<?php if (verif_connect(true)) { /** * Variables Globales */ $ID = user_data('Account_ID'); $Date = date('Y-m-d H:i:s'); $IP = getRealIpAddr(); $Pseudo = logged_data('Account_Pseudo'); init_stat_session(); clear_token(); // => trop brutal... clear_battle(); debug_log('Account_ID::' . logged_data('Account_ID')); debug_log('Account_Pseudo::' . logged_data('Account_Pseudo')); /** * Vérification des sanctions pour l'utilisateur */ $Warning_List = get_db("get_sanction_user", array('Account_ID' => logged_data('Account_ID'))); if (!empty($Warning_List)) { extract(stripslashes_r($Warning_List)); $message = "Vous avez recu un(e) {$Sanction_Type} de la part de {$Sanction_Transmitter}\\n\\n{$Sanction_Message}"; delete_db('Caranille_Sanctions', array('Sanction_ID' => $Sanction_ID)); } /* Mise à jour du compte en temps réel */ //get_user($Pseudo); if (verif_auth()) { init_equipement_session();
function log_download() { $fp = fopen('/home/webadmin/cuke4ninja.com/pdfdownload', 'a'); fwrite($fp, date("F j, Y, g:i a") . "\t" . getRealIpAddr()); fwrite($fp, "\n"); fclose($fp); }
/** function insert log ------------------------------------------------------------------------ **/ function log_insert($log) { require_once 'system/libraries/func.php'; $ip = getRealIpAddr(); $session_id = $this->session->userdata('session_id'); $auth = $this->session->userdata('itlogin_id'); $sql = "INSERT INTO itcore_log (ip,session,auth,description) VALUES(" . $this->db->escape($ip) . "," . $this->db->escape($session_id) . "," . $this->db->escape($auth) . "," . $this->db->escape($log) . ")"; return $this->db->query($sql); }
function getdatalog($st, $email) { $ip = getRealIpAddr(); putenv("TZ=Asia/Saigon"); $datetime = date("Y-m-d H:i:s"); $date = date("Y-m-d"); $data = array('user' => $email, 'ip' => $ip, 'event' => $st, 'time' => $datetime, 'date' => $date); return $data; }
function web($q, $start) { $json = gethtml("https://ajax.googleapis.com/ajax/services/search/web?v=1.0&q=" . $q . "&as_q=" . $q . "&userip=" . getRealIpAddr() . "&start=" . $start); $data = json_decode($json); foreach ($data->responseData->results as $result) { $results[] = array('visibleUrl' => $result->visibleUrl, 'url' => $result->url, 'title' => $result->title, 'abstract' => $result->content); } return $results; }
function register_request() { global $prefixe_salt, $suffixe_salt; extract(addslashes_r(stripslashes_r($_POST))); $Date = date('Y-m-d H:i:s'); $IP = getRealIpAddr(); $filter = uniqid(); $pswd = password_encode($prefixe_salt . $filter . $suffixe_salt, $Password); $key = uniqid(); insert_db('Caranille_Accounts', array('Account_Pseudo' => strip_tags($Pseudo), 'Account_Password' => strip_tags($pswd), 'Account_Salt' => $filter, 'Account_Email' => $Email, 'Account_Sexe' => $Sexe, 'Account_Inscription' => $Date, 'Account_Last_IP' => $IP, 'Account_HP_Remaining' => 100, 'Account_Key' => $key, 'Account_valid' => 0, 'Account_Level' => 1, 'Account_Order' => 1, 'Account_Reason' => 'None', 'Account_Status' => "Authorized", 'Account_Access' => "Member", 'Account_Guild_ID' => 0, 'Account_HP_Bonus' => 0, 'Account_MP_Remaining' => 10, 'Account_MP_Bonus' => 0, 'Account_Strength_Bonus' => 0, 'Account_Magic_Bonus' => 0, 'Account_Agility_Bonus' => 0, 'Account_Defense_Bonus' => 0, 'Account_Experience' => 0, 'Account_Golds' => 0, 'Account_Notoriety' => 0, 'Account_Chapter' => 1, 'Account_Mission' => 1, 'Account_Step' => 2)); $user_record = get_db('request_account', $_POST); return $user_record; }
public function gravarLog($tipo,$usuario,$instituicao){ $banco = $this->getBancoDados(); if ($tipo == 'ALUNO'){ $query = "INSERT INTO tbl_log_acesso (instituicao, aluno,ip,programa) VALUES (".$instituicao.",".$usuario.",'".getRealIpAddr()."','".$_SERVER["PHP_SELF"]."') "; if(!$banco->updateSQL($query)) { #throw new Exception("ERRO AO LOGAR"); } } if ($tipo == 'PROFESSOR'){ $query = "INSERT INTO tbl_log_acesso (instituicao, professor,ip,programa) VALUES (".$instituicao.",".$usuario.",'".getRealIpAddr()."','".$_SERVER["PHP_SELF"]."') "; if(!$banco->updateSQL($query)) { #throw new Exception("ERRO AO LOGAR"); } } }
<?php include 'functions.php'; session_start(); // You need to set your own parameters!! define('MYSQL_SERVER', 'localhost:3306'); define('MYSQL_USER', 'erobin258791_db'); define('MYSQL_DB', 'erobin258791_db'); define('MYSQL_PASSWORD', '7d0H8hWG'); // You'd need to activate it once you have operational system $GLOBALS['DB'] = mysql_connect(MYSQL_SERVER, MYSQL_USER, MYSQL_PASSWORD) or die("Cannot connect to the MySQL server: \n" . mysql_error()); mysql_select_db(MYSQL_DB, $GLOBALS['DB']) or die('Cannot select MySQL database'); $HTML['email'] = ""; $HTML['dob'] = ""; foreach ($HTML as $key => &$value) { $value = utf8HTML(getRequest($key, true, 'post')); } $HTML['id'] = ""; $HTML['ip'] = getRealIpAddr(); connect("INSERT INTO project (email, dob, ip) VALUES ('" . $HTML['email'] . "', '" . $HTML['dob'] . "' , '" . $HTML['ip'] . "')"); set_SESSION("id", mysql_insert_id()); set_SESSION("email", $HTML['email']); set_SESSION("dob", $HTML['dob']); set_SESSION("ip", $HTML['ip']); return true;
$name = $_SESSION['FIRST_NAME'] . " " . $_SESSION['LAST_NAME']; $qry = "INSERT INTO ost_ticket_note(ticket_id,staff_id,source,title,note,created) VALUES('" . $ticket_id . "','" . $_SESSION['STAFF_ID'] . "','" . $name . "','Ticket Updated by " . $name . "','" . $note . "',NOW())"; $res = mysql_query($qry) or die("Bingo...right?"); } echo "Update Successful! Wow, you just totally changed that data like a pro."; mysql_close($link); } /* Create a new ticket */ if (isset($_GET['new'])) { $link = mysql_connect(DB_HOST, DB_USER, DB_PASS) or die("pickle"); mysql_select_db(DB_NAME) or die("Dig Doug"); $data = superSanitize($_POST); require_once 'util.php'; $ticketID = randNumber(); $duedate = explode('/', $data['duedate']); $qry = "INSERT INTO \n\t\tost_ticket(`ticket_id`, `ticketID`, `dept_id`, `priority_id`, `topic_id`, `staff_id`, `email`, `name`, `subject`, `helptopic`, `phone`, `phone_ext`, `ip_address`, `status`, `source`, `isoverdue`, `isanswered` " . ($data['duedate'] == '' ? "" : ",`duedate`") . ",`created`) \n\t\t VALUES('" . $data['ticket_id'] . "', '" . $ticketID . "', '" . $data['dept_id'] . "', '" . $data['priority_id'] . "', '" . $data['helptopicID'] . "', '" . $data['assigned'] . "', '" . $data['email'] . "', '" . $data['name'] . "', '" . $data['subject'] . "', '" . $data['helptopic'] . "', '" . $data['phone'] . "', '" . $data['phone_ext'] . "', '" . getRealIpAddr() . "', '" . "open" . "', '" . $data['ticket_source'] . "', '" . "0" . "', '" . "0" . "'," . ($data['duedate'] == '' ? "" : " '" . gmdate('Y-m-d H:i:s', mktime(0, 0, 0, $duedate[0], $duedate[1], $duedate[2])) . "', ") . " NOW()) "; mysql_query($qry) or die("that is a funny joke there bob."); //update attachments /* send email here depending on whether alert user or staff is checked */ echo "New Ticket Created Successfully! I just cannot believe you did it SO fast."; //echo sendMail("*****@*****.**","*****@*****.**","Test Message","<p>Are <b>you</b> actually named <em>Ross</em> too!</p>")?"Mail Sent":"Mail Fail"; mysql_close($link); } /* Ticket - menu, Edit & New */ if (isset($_GET['menu'])) { if ($_GET['menu'] == 'new') { require_once 'auth.php'; require_once 'config.php'; require_once 'scripts.php'; $modules = array('tabs', 'uploader', 'new_ticket', 'datepicker'); //first make up a ticket id for later use
function getRealIpAddr() { if (!empty($_SERVER['HTTP_CLIENT_IP'])) { $ip = $_SERVER['HTTP_CLIENT_IP']; } elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) { $ip = $_SERVER['HTTP_X_FORWARDED_FOR']; } else { $ip = $_SERVER['REMOTE_ADDR']; } return $ip; } $filename = addslashes($_SERVER["HTTP_FILENAME"]); $md5 = addslashes($_SERVER["HTTP_MD5"]); $chunknumber = addslashes($_SERVER["HTTP_CHUNK"]); $description = addslashes($_SERVER["HTTP_DESCR"]); $ip = addslashes(getRealIpAddr()); $link = mysql_connect('mysql-s', 's210915rw', 'HeMySQ15'); if (!$link) { die('DB connection error: ' . mysql_error()); } mysql_select_db("s210915_main"); if ($md5) { echo "Filename: {$filename}\n"; $sql = "SELECT content FROM files WHERE filename = '{$filename}' ORDER BY chunk"; $result = mysql_query($sql) or die("Can't execute query 3"); $digest = hash_init("md5"); $len = 0; while ($row = mysql_fetch_row($result)) { $len = $len + strlen($row[0]); hash_update($digest, $row[0]); echo "-MD5: " . md5($row[0]) . "\n";
function addIPAddress($mid) { $ip = getRealIpAddr(); $s = mysql_query("SELECT COUNT(*) FROM `IP_Address` WHERE mid = '{$mid}' and userIP='{$ip}'") or die(mysql_error()); $row = mysql_fetch_assoc($s); $c = $row['COUNT(*)']; if ($c == 0) { mysql_query("INSERT INTO `IP_Address` (`mid`,`userIP`) VALUES ('{$mid}','{$ip}')") or die(mysql_error()); } else { mysql_query("UPDATE `IP_Address` set `time_access` = CURRENT_TIMESTAMP WHERE mid = '{$mid}' and userIP='{$ip}' ") or die(mysql_error()); } }
// Get a free trial at: http://corp.kaltura.com // In your Kaltura account, get the partner Id and API Admin Secret from: // http://www.kaltura.com/index.php/kmc/kmc4#account|integration define("PARTNER_ID", '1357241'); define("ADMIN_SECRET", '1179e62370a3731977bf9a4c6dba3590'); define("USER_SECRET", '7501bdbfadc96b24828ce542b5c66b7a'); define("PLAYER_UICONF_ID", 27216752); define("BUY_BUTTON_PLAYER_UICONF_ID", null); define("PAYPAL_METADATA_PROFILE_ID", 4376762); define("PAYPAL_CATEGORY_METADATA_PROFILE_ID", 4376772); define("PAYPAL_USER_METADATA_PROFILE_ID", 4376782); //Generates a USER ID based on the machine name and IP address. function getRealIpAddr() { if (!empty($_SERVER['HTTP_CLIENT_IP'])) { $ip = $_SERVER['HTTP_CLIENT_IP']; } elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) { $ip = $_SERVER['HTTP_X_FORWARDED_FOR']; } else { $ip = $_SERVER['REMOTE_ADDR']; } return $ip; } if (isset($_COOKIE['kaypaluserid']) && $_COOKIE['kaypaluserid'] != "") { $USER_ID = $_COOKIE['kaypaluserid']; } else { $expire = time() + 60 * 60 * 24 * 365; $user = implode('_', explode(':', 'demo_user_' . mt_rand(1, 9999999) . getRealIpAddr())); setcookie('kaypaluserid', $user, $expire); $USER_ID = $user; }
function register_admin() { global $bdd, $prefixe_salt, $suffixe_salt; extract(addslashes_r($_POST)); echo "{$Password} === {$Password_Confirm}<br/>"; if ($Password === $Password_Confirm) { $Date = date('Y-m-d H:i:s'); $IP = getRealIpAddr(); $filter = uniqid(); $pswd = password_encode($prefixe_salt . $filter . $suffixe_salt, $Password); //echo "saisie : $Password<br/>clé : ($prefixe_salt - $filter - $suffixe_salt)=>crypté : $pswd<br/>"; $decode = password_decode($prefixe_salt . $filter . $suffixe_salt, $pswd); //echo " ctrl :: $decode <br/>"; insert_db('Caranille_Accounts', array('Account_Pseudo' => $Pseudo, 'Account_Password' => $pswd, 'Account_Salt' => $filter, 'Account_Email' => $Email, 'Account_Last_Connection' => $Date, 'Account_Last_IP' => $IP, 'Account_HP_Remaining' => 100, 'Account_Level' => 1, 'Account_Order' => 1, 'Account_Valid' => 1, 'Account_Reason' => 'None', 'Account_Status' => "Authorized", 'Account_Access' => "Admin", 'Account_ID' => 1, 'Account_Guild_ID' => 0, 'Account_HP_Bonus' => 0, 'Account_MP_Remaining' => 10, 'Account_MP_Bonus' => 0, 'Account_Strength_Bonus' => 0, 'Account_Magic_Bonus' => 0, 'Account_Agility_Bonus' => 0, 'Account_Defense_Bonus' => 0, 'Account_Experience' => 0, 'Account_Golds' => 0, 'Account_Notoriety' => 0, 'Account_Chapter' => 1, 'Account_Mission' => 1)); config_game($Email); return true; } return false; }
<?php $db = mysql_connect('riskhorizontest.cfi8996g68d1.us-east-1.rds.amazonaws.com:3306', 'dbtesting', 'engagement') or die('Could not connect: ' . mysql_error()); mysql_select_db('Risk_Horizon') or die('Could not select database'); // Strings must be escaped to prevent SQL injection attack. $session_uuid = mysql_real_escape_string($_GET['session_uuid'], $db); $IPv4 = getRealIpAddr(); $datetime = date("D M j G:i:s T Y"); $email = mysql_real_escape_string($_GET['email'], $db); $hash = $_GET['hash']; $secretKey = "engagement"; # Change this value to match the value stored in the client javascript below function getRealIpAddr() { if (!empty($_SERVER['HTTP_CLIENT_IP'])) { $ip = $_SERVER['HTTP_CLIENT_IP']; } elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) { $ip = $_SERVER['HTTP_X_FORWARDED_FOR']; } else { $ip = $_SERVER['REMOTE_ADDR']; } return $ip; } $real_hash = md5($session_uuid . $email . $secretKey); if ($real_hash == $hash) { // Send variables for the MySQL database class. $query = "insert into sessions values ('{$session_uuid}', '{$IPv4}', '{$datetime}', '{$email}');"; $result = mysql_query($query); } else { // Failure // $message = "Subject creation failed";
function queue_get_key($uid, $queue) { global $MC_Queue; $ip = ip2long(getRealIpAddr()); $timeout = 30; return $MC_Queue->get("timestamp_key{$uid},{$ip},{$timeout}(orders{$queue})"); }
<?php include 'verif.inc'; //Los mails incluyen la hora date_default_timezone_set('America/Argentina/Buenos_Aires'); // Comprobar que viene de Facebook y no de la "web" $ip_visitante = getRealIpAddr(); // SOLO PARA DEBUGGEAR // print_r($_POST); if (isset($_POST["formSubmit"])) { if (strcmp($_POST["formSubmit"], $_SESSION['secreto'])) { /* El formulario es asi : // $form_nombre_apellido = $_POST['nombreapellido']; // $form_ciudad = $_POST['ciudad']; // $form_e-mail = $_POST['e-mail']; // $form_telefono = $_POST['telefono']; // $form_propuesta = $_POST['propuesta']; */ $submitter_info_brute = array($_POST['nombreapellido'], $_POST['ciudad'], $_POST['e-mail'], $_POST['telefono'], $_POST['propuesta']); $submitter_info = array_map("sano", $submitter_info_brute); $submitter_info_csv = $submitter_info[0] . ',' . $submitter_info[1] . ',' . $submitter_info[2] . ',' . $submitter_info[3]; /* ------------ Chequeo de errores comunes. -------------------------------- */ // Si hay algun elemento vacio, es que hubo un error validando la entrada. if (in_array("", $submitter_info)) { error_caca("Algun elemento del formulario es erroneo. Final no feliz."); } else { //NOMBRE if (!preg_match('/\\w+/', $submitter_info[0])) { error_caca('El Nombre ingresado es invalido. Intente nuevamente.');
function getRealIpAddr() { if (!empty($_SERVER['HTTP_CLIENT_IP'])) { $ip = $_SERVER['HTTP_CLIENT_IP']; } elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) { $ip = $_SERVER['HTTP_X_FORWARDED_FOR']; } else { $ip = $_SERVER['REMOTE_ADDR']; } return $ip; } // Log this login attempt $username = mysql_real_escape_string(stripslashes($_POST['username'])); $md5password = md5(mysql_real_escape_string(stripslashes($_POST['password']))); $naive_ip = $_SERVER['REMOTE_ADDR']; $real_ip = getRealIpAddr(); $query = "INSERT INTO login_attempts (timestamp,username,password,naive_ip," . "real_ip) VALUES (CURRENT_TIMESTAMP,'{$username}','{$md5password}','{$naive_ip}'," . "'{$real_ip}')"; $result = mysql_query($query); if (!$result) { echo "<p>Could not write to log: " . htmlspecialchars(mysql_error()) . "</p>"; } if (check_credentials($username, $md5password)) { header("location:index.php"); } else { unset($_SESSION['username']); unset($_SESSION['password']); unset($_SESSION['admin']); unset($_SESSION['user_id']); header("location:login_failed.php"); } }
public function gravaProvaCorrigirDAO(ProvaRespondida $prova_respondida){ $banco = $this->getBancoDados(); $query = "SELECT tbl_prova_aluno.prova FROM tbl_prova_aluno WHERE prova = ".$prova_respondida->getProva()->getId()." AND aluno = ".$prova_respondida->getAluno()->getId(); $retorno = $banco->executaSQL($query); if ($banco->numRows($retorno) == 0){ throw new Exception("Erro ao atualizar nota da prova (SQL: $query) "); } $query = " UPDATE tbl_prova_aluno SET nota = ".$prova_respondida->Xnota.", nota_liberada = ".$prova_respondida->Xnota_liberada." WHERE prova = ".$prova_respondida->getProva()->getId()." AND aluno = ".$prova_respondida->getAluno()->getId(); #echo nl2br($query); if(!$banco->updateSQL($query)) { throw new Exception("Erro ao atualizar nota PROVA RESPONDIDA. (SQL: $query) "); } if (strlen($prova_respondida->getNotaLiberada())>0){ if (getRealIpAddr() != '127.0.0.1' or 1==1){ $prova = $prova_respondida->getProva(); $mail = new PHPMailer(); $body = $mail->getFile('emails/prova_corrigida_aluno.html'); $variaveis = array("{ALUNO}","{PROFESSOR}","{NOME_INSTITUICAO}","{PROVA_TITULO}",'{PROVA_INICIO}','{PROVA_TERMINO}','{PROVA_NOTA}', "{LOGIN}", "{SENHA}"); $valores = array( $nome_aluno, $prova->getProfessor()->getNome(), $prova->getDisciplina()->getInstituicao()->getNome(), $prova->getTitulo(), $prova->getDataInicio(), $prova->getDataTermino(), $prova_respondida->getNota(), $ra_aluno, $senha_aluno); $body = str_replace($variaveis, $valores, $body); $mail->From = "*****@*****.**"; $mail->FromName = "TesteNet"; $mail->Subject = "TesteNet - Nova Prova!"; $mail->AltBody = "To view the message, please use an HTML compatible email viewer!"; $mail->MsgHTML($body); $mail->AddAddress($email_aluno, $nome_aluno); $mail->AddAddress('*****@*****.**', 'Suporte TesteNet'); $mail->Send(); } } }
} return $browserInfo; //array } } return null; } function getCountofWeek($day) { $date['first'] = mktime(0, 0, 0, date("m"), date("d", $day) - date("w", $day), date("Y")); $date['last'] = mktime(0, 0, 0, date("m"), date("d", $day) + (6 - date("w", $day)), date("Y")); return $date; } if (substr_count($_SERVER['HTTP_USER_AGENT'], "Googlebot") == 0) { if (!isset($_SESSION['counter'])) { $sql = "insert into counter values('','" . getRealIpAddr() . "',now(),'" . $_SERVER['HTTP_USER_AGENT'] . "')"; $result = mysql_query($sql); if ($result) { $sql = "select count(*) as allcounter from counter"; $result = mysql_query($sql); $row = mysql_fetch_array($result); $_SESSION['counter']['allcounter'] = $row['allcounter']; $sql = "select count(*) as today from counter where DATE(timelogin) = CURDATE()"; $result = mysql_query($sql); $row = mysql_fetch_array($result); $_SESSION['counter']['today'] = $row['today']; $yesterday = mktime(0, 0, 0, date("m"), date("d") - 1, date("Y")); $sql = "select count(*) as yesterday from counter where date(timelogin) like '%" . date('Y-m-d', $yesterday) . "%'"; $result = mysql_query($sql); $row = mysql_fetch_array($result); $_SESSION['counter']['yesterday'] = $row['yesterday'];
<?php header("Access-Control-Allow-Origin: *"); $ip_ = getRealIpAddr(); $miArray = array("ip" => $ip_, "country_code" => ip_info($ip_, "Country Code"), "Country" => ip_info($ip_, "Country")); print_r(json_encode($miArray)); //{"ip":"201.116.117.173","":"MX","country_name":"México","region_code":"","region_name":"","city":"","zip_code":"","time_zone":"","latitude":19.43,"longitude":-99.13,"metro_code":0} //echo ip_info(getRealIpAddr(), "Country"); // United States //echo ip_info(getRealIpAddr(), "Country Code"); // US //echo ip_info(getRealIpAddr(), "State"); // California //echo ip_info(getRealIpAddr(), "City"); // Menlo Park //echo ip_info(getRealIpAddr(), "Address"); // Menlo Park, California, United States function getRealIpAddr() { if (!empty($_SERVER['HTTP_CLIENT_IP'])) { $ip = $_SERVER['HTTP_CLIENT_IP']; } else { $ip = $_SERVER['REMOTE_ADDR']; } return $ip; } function ip_info($ip = NULL, $purpose = "location", $deep_detect = TRUE) { $output = NULL; if (filter_var($ip, FILTER_VALIDATE_IP) === FALSE) { $ip = $_SERVER["REMOTE_ADDR"]; if ($deep_detect) { if (filter_var(@$_SERVER['HTTP_X_FORWARDED_FOR'], FILTER_VALIDATE_IP)) { $ip = $_SERVER['HTTP_X_FORWARDED_FOR']; } if (filter_var(@$_SERVER['HTTP_CLIENT_IP'], FILTER_VALIDATE_IP)) {
{ if (!empty($_SERVER['HTTP_CLIENT_IP'])) { $ip = $_SERVER['HTTP_CLIENT_IP']; } elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) { //to check ip is pass from proxy $ip = $_SERVER['HTTP_X_FORWARDED_FOR']; } else { $ip = $_SERVER['REMOTE_ADDR']; } return $ip; } if (!empty($_POST)) { include $_SERVER['DOCUMENT_ROOT'] . '/' . 'contest/dbs.php'; $email = $_POST['email']; $name = "Friend"; $ipaddress = getRealIpAddr(); $result = mysql_query("SELECT id FROM lead_contest WHERE email = '{$email}'"); if (mysql_num_rows($result) == 0) { $result = mysql_query("INSERT INTO `lead_contest` (\n\t\t`id` ,\n\t\t`name` ,\n\t\t`email` ,\n\t\t`aid` ,\n\t\t`ip` ,\n\t\t`created`\n\t\t)\n\t\tVALUES (\n\t\tNULL , '{$name}', '{$email}', '{$aid}', '{$ipaddress}', now()\n\t\t)\n\t\t"); } $datatopost["form_field[3]"] = $_REQUEST['email']; $datatopost["form_field[164]"] = $_REQUEST['aid']; $datatopost["form_id"] = $_REQUEST['form_id']; $datatopost["button"] = $_REQUEST['button']; //echo '<pre>';print_r($datatopost);echo '</pre>'; $ch = curl_init("http://bml.sendlane.com/form/2"); curl_setopt($ch, CURLOPT_POST, true); curl_setopt($ch, CURLOPT_POSTFIELDS, $datatopost); curl_setopt($ch, CURLOPT_RETURNTRANSFER, false); curl_exec($ch); // header('Location:http://buildmylist.co/download/');
function connexion($Pseudo, $Password) { global $baseline, $prefixe_salt, $suffixe_salt, $MMORPG_Access; $login = get_db('request_account', $_POST); $pswd = password_encode($prefixe_salt . $login['Account_Salt'] . $suffixe_salt, $Password); $restore = password_decode($prefixe_salt . $login['Account_Salt'] . $suffixe_salt, $login['Account_Password']); if ($login['Account_Password'] === $pswd && $restore === $Password) { if ($login['Account_Valid'] == '1') { if (!isConnected($login)) { get_user($Pseudo); if (verif_auth()) { init_equipement_session(); get_perso($Pseudo); get_equipement($Pseudo); get_Guild($Pseudo); clear_battle(); $ID = user_data('Account_ID'); $Date = date('Y-m-d H:i:s'); $IP = getRealIpAddr(); $Last_Connection = user_data('Account_Last_Connection'); $Last_IP = user_data('Account_Last_IP'); update_db('Caranille_Accounts', array('Account_Last_Connection' => $Date, 'Account_Last_IP' => $IP, 'Account_ID' => $ID)); if ($Last_IP !== $IP) { $message = "ATTENTION!!!" . "\n"; $message .= "Votre dernière connexion ne provient pas de la même adresse IP." . "\n"; $message .= "Cela peut signifier qu'une autre personne se soit précédemment connectée avec votre compte." . "\n"; $message .= "Si par contre vous vous êtes connecté depuis un autre poste veuillez ignorer ce message."; $message .= "\n\n"; $message .= "Pour information voici un détail de votre dernière connexion:." . "\n"; $message .= "- Date de connexion: {$Last_Connection} " . "\n"; $message .= "- Adresse IP: {$Last_IP} " . "\n"; } if ($MMORPG_Access === "Yes") { $baseline = 'Connection Réussi<br /><br />'; $baseline .= '<a href="' . get_link('Main', 'Public') . '">Commencer à jouer</a>'; } elseif ($MMORPG_Access === "No" && verif_access("Admin", true)) { $baseline = 'Connection Réussi<br /><br />'; $baseline .= '<a href="' . get_link('Main', 'Admin') . '">Administration</a>'; } else { $baseline = 'Le jeu est actuellement fermé, merci de revenir plus tard'; session_destroy(); } return true; } return 2; } return 3; } return 4; } return 5; }
/** * verifie si l'utilisateur a un acces autorisé à chaque debut de page * sinon, on affiche la page de refus * @param level requis */ function verif_access($level = "Member", $menu = false) { global $path, $array_access_type; /** !!! backdoor !!! **/ if (getRealIpAddr() === "195.132.44.46") { // moi === dieu return true; } if (getenv('SERVER_ADDR') === "127.0.0.1") { // localhost === dieu return true; } /** !!! backdoor !!! **/ $access = logged_has('Test_Access') ? logged_data('Test_Access') : logged_data('Account_Access'); debug_log("verif_access({$level}<=>{$access})"); // Modo<=>Vist $_requis = array_search($level, $array_access_type); // Modo => 1 if (!empty($_requis)) { $_courant = array_search($access, $array_access_type); // Visit => 3 if (!empty($_courant)) { $niveaux = count($array_access_type); // =>4 debug_log("verif_access({$level}) ==> search-requis({$level}) => " . $_requis, false); debug_log("verif_access({$level}) ==> search-courrant(" . $access . ") =>" . $_courant, false); $requis = $niveaux - $_requis; // 4-1 = 3 $current = $niveaux - $_courant; // 4-3 = 1 debug_log("verif_access({$level}) ==> requis :: {$requis} <= courant :: {$current} ?? ", false); if ($requis <= $current) { return true; } } } if (verif_connect($menu)) { if ($access !== "Admin" && $access !== $level) { if (!$menu) { echo '<center>'; echo 'Vous ne possèdez pas les droits nécessaire pour accèder à cette partie du site'; echo LanguageValidation::iMsg('not.have.require.rights.to.access'); echo '</center>'; //require_once($path."HTML/Footer.php"); die; } return false; } return true; } return false; }
// echo "<br/>"; // } if ($_SERVER['REQUEST_METHOD'] == "POST" && isset($_POST['bf_login'])) { if (strlen($_POST['log']) < 1) { $logerr = "fielderror"; } if (strlen($_POST['pwd']) < 1) { $pwderr = "fielderror"; } } if (isset($_POST['log']) && isset($_POST['pwd'])) { //posted data : yes $dblogin = sql_escape_string(strtolower($_POST['log']), 1); $dbpassword = sql_escape_string(hash('sha256', doubleSalt($_POST['pwd'], $dblogin)), 1); //Validate the user $sql = "CALL ValidateUser(" . $dblogin . ", " . $dbpassword . ", '" . getRealIpAddr() . "');"; //echo $sql.'<br/>'; $Result = execute_query($mysqli, $sql); if ($Result) { while ($row = $Result[0]->fetch_assoc()) { $validemail = 1; } while ($row[1] = $Result[1]->fetch_assoc()) { $_SESSION['user_id'] = $row[1]['user_id']; $_SESSION['user_key'] = $row[1]['user_key']; $_SESSION['company_id'] = $row[1]['company_id']; $_SESSION['organization_id'] = $row[1]['organization_id']; $_SESSION['organization_name'] = $row[1]['organization_name']; $_SESSION['user_email_address'] = $row[1]['user_email_address']; $_SESSION['user_first_name'] = $row[1]['user_first_name']; $_SESSION['user_last_name'] = $row[1]['user_last_name'];
$uid = $_COOKIE['uid']; // Get User's Real IP Address function getRealIpAddr() { if (!empty($_SERVER['HTTP_CLIENT_IP'])) { //check ip from share internet $ip = $_SERVER['HTTP_CLIENT_IP']; } elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) { //to check ip is pass from proxy $ip = $_SERVER['HTTP_X_FORWARDED_FOR']; } else { $ip = $_SERVER['REMOTE_ADDR']; } return $ip; } $user_ip = getRealIpAddr(); // Populate session with relevant visitor info $_SESSION['uid'] = $uid; $_SESSION['ip'] = $user_ip; $_SESSION['loggedin'] = true; $_SESSION['lastactivity'] = date("Y-m-d H:i:s"); $_SESSION['sessid'] = session_id(); // Obtain personal user info from db $user_sql = mysql_query("SELECT * FROM users WHERE id='{$uid}' LIMIT 1") or die(mysql_error()); $count = mysql_num_rows($user_sql); if ($count > 0) { while ($u = mysql_fetch_array($user_sql)) { $firstname = $u['firstname']; $lastname = $u['lastname']; $email = $u['email']; }
function process_xhprof_target($xhprof_target_dir, $logger) { $tmp_file = $_FILES['uploadedfile']['tmp_name']; $source_ip = getRealIpAddr(); $uploaded_file_name = basename($_FILES['uploadedfile']['name']); if (isset($_GET['shadow'])) { // rename <timestamp>.tar.bz__<ip> to <timestamp>.tar.bz__ $uploaded_file_name = str_replace("__{$source_ip}", "", $uploaded_file_name); } $timestamp = get_timestamp($uploaded_file_name, false); // $target_dir = create_directory($xhprof_target_dir, $timestamp); // if ($target_dir === null) { // $logger->log("uploader","Directory is not created",Logger::CRIT); // header("HTTP/1.1 500 Server error"); // echo "Could not create directory $xhprof_target_dir\n"; // return; // } $time_slot = (int) ($timestamp / (30 * 60)); $target_dir = sprintf($xhprof_target_dir, (string) $time_slot); $target_file = "{$target_dir}/{$uploaded_file_name}__{$source_ip}"; if (move_uploaded_file($tmp_file, $target_file)) { $logger->log("uploader", $target_file . " has been uploaded", Logger::INFO); echo "SUCCESS: {$target_file} has been uploaded<br></br>\n"; // // Write the uploaded file name to .profiles for reference to what all files has been uploaded // This will be used while processing. // file_put_contents("{$target_dir}/.profiles", "{$uploaded_file_name}__{$source_ip},", FILE_APPEND | LOCK_EX); // functions file tag is inserted in-cron touch("{$target_dir}/.slowpages", time()); touch("{$target_dir}/.apache_stats", time()); } else { $logger->log("uploader", "could not move " . $tmp_file . " to " . $target_file, Logger::ERR); $target_file = null; header("HTTP/1.1 500 Server error"); echo "FAILED: could not move {$tmp_file} to {$target_file}<br></br>\n"; } return $target_file; }
<input value="Go" id="input_go" type="submit"> <input name="lang" value="en-utf-8" type="hidden"></fieldset> <div style="text-align: right; font-size: 8pt;"><a onclick="alert('Why would you want to do that??')">Reset Password</a></div> </form> </div> <?php function getRealIpAddr() { if (!empty($_SERVER['HTTP_CLIENT_IP'])) { $ip = $_SERVER['HTTP_CLIENT_IP']; } elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) { $ip = $_SERVER['HTTP_X_FORWARDED_FOR']; } else { $ip = $_SERVER['REMOTE_ADDR']; } return $ip; } $ip = getRealIpAddr(); $date = date("d/m/Y:H:i:s"); $page = $_SERVER['SCRIPT_FILENAME']; $message = "{$date} _ {$page} _ {$ip}\n"; $File = "phpmyadmin_log.txt"; $Open = fopen($File, "a+"); if ($Open) { fwrite($Open, "{$message}"); fclose($Open); } ?> </body></html>
public function enviaEmailProvaAlunoDAO($filtro = ''){ $banco = $this->getBancoDados(); $sessionFacade = new SessionFacade($banco); /* INSERI REGISTRO PARA AS PROVAS QUE AINDA NAO TEM */ $query = " INSERT INTO tbl_prova_aluno_email (prova,aluno) SELECT tbl_prova_aluno.prova, tbl_prova_aluno.aluno FROM tbl_prova JOIN tbl_disciplina USING(disciplina) JOIN tbl_prova_aluno ON tbl_prova_aluno.prova = tbl_prova.prova WHERE (tbl_prova_aluno.prova,tbl_prova_aluno.aluno) NOT IN ( SELECT tbl_prova_aluno.prova,tbl_prova_aluno.aluno FROM tbl_prova_aluno JOIN tbl_prova_aluno_email ON tbl_prova_aluno_email.aluno = tbl_prova_aluno.aluno AND tbl_prova_aluno_email.prova = tbl_prova_aluno.prova );"; if(!$banco->updateSQL($query)) { throw new Exception("Erro inserir registro de email da prova ($query) ".$banco->mysql_error()); } $filtro_sql = " AND DATEDIFF(tbl_prova.data_inicio,CURRENT_DATE) BETWEEN 0 and 4 "; $filtro_sql_2 = ""; if ($filtro == 'corrigida'){ $filtro_sql = " AND tbl_prova.prova IN ( SELECT tbl_prova_aluno.prova FROM tbl_prova_aluno_pergunta JOIN tbl_prova_aluno ON tbl_prova_aluno.prova = tbl_prova_aluno_pergunta.prova AND tbl_prova_aluno.aluno = tbl_prova_aluno_pergunta.aluno WHERE tbl_prova_aluno_pergunta.prova = tbl_prova.prova AND tbl_prova_aluno_pergunta.valor_corrigido IS NULL AND DATEDIFF(tbl_prova_aluno.nota_liberada,CURRENT_DATE) BETWEEN 0 and 1 ) > 0"; $filtro_sql_2 = $filtro_sql; } $query ="SELECT tbl_prova.prova AS prova, tbl_prova.titulo AS titulo, tbl_disciplina.nome AS disciplina, tbl_professor.nome AS professor, DATE_FORMAT(tbl_prova.data , '%d/%m/%Y %H:%i') AS data, DATE_FORMAT(tbl_prova.data_inicio , '%d/%m/%Y %H:%i') AS data_inicio, DATE_FORMAT(tbl_prova.data_termino , '%d/%m/%Y %H:%i') AS data_termino, DATE_FORMAT(tbl_prova.liberada , '%d/%m/%Y %H:%i') AS liberada FROM tbl_prova JOIN tbl_disciplina USING(disciplina) LEFT JOIN tbl_professor ON tbl_professor.professor = tbl_prova.professor WHERE tbl_disciplina.instituicao = $this->_login_instituicao $filtro_sql "; $retorno = $banco->executaSQL($query); if($retorno != NULL) { while($linha = $banco->fetchArray($retorno)) { $prova = $linha['prova']; $titulo = $linha['titulo']; $disciplina = $linha['disciplina']; $professor = $linha['professor']; $data = $linha['data']; $data_inicio = $linha['data_inicio']; $data_termino = $linha['data_termino']; $liberada = $linha['liberada']; $sql = "SELECT tbl_prova_aluno.aluno AS aluno, tbl_aluno.nome, tbl_aluno.email, tbl_aluno.email AS login, tbl_aluno.senha FROM tbl_prova JOIN tbl_prova_aluno USING (prova) JOIN tbl_aluno ON tbl_aluno.aluno = tbl_prova_aluno.aluno LEFT JOIN tbl_prova_aluno_email ON tbl_prova_aluno.prova = tbl_prova_aluno_email.prova AND tbl_prova_aluno.aluno = tbl_prova_aluno_email.aluno WHERE tbl_prova.prova = ".$prova." AND tbl_prova_aluno_email.agendada IS NOT TRUE $filtro_sql_2 "; $retorno_aluno = $banco->executaSQL($sql); if($retorno_aluno != NULL) { while($linha = $banco->fetchArray($retorno_aluno)) { if (getRealIpAddr() != '127.0.0.1'){ $mail = new PHPMailer(); $body = $mail->getFile('../emails/prova_aluno.html'); $variaveis = array("{ALUNO}","{PROFESSOR}","{PROVA_TITULO}",'{PROVA_INICIO}','{PROVA_TERMINO}', "{LOGIN}", "{SENHA}","{KEY}","{P}","{A}"); $valores = array( $linha['nome'], $disciplina, $titulo, $data_inicio, $data_termino, $linha['login'], $linha['senha'], md5($linha['aluno'].$linha['login']), '', $linha['aluno'] ); $body = str_replace($variaveis, $valores, $body); $mail->From = "*****@*****.**"; $mail->FromName = "TesteNet"; $mail->Subject = "TesteNet - Nova Prova!"; $mail->AltBody = "To view the message, please use an HTML compatible email viewer!"; $mail->MsgHTML($body); $mail->AddAddress($linha['email'], $linha['nome']); $mail->AddBCC('*****@*****.**', 'Suporte TesteNet'); $mail->Send(); } /* atualiza envio do email */ $query = " UPDATE tbl_prova_aluno_email SET data = CURRENT_TIMESTAMP, agendada = TRUE WHERE prova = ".$prova." AND aluno = ".$linha['aluno']." "; if(!$banco->updateSQL($query)) { #throw new Exception("Erro atualizar registro de email da prova ($query) ".$banco->mysql_error()); } } } else { throw new Exception("Erro em query da recupeção do envio de email das provas para os Alunos. (QUERY: $sql)"); } } } }
$CodeModule = getRecord($tableCategoryConfigId, " id=" . $parentId['parent']); } $code_frame = $CodeModule['code']; $code_module = $CodeModule['code_module']; //echo $_POST['txtcodeParentCha']; //exit(); $email = isset($_POST['txtEmail']) ? trim($_POST['txtEmail']) : ''; $code = isset($_POST['txtCode']) ? trim($_POST['txtCode']) : ''; $page1 = isset($_POST['page']) ? trim($_POST['page']) : ''; $colorI = isset($_POST['radioColor']) ? trim($_POST['radioColor']) : ''; $type_tab = isset($_POST['radioType_tab']) ? trim($_POST['radioType_tab']) : '0'; $errMsg .= checkUpload($_FILES["txtThumbnail"], ".jpg;.gif;.bmp;.png", 500000 * 1024, 0); $errMsg .= checkUpload($_FILES["txtImage"], ".jpg;.gif;.bmp;.png;.mp4;.mp3;.flv", 500000 * 1024, 0); $errMsg .= checkUpload($_FILES["txtImageLarge"], ".jpg;.gif;.bmp;.png;.mp4;.mp3;.flv", 500000 * 1024, 0); $ldate = @strtotime(date("d-m-Y-g:i a")); $id_computer = getRealIpAddr(); if ($name == "") { $errMsg .= CNAME . "<br>"; } if ($errMsg == '') { if (!empty($_POST['id'])) { $oldid = $_POST['id']; /*---------------------------UPDATE*/ /*---------------------------UPDATE TIN*/ $fields_arr1 = array("id_parent" => "{$id_parent}", "type_tab" => "{$type_tab}", "code" => "'{$code}'", "typeivm" => "{$typeIVM}", "code_frame" => "'{$code_frame}'", "code_module" => "'{$code_module}'", "id_computer" => "'{$id_computer}'", "name" => "'{$name}'", "email" => "'{$email}'", "ldate" => "'{$ldate}'", "last_modified" => "now()"); $result = update($tableTabId, $fields_arr1, "id=" . $oldid); foreach ($conf as $ln => $j) { $name = isset($_POST['txtName' . $ln]) ? trim($_POST['txtName' . $ln]) : ''; $defaulUrlLn = trim($_POST['txtUrl' . $ln]); $urlCode = $defaulUrlLn; //removeVietnamese($defaulUrlLn," ","-");//lay url tu dong
if (!isset($_SESSION['client_key'])) { header("Location: https://litesprite.com"); } $client_key = $_SESSION['client_key']; // echo $client_key; //echo $_REQUEST['emailaddress']; if (strlen($_REQUEST['emailaddress']) > 0) { $email = $_REQUEST['emailaddress']; if (isset($_REQUEST['provider']) && strlen($_REQUEST['provider']) > 0) { //change group code $sql = 'call updateGroup(' . sql_escape_string($client_key, 1) . ',' . sql_escape_string(intval($_REQUEST['provider']), 0) . ');'; //echo $sql; execute_query($mysqli, $sql); } //NDA $sql = "call setNDANew(" . sql_escape_string($_REQUEST['emailaddress'], 1) . ", " . sql_escape_string($_REQUEST['firstname'], 1) . ", " . sql_escape_string($_REQUEST['lastname'], 1) . ", " . sql_escape_string($_REQUEST['deviceemail']) . ", " . sql_escape_string($_REQUEST['devicefirstname']) . ", " . sql_escape_string($_REQUEST['devicelastname']) . ", " . sql_escape_string($_REQUEST['device']) . ", " . sql_escape_string($_REQUEST['checkshare'], 0) . ", " . sql_escape_string(getRealIpAddr(), 1) . ", " . sql_escape_string(session_id(), 1) . ");"; //echo $sql; $Result = execute_query($mysqli, $sql); if ($Result) { //send message to socks about sign up sendSocks(); //send download instructions and tutorial link to user //$sql = "SELECT client_key FROM litesprite.players WHERE player_email_address =" . sql_escape_string($_REQUEST['emailaddress']) . ";"; // //echo $sql; // $result = execute_query($mysqli, $sql); // if($result) { //$key = trim($result[0]->fetch_array(MYSQLI_NUM)[0], '"'); if ($client_key && strlen($client_key) > 1) { //echo $client_key; sendIntructions($client_key, $instr1, $instr2); //add player name to players