190.27.245.106 - c99shell

!C99Shell v. 1.0 pre-release build #13!
Software: Apache. PHP/5.5.15 uname -a: Windows NT SVR-DMZ 6.1 build 7600 (Windows Server 2008 R2 Enterprise Edition) i586 SYSTEM Safe-mode: OFF (not secure) C:\AmbienteBogota\aulavirtual\ drwxrwxrwx Free 4.13 GB of 39.52 GB (10.45%) Detected drives: [ a ] [ c ] [ d ] [ e ] [ f ] Encoder Tools Proc. FTP brute Sec. SQL PHP-code Update Feedback Self remove Logout

<?php

/**

* $Id: savequestion.php,v 1.11.2.9.2.9 2006/09/28 20:04:23 matteo Exp $

*

* @author           Thorsten Rinne <thorsten@phpmyfaq.de>

* @author           David Saez Padros <david@ols.es>

* @since            2002-09-17

* @copyright        (c) 2001-2006 phpMyFAQ Team

*

* The contents of this file are subject to the Mozilla Public License

* Version 1.1 (the "License"); you may not use this file except in

* compliance with the License. You may obtain a copy of the License at

* http://www.mozilla.org/MPL/

*

* Software distributed under the License is distributed on an "AS IS"

* basis, WITHOUT WARRANTY OF ANY KIND, either express or implied. See the

* License for the specific language governing rights and limitations

* under the License.

*/



if (!defined('IS_VALID_PHPMYFAQ')) {

    header('Location: http://'.$_SERVER['SERVER_NAME'].dirname($_SERVER['SCRIPT_NAME']));

    exit();

}



$captcha = new PMF_Captcha($db, $sids, $pmf->language, $_SERVER['HTTP_USER_AGENT'], $_SERVER['REMOTE_ADDR']);



if (    isset($_POST['username']) && $_POST['username'] != ''

     && isset($_POST['usermail']) && checkEmail($_POST['usermail'])

     && isset($_POST['content']) && $_POST['content'] != ''

     && IPCheck($_SERVER['REMOTE_ADDR'])

     && checkBannedWord(htmlspecialchars(strip_tags($_POST['content'])))

     && checkCaptchaCode() ) {

    if (isset($_POST['try_search'])) {

        $suchbegriff = strip_tags($_POST['content']);

        $printResult = searchEngine($suchbegriff, $numr);

        echo $numr;

    } else {

        $numr = 0;

    }



    if ($numr == 0) {



        $cat = new category;

        $categories = $cat->getAllCategories();

        $usermail = $db->escape_string($IDN->encode($_POST['usermail']));

        $username = $db->escape_string(strip_tags($_POST['username']));

        $selected_category = intval($_POST['rubrik']);



        list($user, $host) = explode("@", $usermail);

        if (checkEmail($usermail)) {

            $datum   = date("YmdHis");

            $content = strip_tags($_POST['content']);



            $result = $db->query("INSERT INTO ".SQLPREFIX."faqfragen (id, ask_username, ask_usermail, ask_rubrik, ask_content, ask_date) VALUES (".$db->nextID(SQLPREFIX."faqfragen", "id").", '".$db->escape_string($username)."', '".$db->escape_string($usermail)."', ".$selected_category.", '".$db->escape_string($content)."', '".$datum."')");



            $questionMail = "User: ".$username.", mailto:".$usermail."\n".$PMF_LANG["msgCategory"].": ".$categories[$selected_category]["name"]."\n\n".wordwrap($content, 72);



            $additional_header = array();

            $additional_header[] = 'MIME-Version: 1.0';

            $additional_header[] = 'Content-Type: text/plain; charset='. $PMF_LANG['metaCharset'];

            if (strtolower($PMF_LANG['metaCharset']) == 'utf-8') {

                $additional_header[] = 'Content-Transfer-Encoding: 8bit';

            }

            $additional_header[] = 'From: '.'<'.$IDN->encode($usermail).'>';

            $body = strip_tags($questionMail);

            $body = str_replace(array("\r\n", "\r", "\n"), "\n", $body);

            if (strstr(PHP_OS, 'WIN') !== NULL) {

                // if windows, cr must "\r\n". if other must "\n".

                $body = str_replace("\n", "\r\n", $body);

            }

            if (ini_get('safe_mode')) {

                mail($IDN->encode($PMF_CONF['adminmail']), $PMF_CONF['title'], $body, implode("\r\n", $additional_header));

            } else {

                mail($IDN->encode($PMF_CONF['adminmail']), $PMF_CONF['title'], $body, implode("\r\n", $additional_header), '-f'.$IDN->encode($usermail));

            }



            $tpl->processTemplate ("writeContent", array(

                    "msgQuestion" => $PMF_LANG["msgQuestion"],

                    "Message" => $PMF_LANG["msgAskThx4Mail"],

                    ));

        } else {

            $tpl->processTemplate ("writeContent", array(

                    "msgQuestion" => $PMF_LANG["msgQuestion"],

                    "Message" => $PMF_LANG["err_noMailAdress"],

                    ));

        }



    } else {



        $tpl->templates['writeContent'] = $tpl->readTemplate('template/asksearch.tpl');



        $tpl->processTemplate ('writeContent', array(

            'msgQuestion' => $PMF_LANG["msgQuestion"],

            'printResult' => $printResult,

            'msgAskYourQuestion' => $PMF_LANG['msgAskYourQuestion'],

            'msgContent' => $_POST['content'],

            'postUsername' => urlencode($_REQUEST['username']),

            'postUsermail' => urlencode($_REQUEST['usermail']),

            'postRubrik' => urlencode($_REQUEST['rubrik']),

            'postContent' => urlencode($_REQUEST['content']),

            'writeSendAdress' => $_SERVER['PHP_SELF'].'?'.$sids.'action=savequestion',

            ));

    }

} else {

    if (IPCheck($_SERVER["REMOTE_ADDR"]) == FALSE) {

        $tpl->processTemplate ("writeContent", array(

                "msgQuestion" => $PMF_LANG["msgQuestion"],

                "Message" => $PMF_LANG["err_bannedIP"],

                ));

    } else {

        $tpl->processTemplate ("writeContent", array(

                "msgQuestion" => $PMF_LANG["msgQuestion"],

                "Message" => $PMF_LANG["err_SaveQuestion"],

                ));

    }

}



$tpl->includeTemplate("writeContent", "index");

?>
:: Command execute ::
Enter:	Select: