IP : 3.14.141.139Hostname : host45.registrar-servers.comKernel : Linux host45.registrar-servers.com 4.18.0-513.18.1.lve.2.el8.x86_64 #1 SMP Sat Mar 30 15:36:11 UTC 2024 x86_64Disable Function : None :) OS : Linux
PATH:
/
home/
../
var/
softaculous/
drupal9/
../
./
kirby/
../
gallery/
../
jszip/
../
cpg/
_update.php/
/
<?php /** * Coppermine Photo Gallery * * v1.0 originally written by Gregory Demar * * @copyright Copyright (c) 2003-2021 Coppermine Dev Team * @license GNU General Public License version 3 or later; see LICENSE * * update.php * @since 1.6.12 */
define('SKIP_AUTHENTICATION', true); // If you don't remember the admin account data you're prompted for when running this file in your browser, umcomment the line above by removing the two slashes in front of it, upload that file to your webserver, run it in your browser. After successfully having run it, remember to restore the two slashes you removed and replace the "unsecure" version on your webserver with the "secure" version (the one that contains the double slashes).
if (!defined('SKIP_AUTHENTICATION')) { // try to include init.inc.php to get the "regular" coppermine user interface $error_reporting = error_reporting(E_ERROR); // silence all error reports but fatal ones ob_start(); // turn output buffering on - if including the regular coppermine files breaks, we can make sure that the output doesn't break the subsequent code include_once 'include/init.inc.php'; $output = ob_get_clean(); error_reporting($error_reporting); // set error reporting level back to how it used to be //echo $output; // For troubleshooting purposes, echo $output } session_start();
if (!function_exists('cpgGetMicroTime')) { function cpgGetMicroTime() { list($usec, $sec) = explode(" ", microtime()); return ((float)$usec + (float)$sec); } }
$DFLT = array( 'cfg_d' => 'include', // The config file dir 'cfg_f' => 'include/config.inc.php', // The config file name 'alb_d' => 'albums', // The album dir 'upl_d' => 'userpics', // The uploaded pic dir );
$superCage = Inspekt::makeSuperCage();
// If including includes/init.inc.php has worked as expected, the constants should be populated, so let's check that first if (!defined('SKIP_AUTHENTICATION') && defined('COPPERMINE_VERSION') && GALLERY_ADMIN_MODE) { $_SESSION['auth'] = true; } else { // we need to populate the language array require 'lang/english.php'; }
// --------------------- SELECT NEW DATABASE ACCESS METHOD --------------------- // // if a different dbase method is selected, we have to change the config and reload // the page to get to the correct dbase class if ($superCage->post->keyExists('action') && $superCage->post->getAlpha('action') == 'dbselect') { set_config_dbtype($superCage->post->getRaw('db_type')); if ($errors) { html_error($errors); } else { header('Location: update.php?dbswitch=1'); } exit; } if ($superCage->get->keyExists('dbswitch') && $superCage->get->getInt('dbswitch')) { define('SKIP_AUTHENTICATION', true); }
// ---------------------------- AUTHENTICATION --------------------------- // // SKIP_AUTHENTICATION is a constant that can be defined for users who can't retrieve any kind of password if (!defined('SKIP_AUTHENTICATION') && !$_SESSION['auth']) { html_header($lang_update_php['title']); if (!$superCage->post->keyExists('method')) { //first try to connect to the db to see if we can authenticate the admin test_sql_connection(); if ($errors != '') { //we could not establish an sql connection, so update can't be done (and user can't be autenticated) html_error($errors); } else { //echo a box for admin autentication html_auth_box('admin'); } } elseif ($superCage->post->getAlpha('method') == 'admin') { //try to autenticate the admin test_sql_connection(); $user = $superCage->post->getEscaped('user'); $pass = $superCage->post->getEscaped('pass');
// Check if column 'user_password_salt' exists in user table $result = cpg_db_query("SELECT * FROM {$CONFIG['TABLE_PREFIX']}users LIMIT 1"); $row = $result->fetchAssoc(true); $col_user_password_salt_exists = isset($row['user_password_salt']) ? true : false;
if ($col_user_password_salt_exists) { require 'include/passwordhash.inc.php'; $sql = "SELECT user_password, user_password_salt, user_password_hash_algorithm, user_password_iterations FROM {$CONFIG['TABLE_PREFIX']}users WHERE user_group = 1 AND user_name = '$user'"; $result = cpg_db_query($sql); $password_params = $result->fetchAssoc(true); }
if (!$col_user_password_salt_exists || !$password_params['user_password_salt']) { $sql = "SELECT user_active FROM {$CONFIG['TABLE_PREFIX']}users WHERE user_group = 1 AND user_name = '$user' AND (user_password = '$pass' OR user_password = '".md5($pass)."')"; $result = cpg_db_query($sql); if (!$result->numRows()) { //not authenticated, try mysql account details html_auth_box('MySQL'); die(); } } elseif (!cpg_password_validate($pass, $password_params)) { //not authenticated, try mysql account details html_auth_box('MySQL'); die(); } //authenticated, do the update $_SESSION['auth'] = true; start_update(); } else { //try to autenticate via MySQL details (in configuration) if ($superCage->post->getEscaped('user') == $CONFIG['dbuser'] && $superCage->post->getEscaped('pass') == $CONFIG['dbpass']) { //authenticated, do the update $_SESSION['auth'] = true; start_update(); } else { //no go, try again html_error($lang_update_php['could_not_authenticate'] . ' - <a href="update.php">' . $lang_update_php['try_again'] .'</a>'); } } html_footer(); } else { html_header($lang_update_php['title']); $_SESSION['auth'] = true; start_update(); html_footer(); }
// function definitions --- start // ------------------------- HTML OUTPUT FUNCTIONS ------------------------- //
// --------------------------------- MAIN CODE ----------------------------- // function start_update() { global $errors, $notes, $lang_update_php, $LINEBREAK; global $update_icon, $ok_icon, $already_done_icon, $error_icon, $file_system_icon;
if (!check_db_type()) return;
// The updater //html_header($lang_update_php['title']); test_sql_connection();
/** * Determining if the Alter Table actually made a change * to properly reflect it's status on the update page. */ if (strpos(strtolower($q), 'alter table') !== false) {
$query = explode(' ', $q);
$result = cpg_db_query("DESCRIBE " . $query[2]);
$description = array();
while ($row = $result->fetchRow()) { $description[] = $row; } $result->free();
EOT; // Encrypt the album password but only for those albums which have a password assigned. $result = cpg_db_query("update {$CONFIG['TABLE_PREFIX']}albums set alb_password=md5(alb_password) WHERE alb_password IS NOT NULL AND alb_password != '';");
if ($CONFIG['enable_encrypted_alb_passwords'] != NULL) { $result = cpg_db_query("update {$CONFIG['TABLE_PREFIX']}config set value = 1 WHERE name = 'enable_encrypted_alb_passwords'"); } else { $result = cpg_db_query("INSERT INTO {$CONFIG['TABLE_PREFIX']}config ( `name` , `value` ) VALUES ('enable_encrypted_alb_passwords', '1')"); } } else { echo <<< EOT <td class="{$cellStyle} updatesFail"> {$already_done_icon}{$lang_update_php['already_done']} </td> </tr>
EOT; } else { // Pre-install the core upload plugins cpg_db_query("INSERT INTO {$CONFIG['TABLE_PREFIX']}plugins (name, path, priority) VALUES ('CoreH5A Upload', 'upload_h5a', 0), ('CoreSWF Upload', 'upload_swf', 1), ('CoreSGL Upload', 'upload_sgl', 2)"); // And set the default mechanism to 'upload_h5a' cpg_db_query("UPDATE {$CONFIG['TABLE_PREFIX']}config SET value='upload_h5a' WHERE name='upload_mechanism'");
// employ any existing html5upload configurations $result = cpg_db_query("SELECT name,value FROM {$CONFIG['TABLE_PREFIX']}config WHERE name LIKE 'html5upload_config%'"); $cfgs = cpg_db_fetch_rowset($result, true); foreach ($cfgs as $cfg) { $cfgn = 'upload_h5a' . substr($cfg['name'], 18); $cfgv = cpg_db_escape_string($cfg['value']); cpg_db_query("INSERT INTO {$CONFIG['TABLE_PREFIX']}config VALUES ('{$cfgn}', '{$cfgv}')"); } }
// if there were no html5upload configs, set a default one if (!isset($cfgs) || !$cfgs) { cpg_db_query("INSERT INTO {$CONFIG['TABLE_PREFIX']}config VALUES ('upload_h5a', 'a:11:{s:10:\"concurrent\";i:3;s:8:\"upldsize\";i:0;s:8:\"autoedit\";i:1;s:8:\"acptmime\";s:7:\"image/*\";s:8:\"enabtitl\";i:0;s:8:\"enabdesc\";i:0;s:8:\"enabkeys\";i:1;s:8:\"enabusr1\";i:0;s:8:\"enabusr2\";i:0;s:8:\"enabusr3\";i:0;s:8:\"enabusr4\";i:0;}')"); }