SMOKEY_TEK Posted December 31, 2009 Share Posted December 31, 2009 I made this viewuser.php but I get a stupid error and I can not figure out why or where it would be making it not work... If someone could please look over my coding, and fix the file to where the error is gone, I would most appreciate it so much. Sorry how the code looks, I couldn't get the code to look like I just copies and pasted it... Don't know why it goes to the right... This is the ERROR I get when I try to view a user's profile: Parse error: syntax error, unexpected $end in viewuser.php on line 265 $_GET['u'] = abs((int) $_GET['u']); if(!$_GET['u']){ print "Invalid use of file";}else{ $q=$db->query("SELECT u.*,us.*,c.*,h.*,g.*,f.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid LEFT JOIN cities c ON u.location=c.cityid LEFT JOIN houses h ON u.maxwill=h.hWILL LEFT JOIN gangs g ON g.gangID=u.gang LEFT JOIN fedjail f ON f.fed_userid=u.userid WHERE u.userid={$_GET['u']}"); if($db->num_rows($q) == 0) { print "Sorry, we could not find a user with that ID, check your source."; } else { $r=$db->fetch_row($q); if($r['user_level'] == 1) { $userl="Mobster"; } else if($r['userid'] == 1) { $userl="Owner"; } else if($r['userid'] == 3) { $userl="Owner"; } else if($r['user_level'] == 2) { $userl="Admin"; } else if($r['user_level'] == 0) { $userl="NPC"; } else {$userl="Moderator"; }if($r['fedjail']) { $ustat="Federal Jail"; } else if($r['hospital']) { $ustat="Hospital"; } else if($r['jail']) { $ustat="Jail"; } else {$ustat="-"; } $lon=($r['laston'] > 0) ?date('F j',$r['laston']) : "Never"; $sup=date('j F',$r['signedup']); $ts=$r['strength']+$r['agility']+$r['guard']+$r['labour']+$r['IQ']; $d=""; if($r['laston'] > 0) { $la=time()-$r['laston']; $unit="seconds"; if($la >= 60) { $la=(int) ($la/60); $unit="minutes"; } if($la >= 60) { $la=(int) ($la/60); $unit="hours"; if($la >= 24) { $la=(int) ($la/24); $unit="days"; } } $str="$la $unit ago"; } else { $str="--"; } if($r['last_login'] > 0) { $ll=time()-$r['last_login']; $unit2="seconds"; if($ll >= 60) { $ll=(int) ($ll/60); $unit2="minutes"; } if($ll >= 60) { $ll=(int) ($ll/60); $unit2="hours"; if($ll >= 24) { $ll=(int) ($ll/24); $unit2="days"; } } $str2="$ll $unit2 ago"; } else { $str2="--"; } if($r['user_level'] >1){ $r['username'] = "{$r['username']}";} elseif($r['donatordays']) { $r['username'] = "{$r['username']}";$d=""; } if($r['laston'] >= time()-15*60) { $on="Online"; } else { $on="Offline"; }print " Profile: {$r['username']} [{$r['userid']}] $d "; print " "; if($r['display_pic']){print " ";}else{print " ";} print " {$r['username']} [{$r['userid']}] $d Name: {$r['username']} Type: $userl Level: {$r['level']} Money: \${$r['money']} Age: {$r['daysold']} Days Last Active: $str HP: {$r['hp']}/{$r['maxhp']} Gang: ";if($r['gang']){print "{$r['gangNAME']}";}else{print "None Location: {$r['cityname']} House: {$r['hNAME']} Status: $ustat Online: $on Status Message: {$r['sm']} Race: {$r['race']} Gender: {$r['gender']} Warnings: "; $w=mysql_query("SELECT * FROM warnings WHERE user={$r['userid']}",$c); print " ".mysql_num_rows($w)." "; if($ir['user_level'] > 1) { print "|| Manage"; } print " Actions Message Attack Mug Spy Send Money Send Crystals Add Contact Ignore Profile {$r['profileSIG']} ";$h->endpage();?> Quote Link to comment Share on other sites More sharing options...
Zero-Affect Posted December 31, 2009 Share Posted December 31, 2009 paste me the entire file and i can help mate ;) Quote Link to comment Share on other sites More sharing options...
SMOKEY_TEK Posted December 31, 2009 Author Share Posted December 31, 2009 Here is the file... Just download it from the link below: http://www.2shared.com/file/10367101/7f9667fd/viewuser.html Thanks if you can help! Quote Link to comment Share on other sites More sharing options...
Zero-Affect Posted December 31, 2009 Share Posted December 31, 2009 http://pastebin.com/ ffs... Quote Link to comment Share on other sites More sharing options...
SMOKEY_TEK Posted December 31, 2009 Author Share Posted December 31, 2009 Ok, Finally I got it to where you can get the code, Thanks Crim... My file is on that link http://pastebin.com/mac57033 Sorry for making you mad... Quote Link to comment Share on other sites More sharing options...
Zero-Affect Posted December 31, 2009 Share Posted December 31, 2009 i've been mad for years mate ;) <?php include "globals.php"; $_GET['u'] = abs((int) $_GET['u']); if(!$_GET['u']) { print "Invalid use of file"; } else { $q = $db->query("SELECT u.*,us.*,c.*,h.*,g.*,f.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid LEFT JOIN cities c ON u.location=c.cityid LEFT JOIN houses h ON u.maxwill=h.hWILL LEFT JOIN gangs g ON g.gangID=u.gang LEFT JOIN fedjail f ON f.fed_userid=u.userid WHERE u.userid={$_GET['u']}"); if($db->num_rows($q) == 0) { print "Sorry, we could not find a user with that ID, check your source."; } else { $r = $db->fetch_row($q); if($r['user_level'] == 1) { $userl="Mobster"; } else if($r['userid'] == 1) { $userl="Owner"; } else if($r['userid'] == 3) { $userl="Owner"; } else if($r['user_level'] == 2) { $userl="Admin"; } else if($r['user_level'] == 0) { $userl="NPC"; } else {$userl="Moderator"; } if($r['fedjail']) { $ustat="[url='fedjail']Federal Jail[/url]"; } else if($r['hospital']) { $ustat="[url='hospital.php']Hospital[/url]"; } else if($r['jail']) { $ustat="[url='jail.php']Jail[/url]"; } else { $ustat="-"; } $lon = ($r['laston'] > 0) ?date('F j',$r['laston']) : "Never"; $sup = date('j F',$r['signedup']); $ts = $r['strength']+$r['agility']+$r['guard']+$r['labour']+$r['IQ']; $d = ""; if($r['laston'] > 0) { $la = time()-$r['laston']; $unit = "seconds"; if($la >= 60) { $la = (int) ($la/60); $unit = "minutes"; } if($la >= 60) { $la = (int) ($la/60); $unit = "hours"; if($la >= 24) { $la = (int) ($la/24); $unit= "days"; } } $str = "$la $unit ago"; } else { $str="--"; } if($r['last_login'] > 0) { $ll=time()-$r['last_login']; $unit2="seconds"; if($ll >= 60) { $ll=(int) ($ll/60); $unit2="minutes"; } if($ll >= 60) { $ll=(int) ($ll/60); $unit2="hours"; if($ll >= 24) { $ll=(int) ($ll/24); $unit2="days"; } } $str2="$ll $unit2 ago"; } else { $str2="--"; } if($r['user_level'] >1){ $r['username'] = "<font color=red>{$r['username']}</font>";} elseif($r['donatordays']) { $r['username'] = "<font color=blue>{$r['username']}</font>";$d="[img=donator.gif]"; } if($r['laston'] >= time()-15*60) { $on="<font color=green>[b]Online[/b]</font>"; } else { $on="<font color=red>[b]Offline[/b]</font>"; } print " <div class='content'> <h3>Profile: {$r['username']} [{$r['userid']}] $d</h3> <table width='100%'> <tr> <td colspan='4'> <table width='100%'> <tr> <td width='100' align='center'>"; if($r['display_pic']) { print "<center>[img={$r[] </center>"; } else { print "<center>[img=http://i38.tinypic.com/29bh8d5.jpg]</center> "; } print " </td> <td style='font-size:30px;' align='center'> <span style='font-weight:bold;'>{$r['username']} [{$r['userid']}] $d</span> </td> </tr> </table> </td> </tr> <tr> <td width='18%'><h4>Name:</h4></td> <td width='32'>[url='viewuser.php?u={$r[']{$r['username']}[/url]</td> <td width='18%'><h4>Type:</h4></td> <td width='32%'>$userl</td> </tr> <tr> <td><h4>Level:</h4></td> <td>{$r['level']}</td> <td><h4>Money:</h4></td> <td>\${$r['money']}</td> </tr> <tr> <td><h4>Age:</h4></td> <td>{$r['daysold']} Days</td> <td><h4>Last Active:</h4></td> <td>$str</td> </tr> <tr> <td><h4>HP:</h4></td> <td>{$r['hp']}/{$r['maxhp']}</td> <td><h4>Gang:</h4></td> <td>"; if($r['gang']) { print "[url='gangs.php?action=view&ID={$r[']{$r['gangNAME']}[/url]"; } else { print "None</td>"; print " </tr> <tr> <td><h4>Location:</h4></td> <td>{$r['cityname']}</td> <td><h4>House:</h4></td> <td>[url='estate.php']{$r['hNAME']}[/url]</td> </tr> <tr> <td><h4>Status:</h4></td> <td>$ustat</td> <td><h4>Online:</h4></td> <td>$on</td> </tr> <tr> <td><h4>Status Message:</h4></td> <td>{$r['sm']}</td> <td><h4>Race:</h4></td> <td>{$r['race']}</td> </tr> <tr> <td><h4>Gender:</h4></td> <td>{$r['gender']}</td> <td><h4>Warnings:</h4></td> <td>"; $w=mysql_query("SELECT * FROM warnings WHERE user={$r['userid']}",$c); print " ".mysql_num_rows($w)." "; if($ir['user_level'] > 1) { print "|| <a href=warnings.php?action=index&user={$r['userid']}>Manage</a>"; } print "</td> </tr> </table> <h3>Actions</h3> <table width='100%'> <tr> <td width='25%' align='center'>[url='mailbox.php?action=compose&ID={$r[']Message[/url]</td> <td width='25%' align='center'>[url='attack.php?ID={$r[']Attack[/url]</td> <td width='25%' align='center'>[url='mug.php?ID={$r[']Mug[/url]</td> <td width='25%' align='center'>[url='spy.php?ID={$r[']Spy[/url]</td> </tr> <tr> <td align='center'>[url='sendcash.php?ID={$r[']Send Money[/url]</td> <td align='center'>[url='sendcrsy.php?ID={$r[']Send Crystals[/url]</td> <td align='center'>[url='contactlist.php?action=add&ID={$r[']Add Contact[/url]</td> <td align='center'>[url=' ']Ignore[/url]</td> </tr> </table> <h3>Profile</h3></div> <div style='text-align: center;'> <table cellspacing=1 class='table' width='95%'> <tr style='background:gray'> <td>{$r['profileSIG']}</td> </tr> </table> </div>"; } } } $h->endpage(); ?> should be alright, not tested it but i would recommend abit more security also. Quote Link to comment Share on other sites More sharing options...
SMOKEY_TEK Posted December 31, 2009 Author Share Posted December 31, 2009 Would you be able to secure it for me? Quote Link to comment Share on other sites More sharing options...
SMOKEY_TEK Posted December 31, 2009 Author Share Posted December 31, 2009 Thanks for getting it to work Mate.. Your the greatest... :thumbsup: :thumbup: Good Job! Glad there's people out there like you in the world... God bless ya! :P Quote Link to comment Share on other sites More sharing options...
Joshua Posted December 31, 2009 Share Posted December 31, 2009 Ok so i did this in about 10 minutes, it can always be MORE secure. But this is a lot more secure than you had it. <?php $globals = DIRNAME(__FILE__) . '/globals.php'; if(file_exists($globals)) { include_once($globals); } else { echo "globals file is missing"; exit; } $_GET['u'] = isset($_GET['u']) ? abs(@intval(trim($_GET['u']))) : '0'; if(!$_GET['u']) { print "Invalid use of file"; $h->endpage(); exit; } else { $q = $db->query("SELECT u.*,us.*,c.*,h.*,g.*,f.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid LEFT JOIN cities c ON u.location=c.cityid LEFT JOIN houses h ON u.maxwill=h.hWILL LEFT JOIN gangs g ON g.gangID=u.gang LEFT JOIN fedjail f ON f.fed_userid=u.userid WHERE u.userid={$_GET['u']}"); if($db->num_rows($q) == 0) { print "Sorry, we could not find a user with that ID, check your source."; $h->endpage(); exit; } else { $r = $db->fetch_row($q); if($r['user_level'] == 1) { $userl="Mobster"; } else if($r['userid'] == 1) { $userl="Owner"; } else if($r['userid'] == 3) { $userl="Owner"; } else if($r['user_level'] == 2) { $userl="Admin"; } else if($r['user_level'] == 0) { $userl="NPC"; } else {$userl="Moderator"; } if($r['fedjail']) { $ustat="[url='fedjail']Federal Jail[/url]"; } else if($r['hospital']) { $ustat="[url='hospital.php']Hospital[/url]"; } else if($r['jail']) { $ustat="[url='jail.php']Jail[/url]"; } else { $ustat="-"; } $lon = ($r['laston'] > 0) ?date('F j',$r['laston']) : "Never"; $sup = date('j F',$r['signedup']); $ts = $r['strength']+$r['agility']+$r['guard']+$r['labour']+$r['IQ']; $d = ""; if($r['laston'] > 0) { $la = time()-$r['laston']; $unit = "seconds"; if($la >= 60) { $la = (int) ($la/60); $unit = "minutes"; } if($la >= 60) { $la = (int) ($la/60); $unit = "hours"; if($la >= 24) { $la = (int) ($la/24); $unit= "days"; } } $str = "$la $unit ago"; } else { $str="--"; } if($r['last_login'] > 0) { $ll=time()-$r['last_login']; $unit2="seconds"; if($ll >= 60) { $ll=(int) ($ll/60); $unit2="minutes"; } if($ll >= 60) { $ll=(int) ($ll/60); $unit2="hours"; if($ll >= 24) { $ll=(int) ($ll/24); $unit2="days"; } } $str2="$ll $unit2 ago"; } else { $str2="--"; } if($r['user_level'] >1){ $r['username'] = "<font color=red>".stripslashes($r['username'])."</font>";} elseif($r['donatordays']) { $r['username'] = "<font color=blue>".stripslashes($r['username'])."</font>";$d="[img=donator.gif]"; } if($r['laston'] >= time()-15*60) { $on="<font color=green>[b]Online[/b]</font>"; } else { $on="<font color=red>[b]Offline[/b]</font>"; } print " <div class='content'> <h3>Profile: {$r['username']} [{$r['userid']}] $d</h3> <table width='100%'> <tr> <td colspan='4'> <table width='100%'> <tr> <td width='100' align='center'>"; if($r['display_pic']) { print "<center>[img=".stripslashes(htmlentities($r[] </center>"; } else { print "<center>[img=http://i38.tinypic.com/29bh8d5.jpg]</center> "; } print " </td> <td style='font-size:30px;' align='center'> <span style='font-weight:bold;'>".stripslashes($r['username'])." [".number_format($r['userid'])."] $d</span> </td> </tr> </table> </td> </tr> <tr> <td width='18%'><h4>Name:</h4></td> <td width='32'>[url='viewuser.php?u=".number_format($r[']".stripslashes($r['username'])."[/url]</td> <td width='18%'><h4>Type:</h4></td> <td width='32%'>".stripslashes(htmlentities($userl))."</td> </tr> <tr> <td><h4>Level:</h4></td> <td>".number_format($r['level'])."</td> <td><h4>Money:</h4></td> <td>\$".number_format($r['money'])."</td> </tr> <tr> <td><h4>Age:</h4></td> <td>".number_format($r['daysold'])." Days</td> <td><h4>Last Active:</h4></td> <td>$str</td> </tr> <tr> <td><h4>HP:</h4></td> <td>".number_format($r['hp'])."/".number_format($r['maxhp'])."</td> <td><h4>Gang:</h4></td> <td>"; if($r['gang']) { print "[url='gangs.php?action=view&ID=".number_format($r[']".stripslashes(htmlentities($r['gangNAME']))."[/url]"; } else { print "None</td>"; print " </tr> <tr> <td><h4>Location:</h4></td> <td>".stripslashes(htmlentities($r['cityname']))."</td> <td><h4>House:</h4></td> <td>[url='estate.php']".stripslashes(htmlentities($r['hNAME']))."[/url]</td> </tr> <tr> <td><h4>Status:</h4></td> <td>$ustat</td> <td><h4>Online:</h4></td> <td>$on</td> </tr> <tr> <td><h4>Status Message:</h4></td> <td>".stripslashes(htmlentities($r['sm']))."</td> <td><h4>Race:</h4></td> <td>{$r['race']}</td> </tr> <tr> <td><h4>Gender:</h4></td> <td>{$r['gender']}</td> <td><h4>Warnings:</h4></td> <td>"; $w=$db->query("SELECT * FROM warnings WHERE user={$r['userid']}",$c); echo " ".$db->num_rows($w)." "; if($ir['user_level'] > 1) { echo "|| <a href=warnings.php?action=index&user=".number_format($r['userid']).">Manage</a>"; } echo "</td> </tr> </table> <h3>Actions</h3> <table width='100%'> <tr> <td width='25%' align='center'>[url='mailbox.php?action=compose&ID=".number_format($r[']Message[/url]</td> <td width='25%' align='center'>[url='attack.php?ID=".number_format($r[']Attack[/url]</td> <td width='25%' align='center'>[url='mug.php?ID=".number_format($r[']Mug[/url]</td> <td width='25%' align='center'>[url='spy.php?ID=".number_format($r[']Spy[/url]</td> </tr> <tr> <td align='center'>[url='sendcash.php?ID=".number_format($r[']Send Money[/url]</td> <td align='center'>[url='sendcrsy.php?ID=".number_format($r[']Send Crystals[/url]</td> <td align='center'>[url='contactlist.php?action=add&ID=".number_format($r[']Add Contact[/url]</td> <td align='center'>[url='???????']Ignore[/url]</td> </tr> </table> <h3>Profile</h3></div> <div style='text-align: center;'> <table cellspacing=1 class='table' width='95%'> <tr style='background:gray'> <td>".stripslashes(htmlentities($r['profileSIG']))."</td> </tr> </table> </div>"; } } } $h->endpage(); ?> Quote Link to comment Share on other sites More sharing options...
Monkey644 Posted December 31, 2009 Share Posted December 31, 2009 Ok so i did this in about 10 minutes, it can always be MORE secure. But this is a lot more secure than you had it. $globals = DIRNAME(__FILE__) . '/globals.php'; if(file_exists($globals)) { include_once($globals); } else { echo "globals file is missing"; exit; } $_GET['u'] = isset($_GET['u']) ? abs(@intval(trim($_GET['u']))) : '0'; if(!$_GET['u']) { print "Invalid use of file"; $h->endpage(); exit; } else { $q = $db->query("SELECT u.*,us.*,c.*,h.*,g.*,f.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid LEFT JOIN cities c ON u.location=c.cityid LEFT JOIN houses h ON u.maxwill=h.hWILL LEFT JOIN gangs g ON g.gangID=u.gang LEFT JOIN fedjail f ON f.fed_userid=u.userid WHERE u.userid={$_GET['u']}"); if($db->num_rows($q) == 0) { print "Sorry, we could not find a user with that ID, check your source."; $h->endpage(); exit; } else { $r = $db->fetch_row($q); if($r['user_level'] == 1) { $userl="Mobster"; } else if($r['userid'] == 1) { $userl="Owner"; } else if($r['userid'] == 3) { $userl="Owner"; } else if($r['user_level'] == 2) { $userl="Admin"; } else if($r['user_level'] == 0) { $userl="NPC"; } else {$userl="Moderator"; } if($r['fedjail']) { $ustat="Federal Jail"; } else if($r['hospital']) { $ustat="Hospital"; } else if($r['jail']) { $ustat="Jail"; } else { $ustat="-"; } $lon = ($r['laston'] > 0) ?date('F j',$r['laston']) : "Never"; $sup = date('j F',$r['signedup']); $ts = $r['strength']+$r['agility']+$r['guard']+$r['labour']+$r['IQ']; $d = ""; if($r['laston'] > 0) { $la = time()-$r['laston']; $unit = "seconds"; if($la >= 60) { $la = (int) ($la/60); $unit = "minutes"; } if($la >= 60) { $la = (int) ($la/60); $unit = "hours"; if($la >= 24) { $la = (int) ($la/24); $unit= "days"; } } $str = "$la $unit ago"; } else { $str="--"; } if($r['last_login'] > 0) { $ll=time()-$r['last_login']; $unit2="seconds"; if($ll >= 60) { $ll=(int) ($ll/60); $unit2="minutes"; } if($ll >= 60) { $ll=(int) ($ll/60); $unit2="hours"; if($ll >= 24) { $ll=(int) ($ll/24); $unit2="days"; } } $str2="$ll $unit2 ago"; } else { $str2="--"; } if($r['user_level'] >1){ $r['username'] = "".stripslashes($r['username'])."";} elseif($r['donatordays']) { $r['username'] = "".stripslashes($r['username'])."";$d=""; } if($r['laston'] >= time()-15*60) { $on="Online"; } else { $on="Offline"; } print " Profile: {$r['username']} [{$r['userid']}] $d "; print " "; if($r['display_pic']) { print " "; } else { print " "; } print " ".stripslashes($r['username'])." [".number_format($r['userid'])."] $d Name: ".stripslashes($r['username'])." Type: ".stripslashes(htmlentities($userl))." Level: ".number_format($r['level'])." Money: \$".number_format($r['money'])." Age: ".number_format($r['daysold'])." Days Last Active: $str HP: ".number_format($r['hp'])."/".number_format($r['maxhp'])." Gang: "; if($r['gang']) { print "".stripslashes(htmlentities($r['gangNAME'])).""; } else { print "None Location: ".stripslashes(htmlentities($r['cityname']))." House: ".stripslashes(htmlentities($r['hNAME']))." Status: $ustat Online: $on Status Message: ".stripslashes(htmlentities($r['sm']))." Race: {$r['race']} Gender: {$r['gender']} Warnings: "; $w=$db->query("SELECT * FROM warnings WHERE user={$r['userid']}",$c); echo " ".$db->num_rows($w)." "; if($ir['user_level'] > 1) { echo "|| Manage"; } echo " Actions Message Attack Mug Spy Send Money Send Crystals Add Contact Ignore Profile ".stripslashes(htmlentities($r['profileSIG']))." "; } } } $h->endpage(); ?> Your good :) Quote Link to comment Share on other sites More sharing options...
Joshua Posted December 31, 2009 Share Posted December 31, 2009 I'm half asleep and tired. No doubt their will be critics as some of the things I added arent "necessary" but it's the way I code. Plus im' sleepy and wanted to work on something before I head off to bed. Shrugz. It works, and as far as I know there isnt a vulnerable spot on that script now, if there is I'd love for the critic to point it out as I want to try it ^_- best to run a BBcode engine with a profile Sig tho. htmlentities will strip a lot of <img <http tags from the sig w/o it. with it you would use [img tags Quote Link to comment Share on other sites More sharing options...
Monkey644 Posted December 31, 2009 Share Posted December 31, 2009 Well let them be critics, they probs carn't secure anything as good as you can anyway. Quote Link to comment Share on other sites More sharing options...
Zero-Affect Posted December 31, 2009 Share Posted December 31, 2009 if(file_exists($globals)) { include_once($globals); } else { echo "globals file is missing"; exit; } are you kidding me? i think if it's not there you'll know lol many people would say the following isn't a security issue i'd disagree $q = $db->query("SELECT u.*,us.*,c.*,h.*,g.*,f.* FROM users u LEFT JOIN userstats us ON u.userid=us.userid LEFT JOIN cities c ON u.location=c.cityid LEFT JOIN houses h ON u.maxwill=h.hWILL LEFT JOIN gangs g ON g.gangID=u.gang LEFT JOIN fedjail f ON f.fed_userid=u.userid WHERE u.userid={$_GET['u']}"); leave out the *'s if($r['user_level'] == 1) { $userl="Mobster"; } else if($r['userid'] == 1) { $userl="Owner"; } else if($r['userid'] == 3) { $userl="Owner"; } else if($r['user_level'] == 2) { $userl="Admin"; } else if($r['user_level'] == 0) { $userl="NPC"; } else {$userl="Moderator"; } => $checkulevel = array( '0' => 'NPC', '1' => 'Member', '2' => 'Owner', '3' => 'Secretary', '5' => 'Assistant' ); $userl = ( in_array($r['user_level'], $checkulevel) ) ? $checkulevel[$r['user_level']] : 'NPC' ; $_GET['u'] = isset($_GET['u']) ? abs(@intval(trim($_GET['u']))) : '0'; => $_GET['u'] = (ctype_digit($_GET['u']) AND !empty($_GET['u']) AND isset($_GET['u'])) ? $_GET['u'] : '' ; if ( !$_GET['u'] ) { echo ' Invalid Command. > [url="index.php"]Back[/url] '; $h->endpage(); exit; } Quote Link to comment Share on other sites More sharing options...
Joshua Posted December 31, 2009 Share Posted December 31, 2009 if(file_exists($globals)) { include_once($globals); } else { echo "globals file is missing"; exit; } ISO Rfi/lfi? :P just a little extra, not really "needed" but it's how i code so shh.. As for the Select * I didnt want to mess with finding each column the viewuser was calling to im tired :P Quote Link to comment Share on other sites More sharing options...
Zero-Affect Posted December 31, 2009 Share Posted December 31, 2009 i guess if your tired, how do they edit the existing include without editing the file itself... Quote Link to comment Share on other sites More sharing options...
Eternal Posted December 31, 2009 Share Posted December 31, 2009 GAh i hate you IDK what to say. Immortal you making me wet my pants right now. Maybe you should google on common exploits and READ the section on what sectors those exploits are known to. Quote Link to comment Share on other sites More sharing options...
Zero-Affect Posted December 31, 2009 Share Posted December 31, 2009 $page = $_GET['module'] $extension = ".php"; $file = "$page$extension"; //so we get page.php include($file); ... so edit $_GET['module'] which $_GET is on the url so http://www.website.com/index.php?module=index => http://www.website.com/index.php?module=http://www.otherwebsite.com/file Quote Link to comment Share on other sites More sharing options...
Joshua Posted December 31, 2009 Share Posted December 31, 2009 I know full well that the "common" place for those exploits are on $_GET = url blah blah However, This is "my" include globals bit that I like to use, sorta like a signature ^_- And you can't tell me that somewhere there isnt "some" elite hacker that could use that "include globals.php" bit to include his own file I'm sure it can be done, with my way it cant. Quote Link to comment Share on other sites More sharing options...
Zero-Affect Posted December 31, 2009 Share Posted December 31, 2009 If i could rewrite files i wouldn't need to include one now would i... http://msdn.microsoft.com/en-us/library/cc295228.aspx Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.