"); $user_id=$myrow["user_id"]; //print($uid." | ".$user_id." | ".$_SESSION["user_session_id"]."
"); if ($isCookie and strtolower($uid)=="anonymous") { $uid=$user_id; } //print(md5($user_pwd."sdion71_73")."
".chop($_COOKIE["gorbebogre"])."
"); if (($isCookie and md5($user_pwd."sdion71_73")==chop($_COOKIE["gorbebogre"])) or (!$isCookie)) $loginSuccessful=true; } $stclose=mysql_free_result($rs); //print("[110]");exit; if ($loginSuccessful) { //print("LOGIN SUCCESSFUL
"); if (!session_is_registered("user_session_cn")) { session_register("user_session_cn"); } if (!session_is_registered("user_session_id")) { session_register("user_session_id"); } if (!session_is_registered("user_session_fsw_p")) { session_register("user_session_fsw_p"); } if (!session_is_registered("user_session_fsw_f")) { session_register("user_session_fsw_f"); } if (!session_is_registered("user_session_fsw_h")) { session_register("user_session_fsw_h"); } if (!session_is_registered("gallery_release_id")) { session_register("gallery_release_id"); } $_SESSION["user_session_cn"]=$user_cn; $_SESSION["user_session_id"]=$uid; $_SESSION["user_session_fsw_p"]=$_COOKIE["fsw_p"]; $_SESSION["user_session_fsw_f"]=$_COOKIE["fsw_f"]; $sql = "insert into access_log (access_type_id,user_id,user_ip,user_client) values "; $sql.= "('1','".$uid."','".$UserIP."','".substr($UserAgent,0,63)."')"; $rs = mysql_query($sql) or header("Location: error.php?rid=i_i146"); $sql = "update user_objects set last_user_ip='".$UserIP."' where user_id='".$uid."' "; $rs = mysql_query($sql) or header("Location: error.php?rid=i_i146"); //$rs = mysql_query($sql); //print($sql); exit; if (!$isCookie) { setcookie("gorbebogre",md5($user_pwd."sdion71_73"),time()+(60*60*24*30),"/"); setcookie("sargabogre",$uid,time()+(60*60*24*30),"/"); setcookie("barnabogre",md5($uid),time()+(60*60*24*30),"/"); //print("[151] ".$ServerDomain); } } else { //print("[120]");exit; $sql = "insert into access_log (access_type_id,user_id,user_ip,user_client) values "; $sql.= "('901','".$uid."','".$UserIP."','".$UserAgent."')"; $rs = mysql_query($sql) or header("Location: error.php?rid=i_i157a"); //$rs = mysql_query($sql); //print("[123]");exit; } mysql_close($database); //print($uid." || ".$user_id); } // * * * USER ACCESS RIGHTS LOAD IN * * * $user_group = Array(); if (session_is_registered("user_session_id") and session_is_registered("user_session_cn")) { $database = mysql_connect($database_server, $database_user, $database_user_pwd) or header("Location: error.php?rid=i_con164"); mysql_select_db($database_tablespace) or header("Location: error.php?rid=i_ts165"); $sql = "select g.group_cn from group_objects g, user_group_xref x, user_objects u "; $sql.= "where u.user_id='".$_SESSION["user_session_id"]."' and u.user_record_id=x.user_record_id and "; $sql.= "x.group_record_id=g.group_record_id "; //print($sql."
"); $rs = mysql_query($sql) or header("Location: error.php?rid=i_s169"); $i=0; while ($myrow = mysql_fetch_array ($rs)) { $user_group[$i]=$myrow[0]; $i++; } $stclose=mysql_free_result($rs); mysql_close($database); } ?> "); $dfile_tmp =$HTTP_POST_FILES["idoc_file"]["tmp_name"]; //print($dfile_tmp."
"); $dsize =$HTTP_POST_FILES["idoc_file"]["size"]; //print($dsize."
"); $dtype =$HTTP_POST_FILES["idoc_file"]["type"]; //print($dtype."
"); $mostcimke=date("ymdHis",mktime (date("H"),date("i"),date("s"),date("m"),date("d"),date("Y")))."_"; $idoc_stored_filename=$mostcimke.$dfile_orig; $idoc_orig_filename=$dfile_orig; if ($dsize>$upload_sizelimit) { unlink($dfile_tmp); } $idoc_path=dirname(realpath("./.").$dir_separator."documents/anchor.lock").$dir_separator.$idoc_stored_filename; //print("{".$idoc_path."}
"); //print("{".$dfile_tmp."}
"); //print("{".$idoc_path."}
"); // {/091005225212_akcios.gif} // {/tmp/phpNv7Evt} } if ($module=="idocs_outpool" or $module=="idocs_inpool" or $module=="idocs_outhistory" or $module=="idocs_inhistory") { if (isset($_POST["idoc_id"])) { $idoc_id=$_POST["idoc_id"]; } if (isset($_GET["idoc_id"])) { $idoc_id=$_GET["idoc_id"]; } if (chop($idoc_id)=="") { header("Location: index.php?module=idocs");exit; } } if ($module=="idocs_mod_proc") { $idoc_name="";$idoc_desc="";$idoc_notes="";$idoc_creator="";$idoc_release="";$idoc_cat=0; $idoc_stored_filename=""; if (isset($_POST["idoc_id"])) { $idoc_id=$_POST["idoc_id"]; } if (isset($_POST["idoc_name"])) { $idoc_name=$_POST["idoc_name"]; } if (isset($_POST["idoc_desc"])) { $idoc_desc=$_POST["idoc_desc"]; } if (isset($_POST["idoc_notes"])) { $idoc_notes=$_POST["idoc_notes"]; } if (isset($_POST["idoc_creator"])) { $idoc_creator=$_POST["idoc_creator"]; } if (isset($_POST["idoc_release"])) { $idoc_release=$_POST["idoc_release"]; } if (isset($_POST["idoc_cat"])) { $idoc_cat=$_POST["idoc_cat"]; } if (isset($_POST["idoc_ofn"])) { $idoc_orig_filename=$_POST["idoc_ofn"]; } if (isset($_POST["idoc_sfn"])) { $idoc_stored_filename=$_POST["idoc_sfn"]; } } if ($module=="idocs_mod_proc_load") { $idoc_name="";$idoc_desc="";$idoc_notes="";$idoc_creator="";$idoc_release="";$idoc_cat=0; $idoc_stored_filename=""; if (isset($_POST["idoc_id"])) { $idoc_id=$_POST["idoc_id"]; } if (isset($_GET["idoc_id"])) { $idoc_id=$_GET["idoc_id"]; } } if ($module=="idocs_del") { if (isset($_POST["did"])) { $did=$_POST["did"]; } if (isset($_GET["did"])) { $did=$_GET["did"]; } if (chop($did)=="") { header("Location: index.php?module=idocs");exit; } } // *** FILTERSW *** if (isset($_POST["fsw"])) { $fsw=$_POST["fsw"]; } else { if (isset($_GET["fsw"])) { $fsw=$_GET["fsw"]; } else { $fsw=0; } } // *** FILTERSTR *** if (isset($_POST["fstr"])) { $fstr=$_POST["fstr"]; } else { if (isset($_GET["fstr"])) { $fstr=$_GET["fstr"]; } else { $fstr=""; } } // *** SW *** if (isset($_POST["sw"])) { $sw=$_POST["sw"]; } else { if (isset($_GET["sw"])) { $sw=$_GET["sw"]; } else { $sw=0; } } // *** HSW *** if (isset($_POST["hsw"])) { $hsw=$_POST["hsw"]; } else { if (isset($_GET["hsw"])) { $hsw=$_GET["hsw"]; } else { $hsw=0; } } if ($module=="forum_mod_forum") { // *** FORUM ID *** if (isset($_GET["fid"])) { $fid=$_GET["fid"]; } else { $fid=""; } } if ($module=="forum_mod_forum_proc" or substr($module,0,12)=="forum_topics" or substr($module,0,14)=="forum_comments") { // *** FORUM ID *** if (isset($_POST["fid"])) { $fid=$_POST["fid"]; } else { if (isset($_GET["fid"])) { $fid=$_GET["fid"]; } else { $fid=""; } } // *** TOPIC ID *** if (isset($_POST["tid"])) { $tid=$_POST["tid"]; } else { if (isset($_GET["tid"])) { $tid=$_GET["tid"]; } else { $tid=""; } } /* // *** COMMENT ID *** if (isset($_POST["cid"])) { $cid=$_POST["cid"]; } else { if (isset($_GET["cid"])) { $cid=$_GET["cid"]; } else { $cid=""; } }*/ // *** TASK *** if (isset($_POST["task"])) { $task=$_POST["task"]; } else { if (isset($_GET["task"])) { $task=$_GET["task"]; } else { $task=""; } } // *** PAGE POS *** if (isset($_POST["ppos"])) { $ppos=$_POST["ppos"]; } else { if (isset($_GET["ppos"])) { $ppos=$_GET["ppos"]; } else { $ppos=""; } } } if ($module=="forum_add_forum_proc" or $module=="forum_mod_forum_proc") { // *** FORUMNAME *** if (isset($_POST["forum_name"])) { $forum_name=$_POST["forum_name"]; } else { $forum_name=""; } // *** FORUMDESC *** if (isset($_POST["forum_desc"])) { $forum_desc=$_POST["forum_desc"]; } else { $forum_desc=""; } } if ($module=="forum_topics_add_topic_proc" or $module=="forum_topics_mod_topic_proc") { // *** TOPICNAME *** if (isset($_POST["topic_name"])) { $topic_name=$_POST["topic_name"]; } else { $topic_name=""; } // *** FORUMDESC *** if (isset($_POST["topic_desc"])) { $topic_desc=$_POST["topic_desc"]; } else { $topic_desc=""; } } if ($module=="forum_comments_add_comment" or $module=="forum_comments_add_comment_proc") { if (isset($_POST["hid"])) { $hid=$_POST["hid"]; } else { if (isset($_GET["hid"])) { $hid=$_GET["hid"]; } else { $hid=""; } } } if ($module=="forum_comments_add_comment_proc") { if (isset($_POST["comment_body"])) { $comment_body=$_POST["comment_body"]; } else { $comment_body=""; } } if ($module=="useradmin") { if (isset($_POST["new_user_cn"])) { $new_user_cn=$_POST["new_user_cn"]; } else { $new_user_cn=""; } if (isset($_POST["new_user_id"])) { $new_user_id=$_POST["new_user_id"]; } else { $new_user_id=""; } if (isset($_POST["new_user_pwd"])) { $new_user_pwd=$_POST["new_user_pwd"]; } else { $new_user_pwd=""; } if (isset($_POST["admin_sw"])) { $admin_sw=$_POST["admin_sw"]; } else { if (isset($_GET["admin_sw"])) { $admin_sw=$_GET["admin_sw"]; } else { $admin_sw="ul"; } } if (isset($_POST["urid"])) { $urid=$_POST["urid"]; } else { if (isset($_GET["urid"])) { $urid=$_GET["urid"]; } else { $urid=""; } } if (isset($_POST["rlist"])) { $rlist=$_POST["rlist"]; } else { $rlist=""; } } if ($module=="mod_gallery_upload") { //print("upload_init
"); $pfile_orig=str_replace(" ","_",$HTTP_POST_FILES["pic_files"]["name"]); //print($pfile_orig."
"); $pfile_tmp =$HTTP_POST_FILES["pic_files"]["tmp_name"]; //print($pfile_tmp."
"); $psize =$HTTP_POST_FILES["pic_files"]["size"]; //print($psize."
"); $ptype =$HTTP_POST_FILES["pic_files"]["type"]; //print($ptype."
"); $mostcimke=date("ymdHis",mktime (date("H"),date("i"),date("s"),date("m"),date("d"),date("Y")))."_"; $pf_stored_filename=$mostcimke.$pfile_orig; $pf_orig_filename=$pfile_orig; if ($psize>$upload_sizelimit) { unlink($pfile_tmp); } $pf_pure_path=dirname(realpath("./.").$dir_separator."gallery/anchor.lock"); $pf_path=$pf_pure_path.$dir_separator.$pf_stored_filename; } if ($module=="mod_gallery_thumb" or $module=="mod_gallery_imgdel" or $module=="mod_image" or $module=="mod_image_save") { if (isset($_POST["gal_id"])) { $gid=$_POST["gal_id"]; } else { if (isset($_GET["gal_id"])) { $gid=$_GET["gal_id"]; } else { $gid=""; $module="gallery"; } } if (isset($_POST["img_id"])) { $iid=$_POST["img_id"]; } else { if (isset($_GET["img_id"])) { $iid=$_GET["img_id"]; } else { $iid=""; $module="gallery"; } } } if ($module=="mod_image_save") { if (isset($_POST["img_name"])) { $new_img_name=$_POST["img_name"]; } else { $new_img_name=""; $module="gallery"; } if (isset($_POST["img_desc"])) { $new_img_desc=$_POST["img_desc"]; } else { $new_img_desc=""; } if (isset($_POST["img_keys"])) { $new_img_keywords=$_POST["img_keys"]; $new_img_keywords=str_replace(", ",",",$new_img_keywords); } else { $new_img_keywords=""; } } if ($module=="add_gallery" or $module=="mod_gallery" or $module=="mod_gallery_save" or $module=="mod_gallery_upload" or $module=="add_gallery_save") { if (isset($_POST["gal_id"])) { $gid=$_POST["gal_id"]; } else { if (isset($_GET["gal_id"])) { $gid=$_GET["gal_id"]; } else { $gid=""; if ($module=="mod_gallery_save" or $module=="mod_gallery_upload") $module="gallery"; } } if (isset($_POST["gal_name"])) { $new_gal_name=$_POST["gal_name"]; } else { $new_gal_name=""; if ($module=="mod_gallery_save" or $module=="add_gallery_save") $module="gallery"; } if (isset($_POST["gal_desc"])) { $new_gal_desc=$_POST["gal_desc"]; } else { $new_gal_desc=""; } if (isset($_POST["gal_published"])) { $new_gal_published=$_POST["gal_published"]; } else { $new_gal_published=0; } } if ($module=="show_gallery" or $module=="mass_import") { if (isset($_POST["gal_id"])) { $gid=$_POST["gal_id"]; } else { if (isset($_GET["gal_id"])) { $gid=$_GET["gal_id"]; } else { $gid=""; $module="gallery"; } } $pf_pure_path=dirname(realpath("./.").$dir_separator."gallery/anchor.lock"); } if ($module=="gallery_del") { if (isset($_POST["gal_id"])) { $gid=$_POST["gal_id"]; } else { if (isset($_GET["gal_id"])) { $gid=$_GET["gal_id"]; } else { $gid=""; $module="gallery"; } } if (isset($_POST["relid"])) { $relid=$_POST["relid"]; } else { if (isset($_GET["relid"])) { $relid=$_GET["relid"]; } else { $relid=""; $module="gallery"; } } $pf_pure_path=dirname(realpath("./.").$dir_separator."gallery/anchor.lock"); } if ($sub_type=="") { $emailadd=""; } if ($comment_body!="") { $trans=Array(); $trans[chr(10)]="
"; $trans[chr(13)]=""; $trans[""); //print("{".realpath("./.")."}
"); //print(dirname(realpath("./.").$dir_separator."documents/anchor.lock")."}
"); ?> "); } //exit; // $efAccessLogCnt,$efAccessLogCode,$efAccessLogUser,$efAccessLogUserIP,$efAccessLogMsg mysql_close($database); $efAccessLogCnt=-1; header("Location: error.php?rid=il_hack1");exit; } /* ACCESS TYPES 1 - successful login 901 - login failed 902 - sql hack 903 - length hack 904 - number hack 905 - date hack $efAccessLogCnt,$efAccessLogCode,$efAccessLogUser,$efAccessLogMsg; */ // document oldalakon a filter switch állítása if ($module=="idocs" and $fsw!="") { if (!session_is_registered("user_session_fsw_p")) { session_register("user_session_fsw_p"); } if (!session_is_registered("user_session_fsw_f")) { session_register("user_session_fsw_f"); } if (!session_is_registered("user_session_fsw_h")) { session_register("user_session_fsw_h"); } if ($hsw=="1") { $_SESSION["user_session_fsw_h"]=$hsw; } if (strtolower($sw)=="f") { if ($_SESSION["user_session_fsw_f"]=="" or $_SESSION["user_session_fsw_f"]!=$fsw) { setcookie("fsw_f",$fsw,time()+(60*60*24*30),"/"); $_SESSION["user_session_fsw_f"]=$fsw; } } else { if ($_SESSION["user_session_fsw_p"]=="" or $_SESSION["user_session_fsw_p"]!=$fsw) { setcookie("fsw_p",$fsw,time()+(60*60*24*30),"/"); $_SESSION["user_session_fsw_p"]=$fsw; } } } //print("{fswp=".$_SESSION["user_session_fsw_p"]." | fswf=".$_SESSION["user_session_fsw_f"]."}
"); ?> $posi) { if ($posi=="left") { $isLeftCol=true; $leftColParts[] = $availableBlocks[$tag]; $leftColOrder[] = $blockOrder[$tag]; $leftColFiles[] = $availableBlocksFiles[$tag]; } if ($posi=="right") { $isRightCol=true; $rightColParts[] = $availableBlocks[$tag]; $rightColOrder[] = $blockOrder[$tag]; $rightColFiles[] = $availableBlocksFiles[$tag]; } } // SETTING THE ORDER OF LEFT COLUMN //print_r($leftColFiles); $parts=count($leftColParts); if ($parts>1) { do { $csere=false; for ($i=0;$i<$parts-1;$i++) { if ($leftColOrder[$i]>$leftColOrder[$i+1]) { $temp=$leftColOrder[$i];$leftColOrder[$i]=$leftColOrder[$i+1];$leftColOrder[$i+1]=$temp; $temp=$leftColParts[$i];$leftColParts[$i]=$leftColParts[$i+1];$leftColParts[$i+1]=$temp; $temp=$leftColFiles[$i];$leftColFiles[$i]=$leftColFiles[$i+1];$leftColFiles[$i+1]=$temp; $csere=true; } } } while ($csere==true); } // SETTING THE ORDER OF RIGHT COLUMN $parts=count($rightColParts); if ($parts>1) { do { $csere=false; for ($i=0;$i<$parts-1;$i++) { if ($rightColOrder[$i]>$rightColOrder[$i+1]) { $temp=$rightColOrder[$i];$rightColOrder[$i]=$rightColOrder[$i+1];$rightColOrder[$i+1]=$temp; $temp=$rightColParts[$i];$rightColParts[$i]=$rightColParts[$i+1];$rightColParts[$i+1]=$temp; $temp=$rightColFiles[$i];$rightColFiles[$i]=$rightColFiles[$i+1];$rightColFiles[$i+1]=$temp; $csere=true; } } } while ($csere==true); } $isInsertedWell=true;$user_group[] = "public"; ?> MOVE EU Project - Methods for the Improvement of Vulnerability Assessment in Europe
 
You are now logged on as   Logout  
Login:    Password:     


EU Logo
MOVE is co-financed by the EC
FP7 Logo
MATRIX Logo

 

The MOVE project is co-financed by the European Commission with contract No.: 211590
Copyright © 2009-2012. All rights reserved.