[Release] Екстайлинг Уеб (XTYLING WEB) 100% Secure

Как каква е разликата...? |-( с така нареченият "шел" как ще добавиш точки на герой или подобни неща който са в опциите на сайта? (ако естествено няма админ панел)

И като си "фикснал" дупката, я ми кажи коя е тя, но без отговори от сорта "ма сега няма да я казвам защото другите така и така..."

През дупката можеш да качиш шелл .
Да ти кажа каде се намира или "как да ти кажа коя е тя" ?
 
През дупката можеш да качиш шелл .
Да ти кажа каде се намира или "как да ти кажа коя е тя" ?

Дам кажи ми коя е и каде е (think)
 
как се пише на лично да ти я кажа
 
Като провериш файла нямали да можеш да я видиш или искаш да ти го докажа с на някои сервера който е със същия сайт.
 
вместо да се лигавиш вземи да кажеш къде е щото след време ще ти трябва от някой нещо и ще има те да ти си лигават по същия начин :)
 
абе хора, в екстайлинг сайта релийзнат от Вирус, четох че дупката била в whoiz.php и затова в него релийз този файл го няма.
 
абе хора, в екстайлинг сайта релийзнат от Вирус, четох че дупката била в whoiz.php и затова в него релийз този файл го няма.

точно така тва е сайта още както е излезнал без да са правили нищо по него
 
Като провериш файла нямали да можеш да я видиш или искаш да ти го докажа с на някои сервера който е със същия сайт.

Така аз видях файла, но уви неразбирам сега ми копирай реда с дупката или там трап ли е к'во е... пиши я тук... намерил си я открил си я пиши сега тука да видим не да ми доказваш пиши тука кой ред и т.н
 
червеното е

Code:
<?php include"home.php"; ?>
</style></head>
<style type="text/css">
.style1 {color: #FF0000}
.style2 {font-weight: bold}
</style>
<body leftmargin="0" topmargin="0">
<div align="center">
  <table align="center" border="1" bordercolor="#666666" bgcolor=white cellpadding="0" cellspacing="0" frame="vsides" rules="none" width="760">
    <tbody><tr> 
      <td align="left" background="images/left_bg.gif" valign="top" width="204"><p><img src="images/left_top_news.gif" height="36" width="204">
        <?php include"pictures.php"; ?>
        <?php include"ranks.php"; ?>
        </p></td>
      <td background="images/xu.gif" height="190" width="1"></td>
      <td align="center" valign="top" width="553"><p>
       <p class="style2 style1">Player Statistics</p> 
       </head>
       <?php

require 'config.php';
[COLOR="Red"]$name = stripslashes($_REQUEST['name']);
if ((preg_match("[^';]", $_GET['name']))) {echo "Name must contain only letters a-Z and numbers 0-9";}
if ($name == NULL) { die("not enough parameters");	}
if (preg_match("[^';]", $name)) {echo("<p>SQL Injection Detected"); exit(); }[/COLOR]


$query = "Select point From EVENT_INFO where charactername='$name'";
$result = mssql_query( $query );
$rowg = mssql_fetch_row($result);
$rowk = $rowg[0];
$query = "select Vitality,Strength,Energy,Dexterity,LevelUpPoint,cLevel,Class,MapNumber,MapPosX,MapPosY,AccountID,ctlcode,money,PkCount from Character WHERE Name='$name'";
$result = mssql_query( $query );
$row = mssql_fetch_row($result);
$current_ip = getenv("REMOTE_ADDR");
$ippp = "select Ip,Reason,Gm from ip_bloc WHERE Ip='$current_ip'";


$test1 = "Select G_Name FROM GuildMember WHERE Name='$name'";
$test2 = mssql_query( $test1 );
$guild1 = mssql_fetch_row($test2);

$tezt1 = "select G_Master FROM Guild WHERE G_Name='$guild1[0]'";
$tezt2 = mssql_query( $tezt1 );
$GM = mssql_fetch_row($tezt2);


$allstats = $row[0] + $row[1] + $row[2] + $row[3] + $row[4];


$guild = "$guild1[0] - Guild Master: $GM[0]";

if ($row[6] == 0) { 
echo 'No such player found in database';
}
else {
$new_vit = $row[0];
$new_str = $row[1];
$new_eng = $row[2];
$new_agi = $row[3];
$levelup = $row[4];
$level = $row[5];
$mapx = $row[8];
$mapy = $row[9];
$acc = $row[10];
$code = $row[11];
$money = $row[12];
$pkcount = $row[13];
if ($row[13] > 0) {
$reason13 = $row[13]; }
elseif (0) {
$bloc_by = $row[14]; }
$acc1 = $acc;
if ($code == '8') {
$acc = '[hidden]';
}
if ($code == '24') {
$acc = '[hidden]';
}
if ($row[7] == 0) { 
$map = 'Lorencia';
}
if ($row[7] == 1) { 
$map = 'Dungeon';
}
if ($row[7] == 2) { 
$map = 'Davias';
}
if ($row[7] == 3) { 
$map = 'Noria';
}
if ($row[7] == 4) { 
$map = 'Lost tower';
}
if ($row[7] == 5) { 
$map = 'Excile';
}
if ($row[7] == 6) { 
$map = 'Arena';
}
if ($row[7] == 7) { 
$map = 'Atlans';
}
if ($row[7] == 8) { 
$map = 'Tarkan';
}
if ($row[7] == 9) { 
$map = 'Devil Square';
}
if ($row[7] == 10) { 
$map = 'Icarus(2)';
}
if ($row[7] == 11) { 
$map = 'Blood castle 1';
}
if ($row[7] == 12) { 
$map = 'Blood castle 2';
}
if ($row[7] == 13) { 
$map = 'Blood castle 3';
}
if ($row[7] == 14) { 
$map = 'Blood castle 4';
}
if ($row[7] == 15) { 
$map = 'Blood castle 5';
}
if ($row[7] ==16) { 
$map = 'Blood castle 6';
}
if ($row[7] ==17) { 
$map = 'Crystal map';
}
if ($row[7] ==19) { 
$map = 'Dare Devil';
}
if ($row[6] == 1) {
$class = 'Soul Master';
}
if($row[6] == 16){
$class = 'Dark Knight';
}
if($row[6] == 17){
$class = 'Blade Knight';
}
if($row[6] == 32){
$class = 'Elf';
}
if($row[6] == 33){
$class = 'Muse Elf';
}
if($row[6] == 48){
$class = 'Magic Gladiator';
}
if ($row[6] == 64) {
$class = 'Dark Lord';
}
if ($row[11] == 8) {
$code = 'Game Master';
$ccc1 = 'blue';
}
if ($row[11] == 24) {
$code = 'ADMINISTRATION ACCESS!';
$ccc1 = 'darkred';
}
if ($row[11] == 1) {
$code = 'Banned sucker!';
$ccc1 = 'red';
}
if ($row[11] == NULL) {
$code = 'Normal User';
$ccc1 = 'green';
}





$query = "select ConnectStat,ConnectTM,DisConnectTM,IP from MEMB_STAT WHERE memb___id='$acc1'";
$result = mssql_query( $query );
$row1 = mssql_fetch_row($result);
$ipp = $row1[3];
if ($row1[0] == 1) { 
$status = 'Online';
$ccc = 'green';
}
if ($row1[0] == 0) { 
$status = 'Offline';
$ccc = 'red';
}
$condate = $row1[1];
$discondate = $row1[2];



$query1 = "select resets from Character WHERE Name='$name'";
$result1 = mssql_query( $query1 );
$rowZ = mssql_fetch_row($result1);
$res3ts = $rowZ[0];
if ($rowZ[0] < '1') { 
$res3ts = 'n\a';
}
{


echo "<center>
		<div >
		<table border=0 cellspacing=0 cellpadding=0>
		<td width='200'>
				<font color='#4356FF'><b>
<tr><font color=red>
<td width=100px>Character</font></td>
<td width=150px><b>$name</font></td></b>
</tr>
<tr>
<td width=100px>Class type</font></td>
<td width=150px><b>$class</font></td></b>
</tr>
<tr>
<td width=100px>Level</font></td>
<td width=50px><b>$level</font></td></b>
</tr>

<tr>
<td width=100px>resets</font></td>
<td width=150px><b>$res3ts</font></td></b>
</tr>
<tr>
<td width=100px>Zen</font></td>
<td width=150px><b>$money</font></td></b>
</tr>
<tr>
<td width=100px>Kills</font></td>
<td width=150px><b>$pkcount</font></td></b>
</tr>
<tr>
<td width=100px>Guild</font></td>
<td width=270px><b>$guild</font></td></b>
</tr>
<tr>
<td width=100px>All STATS</font></td>
<td width=270px><b>$allstats</font></td></b>
</tr>

<br></font></center>";
}
}
?>
</table>
  <p>&nbsp;</p>
  <p class="style1"><strong>TOP 3 THE BEST PLAYERS</strong></p>
  <p>
    <?
include("config.php");
$query = "SELECT TOP 3 Name,Class,cLevel,Resets,MapNumber,AccountID,Money,PkCount from Character  order by Resets desc, cLevel desc";

$result = mssql_query($query);

echo '<center>
                                        

<table height=10 border="0" cellpadding="0" cellspacing="0" width="540" bordercolor=#666666 >                
<tr> 
<td valign=top align=center width=10><strong><font color=#000000>Rank</strong></td>
<td valign=top align=center width=10><strong><font color=#000000>Name</strong></td>
<td valign=top align=center width=20><strong><font color=#000000>Class</strong></td>
<td valign=top align=center width=30><strong><font color=#000000>Level</strong></td>
<td valign=top align=center width=20><strong><font color=#000000>Resets</strong></td>
<td valign=top align=center width=20><strong><font color=#000000>Money</strong></td>
<td valign=top align=center width=20><strong><font color=#000000>PK</strong></td>
</tr>';
for($i=0;$i < mssql_num_rows($result);++$i)
{
$row = mssql_fetch_row($result);

$query2="Select ConnectStat from MEMB_STAT where memb___id='$row[5]'";
$result2 = mssql_query($query2);
$row2 = mssql_fetch_row($result2);

$rank = $i+1;
if($row[1] == 0){ $row[1] ='DW';
}
if($row[1] == 1){ $row[1] ='SM';
}
if($row[1] == 16){ $row[1] ='DK';
}
if($row[1] == 17){ $row[1] ='BK';
}
if($row[1] == 32){ $row[1] ='ELF';
}
if($row[1] == 33){ $row[1] ='ME';
}
if($row[1] == 48){ $row[1] ='MG';
}
if($row[1] == 64){ $row[1] ='DL';
}
if($row[4] == 0){ $row[4] =  'Lorencia';
}
if($row[4] == 1){ $row[4] =  'Dungeon';
}
if($row[4] == 2){ $row[4] =  'Davias';
}
if($row[4] == 3){ $row[4] =  'Noria';
}
if($row[4] == 4){ $row[4] =  'Losttower';
}
if($row[4] == 5){ $row[4] =  'Exile';
}
if($row[4] == 8){ $row[4] =  'Tarkan';
}
if($row[4] == 7){ $row[4] =  'Atlans';
}
if($row[4] == 6){ $row[4] =  'Arena';
}
if($row[4] == 9){ $row[4] =  'Devil Square';
}
if($row[4] == 10){ $row[4] =  'Icarus';
}
if($row[4] == 11){ $row[4] =  'Blood Caslte1';
}
if($row[4] == 12){ $row[4] =  'Blood Caslte2';
}
if($row[4] == 13){ $row[4] =  'Blood Caslte3';
}
if($row[4] == 14){ $row[4] =  'Blood Caslte4';
}
if($row[4] == 15){ $row[4] =  'Blood Caslte5';
}
if($row[4] == 16){ $row[4] =  'Blood Caslte6';
}

echo "<tr><td valign=top align=center width=10><font color=#000000>$rank</td>
<td valign=top align=center width=20><font color=#666666><a href='whoiz.php?name=$row[0]'>$row[0]</td>

</td>
<td valign=top align=center width=20><font color=#666666>$row[1]</td>
<td valign=top align=center width=30><font color=#666666>$row[2]</td>
<td valign=top align=center width=20><font color=#666666>$row[3]</td>
<td valign=top align=center width=20><font color=#666666>$row[6]</td>
<td valign=top align=center width=20><font color=#666666>$row[7]</td>
<td valign=top align=center width=20><font color=#666666>$row[8]</td>
</tr>
</center>";
}

?>
    </table>
  </p>
  <p>&nbsp;</p>
  <p>

</div>
</body></html>
 
Last edited:
червеното е

Code:
<?php include"home.php"; ?>
</style></head>
<style type="text/css">
.style1 {color: #FF0000}
.style2 {font-weight: bold}
</style>
<body leftmargin="0" topmargin="0">
<div align="center">
  <table align="center" border="1" bordercolor="#666666" bgcolor=white cellpadding="0" cellspacing="0" frame="vsides" rules="none" width="760">
    <tbody><tr> 
      <td align="left" background="images/left_bg.gif" valign="top" width="204"><p><img src="images/left_top_news.gif" height="36" width="204">
        <?php include"pictures.php"; ?>
        <?php include"ranks.php"; ?>
        </p></td>
      <td background="images/xu.gif" height="190" width="1"></td>
      <td align="center" valign="top" width="553"><p>
       <p class="style2 style1">Player Statistics</p> 
       </head>
       <?php

require 'config.php';
[COLOR="#ff0000"]$name = stripslashes($_REQUEST['name']);
if ((preg_match("[^';]", $_GET['name']))) {echo "Name must contain only letters a-Z and numbers 0-9";}
if ($name == NULL) { die("not enough parameters");	}
if (preg_match("[^';]", $name)) {echo("<p>SQL Injection Detected"); exit(); }[/COLOR]


$query = "Select point From EVENT_INFO where charactername='$name'";
$result = mssql_query( $query );
$rowg = mssql_fetch_row($result);
$rowk = $rowg[0];
$query = "select Vitality,Strength,Energy,Dexterity,LevelUpPoint,cLevel,Class,MapNumber,MapPosX,MapPosY,AccountID,ctlcode,money,PkCount from Character WHERE Name='$name'";
$result = mssql_query( $query );
$row = mssql_fetch_row($result);
$current_ip = getenv("REMOTE_ADDR");
$ippp = "select Ip,Reason,Gm from ip_bloc WHERE Ip='$current_ip'";


$test1 = "Select G_Name FROM GuildMember WHERE Name='$name'";
$test2 = mssql_query( $test1 );
$guild1 = mssql_fetch_row($test2);

$tezt1 = "select G_Master FROM Guild WHERE G_Name='$guild1[0]'";
$tezt2 = mssql_query( $tezt1 );
$GM = mssql_fetch_row($tezt2);


$allstats = $row[0] + $row[1] + $row[2] + $row[3] + $row[4];


$guild = "$guild1[0] - Guild Master: $GM[0]";

if ($row[6] == 0) { 
echo 'No such player found in database';
}
else {
$new_vit = $row[0];
$new_str = $row[1];
$new_eng = $row[2];
$new_agi = $row[3];
$levelup = $row[4];
$level = $row[5];
$mapx = $row[8];
$mapy = $row[9];
$acc = $row[10];
$code = $row[11];
$money = $row[12];
$pkcount = $row[13];
if ($row[13] > 0) {
$reason13 = $row[13]; }
elseif (0) {
$bloc_by = $row[14]; }
$acc1 = $acc;
if ($code == '8') {
$acc = '[hidden]';
}
if ($code == '24') {
$acc = '[hidden]';
}
if ($row[7] == 0) { 
$map = 'Lorencia';
}
if ($row[7] == 1) { 
$map = 'Dungeon';
}
if ($row[7] == 2) { 
$map = 'Davias';
}
if ($row[7] == 3) { 
$map = 'Noria';
}
if ($row[7] == 4) { 
$map = 'Lost tower';
}
if ($row[7] == 5) { 
$map = 'Excile';
}
if ($row[7] == 6) { 
$map = 'Arena';
}
if ($row[7] == 7) { 
$map = 'Atlans';
}
if ($row[7] == 8) { 
$map = 'Tarkan';
}
if ($row[7] == 9) { 
$map = 'Devil Square';
}
if ($row[7] == 10) { 
$map = 'Icarus(2)';
}
if ($row[7] == 11) { 
$map = 'Blood castle 1';
}
if ($row[7] == 12) { 
$map = 'Blood castle 2';
}
if ($row[7] == 13) { 
$map = 'Blood castle 3';
}
if ($row[7] == 14) { 
$map = 'Blood castle 4';
}
if ($row[7] == 15) { 
$map = 'Blood castle 5';
}
if ($row[7] ==16) { 
$map = 'Blood castle 6';
}
if ($row[7] ==17) { 
$map = 'Crystal map';
}
if ($row[7] ==19) { 
$map = 'Dare Devil';
}
if ($row[6] == 1) {
$class = 'Soul Master';
}
if($row[6] == 16){
$class = 'Dark Knight';
}
if($row[6] == 17){
$class = 'Blade Knight';
}
if($row[6] == 32){
$class = 'Elf';
}
if($row[6] == 33){
$class = 'Muse Elf';
}
if($row[6] == 48){
$class = 'Magic Gladiator';
}
if ($row[6] == 64) {
$class = 'Dark Lord';
}
if ($row[11] == 8) {
$code = 'Game Master';
$ccc1 = 'blue';
}
if ($row[11] == 24) {
$code = 'ADMINISTRATION ACCESS!';
$ccc1 = 'darkred';
}
if ($row[11] == 1) {
$code = 'Banned sucker!';
$ccc1 = 'red';
}
if ($row[11] == NULL) {
$code = 'Normal User';
$ccc1 = 'green';
}





$query = "select ConnectStat,ConnectTM,DisConnectTM,IP from MEMB_STAT WHERE memb___id='$acc1'";
$result = mssql_query( $query );
$row1 = mssql_fetch_row($result);
$ipp = $row1[3];
if ($row1[0] == 1) { 
$status = 'Online';
$ccc = 'green';
}
if ($row1[0] == 0) { 
$status = 'Offline';
$ccc = 'red';
}
$condate = $row1[1];
$discondate = $row1[2];



$query1 = "select resets from Character WHERE Name='$name'";
$result1 = mssql_query( $query1 );
$rowZ = mssql_fetch_row($result1);
$res3ts = $rowZ[0];
if ($rowZ[0] < '1') { 
$res3ts = 'n\a';
}
{


echo "<center>
		<div >
		<table border=0 cellspacing=0 cellpadding=0>
		<td width='200'>
				<font color='#4356FF'><b>
<tr><font color=red>
<td width=100px>Character</font></td>
<td width=150px><b>$name</font></td></b>
</tr>
<tr>
<td width=100px>Class type</font></td>
<td width=150px><b>$class</font></td></b>
</tr>
<tr>
<td width=100px>Level</font></td>
<td width=50px><b>$level</font></td></b>
</tr>

<tr>
<td width=100px>resets</font></td>
<td width=150px><b>$res3ts</font></td></b>
</tr>
<tr>
<td width=100px>Zen</font></td>
<td width=150px><b>$money</font></td></b>
</tr>
<tr>
<td width=100px>Kills</font></td>
<td width=150px><b>$pkcount</font></td></b>
</tr>
<tr>
<td width=100px>Guild</font></td>
<td width=270px><b>$guild</font></td></b>
</tr>
<tr>
<td width=100px>All STATS</font></td>
<td width=270px><b>$allstats</font></td></b>
</tr>

<br></font></center>";
}
}
?>
</table>
  <p>&nbsp;</p>
  <p class="style1"><strong>TOP 3 THE BEST PLAYERS</strong></p>
  <p>
    <?
include("config.php");
$query = "SELECT TOP 3 Name,Class,cLevel,Resets,MapNumber,AccountID,Money,PkCount from Character  order by Resets desc, cLevel desc";

$result = mssql_query($query);

echo '<center>
                                        

<table height=10 border="0" cellpadding="0" cellspacing="0" width="540" bordercolor=#666666 >                
<tr> 
<td valign=top align=center width=10><strong><font color=#000000>Rank</strong></td>
<td valign=top align=center width=10><strong><font color=#000000>Name</strong></td>
<td valign=top align=center width=20><strong><font color=#000000>Class</strong></td>
<td valign=top align=center width=30><strong><font color=#000000>Level</strong></td>
<td valign=top align=center width=20><strong><font color=#000000>Resets</strong></td>
<td valign=top align=center width=20><strong><font color=#000000>Money</strong></td>
<td valign=top align=center width=20><strong><font color=#000000>PK</strong></td>
</tr>';
for($i=0;$i < mssql_num_rows($result);++$i)
{
$row = mssql_fetch_row($result);

$query2="Select ConnectStat from MEMB_STAT where memb___id='$row[5]'";
$result2 = mssql_query($query2);
$row2 = mssql_fetch_row($result2);

$rank = $i+1;
if($row[1] == 0){ $row[1] ='DW';
}
if($row[1] == 1){ $row[1] ='SM';
}
if($row[1] == 16){ $row[1] ='DK';
}
if($row[1] == 17){ $row[1] ='BK';
}
if($row[1] == 32){ $row[1] ='ELF';
}
if($row[1] == 33){ $row[1] ='ME';
}
if($row[1] == 48){ $row[1] ='MG';
}
if($row[1] == 64){ $row[1] ='DL';
}
if($row[4] == 0){ $row[4] =  'Lorencia';
}
if($row[4] == 1){ $row[4] =  'Dungeon';
}
if($row[4] == 2){ $row[4] =  'Davias';
}
if($row[4] == 3){ $row[4] =  'Noria';
}
if($row[4] == 4){ $row[4] =  'Losttower';
}
if($row[4] == 5){ $row[4] =  'Exile';
}
if($row[4] == 8){ $row[4] =  'Tarkan';
}
if($row[4] == 7){ $row[4] =  'Atlans';
}
if($row[4] == 6){ $row[4] =  'Arena';
}
if($row[4] == 9){ $row[4] =  'Devil Square';
}
if($row[4] == 10){ $row[4] =  'Icarus';
}
if($row[4] == 11){ $row[4] =  'Blood Caslte1';
}
if($row[4] == 12){ $row[4] =  'Blood Caslte2';
}
if($row[4] == 13){ $row[4] =  'Blood Caslte3';
}
if($row[4] == 14){ $row[4] =  'Blood Caslte4';
}
if($row[4] == 15){ $row[4] =  'Blood Caslte5';
}
if($row[4] == 16){ $row[4] =  'Blood Caslte6';
}

echo "<tr><td valign=top align=center width=10><font color=#000000>$rank</td>
<td valign=top align=center width=20><font color=#666666><a href='whoiz.php?name=$row[0]'>$row[0]</td>

</td>
<td valign=top align=center width=20><font color=#666666>$row[1]</td>
<td valign=top align=center width=30><font color=#666666>$row[2]</td>
<td valign=top align=center width=20><font color=#666666>$row[3]</td>
<td valign=top align=center width=20><font color=#666666>$row[6]</td>
<td valign=top align=center width=20><font color=#666666>$row[7]</td>
<td valign=top align=center width=20><font color=#666666>$row[8]</td>
</tr>
</center>";
}

?>
    </table>
  </p>
  <p>&nbsp;</p>
  <p>

</div>
</body></html>

axaxaxaxaxaxaxaxaxaxaxaxax
 
червеното е

Code:
<?php include"home.php"; ?>
</style></head>
<style type="text/css">
.style1 {color: #FF0000}
.style2 {font-weight: bold}
</style>
<body leftmargin="0" topmargin="0">
<div align="center">
  <table align="center" border="1" bordercolor="#666666" bgcolor=white cellpadding="0" cellspacing="0" frame="vsides" rules="none" width="760">
    <tbody><tr> 
      <td align="left" background="images/left_bg.gif" valign="top" width="204"><p><img src="images/left_top_news.gif" height="36" width="204">
        <?php include"pictures.php"; ?>
        <?php include"ranks.php"; ?>
        </p></td>
      <td background="images/xu.gif" height="190" width="1"></td>
      <td align="center" valign="top" width="553"><p>
       <p class="style2 style1">Player Statistics</p> 
       </head>
       <?php

require 'config.php';
[COLOR="#ff0000"]$name = stripslashes($_REQUEST['name']);
if ((preg_match("[^';]", $_GET['name']))) {echo "Name must contain only letters a-Z and numbers 0-9";}
if ($name == NULL) { die("not enough parameters");	}
if (preg_match("[^';]", $name)) {echo("<p>SQL Injection Detected"); exit(); }[/COLOR]


$query = "Select point From EVENT_INFO where charactername='$name'";
$result = mssql_query( $query );
$rowg = mssql_fetch_row($result);
$rowk = $rowg[0];
$query = "select Vitality,Strength,Energy,Dexterity,LevelUpPoint,cLevel,Class,MapNumber,MapPosX,MapPosY,AccountID,ctlcode,money,PkCount from Character WHERE Name='$name'";
$result = mssql_query( $query );
$row = mssql_fetch_row($result);
$current_ip = getenv("REMOTE_ADDR");
$ippp = "select Ip,Reason,Gm from ip_bloc WHERE Ip='$current_ip'";


$test1 = "Select G_Name FROM GuildMember WHERE Name='$name'";
$test2 = mssql_query( $test1 );
$guild1 = mssql_fetch_row($test2);

$tezt1 = "select G_Master FROM Guild WHERE G_Name='$guild1[0]'";
$tezt2 = mssql_query( $tezt1 );
$GM = mssql_fetch_row($tezt2);


$allstats = $row[0] + $row[1] + $row[2] + $row[3] + $row[4];


$guild = "$guild1[0] - Guild Master: $GM[0]";

if ($row[6] == 0) { 
echo 'No such player found in database';
}
else {
$new_vit = $row[0];
$new_str = $row[1];
$new_eng = $row[2];
$new_agi = $row[3];
$levelup = $row[4];
$level = $row[5];
$mapx = $row[8];
$mapy = $row[9];
$acc = $row[10];
$code = $row[11];
$money = $row[12];
$pkcount = $row[13];
if ($row[13] > 0) {
$reason13 = $row[13]; }
elseif (0) {
$bloc_by = $row[14]; }
$acc1 = $acc;
if ($code == '8') {
$acc = '[hidden]';
}
if ($code == '24') {
$acc = '[hidden]';
}
if ($row[7] == 0) { 
$map = 'Lorencia';
}
if ($row[7] == 1) { 
$map = 'Dungeon';
}
if ($row[7] == 2) { 
$map = 'Davias';
}
if ($row[7] == 3) { 
$map = 'Noria';
}
if ($row[7] == 4) { 
$map = 'Lost tower';
}
if ($row[7] == 5) { 
$map = 'Excile';
}
if ($row[7] == 6) { 
$map = 'Arena';
}
if ($row[7] == 7) { 
$map = 'Atlans';
}
if ($row[7] == 8) { 
$map = 'Tarkan';
}
if ($row[7] == 9) { 
$map = 'Devil Square';
}
if ($row[7] == 10) { 
$map = 'Icarus(2)';
}
if ($row[7] == 11) { 
$map = 'Blood castle 1';
}
if ($row[7] == 12) { 
$map = 'Blood castle 2';
}
if ($row[7] == 13) { 
$map = 'Blood castle 3';
}
if ($row[7] == 14) { 
$map = 'Blood castle 4';
}
if ($row[7] == 15) { 
$map = 'Blood castle 5';
}
if ($row[7] ==16) { 
$map = 'Blood castle 6';
}
if ($row[7] ==17) { 
$map = 'Crystal map';
}
if ($row[7] ==19) { 
$map = 'Dare Devil';
}
if ($row[6] == 1) {
$class = 'Soul Master';
}
if($row[6] == 16){
$class = 'Dark Knight';
}
if($row[6] == 17){
$class = 'Blade Knight';
}
if($row[6] == 32){
$class = 'Elf';
}
if($row[6] == 33){
$class = 'Muse Elf';
}
if($row[6] == 48){
$class = 'Magic Gladiator';
}
if ($row[6] == 64) {
$class = 'Dark Lord';
}
if ($row[11] == 8) {
$code = 'Game Master';
$ccc1 = 'blue';
}
if ($row[11] == 24) {
$code = 'ADMINISTRATION ACCESS!';
$ccc1 = 'darkred';
}
if ($row[11] == 1) {
$code = 'Banned sucker!';
$ccc1 = 'red';
}
if ($row[11] == NULL) {
$code = 'Normal User';
$ccc1 = 'green';
}





$query = "select ConnectStat,ConnectTM,DisConnectTM,IP from MEMB_STAT WHERE memb___id='$acc1'";
$result = mssql_query( $query );
$row1 = mssql_fetch_row($result);
$ipp = $row1[3];
if ($row1[0] == 1) { 
$status = 'Online';
$ccc = 'green';
}
if ($row1[0] == 0) { 
$status = 'Offline';
$ccc = 'red';
}
$condate = $row1[1];
$discondate = $row1[2];



$query1 = "select resets from Character WHERE Name='$name'";
$result1 = mssql_query( $query1 );
$rowZ = mssql_fetch_row($result1);
$res3ts = $rowZ[0];
if ($rowZ[0] < '1') { 
$res3ts = 'n\a';
}
{


echo "<center>
		<div >
		<table border=0 cellspacing=0 cellpadding=0>
		<td width='200'>
				<font color='#4356FF'><b>
<tr><font color=red>
<td width=100px>Character</font></td>
<td width=150px><b>$name</font></td></b>
</tr>
<tr>
<td width=100px>Class type</font></td>
<td width=150px><b>$class</font></td></b>
</tr>
<tr>
<td width=100px>Level</font></td>
<td width=50px><b>$level</font></td></b>
</tr>

<tr>
<td width=100px>resets</font></td>
<td width=150px><b>$res3ts</font></td></b>
</tr>
<tr>
<td width=100px>Zen</font></td>
<td width=150px><b>$money</font></td></b>
</tr>
<tr>
<td width=100px>Kills</font></td>
<td width=150px><b>$pkcount</font></td></b>
</tr>
<tr>
<td width=100px>Guild</font></td>
<td width=270px><b>$guild</font></td></b>
</tr>
<tr>
<td width=100px>All STATS</font></td>
<td width=270px><b>$allstats</font></td></b>
</tr>

<br></font></center>";
}
}
?>
</table>
  <p>&nbsp;</p>
  <p class="style1"><strong>TOP 3 THE BEST PLAYERS</strong></p>
  <p>
    <?
include("config.php");
$query = "SELECT TOP 3 Name,Class,cLevel,Resets,MapNumber,AccountID,Money,PkCount from Character  order by Resets desc, cLevel desc";

$result = mssql_query($query);

echo '<center>
                                        

<table height=10 border="0" cellpadding="0" cellspacing="0" width="540" bordercolor=#666666 >                
<tr> 
<td valign=top align=center width=10><strong><font color=#000000>Rank</strong></td>
<td valign=top align=center width=10><strong><font color=#000000>Name</strong></td>
<td valign=top align=center width=20><strong><font color=#000000>Class</strong></td>
<td valign=top align=center width=30><strong><font color=#000000>Level</strong></td>
<td valign=top align=center width=20><strong><font color=#000000>Resets</strong></td>
<td valign=top align=center width=20><strong><font color=#000000>Money</strong></td>
<td valign=top align=center width=20><strong><font color=#000000>PK</strong></td>
</tr>';
for($i=0;$i < mssql_num_rows($result);++$i)
{
$row = mssql_fetch_row($result);

$query2="Select ConnectStat from MEMB_STAT where memb___id='$row[5]'";
$result2 = mssql_query($query2);
$row2 = mssql_fetch_row($result2);

$rank = $i+1;
if($row[1] == 0){ $row[1] ='DW';
}
if($row[1] == 1){ $row[1] ='SM';
}
if($row[1] == 16){ $row[1] ='DK';
}
if($row[1] == 17){ $row[1] ='BK';
}
if($row[1] == 32){ $row[1] ='ELF';
}
if($row[1] == 33){ $row[1] ='ME';
}
if($row[1] == 48){ $row[1] ='MG';
}
if($row[1] == 64){ $row[1] ='DL';
}
if($row[4] == 0){ $row[4] =  'Lorencia';
}
if($row[4] == 1){ $row[4] =  'Dungeon';
}
if($row[4] == 2){ $row[4] =  'Davias';
}
if($row[4] == 3){ $row[4] =  'Noria';
}
if($row[4] == 4){ $row[4] =  'Losttower';
}
if($row[4] == 5){ $row[4] =  'Exile';
}
if($row[4] == 8){ $row[4] =  'Tarkan';
}
if($row[4] == 7){ $row[4] =  'Atlans';
}
if($row[4] == 6){ $row[4] =  'Arena';
}
if($row[4] == 9){ $row[4] =  'Devil Square';
}
if($row[4] == 10){ $row[4] =  'Icarus';
}
if($row[4] == 11){ $row[4] =  'Blood Caslte1';
}
if($row[4] == 12){ $row[4] =  'Blood Caslte2';
}
if($row[4] == 13){ $row[4] =  'Blood Caslte3';
}
if($row[4] == 14){ $row[4] =  'Blood Caslte4';
}
if($row[4] == 15){ $row[4] =  'Blood Caslte5';
}
if($row[4] == 16){ $row[4] =  'Blood Caslte6';
}

echo "<tr><td valign=top align=center width=10><font color=#000000>$rank</td>
<td valign=top align=center width=20><font color=#666666><a href='whoiz.php?name=$row[0]'>$row[0]</td>

</td>
<td valign=top align=center width=20><font color=#666666>$row[1]</td>
<td valign=top align=center width=30><font color=#666666>$row[2]</td>
<td valign=top align=center width=20><font color=#666666>$row[3]</td>
<td valign=top align=center width=20><font color=#666666>$row[6]</td>
<td valign=top align=center width=20><font color=#666666>$row[7]</td>
<td valign=top align=center width=20><font color=#666666>$row[8]</td>
</tr>
</center>";
}

?>
    </table>
  </p>
  <p>&nbsp;</p>
  <p>

</div>
</body></html>

Обясни ми какво правят тея четири реда който си направил в червено и как чрез тях ти ще качиш "шел"?
 
  • Like
Reactions: enduwe
Обясни ми какво правят тея три реда който си направил в червено и как чрез тях ти ще качиш "шел"?

аз не разбирам от уплоад но някои които разбира ще каже от тука дали може да се уплоад ако от тука не може не знам :)
 
я кажи за кое съм тъп да ти се исмея аз малко :D

За т'ва, че казваш, че си намерил дупката... :) когато човек неразбира е по-добре или да замълчи или да попита :)
 
  • Like
Reactions: enduwe
Тва сега не е ли дупка ? Ако не ми вярваш ми влизаш в компа знам няколко сервера
и ще гледаш да видиме.Но ако това е дупка кво правиме ?Ако казваш че тва не е никаква дупка просто не знам...