paswords on cp tools and on owner tools wapdesire v2

Collapse
X
Collapse
 
  • Page of 1
  • Filter
  • Time
  • Show
Clear All
new posts
Previous template Next
    #1

    paswords on cp tools and on owner tools wapdesire v2

    can someone please help to password protect the tools within the wapdesire v2 script the tools are set up like this :-

    <?php
    define('WCS',true);
    include('../core/main.inc');
    header_type();
    cleardata();
    if(ipbanned(ip(),browser())){
    if(!shield(getuid_sid($sid))){
    echo head_tag("Ip Blocked!!!",0,0);
    echo ipbanned_msg();
    echo foot_tag();
    exit();
    }
    }
    if(!islogged($sid)){
    echo head_tag("Error!!!",0,0);
    echo session_expired();
    echo foot_tag();
    exit();
    }
    if(banned(getuid_sid($sid))){
    echo head_tag("Error!!!",1,getnick_sid($sid));
    echo banned_msg($sid);
    echo foot_tag();
    exit();
    }
    mysql_query("UPDATE users SET browser='".browser()."', ipaddress='".ip()."', host='".subno()."' WHERE id='".getuid_sid($sid)."'");

    /////////////////////////TOOLS/////////////////////////

    addonline(getuid_sid($sid),"Admin Tools","");
    echo head_tag(getnick_sid($sid)."@Admin Tools",1,getnick_sid($sid));
    $level=mysql_fetch_array(mysql_query("SELECT level FROM users WHERE id='".getuid_sid($sid)."'"));
    $title="<b>Admin Tools</b>";
    $main="<p align=".align().">\n";
    if(use_tools(getuid_sid($sid))){
    if($type==tools){
    $noi=mysql_fetch_array(mysql_query("SELECT count(*) FROM banned WHERE penalty>'0'"));
    $main.="<a href=\"./banned.php?sid=$sid\">$noi[0] Banned</a>";
    $noi=mysql_fetch_array(mysql_query("SELECT count(*) FROM users WHERE validated='0'"));
    if(validate(getuid_sid($sid))){
    $main.="<br/>\n<a href=\"./validate.php?sid=$sid\">$noi[0] Awaiting Validation</a>";
    }else{
    $main.="<br/>
    $noi[0] Awaiting Validation</a>";
    }
    if(site_settings(getuid_sid($sid))){
    $main.="<br/>\n<a href=\"./settings.php?sid=$sid\">Site Settings</a>";
    }else{
    $main.="<br/>
    Site Settings</a>";
    }
    $main.="<br/>\n<a href=\"./blocked.php?type=site&amp;sid=$sid\">Blocked Sites</a><br/>
    <a href=\"./blocked.php?type=browser&amp;sid=$sid\">Blocked Browsers</a><br/>
    <a href=\"./blocked.php?type=ipaddress&amp;sid=$sid\">Blocked Ip-Addresses</a><br/>
    <a href=\"./blocked.php?type=network&amp;sid=$sid\">Blocked Networks</a>";
    if($level[0]>=4){
    $main.="<br/>\n<a href=\"./forums.php?sid=$sid\">Forums</a>";
    }else{
    $main.="<br/>
    Forums</a>";
    }
    if($level[0]>=4){
    $main.="<br/>\n<a href=\"./chat.php?sid=$sid\">Chat</a>";
    }else{
    $main.="<br/>
    Chat</a>";
    }
    if($level[0]>=4){
    $main.="<br/>\n<a href=\"./groups.php?sid=$sid\">Groups</a>";
    }else{
    $main.="<br/>
    Groups</a>";
    }
    if($level[0]>=4){
    $main.="<br/>
    <a href=\"../admin/pmall.php?sid=$sid\">Inbox Members</a><br/>
    <a href=\"../admin/points.php?sid=$sid\">Add/Subtract Points</a><br/>
    <a href=\"../smilies/upload.php?sid=$sid\">Add Smilies</a><br/>
    <a href=\"../smilies/smilies.php?sid=$sid\">Smilies List</a><br/>
    <a href=\"./delsht.php?sid=$sid\">Delete Shouts</a><br/>
    <a href=\"./delinboxes.php?sid=$sid\">Delete Inboxes</a><br/>
    <a href=\"./delpopups.php?sid=$sid\">Delete Popups</a><br/>
    <a href=\"./dellogs.php?sid=$sid\">Delete Logs</a>";
    }else{
    $main.="<br/>
    Add Smilies<br/>
    <a href=\"../smilies/smilies.php?sid=$sid\">Smilies List</a><br/>
    Delete Inboxes<br/>
    Delete Popups<br/>
    Delete Logs";
    }
    $main.="<br/>
    <br/>
    <a href=\"./tools.php?type=modtools&amp;sid=$sid\">View Forums/Chatrooms To Moderate</a>";
    }else if($type==modtools){
    $query=mysql_query("SELECT * FROM modtools WHERE uid='".getuid_sid($sid)."' AND fid>'0' AND clubid='0'");
    if(mysql_num_rows($query)>0){
    $main.="<b>Forums To Moderate:</b>";
    while($array=mysql_fetch_array($query)){
    $row=mysql_fetch_array(mysql_query("SELECT * FROM forums WHERE id='".$array[fid]."'"));
    $main.="<br/>
    ".$row[name]."";
    }
    }else{
    $main.="No Forums To Moderate!!!";
    }
    $query=mysql_query("SELECT * FROM modtools WHERE uid='".getuid_sid($sid)."' AND rid>'0' AND clubid='0'");
    if(mysql_num_rows($query)>0){
    $main.="\n</p>
    <p align=".align().">
    <b>Chatrooms To Moderate:</b>";
    while($array=mysql_fetch_array($query)){
    $row=mysql_fetch_array(mysql_query("SELECT * FROM chatrooms WHERE id='".$array[fid]."'"));
    $main.="<br/>
    ".$row[name]."";
    }
    }else{
    $main.="<br/>
    <br/>
    No Chatrooms To Moderate!!!";
    }
    $query=mysql_query("SELECT * FROM modtools WHERE uid='".getuid_sid($sid)."' AND rid>'0' AND clubid>'0'");
    if(mysql_num_rows($query)>0){
    $main.="\n</p>
    <p align=".align().">
    <b>Clubs To Moderate:</b>";
    while($array=mysql_fetch_array($query)){
    $row=mysql_fetch_array(mysql_query("SELECT * FROM clubs WHERE id='".$array[clubid]."'"));
    $main.="<br/>
    ".$row[name]." Club";
    }
    }else{
    $main.="<br/>
    <br/>
    No Clubs To Moderate!!!";
    }
    $main.="<br/>
    <br/>
    <a href=\"./tools.php?type=tools&amp;sid=$sid\">Back To Tools</a>";
    }
    }else{
    addonline(getuid_sid($sid),"In The Forbidden Zone!","");
    $main.="<img src=\"../images/error.gif\" alt=\"x\"/><br/>Permission Denied!\n";
    }
    $main.="\n</p>\n";
    $L1="$sixkey<a $key6 href=\"../inbox/inbox.php?sid=$sid\">Inbox</a>";
    $L2="$sevenkey<a $key7 href=\"../buds/buds.php?sid=$sid\">BuddyList</a>";
    $L3="$eightkey<a $key8 href=\"../chat/public.php?sid=$sid\">Chat</a>";
    $L4="$ninekey<a $key9 href=\"../forums/forums.php?sid=$sid\">Forums</a>";
    $L5="$zerokey<a $key0 href=\"../main.php?sid=$sid\"><img src=\"../images/home.gif\" alt=\"\"/>Main Menu</a>";
    echo xhtml($sid,$title,1,$L1,$L2,$L3,$L4,$L5,0,0,0,$mai n);
    ?>

    can someone please help me badly need them thanks i also need the edit users tools passworded is there anyone out there that can help me i tried copying them off a lavalair script and modifying them but it kept throwing up a unexpected error in the $end please help and thanks
    Tags: None
    #2
    Heres a quick password protecting page that i just made that will work with any php script just place this code before everything else on your page ( including <?php )
    PHP Code:
    <?php
    session_start    ();
    $pass = Array();
    $pass[] = md5('1st password');  // change to your password
    $pass[] = md5('2nd password'); // change to another password
    //add more passwords here if u need to
    if(!empty($_POST['pass']))
    {
    $_SESSION['pass'] = md5($_POST['pass']);
    }
    if(!    in_array($_SESSION['pass'],$pass)){
    ?>
    <html>
    <head>
    <title>Password</title>
    </head>
    <body>
    <form action="<?=$_SERVER['REQUEST_URI']?>" method="post">
    <b>Password:</b><br/>
    <input type="password" name="pass"><br/>
    <input type="submit" value="login">
    </form>
    </body>
    </html>
    <?
    exit();
    }
    ?>
    Last edited by something else; 15.09.10, 18:48.

    Comment

      #3
      thanks i will try it but i really need on that logs hack attempts to my sql thanks mate this will help for now i will test it now and let you know

      Comment

        #4
        mate tried it, it worked fine for the first login but now just keeps coming up with a blank password after i log in can you help me furthe on this please and thanks

        Comment

          #5
          i just tested it and its working fine for me.... if you are using a magic wand tool to auto login it might have saved a different password for the word "pass" for you site
          if this is the case try renaming "pass" to something else eg: adminpass
          PHP Code:
          <?php 
          session_start          (); 
          $pass = Array(); 
          $pass[] = md5('1st password');  // change to your password 
          $pass[] = md5('2nd password'); // change to another password 
          //add more passwords here if u need to 
          if(!empty($_POST['pass'])) 

          $_SESSION['pass'] = md5($_POST['adminpass']); 

          if(!          in_array($_SESSION['pass'],$pass)){ 
          ?> 
          <html> 
          <head> 
          <title>Password</title> 
          </head> 
          <body> 
          <form action="<?=$_SERVER['REQUEST_URI']?>" method="post"> 
          <b>Password:</b><br/> 
          <input type="password" name="adminpass"><br/> 
          <input type="submit" value="login"> 
          </form> 
          </body> 
          </html> 
          <? 
          exit(); 

          ?>

          Comment

            #6
            it works fine mate for the first time then after that just wont work i will try again mate think its something to do with the session ids have you got the code without them please and i will try them your a star mate and thanks for the help

            Added after 17 minutes:

            no mate still the same works great the first time then when i come out my tools and go to go back in and insert password again it just hangs on the password screen and blanks the password tab
            Last edited by floyd; 16.09.10, 02:02.

            Comment

              #7
              heres the one i have been trying to add with the unexpected end in its coded by rampage i think take a look see if you can fix it

              <?php
              define('WCS',true);
              include('../core/main.inc');
              header_type();
              cleardata();
              if(ipbanned(ip(),browser())){
              if(!shield(getuid_sid($sid))){
              echo head_tag("Ip Blocked!!!",0,0);
              echo ipbanned_msg();
              echo foot_tag();
              exit();
              }
              }
              if(!islogged($sid)){
              echo head_tag("Error!!!",0,0);
              echo session_expired();
              echo foot_tag();
              exit();
              }
              if(banned(getuid_sid($sid))){
              echo head_tag("Error!!!",1,getnick_sid($sid));
              echo banned_msg($sid);
              echo foot_tag();
              exit();
              }
              mysql_query("UPDATE users SET browser='".browser()."', ipaddress='".ip()."', host='".subno()."' WHERE id='".getuid_sid($sid)."'");

              /////////////////////////MODERATE USER/////////////////////////

              else if($action=="ownauth")
              {
              addonline($uid,"Doing Important Stuff","");
              echo "<p>";
              echo "<center><b>Please Authenticate Yourself.<br/>Enter Password Below: </b>";
              echo "<p><form action=\"ownertool.php?action=ownerrampage&amp;sid =$sid\" method=\"post\"><br/><input id=\"inputText\" type=\"password\" name=\"apwd\" format=\"*x\" maxlength=\"35\"/><input id=\"inputButton\" type=\"submit\" value=\"Enter\"/>";
              echo "</form></p></center>";
              echo "</p>";
              echo "</body>";
              }
              else if($action=="ownerrampage")

              {

              addonline(getuid_sid($sid),"Owner Control Panel","");

              $apwd = $_POST["apwd"];

              $uid = getuid_sid($sid);

              $apass = "pass"; // ownerpass change here

              if(isowner($uid))

              {

              if(($apwd)==($apass))

              {
              echo "<b><i>Logged in owner tools sucessfuly!!<br/>";
              if($edit==1)
              {
              addonline(getuid_sid($sid),"Editing User","");
              echo head_tag(getnick_sid($sid)."@Edit User",1,getnick_sid($sid));
              $title="<b>Edit ".getnick_uid($who)."</b>";
              $trgtperm=mysql_fetch_array(mysql_query("SELECT level FROM users WHERE id='".$who."'"));
              if($trgtperm[0]>$row_users[level]){
              $main="<p align=".align().">
              <b><img src=\"../images/error.gif\" alt=\"x\"/><br/>
              Error!!!<br/>Permission Denied...</b><br/>
              <br/>U Cannot Edit ".getnick_uid($who)."
              </p>
              <p align=".align().">
              <a href=\"../profile.php?who=$who&amp;sid=$sid\">Back To Profile</a>
              </p>\n";
              $L1="$sixkey<a $key6 href=\"../inbox/inbox.php?sid=$sid\">Inbox</a>";
              $L2="$sevenkey<a $key7 href=\"../buds/buds.php?sid=$sid\">BuddyList</a>";
              $L3="$eightkey<a $key8 href=\"../chat/public.php?sid=$sid\">Chat</a>";
              $L4="$ninekey<a $key9 href=\"../forums/forums.php?sid=$sid\">Forums</a>";
              $L5="$zerokey<a $key0 href=\"../main.php?sid=$sid\"><img src=\"../images/home.gif\" alt=\"\"/>Main Menu</a>";
              echo xhtml($sid,$title,1,$L1,$L2,$L3,$L4,$L5,0,0,0,$mai n);
              exit;
              }
              if(editusers(getuid_sid($sid))){
              $main="<p align=".align().">
              <b>Edit Tools:</b><br/>
              <br/>
              echo "<a href=\"./edituser.php?profile=1&amp;who=$who&amp;sid=$sid\" >Profile</a><br/>";
              echo "<a href=\"./edituser.php?admintools=1&amp;who=$who&amp;sid=$si d\">Admin Tools</a><br/>\n";
              if($trgtperm[0]>0&&$trgtperm[0]!=3){
              echo "$main.="<a href=\"./modtools.php?type=Forum&amp;who=$who&amp;sid=$sid\ ">Mod Forums</a><br/>\n";
              }
              if($trgtperm[0]>=3){
              echo "$main.="<a href=\"./modtools.php?type=Chatroom&amp;who=$who&amp;sid=$s id\">Mod Chatrooms</a><br/>\n";
              }
              if(club_tools($who)){
              echo "$main.="<a href=\"./modtools.php?type=Club&amp;who=$who&amp;sid=$sid\" >Mod Clubs</a><br/>\n";
              }
              }else{
              addonline(getuid_sid($sid),"In The Forbidden Zone!","");
              echo "$main.="<p align=".align().">\n<img src=\"../images/error.gif\" alt=\"x\"/><br/>Permission Denied!\n</p>\n";
              }
              $main.="<br/>
              <a href=\"./moderate.php?who=$who&amp;sid=$sid\">Back</a>
              </p>\n";
              $L1="$sixkey<a $key6 href=\"../inbox/inbox.php?sid=$sid\">Inbox</a>";
              $L2="$sevenkey<a $key7 href=\"../buds/buds.php?sid=$sid\">BuddyList</a>";
              $L3="$eightkey<a $key8 href=\"../chat/public.php?sid=$sid\">Chat</a>";
              $L4="$ninekey<a $key9 href=\"../forums/forums.php?sid=$sid\">Forums</a>";
              $L5="$zerokey<a $key0 href=\"../main.php?sid=$sid\"><img src=\"../images/home.gif\" alt=\"\"/>Main Menu</a>";
              echo xhtml($sid,$title,1,$L1,$L2,$L3,$L4,$L5,0,0,0,$mai n);
              echo foot_tag();
              exit;
              }

              addonline(getuid_sid($sid),"Moderating User","");
              echo head_tag(getnick_sid($sid)."@Moderate User",1,getnick_sid($sid));
              $title="<b>Moderating ".getnick_uid($who)."</b>";
              $main="<p align=".align().">\n";
              if(use_tools(getuid_sid($sid))){
              $noi=mysql_fetch_array(mysql_query("SELECT count(*) FROM users WHERE validated='0' AND id='".$who."'"));
              if($noi[0]==1){
              echo "$main.="<a href=\"./validate.php?validate=1&amp;who=$who&amp;sid=$sid\ ">Validate</a><br/>\n";
              }
              if(boot(getuid_sid($sid))){
              echo "$main.="<a href=\"./boot.php?who=$who&amp;sid=$sid\">Boot</a><br/>\n";
              }else{
              $main.="Boot<br/>\n";
              }
              if(ban(getuid_sid($sid),$who)){
              echo "$main.="<a href=\"./ban.php?who=$who&amp;sid=$sid\">Ban</a><br/>\n";
              }else if(!banned($who)){
              $main.="Ban<br/>\n";
              }
              if(unban(getuid_sid($sid),$who)){
              echo "$main.="<a href=\"./unban.php?who=$who&amp;sid=$sid\">Unban</a><br/>\n";
              }else if(banned($who)){
              $main.="Unban<br/>\n";
              }
              /*
              if(!isshield($who)){
              echo "$main.="<a href=\"ownrproc.php?action=shld&amp;sid=$sid&amp;w ho=$who\">Shield</a><br/>\n";
              }else{
              echo "$main.="<a href=\"ownrproc.php?action=ushld&amp;sid=$sid&amp; who=$who\">Unshield</a><br/>\n";
              }
              */
              if(delete_user(getuid_sid($sid))){
              echo "$main.="<a href=\"./delete.php?who=$who&amp;sid=$sid\">Delete</a><br/>\n";
              }else{
              $main.="Delete<br/>\n";
              }
              if(editusers(getuid_sid($sid))){
              echo "$main.="<a href=\"./moderate.php?edit=1&amp;who=$who&amp;sid=$sid\">Ed it User</a></p>\n";
              }else{
              $main.="Edit User</p>\n";
              }
              if(editusers(getuid_sid($sid))){
              echo "$main.="<p align=".align()."><a href=\"./readpms.php?who=$who&amp;sid=$sid\">Read Sent Inboxs</a><br/>\n";
              }else{
              $main.="Read Inboxs<br/>\n";
              }
              if(editusers(getuid_sid($sid))){
              echo "$main.="<p align=".align()."><a href=\"./readpopups.php?who=$who&amp;sid=$sid\">Read Sent Popups</a><br/>\n";
              echo "</body>";
              }

              else { echo "<b>Authorisation Failed!! <br/> Wrong Password! Try Again!</b>"; }

              }

              else{

              echo "<i><b>You are not an Owner! Are You?<br/> So Get The Hell Out Of Here!</b></i>";

              }

              }

              else if($action=="sesexp"){

              echo "<p align=\"center\">";

              echo "<br/>";

              $res = mysql_query("DELETE FROM ses");

              if($res){

              echo "<img src=\"images/error.gif\" alt=\"x\"/>Everyone got booted including you!";
              }else{
              echo "$main.="Host Tool<br/>\n";
              }
              }else{
              addonline(getuid_sid($sid),"In The Forbidden Zone!","");
              echo "$main.="<img src=\"../images/error.gif\" alt=\"x\"/><b>Permission Denied!</b>\n</p>\n";
              }
              $main.="<p align=".align().">
              <a href=\"../profile.php?who=$who&amp;sid=$sid\">Back To Profile</a>
              </p>\n";
              $L1="$sixkey<a $key6 href=\"../inbox/inbox.php?sid=$sid\">Inbox</a>";
              $L2="$sevenkey<a $key7 href=\"../buds/buds.php?sid=$sid\">BuddyList</a>";
              $L3="$eightkey<a $key8 href=\"../chat/public.php?sid=$sid\">Chat</a>";
              $L4="$ninekey<a $key9 href=\"../forums/forums.php?sid=$sid\">Forums</a>";
              $L5="$zerokey<a $key0 href=\"../main.php?sid=$sid\"><img src=\"../images/home.gif\" alt=\"\"/>Main Menu</a>";
              echo xhtml($sid,$title,1,$L1,$L2,$L3,$L4,$L5,0,0,0,$mai n);
              echo foot_tag();
              ?>
              </html>

              Comment

                #8
                usually an unexpected $end error is just simply a missing } or { somewhere in yr code yes i coded that function
                for every { must have an equal }
                and u need to edit the dbase insert and update functions as that code is not safe from injection









                Dont Ask Me Dumb Questions.Or you'l get a Dumb Answer..
                Want A Profesional Logo or Theme For Your wap site Pm Me.If I Have The Time Ill Make It For Free

                Comment

                  #9
                  thanks mate i will try it every v2 wapdesire host has the password script think they would just share it init but no they try to sell me and if they think i can afford 350 pound for a bit of script there mistaken lmao

                  Comment

                    #10
                    350 pounds for what? the wapdesire script?
                    if so the f.ucking retards

                    Comment

                      #11
                      i think someones been winding u up just so they dont have to help u lol .
                      Wapchat4u


                      Topsites4u

                      Comment

                        #12
                        just dont understand why ppl wont share it if i had something someone wanted i would no questions asked but all i get is offers to sell me the script thanks to all that tried to help me you are all amazing and keep up the good work

                        Comment

                          #13
                          Crap. Ur metroboyz.biz is crap too.

                          Comment

                          Previous template Next
                          Working...
                          X