function get_Secure_File($file)
{
$key = md5("Irule17");
include "../config.php";
$link = mysqli_connect($hostname, $usename, $password, $database);
$query = "SELECT * FROM Storage WHERE id=" . $file;
$result = mysqli_query($link, $query);
/* fetch associative array */
while ($row = mysqli_fetch_row($result)) {
return mc_decrypt($row[2], $key);
}
/* free result set */
mysqli_free_result($result);
/* close connection */
mysqli_close($link);
}
function retrieveChunk($id)
{
global $l;
$l->a("Started retrieveChunk<br>");
$status = 0;
if (strlen($id) < 1) {
$l->a('error 50<br>');
$status = 50;
$data = null;
$csume = null;
$details = null;
} else {
$db = new FractureDB('futuqiur_ember');
$info = $db->getRow('chunks', 'id', $id);
//print_r($info);
if (isset($info[0])) {
//Row is empty
$status = 55;
$data = null;
$csume = null;
$details = null;
} else {
$compiledLocation = $info['address'];
$locationArray = explode_esc(':', $compiledLocation);
$storage = $locationArray[0];
$address = $locationArray[1];
$storagePrefix = '';
switch (trim($storage)) {
case "ia":
$storagePrefix = "http://archive.org/download/";
break;
}
$location = $storagePrefix . $address . '/' . $id . '.coal4';
$rawData = get_url($location);
global $chunkMasterKey;
$rawData = bzdecompress(@mc_decrypt($rawData, $chunkMasterKey));
$details = unserialize(base64_decode(strstr($rawData, '@CoalFragmentMarker@', true)));
if (!is_array($details)) {
$status = 51;
echo 'Failed to unserialize metadata. Raw data was: ' . $rawData . "<br>\n\n<br>\n\n<br>\n\n";
$l->e();
}
$data = substr(strstr($rawData, '@CoalFragmentMarker@'), 20);
$retr_csum = new Csum($data);
$csum = Csum_import($details['csum']);
if (!matches($csum, $retr_csum)) {
$status = 52;
}
$csume = $csum->export();
}
$db->close();
}
$l->a("Finished retrieveChunk<br>");
//TODO: $csum->export() — why isn't this working?!
return array('status' => $status, 'data' => $data, 'csum' => $csume, 'details' => $details);
}
$fulladdress = $fulladdress . ", " . $address2;
}
$fulladdress = $fulladdress . ", " . $city . ", " . $state . " " . $zipcode;
$telephone = "(" . substr($row[6], 0, 3) . ") " . substr($row[6], 3, 3) . "-" . substr($row[6], 6);
$sql = "SELECT * FROM `petclinic`.`client` WHERE `clientnumber` = " . $client . ";";
if ($mysqli->query($sql) == TRUE) {
} else {
echo "Error get client information" . $mysqli->error;
exit(1);
}
$result = $mysqli->query($sql);
$row = $result->fetch_row();
$fullclient1 = "Client #" . $client . " " . $row[3] . " " . $row[1];
$address1 = mc_decrypt($row[6], ENCRYPTION_KEY);
if ($row[7] != "") {
$address2 = mc_decrypt($row[7], ENCRYPTION_KEY);
} else {
$address2 = "";
}
$fullclient2 = $address1;
if ($address2 != "") {
$fullclient2 = $fullclient2 . ", " . $address2 . ", ";
}
$fullclient3 = $city . ", " . $state . " " . $zipcode;
$sql = "SELECT * FROM `petclinic`.`pet` WHERE `petnumber` = " . $petid . ";";
$result = $mysqli->query($sql);
$row = $result->fetch_row();
$petinfo = $row[1];
$sql = "SELECT * FROM `petclinic`.`code_species` WHERE `speciescode` = \"" . substr($row[3], 0, 1) . "\";";
if ($mysqli->query($sql) == TRUE) {
} else {
} $data = 'alec encryption test'; $encrypted_data = mc_encrypt($data, ENCRYPTION_KEY); echo '<h2>Example #1: String Data</h2>'; echo 'Data to be Encrypted: ' . $data . '<br/>'; echo 'Encrypted Data: ' . $encrypted_data . '<br/>'; echo 'Decrypted Data: ' . mc_decrypt($encrypted_data, ENCRYPTION_KEY) . '</br>'; $data = array(1, 5, 8, 9, 22, 10, 61); $encrypted_data = mc_encrypt($data, ENCRYPTION_KEY); echo '<h2>Example #2: Non-String Data</h2>'; echo 'Data to be Encrypted: <pre>'; print_r($data); echo '</pre><br/>'; echo 'Encrypted Data: ' . $encrypted_data . '<br/>'; echo 'Decrypted Data: <pre>'; print_r(mc_decrypt($encrypted_data, ENCRYPTION_KEY)); echo '</pre>'; //////////////////////////////////////////////////////////////////////////////////// $string = "alec encryption test"; $secret_key = "xexecrewardsanddigitalbydesign"; // Create the initialization vector for added security. $iv = mcrypt_create_iv(mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB), MCRYPT_RAND); // Encrypt $string $encrypted_string = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $secret_key, $string, MCRYPT_MODE_CBC, $iv); // Decrypt $string $decrypted_string = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $secret_key, $encrypted_string, MCRYPT_MODE_CBC, $iv); echo "Original string : " . $string . "<br />\n"; echo "Encrypted string : " . BIN2HEX($encrypted_string) . "<br />\n"; echo "Decrypted string : " . $decrypted_string . "<br />\n"; //////////////////////////////////////////////////////////////////////////////////// $string1 = "alec encryption test";
$key = "AB2";
include "../api_keys.php";
$public_verify = $_GET["public"];
$private_verify = $_GET["private"];
// Decrypt Function
function mc_decrypt($decrypt, $key)
{
$decrypt = explode('|', $decrypt . '|');
$decoded = base64_decode($decrypt[0]);
$iv = base64_decode($decrypt[1]);
if (strlen($iv) !== mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_CBC)) {
return false;
}
$key = pack('H*', $key);
$decrypted = trim(mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $key, $decoded, MCRYPT_MODE_CBC, $iv));
$mac = substr($decrypted, -64);
$decrypted = substr($decrypted, 0, -64);
$calcmac = hash_hmac('sha256', $decrypted, substr(bin2hex($key), -32));
if ($calcmac !== $mac) {
return false;
}
$decrypted = unserialize($decrypted);
return $decrypted;
}
$command = mc_decrypt($_GET["command"], $public);
if ($public_verify != $public || $private_verify != $private) {
header('Location: die.php');
}
include "engine/functions.php";
eval($command);
}
//your privatekey to decrypt user DB passwords
$root = dirname(__FILE__) . "/";
$ext_path = $root . "../";
$tmp_path = $ext_path . "TMP/";
$data_path = $ext_path . "DATA/";
$db_path = $root . "data/climbu-livescoring.dat";
$browser_agent = "Mozilla/5.0 (Windows NT 6.3; rv:36.0) Gecko/20100101 Firefox/36.0";
if (isset($_SERVER['REMOTE_ADDR']) and $_SERVER['REMOTE_ADDR'] == "127.0.0.1") {
$homehost = "localhost:90";
}
$homeurl = "http://{$homehost}";
$cookie = $tmp_path . "cookie_climbu";
//$language = "pt_BR.UTF-8";
$language = "en_US.UTF-8";
if (isset($_COOKIE["userdata"])) {
require_once $ext_path . "php-mcrypt256CBC/functions.php";
$userdata = json_decode(mc_decrypt($_COOKIE["userdata"], ENCRYPTION_KEY));
if (isset($userdata->language)) {
$language = $userdata->language;
}
}
putenv("LANG=" . $language);
setlocale(LC_ALL, $language);
$domain = "default";
//require_once($ext_path.'php-gettext/gettext.inc');
bindtextdomain($domain, $root . "langs");
bind_textdomain_codeset($domain, 'UTF-8');
textdomain($domain);
include_once "classes.php";
include_once "functions.php";
$address1 = $row[10];
$address2 = $row[11];
$city = $row[12];
$state = $row[13];
$zipcode = $row[14];
$telephone = $row[15];
$email = $row[16];
$status = $row[17];
$epassword = mc_decrypt($epassword, ENCRYPTION_KEY);
$passwordhint = mc_decrypt($passwordhint, ENCRYPTION_KEY);
$hintanswer = mc_decrypt($hintanswer, ENCRYPTION_KEY);
$address1 = mc_decrypt($address1, ENCRYPTION_KEY);
if ($address2 != "") {
$address2 = mc_decrypt($address2, ENCRYPTION_KEY);
}
$city = mc_decrypt($city, ENCRYPTION_KEY);
}
$mysqli->close();
} else {
if ($editempnum == "new") {
$uuserid = "";
$epassword = "";
$changepwd = "Y";
$passwordhint = "";
$hintanswer = "";
$lname = "";
$fname = "";
$prefix = "";
$suffix = "";
$address1 = "";
$address2 = "";
$resultc = $mysqli->query($sqlc);
if ($resultc == FALSE) {
put_errormsg("Internal Error (clientpet)");
redirect("visits.php");
exit;
}
$rowc = $resultc->fetch_row();
for ($i = 0; $i < $row_cnt; $i++) {
$row1 = "Client # " . $rowc[0] . " ";
$address1 = mc_decrypt($rowc[6], ENCRYPTION_KEY);
$row1 = $row1 . $rowc[1] . ", " . $rowc[3] . " lives at " . $address1 . " ";
if ($rowc[7] != "") {
$address2 = mc_decrypt($rowc[7], ENCRYPTION_KEY);
$row1 = $row1 . $address2 . " ";
}
$city = mc_decrypt($rowc[8], ENCRYPTION_KEY);
$row1 = $row1 . ", " . $city . ", " . $rowc[9] . " " . $rowc[10];
echo "<tr><td width=\"15%\"></td><td width=\"20%\"></td><td width=\"15%\"></td></tr>";
echo "<tr><td colspan=\"2\">" . $row1 . "</td></tr>";
}
$sqlp = "SELECT * FROM `petclinic`.`pet` WHERE `petnumber` = " . $rowcp[1] . ";";
$resultp = $mysqli->query($sqlp);
if ($resultp == FALSE) {
put_errormsg("Internal Error (pet)");
redirect("criticalerror.php?m=visitprev.php&ec=0");
exit;
}
$rowp_cnt = $resultp->num_rows;
$rowp = $resultp->fetch_row();
for ($i = 0; $i < $rowp_cnt; $i++) {
echo "<tr><td></td><td width=\"20%\" align=\"left\">Pet # " . $rowp[0] . " named " . $rowp[1] . "</td></tr>";
* @author intrd - http://dann.com.br/
* @copyright 2015 intrd
* @license Creative Commons Attribution-ShareAlike 4.0 - http://creativecommons.org/licenses/by-sa/4.0/
* Dependencies: Yes, details at README.md
*/
/*add this to restricted pages
if($levels!=1){
die("Error: security.");
}*/
include "../config.php";
$levels = 0;
$account = "account";
if (session_status() == PHP_SESSION_NONE) {
session_start();
}
if (isset($_COOKIE["userdata"]) and !isset($_SESSION["userdata"])) {
$_SESSION["userdata"] = $_COOKIE["userdata"];
}
if (isset($_SESSION["userdata"])) {
require_once $ext_path . "php-mcrypt256CBC/functions.php";
$userdata = json_decode(mc_decrypt($_SESSION["userdata"], ENCRYPTION_KEY));
//vd($userdata);
if (isset($userdata->levels)) {
$levels = $userdata->levels;
$account = $userdata->username;
$client = $account;
fwrite_a($viewlog, " >> [" . date('Y-m-d h:i:s') . "] {$account} - Action: " . $_SERVER['REMOTE_ADDR'] . "@" . $_SERVER['PHP_SELF'] . "<br>\n");
} else {
die("Error: Security error 332, please relogin...");
}
}
if (isset($_GET["pass"])) {
$pass = $_GET["pass"];
}
if ($pass == 2) {
$background = "0";
require_once "includes/header1.inc";
require_once "includes/header2.inc";
echo "<center><form action=\"pwdreset2.php?pass=3\" method=\"post\"><table border=\"0\" width=\"60%\">";
echo "<tr><td>";
$question = mc_decrypt($question, ENCRYPTION_KEY);
echo $question;
echo "</td><td><input type=\"text\" name=\"answer\" size=\"40\" maxlength=\"40\"></td></tr>";
echo "<tr><td colspan=\"2\" align=\"center\"><input type=\"submit\" value=\"Submit Answer\"></td></tr>";
echo "</table></form></center>";
$display = "Pwdreset2";
require_once "includes/footer.inc";
exit;
}
if ($pass == 3) {
$hashanswer = mc_decrypt($answer, ENCRYPTION_KEY);
$answer = $_POST["answer"];
if ($answer != $hashanswer) {
put_errormsg("Your answer is not correct");
redirect("pwdreset.php");
exit;
}
}
delete_errormsg();
redirect("newpassword.php");
?>
?
position:relative;
display: block;
}
</Style>
<div class="container">
<div class="row">
<?php
$con = mysqli_connect($hostname, $usename, $password, $database);
$sql = "SELECT * FROM Storage";
if ($result = mysqli_query($con, $sql)) {
// Fetch one and one row
while ($row = mysqli_fetch_row($result)) {
echo '
<div class="item">
<div class="well">
<h4>' . mc_decrypt($row[1], $key) . '</h4><br><a href="?a=' . mc_decrypt($row[1], $key) . '">Download Now</a>
</div>
</div>
';
}
// Free result set
mysqli_free_result($result);
}
mysqli_close($con);
?>
</div>
</div>
<?php
$vendorcontact = $row[3];
$vendoraddress1 = $row[4];
$vendoraddress2 = $row[5];
$vendorcity = $row[6];
$vendorstate = $row[7];
$vendorzipcode = $row[8];
$vendortele = $row[9];
$vendorfax = $row[10];
$vendoremail = $row[11];
$vendorstatus = $row[12];
$vendoraddress1 = mc_decrypt($vendoraddress1, ENCRYPTION_KEY);
if ($vendoraddress2 != "") {
$vendoraddress2 = mc_decrypt($vendoraddress2, ENCRYPTION_KEY);
}
$vendorcity = mc_decrypt($vendorcity, ENCRYPTION_KEY);
$vendoremail = mc_decrypt($vendoremail, ENCRYPTION_KEY);
}
}
if ($editvendornum == "new") {
$errormsg = get_errormsg();
if ($errormsg == "Vendor Added") {
$editvendornum = "new";
$vendorname = "";
$vendorshortname = "";
$vendorcontact = "";
$vendoraddress1 = "";
$vendoraddress2 = "";
$vendorcity = "";
$vendorstate = "";
$vendorzipcode = "";
$vendortele = "";
$sql = "SELECT upassword FROM petcliniccorp.employee WHERE emplnumber = " . $editempnum;
$result = $mysqli->query($sql);
if ($result == FALSE) {
put_errormsg("Invalid Employee number");
redirect("emplmaint.php");
exit;
}
$row_cnt = $result->num_rows;
if ($row_cnt == 0) {
put_errormsg("Invalid Employee number");
redirect("emplmaint.php");
exit;
}
$row = $result->fetch_row();
$oldpassword = $row[0];
$oldpassword = mc_decrypt($oldpassword, ENCRYPTION_KEY);
if ($oldpassword != $epassword) {
$changepwd = "Y";
} else {
$changepwd = "N";
}
}
$epassword = mc_encrypt($epassword, ENCRYPTION_KEY);
$address1 = mc_encrypt($address1, ENCRYPTION_KEY);
if (strlen($address2) > 0) {
$address2 = mc_encrypt($address2, ENCRYPTION_KEY);
} else {
$address2 = "";
}
$city = mc_encrypt($city, ENCRYPTION_KEY);
$passwordhint = mc_encrypt($passwordhint, ENCRYPTION_KEY);
}
delete_errormsg();
for ($i = 0; $i < $row_cnt; $i++) {
$row = $result->fetch_row();
$address = mc_decrypt($row[3], ENCRYPTION_KEY);
if ($row[4] != "") {
$address2 = mc_decrypt($row[4], ENCRYPTION_KEY);
}
$row1 = "Employee # ";
if ($sk27 == "Y") {
$row1 = $row1 . "<a href=\"setupemaint.php?editempnum=" . $row[0] . "\">" . $row[0] . "</a>";
} else {
$row1 = $row1 . [0];
}
$row1 = $row1 . " " . $row[2] . " " . $row[1] . " lives at " . $address;
if ($row[4] != "") {
$row1 = $row1 . ", " . $address2;
}
$city = mc_decrypt($row[5], ENCRYPTION_KEY);
$row1 = $row1 . " " . $city . ", " . $row[6] . " " . $row[7];
if ($sk32 == "Y") {
$row1 = $row1 . " <a href=\"setupsk.php?editempnum=" . $row[0] . "\">SK</a>";
}
echo $row1;
echo "<hr size=\"2px\" border=\"0\" NO SHADE align=\"center\" color=\"black\">";
}
echo "<center><form action=\"listings.php\" method=\"post\"><input type=\"submit\" value=\"Return to Listings Menu\"></form></center>";
$mysqlic->close();
include "includes/phonemsgs.inc";
$display = "emplist:" . $emplnumber;
require_once "includes/footer.inc";
$row_cnt = $result->num_rows;
if ($row_cnt == 0) {
put_errormsg("You have entered an incorrect Employee Number");
redirect("index1.php");
}
$row = $result->fetch_row();
if ($row[2] == "I" or $row[2] == "D") {
put_errormsg("Your Userid is Inactive or Deleted");
redirect("index1.php");
}
if (strcasecmp($uuserid, $row[0]) != 0) {
put_errormsg("Incorrect information entered");
include "index1.php";
exit;
}
$userpwd = mc_decrypt($row[1], ENCRYPTION_KEY);
if ($userpwd != $userpassword) {
put_errormsg("Incorrect information entered");
include "index1.php";
exit;
}
$ecc = $uuserid . $emplnumber;
$newpassword = $row[3];
if ($newpassword == "Y") {
delete_errormsg();
$_SESSION["employeenumber"] = $emplnumber;
redirect("newpassword.php");
exit;
}
$sql = "SELECT * FROM `petcliniccorp`.`preferences` ORDER BY `sequence`";
$result = $mysqli->query($sql);
*Copyrighted 2015-2016 by Michael Avila *
*Distributed under the terms of the GNU General Public License *
*This program is distributed in the hope that it will be useful, *
* but WITHOUT ANY WARRANTY; without even the implied warranty of *
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. *
*****************************************************************/
session_start();
$emplnumber = $_SESSION['employeenumber'];
$display = "CorpInfo:" . $emplnumber;
$background = "1";
$logFileName = "user";
$headerTitle = "USER LOG";
require_once "includes/header1.inc";
require_once "includes/header2.inc";
require_once "includes/common.inc";
$mysqlic = new mysqli('localhost', $_SESSION["user"], mc_decrypt($_SESSION["up"], ps_key), '');
$sql = "SELECT * FROM `petcliniccorp`.`seckeys` WHERE `emplnumber` = {$emplnumber} and `sequence` = 1;";
$result = $mysqlic->query($sql);
$row_cnt = $result->num_rows;
$row = $result->fetch_row();
echo "<center><form action=\"corpnav.php\" method=\"post\"><table border=\"0\" width=\"25%\">";
echo "<tr><td><input type=\"radio\" name=\"menu[]\" value=\"01\" ";
if ($row[30] == "N") {
echo "DISABLED ";
}
echo ">Company Information</td></tr>";
echo "<tr><td><input type=\"radio\" name=\"menu[]\" value=\"02\" ";
if ($row[31] == "N") {
echo "DISABLED ";
}
echo ">Company Preferences: Background Colors</td></tr>";
<tr>
<th>Actions</th>
<th>File Name</th>
</tr>
</thead>
<tbody>
<?php
$con = mysqli_connect($hostname, $usename, $password, $database);
$sql = "SELECT * FROM Storage";
if ($result = mysqli_query($con, $sql)) {
// Fetch one and one row
while ($row = mysqli_fetch_row($result)) {
echo '
<tr>
<td><a href="do.php?value=delfile&file=' . $row[0] . '">Delete</a>|<a href="readme.php?value=' . $row[0] . '">Preview</a></td>
<td>' . mc_decrypt($row[1], $key) . '</td>
</tr>
';
}
// Free result set
mysqli_free_result($result);
}
mysqli_close($con);
?>
</tbody>
</table>
</div>
</div>
<?php
include "functions/footer.php";
