function auth()
{
if (!valid('janitor_board')) {
// Admin.php login
$temp = "" . "<div align='center' vertical-align='middle'>" . ($temp = '<form action="' . PHP_ASELF . '" method="post"><table>' . '<tr><td>Username</td><td><input type="text" name="usernm" style="width:100%" /></td></tr>' . '<tr><td>Password</td><td><input type="password" name="passwd" style="width:100%" /></td></tr>');
if (SECURE_LOGIN) {
if (RECAPTCHA) {
$temp .= "<tr><td colspan='2'><script src='//www.google.com/recaptcha/api.js'></script><div class='g-recaptcha' data-sitekey='" . RECAPTCHA_SITEKEY . "'></td></tr>";
} else {
$temp .= "<tr><td><img src='" . CORE_DIR_PUBLIC . "/general/captcha.php' /></td><td><input type='text' name='num' size='20' placeholder='Captcha'></td></tr>";
}
}
$temp .= "<tr><td colspan='2'><input type='submit' value='" . S_MANASUB . "'></td></tr></table>" . "<br></form></div>";
echo $temp;
if (isset($_POST['usernm']) && isset($_POST['passwd'])) {
if (SECURE_LOGIN) {
require_once CORE_DIR . '/general/captcha.php';
$captcha = new Captcha();
if ($captcha->isValid() !== true) {
$this->error(S_CAPFAIL);
}
}
$this->doLogin($_POST['usernm'], $_POST['passwd']);
echo "<META HTTP-EQUIV=\"refresh\" content=\"0;URL=" . PHP_ASELF_ABS . "\">";
}
die("</body></html>");
}
return $temp;
}
function reportSubmit($board, $no, $type)
{
global $mysql;
require_once CORE_DIR . "/general/captcha.php";
$captcha = new Captcha();
$style = NSFW ? "saguaba" : "sagurichan";
if ($captcha->isValid() !== true) {
die("<head><link rel='stylesheet' type='text/css' href='" . CSS_PATH . "/stylesheets/" . $style . ".css'/></head><body>\n <center><font color=blue size=5>You did not solve the captcha correctly.</b></font><br><br>[<a href='" . PHP_SELF . "?mode=report&no=" . $no . "'>Try again?</a>]</center></body>");
}
/*cat = 1: Rule violation
cat = 2: Illegal content
cat = 3: Advertising
0 = Cleared by moderator, can't report it again.
This is not a valid submit option.
If the report isn't submitted with either cat 1,2 or 3, it is discarded */
$host = $_SERVER['REMOTE_ADDR'];
$cboard = $mysql->escape_string($board);
$cno = $mysql->escape_string($no);
$ctype = $mysql->escape_string($type);
$mysql->query("INSERT INTO reports (`num`, `no`, `board`, `type`, `time`, `ip`) VALUES ( '" . rand() . "', '" . $cno . "', '" . $cboard . "', '" . $ctype . "', NOW(), '" . $host . "') ");
echo "<head><link rel='stylesheet' type='text/css' href='" . CSS_PATH . "/" . $style . ".css'/><script>function loaded(){window.setTimeout(CloseMe, 3000);}function CloseMe() {window.close();}</script></head><body onLoad='loaded()'>\n\t<center><font color=blue size=5>Report submitted! This window will close in 3 seconds...</b></font></center></body>";
}
if (!pruefe_mail($email) && !empty($email)) {
$ausgabe .= "<li>" . _falschemail . "</li>";
}
}
if ($homepage_pflicht && empty($homepage)) {
$ausgabe .= "<li>" . _homepage . "</li>";
} else {
$homepage = strip_tags(trim($homepage));
if (substr($homepage, 0, 3) == "www") {
$homepage = "http://" . $homepage;
}
if (!pruefe_hp($homepage) && !empty($homepage)) {
$ausgabe .= "<li>" . _falschehp . "</li>";
}
}
if ($captcha && !$controller->isValid(htmlentities($_POST['number']))) {
$ausgabe .= "<li>" . _fehlercaptcha . "</li>";
}
$name = strip_tags($name);
$name = trim($name);
if (!pruefe_forbiddenwords($text, $forbiddenwords)) {
$ausgabe .= "<li>" . _unerlaubtezeichen . "</li>";
}
if (!$html) {
$text = strip_tags($text);
}
$text = trim($text);
$icq = strip_tags(trim($icq));
if (preg_match("/\\D/", $icq) && !empty($icq)) {
$ausgabe .= "<li>" . _falscheicq . "</li>";
}
<?php
global $upfile, $upfile_name;
if ($_SERVER["REQUEST_METHOD"] != "POST") {
error(S_UNJUST, $upfile);
}
//Captcha check
if (BOTCHECK === true && !valid('moderator')) {
require_once CORE_DIR . '/general/captcha.php';
$captcha = new Captcha();
if ($captcha->isValid() !== true) {
error(S_CAPFAIL, $upfile);
}
}
//Uploaded file check
if ($_FILES["upfile"]["error"] > 0) {
if ($_FILES["upfile"]["error"] == UPLOAD_ERR_INI_SIZE || $_FILES["upfile"]["error"] == UPLOAD_ERR_FORM_SIZE) {
error(S_TOOBIG, $upfile);
}
if ($_FILES["upfile"]["error"] == UPLOAD_ERR_PARTIAL || $_FILES["upfile"]["error"] == UPLOAD_ERR_CANT_WRITE) {
error(S_UPFAIL, $upfile);
}
}
if ($upfile_name && $_FILES["upfile"]["size"] == 0) {
error(S_TOOBIGORNONE, $upfile);
}
//Basic proxy check.
if (PROXY_CHECK && preg_match("/^(mail|ns|dns|ftp|prox|pc|[^\\.]\\.[^\\.]\$)/", $host) > 0 || preg_match("/(ne|ad|bbtec|aol|uu|(asahi-net|rim)\\.or)\\.(com|net|jp)\$/", $host) > 0) {
if (@fsockopen($_SERVER["REMOTE_ADDR"], 80, $a, $b, 2) == 1) {
error(S_PROXY80, $dest);
} elseif (@fsockopen($_SERVER["REMOTE_ADDR"], 8080, $a, $b, 2) == 1) {
function chk_antispam($m, $nopictures = false)
{
global $allgAr;
if ($nopictures) {
return (bool) (isset($_POST['antispam_id']) and isset($_SESSION['antispam'][$_POST['antispam_id']]));
}
if (is_numeric($allgAr['antispam']) and has_right($allgAr['antispam'])) {
return true;
}
$captcha = true;
if ($captcha) {
include_once 'include/includes/libs/captcha/captcha.php';
$controller = new Captcha();
}
if ($captcha && !$controller->isValid($_POST['number'])) {
return false;
}
return true;
}
function captcha()
{
$c = new Captcha();
if ($c->isValid()) {
return Result::ok();
} else {
return Result::error("Il codice captcha inserito non è valido.");
}
}
/**
* Prüft, ob der Antispamcode richtig eingegeben wurde
* Der NoPictureMode fügt ein Hidden Feld ein, um Cross Site Request Forgery Attacken zu unterbinden, der NoPictureMode
* wird automatisch genutzt, wenn kein Bildabfrage statt findet, kann aber auch erzwungen werden
*
* @global array $allgAr
* @param string $m Modulname, um unterschiedliche Antispamfelder auf einer Seite zu ermöglichen
* @param boolean $nopictures NoPictureMode erzwingen
* @return boolean
*/
function chk_antispam($m, $nopictures = false)
{
global $allgAr;
if (!$nopictures && is_numeric($allgAr['antispam']) && has_right($allgAr['antispam'])) {
$nopictures = true;
}
$valid = false;
if ($nopictures && isset($_POST['antispam_id'])) {
$antispamId = $_POST['antispam_id'];
if (isset($_SESSION['antispam'][$antispamId]) && $_SESSION['antispam'][$antispamId]) {
$valid = true;
unset($_SESSION['antispam'][$antispamId]);
}
} elseif (isset($_POST['captcha_code']) && isset($_POST['captcha_id'])) {
require_once 'include/includes/captcha/Captcha.php';
$controller = new Captcha();
$captchaCode = strtoupper($_POST['captcha_code']);
$valid = $controller->isValid($captchaCode, $_POST['captcha_id']);
}
return $valid;
}
