function db_login($user, $pass) { $login = "******"; $result = @mysql_query($login) or die('<pre>' . mysql_error() . '</pre>'); if ($result && mysql_num_rows($result) == 1) { // Login Successful... blobMessagePush("You have logged in as '" . $user . "'"); blobLogin($user); blobRedirect('index.php'); } }
* You should have received a copy of the GNU General Public License * along with this program. If not, see <http://www.gnu.org/licenses/>. */ define('BLOB_WEB_PAGE_TO_ROOT', '../'); require_once BLOB_WEB_PAGE_TO_ROOT . 'blob/includes/blobPage.inc.php'; blobPageStartup(array('authenticated')); $page = blobPageNewGrab(); blobDatabaseConnect(); $user = blobCurrentUser(); $user_id = blobGetUserID($user); if (isset($_GET['user'])) { $page['title'] .= $page['title_separator'] . 'Follow User'; $page['page_id'] = 'followuser'; $user = $_GET['user']; $user = mysql_real_escape_string($user); // Check if the user exists if (!blobExistUser($user)) { blobMessagePush("'" . $user . "' does not exist!"); blobRedirect('follow.php'); } $fullName = blobGetUserFullName($user); $avatar = getAvatar($user); $followHTML = blobFollowUser($user); $profilepage = BLOB_WEB_PAGE_TO_ROOT . 'profile/view.php?user='******'body'] .= "\r\n<div class=\"body_padded\">\r\n\t<h2>Following User: {$user}</h2>\r\n\r\n\t<div class=\"vulnerable_code_area\">\r\n\t\t<div style=\"float: left; padding-right: 10px; border-right: 2px solid #C0C0C0;\">\r\n\t\t\t<img src=\"{$avatar}\" width=\"100\" />\r\n\t\t</div>\r\n\t\t<div style=\"margin-left: 120px;\">\r\n\t\t\t" . blobInternalLinkUrlGet($profilepage, $fullName) . "\r\n\t\t\t<br /><br />\r\n\t\t\t{$followHTML}\r\n\t\t\t<br /><br />\r\n\t\t</div>\r\n\t</div>\r\n\r\n\t<br />\r\n\t<b>View user's profile:</b> " . blobInternalLinkUrlGet($profilepage, $fullName) . "\r\n\t<br /><br /><br />\r\n\r\n</div>\r\n"; } else { $page['title'] .= $page['title_separator'] . 'User List'; $page['page_id'] = 'othersprofile'; $page['body'] .= "\r\n<div class=\"body_padded\">\r\n\t<h2>User List</h2>\r\n\r\n\t" . blobUserList() . "\r\n\t<br /> <br />\r\n\r\n</div>\r\n"; } blobHtmlEcho($page);
} } } } if (isset($_POST['deleteUser'])) { $un = $_POST['username']; $un = stripslashes($un); $un = mysql_real_escape_string($un); if ($un == "") { blobMessagePush("Please enter a User name!"); blobRedirect("."); } else { if (!blobExistUser($un)) { blobMessagePush("This username does not exist!"); blobRedirect("."); } else { if ($un == $user) { blobMessagePush("That's You!"); blobRedirect("."); } else { $qry = "DELETE FROM `users` WHERE user='******';"; $result = @mysql_query($qry) or die('<pre>' . mysql_error() . '</pre>'); blobMessagePush("User '{$un}' deleted!"); blobRedirect('.'); } } } } $userList = blobGetSiteUsers(); $page['body'] .= "\r\n<div class=\"body_padded\">\r\n\t<h2>Admin Area</h2>\r\n\r\n\t<hr><center>\r\n\t<div class=\"table-wrap\">\r\n\t<p class=\"heading\"><b>User List [+/-]</b></p>\r\n\t<div class=\"content\">\r\n\t{$userList}\r\n\t</div>\r\n\t</div>\r\n\t</center><hr>\r\n\t<br />\r\n\t<div class=\"vulnerable_code_area\">\r\n\t\t<form method=\"post\" name=\"updateuserlevel\">\r\n\t\t\t<h3>Update User level</h3>\r\n\t\t\t<label for=\"user\">Username</label> <input type=\"text\" class=\"loginInput\" style=\"width:220px;\" size=\"10\" name=\"username\">\r\n\t\t\t<span><select class=\"button\" name=\"levelNumber\"><option value=\"0\">Normal User</option><option value=\"1\">Admin</option></select></span>\r\n\t\t\t<input class=\"button\" name=\"updateLevel\" type=\"submit\" value=\"Update Level\" \">\r\n\t\t</form>\r\n\t</div>\r\n\r\n\t<div class=\"vulnerable_code_area\">\r\n\t\t<form method=\"post\" name=\"deleteUser\">\r\n\t\t\t<h3>Delete User</h3>\r\n\t\t\t<label for=\"user\">Username</label> <input type=\"text\" class=\"loginInput\" style=\"width:220px;\" size=\"10\" name=\"username\">\r\n\t\t\t<span style=\"margin-left: 20px;\"></span>\r\n\t\t\t<input class=\"button\" name=\"deleteUser\" type=\"submit\" value=\"Delete User\" \">\r\n\t\t</form>\r\n\t</div>\r\n\r\n\t<div class=\"vulnerable_code_area\">\r\n\t\t<form method=\"get\" action=\"status.php\">\r\n\t\t\t<h3>View Status</h3>\r\n\t\t\t<label for=\"user\">User ID</label> <input type=\"text\" class=\"loginInput\" style=\"width:220px;\" size=\"10\" name=\"user\">\r\n\t\t\t<span style=\"margin-left: 20px;\"></span>\r\n\t\t\t<input class=\"button\" type=\"submit\" value=\"View Status\" \">\r\n\t\t</form>\r\n\t</div>\r\n\r\n\t<div class=\"clear\"></div>\r\n\r\n\r\n\t<br />\r\n\r\n</div>\r\n"; blobHtmlEcho($page);
} } $qry = "UPDATE `users` SET avatar='{$profUrl}' WHERE user='******';"; $result = @mysql_query($qry) or die('<pre>' . mysql_error() . '</pre>'); blobMessagePush("Updated the new Image!"); } if ($profile["fn"] != $fn || $profile["ln"] != $ln || $key_new != $key) { $qry = "UPDATE `users` SET first_name='{$fn}', last_name='{$ln}', sec_key='{$key_new}' WHERE user='******';"; $result = @mysql_query($qry) or die('<pre>' . mysql_error() . '</pre>'); blobMessagePush("Profile updated"); } else { blobMessagePush("Profile was not updated"); } if ($pass != "") { $pass = stripslashes($pass); $pass = mysql_real_escape_string($pass); $pass = md5($pass); $qry = "UPDATE `users` SET password='******' WHERE user='******';"; $result = @mysql_query($qry) or die('<pre>' . mysql_error() . '</pre>'); blobMessagePush("Password changed. You Need to re-login"); blobRedirect('../logout.php'); } blobRedirect('edit.php'); } $page = blobPageNewGrab(); $page['title'] .= $page['title_separator'] . 'Edit Profile: ' . $user; $page['page_id'] = 'editprofile'; $page['onload'] = "onLoad=\"document.form.firstname.focus()\""; $page['script'] .= "<script language=\"javascript\">function doEnable(){ document.form.key.readOnly=false; document.form.key_edit_btn.disabled=true; }</script>"; $page['body'] .= "\r\n<div class=\"body_padded\" align=\"center\">\r\n <h2>Edit Profile: {$user}</h2>\r\n\r\n <div class=\"main_body_box\" style=\"width: 400px;\">\r\n <form action=\"edit.php\" name=\"form\" method=\"post\" enctype=\"multipart/form-data\">\r\n <input type=\"hidden\" name=\"edit.php\" value=\"edit.php\" />\r\n\r\n\t<fieldset>\r\n\t<div style=\"float: left\">\r\n\t\t\t<label for=\"firstname\">First Name <font color=\"red\">*</font></label> <input type=\"text\" class=\"loginInput\" size=\"20\" name=\"firstname\" value=\"{$profile["fn"]}\"><br />\r\n\t\t\t</div>\r\n\t\t\t<div style=\"float: left\">\r\n\t\t\t<label for=\"lastname\">Last Name <font color=\"red\">*</font></label> <input type=\"text\" class=\"loginInput\" size=\"20\" name=\"lastname\" value=\"{$profile["ln"]}\"><br />\r\n\t\t\t</div>\r\n\t\t\t<div style=\"float: left\">\r\n\t\t\t<label for=\"pass\">Password <font color=\"red\">(Not changed if blank)</font></label> <input type=\"password\" class=\"loginInput\" AUTOCOMPLETE=\"off\" size=\"20\" name=\"password\">\r\n\t\t\t</div>\r\n\t\t\t<div style=\"float: left\">\r\n\t\t\t<label for=\"key\">Secret Key <font color=\"red\"><input type=\"button\" value=\"Edit\" name=\"key_edit_btn\" onclick=\"doEnable()\"></font></label> <input type=\"text\" readonly class=\"loginInput\" AUTOCOMPLETE=\"off\" size=\"20\" id=\"key\" name=\"key\" value=\"{$key}\">\r\n\t\t\t</div>\r\n\t\t\t<div style=\"float: left; padding-right: 10px; border-right: 2px solid #C0C0C0;\">\r\n\t\t\t\t<img src=\"{$avatar}\" width=\"100\" />\r\n\t\t\t</div>\r\n\t\t\t<div style=\"float: left; margin-left: 120px; margin-top: -70px;\">\r\n\t\t\t\t<label for=\"pass\">Profile Image <font color=\"red\"><br />(Not changed if blank)</font></label> <br /><input type=\"file\" class=\"loginInput\" class=\"button\" name=\"file\" id=\"file\" /><br />\r\n\t\t\t</div>\r\n\t\t\t<div style=\"float: left; width: 100%;\">\r\n\t\t\t<p class=\"submit\"><input class=\"button\" type=\"submit\" value=\"Edit Profile\" name=\"EditProfile\"> \r\n\t\t\t<input class=\"button\" type=\"submit\" value=\"Delete Profile\" name=\"DeleteProfile\"></p>\r\n\t\t\t</div>\r\n\t</fieldset>\r\n\r\n\t</form>\r\n\r\n </div>\r\n</div>\r\n\r\n"; blobHtmlEcho($page);
<?php /* * blob is a micro-blogging service where you can share notices * about yourself with friends, family, and colleagues! * * Copyright (C) 2011 Avinash Joshi <*****@*****.**> * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program. If not, see <http://www.gnu.org/licenses/>. */ define('BLOB_WEB_PAGE_TO_ROOT', '../'); require_once BLOB_WEB_PAGE_TO_ROOT . 'blob/includes/blobPage.inc.php'; blobRedirect(BLOB_WEB_PAGE_TO_ROOT . 'profile/view.php');
blobRegMessagePush("key", $key); } blobRedirect('join.php'); } } $qry = "INSERT INTO users (user_id, first_name, last_name, user, password, sec_key, avatar) VALUES ( 'NULL', '{$fn}', '{$ln}', '{$user}', '{$pass}', '{$key}', '{$profUrl}') ;"; $result = @mysql_query($qry) or die('<pre>' . mysql_error() . '</pre>'); $user_id = blobGetUserID($user); $qry = "UPDATE `users` SET follow='{$user_id}' WHERE user='******';"; $result = @mysql_query($qry) or die('<pre>' . mysql_error() . '</pre>'); if ($result) { // Registration Successful... blobMessagePush("You have registered as '" . $user . "'"); blobRedirect('login.php'); } // Registration failed blobMessagePush("Registration failed"); blobRedirect('join.php'); } $fn_pop = blobRegMessagePop("fn"); $ln_pop = blobRegMessagePop("ln"); $user_pop = blobRegMessagePop("user"); $pass_pop = blobRegMessagePop("pass"); $key_pop = blobRegMessagePop("key"); $page = blobPageNewGrab(); $page['title'] .= $page['title_separator'] . 'Join'; $page['page_id'] = 'join'; $page['onload'] = "onLoad=\"document.form.firstname.focus()\""; $page['body'] .= " <div class=\"body_padded\" align=\"center\">\r\n <h2>Join Greenify</h2>\r\n\r\n <div class=\"main_body_box\" style=\"width: 350px;\">\r\n <form action=\"join.php\" name=\"form\" method=\"post\" enctype=\"multipart/form-data\">\r\n\r\n\t<fieldset>\r\n\t<div style=\"float: left\">\r\n\t\t\t<input type=\"hidden\" size=\"20\" name=\"join.php\" value=\"join.php\">\r\n\t\t\t<label for=\"firstname\">First Name <font color=\"red\">*</font></label> <input type=\"text\" class=\"loginInput\" size=\"20\" name=\"firstname\" value=\"{$fn_pop}\"><br />\r\n\t\t\t<label for=\"lastname\">Last Name <font color=\"red\">*</font></label> <input type=\"text\" class=\"loginInput\" size=\"20\" name=\"lastname\" value=\"{$ln_pop}\"><br />\r\n\t\t\t<label for=\"user\">Username <font color=\"red\">*</font></label> <input type=\"text\" class=\"loginInput\" size=\"20\" name=\"username\" value=\"{$user_pop}\"><br />\r\n\t\t\t<label for=\"pass\">Password <font color=\"red\">*</font></label> <input type=\"password\" class=\"loginInput\" AUTOCOMPLETE=\"off\" size=\"20\" name=\"password\" value=\"{$pass_pop}\"><br />\r\n\t\t\t<label for=\"user\">Secret Key <font color=\"red\">*</font> <small>Will be used during password reset</small></label> <input type=\"text\" class=\"loginInput\" size=\"20\" name=\"key\" value=\"{$key_pop}\"><br />\r\n\t\t\t<label for=\"pass\">Profile Image <font color=\"red\">*</font></label> <input type=\"file\" class=\"loginInput\" class=\"button\" name=\"file\" id=\"file\" /><br />\r\n\t\t\t<p class=\"submit\"><input class=\"button\" type=\"submit\" value=\"Join\" name=\"Join\"></p>\r\n\t</div>\r\n\t</fieldset>\r\n\r\n\t</form>\r\n\r\n </div>\r\n</div>\r\n\r\n"; $right = "\r\n<center><b>Already have a blob account?</b><br /><br />\r\nEasy, free, and instant updates. Get access to the information that interests you most.\r\n<br><br>\r\n<div class=\"join\">\r\n<form action=\"login.php\">\r\n<input id=\"login\" value=\"Login!\" type=\"submit\">\r\n</form>\r\n</div>\r\n"; blobNoLoginHtmlEcho($page, $right);
function blobPageReload() { blobRedirect($_SERVER['PHP_SELF']); }
blobRedirect('forgot.php'); } $user = stripslashes($user); $user = mysql_real_escape_string($user); $pass = stripslashes($pass); $pass = mysql_real_escape_string($pass); $key = stripslashes($key); $key = mysql_real_escape_string($key); if (blobExistUser($user)) { $old_key = getSecKey($user); if ($old_key == $key) { $pass = md5($pass); $qry = "UPDATE `users` SET password='******' WHERE user='******';"; $result = @mysql_query($qry) or die('<pre>' . mysql_error() . '</pre>'); blobMessagePush("Password changed!"); blobRedirect('login.php'); } else { blobMessagePush("Security Key does not match!"); } } else { blobMessagePush("This user does not exist!"); } blobRedirect('forgot.php'); } $page = blobPageNewGrab(); $page['title'] .= $page['title_separator'] . 'Forgot Password'; $page['page_id'] = 'forgotpass'; $page['onload'] = "onLoad=\"document.form.username.focus()\""; $page['body'] .= "\r\n\t<div class=\"body_padded\" align=\"center\">\r\n\t\t<h2>Forgot Password!</h2>\r\n\t\t<div class=\"main_body_box\" style=\"width: 400px;\">\r\n\t\t\t<form action=\"forgot.php\" name=\"form\" method=\"post\" enctype=\"multipart/form-data\"> <fieldset>\r\n\t\t\t<input type=\"hidden\" name=\"forgot.php\" value=\"forgot.php\" />\r\n\t\t\t\t<div style=\"float: left\">\r\n\t\t\t\t\t<label for=\"username\">User Name <font color=\"red\">*</font></label> <input type=\"text\" class=\"loginInput\" size=\"20\" name=\"username\" value=\"\"><br />\r\n\t\t\t\t</div>\r\n\t\t\t\t<div style=\"float: left\">\r\n\t\t\t\t\t<label for=\"pass\">New Password <font color=\"red\">*</font></label> <input type=\"password\" class=\"loginInput\" AUTOCOMPLETE=\"off\" size=\"20\" name=\"password\">\r\n\t\t\t\t</div>\r\n\t\t\t\t<div style=\"float: left\">\r\n\t\t\t\t\t<label for=\"key\">Secret Key <font color=\"red\">*</font></label> <input type=\"text\" class=\"loginInput\" AUTOCOMPLETE=\"off\" size=\"20\" name=\"key\">\r\n\t\t\t\t</div>\r\n\t\t\t\t<div style=\"float: left; width: 100%;\">\r\n\t\t\t\t\t<p class=\"submit\"><input class=\"button\" type=\"submit\" value=\"Change Password\" name=\"EditPassword\"></p>\r\n\t\t\t\t</div>\r\n\t\t\t</fieldset> </form>\r\n\t\t</div>\r\n\t</div>"; $right = "\r\n<center><strong>New to blob?</strong></center>\r\n<br />\r\n<div class=\"join\">\r\n<form action=\"register.php\">\r\n<input id=\"join\" value=\"Join!\" type=\"submit\">\r\n</form>\r\n</div><br />\r\n<center><b>Already have a blob account?</b><br /><br />\r\n<div class=\"join\">\r\n<form action=\"login.php\">\r\n<input id=\"login\" value=\"Login!\" type=\"submit\">\r\n</form>\r\n</div>\r\n<br /><br />Easy, free, and instant updates. Get access to the information that interests you most.\r\n"; blobNoLoginHtmlEcho($page, $right);
* blob is a micro-blogging service where you can share notices * about yourself with friends, family, and colleagues! * * Copyright (C) 2011 Avinash Joshi <*****@*****.**> * * This program is free software: you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation, either version 3 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program. If not, see <http://www.gnu.org/licenses/>. */ define('BLOB_WEB_PAGE_TO_ROOT', ''); require_once BLOB_WEB_PAGE_TO_ROOT . 'blob/includes/blobPage.inc.php'; if (!blobIsLoggedIn()) { // The user shouldn't even be on this page // blobMessagePush( "You were not logged in!!" ); blobRedirect('login.php'); } blobLogout(); blobMessagePush("You have logged out"); blobRedirect('login.php'); ?>
*/ define('BLOB_WEB_PAGE_TO_ROOT', '../'); require_once BLOB_WEB_PAGE_TO_ROOT . 'blob/includes/blobPage.inc.php'; blobPageStartup(array('authenticated')); $page = blobPageNewGrab(); $page['title'] .= $page['title_separator'] . 'View Profile'; $page['page_id'] = 'viewprofile'; blobDatabaseConnect(); $user = blobCurrentUser(); if (isset($_GET['user']) && $_GET['user'] != $user) { $user = $_GET['user']; //$user = mysql_real_escape_string($user); // Check if the user exists if (!blobExistUser($user)) { blobMessagePush("'" . $user . "' does not exist!"); blobRedirect('view.php'); } $fullName = blobGetUserFullName($user); $avatar = getAvatar($user); $followHTML = blobCanFollowHTML($user); if (blobCanFollow($user)) { $showStatusHTML = "<div id=\"comments_main\"><div id=\"comments\"><pre width=\"77\">You will be able to see his updates only if you follow the user!</pre> </div></div>"; } else { $showStatusHTML = blobShowUserStatus($user); } $page['body'] .= "\r\n<div class=\"body_padded\">\r\n\t<h2>User Profile: {$user}</h2>\r\n\r\n\t<div class=\"vulnerable_code_area\">\r\n\t\t<div style=\"float: left; padding-right: 10px; border-right: 2px solid #C0C0C0;\">\r\n\t\t\t<img src=\"{$avatar}\" width=\"100\" />\r\n\t\t</div>\r\n\t\t<div style=\"margin-left: 120px;\">\r\n\t\t\t{$fullName}\r\n\t\t\t<br /><br />\r\n\t\t\t{$followHTML}\r\n\t\t</div>\r\n\t</div>\r\n\r\n\t<div class=\"clear\"></div>\r\n\t<pre>User's status updates:</pre>\r\n\t{$showStatusHTML}\r\n\t<br /><br /><br />\r\n\r\n</div>\r\n"; } else { $user_id = blobGetUserID($user); $fullName = blobGetUserFullName($user); $avatar = getAvatar($user); $showStatusHTML = blobShowUserStatus($user);
require_once BLOB_WEB_PAGE_TO_ROOT . 'blob/includes/blobPage.inc.php'; blobPageStartup(array('authenticated')); $page = blobPageNewGrab(); $page['title'] .= $page['title_separator'] . 'What\'s on your mind?'; $page['page_id'] = 'home'; $page['onload'] = "onLoad=\"document.statusupdate.statusMsg.focus()\""; blobDatabaseConnect(); $user = blobCurrentUser(); $user_id = blobGetUserID($user); if (isset($_POST['btnUpdate'])) { if ($_POST['statusMsg'] == "") { blobMessagePush("Status cannot be empty!"); blobRedirect('index.php'); } $message = trim($_POST['statusMsg']); // Sanitize message input $message = stripslashes($message); $message = mysql_real_escape_string($message); // Sanitize name input $name = mysql_real_escape_string($name); $query = "INSERT INTO status (user_id, status, date_set) VALUES ('{$user_id}','{$message}', NOW());"; $result = mysql_query($query) or die('<pre>' . mysql_error() . '</pre>'); } if (isset($_GET['delete'])) { $status_id = $_GET['delete']; $status = blobDeleteStatus($status_id); blobMessagePush($status); blobRedirect('index.php'); } $page['body'] .= "\r\n\t<div class=\"body_padded\">\r\n\t\t<h2>What's on your mind?</h2>\r\n\t\t<div class=\"vulnerable_code_area\">\r\n\t\t\t<form method=\"post\" name=\"statusupdate\">\r\n\t\t\t\t<input type=\"hidden\" name=\"index.php\" value=\"index.php\" />\r\n\t\t\t\t<table width=\"550\" border=\"0\" cellpadding=\"2\" cellspacing=\"1\">\r\n\t\t\t\t\t<tr>\r\n\t\t\t\t\t\t<td><textarea style=\"padding: 5px;\" name=\"statusMsg\" cols=\"60\" rows=\"3\" maxlength=\"140\"></textarea></td>\r\n\t\t\t\t\t</tr>\r\n\t\t\t\t\t<tr>\r\n\t\t\t\t\t\t<td><input class=\"button\" name=\"btnUpdate\" type=\"submit\" value=\"Update Status\" > ( Max 140 characters )</td>\r\n\t\t\t\t\t</tr>\r\n\t\t\t\t</table>\r\n\t\t\t</form>\r\n\t\t</div>\r\n\t\t<div class=\"clear\"></div>\r\n\t\t<pre>Your previous status updates:</pre>\r\n\t\t" . blobShowUserStatus($user) . "\r\n\t\t<br />\r\n\t</div>"; blobHtmlEcho($page);