Advertisement
Guest User

Codegate_120

a guest
Feb 24th, 2014
120
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 1.90 KB | None | 0 0
  1. <?php
  2. session_start();
  3.  
  4. $link = @mysql_connect('localhost', '', '');
  5. @mysql_select_db('', $link);
  6.  
  7. function RandomString()
  8. {
  9.   $filename = "smash.txt";
  10.   $f = fopen($filename, "r");
  11.   $len = filesize($filename);
  12.   $contents = fread($f, $len);
  13.   $randstring = '';
  14.   while( strlen($randstring)<30 ){
  15.     $t = $contents[rand(0, $len-1)];
  16.     if(ctype_lower($t)){
  17.     $randstring .= $t;
  18.     }
  19.   }
  20.   return $randstring;
  21. }
  22.  
  23. $max_times = 120;
  24.  
  25. if ($_SESSION['cnt'] > $max_times){
  26.   unset($_SESSION['cnt']);
  27. }
  28.  
  29. if ( !isset($_SESSION['cnt'])){
  30.   $_SESSION['cnt']=0;
  31.   $_SESSION['password']=RandomString();
  32.  
  33.   $query = "delete from rms_120_pw where ip='$_SERVER[REMOTE_ADDR]'";
  34.   @mysql_query($query);
  35.  
  36.   $query = "insert into rms_120_pw values('$_SERVER[REMOTE_ADDR]', '$_SESSION[password]')";
  37.   @mysql_query($query);
  38. }
  39. $left_count = $max_times-$_SESSION['cnt'];
  40. $_SESSION['cnt']++;
  41.  
  42. if ( $_POST['password'] ){
  43.  
  44.   if (eregi("replace|load|information|union|select|from|where|limit|offset|order|by|ip|\.|#|-|/|\*",$_POST['password'])){
  45.     @mysql_close($link);
  46.     exit("Wrong access");
  47.   }
  48.  
  49.   $query = "select * from rms_120_pw where (ip='$_SERVER[REMOTE_ADDR]') and (password='$_POST[password]')";
  50.   $q = @mysql_query($query);
  51.   $res = @mysql_fetch_array($q);
  52.   if($res['ip']==$_SERVER['REMOTE_ADDR']){
  53.     @mysql_close($link);
  54.     exit("True");
  55.   }
  56.   else{
  57.     @mysql_close($link);
  58.     exit("False");
  59.   }
  60. }
  61.  
  62. @mysql_close($link);
  63. ?>
  64.  
  65. <head>
  66. <link rel="stylesheet" type="text/css" href="black.css">
  67. </head>
  68.  
  69. <form method=post action=index.php>
  70.   <h1> <?= $left_count ?> times left </h1>
  71.   <div class="inset">
  72.   <p>
  73.     <label for="password">PASSWORD</label>
  74.     <input type="password" name="password" id="password" >
  75.   </p>
  76.   </div>
  77.   <p class="p-container">
  78.     <span onclick=location.href="auth.php"> Auth </span>
  79.     <input type="submit" value="Check">
  80.   </p>
  81. </form>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement