<?php require 'db.php'; /** * Grabs the user info from $_SERVER and inserts it into a table. * @param $dbc - The db connection object. */ function logUser($dbc) { $ipAddress = $dbc->real_escape_string($_SERVER['REMOTE_ADDR']); $userAgent = $dbc->real_escape_string($_SERVER['HTTP_USER_AGENT']); $sql = "INSERT INTO user_tracking\n (ip_address, user_agent)\n VALUES('{$ipAddress}','{$userAgent}')"; $dbc->query($sql); } logUser($dbc); //Close Connection. $dbc->close();
function logNelQuery($query) { global $uid; /* $f = fopen("./nel_queries.log", "a"); fwrite($f, date("Y/m/d H:i:s")." ".sprintf("%-16s", $admlogin)." $query\n"); fclose($f); */ logUser($uid, "QUERY=" . $query); }
if (strncmp($var, "current_select_", 15) == 0) { $sel[] = $value; } } } $sel = array_unique($sel); if (isset($update) && count($update > 0)) { if (count($update) > 1) { $query = "[" . join(",", $update) . "]"; $query = factorizeQuery($query); } else { $query = $update[0]; } $executeQuery = $query; $bef = microtime(); logUser($uid, "UPDATE=" . $executeQuery); $qstate = nel_query($executeQuery, $updateResult); $aft = microtime(); list($usec, $sec) = explode(" ", $bef); $bef = (double) $sec + (double) $usec; list($usec, $sec) = explode(" ", $aft); $aft = (double) $sec + (double) $usec; $tm = (int) (($aft - $bef) * 1000.0); $queryResult = "Executed {$executeQuery}<br>{$tm} milliseconds computation time<br>\n"; } } else { if (isset($executeQuery)) { $bef = microtime(); $qstate = nel_query($executeQuery, $updateResult); $aft = microtime(); list($usec, $sec) = explode(" ", $bef);
function step3_verifyUser($form_data) { global $BL, $conf, $custom_fields; $err = $BL->customers->validate($form_data, $custom_fields); $product_data = $BL->products->find(array("WHERE `plan_price_id`='" . (isset($_SESSION['product_id']) ? $BL->utils->quoteSmart($_SESSION['product_id']) : 0) . "'")); $server_default = $BL->products->getServerForProduct(isset($_SESSION['product_id']) ? $_SESSION['product_id'] : 0); if (empty($err) && isset($product_data[0]['acc_method']) && $product_data[0]['acc_method'] == 2 && !empty($form_data['dom_user'])) { if (!empty($server_default['username_min_length']) && strlen($form_data['dom_user']) < $server_default['username_min_length']) { $err = $BL->props->lang['username_is_short'] . $server_default['username_min_length']; } if (!empty($server_default['username_max_length']) && strlen($form_data['dom_user']) > $server_default['username_max_length']) { $err = $BL->props->lang['username_is_large'] . $server_default['username_max_length']; } if ($BL->checkAccountExistInServer($server_default, $form_data['dom_user'])) { $err = $BL->props->lang['err_user_exist']; } } $form_data['selected_server_id'] = isset($server_default['server_id']) ? $server_default['server_id'] : 0; $objResponse = new xajaxResponse(CHARSET); if (empty($err)) { $objResponse->addScriptCall("toggleTbodyOff", "error_section"); $_SESSION['customer'] = $form_data; $objResponse->loadXML(logUser($_SESSION['sld'] . "." . $_SESSION['tld'] . "-" . $BL->getFriendlyName($_SESSION['product_id']))); $AVAILABLE_SPECIALS = getQualifiedSpecials(); $_SESSION['specials'] = array(); foreach ($AVAILABLE_SPECIALS as $special) { $_SESSION['specials'][] = $special['special_id']; } if (count($AVAILABLE_SPECIALS) > 1) { $objResponse->loadXML(reload('step4', 'step4')); } elseif (isset($AVAILABLE_SPECIALS[0]) && $AVAILABLE_SPECIALS[0]['new_order']) { $_SESSION['specials']['SELECTED'] = $AVAILABLE_SPECIALS[0]['special_id']; $objResponse->loadXML(reload('step5', 'step5')); } elseif (isset($AVAILABLE_SPECIALS[0])) { $_SESSION['specials']['SELECTED'] = $AVAILABLE_SPECIALS[0]['special_id']; $objResponse->loadXML(reload('step6', 'step6')); } else { $objResponse->loadXML(reload('step6', 'step6')); } } else { $objResponse->addScriptCall("toggleTbodyOn", "error_section"); } $objResponse->addAssign("error_msg", "innerHTML", $err); return $objResponse; }
} else { $dispServ = "<a href='" . $_SERVER['PHP_SELF'] . "?preselServ={$addr}'>{$service}</a>"; } echo "<tr><td {$dcolor}>{$dshard}</td><td {$dcolor}>{$dserver}</td><td {$dcolor}>{$dispServ}</td></tr></a>\n"; $pshard = $shard; $pserver = $server; } echo "</table>\n"; echo "</td>\n"; echo "<td width=30> </td>\n"; echo "<td>\n"; echo "<table border=0><form method=post action='" . $_SERVER['PHP_SELF'] . "' name='cmdform'>\n"; echo "<tr><th align=left>Service Path</th><th align=left>Command (exact service syntax)</th></tr>\n"; echo "<tr><td><input name=preselServ value='{$preselServ}' size=32 maxlength=256></td>\n"; echo "<td><input name=execCommand value='" . stripslashes($execCommand) . "' size=50 maxlength=20480></td>\n"; echo "<td><input type=submit value=Execute></td></tr>\n"; echo "</form></table>\n"; if (isset($preselServ) && $preselServ != "" && isset($execCommand) && $execCommand != "") { $fullCmd = $preselServ . "." . stripslashes($execCommand); logUser($uid, "SYS_COMMAND=" . $fullCmd); $qstate = nel_query($preselServ . "." . stripslashes($execCommand), $commandResult); } if ($commandResult) { echo "<textarea rows=60 cols=300 readOnly style='font-family: Terminal, Courier; font-size: 10pt;'>" . stripslashes($commandResult) . "</textarea>\n"; } echo "</td>\n"; echo "</tr></table>\n"; echo "<script type='text/javascript'><!--\n"; echo "if (document.cmdform) { document.cmdform.execCommand.focus(); }\n"; echo "// --></script>\n"; htmlEpilog();
<?php include_once '../clases/fotos.php'; include_once '../clases/usuarios.php'; include_once '../clases/bd.php'; switch ($_POST["method"]) { case "new": newUser(); break; case "log": logUser(); break; case "fot": fotUser(); break; case "get": getUser(); break; case "act-social": actSocial(); break; case "act-nat": actNat(); break; case "act-jur": actJur(); break; case "act-email": actEmail(); break; case "act-seudonimo": actSeudonimo();
function auth(&$error) { global $command, $sessionAuth, $admcookielogin, $admcookiepassword, $sessionAuth; global $admlogin, $admpassword, $uid, $gid, $useCookie, $group, $HTTP_POST_VARS; unset($error); switch ($HTTP_POST_VARS["command"]) { case "logout": addToLog("Logout!"); $uid = $sessionAuth["uid"]; logUser($uid, "LOGOUT"); //session_unregister("sessionAuth"); unset($_SESSION["sessionAuth"]); session_destroy(); // erases cookies eraseCookies(); unset($admlogin); unset($admpassword); unset($admcookielogin); unset($admcookiepassword); unset($uid); htmlProlog($_SERVER['PHP_SELF'], "Logout", false); echo "<center>\n"; echo "You are not logged any more<br>\n"; echo "Click <a href='index.php'>here</a> to login<br>\n"; echo "</center>\n"; htmlEpilog(); die; break; case "chPassword": addToLog("Change pass!"); global $chOldPass, $chNewPass, $chConfirmNewPass; if (!($uid = validateId($admlogin, $admpassword, $useCookie, $gid, $group))) { $error = "Invalid login '{$admlogin}'"; eraseCookies(); return 0; } if (crypt($chOldPass, "NL") == $admpassword && $chNewPass == $chConfirmNewPass) { sqlquery("UPDATE user SET password='******' WHERE uid='{$uid}'"); $admpassword = $chNewPass; addToLog("Changed password to '{$chNewPass}':'" . crypt($chNewPass, "NL") . "'"); //session_unregister("sessionAuth"); unset($_SESSION["sessionAuth"]); session_destroy(); } case "login": $admpassword = crypt($admpassword, "NL"); addToLog("Login! -- admlogin='******', admpassword='******'"); if (!($uid = validateId($admlogin, $admpassword, $useCookie, $gid, $group))) { $error = "Invalid login '{$admlogin}'"; print $error; eraseCookies(); return 0; } $sessionAuth = array("admlogin" => $admlogin, "admpassword" => $admpassword, "uid" => $uid); //session_register("sessionAuth"); $_SESSION["sessionAuth"] = $sessionAuth; if ($useCookie) { setupCookies($admlogin, $admpassword); } logUser($uid, "LOGIN"); return 1; break; default: if (!isset($sessionAuth) || $sessionAuth["admlogin"] == "") { print "no sessionauth or admlogin is blank"; if (!isset($admcookielogin)) { addToLog("cookie not set"); return false; } else { $admlogin = $admcookielogin; $admpassword = $admcookiepassword; } } else { $admlogin = $sessionAuth["admlogin"]; $admpassword = $sessionAuth["admpassword"]; $uid = $sessionAuth["uid"]; } if (!($uid = validateId($admlogin, $admpassword, $useCookie, $gid, $group))) { if (!$uid) { $error = "Invalid login '{$admlogin}'"; eraseCookies(); return false; } } $sessionAuth = array("admlogin" => $admlogin, "admpassword" => $admpassword, "uid" => $uid); //session_register("sessionAuth"); $_SESSION["sessionAuth"] = $sessionAuth; if ($useCookie) { setupCookies($admlogin, $admpassword); } else { eraseCookies(); } //logUser($uid, "BROWSE"); return 1; break; } }
fwrite($fp, "<GDFORM_VARIABLE NAME={$emailLtr}.User's_FINAL_TEST_SCORE END>\n"); //show results to user & tell HRC rep if user passed the test echo '<h2><span style="#008000"><b>Results:</b></span></h2>'; $count++; $emailLtr = emailLetter($count); fwrite($fp, "<GDFORM_VARIABLE NAME={$emailLtr}.Result START>\n"); if ($numCorrect > 14) { echo "<h2>Congratulations {$name}, you passed the test! </h2>"; fwrite($fp, "PASS\n"); //write user to log file logUser($name, $mbrNum, $email, "PASS", "no errors in processing"); } else { echo "<h3>At this time, {$name} did not pass this Judge's test.</h3>"; fwrite($fp, "FAIL\n"); //write user to log file logUser($name, $mbrNum, $email, "FAIL", "no errors in processing"); } fwrite($fp, "<GDFORM_VARIABLE NAME={$emailLtr}.Result END>\n"); echo "<h3>Your score is {$numCorrect} (out of 20)"; echo " and it has been emailed to an HRC Representative.</h3>"; //for those who passed, let them know which ones they missed $numWrong = count($wrongAnswers); if ($numCorrect > 14 && $numWrong > 0) { echo "<h4>You missed the following question(s): "; for ($i = $numWrong; $i > 0; $i--) { echo "{$wrongAnswers[$numWrong - $i]}"; if ($i > 1) { echo ", "; } } echo "</h4>";
$stmt = $dbConn->prepare($sql); $stmt->execute(array(":username" => $username, "password" => $password)); return $stmt->fetch(); } function logUser($username, $timestamp) { global $dbConn; $sql = "INSERT INTO userLogs (username, timestamp)\n\tVALUES (:username, :timestamp)"; $stmt = $dbConn->prepare($sql); $stmt->execute(array(":username" => $username, ":timestamp" => $timestamp)); return $stmt; } if (isset($_POST['username']) && isset($_POST['password'])) { $username = $_POST['username']; $password = $_POST['password']; if (strlen($username) == 0 || strlen($password) == 0) { print "<center><br><br>Invalid entry, <a href='javascript:history.back()'>try again</a><center>"; } else { $login = login($username, $password); $logUser = logUser($username, time()); if (isset($login[0])) { $_SESSION['user'] = $username; print "<center><br><br>Login was successful, click <a href='index.php'>here</a> to continue<br>"; } else { print "<center><br><br>Incorrect username or password, <a href='javascript:history.back()'>try again</a></center>"; } } } if (!isset($_POST['username'])) { print "<title>Login</title>\n\t\t<center>\n\t\t<html>\n\t\t<body>\n\t\t\t<form action=\"login.php\" method=\"post\">\n\t\t\t<table>\n\t\t\t<tr><td colspan=2 align=center><h3>Login</h3></td></tr>\n\t\t\t<tr><td colspan=2 align=center> </td></tr>\n\t\t\t<tr><td>Username:</td><td><input type=\"text\" name=\"username\"></td></tr>\n\t\t\t<tr><td>Password:</td><td><input type=\"text\" name=\"password\"></tr>\n\t\t\t<tr><td colspan=2 align=center><input type=\"submit\" name='submitButton'></td>\n\t\t\t<tr><td colspan=2> </td></tr>\n\t\t\t<tr><td colspan=2 align=center><a href=\"register.php\">Or you can register here</a></td></tr>\n\n\t\t</form>\n\t\t</body>\n\t\t</html></center>"; }