message.axkickboxing.com

!C99Shell v.2.1 [PHP 7 Update] [1.12.2019]!
Software: Apache/2.2.8 (Ubuntu) PHP/5.2.4-2ubuntu5.12 with Suhosin-Patch mod_ssl/2.2.8 OpenSSL/0.9.8g. PHP/5.2.4-2ubuntu5.12 uname -a: Linux forum.circlefusion.com 2.6.24-19-server #1 SMP Wed Jun 18 15:18:00 UTC 2008 i686 uid=33(www-data) gid=33(www-data) groups=33(www-data) Safe-mode: OFF (not secure) /home/doku/axrepos/ax/tests/sessions2/ drwxr-xr-x Free 11.55 GB of 97.11 GB (11.89%) Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

<?php

//ob_start("ob_gzhandler"); // compress HTML output if possible, to conserve bandwidth

$sstart = session_start();
if ($sstart == TRUE) echo "session_start : TRUE<br />";
else echo "session_start : FALSE<br />";

include('settings.inc.php');
// ******************************************************************************

function my_error_handler($errno, $errstring, $errfile, $errline, $errcontext) {
    global $err_type, $err_target;
    
    if (!($errno & error_reporting()))
        return;

    ob_start();
    print_r($GLOBALS);
    $globals=ob_get_contents();
    ob_end_clean();

    ob_start();
    print_r($errcontext);
    $context=ob_get_contents();
    ob_end_clean();

    $uzenet='';
    $uzenet="The following error occured:\r\n";
    $uzenet.="errno: ".$errno."\r\n";
    $uzenet.="errstring: ".$errstring."\r\n";
    $uzenet.="errfile: ".$errfile."\r\n";
    $uzenet.="errline: ".$errline."\r\n";
    $uzenet.="errcontext:\r\n";
    $uzenet.=$context;
    $uzenet.="\r\n";
    $uzenet.="GLOBALS:\r\n";
    $uzenet.=$globals;
    $uzenet.="\r\n";

    #error_log($uzenet,1,'brian@axkickboxing.com');
    error_log($uzenet,$err_type,$err_target);
#    error_log($uzenet,0);
    #echo "<pre>".htmlspecialchars($uzenet)."</pre>";
}

set_error_handler("my_error_handler");

function error($message)
{
    echo $message."<br>";
    echo "We would be glad, if you could <a href=\"./contact\">contact us</a> if the problem persists.<br>\n";
    ob_start();
    print_r($GLOBALS);
    $env=ob_get_contents();
    ob_end_clean();
    mail("brian@axkickboxing.com","new server msgboard automated error reporting","The following error occured: ".$message."\r\n\r\n".$env);
}

function psqltime($psqltimestampstring)
{
    return mktime(substr($psqltimestampstring,11,2),substr($psqltimestampstring,14,2),
            substr($psqltimestampstring,17,2),substr($psqltimestampstring,5,2),
            substr($psqltimestampstring,8,2),substr($psqltimestampstring,0,4));
}

function lastmodified($datestring)
{
    header("Last-Modified: " . gmdate("D, d M Y H:i:s",psqltime($datestring)) . " GMT");
    header("Cache-Control: must-revalidate");
}

function disp_preamble($title1,$title2="")
{
    global $action,$root_web,$root_web_path,$debug_view;
    
    if (isset($_REQUEST['action'])) $action = $_REQUEST['action'];
    else $action = '';

    if (isset($_REQUEST['topicgroup'])) $topicgroup = $_REQUEST['topicgroup'];
    else $topicgroup = 'axmain';


    require_once('_header.inc.php');

    if ($title2!="") {
        echo "<div id=\"forumHeading\">\n";
            "   <div id=\"loginLogout\">\n".
            "        Logged in : Dave Jackson : <a href=\"\">Logout</a>\n".
            "   </div>";
        echo "    <div id=\"topicTitle\">\n";
        if ($action == "browse")
            echo "        ".$title2."\n";
        else
            echo "        Topic:".$title2."\n";
        echo "    </div>\n";
            /* <div id="textAd">
                <span>Sponsor:</span> <a href="">Wolfslair 'New Blood' Show - Warrington 27th September</a>
            </div> */
        echo "    <div class=\"returnLink\">\n";
        
        if ($action == "display")
            echo '        <a href="./profiles?action=browse"> Back to : '.$title1."</a>\n";
        elseif ($action != "browse") {
            echo '        <a href="';

            switch($topicgroup) {
                case '': 
                    echo ".";
                    break;
                case 'axmain': 
                    echo ".";
                    break;
                case 'mma':
                    echo "?topicgroup=mma";
                    break;
                case 'axsportscience':
                    echo "?topicgroup=axsportscience";
                    break;
                case 'axofftopic':
                    echo "?topicgroup=axofftopic";
                    break;
            }
            echo '"> Back to : '.$title1."</a>\n";
        }
        echo "    </div>\n";
        echo "</div>\n";
    
        /* echo "<h2></h2>\n";
        echo '<p align=center><font size=5><b>'.$title2.'</b></font></p>'; */
    }
}

function login_session($username,$pw,$redirect='') {
    global $root_web;
    
    //echo "ACTION: LOGIN<br />\n";
    //echo "root_web: ".$root_web."<br />\n";
    $result=pg_query("select * from users where name='".addslashes(trim($username))."';");

    if (pg_numrows($result)==0) {
        disp_preamble("Forum","Login failed");
        echo("<div id=\"responseMessage\"><p>That user name is not recognized".htmlspecialchars(trim($username))."</p>");
        //logauth($name,$password,"not registered");
        //disp_register_form();
        disp_tail();
        return false;
    } else {
        $obj=pg_fetch_array($result,0);
        if ($obj['password']!= addslashes(trim($pw))) {
            disp_preamble("Result", "Login failed");
            echo("<p>Could not login because the password you submitted was wrong.</p>");
            //logauth($name,$password,"wrong password");
            //if ($kind=="message") disp_new_message_form();
            //else disp_new_topic_form();
            disp_tail();
            return false;
        } else if ($obj['registered']=='f') {
            disp_preamble("Result","Login failed");
            echo("<p>Your account registration is not approved yet</p>");
            disp_tail();
            //logauth($name,$password,"not approved");
            return false;
        } else if ($obj['enabled']=='f') {
            disp_preamble("Result","Login failed");
            echo("<p>Your account is current suspended</p>");
            disp_tail();
            return false;
        } else
            if (session_id() == '') {
                session_start();
            }
            
            //disp_preamble("Result","Login Successful!");
            //logauth($name,$password,"OK");
            $_SESSION['username'] = $username;
            $_SESSION['login'] = TRUE;
            //$_COOKIE['name'] = $username;
           
            //echo("<p>Login successful!</p>");
            //echo("<p><a href=\"./\">Continue</a></p>");
            if ($redirect<>'')
                header( "Location: ".$redirect);
            else header( "Location: ".$root_web);
            return true;
    }
}

function logout_session($redirect='')
{
    global $root_web;
    session_start();
    session_destroy();
    session_regenerate_id();
    //session_unset();
    unset($_SESSION['login']);
    unset($_SESSION['name']);
    unset($_COOKIE['PHPSESSID']);
    header( "Location: ".$root_web);
}

function logged_in() {
    if (isset($_SESSION['login'])) {
        $logged_in = $_SESSION['login'];
        if ($logged_in) return TRUE;
    }
    return FALSE;
}

function upload_image($user_id, $userfile) {
    global $HTTP_POST_FILES, $root_web, $root_web_path;
    $full_base_path = $root_web_path;
    $baseurl = $root_web;
    $basedir = "user_images/";
    $namepart = $user_id;
    $mydir = $full_base_path.$basedir.$namepart;
    
    $myumask=umask(2);
    @ mkdir($mydir,02775);
    @ chgrp($mydir,'www-data');
    
    if (copy($userfile['tmp_name'],$mydir."/".$userfile['name'])) {        

        $photo = $mydir."/".$userfile['name'];
        
        // Get the image info from the photo
        $image_info = getimagesize($photo);
        $width = $image_info[0];
        
        if ($width > 900) {
            $height = $image_info[1];
            $type = $image_info[2];
            
            $image_result = "image info:".$photo."\n<br /> width:".$width."\n<br /> height:".$height."\n<br /> type:".$type."\n<br />-------------\n<br />";
            
            // Load the image
            switch ($type)
            {
                case IMAGETYPE_JPEG:
                    $image = imagecreatefromjpeg($photo);
                    break;
                case IMAGETYPE_GIF:
                    $image = imagecreatefromgif($photo);
                    break;
                case IMAGETYPE_PNG:
                    $image = imagecreatefrompng($photo);
                    break;
                default:
                    die('Error loading '.$photo.' - File type '.$type.' not supported');
            }

            // Create a new, resized image
            $new_width = 900;
            $new_height = $height / ($width / $new_width);
            $new_image = imagecreatetruecolor($new_width, $new_height);
            imagecopyresampled($new_image, $image, 0, 0, 0, 0, $new_width, $new_height, $width, $height);
            
            // Save the new image over the top of the original photo
            switch ($type)
            {
                case IMAGETYPE_JPEG:
                    imagejpeg($new_image, $photo, 100);
                    break;
                case IMAGETYPE_GIF:
                    imagegif($new_image, $photo);         
                    break;
                case IMAGETYPE_PNG:
                    imagepng($new_image, $photo);
                    break;
                default:
                    die('Error saving image: '.$photo);
            }
        }
        
        $result_info = getimagesize($photo);
        $result_width = $result_info[0];
        $result_height = $result_info[1];
        $result_type = $result_info[2];
        
        $image_result .= "new image info:".$photo."\n<br /> result width:".$result_width."\n<br /> result height:".$result_height."\n<br /> result type:".$result_type;
        
    //die($image_result);

        @ chmod($mydir."/".$userfile['name'],0664);
        @ chgrp($mydir."/".$userfile['name'],'www-data');
        $link=$baseurl.$basedir.rawurlencode($namepart)."/".rawurlencode($userfile['name']);
        //$posttext = "<img src=\"".$link."\" />\n".$_POST['text'];
        $posttext = "[img]".$link."[/img]\n".$_POST['text'];
        
    } else {
        $posttext = "[image upload attempt failed for id: $user_id]\n------------------------\n".$_POST['text'];
        $posttext .= "\nuserfile:".$userfile['tmp_name']."\n";
        $posttext .= "new userfile:".$mydir."/".$userfile['name'];
    };
    umask($myumask);

    return $posttext;
    
}

function bbcode($input){
    //$input = strip_tags($input);
    //$input = htmlentities($input);
    
    $search = array(
                '/\[b\](.*?)\[\/b\]/is',
                '/\[i\](.*?)\[\/i\]/is',
                '/\[u\](.*?)\[\/u\]/is',
                '/\[img\](.*?)\[\/img\]/is',
                '/\[url=(.*?)\](.*?)\[\/url\]/is',
                '/\[font color=(.*?) size=(.*?) face=(.*?)\](.*?)\[\/font\]/is',
                '/\[h1\](.*?)\[\/h1\]/is',
                '/\[h2\](.*?)\[\/h2\]/is',
                '/\[h3\](.*?)\[\/h3\]/is'
    );
    
    $replace = array(
                '<b>$1</b>',
                '<i>$1</i>',
                '<u>$1</u>',
                '<img src="$1" />',
                '<a href="$1" rel="nofollow" target="_blank">$2</a>',
                '<font style="color:$1;font-size:$2;font-face:$3">$4</font>',
                '<h1>$1</h1>',
                '<h2>$1</h2>',
                '<h3>$1</h3>'
    );
    
    return preg_replace($search,$replace,$input);
}


function strip_only($str, $tags) {
    if(!is_array($tags)) {
        $tags = (strpos($str, '>') !== false ? explode('>', str_replace('<', '', $tags)) : array($tags));
        if(end($tags) == '') array_pop($tags);
    }
    foreach($tags as $tag) $str = preg_replace('#</?'.$tag.'[^>]*>#is', '', $str);
    return $str;
}

function filterpost($input){

    $bbdecoded = bbcode($input);

    $remove_attributes = array(
                '/onclick/is',
                '/onmousehover/is',
                '/ondblclick/is',
                '/onmousedown/is',
                '/onmouseup/is',
                '/onmousemove/is',
                '/onmouseout/is',
                '/onmouseover/is',
                '/onkeydown/is',
                '/onkeyup/is',
                '/onkeypress/is',
                '/onfocus/is',
                '/onblur/is',
                '/onchange/is',
                '/javascript:/is'
    );
    $replace_attributes = array(
                '', '', '', '', '', '', '', '', '', '', '', '', '', '', ''
    );
    
    //$ok_tags = array('p', 'h1', 'h2', 'h3', 'table', 'td', 'tr', 'hr', 'em', 'i', 'strong', 'b', 'ul', 'ol', 'li', 'center', 'span', 'font', 'object', 'embed');
    $ok_tags = '<p><img><a><h1><h2><h3><table><td><tr><hr><em><i><strong><b><ul><ol><li><center><span><font><object><embed>';
    $tags_removed = strip_tags($bbdecoded, $ok_tags);
    $filtered = preg_replace($remove_attributes,$replace_attributes,$tags_removed);
    //return $filtered;
    //return $bbdecoded;
    return $filtered;
}

function record_name_change($success=NULL) {
    /*if(isset($_COOKIE['name']) && isset($_SESSION['username'])) {
        if ($_COOKIE['name']!=$_SESSION['username']) {
            pg_query("insert into namechange (oldname,newname,ipaddr,date,success) values ('".addslashes($_COOKIE['name'])."','".addslashes($_SESSION['username'])."','".addslashes($_SERVER['REMOTE_ADDR'])."',now(),".
            ($success===NULL?"NULL":($success?"true":"false")).
            ");");
            setcookie("name",$_SESSION['username'],time()+3650*86400,"",".theaxforum.com");
        }
    }*/
}

function get_user_id($user_name)    {
    $user_result=pg_query("select userid, name from users where name = '".$user_name."';");
    
    if (!$user_result) {
        echo "An error occured retrieving data for user: ".$user_name."\n";
    exit;
}

    while ($row = pg_fetch_row($user_result)) {
        $id=$row[0];
    }
    return (string) $id;
}

function unauthorized($kind,$why)
{
    disp_preamble("Forum","Message/topic creation failed");
    echo("<p>Your message/topic could not be posted because ".$why."</p>");
    disp_tail();
}

function logauth($name,$password,$result)
{
    // name password result date ipaddr
    pg_query("insert into authattempt (name,password,result,date,ipaddr) values ('".addslashes(trim($name))."','".addslashes(trim($password))."','".addslashes($result)."',now(),'".addslashes($_SERVER['REMOTE_ADDR'])."');");
}

/*function authorized($kind,$name,$password)
{
    $result=pg_query("select * from users where name='".addslashes(trim($name))."';");

    if (pg_numrows($result)==0) {
        disp_preamble("Forum",$kind." creation failed");
        echo("<div id=\"responseMessage\"><p>Your ".$kind." could not be posted because you are not a registered user.</p>");
        echo("<p>Please register now.</p></div>");
        logauth($name,$password,"not registered");
        disp_register_form();
        disp_tail();
        return false;
    } else {
        $obj=pg_fetch_array($result,0);
        if ($obj['password']!= addslashes(trim($password))) {
            disp_preamble("Forum",$kind." creation failed");
            echo("<div id=\"postResponse\"><p>Your ".$kind." could not be posted because the password you submitted was wrong.</p><p>Click back in your browser and try again.</p></div>");
            logauth($name,$password,"wrong password");
            if ($kind=="message") disp_new_message_form();
            else disp_new_topic_form();
            disp_tail();
            return false;
        } else if ($obj['registered']=='f') {
            unauthorized($kind,"your registration has not been approved yet.");
            logauth($name,$password,"not approved");
            return false;
        } else if ($obj['enabled']=='f') {
            unauthorized($kind,"your account is currently disabled.");
            logauth($name,$password,"disabled");
            return false;
        } else
            logauth($name,$password,"OK");
            return true;
    }

}*/

function authorized($kind,$name,$password) {
    if (session_id() == '')
        session_regenerate_id();
    
    if (isset($_SESSION['login'])) $session_login = $_SESSION['login'];
        else $session_login = '';
    
    if ($session_login == TRUE) {
        logauth($name,$password,"OK");
        return true;
    } else {
        disp_preamble("Forum","You are not currently logged in");
        echo("<p>Please login</p>");
        disp_tail();
    }
}

function cantupload() {
    global $name;
    return (trim($name)=="Praying Mantis");
}

/* DEPRICATED? see display_load_form()

function profilelogin() { 

    if (isset($_SESSION['username'])) $session_username = $_SESSION['username'];
    else $session_username = '';
?>
<form method="post" action="profiles">
    <table>
        <tr><td align="right">Name:</td><td><input type="text" name="name" value="<? echo htmlspecialchars($session_username) ?>"> <input type="submit" name="action" value="Create/load profile"></td></tr>
    </table>
</form>
<?
} */

function display_login_required($to_action='') {
    global $root_web;
    echo "<div id=\"postResponse\">\n";
    echo "<br /><br /><br />";
    echo "<h2>Please login ".$to_action."</h2>";
    echo "<br />";
    echo "<form id=\"loginForm\" action=\"".$root_web."\" method=\"post\">\n";
    echo "  Login <input type=\"text\" name=\"username\" id=\"loginUser\" />\n";
    echo "  Pw <input type=\"password\" name=\"pw\" id=\"loginPw\" />\n";
    echo "<input type=\"submit\" name=\"action\" value=\"login\" />\n";
    echo "<br /><a href=\"".$root_web."?action=register\">Register</a> | <a href=\"".$root_web."?action=forgotpwd\">Forgot password</a>\n";
    echo "</form>\n";
    echo "</div>";
}

function register_visit() {
    global $HTTP_USER_AGENT;
    $result=pg_query("select agent_id from agentlist where agent_name='".addslashes($HTTP_USER_AGENT)."';");
    if (pg_numrows($result)==0) {
        pg_query("begin;");
        pg_query("lock table agentlist in exclusive mode;");
        $result=pg_query("select agent_id from agentlist where agent_name='".addslashes($HTTP_USER_AGENT)."';");
        if (pg_numrows($result)==0) {
            pg_query("insert into agentlist (agent_name) values ('".addslashes($HTTP_USER_AGENT)."');");
            $result=pg_query("select currval('agentlist_agent_id_seq');");
        }
        pg_query("commit;");
    }
    $id=pg_result($result,0,0);
    //echo "agentid: ",$id;
    
    //pg_query("insert into agents (agent_id,ipaddr,date,username,clientip,forwardedfor) values('".addslashes($id)."','".addslashes($_SERVER['REMOTE_ADDR'])."',now(),'".addslashes($_COOKIE['name'])."','".addslashes(getenv("HTTP_CLIENT_IP"))."','".addslashes(getenv("HTTP_X_FORWARDED_FOR"))."');");
    //pg_query("insert into hits_today (date,ipaddr) values(now(),'".addslashes($_SERVER['REMOTE_ADDR'])."');");
}

function disp_tail() {
    global $PHP_SELF, $conn;
    require('_footer.inc.php');

}

//  JUNK  ********************************************************************

function chatlogin() {
    // echo '<p><font size=6><a href="chat">Click here to join AX Chat!</a></font></p>';
    // echo '<p><form method=get action="http://webchat.md.us.undernet.org:8000/unet1/signon.html">Nickname (for the chat): <input type=text name=N><input type=hidden name=C value="#axkickboxing"> <input type=submit value="Log in!"></form></p>';
}
:: Command execute ::
Enter:	Select: