Verboten!

Das Kennwort aus einen Wörterbuch ist zu einfach - Bitte ein sicheres wählen!"; elseif($ipck and !preg_match("/@$key$/",$post['mail']) and ($var = preg_replace('/^[^@]*@/','',$post['mail'])) == gethostbyname($var)) $out .= "

Die eMail-Adresse läßt sich nicht auflösen oder ist gerade Offline!

"; elseif($ipck and preg_match("/^$array[page]$/",$post['page'],$var) and count($var) > 3 and !preg_match("/^$key$/",$var[3]) and $var[3] == gethostbyname($var[3])) $out .= "

Die Homepage-Adresse läßt sich nicht auflösen oder ist gerade Offline!

"; elseif($user and isset($_POST['register']) and $post['password'] != '') { if(!$var = $sql['aq']($conn," select (select username from [user] where username like '$post[username]') as user, (select mail from [user] where mail like '$post[mail]') as mail where user is not null or mail is not null",SQLITE_NUM)) { if($sql['sq']($conn,"select count(*) from [user]") == 0) // Admin $post['status'] = 2; if(!$sql['e']($conn," insert into [user] ([create],[change],[".implode("],[",array_keys($post))."]) values (datetime('now','localtime'), datetime('now','localtime'), '".implode("','",$post)."')")) $out .= "

Der Benutzer konnte nicht angelegt werden!

"; else $request = 'Profil'; } else { $key = array(); if(!is_null($var[0][0])) $key[] = 'Benutzername'; if(!is_null($var[0][1])) $key[] = 'eMail-Adresse'; $out .= "

".implode(' und ',$key).((count($key) > 1) ? " sind" : " ist" )." schon im System vorhanden!

"; } } elseif($uid and (isset($_POST['change']) or isset($_POST['kill'])) and isset($_POST['userpass']) and ($status/2%2 or !preg_match('/^salt:\w+-hash:\w+$/',$_POST['userpass'])) and ($sql['sq']($conn," select count(*) from [user] where (username like '$post[username]' or id = '$wrt') and password='".$sql['es']($_POST['userpass'])."'") or preg_match('/^salt:(.+?)-hash:(\w+)$/',$sql['sq']($conn," select password from user where (username like '$post[username]' or id = '$wrt')"),$var) and $var[2] == $hash[0]("$var[1]-$_POST[userpass]-".strtolower($post['username'])))) { if(isset($_POST['change'])) { if($post['password'] == '') if($salt and !preg_match('/^salt:\w+-hash:\w+$/',$_POST['userpass'])) $post['password'] = "salt:$salt-hash:".$hash[0]("$salt-$_POST[userpass]-".strtolower($post['username'])); else unset($post['password']); $array = array(); foreach($post as $key => $var) $array[$key] = "[$key]='$var'"; $val = str_replace('=',' like ',$array['username']); if($wrt) $val = "($val or id = $wrt)"; @$sql['e']($conn," update [user] set status=0 where $val and status is null"); if(!$sql['e']($conn," update [user] set [change]=datetime('now','localtime'), ".implode(",",$array)." where $val and (status%2=1 or $status/2%2 = 1)")) $out .= "

Ihre Daten konnten nicht geändert werden!

"; else $request = 'Profil'; } elseif(isset($_POST['kill']) and $var = $sql['sq']($conn," select id from [user] where [username] like '$post[username]' and (status%2=1 or $status/2%2 = 1)")) { $sql['e']($conn," update [user] set [change]=datetime('now','localtime'), [changes]=[changes]+1, [status]=NULL where id=$var"); $request = ''; } } else $out .= "

Ihr altes Kennwort stimmt nicht!

"; } else $out .= "

Sie haben nicht alle Eingabefelder korrekt ausgefüllt!

"; } # Kennwort Vergessen if(!$uid and isset($_POST['restore'])) { $post = array(); $wrt = ($leak) ? array() : array( 'forename' => '[\w. -]{1,64}', 'lastname' => '[\w. -]{1,64}', 'mail' => '[\w.-]+@(localhost|[\w.-]+\.\w+|\[?[\d:a-f]+\]?)'); $array = array_merge($wrt,array( 'question' => '\d{1,8}', 'answer' => '[\w. -]{1,96}', 'username' => '[\w.-]{1,64}', 'password' => '[[:print:]]{1,64}', 'probate' => '[[:print:]]{1,64}')); foreach($array as $key => $var) if(isset($_POST[$key]) and preg_match("/$var/i",$_POST[$key],$val)) $post[$key] = strtr($val[0],$html); if(isset($post['username']) and ($leak or isset($post['mail']) and isset($post['forename']) and isset($post['lastname']))) { if($var=$sql['sq']($conn,"select passhelp from [user] where username like '$post[username]'".(($leak) ? "" : " and mail like '$post[mail]'")) and preg_match('/^(\d+)-(?:(?<=0-)(.+?):)?/',$var,$var)) { if(!$post['question'] = $var[1]) $post['myquestion'] = ($var[2] != '') ? $var[2] : false; } else $out .= "

Das Kennwort kann nicht zurückgesetzt werden, da keine Sicherheitsfrage hinterlegt wurde!

"; if(isset($post['password']) and isset($post['probate']) and $post['password'] == $post['probate']) { if(isset($post['question']) and isset($post['answer']) and ($leak or isset($post['forename']) and isset($post['lastname'])) and $sql['e']($conn," update [user] set password='".$sql['es']($post['password'])."' where username like '$post[username]'".(($leak) ? "" : " and mail like '$post[mail]' and forename like '$post[forename]' and lastname like '$post[lastname]'")." and passhelp like '$post[question]-".((!$post['question'] and isset($post['myquestion']) and $post['myquestion']) ? "$post[myquestion]:" : "")."$post[answer]'") and $sql['c']($conn)) { $request = ''; $out .= "

Ihr Kennwort wurde jetzt neu gesetzt!

"; $row = true; } else { $out .= "

Die Sicherheitsfrage muss korrekt beantwortet werden!

"; if(!$leak) $_SESSION['flc'] = (isset($_SESSION['flc'])) ? $_SESSION['flc'] + 1 : 1; } } else $out .= "

Sie haben noch kein neues korrektes Kennwort vergeben!

"; } else $out .= "

Sie müssen alle Felder ausfüllen!

"; } # Login durchführen if(!$uid and ($row or isset($_POST['login'])) and isset($_POST['username']) and isset($_POST['password'])) { $post = array( 'username' => preg_replace('/[^\w.:@\[\]-]+/','',$_POST['username']), 'password' => preg_replace('/[^[:print:]]/','',$_POST['password'])); if(($val = $sql['aq']($conn," select id,username,password,status,change from [user] where (username like '$post[username]' or mail like '$post[username]') and status is not null")) and $val = $val[0] and (preg_replace('/^salt:\w+-hash:\w+$/','',$post['password']) == $val['password'] or preg_match('/^salt:(.+?)-hash:(\w+)$/',$val['password'],$var) and $var[2] == $hash[0]("$var[1]-$post[password]-".strtolower($val['username'])) or !$leak and isset($_SESSION['sha']) and preg_match('/^([@\w.-]+):(\w+)$/',$post['password'],$var) and $var[1] == $post['username'] and ($var[2] == $hash[0]("$_SESSION[sha]-".$val['password']) or $var[2] == $hash[0]("$_SESSION[sha]-".preg_replace('/^salt:\w+-hash:(\w+)$/','$1',$val['password']))))) { foreach($_SESSION as $key => $var) unset($_SESSION[$key]); $uid = $val['id']; $status = floor($val['status']/2)*2+1; $_SESSION['lua'] = $val['change']; $_SESSION['uid'] = $uid; $sql['e']($conn," update [user] set status=(status/2%8*2+1), logins=logins+1, requests=requests+".((isset($_SESSION['src'])) ? $_SESSION['src'] : 0).", change=datetime('now','localtime'), ip='$addr', session='".$sql['es'](session_id())."', useragent='".$sql['es']($_SERVER['HTTP_USER_AGENT'])."'".((isset($_POST['info'])) ? ", info=nullif('".$sql['es']($_POST['info'])."','')" : "")." where id=".$val['id']); if(isset($_SESSION['src'])) unset($_SESSION['src']); if(!$request and !$query) $request = 'Profil'; if(isset($_POST['forever']) and $_POST['forever']) setcookie('login',"$uid.".$hash[0]("$val[username]:$val[password]"),time()+$ctl,$self); else setcookie('username',$val['username']); } else { $post['password'] = ''; if(!$leak) $_SESSION['flc'] = (isset($_SESSION['flc'])) ? $_SESSION['flc'] + 1 : 1; } } # Profil speichern if($uid and !isset($_POST['stop']) and !isset($_POST['test']) and isset($_POST['profil']) and $sql['e']($conn," update [user] set change=datetime('now','localtime'), changes=changes+1, profil=nullif('".$sql['es']($_POST['profil'])."','') where id=".((isset($_POST['uid']) and $_POST['uid'] != $uid and preg_match('/\d+/',$_POST['uid'],$var)) ? "$var[0] and (select status from [user] where id=$_SESSION[uid])%4 = 3" : "$_SESSION[uid] and status%2=1"))) // XSS $request = 'Profil'; # Blog Bearbeiten if($request == 'Beitrag' and $uid and isset($_POST['save']) and isset($_POST['mail']) and isset($_POST['message']) and isset($_POST['title']) and isset($_POST['id']) and preg_match('/\d+/',$_POST['id'],$var) and $uid == $_POST['mail'] and $_POST['mail'] == $sql['sq']($conn,"select userid from [forum] where id = $var[0]") and $sql['e']($conn," update [forum] set".((isset($_POST['right']) and preg_match('/[01]/',$_POST['right'],$val)) ? "\n\t\tstatus=status/2%2*2+$val[0]%2," : "")." change=datetime('now','localtime'), changes=changes+1, ip='$addr', useragent='".$sql['es']($_SERVER['HTTP_USER_AGENT'])."', title=nullif('".$sql['es'](strtr($_POST['title'],$html))."',''), message='".$sql['es'](strtr($_POST['message'],$html))."' where status is not null and id = $var[0]")) $request = 'Blog'; # Forum Betrag speichern elseif($var = array('') and isset($_POST['save']) and isset($_POST['mail']) and isset($_POST['title']) and isset($_POST['max']) and isset($_POST['message']) and $_POST['message'] != '' and ($uid or $gast) and ($_POST['max'] == $sql['sq']($conn,'select max(id) from [forum]') or (($gast) ? 0 : $uid) != $sql['sq']($conn," select userid from [forum] where id = (select max(id) from [forum])")) and ($_POST['mail'] == '' or preg_match('/^\d+$/',$_POST['mail'],$var) and $sql['sq']($conn," select id from [user] where status is not null and id=$var[0]")) and $sql['e']($conn," insert into [forum] ([create],[change],[status],[userid],[mailid],[ip],[useragent],[path],[title],[message]) values (datetime('now','localtime'),datetime('now','localtime'), ".((isset($_POST['right']) and preg_match('/[01]/',$_POST['right'],$val)) ? $val[0]%2 : 0).", ".(($uid) ? $uid : 0).", nullif('$var[0]',''), '$addr', '".$sql['es']($_SERVER['HTTP_USER_AGENT'])."', nullif('".((isset($_POST['id']) and preg_match('/^\d+$/',$_POST['id'],$val) and $val = $sql['sq']($conn,"select ifnull(path,'/')||id||'/' from [forum] where id=$val[0]")) ? $val : '')."',''), nullif('".$sql['es'](strtr($_POST['title'],$html))."',''), '".$sql['es'](strtr($_POST['message'],$html))."')")) $request = ($var[0]) ? (($var[0] == $uid) ? 'Blog' : 'Mail') : ''; } else $out .= "

POST-Requests ohne Session-Cookies werden ignoriert!

"; } # Mails löschen if(preg_match('/Blog|Mail/',$request) and $uid and isset($_GET['kill']) and preg_match('/\d+/',$_GET['kill'],$var) and $uid == $sql['sq']($conn,"select mailid from [forum] where id = $var[0]")) $sql['e']($conn,"update [forum] set status=null where status is not null and id=$var[0]"); # Tagline speichern if($uid and !isset($_REQUEST['stop']) and !isset($_REQUEST['test']) and isset($_REQUEST['tl'])) $sql['e']($conn," update [user] set change=datetime('now','localtime'), changes=changes+1, tagline=nullif('".$sql['es']($_REQUEST['tl'])."','') where id=".(($status/2%2 and isset($_REQUEST['id']) and preg_match('/\d+/',$_REQUEST['id'],$var)) ? $var[0] : $uid)); # Abmelden if(preg_match('/^Abmelden\s?$/',$request)) { if($sql['e']($conn," update [user] set status=(status/2%8*2), chat=null, change=datetime('now','localtime') where ".((isset($_GET['id']) and $_GET['id']) ? "(select status%4 from [user] where id=nullif('$uid',''))=3 and id=".(($leak) ? $_GET['id'] : preg_replace('/\D/','',$_GET['id'])) : "id='$uid' and status%2=1")) and $sql['c']($conn) and (!$status/2%2 or !isset($_GET['id']))) { session_unset(); if(isset($_COOKIE['login'])) { setcookie('login',0,time()-$ctl,$self); unset($_COOKIE['login']); } } // if(substr($request,-1) != ' ') $request = ''; $uid = $status = false; } # Login Forumlar if(!$uid and (!preg_match('/^(Anmelden|Kennwort|SQL|Beitrag|Creole)$/',$request,$var) and !$info[3] and (($user or !$lone) and !$content or !is_array($content) and preg_match('/(<|<){3}login(\d?)(>|>){3}/i',$content,$var) or $request == 'Login') or !$inet and !$local and trim($request) == 'Impressum')) { if(!(isset($post['username']) and $post['username']) and isset($_COOKIE['username']) and $_COOKIE['username']) $post['username'] = ($leak) ? $_COOKIE['username'] : preg_replace('/^([^\w.:@\[\]-]*).*$/','$1',$_COOKIE['username']); if(!$leak and $hash) $head['hash'] = ""; $out = "

'&', "'" => '"'))."'>«

'&', "'" => '"'))."'")."> Login '&', "'" => '"')).preg_replace($formcheck[0],$formcheck[1],"'>» {username|Benutzername oder eMail:|20|64|tabindex=1} {password|Kennwort:".((!$local and !$inet) ? "" : " (Vergessen?)")."|*20|64|tabindex=2} Angemeldet bleiben ".(($user and ($local or $inet)) ? "Neues Mitglied werden" : "")) ."

$out"; } # Datei-Upload if($uid and $request == 'Datei') { $len = $sql['sq']($conn,"select sum(abs(size)) from [file] where user = $uid and status is not null"); if(isset($_FILES['file']) and !$_FILES['file']['error'] and file_exists($_FILES['file']['tmp_name'])) { $name = preg_replace('/[^\w!,.-]/','',((isset($_POST['name']) and $_POST['name'] != '') ? $_POST['name'] : $_FILES['file']['name'])); if(!$status/2%2 and ($len + $_FILES['file']['size']) > $maxfile) $out .= "

Sie haben ihren Datei-Upload Content um ".number_format(($len - $maxfile),0,',','.')." Bytes überschritten!

"; elseif(!$type = array_search(strtolower(preg_replace('/^.*?\.(\w+)$/','$1',$name)),$type) and !$status/2%2) $out .= "

Ihr Datei-Upload besitzt einen nicht erlaubten Datei-Type!

"; else { $data = file_get_contents($_FILES['file']['tmp_name']); $crc = str_pad(dechex(crc32($data)),8,0,STR_PAD_LEFT); $size = strlen($data); $len += $size; $var = array_merge(array( '[create]' => "datetime('now','localtime')", '[status]' => (int)$_POST['right'] + (int)$_POST['status'], '[user]' => $uid, '[name]' => "'$name'", '[ip]' => "'$addr'", '[useragent]' => "nullif('".$sql['es']($_SERVER['HTTP_USER_AGENT'])."','')", '[info]' => "nullif('".$sql['es'](strtr($_POST['info'],$html))."','')"), ($link = $sql['sq']($conn,"select id from [file] where link is null and hash = '$crc' and abs(size) = $size")) ? array('[link]' => $link) : array( '[size]' => $size, '[hash]' => "'$crc'", '[type]' => (($type) ? "nullif('".preg_replace('![^\w/ ;=+-]!','',$_FILES['file']['type'])."','')" : "null"), '[data]' => "'".base64_encode($data)."'")); if(isset($var['[data]']) and $data = $gz['deflate']($data,9) and strlen($data) < $size) { $var['[data]'] = "'".base64_encode($data)."'"; $var['[size]'] *= -1; } if($val = $sql['sq']($conn,"select id from [file] where status is not null and user = $uid and name like ".$var['[name]']." limit 1")) { // $sql['e']($conn,"update [file] set status = null where id = $val"); $key = array(); foreach($var as $k => $v) $key[] = "$k = $v"; if(!@$sql['e']($conn,"update [file] set\n\t".implode(",\n\t",$key)."\nwhere id = $val")) $var = false; } elseif(!@$sql['e']($conn,"insert into [file] (".implode(',',array_keys($var)).") values (".implode(',',array_values($var)).")")) $var = false; if(!$var) $out .= "

Datei konnte nicht verarbeitet werden!

"; } } elseif(isset($_POST['send']) and isset($_POST['id']) and preg_match('/\d+/',$_POST['id'],$var)) { $sql['e']($conn," update [file] set status = ".((int)$_POST['right'] + (int)$_POST['status']).", name = '".preg_replace('/[^\w!&,.-]/','',$_POST['name'])."', info = '".$sql['es']($_POST['info'])."'" .(($status/2%2 and isset($_POST['type'])) ? ",\n\t\ttype = ".((preg_match('![\w/ ;=+-]+!',$_POST['type'],$val)) ? "'$val[0]'" : "null") : "")." where status is not null and id = $var[0]".(($status/2%2) ? "" : " and user = $uid ")); if(isset($_POST['charset']) and preg_match('/^[\w-]+$/',$_POST['charset'],$val) and $var = $sql['aq']($conn," select ifnull(b.id,a.id) as id, ifnull(b.type,a.type) as type from [file] as a left join [file] as b on a.link = b.id where a.status is not null and ifnull(a.type,b.type) like 'text/%'".(($status/2%2) ? "" : " and a.user = $uid")." and a.id = $var[0]")) $sql['e']($conn," update [file] set type = '".preg_replace('!^([\w/-]+).*$!','$1',$var[0]['type'])."; charset=$val[0]' where id = ".$var[0]['id']); } elseif(isset($_GET['kill']) and preg_match('/\d+/',$_GET['kill'],$var)) if($sql['sq']($conn,"select 1+status from [file] where id = $var[0]")) $sql['e']($conn,"update [file] set status = null where (user = $uid or $status/2%2) and id = $var[0]"); else $sql['e']($conn,strtr("begin; update [file] set size = (select size from [file] where id = #), hash = (select hash from [file] where id = #), type = (select type from [file] where id = #), data = (select data from [file] where id = #) where id = (select id from [file] where link = # limit 1); update [file] set link = (select id from [file] where link = # and data is not null) where link = #; update [file] set link = null where id = link; delete from [file] where id = #; commit;",array('#' => $var[0]))); elseif($status/2%2 and isset($_GET['restore']) and preg_match('/\d+/',$_GET['restore'],$var)) $sql['e']($conn," update [file] set status = 1 where id = $var[0]"); $data = (($status/2%2 and !is_bool($mid)) ? (($mid < 0) ? '' : "where a.user = $mid") : "where a.user = $uid and a.status is not null"); $num = $sql['sq']($conn,"select count(*) from [file] as a $data"); if($page[0] == '') $page = array(1,"page=1"); preg_replace($paging[5],$paging[6],"$num,$max,#key#"); if($rows = $sql['aq']($conn," select a.name as name, abs(ifnull(a.size,b.size)) as absize, a.user||'-'||a.name as flink, a.id as id, u.username as uname, a.ip as ip, ifnull(a.status/2%2,1) as status, a.status%2 as right, a.[create], ifnull(a.hash,b.hash) as hash, a.info as info, ifnull(a.type,b.type) as type, a.useragent as agent, a.link as link, a.user as user, ifnull(a.size,b.size) as size, ifnull(length(a.data),0) as truesize, strftime('%d.%m.%Y %H:%M:%S',a.[create]) as erstellt from [file] as a left join [file] as b on a.link = b.id left join [user] as u on a.user = u.id $data".preg_replace($sorth[2],$sorth[3],'u.id,a.name;11;a.name')." limit $val,$max",SQLITE_ASSOC)) { $row = array(); // user $val = ($status/2%2 and $mid) ? "&user=$mid" : false; $key = 0; foreach($rows as $var) $row[] = "$var[name]".number_format((($key += $a = abs($var['size'])) ? $a : 0),0,',','.')."" ."::f/$var[flink]" .(($status/2%2) ? "::f/$var[id]".(($var['link']) ? "#$var[link]" : "")."".(($var['uname']) ? "$var[uname]" : "Unbekannt")."$var[ip]" : "") ."".(($var['status']) ? "Privat" : "Öffendlich")."".(($var['right']) ? "Jeder" : ((is_null($var['right'])) ? "Gesperrt" : "Benutzer"))."" ."$var[erstellt]".(($var['hash']) ? $var['hash'] : "-/-")."" .@preg_replace(array_keys($creole),array_values($creole),strtr($var['info'],array_slice($html,1))) ." X"; $out .= "

Übersicht ".(($status/2%2) ? (($mid and $mid < 0) ? "aller" : "aller") : "Ihrer")." hochgeladenen Dateien

".((($var = preg_replace($sorth[0],$sorth[1],"Datei=1\tGröße=2\tDatei-Link=3\t(ID-Link=4)\t(Benutzer=5)\t(IP-Adresse=6)\tStatus=7\tRechte=8\tErstellt=9\tHash=10\tBeschreibung=11")) and $status/2%2 and $mid) ? preg_replace('/(?=sort=)/',"user=$mid&",$var) : $var)."".implode("",$row)."

$code

"; } $row = ($id and $row = $sql['aq']($conn," select a.status as status, a.name as name, a.info as info, ifnull(a.type,b.type) as type from [file] as a left join [file] as b on a.link = b.id where a.id = $id")) ? reset($row) : array('name' => '', 'info' => '', 'status' => 1, 'type' => ''); $val = ($status/2%2) ? (($mid == -1) ? array($key,'insgesamt belegt') : array($len,'belegt')) : array($maxfile-$len,'frei'); $out .= "

Datei-Upload (".number_format(($val[0]),0,',','.')." Bytes $val[1]) Datei Dateiname Beschreibung Status ÖffendlichPrivat Rechte JederBenutzer" .(($status/2%2 and ($row['type'] or is_null($row['type']))) ? " Content-Type:" .((preg_match('!^text/!',$row['type'])) ? " (iso / utf-8)": '')." " : ((preg_match('!^text/([\w-]+)(?:;\s*charset\s*=\s*([\w-]+))?$!',$row['type'],$var)) ? " Charset (iso / utf-8) " : ""))."

"; } # Administrator Werkzeuge if($uid and $status/2%2 or $info[3] != '') { $info[4] = "|>-\n|--[ [[^Backup]] ~| [[^CMS]] ~| [[^SQL|SQL-Konsole]] ~| [[^Status]] ]--|\n"; if(preg_match('/^(cms|backup|sql|status)$/i',$request)) $info[8] = @preg_replace(array_keys($creole),array_values($creole),"$info[4]--"); if($request == 'Status' and array_sum($var = reset(($sql['aq']($conn," select (select count(*) from user where status/2%2), (select count(*) from user where status%2), (select count(*) from user where status%2 = 0), (select sum(logins) from user), (select sum(requests) from user), (select count(*) from (select count(*) from [user] group by ip having count(*) > 1))",SQLITE_NUM))))) { $out .= "$info[8]"; $out .= "

Allgemein " ."Admins: $var[0] - ".((is_array($val = $sql['sq']($conn,"select Username from user where status/2%2"))) ? implode(", ",$val) : $val) ." / Online: $var[1] / Offline: $var[2] / Logins: ".number_format($var[3],0,',','.')." / Zugriffe: ".number_format($var[4],0,',','.')." / Gleiche IPs: $var[5]

Inhalte " .preg_replace($sorth[0],$sorth[1],"Art=1\tBenutzer=2\tInsgesamt=3\tÖffendlich=4\tGelöscht=5\tZuerst Erstellt=6\tZuletzt Erstellt=7\tZuletzt Geändert=8").""; $row = array(); foreach($sql['aq']($conn," select 'Mitglieder', (select count(profil) from user where status is not null), (select count(*) from user where status is not null), (select count(page) from user where status is not null), (select count(*) from user where status is null), (select min([create]) from user), (select max([create]) from user), (select max(change) from user) union select 'Blog', (select count(*) from (select count(*) from forum where status is not null and mailid = userid and mailid is not null group by userid)), (select count(*) from forum where status is not null and mailid = userid and mailid is not null), (select count(*) from forum where status%2=0 and mailid = userid and mailid is not null), (select count(*) from forum where status is null and mailid = userid and mailid is not null), (select min([create]) from forum where mailid is not null and userid = mailid), (select max([create]) from forum where mailid is not null and userid = mailid), (select max([change]) from forum where mailid is not null and userid = mailid) union select 'Chat', (select count(user) from chat), (select count(*) from chat), (select count(*) from (select distinct u.id from user as c left join user as u on c.chat = u.id where u.id is not null and u.status/4%2 group by u.id)), null, (select min(time) from chat), (select max(time) from chat), null union select 'CMS', (select count(*) from user where status/2%2), (select count(*) from cms), (select count(*) from cms where status/8%2), null, (select min([create]) from cms), (select max([create]) from cms), (select max([change]) from cms) union select 'Datei', (select count(*) from (select count(*) from file where status is not null group by user)), (select count(*) from file where status is not null), (select count(*) from file where status%2=0), (select count(*) from file where status is null), (select min([create]) from file), (select max([create]) from file), null union select 'Mail', (select count(*) from (select count(*) from forum where status is not null and mailid != userid and mailid is not null group by userid)), (select count(*) from forum where status is not null and mailid is not null and mailid != userid), null, (select count(*) from forum where status is null and mailid is not null and mailid != userid), (select min([create]) from forum where mailid is not null and userid != mailid), (select max([create]) from forum where mailid is not null and userid != mailid), (select max([change]) from forum where mailid is not null and userid != mailid) union select 'Forum', (select count(*) from (select count(*) from forum where status is not null and mailid is null group by userid)), (select count(*) from forum where status is not null and mailid is null), (select count(*) from forum where status%2=0 and mailid is null), (select count(*) from forum where status is null and mailid is null), (select min([create]) from forum where mailid is null), (select max([create]) from forum where mailid is null), (select max([change]) from forum where mailid is null)".preg_replace($sorth[2],$sorth[3],"1;8"),SQLITE_NUM) as $line) if($line[2]) { $out .= ""; foreach($line as $key => $var) $out .= "".((is_null($var)) ? "-/-" : $var) : ">".preg_replace('/(\d+)-(\d+)-(\d+) (\d+):(\d+):(\d+)/','$3.$2.$1 $4:$5',$var)) : ">$var").""; $out .= ""; } $out .= "

"; } if($request == 'Backup') { // Backup Database $var = (isset($_FILES['sqlite']['tmp_name']) and !$_FILES['sqlite']['error'] and file_exists($_FILES['sqlite']['tmp_name'])) ? $_FILES['sqlite']['tmp_name'] : "$base.gz"; if($query == 'reorg') $sql['e']($conn,"vacuum"); elseif(isset($_POST['create']) and (!file_exists("$base.gz") or $owbu) and ($fr=fopen($base,'rb')) and ($fw=$gz['open']("$base.gz",'wb9'))) { while(!feof($fr)) $gz['write']($fw,fread($fr,1024)); fclose($fr); $gz['close']($fw); } if($var != "$base.gz" or isset($_POST['reset'])) { // Restore $sql['cl']($conn); if(($fr=$gz['open']($var,'rb')) and ($fw=fopen($base,'wb'))) { while(!$gz['eof']($fr)) fwrite($fw,$gz['read']($fr,1024)); $gz['close']($fr); fclose($fw); @touch($base,filemtime($var)); header("Location: $self"); die("Weiter zum Forum"); } } elseif(isset($_GET['download']) and file_exists($var = preg_replace('/\/.*$/','',$base)."/".basename($_GET['download']).strrchr($base,'.')) and is_file($var)) { // Save Fail-DB header('Content-Type: application/octetstream'); header('Content-Disposition: filename="'.basename($var).'"'); header('Content-Length: '.filesize($var)); readfile($var); exit(); } elseif(isset($_POST['backup']) or $query == 'download') { // Save DB $var = ($query and file_exists("$base.gz")) ? file_get_contents("$base.gz") : $gz['encode'](file_get_contents($base),9); header('Content-Type: application/x-gzip'); header('Content-Disposition: filename="'.basename($base).'.gz"'); header('Content-Length: '.strlen($var)); die($var); } elseif(isset($_REQUEST['sqldump']) and $tables = $sql['q']($conn,"select name,sql from sqlite_master where type='table' and name not like 'sqlite_%'")) { // Make SQL-Dump $eol = "\r\n"; $val = "begin;$eol"; while($table = $sql['fa']($tables,SQLITE_ASSOC)) { $val .= ((isset($_REQUEST['dt'])) ? ((isset($_REQUEST['ct'])) ? "drop table" : "delete from")." [$table[name]];$eol" : "") .((isset($_REQUEST['ct'])) ? "$table[sql];" : "/* ".$table['sql']." */").$eol; if($lines = $sql['q']($conn,"select * from [$table[name]]")) { $cols = $sql['nf']($lines); $name = array(); for($a=0; $a<$cols; $a++) $name[] = "[".$sql['fn']($lines,$a)."]"; while($line = $sql['fa']($lines,SQLITE_NUM)) { foreach($line as $key => $var) $line[$key] = (is_null($var)) ? 'null' : ((preg_match('/^(0|-?[1-9]\d*(\.\d+)?)$/',$var)) ? $var : "'".$sql['es']($var)."'"); $val .= "insert into [$table[name]] (".implode(",",$name).") values (".implode(",",$line).");$eol"; } } } $val = $gz['encode']($val."commit;$eol",9); header('Content-Type: application/x-gzip'); header('Content-Disposition: filename="'.preg_replace('/(?<=\.)\w+$/','sql',basename($base)).'.gz"'); header('Content-Length: '.strlen($val)); die($val); } else $out .= "$info[8]

Datenbank Backup ".basename($base)." ".number_format(filesize($base),0, '.', ',')." Bytes SQLite-Binary: SQL-Dump: Tabellen neu erstellen Alte Tabellen löschen/leeren " .((file_exists("$base.gz")) ? " ".basename($base).".gz vom: ".date("d.m.Y H:i:s",filemtime("$base.gz"))." Letzte Sicherung: " : "") .((!file_exists("$base.gz") or $owbu) ? " Sicherung: " : "") .(($val = glob(preg_replace('/(?=\.\w+$)/','_*',$base))) ? " Defekte Datenbanken: ".implode(" ",preg_replace('/^((.*?)_(\d\d)(\d\d)(\d\d)(\d\d)(\d\d)(\d\d))(\.\w+)$/',"$2$9 vom: $5.$4.$3 $6:$7:$8",$val))."" : '') ." Hochladen & Zurückspielen:

"; } # Administration von Forenbeträgen if($request == 'Admin') { if(isset($_GET['kill']) and preg_match('/\d+/',$_GET['kill'],$var)) $sql['e']($conn,"delete from [forum] where id=$var[0]"); elseif(isset($_GET['lock']) and preg_match('/\d+/',$_GET['lock'],$var)) $sql['e']($conn,"update [forum] set status=null where status is not null and id=$var[0]"); elseif(isset($_GET['save']) and preg_match('/\d+/',$_GET['save'],$var)) $sql['e']($conn,"update [forum] set status=0 where status is null and id=$var[0]"); if(isset($_GET['edit']) and preg_match('/\d+/',$_GET['edit'],$var)) { if(isset($_POST['edit']) and isset($_POST['message']) and $_POST['message'] != '') { $sql['e']($conn," update [forum] set change=datetime('now','localtime'), changes=changes+1, title=nullif('".((isset($_POST['title'])) ? $sql['es'](strtr($_POST['title'],$html)) :'')."',''), message='".$sql['es'](strtr($_POST['message'],$html))."', status=nullif('".preg_replace('/\D/','',$_POST['status'])."',''), userid=".preg_replace('/\D/','',$_POST['userid']).", mailid=nullif('".preg_replace('/\D/','',$_POST['mailid'])."',''), path=nullif('".preg_replace('/[^\d\/]/','',$_POST['path'])."','') where id=$var[0]"); $request = ($mid or $_POST['mailid']) ? (($_POST['mailid'] == $_POST['userid']) ? 'Blog' : 'Mail') : ''; if(!$q) $q = $var[0]; } else { $wrt = array(); if($getopt != '') $wrt[] = $getopt; if($page[1] != '') $wrt[] = $page[1]; $wrt = "$self/Admin?".implode('&',$wrt).((count($wrt) > 0) ? '&' : ''); $line = reset(($sql['aq']( $conn," select f.id as id, strftime('%s',f.[create]) as 'create', strftime('%s',f.change) as change, strftime('%d.%m.%Y %H:%M:%S',f.[create]) as crdatum, strftime('%d.%m.%Y %H:%M:%S',f.change) as chdatum, f.changes as changes, f.userid as userid, f.mailid as mailid, f.ip as uip, f.useragent as ua, f.status as status, ifnull(f.status%2,'-1') as right, f.path as path, f.title as title, f.message as message, u.username as author from [forum] as f left join [user] as u on u.id = f.userid where f.id=$var[0]",SQLITE_ASSOC))); foreach($_POST as $k => $v) if(preg_match('/^(title|message|userid|mailid|path|status)$/',$k)) $line[$k] = $v; $creolevar = array_merge($creolevar,array('type' => 'forum', 'id' => $line['id'], 'name' => $line['id'], 'title' => $line['title'], 'from' => $line['author'], 'create' => $line['create'], 'change' => $line['change'], 'right' => $line['right'])); $array = array(); foreach($sql['aq']($conn,"select id,username from user") as $v) { $array['user'][] = "$v[username]"; $array['mail'][] = "$v[username]"; if($v['id'] == $line['userid']) $line['from'] = $v['username']; if($v['id'] == $line['mailid']) $line['to'] = $v['username']; } $out .= "

" .((is_null($line['title'])) ? "Ohne Titel" : "".preg_replace(array_keys($smile),array_values($smile),preg_replace($phtml[0],$phtml[1],$line['title']))."")." von " .((!isset($line['from']) or is_null($line['from'])) ? "Unbekannt" : "$line[from]") .((!isset($line['to']) or is_null($line['to'])) ? "" : " an $line[to] [" : "a00000'>un")."gelesen]") ." Bearbeiten (Quelltext)

Metainformationen:
Erstellt: $line[crdatum] / Zuletzt geändert: $line[chdatum] / Änderungen: $line[changes]
IP: ".strtr($line['uip'],$html)." / Useragent: ".strtr($line['ua'],$html)." / Status: ".((is_null($line['status'])) ? "Gesperrt (Entsperren" : "Normal (Sperren")." | Löschen)" .((is_null($line['path'])) ? "" : " / Reference suchen")."

---

" .@preg_replace(array_keys($creole),array_values($creole),strtr($line['message'],array_slice($html,1)))."

---

Titel:	Von: Unbekannt".implode('',$array['user'])."	An: Forum".implode('',$array['mail'])."	Status:	Path:
Nachricht: ".preg_replace($phtml[0],$phtml[1],$line['message'])."

"; } } else $request = ''; } } elseif(preg_match('/Admin|Backup/',$request)) $request = ''; # Content-Management-System if((($request == 'CMS' or isset($_REQUEST['request']) and $_REQUEST['request'] == 'CMS') and $uid) and ($status/2%2 or $status%2 == 1 and $sql['sq']($conn,"select status/2%4 from [cms] where id like '$id' or name like '".$sql['es'](trim($q))."'") == 2)) { if(count($_POST) and !isset($_POST['stop'])) { $post = array('name' => '\w.-', 'content' => '^\x00'); if($status/2%2) $post = array_merge($post,array('description' => '^\n', 'menu' => '\d', 'public' => '\d', 'right' => '\d-', 'id' => '\d', 'create' => '\d', 'change' => '\d')); foreach($post as $key => $var) $post[$key] = (isset($_POST[$key]) and preg_match('/['.$var.']+/',$_POST[$key],$val)) ? strtr($val[0],$html) : false; if(isset($_POST['save']) and $_POST['save'] and isset($_POST['name']) and !preg_match("/^\s*$ncms\s*$/",$_POST['name'])) { if($status/2%2) $var = (int)$post['right']*2 + ((isset($post['menu'])) ? $post['menu'] : 0) + ((isset($post['public'])) ? $post['public']*8 : 0); if($id) $sql['e']($conn," update [cms] set change=datetime('now','localtime'), changes=changes+1,".(($status/2%2) ? " status=$var, name='$post[name]', description=nullif('".$sql['es']($post['description'])."','')," : "")." content=nullif('".$sql['es']($post['content'])."','') where id = $id"); elseif($status/2%2) $sql['e']($conn," insert into [cms] ([create],[change],[status],[name],[description],[content]) values( datetime('now','localtime'),datetime('now','localtime'), $var, '$post[name]', nullif('".$sql['es']($post['description'])."',''), nullif('".$sql['es']($post['content'])."',''))"); $id = $content = true; $request = ($post['name'] != '') ? "$post[name] " : ' '; } elseif(isset($_POST['remove']) and $id and $status/2%2) { $sql['e']($conn,"delete from [cms] where id = $id"); $id = $post = false; } } else $post = false; if(!$id and $q !== false) $id = $sql['sq']($conn,"select id from [cms] where name like '".$sql['es']($q)."'"); if(!$post and $id and $var = $sql['aq']($conn," select id, name, strftime('%s',change) as change, strftime('%s',[create]) as 'create', status%2 as menu, status/8%2 as public, status/2%4 as right, description, content from [cms] where id = $id",SQLITE_ASSOC)) $post = reset($var); elseif(!$post) $post = array('id' => 0, 'name' => '', 'menu' => 0, 'public' => 0, 'right' => -2, 'description' => '', 'content' => '', 'create' => '', 'change' => ''); if(count($_POST) and $post['content'] != '' and $creolevar = array_merge($creolevar,array('type' => 'cms', 'id' => $post['id'], 'name' => $post['name'], 'create' => $post['create'], 'change' => $post['change'], 'name' => $post['name'], 'title' => $post['description'], 'right' => $post['right'], 'from' => $sql['sq']($conn,'select username from user where status/2%2 = 1')))) $out .= "

".@preg_replace(array_keys($creole),array_values($creole),strtr($post['content'],array_slice($html,1)))."

"; if($id or isset($post['id'])) $uedit = "CMS?id=".((isset($post['id'])) ? $post['id'] : $id); if($id === false) { $num = $sql['sq']($conn,"select count(*) from [cms]"); if($page[0] == '') $page = array(1,"page=1"); preg_replace($paging[5],$paging[6],"$num,$max,#key#"); if($rows = $sql['aq']($conn," select id, name, [create], change, changes, status%2 as menu, status/8%2 as public, status/2%4 as right, description, strftime('%d.%m.%Y %H:%M:%S',[create]) as erstellt, strftime('%d.%m.%Y %H:%M:%S',change) as modifiziert from [cms]".preg_replace($sorth[2],$sorth[3],"name;9;name")." limit $val,$max")) { $row = array(); foreach($rows as $var) $row[] = "$var[id]Startseite" : "/$var[name]'>$var[name]" )."$var[erstellt]$var[modifiziert]$var[changes]".strtr($var['menu'],array(0 => 'Aus', 1 => 'An'))."".strtr($var['public'],array(0 => 'Aus', 1 => 'An'))."".strtr($var['right'],array(0 => 'Jeder' , 1 => 'Benutzer', 2 => 'Benutzer+', 3 => 'Admin'))."".strtr($var['description'],array_slice($html,1))." "; $out .= "$info[8]

Übersichtsliste für Content-Management-System

".preg_replace($sorth[0],$sorth[1],"ID=1\tSeite=2\tErstellt=3\tZuletzt Geändert=4\tGeändert=5\tMenü=6\tÖffendlich=7\tRechte=8\tBeschreibung=9")."".implode("",$row)."

Neue Seite erstellen

$code

"; } } elseif($id === false) $id = 0; if(isset($_POST['stop'])) { $id = $content = true; $request = ($post['name'] != '') ? $post['name'] : ' '; } if($id !== false and $id !== true) { if($status/2%2) { $array = array(3 => 'Admin (Voll)', 2 => 'Benutzer (Edit)', 1 => 'Benutzer (Lesen)', 0 => 'Jeder (Lesen)'); foreach($array as $key => $var) $array[$key] = "$var"; } if(isset($_POST['content']) and $_POST['content'] != '') $out .= '
'; $out .= "

Content-Management-System (edit)

".(($status/2%2) ? "" : "")."

Seite:	Beschreibung:	Optionen: 0) ? " checked" : "")." />Menü 0) ? " checked" : "")." />Öffendlich	Rechte: ".implode('',$array)."
Nachricht: $post[content] ".(($status/2%2) ? " " : "")."

"; } } } } # Creole-Syntax ausgeben if((preg_match('/Admin|Beitrag|Bearbeiten/',$request) or $request == 'CMS' and (isset($_GET['id']) or isset($_GET['q'])) and !isset($_REQUEST['remove'])) and ($uid or $gast) or $request == 'Creole' and !isset($_REQUEST['nodemo'])) { $creolevar = array_merge($creolevar,array('type' => 'intern')); $val = array("**Fett**","//Kursiv//","++Größer++","--Kleiner--","~~Durchgestrichen~~","__Unterstrichen__", "##Druckschrift##","^^Hoch^^ gestellt",",,Tief,, gestellt","**//__Kombiniert__//**","@@**Fett** ~//Code//@@", "===Überschrift 3","* List\n** Unter\n* Punkt","# List\n## Unter\n# Zahl","; List\n: Info\n;; Rekursiv\n:: Info", "[[[Einfacher\nUmbruch]]]","Um\\\\bruch aus~\\\\setzen","^CMS CreoleLink","http://www.xx","mail@www.xx", "[[http://www.xx|title]]","[[back->http://www.xx]]"," Plaintext","----","{{/favicon.ico|Ikone}}","{{{**//Plain//**}}}", "??key:value?? / ??key??","<>",". <<<_ nix>>> /* nix */","|>\n|=Tabelle|=Titel|\n|Spalte |Zelle |"); foreach($val as $key => $var) $val[$key] = "

".strtr($var,array_slice($html,1))."

".str_replace("\n",'
',@preg_replace(array_keys($creole),array_values($creole),$var)).""; $out = "

'&', "'" => '"'))."'>«

".implode('',$val) .(($img) ? "" : "")."

'&', "'" => '"'))."'>» Forumschreibweise:

".@preg_replace(array_keys($creole),array_values($creole), "**Smilie-Codes:**\n :D @@~:-D ~;-D ~:D ~;D@@ 8) @@~8-) ~B-) ~8) ~B)@@ 8O @@~8-O ~8-o ~8O ~8o@@ :) @@~:-) ~:)@@ ;) @@~;-) ~;)@@ 8| @@~8-| ~8|@@ ~~ @@~~-~~ ~~@@ :( @@~:-( ~;-( ~:( ~;(@@ :| @@~:-| ~;-| ~:| ~;|@@ :? @@~:-? ~;-? ~:? ~;?@@ :C @@~:-C ~;-C ~:-c ~;-c ~:C ~;C ~:c ~;c@@ :O @@~:-O ~;-O ~:-o ~;-o ~:o ~;o ~:O ~;O@@ :x @@~:-x ~;-x ~:-X ~;-X ~:x ~;x ~:X ~;X@@ :P @@~:-P ~;-P ~:-p ~;-p ~:-b ~;-b ~:P ~;P ~:p ~;p ~:b ~;b@@ ")."

$out"; } # Creole Demo if($request == 'Creole') if($leak or $uid) { $creolevar['type'] = 'cms'; if(isset($_POST['source'])) $out .= "

Creole Ansicht:

".@preg_replace(array_keys($creole),array_values($creole),strtr(($var = $_POST['source']),array_slice($html,1)))."

"; else $var = ''; $out .= "

Creole Livedemo (edit)

Quelltext:
".strtr($var,$html)."
" .((($leak or $status/2%2) and isset($_COOKIE['debug']) and $_COOKIE['debug']) ? " Keine Legende erstellen" : "")."

"; } else $request = 'Impressum'; # Source if(preg_match('/^source(?:\.(txt|html|php\.gz))?$/i',$request,$val)) { if($sql and $q and preg_match('/\d+/',$q,$var) and $line = $sql['aq']($conn," select strftime('%d.%m.%Y %H:%M:%S',f.[create]) as datum, userid, mailid, username, title, message from [forum] as f left join [user] as u on f.userid = u.id where f.id=$var[0]".(($status/2%2) ? '' : " and f.status".(($status%4 == 0) ? "%2 = 0" : " is not null")." and (f.mailid is null or f.mailid = ifnull('$uid',null) or f.mailid is not null and f.userid = ifnull('$uid',null) or f.mailid = f.userid)"),SQLITE_ASSOC)) $out .= "

".((is_null($line[0]['title'])) ? "Ohne Titel" : "".strtr($line[0]['title'],array_slice($html,1))."")." von " .((is_null($line[0]['username'])) ? "Unbekannt" : "".$line[0]['username']."") ." vom ".$line[0]['datum']."

".strtr($line[0]['message'],array_slice($html,1))."

"; else { $val[] = ''; $lines = file(__file__); if(isset($_GET['download']) or $val[1] == 'php.gz') { header("Content-Type: application/octet-stream"); header('Content-Disposition: filename="'.basename(__FILE__).'.gz"'); die($gz['encode'](implode('',$lines),9)); } elseif(strtolower($request) == $request and $val[1] != 'html' or $val[1] == 'txt') { header('Content-Type: text/plain; charset=8859-1'); die(implode('',$lines)); } else { foreach($lines as $key => $var) while(false !== $tab = strpos($lines[$key],"\t")) $lines[$key] = substr($lines[$key],0,$tab).str_repeat(' ',8-$tab%8).substr($lines[$key],$tab+1); $out .= "

".strtr(highlight_string(implode('',$lines),true),array(' ' => ' ', "\r" => '', "\n" => ''))."

"; } } } if($sql) { # SQLite-Terminal mit Option auf vorgegegebenen Querys der XSS-Attacken if(($leak and $query or $info[3] != '' or $status/2%2) and $request == 'SQL') { $val = ''; $q = false; if($leak) { $set = (preg_match('/\w+/',$query,$var)) ? $var[0] : ((isset($_POST['preset'])) ? $_POST['preset'] : ''); if($set == "worm") $q = " select * from [worm] order by id desc limit 0,25"; elseif(preg_match('/(cookie|account)/',$set)) $q = " select x.id as ID, i.hits as Hits, strftime('%d.%m.%Y %H:%M:%S',[create]) as 'Datum/Zeit', href as Url,".(($set == 'account') ? " user as Username, pass as Password," : " sess as Session, data as Cookie,")." useragent as UserAgent from [xss] as x inner join ( select max(id) as id, count(*) as hits from [xss]".(($set == 'account') ? "\n\twhere user is not null and pass is not null" : "")." group by ".(($set == 'cookie') ? "sess,data" : "user,pass")." ) as i on i.id = x.id order by x.id desc limit 0,25"; $array = array( 'account' => 'Accountdaten', 'cookie' => 'Cookies und Sessions', 'worm' => 'Daten vom Wurm', 'sqlite' => 'SQLite Mastertabelle'); foreach($array as $key => $var) $array[$key] = "$var"; $val = "Preset-Querys:".implode("",$array).""; } if($status/2%2 or $info[3] != '') { if($leak and $set == 'sqlite') $q = "select * from $sql[m]"; $array = $sql['sq']($conn,"select name from $sql[m] where type = 'table'"); foreach($array as $key => $var) $array[$key] = "$var (".$sql['sq']($conn,"select count(*) from [$var]").")"; $val = "Tabellen:".implode("",$array)." $val"; if(!$q and isset($_POST['query']) and $_POST['query'] != "") $q = $_POST['query']; else if(isset($_FILES['file']) and !$_FILES['file']['error'] and file_exists($_FILES['file']['tmp_name'])) $q = implode('',$gz['file']($_FILES['file']['tmp_name'])); if(!$q and isset($_POST['table']) and $_POST['table'] != '') $q = "select * from [".preg_replace('/\W/','',$_POST['table'])."]"; $out = "$info[8]

SQLite-Query-Tool ($base)

Datenbankabfrage
".strtr($q,$html)."
$val

"; } if($q) if($result = (isset($_POST['exec']) and ($status/2%2 or $info[3] != '')) ? @$sql['e']($conn,$q) : @$sql['q']($conn,$q)) { if((!is_object($result) and $var = $sql['c']($conn)) or is_object($result) and !$sql['nf']($result) or (is_bool($result) or !$sql['nf']($result))) $out .= "

Es wurden ".preg_replace('/^0$/','keine',$var)." Einträge geändert!

"; else { $line = ''; for($a=0;$a<$sql['nf']($result);$a++) $line .= "".strtr($sql['fn']($result,$a),$html).""; $line = array("$line"); while($row = $sql['fa']($result,SQLITE_NUM)) { $var = ''; for($a=0;$aNULL" : (($row[$a] === '') ? " " : preg_replace('/[\r\n]+/','
',trim(strtr($row[$a],$html))))).""; $line[] = "$var"; } if(count($line) > 1) $out .= "

Es befinden sich ".number_format(count($line)-1,0,'','.')." Einträge in der Tabelle!

".implode('',$line)."
"; } } else if(@$sql['le']($conn) != 0) $out .= "

Abfrage fehlgeschlagen: ".@$sql['ers'](@$sql['le']($conn))."

"; $out .= "

SQLite ".$sql['lv']()." ".php_uname()." (PHP ".phpversion()."/".php_sapi_name().") - Charset: ".$sql['lc']()."

"; } # Forum Formular if($request == 'Beitrag' and ($uid or $gast) and $rw) { if(!$id and isset($_POST['id']) and preg_match('/^\d+$/',$_POST['id'],$var)) $id = $var[0]; if($id and ($var = $sql['aq']($conn," select f.id as id, strftime('%s',f.[create]) as 'create', strftime('%d.%m.%Y %H:%M:%S',f.[create]) as crdatum, strftime('%s',f.change) as change, strftime('%d.%m.%Y %H:%M:%S',f.change) as chdatum, f.changes as changes, f.title as title, f.message as message, f.status, ifnull(f.status%2,'-1') as right, u.status, u.username as username, f.userid as userid, f.mailid as mailid from [forum] as f left join user as u on f.userid = u.id and f.status".(($status%4 == 0) ? "%2 = 0" : " is not null")." and u.status is not null where f.id = $id and (f.mailid is null or f.mailid = nullif('$uid','')) limit 1"))) { $var = reset($var); $creolevar = array_merge($creolevar,array('type' => 'forum', 'id' => $var['id'], 'name' => $var['id'], 'title' => $var['title'], 'create' => $var['create'], 'right' => $var['right'], 'from' => $var['username'])); if(!isset($_POST['message'])) $out .= "

($var[id]) " .((is_null($var['title'])) ? "Ohne Titel" : "".preg_replace(array_keys($smile),array_values($smile),strtr($var['title'],array_slice($html,1)))."") ." (Erstellt: $var[crdatum]".(($var['create'] != $var['change']) ? " / Geändert: $var[chdatum]" : '') .(($var['userid'] != $var['mailid']) ? " von ".((is_null($var['username'])) ? "Unbekannt" : "$var[username]") : '') .")

".@preg_replace(array_keys($creole),array_values($creole),strtr($var['message'],array_slice($html,1)))."

"; } else $var = array('id' => ''); $val = preg_replace($phtml[0],$phtml[1],((isset($_POST['title'])) ? $_POST['title'] : ((isset($var['title'])) ? $var['title'] : ""))); $line = preg_replace($phtml[0],$phtml[1],((isset($_POST['message'])) ? $_POST['message'] : ((count($var) > 1 and $var['mailid'] === $var['userid']) ? $var['message'] : ''))); if(isset($_REQUEST['mail'])) $wrt = $_REQUEST['mail']; elseif(isset($var['mailid'])) $wrt = $var['mailid']; else $wrt = false; if(isset($_POST['message'])) $out .= "

Vorschau: " .((isset($_POST['title']) and $_POST['title'] == '') ? "Ohne Titel" : "".preg_replace(array_keys($smile),array_values($smile),$val)."") ." (".$sql['sq']($conn,"select tagline from user where id = $uid") .")

".@preg_replace(array_keys($creole),array_values($creole),strtr($_POST['message'],$html))."

"; $usr = $sql['aq']($conn," select u.id as id, u.username as username from [user] as u left join [user] as s on u.id = s.id and s.id ".(($uid) ? "= $uid" : "is null")." where u.status is not null order by s.id desc,u.username"); foreach($usr as $k => $v) $usr[$k] = "".(($uid == $v['id']) ? "Blog von" : "Mail an").": $v[username]"; $k = (isset($_REQUEST['mail']) and preg_match('/\d+/',$_REQUEST['mail'],$v) and $k = $sql['aq']($conn,"select username,tagline from [user] where id=$v[0]")) ? array($k[0]['username'],(($leak or is_null($k[0]['tagline'])) ? $k[0]['tagline'] : strtr($k[0]['tagline'],array_slice($html,1)))) : false; $out .= "

Neuen Beitrag ".(($k) ? "an $k[0] " : "")."verfassen" .(($k and !is_null($k[1])) ? " ($k[1])" : "")." (edit)

Titel:

Nachricht:
$line
Beitrag ins Forum".implode("",$usr)."" .(($status%2) ? " Für alle SichtbarNur für Benutzer" : "") ."

"; } # Benutzerprofil anzeigen if(preg_match('/(Profil|Bearbeiten)/',$request)) { $var = ($mid) ? $mid : (($id) ? $id : $uid); if((!$lone or $user or $uid) and $var) { if($usr = $sql['aq']($conn," select (select count(*) from [forum] where userid = $var and mailid is null and status".(($status%4 == 0) ? "%2 = 0" : " is not null").") ||','|| (select count(*) from [forum] where userid = $var and mailid is not null and status is not null) ||','|| (select count(*) from [forum] where userid = $var and mailid is not null and status is not null and status/2%2 = 0) ||','|| (select count(*) from [forum] where mailid = $var and userid != $var and status is not null) ||','|| (select count(*) from [forum] where mailid = $var and userid != $var and status is not null and status/2%2 = 0) ||','|| (select count(*) from [forum] where mailid = userid and userid = $var and status".(($status%4 == 0) ? "%2 = 0" : " is not null").") ||','|| (select count(*) from [file] where user=$var and status ".(($status%4 == 0) ? '' : '<')."= 1) ||','|| (select sum(abs(size)) from [file] where user=$var and status is not null) as count, * from [user] as u where ".(($status/2%2) ? "" : "status is not null and ")."id=".((isset($_GET['id']) and $_GET['id']) ? (($leak) ? $_GET['id'] : preg_replace('/\D/','',$_GET['id'])) : (($var) ? $var: $uid)))) { $usr = reset($usr); if(isset($usr['id'])) @$creolevar = array_merge($creolevar,array('type' => 'profil', 'id' => $usr['id'], 'name' => $usr['username'], 'from' => $usr['username'], 'title' => $usr['tagline'], 'create' => strtotime($usr['create']), 'change' => strtotime($usr['change']), 'right' => ((is_null($usr['status'])) ? -1 : ($usr['status']/2%2)))); $v = ""; $k = substr($v,0,-1)." nowrap>"; if(isset($usr['passhelp']) and preg_match('/^(\d+)-(?:(.+):)?(.+)$/',$usr['passhelp'],$val) and isset($pass[$val[1]])) $usr['passhelp'] = array((($val[2] != '') ? $val[2] : $pass[$val[1]]),$val[3]); if(substr_count($usr[0],",") < 6) $usr[0] .= ",0,0,0,0,0,0,0"; $val = explode(',',$usr[0]); // count,mailout,newout,mailin,newin,blog,upload,bytes if(($uid == $var or $status/2%2) and isset($usr['id']) and $usr['id']) { $out .= "

".@preg_replace(array_keys($creole),array_values($creole),"--" .preg_replace(array('/^.*\[ |~/s','/ \].*$/s'),array('',' | '),$info[4])."[[^" .((isset($_GET['id'])) ? "Daten".(($status/2%2 and $uid != $usr['id']) ? "?id=$var" : '')."|Daten bearbeiten" : "Profil?id=$var|Meine Daten anzeigen") ."]] | [[^Bearbeiten".(($status/2%2 and $uid != $usr['id']) ? "?id=$var" : '').((count($_POST) == 0)? "#edit" : "")."|Profil bearbeiten]]--")."

"; if(isset($_GET['id'])) { if($status/2%2 and $uid != $var) { $head['atom'] = ""; $uedit = "Daten?id=$var"; } else $uedit = "Daten"; $out .= "

".(($uid == $var) ? "Ihre gespeicherten Daten" : "Die gespeicherten Daten von $usr[username]")."

$kBenutzer-ID:$k".number_format($usr['id'],0,'','.')." $kBenutzername:$v$usr[username]$kLogins:$k".number_format($usr['logins'],0,'','.')." $kKennwort:$v".(($usr['password'] == '') ? "Nicht angegeben!" : "")."$kZugriffe:$k".number_format($usr['requests'],0,'','.')." $kVorname:$v$usr[forename]$kÄnderungen:$k".number_format($usr['changes'],0,'','.')." $kNachname:$v$usr[lastname]$kForumbeiträge:$k".number_format(intval($val[0]),0,'','.')." $keMail:$v$usr[mail]$kBlog:$k".number_format($val[5],0,'','.')." $kHomepage:$v".(($usr['page'] == '') ? "Nicht angegeben!" : "$usr[page]")."$kMailverkehr:$k".(($val[4]) ? "".number_format($val[4],0,'','.')." / " : "")."".number_format($val[3],0,'','.')." | ".(($val[2]) ? "".number_format($val[2],0,'','.')." / " : "")."".number_format($val[1],0,'','.')." $kWohnort:$v".(($usr['town'] == '') ? "Nicht angegeben!" : $usr['town'])."$kChat-Texte:$k".$sql['sq']($conn,"select count(*) from [chat] where id = $var")." $kChat-Status:$v".(($usr['chat'] and substr($usr['chat'],0,1) != '-') ? "Im Chat mit: ".((is_array($wrt = $sql['sq']($conn," select ifnull(username,'Unbekannt') from [user] where id != $uid and id != chat and chat = ".strval($usr['chat'])." order by username"))) ? implode(', ',$wrt) : $wrt) : (($status/4%2) ? "Frei" : "Aus")).(($status/8%2) ? " $lock" : '')."$kDateien:$k$val[6] $kSicherheitsfrage:$v".((is_array($usr['passhelp'])) ? $usr['passhelp'][0] : "Nicht angegeben!")."$kDatei-Freiraum:$k".number_format($maxfile-$val[7],0,'','.')." Bytes $kGeheim-Antwort:$v".((is_array($usr['passhelp'])) ? "" : "Nicht angegeben!")."$kStatus:{$v}Log ".(($usr['status']%2) ? 'in' : 'off')." $kGeburtstag:$v".(($usr['born']) ? date('d.m.Y',strtotime($usr['born']))." (".floor((time()-strtotime($usr['born']))/365.2425/24/60/60).")" : "Nicht angegeben!")."$kRechte:$k".(($usr['status']/2%2) ? 'Admin' : ((is_null($usr['status'])) ? 'Keine' : 'Benutzer'))." $kBildschirm:$v".(($usr['info'] == '') ? "Nicht angegeben!" : preg_replace('/(\d+),(\d+),(\d+)/','$1 * $2 / $3',$usr['info']))."$kErstanmeldung:$k".date('d.m.Y H:i:s',strtotime($usr['create']))." $kIP-Adresse:$v$usr[ip]$kLetzter Besuch:$k".((isset($_SESSION['lua']) and $uid == $usr['id']) ? date('d.m.Y H:i:s',strtotime($_SESSION['lua'])) : "Unbekannt")." $kSessionID:$v$usr[session]$kLetzte Aktion:$k".date('d.m.Y H:i:s',strtotime($usr['change']))." $kBrowser:$v$usr[useragent]

"; } } if(isset($usr['id']) and $usr['id']) { $v = array("Erstanmeldung: ".date('d.m.Y',strtotime($usr['create']))); if($val[0]) $v[] = "Beiträge: ".number_format($val[0],0,'','.').""; if(isset($val[5]) and $val[5]) $v[] = "Blogs: ".number_format($val[5],0,'','.').""; if(isset($val[6]) and $val[6]) $v[] = "Uploads: ".number_format($val[6],0,'','.').""; if($uid or $gast) $v[] = "Mail an $usr[username]"; if($usr['page']) $v[] = "Homepage: ".preg_replace('!^https?://!','',$usr['page']).""; if(!$uedit and ($uid == $usr['id'] or $status%2)) $uedit = "Bearbeiten".(($uid != $usr['id']) ? "?id=$usr[id]" : "")."#edit"; } $out .= "

Profil von ".(($uid and isset($usr['id']) and $usr['id'] and $var != $uid) ? "$usr[username]" : $usr['username'])."".((!isset($usr['tagline']) or !$usr['tagline']) ? "" : " (".@preg_replace(array_keys($creole),array_values($creole), (($leak and isset($_GET['source']) or !$leak) ? strtr($usr['tagline'],$html) : $usr['tagline'])).")").(($request == 'Bearbeiten') ? " (edit)" : '') ."

" .(($leak and isset($usr['id']) and $usr['id'] and ($status/2%2 or isset($_COOKIE['debug']) and $_COOKIE['debug']) and preg_match("!<(script)[^>]*>.*!i",$usr['profil'])) ? "" : '') .((count($v) > 1) ? "

".implode(' / ',$v)."

---

" : "")."

" .(($leak and isset($_GET['source'])) ? "

".strtr($usr['profil'],$html)."

" : @preg_replace(array_keys($creole),array_values($creole), strtr(((isset($_POST['profil']) and isset($_POST['test'])) ? $_POST['profil'] : ((is_null($usr['profil'])) ? 'Noch kein Profil hinterlegt!' : $usr['profil'])),(($leak) ? array() : array_slice($html,1)))))."

"; // XSS } else { $out .= "

Benutzer nicht gefunden!

"; $request = 'Mitglieder'; } } else $request = 'Mitglieder'; } # Benutzerprofil Formular if($request == 'Bearbeiten' and $uid and $rw) $out .= "

" .(($status/2%2 and $uid != $usr['id']) ? "" : '') ."

Tagline Bearbeiten

Profil Bearbeiten (edit)

".preg_replace($phtml[0],$phtml[1],((isset($_POST['profil'])) ? $_POST['profil'] : $usr['profil']))."
" .(($status/2%2 or isset($_COOKIE['debug']) and $_COOKIE['debug']) ? " " : "") ."

"; # Mitglieder if($request == 'Mitglieder' and (!$lone or $user or $uid)) { $data = (($id and $status/2%2) ? "" : "\n\twhere u.status is not null"); $num = $sql['sq']($conn,"select count(*) from [user] as u$data"); if($page[0] == '') $page = array(1,"page=1"); preg_replace($paging[5],$paging[6],"$num,$max,#key#"); if($rows = $sql['aq']($conn," select u.username as username, u.[create], u.change, f.count as count, m.bcount as blogs, m.count as mails, d.count as files, u.status/4%2||','||ifnull(u.chat,'-'), u.status/2%2, u.status%2, u.page as page, u.forename as fore, u.lastname as last, u.ip as ip, u.id as id, u.chat as chat, u.mail as mail, u.status as status, u.useragent as agent, u.tagline as tagline, p.id as profil, s.id as script, strftime('%d.%m.%Y %H:%M',u.[create]) as angemeldet, strftime('%d.%m.%Y %H:%M',u.change) as aktion, f.userid as userid, m.mid as mailid, m.rcount as rcount, d.pcount as pcount, t.tcount as tcount, c.username as chatuser from [user] as u left join ( select userid, count(*) as count from [forum] where status".(($status%4 == 0) ? "%2 = 0" : " is not null")." and mailid is null group by userid) as f on f.userid = u.id left join ( select u.id as mid, count(f.id)-count(b.id) as count, count(b.id) as bcount, count(m.id)-count(r.id) as rcount from [user] as u left join [forum] as f on f.userid = u.id or f.mailid = u.id left join [forum] as r on r.id = f.id and r.mailid = u.id and r.status/2%2 = 1 left join [forum] as m on m.id = f.id and m.mailid = u.id left join [forum] as b on b.id = f.id and b.mailid = u.id and b.mailid = b.userid and b.status".(($status%4 == 0) ? "%2 = 0" : " is not null")." where f.status is not null and f.mailid is not null group by u.id) as m on m.mid = u.id left join ( select a.user, count(*) as count, count(p.id) as pcount from [file] as a left join [file] as p on p.id = a.id and p.status/2%2 = 0 where a.status is not null group by a.user) as d on d.user = u.id left join ( select userid, count(*) as tcount from [forum] as t where path is null and mailid is null and t.status is not null group by userid) as t on t.userid = u.id left join [user] as p on p.id = u.id and p.profil is not null left join [user] as s on s.id = p.id and s.profil like '%%%' left join [user] as c on c.id = u.chat" .$data.preg_replace($sorth[2],$sorth[3],"u.username;13;u.username")." limit $val,$max")) { $row = array(); foreach($rows as $var) $row[] = "" .(((is_null($var['profil']) or $var['profil'] == '') and !$status/2%2) ? "$var[username]" : "".((is_null($var['profil']) or $var['profil'] == '' or !$status/2%2) ? $var['username'] : "$var[username]")."")."$var[angemeldet]$var[aktion]" .((intval($var['count'])) ? (($var['tcount']) ? "$var[tcount]/" : "")."$var[count]" : "-")."".(($var['blogs']) ? "$var[blogs]" : '-')."" .(($status/2%2) ? ((intval($var['mails'])) ? "" .(($var['rcount'] > 0) ? "$var[rcount]/" : "")."$var[mails]" : "-")."" .((intval($var['files'])) ? ((intval($var['pcount'])) ? "$var[pcount]/" : '')."$var[files]" : "-")."" : '').(($status%2) ? (($var['status']/4%2 and is_null($var['chat'])) ? "Frei" : (($var['chat']) ? (($status/2%2) ? "Chat" : "Chat") : "-")) .(($var['status']/8%2 and ($var['chat'] or $var['status']/4%2)) ? " $lock" : '')."" : "") .(($var['status']/2%2) ? 'Admin' : ((is_null($var['status'])) ? '-' : 'Benutzer')) ."".(($var['status']%2) ? (($status/2%2) ? "Log in" : "Log in") : "Log off") ."]*>.*!i",$var['tagline'])) ? " bgcolor='#ffe0e0'" : "").">".(($uid or $gast) ? "Mail " : (($var['page']) ? "" : "-")).(($var['page'] == '') ? "" : "www ") .(($status/2%2) ? "$var[fore] $var[last]$var[ip]" : '') .""; $out .= "

Mitglieder

".preg_replace($sorth[0],$sorth[1],"Benutzername=1\tErstanmeldung=2\tLetzte Aktion=3\tBeiträge=4\tBlogs=5\t(Mails=6)\t(Dateien=7)\t{Chat=8}\tRechte=9\tStatus=10\tKontakt=11\t(Vor-=12 / Nachname=13\tIP-Adresse=14)")."".implode("",$row)."

$code

"; } } # Anmelde Formular if(preg_match('/^(Dat|Anmeld)en$/',$request) and ($uid or $user) and $rw) { if($uid) { $array = reset(($sql['aq']($conn,"select * from [user] where id=".(($status/2%2 and isset($_REQUEST['id']) and preg_match('/\d+/',$_REQUEST['id'],$var)) ? $var[0] : $uid),SQLITE_ASSOC))); if($status/2%2) $array['userpass'] = $array['password']; elseif($array['password'] == '') $post['userpass'] = ''; unset($array['password']); if(preg_match('/^(\d+)-(?:(.+):)?(.+)$/',$array['passhelp'],$var)) { if(!$post['question'] = $var[1]) $post['myquestion'] = $var[2]; $post['answer'] = $var[3]; } foreach($array as $key => $var) if(!isset($post[$key]) or strtolower($post[$key]) == strtolower($var)) $post[$key] = $var; } $out .= '

Persönliche Daten Bitte geben Sie Ihre Daten ein'.((!$uid) ? ', um einen Benutzeraccount zu erstellen' : '').': (Alle Felder mit einen * sind Pflichfelder!) '.(($status/2%2) ? '' : '').' '.preg_replace($formcheck[0],$formcheck[1],(($uid and $status/2%2 == 0) ? '' : '{username|*Benutzername:|20|64} ') .(($uid and $status/2%2 == 0) ? '{userpass|*Altes Kennwort:|*20|64} ' : '').'{password,probate|*Kennwort:|*20|64} {probate,password|*Kennwort wiederholen:|*20|64} {forename|*Vorname:|20|64} {lastname|*Nachname:|20|64} {mail|*eMail:|20|255} Geburtstag: (TT.MM.JJJJ) {town|Wohnort:|20|64} {page|Homepage:|20|255} Persönliche Frage: (Benötigt für Kennwort Vergessen) '.implode("\n",preg_replace('/.+/e','"$0"',$pass)) .(($leak) ? ((isset($post['myquestion']) and $post['myquestion'] != '') ? "$post[myquestion]" : "")."" : "Eigene Frage stellen...") .(($leak) ? "" : "").' {answer|Persönliche Antwort:|20|96} '.(($uid or $status/2%2) ? '' : "")).'

'; if($request == "Anmelden" and $register) $out .= "

".@preg_replace(array_keys($creole),array_values($creole),strtr($sql['sq']($conn," select content from cms where name like '$register' limit 1"),array_slice($html,1)))."

"; } # Kennwort Vergessen Formular if($request == 'Kennwort' and !$uid and $rw) $out .= '

Kennwort Vergessen Bitte geben Sie Ihre Daten ein, um ihr Kennwort zu löschen! (Alle Felder mit einen * sind Pflichfelder!) {username|*Benutzername:|20|64|onblur=getask()'.(($leak) ? '|style=width:100%}' : '} {mail|*eMail:|20|64|onblur=getask()}') .' {forename|*Vorname:|20|64} {lastname|*Nachname:|20|64} '.((isset($post) and (!isset($post['question']) or !$post['question'] and !isset($post['myquestion']))) ? '*Persönliche Frage:' : '*Persönliche Frage:').' '.implode("\n",preg_replace('/.+/e','"".(($x == 0 and isset($post["myquestion"]) and $post["myquestion"]) ? "$post[myquestion]" : "$0").""',$pass)).' {answer|*Persönliche Antwort:|20|255|style=width:100%} {password,probate|*Neues Kennwort:|*20|64} {probate,password|*Kennwort wiederholen:|*20|64}

'; # Suchformular if($request == 'Suche') { $usr = $sql['aq']($conn," select u.id as id, username as username, count(a.id) as acount, count(b.id) as bcount, ifnull(dcount,0) as dcount, count(f.id) as fcount, count(m.id) as mcount, max( ifnull(max(a.[create]),0), ifnull(max(d.ctime),0)) as time from ( select 0 as id, 'Unbekannt' as username union select id,username from [user] as u where status is not null) as u left join ( select user,count(*) as dcount,[create] as ctime from file where status ".(($status%4 == 0) ? '' : '<')."= 1 group by user) as d on u.id = d.user left join forum as a on u.id = a.userid and a.status".(($status%4 == 0) ? "%2 = 0" : " is not null")." left join forum as b on a.id = b.id and b.mailid = b.userid left join forum as f on a.id = f.id and f.mailid is null left join forum as m on a.id = m.id and m.mailid is not null and m.mailid != m.userid ".(($status/2%2) ? '' : str_replace('x',(($uid) ? $uid : 0),"and (m.mailid = x or m.userid = x)"))." group by u.id having acount > 0 or dcount > 0 order by username"); $wrt = array('b' => 0, 'd' => 0, 'f' => 0, 'm' => 0); $array = array(); $val = 0; foreach($usr as $key => $var) { $usr[$key] = "$var[username]"; $array[$var['id']] = $var['id']; if($val < $a = strtotime($var['time'])) $val = $a; foreach(array_keys($wrt) as $a) { $array[$var['id']] .= ','.$var[$a.'count']; if($var[$a.'count']) $wrt[$a] += $var[$a.'count']; } } $rows = array(); if($wrt['b']) $rows[] = "Blog ($wrt[b])"; if($var = $sql['sq']($conn,"select count(*) from [cms] where status/8%2".(($status/2%2) ? "" : " and status/2%4 <= ".($status/2%2 + $status%2*2)))) $rows[] = "CMS ($var)"; if($wrt['d']) $rows[] = "Datei ($wrt[d])"; if($wrt['f']) $rows[] = "Forum ($wrt[f])"; if($wrt['m']) $rows[] = "Mail ($wrt[m])"; $line = array(); foreach(array(1,2,3,5,10,20,25,50,75,100) as $var) $line[] = "$var"; $out .= "

Suche " .((count($rows)) ? "" : "") .((count($usr) > 1) ? "" : "") ."'; else unset($val[$key]); $row = array(); foreach($_SERVER as $key => $var) if(preg_match('/^(HTTP|RE(MOTE|QUEST|DIRECT))_|_(INFO|UR[IL])$/',$key) or $leak === 1) $row[$key] = $var; ksort($row); $out .= "Debug-Tabelle: Suchbegriff:" .((isset($_SESSION['lua']) and strtotime($_SESSION['lua']) < $val) ? " Neuheiten" : "") .(($status/2%2) ? " Gelöschtes Suchen" : "") ." Ort ".implode("",$rows)." Benutzer Alle Benutzer".implode("",$usr)." Max  ".implode('',$line)." ".@preg_replace(array_keys($creole),array_values($creole),"**++Suchhilfe:++** |100% |=Suchbegriff |=findet |=findet nicht |=Beschreibung | |@@<\n") .(($head) ? implode("\n",$head)."\n" : '')."".(($logo) ? "" : "")." $title Startseite" .(($sql and $content and $status/2%2) ? " / CMS" : "") .((preg_match('/^([\w.-]+)\s?$/',$request,$var)) ? " / $var[1]" : "") .(($sql and $request == 'CMS' and isset($_GET['id']) and $id and count($_POST)) ? " (edit)" : "") .(($sql and $content and ($status/2%2 or $status%4 == 1 and $sql['sq']($conn,"select status/2%4 from [cms] where name like '".trim($request)."'") >= 2 )) ? " (edit)" : (($path and $mid and preg_match("!^/$request/([\w.-]+)$!",$path,$var)) ? " / $var[1]" : '')) ." ".implode(' | ',array_unique(preg_replace('/(\w+).*/',"$1", (($sql and ($local or $inet or $uid)) ? array_merge((array)$sql['sq']($conn,"select name from [cms] where name like '_%' and status%2 = 1 and status/2%4 <= ".($status/2%2 + $status%2*2)." order by name"), ((is_array($content)) ? array_keys($content) : array()), (($uid and $status/2%2 and !$sql['sq']($conn,'select count(*) from forum where status is not null and mailid is not null')) ? array('CMS') : array()), (($imps or $uid and $status/2%2) ? array('Impressum') : array()), (($user and !$lone) ? array('Mitglieder') : array()), (($var = $sql['aq']($conn," select count(*),count(b.id) from forum as a left join forum as b on a.id = b.id and ".(($uid) ? "b.userid = $uid" : "b.id is null")." where a.mailid = a.userid and a.status is not null".(($uid) ? "" : " and a.status%2 = 0")) and $var[0][0]) ? array("Blog".(($var[0][1]) ? "/$line[username]" : "")) : array()), array("Suche?$getopt")) : array('Impressum'))))).((isset($_SESSION['uid']) and $uid) ? (($request == 'Chat' or $status%2 and $sql['sq']($conn," select count(*) from user where status%2 = 1 and id != $uid")) ? " | Chat" : '')." | Datei".(($sql['sq']($conn," select count(*) from forum where mailid != userid and (userid = $uid or mailid = $uid)")) ? " | Mail".preg_replace('!(\d+)(?=/)!',"\$1",(($var = $sql['sq']($conn," select ifnull(nullif(count(*)-count(r.id),0)||'/','')||count(*) from [forum] as f left join [forum] as r on r.id = f.id and r.status/2%2 = 1 where f.status is not null and f.mailid = $uid and f.mailid != f.userid")) ? " ($var)" : "")) : '')." | Profil von $val | Abmelden" : '')." ".preg_replace('/(?)$/'," ",strtr($out,$uml)) ." © $date by $author "; # Datenbank schließen if($sql and $conn) $sql['cl']($conn); # Debug Ausgabe if(($leak or $status/2%2 or $leak === 1) and (!$sql and isset($debug) or $request == 'Debug' or isset($_COOKIE['debug']) and $_COOKIE['debug'])) { if(isset($_COOKIE['debug']) and $_COOKIE['debug']) { if($request == 'Debug') setcookie('debug',0,time()-$ctl,$self); } elseif($sql) setcookie('debug',1,0,$self); $out .= ""); if($var = ($leak === 1 and isset($_GET['GLOBALS'])) or isset($debug) or isset($sql['log']) or function_exists('error_get_last') and $val = error_get_last()) $out .= "Debuginfos: | " .(($val and is_array($val) and isset($val['message'])) ? "PHP-Fehler: $val[message] in $val[file] on line $val[line] " : '') .(($var or isset($debug) and $debug) ? " ".preg_replace('/^\w+\s+\(|\)$/','',strtr(print_r((($var) ? $GLOBALS : $debug),true),$html))." " : "") .((isset($sql['log'])) ? $sql['log'] : "")." "; if(isset($_SESSION)) // Keine Fremden Sessiondaten anzeigen foreach($_SESSION as $key => $var) if(preg_match($dpsk,$key) or $leak === 1) $__SESSION[$key] = $var; $html = array_merge($html,array("\n" => " ", " " => " ")); $val = array('GET','POST','FILES','COOKIE','_SESSION'); foreach($val as $key => $var) if(isset(${"_$var"}) and count(${"_$var"}) > 0) $val[$key] = str_replace('_',''," $var ").strtr(print_r(${"_$var"},true),$html).' ".((count($val) > 0) ? implode('',$val)." " : ' ') ."HTTP Header ".strtr(print_r($row,true),$html)." "; } # End of Line @header('Content-Type: text/html; charset=UTF-8'); die("$out"); ?>