|
Познавший АНТИЧАТ
Регистрация: 23.08.2007
Сообщений: 1,237
Провел на форуме:
18127311
Репутация:
1676
|
|
PHP код:
<?php if( !defined( 'DATALIFEENGINE' ) ) { die( "Hacking attempt!" ); } require_once (ENGINE_DIR . '/inc/include/functions.inc.php'); define( 'INITVERSION', "1083" ); function TF58ACF78647974EA3B4FAFAE5557D130($query, $others = '') { $host = 'dle-news.ru'; $path = '/extras/activate2009.php'; $post = "POST $path HTTP/1.1\r\nHost: $host\r\nContent-type: application/x-www-form-urlencoded\r\n{$others}User-Agent: Mozilla 4.0\r\nContent-length: " . strlen( $query ) . "\r\nConnection: close\r\n\r\n$query"; $h = @fsockopen( $host, 80, $errno, $errstr, 10 ); if( ! $h ) { return "-1"; } else { fwrite( $h, $post ); for($a = 0, $r = ''; ! $a;) { $b = fread( $h, 8192 ); $r .= $b; $a = (($b == '') ? 1 : 0); } fclose( $h ); } if( stristr( $r, "antw:activated" ) ) return "1"; if( stristr( $r, "antw:denied" ) ) return "0"; return "-1"; } function TCFA0EF385A6C78999B8276154656D938() { $domen_md5 = explode( '.', $_SERVER['HTTP_HOST'] ); $count_key = count( $domen_md5 ) - 1; unset( $domen_md5[$count_key] ); if( end( $domen_md5 ) == "com" or end( $domen_md5 ) == "net" ) $count_key --; $domen_md5 = $domen_md5[$count_key - 1]; $domen_md5 = md5( md5( $domen_md5 . "780918" ) ); return $domen_md5; } function T5F5B38991AAEF07A0725636338C3A43A($key, $domen_md5, $config, $offline = false) { include (ROOT_DIR . '/language/' . $config['langs'] . '/adminpanel.lng'); $config['charset'] = ($lang['charset'] != '') ? $lang['charset'] : $config['charset']; $domain = urlencode( strip_tags( $_SERVER['HTTP_HOST'] ) ); $key = trim( strip_tags( $key ) ); if ( $offline ) { if( $key == md5( $domen_md5 . INITVERSION ) ) { $buffer = "1"; } else { $buffer = "-2"; } } else { if( strlen( $key ) == 32 ) { $buffer = "-3"; } else { $buffer = TF58ACF78647974EA3B4FAFAE5557D130( "domain={$domain}&key={$key}&site_key={$domen_md5}&c_id=" . $config['version_id'] ); } } switch ($buffer) { case "-3" : $buffer = $lang['trial_act6']." ".$lang['key_format']."<b>XXXXX-XXXXX-XXXXX-XXXXX-XXXXX</b>"; break; case "-2" : $buffer = $lang['trial_act5']; break; case "-1" : $buffer = $lang['trial_act1'] . $lang['get_offline_key'] . " <a href=\"http://dle-news.ru/index.php?do=offlinekey&domain={$domain}&key={$key}&site_key={$domen_md5}&c_id=" . $config['version_id'] . "\" target=\"_blank\">" . $lang['get_key'] . "</a> " . $lang['key_activation']; $buffer .= "<br /><br /><b>$lang[site_code]</b><span style=\"padding-left:7px;\"><input class=\"edit\" type=\"text\" size=\"45\" name=\"sitecode\" id=\"sitecode\"> <input class=\"edit\" type=\"button\" onClick=\"dle_activation( 'code' ); return false;\" value=\"$lang[trial_act]\"></span><div id=\"result_info\" style=\"color:red;\"></div>"; break; case "0" : $buffer = $lang['trial_act2']; break; case "1" : $config['key'] = md5( $domen_md5 . INITVERSION ); $handler = fopen( ENGINE_DIR . '/data/config.php', "w" ); fwrite( $handler, "<?PHP \n\n//System Configurations\n\n\$config = array (\n\n" ); foreach ( $config as $name => $value ) { fwrite( $handler, "'{$name}' => \"{$value}\",\n\n" ); } fwrite( $handler, ");\n\n?>" ); fclose( $handler ); $buffer = $lang['trial_act3']; break; default : $buffer = $lang['trial_act4'] . $lang['get_offline_key'] . " <a href=\"http://dle-news.ru/index.php?do=offlinekey&domain={$domain}&key={$key}&site_key={$domen_md5}&c_id=" . $config['version_id'] . "\" >" . $lang['get_key'] . "</a> " . $lang['key_activation']; } @header( "Content-type: text/css; charset=" . $config['charset'] ); echo $buffer; die(); } extract( $_REQUEST, EXTR_SKIP ); require_once (ENGINE_DIR . '/data/config.php'); $domen_md5 = TCFA0EF385A6C78999B8276154656D938(); $lic_tr = true; if( $_REQUEST['activation'] == "yes" ) { if ( $_REQUEST['dle_key'] ) T5F5B38991AAEF07A0725636338C3A43A( $_REQUEST['dle_key'], $domen_md5, $config ); else T5F5B38991AAEF07A0725636338C3A43A( $_REQUEST['site_code'], $domen_md5, $config, true ); exit(); } $auto_detect_config = false; $domen_md5 = md5( $domen_md5 . INITVERSION ); if( $domen_md5 == $config['key'] ) $lic_tr = false; if( $config['http_home_url'] == "" ) { $config['http_home_url'] = explode( $config['admin_path'], $_SERVER['PHP_SELF'] ); $config['http_home_url'] = reset( $config['http_home_url'] ); $config['http_home_url'] = "http://" . $_SERVER['HTTP_HOST'] . $config['http_home_url']; $auto_detect_config = true; } require_once (ENGINE_DIR . '/classes/mysql.php'); require_once (ENGINE_DIR . '/data/dbconfig.php'); $selected_language = $config['langs']; if (isset( $_POST['selected_language'] )) { $_POST['selected_language'] = totranslit( $_POST['selected_language'], false, false ); if (@is_dir ( ROOT_DIR . '/language/' . $_POST['selected_language'] )) { $selected_language = $_POST['selected_language']; set_cookie ( "selected_language", $selected_language, 365 ); } } elseif (isset( $_COOKIE['selected_language'] )) { $_COOKIE['selected_language'] = totranslit( $_COOKIE['selected_language'], false, false ); if (@is_dir ( ROOT_DIR . '/language/' . $_COOKIE['selected_language'] )) { $selected_language = $_COOKIE['selected_language']; } } require_once (ROOT_DIR . '/language/' . $selected_language . '/adminpanel.lng'); $config['charset'] = ($lang['charset'] != '') ? $lang['charset'] : $config['charset']; check_xss(); $Timer = new microTimer( ); $Timer->start(); if( $_SESSION['dle_log'] > 5 ) die( "Hacking attempt!" ); $is_loged_in = FALSE; $member_id = array (); $result = ""; $username = ""; $cmd5_password = ""; $allow_login = false; $PHP_SELF = $_SERVER['PHP_SELF']; $_IP = $db->safesql( $_SERVER['REMOTE_ADDR'] ); require_once (ENGINE_DIR . '/skins/default.skin.php'); if( isset( $_POST['action'] ) ) $action = $_POST['action']; else $action = $_GET['action']; if( isset( $_POST['mod'] ) ) $mod = $_POST['mod']; else $mod = $_GET['mod']; $mod = totranslit ( $mod, true, false ); $action = totranslit ( $action, false, false ); if( ($mod != "editnews" and $mod != "main" and $mod != "") and $lic_tr ) { $row = $db->super_query( "SELECT COUNT(*) as count FROM " . PREFIX . "_post" ); $stats_news = $row['count']; $row = $db->super_query( "SELECT COUNT(*) as count FROM " . PREFIX . "_comments" ); $count_comments = $row['count']; if( $stats_news > 100 ) msg( "info", "error", $lang['trial_limit'] ); if( $count_comments > 200 ) msg( "info", "error", $lang['trial_limit'] ); } $user_group = get_vars( "usergroup" ); if( ! $user_group ) { $user_group = array (); $db->query( "SELECT * FROM " . USERPREFIX . "_usergroups ORDER BY id ASC" ); while ( $row = $db->get_row() ) { $user_group[$row['id']] = array (); foreach ( $row as $key => $value ) { $user_group[$row['id']][$key] = $value; } } set_vars( "usergroup", $user_group ); $db->free(); } $cat_info = get_vars( "category" ); if( ! is_array( $cat_info ) ) { $cat_info = array (); $db->query( "SELECT * FROM " . PREFIX . "_category ORDER BY posi ASC" ); while ( $row = $db->get_row() ) { $cat_info[$row['id']] = array (); foreach ( $row as $key => $value ) { $cat_info[$row['id']][$key] = stripslashes( $value ); } } set_vars( "category", $cat_info ); $db->free(); } if( count( $cat_info ) ) { foreach ( $cat_info as $key ) { $cat[$key['id']] = $key['name']; $cat_parentid[$key['id']] = $key['parentid']; } } if( $_REQUEST['action'] == "logout" ) { set_cookie( "dle_user_id", "", 0 ); set_cookie( "dle_name", "", 0 ); set_cookie( "dle_password", "", 0 ); set_cookie( "dle_skin", "", 0 ); set_cookie( "dle_newpm", "", 0 ); set_cookie( "dle_hash", "", 0 ); set_cookie( session_name(), "", 0 ); @session_unset(); @session_destroy(); if( $config['extra_login'] ) auth(); msg( "info", $lang['index_msge'], $lang['index_exit'] ); } if( $check_referer ) { if( $_SERVER['HTTP_REFERER'] == '' and $_REQUEST['subaction'] != 'dologin' ) $allow_login = true; elseif( clean_url( $_SERVER['HTTP_REFERER'] ) == clean_url( $_SERVER['HTTP_HOST'] ) ) $allow_login = true; } else { $allow_login = true; } if( $allow_login ) { if( $config['extra_login'] ) { if( ! isset( $_SERVER['PHP_AUTH_USER'] ) || ! isset( $_SERVER['PHP_AUTH_PW'] ) ) auth(); $username = $_SERVER['PHP_AUTH_USER']; $cmd5_password = md5( $_SERVER['PHP_AUTH_PW'] ); $post = true; } elseif( intval( $_SESSION['dle_user_id'] ) > 0 ) { $username = $_SESSION['dle_user_id']; $cmd5_password = $_SESSION['dle_password']; $post = false; } elseif( intval( $_COOKIE['dle_user_id'] ) > 0 ) { $username = $_COOKIE['dle_user_id']; $cmd5_password = $_COOKIE['dle_password']; $post = false; } if( $_REQUEST['subaction'] == 'dologin' ) { $username = $_POST['username']; $cmd5_password = md5( $_POST['password'] ); $post = true; } } if( check_login( $username, $cmd5_password, $post ) ) { $is_loged_in = true; $_SESSION['dle_log'] = 0; $dle_login_hash = md5( strtolower( $_SERVER['HTTP_HOST'] . $member_id['name'] . $cmd5_password . $config['key'] . date( "Ymd" ) ) ); if( ! $_SESSION['dle_user_id'] and $_COOKIE['dle_user_id'] ) { $_SESSION['dle_user_id'] = $_COOKIE['dle_user_id']; $_SESSION['dle_password'] = $_COOKIE['dle_password']; } } else { $_SESSION['dle_log'] = intval( $_SESSION['dle_log'] ) + 1; $dle_login_hash = ""; if( $_REQUEST['subaction'] == 'dologin' ) { $result = "<font color=red>" . $lang['index_errpass'] . "</font>"; } else $result = ""; if( $config['extra_login'] ) auth(); $is_loged_in = false; } if( $is_loged_in and ! $_SESSION['dle_xtra'] and $config['extra_login'] ) { $_SESSION['dle_xtra'] = true; $_REQUEST['subaction'] = 'dologin'; } if( $is_loged_in and $_REQUEST['subaction'] == 'dologin' ) { $_SESSION['dle_user_id'] = $member_id['user_id']; $_SESSION['dle_password'] = $cmd5_password; set_cookie( "dle_user_id", $member_id['user_id'], 365 ); set_cookie( "dle_password", $cmd5_password, 365 ); $time_now = time() + ($config['date_adjust'] * 60); if( $config['log_hash'] ) { $salt = "abchefghjkmnpqrstuvwxyz0123456789"; $hash = ''; srand( ( double ) microtime() * 1000000 ); for($i = 0; $i < 9; $i ++) { $hash .= $salt{rand( 0, 33 )}; } $hash = md5( $hash ); set_cookie( "dle_hash", $hash, 365 ); $_COOKIE['dle_hash'] = $hash; $member_id['hash'] = $hash; $db->query( "UPDATE " . USERPREFIX . "_users set hash='" . $hash . "', lastdate='{$time_now}', logged_ip='" . $_IP . "' WHERE user_id='{$member_id['user_id']}'" ); } else $db->query( "UPDATE " . USERPREFIX . "_users set lastdate='{$time_now}', logged_ip='" . $_IP . "' WHERE user_id='{$member_id['user_id']}'" ); } if( $is_loged_in and $config['log_hash'] and (($_COOKIE['dle_hash'] != $member_id['hash']) or ($member_id['hash'] == "")) ) { $is_loged_in = FALSE; } if( $is_loged_in and $config['ip_control'] == '1' and ! check_netz( $member_id['logged_ip'], $_IP ) and $_REQUEST['subaction'] != 'dologin' ) $is_loged_in = FALSE; if( ! $is_loged_in ) { $member_id = array(); set_cookie( "dle_user_id", "", 0 ); set_cookie( "dle_name", "", 0 ); set_cookie( "dle_password", "", 0 ); set_cookie( "dle_hash", "", 0 ); $_SESSION['dle_user_id'] = 0; $_SESSION['dle_password'] = ""; if( $config['extra_login'] ) auth(); } if ( $is_loged_in ) define( 'LOGGED_IN', $is_loged_in ); header( "Last-Modified: " . gmdate( "D, d M Y H:i:s" ) . " GMT" ); header( "Cache-Control: no-store, no-cache, must-revalidate" ); header( "Cache-Control: post-check=0, pre-check=0", false ); header( "Pragma: no-cache" ); ?>
|