Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?
- function debug($msg) { /* {{{ */
- if(array_key_exists("debug", $_GET)) {
- print "DEBUG: $msg<br>";
- }
- }
- function print_credentials() {
- if($_SESSION and array_key_exists("admin", $_SESSION) and $_SESSION["admin"] == 1) {
- print "You are an admin. The credentials for the next level are:<br>";
- print "<pre>Username: natas21\n";
- print "Password: <censored></pre>";
- } else {
- print "You are logged in as a regular user. Login as an admin to retrieve credentials for natas21.";
- }
- }
- function myread($sid) {
- debug("MYREAD $sid");
- if(strspn($sid, "1234567890qwertyuiopasdfghjklzxcvbnmQWERTYUIOPASDFGHJKLZXCVBNM-") != strlen($sid)) {
- debug("Invalid SID");
- return;
- }
- $filename = session_save_path() . "/" . "mysess_" . $sid;
- if(!file_exists($filename)) {
- debug("Session file doesn't exist");
- return "";
- }
- debug("Reading from ". $filename);
- $data = file_get_contents($filename);
- $_SESSION = array();
- foreach(explode("\n", $data) as $line) {
- debug("Read [$line]");
- //first key is admin, then second key is name -> limit 2 to store names with spaces eg (SIN JIA)
- $parts = explode(" ", $line, 2);
- //kk, this just assigns the $value to SESSION[$key] (eg value '0' to SESSION["admin"])
- if($parts[0] != "") $_SESSION[$parts[0]] = $parts[1]; //this is wtf? read the mywrite function
- } //SERIOUSLY WTF WHY SESSION HAS PARTS AND ANOTHER PARTS FUCK FUCK FUCK
- return session_encode();
- }
- function mywrite($sid, $data) {
- // $data contains the serialized version of $_SESSION
- // but our encoding is better
- debug("MYWRITE $sid $data");
- // make sure the sid is alnum only!!
- if(strspn($sid, "1234567890qwertyuiopasdfghjklzxcvbnmQWERTYUIOPASDFGHJKLZXCVBNM-") != strlen($sid)) {
- debug("Invalid SID");
- return;
- }
- $filename = session_save_path() . "/" . "mysess_" . $sid;
- $data = "";
- debug("Saving in ". $filename);
- ksort($_SESSION); //Only Sorts the keys, meaning (admin key then name key)
- foreach($_SESSION as $key => $value) {
- debug("$key => $value");
- $data .= "$key $value\n";
- }
- file_put_contents($filename, $data);
- chmod($filename, 0600);
- }
- session_set_save_handler(
- "myread",
- "mywrite");
- session_start();
- if(array_key_exists("name", $_REQUEST)) {
- $_SESSION["name"] = $_REQUEST["name"];
- debug("Name set to " . $_REQUEST["name"]);
- }
- print_credentials();
- $name = "";
- if(array_key_exists("name", $_SESSION)) {
- $name = $_SESSION["name"];
- }
- ?>
- <form action="index.php" method="POST">
- Your name: <input name="name" value="<?=$name?>"><br>
- <input type="submit" value="Change name" />
- </form>
- <div id="viewsource"><a href="index-source.html">View sourcecode</a></div>
- </div>
- </body>
- </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement