Jump to content

Welcome to NulledBlog
Register now to gain access to all of our features. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more. If you already have an account, login here - otherwise create an account for free today!
Photo

[REQUEST] Shiftcode gpt script


  • Please log in to reply
No replies to this topic

#1
Harry1988

  • Offline
  • Lurker

  • Posts:
    1
    Reputation:
    0
    Joined:
    26 Mar, 2016

I have found a way to to get shiftcode gpt script. But unfortunately i have missing some files which is located below root folder. If anyone want to help me to get those missing files. then things what i need is: acces to shiftcode admin panel.

If i get all missing files then i will add this script into leak section.

 

Proof that i have this script

members/login.php

<?
/*--------------------------------------------------------*\
| Members - Login
| Author: Andrew Rosolino ([email protected])
\*--------------------------------------------------------*/

/*--------------------------------------------------------*\
| Grab the main source file.
\*--------------------------------------------------------*/
$_include = array(
	'security',
	'validate',
	'mail');
require_once('../main.php');

if($_user->valid)
	loginForward();

// Security Code
$_sec->id(_POST('secID'));

switch(action())
{
	case 'next':
		if(loginCheck())
			loginProceed();
		else
			loginForm();
		break;
	default:
		loginForm();
}

/*--------------------------------------------------------*\
| Login Form
\*--------------------------------------------------------*/
function loginForm()
{
	global $_dis,$_sec,$smarty,$_user;

	stripPost();

	$_user->data = array();
	$_user->id = 0;
	$_user->valid = false;

	$smarty->assign('secID',$_sec->id);
	$_dis->script('_members_login');
}

/*--------------------------------------------------------*\
| Login Check
\*--------------------------------------------------------*/
function loginCheck()
{
	global $_user,$_val,$_sec,$errors,$_db,$_mail,$_stats;
	
	stripInit();
	
	$fields = array(
		'username' => 'username',
		'password' => 'password');
	$_val->required($fields,'Please enter your %field%.');

	if(get('membershipLoginSecurityCode')=='yes')
		$_sec->validate('secCode');

	if($_sec->tryLoad('userLogin',1,10))
	{
		$errors[''] = 'You have made 10 invalid login attempts. You are locked out for 1 hour.';
		return false;
	}

	if(!count($errors))
	{
		if($_user->load('m.username',$_POST['username'],' AND m.status!=\'Deleted\''))
		{
			if($_POST['password']!=$_user->password)
				$errors[] = 'The username or password provided was invalid.';
			elseif($_user->data['status']=='Validating')
			{
				$_user->logout();
				exit(
					header('Location: '.SC_SPATH.'members/confirm.php?mid='.$_user->id));
			}
			else
			{
				$cookie = _COOKIE($_user->cookie.'X');
				if(strpos($line,':')!==false)
					list($username,$password) = explode(':',$cookie);
				else
					$usernames = $password = '';
				if(
					get('membershipCheaterControl') &&
					get('membershipCheaterControl')!='Do Nothing' &&
					!$_user->data['nosecurity'] &&
					$username!='' &&
					$username!=$_user->data['username'] &&
					$password==
						encrypt(
							$_db->get('
								SELECT password
								FROM '.dbPre().'members
								WHERE username=\''.addslashes($username).'\'')))
				{
					$_stats->minus('memberGeo',$_user->data['status'],$_user->data['geoLocation']);
					$_stats->add('memberGeo',get('membershipCheaterControl'),$_user->geo);
					$_user->data['status'] = get('membershipCheaterControl');
					$note = 'Cheater Control: Switching Users '.$_user->data['username'].' --> '.$username;
					$_db->query('
						UPDATE '.dbPre().'members
						SET
							status=\''.addslashes($_user->data['status']).'\',
							note=\''.addslashes($note).'\'
						WHERE
							username IN (\''.$_user->data['username'].'\',\''.$username.'\') AND
							nosecurity=0');
					if(get('alertsMemberStatus'))
					{
						$data = $_user->data;
						$data['password'] = '';
						$data['note'] = $note;
						$_mail->msg('members_adminStatus',$data);
					}
				}
			}
		}
		else
			$errors[] = 'The username or password provided was invalid.';
	}

	if(count($errors))
		$_sec->trySave('userLogin');

	return count($errors)==0;
}

/*--------------------------------------------------------*\
| Login Proceed
\*--------------------------------------------------------*/
function loginProceed()
{
	global $_user,$errors;

	$_user->login($_POST['remember']);

	if(!$_user->valid)
	{
		$errors = is_array($_user->error)?array_unique($_user->error):array();
		loginForm();
	}
	else
		loginForward();
}

/*--------------------------------------------------------*\
| Login Forward
\*--------------------------------------------------------*/
function loginForward()
{
	// Filter
	$path = preg_replace('/\r|\n/','',trim($_REQUEST['path']));
	
	// HTTP?
	if(preg_match('/^https?:\/\/[\w\d\.-]*'.SC_COOKIE.'/',$path))
		exit(
			header('Location: '.$path));

	if(preg_match('/^\//',$path))
		$path = substr($path,1);
	exit(
		header('Location: '.SC_SPATH.($path?$path:get('membershipHomepage'))));
}
?>

includes/user.php

<?
/*--------------------------------------------------------*\
| User Include
| Author: Andrew Rosolino ([email protected])
\*--------------------------------------------------------*/

class user
{
	var $admin,$valid = false;
	var $id = 0;
	var $force,$sqlLoad = '';
	
	/*--------------------------------------------------------*\
	| See if user logged in
	\*--------------------------------------------------------*/
	function check()
	{
		session_set_cookie_params(0,'/','.'.SC_COOKIE,false,true);
		session_start();

		$setCookie = false;

		if(isset($_COOKIE[$this->cookie]))
		{
			list($username,$password) = explode(':',$_COOKIE[$this->cookie]);
			if($this->valid($username,$password,true))
				return;
		}
		if(isset($_SESSION[$this->cookie]))
		{
			list($username,$password) = explode(':',$_SESSION[$this->cookie]);
			$this->valid($username,$password);
		}
	}

	/*--------------------------------------------------------*\
	| Try Login
	\*--------------------------------------------------------*/
	function valid($username,$password,$setCookie=false)
	{
		$admin = '';
		if(strpos($username,'|')!==false)
			list($username,$admin) = explode('|',$username);
		if(
			$this->load('username',$username,$this->sqlLoad) &&
			$password==encrypt($this->password.$this->force))
		{
			if($admin==encrypt(SC_SID))
				$this->admin = true;
			$this->login($setCookie,true,false);
			return true;
		}
		else
			return false;
	}

	/*--------------------------------------------------------*\
	| Log the user in.
	\*--------------------------------------------------------*/
	function login($cookie=false,$update=true,$fresh=true)
	{
		$username = $this->data['username'];
		if($this->admin)
			$username .= '|'.encrypt(SC_SID);

		$value = $username.':'.encrypt($this->password.$this->force);
		if($cookie)
			setcookie($this->cookie,$value,time()+31536000,'/','.'.SC_COOKIE,false,true);
		else
			setcookie($this->cookie,$value,time()+1800,'/','.'.SC_COOKIE,false,true);
		$_SESSION[$this->cookie] = $value;

		$this->valid = true;
		$this->data['valid'] = &$this->valid;

		if(method_exists($this,'_login'))
			$this->_login($fresh);

		if($update && method_exists($this,'update'))
			$this->update();
	}
	
	/*--------------------------------------------------------*\
	| Log the user out.
	\*--------------------------------------------------------*/
	function logout()
	{
		unset($_SESSION[$this->cookie]);
		setcookie($this->cookie,'',time()-31536000,'/','.'.SC_COOKIE);
		
		if(method_exists($this,'_logout'))
			$this->_logout();
	}
}
?>

includes/admin.php

<?
/*--------------------------------------------------------*\
| Admin Include
| Author: Andrew Rosolino ([email protected])
\*--------------------------------------------------------*/

class admin extends user
{
	var $data, $group, $groups, $admins = array();
	var $password = '';
	var $id, $gid = 0;
	var $super = false;

	/*--------------------------------------------------------*\
	| Load Admin
	\*--------------------------------------------------------*/
	function admin()
	{
		$this->cookie = 'SC_admin';
		$this->sqlLoad = '';
		$this->subs = 0;
		$this->check();
		$this->tree();
	}
	
	/*
	 * Get Alerts
	 */
	public function alerts()
	{
		global $_db;

		$alerts = array();
		$alerts['Alerts'] = array(
			'alerts/index.php',
			$_db->get('
				SELECT COUNT(*)
				FROM '.dbPre().'alerts'),
		);
		if($this->access('main','updates',true))
			$alerts['Updates'] = array(
				'updates/index.php',
				$_db->get('
					SELECT COUNT(*)
					FROM '.dbPre().'updates
					WHERE manual=1'),
			);
		if($this->access('main','trans','pending',true))
			$alerts['Transactions'] = array(
				'transactions/pending.php',
				$_db->get('
					SELECT COUNT(*)
					FROM '.dbPre().'orders o
					WHERE o.status=2'),
			);
		func('admin/:alerts',array(&$alerts));
		ksort($alerts);
		
		return $alerts;
	}

	/*--------------------------------------------------------*\
	| See if user logged in
	\*--------------------------------------------------------*/
	function isLogged($redirect=true)
	{
		global $_log;

		if(!$this->valid)
		{
			if($redirect)
				exit(
					header('Location: '.SC_APATH.'login.php?path='.urlencode(getURL())));
			else
				die('You are not logged in.');
		}
	}

	/*--------------------------------------------------------*\
	| Load user
	\*--------------------------------------------------------*/
	function load($key,$val,$xSQL='',$return=false)
	{
		global $_db;
		
		$q = $_db->query('
			SELECT *
			FROM '.dbPre().'admins
			WHERE
				'.$key.'=\''.$val.'\'
				'.$xSQL);
		if(!$_db->rows($q))
			return false;
	
		$data = $_db->fetch($q);
		
		if($return)
			return $data;

		$this->data = $data;
		$this->password = $this->data['password'];
		unset($this->data['password']);
		$this->data['prefs'] = (array)unserialize($this->data['prefs']);
		$this->id = $this->data['id'];
		$this->ugroup = $this->groupLoad($this->data['group'],true);
		$this->ugroup['rights'] = unserialize($this->ugroup['rights']);
		$this->ugroup['rights'] =
			is_array($this->ugroup['rights'])?
				array_flip($this->ugroup['rights']):
				array();
		$this->super = $this->data['username']=='shiftcode';

		return true;
	}

	/*--------------------------------------------------------*\
	| Load Admin Tree
	\*--------------------------------------------------------*/
	function tree()
	{
		global $_db,$_conf,$_prod;

		// Load
		$this->tree = array();
		$q = $_db->query('
			SELECT *
			FROM '.dbPre().'adminPages
			ORDER BY type,name');
		$pages = $_db->dump($q,'type','pid',true);

		// Main
		$this->tree['main'] = array(
			'config' => array('Configure','configure/index.php',
				'downtime' => array('Downtime','configure/downtime/index.php'),						
				'email' => array('E-mail','configure/email/index.php',
					'alerts' => array('Alerts','configure/email/alerts.php'),
					'msgs' => array('Messages','configure/email/messages.php')),
				'ips' => array('IP List','configure/ips/index.php'),
				'pay' => array('Payment Methods','configure/pay/index.php')),
			'trans' => array('Transactions','transactions/index.php',
				'monthly' => array('Monthly Stats','transactions/monthly.php'),
				'pending' => array('Pending Approval','transactions/pending.php'),
				'process' => array('Process','transactions/process.php'),
			),
			'updates' => array('Updates','updates/index.php'),
			'users' => array('Users & Groups','users/index.php'));
			
		// Files & Templates
		$this->tree['files'] = array(
			'file' => array('File Manager',array('<a href="javascript:;" onClick="modalDialogOpen(\''.SC_APATH.'files/index.php?dir=/&return=none\',640,465)">File Manager</a>')),
			'includes' => array('Includes','includes/index.php'),
			'pages' => array('Pages','pages/index.php'),
			'scripts' => array('Scripts','scripts/index.php'),
			'templates' => array('Templates','templates/index.php',
				'designer' => array('Designer Help Sheet','templates/sheet.php'),
				'logos' => array('Logos','templates/logos.php'),
				'nav' => array('Navigation','templates/nav.php')));
				
		// Products
		$this->tree['products'] = array();
		foreach($_prod->data as $k=>$v)
		{
			if(!$v['admin'])
				continue;

			$this->tree['products'][$v['dir']] = array($v['name'],$v['dir'].'/index.php');
			$this->treeSub($this->tree['products'][$v['dir']],$pages,$k);
		}

		// Plugins
		$this->tree['plugins'] = array();
		foreach((array)files($_conf['owner']['adminDir'].'/plugins',true) as $dir)
		{
			$plugin = explode("\n",@file_get_contents(SC_CPATH.$_conf['owner']['adminDir'].'/plugins/'.$dir.'/_info'));
			$this->tree['plugins'][$dir] = array($plugin[0],'plugins/'.$dir.'/index.php');
			$subs = array_slice($plugin,2);
			if(count($subs))
			{
				foreach($subs as $sub)
				{
					list($name,$link) = explode('|',$sub);
					$this->tree['plugins'][$dir][str_replace('.php','',$link)] = array($name,'plugins/'.$dir.'/'.$link);
				}
			}
		}
		foreach(explode("\n",get('apiPlugins')) as $plugin)
		{
			if($plugin=='') continue;
			list($name,$url) = explode(', ',$plugin);
			$this->tree['plugins'][strtolower($name).'!api'] = array($name,'api/plugin.php?plugin='.$name);
		}
		ksort($this->tree['plugins']);
	}

	/*--------------------------------------------------------*\
	| Load Admin Tree Sub
	\*--------------------------------------------------------*/
	function treeSub(&$src,&$pages,$k)
	{
		global $_prod;

		$v = $_prod->data[$k];
		if(isset($pages['admin'][$k]) && count($pages['admin'][$k]))
		{
			foreach($pages['admin'][$k] as $pk=>$pv)
			{
				if($pv['dep'] && $pv['depSubs'] && isset($pages['admin'][$pv['dep']]) && count($pages['admin'][$pv['dep']]))
				{
					$dv = $_prod->data[$pv['dep']];
					$name = basename($dv['dir']);
					$src[$name] = array($pv['name'],$v['dir'].'/'.$pv['page']);
					$this->treeSub($src[$name],$pages,$pv['dep']);
				}
				else
				{
					$name = str_replace('.php','',$pv['page']);
					$src[$name] = array($pv['name'],$v['dir'].'/'.$pv['page']);

					if($pv['name']=='Configure' && isset($pages['config'][$k]) && count($pages['config'][$k]))
					{
						foreach($pages['config'][$k] as $pk2=>$pv2)
							$src[$name][str_replace('.php','',$pv2['page'])] = array($pv2['name'],$v['dir'].'/'.$pv2['page']);
					}
				}
			}
		}
	}

	/*--------------------------------------------------------*\
	| Load Groups
	\*--------------------------------------------------------*/
	function groups()
	{
		static $loaded = false;
		global $_db;
		
		if($loaded==false)
		{
			$q = $_db->query('
				SELECT *
				FROM '.dbPre().'groups
				ORDER BY name');
			$this->groups = $_db->dump($q);
		}
	}

	/*--------------------------------------------------------*\
	| Load Group
	\*--------------------------------------------------------*/
	function groupLoad($id,$return=false)
	{
		global $_db;
		
		$this->groups();

		if(!isset($this->groups[$id]))
			return false;
		
		if($return)
			return $this->groups[$id];

		$this->group = $this->groups[$id];
		$this->gid = $this->group['id'];
		
		return true;
	}

	/*--------------------------------------------------------*\
	| Load Admins
	\*--------------------------------------------------------*/
	function admins()
	{
		static $loaded = false;
		global $_db;
		
		if($loaded==false)
		{
			$q = $_db->query('
				SELECT *
				FROM '.dbPre().'admins
				ORDER BY username');
			$this->admins = $_db->dump($q);
		}
	}
	
	/*--------------------------------------------------------*\
	| Update
	\*--------------------------------------------------------*/
	function update()
	{
		global $_db,$_log;
		
		$_db->query('
			UPDATE '.dbPre().'admins
			SET activity=NOW()
			WHERE id='.$this->id);
		$_db->query('
			UPDATE shiftcode.sites
			SET
				 activity=NOW(),
				 lastPage=\''.addslashes($_SERVER['PHP_SELF']).'\'
			WHERE id='.SC_SID);
		$_db->query('
			INSERT INTO shiftcode.trackAdmin(sid,username,ip,page,activity)
			VALUES (
				'.SC_SID.',
				\''.addslashes($this->data['username']).'\',
				'.ipaton($_SERVER['REMOTE_ADDR']).',
				\''.addslashes($_SERVER['PHP_SELF']).'\',
				NOW()
			)
			ON DUPLICATE KEY UPDATE
				page=\''.addslashes($_SERVER['PHP_SELF']).'\',
				activity=NOW()');
		$_log->logs('admin_'.$this->data['username']);
	}
	
	/*--------------------------------------------------------*\
	| Access
	\*--------------------------------------------------------*/
	function access()
	{
		$return = false;
		$items = func_get_args();

		if(current(array_slice($items,-1,1))===true)
		{
			$items = array_slice($items,0,count($items)-1);
			$return = true;
		}

		if(!isset($this->ugroup['rights']['_'.implode('_',$items).'_']) && !$this->ugroup['access'])
		{
			if($return)
				return false;
			else
				die('You do not have permission to view this page.');
		}
		
		return true;
	}
	
	/*--------------------------------------------------------*\
	| Restrict
	\*--------------------------------------------------------*/
	function restrict($useErrors=false,$gaincorp=false)
	{
		global $_pub,$_adv;

		if($gaincorp && !$this->super && ($_pub->id==1 || $_adv->id==1))
		{
			if($useErrors)
			{
				global $errors;
				$errors = array(''=>'Only the admin "gaincorp" can modify this account.');
			}
			else
				die('Only the admin "gaincorp" can modify this account.');
		}

		if(substr($this->data['username'],0,5)!='demo_')
			return;
		
		if($useErrors)
		{
			global $errors;
			$errors = array(''=>'Sorry, you are not allowed to modify/delete any content.');
		}
		else
			die('Sorry, you are not allowed to modify/delete any content.');
	}
	
	/*--------------------------------------------------------*\
	| On Server
	\*--------------------------------------------------------*/
	function onServer($useErrors=false,$die=false)
	{
		global $_conf,$_dis;
		if($_conf['owner']['server']==GainCorp::whoami())
			return;
		
		$msg = 'Your website is currently being transferred to a new server which means any type of file uploading is disabled at this time.';
		if($useErrors)
		{
			global $errors;
			$errors = array(''=>$msg);
		}
		elseif($die)
			die($msg);
		else
			$_dis->error($msg);
	}

	/*--------------------------------------------------------*\
	| Redirect
	\*--------------------------------------------------------*/
	function redirect($url)
	{
		return SC_SPATH.'notrack.php?url='.urlencode($url);
	}
	
	/*--------------------------------------------------------*\
	| Pref Get
	\*--------------------------------------------------------*/
	function prefGet($k)
	{
		if(isset($this->data['prefs'][$k]))
			return $this->data['prefs'][$k];
		else
			return '';
	}

	/*--------------------------------------------------------*\
	| Pref Set
	\*--------------------------------------------------------*/
	function prefSet($k,$v)
	{
		global $_db;

		$this->data['prefs'][$k] = $v;
		$_db->query('
			UPDATE '.dbPre().'admins
			SET prefs=\''.addslashes(serialize($this->data['prefs'])).'\'
			WHERE id='.$this->id);
	}
	
	/*--------------------------------------------------------*\
	| Include Code
	\*--------------------------------------------------------*/
	function includeCode($data)
	{
		$pars = arrayClean(array_map('trim',explode("\n",$data['pars'])));
		return '{~include file="'.$data['id'].'"'.(count($pars)?' '.implode(' ',$pars):'').'~}';
	}

	/*
	 * Replies
	 */
	public function replies($field,$width=385)
	{
		global $_form;

		$replies = unserialize(get('replies'));

		if($replies)
		{
			$_form->select('replies',array(''=>'Select Reply..')+$replies,false,true,'if(this.value!=\'\'){'.($field!==false?'insertTextareaText(this,\''.$field.'\');':'editor.insertHTML(this.value.replace(/\n/g,\'<br />\'));').'}',' style="width:'.$width.'px"');
		}
		else
		{
?>
			There are no replies setup. <a href="<?=SC_APATH?>configure/index.php" class="sub">[configure]</a>
<?
		}
	}

	/*--------------------------------------------------------*\
	| Table Status
	\*--------------------------------------------------------*/
	public function tableStatus($status)
	{
?>
<table cellpadding="0" cellspacing="0" style="border:0px;" align="center">
	<tr>
<?
		$last = end($status);
		foreach($status as $color=>$name)
		{
?>
		<td style="width:10px;background-color:#<?=$color?>;border:1px solid #000000">&nbsp;</td>
		<td style="padding: 0px <?=$v!=$last?20:0?>px 0px 4px"><b><?=$name?></b></td>
<?
		}
?>
	</tr>
</table>
<?
	}
}

$_admin = new admin;
?>

Edited by Harry1988, 26 March 2016 - 05:17 PM.

  • 0


0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users