Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/alumni/blocks/ drwxr-xr-x | |
| Viewing file: Select action/file-type: <?php
/********************************************************************************
- MemHT Portal -
Copyright (C) 2007-2008 by Miltenovik Manojlo
http://www.memht.com
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your opinion) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License along
with this program; if not, see <http://www.gnu.org/licenses/> (GPLv2)
or write to the Free Software Foundation, Inc., 51 Franklin Street,
Fifth Floor, Boston, MA02110-1301, USA.
********************************************************************************/
if (stristr(htmlentities($_SERVER['PHP_SELF']), "block_navigator.php")) {
die("<table style='padding: 2px; border: 1px solid #999; background-color: #EEE; font-family: Verdana; font-size: 10px;' align='center'><tr><td><b>Error:</b> This file cannot be opened directly!</td></tr></table>");
}
global $dblink,$siteConfig,$userid;
$myrank = myRank();
echo "<div class='block_linkstyle nav'><a href='".$siteConfig['site_url']."' title='"._HOME_."'>"._HOME_."</a></div>\n";
$nav_res = $dblink->get_list("SELECT * FROM memht_navigator ORDER BY position");
foreach ($nav_res as $nav_row) {
$type = intval($nav_row['type']);
$content = outCode($nav_row['content']);
$html = outCode($nav_row['html']);
$icon = outCode($nav_row['icon']);
//===TYPE===
//0 = Page
//1 = Manual link "url|name|target"
//2 = Spacer
//3 = HR line
//4 = HTML
//5 = Title
//6 = MyPage
if ($icon!="") { $icon = "<img src='images/navicons/$icon' border='0' alt='$icon'> "; }
switch($type) {
case 0:
$mtitle = "";
if ($pag = $dblink->get_row("SELECT titolo FROM memht_pagine WHERE nome='$content' AND enabled=1 AND rank<=$myrank")) {
$mtitle = outCode($pag['titolo']);
} else {
$pag = $dblink->get_row("SELECT title FROM memht_virtualpages WHERE name='$content' AND enabled=1 AND rank<=$myrank");
$mtitle = outCode($pag['title']);
}
echo ($mtitle!="") ? "<div class='block_linkstyle nav'>$icon<a href='".$siteConfig['site_url']."/index.php?page=$content' title='$mtitle'>$mtitle</a></div>" : "" ;
break;
case 1:
$link = explode("|",$content);
if (!eregi("http://",$link[0])) { $link[0] = "http://".$link[0]; }
if (isset($link[2])) {
echo "<div class='block_linkstyle nav'>$icon<a href='".$link[0]."' target='".@$link[2]."'>".$link[1]."</a></div>";
} else {
echo "<div class='block_linkstyle nav'>$icon<a href='".$link[0]."'>".$link[1]."</a></div>";
}
break;
case 2:
echo "<div style='padding:3px 0;'>$icon</div>";
break;
case 3:
echo "<hr size='1px' style='margin:3px 1px;' noshade>";
break;
case 4:
echo "<div>$html</div>";
break;
case 5:
echo "<div style='padding:4px 0 2px 0;'>$icon<b>$content</b></div>";
break;
case 6:
$row = $dblink->get_row("SELECT id,title FROM memht_mypage WHERE id=$content");
$mtitle = outCode($row['title']);
echo "<div class='block_linkstyle nav'>$icon <a href=\"".$siteConfig['site_url']."/index.php?page=mypage&op=openPage&id=$content&title=".mem_urlencode($mtitle)."\" title=\"".$mtitle."\">".$mtitle."</a></div>";
break;
}
}
if (isAuth($userid,3)) {
?>
<script type="text/javascript">
$(document).ready(function(){
$("#adminmenubtn").click(function(){
//Cookie
var today = new Date();
var the_cookie_date = new Date(today.getTime() + (1000 * 60 * 60 * 24 * 365)); //1 year
var the_cookie = "hideadminmenu=true";
var the_cookie = the_cookie + ";expires=" + the_cookie_date;
document.cookie=the_cookie;
//Animation
$("#adminmenu").slideUp("slow");
$("#adminmenuicn").slideDown("slow");
});
$("#adminmenuicn").click(function(){
//Cookie
var today = new Date();
var the_cookie_date = new Date(today.getTime() + (-1000)); //Delete
var the_cookie = "hideadminmenu=false";
var the_cookie = the_cookie + ";expires=" + the_cookie_date;
document.cookie=the_cookie;
//Animation
$("#adminmenuicn").slideUp("slow");
$("#adminmenu").slideDown("slow");
});
});
</script>
<?php
echo (!isset($_COOKIE['hideadminmenu'])) ? "<div id='adminmenu'>" : "<div id='adminmenu' style='display:none;'>" ;
echo "<div class='box' align='center' style='margin-top:8px;'><b>"._ADMINISTRATION_."</b> <span id='adminmenubtn'><img src='images/minus.gif' border='0' alt='Hide Menu' title='Hide Menu'></span></div>";
echo "<img src='admin/icons/home.png' alt='Admin'> <a href='".$siteConfig['site_url']."/admin.php' title='"._ADMIN_."'>"._ADMIN_."</a><br>\n";
echo "<img src='admin/icons/config.png' alt='Config'> <a href='".$siteConfig['site_url']."/admin.php?page=configuration' title='"._CONFIGURATION_."'>"._CONFIGURATION_."</a><br>\n";
echo "<img src='admin/icons/stat.png' alt='Stats'> <a href='".$siteConfig['site_url']."/admin.php?page=statistics' title='"._STATISTICS_."'>"._STATISTICS_."</a><br>\n";
echo "<img src='admin/icons/logout.png' alt='Logout'> <a href='".$siteConfig['site_url']."/admin.php?logout=1' title='"._LOGOUT_."'>"._LOGOUT_."</a><br>\n";
echo "<div align='center' style='padding-top:8px;'><select onChange='location = this.options[this.selectedIndex].value;'>";
echo "<option value='#' style='font-weight:bold;' selected>-- "._PAGES_." --</option>\n";
if ($nav_res = $dblink->get_list("SELECT nome,titolo FROM memht_pagine ORDER BY titolo")) {
foreach ($nav_res as $nav_row) {
$nome = outCode($nav_row['nome']);
$titolo = outCode($nav_row['titolo']);
echo "<option value='".$siteConfig['site_url']."/index.php?page=$nome'>$titolo</option>\n";
}
} else {
echo "<option value='#'>"._EMPTY_."</option>\n";
}
if ($siteConfig['virtualpages']==1) {
echo "<option value='#' style='font-weight:bold;'>-- "._VIRTUAL_PAGES_." --</option>\n";
if ($nav_res_vp = $dblink->get_list("SELECT name,title FROM memht_virtualpages ORDER BY title")) {
foreach ($nav_res_vp as $nav_row_vp) {
$name = outCode($nav_row_vp['name']);
$ptitle = outCode($nav_row_vp['title']);
echo "<option value='".$siteConfig['site_url']."/index.php?page=$name'>$ptitle</option>\n";
}
} else {
echo "<option value='#'>"._EMPTY_."</option>\n";
}
}
echo "</select></div>\n";
echo "</div>";
echo (isset($_COOKIE['hideadminmenu'])) ? "<div id='adminmenuicn' align='right'><img src='images/plus.gif' border='0' alt='Show Menu' title='Show Menu'></div>" : "<div id='adminmenuicn' style='display:none;' align='right'><img src='images/plus.gif' border='0' alt='Show Menu' title='Show Menu'></div>" ;
}
?> |
:: Command execute :: | |
:: Shadow's tricks :D :: | |
Useful Commands
|
|
:: Preddy's tricks :D :: | |
Php Safe-Mode Bypass (Read Files)
|
|
--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.0058 ]-- |