| [ Index ] |
|
Code source de PHP NUKE 7.9 |
1 <?php 2 3 /*************************************************************************** 4 * pagestart.php 5 * ------------------- 6 * begin : Thursday, Aug 2, 2001 7 * copyright : (C) 2001 The phpBB Group 8 * email : support@phpbb.com 9 * 10 * Id: pagestart.php,v 1.1.2.9 2005/06/26 14:39:30 acydburn Exp 11 * 12 * 13 ***************************************************************************/ 14 /*************************************************************************** 15 * 16 * This program is free software; you can redistribute it and/or modify 17 * it under the terms of the GNU General Public License as published by 18 * the Free Software Foundation; either version 2 of the License, or 19 * (at your option) any later version. 20 * 21 ***************************************************************************/ 22 23 if (!defined('IN_PHPBB')) 24 { 25 die("Hacking attempt"); 26 } 27 28 define('IN_ADMIN', true); 29 define('FORUM_ADMIN', true); 30 define("PHPBB_ROOT_PATH", $phpbb_root_path); 31 define("PHPBB_PHPEX", $phpEx); 32 include ("../../../mainfile.php"); 33 $phpbb_root_path = PHPBB_ROOT_PATH; 34 $phpEx = PHPBB_PHPEX; 35 include($phpbb_root_path.'common.'.$phpEx); 36 // 37 // Do a check to see if the nuke user is still valid. 38 // 39 40 global $admin, $prefix, $db, $cookie, $nukeuser, $user; 41 $admin = base64_decode($admin); 42 $admin = explode(":", $admin); 43 $aid = "$admin[0]"; 44 $row = $db->sql_fetchrow($db->sql_query("SELECT title, admins FROM ".$prefix."_modules WHERE title='Forums'")); 45 $row2 = $db->sql_fetchrow($db->sql_query("SELECT name, pwd, radminsuper FROM ".$prefix."_authors WHERE aid='$aid'")); 46 $admins = explode(",", $row['admins']); 47 $auth_user = 0; 48 for ($i=0; $i < sizeof($admins); $i++) { 49 if ($row2['name'] == "$admins[$i]" AND $row['admins'] != "") { 50 $auth_user = 1; 51 } 52 } 53 54 $user = addslashes(base64_decode($user)); 55 $cookie = explode(":", $user); 56 $sql3 = "SELECT user_id, user_password, user_level FROM " . USERS_TABLE . " 57 WHERE username='$cookie[1]'"; 58 $result3 = $db->sql_query($sql3); 59 if(!$result3) { 60 message_die(GENERAL_ERROR, 'Could not query user account', '', __LINE__, __FILE__, $sql); 61 } 62 $row3 = $db->sql_fetchrow($result3); 63 if ((is_admin($admin)) AND ($admin[1] == $row2["pwd"] && !empty($row2["pwd"])) AND ($row3["user_level"] == 2 or $row2["radminsuper"] == 1 or $auth_user == 1)) { 64 } elseif ((is_user($user)) AND ($cookie[2] == $row3['user_password'] && $row3['user_password'] != "") AND ($row3['user_level'] == 2)) { 65 $nukeuser = $user; 66 } else { 67 unset($user); 68 unset($cookie); 69 message_die(GENERAL_MESSAGE, "You are not authorised to administer this board"); 70 } 71 72 // 73 // Start session management 74 // 75 $userdata = session_pagestart($user_ip, PAGE_INDEX, $nukeuser); 76 init_userprefs($userdata); 77 // 78 // End session management 79 // 80 /* 81 if( !$userdata['session_logged_in'] ) 82 { 83 $header_location = ( @preg_match('/Microsoft|WebSTAR|Xitami/', $_SERVER['SERVER_SOFTWARE']) ) ? 'Refresh: 0; URL=' : 'Location: '; 84 header($header_location . '../../../' . append_sid("login.$phpEx?redirect=admin/index.$phpEx")); 85 exit; 86 } 87 else if( $userdata['user_level'] != ADMIN ) 88 { 89 message_die(GENERAL_MESSAGE, $lang['Not_admin']); 90 } 91 92 if (!$userdata['session_admin']) 93 { 94 $header_location = ( @preg_match('/Microsoft|WebSTAR|Xitami/', $_SERVER['SERVER_SOFTWARE']) ) ? 'Refresh: 0; URL=' : 'Location: '; 95 header($header_location . '../../../' . append_sid("login.$phpEx?redirect=admin/index.$phpEx&admin=1", true)); 96 exit; 97 } 98 */ 99 if ( empty($no_page_header) ) 100 { 101 // Not including the pageheader can be neccesarry if META tags are 102 // needed in the calling script. 103 include('./page_header_admin.'.$phpEx); 104 } 105 106 ?>
titre
Description
Corps
titre
Description
Corps
titre
Description
Corps
titre
Corps
| Généré le : Sun Apr 1 11:11:59 2007 | par Balluche grâce à PHPXref 0.7 |