= 41) { $PHP_SELF = $_SERVER['PHP_SELF']; } if(isset($admin)){ $admin = base64_decode($admin); $admin = addslashes($admin); $admin = base64_encode($admin); } if(isset($user)){ $user = base64_decode($user); $user = addslashes($user); $user = base64_encode($user); } foreach ($_GET as $sec_key => $secvalue) { if ((eregi("<[^>]*script*\"?[^>]*>", $secvalue)) || (eregi("<[^>]*object*\"?[^>]*>", $secvalue)) || (eregi("<[^>]*iframe*\"?[^>]*>", $secvalue)) || (eregi("<[^>]*applet*\"?[^>]*>", $secvalue)) || (eregi("<[^>]*meta*\"?[^>]*>", $secvalue)) || (eregi("<[^>]*style*\"?[^>]*>", $secvalue)) || (eregi("<[^>]*form*\"?[^>]*>", $secvalue)) || (eregi("<[^>]*img*\"?[^>]*>", $secvalue)) || (eregi("<[^>]*onmouseover*\"?[^>]*>", $secvalue)) || (eregi("\([^>]*\"?[^)]*\)", $secvalue)) || (eregi("\"", $secvalue))) { die ("not allowed"); } } foreach ($_POST as $secvalue) { if ((eregi("<[^>]*onmouseover*\"?[^>]*>", $secvalue)) || (eregi("<[^>]script*\"?[^>]*>", $secvalue)) || (eregi("<[^>]style*\"?[^>]*>", $secvalue))) { die ("not allowed"); } } //$siteid=21; include ("/var/www/config/config.php"); include("../includes/mysql.class.php"); $db = new sql_db($dbhost, $dbuname, $dbpass, $dbname, false); if(!$db->db_connect_id) { include("../includes/header.php"); echo "

Error:


Connection to database has failed!
check mysql server/database name/username/password









"; echo mysql_error(); include("../includes/footer.php"); die(); } //load the site info from db. $setup_sql = $db->sql_query("SELECT * FROM ".$prefix."_sites WHERE siteid=".$siteid.""); $setup_row = $db->sql_fetchrow($setup_sql); $site_name = stripslashes($setup_row['sitename']); $site_email= stripslashes($setup_row['siteemail']); $site_url = stripslashes($setup_row['siteurl']); $site_info = stripslashes($setup_row['siteinfo']); $language = stripslashes($setup_row['defaultlang']) ; $vgn_name = stripslashes($setup_row['vgnname']); $vgn_homechan = stripslashes($setup_row['vgnhomechan']); $tracking_id = stripslashes($setup_row['trackingid']); $entityid_req = stripslashes($setup_row['entityidreq']); //load the language //global function for checkig whethar user is logged in or not. //you will notice we will use it everwhere in the script. function is_logged_in($user) { global $db,$prefix,$userid; if(!is_array($user)) { $read_cookie = explode("|", base64_decode($user)); $userid = $read_cookie[0]; $passwd = $read_cookie[2]; } else { $userid = $read_cookie[0]; $passwd = $read_cookie[2]; } $userid = addslashes($userid); $userid = intval($userid); if ($userid != "" AND $passwd != "") { $result = $db->sql_query("SELECT userpw FROM ".$prefix."_users WHERE userid='$userid'"); $row = $db->sql_fetchrow($result); $pass = $row['userpw']; if($pass == $passwd && $pass != "") { return 1; } } return 0; } function is_logged_in_admin($admin) { global $db,$prefix; if(!is_array($admin)) { $read_cookie = explode("|", base64_decode($admin)); $adminid = $read_cookie[0]; $passwd = $read_cookie[2]; } else { $adminid = $read_cookie[0]; $passwd = $read_cookie[2]; } $adminid = addslashes($adminid); $adminid = intval($adminid); if ($adminid != "" AND $passwd != "") { $result = $db->sql_query("SELECT password FROM ".$prefix."_admin WHERE adminid='$adminid'"); $row = $db->sql_fetchrow($result); $pass = $row['password']; if($pass == $passwd && $pass != "") { return 1; } } return 0; } function msg_redirect($msg,$url,$seconds){ global $site_name, $site_url; global $lang, $language; if(isset($lang)) { include_once ("../includes/lang/$lang.php"); } else { include_once ("../includes/lang/$language.php"); $lang = $language ; } echo "\n" ."\n" ."\n" ."\n" ."\n" ."$site_name\n" ."\n" ."\n" ."\n" ."\n" ."\n" ."\n" ."\n" ."\n" ."\n" ."\n" ."\n" ."\n" ."\n" ."\n" ."\n" ."\n" ."\n" ."\n" ."\n" ."\n" ."\n" ."\n" ."\n" ."\n" ."\n" ."\n" ."\n" ."\n" ."\n" ."\n" ."\n" ."\n" ."\n" ."\n" ."\n" ."\n" ."\n" ."\n" ."\n" ."\n" ."\n" ."\n" ."\n" ."\n" ."\n" ."\n" ."\n" ."\n" ."\n" ."
   
   
   
   
 \n" ."\n" ." \n" ."\n" ."\n" ."\n" ."\n" ."\n" ." \n" ."\n" ."\n" ." \n" ."\n" ."\n" ."\n" ." \n" ."\n" ."\n" ."\n" ."
\n" ."

"._REDIRECTING."

" ."

$msg

" ."

" .""._CLICK_HERE_BROWSER_REDIRECT."


" ."
 
 
 
\n" ."
 
   
 Site Requirements
\n" ."The www.hkdltravelagents.com web site was designed to be viewed in Internet Explorer 6.0 or higher and in our efforts to provide media-rich content, the following free plug-ins will enable you to experience our audio, video and interactive features
 
 \n" ."\n" ."\n" ."\n" ."\n" ."\n" ."
\"IE Internet Explorer 6.0 \"Flash Flash Player 9.0 \"PDF Acrobat Reader
 
\n" ."\n" ."\n"; } function do_Autologin($authu,$authp){ // define the values from the form. //note for functions: if you want to include a value of some variables inside the funtions, //then you have to GLOBAL it first. global $prefix,$db,$authu,$authp, $remember, $lang, $language, $user_err,$pass_err,$error_msg,$REMOTE_ADDR, $userid; if(isset($lang)) { include_once ("../includes/lang/$lang.php"); } else { include_once ("../includes/lang/$language.php"); } //check username and password fields. if((!$authu) || (!$authp)){ include("../includes/lheader.php"); $reqmsg= "("._REQUIRED.")"; if(trim(empty($authu))){ $user_err= $reqmsg; } if(empty($authp)){ $pass_err= $reqmsg; } //load the login form again. login_form(); include("lfooter.php"); exit(); } ##--nothing empty? lets do the login //encyrpt password for more Security // Use the next two lines if I want to encrypt passwords...I don't. //$md5_pass = md5($password); $sql = $db->sql_query("SELECT * FROM ".$prefix."_users WHERE username='$authu' AND userpw='$authp'"); //$sql = $db->sql_query("SELECT * FROM ".$prefix."_users WHERE username='$username' AND password='$password'"); $login_check = $db->sql_numrows($sql); /////////////////////////////////////////////////////////////////////// //if the entered informations are correct, then login and create the cookies. if($login_check > 0){ while($row = $db->sql_fetchrow($sql)){ $userid = $row['userid']; $username = $row['username']; $password = $row['userpw']; $fname = $row['fname']; $langpref = $row['lastlang']; $info = base64_encode("$userid|$username|$password|$fname|$langpref"); if (isset($remember)){ setcookie("user","$info",time()+99999999); }else{ setcookie("user","$info",0); } //$db->sql_query("UPDATE ".$prefix."_users SET ipaddress='$REMOTE_ADDR', lastlogin=NOW() WHERE userid='$userid'"); $visitsql = $db->sql_query("SELECT userid FROM ".$prefix."_logins WHERE userid='$userid' LIMIT 0,1 UNION SELECT shadowid FROM ".$prefix."_shadowusers WHERE shadowid='$userid'"); $visit_check = $db->sql_numrows($visitsql); $result = $db->sql_query("INSERT INTO ".$prefix."_logins ( userid,siteid,langid,ipaddress,logindate,result) VALUES ('$userid',$siteid,'$lang','$REMOTE_ADDR',NOW(),'Valid')"); if($visit_check > 0){ //print success message and redirect browser //msg_redirect(""._LOGIN_SUCCESS."","index.php","0"); header("Location:index.php"); exit(); } else { header("Location:index.php?maa=EditMyInfo&visitcheck=null"); exit(); } } //if the entered informations are wrong, then print error message. }else{ //include("header.php"); $error_msg = ""._LOGIN_ERROR.": prefix= ".$prefix.""; unset($authu); unset($authp); include("../includes/lheader.php"); login_form(); include("../includes/lfooter.php"); exit(); } } /////////////////////////////////////// // sanitize.inc.php // Sanitization functions for PHP // by: Gavin Zuchlinski, Jamie Pratt, Hokkaido // webpage: http://libox.net // Last modified: September 27, 2003 // // Many thanks to those on the webappsec list for helping me improve these functions /////////////////////////////////////// // Function list: // sanitize_paranoid_string($string) -- input string, returns string stripped of all non // alphanumeric // sanitize_international_paranoid_string($string) -- input string, returns string stripped of all non // alphanumeric plus most unicodes // sanitize_system_string($string) -- input string, returns string stripped of special // characters // sanitize_sql_string($string) -- input string, returns string with slashed out quotes // sanitize_html_string($string) -- input string, returns string with html replacements // for special characters /////////////////////////////////////// // paranoid sanitization -- only let the alphanumeric set through function sanitize_paranoid_string($string, $min='', $max='') { $string = preg_replace("/[^a-zA-Z0-9\.\@\-\& _]/", "", $string); $len = strlen($string); if((($min != '') && ($len < $min)) || (($max != '') && ($len > $max))) { return false; } return $string; } // paranoid sanitization -- only let the international alphanumeric set through function sanitize_international_paranoid_string($string, $allowed = array()) { $allow = null; if (!empty($allowed)) { foreach ($allowed as $value) { $allow .= "\\$value"; } } if (is_array($string)) { foreach ($string as $key => $clean) { $cleaned[$key] = preg_replace("/[^{$allow}\p{L}0-9]/u", '', $clean); } } else { $cleaned = preg_replace("/[^{$allow}\p{L}0-9]/u", '', $string); } return $cleaned; } // sanitize a string in prep for passing a single argument to system() (or similar) function sanitize_system_string($string, $min='', $max='') { $pattern = '/(;|\||`|>|<|&|^|"|'."\n|\r|'".'|{|}|[|]|\)|\()/i'; // no piping, passing possible environment variables ($), // seperate commands, nested execution, file redirection, // background processing, special commands (backspace, etc.), quotes // newlines, or some other special characters $string = preg_replace($pattern, '', $string); $string = '"'.preg_replace('/\$/', '\\\$', $string).'"'; //make sure this is only interpretted as ONE argument $len = strlen($string); if((($min != '') && ($len < $min)) || (($max != '') && ($len > $max))) return FALSE; return $string; } // sanitize a string for SQL input (simple slash out quotes and slashes) function sanitize_sql_string($string, $min='', $max='') { $pattern[0] = '/(\\\\)/'; $pattern[1] = "/\"/"; $pattern[2] = "/'/"; $replacement[0] = '\\\\\\'; $replacement[1] = '\"'; $replacement[2] = "\\'"; $len = strlen($string); if((($min != '') && ($len < $min)) || (($max != '') && ($len > $max))) { return false; } return preg_replace($pattern, $replacement, $string); } // sanitize a string for HTML (make sure nothing gets interpretted!) function sanitize_html_string($string) { $pattern[0] = '/\&/'; $pattern[1] = '//"; $pattern[3] = '/\n/'; $pattern[4] = '/"/'; $pattern[5] = "/'/"; $pattern[6] = "/%/"; $pattern[7] = '/\(/'; $pattern[8] = '/\)/'; $pattern[9] = '/\+/'; $pattern[10] = '/-/'; $replacement[0] = '&'; $replacement[1] = '<'; $replacement[2] = '>'; $replacement[3] = '
'; $replacement[4] = '"'; $replacement[5] = '''; $replacement[6] = '%'; $replacement[7] = '('; $replacement[8] = ')'; $replacement[9] = '+'; $replacement[10] = '-'; return preg_replace($pattern, $replacement, $string); } function sanitize_xss_attempt($string) { if (!isset($string)) { return $string; } //strip HTML tags from input data $string = strip_tags($string); //turn all characters into their html equivalent $string = htmlentities($string, ENT_QUOTES); return $string; } // Sanitize each GET foreach ($_GET as $sec_key => $secvalue) { $_GET[$sec_key] = sanitize_xss_attempt($secvalue); } // end sanitize code function footer_Write($msid,$lang,$get_navchan){ $footerfilename = "footer_" . $msid . ".php"; $filFooterContent = fopen( $nav_path . $footerfilename, 'w' ); if ( !$filFooterContent ) { //echo ("File Not Created"); return false; } fwrite( $filFooterContent, utf8_encode(" \r")); //$get_footchan = $db->sql_query( $strSQL ); $footercontents="
"; $footercontents.="
"; $footercontents.="
"; while(($row = mysql_fetch_array($get_navchan))){ $thischan = strtolower($row['channelid']); $channame = utf8_encode($row['channame']); $footercontents.=" ".$channame." |"; } $footercontents.="

"; //$footercontents.="
"; $footercontents.="
"; $footercontents.=" Use of this site signifies your agreement to the Terms of Use. © Disney. All rights reserved."; $footercontents.="
"; //$footercontents.=" Privacy Policy/Your California Privacy Rights | Internet Safety"; $footercontents.="
"; fwrite( $filFooterContent, utf8_encode($footercontents)); } function getKeys ($qs,$dn){ $pairs=explode("&",$qs); if (eregi("google",$dn)){ foreach ($pairs as $k=>$v){ $args=explode("=",$v); if ($args[0]=="q" || $args[0]=="as_q" || $args[0]=="as_epq"){ if (strlen($args)>0 && $args[1]!="0"){ $keys=urldecode($args[1]); } } } }elseif(eregi("msn",$dn)){ foreach ($pairs as $k=>$v){ $args=explode("=",$v); if ($args[0]=="q"){ if (strlen($args[1])>0 && $args[1]!="0"){ $keys=urldecode($args[1]); } } } }elseif(eregi("yahoo",$dn)){ foreach ($pairs as $k=>$v){ $args=explode("=",$v); if ($args[0]=="p"){ if (strlen($args[1])>0 && $args[1]!="0"){ $keys=urldecode($args[1]); } } } }elseif(eregi("aol",$dn)){ foreach ($pairs as $k=>$v){ $args=explode("=",$v); if ($args[0]=="query"){ if (strlen($args[1])>0 && $args[1]!="0"){ $keys=urldecode($args[1]); } } } }elseif(eregi("hotbot",$dn)){ foreach ($pairs as $k=>$v){ $args=explode("=",$v); if ($args[0]=="query"){ if (strlen($args[1])>0 && $args[1]!="0"){ $keys=urldecode($args[1]); } } } } return $keys; } function after ($this, $inthat){ if (!is_bool(strpos($inthat, $this))) return substr($inthat, strpos($inthat,$this)+strlen($this)); } function before ($this, $inthat){ return substr($inthat, 0, strpos($inthat, $this)); } function smplEncrpt($array){ $string = implode('^|^', $array); $key = ' Ar0easgvq03vmdfQ$TvqegVq3t54'; $encrypted = base64_encode(mcrypt_encrypt(MCRYPT_RIJNDAEL_256, md5($key), $string, MCRYPT_MODE_CBC, md5(md5($key)))); return $encrypted; } function smplDecrpt($string){ $key = ' Ar0easgvq03vmdfQ$TvqegVq3t54'; $decrypted = rtrim(mcrypt_decrypt(MCRYPT_RIJNDAEL_256, md5($key), base64_decode($string), MCRYPT_MODE_CBC, md5(md5($key))), "\0"); $array = explode('^|^', $decrypted); return $array; } ?>