if( $ip != -1 && $ip !== FALSE) {
return $ip;
}
#...or hostname?
elseif(gethostbyname($address) != $address) {
return $address;
}
}
return false;
}
# Main Code
###########
# Get the IP ip oh the host (GET method)
if (isset($_GET["ip"]) && checkip($_GET["ip"])) {
$ip = $_GET["ip"];
$address = gethostbyname($ip); # (We already sanitize it in "checkip" function)
} else {
die("Incorrect IP or hostname");
}
# Connect to the Cacti DB
$link = mysql_connect($database_hostname, $database_username, $database_password)
or die("Error while connecting to the DB server");
mysql_select_db($database_default)
or die("Could not select database");
# Build and execute the SQL request
$query = "SELECT graph_local.id AS local_graph_id, host.id AS host_id, host.hostname AS hostname "
."FROM (graph_local, host) "
<br/>
<table class='tlist'>
<tr><th><?php
__("Type");
?>
</th><th><?php
__("IP");
?>
</th><th><?php
__("Informations");
?>
</th><th colspan='2' /></tr>
<?php
foreach ($list_ip as $i) {
if (checkip($i['ip'])) {
if ($i['subnet'] == 32) {
$txt = "Address IPv4";
} else {
$txt = "Subnet IPv4";
}
} elseif (checkipv6($i['ip'])) {
if ($i['subnet'] == 128) {
$txt = "Address IPv6";
} else {
$txt = "Subnet IPv6";
}
} else {
$txt = "Unknow IP";
}
echo "<tr class='lst'><td>{$txt}</td><td>{$i['ip_human']}</td><td>{$i['infos']}</td>";
include 'config.php';
include 'functions.php';
$page = '<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8"/>
<title>' . $currency . ' Faucet</title>
</head>
<body>';
$footer = '
<p>Donate to: ' . $donations . '</p>
</body>
</html>';
// check if we have paid a request from this ip
$wait = checkip();
switch ($wait) {
case $wait > 90:
die($page . '<p>Please wait ' . round($wait / 60) . ' minutes.</p>' . $footer);
break;
case $wait > 1:
die($page . '<p>Please wait ' . $wait . ' seconds.</p>' . $footer);
break;
}
// check if an address has been submitted, then if it's valid & if we've already paid it
if (isset($_POST['a'])) {
$address = trim($_POST['a']);
$test = test_address($address);
switch ($test) {
case 0:
$pay = payout($address);
function insenz_register($type)
{
global $insenz, $db, $tablepre, $_DCACHE, $boardurl, $timestamp, $authkey, $discuz_uid, $discuz_user, $response;
checkip();
if ($type == 1) {
@extract($insenz['profile']);
foreach (array('username', 'password', 'name', 'idcard', 'email1', 'email2', 'qq', 'msn', 'tel1', 'tel2', 'tel3', 'mobile', 'fax1', 'fax2', 'fax3', 'country', 'province', 'city', 'address', 'postcode', 'alipay') as $item) {
${$item} = stripslashes(${$item});
}
} else {
$username = $insenz['profile']['username'];
$password = $insenz['profile']['password'];
}
$insenz['notify'] = is_array($insenz['notify']) ? $insenz['notify'] : array(2);
$insenz['hardadstatus'] = is_array($insenz['hardadstatus']) ? $insenz['hardadstatus'] : array(1, 2, 3, 4, 5);
$query = $db->query("SELECT COUNT(*) FROM {$tablepre}members");
$members = $db->result($query, 0);
$query = $db->query("SELECT COUNT(*) FROM {$tablepre}members WHERE posts>0");
$post_members = $db->result($query, 0);
$query = $db->query("SELECT COUNT(*) FROM {$tablepre}threads WHERE displayorder>='0'");
$threads = $db->result($query, 0);
$query = $db->query("SELECT COUNT(*) FROM {$tablepre}posts WHERE invisible='0'");
$posts = $db->result($query, 0);
$date = getdate($timestamp);
$yesterday_end = mktime(0, 0, 0, $date['mon'], $date['mday'], $date['year']);
$lastweek_start = $yesterday_end - 7 * 86400;
$lastweek_pertopics = $lastweek_perposts = $forumstats = array();
$query = $db->query("SELECT DISTINCT(fid) AS fid, COUNT(tid) AS topics FROM {$tablepre}threads WHERE dateline BETWEEN {$lastweek_start} AND {$yesterday_end} GROUP BY fid ORDER BY topics DESC");
while ($p = $db->fetch_array($query)) {
$lastweek_pertopics[$p['fid']] = ceil($p['topics'] / 7);
}
$query = $db->query("SELECT DISTINCT(fid) AS fid, COUNT(pid) AS posts FROM {$tablepre}posts WHERE dateline BETWEEN {$lastweek_start} AND {$yesterday_end} GROUP BY fid ORDER BY posts DESC");
while ($p = $db->fetch_array($query)) {
$lastweek_perposts[$p['fid']] = ceil($p['posts'] / 7);
}
$query = $db->query("SELECT f.fid, f.fup, f.type, f.name, f.threads, f.posts, f.displayorder, f.status, f.simple, ff.description, ff.redirect FROM {$tablepre}forums f LEFT JOIN {$tablepre}forumfields ff ON f.fid=ff.fid");
while ($forum = $db->fetch_array($query)) {
$fid = $forum['fid'];
unset($forum['fid']);
$forum['lastweek_pertopics'] = intval($lastweek_pertopics[$fid]);
$forum['lastweek_perposts'] = intval($lastweek_perposts[$fid]);
$forumstats[$fid] = $forum;
}
$postdata = '<cmd id="register"><handle>' . insenz_convert($username) . '</handle>
<passwd>' . $password . '</passwd>';
if ($type == 1) {
$postdata .= '<name>' . insenz_convert($name) . '</name>
<idcard>' . $idcard . '</idcard>
<tel>' . $tel1 . '-' . $tel2 . '-' . $tel3 . '</tel>
<mobile>' . $mobile . '</mobile>
<fax>' . $fax1 . '-' . $fax2 . '-' . $fax3 . '</fax>
<email>' . $email1 . '</email>
<email2>' . $email2 . '</email2>
<qq>' . $qq . '</qq>
<msn>' . $msn . '</msn>
<alipay>' . $alipay . '</alipay>
<country>' . $country . '</country>
<province>' . $province . '</province>
<city>' . $city . '</city>
<addr>' . insenz_convert($address) . '</addr>
<postcode>' . $postcode . '</postcode>';
}
$postdata .= '<url>' . $boardurl . '</url>
<s_key>' . md5($authkey . 'Discuz!INSENZ') . '</s_key>
<bbname>' . insenz_convert($_DCACHE['settings']['bbname']) . '</bbname>
<members>' . $members . '</members>
<post_members>' . $post_members . '</post_members>
<topics>' . $threads . '</topics>
<posts>' . $posts . '</posts>
<softadstatus>' . intval($insenz['softadstatus']) . '</softadstatus>
<notify>' . implode(',', $insenz['notify']) . '</notify>
<autoextend>' . intval($insenz['autoextend']) . '</autoextend>
<hardadstatus>' . implode(',', $insenz['hardadstatus']) . '</hardadstatus>
<relatedadstatus>' . intval($insenz['relatedadstatus']) . '</relatedadstatus>
<virtualforumstatus>' . intval($insenz['virtualforumstatus']) . '</virtualforumstatus>';
foreach ($forumstats as $fid => $forum) {
$postdata .= '<board>
<board_id>' . $fid . '</board_id>
<parent_id>' . $forum['fup'] . '</parent_id>
<board_type>' . $forum['type'] . '</board_type>
<name>' . insenz_convert($forum['name']) . '</name>
<topics>' . $forum['threads'] . '</topics>
<posts>' . $forum['posts'] . '</posts>
<lastweek_pertopics>' . $forum['lastweek_pertopics'] . '</lastweek_pertopics>
<lastweek_perposts>' . $forum['lastweek_perposts'] . '</lastweek_perposts>
<description>' . insenz_convert($forum['description']) . '</description>
<status>' . $forum['status'] . '</status>
<simple>' . $forum['simple'] . '</simple>
<redirect>' . insenz_convert($forum['redirect']) . '</redirect>
<displayorder>' . $forum['displayorder'] . '</displayorder></board>';
}
$postdata .= '<type>' . ($type == 1 ? 'register' : 'bind') . '</type></cmd>';
unset($insenz['siteid']);
$response = insenz_request($postdata);
if ($response['status']) {
insenz_alert($response['data']);
} else {
$response = $response['data'];
}
$status = $response['response'][0]['status'][0]['VALUE'];
if ($status == 0) {
$insenz['authkey'] = $response['response'][0]['authkey'][0]['VALUE'];
$insenz['siteid'] = $response['response'][0]['site_id'][0]['VALUE'];
$insenz['uid'] = $discuz_uid;
$insenz['username'] = $discuz_userss;
insenz_updatesettings();
unset($insenz['profile'], $insenz['step']);
$db->query("REPLACE INTO {$tablepre}settings (variable, value) VALUES ('insenz', '" . addslashes(serialize($insenz)) . "')");
require_once DISCUZ_ROOT . './include/cache.func.php';
updatecache('settings');
insenz_cpmsg('insenz_register_succeed');
} else {
$response['reason'] = insenz_convert($response['response'][0]['reason'][0]['VALUE'], 0);
unset($insenz['authkey'], $insenz['siteid']);
$db->query("REPLACE INTO {$tablepre}settings (variable, value) VALUES ('insenz', '" . addslashes(serialize($insenz)) . "')");
insenz_alert('insenz_register_failed');
}
}
// check for given newip
if (isset($_POST['newip'])) {
$ip = $_POST['newip'];
} else {
if (isset($_GET['newip'])) {
$ip = $_GET['newip'];
} else {
syslog(LOG_WARN, "User {$user} didn't provide any newip");
echo "Error! No newip given.\\”";
exit(0);
}
}
// check for needed variables
if (isset($subdomain) && isset($ip) && isset($user)) {
// short sanity check for given IP
if (preg_match("/^(\\d{1,3}\\.){3}\\d{1,3}\$/", $ip) && checkip($ip) && $ip != "0.0.0.0" && $ip != "255.255.255.255") {
// short sanity check for given domain
if (preg_match("/^[\\w\\d;-_\\*\\.]+\$/", $subdomain)) {
// check whether user is allowed to change domain
if (in_array("*", $user_domain[$user]) or in_array($subdomain, $user_domain[$user])) {
if ($subdomain != "-") {
$subdomain = $subdomain . '.';
} else {
$subdomain = '';
}
// shell escape all values
$subdomain = escapeshellcmd($subdomain);
$user = escapeshellcmd($user);
$ip = escapeshellcmd($ip);
$arrsubdomain = explode("\\;", $subdomain);
foreach ($arrsubdomain as $value) {
cpheader();
if (!$isfounder) {
cpmsg('noaccess_isfounder');
}
require_once DISCUZ_ROOT . './include/insenz.func.php';
@(include_once DISCUZ_ROOT . './discuz_version.php');
require_once DISCUZ_ROOT . './admin/insenz.func.php';
echo '</td></tr></table><script type="text/javascript">var charset=\'' . $charset . '\'</script><div style="padding: 0px 8px 0px 8px;" id="insenz_body">';
$discuz_chs = $insenz_chs = '';
$query = $db->query("SELECT value FROM {$tablepre}settings WHERE variable='insenz'");
$insenz = ($insenz = $db->result($query, 0)) ? unserialize($insenz) : array();
$insenz['host'] = empty($insenz['host']) ? 'api.insenz.com' : $insenz['host'];
$insenz['url'] = empty($insenz['url']) ? 'api.insenz.com' : $insenz['url'];
if (empty($insenz['authkey']) && !($operation == 'settings' && $do == 'host')) {
if (in_array($operation, array('binding', 'register'))) {
checkip();
if (empty($agreelicense)) {
insenz_shownav('insenz_nav_license');
echo '<table width="100%" align="center" border="0" cellpadding="0" cellspacing="0" class="tableborder">
<tr class="header"><td>' . $lang['insenz_register_license'] . '</td></tr><tr><td><div style="border-style: dotted; border-width: 1px; border-color: #86B9D6; padding: 6px 10px; float: none; overflow: auto; overflow-y: scroll; height:320px; word-break: break-all; background-color: #FFFFFF;" id="license">' . $lang['insenz_loading'] . '</div></td></tr>
</table>
<br /><div id="licensesubmit" align="center"></div>
<script type="text/javascript" src="http://' . $insenz['url'] . '/misc/license.js" charset="utf-8"></script>
<script type="text/javascript">
if(typeof license != \'undefined\') {
$("license").innerHTML = license;
$("licensesubmit").innerHTML = \'<input onclick="window.location=\\\'admincp.php?action=insenz&operation=' . $operation . '&agreelicense=yes\\\'" type="button" class="button" value="' . $lang['insenz_register_agree'] . '"> <input onclick="javascript:history.go(-1);" type="button" class="button" value="' . $lang['insenz_register_disagree'] . '">\';
} else {
$("license").innerHTML = \'' . $lang['insenz_disconnect'] . '\';
$("licensesubmit").innerHTML = \'<input onclick="javascript:history.go(-1);" type="button" class="button" value="' . $lang['return'] . '">\';
}
if (!defined('SENAYAN_BASE_DIR')) {
// main system configuration
require '../../../sysconfig.inc.php';
// start the session
require SENAYAN_BASE_DIR . 'admin/default/session.inc.php';
}
require SENAYAN_BASE_DIR . 'admin/default/session_check.inc.php';
// privileges checking
$can_read = utility::havePrivilege('plugins', 'r');
$can_write = utility::havePrivilege('plugins', 'w');
if (!$can_read) {
die('<div class="errorBox">You dont have enough privileges to view this section</div>');
}
require './func.php';
require './conf.php';
checkip($conf);
if (!isset($_SESSION['plugins_enabled'])) {
$_SESSION['plugins_enabled'] = array();
}
if (!isset($_SESSION['plugins_available'])) {
$_SESSION['plugins_available'] = array();
}
$enplugins = $_SESSION['plugins_enabled'];
$avplugins = $_SESSION['plugins_available'];
if ($_POST) {
$to_enable = array();
$to_disable = array();
foreach ($_POST as $key => $value) {
if (array_key_exists($key, $avplugins) and !array_key_exists($key, $enplugins)) {
$to_enable[] = $key;
}
/** Remove an ip address (or a ip class) from the list of allowed slave ip access list.
*/
function del_slave_ip($ip)
{
global $db, $err;
if (!checkip($ip)) {
$err->raise("dom", _("The IP address you entered is incorrect"));
return false;
}
$db->query("DELETE FROM slaveip WHERE ip='{$ip}'");
$f = fopen(SLAVE_FLAG, "w");
fputs($f, "yopla");
fclose($f);
return true;
}
if ($clients[$user]['password'] != $pass) {
echo 'ERR: auth failed';
syslog(LOG_WARNING, 'User "' . $user . '" provided incorrect password');
exit(0);
}
}
$hosts = $clients[$user]['hosts'];
// check for given domain
if (isset($_POST['host'])) {
$host = $_POST['host'];
} else {
syslog(LOG_WARNING, 'User "' . $user . '" from ' . $post_ip . ' didn\'t provide any domain');
exit(0);
}
// short sanity check for given IP
if (preg_match('/^(\\d{1,3}\\.){3}\\d{1,3}$/', $ip) && checkip($ip) && $ip != '0.0.0.0' && $ip != '255.255.255.255') {
// short sanity check for given domain
if (preg_match('/^[\\w\\d-_\\*\\.]+$/', $host)) {
// check whether user is allowed to change domain
if (in_array($host, $hosts)) {
// shell escape all values
$host = escapeshellcmd($host);
$user = escapeshellcmd($user);
$ip = escapeshellcmd($ip);
// prepare command
$data = '<<EOF
zone ' . $ZONE . '
update delete ' . $host . '.' . $ZONE . ' A
update add ' . $host . '.' . $ZONE . ' 300 A ' . $ip . '
send
EOF';
function checkall($conf)
{
checkip($conf);
checken();
checkref();
}
/**
* Sauvegarde une IP dans les IP authorisée
*
* @global m_mysql $db
* @global m_mem $mem
* @global int $cuid
* @param int $id id de la ligne à modifier. Si vide ou
* égal à 0, alors c'est une insertion
* @param string $ipsub IP (v4 ou v6), potentiellement avec un subnet ( /24)
* @param string $infos Commentaire pour l'utilisateur
* @param int $uid Si $uid=0 et qu'on est super-admin, insertion avec uid=0
* ce qui correspond a une ip toujours authorisée
* @return boolean Retourne FALSE si erreur, sinon TRUE
*
*/
function ip_save($id, $ipsub, $infos, $uid = null)
{
global $db, $mem;
// If we ask for uid=0, we have to check to be super-user
// else, juste use global cuid;
if ($uid === 0 && $mem->checkRight()) {
$cuid = 0;
} else {
global $cuid;
}
$id = intval($id);
$infos = mysql_real_escape_string($infos);
// Extract subnet from ipsub
$tmp = explode('/', $ipsub);
$ip = $tmp[0];
// Error if $ip not an IP
if (!checkip($ip) && !checkipv6($ip)) {
echo "Failed : not an IP address";
return false;
}
// Check the subnet, if not defined, give a /32 or a /128
if (isset($tmp[1])) {
$subnet = intval($tmp[1]);
} else {
if (checkip($ip)) {
$subnet = 32;
} else {
$subnet = 128;
}
}
// An IPv4 can't have subnet > 32
if (checkip($ip) && $subnet > 32) {
$subnet = 32;
}
if ($id) {
// Update
$list_affected = $this->list_affected($id);
foreach ($list_affected as $k => $v) {
$this->call_hooks("authip_on_delete", $k);
}
if (!$db->query("update authorised_ip set ip='{$ip}', subnet='{$subnet}', infos='{$infos}' where id='{$id}' and uid='{$cuid}' ;")) {
echo "query failed: " . $db->Error;
return false;
}
foreach ($list_affected as $k => $v) {
$this->call_hooks("authip_on_create", $k);
}
} else {
// Insert
if (!$db->query("insert into authorised_ip (uid, ip, subnet, infos) values ('{$cuid}', '{$ip}', '{$subnet}', '{$infos}' );")) {
echo "query failed: " . $db->Error;
return false;
}
}
return true;
}
break;
case "password":
$password = $regs[2];
break;
case "host":
$host = $regs[2];
break;
}
}
# Then, read specific alternc configuration
if (preg_match('/^#alternc_var ([A-Za-z0-9_]*) *= *"?(.*?)"?$/', trim($line), $regs)) {
${$regs}[1] = $regs[2];
}
}
# Set value of human_host if unset
if (!isset($human_hostname) || empty($human_hostname)) {
if (checkip($host) || checkipv6($host)) {
$human_hostname = gethostbyaddr($host);
} else {
$human_hostname = $host;
}
}
// populate it if there is not entry
$db->query("select * from db_servers;");
if ($db->num_rows() == 0) {
$db->query(" insert into db_servers (name, host, login, password, client) values ('" . mysql_escape_string($human_hostname) . "','" . mysql_escape_string($host) . "','" . mysql_escape_string($user) . "','" . mysql_escape_string($password) . "','" . mysql_escape_string($L_MYSQL_CLIENT) . "');");
}
// set the membres.db_server_id
$db->query(" update membres set db_server_id = (select max(id) from db_servers) where db_server_id is null ;");
// END of db_servers part
// +++++++++++++++++++++++++++++++++++++++++++++++++++++++++
<?php
$top11picks = $_POST['top11'];
$write_in = $_POST['write_in'];
if ($write_in) {
$limit = 3;
} else {
$limit = 4;
}
if (empty($top11picks)) {
echo "<center><h3>You didn't select any songs, please <a href='top11.php'>go back</a> and try again.</h3><center>";
} elseif (count($top11picks) >= $limit) {
echo "<center><h3>You selected more than 3 songs, please <a href='top11.php'>go back</a> and select only 3 songs.</h3><center>";
} else {
$ip = $_SERVER['REMOTE_ADDR'];
//$ip = "129.0.0.4";
if ($_SERVER['HTTP_REFERER'] == "http://ynotradio.net/addtop11vote.php" || $_SERVER['HTTP_REFERER'] == "http://www.ynotradio.net/addtop11vote.php" || checkip($ip) == "true") {
$count = count($top11picks);
for ($i = 0; $i < $count; $i++) {
addtop11plus1($top11picks[$i]);
}
if (!get_magic_quotes_gpc()) {
$firstname = addslashes($_POST['firstname']);
$lastname = addslashes($_POST['lastname']);
$email = addslashes($_POST['email']);
$phone = addslashes($_POST['phone']);
$write_in = addslashes($_POST['write_in']);
}
$contest = $_POST['contest'];
$newsletter = $_POST['newsletter'];
if ($write_in) {
write_in($write_in);
<?php
// configuration
include "cfg.php";
include "lib.php";
// check ip of requesting client
if (!checkip($_SERVER["REMOTE_ADDR"], $ADMIN_IP)) {
logline(1, $_SERVER["REMOTE_ADDR"] . ": Unauthorized access to admin interface from blocked IP");
exit;
}
// check authorization
if ($ADMIN_AUTH_USER && ($_SERVER['PHP_AUTH_USER'] != $ADMIN_AUTH_USER || $_SERVER['PHP_AUTH_PW'] != $ADMIN_AUTH_PASS)) {
header("WWW-Authenticate: Basic realm=\"HTTPTunnel Admin\"");
header("HTTP/1.0 401 Unauthorized");
id_addaccess($_SERVER["REMOTE_ADDR"]);
die('Authorization Required!');
}
id_delaccess($_SERVER["REMOTE_ADDR"]);
if ($_REQUEST["d_action"] == "log") {
set_time_limit(0);
ob_implicit_flush();
$size = isset($_REQUEST["size"]) ? $_REQUEST["size"] : 65536;
?>
<html>
<head>
<title>HTTPTunnel Server Log</title>
<META HTTP-EQUIV="Expires" CONTENT="Mon, 06 Jan 1990 00:00:01 GMT">
<link type="text/css" rel="StyleSheet" href="common/tab.css" />
<script>
function s() {
window.scrollBy(0,9999999);
if ($ipsock) {
fclose($ipsock);
}
$ipsock = '';
header("Content-Length: " . strlen($ret));
echo $ret;
exit;
}
// this is for finding out my IP address in load balanced environments
if ($_REQUEST["a"] == "ip") {
echo $_SERVER["REMOTE_ADDR"];
exit;
}
include "lib.php";
// check ip of requesting client
if (!checkip($_SERVER["REMOTE_ADDR"], $SEC_IP)) {
logline(1, $_SERVER["REMOTE_ADDR"] . ": Unauthorized access from blocked IP");
exit;
}
// start of programm
register_shutdown_function("shutdown");
set_time_limit(0);
ob_implicit_flush();
$b = checkuser($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW']);
if ($b) {
header("HTTP/1.0 401 Unauthorized");
header("WWW-Authenticate: Basic realm=\"HTTPTunnel\"");
logline(1, $_SERVER["REMOTE_ADDR"] . " authentication failure - {$b}");
id_addaccess($_SERVER["REMOTE_ADDR"]);
die($b);
}
