//session_save_path('/var/www/vhosts/buraphank.com/httpdocs/sessions');
ob_start();
//session_start();
$globals_test = @ini_get('register_globals');
if ( isset($globals_test) && empty($globals_test) ) {
$types_to_register = array('GET', 'POST', 'COOKIE', 'SESSION', 'SERVER');
foreach ($types_to_register as $type) {
$arr = @${'_' . $type};
if (@count($arr) > 0)
extract($arr, EXTR_SKIP);
}
}
//error_reporting(E_ALL);
//$ebits = ini_get('error_reporting');
//error_reporting($ebits ^ E_NOTICE);
if (session_id() =='') { session_start(); }
//หากมีการเรียกไฟล์นี้โดยตรง
if (eregi("mainfile.php",$_SERVER['PHP_SELF'])) {
Header("Location: index.php");
die();
}
$PHP_SELF = "index.php";
require_once("setconf.php");
require_once("includes/config.in.php");
require_once("includes/function.in.php");
require_once("includes/class.mysql.php");
require_once("includes/array.in.php");
require_once("includes/class.ban.php");
require_once("includes/class.calendar.php");
header( 'Content-Type:text/html; charset='.ISO.'');
$db = New DB();
$IPADDRESS=get_real_ip();
if (!empty($_SESSION['admin_user'])){
if(empty($_SESSION['ua']) || $_SESSION['ua'] != $_SESSION['admin_user'].":".$_SERVER['HTTP_USER_AGENT'].":".$IPADDRESS.":".$_SERVER['HTTP_ACCEPT_LANGUAGE'])
{
$db->connectdb(DB_NAME,DB_USERNAME,DB_PASSWORD);
$db->del(TB_useronline," useronline='".$_SESSION['admin_user']."' ");
$db->add_db(TB_IPBLOCK,array(
"ip"=>"".$IPADDRESS."",
"post_date"=>"".time().""
));
$db->closedb ();
session_unset();
//session_destroy();
session_regenerate_id(); // เริ่ม session อื่นใหม
die('Session Hijacking Attempt');
}
}
if(!empty($_SESSION['login_true'])){
if(empty($_SESSION['uax']) || $_SESSION['uax'] != $_SESSION['login_true'].":".$_SERVER['HTTP_USER_AGENT'].":".$IPADDRESS.":".$_SERVER['HTTP_ACCEPT_LANGUAGE'])
{
$db->connectdb(DB_NAME,DB_USERNAME,DB_PASSWORD);
$db->del(TB_useronline," useronline='".$_SESSION['login_true']."' ");
$db->add_db(TB_IPBLOCK,array(
"ip"=>"".$IPADDRESS."",
"post_date"=>"".time().""
));
$db->closedb ();
session_unset();
//session_destroy();
session_regenerate_id(); // เริ่ม session อื่นใหม
die('Session Hijacking Attempt');
}
}//ตรวจสอบว่ามีโมดูลหรือไม่ (โมดูล User)
function GETMODULE($name,$file){
global $MODPATH, $MODPATHFILE ;
$targetPath = WEB_PATH;
if(empty($name)){$name= "index";}
if(empty($file)){$file = "index";}
$files = str_replace('../', '', $file);
$names = str_replace('../', '', $name);
$modpathfile=$targetPath."/modules/".$names."/".$files.".php";
if (file_exists($modpathfile)) {
$MODPATHFILE = $modpathfile;
$MODPATH = $targetPath."/modules/".$names."/";
}else{
header( 'Content-Type:text/html; charset='.ISO.'');
die (""._NO_MOD."");
}
}
//ผู้ดูแลระบบไม่ผ่านสิทธิการใช้งาน
$PermissionFalse = "
";
$PermissionFalse .= "