I'm pretty sure you can disable it from admin pan but try this..
/login.php
PHP Code:
<?php
/*
+--------------------------------------------------------------------------
| TS Special Edition v.4.3
| ========================================
| by xam
| (c) 2005 - 2007 Template Shares Services
| http://templateshares.net
| ========================================
| Web: http://templateshares.net
| Time: April 23, 2008, 7:23 am
| Signature Key: TSSE00282008
| Email: contact@templateshares.net
| TS SE IS NOT FREE SOFTWARE!
+---------------------------------------------------------------------------
*/
require_once("include/bittorrent.php");
include_once(INC_PATH.'/functions_security.php');
include_once(INC_PATH.'/functions_login.php');
gzip();
dbconn();
failedloginscheck();
cur_user_check() ;
$lang->load('login');
define('L_VERSION', '1.2 by xam');
$do = isset($_GET['do']) ? $_GET['do'] : (isset($_POST['do']) ? $_POST['do'] : '');
if ($do == 'activation_code')
{
function show_activation_errors()
{
global $activation_error, $lang;
if (count($activation_error) > 0)
{
$errors = implode('<br />', $activation_error);
echo '
<table class="main" border="1" cellspacing="0" cellpadding="5" width="100%">
<tr>
<td class="thead">
'.$lang->global['error'].'
</td>
</tr>
<tr>
<td>
<font color="red">
<strong>
'.$errors.'
</strong>
</font>
</td>
</tr>
</table>
<br />
';
}
}
if ($_SERVER['REQUEST_METHOD'] == 'POST')
{
$activation_error = array();
$lang->load('signup');
$email = isset($_POST['email']) ? htmlspecialchars_uni($_POST['email']) : '';
if (empty($email) OR !check_email($email))
{
$activation_error[] = $lang->signup['invalidemail'];
}
else if(EmailBanned($email))
{
$activation_error[] = $lang->signup['invalidemail2'];
}
if (count($activation_error) == 0)
{
$email = safe_email($email);
$res = sql_query("SELECT id, username, editsecret FROM users WHERE enabled = 'yes' AND status = 'pending' AND email = ".sqlesc($email)." LIMIT 1");
if (mysql_num_rows($res) == 0)
{
$activation_error[] = $lang->login['resend4'];
}
else
{
$row = @mysql_fetch_assoc($res) or stderr($lang->global['error'], $lang->global['dberror']);
$body = sprintf($lang->signup['verifiyemailbody'], $row['username'], $SITENAME, $email, htmlspecialchars_uni($_SERVER['REMOTE_ADDR']), $BASEURL, $row['id'], md5($row['editsecret']), $REPORTMAIL);
sent_mail($email,sprintf($lang->signup['verifiyemailsubject'],$SITENAME),$body,"signup",false);
header("Location: $BASEURL/ok.php?type=signup&email=" . urlencode($email));
exit;
}
}
}
stdhead($lang->login['resend'], false, 'collapse');
show_activation_errors();
echo '
<form method="post" action="'.$_SERVER['SCRIPT_NAME'].'">
<input type="hidden" name="do" value="activation_code">
<table class="main" border="1" cellspacing="0" cellpadding="5" width="100%">
<tr>
<td align="left" class="thead" colspan="2">
'.$lang->login['resend'].'
</td>
</tr>
<tr>
<td align="right" width="60%">
<b>'.sprintf($lang->login['resend2'], $SITENAME).'</b>
</td>
<td align="left" width="40%">
<input type="text" name="email" value=""> <input type="submit" value="'.$lang->login['resend3'].'">
</td>
</tr>
</table>
</form>
';
stdfoot();
exit;
}
stdhead($lang->login['head'], false, 'collapse');
require_once(INC_PATH.'/class_page_check.php');
$newpage = new page_verify();
$newpage->create('login');
$username = isset($_GET['username']) ? htmlspecialchars_uni($_GET['username']) : (!empty($_COOKIE['ts_username']) ? htmlspecialchars_uni($_COOKIE['ts_username']) : '');
if (!empty($_GET["returnto"]))
{
$returnto = urldecode($_GET["returnto"]);
if (!$_GET["nowarn"])
$error = "<tr><td colspan=\"2\"><div class=\"error\">".$lang->login['loginfirst']."</div></td></tr>";
}
elseif (!empty($_GET['error']))
{
if ($_GET['error'] == 1)
$error = "<tr><td colspan=\"2\"><div class=\"error\">".sprintf($lang->login['error1'], remaining())."</div></td></tr>";
elseif ($_GET['error'] == 2)
$error = "<tr><td colspan=\"2\"><div class=\"error\">".sprintf($lang->global['invalidimagecode'], remaining())."</div></td></tr>";
elseif ($_GET['error'] == 3)
$error = "<tr><td colspan=\"2\"><div class=\"error\">".$lang->global['dontleavefieldsblank']."</div></td></tr>";
elseif ($_GET['error'] == 4)
$error = "<tr><td colspan=\"2\"><div class=\"error\">".sprintf($lang->global['incorrectlogin'], '<a href="'.$BASEURL.'/recover.php">')."</div></td></tr>";
}
# begin showlastXtorrents
if ($showlastxtorrents == 'multi')
{
$lang->load('index');
$extra1 = ($showimages == 'yes' ? ",torrents.t_image," : ",torrents.added,torrents.seeders,torrents.leechers,");
$extra2 = ($showimages == 'yes' ? " AND torrents.t_image != '' " : "");
$colspan = ($showimages == 'yes' ? "5" : "4");
$sql = 'SELECT torrents.id,torrents.name'.$extra1.'categories.vip FROM torrents LEFT JOIN categories ON torrents.category = categories.id WHERE torrents.visible = \'yes\' AND torrents.banned=\'no\''.$extra2.'ORDER BY added DESC LIMIT 0,'.$i_torrent_limit;
$result = sql_query($sql);
if( mysql_num_rows($result) != 0 )
{
$showlastXtorrents = '
<!-- begin showlastXtorrents -->
<br />
<script type="text/javascript">
function borderit(which,color)
{
if (document.all||document.getElementById)
{
which.style.borderColor=color
}
};
</script>
<table border="0" cellspacing="0" cellpadding="5" width="100%">
<tr>
<td align="center" class="thead" colspan="'.$colspan.'">
'.ts_collapse('showlastXtorrents').'
'.$SITENAME.' '.sprintf($lang->index['lasttorrents'], $i_torrent_limit).'
</td>
</tr>';
if ($showimages != 'yes')
$showlastXtorrents .= '
<tr>
<td class="subheader" align="left">'.$lang->index['name'].'</td>
<td class="subheader" align="left">'.$lang->index['uploaddat'].'</td>
<td class="subheader" align="center">'.$lang->index['seeders'].'</td>
<td class="subheader" align="center">'.$lang->index['leechers'].'</td>
</tr>';
else
$showlastXtorrents .= '
'.ts_collapse('showlastXtorrents', 2).'
<tr>';
$i_count = $i_done = 0;
while( $row = mysql_fetch_assoc($result) )
{
if ($usergroups['canviewviptorrents'] != 'yes' && $row['vip'] == 'yes')
continue;
$seolink = ts_seo($row['id'], $row['name'], 's');
$fullname = htmlspecialchars_uni($row['name']);
if ($showimages != 'yes')
{
$added = my_datee($dateformat, $row['added']).' '.my_datee($timeformat, $row['added']);
$showlastXtorrents .= '
<tr>
<td align="left">
<a href="'.$seolink.'" alt="'.$fullname.'" title="'.$fullname.'"><b>' . cutename($fullname, 50) . '</b></a>
</td>
<td align="left">
' . $added . '
</td>
<td align="center">
' . ts_nf($row['seeders']) . '
</td>
<td align="center">
' . ts_nf($row['leechers']) . '
</td>
</tr>';
}
else
{
if ($i_count > 0 && $i_count % 5 == 0)
{
$showlastXtorrents .= '
</tr>
<tr>';
}
$showlastXtorrents .= '
<td align="center" class="tcat">
<a href="'.$seolink.'"><img src="'.htmlspecialchars_uni($row['t_image']).'" width="125" height="125" alt="' . $fullname . '" title="' . $fullname . '" class="borderimage" onmouseover="borderit(this,\'black\')" onmouseout="borderit(this,\'white\')" /></a>
</td>';
$i_count++;
}
}
$trows = $i_torrent_limit - $i_count;
if ($trows > 0 && $i_count > 0)
{
for ($i = 0; $i < $trows; $i++)
{
$showlastXtorrents .= '<td> </td>';
}
}
$showlastXtorrents .= ($showimages == 'yes' ? '</tr>' : '').'
</tbody>
</table><br>
<!-- end showlastXtorrents -->';
echo $showlastXtorrents;
}
}
# end showlastXtorrents
echo '
<form method="post" action="takelogin.php">
<table border="0" cellpadding="5" width="100%">
<tr><td colspan="2" class="thead" align="center">
'.ts_collapse('loginarea').'
'.$SITENAME.' '.$lang->login['head'].'
</td></tr>';
if (isset($error))
echo $error;
echo
ts_collapse('loginarea',2).'
<tr>
<td class="rowhead">'.$lang->login['username'].'</td>
<td align="left"><input type="text" name="username" class="inputUsername" value="'.$username.'" /></td>
</tr>
<tr>
<td class="rowhead">'.$lang->login['password'].'</td>
<td align="left"><input type="password" name="password" class="inputPassword" value="" /></td>
</tr>';
//show_image_code ();
if ($securelogin == "yes")
$sec = "CHECKED DISABLED /";
elseif ($securelogin == "no")
$sec = "DISABLED /";
elseif ($securelogin == "op")
$sec = " /";
echo '
<tr><td class="rowhead"><input type="checkbox" class="none" name="logout" style="vertical-align: middle;" value="yes" />'.$lang->login['logout15'].'
<input type="checkbox" class="none" name="logintype" style="vertical-align: middle;" value="yes" '.$sec.'>'.$lang->login['securelogin'].'</td>
<td align="left"><input type="submit" value="'.$lang->login['login'].'" /> <input type="reset" value="'.$lang->login['reset'].'" /></td></tr>
';
if (isset($returnto))
print("<input type=\"hidden\" name=\"returnto\" value=\"" . htmlspecialchars_uni($returnto) . "\" />\n");
echo '
</tbody></table></form>
'.$lang->login['footer'];
stdfoot();
?>
/takelogin.php
PHP Code:
<?
require_once 'include/bittorrent.php';
include_once INC_PATH . '/functions_security.php';
include_once INC_PATH . '/functions_login.php';
gzip ();
dbconn ();
failedloginscheck ();
cur_user_check ();
define ('TL_VERSION', '0.5 by xam');
require_once INC_PATH . '/class_page_check.php';
$newpage = new page_verify ();
$newpage->check ('login');
getvar (array ('username', 'password'));
$lang->load ('login');
if ((empty ($username) OR empty ($password)))
{
header ('Location: ' . $BASEURL . '/login.php?error=3&username=' . htmlspecialchars_uni ($username));
exit ();
}
/* if ($iv == 'yes')
{
check_code ($_POST['imagestring'], 'login.php', true, '&username=' . htmlspecialchars_uni ($username));
}
*/
$res = sql_query ('SELECT id, passhash, secret, enabled, usergroup, status, notifs FROM users WHERE username = ' . sqlesc ($username) . ' LIMIT 1');
$row = @mysql_fetch_assoc ($res);
if ((empty ($row) OR !$row))
{
failedlogins ('silent');
header ('Location: ' . $BASEURL . '/login.php?error=1&username=' . htmlspecialchars_uni ($username));
exit ();
}
$ipaddress = getip ();
if ($row['passhash'] != md5 ($row['secret'] . $password . $row['secret']))
{
$md5pw = md5 ($password);
$iphost = @gethostbyaddr ($ipaddress);
failedlogins ('login', false, true, true, (int)$row['id']);
header ('Location: ' . $BASEURL . '/login.php?error=4&username=' . htmlspecialchars_uni ($username));
exit ();
}
if ($row['enabled'] == 'no')
{
stderr ($lang->login['banned'], $row['notifs']);
}
else
{
if ($row['status'] == 'pending')
{
stderr ($lang->global['error'], $lang->login['pending']);
}
}
$passh = $row['passhash'];
logoutcookie ();
if ((isset ($_POST['logout']) AND $_POST['logout'] == 'yes'))
{
logincookie ($row['id'], $passh, 15);
if ($_POST['logintype'] == 'yes')
{
sessioncookie ($row['id'], $passh, true, true);
}
else
{
sessioncookie ($row['id'], $passh, true);
}
}
else
{
logincookie ($row['id'], $passh);
if ($_POST['logintype'] == 'yes')
{
sessioncookie ($row['id'], $passh, true, true);
}
else
{
sessioncookie ($row['id'], $passh);
}
}
sql_query ('DELETE FROM loginattempts WHERE banned = \'no\' AND ip = ' . sqlesc ($ipaddress));
$cut = TIMENOW - TS_TIMEOUT;
sql_query ('DELETE FROM ts_sessions WHERE lastactivity < ' . sqlesc ($cut) . ' OR sessionhash = ' . sqlesc (md5 ($ipaddress . htmlspecialchars_uni (strtolower ($_SERVER['HTTP_USER_AGENT'])))));
if (!empty ($_POST['returnto']))
{
$returnto = $_POST['returnto'];
}
else
{
$returnto = 'index.php';
}
redirect ($returnto, $lang->login['logged']);
?>
/include/functions_security.php
PHP Code:
<?
/* function show_image_code ($submitbutton = false, $buttonname = 'go')
{
global $iv;
global $BASEURL;
global $lang;
global $pic_base_url;
$imagehash = '';
if ($iv == 'yes')
{
$imagehash = image_code ();
echo ' ';
echo '<s';
echo 'cript type="text/javascript">
function reload ()
{
document.getElementById(\'regimage\').src = "';
echo $BASEURL;
echo '/image.php?" + (new Date()).getTime() + "&action=newregimage";
return;
};
</script>
';
echo '
<tr>
<td class="rowhead">' . $lang->global['secimage'] . '</td>
<td>
<table>
<tr>
<td rowspan="2" class="none"><img src="' . $BASEURL . '/image.php?action=regimage" id="regimage" border="0" alt="" /></td>
<td class="none"><img src="' . $BASEURL . '/' . $pic_base_url . 'listen.gif" border="0" style="cursor:pointer" onclick="return ts_open_popup(\'' . $BASEURL . '/listen.php\', 400, 120);" alt="' . $lang->global['seclisten'] . '" title="' . $lang->global['seclisten'] . '" /></td>
</tr>
<tr>
<td class="none"><img src="' . $BASEURL . '/' . $pic_base_url . 'reload.gif" border="0" style="cursor:pointer" onload="reload()" onclick="javascript:reload()" alt="' . $lang->global['secimagehint'] . '" title="' . $lang->global['secimagehint'] . '" /></td>
</tr>
</table>
</td>
</tr>
<tr><td class="rowhead">' . $lang->global['seccode'] . '</td>
<td><input type="text" size="26" name="imagestring" class="inputPassword" value="" />
' . ($submitbutton ? '<input type="submit" value="' . $buttonname . '" class="btn" />' : '') . '
</td></tr>';
}
}
function image_code ($length = 5)
{
$_SESSION['randomstr'] = $_SESSION['imagehash'] = $captcha_string = '';
$set = array ('A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'J', 'K', 'L', 'M', 'N', 'P', 'R', 'S', 'T', 'U', 'V', 'W', 'X', 'Y', 'Z');
$i = 1;
while ($i <= $length)
{
$ch = rand (0, count ($set) - 1);
$captcha_string .= $set[$ch];
++$i;
}
$imagehash = md5 ($captcha_string);
$_SESSION['randomstr'] = $captcha_string;
$_SESSION['imagehash'] = $imagehash;
return $imagehash;
}
*/
function check_code ($imagestring, $where = 'signup.php', $maxattemptlog = true, $extra = '', $returnback = false)
{
global $BASEURL;
if (((!empty ($_SESSION['imagehash']) AND !empty ($imagestring)) AND md5 ($imagestring) === $_SESSION['imagehash']))
{
unset ($_SESSION[randomstr]);
unset ($_SESSION[imagehash]);
if ($returnback)
{
return $returnback;
}
}
else
{
if ($returnback)
{
if ($maxattemptlog)
{
failedlogins ('silent');
}
return false;
}
if (($where == 'login.php' AND $maxattemptlog))
{
failedlogins ('silent');
header ('' . 'Location: ' . $BASEURL . '/login.php?error=2' . $extra);
exit ();
return null;
}
if (($where == 'recover.php' AND $maxattemptlog))
{
failedlogins ('silent');
header ('' . 'Location: ' . $BASEURL . '/recover.php?error=2');
exit ();
return null;
}
if (($where == 'recoverhint.php' AND $maxattemptlog))
{
failedlogins ('silent');
header ('' . 'Location: ' . $BASEURL . '/recoverhint.php?error=2');
exit ();
return null;
}
if (strstr ($where, 'signup.php'))
{
$ayrac = (strstr ($where, '?') ? '&' : '?');
header ('Location: ' . $BASEURL . '/' . $where . $ayrac . 'error=2');
exit ();
return null;
}
if ($maxattemptlog)
{
failedlogins ('silent');
}
$where = $BASEURL . (substr ($where, 0, 1) == '/' ? '' : '/') . $where;
header ('Location: ' . $where);
exit ();
}
}
function remaining ($type = 'login')
{
global $maxloginattempts;
global $ip;
if (!$ip)
{
$ip = getip ();
}
$Query = sql_query ('SELECT SUM(attempts) FROM loginattempts WHERE ip=' . sqlesc ($ip) . ' LIMIT 0,1');
list ($total) = mysql_fetch_array ($Query);
$left = $maxloginattempts - $total;
return ($left <= 2 ? '<font color="#f90510">[' . $left . ']</font>' : '<font color="#037621">[' . $left . ']</font>');
}
function failedloginscheck ($type = 'Login')
{
global $maxloginattempts;
global $BASEURL;
global $ip;
global $lang;
if (!$ip)
{
$ip = getip ();
}
$Query = @sql_query ('SELECT SUM(attempts) FROM loginattempts WHERE ip=' . @sqlesc ($ip) . ' LIMIT 0,1');
list ($total) = @mysql_fetch_array ($Query);
if ($maxloginattempts <= $total)
{
sql_query ('UPDATE loginattempts SET banned = \'yes\' WHERE ip=' . sqlesc ($ip));
stderr (sprintf ($lang->global['xlocked'], $type), sprintf ($lang->global['xlocked2'], '<a href=' . $BASEURL . '/unbaniprequest.php?ip=' . htmlspecialchars_uni ($ip) . '&action=showform>'), false);
}
}
function failedlogins ($type = 'login', $recover = false, $head = true, $msg = false, $uid = 0)
{
global $BASEURL;
global $ip;
global $lang;
global $username;
global $password;
global $md5pw;
global $iphost;
global $ipaddress;
if (!$ip)
{
$ip = getip ();
}
$added = sqlesc (get_date_time ());
$a = mysql_fetch_row (@sql_query ('SELECT COUNT(*) FROM loginattempts WHERE ip=' . @sqlesc ($ip) . ' LIMIT 0,1'));
if ($a[0] == 0)
{
sql_query ('INSERT INTO loginattempts (ip, added, attempts) VALUES (' . sqlesc ($ip) . ('' . ', ' . $added . ', 1)'));
}
else
{
sql_query ('UPDATE loginattempts SET attempts = attempts + 1 WHERE ip=' . sqlesc ($ip));
}
if ($recover)
{
sql_query ('UPDATE loginattempts SET type = \'recover\' WHERE ip = ' . sqlesc ($ip));
}
if (($msg AND $uid))
{
$subject = sqlesc ($lang->global['warning']);
$message = sqlesc (sprintf ($lang->global['accountwarn'], $username, $password, $md5pw, $ipaddress, $iphost));
sql_query ('' . 'INSERT INTO messages (sender, receiver, added, msg, subject) VALUES(0, ' . $uid . ', ' . $added . ', ' . $message . ', ' . $subject . ')');
}
if (($type == 'silent' OR $type == 'login'))
{
return null;
}
stderr ($lang->global['error'], $type, false, $head);
}
if (!defined ('IN_TRACKER'))
{
exit ('<font face=\'verdana\' size=\'2\' color=\'darkred\'><b>Error!</b> Direct initialization of this file is not allowed.</font>');
}
?>
__________________
Please Support Majority Report
You can contact me on Skype live:phesadent.elect but please let me know first.
If you are ever need me desperately then please email me at dan.oak44@gmail.com and I will contact u within a week.
Due to free time I'm able to help interested member's with their tracker.
Please Note!
Depending on your requests I will charge you for my assistance for Tracker installs and mods.
All my mods are custom and prices will very depending on the request.
I'm able to install any tracker and mods including themes.
Please PM me
|