Software: Apache/2.2.3 (CentOS). PHP/5.1.6 uname -a: Linux mx-ll-110-164-51-230.static.3bb.co.th 2.6.18-194.el5PAE #1 SMP Fri Apr 2 15:37:44 uid=48(apache) gid=48(apache) groups=48(apache) Safe-mode: OFF (not secure) /var/www/html/alumni/inc/ drwxrwxrwx | |
| Viewing file: Select action/file-type: <?php
/********************************************************************************
- MemHT Portal -
Copyright (C) 2007-2008 by Miltenovik Manojlo
http://www.memht.com
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your opinion) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License along
with this program; if not, see <http://www.gnu.org/licenses/> (GPLv2)
or write to the Free Software Foundation, Inc., 51 Franklin Street,
Fifth Floor, Boston, MA02110-1301, USA.
********************************************************************************/
if (stristr(htmlentities($_SERVER['PHP_SELF']), "inc_header.php")) {
die("<table style='padding: 2px; border: 1px solid #999; background-color: #EEE; font-family: Verdana; font-size: 10px;' align='center'><tr><td><b>Error:</b> This file cannot be opened directly!</td></tr></table>");
}
if (!defined("_LANG_CHARSET_")) { define("_LANG_CHARSET_","utf-8"); }
@header('Content-Type: text/html; charset='._LANG_CHARSET_);
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<!--
/********************************************************************************
- MemHT Portal -
Copyright (C) 2007-2008 by Miltenovik Manojlo
http://www.memht.com
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your opinion) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License along
with this program; if not, see <http://www.gnu.org/licenses/> (GPLv2)
or write to the Free Software Foundation, Inc., 51 Franklin Street,
Fifth Floor, Boston, MA02110-1301, USA.
********************************************************************************/
-->
<?php if (!defined("_TEXT_DIRECTION_")) { define("_TEXT_DIRECTION_","ltr"); } ?>
<html dir='<?php echo _TEXT_DIRECTION_; ?>'>
<head>
<?php
global $dblink,$siteConfig,$userInfo,$user;
//===================================================
//Site title
//===================================================
$sitetitle = "";
if (memRunHooks('SiteTitle',array(&$sitetitle))) {
if (isset($_GET['page'])) {
$page = (isset($_GET['page'])) ? inCode($_GET['page']) : "" ;
$checkop = (isset($_GET['op'])) ? inCode($_GET['op']) : "" ;
$checktitle = (isset($_GET['title'])) ? inCode($_GET['title']) : "" ;
$checkid = (isset($_GET['id'])) ? intval($_GET['id']) : 0 ;
$checkcid = (isset($_GET['cid'])) ? intval($_GET['cid']) : 0 ;
switch ($page) {
case "archive":
$checkarg = (isset($_GET['arg'])) ? @inCode($_GET['arg']) : "" ;
if ($checkarg!="") {
$year = (isset($_GET['year'])) ? intval($_GET['year']) : "" ;
$month = (isset($_GET['month'])) ? intval($_GET['month']) : "" ;
$sitetitle .= ucfirst($checkarg).": ".numToMonth($month)." $year | ";
}
break;
case "articles":
if ($checkop=="readArticle") {
$row = $dblink->get_row("SELECT id,argomento,nome FROM memht_articoli WHERE id=$checkid OR nome='$checktitle'");
$artitle = outCode($row['nome']);
$sitetitle .= "$artitle | ";
}
break;
case "blog":
$checkcat = (isset($_GET['category'])) ? @inCode($_GET['category']) : "" ;
if ($checkid>0 OR $checktitle!="") {
$row = $dblink->get_row("SELECT title FROM memht_blog_posts WHERE id=$checkid OR title='$checktitle'");
$bltitle = outCode($row['title']);
$sitetitle .= "$bltitle | ";
} else if ($checkcid>0 OR $checkcat!="") {
$row = $dblink->get_row("SELECT id,name FROM memht_blog_categories WHERE id=$checkid OR name='$checkcat'");
$catname = outCode($row['name']);
$sitetitle .= "$catname | ";
}
break;
case "download":
if ($checkop=="getFile" AND ($checkid>0 OR $checktitle!="")) {
$row = $dblink->get_row("SELECT id,nome,cat FROM memht_download WHERE id=$checkid OR nome='$checktitle'");
$dwtitle = outCode($row['nome']);
$sitetitle .= $dwtitle." | ";
} else if ($checkop=="category" AND ($checkid>0 OR $checktitle!="")) {
$row = $dblink->get_row("SELECT nome FROM memht_download_categorie WHERE id=$checkid OR nome='$checktitle'");
$cattitle = outCode($row['nome']);
$sitetitle .= $cattitle." | ";
}
break;
case "faq":
if ($checkop=="read") {
if ($row = $dblink->get_row("SELECT domanda FROM memht_faq WHERE id=$checkid")) {
$sitetitle .= outCode($row['domanda'])." | ";
}
} else if ($checkop=="arg") {
if ($row = $dblink->get_row("SELECT nome FROM memht_faq_categorie WHERE id=$checkid")) {
$sitetitle .= outCode($row['nome'])." | ";
}
}
break;
case "forum":
if ($checkop=="viewThread") {
if ($row = $dblink->get_row("SELECT name FROM memht_forum_posts WHERE id=$checkid")) {
$sitetitle .= outCode($row['name'],0)." | ";
}
}
break;
case "gallery":
if ($checkop=="showGallery") { $sitetitle .= "$checktitle | "; }
break;
case "guide":
if ($checkop=="readGuide") { $sitetitle .= "$checktitle | "; }
break;
case "mypage":
if ($checkop=="openPage") {
$row = $dblink->get_row("SELECT title FROM memht_mypage WHERE id=$checkid OR title='$checktitle'");
$mptitle = outCode($row['title']);
$sitetitle .= "$mptitle | ";
}
break;
case "news":
if ($checkop=="readNews") {
$row = $dblink->get_row("SELECT nome FROM memht_news WHERE id=$checkid OR nome='$checktitle'");
$newtitle = outCode($row['nome']);
$sitetitle .= "$newtitle | ";
}
break;
case "tags":
if ($checkop=="list") { $sitetitle .= inCode(@$_GET['tag'])." | "; }
break;
}
if ($row = $dblink->get_row("SELECT titolo,description,keywords,fullscreen,rank,enabled FROM memht_pagine WHERE nome='$page'")) {
$pagetitle = outCode($row['titolo']);
$fullScreen = intval($row['fullscreen']);
$pgkw = outCode($row['keywords']);
$pgds = outCode($row['description']);
$rankPage = intval($row['rank']);
$enabledPage = intval($row['enabled']);
$sitetitle .= $pagetitle." | ";
$virtualpagerequest = false;
} else if ($row = $dblink->get_row("SELECT title,content,description,keywords,fullscreen,rank,enabled FROM memht_virtualpages WHERE name='$page'")) {
//VIRTUAL PAGES (Added in 3.8.0)
$pagetitle = outCode($row['title']);
$pageContent = outCodeVP($row['content']);
$fullScreen = intval($row['fullscreen']);
$pgkw = outCode($row['keywords']);
$pgds = outCode($row['description']);
$rankPage = intval($row['rank']);
$enabledPage = intval($row['enabled']);
$sitetitle .= $pagetitle." | ";
$virtualpagerequest = true;
} else {
$pgkw = "";
$pgds = "";
$fullScreen = 0;
$virtualpagerequest = false;
}
} else {
$pgkw = "";
$pgds = "";
$fullScreen = 0;
$virtualpagerequest = false;
}
$sitetitle .= $siteConfig['site_name'];
memRunHooks('SiteTitleEnd',array(&$sitetitle));
}
echo "<title>$sitetitle</title>\n";
//===================================================
//Meta tags
//===================================================
if (memRunHooks('MetaTags')) {
if (!defined("_LANG_CHARSET_")) { define("_LANG_CHARSET_","utf-8"); }
echo "<meta http-equiv='Content-Type' content='text/html;charset="._LANG_CHARSET_."'>\n";
echo ($pgkw!="") ? "<meta name='keywords' content=\"$pgkw\">\n" : "<meta name='keywords' content='".$siteConfig['metatags']."'>\n" ;
echo ($pgds!="") ? "<meta name='description' content=\"$pgds\">\n" : "<meta name='description' content='".$siteConfig['site_description']."'>\n" ;
echo "<meta name='robots' content='index, follow'>\n";
echo "<meta name='revisit-after' content='1 days'>\n";
echo "<meta name='author' content='MemHT Portal (www.memht.com) - Miltenovik Manojlo'>\n";
echo "<base href='".$siteConfig['site_url']."/'>\n";
memRunHooks('MetaTagsEnd');
}
//===================================================
//RSS syndication
//===================================================
if (memRunHooks('RssSyndication')) {
if ($siteInfo['feed_articles'] = $dblink->get_num("SELECT id FROM memht_articoli WHERE enabled=1 LIMIT 1")>0) {
echo "<link rel='alternate' type='application/rss+xml' title='"._ARTRSSFEED_."' href='rss.php?page=articles'>\n";
}
if ($siteInfo['feed_blog'] = $dblink->get_num("SELECT id FROM memht_blog_posts WHERE enabled=1 LIMIT 1")>0) {
echo "<link rel='alternate' type='application/rss+xml' title='"._BLOGRSSFEED_."' href='rss.php?page=blog'>\n";
}
if ($siteInfo['feed_download'] = $dblink->get_num("SELECT id FROM memht_download LIMIT 1")>0) {
echo "<link rel='alternate' type='application/rss+xml' title='"._DWNRSSFEED_."' href='rss.php?page=download'>\n";
}
if ($siteInfo['feed_forum'] = $dblink->get_num("SELECT id FROM memht_forum_posts LIMIT 1")>0) {
echo "<link rel='alternate' type='application/rss+xml' title='"._FORUMRSSFEED_."' href='rss.php?page=forum'>\n";
}
if ($siteInfo['feed_guide'] = $dblink->get_num("SELECT id FROM memht_guide WHERE enabled=1 LIMIT 1")>0) {
echo "<link rel='alternate' type='application/rss+xml' title='"._GUIRSSFEED_."' href='rss.php?page=guide'>\n";
}
if ($siteInfo['feed_news'] = $dblink->get_num("SELECT id FROM memht_news WHERE enabled=1 LIMIT 1")>0) {
echo "<link rel='alternate' type='application/rss+xml' title='"._NEWSRSSFEED_."' href='rss.php?page=news'>\n";
}
memRunHooks('RssSyndicationEnd');
}
//===================================================
//CSS
//===================================================
echo "<link rel='stylesheet' href='".$siteConfig['site_url']."/inc/inc_style.css' type='text/css'>\n";
if (file_exists("templates/".$siteConfig['template']."/style.css")) { echo "<link rel='stylesheet' href='".$siteConfig['site_url']."/templates/".$siteConfig['template']."/style.css' type='text/css'>\n"; }
if (file_exists("templates/".$siteConfig['template']."/forum.css")) { echo "<link rel='stylesheet' href='".$siteConfig['site_url']."/templates/".$siteConfig['template']."/forum.css' type='text/css'>\n"; }
memRunHooks('StyleSheets');
//===================================================
//Favicon
//===================================================
if (file_exists("templates/".$siteConfig['template']."/images/favicon_ani.gif")) {
echo "<link rel='icon' href='".$siteConfig['site_url']."/templates/".$siteConfig['template']."/images/favicon_ani.gif' type='image/gif'>\n";
} else if (file_exists("templates/".$siteConfig['template']."/images/favicon.ico")) {
echo "<link rel='icon' href='".$siteConfig['site_url']."/templates/".$siteConfig['template']."/images/favicon.ico' type='image/x-icon'>\n";
echo "<link rel='shortcut icon' href='".$siteConfig['site_url']."/templates/".$siteConfig['template']."/images/favicon.ico' type='image/x-icon'>\n";
} else if (file_exists("images/favicon.ico")) {
echo "<link rel='icon' href='".$siteConfig['site_url']."/images/favicon.ico' type='image/x-icon'>\n";
echo "<link rel='shortcut icon' href='".$siteConfig['site_url']."/images/favicon.ico' type='image/x-icon'>\n";
}
//===================================================
//Custom header
//===================================================
if (file_exists("inc/inc_header_custom.php")) { include("inc/inc_header_custom.php"); }
//===================================================
//Page custom header and javascript file
//===================================================
if (isset($_GET['page'])) {
if (file_exists("pages/$page/head.php")) { include_once("pages/$page/head.php"); }
}
//===================================================
//Infobar
//===================================================
if ($siteConfig['informationbar']==1 OR $siteConfig['site_open']==0) {
?>
<style type="text/css">
body {
padding-left:0;
padding-right:0;
margin-left:0;
margin-right:0;
}
.std_topbar {
width: 100%;
height:13px;
background:url(admin/images/tpl/bg.gif) #EEE repeat-x;
border-top: 1px solid #CCC;
border-bottom: 1px solid #CCC;
font: 10px Verdana;
padding: 2px 0;
text-indent: 5px;
margin-bottom:4px;
color:#666;
}
.std_topbar a { color:#666; }
.std_topbar a:visited { color:#666; }
.std_topbar a:hover { color:#990000; }
</style>
<?php
if ($siteConfig['site_open']==0) {
echo "<div class='std_topbar' id='errorText'><b>"._SITE_INACTIVE_."!</b></div>";
} else {
if (isUser($userid)) {
echo "<div class='std_topbar'>"._HI_." <b>$user</b>! - "._YOURIPIS_." ".$visitorInfo['ip']." - <a href='index.php?page=users&op=editProfile' title='"._MODIFYPROFILE_."'>"._MODIFYPROFILE_."</a> - <a href='index.php?page=users&logout=1' title='"._LOGOUT_."'>"._LOGOUT_."</a></div>";
} else {
echo "<div class='std_topbar'>"._DOTHE_." <a href='index.php?page=users' title='"._LOGIN_."'><b>"._LOGIN_."</b></a> "._OR_." <a href='index.php?page=users&op=register' title='"._REGISTER_."'><b>"._REGISTER_."</b></a> "._FORFREE_."!</div>";
}
}
}
//===================================================
//Javascript
//===================================================
require_once("inc_javascript.php");
if (memRunHooks('PvtMsgNotification')) {
if (isUser($userid) AND $userInfo['newpm']>0 AND $page!="pvtmsg" AND !isset($_COOKIE['ignorepm'])) {
?>
<script type="text/javascript" src="<?php echo $siteConfig['site_url']; ?>/inc/javascript/jquery/plugins/impromptu/impromptu.js"></script>
<script type="text/javascript">
var txt = "<?php echo _YOUHAVE_." ".$userInfo['newpm']." ".strtolower(_NEWMESSAGES_); ?>";
$(document).ready(function(){
$.prompt(txt,{
buttons: { <?php echo _READ_; ?>: true, <?php echo _IGNORE_; ?>: false },
callback: function(v,m) {
if (v==true) {
//Read: Open the private messages page
window.location = "index.php?page=pvtmsg";
} else if (v==false) {
//Ignore: Set ignore cookie
var today = new Date();
var the_cookie_date = new Date(today.getTime() + (1000 * 60 * 30)); //30 minutes
var the_cookie = "ignorepm=true";
var the_cookie = the_cookie + ";expires=" + the_cookie_date;
document.cookie=the_cookie;
}
}
});
});
</script>
<?php
}
memRunHooks('PvtMsgNotificationEnd');
}
echo "</head><body>\n";
//TPL
$tpl->assign('site_name',$siteConfig['site_name']);
$tpl->assign('site_url',$siteConfig['site_url']);
$tpl->assign('fullscreen',$fullScreen);
showPath();
?> |
:: Command execute :: | |
:: Shadow's tricks :D :: | |
Useful Commands
|
|
:: Preddy's tricks :D :: | |
Php Safe-Mode Bypass (Read Files)
|
|
--[ c999shell v. 1.0 pre-release build #16 Modded by Shadow & Preddy | RootShell Security Group | r57 c99 shell | Generation time: 0.005 ]-- |