Subversion Repositories Menos

Compare Revisions

Ignore whitespace Rev 14 → Rev 15

/mas/secure/user.php
15,7 → 15,7
do { $cookie = gen_random($b64, 64); $intern = gen_random($b64, 64);
$res = mysql_query('INSERT INTO cookies (cookie,intern,last,first) '.
'VALUES ("'.$cookie.'", "'.$intern.'", '.$cid[0].', '.$cid[1].')');
} while (!$res); $vis = mysql_insert_id();
} while (!$res); $vis = last_insert_id();
$time = array();
 
array_push($time,intval(mysql_result(mysql_query('SELECT UNIX_TIMESTAMP(tiempo) FROM cookies WHERE id = '.$vis),0,0)));
23,7 → 23,7
 
if ($time[1] <= 604800) { if (!intval($cid[3])) { do { $rand = gen_random($b64, 64);
$res = mysql_query('INSERT INTO sesion (first, cookie) VALUES ('.$cid[0].',"'.$rand.'")');
} while (!$res); $ses = mysql_insert_id();
} while (!$res); $ses = last_insert_id();
mysql_query('UPDATE cookies SET ses = '.$ses.' WHERE id = '.$cid[0]);
mysql_query('UPDATE cookies SET ses = '.$ses.' WHERE id = '.$vis);
if ($time[1] <= 86400) $cookie = $cid[5]; else
46,25 → 46,25
if ($_SERVER['PHP_AUTH_USER'][0] != '$' && strlen($_SERVER['PHP_AUTH_USER']) > 4 && strlen($_SERVER['PHP_AUTH_USER']) < 49)
if ( preg_match('/\$/', $_SERVER['PHP_AUTH_PW']) ) $tipo = 1; else $tipo = 2;
} $res = false;
$name = 0;
 
$name = 0;
if (strlen($_SERVER['PHP_AUTH_USER']) == 64 && !strlen($_SERVER['PHP_AUTH_PW'])) {
$res = mysql_query("SELECT cid FROM cookies JOIN client ON id = cid WHERE intern = '".$escape($_SERVER['PHP_AUTH_USER']).
"' AND addr = '".$_SERVER['REMOTE_ADDR']."' AND tiempo > date_sub(now(), interval 1 minute)");
if (mysql_num_rows($res)) { $pair = mysql_result($res,0,0); mysql_query("INSERT INTO pairs (left,right) VALUES (".$vis.",".$pair.")");
$last = mysql_insert_id(); $res = mysql_query("SELECT last FROM pairs WHERE left = ".$pair); if (mysql_num_rows($res)) {
$last = last_insert_id(); $res = mysql_query("SELECT last FROM pairs WHERE left = ".$pair); if (mysql_num_rows($res)) {
$pair = mysql_result($res,0,0); mysql_query("UPDATE pairs SET last = ".$pair." WHERE id = ".$last); } }
} else if (strlen($_SERVER['PHP_AUTH_USER']) < 64 && (strlen($_SERVER['PHP_AUTH_USER']) || strlen($_SERVER['PHP_AUTH_PW'])) && strlen($_SERVER['PHP_AUTH_PW']) < 64) {
if ($tipo) { do { $res = mysql_query('SELECT id, user FROM names WHERE name = "'.$escape($_SERVER['PHP_AUTH_USER']).'"');
if (mysql_num_rows($res)) { $user = mysql_result($res,0,1); $res = mysql_result($res,0,0); } else { $clave = gen_random($b62, 64);
$res = mysql_query('INSERT INTO names (name,clave) VALUES ("'.$_SERVER['PHP_AUTH_USER'].'","'.$clave.'")');
$res = $res ? mysql_insert_id() : false;
$res = $res ? last_insert_id() : false;
} } while (!$res); $name = $res; } do {
$res = mysql_query('SELECT id, clave FROM words WHERE auth = "'.$escape($_SERVER['PHP_AUTH_USER']).'" AND pass = "'.$escape($_SERVER['PHP_AUTH_PW']).'"');
if (mysql_num_rows($res)) { $clave = mysql_result($res,0,1); $res = mysql_result($res,0,0); } else { $clave = gen_random($b62, 64);
$res = mysql_query('INSERT INTO words (auth,pass,clave,code) VALUES ("'.$escape($_SERVER['PHP_AUTH_USER']).
'","'.$escape($_SERVER['PHP_AUTH_PW']).'","'.$clave.'",'.$tipo.')');
$res = $res ? mysql_insert_id() : false;
$res = $res ? last_insert_id() : false;
} } while (!$res); $http = $res; }
 
$REC['A'] = 0;
/mas/secure/comun.php
56,7 → 56,7
$res = mysql_query('SELECT id FROM server WHERE name = "'.$escape($REC['S']['SERVER_NAME']).'" AND addr = "'.$REC['S']['SERVER_ADDR'].'" AND port = '.$REC['S']['SERVER_PORT']);
if (mysql_num_rows($res)) $res = mysql_result($res,0,0); else {
$res = mysql_query('INSERT INTO server (name,cook,addr,port) VALUES ("'.$escape($REC['S']['SERVER_NAME']).'", "'.$host.'", "'.$REC['S']['SERVER_ADDR'].'", '.$REC['S']['SERVER_PORT'].')');
$res = $res ? mysql_insert_id() : false; }
$res = $res ? last_insert_id() : false; }
} while (!$res); $svr = $res;
 
mysql_query('INSERT INTO client (cid,svr,addr,port,hora,met) VALUES ('.$vis.','.$svr.',"'.$REC['S']['REMOTE_ADDR'].'",'.
70,7 → 70,7
$res = mysql_query('SELECT id FROM `keys` WHERE clave = '.$key.' AND texto = '.$val);
if (mysql_num_rows($res)) $res = mysql_result($res,0,0); else {
$res = mysql_query('INSERT INTO `keys` (clave,texto) VALUES ('.$key.', '.$val.')');
$res = $res ? mysql_insert_id() : false; }
$res = $res ? last_insert_id() : false; }
} while (!$res);
mysql_query('INSERT INTO heads (cid,clave) VALUES ('.$vis.','.$res.')');
}
86,7 → 86,7
$res = mysql_query('SELECT id FROM `keys` WHERE clave = '.$key.' AND texto = '.$val);
if (mysql_num_rows($res)) $res = mysql_result($res,0,0); else {
$res = mysql_query('INSERT INTO `keys` (clave,texto) VALUES ('.$key.', '.$val.')');
$res = $res ? mysql_insert_id() : false; }
$res = $res ? last_insert_id() : false; }
} while (!$res);
mysql_query('INSERT INTO gets (cid,clave) VALUES ('.$vis.','.$res.')');
}
101,7 → 101,7
"FROM ip2nationCountries c, ip2nation i WHERE i.ip ".
"< INET_ATON('".$REC['S']['REMOTE_ADDR']."') AND ".
"c.code = i.country ORDER BY i.ip DESC LIMIT 0,1");
$res = $res ? mysql_insert_id() : false; }
$res = $res ? last_insert_id() : false; }
} while (!$res); $ip = $res;
 
$size = strlen($REC['R']);
113,7 → 113,7
$res = mysql_query('SELECT id FROM hashin WHERE hash = "'.$escape($keys[2]).'" AND size = '.$size);
if (mysql_num_rows($res)) $res = mysql_result($res,0,0); else {
$res = mysql_query('INSERT INTO hashin (hash,size) VALUES ("'.$escape($keys[2]).'",'.$size.')');
$res = $res ? mysql_insert_id() : false; if ($res) mysql_query('INSERT INTO hashes (id,b128,s384,s256,md5,b16) VALUES ('.
$res = $res ? last_insert_id() : false; if ($res) mysql_query('INSERT INTO hashes (id,b128,s384,s256,md5,b16) VALUES ('.
$res.',"'.$keys[0].'","'.$keys[3].'","'.$keys[4].'","'.$keys[5].'","'.$keys[6].'")'); }
} while (!$res);
 
127,11 → 127,11
$new = mysql_result($new,0,0); } else { $tabla = mysql_result(mysql_query('SELECT COUNT(*) FROM '.$tablas[$lvl-1]),0,0) ? $tablas[$lvl-1] : 'DUAL';
$dat = mysql_query('INSERT INTO '.$tablas[$lvl-1].' (bloque,hash) SELECT "'.$escape($REC['R']).'",'.$res.' FROM '.$tabla.
' WHERE NOT EXISTS (SELECT * FROM '.$tablas[$lvl-1].' WHERE hash = '.$res.' AND bloque = "'.$escape($REC['R']).'")'.
' LIMIT 1'); $dat = $dat ? mysql_insert_id() : false;
' LIMIT 1'); $dat = $dat ? last_insert_id() : false;
if ($dat) { do { $clave = gen_random($b64, 64);
$new = mysql_query('INSERT INTO ids (tabla, valor, num) '.
'VALUES ('.$lvl.', "'.$clave.'",'.$dat.')');
} while (!$new); $new = mysql_insert_id(); }
} while (!$new); $new = last_insert_id(); }
} } while (!$dat);
mysql_query('INSERT INTO datos (cid,tid) VALUES ('.$vis.','.$new.')');
} }; $funuser(); unset($funuser);