kom niet meer in het admin

PrO_DoWn · Bericht door **PrO_DoWn** » 11 aug 2005, 16:31

weet niet eens wat dat moet zijn owjah ik heb een adre admin laten inloggen en die kwam er ook niet in

welke mods
ummm

ez portal dacht ik dat was de enige

Bas · Bericht door **Bas** » 11 aug 2005, 16:53

Waarschijnlijk heb je de admin-redirect in login.php ook gewijzigd naar die van de portal. Zet die weer terug.

PrO_DoWn · Bericht door **PrO_DoWn** » 11 aug 2005, 16:56

wat is die voledige code

Bas · Bericht door **Bas** » 11 aug 2005, 17:01

Sorry, ik dacht even niet na.

Zet admin/pagestart.php, admin/index.php en login.php eens in een .txt-bestand en post de link hier. Daar zou de fout aan kunnen liggen.

Bericht door **Paul** » 11 aug 2005, 17:03

Doe includes/page_tail.pph ook maar, mischien word SID niet meegegeven

PrO_DoWn · Bericht door **PrO_DoWn** » 11 aug 2005, 17:05

pagestart

Code: Selecteer alles

<?php
/***************************************************************************
 *                               pagestart.php
 *                            -------------------
 *   begin                : Thursday, Aug 2, 2001
 *   copyright            : (C) 2001 The phpBB Group
 *   email                : support@phpbb.com
 *
 *   $Id: pagestart.php,v 1.1.2.9 2005/06/26 14:39:30 acydburn Exp $
 *
 *
 ***************************************************************************/

/***************************************************************************
 *
 *   This program is free software; you can redistribute it and/or modify
 *   it under the terms of the GNU General Public License as published by
 *   the Free Software Foundation; either version 2 of the License, or
 *   (at your option) any later version.
 *
 ***************************************************************************/

if (!defined('IN_PHPBB'))
{
	die("Hacking attempt");
}

define('IN_ADMIN', true);
// Include files
include($phpbb_root_path . 'common.'.$phpEx);

//
// Start session management
//
$userdata = session_pagestart($user_ip, PAGE_INDEX);
init_userprefs($userdata);
//
// End session management
//

if (!$userdata['session_logged_in'])
{
	redirect(append_sid("login.$phpEx?redirect=admin/index.$phpEx", true));
}
else if ($userdata['user_level'] != ADMIN)
{
	message_die(GENERAL_MESSAGE, $lang['Not_admin']);
}

if ($HTTP_GET_VARS['sid'] != $userdata['session_id'])
{
	$url = str_replace(preg_replace('#^\/?(.*?)\/?$#', '\1', trim($board_config['server_name'])), '', $HTTP_SERVER_VARS['REQUEST_URI']);
	$url = str_replace(preg_replace('#^\/?(.*?)\/?$#', '\1', trim($board_config['script_path'])), '', $url);
	$url = str_replace('//', '/', $url);
	$url = preg_replace('/sid=([^&]*)(&?)/i', '', $url);
	$url = preg_replace('/\?$/', '', $url);
	$url .= ((strpos($url, '?')) ? '&' : '?') . 'sid=' . $userdata['session_id'];

	redirect("index.$phpEx?sid=" . $userdata['session_id']);
}

if (!$userdata['session_admin'])
{
	redirect(append_sid("login.$phpEx?redirect=admin/index.$phpEx&admin=1", true));
}

if (empty($no_page_header))
{
	// Not including the pageheader can be neccesarry if META tags are
	// needed in the calling script.
	include('./page_header_admin.'.$phpEx);
}

?>

admin/index.php

<?php
/***************************************************************************
* (admin) index.php
* -------------------
* begin : Saturday, Feb 13, 2001
* copyright : (C) 2001 The phpBB Group
* email : support@phpbb.com
*
* $Id: index.php,v 1.40.2.7 2005/02/21 18:37:02 acydburn Exp $
*
*
***************************************************************************/

/***************************************************************************
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
***************************************************************************/

define('IN_PHPBB', 1);

//
// Load default header
//
$no_page_header = TRUE;
$phpbb_root_path = "./../";
require($phpbb_root_path . 'extension.inc');
require('./pagestart.' . $phpEx);

// ---------------
// Begin functions
//
function inarray($needle, $haystack)
{
for($i = 0; $i < sizeof($haystack); $i++ )
{
if( $haystack[$i] == $needle )
{
return true;
}
}
return false;
}
//
// End functions
// -------------

//
// Generate relevant output
//
if( isset($HTTP_GET_VARS['pane']) && $HTTP_GET_VARS['pane'] == 'left' )
{
$dir = @opendir(".");

$setmodules = 1;
while( $file = @readdir($dir) )
{
if( preg_match("/^admin_.*?\." . $phpEx . "$/", $file) )
{
include($file);
}
}

@closedir($dir);

unset($setmodules);

include('./page_header_admin.'.$phpEx);

$template->set_filenames(array(
"body" => "admin/index_navigate.tpl")
);

$template->assign_vars(array(
"U_FORUM_INDEX" => append_sid("../portal.$phpEx"),
"U_ADMIN_INDEX" => append_sid("portal.$phpEx?pane=right"),

"L_FORUM_INDEX" => $lang['Main_index'],
"L_ADMIN_INDEX" => $lang['Admin_Index'],
"L_PREVIEW_FORUM" => $lang['Preview_forum'])
);

ksort($module);

while( list($cat, $action_array) = each($module) )
{
$cat = ( !empty($lang[$cat]) ) ? $lang[$cat] : preg_replace("/_/", " ", $cat);

$template->assign_block_vars("catrow", array(
"ADMIN_CATEGORY" => $cat)
);

ksort($action_array);

$row_count = 0;
while( list($action, $file) = each($action_array) )
{
$row_color = ( !($row_count%2) ) ? $theme['td_color1'] : $theme['td_color2'];
$row_class = ( !($row_count%2) ) ? $theme['td_class1'] : $theme['td_class2'];

$action = ( !empty($lang[$action]) ) ? $lang[$action] : preg_replace("/_/", " ", $action);

$template->assign_block_vars("catrow.modulerow", array(
"ROW_COLOR" => "#" . $row_color,
"ROW_CLASS" => $row_class,

"ADMIN_MODULE" => $action,
"U_ADMIN_MODULE" => append_sid($file))
);
$row_count++;
}
}

$template->pparse("body");

include('./page_footer_admin.'.$phpEx);
}
elseif( isset($HTTP_GET_VARS['pane']) && $HTTP_GET_VARS['pane'] == 'right' )
{

include('./page_header_admin.'.$phpEx);

$template->set_filenames(array(
"body" => "admin/index_body.tpl")
);

$template->assign_vars(array(
"L_WELCOME" => $lang['Welcome_phpBB'],
"L_ADMIN_INTRO" => $lang['Admin_intro'],
"L_FORUM_STATS" => $lang['Forum_stats'],
"L_WHO_IS_ONLINE" => $lang['Who_is_Online'],
"L_USERNAME" => $lang['Username'],
"L_LOCATION" => $lang['Location'],
"L_LAST_UPDATE" => $lang['Last_updated'],
"L_IP_ADDRESS" => $lang['IP_Address'],
"L_STATISTIC" => $lang['Statistic'],
"L_VALUE" => $lang['Value'],
"L_NUMBER_POSTS" => $lang['Number_posts'],
"L_POSTS_PER_DAY" => $lang['Posts_per_day'],
"L_NUMBER_TOPICS" => $lang['Number_topics'],
"L_TOPICS_PER_DAY" => $lang['Topics_per_day'],
"L_NUMBER_USERS" => $lang['Number_users'],
"L_USERS_PER_DAY" => $lang['Users_per_day'],
"L_BOARD_STARTED" => $lang['Board_started'],
"L_AVATAR_DIR_SIZE" => $lang['Avatar_dir_size'],
"L_DB_SIZE" => $lang['Database_size'],
"L_FORUM_LOCATION" => $lang['Forum_Location'],
"L_STARTED" => $lang['Login'],
"L_GZIP_COMPRESSION" => $lang['Gzip_compression'])
);

//
// Get forum statistics
//
$total_posts = get_db_stat('postcount');
$total_users = get_db_stat('usercount');
$total_topics = get_db_stat('topiccount');

$start_date = create_date($board_config['default_dateformat'], $board_config['board_startdate'], $board_config['board_timezone']);

$boarddays = ( time() - $board_config['board_startdate'] ) / 86400;

$posts_per_day = sprintf("%.2f", $total_posts / $boarddays);
$topics_per_day = sprintf("%.2f", $total_topics / $boarddays);
$users_per_day = sprintf("%.2f", $total_users / $boarddays);

$avatar_dir_size = 0;

if ($avatar_dir = @opendir($phpbb_root_path . $board_config['avatar_path']))
{
while( $file = @readdir($avatar_dir) )
{
if( $file != "." && $file != ".." )
{
$avatar_dir_size += @filesize($phpbb_root_path . $board_config['avatar_path'] . "/" . $file);
}
}
@closedir($avatar_dir);

//
// This bit of code translates the avatar directory size into human readable format
// Borrowed the code from the PHP.net annoted manual, origanally written by:
// Jesse (jesse@jess.on.ca)
//
if($avatar_dir_size >= 1048576)
{
$avatar_dir_size = round($avatar_dir_size / 1048576 * 100) / 100 . " MB";
}
else if($avatar_dir_size >= 1024)
{
$avatar_dir_size = round($avatar_dir_size / 1024 * 100) / 100 . " KB";
}
else
{
$avatar_dir_size = $avatar_dir_size . " Bytes";
}

}
else
{
// Couldn't open Avatar dir.
$avatar_dir_size = $lang['Not_available'];
}

if($posts_per_day > $total_posts)
{
$posts_per_day = $total_posts;
}

if($topics_per_day > $total_topics)
{
$topics_per_day = $total_topics;
}

if($users_per_day > $total_users)
{
$users_per_day = $total_users;
}

//
// DB size ... MySQL only
//
// This code is heavily influenced by a similar routine
// in phpMyAdmin 2.2.0
//
if( preg_match("/^mysql/", SQL_LAYER) )
{
$sql = "SELECT VERSION() AS mysql_version";
if($result = $db->sql_query($sql))
{
$row = $db->sql_fetchrow($result);
$version = $row['mysql_version'];

if( preg_match("/^(3\.23|4\.)/", $version) )
{
$db_name = ( preg_match("/^(3\.23\.[6-9])|(3\.23\.[1-9][1-9])|(4\.)/", $version) ) ? "`$dbname`" : $dbname;

$sql = "SHOW TABLE STATUS
FROM " . $db_name;
if($result = $db->sql_query($sql))
{
$tabledata_ary = $db->sql_fetchrowset($result);

$dbsize = 0;
for($i = 0; $i < count($tabledata_ary); $i++)
{
if( $tabledata_ary[$i]['Type'] != "MRG_MyISAM" )
{
if( $table_prefix != "" )
{
if( strstr($tabledata_ary[$i]['Name'], $table_prefix) )
{
$dbsize += $tabledata_ary[$i]['Data_length'] + $tabledata_ary[$i]['Index_length'];
}
}
else
{
$dbsize += $tabledata_ary[$i]['Data_length'] + $tabledata_ary[$i]['Index_length'];
}
}
}
} // Else we couldn't get the table status.
}
else
{
$dbsize = $lang['Not_available'];
}
}
else
{
$dbsize = $lang['Not_available'];
}
}
else if( preg_match("/^mssql/", SQL_LAYER) )
{
$sql = "SELECT ((SUM(size) * 8.0) * 1024.0) as dbsize
FROM sysfiles";
if( $result = $db->sql_query($sql) )
{
$dbsize = ( $row = $db->sql_fetchrow($result) ) ? intval($row['dbsize']) : $lang['Not_available'];
}
else
{
$dbsize = $lang['Not_available'];
}
}
else
{
$dbsize = $lang['Not_available'];
}

if ( is_integer($dbsize) )
{
if( $dbsize >= 1048576 )
{
$dbsize = sprintf("%.2f MB", ( $dbsize / 1048576 ));
}
else if( $dbsize >= 1024 )
{
$dbsize = sprintf("%.2f KB", ( $dbsize / 1024 ));
}
else
{
$dbsize = sprintf("%.2f Bytes", $dbsize);
}
}

$template->assign_vars(array(
"NUMBER_OF_POSTS" => $total_posts,
"NUMBER_OF_TOPICS" => $total_topics,
"NUMBER_OF_USERS" => $total_users,
"START_DATE" => $start_date,
"POSTS_PER_DAY" => $posts_per_day,
"TOPICS_PER_DAY" => $topics_per_day,
"USERS_PER_DAY" => $users_per_day,
"AVATAR_DIR_SIZE" => $avatar_dir_size,
"DB_SIZE" => $dbsize,
"GZIP_COMPRESSION" => ( $board_config['gzip_compress'] ) ? $lang['ON'] : $lang['OFF'])
);
//
// End forum statistics
//

//
// Get users online information.
//
$sql = "SELECT u.user_id, u.username, u.user_session_time, u.user_session_page, s.session_logged_in, s.session_ip, s.session_start
FROM " . USERS_TABLE . " u, " . SESSIONS_TABLE . " s
WHERE s.session_logged_in = " . TRUE . "
AND u.user_id = s.session_user_id
AND u.user_id <> " . ANONYMOUS . "
AND s.session_time >= " . ( time() - 300 ) . "
ORDER BY u.user_session_time DESC";
if(!$result = $db->sql_query($sql))
{
message_die(GENERAL_ERROR, "Couldn't obtain regd user/online information.", "", __LINE__, __FILE__, $sql);
}
$onlinerow_reg = $db->sql_fetchrowset($result);

$sql = "SELECT session_page, session_logged_in, session_time, session_ip, session_start
FROM " . SESSIONS_TABLE . "
WHERE session_logged_in = 0
AND session_time >= " . ( time() - 300 ) . "
ORDER BY session_time DESC";
if(!$result = $db->sql_query($sql))
{
message_die(GENERAL_ERROR, "Couldn't obtain guest user/online information.", "", __LINE__, __FILE__, $sql);
}
$onlinerow_guest = $db->sql_fetchrowset($result);

$sql = "SELECT forum_name, forum_id
FROM " . FORUMS_TABLE;
if($forums_result = $db->sql_query($sql))
{
while($forumsrow = $db->sql_fetchrow($forums_result))
{
$forum_data[$forumsrow['forum_id']] = $forumsrow['forum_name'];
}
}
else
{
message_die(GENERAL_ERROR, "Couldn't obtain user/online forums information.", "", __LINE__, __FILE__, $sql);
}

$reg_userid_ary = array();

if( count($onlinerow_reg) )
{
$registered_users = 0;

for($i = 0; $i < count($onlinerow_reg); $i++)
{
if( !inarray($onlinerow_reg[$i]['user_id'], $reg_userid_ary) )
{
$reg_userid_ary[] = $onlinerow_reg[$i]['user_id'];

$username = $onlinerow_reg[$i]['username'];

if( $onlinerow_reg[$i]['user_allow_viewonline'] || $userdata['user_level'] == ADMIN )
{
$registered_users++;
$hidden = FALSE;
}
else
{
$hidden_users++;
$hidden = TRUE;
}

if( $onlinerow_reg[$i]['user_session_page'] < 1 )
{
switch($onlinerow_reg[$i]['user_session_page'])
{
case PAGE_INDEX:
$location = $lang['Forum_index'];
$location_url = "index.$phpEx?pane=right";
break;
case PAGE_POSTING:
$location = $lang['Posting_message'];
$location_url = "index.$phpEx?pane=right";
break;
case PAGE_LOGIN:
$location = $lang['Logging_on'];
$location_url = "index.$phpEx?pane=right";
break;
case PAGE_SEARCH:
$location = $lang['Searching_forums'];
$location_url = "index.$phpEx?pane=right";
break;
case PAGE_PROFILE:
$location = $lang['Viewing_profile'];
$location_url = "index.$phpEx?pane=right";
break;
case PAGE_VIEWONLINE:
$location = $lang['Viewing_online'];
$location_url = "index.$phpEx?pane=right";
break;
case PAGE_VIEWMEMBERS:
$location = $lang['Viewing_member_list'];
$location_url = "index.$phpEx?pane=right";
break;
case PAGE_PRIVMSGS:
$location = $lang['Viewing_priv_msgs'];
$location_url = "index.$phpEx?pane=right";
break;
case PAGE_FAQ:
$location = $lang['Viewing_FAQ'];
$location_url = "index.$phpEx?pane=right";
break;
default:
$location = $lang['Forum_index'];
$location_url = "index.$phpEx?pane=right";
}
}
else
{
$location_url = append_sid("admin_forums.$phpEx?mode=editforum&" . POST_FORUM_URL . "=" . $onlinerow_reg[$i]['user_session_page']);
$location = $forum_data[$onlinerow_reg[$i]['user_session_page']];
}

$row_color = ( $registered_users % 2 ) ? $theme['td_color1'] : $theme['td_color2'];
$row_class = ( $registered_users % 2 ) ? $theme['td_class1'] : $theme['td_class2'];

$reg_ip = decode_ip($onlinerow_reg[$i]['session_ip']);

$template->assign_block_vars("reg_user_row", array(
"ROW_COLOR" => "#" . $row_color,
"ROW_CLASS" => $row_class,
"USERNAME" => $username,
"STARTED" => create_date($board_config['default_dateformat'], $onlinerow_reg[$i]['session_start'], $board_config['board_timezone']),
"LASTUPDATE" => create_date($board_config['default_dateformat'], $onlinerow_reg[$i]['user_session_time'], $board_config['board_timezone']),
"FORUM_LOCATION" => $location,
"IP_ADDRESS" => $reg_ip,

"U_WHOIS_IP" => "http://network-tools.com/default.asp?host=$reg_ip",
"U_USER_PROFILE" => append_sid("admin_users.$phpEx?mode=edit&" . POST_USERS_URL . "=" . $onlinerow_reg[$i]['user_id']),
"U_FORUM_LOCATION" => append_sid($location_url))
);
}
}

}
else
{
$template->assign_vars(array(
"L_NO_REGISTERED_USERS_BROWSING" => $lang['No_users_browsing'])
);
}

//
// Guest users
//
if( count($onlinerow_guest) )
{
$guest_users = 0;

for($i = 0; $i < count($onlinerow_guest); $i++)
{
$guest_userip_ary[] = $onlinerow_guest[$i]['session_ip'];
$guest_users++;

if( $onlinerow_guest[$i]['session_page'] < 1 )
{
switch( $onlinerow_guest[$i]['session_page'] )
{
case PAGE_INDEX:
$location = $lang['Forum_index'];
$location_url = "index.$phpEx?pane=right";
break;
case PAGE_POSTING:
$location = $lang['Posting_message'];
$location_url = "index.$phpEx?pane=right";
break;
case PAGE_LOGIN:
$location = $lang['Logging_on'];
$location_url = "index.$phpEx?pane=right";
break;
case PAGE_SEARCH:
$location = $lang['Searching_forums'];
$location_url = "index.$phpEx?pane=right";
break;
case PAGE_PROFILE:
$location = $lang['Viewing_profile'];
$location_url = "index.$phpEx?pane=right";
break;
case PAGE_VIEWONLINE:
$location = $lang['Viewing_online'];
$location_url = "index.$phpEx?pane=right";
break;
case PAGE_VIEWMEMBERS:
$location = $lang['Viewing_member_list'];
$location_url = "index.$phpEx?pane=right";
break;
case PAGE_PRIVMSGS:
$location = $lang['Viewing_priv_msgs'];
$location_url = "index.$phpEx?pane=right";
break;
case PAGE_FAQ:
$location = $lang['Viewing_FAQ'];
$location_url = "index.$phpEx?pane=right";
break;
default:
$location = $lang['Forum_index'];
$location_url = "index.$phpEx?pane=right";
}
}
else
{
$location_url = append_sid("admin_forums.$phpEx?mode=editforum&" . POST_FORUM_URL . "=" . $onlinerow_guest[$i]['session_page']);
$location = $forum_data[$onlinerow_guest[$i]['session_page']];
}

$row_color = ( $guest_users % 2 ) ? $theme['td_color1'] : $theme['td_color2'];
$row_class = ( $guest_users % 2 ) ? $theme['td_class1'] : $theme['td_class2'];

$guest_ip = decode_ip($onlinerow_guest[$i]['session_ip']);

$template->assign_block_vars("guest_user_row", array(
"ROW_COLOR" => "#" . $row_color,
"ROW_CLASS" => $row_class,
"USERNAME" => $lang['Guest'],
"STARTED" => create_date($board_config['default_dateformat'], $onlinerow_guest[$i]['session_start'], $board_config['board_timezone']),
"LASTUPDATE" => create_date($board_config['default_dateformat'], $onlinerow_guest[$i]['session_time'], $board_config['board_timezone']),
"FORUM_LOCATION" => $location,
"IP_ADDRESS" => $guest_ip,

"U_WHOIS_IP" => "http://network-tools.com/default.asp?host=$guest_ip",
"U_FORUM_LOCATION" => append_sid($location_url))
);
}

}
else
{
$template->assign_vars(array(
"L_NO_GUESTS_BROWSING" => $lang['No_users_browsing'])
);
}

// Check for new version
$current_version = explode('.', '2' . $board_config['version']);
$minor_revision = (int) $current_version[2];

$errno = 0;
$errstr = $version_info = '';

if ($fsock = @fsockopen('www.phpbb.com', 80, $errno, $errstr))
{
@fputs($fsock, "GET /updatecheck/20x.txt HTTP/1.1\r\n");
@fputs($fsock, "HOST: http://www.phpbb.com\r\n");
@fputs($fsock, "Connection: close\r\n\r\n");

$get_info = false;
while (!@feof($fsock))
{
if ($get_info)
{
$version_info .= @fread($fsock, 1024);
}
else
{
if (@fgets($fsock, 1024) == "\r\n")
{
$get_info = true;
}
}
}
@fclose($fsock);

$version_info = explode("\n", $version_info);
$latest_head_revision = (int) $version_info[0];
$latest_minor_revision = (int) $version_info[2];
$latest_version = (int) $version_info[0] . '.' . (int) $version_info[1] . '.' . (int) $version_info[2];

if ($latest_head_revision == 2 && $minor_revision == $latest_minor_revision)
{
$version_info = '' . $lang['Version_up_to_date'] . '';
}
else
{
$version_info = '' . $lang['Version_not_up_to_date'];
$version_info .= ' ' . sprintf($lang['Latest_version_info'], $latest_version) . sprintf($lang['Current_version_info'], '2' . $board_config['version']) . '';
}
}
else
{
if ($errstr)
{
$version_info = '' . sprintf($lang['Connect_socket_error'], $errstr) . '';
}
else
{
$version_info = '' . $lang['Socket_functions_disabled'] . '';
}
}

$version_info .= '' . $lang['Mailing_list_subscribe_reminder'] . '';

$template->assign_vars(array(
'VERSION_INFO' => $version_info,
'L_VERSION_INFORMATION' => $lang['Version_information'])
);

$template->pparse("body");

include('./page_footer_admin.'.$phpEx);

}
else
{
//
// Generate frameset
//
$template->set_filenames(array(
"body" => "admin/index_frameset.tpl")
);

$template->assign_vars(array(
"S_FRAME_NAV" => append_sid("index.$phpEx?pane=left"),
"S_FRAME_MAIN" => append_sid("index.$phpEx?pane=right"))
);

header ("Expires: " . gmdate("D, d M Y H:i:s", time()) . " GMT");
header ("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");

$template->pparse("body");

$db->sql_close();
exit;

}

?>

login

Code: Selecteer alles

<?php
/***************************************************************************
 *                                login.php
 *                            -------------------
 *   begin                : Saturday, Feb 13, 2001
 *   copyright            : (C) 2001 The phpBB Group
 *   email                : support@phpbb.com
 *
 *   $Id: login.php,v 1.47.2.17 2004/11/18 17:49:35 acydburn Exp $
 *
 *
 ***************************************************************************/

/***************************************************************************
 *
 *   This program is free software; you can redistribute it and/or modify
 *   it under the terms of the GNU General Public License as published by
 *   the Free Software Foundation; either version 2 of the License, or
 *   (at your option) any later version.
 *
 ***************************************************************************/

//
// Allow people to reach login page if
// board is shut down
//
define("IN_LOGIN", true);

define('IN_PHPBB', true);
$phpbb_root_path = './';
include($phpbb_root_path . 'extension.inc');
include($phpbb_root_path . 'common.'.$phpEx);

//
// Set page ID for session management
//
$userdata = session_pagestart($user_ip, PAGE_LOGIN);
init_userprefs($userdata);
//
// End session management
//

// session id check
if (!empty($HTTP_POST_VARS['sid']) || !empty($HTTP_GET_VARS['sid']))
{
	$sid = (!empty($HTTP_POST_VARS['sid'])) ? $HTTP_POST_VARS['sid'] : $HTTP_GET_VARS['sid'];
}
else
{
	$sid = '';
}

if( isset($HTTP_POST_VARS['login']) || isset($HTTP_GET_VARS['login']) || isset($HTTP_POST_VARS['logout']) || isset($HTTP_GET_VARS['logout']) )
{
	if( ( isset($HTTP_POST_VARS['login']) || isset($HTTP_GET_VARS['login']) ) && !$userdata['session_logged_in'] )
	{
		$username = isset($HTTP_POST_VARS['username']) ? phpbb_clean_username($HTTP_POST_VARS['username']) : '';
		$password = isset($HTTP_POST_VARS['password']) ? $HTTP_POST_VARS['password'] : '';

		$sql = "SELECT user_id, username, user_password, user_active, user_level
			FROM " . USERS_TABLE . "
			WHERE username = '" . str_replace("\\'", "''", $username) . "'";
		if ( !($result = $db->sql_query($sql)) )
		{
			message_die(GENERAL_ERROR, 'Error in obtaining userdata', '', __LINE__, __FILE__, $sql);
		}

		if( $row = $db->sql_fetchrow($result) )
		{
			if( $row['user_level'] != ADMIN && $board_config['board_disable'] )
			{
				redirect(append_sid("portal.$phpEx", true));
			}
			else
			{
				if( md5($password) == $row['user_password'] && $row['user_active'] )
				{
					$autologin = ( isset($HTTP_POST_VARS['autologin']) ) ? TRUE : 0;

					$session_id = session_begin($row['user_id'], $user_ip, PAGE_INDEX, FALSE, $autologin);

					if( $session_id )
					{
						$url = ( !empty($HTTP_POST_VARS['redirect']) ) ? str_replace('&', '&', htmlspecialchars($HTTP_POST_VARS['redirect'])) : "portal.$phpEx";
						redirect(append_sid($url, true));
					}
					else
					{
						message_die(CRITICAL_ERROR, "Couldn't start session : login", "", __LINE__, __FILE__);
					}
				}
				else
				{
					$redirect = ( !empty($HTTP_POST_VARS['redirect']) ) ? str_replace('&', '&', htmlspecialchars($HTTP_POST_VARS['redirect'])) : '';
					$redirect = str_replace('?', '&', $redirect);

					if (strstr(urldecode($redirect), "\n") || strstr(urldecode($redirect), "\r"))
					{
						message_die(GENERAL_ERROR, 'Tried to redirect to potentially insecure url.');
					}

					$template->assign_vars(array(
						'META' => "<meta http-equiv=\"refresh\" content=\"3;url=login.$phpEx?redirect=$redirect\">")
					);

					$message = $lang['Error_login'] . '<br /><br />' . sprintf($lang['Click_return_login'], "<a href=\"login.$phpEx?redirect=$redirect\">", '</a>') . '<br /><br />' .  sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>');

					message_die(GENERAL_MESSAGE, $message);
				}
			}
		}
		else
		{
			$redirect = ( !empty($HTTP_POST_VARS['redirect']) ) ? str_replace('&', '&', htmlspecialchars($HTTP_POST_VARS['redirect'])) : "";
			$redirect = str_replace("?", "&", $redirect);

			if (strstr(urldecode($redirect), "\n") || strstr(urldecode($redirect), "\r"))
			{
				message_die(GENERAL_ERROR, 'Tried to redirect to potentially insecure url.');
			}

			$template->assign_vars(array(
				'META' => "<meta http-equiv=\"refresh\" content=\"3;url=login.$phpEx?redirect=$redirect\">")
			);

			$message = $lang['Error_login'] . '<br /><br />' . sprintf($lang['Click_return_login'], "<a href=\"login.$phpEx?redirect=$redirect\">", '</a>') . '<br /><br />' .  sprintf($lang['Click_return_index'], '<a href="' . append_sid("index.$phpEx") . '">', '</a>');

			message_die(GENERAL_MESSAGE, $message);
		}
	}
	else if( ( isset($HTTP_GET_VARS['logout']) || isset($HTTP_POST_VARS['logout']) ) && $userdata['session_logged_in'] )
	{
		if( $userdata['session_logged_in'] )
		{
			session_end($userdata['session_id'], $userdata['user_id']);
		}

		if (!empty($HTTP_POST_VARS['redirect']) || !empty($HTTP_GET_VARS['redirect']))
		{
			$url = (!empty($HTTP_POST_VARS['redirect'])) ? htmlspecialchars($HTTP_POST_VARS['redirect']) : htmlspecialchars($HTTP_GET_VARS['redirect']);
			$url = str_replace('&', '&', $url);
			redirect(append_sid($url, true));
		}
		else
		{
			redirect(append_sid("portal.$phpEx", true));
		}
	}
	else
	{
		$url = ( !empty($HTTP_POST_VARS['redirect']) ) ? str_replace('&', '&', htmlspecialchars($HTTP_POST_VARS['redirect'])) : "portal.$phpEx";
		redirect(append_sid($url, true));
	}
}
else
{
	//
	// Do a full login page dohickey if
	// user not already logged in
	//
	if( !$userdata['session_logged_in'] )
	{
		$page_title = $lang['Login'];
		include($phpbb_root_path . 'includes/page_header.'.$phpEx);

		$template->set_filenames(array(
			'body' => 'login_body.tpl')
		);

		if( isset($HTTP_POST_VARS['redirect']) || isset($HTTP_GET_VARS['redirect']) )
		{
			$forward_to = $HTTP_SERVER_VARS['QUERY_STRING'];

			if( preg_match("/^redirect=([a-z0-9\.#\/\?&=\+\-_]+)/si", $forward_to, $forward_matches) )
			{
				$forward_to = ( !empty($forward_matches[3]) ) ? $forward_matches[3] : $forward_matches[1];
				$forward_match = explode('&', $forward_to);

				if(count($forward_match) > 1)
				{
					$forward_page = '';

					for($i = 1; $i < count($forward_match); $i++)
					{
						if( !ereg("sid=", $forward_match[$i]) )
						{
							if( $forward_page != '' )
							{
								$forward_page .= '&';
							}
							$forward_page .= $forward_match[$i];
						}
					}
					$forward_page = $forward_match[0] . '?' . $forward_page;
				}
				else
				{
					$forward_page = $forward_match[0];
				}
			}
		}
		else
		{
			$forward_page = '';
		}

		$username = ( $userdata['user_id'] != ANONYMOUS ) ? $userdata['username'] : '';

		$s_hidden_fields = '<input type="hidden" name="redirect" value="' . $forward_page . '" />';

		make_jumpbox('viewforum.'.$phpEx, $forum_id);
		$template->assign_vars(array(
			'USERNAME' => $username,

			'L_ENTER_PASSWORD' => $lang['Enter_password'],
			'L_SEND_PASSWORD' => $lang['Forgotten_password'],

			'U_SEND_PASSWORD' => append_sid("profile.$phpEx?mode=sendpassword"),

			'S_HIDDEN_FIELDS' => $s_hidden_fields)
		);

		$template->pparse('body');

		include($phpbb_root_path . 'includes/page_tail.'.$phpEx);
	}
	else
	{
		redirect(append_sid("portal.$phpEx", true));
	}

}

?>

edit

paulus hier is hij

Code: Selecteer alles

<?php
/***************************************************************************
 *                              page_tail.php
 *                            -------------------
 *   begin                : Saturday, Feb 13, 2001
 *   copyright            : (C) 2001 The phpBB Group
 *   email                : support@phpbb.com
 *
 *   $Id: page_tail.php,v 1.27.2.3 2004/12/22 02:04:00 psotfx Exp $
 *
 *
 ***************************************************************************/

/***************************************************************************
 *
 *   This program is free software; you can redistribute it and/or modify
 *   it under the terms of the GNU General Public License as published by
 *   the Free Software Foundation; either version 2 of the License, or
 *   (at your option) any later version.
 *
 ***************************************************************************/

if ( !defined('IN_PHPBB') )
{
	die('Hacking attempt');
}

//
// Show the overall footer.
//
$admin_link = ( $userdata['user_level'] == ADMIN ) ? '<a href="admin/index.' . $phpEx . '?sid=' . $userdata['session_id'] . '">' . $lang['Admin_panel'] . '</a><br /><br />' : '';

$template->set_filenames(array(
	'overall_footer' => ( empty($gen_simple_header) ) ? 'overall_footer.tpl' : 'simple_footer.tpl')
);

$template->assign_vars(array(
	'TRANSLATION_INFO' => ( isset($lang['TRANSLATION_INFO']) ) ? $lang['TRANSLATION_INFO'] : '',
	'ADMIN_LINK' => $admin_link)
);

$template->pparse('overall_footer');

//
// Close our DB connection.
//
$db->sql_close();

//
// Compress buffered output if required and send to browser
//
if ( $do_gzip_compress )
{
	//
	// Borrowed from php.net!
	//
	$gzip_contents = ob_get_contents();
	ob_end_clean();

	$gzip_size = strlen($gzip_contents);
	$gzip_crc = crc32($gzip_contents);

	$gzip_contents = gzcompress($gzip_contents, 9);
	$gzip_contents = substr($gzip_contents, 0, strlen($gzip_contents) - 4);

	echo "\x1f\x8b\x08\x00\x00\x00\x00\x00";
	echo $gzip_contents;
	echo pack('V', $gzip_crc);
	echo pack('V', $gzip_size);
}

exit;

?>

Bericht door **Paul** » 11 aug 2005, 17:08

We vroegen om het in een txt op je host te zetten

.

Bas · Bericht door **Bas** » 11 aug 2005, 17:08

Nooit gehoord van "in een tekstbestand"?

(tip, gebruik deze handige dienst van Stef, plak daar de code in, en geef de URL die hij geeft, en doe dat voor elk bestand 1 keer.)

PrO_DoWn · Bericht door **PrO_DoWn** » 11 aug 2005, 17:10

http://tfc.stefvanderlinden.nl/upload/pagestart.php.txt

deze index.php deed hij niet

login was ook te groot dus kunnen jullie dat doen

http://tfc.stefvanderlinden.nl/upload/p ... php%20.txt

PrO_DoWn · Bericht door **PrO_DoWn** » 11 aug 2005, 18:11

ben geholen door bas

bedankt allemaal