function auth() { if (!valid('janitor_board')) { // Admin.php login $temp = "" . "<div align='center' vertical-align='middle'>" . ($temp = '<form action="' . PHP_ASELF . '" method="post"><table>' . '<tr><td>Username</td><td><input type="text" name="usernm" style="width:100%" /></td></tr>' . '<tr><td>Password</td><td><input type="password" name="passwd" style="width:100%" /></td></tr>'); if (SECURE_LOGIN) { if (RECAPTCHA) { $temp .= "<tr><td colspan='2'><script src='//www.google.com/recaptcha/api.js'></script><div class='g-recaptcha' data-sitekey='" . RECAPTCHA_SITEKEY . "'></td></tr>"; } else { $temp .= "<tr><td><img src='" . CORE_DIR_PUBLIC . "/general/captcha.php' /></td><td><input type='text' name='num' size='20' placeholder='Captcha'></td></tr>"; } } $temp .= "<tr><td colspan='2'><input type='submit' value='" . S_MANASUB . "'></td></tr></table>" . "<br></form></div>"; echo $temp; if (isset($_POST['usernm']) && isset($_POST['passwd'])) { if (SECURE_LOGIN) { require_once CORE_DIR . '/general/captcha.php'; $captcha = new Captcha(); if ($captcha->isValid() !== true) { $this->error(S_CAPFAIL); } } $this->doLogin($_POST['usernm'], $_POST['passwd']); echo "<META HTTP-EQUIV=\"refresh\" content=\"0;URL=" . PHP_ASELF_ABS . "\">"; } die("</body></html>"); } return $temp; }
function reportSubmit($board, $no, $type) { global $mysql; require_once CORE_DIR . "/general/captcha.php"; $captcha = new Captcha(); $style = NSFW ? "saguaba" : "sagurichan"; if ($captcha->isValid() !== true) { die("<head><link rel='stylesheet' type='text/css' href='" . CSS_PATH . "/stylesheets/" . $style . ".css'/></head><body>\n <center><font color=blue size=5>You did not solve the captcha correctly.</b></font><br><br>[<a href='" . PHP_SELF . "?mode=report&no=" . $no . "'>Try again?</a>]</center></body>"); } /*cat = 1: Rule violation cat = 2: Illegal content cat = 3: Advertising 0 = Cleared by moderator, can't report it again. This is not a valid submit option. If the report isn't submitted with either cat 1,2 or 3, it is discarded */ $host = $_SERVER['REMOTE_ADDR']; $cboard = $mysql->escape_string($board); $cno = $mysql->escape_string($no); $ctype = $mysql->escape_string($type); $mysql->query("INSERT INTO reports (`num`, `no`, `board`, `type`, `time`, `ip`) VALUES ( '" . rand() . "', '" . $cno . "', '" . $cboard . "', '" . $ctype . "', NOW(), '" . $host . "') "); echo "<head><link rel='stylesheet' type='text/css' href='" . CSS_PATH . "/" . $style . ".css'/><script>function loaded(){window.setTimeout(CloseMe, 3000);}function CloseMe() {window.close();}</script></head><body onLoad='loaded()'>\n\t<center><font color=blue size=5>Report submitted! This window will close in 3 seconds...</b></font></center></body>"; }
if (!pruefe_mail($email) && !empty($email)) { $ausgabe .= "<li>" . _falschemail . "</li>"; } } if ($homepage_pflicht && empty($homepage)) { $ausgabe .= "<li>" . _homepage . "</li>"; } else { $homepage = strip_tags(trim($homepage)); if (substr($homepage, 0, 3) == "www") { $homepage = "http://" . $homepage; } if (!pruefe_hp($homepage) && !empty($homepage)) { $ausgabe .= "<li>" . _falschehp . "</li>"; } } if ($captcha && !$controller->isValid(htmlentities($_POST['number']))) { $ausgabe .= "<li>" . _fehlercaptcha . "</li>"; } $name = strip_tags($name); $name = trim($name); if (!pruefe_forbiddenwords($text, $forbiddenwords)) { $ausgabe .= "<li>" . _unerlaubtezeichen . "</li>"; } if (!$html) { $text = strip_tags($text); } $text = trim($text); $icq = strip_tags(trim($icq)); if (preg_match("/\\D/", $icq) && !empty($icq)) { $ausgabe .= "<li>" . _falscheicq . "</li>"; }
<?php global $upfile, $upfile_name; if ($_SERVER["REQUEST_METHOD"] != "POST") { error(S_UNJUST, $upfile); } //Captcha check if (BOTCHECK === true && !valid('moderator')) { require_once CORE_DIR . '/general/captcha.php'; $captcha = new Captcha(); if ($captcha->isValid() !== true) { error(S_CAPFAIL, $upfile); } } //Uploaded file check if ($_FILES["upfile"]["error"] > 0) { if ($_FILES["upfile"]["error"] == UPLOAD_ERR_INI_SIZE || $_FILES["upfile"]["error"] == UPLOAD_ERR_FORM_SIZE) { error(S_TOOBIG, $upfile); } if ($_FILES["upfile"]["error"] == UPLOAD_ERR_PARTIAL || $_FILES["upfile"]["error"] == UPLOAD_ERR_CANT_WRITE) { error(S_UPFAIL, $upfile); } } if ($upfile_name && $_FILES["upfile"]["size"] == 0) { error(S_TOOBIGORNONE, $upfile); } //Basic proxy check. if (PROXY_CHECK && preg_match("/^(mail|ns|dns|ftp|prox|pc|[^\\.]\\.[^\\.]\$)/", $host) > 0 || preg_match("/(ne|ad|bbtec|aol|uu|(asahi-net|rim)\\.or)\\.(com|net|jp)\$/", $host) > 0) { if (@fsockopen($_SERVER["REMOTE_ADDR"], 80, $a, $b, 2) == 1) { error(S_PROXY80, $dest); } elseif (@fsockopen($_SERVER["REMOTE_ADDR"], 8080, $a, $b, 2) == 1) {
function chk_antispam($m, $nopictures = false) { global $allgAr; if ($nopictures) { return (bool) (isset($_POST['antispam_id']) and isset($_SESSION['antispam'][$_POST['antispam_id']])); } if (is_numeric($allgAr['antispam']) and has_right($allgAr['antispam'])) { return true; } $captcha = true; if ($captcha) { include_once 'include/includes/libs/captcha/captcha.php'; $controller = new Captcha(); } if ($captcha && !$controller->isValid($_POST['number'])) { return false; } return true; }
function captcha() { $c = new Captcha(); if ($c->isValid()) { return Result::ok(); } else { return Result::error("Il codice captcha inserito non è valido."); } }
/** * Prüft, ob der Antispamcode richtig eingegeben wurde * Der NoPictureMode fügt ein Hidden Feld ein, um Cross Site Request Forgery Attacken zu unterbinden, der NoPictureMode * wird automatisch genutzt, wenn kein Bildabfrage statt findet, kann aber auch erzwungen werden * * @global array $allgAr * @param string $m Modulname, um unterschiedliche Antispamfelder auf einer Seite zu ermöglichen * @param boolean $nopictures NoPictureMode erzwingen * @return boolean */ function chk_antispam($m, $nopictures = false) { global $allgAr; if (!$nopictures && is_numeric($allgAr['antispam']) && has_right($allgAr['antispam'])) { $nopictures = true; } $valid = false; if ($nopictures && isset($_POST['antispam_id'])) { $antispamId = $_POST['antispam_id']; if (isset($_SESSION['antispam'][$antispamId]) && $_SESSION['antispam'][$antispamId]) { $valid = true; unset($_SESSION['antispam'][$antispamId]); } } elseif (isset($_POST['captcha_code']) && isset($_POST['captcha_id'])) { require_once 'include/includes/captcha/Captcha.php'; $controller = new Captcha(); $captchaCode = strtoupper($_POST['captcha_code']); $valid = $controller->isValid($captchaCode, $_POST['captcha_id']); } return $valid; }