alasht
جمعه 17 دی 1389, 01:11 صبح
با سلام خدمت تمام دوستان
من قبلا یه تاپیک مشابه زدم حدود 1 ماه پیش اما به نتیجه نرسیدم
حالا من با کمی تغییر دوباره سوالمو می پریم
یه هک برای ویبولتین هست که کاربران انلاین رو تو انجمن نشون میده
میخواستم ببینم کسی میتونه با کمک این هک یه query بنویسه که بشه تو وب سایتم که جدا از ویبولتین هست اعضای انلاین رو نشون بدم ؟
اینم از هک
<?xml version="1.0" encoding="ISO-8859-1"?>
<product productid="woap" active="1">
<title>Whois Online - AdminCP</title>
<description>http://www.tvpano.com/</description>
<version>2.0.0</version>
<url>http://www.tvpano.com/</url>
<versioncheckurl />
<apm_releasedate>1223787600</apm_releasedate>
<apm_author>H.Atakan KOC</apm_author>
<apm_relatedurl />
<apm_extrainfo>http://www.tvpano.com/</apm_extrainfo>
<apm_extraedit />
<dependencies>
</dependencies>
<codes>
</codes>
<templates>
</templates>
<plugins>
<plugin active="1" executionorder="5">
<title>Whois Online - AdminCP</title>
<hookname>admin_index_main1</hookname>
<phpcode><![CDATA[require_once(DIR . '/includes/functions_bigthree.php');
$datecut = TIMENOW - $vbulletin->options['cookietimeout'];
$numbervisible = 0;
$numberregistered = 0;
$numberguest = 0;
$forumusers = $db->query_read_slave("
SELECT
user.username, (user.options & " . $vbulletin->bf_misc_useroptions['invisible'] . ") AS invisible, user.usergroupid,
session.userid, session.inforum, session.lastactivity,
IF(displaygroupid=0, user.usergroupid, displaygroupid) AS displaygroupid, infractiongroupid
FROM " . TABLE_PREFIX . "session AS session
LEFT JOIN " . TABLE_PREFIX . "user AS user ON(user.userid = session.userid)
WHERE session.lastactivity > $datecut
" . iif($vbulletin->options['displayloggedin'] == 1 OR $vbulletin->options['displayloggedin'] == 3, "ORDER BY username ASC") . "
");
if ($vbulletin->userinfo['userid'])
{
// fakes the user being online for an initial page view of index.php
$vbulletin->userinfo['joingroupid'] = iif($vbulletin->userinfo['displaygroupid'], $vbulletin->userinfo['displaygroupid'], $vbulletin->userinfo['usergroupid']);
$userinfos = array
(
$vbulletin->userinfo['userid'] => array
(
'userid' =>& $vbulletin->userinfo['userid'],
'username' =>& $vbulletin->userinfo['username'],
'invisible' =>& $vbulletin->userinfo['invisible'],
'inforum' => 0,
'lastactivity' => TIMENOW,
'usergroupid' =>& $vbulletin->userinfo['usergroupid'],
'displaygroupid' =>& $vbulletin->userinfo['displaygroupid'],
'infractiongroupid' =>& $vbulletin->userinfo['infractiongroupid'],
)
);
}
else
{
$userinfos = array();
}
$inforum = array();
while ($loggedin = $db->fetch_array($forumusers))
{
$userid = $loggedin['userid'];
if (!$userid)
{ // Guest
$numberguest++;
$inforum["$loggedin[inforum]"]++;
}
else if (empty($userinfos["$userid"]) OR ($userinfos["$userid"]['lastactivity'] < $loggedin['lastactivity']))
{
$userinfos["$userid"] = $loggedin;
}
}
if (!$vbulletin->userinfo['userid'] AND $numberguest == 0)
{
$numberguest++;
}
foreach ($userinfos AS $userid => $loggedin)
{
$numberregistered++;
if ($userid != $vbulletin->userinfo['userid'])
{
$inforum["$loggedin[inforum]"]++;
}
fetch_musername($loggedin);
($hook = vBulletinHook::fetch_hook('forumhome_loggedinuser' )) ? eval($hook) : false;
if (fetch_online_status($loggedin))
{
$numbervisible++;
// eval('$activeusers .= ", ' . fetch_template('forumhome_loggedinuser') . '";');
$activeusers .= ", <a href=\"user.php?do=edit&u=".$loggedin[userid]."\">" . $loggedin[musername] . "</a>";
}
}
// memory saving
unset($userinfos, $loggedin);
$activeusers = substr($activeusers, 2); // get rid of initial comma
$db->free_result($forumusers);
$totalonline = $numberregistered + $numberguest;
$numberinvisible = $numberregistered - $numbervisible;
print_table_start();
print_table_header("Whois Online - Total Online : ".$totalonline." (".$numberregistered." members, ".$numberguest." guests and ".$numberinvisible." visible)",3);
echo "<tr><td class=\"alt1\" width=\"100%\">";
echo $activeusers;
echo "</td></tr>";
print_table_footer(2, '', '', 0);]]></phpcode>
</plugin>
</plugins>
<phrases>
</phrases>
<options>
</options>
<helptopics>
</helptopics>
<cronentries>
</cronentries>
<faqentries>
</faqentries>
</product>
من قبلا یه تاپیک مشابه زدم حدود 1 ماه پیش اما به نتیجه نرسیدم
حالا من با کمی تغییر دوباره سوالمو می پریم
یه هک برای ویبولتین هست که کاربران انلاین رو تو انجمن نشون میده
میخواستم ببینم کسی میتونه با کمک این هک یه query بنویسه که بشه تو وب سایتم که جدا از ویبولتین هست اعضای انلاین رو نشون بدم ؟
اینم از هک
<?xml version="1.0" encoding="ISO-8859-1"?>
<product productid="woap" active="1">
<title>Whois Online - AdminCP</title>
<description>http://www.tvpano.com/</description>
<version>2.0.0</version>
<url>http://www.tvpano.com/</url>
<versioncheckurl />
<apm_releasedate>1223787600</apm_releasedate>
<apm_author>H.Atakan KOC</apm_author>
<apm_relatedurl />
<apm_extrainfo>http://www.tvpano.com/</apm_extrainfo>
<apm_extraedit />
<dependencies>
</dependencies>
<codes>
</codes>
<templates>
</templates>
<plugins>
<plugin active="1" executionorder="5">
<title>Whois Online - AdminCP</title>
<hookname>admin_index_main1</hookname>
<phpcode><![CDATA[require_once(DIR . '/includes/functions_bigthree.php');
$datecut = TIMENOW - $vbulletin->options['cookietimeout'];
$numbervisible = 0;
$numberregistered = 0;
$numberguest = 0;
$forumusers = $db->query_read_slave("
SELECT
user.username, (user.options & " . $vbulletin->bf_misc_useroptions['invisible'] . ") AS invisible, user.usergroupid,
session.userid, session.inforum, session.lastactivity,
IF(displaygroupid=0, user.usergroupid, displaygroupid) AS displaygroupid, infractiongroupid
FROM " . TABLE_PREFIX . "session AS session
LEFT JOIN " . TABLE_PREFIX . "user AS user ON(user.userid = session.userid)
WHERE session.lastactivity > $datecut
" . iif($vbulletin->options['displayloggedin'] == 1 OR $vbulletin->options['displayloggedin'] == 3, "ORDER BY username ASC") . "
");
if ($vbulletin->userinfo['userid'])
{
// fakes the user being online for an initial page view of index.php
$vbulletin->userinfo['joingroupid'] = iif($vbulletin->userinfo['displaygroupid'], $vbulletin->userinfo['displaygroupid'], $vbulletin->userinfo['usergroupid']);
$userinfos = array
(
$vbulletin->userinfo['userid'] => array
(
'userid' =>& $vbulletin->userinfo['userid'],
'username' =>& $vbulletin->userinfo['username'],
'invisible' =>& $vbulletin->userinfo['invisible'],
'inforum' => 0,
'lastactivity' => TIMENOW,
'usergroupid' =>& $vbulletin->userinfo['usergroupid'],
'displaygroupid' =>& $vbulletin->userinfo['displaygroupid'],
'infractiongroupid' =>& $vbulletin->userinfo['infractiongroupid'],
)
);
}
else
{
$userinfos = array();
}
$inforum = array();
while ($loggedin = $db->fetch_array($forumusers))
{
$userid = $loggedin['userid'];
if (!$userid)
{ // Guest
$numberguest++;
$inforum["$loggedin[inforum]"]++;
}
else if (empty($userinfos["$userid"]) OR ($userinfos["$userid"]['lastactivity'] < $loggedin['lastactivity']))
{
$userinfos["$userid"] = $loggedin;
}
}
if (!$vbulletin->userinfo['userid'] AND $numberguest == 0)
{
$numberguest++;
}
foreach ($userinfos AS $userid => $loggedin)
{
$numberregistered++;
if ($userid != $vbulletin->userinfo['userid'])
{
$inforum["$loggedin[inforum]"]++;
}
fetch_musername($loggedin);
($hook = vBulletinHook::fetch_hook('forumhome_loggedinuser' )) ? eval($hook) : false;
if (fetch_online_status($loggedin))
{
$numbervisible++;
// eval('$activeusers .= ", ' . fetch_template('forumhome_loggedinuser') . '";');
$activeusers .= ", <a href=\"user.php?do=edit&u=".$loggedin[userid]."\">" . $loggedin[musername] . "</a>";
}
}
// memory saving
unset($userinfos, $loggedin);
$activeusers = substr($activeusers, 2); // get rid of initial comma
$db->free_result($forumusers);
$totalonline = $numberregistered + $numberguest;
$numberinvisible = $numberregistered - $numbervisible;
print_table_start();
print_table_header("Whois Online - Total Online : ".$totalonline." (".$numberregistered." members, ".$numberguest." guests and ".$numberinvisible." visible)",3);
echo "<tr><td class=\"alt1\" width=\"100%\">";
echo $activeusers;
echo "</td></tr>";
print_table_footer(2, '', '', 0);]]></phpcode>
</plugin>
</plugins>
<phrases>
</phrases>
<options>
</options>
<helptopics>
</helptopics>
<cronentries>
</cronentries>
<faqentries>
</faqentries>
</product>