Habe den Fehler gefunden:
Die Datei /include/admin/user.php beinhaltet dies:
if (!defined('ADMIN_BEREICH')) {
die("Hacking attempt");
}
Hier die komplette Datei:
<?php
/* ìlchClan
-------------------------------------------------------------|
Copyright : © by Manuel |
E-Mail : Webmaster@ilch.de |
Internet : www.ilch.de |
Version : v.1 |
Lastupdate : 13.12.2003 |
------------------------------------------------------------*/
if (!defined('ADMIN_BEREICH')) {
die("Hacking attempt");
}
//-----------------------------------------------------------|
switch($um) {
case 1 :
if( !empty ( $_GET['uID'] ) ) {
$abf = "SELECT * FROM ".$dbprefix."_user WHERE id = '".$_GET['uID']."'";
$erg = mysql_query($abf);
$row = mysql_fetch_object($erg);
$sig = stripslashes($row->sig);
$list = '';
$userrechte = array('Admin','Member','User','Gast');
$i = 1;
foreach($userrechte as $a) {
if ( $row->recht == $i ) {
$sel = ' selected';
} else {
$sel = '';
}
$list .= '<option'.$sel.' value="'.$i.'">'.$a.'</option>';
$i++;
}
$rankArray = Array( 0 => 'keiner');
$erg1 = mysql_query('SELECT * FROM `'.$dbprefix.'_ranks` WHERE spez = "1"');
while ($row1 = mysql_fetch_object($erg1) ) {
$rankArray[$row1->id] = $row1->bez;
}
$rankString = '';
foreach($rankArray as $key => $value) {
if ($key == $row->rang) {
$sel = ' selected';
} else {
$sel = '';
}
$rankString .= '<option'.$sel.' value="'.$key.'">'.$value.'</option>';
}
if ( $row->omail == 1 ) {
$MAJ = 'checked'; $MAN = '';
} else {
$MAJ = ''; $MAN = 'checked';
}
if ( $row->opm == 1 ) {
$PMJ = 'checked'; $PMN = '';
} else {
$PMJ = ''; $PMN = 'checked';
}
parse ( array ('NAME' => $row->name,
'UID' => $row->id ) , 'admin/user' , 2 );
parse ( array ('NAME' => $row->name,
'OPTIO' => $list,
'UID' => $row->id,
'MAIL' => $row->email,
'POSTS' => $row->posts,
'SPEZ' => $rankString,
'PAGE' => $row->page,
'MICH' => $row->mich,
'MSN' => $row->msn,
'AIM' => $row->aim,
'SKYPE' => $row->skype,
'YAHOO' => $row->yahoo,
'ORT' => $row->ort,
'GESCHLECHT' => $row->geschlecht,
'HOBBY' => $row->hobby,
'INTERESSEN' => $row->interessen,
'BERUF' => $row->beruf,
'CPU' => $row->cpu,
'RAM' => $row->ram,
'MOBO' => $row->mobo,
'HDD' => $row->hdd,
'OS' => $row->os,
'GRAKA' => $row->graka,
'MAUS' => $row->maus,
'TASTATUR' => $row->tastatur,
'INTERNET' => $row->internet,
'MONITOR' => $row->monitor,
'ICQ' => $row->icq,
'PMJ' => $PMJ, 'PMN' => $PMN,
'MAJ' => $MAJ, 'MAN' => $MAN,
'SIG' => $sig ) , 'admin/user' , 4 );
parse ( '' , 'admin/user' , 3 );
} else {
header ( 'location: ?m=user' );
}
break;
case 2 :
if ($_POST['userdel'] == 1) {
mysql_query('DELETE FROM '.$dbprefix.'_user WHERE id = "'.$_POST['uID'].'"') or die (mysql_error() );
wd ('?m=user','User wurde erfolgreich gelöscht');
} else {
$abf = "SELECT * FROM ".$dbprefix."_user WHERE id = '".$_POST['uID']."'";
$erg = mysql_query($abf);
$row = mysql_fetch_object($erg);
if ($_POST['userbild'] == 1) {
if ( file_exists('include/images/userbild/'.$_POST['uID'].$row->userbild) ) {
unlink ('include/images/userbild/'.$_POST['uID'].$row->userbild);
}
$userbildUpdate = 'userbild = "",';
} else {
$userbildUpdate = '';
}
if ($_POST['avater'] == 1) {
if ( file_exists('include/images/avata/'.$_POST['uID'].$row->avata) ) {
unlink ('include/images/avatar/'.$_POST['uID'].$row->avata);
}
$avataUpdate = 'avata = "",';
} else {
$avataUpdate = '';
}
if ($_POST['passw'] == 1) {
$newPass = genkey ( 8 );
$newPassMD5 = md5($newPass);
mail ( $row->email , 'neues Password' , "Hallo\n\nDein Password wurde soeben von einem Administrator geändert es ist nun:\n\n$newPass\n\nGruß der Administrator" , 'From: Administrator <'.$allgAr['adminMail'].'>');
mysql_query('UPDATE `'.$dbprefix.'_user` SET pass = "'.$newPassMD5.'" WHERE id = "'.$_POST['uID'].'"');
die ( 'ok' );
}
$_POST['txt'] = addslashes($_POST['txt']);
mysql_query('UPDATE '.$dbprefix.'_user
SET
name = "'.$_POST['usaName1'].'",
recht = "'.$_POST['urecht'].'",
sig = "'.$_POST['txt'].'",
email = "'.$_POST['email'].'",
posts = "'.$_POST['posts'].'",
rang = "'.$_POST['rang'].'",
mich = "'.$_POST['mich'].'",
cpu = "'.$_POST['cpu'].'",
ram = "'.$_POST['ram'].'",
graka = "'.$_POST['graka'].'",
hdd = "'.$_POST['hdd'].'",
os = "'.$_POST['os'].'",
internet = "'.$_POST['internet'].'",
monitor = "'.$_POST['monitor'].'",
mobo = "'.$_POST['mobo'].'",
maus = "'.$_POST['maus'].'",
tastatur = "'.$_POST['tastatur'].'",
page = "'.$_POST['page'].'",
msn = "'.$_POST['msn'].'",
aim = "'.$_POST['aim'].'",
geschlecht = "'.$_POST['geschlecht'].'",
hobby = "'.$_POST['hobby'].'",
interessen = "'.$_POST['interessen'].'",
beruf = "'.$_POST['beruf'].'",
'.$userbildUpdate.'
'.$avataUpdate.'
yahoo = "'.$_POST['yahoo'].'",
skype = "'.$_POST['skype'].'",
rang = "'.$_POST['spez'].'",
opm = "'.$_POST['pmcheck'].'",
omail = "'.$_POST['mailcheck'].'",
icq = "'.$_POST['icq'].'",
ort = "'.$_POST['ort'].'"
WHERE id = "'.$_POST['uID'].'"')or die (mysql_error() );
wd('?m=user&um=1&uID='.$_POST['uID'],'Das Profil wurde erfolgreich geändert');
}
break;
case 3 :
if ( empty ($ch) ) {
$row = mysql_fetch_object(mysql_query('SELECT * FROM `'.$dbprefix.'_user` WHERE id = "'.$uID.'"'));
parse ( array ('UID' => $row->id,
'NAME' => $row->name ) , 'admin/user' , 2 );
parse ( array ('UID' => $row->id) , 'admin/user' , 5 );
$_erg = mysql_query('SELECT * FROM `'.$dbprefix.'_forum` ORDER BY uid,pos');
while ($_row = mysql_fetch_object($_erg)) {
if ($bg_classe == 'Cmite') { $bg_classe = 'Cnorm'; } else { $bg_classe = 'Cmite'; }
$mods = explode ( '#' , $_row->mods );
echo '<tr class="'.$bg_classe.'"><td>'.$_row->name.'</td><td><select name="forum_add_'.$_row->id.'">';
if ( in_array( $row->id , $mods ) ) {
echo '<option value="0">Moderator</option>';
echo '<option value="2">kein Moderator</option>';
} else {
echo '<option value="0">kein Moderator</otpion>';
echo '<option value="1">Moderator</option>';
}
echo '</select></td></tr>';
}
parse ( '' , 'admin/user' , 6 );
parse ( '' , 'admin/user' , 3 );
} elseif ($ch == 'add') {
foreach ($_POST as $key => $a) {
if ( ereg ('forum_add_' , $key ) ) {
if ($a == 1 OR $a == 2) {
$fid = str_replace('forum_add_','',$key);
$row = mysql_fetch_object(mysql_query('SELECT * FROM `'.$dbprefix.'_forum` WHERE id = "'.$fid.'"'));
$mods = explode ( '#' , $row->mods );
}
if ( $a == 1 ) {
array_push($mods , $_POST['uID']);
} elseif ($a == 2 ) {
$search_key = array_search ($_POST['uID'],$mods);
unset ($mods[$search_key]);
}
if ($a == 1 OR $a == 2) {
$new_mods = implode ('#',$mods);
mysql_query('UPDATE `'.$dbprefix.'_forum` SET mods = "'.$new_mods.'" WHERE id = "'.$fid.'"');
}
}
}
wd('?m=user&um=3&uID='.$_POST['uID'],'Moderatoren Status wurde geändert');
}
break;
case 4 :
if ( empty ($ch) ) {
$row = mysql_fetch_object(mysql_query('SELECT * FROM `'.$dbprefix.'_user` WHERE id = "'.$_REQUEST['uID'].'"'));
parse ( array ('UID' => $row->id,
'NAME' => $row->name ) , 'admin/user' , 2 );
parse ( array ('UID' => $row->id) , 'admin/user' , 7 );
$erg = mysql_query('SELECT * FROM `'.$dbprefix.'_allg` WHERE k = "modulrechte" ORDER BY v2');
while ($row1 = mysql_fetch_object($erg)) {
if ($bg_classe == 'Cmite') { $bg_classe = 'Cnorm'; } else { $bg_classe = 'Cmite'; }
$mods = explode ( '#' , $row1->t1 );
echo '<tr class="'.$bg_classe.'"><td>'.$row1->v6.'</td><td><select name="modul_add_'.$row1->id.'">';
if ( in_array( $row->id , $mods ) ) {
echo '<option value="0">Moderator</option>';
echo '<option value="2">kein Moderator</option>';
} else {
echo '<option value="0">kein Moderator</otpion>';
echo '<option value="1">Moderator</option>';
}
echo '</select></td></tr>';
}
parse ( '' , 'admin/user' , 8 );
parse ( '' , 'admin/user' , 3 );
} elseif ($ch == 'add') {
foreach ($_POST as $key => $a) {
if ( ereg ('modul_add_' , $key ) ) {
if ($a == 1 OR $a == 2) {
$mid = str_replace('modul_add_','',$key);
$row = mysql_fetch_object(mysql_query('SELECT * FROM `'.$dbprefix.'_allg` WHERE id = "'.$mid.'"'));
$mods = explode ( '#' , $row->t1 );
}
if ( $a == 1 ) {
array_push($mods , $_POST['uID']);
} elseif ($a == 2 ) {
$search_key = array_search ($_POST['uID'],$mods);
unset ($mods[$search_key]);
}
if ($a == 1 OR $a == 2) {
echo '<br><br>';
$new_mods = implode ('#',$mods);
mysql_query('UPDATE `'.$dbprefix.'_allg` SET t1 = "'.$new_mods.'" WHERE id = "'.$mid.'"');
}
}
}
wd('?m=user&um=4&uID='.$_POST['uID'],'Moderatoren Status wurde geändert');
}
break;
default :
$erg = mysql_query("SELECT * FROM ".$dbprefix."_user ORDER BY name ASC");
parse ( '' , 'admin/user' , 0 );
while ($row = mysql_fetch_object($erg)) {
echo '<option value="'.$row->id.'">'.$row->name.'</option>';
}
parse ( '' , 'admin/user' , 1 );
}
?>
Wenn ich das
if (!defined('ADMIN_BEREICH')) {
die("Hacking attempt");
}
entferne, bekomme ich beim aufrufen von "verwalten " und "neuer User"
folgende Fehlermeldung:
Fatal error: Call to undefined function parse() in /usr/export/www/vhosts/funnetwork/hosting/saithorde/include/admin/user.php on line 303
Zeile 303 sieht bei mir so aus:
parse ( '' , 'admin/user' , 0 );
Hab gerade mal alle Module durchgesehen. Keines der verwendeten Module beinhaltet eine user.php Datei.
/edit:
Habe die user.php aus der Install-Zip von Version 1.1J neu hochgeladen und alles läfut wiedereinwandfrei.
Zuletzt modifiziert von SolidTC am 06.03.2008 - 22:42:25