Reset Lost Password') . $HTMLOUT . stdfoot();
}
} elseif ($step == '3') {
if (!mkglobal('id:newpass:newpassagain:hash')) {
die;
}
if (strlen($hash) != 32 || !ctype_xdigit($hash)) {
die('access denied');
}
$select = sql_query('SELECT id, editsecret FROM users WHERE id = ' . sqlesc($id)) or sqlerr(__FILE__, __LINE__);
$fetch = mysqli_fetch_assoc($select) or stderr("{$lang['stderr_errorhead']}", "{$lang['stderr_error8']}");
if (empty($newpass)) {
stderr("{$lang['stderr_errorhead']}", "{$lang['stderr_error9']}");
}
if ($newpass != $newpassagain) {
stderr("{$lang['stderr_errorhead']}", "{$lang['stderr_error10']}");
}
if (strlen($newpass) < 6) {
stderr("{$lang['stderr_errorhead']}", "{$lang['stderr_error11']}");
/**
* http://btdev.net:1337/svn/test/Installer09_Beta
* Licence Info: GPL
* Copyright (C) 2010 BTDev Installer v.1
* A bittorrent tracker source based on TBDev.net/tbsource/bytemonsoon.
* Project Leaders: Mindless,putyn.
**/
require_once dirname(__FILE__) . DIRECTORY_SEPARATOR . 'include' . DIRECTORY_SEPARATOR . 'bittorrent.php';
dbconn();
loggedinorreturn();
$lang = array_merge(load_language('global'), load_language('takerate'));
if (!isset($CURUSER)) {
stderr("Error", "{$lang['rate_login']}");
}
if (!mkglobal("rating:id")) {
stderr("Error", "{$lang['rate_miss_form_data']}");
}
$id = 0 + $id;
if (!$id) {
stderr("Error", "{$lang['rate_invalid_id']}");
}
$rating = 0 + $rating;
if ($rating <= 0 || $rating > 5) {
stderr("Error", "{$lang['rate_invalid']}");
}
$res = sql_query("SELECT owner FROM torrents WHERE id = {$id}");
$row = mysql_fetch_assoc($res);
if (!$row) {
stderr("Error", "{$lang['rate_torrent_not_found']}");
}
if (!$CURUSER) {
get_template();
}
$ip = getip();
if (!$INSTALLER09['openreg']) {
stderr('Sorry', 'Invite only - Signups are closed presently if you have an invite code click <a href="' . $INSTALLER09['baseurl'] . '/invite_signup.php"><b> Here</b></a>');
}
$res = sql_query("SELECT COUNT(id) FROM users") or sqlerr(__FILE__, __LINE__);
$arr = mysqli_fetch_row($res);
if ($arr[0] >= $INSTALLER09['maxusers']) {
stderr($lang['takesignup_error'], $lang['takesignup_limit']);
}
$lang = array_merge(load_language('global'), load_language('takesignup'));
$newpage = new page_verify();
$newpage->check('tesu');
if (!mkglobal('wantusername:wantpassword:passagain:email' . ($INSTALLER09['captcha_on'] ? ":captchaSelection:" : ":") . 'submitme:passhint:hintanswer:country')) {
stderr($lang['takesignup_user_error'], $lang['takesignup_form_data']);
}
if ($submitme != 'X') {
stderr('Ha Ha', 'You Missed, You plonker !');
}
if ($INSTALLER09['captcha_on']) {
if (empty($captchaSelection) || $_SESSION['simpleCaptchaAnswer'] != $captchaSelection) {
header('Location: signup.php');
exit;
}
}
function validusername($username)
{
global $lang;
if ($username == "") {
}
// 09 failed logins thanks to pdq - Retro
function failedloginscheck()
{
global $INSTALLER09;
$total = 0;
$ip = sqlesc(getip());
$res = sql_query("SELECT SUM(attempts) FROM failedlogins WHERE ip={$ip}") or sqlerr(__FILE__, __LINE__);
list($total) = mysql_fetch_row($res);
if ($total >= $INSTALLER09['failedlogins']) {
mysql_query("UPDATE failedlogins SET banned = 'yes' WHERE ip={$ip}") or sqlerr(__FILE__, __LINE__);
stderr("Login Locked!", "You have been <b>Exceeded</b> the allowed maximum login attempts without successful login, therefore your ip address <b>(" . htmlspecialchars($ip) . ")</b> has been locked for 24 hours.");
}
}
//==End
if (!mkglobal('username:password:captchaSelection:submitme')) {
die('Something went wrong');
}
if ($submitme != 'X') {
stderr('Ha Ha', 'You Missed, You plonker !');
}
session_start();
if (empty($captchaSelection) || $_SESSION['simpleCaptchaAnswer'] != $captchaSelection) {
header('Location: login.php');
exit;
}
dbconn();
$lang = array_merge(load_language('global'), load_language('takelogin'));
$newpage = new page_verify();
$newpage->check('takelogin');
function bark($text = 'Username or password incorrect')
<?php
require_once "include/bittorrent.php";
dbconn();
$res = mysql_query("SELECT COUNT(*) FROM users") or sqlerr(__FILE__, __LINE__);
$arr = mysql_fetch_row($res);
$arr[0]--;
if ($arr[0] >= $maxusers) {
stderr("Error", "Sorry, user limit reached. Please try again later.");
}
if (!mkglobal("wantusername:wantpassword:passagain:email:captcha")) {
die;
}
session_start();
if (empty($captcha) || $_SESSION['captcha_id'] != strtoupper($captcha)) {
header('Location: signup.php');
exit;
}
function bark($msg)
{
stdhead();
stdmsg("Signup failed!", $msg);
stdfoot();
exit;
}
function validusername($username)
{
if ($username == "") {
return false;
}
// The following characters are allowed in user names
<?
require_once("include/bittorrent.php");
hit_start();
dbconn();
#$res = mysql_query("SELECT COUNT(*) FROM users") or sqlerr(__FILE__, __LINE__);
#$arr = mysql_fetch_row($res);
#if ($arr[0] >= $maxusers)
# stderr("Villa", "Afsakið, netþjónninn er fullur. reynið aftur síðar.");
if (!mkglobal("wantusername:wantpassword:passagain:email"))
die();
function bark($msg) {
stdhead();
stdmsg("Skráning mistókst!", $msg);
stdfoot();
exit;
}
function validusername($username)
{
if ($username == "")
return false;
// The following characters are allowed in user names
$allowedchars = "aábcdðeéfghiíjklmnoópqrstuúvwxyýzþæöAÁBCDÐEÉFGHIÍJKLMNOÓPQRSTUÚVWXYZÞÆÖ0123456789";
$main = trim($_POST["main"]);
if (!$main)
{
stdhead();
stdmsg("�ps...", "�� ver�ur a� sl� inn eitthva�!");
stdfoot();
exit;
}
hit_count();
if (!isset($CURUSER))
die();
if (!mkglobal("main:id"))
die();
$id = 0 + $id;
if (!$id)
die();
$res = mysql_query("SELECT 1 FROM torrents WHERE id = $id");
$row = mysql_fetch_array($res);
if (!$row)
die();
$dags = get_date_time();
$sqlinsert = 'INSERT INTO comments (user, torrent, added, text, ori_text) VALUES (\''.$CURUSER[id].'\',\''.$id.'\',\''.$dags.'\','.sqlesc($main).','.sqlesc($main).')';
mysql_query($sqlinsert);
$image['img_height'] = $img_size[1];
}
$updateset[] = "sig_w = " . sqlesc($image['img_width']);
$updateset[] = "sig_h = " . sqlesc($image['img_height']);
$updateset[] = "signature = " . sqlesc("[img]" . $signature . "[/img]\n");
}
$updateset[] = "signatures = '{$signatures}'";
if (isset($_POST["info"]) && ($info = $_POST["info"]) != $CURUSER["info"]) {
$updateset[] = "info = " . sqlesc($info);
}
$action = "signature";
} elseif ($action == "security") {
if (isset($_POST['ssluse']) && ($ssluse = (int) $_POST['ssluse']) && $ssluse != $CURUSER['ssluse']) {
$updateset[] = "ssluse = " . $ssluse;
}
if (!mkglobal("email:chpassword:passagain:chmailpass:secretanswer")) {
stderr("Error", $lang['takeeditcp_no_data']);
}
if ($chpassword != "") {
if (strlen($chpassword) > 40) {
stderr("Error", $lang['takeeditcp_pass_long']);
}
if ($chpassword != $passagain) {
stderr("Error", $lang['takeeditcp_pass_not_match']);
}
$secret = mksecret();
$passhash = make_passhash($secret, md5($chpassword));
$updateset[] = "secret = " . sqlesc($secret);
$updateset[] = "passhash = " . sqlesc($passhash);
logincookie($CURUSER["id"], md5($passhash . $_SERVER["REMOTE_ADDR"]));
}
<?php
require "include/bittorrent.php";
require_once "include/bbcode_functions.php";
dbconn();
if (!logged_in()) {
header("HTTP/1.0 404 Not Found");
// moddifed logginorreturn by retro//Remember to change the following line to match your server
print "<html><h1>Not Found</h1><p>The requested URL /{$_SERVER['PHP_SELF']} was not found on this server.</p><hr /><address>Apache/1.1.11 " . $SITENAME . " Server at " . $_SERVER['SERVER_NAME'] . " Port 80</address></body></html>\n";
die;
}
if (get_user_class() < UC_ADMINISTRATOR) {
stderr("Error", "Access denied.");
}
if ($_SERVER["REQUEST_METHOD"] == "POST") {
mkglobal("readclass:writeclass:createclass:subforum:descr:place");
if (empty($readclass) || empty($writeclass) || empty($createclass) || empty($subforum) || empty($descr) || empty($place)) {
stderr("Err", "You missed something !");
} else {
mysql_query("INSERT INTO forums(`name`,`description` ,`minclassread` ,`minclasswrite` ,`minclasscreate`,`place`,`forid`) VALUES(" . join(",", array_map("sqlesc", array($subforum, $descr, $readclass, $writeclass, $createclass, $place, $place))) . ")") or sqlerr(__FILE__, __LINE__);
if (mysql_insert_id()) {
header("Refresh: 2; url=" . $_SERVER["PHP_SELF"]);
stderr("Succes", "Forum added");
} else {
stderr("Err", "Something was wrong");
}
}
} else {
stdhead();
begin_frame();
// first build the list with all the subforums