<?php require_once "config.php"; require_once "functions.inc.php"; $dbBean = new DatabaseBean(); $general = new General($dbBean); $name = isset($_POST['user']) ? $_POST['user'] : ""; $password = isset($_POST['pw']) ? $_POST['pw'] : ""; $name = stripQuotes(removeBadChars($name)); $password = stripQuotes(removeBadChars($password)); $sql = "SELECT count(*) as ct FROM action_recorder WHERE user_name = '" . $name . "' AND success=0 AND DATE_SUB(NOW(), INTERVAL 15 MINUTE) <= date_added"; if (!$dbBean->Query($sql)) { $dbBean->Kill(); } $row = $dbBean->RowArray(); $failattempts = $row['ct']; if ($failattempts > 5) { $_SESSION['msg'] = 'The maximum number of login attempts has been reached. Please try again in 15 minutes.'; $num = 'danger'; $url = ADMIN_URL . "/login.php"; $general->redirectUrl($url, $num); exit; } $sql = "SELECT * FROM admins WHERE username = '******' AND binary password='******' ;"; if (!$dbBean->Query($sql)) { $dbBean->Kill(); } $row = $dbBean->RowArray(); if ($row) { $_SESSION['adm_logged'] = true; $_SESSION['adm_user_id'] = $row['id'];
/** * Tests a DROP TABLE query * */ function testQueryDrop($table, $dbType, $query) { logThis('verifying DROP TABLE statement'); global $db; if (empty($db)) { $db =& DBManagerFactory::getInstance(); } $error = ''; switch ($dbType) { case 'mysql': // get DDL logThis('creating temp table...'); $q = "SHOW CREATE TABLE {$table}"; $r = $db->query($q); $a = $db->fetchByAssoc($r); // rewrite DDL with _temp name $cleanQuery = cleanQuery($a['Create Table']); $tempTableQuery = str_replace("CREATE TABLE `{$table}`", "CREATE TABLE `{$table}__uw_temp`", $cleanQuery); $r2 = $db->query($tempTableQuery); // get sample data into the temp table to test for data/constraint conflicts logThis('inserting temp dataset...'); $query = stripQuotes($query, $table); $q3 = "INSERT INTO `{$table}__uw_temp` SELECT * FROM `{$table}` LIMIT 10"; $r3 = $db->query($q3); // test the query on the test table logThis('testing query: [' . $query . ']'); $tempTableTestQuery = str_replace("DROP TABLE `{$table}`", "DROP TABLE `{$table}__uw_temp`", $query); // make sure the test query is running against a temp table if (isRunningAgainstTrueTable($tempTableTestQuery)) { $error = getFormattedError('Could not use a temp table to test query!', $tempTableTestQuery); return $error; } $r4 = $db->query($tempTableTestQuery, false, "Preflight Failed for: {$query}"); $error = mysql_error(); // empty on no-errors if (!empty($error)) { logThis('*** ERROR: query failed.'); $error = getFormattedError($error, $query); } break; case 'mssql': logThis('mssql found: skipping test query - [' . $query . ']'); break; case 'oci8': logThis('Oracle found: skipping test query - [' . $query . ']'); break; } logThis('verification done.'); return $error; }
$txt .= ' <td> <input type="text" name="pwd" size="40" maxlength="80"> </td>'; $txt .= "</tr>\n"; $txt .= "<tr> <td> </td></tr>\n"; $txt .= "<tr>\n"; $txt .= ' <td> <input type="submit" value="download"> </td>'; $txt .= "</tr>\n"; $txt .= "</table>\n"; $txt .= "</form>\n"; return $txt; } verifyMethodPost(); # check if all the POST variables are present (login, pwd) verifyPostVarExists('login'); verifyPostVarExists('pwd'); $login = stripQuotes(myUrlDecode(getPostVar('login'))); $pwd = stripQuotes(myUrlDecode(getPostVar('pwd'))); $productList = getProductsForLoginPwd($login, $pwd); if (0 == count($productList)) { echo "<b><font color=\"red\">The login '{$login}' and password '{$pwd}' combination didn't match anything in our database.\n"; echo "Please try again. </font></b>\n"; echo "If problem persists, please e-mail <a href=\"mailto:support@arslexis.com\">ArsLexis</a>\n"; echo "<p>\n"; echo getLoginForm(); $subject = "[PAYPAL ERROR] failed login"; $body = "Failed attempt to login using login='******' and pwd='{$pwd}'\n"; $body .= getInterestingVars(); sendEmail(MYEMAIL, $subject, $body); } else { # display a list of products with links to download echo "<table>\n<tr>\n"; echo "<td width=\"30\"> </td>\n<td>\n";
} $count = $row[0]; //check if the file hasn't been used more than 3 times if ($count > ALLOWED_DLS_COUNT - 1) { return PWD_CHECK_USED_TOO_MANY_TIMES; } return PWD_CHECK_VALID; } // start of the real thing if (!array_key_exists("pwd", $HTTP_GET_VARS)) { //if ( ! key_exists("pwd", $HTTP_GET_VARS) ) { header("Location: dlerror-badpwd.php?pwd=no_pwd_given\n"); exit; } $pwd = $HTTP_GET_VARS["pwd"]; $pwd = stripQuotes(myUrlDecode($pwd)); bailIfFileDoesntExists(); $res = checkPassword($pwd); if ($res == PWD_CHECK_NOT_FOUND) { recordPasswordAsUsed($pwd, 0); header("Location: dlerror-badpwd.php?pwd=" . urlencode($pwd) . "\n"); exit; } if ($res == PWD_CHECK_USED_TOO_MANY_TIMES) { header("Location: dlerror-toomany.php?pwd=" . urlencode($pwd) . "\n"); exit; } // update the file with used password to mark that the // password has been used recordPasswordAsUsed($pwd, 1); // and finally return the file
<?php require "../helpers/settings.config.inc"; require "../helpers/user.class.php"; require "../helpers/Job.php"; require "../helpers/ratings.class.php"; require "../helpers/functions.php"; $query = isset($_GET['query']) ? stripQuotes($_GET['query']) : ""; $page = isset($_GET['page']) ? preg_replace('#[^0-9]#', '', stripQuotes($_GET['page'])) : 1; $cat = isset($_GET['cat']) ? stripQuotes($_GET['cat']) : ""; $location = isset($_GET['location']) ? stripQuotes($_GET['location']) : "all"; $pageTitle = "Yedoe Search " . stripQuotes($query); $resPerPage = 10; include "templates/header.php"; $show = "jobs"; if ($me == "guest" || $me->utype == "student") { $matches = Job::fetchMatchedJobs($query, $page, $location, $cat); $numResults = $matches['num_rows']; } else { $results = Student::matchUsers(false, $page, $resPerPage); $numResults = $results['num_rows']; //search users instead $show = "users"; } $lastPage = ceil($numResults / $resPerPage); //Sanitizing... if ($lastPage < 1) { $lastPage = 1; } if ($page < 1) { $page = 1;
$GB_DB["pass"] = isset($_POST['data']['password']) ? $_POST['data']['password'] : ""; if ($GB_DB["dbName"] == "" || $GB_DB["host"] == "" || $GB_DB["user"] == "") { showForm("Please enter database, hostname and username!"); } else { $db = new gbook_sql(); $db->connect(); $hidden = ""; foreach ($GB_DB as $key => $value) { $hidden .= "<input type=\"hidden\" name=\"gbdb[{$key}]\" value=\"" . htmlspecialchars($value) . "\">"; } showAccountForm($hidden); } break; case "change": if (isset($_POST['gbdb']) && is_array($_POST['gbdb'])) { $_POST['gbdb'] = stripQuotes($_POST['gbdb']); } $GB_DB["dbName"] = isset($_POST['gbdb']['dbName']) ? $_POST['gbdb']['dbName'] : ""; $GB_DB["host"] = isset($_POST['gbdb']['host']) ? $_POST['gbdb']['host'] : ""; $GB_DB["user"] = isset($_POST['gbdb']['user']) ? $_POST['gbdb']['user'] : ""; $GB_DB["pass"] = isset($_POST['gbdb']['pass']) ? $_POST['gbdb']['pass'] : ""; $db = new gbook_sql(); $db->connect(); if (!empty($_POST['data']['username']) && !empty($_POST['data']['password'])) { $username = addslashes($_POST['data']['username']); $password = addslashes($_POST['data']['password']); $db->query("UPDATE {$GB_TBL['auth']} SET username='******', password=PASSWORD('{$password}') WHERE ID='1'"); echo "<h3>Username and password changed.</h3>"; } else { echo "<h3>Username or password is empty.</h3>"; }
showBadPwd($pwd); echo "</body></html>\n"; exit; } if (array_key_exists("action", $HTTP_GET_VARS)) { $action = $HTTP_GET_VARS["action"]; if ($action != "add-pwd") { echo "unknown action: <b>{$action}</b> </body> </html>"; exit; } if (!array_key_exists("pwdToAdd", $HTTP_GET_VARS)) { echo "action is add-pwd but no password! </body></html>"; exit; } $pwdToAdd = $HTTP_GET_VARS["pwdToAdd"]; $pwdToAdd = stripQuotes(myUrlDecode($pwdToAdd)); if ($pwdToAdd == "") { echo "action is add-pwd but password is empty!</body></html>"; exit; } addPassword($pwdToAdd); showAddPwdForm($pwd); showRecentlyUsed(); } else { showAddPwdForm($pwd); showRecentlyUsed(); } ?> </body> </html>