Thread: help
View Single Post
Old
  (#25)
Himmler is Offline
Major
 
Himmler's Avatar
 
Posts: 6,938
Join Date: Nov 2002
Location: Behind You...
  Send a message via AIM to Himmler  
Default 08-23-2005, 06:57 PM

Quote:
Originally Posted by Bleuachdu
Quote:
Originally Posted by Himmler
Also, anyone know why my .htaccess file doesn't show up in the folder i put it in for ftp?
.htaccess files are hidden by default in Unix systems. If you uploaded it successfully, it will be there. what are you trying to do with .htaccess?

also, what php functionality does the template give you? Even though it isn't phpnuke, its still probably php-injection h4x. search the index.php file for any of these:

[code:1b411]<? ?>[/code:1b411]

post whats between them, unless its a huge script.
im using the htaccess to ban an IP i found suspicious in the logs. here is the script:

[code:1b411]

php
$mysql_table = "cp_news";
require_once ("required.inc.php");
getHeader();
if (!$_REQUEST[s]) {
$s = 0;
$result = MYSQL_QUERY("SELECT * FROM $mysql_table ORDER BY topic_id DESC LIMIT $max_news") or die (mysql_error());
} else {
$s = $_REQUEST['s'];
$result = MYSQL_QUERY("SELECT * FROM $mysql_table ORDER BY topic_id DESC LIMIT $max_news, $s") or die (mysql_error());
}
$count = MYSQL_QUERY("SELECT * FROM $mysql_table") or die (mysql_error());
$rows = mysql_num_rows($count);
if ($rows == "0") {
echo "
<h2> no news! </h2>


There are no news items </p>

";
} else {
while ($mysql=mysql_fetch_array($result)) {
echo "<h2><span>" . $mysql[topic_date] . "</span>" . checkContent($mysql[news_topic]) . "</h2>


Posted By: <span>" . checkContent($mysql[news_author]) . "</span>



" . checkContent($mysql[news_message]) . "
</p>
";
}
}
echo "<center>";

if ($s != "0") {
$p = $s - $max_news;
echo "
Back " . $max_news . " | ";
}
echo "Home";
if ($s+$max_news < $rows) {
$n = $s + $max_news;
echo " | Next " . $max_news . "";
}
echo "</center>";
getFooter();

[/code:1b411]

Quote:
Originally Posted by yeaprollytwo
wow, you suck
gtfo of my thread
  
Reply With Quote