0)
extract($arr, EXTR_SKIP);
}
}
//error_reporting(E_ALL);
//$ebits = ini_get('error_reporting');
//error_reporting($ebits ^ E_NOTICE);
if (session_id() =='') { session_start(); }
//�ҡ�ա�����¡������µç
if (eregi("mainfile.php",$_SERVER['PHP_SELF'])) {
Header("Location: index.php");
die();
}
$PHP_SELF = "index.php";
require_once("setconf.php");
require_once("includes/config.in.php");
require_once("includes/function.in.php");
require_once("includes/class.mysql.php");
require_once("includes/array.in.php");
require_once("includes/class.ban.php");
require_once("includes/class.calendar.php");
header( 'Content-Type:text/html; charset='.ISO.'');
$db = New DB();
$IPADDRESS=get_real_ip();
if (!empty($_SESSION['admin_user'])){
if(empty($_SESSION['ua']) || $_SESSION['ua'] != $_SESSION['admin_user'].":".$_SERVER['HTTP_USER_AGENT'].":".$IPADDRESS.":".$_SERVER['HTTP_ACCEPT_LANGUAGE'])
{
$db->connectdb(DB_NAME,DB_USERNAME,DB_PASSWORD);
$db->del(TB_useronline," useronline='".$_SESSION['admin_user']."' ");
$db->add_db(TB_IPBLOCK,array(
"ip"=>"".$IPADDRESS."",
"post_date"=>"".time().""
));
$db->closedb ();
session_unset();
//session_destroy();
session_regenerate_id(); // ����� session ������
die('Session Hijacking Attempt');
}
}
if(!empty($_SESSION['login_true'])){
if(empty($_SESSION['uax']) || $_SESSION['uax'] != $_SESSION['login_true'].":".$_SERVER['HTTP_USER_AGENT'].":".$IPADDRESS.":".$_SERVER['HTTP_ACCEPT_LANGUAGE'])
{
$db->connectdb(DB_NAME,DB_USERNAME,DB_PASSWORD);
$db->del(TB_useronline," useronline='".$_SESSION['login_true']."' ");
$db->add_db(TB_IPBLOCK,array(
"ip"=>"".$IPADDRESS."",
"post_date"=>"".time().""
));
$db->closedb ();
session_unset();
//session_destroy();
session_regenerate_id(); // ����� session ������
die('Session Hijacking Attempt');
}
}//��Ǩ�ͺ����������������� (����� User)
function GETMODULE($name,$file){
global $MODPATH, $MODPATHFILE ;
$targetPath = WEB_PATH;
if(empty($name)){$name= "index";}
if(empty($file)){$file = "index";}
$files = str_replace('../', '', $file);
$names = str_replace('../', '', $name);
$modpathfile=$targetPath."/modules/".$names."/".$files.".php";
if (file_exists($modpathfile)) {
$MODPATHFILE = $modpathfile;
$MODPATH = $targetPath."/modules/".$names."/";
}else{
header( 'Content-Type:text/html; charset='.ISO.'');
die (""._NO_MOD."");
}
}
//�������к�����ҹ�Է�ԡ����ҹ
$PermissionFalse = "
";
$PermissionFalse .= "![](\"images/icon/notview.gif\")
";
$PermissionFalse .= ""._PERMISSION_ADMIN."
";
$PermissionFalse .= ""._PERMISSION_INDEX."";
$PermissionFalse .= "";
$PermissionFalse .= "
";
// ��ǹ�ͧ�к���Ҫԡ������������ѧ�� narongrit.net
$home = "".WEB_URL."" ; // url ���䫴�ͧ�س ���ҷ���ͧ������¡
$admin_email = "".WEB_EMAIL."" ; // ������ͧ�س
$yourcode = "web" ; // ���ʹ�˹�������Ţ��Ҫԡ�ͧ�س �� ip00001 , abc00005
$member_num_show = 5 ; // �ӹǹ�ͧ��Ҫԡ����ͧ�������ʴ���� 1 ˹�� ��к��ͧ admin
$member_num_show_last = 5 ; // �ӹǹ�ͧ��Ҫԡ����ش����ͧ�������ʴ�
$member_num_last = 1 ; // �ӹǹ�ͧ��Ҫԡ����ش����ͧ�������ʴ�˹���á
$bkk= mktime(gmdate("H")+7,gmdate("i")+0,gmdate("s"),
gmdate("m") ,gmdate("d"),gmdate("Y"));
$datetimeformat="j/m/y - H:i";
$now = date($datetimeformat,$bkk);
$db->connectdb(DB_NAME,DB_USERNAME,DB_PASSWORD);
$IPB=$db->select_query("select * from ".TB_IPBLOCK." where ip='".$IPADDRESS."' ");
$IPBS=$db->fetch($IPB);
$db->closedb ();
$IPBLOCK=$IPBS['ip'];
if ($IPBLOCK){
?>
