!C99Shell v. 1.0 pre-release build #16!

Software: Apache/2.0.54 (Fedora). PHP/5.0.4 

uname -a: Linux mina-info.me 2.6.17-1.2142_FC4smp #1 SMP Tue Jul 11 22:57:02 EDT 2006 i686 

uid=48(apache) gid=48(apache) groups=48(apache)
context=system_u:system_r:httpd_sys_script_t 

Safe-mode: OFF (not secure)

/home/mnnews/public_html/mina/test/admin/   drwxr-xr-x
Free 3.9 GB of 27.03 GB (14.42%)
Home    Back    Forward    UPDIR    Refresh    Search    Buffer    Encoder    Tools    Proc.    FTP brute    Sec.    SQL    PHP-code    Update    Feedback    Self remove    Logout    


Viewing file:     userFunctions.inc.php3 (5.59 KB)      -rwxr-xr-x
Select action/file-type:
(+) | (+) | (+) | Code (+) | Session (+) | (+) | SDB (+) | (+) | (+) | (+) | (+) | (+) |
<?
require("$mysqlCall");
if(checkSuperSession($superSession, $REMOTE_ADDR))
{
  
  include("include/rootGui.inc.php3");
  $userId2 = getUserSUId($superSession);
  $userInfo2 = getUserInfo($userId2);

  if(($userInfo2[SuperUser] == 1) && ($userInfo2[manageUsers]==1) && ($userInfo2[active]==1))
    {
     
      $userInfo = getUserInfo($userId);
     
##########################################################
      if($deActivate && $superUser)
    {
      
      print("Nema potrebe za ovakvim podesavanjem.<br>");
      
    }
##########################################################
      else if($deActivate) /* turn user off, kept in database for email/name for news generation */
    {
      $zipo = 0;
      require("$mysqlCall");     
      $query = "replace into $users values('$userInfo[ID]', '$userInfo[user]', '$userInfo[pass]', '$zipo ', '$userInfo[email]', '$zipo', '$zipo','$zipo', '$zipo', '$zipo','$zipo', '$zipo','$zipo')";
      
      $mysql_result=mysql_query($query) or die(mysql_error());
      
      if($mysql_result)
        {
          print("Korisnik je deaktiviran.");
        }
      
      else
        {
          print("Doslo je do greske");
        }
    }
##########################################################
      else if($activate)
    {
      $zipo = 0;
      $one = 1;
      
      require("$mysqlCall");     
      $query = "replace into $users values('$userInfo[ID]', '$userInfo[user]', '$userInfo[pass]', '$zipo ', '$userInfo[email]', '$zipo', '$one','$zipo', '$zipo', '$zipo','$zipo', '$zipo','$zipo')";
      
      $mysql_result=mysql_query($query) or die(mysql_error());
      
      if($mysql_result)
        {
          print("Korisnik je aktiviran");

          $userInfo = getUserInfo($userInfo[ID]);
          
          include("userValues.inc.php3");
        
          include("users.php3");
         
        }
      
      else
        {
          print("Doslo je do greske");
        }
    }
##########################################################
      else if($superUser==1)
    {
      $zipo = 0;
      $one = 1;
      
      require("$mysqlCall");     
      $query = "replace into $users values('$userInfo[ID]', '$userInfo[user]', '$userInfo[pass]', '$one', '$userInfo[email]', '$zipo', '$one','$zipo', '$zipo', '$zipo','$zipo', '$zipo','$zipo')";
      
      $mysql_result=mysql_query($query) or die(mysql_error());
      
      if($mysql_result)
        {
          print("Korisnik je postao administrator ali nema privilegije<br>");
       
         
          $userInfo = getUserInfo($userId);

        
          include("userValues.inc.php3");


          include("users.php3");

        }
      
      else
        {
          print("Doslo je do greske");
        }
    }
      
      else if($superUser==2)
    {
       
      $zipo = 0;
      $one = 1;
      
      require("$mysqlCall");     
      $query = "replace into $users values('$userInfo[ID]', '$userInfo[user]', '$userInfo[pass]', '$zipo', '$userInfo[email]', '$zipo', '$one','$zipo', '$zipo', '$zipo', '$zipo', '$zipo', '$zipo')";
      
      $mysql_result=mysql_query($query) or die(mysql_error());
      
      if($mysql_result)
        {
          print("Korisnik vise nije administrator vec obican korisnik");
        }
      
      else
        {
          print("Doslo je do greske");
        }
    }
      


      else if((isset($manageUsers)) || (isset($addNews)) || (isset($manageNews)) || (isset($manageNewsSpool)) || (isset($manageTopics)) || (isset($manageImages)))
    {

      
      print("<br><br>Unos izmjena za $userInfo[user]<br>");

      $zero = 0;
      $one = 1;

##################################
      if(isset($manageUsers))
        {
          print("Administracija korisnika<br>");
        }
      
      else
        {
          $manageUsers = $userInfo[manageUsers];
        }
##################################
      if(isset($addNews))
        {
          print("Unos vijesti<br>");
        }
      
      else
        {
          $addNews = $userInfo[addNews];
        }
##################################
      if(isset($manageNews))
        {
          print("Editovanje vijesti<br>");
        }
      
      else
        {
          $manageNews = $userInfo[manageNews];
        }

##################################

      if(isset($manageNewsSpool))
        {
          print("Editovanje medjubaze<br>");
        }
      
      else
        {
          $manageNewsSpool = $userInfo[manageNewsSpool];
        }

##################################


      if(isset($manageTopics))
        {
          print("Editovanje tema<br>");
        }
      
      else
        {
          $manageTopics = $userInfo[manageTopics];
        }

##################################


      if(isset($manageImages))
        {
          print("Editovanje slika<br>");
        }
      
      else
        {
          $manageImages = $userInfo[manageImages];
        }

##################################

      
      $query = "replace into $users values('$userInfo[ID]', '$userInfo[user]', '$userInfo[pass]', '$userInfo[SuperUser] ', '$userInfo[email]', '$userInfo[notify]', '$userInfo[active]','$manageUsers', '$addNews', '$manageNews','$manageNewsSpool', '$manageTopics', '$manageImages')";
    
  
      $mysql_result=mysql_query($query) or die(mysql_error());
      
      if($mysql_result)
        {
          print("Unijeto");
          
          $userInfo = getUserInfo($userInfo[ID]);
          
          include("userValues.inc.php3");

          include("users.php3");

        }
      
      else
        {
          print("Doslo je do greske");
        }
    }
      else
    {
      print("Nista nije selektovano");
    }      
    }      
  else
    {
      print("Nemate pristup ovoj funkciji");
    }
  include("include/guiBase.inc.php3");
  
}
else
{
  /*  session is bad */
  print("Pogresna sesija ID ($superSession)!<BR>\n");
  $superSession = "";
}


?>



















:: Command execute ::

Enter:
 
Select:
 

:: Search ::
  - regexp 
:: Upload ::
 
[ Read-Only ]

:: Make Dir ::
 
[ Read-Only ]
:: Make File ::
 
[ Read-Only ]

:: Go Dir ::
 
:: Go File ::
 

--[ c99shell v. 1.0 pre-release build #16 powered by Captain Crunch Security Team | http://ccteam.ru | Generation time: 0.004 ]--