i have problem with my website.. one user can access my website without registering as member.. furthermore he have admin access at my shoutbox.. he also have:-
+admin access
+admin icon
+rating shout 9999999....
+IP is not in the range in office intranet (something like 255.255.255.255)
+i already banned his ip but he still there!
+his name never show in who's online list
i dont know how he can get admin access without registering and he can shout at my shoutbox.
i already secured my phpmyadmin/mysql with password and new alias for phpmyadmin & upgrade my wamp using the latest one.
below i provide my shoutbox code.. btw im super noob
plz help me anyone... arghhh
TQ
Code: Select all
<?php require_once('Connections/alex.php'); ?>
<?php
$currentPage = $_SERVER["PHP_SELF"];
session_start();
if(!session_is_registered(MM_Username))
{ header("location:Denied.php");
}
function GetSQLValueString($theValue, $theType, $theDefinedValue = "", $theNotDefinedValue = "")
{ $theValue = (!get_magic_quotes_gpc()) ? addslashes($theValue) : $theValue;
switch ($theType)
{ case "text":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "long":
case "int":
$theValue = ($theValue != "") ? intval($theValue) : "NULL";
break;
case "double":
$theValue = ($theValue != "") ? "'" . doubleval($theValue) . "'" : "NULL";
break;
case "date":
$theValue = ($theValue != "") ? "'" . $theValue . "'" : "NULL";
break;
case "defined":
$theValue = ($theValue != "") ? $theDefinedValue : $theNotDefinedValue;
break;
}
return $theValue;
}
$editFormAction = $_SERVER['PHP_SELF'];
if (isset($_SERVER['QUERY_STRING']))
{ $editFormAction .= "?" . htmlentities($_SERVER['QUERY_STRING']);
}
if ((isset($_POST["MM_insert"])) && ($_POST["MM_insert"] == "shout"))
{ $insertSQL = sprintf("INSERT INTO comments (UserName, Level, Comments, Point) VALUES (%s, %s, %s, %s)",
GetSQLValueString($_POST['user'], "text"),
GetSQLValueString($_POST['Level'], "text"),
GetSQLValueString($_POST['shout'], "text"),
GetSQLValueString($_POST['Pt'], "text"));
mysql_select_db($database_alex, $alex);
$Result1 = mysql_query($insertSQL, $alex) or die(mysql_error());
$insertGoTo = "ShoutBox.php";
if (isset($_SERVER['QUERY_STRING']))
{ $insertGoTo .= (strpos($insertGoTo, '?')) ? "&" : "?";
$insertGoTo .= $_SERVER['QUERY_STRING'];
}
header(sprintf("Location: %s", $insertGoTo));
}
$colname_user = "1";
if (isset($_SESSION['MM_Username']))
{ $colname_user = (get_magic_quotes_gpc()) ? $_SESSION['MM_Username'] : addslashes($_SESSION['MM_Username']);
}
mysql_select_db($database_alex, $alex);
$query_user = sprintf("SELECT * FROM `user` WHERE UserName = '%s'", $colname_user);
$user = mysql_query($query_user, $alex) or die(mysql_error());
$row_user = mysql_fetch_assoc($user);
$totalRows_user = mysql_num_rows($user);
mysql_select_db($database_alex, $alex);
$query_point = sprintf("SELECT * FROM comments WHERE UserName = '%s' ORDER BY Point DESC", $colname_user);
$point = mysql_query($query_point, $alex) or die(mysql_error());
$row_point = mysql_fetch_assoc($point);
$totalRows_point = mysql_num_rows($point);
$maxRows_shout = 40;
$pageNum_shout = 0;
if (isset($_GET['pageNum_shout']))
{ $pageNum_shout = $_GET['pageNum_shout'];
}
$startRow_shout = $pageNum_shout * $maxRows_shout;
mysql_select_db($database_alex, $alex);
$query_shout = "SELECT * FROM comments ORDER BY `Date` DESC";
$query_limit_shout = sprintf("%s LIMIT %d, %d", $query_shout, $startRow_shout, $maxRows_shout);
$shout = mysql_query($query_limit_shout, $alex) or die(mysql_error());
$row_shout = mysql_fetch_assoc($shout);
if (isset($_GET['totalRows_shout']))
{ $totalRows_shout = $_GET['totalRows_shout'];
}
else
{ $all_shout = mysql_query($query_shout);
$totalRows_shout = mysql_num_rows($all_shout);
}
$totalPages_shout = ceil($totalRows_shout/$maxRows_shout)-1;
$queryString_shout = "";
if (!empty($_SERVER['QUERY_STRING']))
{ $params = explode("&", $_SERVER['QUERY_STRING']);
$newParams = array();
foreach ($params as $param)
{ if (stristr($param, "pageNum_shout") == false &&
stristr($param, "totalRows_shout") == false)
{ array_push($newParams, $param);
}
}
if (count($newParams) != 0)
{ $queryString_shout = "&" . htmlentities(implode("&", $newParams));
}
}
$queryString_shout = sprintf("&totalRows_shout=%d%s", $totalRows_shout, $queryString_shout);
$queryString_shout = "";
if (!empty($_SERVER['QUERY_STRING']))
{ $params = explode("&", $_SERVER['QUERY_STRING']);
$newParams = array();
foreach ($params as $param)
{ if (stristr($param, "pageNum_shout") == false &&
stristr($param, "totalRows_shout") == false)
{ array_push($newParams, $param);
}
}
if (count($newParams) != 0)
{ $queryString_shout = "&" . htmlentities(implode("&", $newParams));
}
}
$queryString_shout = sprintf("&totalRows_shout=%d%s", $totalRows_shout, $queryString_shout);
$value= $row_point['Point'];
$updateSQL = sprintf("UPDATE user SET Total='" .$value. "' WHERE UserName = '%s'", $colname_user);
$result = mysql_query($updateSQL);
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<META HTTP-EQUIV="refresh" CONTENT=60;URL="ShoutBox.php" />
<title>Alex</title>
<SCRIPT language=JavaScript1.1>
<!-- Begin
function right(e)
{ if (navigator.appName == 'Netscape' && (e.which == 3 || e.which == 2))
return false;
else if (navigator.appName == 'Microsoft Internet Explorer' && (event.button == 2 || event.button == 3))
{ alert("Alexander © 2008");
return false;
}
return true;
}
document.onmousedown=right;
document.onmouseup=right;
if (document.layers) window.captureEvents(Event.MOUSEDOWN);
if (document.layers) window.captureEvents(Event.MOUSEUP);
window.onmousedown=right;
window.onmouseup=right;
// End -->
</SCRIPT>
<style type="text/css">
<!--
body {
cursor: url(http://www.hi5smile.com/cursors/mouse.ani);
background-color: #000000;
}
.style1
{ color:#999999;
font-family:"Copperplate Gothic Bold";
font-size:10px;
}
.style2
{ color:#000000;
font-family:Arial;
font-size:14px;
}
.style3
{ font-family: "Copperplate Gothic Bold";
font-size:14px;
color:#000000;
background-color: #990000;
border-top-color: #666666;
border-right-color: #666666;
border-bottom-color: #666666;
border-left-color: #666666;
border-color: #666666;
cursor: hand;
}
.style5
{ font-family: Arial;
font-size: 11px;
color:#999999;
}
.style6
{ font-family:"Copperplate Gothic Bold";
font-size: 14px;
color:#333333;
}
a:link
{ color: #999999;
text-decoration: none;
}
a:visited
{ text-decoration: none;
color: #999999;
}
a:hover
{ text-decoration: none;
color: #999999;
}
a:active
{ text-decoration: none;
color: #999999;
}
a
{
font-family: Arial;
font-size: 11px;
color: #999999;
}
-->
</style>
</head>
<body><div class="style6"></div>
<table width="420" height="63" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td height="23" colspan="7" valign="top">
<form onsubmit="return ValidateData(this);" action="<?php echo $editFormAction; ?>" method="POST" name="shout" id="shout"><div align="center"><input name="shout" type="text" class="style2" id="shout" onFocus="if(this.value=='Type Your Shout Here....')this.value='';" value="Type Your Shout Here...." size="45">
<label><input name="submit" type="submit" class="style3" id="submit" value="Shout It" alt="|| Enter To Shout ||"><input name="user" type="hidden" id="user" value="<?php echo $row_user['UserName']; ?>"><input name="Level" type="hidden" id="Level" value="<?php echo $row_user['Level']; ?>">
</label><input type="hidden" name="MM_insert" value="shout">
<input name="Pt" type="hidden" id="Pt" value="<?php echo $row_point['Point'] + 1; ?>">
</div></form></td>
</tr>
<tr>
<td width="25" height="20"><span class="style5"><a href="<?php printf("%s?pageNum_shout=%d%s", $currentPage, max(0, $pageNum_shout - 1), $queryString_shout); ?>"><img src="image/arrow/ICON_Left_Arrow.gif" width="20" height="20" border="0" alt="|| Back Pages ||"></a></span></td>
<td width="61"><span class="style1">Previous</span></td>
<td width="5"><div align="center" class="style5"></div></td>
<td width="256" class="style1"><div align="center"><?php echo min($totalPages_shout + 1, $pageNum_shout + 1); echo " of "; echo $totalPages_shout + 1; ?></div></td>
<td width="3" class="style5"> </td>
<td width="40" class="style5"><div align="center" class="style1">Next</div></td>
<td width="30" height="20" class="style5"><a href="<?php printf("%s?pageNum_shout=%d%s", $currentPage, min($totalPages_shout, $pageNum_shout + 1), $queryString_shout); ?>"><img src="image/arrow/ICON_Right_Arrow.gif" width="20" height="20" border="0" alt="|| Next Pages ||"></a></td>
</tr>
<tr>
<td height="5" colspan="7"> </td>
</tr>
<?php do { $text = $row_shout['Comments'];
$x=1;
$data = explode(" ", $text);
$count = count($data);
if ($data[0]=='/me')
{ echo "<tr class='style5'><td colspan=6>";
echo "<font color=white face='Segoe Print'><font color=#99000>||</font> " .$row_shout['UserName']. " ";
do{ echo($data[$x]);
echo " ";
$x++;
}while($x<=$count);
echo " <font color=#99000>||</font></font></td>";
$usr = $row_user['UserName'];
if ($row_shout['UserName']==$usr || $row_user['Level']=='Admin')
{ echo "<td><div align='center'><a href='DeleteShout.php?id=" .$row_shout['CommentsID']. "'><img src='image/delete/tong.gif' width=16 height=16 border=0 align='top' alt='|| Delete ||'></a>";
}
echo "</div></td></tr>";
}
if($data[0]!='/me')
{ echo "<tr><td colspan='2' valign='top'><span class='style5'>";
echo "<a href=User.php?user=";
echo $row_shout['UserName'];
if($row_shout['UserName'])
{ echo " title='|| " .ucfirst($row_shout['UserName']). " point is " .$row_shout['Point']. " ||'";
}
echo " target='home'>";
if($row_shout['UserName']=='alex')
{ echo "<font face='Comic Sans MS' color=#666666>" .ucfirst($row_shout['UserName']). "</font>";
}
if($row_shout['UserName']!='alex')
{ echo "<font color=#999999>" .$row_shout['UserName']. "</font>";
}
echo "</a>";
if($row_shout['Level']=='Admin')
{ echo "<img src='image/stat.gif' weight='12' height='12' align='middle' alt='AWS'>";
}
if($row_shout['Level']!='Admin' && $row_shout['Level']!='user')
{ echo "<img src='image/new/staz.gif' weight='12' height='12' align='middle' alt='AFS'>";
}
if($row_shout['Point']>200 && $row_shout['Point']<900)
{ echo "<img src='image/new/p1.gif' weight='20' height='20' align='absmiddle' alt='|| Point more than 200 ||'>";
}
if($row_shout['Point']>900 && $row_shout['Point']<2000)
{ echo "<img src='image/new/p3.gif' weight='20' height='20' align='absmiddle' alt='|| Point more than 900 ||'>";
}
if($row_shout['Point']>2000 && $row_shout['Point']<5000)
{ echo "<img src='image/new/p7.gif' weight='20' height='20' align='absmiddle' alt='|| Point more than 2000 ||'>";
}
if($row_shout['Point']>5000)
{ echo "<img src='image/new/smiley/hamtaro_smilies.gif' weight='18' height='18' align='absmiddle' alt='|| Point more than 5000 ||'>";
}
echo "</span></td><td width='30' valign='top'><div align='center'><span class='style5'><img src='image/arrow/hoRightBlueArrow.gif' height='12' width='12' align='absmiddle'></span></div></td>";
echo "<td colspan='3'><span class='style5'>";
if($row_shout['UserName']=='alex')
{ echo "<font face='Comic Sans MS' color=#666666>" .$row_shout['Comments']. "</font>";
}
if($row_shout['UserName']!='alex')
{ echo "<font color=#999999>" .$row_shout['Comments']. "</font>";
}
echo "</span></td><td class='style5' valign='top'><div align='center'>";
$usr = $row_user['UserName'];
if ($row_shout['UserName']==$usr || $row_user['Level']=='Admin')
{ echo "<a href='DeleteShout.php?id=" .$row_shout['CommentsID']. "'><img src='image/delete/tong.gif' width=16 height=16 border=0 align='top' alt='|| Delete ||'></a>";
}
echo "</div></td></tr>";
}
} while ($row_shout = mysql_fetch_assoc($shout)); ?>
</table>
<script language="JavaScript">
function ValidateData()
{ var alertsay = ""; // define for long lines
// alertsay is not necessary for your code,
// but I need to break my lines in multiple lines
// so the code won't extend off the edge of the page
// check to see if the field is blank
if (shout.shout.value == "")
{ alert("You must fill a shout field!!!");
shout.shout.focus();
return (false);
}
// check to see if the field is blank
if (shout.shout.value == "Type Your Shout Here....")
{ alert("You must fill a shout field!!!");
shout.shout.focus();
return (false);
}
}
</script>
</body>
</html>
<?php
mysql_free_result($shout);
mysql_free_result($user);
mysql_free_result($point);
?>