<?php
//----------------------------------------------------------------------
// CrawlProtect 2.0.0
//----------------------------------------------------------------------
// Protect your website from hackers
//----------------------------------------------------------------------
// Author: Jean-Denis Brun
//----------------------------------------------------------------------
// Website: www.crawlprotect.com
//----------------------------------------------------------------------
// That script is distributed under GNU GPL license
//----------------------------------------------------------------------
// file: file/admin.php
//----------------------------------------------------------------------
// Last update: 03/07/2010
//----------------------------------------------------------------------
if (!defined('IN_CRAWLPROTECT'))
{
echo"<h1>Hacking attempt !!!!</h1>";
exit();
}
if (!isset($_SESSION['loginok']) OR $_SESSION['loginok']!=1)
{
echo"<h1>Hacking attempt !!!!</h1>";
exit();
}
//variables init------------------------------------
$indexlist=array();
$dirlist=array();
$headerlist=array();
$footerlist=array();
$configlist=array();
$errorchangelogin=0;
$goodfilechmod=array();
$goodfilechmod[0]='0404';
$goodfilechmod[1]='0444';
$correctfilechmod=array();
$correctfilechmod[0]='0604';
$correctfilechmod[1]='0644';
$goodfolderchmod=array();
$goodfolderchmod[0]='0505';
$goodfolderchmod[1]='0555';
$correctfolderchmod=array();
$correctfolderchmod[0]='0705';
$correctfolderchmod[1]='0755';
//get variables-----------------------------------------
if(isset($_POST['logrecording']))
{
$logrecording2 = $_POST['logrecording'];
}
else
{
$logrecording2= 'ok';
}
if(isset($_POST['changelang']))
{
$changelang = $_POST['changelang'];
}
else
{
$changelang = '';
}
if(isset($_POST['changelogrecording']))
{
$changelogrecording = $_POST['changelogrecording'];
}
else
{
$changelogrecording = '';
}
if(isset($_POST['checkrelease']))
{
$checkrelease = $_POST['checkrelease'];
}
else
{
$checkrelease = 'no';
}
if(isset($_POST['refresh']))
{
$refresh = $_POST['refresh'];
}
else
{
$refresh = 'no';
}
//logout---------------------------------------------------------------
if(isset($_POST['logout']))
{
$logout = $_POST['logout'];
}
else
{
$logout = '';
}
if($logout=='ok')
{
$validuser=0;
session_destroy();
}
//change logrecording
if($changelogrecording=='ok')
{
changelogrecording($type);
}
else
{
getlogrecording($type);
}
//change file type to display
if(isset($_POST['changefile']))
{
$changefile = $_POST['changefile'];
}
else
{
$changefile = '';
}
if($changefile=='ok')
{
if(isset($_POST['folderlevel']))
{
$folderlevel = $_POST['folderlevel'];
}
else
{
$folderlevel = 'all';
}
if(isset($_POST['justbad']))
{
$justbad = $_POST['justbad'];
}
else
{
$justbad = 'no';
}
if(isset($_POST['whichfile']))
{
$whichfile = $_POST['whichfile'];
}
else
{
$whichfile = 'all';
}
if(isset($_POST['nocache']))
{
$nocache = $_POST['nocache'];
}
else
{
$nocache = 'no';
}
if(isset($_POST['nostats']))
{
$nostats = $_POST['nostats'];
}
else
{
$nostats = 'no';
}
if(isset($_POST['nologs']))
{
$nologs = $_POST['nologs'];
}
else
{
$nologs = 'no';
}
unset($_SESSION['filelist']);
unset($_SESSION['dirlist']);
changefilesetting($type);
}
//change language------------------------------------------------------
if(isset($_POST['changelang']))
{
$changelang = $_POST['changelang'];
}
else
{
$changelang = '';
}
if($changelang=='ok')
{
if(isset($_POST['lang']))
{
$lang = $_POST['lang'];
}
else
{
$lang = 2;
}
changelang($type);
}
//change origin hackers display mode------------------------------------------------------
if(isset($_POST['changegraph']))
{
$changegraph = $_POST['changegraph'];
}
else
{
$changegraph = '';
}
if($changegraph=='ok')
{
if(isset($_POST['graph']))
{
$graph = $_POST['graph'];
}
else
{
$graph = 1;
}
changegraph($type);
}
//language file-----------------------------------------------------------
getlanguage($type);
include ("".$languageuse."");
//file----------------------------------------------------------------------
getsetting($type);
if(!isset($justbad))
{
$justbad='no';
}
if(!isset($folderlevel))
{
$folderlevel='all';
}
if(!isset($nocache))
{
$nocache='no';
}
if(!isset($nostats))
{
$nostats='no';
}
if(!isset($nologs))
{
$nologs='no';
}
//refresh
refresh($type);
//check if CrawlProtect 1.8.1 htaccess file is in place
if(!isset($_SESSION['verif']))
{
if(file_exists('../.htaccess') )
{
if(function_exists('fopen'))
{
$file = fopen("../.htaccess", "r");
$existingfile = fread($file, filesize("../.htaccess"));
fclose($file);
if(preg_match("/CrawlProtect-2-0-0/i",$existingfile))
{
$_SESSION['verif']='ok';
}
else
{
$_SESSION['verif']='nook';
}
}
else
{
$_SESSION['verif']='notpossible';
}
}
else
{
$_SESSION['verif']='nook';
}
}
//CrawlProtect new release check
if(!isset($_SESSION['nofile']) && $checkrelease=='ok')
{
if(function_exists('fopen') && ini_get('allow_url_fopen')==1)
{
$nofile=0;
$file = fopen("http://www.crawlprotect.net/releasefile/release.txt", "r");
}
else
{
$nofile=1;
}
if ($nofile==0 && $file)
{
$release='';
while (!feof($file))
{
$data = fgets($file,1024);
$release=$release.$data;
}
fclose($file);
if($release=="")
{
//file empty
$nofile=1;
}
else
{
//test to know is the crawlprotect release is up to date.
if($release==$crawlprotect)
{
$yourrelease='ok';
}
else
{
$yourrelease='nook';
}
}
$_SESSION['nofile']=0;
$_SESSION['yourrelease']=$yourrelease;
}
else
{
$nofile=1;
$_SESSION['nofile']=1;
$_SESSION['yourrelease']=0;
}
}
//purge htaccess folder---------------------------------------------------
if(isset($_POST['purgehtaccess']))
{
$purgehtaccess = $_POST['purgehtaccess'];
}
else
{
$purgehtaccess = '';
}
if(isset($_POST['purgehtaccess2']))
{
$purgehtaccess2 = $_POST['purgehtaccess2'];
}
else
{
$purgehtaccess2 = '';
}
if($purgehtaccess=='ok')
{
echo"<br><br><br><br><br><br><div align=\"center\">\n";
$text1=$language['suppresshtaccess'];
$text2=$language['keephtaccess'];
echo"<h2>".$language['confirm_purge']."</h2><br>";
echo"<form action=\"index.php\" method=\"POST\">\n";
echo "<input type=\"hidden\" name ='navig' value='1'>\n";
echo "<input type=\"hidden\" name ='purgehtaccess2' value='ok'>\n";
echo"<input name='ok' type='submit' class='widebutton' value='$text1' size='20' >\n";
echo"</form> \n";
echo"<form action=\"index.php\" method=\"POST\">\n";
echo "<input type=\"hidden\" name ='navig' value='1'>\n";
echo "<input type=\"hidden\" name ='purgehtaccess2' value='nook'>\n";
echo"<input name='ok' type='submit' class='widebutton' value='$text2' size='20' >\n";
echo"</form> \n";
echo"</div><br><br><br>\n";
include("include/sponsors.php");
echo"<div class=\"footer\">\n";
echo"<a href=\"http://www.crawlprotect.com\" onclick=\"window.open(this.href);return(false);\">\n";
echo"CrawlProtect</a>\n";
echo"</div>\n";
echo"</div>\n";
echo"</body>\n";
echo"</html>\n";
exit();
}
if($purgehtaccess2=='ok')
{
$dir = dir('./htaccess/');
if(function_exists('chmod'))
{
chmod('./htaccess/', 0755);
}
while (false !== $entry = $dir->read())
{
// Skip pointers
if ($entry == '.' || $entry == '..')
{
continue;
}
unlink("./htaccess/$entry");
}
if(function_exists('chmod'))
{
chmod('./htaccess/',0505);
}
if(isset($_SESSION['filelist']))
{
unset($_SESSION['filelist']);
}
if(isset($_SESSION['dirlist']))
{
unset($_SESSION['dirlist']);
}
//clear the cache folder
$dir = dir('./cache/');
if(function_exists('chmod'))
{
chmod('./cache/',0755);
}
while (false !== $entry = $dir->read())
{
// Skip pointers
if ($entry == '.' || $entry == '..')
{
continue;
}
unlink("./cache/$entry");
}
}
//reset data--------------------------------------------------------------
if(isset($_POST['resetdata']))
{
$resetdata = $_POST['resetdata'];
}
else
{
$resetdata = '';
}
if(isset($_POST['resetdata2']))
{
$resetdata2 = $_POST['resetdata2'];
}
else
{
$resetdata2 = '';
}
if($resetdata=='ok')
{
echo"<br><br><br><br><br><br><div align=\"center\">\n";
$text1=$language['suppress'];
$text2=$language['keep'];
echo"<h2>".$language['confirm_zero']."</h2><br>";
echo"<form action=\"index.php\" method=\"POST\">\n";
echo"<input type=\"hidden\" name ='navig' value='1'>\n";
echo"<input type=\"hidden\" name ='resetdata2' value='ok'>\n";
echo"<input name='ok' type='submit' class='widebutton' value='$text1' size='20' >\n";
echo"</form> \n";
echo"<form action=\"index.php\" method=\"POST\">\n";
echo "<input type=\"hidden\" name ='navig' value='1'>\n";
echo "<input type=\"hidden\" name ='resetdata2' value='nook'>\n";
echo"<input name='ok' type='submit' class='widebutton' value='$text2' size='20' >\n";
echo"</form> \n";
echo"</div><br><br><br>\n";
include("include/sponsors.php");
echo"<div class=\"footer\">\n";
echo"<a href=\"http://www.crawlprotect.com\" onclick=\"window.open(this.href);return(false);\">\n";
echo"CrawlProtect</a>\n";
echo"</div>\n";
echo"</div>\n";
echo"</body>\n";
echo"</html>\n";
exit();
}
if($resetdata2=='ok')
{
resetdatas($type);
}
getdatas($type);
echo"<div align=\"center\"><br>\n";
echo"<p><b>". $_SERVER["HTTP_HOST"] ."</b> ".$language['is_protected_by_CrawlProtect']."</p>\n";
echo"<div align=\"right\" style=\"display:block; position:absolute; top:10px; right:10px; \">\n";
echo"<table><tr><td>\n";
$text=$language['home'];
echo"<form action=\"index.php\" method=\"POST\">\n";
echo "<input type=\"hidden\" name ='navig' value='0'>\n";
echo"<input name='ok' type='submit' value='$text' size='20' >\n";
echo"</form> \n";
echo"</td><td>\n";
$text=$language['fileandfolders'];
echo"<form action=\"index.php\" method=\"POST\">\n";
echo "<input type=\"hidden\" name ='navig' value='2'>\n";
echo"<input name='ok' type='submit' value='$text' size='20' >\n";
echo"</form> \n";
echo"</td><td>\n";
$text=$language['logout'];
echo"<form action=\"index.php\" method=\"POST\">\n";
echo "<input type=\"hidden\" name ='navig' value='0'>\n";
echo "<input type=\"hidden\" name ='logout' value='ok'>\n";
echo"<input name='ok' type='submit' value='$text' size='20' >\n";
echo"</form> \n";
echo"</td></tr></table>\n";
echo"</div>\n";
echo"<table width=\"100%\"><tr><td width=\"50%\" valign=\top\" align=\"center\">\n";
echo"<h2>".$language['admin']."</h2>\n";
$text=$language['htaccess'];
echo"<form action=\"index.php\" method=\"POST\">";
echo "<input type=\"hidden\" name ='navig' value='3'>\n";
echo"<input name='ok' type='submit' class='widebutton' value='$text' size='20' >";
echo"</form> ";
$text1=$language['reset_zero'];
echo"<form action=\"index.php\" method=\"POST\">\n";
echo "<input type=\"hidden\" name ='navig' value='1'>\n";
echo "<input type=\"hidden\" name ='resetdata' value='ok'>\n";
echo"<input name='ok' type='submit' class='widebutton' value='$text1' size='20' >\n";
echo"</form> \n";
if($type=='file')
{
$text3=$language['purge_htaccess'];
echo"<form action=\"index.php\" method=\"POST\">\n";
echo "<input type=\"hidden\" name ='navig' value='1'>\n";
echo "<input type=\"hidden\" name ='purgehtaccess' value='ok'>\n";
echo"<input name='ok' type='submit' class='widebutton' value='$text3' size='20' >\n";
echo"</form> \n";
}
$text2=$language['reset_login'];
echo"<form action=\"index.php\" method=\"POST\">\n";
echo "<input type=\"hidden\" name ='navig' value='0'>\n";
echo "<input type=\"hidden\" name ='changelogin' value='ok'>\n";
echo"<input name='ok' type='submit' class='widebutton' value='$text2' size='20' >\n";
echo"</form>\n";
//logs
echo"<br><form action=\"index.php\" method=\"POST\" >\n";
echo "<input type=\"hidden\" name ='navig' value='1'>\n";
echo"<h2>".$language['log-recording']."</h2>";
echo"<div align='left' style='padding-left:90px;'>";
echo "<input type=\"hidden\" name ='changelogrecording' value='ok'>\n";
if($logrecording=='ok')
{
echo"<input type=\"checkbox\" name=\"logrecording\" value=\"ok\" checked>".$language['enablerecording']."\n";
}
else
{
echo"<input type=\"checkbox\" name=\"logrecording\" value=\"ok\">".$language['enablerecording']."\n";
}
echo"</div><br>";
echo"<input name='ok' type='submit' value='OK' size='20' >\n";
echo"</p></form> \n";
//file selection
echo"<br><form action=\"index.php\" method=\"POST\" >\n";
echo "<input type=\"hidden\" name ='navig' value='1'>\n";
echo"<h2>".$language['file_modification']."</h2>";
echo "<input type=\"hidden\" name ='changefile' value='ok'>\n";
echo"<div align='left' style='padding-left:90px;'>";
if($whichfile=='hihfc')
{
echo"<input type=\"checkbox\" name=\"whichfile\" value=\"hihfc\" checked>".$language['selectfiles']."<br><br>\n";
}
else
{
echo"<input type=\"checkbox\" name=\"whichfile\" value=\"hihfc\">".$language['selectfiles']."<br><br>\n";
}
if($justbad=='ok')
{
echo"<input type=\"checkbox\" name=\"justbad\" value=\"ok\" checked>".$language['justbaddisplay']."<br><br>\n";
}
else
{
echo"<input type=\"checkbox\" name=\"justbad\" value=\"ok\">".$language['justbaddisplay']."<br><br>\n";
}
if($nocache=='ok')
{
echo"<input type=\"checkbox\" name=\"nocache\" value=\"ok\" checked>".$language['nocache']."<br><br>\n";
}
else
{
echo"<input type=\"checkbox\" name=\"nocache\" value=\"ok\">".$language['nocache']."<br><br>\n";
}
if($nostats=='ok')
{
echo"<input type=\"checkbox\" name=\"nostats\" value=\"ok\" checked>".$language['nostats']."<br><br>\n";
}
else
{
echo"<input type=\"checkbox\" name=\"nostats\" value=\"ok\">".$language['nostats']."<br><br>\n";
}
if($nologs=='ok')
{
echo"<input type=\"checkbox\" name=\"nologs\" value=\"ok\" checked>".$language['nologs']."<br><br>\n";
}
else
{
echo"<input type=\"checkbox\" name=\"nologs\" value=\"ok\">".$language['nologs']."<br><br>\n";
}
if($folderlevel=='restricted')
{
echo"<input type=\"checkbox\" name=\"folderlevel\" value=\"restricted\" checked>".$language['folderlevelrestricted']."<br><br>\n";
}
else
{
echo"<input type=\"checkbox\" name=\"folderlevel\" value=\"restricted\">".$language['folderlevelrestricted']."<br><br>\n";
}
echo"</div>";
echo"<input name='ok' type='submit' value='OK' size='20' >\n";
echo"</p></form> \n";
//language selection
echo"<form action=\"index.php\" method=\"POST\" >\n";
echo "<input type=\"hidden\" name ='navig' value='1'>\n";
echo"<h2>".$language['change_language']."</h2>";
echo "<input type=\"hidden\" name ='changelang' value='ok'>\n";
if($languageuse=='language/french.php')
{
echo"<p><input type=\"radio\" name=\"lang\" value=\"1\" checked>Français \n";
echo"<input type=\"radio\" name=\"lang\" value=\"2\">Anglais \n";
}
else
{
echo"<p><input type=\"radio\" name=\"lang\" value=\"1\">French \n";
echo"<input type=\"radio\" name=\"lang\" value=\"2\" checked>English \n";
}
echo"<input name='ok' type='submit' value='OK' size='20' >\n";
echo"</p></form> \n";
//origin display selection (graph or list)
echo"<form action=\"index.php\" method=\"POST\" >\n";
echo "<input type=\"hidden\" name ='navig' value='1'>\n";
echo"<h2>".$language['change_graph']."</h2>";
echo "<input type=\"hidden\" name ='changegraph' value='ok'>\n";
if($graph==1)
{
echo"<p><input type=\"radio\" name=\"graph\" value=\"1\" checked>".$language['graph']." \n";
echo"<input type=\"radio\" name=\"graph\" value=\"0\">".$language['list']." \n";
}
else
{
echo"<p><input type=\"radio\" name=\"graph\" value=\"1\">".$language['graph']." \n";
echo"<input type=\"radio\" name=\"graph\" value=\"0\" checked>".$language['list']." \n";
}
echo"<input name='ok' type='submit' value='OK' size='20' >\n";
echo"</p></form> \n";
echo"<br>\n";
echo"</td><td valign=\"top\" align=\"center\">\n";
echo"<h2>".$language['message']."</h2>\n";
if($checkrelease!='ok' && !isset($_SESSION['yourrelease']))
{
$text=$language['checkrelease'];
echo"<form action=\"index.php\" method=\"POST\">";
echo "<input type=\"hidden\" name ='navig' value='1'>";
echo "<input type=\"hidden\" name ='refresh' value='ok'>";
echo "<input type=\"hidden\" name ='checkrelease' value='ok'>";
echo"<input name='ok' type='submit' class='widebutton' value='$text' size='20' >";
echo"</form>";
}
else
{
if($_SESSION['nofile']==0 && $_SESSION['yourrelease']=='ok')
{
echo"<p >".$language['releaseok']."</p>\n";
}
elseif($_SESSION['nofile']==0 && $_SESSION['yourrelease']=='nook')
{
echo"<p>".$language['releasenook']."</p>\n";
}
}
if($_SESSION['verif']=='ok')
{
echo"<p>".$language['verifok']."</p>\n";
}
elseif($_SESSION['verif']=='nook')
{
echo"<p class=\"red\">".$language['verifnook']."</p>\n";
}
elseif($_SESSION['verif']=='notpossible')
{
echo"<p>".$language['verifnotpossible']."</p>\n";
}
echo"<div style=\"border: 1px solid #000; padding:10px; width:300px;\"><p style=\"font-size:12px; \">".$language['help_crawlprotect']."</p>";
if($languageuse=='language/french.php')
{
echo"<form action=\"https://www.paypal.com/cgi-bin/webscr\" method=\"post\">\n";
echo"<input type=\"hidden\" name=\"cmd\" value=\"_s-xclick\">\n";
echo"<input type=\"hidden\" name=\"hosted_button_id\" value=\"10304523\">\n";
echo"<input type=\"image\" src=\"https://www.paypal.com/fr_FR/FR/i/btn/btn_donate_LG.gif\" border=\"0\" name=\"submit\" alt=\"PayPal - la solution de paiement en ligne la plus simple et la plus sécurisée !\">\n";
echo"<img alt=\"\" border=\"0\" src=\"https://www.paypal.com/fr_FR/i/scr/pixel.gif\" width=\"1\" height=\"1\">\n";
echo"</form>\n";
}
else
{
echo"<form action=\"https://www.paypal.com/cgi-bin/webscr\" method=\"post\">\n";
echo"<input type=\"hidden\" name=\"cmd\" value=\"_s-xclick\">\n";
echo"<input type=\"hidden\" name=\"hosted_button_id\" value=\"10304614\">\n";
echo"<input type=\"image\" src=\"https://www.paypal.com/en_GB/i/btn/btn_donate_LG.gif\" border=\"0\" name=\"submit\" alt=\"PayPal - The safer, easier way to pay online.\">\n";
echo"<img alt=\"\" border=\"0\" src=\"https://www.paypal.com/fr_FR/i/scr/pixel.gif\" width=\"1\" height=\"1\">\n";
echo"</form>\n";
}
echo"<div align=\"right\"><p style=\"font-size:12px; font-style:italic;\">\n";
echo $language['thanks'];
echo"</p></div></div>\n";
echo"<br><br>\n";
echo"</td></tr></table>\n";
echo"<table with=\"800px\"><tr><td>\n";
echo "<h2>".$language['ipblocked']."</h2>";
//check IP already blocked
badip($type);
sort($listbadip);
echo"<div class='listip'>";
foreach ($listbadip as $value)
{
echo " ".$value."<br>";
}
echo"</div>";
echo"</td><td width=\"100px\">\n";
echo" \n";
echo"</td><td>\n";
echo "<h2>".$language['refererblocked']."</h2>";
//check referer already blocked
badreferer($type);
sort($listbadreferer);
echo"<div class='listip'>";
foreach ($listbadreferer as $value)
{
echo " ".$value."<br>";
}
echo"</div>";
echo"</td></tr></table>\n";
echo"<br><br><br><br>\n";
echo"</div>\n";
?>