how to stop to open avatars and smilies folder directly from link. like mysite.com/avatars or mysite.com/smilies
help please
help please
-
-
create index.php
<?php
?> -
i already have index.php in smilies folder with this coding. what to do?
PHP Code:<?php
/*
(c)wapdesire.com
*/
include("../config.php");
include("../core.php");
connectdb();
$brw = $HTTP_USER_AGENT;
$brws = explode("/",$HTTP_USER_AGENT);
$ubr = $brws[0];
$uip = getip();
$action = $_GET["action"];
$sid = $_GET["sid"];
$page = $_GET["page"];
$who = $_GET["who"];
$uid = getuid_sid($sid);
$nick = getnick_uid($uid);
$upload = $_GET["upload"];
$bcon = connectdb();
$script = $_GET["script"];
if($script=="wml"){
header("Content-type: text/vnd.wap.wml");
header("Cache-Control: no-store, no-cache, must-revalidate");
echo '<?xml version="1.0"?' . '>';
echo "<!DOCTYPE wml PUBLIC \"-//WAPFORUM//DTD WML 1.1//EN\"". " \"http://www.wapforum.org/DTD/wml_1.1.xml\">";
}else{
header("Content-type: text/html; charset=ISO-8859-1");
header("Cache-Control: no-cache, must-revalidate, max-age=0");
header("Pragma: no-cache");
echo '<?xml version="1.0"?' . '>';
echo "<!DOCTYPE html PUBLIC \"-//WAPFORUM//DTD XHTML Mobile 1.0//EN\" \"http://www.wapforum.org/DTD/xhtml-mobile10.dtd\">";
}
if($script=="wml"){
echo "<wml>";
}else{
echo "<html xmlns=\"http://www.w3.org/1999/xhtml\">";
}
/////////////////////////////Database Error/////////////////////////////
if (!$bcon)
{
if($script=="wml"){
echo "<card id=\"main\" title=\"Error!!!\">";
}else{
echo "<head>";
echo "<title>Error!!!</title>";
echo "</head>";
echo "<body>";
}
echo "<p align=\"center\">";
echo "<img src=\"http://coding-talk.com/images/exit.gif\" alt=\"!\"/><br/>";
echo "<b>Error! Cannot Connect To Database...</b><br/><br/>";
echo "This error happens usually when backing up the database, please be patient...";
echo "</p>";
if($script=="wml"){
echo "</card>";
echo "</wml>";
}else{
echo "</body>";
echo "</html>";
}
exit();
}
cleardata();
/////////////////////////////Ip Banned/////////////////////////////
if(isipbanned($uip,$ubr))
{
if(!isshield(getuid_sid($sid)))
{
echo "<head>";
echo "<title>Ip Block!</title>";
echo "</head>";
echo "<body>";
echo "<p align=\"center\">";
echo "<img src=\"http://coding-talk.com/images/notok.gif\" alt=\"x\"/><br/>";
echo "<b>This IP address is blocked!!!</b><br/>";
echo "<br/>";
echo "How ever we grant a shield against IP-Ban for our great users, you can try to see if you are shielded by trying to log-in, if you kept coming to this page that means you are not shielded, so come back when the ip-ban period is over<br/><br/>";
$banto = mysql_fetch_array(mysql_query("SELECT timeto FROM ibwf_penalties WHERE penalty='2' AND ipadd='".$uip."' AND browserm='".$ubr."' LIMIT 1 "));
//echo mysql_error();
$remain = $banto[0] - time();
$rmsg = gettimemsg($remain);
echo " IP: $rmsg<br/><br/>";
echo "</p>";
echo "<p>";
echo "<form action=\"../web/login.php\" method=\"get\">";
echo "<b>UserID:</b><br/><input name=\"loguid\" format=\"*x\" maxlength=\"30\"/><br/>";
echo "<b>Password:</b><br/><input type=\"password\" name=\"logpwd\" maxlength=\"30\"/><br/>";
echo "<br/><input name=\"LOGIN\" type=\"submit\" value=\"Submit\"></form>";
echo "<img src=\"../images/banner.gif\" alt=\"\"/><br/>";
echo "<br/><br/>Not registered yet? <br/><a href=\"../web/register.php\">SignUp</a><br/>";
echo "<a href=\"../web/index.php?action=terms&sid=$sid\">Site Rules</a><br/>";
echo "</p>";
echo "</body>";
echo "</html>";
exit();
}
}
/////////////////////////////Session Expired/////////////////////////////
if(($action != "") && ($action!="terms"))
{
$uid = getuid_sid($sid);
if((islogged($sid)==false)||($uid==0))
{
if($script=="wml"){
echo "<card id=\"main\" title=\"Error!!!\">";
}else{
echo "<head>";
echo "<title>Error!!!</title>";
echo "</head>";
echo "<body>";
}
echo "<p align=\"center\">";
echo "You are not logged in<br/>";
echo "Or Your session has been expired<br/><br/>";
if($script=="wml"){
echo "<a href=\"../wap/index.php\">Login</a>";
}else{
echo "<a href=\"../web/index.php\">Login</a>";
}
echo "</p>";
if($script=="wml"){
echo "</card>";
echo "</wml>";
}else{
echo "</body>";
echo "</html>";
}
exit();
}
}
/////////////////////////////Banned/////////////////////////////
if(isbanned($uid))
{
if($script=="wml"){
echo "<card id=\"main\" title=\"Error!!!\">";
}else{
echo "<head>";
echo "<title>Error!!!</title>";
echo "</head>";
echo "<body>";
}
echo "<p align=\"center\">";
echo "<img src=\"http://coding-talk.com/images/notok.gif\" alt=\"x\"/><br/>";
echo "<b>You are Banned</b><br/><br/>";
$banto = mysql_fetch_array(mysql_query("SELECT timeto, pnreas, exid FROM ibwf_penalties WHERE uid='".$uid."' AND penalty='1'"));
$banres = mysql_fetch_array(mysql_query("SELECT lastpnreas FROM ibwf_users WHERE id='".$uid."'"));
$remain = $banto[0]- time();
$rmsg = gettimemsg($remain);
echo "<b>Time Left: </b>$rmsg<br/>";
$nick = getnick_uid($banto[2]);
echo "<b>By: </b>$nick<br/>";
echo "<b>Reason: </b>$banto[1]";
//echo "<a href=\"../web/index.php\">Login</a>";
echo "</p>";
if($script=="wml"){
echo "</card>";
echo "</wml>";
}else{
echo "</body>";
echo "</html>";
}
exit();
}
/////////////////////////////smilies/////////////////////////////
else if($action=="smilies")
{
addonline(getuid_sid($sid),"Viewing Smilies","");
if($script=="wml"){
echo "<card id=\"main\" title=\"Gallery Pics\">";
echo "<p align=\"center\">";
}else{
echo "<head>";
echo "<title>Smilies</title>";
echo "</head>";
echo "<body>";
echo "<center>";
}
$items_per_page = "10";
if (!isset($page)) {$page = 0;}
$total = 0;
if(!($dp = opendir("./"))) die ("Cannot open ./");
$file_array = array();
while ($file = readdir ($dp))
{
if(substr($file,0,1) != '.' and $file != "index.php")
{
$file_array[] = $file;
}
}
$file_count = count ($file_array);
sort ($file_array);
echo "<u><i><b>Smilies</b></i></u><br/>";
if ($file_count > 0)
{
$first_record = $page * $items_per_page;
$last_record = $first_record + $items_per_page;
while (list($fileIndexValue, $file_name) = each ($file_array))
{
if (($fileIndexValue >= $first_record) AND ($fileIndexValue < $last_record))
{
if((isowner(getuid_sid($sid)))||(isheadadmin(getuid_sid($sid))))
{
$delpic="<br/><a href=\"index.php?action=smilies&page=$page&sid=$sid&script=$script&delete=$file_name\"><img src=\"../images/notok.gif\" alt=\"[x]\"/></a><br/>";
}
echo "<a href=\"$file_name\">$file_name</a> ". round(filesize($file_name)/1024,1) . "kb$delpic<br/>";
$delete = $_GET["delete"];
if($delete=="$file_name"){
if((isowner(getuid_sid($sid)))||(isheadadmin(getuid_sid($sid))))
{
unlink("./$file_name");
echo "<br/>$file_name deleted successfully<br/>";
if($script=="wml"){
echo "<card id=\"refresh\" title=\"refresh\" ontimer=\"index.php?action=smilies&page=$page&sid=$sid&script=$script\">";
echo "<timer value=\"1\"/>pls wait while browser redirects</card></p></card></wml>";
exit();
}else{
echo "<meta http-equiv=Refresh content=1;url=index.php?action=smilies&page=$page&sid=$sid&script=$script>";
echo "</p></body></html>";
exit();
}
}
}
$total = $total + filesize($file_name);
}
}
echo "<br/>";
$pages =(int) ceil($file_count / $items_per_page);
$pages = ($pages -1);
if (($file_count > 0) AND ($page != 0))
{
$prev_page = $page -1;
echo "<a href=\"".$_SERVER["PHP_SELF"]."?action=smilies&page=$prev_page&sid=$sid&script=$script\"><img src=\"../images/prev.gif\" alt=\"Prev\"/></a> |";
}
if (($file_count > 0) AND ($last_record < $file_count))
{
$next_page = $page + 1;
echo " <a href=\"".$_SERVER["PHP_SELF"]."?action=smilies&page=$next_page&sid=$sid&script=$script\"><img src=\"../images/next.gif\" alt=\"Next\"/></a>";
}
if ($file_count > 10)
{
if($script=="wml"){
$rets = "<br/>Jump (0-$pages/$page)<br/><input name=\"pg\" format=\"*N\" size=\"2\"/>";
$rets .= "<anchor>goto page";
$rets .= "<go href=\"index.php\" method=\"get\">";
$rets .= "<postfield name=\"action\" value=\"$action\"/>";
$rets .= "<postfield name=\"sid\" value=\"$sid\"/>";
$rets .= "<postfield name=\"script\" value=\"$script\"/>";
$rets .= "<postfield name=\"page\" value=\"$(pg)\"/>";
$rets .= "</go></anchor><br/>";
echo $rets;
}else{
$rets = "<form action=\"index.php\" method=\"get\">";
$rets .= "Jump (0-$pages/$page)<br/><input name=\"page\" style=\"-wap-input-format: '*N'\" size=\"2\"/>";
$rets .= "<input type=\"hidden\" name=\"action\" value=\"$action\">";
$rets .= "<input type=\"hidden\" name=\"sid\" value=\"$sid\">";
$rets .= "<input type=\"hidden\" name=\"script\" value=\"$script\">";
$rets .= "<input type=\"Submit\" name=\"Submit\" Value=\"goto page\"></form>";
echo $rets;
}
echo "<br/>";
}
echo "<br/>Directory: $file_count ";
if ($file_count == 1)
{echo "file";}
else
{echo "files";}
}
echo "<br/>";
echo "<a href=\"index.php?action=upload&sid=$sid&script=xhtml&prevscript=$script\">Upload</a><br/>";
if(isowner(getuid_sid($sid)))
{
if($script=="wml")
{
echo "<a href=\"../ownercp.php?action=addsml&sid=$sid\">Link Smilies into site</a><br/>";
}else{
echo "<a href=\"../ownercp.php?action=addsml&sid=$sid\">Link Smilies into site</a><br/>";
}
}else if(isheadadmin(getuid_sid($sid)))
{
if($script=="wml")
{
echo "<a href=\"../headadmincp.php?action=addsml&sid=$sid\">Link Smilies into site</a><br/>";
}else{
echo "<a href=\"../headadmincp.php?action=addsml&sid=$sid\">Link Smilies into site</a><br/>";
}
}
closedir($dp);
if($script=="wml"){
echo "<a href=\"../index.php?action=main&sid=$sid\"><img src=\"../images/home.gif\" alt=\"\"/>Home</a>";
echo "</p>";
echo "</card>";
}else{
echo "<b>0 </b><a accesskey=\"0\" href=\"../index.php?action=main&sid=$sid\"><img src=\"../images/home.gif\" alt=\"\"/>Home</a>";
echo "</center>";
echo "</body>";
}
}
/////////////////////////////upload//////////////////////////////
else if($action=="upload")
{
if((isowner(getuid_sid($sid)))||(isheadadmin(getuid_sid($sid))))
{
$script2 = $_GET["prevscript"];
addonline(getuid_sid($sid),"Uploading Smilies","");
if($script=="wml"){
echo "<card id=\"main\" title=\"Gallery Pics\">";
}else{
echo "<head>";
echo "<title>Upload Smilie</title>";
echo "</head>";
echo "<body>";
}
echo "<p align=\"center\">";
echo "<u><i><b>Upload</b></i></u><br/>";
echo "Image Files<br/>";
$size_bytes = 2048000;
$kb = $size_bytes / 1024;
$mb = $kb / 1024;
echo "Max <b>$mb</b> Mb<br/>";
if($script=="wml"){
echo "<img src=\"../images/point.gif\" alt=\"!\"/>Browser not compatible wif xhtml uploader";
}else{
echo "<form method=\"post\" enctype=\"multipart/form-data\" action=\"index.php?action=upload&sid=$sid&upload=add&script=$script&prevscript=$script2\">";
echo "<input type=\"file\" name=\"filetoupload\"><br>";
echo "<input type=\"Submit\" name=\"uploadform\" value=\"Upload\">";
echo "</form>";
}
$upload_dir = "./";
$filename = $_FILES['filetoupload']['name'];
$size = $_FILES['filetoupload']['size'];
$extlimit = "yes";
$limitedext = array(".jpeg",".jpg",".JPEG",".JPG",".gif",".GIF",".png",".PNG");
$ext = strrchr($_FILES['filetoupload'][name],'.');
if($upload=="add"){
if (!is_uploaded_file($_FILES['filetoupload']['tmp_name']))
{
echo "<img src=\"../images/notok.gif\" alt=\"(error)\"/>No file selected!<br/>";
echo "<br/>";
echo "<a href=\"index.php?action=smilies&sid=$sid&script=$script2\">Back</a><br/>";
if($script2=="wml"){
echo "<a href=\"../index.php?action=main&sid=$sid\"><img src=\"../images/home.gif\" alt=\"\"/>Home</a>";
}else{
echo "<b>0 </b><a accesskey=\"0\" href=\"../index.php?action=main&sid=$sid\"><img src=\"../images/home.gif\" alt=\"\"/>Home</a>";
}
echo "</p>";
if($script=="wml"){
echo "</card>";
}else{
echo "</body>";
}
exit();
}
if (($extlimit == "yes") && (!in_array($ext,$limitedext)))
{
echo("<img src=\"../images/notok.gif\" alt=\"(error)\"/>Invalid file type!<br/>");
echo "<br/>";
echo "<a href=\"index.php?action=smilies&sid=$sid&script=$script2\">Back</a><br/>";
if($script2=="wml"){
echo "<a href=\"../index.php?action=main&sid=$sid\"><img src=\"../images/home.gif\" alt=\"\"/>Home</a>";
}else{
echo "<b>0 </b><a accesskey=\"0\" href=\"../index.php?action=main&sid=$sid\"><img src=\"../images/home.gif\" alt=\"\"/>Home</a>";
}
echo "</p>";
if($script=="wml"){
echo "</card>";
}else{
echo "</body>";
}
exit();
}
if ($size > $size_bytes)
{
echo "<img src=\"../images/notok.gif\" alt=\"(error)\"/>Exceeded File size limit! Maximum <b>$kb</b> Kb.<br/>";
echo "<br/>";
echo "<a href=\"index.php?action=smilies&sid=$sid&script=$script2\">Back</a><br/>";
if($script2=="wml"){
echo "<a href=\"../index.php?action=main&sid=$sid\"><img src=\"../images/home.gif\" alt=\"\"/>Home</a>";
}else{
echo "<b>0 </b><a accesskey=\"0\" href=\"../index.php?action=main&sid=$sid\"><img src=\"../images/home.gif\" alt=\"\"/>Home</a>";
}
echo "</p>";
if($script=="wml"){
echo "</card>";
}else{
echo "</body>";
}
exit();
}
if (file_exists("$upload_dir/$filename"))
{
echo("<img src=\"../images/notok.gif\" alt=\"(error)\"/>Filename already exists!<br/>");
echo "<br/>";
echo "<a href=\"index.php?action=smilies&sid=$sid&script=$script2\">Back</a><br/>";
if($script2=="wml"){
echo "<a href=\"../index.php?action=main&sid=$sid\"><img src=\"../images/home.gif\" alt=\"\"/>Home</a>";
}else{
echo "<b>0 </b><a accesskey=\"0\" href=\"../index.php?action=main&sid=$sid\"><img src=\"../images/home.gif\" alt=\"\"/>Home</a>";
}
echo "</p>";
if($script=="wml"){
echo "</card>";
}else{
echo "</body>";
}
exit();
}
if(move_uploaded_file ($_FILES['filetoupload']['tmp_name'], "../smilies/$filename")){;
echo "<img src=\"../images/ok.gif\" alt=\":o)\"/>$filename sucessfully uploaded!<br/>";
echo "<br/>";
if(isowner(getuid_sid($sid)))
{
if($script2=="wml")
{
echo "<a href=\"../ownercp.php?action=addsml&sid=$sid\">Add Smilies into site</a><br/>";
}else{
echo "<a href=\"../ownercp.php?action=addsml&sid=$sid\">Add Smilies into site</a><br/>";
}
}else if(isheadadmin(getuid_sid($sid)))
{
if($script2=="wml")
{
echo "<a href=\"../headadmincp.php?action=addsml&sid=$sid\">Add Smilies into site</a><br/>";
}else{
echo "<a href=\"../headadmincp.php?action=addsml&sid=$sid\">Add Smilies into site</a><br/>";
}
}
echo "<a href=\"index.php?action=smilies&sid=$sid&script=$script2\">Back</a><br/>";
if($script2=="wml"){
echo "<a href=\"../index.php?action=main&sid=$sid\"><img src=\"../images/home.gif\" alt=\"\"/>Home</a>";
}else{
echo "<b>0 </b><a accesskey=\"0\" href=\"../index.php?action=main&sid=$sid\"><img src=\"../images/home.gif\" alt=\"\"/>Home</a>";
}
echo "</p>";
if($script=="wml"){
echo "</card>";
}else{
echo "</body>";
}
exit();
}
else
{
echo "<img src=\"../images/notok.gif\" alt=\"(error)\"/>Unknown error! Pls try again...<br/>";
echo "<br/>";
echo "<a href=\"index.php?action=smilies&sid=$sid&script=$script2\">Back</a><br/>";
if($script2=="wml"){
echo "<a href=\"../index.php?action=main&sid=$sid\"><img src=\"../images/home.gif\" alt=\"\"/>Home</a>";
}else{
echo "<b>0 </b><a accesskey=\"0\" href=\"../index.php?action=main&sid=$sid\"><img src=\"../images/home.gif\" alt=\"\"/>Home</a>";
}
echo "</p>";
if($script=="wml"){
echo "</card>";
}else{
echo "</body>";
}
exit();
}
}
echo "<br/>";
echo "<a href=\"index.php?action=smilies&sid=$sid&script=$script2\">Back</a><br/>";
if($script2=="wml"){
echo "<a href=\"../index.php?action=main&sid=$sid\"><img src=\"../images/home.gif\" alt=\"\"/>Home</a>";
}else{
echo "<b>0 </b><a accesskey=\"0\" href=\"../index.php?action=main&sid=$sid\"><img src=\"../images/home.gif\" alt=\"\"/>Home</a>";
}
echo "</p>";
if($script=="wml"){
echo "</card>";
}else{
echo "</body>";
}
}else{
$script2 = $_GET["prevscript"];
addonline(getuid_sid($sid),"Uploading Smilie","");
if($script=="wml"){
echo "<card id=\"main\" title=\"Gallery Pics\">";
}else{
echo "<head>";
echo "<title>Upload Smilie</title>";
echo "<link rel=\"stylesheet\" type=\"text/css\" href=\"../themes/$theme[0]\">";
echo "</head>";
echo "<body>";
}
echo "i dont no how u got in here but there nothing to show...<br/><br/>";
echo "<a href=\"index.php?action=smilies&sid=$sid&script=$script2\">Back</a><br/>";
if($script2=="wml"){
echo "<a href=\"../index.php?action=main&sid=$sid\"><img src=\"../images/home.gif\" alt=\"\"/>Home</a>";
}else{
echo "<b>0 </b><a accesskey=\"0\" href=\"../index.php?action=main&sid=$sid\"><img src=\"../images/home.gif\" alt=\"\"/>Home</a>";
}
if($script=="wml"){
echo "</card>";
}else{
echo "</body>";
}
}
}
/////////////////////////////Error/////////////////////////////
else
{
if($script=="wml"){
echo "<card id=\"main\" title=\"Error!!!\">";
}else{
echo "<head>";
echo "<title>Error!!!</title>";
echo "</head>";
echo "<body>";
}
echo "<p align=\"center\">";
echo "You are not logged in<br/>";
echo "Or Your session has been expired<br/><br/>";
if($script=="wml"){
echo "<a href=\"../wap/index.php\">Login</a>";
}else{
echo "<a href=\"../web/index.php\">Login</a>";
}
echo "</p>";
if($script=="wml"){
echo "</card>";
echo "</wml>";
}else{
echo "</body>";
echo "</html>";
}
exit();
}
if($script=="wml"){
echo "</wml>";
}else{
echo "</html>";
}
?>Last edited by godzilla; 06.11.09, 08:25.Comment
-
Put options-indexes in .htacces to prevent directory listing.she is beautifull than php.and i love her more than php.
sigpicComment
-
So You Want to Stop Hotlinking and Bandwidth Theft?
Create New File
.htaccess
put this code in it
Code:RewriteEngine On RewriteCond %{HTTP_REFERER} !^http://(.+\.)?mysite\.com/ [NC] RewriteCond %{HTTP_REFERER} !^$ RewriteRule .*\.(jpe?g|gif|bmp|png)$ /images/nohotlink.jpe [L]Last edited by GiLL; 06.11.09, 10:00.left wap stuffComment
-
it doesnt worksPHP Code:RewriteEngine On
RewriteCond %{HTTP_REFERER} !^http://(.+\.)?mysite\.com/ [NC]
RewriteCond %{HTTP_REFERER} !^$
RewriteRule .*\.(jpe?g|gif|bmp|png)$ /images/nohotlink.jpe [L]
Comment
-
anybody please help meComment
-
simple...Originally posted by godzilla View Post
open notepad(or whatever editor you use..)
copy/paste this text
save as index.phpPHP Code:<?php
header("Location: http://google.com");
?>
and upload this file in every folder with smilies, avatars, etc
always go for simple and efective things...
4 simple lines of simple code solves all ;)キノgんイノ刀g 4 ア乇ムc乇 ノ丂 レノズ乇 キucズノ刀g 4 √ノ尺gノ刀ノイリ!It's better to keep your mouth shut and give the impression that you're stupid, than to open it and remove all doubt.
ⓣⓗⓔ ⓠⓤⓘⓔⓣⓔⓡ ⓨⓞⓤ ⓑⓔ©ⓞⓜⓔ, ⓣⓗⓔ ⓜⓞⓡⓔ ⓨⓞⓤ â“â“¡â“” â“ⓑⓛⓔ ⓣⓞ â“—â“”â“â“¡ !
ιη тнєσÑу, тнє ÏÑα¢тι¢є ιѕ α Ñєѕυℓт σƒ тнє тнєσÑу, вυт ιη ÏÑα¢тι¢є ιѕ тнє σÏÏσѕιтє.Comment
-
Use that kid no one will be going to steal nowCode:# secure htaccess file ServerSignature Off Options -Indexes allow from localhost
Then you make a php thumb image that also hides the url !
Visit: Chat4u.mobi - The New Lay Of being a site of your dreams!
Visit: WapMasterz Coming Back Soon!
_______
SCRIPTS FOR SALE BY SUBZERO
Chat4u Script : coding-talk.com/f28/chat4u-mobi-script-only-150-a-17677/ - > Best Script for your site no other can be hacked by sql or uploaders.
FileShare Script : coding-talk.com/f28/file-wap-share-6596/ -> Uploader you will never regret buying yeah it mite be old now but it still seems to own others...
_______
Info & Tips
php.net
w3schools.comComment
-
how i can use it naming index.php coz i already have index.php in this folder to upload smiliesOriginally posted by metulj View PostComment
-
Put Subzeros code :
in an .htaccess file and your doneHTML Code:# secure htaccess file ServerSignature Off Options -Indexes allow from localhost
Last edited by djdevil89; 07.11.09, 10:41.
PHP Code:foreach ($_SERVER as $server => $value)
{
echo "$server is $value<br />";
}
Comment
Comment