|
Menu |
|
|
Home |
| |
|
Discussions |
| |
|
Tools |
| |
|
Affiliates |
| |
|
Content |
| |
|
Info |
| | |
|
|
|
|
|
User Info |
|
Membership:
Latest: MichaelSnaRe
New Today: 0
New Yesterday: 0
Overall: 9144
People Online:
Visitors: 68
Members: 0
Total: 68
|
|
|
|
|
|
Full disclosure |
|
|
|
|
|
|
|
|
|
IT Security and Insecurity Portal |
|
|
Please help decode this files |
|
Posted: Fri Sep 14, 2012 6:33 am |
|
|
tymtaszyn |
Regular user |
|
|
Joined: Jul 30, 2012 |
Posts: 5 |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Posted: Fri Sep 14, 2012 3:51 pm |
|
|
demon |
Moderator |
|
|
Joined: Sep 22, 2010 |
Posts: 485 |
|
|
|
|
|
|
|
engine_settings.php
Code: | <?php
include_once( "_lib/class.quickskin.php" );
if ( session_admin( ) && $_GET['recache'] )
{
$_POST['selectedtab'] = 2;
empty_cache_folder( );
}
$page = new QuickSkin( "main.html" );
if ( $CONFIG['temporary_close'] && !session_admin( ) && ( !$_POST['submit_login'] || !$_POST['submit_login'] ) )
{
if ( empty( $CONFIG['secretadminlogin'] ) )
{
$CONFIG['secretadminlogin'] = "admin";
}
if ( $_GET['_login'] != $CONFIG['secretadminlogin'] )
{
$page = new QuickSkin( "temporary_close.html" );
}
}
if ( $CONFIG['caching_status'] )
{
$page->set( "cache_lifetime", 600 );
$page->set( "reuse_code", true );
}
else
{
$page->set( "cache_lifetime", 0 );
$page->set( "reuse_code", false );
}
$page->set( "template_dir", $CONFIG['SKIN_FOLDER'] );
$page->set( "temp_dir", $Template_folder."_tmp/" );
$page->set( "cache_dir", $Template_folder."_tmp/" );
$page->assign( "tpl_img", "tplimgs/" );
$page->assign( "url_img", $CONFIG['SITE_URL']."/".$Template_folder."/".$CONFIG['SITE_TEMPLATE']."/tplimgs/" );
$page->assign( "tpl_js", "tpljs/" );
$page->assign( "url_js", $CONFIG['SITE_URL']."/".$Template_folder."/".$CONFIG['SITE_TEMPLATE']."/tpljs/" );
$page->assign( "tpl_css", "tplcss/" );
$page->assign( "url_css", $CONFIG['SITE_URL']."/".$Template_folder."/".$CONFIG['SITE_TEMPLATE']."/tplcss/" );
if ( !$Post )
{
$Post = array( );
}
foreach ( $_POST as $key => $value )
{
list( $fieldname, $require ) = fieldname $Post["".$fieldname.""] = $value;
}
$page->assign( "Post", $Post );
if ( !$Get )
{
$Get = array( );
}
foreach ( $_GET as $key => $value )
{
$Get["".$key.""] = $value;
}
$page->assign( "Get", $Get );
if ( $debug_skin )
{
$page->debug( );
}
$page->assign( "LANG", $LANG_msg );
$page->assign( "CONFIG", $CONFIG );
$page->assign( "arr_lang", make_tmp_array( $lang, "lang" ) );
$page->assign( "language", $language );
$page->assign( "cur_page", $cur_page );
$page->assign( "cur_url", $cur_url );
$page->assign( "session_admin", session_admin( ) );
$page->assign( "session_member", session_member( ) );
$page->assign( "session_active", session_active( ) );
if ( session_admin( ) )
{
$arr_STATICS['pending_order'] = db_count_records( $_exchange_lines, "src_status='{$STATUS_ENUM_ENABLE}' AND dst_status='{$STATUS_ENUM_DISABLE}' AND src_cid<>'{$INTERNAL_CID}'" );
$arr_STATICS['pending_commissions'] = db_count_records( $_lines, "pmt_type='{$TRANS_ENUM_WITHDRAW}' AND status='{$STATUS_ENUM_ENABLE}' AND cid<>'{$INTERNAL_CID}'" );
$arr_STATICS['pending_buys'] = db_count_records( $_orders, "src_status='{$STATUS_ENUM_ENABLE}' AND dst_status='{$STATUS_ENUM_DISABLE}' AND order_type='buy'" );
$arr_STATICS['pending_sells'] = db_count_records( $_orders, "src_status='{$STATUS_ENUM_ENABLE}' AND dst_status='{$STATUS_ENUM_DISABLE}' AND order_type='sell'" );
$arr_STATICS['have_pending_order'] = $arr_STATICS['pending_order'] + $arr_STATICS['pending_sells'] + $arr_STATICS['pending_buys'] + $arr_STATICS['pending_commissions'] + $arr_STATICS['pending_commissions'];
$page->assign( "arr_STATICS", $arr_STATICS );
}
if ( $_SESSION['fullname'] )
{
$page->assign( "vertification_required", $vertification_required );
$page->assign( "fullname", $fullname );
$page->assign( "user_access_level", $user_access_level );
}
$page->assign( "usergroup", $usergroup );
$page->assign( "SERVER", array(
"SERVER_PORT" => $_SERVER['SERVER_PORT'],
"REQUEST_URI" => $_SERVER['REQUEST_URI'],
"REMOTE_ADDR" => $_SERVER['REMOTE_ADDR']
) );
$page->assign( "ACCESS_LEVELS", $ACCESS_LEVELS );
$page->assign( "page_Error", make_tmp_array( $Error, "Error" ) );
$page->assign( "page_Success", make_tmp_array( $Success, "Success" ) );
$page->assign( "user_lang", $user_lang );
$page->assign( "fullname", $fullname );
$page->assign( "user_status", $user_status );
$page->assign( "uid", $uid );
$page->assign( "arr_data_news_list", $arr_data_news_list );
$page->assign( "arr_Reserve", $arr_Reserve );
$page->assign( "arr_SourceOnly", $arr_SourceOnly );
if ( $_SESSION['loginerror'] )
{
$page->assign( "Sloginerror", $_SESSION['loginerror'] );
unset( $_SESSION['loginerror'] );
}
if ( $_GET['id'] )
{
$cur_link .= "&id=".$_GET['id'];
}
if ( $_GET['Pages'] )
{
$cur_link .= "&Pages=".urlencode( $_GET['Pages'] );
}
if ( $_GET['News'] )
{
$cur_link .= "&News=".urlencode( $_GET['News'] );
}
if ( $_GET['title'] )
{
$cur_link .= "&title=".urlencode( $_GET['title'] );
}
$page->assign( "cur_link", $cur_link );
?>
|
|
|
_________________ Go BIG or go HOME ! |
|
|
|
|
|
|
|
Posted: Fri Sep 14, 2012 7:36 pm |
|
|
demon |
Moderator |
|
|
Joined: Sep 22, 2010 |
Posts: 485 |
|
|
|
|
|
|
|
engine_run.php
Code: | <?php
if ( $EXTRA_ENGINE )
{
include( $EXTRA_ENGINE );
}
if ( $PAGE_TEMPLATE )
{
$page->addtpl( "PAGE_CONTENT", $Template_folder."/".$CONFIG['SITE_TEMPLATE']."/".$PAGE_TEMPLATE );
}
$page->assign( "cpt", "<span style=display:none;>Powered by: <a href=\"http://www.auto-exchanger.com\">Auto-Exchanger.com</a></span>" );
ob_flush( );
$page->output( );
flush( );
if ( $dbconn )
{
db_close( $dbconn );
}
if ( session_admin( ) )
{
$time_end = microtime_float( );
$time = substr( $time_end - $time_start, 0, 7 );
echo "<div id='timer' style='padding:2px; text-align:center; font-size:11px; width:80%; margin:auto; line-height:12px'>Page execution time: <u>{$time} seconds</u> - Caching status: ".( !$CONFIG['caching_status'] ? "<span class=\"ErrorMessage\">Off</span>" : "<span class=\"SuccessMessage\">ON</span>" )." - Auto-Exchanger v".$CONFIG['Version']."</div>";
}
if ( $Error_div )
{
echo "\r\n\t<style type=\"text/css\">\r\n\t#floater{\r\n\t\tBORDER: #ccc7bc 2px solid;\r\n\t\tbackground-color:#f3f2f1;\r\n\t\tcolor:#4b3d35;\twidth:100%;\r\n\t\tposition:fixed!important;\r\n\t\tposition:absolute;\r\n\t\tleft:0; top:0;\r\n\t\tfont-size:13px;\r\n\t\tz-index: 999;\r\n\t\tpadding:10px;\r\n\t}\r\n\t</style>";
echo "<DIV id=\"floater\">";
foreach ( $Error_div as $key => $value )
{
echo "<span class=ErrorMessage><img src=\"".$CONFIG['SKIN_IMAGES']."/ico/fasle2.gif\" hspace=1 border=0 onclick=\"setVisibility('floater', 'none');\" style=\"cursor:hand\" >".$value."</span>";
}
echo "</div>";
unset( $Error_div );
}
?>
|
|
|
_________________ Go BIG or go HOME ! |
|
|
|
|
|
|
|
Posted: Fri Sep 14, 2012 7:37 pm |
|
|
demon |
Moderator |
|
|
Joined: Sep 22, 2010 |
Posts: 485 |
|
|
|
|
|
|
|
public.inc.php
Code: | <?php
if ( !$CONFIG )
{
require( "include/config.inc.php" );
}
if ( !$dbconn )
{
$dbconn = db_open( );
}
if ( $NoTemp )
{
require_once( $CONFIG['SKIN_FOLDER']."inc.head.php" );
require_once( $CONFIG['SKIN_FOLDER']."inc.menu.top.php" );
}
if ( $_GET['Action'] == "logout" && $_SESSION['uid'] )
{
if ( session_admin( ) )
{
log_event( "login", "Administrator logged out", $_SESSION['uid'] );
}
db_exec( "UPDATE {$_users} SET session_id='', language='{$_SESSION['language']}' WHERE session_id='{$sid}' and uid='{$_SESSION['uid']}'" );
db_exec( "UPDATE {$_logs} SET session_id='', logout_date=now() WHERE session_id='{$sid}' and uid='{$_SESSION['uid']}'" );
make_session_unregister( );
header( "Location: ".$CONFIG['SITE_URL'] );
}
if ( $_POST['submit_login'] )
{
include( "include/user_login_check.php" );
}
if ( isset( $_GET['inccur'] ) )
{
$str_tool = new string_tool( );
$inccur = $str_tool->remove_dangerous_chars( trim( $_GET['inccur'] ) );
$arr_INCLUDE_CURRENCIES = explode( ",", $inccur );
$i = 0;
foreach ( $arr_INCLUDE_CURRENCIES as $key => $value )
{
if ( db_get_id( "SELECT cid FROM {$_currencies} WHERE {$_currencies}.currency_name='{$value}'" ) )
{
$currencies_names .= "'{$value}', ";
$currencies_names_title .= ucfirst( $value ).", ";
}
}
if ( $currencies_names )
{
$currencies_names = substr( $currencies_names, 0, strlen( $currencies_names ) - 2 );
$LANG_msg['exchange_004'] .= " (".substr( $currencies_names_title, 0, strlen( $currencies_names_title ) - 2 ).")";
$currencies_clause = " AND currency_name in (".$currencies_names.") ";
}
}
else if ( $CONFIG['EXCLUDE_CURRENCIES'] )
{
$arr_EXCLUDE_CURRENCIES = explode( ",", $CONFIG['EXCLUDE_CURRENCIES'] );
foreach ( $arr_EXCLUDE_CURRENCIES as $key => $value )
{
$currencies_clause .= " AND {$_currencies}.currency_name<>'{$value}' ";
}
}
$arr_currency = array( );
$query_currency = "Select {$_exchange_rate}.cid, currency_name, reserve_amount, currency_worth_name, currency_metal_name, ACCOUNT From {$_exchange_rate} Inner Join {$_currencies} ON {$_exchange_rate}.cid = {$_currencies}.cid\r\n\t\t\tWhere {$_currencies}.exchange_status = '1' AND {$_currencies}.show_as_destination = '1' {$currencies_clause} Order By {$_currencies}.cid Asc";
$result = db_query( $query_currency, " ;;" );
$arr_Reserve = mysql_push_data( $result );
db_free_result( $result );
$arr_currency = array( );
$query_currency = "Select cid, currency_name, reserve_amount, currency_worth_name, currency_metal_name, ACCOUNT From {$_currencies} Where exchange_status='1' AND show_as_source='1' AND show_as_destination='0' {$currencies_clause} GROUP BY currency_name Order By {$_currencies}.cid Asc";
$result = db_query( $query_currency, " ;;" );
$arr_SourceOnly = mysql_push_data( $result );
db_free_result( $result );
foreach ( $arr_Reserve as $key => $value )
{
$currencies_FNAME[$arr_Reserve[$key]['cid']] = ucfirst( $arr_Reserve[$key]['currency_name'] )." ".ucfirst( $arr_Reserve[$key]['currency_metal_name'] );
}
if ( $_SESSION['uid'] && $_SESSION['access_level'] != 2 )
{
$vertification_required = db_get_id( "Select cid From {$_currencies} WHERE access_level>'1' AND exchange_status = '1' AND (show_as_source='1' OR show_as_destination='1'); " );
}
if ( !$_SESSION['uid'] )
{
$uid = 0;
}
$query_currencies = "Select cid, currency_name, currency_worth_name, currency_metal_name From {$_currencies} Order By {$_currencies}.cid Asc";
$result = db_query( $query_currencies, " ;;" );
$arr_result = mysql_push_data( $result );
foreach ( $arr_result as $key => $value )
{
$Allcurrencies[$arr_result[$key]['cid']] = ucfirst( $arr_result[$key]['currency_name'] )." ".ucfirst( $arr_result[$key]['currency_metal_name'] );
}
db_free_result( $result );
unset( $arr_result );
if ( $CONFIG['NEWS_NUMBER'] )
{
if ( !$CONFIG )
{
require( "include/config.inc.php" );
}
$nclause = "fld_language='{$CONFIG['DEF_LANGUAGE']}'";
if ( db_get_id( "SELECT id FROM {$_news} WHERE type='1' AND status='1' AND fld_language='{$language}' AND fld_title<>''" ) )
{
$nclause = "fld_language='{$language}'";
}
$query_news = "SELECT id, fld_title, fld_body, fld_date FROM {$_news} WHERE type = '1' AND status = '1' AND {$nclause} ORDER BY fld_date DESC LIMIT 0, {$CONFIG['NEWS_NUMBER']}";
$result = db_query( $query_news, " ;;" );
$arr_data_news_list = mysql_push_data( $result );
db_free_result( $result );
foreach ( $arr_data_news_list as $key => $value )
{
$arr_data_news_list[$key]['body_lenght'] = strlen( $arr_data_news_list[$key]['fld_body'] );
}
}
?>
|
|
|
_________________ Go BIG or go HOME ! |
|
|
|
|
|
|
|
Posted: Fri Sep 14, 2012 7:38 pm |
|
|
demon |
Moderator |
|
|
Joined: Sep 22, 2010 |
Posts: 485 |
|
|
|
|
|
|
|
Received.php
Code: | <?php
require( "include/config.inc.php" );
$REFERER = $_SERVER['HTTP_REFERER'];
if ( isset( $_POST['PAYMENT_BATCH_NUM'] ) )
{
$PAYMENT_ID = $_POST['PAYMENT_ID'];
$payment_amount = $_POST['PAYMENT_AMOUNT'];
$payer_acc = $_POST['PAYER_ACCOUNT'];
$payment_batch = $_POST['PAYMENT_BATCH_NUM'];
$payment_type = "E-gold/PerfectMoney";
}
else if ( isset( $_POST['ATIP_TRANSACTION_ID'] ) )
{
$PAYMENT_ID = $_POST['paymentid'];
$payment_amount = $_POST['ATIP_PAYMENT_AMOUNT'];
$worth_of = $_POST['ATIP_PAYMENT_METAL'];
$payment_batch = $_POST['ATIP_TRANSACTION_ID'];
$payment_type = "E-bullion";
}
else if ( isset( $_POST['PAYMENT_REC_ID'] ) )
{
$PAYMENT_ID = $_POST['PAYMENT_ID'];
$payment_amount = $_POST['PAYMENT_AMOUNT'];
$worth_of = $_POST['PAYMENT_UNITS'];
$payment_batch = $_POST['PAYMENT_REC_ID'];
$payer_acc = $_POST['PAYER_ACCOUNT'];
$payment_type = "Pecunix";
}
else if ( isset( $_POST['lr_merchant_ref'] ) )
{
$PAYMENT_ID = $_POST['lr_merchant_ref'];
$payment_type = "Liberty Reserve";
}
else if ( isset( $_POST['PMT_PAYMENT_ID'] ) )
{
$PAYMENT_ID = $_POST['PMT_PAYMENT_ID'];
$payment_amount = $_POST['PMT_AMOUNT'];
$payment_batch = $_POST['PMT_BATCH_NUM'];
$payment_type = "V-money";
}
else if ( isset( $_POST['LMI_PAYMENT_NO'] ) )
{
$PAYMENT_ID = $_POST['LMI_PAYMENT_NO'];
$payment_batch = $_POST['LMI_SYS_TRANS_NO'];
$payment_type = "Webmoney";
}
else if ( isset( $_POST['sigil3_str'] ) )
{
$PAYMENT_ID = preg_replace( "/[A-z+ :#]/", "", $_POST['memo'] );
$payment_amount = $_POST['payment_amount'];
$payee_acc = $_POST['payee_account'];
$payment_type = "C-gold";
}
else if ( isset( $_POST['transaction_amount'] ) )
{
$arr = changeMultiarrayStructure( db_get_all( "SELECT cid FROM {$_currencies} WHERE currency_name='globaldigitalpay'" ) );
$PAYMENT_ID = db_get_id( "Select exchange_refrence From {$_exchange_lines} WHERE src_cid IN (".implode( ",", $arr['cid'] ).") AND src_amount='".sql_safe( $_POST['transaction_amount'] )."' ORDER BY eid DESC LIMIT 0,1" );
$payment_type = "Globaldigitalpay";
}
else if ( eregi( "alertpay.com", $REFERER ) )
{
$arr = changeMultiarrayStructure( db_get_all( "SELECT cid FROM {$_currencies} WHERE currency_name='alertpay'" ) );
$PAYMENT_ID = db_get_id( "Select exchange_refrence From {$_exchange_lines} WHERE src_cid IN (".implode( ",", $arr['cid'] ).") AND src_status='{$STATUS_ENUM_ENABLE}' ORDER BY eid DESC LIMIT 0,1" );
$payment_type = "Alertpay";
}
else if ( eregi( "moneybookers.com", $REFERER ) || $_POST['mb_currency'] )
{
$PAYMENT_ID = $_POST['transaction_id'];
if ( !$PAYMENT_ID )
{
$arr = changeMultiarrayStructure( db_get_all( "SELECT cid FROM {$_currencies} WHERE currency_name='moneybookers'" ) );
$PAYMENT_ID = db_get_id( "Select exchange_refrence From {$_exchange_lines} WHERE src_cid IN (".implode( ",", $arr['cid'] ).") AND src_status='{$STATUS_ENUM_ENABLE}' ORDER BY eid DESC LIMIT 0,1" );
}
$payment_type = "Moneybookers";
}
else
{
$PAYMENT_ID = $_POST['item_number'];
if ( !$PAYMENT_ID )
{
$arr = changeMultiarrayStructure( db_get_all( "SELECT cid FROM {$_currencies} WHERE currency_name='paypal'" ) );
$PAYMENT_ID = db_get_id( "Select exchange_refrence From {$_exchange_lines} WHERE src_cid IN (".implode( ",", $arr['cid'] ).") AND src_status='{$STATUS_ENUM_ENABLE}' ORDER BY eid DESC LIMIT 0,1" );
}
$payment_type = "Paypal";
if ( eregi( "strictpay.com", $REFERER ) || $_POST['payment_id'] )
{
$PAYMENT_ID = $_POST['payment_id'];
if ( !$PAYMENT_ID )
{
$arr = changeMultiarrayStructure( db_get_all( "SELECT cid FROM {$_currencies} WHERE currency_name='strictpay'" ) );
$PAYMENT_ID = db_get_id( "Select exchange_refrence From {$_exchange_lines} WHERE src_cid IN (".implode( ",", $arr['cid'] ).") AND src_status='{$STATUS_ENUM_ENABLE}' ORDER BY eid DESC LIMIT 0,1" );
}
$payment_type = "Strictpay";
}
else if ( eregi( "solidtrustpay.com", $REFERER ) || $_POST['user1'] )
{
$PAYMENT_ID = $_POST['user1'];
if ( !$PAYMENT_ID )
{
$arr = changeMultiarrayStructure( db_get_all( "SELECT cid FROM {$_currencies} WHERE currency_name='solidtrustpay'" ) );
$PAYMENT_ID = db_get_id( "Select exchange_refrence From {$_exchange_lines} WHERE src_cid IN (".implode( ",", $arr['cid'] ).") AND src_status='{$STATUS_ENUM_ENABLE}' ORDER BY eid DESC LIMIT 0,1" );
}
$payment_type = "Solidtrustpay";
}
else if ( eregi( "cashu.com", $REFERER ) || $_POST['txt1'] )
{
$PAYMENT_ID = $_POST['txt1'];
if ( !$PAYMENT_ID )
{
$arr = changeMultiarrayStructure( db_get_all( "SELECT cid FROM {$_currencies} WHERE currency_name='cashu'" ) );
$PAYMENT_ID = db_get_id( "Select exchange_refrence From {$_exchange_lines} WHERE src_cid IN (".implode( ",", $arr['cid'] ).") AND src_status='{$STATUS_ENUM_ENABLE}' ORDER BY eid DESC LIMIT 0,1" );
}
$payment_type = "Cashu";
}
}
if ( $Received_no )
{
$x_status = "Failed";
}
else if ( $PAYMENT_ID )
{
$x_status = "Successfull";
}
if ( !$PAYMENT_ID || !is_numeric( $PAYMENT_ID ) )
{
$PAYMENT_ID = $_SESSION['return_PAYMENT_ID'];
}
echo "<html>\r\n<head>\r\n<link href=\"";
echo $CONFIG['SKIN_CSS'];
echo "/style.php\" rel=\"stylesheet\" type=\"text/css\">\r\n</head>\r\n<body onLoad=\"document.form.submit();\">\r\n<form method=\"POST\" action=\"";
echo get_link( "exchange_status.php" );
echo "\" name=\"form\">\r\n";
echo "\t<input TYPE=\"HIDDEN\" name=\"x_status\" id=\"x_status\" VALUE=\"";
echo $x_status;
echo "\">\r\n\t<input TYPE=\"HIDDEN\" name=\"referenceid\" id=\"referenceid\" VALUE=\"";
echo $PAYMENT_ID;
echo "\">\r\n";
echo "</form>\r\n</body>\r\n</html>";
?>
|
|
|
_________________ Go BIG or go HOME ! |
|
|
|
|
|
|
|
Posted: Fri Sep 14, 2012 7:39 pm |
|
|
demon |
Moderator |
|
|
Joined: Sep 22, 2010 |
Posts: 485 |
|
|
|
|
|
|
|
Received_no.php
Code: | <?php
$Received_no = true;
include( "Received.php" );
?>
|
|
|
_________________ Go BIG or go HOME ! |
|
|
|
www.waraxe.us Forum Index -> PHP script decode requests
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum
|
All times are GMT
Page 1 of 1
|
|
|
Powered by phpBB © 2001-2008 phpBB Group
|
|
|
|
|
|