4images Forum & Community
Welcome, Guest. Please login or register.
Did you miss your activation email?
August 19, 2017, 11:26:42 AM

Login with username, password and session length
Search:     Advanced search
You're looking for some 4images templates and styles? Then visit this thread to show websites with 4images templates to download.
Togle to toolbar
Translate this page with =>
Translate this page >
* Home Help Search Login Register
 
+  4images Forum & Community
|-+  4images Help / Hilfe
| |-+  Bug Fixes & Patches
| | |-+  [1.7 / 1.7.1] Security fix in sessions.php
0 Members and 2 Guests are viewing this topic. « previous next »
Pages: «« « 1 2 3 4 [5] Print
Author Topic: [1.7 / 1.7.1] Security fix in sessions.php  (Read 214100 times)
fotograf74
Newbie
*
Offline Offline

Posts: 29

Thank You
-Given: 0
-Receive: 0


View Profile
« Reply #60 on: December 24, 2005, 09:24:36 PM »

Can´t find the line:
$user_id = ($this->read_cookie_data("userid")) ? $this->read_cookie_data("userid") : GUEST;

in my session.php
Logged
TheOracle
Hero Member
*****
Offline Offline

Posts: 875

Thank You
-Given: 0
-Receive: 3


View Profile
« Reply #61 on: December 25, 2005, 01:48:10 PM »

In your includes/sessions.php file,

find :

Quote  [Expand]

$this->delete_old_sessions();


and the line right below is the one you're looking for - which should be

this one :

Quote  [Expand]

$user_id = ($this->read_cookie_data("userid")) ? ...


replace that entire line

with this one :

1
2
3

$user_id = ($this->read_cookie_data("userid")) ? intval($this->read_cookie_data("userid")) : GUEST;


Merry Christmas.
Logged
fotograf74
Newbie
*
Offline Offline

Posts: 29

Thank You
-Given: 0
-Receive: 0


View Profile
« Reply #62 on: January 08, 2006, 01:25:31 PM »

Sorry in my sesions.php I can´t finde this line

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
<?php
/**************************************************************************
 *                                                                        *
 *    4images - A Web Based Image Gallery Management System               *
 *    ----------------------------------------------------------------    *
 *                                                                        *
 *             File: sessions.php                                         *
 *        Copyright: (C) 2002 Jan Sorgalla                                *
 *            Email: jan@4homepages.de                                    *
 *              Web: http://www.4homepages.de                             *
 *    Scriptversion: 1.7                                                  *
 *                                                                        *
 *    Never released without support from: Nicky (http://www.nicky.net)   *
 *                                                                        *
 **************************************************************************
 *                                                                        *
 *    Main part is adapted from of phpBB, (C) 2001 The phpBB Group        *
 *    phpBB is released under the GNU General Public License              *
 *                                                                        *
 *************************************************************************/
if (!defined('ROOT_PATH')) {
  die(
"Security violation");
}

//-----------------------------------------------------
//--- Start Configuration -----------------------------
//-----------------------------------------------------

// Define here the name of the session. Default of phpBB is "sid".
define('SESSION_NAME''sid');

// Define here the name of the banlist and config database tables.
// Maybe you only need to change the table prefix if you another
// than the phpBB default "phpbb_".
define('PHPBB_BANLIST_TABLE''phpbb_banlist');
define('PHPBB_CONFIG_TABLE''phpbb_config');

// Set her the corresponding database fields of the user table.
// If there is no corresponding field in the new user table,
// leave the value blank. Normally no need to change.
$user_table_fields = array(
  
"user_id" => "user_id",
  
"user_level" => "user_level",
  
"user_name" => "username",
  
"user_password" => "user_password",
  
"user_email" => "user_email",
  
"user_showemail" => "user_viewemail",
  
"user_allowemails" => "",
  
"user_invisible" => "user_allow_viewonline",
  
"user_joindate" => "user_regdate",
  
"user_activationkey" => "user_actkey",
  
"user_lastaction" => "user_session_time",
  
"user_location" => "user_session_page",
  
"user_lastvisit" => "user_lastvisit",
  
"user_comments" => "",
  
"user_homepage" => "user_website",
  
"user_icq" => "user_icq"
);

// Set here the URL to your phpBB forum. WITH trailing slash!
$url_app           "http://www.myforum.de";

// Set here different URL's to your phpBB forum.
// Normally no need to change.
$url_register      $url_app."profile.php?mode=register";
$url_lost_password $url_app."profile.php?mode=sendpassword";
$url_control_panel $url_app."profile.php?mode=editprofile";
$url_mailform      $url_app."profile.php?mode=email&u={user_id}";
$url_show_profile  $url_app."profile.php?mode=viewprofile&u={user_id}";
$url_login         $url_app."login.php";
$url_logout        $url_app."login.php?logout=true";

//-----------------------------------------------------
//--- End Configuration -------------------------------
//-----------------------------------------------------

define('USER_INTEGRATION''PHPBB');

function 
get_user_table_field($add$user_field) {
  global 
$user_table_fields;
  return (!empty(
$user_table_fields[$user_field])) ? $add.$user_table_fields[$user_field] : "";
}

class 
Session {

  var 
$session_id;
  var 
$user_ip;
  var 
$user_location;
  var 
$current_time;
  var 
$session_timeout;
  var 
$mode "get";
  var 
$session_info = array();
  var 
$user_info = array();

  function 
Session() {
    global 
$config$board_config;
    
$this->session_timeout $board_config['session_length'];
    
$this->user_ip $this->get_user_ip();
    
$this->user_location 1;
    
$this->current_time time();
    
$this->session_pagestart($this->user_ip0);
  }

  function 
session_pagestart($user_ip$thispage_id) {
    global 
$site_db$board_config;
  global $HTTP_COOKIE_VARS$HTTP_GET_VARS$HTTP_POST_VARS$SID;

    
$cookiename $board_config['cookie_name'];
  $cookiepath $board_config['cookie_path'];
  $cookiedomain $board_config['cookie_domain'];
  $cookiesecure $board_config['cookie_secure'];

  if ( isset($HTTP_COOKIE_VARS[$cookiename '_sid']) || isset($HTTP_COOKIE_VARS[$cookiename '_data']) )
  {
  $this->session_id = isset($HTTP_COOKIE_VARS[$cookiename '_sid']) ? $HTTP_COOKIE_VARS[$cookiename '_sid'] : '';
  $sessiondata = isset($HTTP_COOKIE_VARS[$cookiename '_data']) ? unserialize(stripslashes($HTTP_COOKIE_VARS[$cookiename '_data'])) : array();
  if (!is_array($sessiondata)) {
    $sessiondata = array();
  }
  $this->mode "cookie";
  }
  else
  {
  $sessiondata = array();
  if (isset($HTTP_GET_VARS[SESSION_NAME])) {
        
$this->session_id $HTTP_GET_VARS[SESSION_NAME];
      }
      elseif (isset(
$HTTP_POST_VARS[SESSION_NAME])) {
        
$this->session_id $HTTP_POST_VARS[SESSION_NAME];
      }
      else {
        
$this->session_id false;
      }
  }

  
//
  
// Does a session exist?
  
//
  
if ( !empty($this->session_id) )
  
{
  
$valid_session 1;
  
if (!$this->load_session_info()) {
      
$this->session_info['session_user_id'] = GUEST;
      
$valid_session 0;
      }
      
$this->user_info $this->load_user_info($this->session_info['session_user_id']);

  
if ( $valid_session )
  
{
  
$SID = ( $this->mode == "get" ) ? SESSION_NAME.'=' $this->session_id '';

  
if ( $this->current_time $this->session_info['session_time'] > 60 )
  
{
  
$sql "UPDATE " SESSIONS_TABLE "
   SET session_time = 
$this->current_time, session_page = $thispage_id
   WHERE session_id = '
$this->session_id'
   AND session_ip = '
$user_ip'";
  
$site_db->query($sql);

  
if ( $this->user_info['user_id'] != GUEST )
  
{
  
$sql "UPDATE " USERS_TABLE "
   SET user_session_time = 
$this->current_time, user_session_page = $thispage_id
   WHERE user_id = " 
$this->user_info['user_id'];
  
$site_db->query($sql);
  
}
   $this->delete_old_sessions();
    setcookie($cookiename '_data'serialize($sessiondata), $this->current_time 31536000$cookiepath$cookiedomain$cookiesecure);
   setcookie($cookiename '_sid'$this->session_id0$cookiepath$cookiedomain$cookiesecure);
     }
   return $this->user_info;
  }
  }

  $user_id = ( isset($sessiondata['userid']) ) ? $sessiondata['userid'] : GUEST;
  $this->user_info $this->session_begin($user_id$user_ip$thispage_idTRUE);
  return $this->user_info;

  }

  function 
session_begin($user_id$user_ip$page_id$auto_create 0$enable_autologin 0) {
    global 
$site_db$board_config;
  global $HTTP_COOKIE_VARS$HTTP_GET_VARS$HTTP_POST_VARS$SID;

    
$cookiename $board_config['cookie_name'];
  $cookiepath $board_config['cookie_path'];
  $cookiedomain $board_config['cookie_domain'];
  $cookiesecure $board_config['cookie_secure'];

  if ( isset($HTTP_COOKIE_VARS[$cookiename '_sid']) || isset($HTTP_COOKIE_VARS[$cookiename '_data']) )
  {
  $this->session_id = isset($HTTP_COOKIE_VARS[$cookiename '_sid']) ? $HTTP_COOKIE_VARS[$cookiename '_sid'] : '';
  $sessiondata = isset($HTTP_COOKIE_VARS[$cookiename '_data']) ? unserialize(stripslashes($HTTP_COOKIE_VARS[$cookiename '_data'])) : array();
  $this->mode "cookie";
  }
  else
  {
  $sessiondata = array();
  if (isset($HTTP_GET_VARS[SESSION_NAME])) {
        
$this->session_id $HTTP_GET_VARS[SESSION_NAME];
      }
      elseif (isset(
$HTTP_POST_VARS[SESSION_NAME])) {
        
$this->session_id $HTTP_POST_VARS[SESSION_NAME];
      }
      else {
        
$this->session_id false;
      }
  }

  $last_visit 0;
  $expiry_time $this->current_time $board_config['session_length'];

  $this->user_info $this->load_user_info($user_id);
  $user_id $this->user_info['user_id'];

    if ( 
$user_id != GUEST )
  {
  $auto_login_key $this->user_info['user_password'];

  if ( $auto_create )
  {
  
if ( isset($sessiondata['autologinid']) && $this->user_info['user_active'] )
   {
   // We have to login automagically
   if( $sessiondata['autologinid'] == $auto_login_key )
  {
  
// autologinid matches password
   $login 1;
   $enable_autologin 1;
   }
  else
  
{
   // No match; don't login, set as anonymous user
   $login 0;
   $enable_autologin 0;
   $user_id GUEST;
  
}
   }
   else
  {
  // Autologin is not set. Don't login, set as anonymous user
  
$login 0;
   $enable_autologin 0;
   $user_id GUEST;
  }
  
}
   else
  {
   $login 1;
  
}
  }
    else
  {
  $login 0;
  
$enable_autologin 0;
  
$user_id GUEST;
  }

  //
  // Initial ban check against user id, IP and email address
  
//
  preg_match('/(..)(..)(..)(..)/'$user_ip$user_ip_parts);

  $sql "SELECT ban_ip, ban_userid, ban_email
   FROM " 
PHPBB_BANLIST_TABLE "
   WHERE ban_ip IN ('" 
$user_ip_parts[1] . $user_ip_parts[2] . $user_ip_parts[3] . $user_ip_parts[4] . "', '" $user_ip_parts[1] . $user_ip_parts[2] . $user_ip_parts[3] . "ff', '" $user_ip_parts[1] . $user_ip_parts[2] . "ffff', '" $user_ip_parts[1] . "ffffff')
   OR ban_userid = 
$user_id";
  
if ( $user_id != GUEST )
  
{
  
$sql .= " OR ban_email LIKE '" str_replace("\'""''"$this->user_info['user_email']) . "'
   OR ban_email LIKE '" 
substr(str_replace("\'""''"$this->user_info['user_email']), strpos(str_replace("\'""''"$this->user_info['user_email']), "@")) . "'";
  
}
  
$result $site_db->query($sql);

  
if ( $ban_info $site_db->fetch_array($result) )
  
{
  
if ( $ban_info['ban_ip'] || $ban_info['ban_userid'] || $ban_info['ban_email'] )
  
{
  
header("Location: $url_login");
        exit;
  
}
  
}

  
//
  
// Create or update the session
  
//
  
$sql "UPDATE " SESSIONS_TABLE "
   SET session_user_id = 
$user_id, session_start = $this->current_time, session_time = $this->current_time, session_page = $page_id, session_logged_in = $login
   WHERE session_id = '" 
$this->session_id "'
   AND session_ip = '
$user_ip'";
  
if ( !$site_db->query($sql) || !$site_db->affected_rows() )
  
{
  
$this->session_id md5(uniqid($user_ip));

  
$sql "INSERT INTO " SESSIONS_TABLE "
   (session_id, session_user_id, session_start, session_time, session_ip, session_page, session_logged_in)
   VALUES ('
$this->session_id', $user_id$this->current_time$this->current_time, '$user_ip', $page_id$login)";
  
$site_db->query($sql);
  
}

  
if ( $user_id != GUEST )
  
{
  
$last_visit = ( $this->user_info['user_session_time'] > ) ? $this->user_info['user_session_time'] : $this->current_time;

  
$sql "UPDATE " USERS_TABLE "
   SET user_session_time = 
$this->current_time, user_session_page = $page_id, user_lastvisit = $last_visit
   WHERE user_id = 
$user_id";
  
$site_db->query($sql);

  
$this->user_info['user_lastvisit'] = $last_visit;

  
$sessiondata['autologinid'] = ( $enable_autologin && $this->mode == "cookie" ) ? $auto_login_key '';
  
$sessiondata['userid'] = $user_id;
  
}

  
$this->user_info['user_id'] = $user_id;
  
$this->session_info['session_id'] = $this->session_id;
  
$this->session_info['session_ip'] = $user_ip;
  
$this->session_info['session_user_id'] = $user_id;
  
$this->session_info['session_logged_in'] = $login;
  
$this->session_info['session_page'] = $page_id;
  
$this->session_info['session_start'] = $this->current_time;
  
$this->session_info['session_time'] = $this->current_time;

  
setcookie($cookiename '_data'serialize($sessiondata), $this->current_time 31536000$cookiepath$cookiedomain$cookiesecure);
  
setcookie($cookiename '_sid'$this->session_id0$cookiepath$cookiedomain$cookiesecure);

  
$SID = ( $this->mode == "get" ) ? SESSION_NAME.'=' $this->session_id '';

  
return $this->user_info;
  }

  function 
login($user_name ""$user_password ""$auto_login 0$set_auto_login 1) {
    global 
$url_login;
    
header("Location: $url_login");
  }

  function 
logout($user_id GUEST) {
    global 
$url_logout;
    
header("Location: $url_logout");
  }

  function 
delete_old_sessions() {
    global 
$site_db$board_config;
    
$expiry_time $this->current_time $board_config['session_length'];
    
$sql "DELETE FROM ".SESSIONS_TABLE."
            WHERE session_time < 
$expiry_time";
    
$site_db->query($sql);

    
$sql "SELECT session_id
            FROM "
.SESSIONS_TABLE;
    
$result $site_db->query($sql);
    if (
$result) {
      
$session_ids_sql "";
      while (
$row $site_db->fetch_array($result)) {
        
$session_ids_sql .= (($session_ids_sql != "") ? ", " "") . "'".$row['session_id']."'";
      }
    }
    if (!empty(
$session_ids_sql)) {
      
$sql "DELETE FROM ".SESSIONVARS_TABLE."
              WHERE session_id NOT IN (
$session_ids_sql)";
      
$site_db->query($sql);
    }
    return 
true;
  }

  function 
return_session_info() {
    return 
$this->session_info;
  }

  function 
return_user_info() {
    return 
$this->user_info;
  }

  function 
freeze() {
    return;
  }

  function 
load_session_info() {
    global 
$site_db;
    if (empty(
$this->session_id)) {
      return 
false;
    }
    
$ip_sql = ($this->mode == "get") ? " AND session_ip = '$this->user_ip'" "";
    
$this->session_info = array();
    
$sql "SELECT *
            FROM "
.SESSIONS_TABLE."
            WHERE session_id = '
$this->session_id'
            
$ip_sql";
    
$this->session_info $site_db->query_firstrow($sql);
    if (empty(
$this->session_info['session_user_id'])) {
      return 
false;
    }
    else {
      
$sql "SELECT sessionvars_name, sessionvars_value
              FROM "
.SESSIONVARS_TABLE."
              WHERE session_id = '
$this->session_id'";
      
$result $site_db->query($sql);
      while (
$row $site_db->fetch_array($result)) {
        
$this->session_info[$row['sessionvars_name']] = $row['sessionvars_value'];
      }
      return 
$this->session_info;
    }
  }

  function 
load_user_info($user_id GUEST) {
    global 
$site_db$user_table_fields;

    if (
$user_id != GUEST) {
      
$sql "SELECT u.*, l.*
              FROM "
.USERS_TABLE." u, ".LIGHTBOXES_TABLE." l
              WHERE "
.get_user_table_field("u.""user_id")." = $user_id AND l.user_id = ".get_user_table_field("u.""user_id");
      
$user_info $site_db->query_firstrow($sql);
      if (!
$user_info) {
        
$sql "SELECT *
                FROM "
.USERS_TABLE."
                WHERE "
.get_user_table_field("""user_id")." = $user_id";
        
$user_info $site_db->query_firstrow($sql);
        if (
$user_info) {
          
$lightbox_id get_random_key(LIGHTBOXES_TABLE"lightbox_id");
          
$sql "INSERT INTO ".LIGHTBOXES_TABLE."
                  (lightbox_id, user_id, lightbox_lastaction, lightbox_image_ids)
                  VALUES
                  ('
$lightbox_id', ".$user_info[$user_table_fields['user_id']].", $this->current_time, '')";
          
$site_db->query($sql);
          
$user_info['lightbox_lastaction'] = $this->current_time;
          
$user_info['lightbox_image_ids'] = "";
        }
      }
    }
    if (empty(
$user_info[$user_table_fields['user_id']])) {
      
$user_info = array();
      
$user_info['user_id'] = GUEST;
      
$user_info['user_level'] = GUEST;
      
$user_info['user_lastaction'] = $this->current_time;
    }

    foreach (
$user_table_fields as $key => $val) {
      if (isset(
$user_info[$val])) {
        if (
$val == "user_allow_viewonline") {
          
$user_info[$key] = ($user_info[$val] == 1) ? 1;
        }
        else {
          
$user_info[$key] = $user_info[$val];
        }
      }
      elseif (!isset(
$user_info[$key])) {
        
$user_info[$key] = "";
      }
    }
    if (isset(
$user_info['user_active']) && $user_info['user_active'] == 0) {
      
$user_info['user_level'] = USER_AWAITING;
    }
    return 
$user_info;
  }

  function 
set_session_var($var_name$value) {
    global 
$site_db;
    
$sql "SELECT session_id
            FROM "
.SESSIONVARS_TABLE."
            WHERE sessionvars_name = '
$var_name' AND session_id = '$this->session_id'";
    if (
$site_db->is_empty($sql)) {
      
$sql "INSERT INTO ".SESSIONVARS_TABLE."
              (session_id, sessionvars_name, sessionvars_value)
              VALUES
              ('
$this->session_id', '$var_name', '$value')";
      
$site_db->query($sql);
    }
    else {
      
$sql "UPDATE ".SESSIONVARS_TABLE."
              SET sessionvars_value = '
$value'
              WHERE sessionvars_name = '
$var_name' AND session_id = '$this->session_id'";
      
$site_db->query($sql);
    }
    
$this->session_info[$var_name] = $value;
    return 
true;
  }

  function 
get_session_var($var_name) {
    global 
$site_db;
    if (isset(
$this->session_info[$var_name])) {
      return 
$this->session_info[$var_name];
    }
    else {
      
$sql "SELECT sessionvars_value
              FROM "
.SESSIONVARS_TABLE."
              WHERE sessionvars_name = '
$var_name' AND session_id = '$this->session_id'";
      
$value $site_db->query_firstrow($sql);
      if (
$value) {
        
$this->session_info[$var_name] = $value['sessionvars_value'];
        return 
$value['sessionvars_value'];
      }
      else {
        return 
"";
      }
    }
  }

  function 
drop_session_var($var_name) {
    global 
$site_db;
    
$sql "DELETE FROM ".SESSIONVARS_TABLE."
            WHERE sessionvars_name = '
$var_name' AND session_id = '$this->session_id'";
    return (
$site_db->query($sql)) ? 0;
  }

  function 
get_user_ip() {
    global 
$HTTP_SERVER_VARS$HTTP_ENV_VARS$REMOTE_ADDR;

    if( 
getenv('HTTP_X_FORWARDED_FOR') != '' )
    {
    $client_ip = ( !empty($HTTP_SERVER_VARS['REMOTE_ADDR']) ) ? $HTTP_SERVER_VARS['REMOTE_ADDR'] : ( ( !empty($HTTP_ENV_VARS['REMOTE_ADDR']) ) ? $HTTP_ENV_VARS['REMOTE_ADDR'] : $REMOTE_ADDR );

    if ( preg_match("/^([0-9]+\.[0-9]+\.[0-9]+\.[0-9]+)/"getenv('HTTP_X_FORWARDED_FOR'), $ip_list) )
    {
    $private_ip = array('/^127\.0\.0\.1/''/^192\.168\..*/''/^172\.16\..*/''/^10..*/''/^224..*/''/^240..*/');
    $client_ip preg_replace($private_ip$client_ip$ip_list[1]);
    }
    }
    else
    {
    $client_ip = ( !empty($HTTP_SERVER_VARS['REMOTE_ADDR']) ) ? $HTTP_SERVER_VARS['REMOTE_ADDR'] : ( ( !empty($HTTP_ENV_VARS['REMOTE_ADDR']) ) ? $HTTP_ENV_VARS['REMOTE_ADDR'] : $REMOTE_ADDR );
    }

    
$ip_sep explode('.'$client_ip);
  return sprintf('%02x%02x%02x%02x'$ip_sep[0], $ip_sep[1], $ip_sep[2], $ip_sep[3]);
  }

  function 
get_user_location() {
    global 
$self_url;
    return (
defined("IN_CP")) ? "Control Panel" preg_replace(array("/([?|&])action=[^?|&]*/""/([?|&])mode=[^?|&]*/""/([?|&])phpinfo=[^?|&]*/""/([?|&])printstats=[^?|&]*/""/[?|&]".URL_ID."=[^?|&]*/""/[?|&]l=[^?|&]*/""/[&?]+$/"), array(""""""""""""""), addslashes($self_url));
  }

  
/* ORIGINAL CODE
  function url($url, $amp = "&amp;") {
    global $l;
    $dummy_array = explode("#", $url);
    $url = $dummy_array[0];

    if ($this->mode == "get" && !preg_match("/".SESSION_NAME."=/i", $url)) {
      $url .= preg_match("/\?/", $url) ? "$amp" : "?";
      $url .= SESSION_NAME."=".$this->session_id;
    }

    if (!empty($l)) {
      $url .= preg_match("/\?/", $url) ? "$amp" : "?";
      $url .= "l=".$l;
    }

    $url .= (isset($dummy_array[1])) ? "#".$dummy_array[1] : "";
    return $url;
  }
*/
  
function url($url$amp "&amp;") {
    global 
$l$user_info;
    
$dummy_array explode("#"$url);
    
$url $dummy_array[0];
    
$url str_replace('&amp;''&'$url);
    if (!
defined('IN_CP')) {
      if (
strstr($url'index.php')) {
        
$url str_replace('index.php'''$url);
      }
      elseif (
strstr($url'search.php')) {
        if (
strstr($url'page=')) {
          
preg_match('#page=([0-9]+)&?#'$url$matches);
          if (isset(
$matches[1])) {
            
$split explode('?'$url);
            
$url $split[0];
            
$query = @$split[1];
            
$url   str_replace('search.php''search.'.$matches[1].'.htm'$url);
            
$query str_replace('page='.$matches[1].'&'''$query);
            
$query str_replace('&page='.$matches[1], ''$query);
            
$query str_replace('page='.$matches[1], ''$query);
            if (!empty(
$query)) {
              
$url .= '?' $query;
            }
          }
        }
        else {
          
$url str_replace('search.php''search.htm'$url);
        }
      }
      elseif (
strstr($url'lightbox.php')) {
        if (
strstr($url'page=')) {
          
preg_match('#page=([0-9]+)&?#'$url$matches);
          if (isset(
$matches[1])) {
            
$split explode('?'$url);
            
$url $split[0];
            
$query = @$split[1];
            
$url   str_replace('lightbox.php''lightbox.'.$matches[1].'.htm'$url);
            
$query str_replace('page='.$matches[1].'&'''$query);
            
$query str_replace('&page='.$matches[1], ''$query);
            
$query str_replace('page='.$matches[1], ''$query);
            if (!empty(
$query)) {
                
$url .= '?' $query;
            }
          }
        }
        else {
          
$url str_replace('lightbox.php''lightbox.htm'$url);
        }
      }
      elseif (
strstr($url'categories.php')) {
        if (
strstr($url'cat_id=') && strstr($url'page=')) {
          
preg_match('#cat_id=([0-9]+)&?#'$url$matches1);
          
preg_match('#page=([0-9]+)&?#'$url$matches2);
          if (isset(
$matches1[1]) && isset($matches2[1])) {
            
$split explode('?'$url);
            
$url $split[0];
            
$query = @$split[1];
            
$url   str_replace('categories.php''cat'.$matches1[1].'.'.$matches2[1].'.htm'$url);
            
$query str_replace('cat_id='.$matches1[1].'&'''$query);
            
$query str_replace('&cat_id='.$matches1[1], ''$query);
            
$query str_replace('cat_id='.$matches1[1], ''$query);
            
$query str_replace('page='.$matches2[1].'&'''$query);
            
$query str_replace('&page='.$matches2[1], ''$query);
            
$query str_replace('page='.$matches2[1], ''$query);
            if (!empty(
$query)) {
              
$url .= '?' $query;
            }
          }
        }
        elseif (
strstr($url'cat_id=')) {
          
preg_match('#cat_id=([0-9]+)&?#'$url$matches);
          if (isset(
$matches[1])) {
            
$split explode('?'$url);
            
$url $split[0];
            
$query = @$split[1];
            
$url   str_replace('categories.php''cat'.$matches[1].'.htm'$url);
            
$query str_replace('cat_id='.$matches[1].'&'''$query);
            
$query str_replace('&cat_id='.$matches[1], ''$query);
            
$query str_replace('cat_id='.$matches[1], ''$query);
            if (!empty(
$query)) {
              
$url .= '?' $query;
            }
          }
        }
        else {
          
$url str_replace('categories.php''cat.htm'$url);
        }
      }
      elseif (
strstr($url'details.php?image_id=')) {
        if (
strstr($url'image_id=') && strstr($url'mode=')) {
          
preg_match('#image_id=([0-9]+)&?#'$url$matches1);
          
preg_match('#mode=([a-zA-Z0-9]+)&?#'$url$matches2);
          if (isset(
$matches1[1]) && isset($matches2[1])) {
            
$split explode('?'$url);
            
$url $split[0];
            
$query = @$split[1];
            
$url   str_replace('details.php''img'.$matches1[1].'.'.$matches2[1].'.htm'$url);
            
$query str_replace('image_id='.$matches1[1].'&'''$query);
            
$query str_replace('&image_id='.$matches1[1], ''$query);
            
$query str_replace('image_id='.$matches1[1], ''$query);
            
$query str_replace('mode='.$matches2[1].'&'''$query);
            
$query str_replace('&mode='.$matches2[1], ''$query);
            
$query str_replace('mode='.$matches2[1], ''$query);
            if (!empty(
$query)) {
              
$url .= '?' $query;
            }
          }
        }
        else {
          
preg_match('#image_id=([0-9]+)&?#'$url$matches);
          if (isset(
$matches[1])) {
            
$split explode('?'$url);
            
$url $split[0];
            
$query = @$split[1];
            
$url   str_replace('details.php''img'.$matches[1].'.htm'$url);
            
$query str_replace('image_id='.$matches[1].'&'''$query);
            
$query str_replace('&image_id='.$matches[1], ''$query);
            
$query str_replace('image_id='.$matches[1], ''$query);
            if (!empty(
$query)) {
              
$url .= '?' $query;
            }
          }
        }
      }
      elseif (
strstr($url'postcards.php?image_id=')) {
        
preg_match('#image_id=([0-9]+)&?#'$url$matches);
        if (isset(
$matches[1])) {
          
$split explode('?'$url);
          
$url $split[0];
          
$query = @$split[1];
          
$url   str_replace('postcards.php''postcard.img'.$matches[1].'.htm'$url);
          
$query str_replace('image_id='.$matches[1].'&'''$query);
          
$query str_replace('&image_id='.$matches[1], ''$query);
          
$query str_replace('image_id='.$matches[1], ''$query);
          if (!empty(
$query)) {
            
$url .= '?' $query;
          }
        }
      }
    }
    if (
$this->mode == "get" && strstr($url$this->session_id)) {
      
$url .= strpos($url'?') !== false '&' '?';
      
$url .= SESSION_NAME."=".$this->session_id;
    }
    if (!empty(
$l)) {
      
$url .= strpos($url'?') ? '&' '?';
      
$url .= "l=".$l;
    }
    
$url str_replace('&'$amp$url);
    
$url .= isset($dummy_array[1]) ? "#".$dummy_array[1] : "";
    return 
$url;
  }
//end of class

//-----------------------------------------------------
//--- Start Session -----------------------------------
//-----------------------------------------------------
$board_config = array();
$sql "SELECT * FROM " PHPBB_CONFIG_TABLE;
$result $site_db->query($sql);
while(
$row $site_db->fetch_array($result)) {
  
$board_config[$row['config_name']] = $row['config_value'];
}

//Start Session
$site_sess = new Session();

// Get Userinfo
$session_info $site_sess->return_session_info();
$user_info $site_sess->return_user_info();

//-----------------------------------------------------
//--- Get User Caches ---------------------------------
//-----------------------------------------------------
$num_total_online 0;
$num_visible_online 0;
$num_invisible_online 0;
$num_registered_online 0;
$num_guests_online 0;
$user_online_list "";
$prev_user_ids = array();
$prev_session_ips = array();

if (
defined("GET_USER_ONLINE") && ($config['display_whosonline'] == || $user_info['user_level'] == ADMIN)) {
  
$time_out time() - 300;
  
$sql "SELECT ".get_user_table_field("u.""user_id").get_user_table_field(", u.""user_level").get_user_table_field(", u.""user_name").get_user_table_field(", u.""user_invisible").", s.session_user_id, s.session_time, s.session_ip
  FROM "
.USERS_TABLE." u, ".SESSIONS_TABLE." s
  WHERE "
.get_user_table_field("u.""user_id")." = s.session_user_id AND (s.session_time >= $time_out OR ".get_user_table_field("u.""user_lastaction")." >= $time_out)
  ORDER BY "
.get_user_table_field("u.""user_id")." ASC, s.session_ip ASC";
  
$result $site_db->query($sql);
  while (
$row $site_db->fetch_array($result)) {
    if (
$row['session_user_id'] != GUEST) {
      if (!isset(
$prev_user_ids[$row['session_user_id']])) {
        
$is_invisible = (isset($row[$user_table_fields['user_invisible']]) && $row[$user_table_fields['user_invisible']] == 0) ? 0;
        
$invisibleuser = ($is_invisible) ? "*" "";
        
$username = (isset($row[$user_table_fields['user_level']]) && $row[$user_table_fields['user_level']] == ADMIN && $config['highlight_admin'] == 1) ? sprintf("<b>%s</b>"$row[$user_table_fields['user_name']]) : $row[$user_table_fields['user_name']];
        if (!
$is_invisible || $user_info['user_level'] == ADMIN) {
          
$user_online_list .= ($user_online_list != "") ? ", " "";
          
$user_profile_link = (!empty($url_show_profile)) ? preg_replace("/{user_id}/"$row['session_user_id'], $url_show_profile) : ROOT_PATH."member.php?action=showprofile&amp;".URL_USER_ID."=".$row['session_user_id'];
          
$user_online_list .= "<a href=\"".$site_sess->url($user_profile_link)."\">".$username."</a>".$invisibleuser;
        }
        (!
$is_invisible) ? $num_visible_online++ : $num_invisible_online++;
        
$num_registered_online++;
      }
      
$prev_user_ids[$row['session_user_id']] = 1;
    }
    else {
      if (!isset(
$prev_session_ips[$row['session_ip']])) {
        
$num_guests_online++;
      }
    }
    
$prev_session_ips[$row['session_ip']] = 1;
  }
  
$num_total_online $num_registered_online $num_guests_online;

  
$site_template->register_vars(array(
    
"num_total_online" => $num_total_online,
    
"num_invisible_online" => $num_invisible_online,
    
"num_registered_online" => $num_registered_online,
    
"num_guests_online" => $num_guests_online,
    
"user_online_list" => $user_online_list,
    
"lang_user_online" => str_replace('{num_total_online}'$num_total_online$lang['user_online']),
    
"lang_user_online_detail" => str_replace(array('{num_registered_online}','{num_invisible_online}','{num_guests_online}'), array($num_registered_online,$num_invisible_online,$num_guests_online), $lang['user_online_detail']),
  ));
  
$whos_online $site_template->parse_template("whos_online");
  
$site_template->register_vars("whos_online"$whos_online);
  unset(
$whos_online);
  unset(
$prev_user_ids);
  unset(
$prev_session_ips);
}
?>
Logged
Ston4Img
Newbie
*
Offline Offline

Posts: 28

Thank You
-Given: 0
-Receive: 0


View Profile
« Reply #63 on: January 08, 2006, 03:17:29 PM »

The Lini "$this->delete_old_sessions();" was in the current download included with the modification (the Post from "theOracle")
Logged
V@no
If you don't tell me what to do, I won't tell you where you should go :)
Administrator
4images Guru
*****
Offline Offline

Posts: 17849

Thank You
-Given: 47
-Receive: 565

mmm PHP...


View Profile WWW
« Reply #64 on: January 08, 2006, 08:27:23 PM »

Please read the replys before you complain Razz Wink

no this line :$user_id = ($this->read_cookie_data("userid")) ? $this->read_cookie_data("userid") : GUEST;

I integrated phpBB 2.0.15 .
that version does not have this hole, dont worry about this fix Wink
Logged

Your first three "must do" before you ask a question:
Please do not PM me asking for help unless you've been specifically asked to do so. Such PMs will be deleted without answer. (forum rule #6)
Extension for Firefox/Thunderbird: Master Password+    Back/Forward History Tweaks (restartless)    Cookies Manager+    Fit Images (restartless for Thunderbird)
madace77
Newbie
*
Offline Offline

Posts: 26

Thank You
-Given: 0
-Receive: 0


View Profile
« Reply #65 on: January 18, 2006, 03:59:20 PM »

Is this fix already implemented in the version i'm about to get from the Download section?
Logged

Grüße,
MadAce
V@no
If you don't tell me what to do, I won't tell you where you should go :)
Administrator
4images Guru
*****
Offline Offline

Posts: 17849

Thank You
-Given: 47
-Receive: 565

mmm PHP...


View Profile WWW
« Reply #66 on: January 18, 2006, 11:59:25 PM »

Unless you are getting version newer then v1.7.1 (which is not out yet) then no, these fixes are not implemented into current version.
Logged

Your first three "must do" before you ask a question:
Please do not PM me asking for help unless you've been specifically asked to do so. Such PMs will be deleted without answer. (forum rule #6)
Extension for Firefox/Thunderbird: Master Password+    Back/Forward History Tweaks (restartless)    Cookies Manager+    Fit Images (restartless for Thunderbird)
Morgan
Pre-Newbie

Offline Offline

Posts: 1

Thank You
-Given: 0
-Receive: 0


View Profile
« Reply #67 on: March 15, 2006, 10:25:29 PM »

Is this fix important for integrated 4images 1.7 version for Runcms/E-Xoops? I can't find a code to replace in sessions.php, seems that there is no such line - user's login/logout integrated with CMS. I use russian language in 4images 1.7 and Runcms 1.2-)
Logged
V@no
If you don't tell me what to do, I won't tell you where you should go :)
Administrator
4images Guru
*****
Offline Offline

Posts: 17849

Thank You
-Given: 47
-Receive: 565

mmm PHP...


View Profile WWW
« Reply #68 on: March 16, 2006, 12:52:03 AM »

Perhaps if you would attach your sessions.php (as a .txt file), then I could answer your question Wink
Logged

Your first three "must do" before you ask a question:
Please do not PM me asking for help unless you've been specifically asked to do so. Such PMs will be deleted without answer. (forum rule #6)
Extension for Firefox/Thunderbird: Master Password+    Back/Forward History Tweaks (restartless)    Cookies Manager+    Fit Images (restartless for Thunderbird)
Jan
Administrator
4images Guru
*****
Offline Offline

Posts: 5024

Thank You
-Given: 0
-Receive: 27


View Profile WWW
« Reply #69 on: May 03, 2006, 10:18:59 AM »

Theres another fix for sessions.php:
http://www.4homepages.de/forum/index.php?topic=12807.0
Logged

Your first three "must do" before you ask a question:
1. Forum rules
2. FAQ
3. Search
AKBARBADALI
Pre-Newbie

Offline Offline

Posts: 1

Thank You
-Given: 7
-Receive: 0

آموزش خیاطی


View Profile WWW
« Reply #70 on: February 28, 2017, 02:10:03 PM »

verstehe. juut.

gut dass ich das installiert hab Wink
Razz Razz Razz
Logged
Pages: «« « 1 2 3 4 [5] Print 
« previous next »
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF | SMF © 2015, Simple Machines Valid XHTML 1.0! Valid CSS!
Page created in 0.089 seconds with 19 queries.