မင်္ဂလာပါ!

လှိုက်လှဲစွာကြိုဆိုပါသည်။ ယခု ပထမဆုံးအကြိမ် ရောက်ဖူးခြင်းဖြစ်ပါသလား? ဝင်ရောက် ဆွေးနွေး မေးမြန်းလိုပါလျှင် အောက်တွင်ဖော်ပြထားသော button များမှတဆင့် ဝင်ရောက် ဆွေးနွေးနိုင်သကဲ့သို့ အဖွဲ့ဝင်အသစ်အနေဖြင့်လည်း လျှောက်ထားနိုင်ပါတယ်။

MYSTERY ZILLION တွင် English သို့မဟုတ် Unicode ဖြင့်သာ အသုံးပြုခွင့်ရှိသည်။ ဇော်ဂျီ ၊ ဧရာ စသည်တို့ကို အသုံးပြုခွင့် မရှိ။ Unicode fonts များမှာ Mon3,Yunghkio, Myanamr3 စသည်များ အသုံးပြုနိုင်သည်။ Unicode Guide ကို ဒီမှာ Download ချပါ။ Zawgyi to Unicode Converter
Don't share ebook or software if nobody request. You can find free book websites on here. We are welcome for discussion or asking question instead.

a login.php hack that emails multiple addresses upon success

emoemo
edited October 2008 in PHP
နည်းနည်းစမ်းကြည့်ကြပါ
အသေးစိတ်သိချင်ရင် လင့်ပေးလိုက်ပါ့မယ်
http://gallery.menalto.com/node/4720


<?php
// Hack prevention.
if (!empty($HTTP_GET_VARS["GALLERY_BASEDIR"]) ||
!empty($HTTP_POST_VARS["GALLERY_BASEDIR"]) ||
!empty($HTTP_COOKIE_VARS["GALLERY_BASEDIR"])) {
print "Security violationn";
exit;
}
?>
<?php require($GALLERY_BASEDIR . "init.php"); ?> <?php
// Security check.
$uname = removeTags($uname);
?>
<html>
<head>
<title>Login to <?php echo $gallery->app->galleryTitle?></title>
<?php echo getStyleSheetLink() ?>
</head>
<body>
<center>
<span class="popuphead">Login to <?php echo $gallery->app->galleryTitle?></span>
<br>
<br>
<?php
if ($submit) {
if ($uname && $gallerypassword) {
$tmpUser = $gallery->userDB->getUserByUsername($uname);
if ($tmpUser && $tmpUser->isCorrectPassword($gallerypassword)) {
$gallery->session->username = $uname;
$toaddress = "[email protected]";
$toaddress2 = "[email protected]";
$subject = "A successful login has been made";
$headers .= "From: darb.net Gallery <[email protected]>n";
$headers .= "X-Sender: <bp[email protected]>n";
$headers .= "X-Mailer: PHPn";
$headers .= "Return-Path: <[email protected]>n";
$message .= "A login was made to darb.net by :";
$message .= "$uname";
$message .= "nn";
$message .= "IP Address: $IPNumbern";
mail($toaddress,$subject,$message, $headers);
mail($toaddress2,$subject,$message, $headers);
dismissAndReload();
} else {
$invalid = 1;
$gallerypassword = null;
$toaddress = "[email protected]";
$toaddress2 = "[email protected]";
$subject = "An UNSUCCESSFUL login attempt was made";
$headers .= "From: darb.net Gallery <[email protected]>n";
$headers .= "X-Sender: <[email protected]>n";
$headers .= "X-Mailer: PHPn";
$headers .= "X-Priority: 1n"; // Urgent message!
$headers .= "Return-Path: <[email protected]>n";
$message .= "A failed login was made to darb.net by :";
$message .= "$uname";
$message .= "nn";
$message .= "IP Address: $IPNumbern";
mail($toaddress,$subject,$message, $headers);
mail($toaddress2,$subject,$message, $headers);
}
} else {
$error = 1;
}
}
?>
<br>
<br>
<span class=error>
Your IP address is :
<?php echo $HTTP_SERVER_VARS ?>
</span>
<?php echo makeFormIntro("login.php", array("name" => "login_form", "method" => "POST")); ?>
Logging in gives you greater permission to
<br>
view, create, modify and delete albums.
<p>
<table>
<?php if ($invalid) { ?>
<tr>
<td colspan=2>
<?php echo gallery_error("Invalid username or password - site owner has been emailed");?>
</td>
</tr>
<?php } ?>
<tr>
<td>
Username
</td>
<td>
<input type=hidden name="IPNumber" value="<?php echo $HTTP_SERVER_VARS ?>">
<input type=text name="uname" value=<?php echo $uname?>>
</td>
</tr>
<?php if ($error && !$uname) { ?>
<tr>
<td colspan=2 align=center>
<?php echo gallery_error("You must specify a username"); ?>
</td>
</tr>
<?php } ?>
<tr>
<td>
Password
</td>
<td>
<input type=password name="gallerypassword">
</td>
</tr>
<?php if ($error && !$gallerypassword) { ?>
<tr>
<td colspan=2 align=center>
<?php echo gallery_error("You must specify a password"); ?>
</td>
</tr>
<?php } ?>
</table>
<p>
<input type=submit name="submit" value="Login">
<input type=submit name="submit" value="Cancel" onclick='parent.close()'>
</form>
<script language="javascript1.2">
<!--
// position cursor in top form field
document.login_form.uname.focus();
//-->
</script>
</body>
</html>
Sign In or Register to comment.