Da video sam postoji global.inc u tacnom direktorijumu config i ovakav mu je sadrzaj e sa sta ovde nije u redu ?
// DCP-Portal version
$dcp_version = "6.1 SE";
// Folder variables
$theme_root = "$root/themes";
$theme_url = "$root_url/themes";
$image_url = "$root_url/images";
// MySQL table names
$t_adverts = "dcp5_advertisers";
$t_agenda = "dcp5_agenda";
$t_anns = "dcp5_annoucements";
$t_banned = "dcp5_banned";
$t_banners = "dcp5_banners";
$t_cats = "dcp5_cats";
$t_comments = "dcp5_comments";
$t_config = "dcp5_config";
$t_contents = "dcp5_contents";
$t_dcats = "dcp5_doc_cats";
$t_docs = "dcp5_docs";
$t_faq = "dcp5_faq";
$t_fqcats = "dcp5_faq_cats";
$t_fcats = "dcp5_file_cats";
$t_forums = "dcp5_forum_boards";
$t_forum_msg = "dcp5_forum_messages";
$t_f_notify = "dcp5_forum_notify";
$t_frcats = "dcp5_forum_cats";
$t_informer = "dcp5_informer";
$t_lang = "dcp5_language";
$t_links = "dcp5_links";
$t_lcats = "dcp5_link_cats";
$t_mail = "dcp5_mail";
$t_members = "dcp5_members";
$t_msg = "dcp5_messages";
$t_news = "dcp5_news";
$t_online = "dcp5_online";
$t_poll_ans = "dcp5_poll_answers";
$t_polls = "dcp5_polls";
$t_rate = "dcp5_rating";
$t_read = "dcp5_isread";
$t_rel = "dcp5_releated";
$t_rmsg = "dcp5_read_message";
$t_themes = "dcp5_themes";
// Select site preferences
$connection = @mysql_connect($dbhost, $dbuser, $dbpass)
or die ("Can not connect to database");
$db = @mysql_select_db($dbname, $connection)
or die ("Can not select database.");
$sql = "SELECT * FROM $t_config";
$result = mysql_query($sql);
while ($row=mysql_fetch_array($result)) {
$site_name = $row["site_name"];
$admin_mail = $row["admin_mail"];
$site_lang = $row["site_lang"];
$site_theme = $row["site_theme"];
$max_anns = $row["max_anns"];
$max_content = $row["max_content"];
$max_news = $row["max_news"];
$max_links = $row["max_links"];
$max_forum = $row["max_forum"];
$index_cols = $row["index_cols"];
$sum_char = $row["summary"];
}
if (!isset($user_theme)) {
$user_theme = $site_theme;
}
$sql = "SELECT * FROM $t_themes WHERE name = '$user_theme'";
$result = mysql_query($sql);
while ($row=mysql_fetch_array($result)) {
$theme_bullet = $row["bullet"];
$light_bg = $row["light_bg"];
$subject_bg = $row["subject_bg"];
$anns_width = $row["anns_width"];
$anns_height = $row["anns_height"];
}
mysql_close($connection);
// Select the language file that will be included
if (isset($_GET["select_lang"])) {
setcookie('user_lang', $_GET["select_lang"], time()+2592000);
echo "<META HTTP-EQUIV=\"REFRESH\" CONTENT=\"0;URL=".$_SERVER["HTTP_REFERER"]."\">";
exit;
} else if (!isset($_GET["select_lang"]) && ($_COOKIE["user_lang"] == "")) {
$_COOKIE["user_lang"] = $site_lang;
}
if (!file_exists("$root/languages/".$_COOKIE["user_lang"]."/".$_COOKIE["user_lang"].".inc.php")) {
echo "<font size=\"4\" face=\"Verdana\" color=\"red\">ERROR! Selected language file could not found!<br>
Please check site configuration or delete the cookie for $root_url if you have selected any language before.</font>";
exit;
}
// Include language filea
include ("$root/languages/".$_COOKIE["user_lang"]."/".$_COOKIE["user_lang"].".inc.php");
include ("$root/languages/".$_COOKIE["user_lang"]."/".$_COOKIE["user_lang"]."_admin.inc.php");
// Include library
include ("$root/library/lib.php");
session_start();
// Thanks to Andy Prevost
if (strlen($_SERVER['QUERY_STRING']) > 0) {
$str = $_SERVER['QUERY_STRING'];
$arr = split('[;&]', URLdecode($str));
$pos = strpos($str, "'");
if ($pos) {
$hackattempt = true; }
$pos = strpos($str, '"');
if ($pos) {
$hackattempt = true;
}
while(list($key, $val) = each($arr)) {
$arr2 = split('=', $val);
while(list($key2, $val2) = each($arr2)) {
if ($key2 == 0) {
if ( (strtoupper(substr($val2, 0, 3)) == "SQL") ||
(strtoupper(substr($val2, 0, 5)) == "QUERY") ||
(strtoupper(substr($val2, 0, 8)) == "SHUTDOWN") ||
(strtoupper(substr($val2, 0, 7)) == "PROCESS") ||
(strtoupper(substr($val2, 0, 6)) == "REVOKE") ||
(strtoupper(substr($val2, 0, 6)) == "SELECT") ||
(strtoupper(substr($val2, 0, 6)) == "INSERT") ||
(strtoupper(substr($val2, 0, 6)) == "UPDATE") ||
(strtoupper(substr($val2, 0, 6)) == "CREATE") ||
(strtoupper(substr($val2, 0, 6)) == "DELETE") ||
(strtoupper(substr($val2, 0, 6)) == "CHANGE") ||
(strtoupper(substr($val2, 0, 6)) == "MODIFY") ||
(strtoupper(substr($val2, 0, 6)) == "RENAME") ||
(strtoupper(substr($val2, 0, 6)) == "RELOAD") ||
(strtoupper(substr($val2, 0, 5)) == "ALTER") ||
(strtoupper(substr($val2, 0, 5)) == "GRANT") ||
(strtoupper(substr($val2, 0, 5)) == "INDEX") ||
(strtoupper(substr($val2, 0, 4)) == "DROP") ||
(strtoupper(substr($val2, 0, 4)) == "QUIT") ||
(strtoupper(substr($val2, 0, 5)) == "ADMIN") ||
(strtoupper(substr($val2, 0, 11)) == "DCP5_MEMBER") ) {
$hackattempt = true;
}
}
}
}
if ($hackattempt) {
echo "<META HTTP-EQUIV=\"REFRESH\" CONTENT=\"0;URL=$root_url/index.php?\">";
exit();
}
}
?>
mozda nisam u pravu ali cini mi se da je sve podeseno, ustvari ne znam vi procenite pa mi recite de je ovde greska da je ispravim ?
There's no place like 127.0.0.1