|
|
|
|
- Readme First! - Read and follow the rules, otherwise your posts will be closed |
|
|
|
|
|
There are currently, 538 guest(s) and 0 member(s) that are online.
You are Anonymous user. You can register for free by clicking here |
|
|
|
|
|
| The comments are owned by the poster. We aren't responsible for their content. |
| | | | |
No Comments Allowed for Anonymous, please register | | | | |
Re: Beta Fortress(TM) 1.20 Released (Score: 1) by nuke-lux on Sunday, May 23 @ 15:12:14 CEST (User Info | Send a Message) http://www.nukecommunity.com | Here it is:
/************************************************************************/
/* PHP-NUKE: Advanced Content Management System */
/* ============================================ */
/* */
/* Copyright (c) 2002 by Francisco Burzi */
/* http://phpnuke.org */
/* */
/* This program is free software. You can redistribute it and/or modify */
/* it under the terms of the GNU General Public License as published by */
/* the Free Software Foundation; either version 2 of the License. */
/************************************************************************/
/* Additional security checking code 2003 by chatserv */
/* http://www.nukefixes.com -- http://www.nukeresources.com */
/************************************************************************/
//Nav Tap
include("includes/navtap.php");
//Union Tap
//Copyright Zhen-Xjell 2004 http://nukecops.com
//Beta 3 Code to prevent UNION SQL Injections
unset($matches);
unset($loc);
if (preg_match("/([OdWo5NIbpuU4V2iJT0n]{5}) /", rawurldecode($loc=$_SERVER["QUERY_STRING"]), $matches)) {
die("YOU ARE SLAPPED BY NUKECOPS [nukecops.com] BY USING '$matches[1]' INSIDE '$loc'.");
}
$queryString = strtolower($_SERVER['QUERY_STRING']);
if (strstr($queryString,'%20union%20') OR strstr($queryString,'/*')) {
header("Location: index.php");
die();
}
$phpver = phpversion();
if ($phpver >= '4.0.4pl1' && strstr($HTTP_USER_AGENT,'compatible')) {
if (extension_loaded('zlib')) {
ob_end_clean();
ob_start('ob_gzhandler');
}
} else if ($phpver > '4.0') {
if (strstr($HTTP_SERVER_VARS['HTTP_ACCEPT_ENCODING'], 'gzip')) {
if (extension_loaded('zlib')) {
$do_gzip_compress = TRUE;
ob_start();
ob_implicit_flush(0);
//header('Content-Encoding: gzip');
}
}
}
$phpver = explode(".", $phpver);
$phpver = "$phpver[0]$phpver[1]";
if ($phpver >= 41) {
$PHP_SELF = $_SERVER['PHP_SELF'];
}
if (!ini_get("register_globals")) {
import_request_variables('GPC');
}
// Union Tap Code Final // Add this line
// Copyright 2004 // Add this line
// Paul Laudanski // Add this line
// http://computercops.biz // Add this line
// http://fortress.cc // Add this line
define('ZERO', true); // Add this line
include('fortress.php'); // Add this line
Bards($addr); // Add this line
foreach ($_GET as $secvalue) {
if ((eregi("]*script*"?[^>]*>", $secvalue)) ||
(eregi("]*object*"?[^>]*>", $secvalue)) ||
(eregi("]*iframe*"?[^>]*>", $secvalue)) ||
(eregi("]*applet*"?[^>]*>", $secvalue)) ||
(eregi("]*meta*"?[^>]*>", $secvalue)) ||
(eregi("]*style*"?[^>]*>", $secvalue)) ||
(eregi("]*form*"?[^>]*>", $secvalue)) ||
(eregi("([^>]*"?[^)]*)", $secvalue)) ||
(eregi(""", $secvalue))) {
# die ("
The html tags you attempted to use are not allowed
[ Go Back ]");
$method = "BAD-TAGS"; // Add this line
$matches[1] = "BAD-TAGS"; // Add this line
AlertMail($method); // Add this line
AlertLog($method); // Add this line
}
}
foreach ($_POST as $secvalue) {
if ((eregi("]script*"?[^>]*>", $secvalue)) || (eregi("]style*"?[^>]*>", $secvalue))) {
die ("
Th
Read the rest of this comment... |
| Parent | | | | | |
|