archive
/
utd-control-panel
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Unsupported scripts and control panel web app for a hosting company
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
Branch: master
Branches Tags
${ item.name }
Create branch ${ searchTerm }
from 'master'
${ noResults }
utd-control-panel/www/spoofuser.php

spoofuser.php 665B
Permalink History Raw

12345678910111213141516171819202122 
  1. <?PHP

  2. 

  3.  require_once('lib/common.php');

  4.  require_once('lib/database.php');

  5.  require_once('lib/account.php');

  6. 

  7.  checkAccess(ADMIN);

  8.  

  9.  if (defined('ADMIN') && ADMIN) {

  10.   $sql  = 'UPDATE sessions SET session_spoof = '.m($_GET['n']).' WHERE ';

  11.   $sql .= 'session_ident = \''.m($_COOKIE['utdsid']).'\'';  

  12.   mysql_query($sql) or mf(__FILE__, __LINE__, $sql);

  13.   $sql = 'SELECT user_name FROM users WHERE user_id = '.m($_GET['n']);

  14.   $res = mysql_query($sql) or mf(__FILE__, __LINE__, $sql);

  15.   $row = mysql_fetch_array($res);

  16.   logger::log('Spoofing user '.$row['user_name'], logger::normal);

  17.   header('Location: '.CP_PATH);

  18.  } else {

  19.   die('You\'re no admin!');

  20.  }

  21.  

  22. ?>