API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jul 24th, 2019
921
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 6.58 KB | None | 0 0
raw download clone embed print report
  1.  
  2. <?php
  3. $user='taras.ktl';
  4. $password='12345';
  5. $user_url='admin/chat_ktl/';
  6. $mail='[email protected]';
  7. $mail_ok=0; //0- отключить ; 1-включить потврездение на почту token
  8. //-- задержка IP----
  9. $file_i='admin/ip.bd';    
  10. if (file_exists($file_i)){}else{file_put_contents($file_i, $_SERVER['REMOTE_ADDR'].date("YmdHis"));chmod($file_i, 0777);}    
  11. $date_i=file_get_contents($file_i);
  12. if($date_i==$_SERVER['REMOTE_ADDR'].date("YmdHis")){die(); exit();}else{file_put_contents($file_i, $_SERVER['REMOTE_ADDR'].date("YmdHis"));}
  13. //-- задержка IP---
  14. $HOST_OK=''; if(isset($_SERVER['HTTP_REFERER'])){$HOST_OK=$_SERVER['HTTP_REFERER'];}
  15. if($HOST_OK==$_SERVER['REQUEST_SCHEME']."://".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']){$HOST_OK='OK';}else{$HOST_OK='STOP';}
  16. $token=''; if(isset($_POST["token"])){$token=htmlspecialchars(trim($_POST["token"]));}
  17. $username=''; if(isset($_POST["username"])){$username=htmlspecialchars(trim($_POST["username"]));}
  18. $userpassword=''; if(isset($_POST["userpassword"])){$userpassword=htmlspecialchars(trim($_POST["userpassword"]));}
  19. $token_i=time()-$token;
  20. ?><!doctype html>
  21. <html>
  22. <head>
  23. <meta charset="utf-8">
  24. <title>Админ-панель</title>
  25. <style>
  26. body {text-align:center}
  27. input{ display:block; width:300px; margin:10px auto; padding:7px 20px;}
  28. input{border:1px solid #aaa; box-shadow: 0px 0px 3px #ccc, 0 10px 15px #eee inset;border-radius:2px;}
  29. input:focus{background: #fff;border:1px solid #555;box-shadow: 0 0 3px #aaa;}
  30. /* Button Style */
  31. input[type='submit']{
  32.  width:340px;
  33.  background-color: #68b12f;
  34.  background: gradient(linear, left top, left bottom, from(#68b12f), to(#50911e));
  35.  background: linear-gradient(top, #68b12f, #50911e);
  36.  border: 1px solid #509111;
  37.  border-bottom: 1px solid #5b992b;
  38.  border-radius: 3px;
  39.  box-shadow: inset 0 1px 0 0 #9fd574;
  40.  color: white;
  41.  font-weight: bold;
  42.  padding: 7px 40px;
  43.  text-align: center;
  44.  text-shadow: 0 -1px 0 #396715;
  45. }
  46. input[type='submit']:hover {opacity:.85;cursor: pointer;}
  47. input[type='submit']:active { border: 1px solid #20911e;box-shadow: 0 0 10px 5px #356b0b inset;}
  48. .help input[type='submit']{ background-color:inherit; color:#009; border:0;box-shadow:none;}
  49. </style>
  50. </head>
  51. <body>
  52. <?php
  53.  if(!$username){?>
  54. <form action="./" method="post">
  55.     <p>Кто вы?</p>
  56.   <input type="text" name="username" />
  57.   <input type="submit" value="Отправь!" />
  58. </form>
  59. <?php }?>
  60.  
  61. <?php
  62.  
  63. if($username==$user&&0<=$token_i&&$token_i<=100&&$userpassword==$password&&$HOST_OK=='OK'){
  64. $HOST_OK='STOP';
  65. $plainpasswd=$password;
  66. //function crypt_apr1_md5($plainpasswd) {
  67.     $salt = substr(str_shuffle("abcdefghijklmnopqrstuvwxyz0123456789"), 0, 8);
  68.     $len = strlen($plainpasswd);
  69.     $text = $plainpasswd.'$apr1$'.$salt;
  70.     $bin = pack("H32", md5($plainpasswd.$salt.$plainpasswd));
  71.     for($i = $len; $i > 0; $i -= 16) { $text .= substr($bin, 0, min(16, $i)); }
  72.     for($i = $len; $i > 0; $i >>= 1) { $text .= ($i & 1) ? chr(0) : $plainpasswd{0}; }
  73.     $bin = pack("H32", md5($text));
  74.     for($i = 0; $i < 1000; $i++) {
  75.         $new = ($i & 1) ? $plainpasswd : $bin;
  76.         if ($i % 3) $new .= $salt;
  77.         if ($i % 7) $new .= $plainpasswd;
  78.         $new .= ($i & 1) ? $bin : $plainpasswd;
  79.         $bin = pack("H32", md5($new));
  80.     }
  81.     $tmp='';
  82.     for ($i = 0; $i < 5; $i++) {
  83.         $k = $i + 6;
  84.         $j = $i + 12;
  85.         if ($j == 16) $j = 5;
  86.         $tmp = $bin[$i].$bin[$k].$bin[$j].$tmp;
  87.     }
  88.     $tmp = chr(0).chr(0).$bin[11].$tmp;
  89.     $tmp = strtr(strrev(substr(base64_encode($tmp), 2)),
  90.     "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/",
  91.     "./0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz");
  92.     $htpasswd="$"."apr1"."$".$salt."$".$tmp;
  93.  
  94. $htpasswd=$user.':'.$htpasswd;
  95. file_put_contents($_SERVER['DOCUMENT_ROOT'].$user_url.'.htpasswd', $htpasswd);
  96.  
  97. $htaccess='
  98. deny from all
  99. allow from '.$_SERVER['REMOTE_ADDR'].'
  100.  
  101. AuthType Basic
  102. AuthName "'.$username.'"
  103. AuthUserFile '.$_SERVER['DOCUMENT_ROOT'].$user_url.'.htpasswd
  104. Require valid-user
  105. ';
  106. file_put_contents($_SERVER['DOCUMENT_ROOT'].$user_url.'.htaccess', $htaccess);
  107.  
  108. $port=$_SERVER['REQUEST_SCHEME'];//http;
  109. $host=$_SERVER['HTTP_HOST'];//http://webkiev.com/;
  110. $path='/'.$user_url;
  111. $fp='';$errno='stop';
  112. if($port=='https'){$fp  = @fsockopen('ssl://'.$host, 443, $errno, $errstr, 2);/*@fclose($fp);*/}
  113. if($port=='http'){$fp  = @fsockopen($host, 80, $errno, $errstr, 2);/*@fclose($fp);*/}
  114. $buf = '';
  115.        if ($fp) {
  116.            $Authorization=base64_encode($user.':'.$password);
  117.            $fputs=''.
  118.             "GET ".$path." HTTP/1.1\r\n".
  119.             "Host: ".$host."\r\n".
  120.             "Content-type: application/x-www-form-urlencoded\r\n".
  121.             "Authorization: Bearer ".$Authorization."\r\n".    
  122.             "Connection: close\r\n\r\n".
  123.             "";
  124.             fputs($fp,$fputs);    
  125.             while (!feof($fp)){$buf.= fgets($fp, 4096);}
  126.         }
  127. @fclose($fp);
  128. echo '<meta http-equiv="refresh" content="0; URL='.$path.'">';
  129.  }
  130.  if($username==$user&&$HOST_OK=='OK'){?>
  131. <form action="./" method="post">
  132. <p>Ваш IP <?php echo $_SERVER['REMOTE_ADDR']; ?> </p>
  133. <p>Дата <?php echo date("Y-m-d H:i:s"); ?></p>
  134. <?php
  135. if(!$mail_ok){
  136.     echo '<p>token <b>'.time().'</b> (ограничен во времени)</p>';
  137.     }else{
  138.     $text=time()."\n".
  139.     $_SERVER['REMOTE_ADDR']."\n".
  140.     $_SERVER['HTTP_USER_AGENT']."\n".
  141.     $password;
  142.     mail($mail,'Tokin to the site '.$HOST_OK,$text );
  143.     echo '<p><b>Token отправелен на почту</b> <br>(Token ограничен во времени!)</p>';//<------------ Отправка почты    
  144.     }
  145.   ?>
  146. <input type="text" name="token"  placeholder="<?php echo time(); ?>(Token)" required />
  147. <input type="text" name="username" placeholder="<?php echo $username; ?>" required />
  148. <input type="text" name="userpassword" placeholder="Ваш пароль" required />
  149. <input type="submit" value="Войти в аккаунт!" />
  150. <?php
  151. $help=''; if(isset($_POST["help"])){$help=htmlspecialchars(trim($_POST["help"]));
  152. if($help=="Восстановить пароль"){
  153.     $text=time()."\n".
  154.     $_SERVER['REMOTE_ADDR']."\n".
  155.     $_SERVER['HTTP_USER_AGENT']."\n".
  156.     $password;
  157.     mail($mail,'Password to the site '.$HOST_OK,$text );
  158.     echo '<p><b>Password отправелен на почту</b></p>';    
  159.     }
  160. } ?>
  161. <p class="help"><input type="submit" name="help" value="Восстановить пароль" /></p>
  162. </form>
  163. <?php }?>
  164. <p><a href="./">Обновить</a></p>
  165. </body>
  166. </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!