Edytor Ratio

**irek17** · 17-02-07 11:47

Hack pozwala na edycje ratio usera:

zapisz w ratio.php

Kod:
<?
//version 1.0
//maid by norris of supremetorrents.co.uk on 11/1/06

require_once ("include/functions.php");
require_once ("include/config.php");

dbconn();
if (!$CURUSER || $CURUSER["admin_access"]!="yes")
{
err_msg(ERROR,NOT_ADMIN_CP_ACCESS);
stdfoot();
exit;
**
standardheader("Ratio");
block_begin(Ratio);
if ($HTTP_SERVER_VARS["REQUEST_METHOD"] == "POST")
{
if ($HTTP_POST_VARS["username"] == "" || $HTTP_POST_VARS["uploaded"] == "" || $HTTP_POST_VARS["downloaded"] == "")
{
err_msg("Error", "Missing form data.");
**
$username = sqlesc($HTTP_POST_VARS["username"]);
$uploaded = sqlesc($HTTP_POST_VARS["uploaded"]);
$downloaded = sqlesc($HTTP_POST_VARS["downloaded"]);

mysql_query("UPDATE users SET uploaded=$uploaded, downloaded=$downloaded WHERE username=$username") or sqlerr(__FILE__, __LINE__);

**

?>

<table border=0 width=95% align=center><tr><td align=left width=90%>

<h1>Update Users Ratio</h1>
<form method=post action=ratio.php>
<table border=1 cellspacing=0 cellpadding=5>
<tr><td class=rowhead>Nazwa Użytkownika</td><td><input type=text name=username size=40></td></tr>
<tr><td class=rowhead>Wysłano</td><td><input type=uploaded name=uploaded size=40></td></tr>
<tr><td class=rowhead>Pobrano</td><td><input type=downloaded name=downloaded size=40></td></tr>
<tr><td colspan=2 align=center><input type=submit value="Potwierdz" class=btn></td></tr>
</table>
</form>
</table>
<?

block_end();

stdfoot();

?>
otwórz plik admincp.php

znajdź:

Kod:
print("\n<td class=\"header\" align=\"center\"><a href=\"admincp.php?do=pruneu\">Prune Users</a></td>");
i wklej pod tym:

Kod:
print("\n<td class=\"header\" align=\"center\"><a href=\"ratio.php\">Edytor Ratio</a></td>");
i w panelu admina masz button do edytora.

**Ritche** · 11-05-09 18:25

a mi wyskakuje blad;|

Multiple Choices

The document name you requested (/ratio.php) could not be found on this server. However, we found documents with names similar to the one you requested.Available documents:

/ratio.php.txt (common basename)

Please consider informing the owner of the referring page about the broken link.

**~~ramzes~~** · 11-05-09 19:03

Ritche z tego co wiem co ty pracujesz na tbsource a nie BTit

**Ritche** · 12-05-09 11:09

;Dpracuje na obu tbsource i Btit przynajmniej proboje cos z dzialac dopiero sie ucze;-)

**~~ramzes~~** · 12-05-09 17:02

aha to sorki nie wiedziałem ale najpierw naucz sie html-la potem php i potem bierz sie za strony chyba

**Ritche** · 12-05-09 17:21

zebys wiedzial naucze sie;-)juz duzo zalapalem;D

**~~ramzes~~** · 12-05-09 19:19

powodzenia no dobra sorki za offtopic :P

to i tak nie moja liga ja tylko TB

**juzik** · 15-05-09 11:21

zapisz plik jako ratio.php

Kod:

<?
require_once ("include/functions.php");
require_once ("include/config.php");
 
dbconn();
if (!$CURUSER || $CURUSER["admin_access"]!="yes")
   {
       err_msg(ERROR,NOT_ADMIN_CP_ACCESS);
       stdfoot();
       exit;
**
standardheader("Ratio");
 
?>
<script type="text/javascript">
<!--
 
var newwindow;
function popusers(url)
{
  newwindow=window.open(url,'popusers','height=150,width=450');
  if (window.focus) {newwindow.focus()**
**
 
 
// -->
</script>
<?php
 
block_begin("Ratio edytor");
if ($HTTP_SERVER_VARS["REQUEST_METHOD"] == "POST"){
	if ($_POST["receiver"] == "" || $_POST["uploaded"] == "" || $_POST["downloaded"] == ""|| $_POST["bytes"] == ""|| $_POST["action"] == ""){
		err_msg("Error", "Missing form data.");
		**
	else{	
		$username = sqlesc($_POST["receiver"]);
		if($_POST["bytes"]=='1'){
			$uploaded = $_POST["uploaded"];
			$downloaded = $_POST["downloaded"];
			**
		elseif($_POST["bytes"]=='2'){
			$uploaded = $_POST["uploaded"]*1024;
			$downloaded = $_POST["downloaded"]*1024;
			**
		elseif($_POST["bytes"]=='3'){
			$uploaded = $_POST["uploaded"]*1024*1024;
			$downloaded = $_POST["downloaded"]*1024*1024;
			**
		elseif($_POST["bytes"]=='4'){
			$uploaded = $_POST["uploaded"]*1024*1024*1024;
			$downloaded = $_POST["downloaded"]*1024*1024*1024;
			**
		elseif($_POST["bytes"]=='5'){
			$uploaded = $_POST["uploaded"]*1024*1024*1024*1024;
			$downloaded = $_POST["downloaded"]*1024*1024*1024*1024;
			**
		if($_POST["action"] =='1'){
			$result = mysql_query("SELECT uploaded, downloaded FROM users WHERE username=$username") or sqlerr(__FILE__, __LINE__);
			$arr = mysql_fetch_assoc($result);
			$uploaded = $arr["uploaded"]+$uploaded;
			$downloaded = $arr["downloaded"]+$downloaded;
			mysql_query("UPDATE users SET uploaded=$uploaded, downloaded=$downloaded WHERE username=$username") or sqlerr(__FILE__, __LINE__);
			**
		elseif($_POST["action"] =='2'){
			$result = mysql_query("SELECT uploaded, downloaded FROM users WHERE username=$username") or sqlerr(__FILE__, __LINE__);
			$arr = mysql_fetch_assoc($result);
			$uploaded = $arr["uploaded"]-$uploaded;
			$downloaded = $arr["downloaded"]-$downloaded;
			mysql_query("UPDATE users SET uploaded=$uploaded, downloaded=$downloaded WHERE username=$username") or sqlerr(__FILE__, __LINE__);
			**
		elseif($_POST["action"] =='3'){
			mysql_query("UPDATE users SET uploaded=$uploaded, downloaded=$downloaded WHERE username=$username") or sqlerr(__FILE__, __LINE__);
			**
		echo "<center><br>Ratio of <b>".$_POST["receiver"]."</b> updated.<br><br></center>";
		**
	**
else{		
	print("<form method=\"post\" action=\"ratio.php\" name=\"edit\">");
	print("<br><table cellspacing=\"0\" border=\"1\" cellpadding=\"5\" class=\"lista\" align=\"center\">");
	print("<tr><td class=\"header\">User </td><td><input type=\"text\" name=\"receiver\" size=\"20\">&nbsp;&nbsp;<a href=\"javascript:popusers('searchusers.php');\">".FIND_USER."</a></td></tr>");
	print("<tr><td class=\"header\">Uploaded</td><td><input type=\"uploaded\" name=\"uploaded\" size=\"40\"></td></tr>");
	print("<tr><td class=\"header\">Downloaded</td><td><input type=\"downloaded\" name=\"downloaded\" size=\"40\"></td></tr>");
 
	print("<tr><td width=\"58\" class=\"header\">Size:</td>");
	print("<td><input type=\"radio\" name=\"bytes\" value=\"1\">Bytes");
	print("<input type=\"radio\" name=\"bytes\" value=\"2\">KBytes");
	print("<input type=\"radio\" name=\"bytes\" value=\"3\">MBytes");
	print("<input type=\"radio\" name=\"bytes\" value=\"4\">GBytes");
	print("<input type=\"radio\" name=\"bytes\" value=\"5\">TBytes");
	print("</td></tr>");
	print("<tr><td class=\"header\">Action:</td><td><input type=\"radio\" name=\"action\" value=\"1\">Add");
	print("<input type=\"radio\" name=\"action\" value=\"2\">Remove");
	print("<input type=\"radio\" name=\"action\" value=\"3\">Replace</td></tr>");
	print("<tr><td class=\"header\" colspan=\"2\" align=\"center\"><input type=\"submit\" value=\"Okay\"></td></tr>");
	print("</table><br></form>");
	**
 
block_end();
stdfoot();
?>

w admincp.php

znajdź:

Kod:

print("\n<td class=\"header\" align=\"center\"><a href=\"admincp.php?do=pruneu\">Prune Users</a></td>");

i wklej pod tym:

Kod:

print("\n<td class=\"header\" align=\"center\"><a href=\"ratio.php\">Edytor Ratio</a></td>");

Temat: Edytor Ratio

Narzędzia wątku

Typ wyświetlania

Edytor Ratio

Błąd

haha

Informacje o Temacie

Users Browsing this Thread

Podobne wątki

PYTANIE » Edytor DVD

Adobe kupiło edytor tekstu online

TorrentLeech.org - ratio

Gigant z Redmont stworzy Edytor Online

Bookmarks

Bookmarks

Uprawnienia