forked from 418sec/TeamPass
-
Notifications
You must be signed in to change notification settings - Fork 0
/
error.php
107 lines (95 loc) · 3.53 KB
/
error.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
<?php
/**
* @package error.php
* @author Nils Laumaillé <nils@teampass.net>
* @version 2.1.27
* @copyright 2009-2019 Nils Laumaillé
* @license GNU GPL-3.0
* @link https://www.teampass.net
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
*/
if (file_exists('../sources/SecureHandler.php')) {
require_once '../sources/SecureHandler.php';
} elseif (file_exists('./sources/SecureHandler.php')) {
require_once './sources/SecureHandler.php';
} else {
throw new Exception("Error file '/sources/SecureHandler.php' not exists", 1);
}
if (!isset($_SESSION)) {
session_start();
}
if (!isset($_SESSION['CPM']) || $_SESSION['CPM'] != 1) {
die('Hacking attempt...');
}
// Load config
if (file_exists('../includes/config/tp.config.php')) {
include_once '../includes/config/tp.config.php';
} elseif (file_exists('./includes/config/tp.config.php')) {
include_once './includes/config/tp.config.php';
} else {
throw new Exception("Error file '/includes/config/tp.config.php' not exists", 1);
}
if (null !== filter_input(INPUT_POST, 'session', FILTER_SANITIZE_STRING)
&& filter_input(INPUT_POST, 'session', FILTER_SANITIZE_STRING) === "expired"
) {
//Include files
require_once $SETTINGS['cpassman_dir'].'/includes/config/settings.php';
require_once $SETTINGS['cpassman_dir'].'/includes/config/include.php';
require_once $SETTINGS['cpassman_dir'].'/sources/SplClassLoader.php';
// connect to DB
require_once $SETTINGS['cpassman_dir'].'/includes/libraries/Database/Meekrodb/db.class.php';
$pass = defuse_return_decrypted($pass);
DB::$host = $server;
DB::$user = $user;
DB::$password = $pass;
DB::$dbName = $database;
DB::$port = $port;
DB::$encoding = $encoding;
DB::$error_handler = true;
$link = mysqli_connect($server, $user, $pass, $database, $port);
$link->set_charset($encoding);
// Include main functions used by TeamPass
require_once 'sources/main.functions.php';
// Update table by deleting ID
if (isset($_SESSION['user_id'])) {
DB::update(
$pre."users",
array(
'key_tempo' => ''
),
"id=%i",
$_SESSION['user_id']
);
}
//Log into DB the user's disconnection
if (isset($SETTINGS['log_connections']) && $SETTINGS['log_connections'] == 1) {
logEvents('user_connection', 'disconnection', $_SESSION['user_id'], $_SESSION['login']);
}
} else {
require_once $SETTINGS['cpassman_dir'].'/includes/language/english.php';
echo '
<div style="width:800px;margin:auto;">
<div class="ui-state-error ui-corner-all error" style="margin-top:60px; padding:15px; text-align:center; font-size:16px;" >
<i class="fa fa-warning fa-2x"></i><br /><br />';
if (@$_SESSION['error']['code'] === ERR_NOT_ALLOWED) {
echo $LANG['error_not_authorized'];
} elseif (@$_SESSION['error']['code'] === ERR_NOT_EXIST) {
echo $LANG['error_not_exists'];
} elseif (@$_SESSION['error']['code'] === ERR_SESS_EXPIRED) {
echo $LANG['index_session_expired'];
} elseif (@$_SESSION['error']['code'] === ERR_VALID_SESSION) {
echo $LANG['error_not_authorized'];
}
echo '
<br /><br /><a href="index.php" />'.$LANG['home'].'</a>
</div>';
}
// erase session table
$_SESSION = array();
// Kill session
session_destroy();
echo '
</div>';