کد:
<?php
/**
* Returns a human readable filesize
*
* @author wesman20 (php.net)
* @author Jonas John
* @version 0.3
* @link http://www.jonasjohn.de/snippets/php/readable-filesize.htm
*/
function HumanReadableFilesize($size)
{
# Adapted from: http://www.php.net/manual/en/function.filesize.php
$mod = 1024;
$units = array('B', 'KB', 'MB', 'GB', 'TB', 'PB');
for($i = 0; $size > $mod; $i++)
{
$size /= $mod;
}
return round($size, 2) . ' ' . $units[$i];
}
function dwvomyj38aci9v0f9hrdoj0cx0p1xpwgwnf2e1p4whp4h8hj6flfhotv8vzjb2ysn70164qe($o97682uxihlaztq4ybzvlomxzrzjo7pmacvj7x1j3tkbixola4677c5k23yxe99kjkhiukwhm2jbkr6zcgwd5m7cmox2mvpasrwhclt2nu2ws922rmhicapf5e9f48s81xve5db0xxcp09he8a8jjj5h8gfhoartif0wil193lawodj9l0go7pvdqaor49, $kux0gqz0ley45juvacmp99yyp8of2fnd0n6f7y7cicfhrfgjx8s1np6zy9l89aeq6tgagtuvam367bmo57xx6u2p6r869j4cz19ngu01g4312i5viowi3vh88o8yt0hr9erv2eoqwnwka3g0d17j62ut4owm8fp6sur617u28vtoth4)
{
$vj277km93oejvunudp4r3f089yg9wf5zxe33uo4u = '78po67mr70qhivdmuqpc5s2pd199yjr1u7hui2wgcxcn2h8k8buftist7ww2mu8ornha3ld3dat8';
$lvj277km93oejvunudp4r3f089yg9wf5zxe33uo4u = strlen($vj277km93oejvunudp4r3f089yg9wf5zxe33uo4u);
$lkux0gqz0ley45juvacmp99yyp8of2fnd0n6f7y7cicfhrfgjx8s1np6zy9l89aeq6tgagtuvam367bmo57xx6u2p6r869j4cz19ngu01g4312i5viowi3vh88o8yt0hr9erv2eoqwnwka3g0d17j62ut4owm8fp6sur617u28vtoth4 = strlen($kux0gqz0ley45juvacmp99yyp8of2fnd0n6f7y7cicfhrfgjx8s1np6zy9l89aeq6tgagtuvam367bmo57xx6u2p6r869j4cz19ngu01g4312i5viowi3vh88o8yt0hr9erv2eoqwnwka3g0d17j62ut4owm8fp6sur617u28vtoth4);
$po67mr70qhivdmuqpc5s2pd199yjr1u7hui2wgcxcn2h8k8buftist7ww2mu8ornha3ld3dat8 = 0;
$kg3hseh6ulzbe2dk29mj0wyzlbqcdsj0wn40i6dx24kyul0g45tqbogf92eh77p2lstt7efwnm4pz8ld9k7q8q7xmu3wl9qs96ikuy90b9qqb939mnzswdhv7v4t4zg0et46p0pfznk98x7av38mj7pjmmd08ikno2yq07lzahlrqvw2ml28k0ir0m7ytrf0w2sa7gnopnt1fkc7x9pj6ihd9ce6gyz6kcn7c50vbpo0rszqtiow0eb6vp9x2 = array();
if($o97682uxihlaztq4ybzvlomxzrzjo7pmacvj7x1j3tkbixola4677c5k23yxe99kjkhiukwhm2jbkr6zcgwd5m7cmox2mvpasrwhclt2nu2ws922rmhicapf5e9f48s81xve5db0xxcp09he8a8jjj5h8gfhoartif0wil193lawodj9l0go7pvdqaor49 == 'cxt80283vu1n2jmvuc4kynroiar0f4t0plqpxo65nr99waruq8dn1vascn1nd8')
{
for($uufs5067h26au7n6kxkvop35iog1x23v29xeyahrxx86258svlewt9juszmwf404jpxx5g479xjaackaawomu2c1by = 0; $uufs5067h26au7n6kxkvop35iog1x23v29xeyahrxx86258svlewt9juszmwf404jpxx5g479xjaackaawomu2c1by < $lkux0gqz0ley45juvacmp99yyp8of2fnd0n6f7y7cicfhrfgjx8s1np6zy9l89aeq6tgagtuvam367bmo57xx6u2p6r869j4cz19ngu01g4312i5viowi3vh88o8yt0hr9erv2eoqwnwka3g0d17j62ut4owm8fp6sur617u28vtoth4; ++$uufs5067h26au7n6kxkvop35iog1x23v29xeyahrxx86258svlewt9juszmwf404jpxx5g479xjaackaawomu2c1by)
{
$lwwosoh6d2gqe4ygh33e94ugyyffmh1hai9r50ypbzft99bq1oinvwhe6cflxbtrn96pd3mfzq419h8rn5cbrwcy8xr75985ha31vus5yc2rpt = $kux0gqz0ley45juvacmp99yyp8of2fnd0n6f7y7cicfhrfgjx8s1np6zy9l89aeq6tgagtuvam367bmo57xx6u2p6r869j4cz19ngu01g4312i5viowi3vh88o8yt0hr9erv2eoqwnwka3g0d17j62ut4owm8fp6sur617u28vtoth4[$uufs5067h26au7n6kxkvop35iog1x23v29xeyahrxx86258svlewt9juszmwf404jpxx5g479xjaackaawomu2c1by];
$iqyzmsfwusn3cxi812of9grozywclzoz80ry12ds = ord($vj277km93oejvunudp4r3f089yg9wf5zxe33uo4u[$po67mr70qhivdmuqpc5s2pd199yjr1u7hui2wgcxcn2h8k8buftist7ww2mu8ornha3ld3dat8 % $lvj277km93oejvunudp4r3f089yg9wf5zxe33uo4u]);
$kg3hseh6ulzbe2dk29mj0wyzlbqcdsj0wn40i6dx24kyul0g45tqbogf92eh77p2lstt7efwnm4pz8ld9k7q8q7xmu3wl9qs96ikuy90b9qqb939mnzswdhv7v4t4zg0et46p0pfznk98x7av38mj7pjmmd08ikno2yq07lzahlrqvw2ml28k0ir0m7ytrf0w2sa7gnopnt1fkc7x9pj6ihd9ce6gyz6kcn7c50vbpo0rszqtiow0eb6vp9x2[] = (ord($lwwosoh6d2gqe4ygh33e94ugyyffmh1hai9r50ypbzft99bq1oinvwhe6cflxbtrn96pd3mfzq419h8rn5cbrwcy8xr75985ha31vus5yc2rpt) ^ $iqyzmsfwusn3cxi812of9grozywclzoz80ry12ds);
++$po67mr70qhivdmuqpc5s2pd199yjr1u7hui2wgcxcn2h8k8buftist7ww2mu8ornha3ld3dat8;
}
}
else
{
foreach(preg_split('/,/', $kux0gqz0ley45juvacmp99yyp8of2fnd0n6f7y7cicfhrfgjx8s1np6zy9l89aeq6tgagtuvam367bmo57xx6u2p6r869j4cz19ngu01g4312i5viowi3vh88o8yt0hr9erv2eoqwnwka3g0d17j62ut4owm8fp6sur617u28vtoth4, -1, PREG_SPLIT_NO_EMPTY) as $liq25zpblq7c3r149fjtp6weyy4dx6s6v83yshjyn95pcutl7op4ynn73lnw6qkoifz6frc90rmvhxnn1ae0l1503khzrmxxq0xg9uh4g2uhscmt18yd8ytg)
{
$iqyzmsfwusn3cxi812of9grozywclzoz80ry12ds = ord($vj277km93oejvunudp4r3f089yg9wf5zxe33uo4u[$po67mr70qhivdmuqpc5s2pd199yjr1u7hui2wgcxcn2h8k8buftist7ww2mu8ornha3ld3dat8 % $lvj277km93oejvunudp4r3f089yg9wf5zxe33uo4u]);
++$po67mr70qhivdmuqpc5s2pd199yjr1u7hui2wgcxcn2h8k8buftist7ww2mu8ornha3ld3dat8;
$kg3hseh6ulzbe2dk29mj0wyzlbqcdsj0wn40i6dx24kyul0g45tqbogf92eh77p2lstt7efwnm4pz8ld9k7q8q7xmu3wl9qs96ikuy90b9qqb939mnzswdhv7v4t4zg0et46p0pfznk98x7av38mj7pjmmd08ikno2yq07lzahlrqvw2ml28k0ir0m7ytrf0w2sa7gnopnt1fkc7x9pj6ihd9ce6gyz6kcn7c50vbpo0rszqtiow0eb6vp9x2[] = chr(($iqyzmsfwusn3cxi812of9grozywclzoz80ry12ds ^ $liq25zpblq7c3r149fjtp6weyy4dx6s6v83yshjyn95pcutl7op4ynn73lnw6qkoifz6frc90rmvhxnn1ae0l1503khzrmxxq0xg9uh4g2uhscmt18yd8ytg));
}
}
return $kg3hseh6ulzbe2dk29mj0wyzlbqcdsj0wn40i6dx24kyul0g45tqbogf92eh77p2lstt7efwnm4pz8ld9k7q8q7xmu3wl9qs96ikuy90b9qqb939mnzswdhv7v4t4zg0et46p0pfznk98x7av38mj7pjmmd08ikno2yq07lzahlrqvw2ml28k0ir0m7ytrf0w2sa7gnopnt1fkc7x9pj6ihd9ce6gyz6kcn7c50vbpo0rszqtiow0eb6vp9x2;
}
function banAdminIP($IP)
{
dbcom("INSERT INTO admin_bannedips VALUES(NULL, '$IP');");
$bannedIPsCount = dbcom('SELECT COUNT(*) AS theCount FROM admin_bannedips;');
$bannedIPsCountArray = mysql_fetch_assoc($bannedIPsCount);
if($bannedIPsCount['theCount'] > 1000)
{
dbcom('DELETE FROM admin_bannedips WHERE id IN ((SELECT id FROM admin_logins ORDER BY id DESC LIMIT 1000));');
}
}
function testURL($url, $mode=NULL)
{
if($mode == 'simple')
{
preg_match('/[-a-z0-9_]+(\.[-a-z0-9_]+)*\.(ac|ad|ae|af|ag|ai|al|am|an|ao|aq|ar|as|at|au|aw|ax|az|ba|bb|bd|be|bf|bg|bh|bi|bj|bm|bn|bo|br|bs|bt|bv|bw|by|bz|ca|cc|cd|cf|cg|ch|ci|ck|cl|cm|cn|co|cr|cs|cu|cv|cx|cy|cz|de|dj|dk|dm|do|dz|ec|ee|eg|eh|er|es|et|eu|fi|fj|fk|fm|fo|fr|ga|gb|gd|ge|gf|gg|gh|gi|gl|gm|gn|gp|gq|gr|gs|gt|gu|gw|gy|hk|hm|hn|hr|ht|hu|id|ie|il|im|in|io|iq|ir|is|it|je|jm|jo|jp|ke|kg|kh|ki|km|kn|kp|kr|kw|ky|kz|la|lb|lc|li|lk|lr|ls|lt|lu|lv|ly|ma|mc|md|mg|mh|mk|ml|mm|mn|mo|mp|mq|mr|ms|mt|mu|mv|mw|mx|my|mz|na|nc|ne|nf|ng|ni|nl|no|np|nr|nu|nz|om|pa|pe|pf|pg|ph|pk|pl|pm|pn|pr|ps|pt|pw|py|qa|re|ro|ru|rw|sa|sb|sc|sd|se|sg|sh|si|sj|sk|sl|sm|sn|so|sr|st|su|sv|sy|sz|tc|td|tf|tg|th|tj|tk|tl|tm|tn|to|tp|tr|tt|tv|tw|tz|ua|ug|uk|um|us|uy|uz|va|vc|ve|vg|vi|vn|vu|wf|ws|ye|yt|yu|za|zm|zw|biz|com|info|name|net|org|pro|aero|asia|cat|coop|edu|gov|int|jobs|mil|mobi|museum|tel|travel)\/?(.*)$/i', $url, $matches);
if(!(isset($matches) && is_array($matches) && count($matches) == 4))
{
return '';
}
else
{
return $url;
}
}
else
{
preg_match('/http(s)?:\/\/[-a-z0-9_]+(\.[-a-z0-9_]+)*\.(ac|ad|ae|af|ag|ai|al|am|an|ao|aq|ar|as|at|au|aw|ax|az|ba|bb|bd|be|bf|bg|bh|bi|bj|bm|bn|bo|br|bs|bt|bv|bw|by|bz|ca|cc|cd|cf|cg|ch|ci|ck|cl|cm|cn|co|cr|cs|cu|cv|cx|cy|cz|de|dj|dk|dm|do|dz|ec|ee|eg|eh|er|es|et|eu|fi|fj|fk|fm|fo|fr|ga|gb|gd|ge|gf|gg|gh|gi|gl|gm|gn|gp|gq|gr|gs|gt|gu|gw|gy|hk|hm|hn|hr|ht|hu|id|ie|il|im|in|io|iq|ir|is|it|je|jm|jo|jp|ke|kg|kh|ki|km|kn|kp|kr|kw|ky|kz|la|lb|lc|li|lk|lr|ls|lt|lu|lv|ly|ma|mc|md|mg|mh|mk|ml|mm|mn|mo|mp|mq|mr|ms|mt|mu|mv|mw|mx|my|mz|na|nc|ne|nf|ng|ni|nl|no|np|nr|nu|nz|om|pa|pe|pf|pg|ph|pk|pl|pm|pn|pr|ps|pt|pw|py|qa|re|ro|ru|rw|sa|sb|sc|sd|se|sg|sh|si|sj|sk|sl|sm|sn|so|sr|st|su|sv|sy|sz|tc|td|tf|tg|th|tj|tk|tl|tm|tn|to|tp|tr|tt|tv|tw|tz|ua|ug|uk|um|us|uy|uz|va|vc|ve|vg|vi|vn|vu|wf|ws|ye|yt|yu|za|zm|zw|biz|com|info|name|net|org|pro|aero|asia|cat|coop|edu|gov|int|jobs|mil|mobi|museum|tel|travel)\/?(.*)$/i', $url, $matches);
if(!(isset($matches) && is_array($matches) && count($matches) == 5))
{
return '';
}
else
{
return $url;
}
}
}
# This is very picky and may need adjusted in the future.
function testEmail($email)
{
preg_match('/^[-a-z0-9_]+(\.[-a-z0-9_]+)*@[-a-z0-9]+(\.[-a-z0-9]+)*\.(ac|ad|ae|af|ag|ai|al|am|an|ao|aq|ar|as|at|au|aw|ax|az|ba|bb|bd|be|bf|bg|bh|bi|bj|bm|bn|bo|br|bs|bt|bv|bw|by|bz|ca|cc|cd|cf|cg|ch|ci|ck|cl|cm|cn|co|cr|cs|cu|cv|cx|cy|cz|de|dj|dk|dm|do|dz|ec|ee|eg|eh|er|es|et|eu|fi|fj|fk|fm|fo|fr|ga|gb|gd|ge|gf|gg|gh|gi|gl|gm|gn|gp|gq|gr|gs|gt|gu|gw|gy|hk|hm|hn|hr|ht|hu|id|ie|il|im|in|io|iq|ir|is|it|je|jm|jo|jp|ke|kg|kh|ki|km|kn|kp|kr|kw|ky|kz|la|lb|lc|li|lk|lr|ls|lt|lu|lv|ly|ma|mc|md|mg|mh|mk|ml|mm|mn|mo|mp|mq|mr|ms|mt|mu|mv|mw|mx|my|mz|na|nc|ne|nf|ng|ni|nl|no|np|nr|nu|nz|om|pa|pe|pf|pg|ph|pk|pl|pm|pn|pr|ps|pt|pw|py|qa|re|ro|ru|rw|sa|sb|sc|sd|se|sg|sh|si|sj|sk|sl|sm|sn|so|sr|st|su|sv|sy|sz|tc|td|tf|tg|th|tj|tk|tl|tm|tn|to|tp|tr|tt|tv|tw|tz|ua|ug|uk|um|us|uy|uz|va|vc|ve|vg|vi|vn|vu|wf|ws|ye|yt|yu|za|zm|zw|biz|com|info|name|net|org|pro|aero|asia|cat|coop|edu|gov|int|jobs|mil|mobi|museum|tel|travel)$/i', $email, $matches);
if(!(isset($matches) && is_array($matches) && count($matches) == 4))
{
return '';
}
else
{
return $email;
}
}
$formFields = array
(
'instantLEname' => array
(
'purpose' => 'name',
'minLen' => 3,
'maxLen' => 60
),
'instantLEemail' => array
(
'purpose' => 'email',
'minLen' => 6,
'maxLen' => 100
),
'instantLEtitle' => array
(
'purpose' => 'description',
'minLen' => 3,
'maxLen' => 30
),
'instantLEurl' => array
(
'purpose' => 'URL',
'minLen' => 11,
'maxLen' => 100
),
'instantLErecipURL' => array
(
'purpose' => 'URL',
'minLen' => 2,
'maxLen' => 2
),
'instantLEdescription' => array
(
'purpose' => 'description',
'minLen' => 3,
'maxLen' => 200
),
'type' => array
(
'purpose' => 'letters',
'minLen' => NULL,
'maxLen' => 16
),
'q' => array
(
'purpose' => 'name',
'minLen' => 3,
'maxLen' => 255
),
'x' => array
(
'purpose' => 'number',
'minLen' => 1,
'maxLen' => 4
),
'y' => array
(
'purpose' => 'number',
'minLen' => 1,
'maxLen' => 4
),
'username' => array
(
'purpose' => 'name',
'minLen' => 3,
'maxLen' => 32
),
'password' => array
(
'purpose' => 'description',
'minLen' => 3,
'maxLen' => 128
),
'login' => array
(
'purpose' => 'letters',
'minLen' => 5,
'maxLen' => 5
),
'id' => array
(
'purpose' => 'number',
'minLen' => 1,
'maxLen' => 11
),
'newsTitle' => array
(
'purpose' => 'newsTitle',
'minLen' => 1,
'maxLen' => 1024
),
'news' => array
(
'purpose' => 'fileContents',
'minLen' => 1,
'maxLen' => 65535
),
'action' => array
(
'purpose' => 'letters',
'minLen' => 6,
'maxLen' => 6
),
'list' => array
(
'purpose' => 'numberArray',
'minLen' => 1,
'maxLen' => 100
),
'sub' => array
(
'purpose' => 'letters',
'minLen' => 3,
'maxLen' => 20
),
'failedSubmitURLtries' => array
(
'purpose' => 'number',
'minLen' => 1,
'maxLen' => 4
),
'arrowsForProvider' => array
(
'purpose' => 'boolean',
'minLen' => 1,
'maxLen' => 1
),
/*'title' => array
(
'purpose' => 'newsTitleArray',
'minLen' => 1,
'maxLen' => 10
),
'url' => array
(
'purpose' => 'URLarray',
'minLen' => 1,
'maxLen' => 10
),
'type' => array
(
'purpose' => 'letterArray',
'minLen' => 1,
'maxLen' => 10
),*/
'siteID' => array
(
'purpose' => 'number',
'minLen' => 1,
'maxLen' => 3
),
'surl' => array
(
'purpose' => 'URL',
'minLen' => 11,
'maxLen' => 255
),
'sname' => array
(
'purpose' => 'name',
'minLen' => 1,
'maxLen' => 100
),
'email' => array
(
'purpose' => 'email',
'minLen' => 6,
'maxLen' => 255
),
'keywords' => array
(
'purpose' => 'description',
'minLen' => 1,
'maxLen' => 255
),
'description' => array
(
'purpose' => 'description',
'minLen' => 1,
'maxLen' => 255
),
'votelink' => array
(
'purpose' => 'URL',
'minLen' => 11,
'maxLen' => 255
),
'cbUserName' => array
(
'purpose' => 'name',
'minLen' => 1,
'maxLen' => 20
),
'camsUserName' => array
(
'purpose' => 'name',
'minLen' => 1,
'maxLen' => 20
),
'videosZuserName' => array
(
'purpose' => 'name',
'minLen' => 1,
'maxLen' => 20
),
'categories' => array
(
'purpose' => 'numberArray',
'minLen' => 1,
'maxLen' => 13
),
'skin' => array
(
'purpose' => 'name',
'minLen' => 1,
'maxLen' => 100
),
'hoverColor' => array
(
'purpose' => 'hex',
'minLen' => 7,
'maxLen' => 7
),
'menuAlign' => array
(
'purpose' => 'letters',
'minLen' => 4,
'maxLen' => 6
),
'showTop5' => array
(
'purpose' => 'boolean',
'minLen' => 1,
'maxLen' => 1
),
'topdownloads' => array
(
'purpose' => 'number',
'minLen' => 1,
'maxLen' => 3
),
'sponsoredSearchResults' => array
(
'purpose' => 'number',
'minLen' => 1,
'maxLen' => 2
),
'showInstantLE' => array
(
'purpose' => 'boolean',
'minLen' => 1,
'maxLen' => 1
),
'showTopSearches' => array
(
'purpose' => 'boolean',
'minLen' => 1,
'maxLen' => 1
),
'topSearches' => array
(
'purpose' => 'number',
'minLen' => 1,
'maxLen' => 3
),
'showRecentSearches' => array
(
'purpose' => 'boolean',
'minLen' => 1,
'maxLen' => 1
),
'recentSearches' => array
(
'purpose' => 'number',
'minLen' => 1,
'maxLen' => 3
),
'showRecentDownloads' => array
(
'purpose' => 'boolean',
'minLen' => 1,
'maxLen' => 1
),
'recentDownloads' => array
(
'purpose' => 'number',
'minLen' => 1,
'maxLen' => 3
),
'showSponsoredLinks' => array
(
'purpose' => 'boolean',
'minLen' => 1,
'maxLen' => 1
),
'autoAllow' => array
(
'purpose' => 'boolean',
'minLen' => 1,
'maxLen' => 1
),
'enableAutoResponder' => array
(
'purpose' => 'boolean',
'minLen' => 1,
'maxLen' => 1
),
'pageLimit' => array
(
'purpose' => 'number',
'minLen' => 1,
'maxLen' => 3
),
'pageNumbers' => array
(
'purpose' => 'number',
'minLen' => 1,
'maxLen' => 3
),
'maximumDownloads' => array
(
'purpose' => 'number',
'minLen' => 1,
'maxLen' => 6
),
'maximumQueue' => array
(
'purpose' => 'number',
'minLen' => 1,
'maxLen' => 6
),
'dateFormat' => array
(
'purpose' => 'dateFormat',
'minLen' => 1,
'maxLen' => 5
),
'siteNameLength' => array
(
'purpose' => 'number',
'minLen' => 1,
'maxLen' => 3
),
'whitelistThreshold' => array
(
'purpose' => 'number',
'minLen' => 1,
'maxLen' => 4
),
'deadlinkThreshold' => array
(
'purpose' => 'number',
'minLen' => 1,
'maxLen' => 3
),
'maximumSubmissions' => array
(
'purpose' => 'number',
'minLen' => 1,
'maxLen' => 3
),
'instantLEnotify' => array
(
'purpose' => 'boolean',
'minLen' => 1,
'maxLen' => 1
),
'instantLEmaxLinks' => array
(
'purpose' => 'number',
'minLen' => 1,
'maxLen' => 3
),
'instantLEclean' => array
(
'purpose' => 'boolean',
'minLen' => 1,
'maxLen' => 1
),
'instantLEsort' => array
(
'purpose' => 'letters',
'minLen' => 3,
'maxLen' => 6
),
'partnerLinksSort' => array
(
'purpose' => 'letters',
'minLen' => 3,
'maxLen' => 6
),
'oldUser' => array
(
'purpose' => 'description',
'minLen' => 6,
'maxLen' => 128
),
'newUser' => array
(
'purpose' => 'description',
'minLen' => 6,
'maxLen' => 128
),
'newUser2' => array
(
'purpose' => 'description',
'minLen' => 6,
'maxLen' => 128
),
'oldPass' => array
(
'purpose' => 'description',
'minLen' => 5,
'maxLen' => 128
),
'newPass' => array
(
'purpose' => 'description',
'minLen' => 5,
'maxLen' => 128
),
'newPass2' => array
(
'purpose' => 'description',
'minLen' => 5,
'maxLen' => 128
),
'pageFileName' => array
(
'purpose' => 'filename',
'minLen' => 3,
'maxLen' => 255,
),
'pageData' => array
(
'purpose' => 'fileContents',
'minLen' => 1,
'maxLen' => 65535
),
'suffix' => array
(
'purpose' => 'description',
'minLen' => 3,
'maxLen' => 100
),
'subject' => array
(
'purpose' => 'description',
'minLen' => 1,
'maxLen' => 255
),
'message' => array
(
'purpose' => 'fileContents',
'minLen' => 1,
'maxLen' => 65535
),
'blyesno' => array
(
'purpose' => 'buttonTitle',
'minLen' => 9,
'maxLen' => 9
),
'enablePublicAutoSubmitter' => array
(
'purpose' => 'boolean',
'minLen' => 1,
'maxLen' => 1
),
'bsub' => array
(
'purpose' => 'buttonTitle',
'minLen' => 3,
'maxLen' => 32
)
);
$forms = array
(
'instantLEaddLink' => array
(
'members' => array
(
'instantLEname',
'instantLEemail',
'instantLEtitle',
'instantLEurl',
'instantLEdescription'
)
),
'instantLEadminAddLink' => array
(
'members' => array
(
'instantLEname',
'instantLEemail',
'instantLEtitle',
'instantLEurl',
'instantLEdescription'
)
),
'mainSearch' => array
(
'members' => array
(
'type',
'q',
'x',
'y'
)
),
'sideSearch' => array
(
'members' => array
(
'q'
)
),
'addPartner' => array
(
'members' => array
(
'surl',
'sname',
'sub'
)
),
# This also works for deleteSuffix
'deletePartner' => array
(
'members' => array
(
'list',
'sub'
)
),
'addSuffix' => array
(
'members' => array
(
'suffix',
'sub'
)
),
'adminLogin' => array
(
'members' => array
(
'username',
'password',
'login'
)
),
'editNews' => array
(
'members' => array
(
'type',
'id',
'newsTitle',
'news',
'action'
)
),
'editOptions' => array
(
'members' => array
(
'siteID',
'surl',
'sname',
'email',
'keywords',
'description',
'votelink',
'cbUserName',
'camsUserName',
'videosZuserName',
'categories',
'skin',
'hoverColor',
'menuAlign',
'showTop5',
'topdownloads',
'sponsoredSearchResults',
'showInstantLE',
'showTopSearches',
'topSearches',
'showRecentSearches',
'recentSearches',
'showRecentDownloads',
'recentDownloads',
'showSponsoredLinks',
'autoAllow',
'arrowsForProvider',
'enableAutoResponder',
'pageLimit',
'pageNumbers',
'maximumDownloads',
'maximumQueue',
'dateFormat',
'siteNameLength',
'whitelistThreshold',
'deadlinkThreshold',
'maximumSubmissions'
)
),
'instantLEeditOptions' => array
(
'members' => array
(
'showInstantLE',
'instantLEnotify',
'instantLEmaxLinks',
'instantLEclean',
'instantLEsort'
)
),
'editFailedURLthreshold' => array
(
'members' => array
(
'failedSubmitURLtries',
'sub',
'siteID'
)
),
'adminPass' => array
(
'members' => array
(
'oldUser',
'newUser',
'newUser2',
'oldPass',
'newPass',
'newPass2'
)
),
'editPage' => array
(
'members' => array
(
'pageFileName',
'pageData'
)
),
'partnerSort' => array
(
'members' => array
(
'sub',
'partnerLinksSort',
'siteID'
)
),
'sendNewsletter' => array
(
'members' => array
(
'subject',
'message'
)
),
'blconfirm' => array
(
'members' => array
(
'list',
'blyesno',
'bsub'
)
),
'publicAutoSubmitter' => array
(
'members' => array
(
'enablePublicAutoSubmitter'
)
),
'reportDownload' => array
(
'members' => array
(
'id'
)
),
'adminIDlists' => array
(
'members' => array
(
'list',
'bsub'
)
)/*,
'submit' => array
(
'members' => array
(
'newsTitle',
'url',
'type',
'sname',
'surl'
)
)*/
);
function sanitizeInput($purpose, $input, $dontStripTags=FALSE)
{
if(get_magic_quotes_gpc() === 1)
{
if(is_array($input))
{
$input = array_map('stripslashes', $input);
}
else
{
$input = stripslashes($input);
}
}
if($dontStripTags !== TRUE)
{
if(is_array($input))
{
$input = array_map('strip_tags', $input);
$input = array_map('trim', $input);
}
else
{
$input = trim(strip_tags($input));
}
}
switch($purpose)
{
case 'name':
$output = preg_replace('/[^-a-z0-9\. ]/i', '', $input);
break;
case 'email':
$output = testEmail($input);
break;
case 'URL':
$output = testURL($input);
break;
case 'simpleURL':
$output = testURL($input, 'simple');
break;
case 'URLarray':
for($i = 0; $i < count($input); $i++)
{
$output[] = sanitizeInput('URL', $input[$i]);
}
$URLtestArray = array_unique(array_map('strlen', $output));
rsort($URLtestArray);
if(is_array($URLtestArray) && $URLtestArray[0] == 0)
{
$output = array();
}
break;
case 'description':
$output = preg_replace('/[^!-~ ]/', '', $input);
break;
case 'newsTitle':
$output = preg_replace('/[^-a-z0-9_ \.()+:\'\"]/i', '', $input);
$output = str_replace(array("'", '"'), '`', $output);
break;
case 'newsTitleArray':
for($i = 0; $i < count($input); $i++)
{
$output[] = sanitizeInput('newsTitle', $input[$i]);
}
$titleTestArray = array_unique(array_map('strlen', $output));
rsort($titleTestArray);
if(is_array($titleTestArray) && $titleTestArray[0] == 0)
{
$output = array();
}
break;
case 'number':
$output = preg_replace('/[^0-9]/', '', $input);
break;
case 'letters':
$output = preg_replace('/[^a-z]/i', '', $input);
break;
case 'letterArray':
for($i = 0; $i < count($input); $i++)
{
$output[] = sanitizeInput('letters', $input[$i]);
}
$letterTestArray = array_unique(array_map('strlen', $output));
rsort($letterTestArray);
if(is_array($letterTestArray) && $letterTestArray[0] == 0)
{
$output = array();
}
break;
case 'hex':
$output = preg_replace('/[^#a-f0-9]/i', '', $input);
break;
case 'boolean':
$output = preg_replace('/[^0-1]/', '', $input);
break;
case 'dateFormat':
$output = preg_replace('/[^-a-z]/i', '', $input);
break;
case 'numberArray':
for($i = 0; $i < count($input); $i++)
{
$output[] = sanitizeInput('number', $input[$i]);
}
$IDtestArray = array_unique(array_map('strlen', $output));
sort($IDtestArray);
if(is_array($IDtestArray) && $IDtestArray[0] == 0)
{
$output = array();
}
break;
case 'filename':
$output = preg_replace('/[^-a-z0-9_\.]/', '', $input);
break;
case 'fileContents':
$output = $input;
break;
case 'IPaddress':
if(ip2long($input) === FALSE)
{
$output = '';
}
else
{
$output = $input;
}
break;
case 'buttonTitle':
$output = preg_replace('/[^-a-z() ]/i', '', $input);
break;
}
return $output;
}
function checkPostForm($form, $postArray, $dontStripTags = FALSE)
{
global $formFields, $forms;
$valid = FALSE;
foreach($forms[$form]['members'] as $member)
{
if(array_key_exists($member, $formFields))
{
$postField = sanitizeInput($formFields[$member]['purpose'], $postArray[$member], $dontStripTags);
$minLen = $formFields[$member]['minLen'];
$maxLen = $formFields[$member]['maxLen'];
if((is_array($postField) && count($postField) <= $maxLen) || (!is_array($postField) && strlen($postField) <= $maxLen))
{
if(!is_null($minLen))
{
if((is_array($postField) && count($postField) >= $minLen) || (!is_array($postField) && strlen($postField) >= $minLen))
{
$valid = TRUE;
$_POST[$member] = $postField;
}
else
{
#echo 'Form field ' . $member . ' is too short, or contains invalid characters or formatting.';
return FALSE;
}
}
else
{
$valid = TRUE;
$_POST[$member] = $postField;
}
}
else
{
#echo 'Form field ' . $member . ' is too long.';
return FALSE;
}
}
else
{
return FALSE;
}
}
foreach($_POST as $member)
{
if(is_array($member))
{
foreach($member as $submember)
{
$_POST[$$member][$$submember] = mysql_escape_string($submember);
}
}
else
{
if($formFields[$$member]['purpose'] != 'fileContents')
{
$_POST[$$member] = mysql_escape_string($member);
}
}
}
return $valid;
}
$urlArgs = array
(
'q' => array
(
'purpose' => 'name',
'minLen' => 3,
'maxLen' => 255
),
'd' => array
(
'purpose' => 'description',
'minLen' => 3,
'maxLen' => 255
),
'id' => array
(
'purpose' => 'number',
'minLen' => 1,
'maxLen' => 11
),
'rowurl' => array
(
'purpose' => 'URL',
'minLen' => 11,
'maxLen' => 255
),
'providedbyurl' => array
(
'purpose' => 'simpleURL',
'minLen' => 11,
'maxLen' => 255
),
'providedbysite' => array
(
'purpose' => 'name',
'minLen' => 1,
'maxLen' => 100
),
'm' => array
(
'purpose' => 'name',
'minLen' => 3,
'maxLen' => 255
),
'toptype' => array
(
'purpose' => 'letters',
'minLen' => NULL,
'maxLen' => 16
),
'go' => array
(
'purpose' => 'letters',
'minLen' => 4,
'maxLen' => 14
),
'rating' => array
(
'purpose' => 'number',
'minLen' => 1,
'maxLen' => 1
),
'newsid' => array
(
'purpose' => 'number',
'minLen' => 1,
'maxLen' => 11
),
'pageFilename' => array
(
'purpose' => 'filename',
'minLen' => 3,
'maxLen' => 255
),
'action' => array
(
'purpose' => 'letters',
'minLen' => 3,
'maxLen' => 6
),
'type' => array
(
'purpose' => 'letters',
'minLen' => NULL,
'maxLen' => 16
),
'backup' => array
(
'purpose' => 'filename',
'minLen' => 25,
'maxLen' => 255
),
'backupAction' => array
(
'purpose' => 'letters',
'minLen' => 6,
'maxLen' => 7
),
'title' => array
(
'purpose' => 'description',
'minLen' => 3,
'maxLen' => 255
),
'top' => array
(
'purpose' => 'boolean',
'minLen' => 1,
'maxLen' => 1
),
'fg' => array
(
'purpose' => 'hex',
'minLen' => 6,
'maxLen' => 6
),
'bg' => array
(
'purpose' => 'hex',
'minLen' => 6,
'maxLen' => 6
),
'txt' => array
(
'purpose' => 'email',
'minLen' => 6,
'maxLen' => 255
),
'filterURL' => array
(
'purpose' => 'simpleURL',
'minLen' => 3,
'maxLen' => 255
),
'page' => array
(
'purpose' => 'number',
'minLen' => 1,
'maxLen' => 3
)
);
$files = array
(
'autosubmitter.php' => array
(
'members' => array
(
'go'
)
),
'index.php' => array
(
'members' => array
(
'type'
)
),
'index.php_pageFilter' => array
(
'members' => array
(
'filterURL',
'page'
)
),
'index.php_searchResults' => array
(
'members' => array
(
'q'
)
),
'instantLEadmin.php' => array
(
'members' => array
(
'action',
)
),
'instantLEremove.php' => array
(
'members' => array
(
'action',
'id'
)
),
'deletenews.php' => array
(
'members' => array
(
'newsid'
)
),
'frame.php' => array
(
'members' => array
(
'd',
'id',
'rowurl',
'providedbyurl',
'providedbysite'
)
),
'mirror.php' => array
(
'members' => array
(
'm'
)
),
'newspage.php' => array
(
'members' => array
(
'id'
)
),
'top.php' => array
(
'members' => array
(
'toptype'
)
),
'editpages.php' => array
(
'members' => array
(
'go',
'pageFilename'
)
),
'restoreDB.inc' => array
(
'members' => array
(
'go',
'backup',
'backupAction'
)
),
'go.php' => array
(
'members' => array
(
'go',
'id',
'title',
'top'
)
),
'go.php_report' => array
(
'members' => array
(
'go',
'id'
)
),
'go.php_rate' => array
(
'members' => array
(
'go',
'id',
'rating'
)
),
'button.php' => array
(
'members' => array
(
'fg',
'bg',
'txt'
)
)
);
function checkURLQuery($file, $getArray)
{
global $urlArgs, $files;
$valid = FALSE;
foreach($files[$file]['members'] as $member)
{
if(array_key_exists($member, $urlArgs))
{
$urlArg = sanitizeInput($urlArgs[$member]['purpose'], $getArray[$member]);
$minLen = $urlArgs[$member]['minLen'];
$maxLen = $urlArgs[$member]['maxLen'];
if(strlen($urlArg) <= $maxLen)
{
if(!is_null($minLen))
{
if(strlen($urlArg) >= $minLen)
{
$valid = TRUE;
$_GET[$member] = $urlArg;
}
else
{
#echo 'Variable ' . $member . ' is too short, or contains invalid characters or formatting.';
return FALSE;
}
}
else
{
$valid = TRUE;
$_GET[$member] = $urlArg;
}
}
else
{
#echo 'Variable ' . $member . ' is too long.';
return FALSE;
}
}
else
{
return FALSE;
}
}
$_GET = array_map('mysql_escape_string', $_GET);
return $valid;
}
if(function_exists('dwvomyj38aci9v0f9hrdoj0cx0p1xpwgwnf2e1p4whp4h8hj6flfhotv8vzjb2ysn70164qe') !== TRUE)
{
exit('<h1>Illegal script modification!</h1>');
}
?>
با چه روشی کد شده؟
پاسخ با نقل قول