Пример #1
0
# Author: ZYMO
#
# Description:
#
# Hardened version of vAuthenticate 3.0.1 to address exploits
# and update deprecated database functions on PHP v5.5 servers.
#
*/
// Check if the cookies are set
// This removes some notices (undefined index)
if (isset($_COOKIE['USERNAME']) && isset($_COOKIE['PASSWORD'])) {
    // Get values from superglobal variables
    $USERNAME = $_COOKIE['USERNAME'];
    $PASSWORD = $_COOKIE['PASSWORD'];
    $CheckSecurity = new auth();
    $check = $CheckSecurity->page_check($USERNAME, $PASSWORD);
} else {
    $check = false;
}
if ($check == false) {
    // Feel free to change the error message below. Just make sure you put a "\" before
    // any double quote.
    print "<b>Illegal Access</b>";
    print "<br>";
    print "<b>You do not have permission to view this page.</b>";
    // REDIRECT BACK TO LOGIN PAGE
    // REMOVE BLOCK IF NOT BEING USED
    print "<br>";
    print "You will be redirected back to the login page in a short while.";
    ?>
              <HEAD>
Пример #2
0
            }
            $this->Priority = $this->priority;
        }
    }
    if (!$limitedStartup) {
        if ($config['softdebug'] == 1) {
            $starttime = microtime();
            $data->reset_counter();
        }
        $cookievalue = md5(time() . 'um');
        $expire = time() + $config['session_length'];
        if ($config['gzip'] == 1) {
            $tpl->load_filter('output', 'gzip');
        }
        if (!$skipUser) {
            $check = $Auth->page_check();
            $user_page_auths = get_user_auths();
            $user_groups = user_groups_id_key_array($check['id']);
            $onlineUserList = get_online_users_array();
            $userIdList = get_user_id_list_array();
        }
        $censorWords = get_censor();
        $scoutlanguage = read_scout_language();
        $tpl->assign("scoutlang", $scoutlanguage);
    }
    $timestamp = time();
} else {
    require_once "config.php";
    require_once "includes/db.php";
    require_once "includes/functions.php";
    $data = new database($dbname, $dbhost, $dbusername, $dbpassword, $dbprefix, $dbport);