| [ Index ] |
|
Code source de PHP NUKE 7.9 |
1 <?php 2 3 /************************************************************************/ 4 /* PHP-NUKE: Web Portal System */ 5 /* =========================== */ 6 /* */ 7 /* Copyright (c) 2005 by Francisco Burzi */ 8 /* http://phpnuke.org */ 9 /* */ 10 /* This program is free software. You can redistribute it and/or modify */ 11 /* it under the terms of the GNU General Public License as published by */ 12 /* the Free Software Foundation; either version 2 of the License. */ 13 /************************************************************************/ 14 15 define('MODULE_FILE', true); 16 require_once ("mainfile.php"); 17 18 if (isset($name) && $name == $_REQUEST['name']) { 19 $name = addslashes(trim($name)); 20 $modstring = strtolower($_SERVER['QUERY_STRING']); 21 if (stripos_clone($name, "..") OR ((stripos_clone($modstring,"&file=nickpage") || stripos_clone($modstring,"&user=")) AND ($name=="Private_Messages" OR $name=="Forums" OR $name=="Members_List"))) header("Location: index.php"); 22 global $nukeuser, $db, $prefix, $user; 23 if (is_user($user)) { 24 $nukeuser = base64_decode($user); 25 $nukeuser = addslashes($nukeuser); 26 } else { 27 $nukeuser = ""; 28 } 29 $result = $db->sql_query("SELECT active, view FROM ".$prefix."_modules WHERE title='".addslashes($name)."'"); 30 list($mod_active, $view) = $db->sql_fetchrow($result); 31 $mod_active = intval($mod_active); 32 $view = intval($view); 33 if (($mod_active == 1) OR ($mod_active == 0 AND is_admin($admin))) { 34 if (!isset($mop) OR $mop != $_REQUEST['mop']) $mop="modload"; 35 if (!isset($file) OR $file != $_REQUEST['file']) $file="index"; 36 if (stripos_clone($file,"..") OR stripos_clone($mop,"..")) die("You are so cool..."); 37 $ThemeSel = get_theme(); 38 if (file_exists("themes/$ThemeSel/modules/$name/".$file.".php")) { 39 $modpath = "themes/$ThemeSel/"; 40 } else { 41 $modpath = ""; 42 } 43 if ($view == 0) { 44 $modpath .= "modules/$name/".$file.".php"; 45 if (file_exists($modpath)) { 46 include($modpath); 47 } else { 48 include ("header.php"); 49 OpenTable(); 50 echo "<br><center>Sorry, such file doesn't exist...</center><br>"; 51 CloseTable(); 52 include ("footer.php"); 53 } 54 } elseif ($view == 1 AND (is_user($user) OR is_group($user, $name)) OR is_admin($admin)) { 55 $modpath .= "modules/$name/".$file.".php"; 56 if (file_exists($modpath)) { 57 include($modpath); 58 } else { 59 include ("header.php"); 60 OpenTable(); 61 echo "<br><center>Sorry, such file doesn't exist...</center><br>"; 62 CloseTable(); 63 include ("footer.php"); 64 } 65 } elseif ($view == 1 AND !is_user($user) AND !is_admin($admin)) { 66 $pagetitle = "- "._ACCESSDENIED; 67 include ("header.php"); 68 title($sitename.": "._ACCESSDENIED); 69 OpenTable(); 70 echo "<center><strong>"._RESTRICTEDAREA."</strong><br><br>"._MODULEUSERS; 71 $result2 = $db->sql_query("SELECT mod_group FROM ".$prefix."_modules WHERE title='".addslashes($name)."'"); 72 list($mod_group) = $db->sql_fetchrow($result2); 73 if ($mod_group != 0) { 74 $result3 = $db->sql_query("SELECT name FROM ".$prefix."_groups WHERE id='".intval($mod_group)."'"); 75 $row3 = $db->sql_fetchrow($result3); 76 echo _ADDITIONALYGRP.": <b>".$row3['name']."</b><br><br>"; 77 } 78 echo _GOBACK; 79 CloseTable(); 80 include ("footer.php"); 81 } elseif ($view == 2 AND is_admin($admin)) { 82 $modpath .= "modules/$name/".$file.".php"; 83 if (file_exists($modpath)) { 84 include($modpath); 85 } else { 86 include ("header.php"); 87 OpenTable(); 88 echo "<br><center>Sorry, such file doesn't exist...</center><br>"; 89 CloseTable(); 90 include ("footer.php"); 91 } 92 } elseif ($view == 2 AND !is_admin($admin)) { 93 $pagetitle = "- "._ACCESSDENIED; 94 include ("header.php"); 95 title($sitename.": "._ACCESSDENIED); 96 OpenTable(); 97 echo "<center><b>"._RESTRICTEDAREA."</b><br><br>"._MODULESADMINS.""._GOBACK; 98 CloseTable(); 99 include ("footer.php"); 100 } elseif ($view == 3 AND paid()) { 101 $modpath .= "modules/$name/".$file.".php"; 102 if (file_exists($modpath)) { 103 include($modpath); 104 } else { 105 include ("header.php"); 106 OpenTable(); 107 echo "<br><center>Sorry, such file doesn't exist...</center><br>"; 108 CloseTable(); 109 include ("footer.php"); 110 } 111 } else { 112 $pagetitle = "- "._ACCESSDENIED.""; 113 include ("header.php"); 114 title($sitename.": "._ACCESSDENIED.""); 115 OpenTable(); 116 echo "<center><strong>"._RESTRICTEDAREA."</strong><br><br>"._MODULESSUBSCRIBER; 117 if (!empty($subscription_url)) echo "<br>"._SUBHERE; 118 echo "<br><br>"._GOBACK; 119 CloseTable(); 120 include ("footer.php"); 121 } 122 } else { 123 include ("header.php"); 124 OpenTable(); 125 echo "<center>"._MODULENOTACTIVE."<br><br>"._GOBACK."</center>"; 126 CloseTable(); 127 include ("footer.php"); 128 } 129 } else { 130 header("Location: index.php"); 131 exit; 132 } 133 134 ?>
titre
Description
Corps
titre
Description
Corps
titre
Description
Corps
titre
Corps
| Généré le : Sun Apr 1 11:11:59 2007 | par Balluche grâce à PHPXref 0.7 |