!C99Shell v. 1.0 pre-release build #13!

Software: Apache. PHP/5.5.15 

uname -a: Windows NT SVR-DMZ 6.1 build 7600 (Windows Server 2008 R2 Enterprise Edition) i586 

SYSTEM 

Safe-mode: OFF (not secure)

C:\Intranet\C\xampp\htdocs\phpbb\2.0.4_to_2.0.15\includes\   drwxrwxrwx
Free 4.09 GB of 39.52 GB (10.36%)
Detected drives: [ a ] [ c ] [ d ] [ e ] [ f ]
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     functions_validate.php (5.79 KB)      -rw-rw-rw-
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
<?php
/***************************************************************************
 *                          functions_validate.php
 *                            -------------------
 *   begin                : Saturday, Feb 13, 2001
 *   copyright            : (C) 2001 The phpBB Group
 *   email                : support@phpbb.com
 *
 *   $Id: functions_validate.php,v 1.6.2.12 2003/06/09 19:13:05 psotfx Exp $
 *
 *
 ***************************************************************************/

/***************************************************************************
 *
 *   This program is free software; you can redistribute it and/or modify
 *   it under the terms of the GNU General Public License as published by
 *   the Free Software Foundation; either version 2 of the License, or
 *   (at your option) any later version.
 *
 ***************************************************************************/

//
// Check to see if the username has been taken, or if it is disallowed.
// Also checks if it includes the " character, which we don't allow in usernames.
// Used for registering, changing names, and posting anonymously with a username
//
function validate_username($username)
{
    global 
$db$lang$userdata;

    
// Remove doubled up spaces
    
$username preg_replace('#\s+#'' '$username); 
    
// Limit username length
    
$username substr(str_replace("\'""'"$username), 025);
    
$username str_replace("'""''"$username);

    
$sql "SELECT username 
        FROM " 
USERS_TABLE 
        WHERE LOWER(username) = '" 
strtolower($username) . "'";
    if (
$result $db->sql_query($sql))
    {
        if (
$row $db->sql_fetchrow($result))
        {
            if ((
$userdata['session_logged_in'] && $row['username'] != $userdata['username']) || !$userdata['session_logged_in'])
            {
                
$db->sql_freeresult($result);
                return array(
'error' => true'error_msg' => $lang['Username_taken']);
            }
        }
    }
    
$db->sql_freeresult($result);

    
$sql "SELECT group_name
        FROM " 
GROUPS_TABLE 
        WHERE LOWER(group_name) = '" 
strtolower($username) . "'";
    if (
$result $db->sql_query($sql))
    {
        if (
$row $db->sql_fetchrow($result))
        {
            
$db->sql_freeresult($result);
            return array(
'error' => true'error_msg' => $lang['Username_taken']);
        }
    }
    
$db->sql_freeresult($result);

    
$sql "SELECT disallow_username
        FROM " 
DISALLOW_TABLE;
    if (
$result $db->sql_query($sql))
    {
        if (
$row $db->sql_fetchrow($result))
        {
            do
            {
                if (
preg_match("#\b(" str_replace("\*"".*?"phpbb_preg_quote($row['disallow_username'], '#')) . ")\b#i"$username))
                {
                    
$db->sql_freeresult($result);
                    return array(
'error' => true'error_msg' => $lang['Username_disallowed']);
                }
            }
            while(
$row $db->sql_fetchrow($result));
        }
    }
    
$db->sql_freeresult($result);

    
$sql "SELECT word 
        FROM  " 
WORDS_TABLE;
    if (
$result $db->sql_query($sql))
    {
        if (
$row $db->sql_fetchrow($result))
        {
            do
            {
                if (
preg_match("#\b(" str_replace("\*"".*?"phpbb_preg_quote($row['word'], '#')) . ")\b#i"$username))
                {
                    
$db->sql_freeresult($result);
                    return array(
'error' => true'error_msg' => $lang['Username_disallowed']);
                }
            }
            while (
$row $db->sql_fetchrow($result));
        }
    }
    
$db->sql_freeresult($result);

    
// Don't allow " and ALT-255 in username.
    
if (strstr($username'"') || strstr($username'&quot;') || strstr($usernamechr(160)))
    {
        return array(
'error' => true'error_msg' => $lang['Username_invalid']);
    }

    return array(
'error' => false'error_msg' => '');
}

//
// Check to see if email address is banned
// or already present in the DB
//
function validate_email($email)
{
    global 
$db$lang;

    if (
$email != '')
    {
        if (
preg_match('/^[a-z0-9&\'\.\-_\+]+@[a-z0-9\-]+\.([a-z0-9\-]+\.)*?[a-z]+$/is'$email))
        {
            
$sql "SELECT ban_email
                FROM " 
BANLIST_TABLE;
            if (
$result $db->sql_query($sql))
            {
                if (
$row $db->sql_fetchrow($result))
                {
                    do
                    {
                        
$match_email str_replace('*''.*?'$row['ban_email']);
                        if (
preg_match('/^' $match_email '$/is'$email))
                        {
                            
$db->sql_freeresult($result);
                            return array(
'error' => true'error_msg' => $lang['Email_banned']);
                        }
                    }
                    while(
$row $db->sql_fetchrow($result));
                }
            }
            
$db->sql_freeresult($result);

            
$sql "SELECT user_email
                FROM " 
USERS_TABLE "
                WHERE user_email = '" 
str_replace("\'""''"$email) . "'";
            if (!(
$result $db->sql_query($sql)))
            {
                
message_die(GENERAL_ERROR"Couldn't obtain user email information."""__LINE____FILE__$sql);
            }
        
            if (
$row $db->sql_fetchrow($result))
            {
                return array(
'error' => true'error_msg' => $lang['Email_taken']);
            }
            
$db->sql_freeresult($result);

            return array(
'error' => false'error_msg' => '');
        }
    }

    return array(
'error' => true'error_msg' => $lang['Email_invalid']);
}

//
// Does supplementary validation of optional profile fields. This expects common stuff like trim() and strip_tags()
// to have already been run. Params are passed by-ref, so we can set them to the empty string if they fail.
//
function validate_optional_fields(&$icq, &$aim, &$msnm, &$yim, &$website, &$location, &$occupation, &$interests, &$sig)
{
    
$check_var_length = array('aim''msnm''yim''location''occupation''interests''sig');

    for(
$i 0$i count($check_var_length); $i++)
    {
        if (
strlen($$check_var_length[$i]) < 2)
        {
            $
$check_var_length[$i] = '';
        }
    }

    
// ICQ number has to be only numbers.
    
if (!preg_match('/^[0-9]+$/'$icq))
    {
        
$icq '';
    }
    
    
// website has to start with http://, followed by something with length at least 3 that
    // contains at least one dot.
    
if ($website != "")
    {
        if (!
preg_match('#^http[s]?:\/\/#i'$website))
        {
            
$website 'http://' $website;
        }

        if (!
preg_match('#^http[s]?\\:\\/\\/[a-z0-9\-]+\.([a-z0-9\-]+\.)?[a-z]+#i'$website))
        {
            
$website '';
        }
    }

    return;
}

?>

:: Command execute ::

Enter:
 
Select:
 

:: Search ::
  - regexp 

:: Upload ::
 
[ ok ]

:: Make Dir ::
 
[ ok ]
:: Make File ::
 
[ ok ]

:: Go Dir ::
 
:: Go File ::
 

--[ c99shell v. 1.0 pre-release build #13 powered by Captain Crunch Security Team | http://ccteam.ru | Generation time: 0.0312 ]--