|
Menu |
|
|
Home |
| |
|
Discussions |
| |
|
Tools |
| |
|
Affiliates |
| |
|
Content |
| |
|
Info |
| |
|
|
|
|
|
|
User Info |
|
Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9145
People Online:
Visitors: 597
Members: 0
Total: 597
|
|
|
|
|
|
PacketStorm News |
|
|
|
|
|
|
|
|
|
IT Security and Insecurity Portal |
|
|
Please decode this file (codelock) |
|
Posted: Sat Feb 06, 2010 2:04 pm |
|
|
newbie_help |
Beginner |
|
|
Joined: Jan 17, 2010 |
Posts: 1 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Posted: Mon Feb 08, 2010 10:46 am |
|
|
zerobytes |
Valuable expert |
|
|
Joined: Aug 30, 2008 |
Posts: 199 |
|
|
|
|
|
|
|
Code: |
<?php
# Start the session and gz-handler
session_start();
ob_start("ob_gzhandler");
error_reporting(E_ALL);
define('default_language','dutch');
# Register globals hack
unset($GLOBALS);
# Magic Quotes OFF hack
if(get_magic_quotes_gpc()){
foreach($_POST as $key => $value){
if(is_array($value)){
$_POST[$key] = $value;
}else{
$_POST[$key] = stripslashes($value);
}
}
foreach($_GET as $key => $value){
$_GET[$key] = stripslashes($value);
}
}
# Include some files
include_once("./includes/config.php");
include_once("./includes/functions.php");
# Check if the blacklist is in the config.php (backwords compatibility)
$config_content = file_get_contents("./includes/config.php");
if(strpos($config_content,"define('config_blacklist',") === false){
$config_content = file("./includes/config.php");
array_pop($config_content);
$config_content[] = "\tdefine('config_blacklist','');\n?>";
file_put_contents("./includes/config.php",implode('',$config_content));
}
# Check the license key on the remote server
function check_license_key($license_key, $url){
if(ereg("^(MTGP1-[0123456789]{5}-[0123456789]{5}-[0123456789]{5}-[0123456789]{5})$", $license_key)){
$host = "www.invender.com";
$script = "/mtgp.php";
$port = 80;
srand((double)microtime()*1000000);
$boundary = "---------------------".substr(md5(rand(0,32000)),0,10);
// Build the header
$header = "POST " . $script . " HTTP/1.0\r\n";
$header .= "Host: " . $host . "\r\n";
$header .= "Content-type: multipart/form-data, boundary=" . $boundary . "\r\n";
// attach URL vars
$data ="--" . $boundary . "\r\n";
$data .= "Content-Disposition: form-data; name=\"url\"\r\n";
$data .= "\r\n" . $url . "\r\n";
$data .="--" . $boundary . "\r\n";
// attach License Key vars
$data .="--" . $boundary . "\r\n";
$data .= "Content-Disposition: form-data; name=\"license_key\"\r\n";
$data .= "\r\n" . $license_key . "\r\n";
$data .="--" . $boundary . "\r\n";
$header .= "Content-length: " . strlen($data) . "\r\n\r\n";
// Open the connection
$fp = @fsockopen($host, $port);
if(!$fp){
return "valid";
}else{
// then just write to the server
fputs($fp, $header . $data);
# get and echo the response
$response = "";
while(!feof($fp)){
$response .= fgets($fp, 128);
}
fclose($fp);
$error_msg = "HTTP/1.1 404";
if(substr($response,0,strlen($error_msg)) == $error_msg || substr($response, strrpos($response,"\n")+1) == ""){
return "valid";
}else{
# Last word
$response = substr($response, strrpos($response,"\n")+1);
return $response;
}
}
}else{
return "invalid";
}
}
# Check if the software is installed
if(trim(config_license_key) == ""){
# The software is not yet installed!
$page = "install";
if($_POST){
# Load the selected language
if(file_exists('./languages/' . $_POST['language'] . '.php')){
include('./languages/' . $_POST['language'] . '.php');
}elseif(file_exists('./languages/' . default_language . '.php')){
include('./languages/' . default_language . '.php');
}else{
die(sprintf("The language file <strong>%s</strong> couldn't be found!",'./languages/' . config_language . '.php'));
}
# Connect to MySQL
mysql_connect($_POST['mysql_host'],$_POST['mysql_username'],$_POST['mysql_password']) or die (mysql_error());
mysql_select_db($_POST['mysql_database']) or die (mysql_error());
# Security
update_config('license_key',trim($_POST['license_key']));
update_config('security_string',md5(rand(100,999)));
# Settings
if(substr($_POST['path'],-1) != "/"){
$_POST['path'] .= "/";
}
if(substr($_POST['url'],-1) != "/"){
$_POST['url'] .= "/";
}
update_config('path',trim($_POST['path']));
update_config('url',trim($_POST['url']));
update_config('subdir',trim($_POST['subdir']));
update_config('language',$_POST['language']);
# MySQL
update_config('mysql_host',$_POST['mysql_host']);
update_config('mysql_username',$_POST['mysql_username']);
update_config('mysql_password',$_POST['mysql_password']);
update_config('mysql_database',$_POST['mysql_database']);
update_config('mysql_table_prefix',$_POST['mysql_table_prefix']);
# Email
update_config('email_from_name',lang_my_company);
update_config('email_from_email',lang_info_at_my_company);
# Drop the existing tables
$query = "DROP TABLE IF EXISTS `" . $_POST["mysql_table_prefix"] . "group`";
$result = mysql_query($query);
$query = "DROP TABLE IF EXISTS `" . $_POST["mysql_table_prefix"] . "history`";
$result = mysql_query($query);
$query = "DROP TABLE IF EXISTS `" . $_POST["mysql_table_prefix"] . "link_tracking`";
$result = mysql_query($query);
$query = "DROP TABLE IF EXISTS `" . $_POST["mysql_table_prefix"] . "stats`";
$result = mysql_query($query);
$query = "DROP TABLE IF EXISTS `" . $_POST["mysql_table_prefix"] . "subscriber`";
$result = mysql_query($query);
$query = "DROP TABLE IF EXISTS `" . $_POST["mysql_table_prefix"] . "template`";
$result = mysql_query($query);
$query = "DROP TABLE IF EXISTS `" . $_POST["mysql_table_prefix"] . "user`";
$result = mysql_query($query);
# Create the tables
$query = " CREATE TABLE `" . $_POST["mysql_table_prefix"] . "group` (
`id` int(3) NOT NULL auto_increment,
`name` varchar(30) NOT NULL default '',
PRIMARY KEY (`id`),
UNIQUE KEY `name` (`name`)
)";
$result = mysql_query($query);
$query = " CREATE TABLE `" . $_POST["mysql_table_prefix"] . "history` (
`id` int(6) NOT NULL auto_increment,
`group_id` int(3) NOT NULL default '0',
`user_id` int(3) NOT NULL,
`total` int(3) NOT NULL,
`email` varchar(50) NOT NULL default '',
`date` varchar(10) NOT NULL default '',
`subject` varchar(255) NOT NULL default '',
`message` longtext NOT NULL,
`from_name` varchar(255) NOT NULL,
`from_email` varchar(255) NOT NULL,
PRIMARY KEY (`id`)
)";
$result = mysql_query($query);
$query = " CREATE TABLE `" . $_POST["mysql_table_prefix"] . "link_tracking` (
`id` int(3) NOT NULL auto_increment,
`history_id` int(3) NOT NULL,
`url` varchar(255) NOT NULL,
`hits` int(4) NOT NULL,
PRIMARY KEY (`id`)
)";
$result = mysql_query($query);
$query = " CREATE TABLE `" . $_POST["mysql_table_prefix"] . "stats` (
`id` int(11) NOT NULL auto_increment,
`history_id` int(3) NOT NULL,
`random` varchar(4) NOT NULL,
PRIMARY KEY (`id`)
)";
$result = mysql_query($query);
$query = " CREATE TABLE `" . $_POST["mysql_table_prefix"] . "subscriber` (
`id` int(6) NOT NULL auto_increment,
`email` varchar(255) NOT NULL default '',
`name` varchar(50) NOT NULL default '',
`ip` varchar(15) NOT NULL default '',
`date` varchar(10) NOT NULL default '',
`group_id` int(3) NOT NULL default '0',
PRIMARY KEY (`id`),
UNIQUE KEY `email` (`email`,`group_id`)
)";
$result = mysql_query($query);
$query = " CREATE TABLE `" . $_POST["mysql_table_prefix"] . "template` (
`id` int(3) NOT NULL auto_increment,
`name` varchar(40) NOT NULL,
`content` longtext NOT NULL,
PRIMARY KEY (`id`)
)";
$result = mysql_query($query);
$query = " CREATE TABLE `" . $_POST["mysql_table_prefix"] . "user` (
`id` int(3) NOT NULL auto_increment,
`username` varchar(40) NOT NULL,
`password` varchar(40) NOT NULL,
`subscribers` enum('0','1') NOT NULL,
`add_subscriber` enum('0','1') NOT NULL,
`edit_subscriber` enum('0','1') NOT NULL,
`delete_subscriber` enum('0','1') NOT NULL,
`groups` enum('0','1') NOT NULL,
`add_group` enum('0','1') NOT NULL,
`edit_group` enum('0','1') NOT NULL,
`delete_group` enum('0','1') NOT NULL,
`send` enum('0','1') NOT NULL,
`settings` enum('0','1') NOT NULL,
`history` enum('0','1') NOT NULL,
`delete_history` enum('0','1') NOT NULL,
`stats_history` enum('0','1') NOT NULL,
`templates` enum('0','1') NOT NULL,
PRIMARY KEY (`id`),
UNIQUE KEY `username` (`username`)
)";
$result = mysql_query($query);
# Add the admin user
$query = 'INSERT INTO `' . $_POST["mysql_table_prefix"] . 'user` (`id`, `username`, `password`) VALUES ("1", "' . strip_quotes($_POST['username']) . '", "' . sha1($_POST['password']) . '")';
$result = mysql_query($query);
# Make sure that the admin user has ID 0
$query = 'UPDATE `' . $_POST["mysql_table_prefix"] . 'user` SET `id` = "0" WHERE `id` = "1"';
$result = mysql_query($query);
# Add the default group
$query = 'INSERT INTO `' . $_POST["mysql_table_prefix"] . 'group` (`id`, `name`) VALUES ("1", "Invender")';
$result = mysql_query($query);
# Add the default subscriber
$query = 'INSERT INTO `' . $_POST["mysql_table_prefix"] . 'subscriber` (`email`, `name`, `date`, `ip`, `group_id`) VALUES ("' . lang_info_at_my_company . '", "' . lang_my_company . '", "' . time() . '","' . $_SERVER["REMOTE_ADDR"] . '", "1")';
$result = mysql_query($query);
# Add all the templates
$template_dir = "./images/templates/";
$handle = opendir($template_dir);
while(false!==($file = readdir($handle))){
if($file != "." && $file != ".." && substr($file,-5) == ".html"){
$template_id = substr($file,0,-5);
$template_name = lang_template . " " . $template_id;
$html = file_get_contents($template_dir . $file);
$html = str_replace('[url]',$_POST['url'],$html);
$query = 'INSERT INTO `' . $_POST["mysql_table_prefix"] . 'template` (`id`, `name`, `content`) VALUES ("' . $template_id . '","' . $template_name . '","' . mysql_real_escape_string($html) . '")';
$result = mysql_query($query);
}
}
closedir($handle);
header("Location: ./index.php");
exit;
}else{
if(file_exists('./languages/' . default_language . '.php')){
include('./languages/' . default_language . '.php');
}else{
die(sprintf("The language file <strong>%s</strong> couldn't be found!",'./languages/' . default_language . '.php'));
}
}
}else{
# The software is allready installed, load extra includes
include_once("./includes/mysql.php");
include_once("./includes/reader.php");
# Load the selected language
if(file_exists('./languages/' . config_language . '.php')){
include('./languages/' . config_language . '.php');
}elseif(file_exists('./languages/' . default_language . '.php')){
include('./languages/' . default_language . '.php');
}else{
die(sprintf("The language file <strong>%s</strong> couldn't be found!",'./languages/' . config_language . '.php'));
}
# Check if there is a page in the URL
if(isset($_GET["page"]) && $_GET["page"] != ""){
$page = $_GET["page"];
}else{
$page = "unknown";
}
# License check when the current page is login
if($page == "login"){
$allow = false;
$check = check_license_key(config_license_key, config_url);
if($check == "invalid"){
$page = "license_check";
}
}
# Logout
if($page == "logout"){
session_unset();
header("location: index.php");
exit;
}
# Check if a user is logged in
if($page != "login" && $page != "license_check"){
if(!isset($_SESSION["login_user_id"]) || $_SESSION["login_user_id"] < 0 || !isset($_SESSION["login_security"]) || $_SESSION["login_security"] != sha1(config_security_string)){
# Not logged in
session_unset();
header("Location: index.php?page=login");
exit;
}else{
# User is logged in, define privileges and user_id/user_name
$query = 'SELECT * FROM `' . config_mysql_table_prefix . 'user` WHERE id = "' . $_SESSION["login_user_id"] . '"';
$result = mysql_query($query);
if(mysql_num_rows($result) == 1){
# User found
define('user_id', $_SESSION["login_user_id"]);
# Admin has always all the rights
if(user_id == 0){
define('user_subscribers', 1);
define('user_add_subscriber', 1);
define('user_edit_subscriber', 1);
define('user_delete_subscriber', 1);
define('user_groups', 1);
define('user_add_group', 1);
define('user_edit_group', 1);
define('user_delete_group', 1);
define('user_send', 1);
define('user_settings', 1);
define('user_history', 1);
define('user_delete_history', 1);
define('user_stats_history', 1);
define('user_templates', 1);
define('user_box_wizard', 1);
}else{
define('user_subscribers', mysql_result($result,0,'subscribers'));
define('user_add_subscriber', mysql_result($result,0,'add_subscriber'));
define('user_edit_subscriber', mysql_result($result,0,'edit_subscriber'));
define('user_delete_subscriber', mysql_result($result,0,'delete_subscriber'));
define('user_groups', mysql_result($result,0,'groups'));
define('user_add_group', mysql_result($result,0,'add_group'));
define('user_edit_group', mysql_result($result,0,'edit_group'));
define('user_delete_group', mysql_result($result,0,'delete_group'));
define('user_send', mysql_result($result,0,'send'));
define('user_settings', mysql_result($result,0,'settings'));
define('user_history', mysql_result($result,0,'history'));
define('user_delete_history', mysql_result($result,0,'delete_history'));
define('user_stats_history', mysql_result($result,0,'stats_history'));
define('user_templates', mysql_result($result,0,'templates'));
define('user_box_wizard', 0);
}
}else{
# User not found, logout!
session_unset();
header('Location: index.php?page=login');
exit();
}
# Define wich pages and popups the user can load
$popup_pages = array();
$allowed_pages = array("login","license_check","about","manual","my_invender");
if(user_subscribers == 1){
$allowed_pages[] = "subscribers";
$popup_pages[] = "search";
if(user_add_subscriber == 1){
$popup_pages[] = "import";
$popup_pages[] = "add_subscriber";
}
if(user_edit_subscriber == 1){
$popup_pages[] = "edit_subscriber";
}
}
if(user_groups == 1){
$allowed_pages[] = "groups";
$popup_pages[] = "search";
if(user_add_group == 1){
$popup_pages[] = "add_group";
}
if(user_edit_group == 1){
$popup_pages[] = "edit_group";
}
}
if(user_send == 1){
$allowed_pages[] = "send";
}
if(user_settings == 1){
$allowed_pages[] = "settings_general";
$allowed_pages[] = "settings_database";
$allowed_pages[] = "settings_email";
$allowed_pages[] = "settings_mailserver";
}
if(user_history == 1){
$allowed_pages[] = "history";
}
if(user_stats_history == 1){
$popup_pages[] = "stats";
}
if(user_templates == 1){
$allowed_pages[] = "templates";
$popup_pages[] = "add_template";
$popup_pages[] = "upload_template";
$popup_pages[] = "edit_template";
}
if(user_box_wizard == 1){
$allowed_pages[] = "box_wizard";
}
# Only the admin
if(user_id == 0){
$allowed_pages[] = "settings_users";
$popup_pages[] = "add_user";
$popup_pages[] = "edit_user";
$popup_pages[] = "delete_user";
$popup_pages[] = "show_user";
}
if($page == "unknown"){
if(count($allowed_pages) > 5){
$page = $allowed_pages[5];
}else{
$page = $allowed_pages[1];
}
}
}
}
# Login attempt
if($page == "login" && $_POST){
$query = 'SELECT * FROM `' . config_mysql_table_prefix . 'user` WHERE username = "' . $_POST["username"] . '" AND password = "' . sha1($_POST["password"]) . '" LIMIT 1';
$result = mysql_query($query);
if(mysql_num_rows($result) == 1){
$_SESSION["login_user_id"] = mysql_result($result,0,'id');
$_SESSION["login_username"] = $_POST["username"];
$_SESSION["login_security"] = sha1(config_security_string);
header("Location: index.php");
exit;
}
}
# Export
if($page == "export" && user_subscribers == 1 && isset($_GET["group_id"]) && is_numeric($_GET["group_id"])){
# Headers
header("Content-Type: application/vnd.ms-excel");
header("Content-Type: application/force-download");
header("Content-Disposition: attachment; filename=export_" . date("Y-m-d") . ".xls");
# Content
if($_GET["group_id"] < 0){
if(isset($_GET["search"]) && $_GET["search"] != ""){
$query = 'SELECT * FROM `' . config_mysql_table_prefix . 'subscriber` WHERE name like "' . str_replace("*","%",$_GET["search"]) . '" OR email like "' . str_replace("*","%",$_GET["search"]) . '" ORDER BY date DESC';
$result = mysql_query($query);
}else{
$query = 'SELECT * FROM `' . config_mysql_table_prefix . 'subscriber` ORDER BY date DESC';
$result = mysql_query($query);
}
}else{
if(isset($_GET["search"]) && $_GET["search"] != ""){
$query = 'SELECT * FROM `' . config_mysql_table_prefix . 'subscriber` WHERE group_id = "' . $_GET["group_id"] . '" AND (name like "' . str_replace("*","%",$_GET["search"]) . '" OR email like "' . str_replace("*","%",$_GET["search"]) . '") ORDER BY date DESC';
$result = mysql_query($query);
}else{
$query = 'SELECT * FROM `' . config_mysql_table_prefix . 'subscriber` WHERE group_id = "' . $_GET["group_id"] . '" ORDER BY date DESC';
$result = mysql_query($query);
}
}
while($subscriber = mysql_fetch_object($result)){
echo $subscriber->name . ";" . $subscriber->email . "\n";
}
exit;
}
# Delete user
if($page == "delete_user" && user_id == 0){
if(isset($_GET["user_id"]) && is_numeric($_GET["user_id"])){
$query = 'DELETE FROM `' . config_mysql_table_prefix . 'user` WHERE id = "' . $_GET["user_id"] . '" LIMIT 1';
$result = mysql_query($query);
}
$page = "settings_users";
header('Location: index.php?page=' . $page);
exit();
}
# Delete subscriber
if($page == "delete_subscriber" && user_delete_subscriber == 1){
if(isset($_GET["subscriber_id"]) && is_numeric($_GET["subscriber_id"])){
$query = 'DELETE FROM `' . config_mysql_table_prefix . 'subscriber` WHERE id = "' . $_GET["subscriber_id"] . '" LIMIT 1';
$result = mysql_query($query);
}
header('Location: ' . $_GET["redirect"]);
exit();
}
# Delete bounced subscribers
if($page == "delete_bounced" && user_delete_subscriber == 1){
if(isset($_POST["subscriber_id"]) && is_array($_POST["subscriber_id"])){
foreach($_POST["subscriber_id"] as $subscriber_id){
$query = 'DELETE FROM `' . config_mysql_table_prefix . 'subscriber` WHERE id = "' . $subscriber_id . '" LIMIT 1';
$result = mysql_query($query);
}
}
header('Location: index.php');
exit();
}
# Delete group
if($page == "delete_group" && user_delete_group == 1){
if(isset($_GET["group_id"]) && is_numeric($_GET["group_id"])){
$query = 'DELETE FROM `' . config_mysql_table_prefix . 'subscriber` WHERE group_id = "' . $_GET["group_id"] . '"';
$result = mysql_query($query);
$query = 'DELETE FROM `' . config_mysql_table_prefix . 'group` WHERE id = "' . $_GET["group_id"] . '" LIMIT 1';
$result = mysql_query($query);
}
$page = "groups";
header('Location: index.php?page=' . $page);
exit();
}
# Delete history
if($page == "delete_history" && user_delete_history == 1){
if(isset($_GET["history_id"]) && is_numeric($_GET["history_id"])){
$query = 'DELETE FROM `' . config_mysql_table_prefix . 'history` WHERE id = "' . $_GET["history_id"] . '" LIMIT 1';
$result = mysql_query($query);
$query = 'DELETE FROM `' . config_mysql_table_prefix . 'stats` WHERE history_id = "' . $_GET["history_id"] . '"';
$result = mysql_query($query);
$query = 'DELETE FROM `' . config_mysql_table_prefix . 'link_tracking` WHERE history_id = "' . $_GET["history_id"] . '"';
$result = mysql_query($query);
}
$page = "history";
header('Location: index.php?page=' . $page);
exit();
}
# Delete template
if($page == "delete_template" && user_templates == 1){
if(isset($_GET["template_id"]) && is_numeric($_GET["template_id"])){
$query = 'DELETE FROM `' . config_mysql_table_prefix . 'template` WHERE id = "' . $_GET["template_id"] . '" LIMIT 1';
$result = mysql_query($query);
@unlink("./images/templates/" . $_GET["template_id"] . ".jpg");
}
$page = "templates";
header('Location: index.php?page=' . $page);
exit();
}
# Manual
if($page == "manual"){
header('Location: http://www.invender.nl/mailtogopro/help.pdf');
exit();
}
# My Invender
if($page == "my_invender"){
header('Location: https://www.invender.nl/userpage.php');
exit();
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html>
<head>
<title>Mail to Go Pro</title>
<meta http-equiv="content-type" content="text/html; charset=ISO-8859-1" />
<link rel="stylesheet" href="includes/style.css" type="text/css" />
<script type="text/javascript" language="JavaScript" src="includes/javascript.js"></script>
<!--[if IE]>
<link rel="stylesheet" type="text/css" href="includes/ie.css" />
<![endif]-->
<!-- inline-popups -->
<script type="text/javascript" src="includes/prototype.js"> </script>
<script type="text/javascript" src="includes/window.js"> </script>
<script type="text/javascript" src="includes/picker.js"> </script>
<link href="includes/default.css" rel="stylesheet" type="text/css"></link>
<?php
if($page == "send" || $page == "add_template" || $page == "edit_template"){
?>
<!-- Editor -->
<script type="text/javascript" src="./editor/scripts/language/<?php echo config_language ?>/editor_lang.js"></script>
<script type="text/javascript" src="./editor/scripts/innovaeditor.js"></script>
<?php
}
?>
</head>
<body>
<?php
if($page == "login"){
# Load the login screen because the admin is not logged in
?>
<div id="login">
<img src="images/logo_login.jpg" alt="Mail to Go Pro" />
<form name="login" action="<?php echo config_url; ?>index.php?page=login" method="post">
<?php echo lang_username; ?><br />
<input type="text" name="username" /><br /><br />
<?php echo lang_password; ?><br />
<input type="password" name="password" /><br />
<input type="submit" name="submit" id="submit" value="<?php echo lang_login; ?>" />
</form>
</div>
<?php
}elseif($page == "license_check"){
# Load this page to display a license_check error
?>
<div id="login">
<img src="images/logo_login.jpg" alt="Mail to Go Pro" />
<div id="license_check">
<?php echo lang_invalid_license_key; ?><br /><br />
<?php echo config_license_key; ?><br /><br />
<?php echo config_url; ?><br />
<br /><br />
<?php printf(lang_contact_us,"https://www.invender.nl/userpage.php","Invender"); ?>
</div>
</div>
<?php
}elseif($page == "install"){
# Load the installation
$site_subdir = dirname($_SERVER["SCRIPT_NAME"]);
if(substr($site_subdir,-1) == "/"){
$site_subdir = substr($site_subdir,0,-1);
}
$website = "http://" . $_SERVER["SERVER_NAME"] . $site_subdir . "/";
if(isset($_SERVER["SCRIPT_FILENAME"]) && $_SERVER["SCRIPT_FILENAME"] != ""){
$root_directory = $_SERVER["SCRIPT_FILENAME"];
}else{
$root_directory = $_SERVER["PATH_TRANSLATED"];
}
$root_directory = str_replace("//","/",str_replace("\\","/",$root_directory));
$root_directory = dirname($root_directory);
if(substr($root_directory,-1) != "/"){
$root_directory = $root_directory . "/";
}
?>
<div id="install">
<img src="images/logo_install.jpg" alt="Mail to Go Pro" />
<form name="form" action="index.php?page=install" method="post" onSubmit="if(document.form.valid.value == 1){ return true; }else if((document.form.username.value == '') || (document.form.password.value == '') || (document.form.license_key.value == '') || (document.form.url.value == '') || (document.form.path.value == '') || (document.form.mysql_host.value == '') || (document.form.mysql_username.value == '') || (document.form.mysql_database.value == '')){alert('<?php echo addslashes(lang_required_fields_failed); ?>'); return false;}else{install_check(document.form); return false;}">
<input type="hidden" name="subdir" value="<?php echo $site_subdir; ?>" />
<input type="hidden" name="valid" id="valid" value="0" />
<div id="section_left">
<h1>Mail to go Pro</h1>
<?php echo lang_preferred_username; ?> *<br />
<input type="text" name="username" value="<?php echo lang_admin; ?>" /><br /><br />
<?php echo lang_preferred_password; ?> *<br />
<input type="text" name="password" value="<?php echo rand(1000,9999); ?>" /><br /><br /><br />
<?php echo lang_license_key; ?> *<br />
<input type="text" name="license_key" /><br /><br />
<?php echo lang_url; ?> *<br />
<input type="text" name="url" value="<?php echo $website; ?>" /><br /><br />
<?php echo lang_path; ?> *<br />
<input type="text" name="path" value="<?php echo $root_directory; ?>" /><br /><br />
<?php echo lang_language; ?> *<br />
<select name="language">
<?php
$handle = opendir("./languages/");
while(false !== ($file = readdir($handle))){
if($file != "." && $file != ".." && substr($file,-4) == ".php"){
echo '<option value="' . substr($file,0,-4) . '"' . (substr($file,0,-4) == default_language ? ' selected="selected"' : '' ) . '>' . ucfirst(substr($file,0,-4)) . '</option>';
}
}
closedir($handle);
?>
</select><br />
</div>
<div id="section_right">
<h1><?php echo lang_settings_database; ?></h1>
<?php echo lang_settings_hostname; ?> *<br />
<input type="text" name="mysql_host" value="localhost" /><br /><br />
<?php echo lang_settings_database_username; ?> *<br />
<input type="text" name="mysql_username" /><br /><br />
<?php echo lang_settings_database_password; ?><br />
<input type="text" name="mysql_password" /><br /><br /><br />
<?php echo lang_settings_database_name; ?> *<br />
<input type="text" name="mysql_database" value="" /><br /><br />
<?php echo lang_settings_table_prefix; ?><br />
<input type="text" name="mysql_table_prefix" value="mtgp_" /><br />
</div>
<input type="submit" name="submit" id="submit" value="Installeren!" />
</form>
</div>
<?php
}else{
if(in_array($page,$popup_pages) && file_exists("./modules/" . $page . ".php")){
include("./modules/" . $page . ".php");
}else{
?>
<div id="container">
<div id="header"></div>
<div id="logout">
<a href="index.php?page=logout"><img src="images/logout.jpg" width="40px" height="18px" alt="<?php echo lang_logout; ?>" /></a>
<div id="username"><?php echo $_SESSION["login_username"]; ?></div>
</div>
<div id="menu">
<ul id="nav">
<?php
if(user_subscribers){
?>
<li><a href="index.php?page=subscribers"><?php echo lang_subscribers; ?></a></li>
<?php
}
if(user_groups){
?>
<li><a href="index.php?page=groups"><?php echo lang_groups; ?></a></li>
<?php
}
if(user_send){
?>
<li><a href="index.php?page=send"><?php echo lang_send; ?></a></li>
<?php
}
if(user_settings){
?>
<li><a href="#"><?php echo lang_settings; ?></a>
<ul>
<li><a href="index.php?page=settings_general"><img src="images/menu/btn_general.png" /><?php echo lang_general; ?></a></li>
<li><a href="index.php?page=settings_database"><img src="images/menu/btn_database.png" /><?php echo lang_database; ?></a></li>
<li><a href="index.php?page=settings_email"><img src="images/menu/btn_email.png" /><?php echo lang_email; ?></a></li>
<li><a href="index.php?page=settings_mailserver"><img src="images/menu/btn_mailserver.png" /><?php echo lang_mailserver; ?></a></li>
<?php
if(user_id == 0){
?>
<li><a href="index.php?page=settings_users"><img src="images/menu/btn_users.png" /><?php echo lang_users; ?></a></li>
<?php
}
?>
</ul>
</li>
<?php
}
if(user_history){
?>
<li><a href="index.php?page=history"><?php echo lang_history; ?></a></li>
<?php
}
if(user_templates || user_id == 0){
?>
<li><a href="#"><?php echo lang_others; ?></a>
<ul>
<?php
if(user_templates){
?>
<li><a href="index.php?page=templates"><img src="images/menu/btn_templates.png" /><?php echo lang_templates; ?></a></li>
<?php
}
if(user_id == 0){
?>
<li><a href="index.php?page=box_wizard"><img src="images/menu/btn_box_wizard.png" /><?php echo lang_box_wizard; ?></a></li>
<?php
}
?>
</ul>
</li>
<?php
}
?>
<li><a href="#"><?php echo lang_help; ?></a>
<ul>
<li><a href="index.php?page=manual" target="_blank"><img src="images/menu/btn_manual.gif" /><?php echo lang_manual; ?></a></li>
<li><a href="index.php?page=my_invender" target="_blank"><img src="images/menu/btn_my_invender.gif" /><?php echo lang_my_invender; ?></a></li>
<li><a href="index.php?page=about"><img src="images/menu/btn_about.gif" /><?php echo lang_about; ?></a></li>
</ul>
</li>
</ul>
</div>
<?php
# Load the current page if it's allowed to be loaded
if(in_array($page,$allowed_pages) && file_exists("./modules/" . $page . ".php")){
include("./modules/" . $page . ".php");
}else{
printf(lang_not_allowed_to_load_file,$page);
}
?>
</div>
<?php
}
}
?>
</body>
</html> |
ZeroBytes |
|
_________________ Decoded by ASD @ Lost-codes.co.uk |
|
|
|
|
www.waraxe.us Forum Index -> PHP script decode requests
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|