private static function pdoErrors($e)
{
$c = __('Conection failed');
$c2 = __('Check your database configuration file');
switch ($e->getCode()) {
case '0':
trigger_error($c . ' :: ' . __('No conection parameters') . ' :: ' . $c2, E_USER_WARNING);
break;
case '2002':
trigger_error($c . ' :: ' . __('Incorrect Host') . ' :: ' . $c2, E_USER_WARNING);
break;
case '1044':
trigger_error($c . ' :: ' . __('Incorrect Username') . ' :: ' . $c2, E_USER_WARNING);
break;
case '1045':
trigger_error($c . ' :: ' . __('Incorrect Password') . ' :: ' . $c2, E_USER_WARNING);
break;
case '1049':
trigger_error($c . ' :: ' . __('Incorrect Database Name') . ' :: ' . $c2, E_USER_WARNING);
break;
case '42S02':
$table = explode("'", $e->errorInfo[2]);
trigger_error($c . ' :: ' . inject(__('Table %tablename% not found in database'), array('tablename' => '<strong>' . $table[1] . '</strong>')), E_USER_WARNING);
break;
case '42S22':
$column = explode("'", $e->errorInfo[2]);
trigger_error($c . ' :: ' . inject(__('Column %columnname% not found in database'), array('columnname' => '<strong>' . $column[1] . '</strong>')), E_USER_WARNING);
break;
default:
trigger_error(__('SQL Error') . ' :: ' . $e->getMessage(), E_USER_WARNING);
break;
}
}
public static function templateEdit()
{
extract(\Supernova\View::$values);
$name = \Supernova\Core::$elements['controller'];
$title = inject(__("Edit %name%: %item%"), array("name" => $name, "item" => ${$name}));
$form = \Supernova\Form::create(array("model" => $name, "values" => ${$name}));
$link = \Supernova\Helper::link(array("href" => \Supernova\Route::generateUrl(array("prefix" => \Supernova\Core::$elements['prefix'], "controller" => $name, "action" => "index")), "text" => __("<< Back")));
return "\n <h3>{$title}</h3>\n {$form}\n {$link}\n ";
}
/**
* Verifica si las dependencias necesarias estan cargadas en PHP
*/
public static function moduleCheck()
{
try {
foreach (self::$dependences as $extension) {
if (!extension_loaded($extension)) {
throw new Exception($extension);
}
}
} catch (Exception $e) {
debug(inject(__('extension %1 not loaded'), array("%1" => $e->getMessage())));
\Supernova\View::callError(500);
}
}
function fullupdate()
{
$GLOBALS["FULL"] = true;
$pidfile = "/etc/artica-postfix/pids/" . basename(__FILE__) . "." . __FUNCTION__ . ".pid";
$unix = new unix();
$pid = @file_get_contents($pidfile);
if ($unix->process_exists($pid, __FILE__)) {
writelogsBLKS("Warning: Already running pid {$pid}", __FUNCTION__, __FILE__, __LINE__);
return;
}
@file_put_contents($pidfile, getmypid());
update();
downloads();
inject();
}
function bf_check_user($username)
{
$log_ip = $_SERVER['REMOTE_ADDR'];
$current = time();
$query = sprintf(BF_IP, $log_ip, $current - 300, $current);
$result = execute_query($query, "check_user", 1, 0);
$tentativas = $result->count();
while ($line = $result->fetch_row()) {
if ($line[0] > $current) {
return (int) (($line[0] - $current) / 60);
}
}
$result->free();
if ($tentativas > 9) {
$query = sprintf(BF_ADD, "Random Try", $log_ip, $current, $current + 600);
$result = execute_query($query, "check_user", 1, 0);
return (int) (600 / 60);
}
if (inject($username)) {
return 0;
}
$query = sprintf(BF_USER, $username, $current - 300, $current);
$result = execute_query($query, "check_user", 1, 0);
$tentativas = $result->count();
while ($line = $result->fetch_row()) {
if ($line[0] > $current) {
return (int) (($line[0] - $current) / 60);
}
}
$result->free();
if ($tentativas > 2) {
$query = sprintf(BF_ADD, $username, $log_ip, $current, $current + 300);
$result = execute_query($query, "check_user", 1, 0);
return (int) (300 / 60);
}
return 0;
}
}
}
}
if (!empty($POST_opt)) {
if ($POST_opt == 1 && isset($POST_frm_name) && !strcmp($POST_frm_name, "login")) {
$bf_check = bf_check_user(trim($POST_username));
if ($bf_check > 0) {
$msg = sprintf($lang['BLOCKED'], $bf_check);
erro_de_login();
alert($msg);
}
if (empty($POST_username) || empty($POST_login_pass)) {
erro_de_login();
alert($lang['INCORRECT_CHARACTER']);
}
if (inject($POST_username) || inject($POST_login_pass)) {
erro_de_login();
bf_error(trim($POST_username));
alert($lang['INCORRECT_CHARACTER']);
}
$session = $_SESSION[$CONFIG_name . 'sessioncode'];
if ($CONFIG_auth_image && function_exists("gd_info") && strtoupper($POST_code) != substr(strtoupper(md5("Mytext" . $session['login'])), 0, 6)) {
erro_de_login();
bf_error(trim($POST_username));
alert($lang['INCORRECT_CODE']);
}
if (strlen($POST_username) > 23 || strlen($POST_username) < 4) {
erro_de_login();
bf_error(trim($POST_username));
alert($lang['USERNAME_LENGTH']);
}
an e-mail to cerescp@gmail.com
*/
session_start();
include_once 'config.php';
// loads config variables
include_once 'query.php';
// imports queries
include_once 'functions.php';
if (!empty($_SESSION[$CONFIG_name . 'account_id']) && $CONFIG_reset_enable) {
if ($_SESSION[$CONFIG_name . 'account_id'] > 0) {
if (!empty($GET_opt)) {
if ($GET_opt == 1) {
if (is_online()) {
alert($lang['NEED_TO_LOGOUT_F']);
}
if (inject($GET_GID1)) {
alert($lang['RESETLOOK_RESET_LOOK']);
}
if (isset($GET_equip) && $GET_equip > 0) {
$query = sprintf(LOOK_EQUIP, $GET_GID1, $_SESSION[$CONFIG_name . 'account_id']);
$result = execute_query($query, "resetlook.php");
$query = sprintf(LOOK_INVENTORY, $GET_GID1);
$result = execute_query($query, "resetlook.php");
alert($lang['RESETLOOK_EQUIP_OK']);
}
if (isset($GET_hair_color) && $GET_hair_color > 0) {
$query = sprintf(LOOK_HAIR_COLOR, $GET_GID1, $_SESSION[$CONFIG_name . 'account_id']);
$result = execute_query($query, "resetlook.php");
alert($lang['RESETLOOK_HAIRC_OK']);
}
if (isset($GET_hair_style) && $GET_hair_style > 0) {
<?php
session_start();
include_once 'config.php';
include_once 'functions.php';
if (!isset($_SESSION[$CONFIG['Name'] . 'member_id']) || $_SESSION[$CONFIG['Name'] . 'member_id'] <= 0) {
redir("news.php", "main_div", "Debes estar logeado con tu cuenta de Miembro para accesar aca");
}
if (!isset($_SESSION[$CONFIG['Name'] . 'account_id']) || $_SESSION[$CONFIG['Name'] . 'account_id'] <= 0) {
redir("cuentas.php", "main_div", "Debes seleccionar una cuenta de juego para accesar aca.");
}
if (!empty($_GET['opt']) && $_GET['opt'] == 1 && !inject($_GET['thisip'])) {
// Buscando Quien es por IP
opentable("Quien es <b>" . $_GET['thisip'] . "</b> ?");
echo '
<center>
<hr>
| <span title="regresar..." style="cursor:pointer" onMouseOver="this.style.color=#FF3300" onMouseOut="this.style.color=#000000" onClick="return LINK_ajax(\'logaccesos.php\',\'main_div\');">Regresar al Registro</span> |
<hr>
</center>
<table width="550">
<tr>
<td align="center" colspan="5" class="head"><b>Por Registros de Ultimo Acceso:</b><br><br></td>
</tr>
<tr>
<td align="left" class="head">Personaje</td>
<td> </td>
<td align="left" class="head">Clase</td>
<td> </td>
<td align="left" class="head">Acceso Final</td>
</tr>
function ParseDirectory($path)
{
if (!is_dir($path)) {
echo "{$path} No such directory\n";
return;
}
$sock = new sockets();
$unix = new unix();
$uuid = $unix->GetUniqueID();
if ($uuid == null) {
echo "No uuid\n";
return;
}
$handle = opendir($path);
$q = new mysql_squid_builder();
$f = false;
while (false !== ($dir = readdir($handle))) {
if ($dir == ".") {
continue;
}
if ($dir == "..") {
continue;
}
if (!is_file("{$path}/{$dir}/domains")) {
echo "{$path}/{$dir}/domains no such file\n";
continue;
}
$category = sourceCategoryToArticaCategory($dir);
if ($category == null) {
echo "{$path}/{$dir}/domains no such category\n";
continue;
}
$table = "category_" . $q->category_transform_name($category);
if (!$q->TABLE_EXISTS($table)) {
echo "{$category} -> no such table {$table}\n";
continue;
}
inject($category, $table, "{$path}/{$dir}/domains");
}
$tables = $q->LIST_TABLES_CATEGORIES();
while (list($table, $www) = each($tables)) {
$sql = "SELECT COUNT(zmd5) as tcount FROM {$table} WHERE sended=0 and enabled=1";
$ligne = mysql_fetch_array($q->QUERY_SQL($sql));
$prefix = "INSERT IGNORE INTO categorize (zmd5 ,pattern,zDate,uuid,category) VALUES";
if ($ligne["tcount"] > 0) {
echo "{$table} {$ligne["tcount"]} items to export\n";
$results = $q->QUERY_SQL("SELECT * FROM {$table} WHERE sended=0 and enabled=1");
while ($ligne2 = mysql_fetch_array($results, MYSQL_ASSOC)) {
$f[] = "('{$ligne2["zmd5"]}','{$ligne2["pattern"]}','{$ligne2["zDate"]}','{$uuid}','{$ligne2["category"]}')";
$c++;
if (count($f) > 3000) {
$q->QUERY_SQL($prefix . @implode(",", $f));
if (!$q->ok) {
echo $q->mysql_error . "\n";
return;
}
$f = array();
}
}
$q->QUERY_SQL("UPDATE {$table} SET sended=1 WHERE sended=0");
}
}
if (count($f) > 0) {
$q->QUERY_SQL($prefix . @implode(",", $f));
$f = array();
}
}
To contact any of the authors about special permissions send
an e-mail to cerescp@gmail.com
*/
session_start();
include_once 'config.php';
// loads config variables
include_once 'query.php';
// imports queries
include_once 'adminquery.php';
include_once 'functions.php';
if (!isset($_SESSION[$CONFIG_name . 'level']) || $_SESSION[$CONFIG_name . 'level'] < $CONFIG['cp_admin']) {
die("Not Authorized");
}
if (isset($GET_frm_name) && isset($GET_id)) {
if (notnumber($GET_id) || inject($GET_login) || inject($GET_password) || inject($GET_email)) {
alert($lang['INCORRECT_CHARACTER']);
}
$query = sprintf(ACCOUNTS_SEARCH_ACCOUNT_ID, trim($GET_id));
$result = execute_query($query, 'adminaccedit.php');
if ($line = $result->fetch_row()) {
if ($GET_sex != 'M' && $GET_sex != 'F') {
$GET_sex = $line[2];
}
if ($GET_level > 99 || $GET_level < 0) {
$GET_level = $line[4];
}
if ($_SESSION[$CONFIG_name . 'level'] <= $line[4] || $GET_level >= $_SESSION[$CONFIG_name . 'level'] && $_SESSION[$CONFIG_name . 'level'] != 99) {
$GET_level = $line[4];
}
$query = sprintf(ACCEDIT_UPDATE, $GET_login, $GET_password, $GET_sex, $GET_email, $GET_level, trim($GET_id));
include_once(dirname(__FILE__)."/ressources/class.dansguardian.inc");
include_once(dirname(__FILE__)."/ressources/class.squid.inc");
include_once(dirname(__FILE__)."/ressources/class.squidguard.inc");
include_once(dirname(__FILE__)."/ressources/class.mysql.inc");
include_once(dirname(__FILE__).'/framework/class.unix.inc');
include_once(dirname(__FILE__)."/framework/frame.class.inc");
if(posix_getuid()<>0){die("Cannot be used in web server mode\n\n");}
if(count($argv)>0){
$imploded=implode(" ",$argv);
if(preg_match("#--verbose#",$imploded)){$GLOBALS["VERBOSE"]=true;$GLOBALS["debug"]=true;ini_set_verbosed(); }
if(preg_match("#--reload#",$imploded)){$GLOBALS["RELOAD"]=true;}
if(preg_match("#--shalla#",$imploded)){$GLOBALS["SHALLA"]=true;}
if(preg_match("#--catto=(.+?)\s+#",$imploded,$re)){$GLOBALS["CATTO"]=$re[1];}
if($argv[1]=="--inject"){echo inject($argv[2],$argv[3]);exit;}
if($argv[1]=="--conf"){echo conf();exit;}
if($argv[1]=="--ufdbguard-compile"){echo UFDBGUARD_COMPILE_SINGLE_DB($argv[2]);exit;}
if($argv[1]=="--ufdbguard-dbs"){echo UFDBGUARD_COMPILE_DB();exit;}
if($argv[1]=="--ufdbguard-miss-dbs"){echo ufdbguard_recompile_missing_dbs();exit;}
if($argv[1]=="--ufdbguard-recompile-dbs"){echo ufdbguard_recompile_dbs();exit;}
if($argv[1]=="--ufdbguard-schedule"){ufdbguard_schedule();exit;}
if($argv[1]=="--list-missdbs"){BuildMissingUfdBguardDBS(false,true);exit;}
if($argv[1]=="--cron-compile"){cron_compile();exit;}
if($argv[1]=="--ufdbguard-status"){print_r(UFDBGUARD_STATUS());exit;}
}
<?php
session_start();
include_once 'config.php';
include_once 'functions.php';
if (!empty($_GET['opt'])) {
if (inject($_GET['buscar'])) {
redir("lognames.php", "main_div", "Caracteres invalidos en el termino de Busqueda.");
}
$consulta = "\r\n\t\t\tSELECT\r\n\t\t\t\t`old_name`, `new_name`, `date`\r\n\t\t\tFROM\r\n\t\t\t\t`cp_nameslog`\r\n\t\t\tWHERE\r\n\t\t\t\t`old_name` LIKE '%" . $_GET['buscar'] . "%' OR `new_name` LIKE '%" . $_GET['buscar'] . "%'\r\n\t\t\tORDER BY\r\n\t\t\t\t`id` DESC\r\n\t\t\tLIMIT 50\r\n\t\t";
} else {
$consulta = "\r\n\t\t\tSELECT\r\n\t\t\t\t`old_name`, `new_name`, `date`\r\n\t\t\tFROM\r\n\t\t\t\t`cp_nameslog`\r\n\t\t\tORDER BY\r\n\t\t\t\t`id` DESC\r\n\t\t\tLIMIT 50\r\n\t\t";
}
$log = $mysql->query($consulta, $CONFIG['DBLogs']);
opentable("Registro de Cambio de Nombres");
?>
<table width="550">
<tr>
<td align="center" class="head">
Buscar en el Registro de Cambios
</td>
</tr>
<tr>
<td align="center">
<form id="busqueda" onsubmit="return GET_ajax('lognames.php','main_div','busqueda')">
<input type="text" name="buscar"maxlength="24" size="24" onKeyPress="return force(this.name,this.form.id,event);">
<input type="hidden" name="opt" value=1>
<input type="submit" value="Buscar">
</form>
</td>
include_once 'config.php';
// loads config variables
include_once 'query.php';
// imports queries
include_once 'functions.php';
include_once 'mail.php';
if (!$CONFIG_password_recover || $CONFIG_password_recover && $CONFIG_md5_pass) {
redir("motd.php", "main_div", "Disabled");
}
if (!empty($GET_opt)) {
if ($GET_opt == 1 && isset($GET_frm_name) && !strcmp($GET_frm_name, "recover")) {
$session = $_SESSION[$CONFIG_name . 'sessioncode'];
if ($CONFIG_auth_image && function_exists("gd_info") && strtoupper($GET_code) != substr(strtoupper(md5("Mytext" . $session['recover'])), 0, 6)) {
alert($lang['INCORRECT_CODE']);
}
if (inject($GET_email)) {
alert($lang['INCORRECT_CHARACTER']);
}
$query = sprintf(RECOVER_PASSWORD, $GET_email);
$result = execute_query($query, 'recover.php');
if (!$result->count()) {
alert($lang['UNKNOWN_MAIL']);
}
for ($i = 0; $result->fetch_row(); $i++) {
$accounts[$i][0] = $result->row[0];
$accounts[$i][1] = $result->row[1];
$accounts[$i][2] = $result->row[2];
}
$answer = email($accounts);
erro_de_login(1);
redir("motd.php", "main_div", $answer);
}
if (isset($_POST['opt']) && $_POST['opt'] == 1) {
if (strlen($_POST['cpass']) < 6 || strlen($_POST['cpass']) > 23 || inject($_POST['cpass'])) {
redir("password.php", "main_div", "La Clave Actual no es del largo correcto o contiene caracteres no permitidos.<br>Click aqui para volver a intentarlo.");
}
$result = $mysql->query("\r\n\t\t\tSELECT\r\n\t\t\t\t`user_pass`\r\n\t\t\tFROM\r\n\t\t\t\t`login`\r\n\t\t\tWHERE\r\n\t\t\t\t`account_id` = '" . $_SESSION[$CONFIG['Name'] . 'account_id'] . "' AND\r\n\t\t\t\t`member_id` = '" . $_SESSION[$CONFIG['Name'] . 'member_id'] . "'\r\n\t\t", $CONFIG['DBMain']);
if (!($acc = $mysql->fetchrow($result))) {
redir("cuentas.php", "main_div", "La Cuenta no corresponde a tu Membresia o hay problemas para obtener la informacion actual.<br>Click aqui para seleccionar la cuenta de nuevo.");
}
if (strcmp($acc[0], $_POST['cpass'])) {
redir("password.php", "main_div", "La Clave que ingresate como Actual, no corresponde a la de la Cuenta.<br>Click aqui para volver a intentarlo.");
}
if (strlen($_POST['npass']) < 6 || strlen($_POST['npass']) > 23 || inject($_POST['npass'])) {
redir("password.php", "main_div", "La Clave Nueva no es del largo correcto o contiene caracteres no permitidos.<br>Click aqui para volver a intentarlo.");
}
if (strlen($_POST['rpass']) < 6 || strlen($_POST['rpass']) > 23 || inject($_POST['rpass'])) {
redir("password.php", "main_div", "La Confirmacion de Clave no es del largo correcto o contiene caracteres no permitidos.<br>Click aqui para volver a intentarlo.");
}
if (strcmp($_POST['npass'], $_POST['rpass'])) {
redir("password.php", "main_div", "La Clave Nueva y la Confirmacion no son iguales. <br>Click aqui para volver a intentarlo.");
}
// Todo comprobado, Realizando el Cambio
$mysql->query("\r\n\t\t\tUPDATE\r\n\t\t\t\t`login`\r\n\t\t\tSET\r\n\t\t\t\t`user_pass` = '" . $_POST['npass'] . "'\r\n\t\t\tWHERE\r\n\t\t\t\t`account_id` = '" . $_SESSION[$CONFIG['Name'] . 'account_id'] . "'\r\n\t\t", $CONFIG['DBMain']);
redir("cuentas.php", "main_div", "Tu clave ha sido cambiada con Exito.<br>Click aqui para volver al menu de Cuentas.");
} else {
opentable("Cambio de Clave de Juego");
?>
<form id="changepass" onsubmit="return POST_ajax('password.php','main_div','changepass');">
<table width="550">
<tr>
<td align="center" height="30" valign="middle">
alert($lang['PASSWORD_LENGTH_OLD']);
}
if (!strcmp($POST_password, $POST_username)) {
// passwords e username iguais
alert($lang['PASSWORD_REJECTED']);
}
if (strcmp($POST_password, $POST_confirm)) {
alert($lang['PASSWORD_NOT_MATCH']);
}
if ($CONFIG_safe_pass && thepass(trim($POST_password))) {
alert($lang['PASSWORD_REJECTED']);
}
if (strlen($POST_email) < 7 || !strstr($POST_email, '@') || !strstr($POST_email, '.')) {
alert($lang['EMAIL_NEEDED']);
}
if (strlen($POST_birthdate) < 8 || inject($POST_birthday)) {
alert($lang['INVALID_BIRTHDAY']);
}
$query = sprintf(CHECK_USERID, trim($POST_username));
$result = execute_query($query, 'account.php');
if ($result->count()) {
alert($lang['USERNAME_IN_USE']);
}
if ($POST_sex) {
$POST_sex = 'F';
} else {
$POST_sex = 'M';
}
if ($CONFIG_md5_pass) {
$POST_password = md5($POST_password);
}
session_start();
include_once 'config.php';
include_once 'functions.php';
if (!isset($_SESSION[$CONFIG['Name'] . 'member_id']) || $_SESSION[$CONFIG['Name'] . 'member_id'] <= 0) {
redir("news.php", "main_div", "Debes estar logeado con tu cuenta de Miembro para accesar aca");
}
if (isset($_POST['opt'])) {
if ($_POST['opt'] == 1 && isset($_POST['frm_name']) && !strcmp($_POST['frm_name'], 'account')) {
// Revisando Datos para creacion de Cuenta
$userid = trim($_POST['userid']);
$pass = trim($_POST['apass']);
$sex = $_POST['sex'];
if (strlen($userid) < 6 || strlen($userid) > 23 || inject($userid)) {
redir("newaccount.php", "main_div", "El nombre de usuario es Invalido o tiene caracteres inapropiados.<br>Click aqui para continuar");
}
if (strlen($pass) < 6 || strlen($pass) > 23 || inject($pass)) {
redir("newaccount.php", "main_div", "La Clave es Invalido o tiene caracteres inapropiados.<br>Click aqui para continuar");
}
if (strcmp($pass, trim($_POST['cpass']))) {
redir("newaccount.php", "main_div", "Las Claves de Cuenta y Confirmacion no son iguales.<br>Click aqui para continuar");
}
if (!strcmp($pass, $userid)) {
redir("newaccount.php", "main_div", "La Clave no puede ser igual al Login.<br>Click aqui para continuar");
}
$email = $_SESSION[$CONFIG['Name'] . 'email'];
$member_id = $_SESSION[$CONFIG['Name'] . 'member_id'];
$last_ip = $_SERVER['REMOTE_ADDR'];
if ($mysql->countrows($mysql->query("SELECT `account_id` FROM `login` WHERE `userid` = '{$userid}'", $CONFIG['DBMain'])) > 0) {
redir("newaccount.php", "main_div", "El Login ya esta en uso en la Base de Datos, utiliza otro.<br>Click aqui para continuar");
}
$mysql->query("\r\n\t\t\t\tINSERT INTO `login`\r\n\t\t\t\t\t(`userid`, `user_pass`, `sex`, `email`, `last_ip`, `member_id`)\r\n\t\t\t\tVALUES\r\n\t\t\t\t\t('{$userid}', '{$pass}', '{$sex}', '{$email}', '{$last_ip}', '{$member_id}')\r\n\t\t\t", $CONFIG['DBMain']);
include_once 'config.php';
// loads config variables
include_once 'query.php';
// imports queries
include_once 'adminquery.php';
include_once 'functions.php';
if (!isset($_SESSION[$CONFIG_name . 'level']) || $_SESSION[$CONFIG_name . 'level'] < $CONFIG['cp_admin']) {
die("Not Authorized");
}
if (!isset($GET_frm_name) && !isset($GET_page)) {
opentable("View Accounts");
echo "\r\n\t<form id=\"accounts\" onSubmit=\"return GET_ajax('adminaccounts.php','accounts_div','accounts');\">\r\n\t\t<table>\r\n\t\t\t<tr>\r\n\t\t\t\t<td>Search</td><td>\r\n\t\t\t\t<input type=\"text\" name=\"termo\" maxlength=\"23\" size=\"23\">\r\n\t\t\t\t<select name=\"tipo\">\r\n\t\t\t\t<option value=\"1\">account_id\r\n\t\t\t\t<option selected value=\"2\">login\r\n\t\t\t\t<option value=\"3\">email\r\n\t\t\t\t<option value=\"4\">IP\r\n\t\t\t\t</select></td><td>\r\n\t\t\t\t<input type=\"submit\" name=\"search\" value=\"search\"></td>\r\n\t\t\t\t<td><span title=\"Show All\" style=\"cursor:pointer\" onMouseOver=\"this.style.color='#FF3300'\" onMouseOut=\"this.style.color='#000000'\" onClick=\"return LINK_ajax('adminaccounts.php?page=0','accounts_div');\">Show All</span></td>\r\n\t\t\t</tr>\r\n\t\t</table>\r\n\t</form>\r\n\r\n\t<div id=\"accounts_div\" style=\"color:#000000\">";
$begin = 1;
}
if (isset($GET_tipo)) {
if (inject($GET_tipo)) {
alert($lang['INCORRECT_CHARACTER']);
}
if (strlen($GET_termo) < 3) {
alert("Please type at least 3 chars");
}
switch ($GET_tipo) {
case 1:
$query = sprintf(ACCOUNTS_SEARCH_ACCOUNT_ID, trim($GET_termo));
break;
case 3:
$query = sprintf(ACCOUNTS_SEARCH_EMAIL, trim($GET_termo));
break;
case 4:
$query = sprintf(ACCOUNTS_SEARCH_IP, trim($GET_termo));
break;
an e-mail to cerescp@gmail.com
*/
session_start();
include_once 'config.php';
// loads config variables
include_once 'query.php';
// imports queries
include_once 'functions.php';
if (!empty($_SESSION[$CONFIG_name . 'account_id'])) {
if ($_SESSION[$CONFIG_name . 'account_id'] > 0) {
if (!empty($POST_opt)) {
if ($POST_opt == 1 && isset($POST_frm_name) && !strcmp($POST_frm_name, "password")) {
if (strcmp($POST_newpass, $POST_confirm) != 0) {
alert($lang['PASSWORD_NOT_MATCH']);
}
if (inject($POST_login_pass) || inject($POST_newpass)) {
alert($lang['INCORRECT_CHARACTER']);
}
if (strlen($POST_login_pass) < 4 || strlen($POST_login_pass) > 23) {
alert($lang['PASSWORD_LENGTH_OLD']);
}
if ($CONFIG_safe_pass && (strlen(trim($POST_newpass)) < 6 || strlen(trim($POST_newpass)) > 23)) {
alert($lang['PASSWORD_LENGTH']);
}
if (strlen(trim($POST_newpass)) < 4 || strlen(trim($POST_newpass)) > 23) {
alert($lang['PASSWORD_LENGTH_OLD']);
}
if ($CONFIG_safe_pass && thepass(trim($POST_newpass))) {
alert($lang['PASSWORD_REJECTED']);
}
if ($CONFIG_md5_pass) {
an e-mail to cerescp@gmail.com
*/
session_start();
include_once 'config.php';
// loads config variables
include_once 'query.php';
// imports queries
include_once 'functions.php';
if (!empty($_SESSION[$CONFIG_name . 'account_id'])) {
if ($_SESSION[$CONFIG_name . 'account_id'] > 0) {
if (!empty($POST_opt)) {
if ($POST_opt == 1 && isset($POST_frm_name) && !strcmp($POST_frm_name, "changemail")) {
if (strlen($POST_email) < 7 || !strstr($POST_email, '@') || !strstr($POST_email, '.')) {
alert($lang['CHANGEMAIL_MAIL_INVALID']);
}
if (inject($POST_email) || inject($POST_login_pass)) {
alert($lang['INCORRECT_CHARACTER']);
}
if (strlen($POST_login_pass) < 4 || strlen($POST_login_pass) > 23) {
alert($lang['PASSWORD_LENGTH_OLD']);
}
if ($CONFIG_md5_pass) {
$POST_login_pass = md5($POST_login_pass);
}
$query = sprintf(CHANGE_EMAIL, $POST_email, $POST_login_pass, $_SESSION[$CONFIG_name . 'account_id']);
$result = execute_query($query, 'changemail.php');
}
}
$query = sprintf(CHECK_EMAIL, $_SESSION[$CONFIG_name . 'account_id']);
$result = execute_query($query, 'changemail.php');
$cemail = $result->fetch_row();
if (!isset($_SESSION[$CONFIG['Name'] . 'member_id']) || $_SESSION[$CONFIG['Name'] . 'member_id'] <= 0) {
redir("news.php", "main_div", "Debes estar logeado con tu cuenta de Miembro para accesar aca");
}
if (!isset($_SESSION[$CONFIG['Name'] . 'account_id']) || $_SESSION[$CONFIG['Name'] . 'account_id'] <= 0) {
redir("cuentas.php", "main_div", "Primero selecciona una cuenta de juego para proceder.<br>Click aqui para seleccionar otra cuenta.");
}
$account_id = $_SESSION[$CONFIG['Name'] . 'account_id'];
$cash_points = 0;
if ($result = $mysql->fetchrow($mysql->query("SELECT `cash_points` FROM `login` WHERE `account_id` = '{$account_id}'", $CONFIG['DBMain']))) {
$cash_points = $result[0];
}
if (isset($_POST['opt']) && $_POST['opt'] == 1) {
if (strlen($_POST['reference']) < 1 || strlen($_POST['reference']) > 40 || inject($_POST['reference'])) {
redir("donate.php", "main_div", "Error en el Numero de Referencia (caracteres invalidos o largo incorrecto)<br>Click aqui para volver a intentar.");
}
if (strlen($_POST['place']) < 1 || strlen($_POST['place']) > 40 || inject($_POST['place'])) {
redir("donate.php", "main_div", "Error en el Lugar de Deposito (caracteres invalidos o largo incorrecto)<br>Click aqui para volver a intentar.");
}
if (!isset($_POST['amount']) || notnumber($_POST['amount']) || $_POST['amount'] <= 0) {
redir("donate.php", "main_div", "Valor incorrecto de Monto<br>Click aqui para volver a intentar.");
}
if (!isset($_POST['moneda']) || notnumber($_POST['moneda']) || $_POST['moneda'] < 0 || $_POST['moneda'] > 2) {
redir("donate.php", "main_div", "Valor incorrecto de Moneda<br>Click aqui para volver a intentar.");
}
// Reportando
$mysql->query("\r\n\t\t\tINSERT INTO `cp_donatives`\r\n\t\t\t\t(`reference`, `amount`, `coin`, `place`, `status`, `account_id`, `date`, `nombre`, `email`)\r\n\t\t\tVALUES\r\n\t\t\t\t('" . $_POST['reference'] . "', '" . $_POST['amount'] . "', '" . $_POST['moneda'] . "', '" . $_POST['place'] . "', '0', '{$account_id}', NOW(), '" . $_SESSION[$CONFIG['Name'] . 'nombre'] . "', '" . $_SESSION[$CONFIG['Name'] . 'email'] . "')\r\n\t\t", $CONFIG['DBLogs']);
redir("donate.php", "main_div", "Tu donativo ha sido reportado, cuando el Staff lo confirme, sera trasladado a tu Fondo de Cuenta.<br>Click aqui para ver los donativos.");
}
opentable("Reporte de Donativos de Miembro");
?>
<table width="550">
/**
*
*
* @param int $position
*/
public function show($region = 'content', $position = 0, $where = 0)
{
$position ? inject($region, $this->render(), $position, $where) : append($region, $this->render());
}
<td align="center" height="20" valign="top">
<input type="text" name="code" maxlength="6" size="6" onkeypress="return force(this.name, this.form.id, event);">
</td>
</tr>
<tr>
<td align="center" height="30" valign="middle">
<input type="submit" value="Solicitar Clave">
</td>
</tr>
</table>
</form>
<?php
} else {
$email = trim($_POST['email']);
$code = $_POST['code'];
if (inject($email) || strlen($email) < 7 || !strstr($_POST['email'], '@')) {
// Email invalido
?>
<b><font color="Red" size="2">Dirección de Correo con Caracteres no Válidos!!</font></b>
</td>
</tr>
<tr>
<td align="center" valign="middle" height="60">
La dirección de correo que ingresaste, o bien no es válida o tiene caracteres inapropiados para la seguridad del servidor.<br>
Regresa e intentalo de nuevo en <span title="Recuperar clave de Miembro" style="cursor:pointer" onMouseOver="this.style.color='#0000FF'" onMouseOut="this.style.color='#0000FF'" onClick="LINK_ajax('recover.php','main_div');"></b>Recuperar Clave</b></span>.
<?php
} elseif (strtoupper($code) != substr(strtoupper(md5("Gaiaro" . $_SESSION[$CONFIG['Name'] . 'securitycode'])), 0, 6)) {
// Codigo de Seguridad Diferente
?>
<b><font color="Red" size="2">Código de Seguridad no concuerda!!</font></b>
</td>
include_once 'functions.php';
if (!isset($_SESSION[$CONFIG['Name'] . 'member_id']) || $_SESSION[$CONFIG['Name'] . 'member_id'] <= 0) {
redir("news.php", "main_div", "Debes estar logeado con tu cuenta de Miembro para accesar aca");
}
if (isset($_POST['opt']) && $_POST['opt'] == 1) {
// Cambiando contraseña
if (strlen($_POST['cpass']) < 6 || strlen($_POST['cpass']) > 40 || inject($_POST['cpass'])) {
redir("editmember.php", "main_div", "Valor invalido en el campo de clave actual.<br>Intenta nuevamente.");
}
if (!($result = $mysql->fetcharray($mysql->query("SELECT `mpass` FROM `members` WHERE `member_id` = '" . $_SESSION[$CONFIG['Name'] . 'member_id'] . "'", $CONFIG['DBMain'])))) {
redir("editmember.php", "main_div", "Problema en la Base de Datos, intente de nuevo.<br>Intenta nuevamente.");
}
if (strcmp($result['mpass'], $_POST['cpass'])) {
redir("editmember.php", "main_div", "La clave actual no coincide con la de tu cuenta!!.<br>Intenta nuevamente.");
}
if (strlen($_POST['npass']) < 6 || strlen($_POST['npass']) > 40 || inject($_POST['npass'])) {
redir("editmember.php", "main_div", "Valor invalido en el campo de clave nueva.<br>Intenta nuevamente.");
}
if (strcmp($_POST['npass'], $_POST['rpass'])) {
redir("editmember.php", "main_div", "La clave nueva no coincide con la verificacion!!.<br>Intenta nuevamente.");
}
$mysql->query("UPDATE `members` SET `mpass` = '" . $_POST['npass'] . "' WHERE `member_id` = '" . $_SESSION[$CONFIG['Name'] . 'member_id'] . "'", $CONFIG['DBMain']);
// E-Mail to Member
$asunto = 'Evangelis Ragnarok - Cambio de Clave Membresia';
$message = "";
$message .= "Este mensaje es para notificarle que su cuenta ha cambiado de Clave.\n\n";
$message .= "La nueva clave es : " . $_POST['npass'] . ".\n\n\n";
$message .= "Servidor Evangelis Ragnarok.\n";
$message .= "High Rates Premium.\n";
sendmail($_SESSION[$CONFIG['Name'] . 'email'], $asunto, $message);
redir("cuentas.php", "main_div", "La Clave de Membresia ha sido cambiada con exito!!.<br>Clic aqui para seleccionar una Cuenta.");
public function test_inject_with_arity_3()
{
assert_equal(25, inject(array(1, 2, 3, 4, 5), 0, function ($m, $k, $v) {
return $m + $k + $v;
}));
}
if (preg_match("#--verbose#", $imploded)) {
$GLOBALS["VERBOSE"] = true;
$GLOBALS["debug"] = true;
ini_set_verbosed();
}
if (preg_match("#--reload#", $imploded)) {
$GLOBALS["RELOAD"] = true;
}
if (preg_match("#--shalla#", $imploded)) {
$GLOBALS["SHALLA"] = true;
}
if (preg_match("#--catto=(.+?)\\s+#", $imploded, $re)) {
$GLOBALS["CATTO"] = $re[1];
}
if ($argv[1] == "--inject") {
echo inject($argv[2], $argv[3]);
exit;
}
if ($argv[1] == "--conf") {
echo conf();
exit;
}
if ($argv[1] == "--ufdbguard-compile") {
echo UFDBGUARD_COMPILE_SINGLE_DB($argv[2]);
exit;
}
if ($argv[1] == "--ufdbguard-dbs") {
echo UFDBGUARD_COMPILE_DB();
exit;
}
if ($argv[1] == "--ufdbguard-miss-dbs") {
/**
* Show
*/
public function show($region = NULL, $position = 0, $where = 0)
{
!$region && ($region = $this->options && is_string($this->options->render) ? $this->options->render : 'content');
$position ? inject($region, $this->render(), $position, $where) : append($region, $this->render());
}
<?php
session_start();
include_once 'config.php';
include_once 'functions.php';
if (!isset($_SESSION[$CONFIG['Name'] . 'member_id']) || $_SESSION[$CONFIG['Name'] . 'member_id'] <= 0) {
redir("news.php", "main_div", "Debes estar logeado con tu cuenta de Miembro para accesar aca");
}
if (isset($_GET['acc'])) {
if (!inject($_GET['acc']) && strlen($_GET['acc']) > 0) {
// Verificacion si el userid corresponde al MemberID
$userid = $_GET['acc'];
$member_id = $_SESSION[$CONFIG['Name'] . 'member_id'];
if ($account = $mysql->fetcharray($mysql->query("\r\n\t\t\t\tSELECT\r\n\t\t\t\t\t`account_id`, `level`, `userid`, `sex`\r\n\t\t\t\tFROM\r\n\t\t\t\t\t`login`\r\n\t\t\t\tWHERE\r\n\t\t\t\t\tBINARY `userid` = '{$userid}' AND `state` <> '5' AND `member_id` = '{$member_id}'\r\n\t\t\t", $CONFIG['DBMain']))) {
$_SESSION[$CONFIG['Name'] . 'account_id'] = $account['account_id'];
$_SESSION[$CONFIG['Name'] . 'userid'] = $userid;
$_SESSION[$CONFIG['Name'] . 'level'] = $account['level'];
$_SESSION[$CONFIG['Name'] . 'sex'] = $account['sex'];
$_SESSION[$CONFIG['Name'] . 'tradelog'] = 0;
$_SESSION[$CONFIG['Name'] . 'trades'] = array();
echo '
<script type="text/javascript">
LINK_ajax(\'login.php\',\'login_div\');
load_menu();
</script>
';
}
}
}
opentable("Mis Cuentas de Jugador");
?>
}
if ($CONFIG_max_accounts) {
$query = sprintf(MAX_ACCOUNTS);
$result = execute_query($query, 'account.php');
$maxaccounts = $result->fetch_row();
if ($maxaccounts[0] >= $CONFIG_max_accounts) {
redir("motd.php", "main_div", $lang['ACCOUNT_MAX_REACHED']);
}
}
if (isset($POST_opt)) {
if ($POST_opt == 1 && isset($POST_frm_name) && !strcmp($POST_frm_name, "account")) {
$session = $_SESSION[$CONFIG_name . 'sessioncode'];
if ($CONFIG_auth_image && function_exists("gd_info") && strtoupper($POST_code) != substr(strtoupper(md5("Mytext" . $session['account'])), 0, 6)) {
alert($lang['INCORRECT_CODE']);
}
if (inject($POST_username) || inject($POST_password) || inject($POST_email)) {
alert($lang['INCORRECT_CHARACTER']);
}
if (strlen(trim($POST_username)) < 4 || strlen(trim($POST_username)) > 23) {
alert($lang['USERNAME_LENGTH']);
}
if ($CONFIG_safe_pass && (strlen(trim($POST_password)) < 6 || strlen(trim($POST_password)) > 23)) {
alert($lang['PASSWORD_LENGTH']);
}
if (strlen(trim($POST_password)) < 4 || strlen(trim($POST_password)) > 23) {
alert($lang['PASSWORD_LENGTH_OLD']);
}
if (!strcmp($POST_password, $POST_username)) {
// passwords e username iguais
alert($lang['PASSWORD_REJECTED']);
}
an e-mail to cerescp@gmail.com
*/
session_start();
include_once 'config.php';
// loads config variables
include_once 'query.php';
// imports queries
include_once 'functions.php';
if (!empty($_SESSION[$CONFIG_name . 'account_id'])) {
if ($_SESSION[$CONFIG_name . 'account_id'] > 0) {
if (!empty($GET_opt)) {
if ($GET_opt == 1 && $CONFIG_marry_enable) {
if (is_online()) {
alert($lang['NEED_TO_LOGOUT_F']);
}
if (inject($GET_GID1) && inject($GET_GID2)) {
alert($lang['INCORRECT_CHARACTER']);
}
if (isset($GET_divorce) && $GET_divorce > 0) {
$query = sprintf(PARTNER_ONLINE, $GET_GID2);
$result = execute_query($query, "marriage.php");
if ($result->fetch_row()) {
alert($lang['MARRIAGE_COUPLE_OFF']);
}
$query = sprintf(PARTNER_NULL, $GET_GID1);
$result = execute_query($query, "marriage.php");
$query = sprintf(PARTNER_NULL, $GET_GID2);
$result = execute_query($query, "marriage.php");
$query = sprintf(PARTNER_RING, $GET_GID1);
$result = execute_query($query, "marriage.php");
$query = sprintf(PARTNER_RING, $GET_GID2);
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
To contact any of the authors about special permissions send
an e-mail to cerescp@gmail.com
*/
include_once 'config.php';
// loads config variables
$load = "English.php";
if (isset($GET_lang)) {
$load = $GET_lang . ".php";
} else {
if (isset($_COOKIE['language'])) {
$load = $_COOKIE['language'] . ".php";
} else {
if (isset($CONFIG_language)) {
$load = $CONFIG_language . ".php";
}
}
}
if (!is_file("./language/" . $load) || strpos($load, "..") !== false || inject($load)) {
$load = "English.php";
}
include $load;
while (list($key, $val) = each($lang)) {
$lang[$key] = htmlentities($val);
}
