merkki spämmistä //deleted: eregi("g[2-7]", $encoded) || if (eregi(" [5-9][0-9]", $encoded) || eregi(" [2-5][0-9]", $encoded) || eregi(" [7-9][0-9]", $encoded) || eregi(" [0-6][0-9]", $encoded)) { echo "

501: Illegal function

POST not allowed.

"; exit(); } // voitaisiin myös tarkistaa ettei ole jo valmiiksi enkoodattuja ts. Џ tmv. .. /* OBSOLETE // tarkistetaan ettei ole käytetty Windows-1251-merkistöä tmv. // muutetaan siis syöte UTF-8:ksi ja sitten UTF-8 -> HTML-entiteetit kuten ekassa $encoded2 = mb_convert_encoding($tutkittava_stringi,"UTF-8","auto"); if (eregi(" [3-9][0-9]", $encoded2) || eregi(" [0-9][0-9]", $encoded2) || eregi(" [0-6][0-9]", $encoded2) ) { echo "

501: Illegal function

POST not allowed.

"; exit(); } $encoded2 = mb_convert_encoding($encoded2,"HTML-ENTITIES","auto"); if (eregi(" [3-9][0-9]", $encoded2) || eregi(" [0-9][0-9]", $encoded2) || eregi(" [0-6][0-9]", $encoded2)) { echo "

501: Illegal function

POST not allowed.

"; exit(); } // ja vielä yksi testi, jossa pyöräytetään eri tavalla, auttanee(?) eri merkistöihin: $convmap = array(0x0, 0x2FFFF, 0, 0xFFFF); $encoded3 = mb_encode_numericentity($tutkittava_stringi, $convmap, 'UTF-8'); if (eregi(" [3-9][0-9]", $encoded3) || eregi(" [0-9][0-9]", $encoded3) || eregi(" [0-6][0-9]", $encoded3)) { echo "

501: Illegal function

POST not allowed.

"; exit(); } */ // tarkistetaan yritetäänkö käyttää [url]- ja -tageja viestissä -> merkki spämmistä if (eregi("

501: Illegal function

POST not allowed.

Reason: links not allowed in this guestbook. Please try again after removing the link(s) in your message.

"; exit(); } /* POIS KÄYTÖSTÄ // tarkistetaan plektrafirma, mp-picks jne: if (eregi("plektrafirma", $syotetty_viesti) || eregi("mppicks", $syotetty_viesti) || eregi("mp-picks", $syotetty_viesti) || eregi("mp picks", $syotetty_viesti)) { echo "

501: Illegal function

POST not allowed.

Reason: Undefined (#420). Please contact admin AT ovaali DOT org.

"; exit(); } */ // crack serial keygen - spämmiä parse_str($_SERVER['QUERY_STRING'],$ryssatarkistus); if ($ryssatarkistus['error']==1) { echo "

501: Illegal function

POST not allowed.

"; exit(); } if (eregi(".ru", $syotetty_email) || eregi(".by", $syotetty_email)) { header("Location: http://ovaali.org/Altaria/guestbook/?error=1"); exit(); } if (eregi("serial", $syotetty_urlkuvaus) || eregi("crack", $syotetty_urlkuvaus) || eregi("keygen", $syotetty_urlkuvaus)) { header("Location: http://ovaali.org/Altaria/guestbook/?error=1"); exit(); } if (eregi(".ru", $syotetty_url) || eregi(".by", $syotetty_url) || eregi("serial", $syotetty_url) || eregi("crack", $syotetty_url) || eregi("keygen", $syotetty_url)) { header("Location: http://ovaali.org/Altaria/guestbook/?error=1"); exit(); } // rakenne: $a63="$a61|$a31|$a59|$a33|$a34|$a35|$a36|$a37|$a38|$a39|$HTTP_USER_AGENT||"; // $nro|ip |pvm |nimi|email|URL |desc| ? |msg |icq | browser |reply?| } // ao. suoritetaan aina, oli "admin=true" tai ei: include "config.php"; include "passwd.php"; function a1(){ global $a11,$a12,$a13,$a25; if(!empty($a25))$a25="$a25"; else{ $a25="0";} // $blokatut_urlit = ".ru"; if ($_SERVER['HTTP_USER_AGENT']=="Mozilla/4.0 (compatible; MSIE 5.5; Windows 98; Win 9x 4.90)") { // $tttemp = explode(".", $_SERVER['HTTP_X_FORWARDED_FOR']); // $tttemp2 = explode(".", $_SERVER['REMOTE_ADDR']); // // if ($tttemp[0]=="192" && $tttemp[1]=="168") { // echo "Forbidden access. Reason: invalid IP address ("; // echo $_SERVER['HTTP_X_FORWARDED_FOR'] . ")"; // exit(); // } // // else if ($tttemp2[0]=="192" && $tttemp2[1]=="168") { $hakija = gethostbyaddr($REMOTE_ADDR); if (substr($hakija,strlen($hakija)-3,strlen($hakija)-1) == ".ru") { echo "

501: Unsupported operation.

POST not allowed.

"; exit(); } } // blockataan IP-osoitteen perusteella: include("blocked.php"); foreach($addr AS $key=>$value) { if (strpos($_SERVER['REMOTE_ADDR'], $value)) { echo "

403: Forbidden.

Access to /guestbook/ is forbidden by (1).

"; exit(); } else if (strpos(getenv("REMOTE_ADDR"), $value)) { echo "

403: Forbidden.

Access to /guestbook/ is forbidden by (2).

"; exit(); } else if (strpos($REMOTE_ADDR, $value)) { echo "

403: Forbidden.

Access to /guestbook/ is forbidden by (3).

"; exit(); } } # eof-japanspam ?> Altaria - Official Homepage


ALTARIA
latest newslineup | member-info | historycurrent and previous ALTARIA releasesALTARIA on stagephotos | goodiesmerchandisingpartners & friendsit's your turn!discussion boardcontact & booking information
ALTARIA




Read Guestbook
Write To Guestbook
Marco: vocals
Pete: guitars
JP: guitars
Tony: drums





Content: © 2003 ALTARIA • Concept & Design: © 2003 meta:graphic | designbureau


"; $a43="";} if(empty($a41)){ $a41="";} else{ #$a41=htmlspecialchars($a41); $a41 = str_replace("\r\n","
",$a41); $a41 = str_replace("\n","
",$a41); $a41 = str_replace("\r","
",$a41); $a41 = stripcslashes($a41); $a41 = "$a41";} ?> "); echo (""); echo (""); echo (""); } ?>
Name: $a33 "); } ?> $a36 ]"); } ?>
Message:

Reply:$a41

=$a3){ ?>  | First messages | Previous messages |   | Next messages | &a28=">Last messages | 
"; if($a47=="a34")$a48=$a48 . "E-Mail address is invalid."; $a34=urldecode($a34); if(eregi(".ru", $a34)) { $a47="ryssaesaitti"; // $a34 = ""; $a48 = "Unsupported operation."; } $a35=urldecode($a35); if(eregi(".ru", $a35)) { $a47="ryssaemeili"; // $a35 = ""; $a48 = "Unsupported operation."; } a1(); ?>
"); } ?>
Write to guestbook
*Name:
E-Mail:
Homepage address:
Homepage name:
Location:
*Message:
 
         

* obligatory fields

$a48

"; $a52="";} a2();} function a6(){ global $HTTP_USER_AGENT,$HTTP_X_FORWARDED_FOR,$REMOTE_ADDR,$REMOTE_HOST,$a1,$a2,$a4,$a6,$a7,$a8,$a9,$a10,$a11,$a31,$a33,$a34,$a35,$a36,$a37,$a38,$a39,$a53; if(!empty($a34)){ if(!eregi("^[a-z0-9\._-]+@[a-z0-9\._-]+\.[a-z]{2,4}\$",$a34)){ header("location:$a1?a66=a1&a33=$a33&a34=$a34&a35=$a35&a36=$a36&a37=$a37&a38=$a38&a39=$a39&a47=a34"); exit;}} if(empty($a33)||empty($a38)){ header("location:$a1?a66=a1&a33=$a33&a34=$a34&a35=$a35&a36=$a36&a37=$a37&a38=$a38&a39=$a39&a47=1"); exit;} if(empty($a34))$a34=""; if(empty($a35))$a35=""; if(empty($a36))$a36="$a35"; #if(!ereg("^http://(.*)",$a35))$a35="http://$a35"; if(isset($HTTP_X_FORWARDED_FOR)){ $a54=gethostbyaddr($HTTP_X_FORWARDED_FOR);} else{ $a54=gethostbyaddr($REMOTE_ADDR);} $a31=gethostbyname("$a54"); if($a9=="1"){ include "badwords.php"; $a55=sizeof($a56); for($a29=0;$a29<$a55;$a29++){ $a57=$a56[$a29]; if(eregi($a57,$a33)||eregi($a57,$a34)||eregi($a57,$a35)||eregi($a57,$a36)||eregi($a57,$a37)||eregi($a57,$a38)){ $a33=str_replace($a57,"***",$a33); $a34=str_replace($a57,"***",$a34); $a35=str_replace($a57,"***",$a35); $a36=str_replace($a57,"***",$a36); $a37=str_replace($a57,"***",$a37); $a38=str_replace($a57,"***",$a38);}}} if(crypt($a39,"$a10")!=$a53){ $a33=htmlspecialchars($a33); $a33=stripcslashes($a33); $a33=trim($a33); $a33=str_replace("@","a",$a33); $a33=str_replace("|","I",$a33); $a33=str_replace("$","S",$a33); $a33=str_replace("][","X",$a33); $a33=str_replace("}{","X",$a33); $a33=str_replace("[","/",$a33); $a33=str_replace("]","/",$a33); $a33=str_replace("{","/",$a33); $a33=str_replace("}","/",$a33); $a33=str_replace("#","N",$a33); $a33=substr($a33,0,16); $a34=htmlspecialchars($a34); $a34=stripcslashes($a34); $a34=trim($a34); $a34=str_replace("|","",$a34); $a34=str_replace("$","",$a34); $a34=str_replace("*","",$a34); $a34=str_replace("!","",$a34); $a34=str_replace("[","",$a34); $a34=str_replace("]","",$a34); $a34=str_replace("{","",$a34); $a34=str_replace("}","",$a34); $a34=str_replace("#","",$a34); $a34=str_replace("/","",$a34); $a34=substr($a34,0,64); $a35=htmlspecialchars($a35); $a35=stripcslashes($a35); $a35=trim($a35); $a35=str_replace("@","a",$a35); $a35=str_replace("|","I",$a35); $a35=str_replace("$","S",$a35); $a35=str_replace("][","X",$a35); $a35=str_replace("}{","X",$a35); $a35=str_replace("[","/",$a35); $a35=str_replace("]","/",$a35); $a35=str_replace("{","/",$a35); $a35=str_replace("}","/",$a35); # $a35=str_replace("#","N",$a35); $a35=substr($a35,0,64); $a36=htmlspecialchars($a36); $a36=stripcslashes($a36); $a36=trim($a36); $a36=str_replace("@","a",$a36); $a36=str_replace("|","I",$a36); $a36=str_replace("$","S",$a36); $a36=str_replace("][","X",$a36); $a36=str_replace("}{","X",$a36); $a36=str_replace("[","/",$a36); $a36=str_replace("]","/",$a36); $a36=str_replace("{","/",$a36); $a36=str_replace("}","/",$a36); # $a36=str_replace("#","N",$a36); $a36=substr($a36,0,32); $a37=htmlspecialchars($a37); $a37=stripcslashes($a37); $a37=trim($a37); $a37=str_replace("@","a",$a37); $a37=str_replace("|","I",$a37); $a37=str_replace("$","S",$a37); $a37=str_replace("][","X",$a37); $a37=str_replace("}{","X",$a37); $a37=str_replace("[","/",$a37); $a37=str_replace("]","/",$a37); $a37=str_replace("{","/",$a37); $a37=str_replace("}","/",$a37); # $a37=str_replace("#","N",$a37); $a37=substr($a37,0,24); $a38=htmlspecialchars($a38); $a38 = str_replace("\r\n","
",$a38); $a38 = str_replace("\n","
",$a38); $a38 = str_replace("\r","
",$a38); $a38=stripcslashes($a38); $a38=trim($a38); # $a38=str_replace("@","a",$a38); $a38=str_replace("|","I",$a38); # $a38=str_replace("$","S",$a38); # $a38=str_replace("][","X",$a38); $a38=str_replace("}{","X",$a38); # $a38=str_replace("[","/",$a38); # $a38=str_replace("]","/",$a38); # $a38=str_replace("{","/",$a38); # $a38=str_replace("}","/",$a38); # $a38=str_replace("#","N",$a38); $a38=substr($a38,0,1024);} else{ $a39="";} $a39=ereg_replace("[^0-9]","",$a39); $a39=substr($a39,0,9); if(empty($a39))$a39="n/a"; $a58=array("January","February","March","April","May","June","July","August","September","October","November","December"); $a103=array("1st","2nd","3rd","4th","5th","6th","7th","8th","9th","10th","11th","12th","13th","14th","15th","16th","17th","18th","19th","20th","21st","22nd","23rd","24th","25th","26th","27th","28th","29th","30th","31st"); $a59=$a58[date("m")-1]." ".$a103[date("d")-1]." ".date("Y").","." ".date("H:i"); $a60=fopen("counter.php","r"); $a61=fread($a60,filesize("counter.php")); if (filesize("counter.php") == 0) { echo "Error: filesize(counter.php)==0"; exit; } fclose($a60); $a61++; $a60=fopen("counter.php","w"); flock($a60,2); fputs($a60,$a61); flock($a60,3); fclose($a60); $a62=file('vierkir.php'); $a38=stripcslashes($a38); $a63="$a61|$a31|$a59|$a33|$a34|$a35|$a36|$a37|$a38|$a39|$HTTP_USER_AGENT||"; $a60=fopen('vierkir.php',"w"); flock($a60,1); fwrite($a60,"$a63\n"); for($a29=0;$a29<$a4;$a29++){ @fwrite($a60,"$a62[$a29]");} flock($a60,3); fclose($a60); if($a8=="1"&&!empty($a7)){ $a64="From:Guest book: $a11<>\nReply-To:$a34"; $a65="New message from: $a33"; $a63="[$a59] $a37 $a34 $a35 ICQ: $a39\n\n$a33: $a38\n\nip: $a31\nhost: $REMOTE_HOST\nsystem: $HTTP_USER_AGENT"; $a63=str_replace("
","\n",$a63); $a6=convert_cyr_string($a6,'w','k'); $a63=convert_cyr_string($a63,'w','k'); $a64=convert_cyr_string($a64,'w','k'); $a65=convert_cyr_string($a65,'w','k'); // mail("$a6 <$a7>",$a65,$a63,$a64); } header("location:$a1?a66=a3"); exit;} function a7(){ global $a1,$a12,$a13,$a16,$a17,$a19,$a22,$a53,$a66,$a67; a1(); ?>


Administrating

Password: 

cellpadding=1 cellspacing=1 width="100%" class="gbook">
interface | adjustment | change password | add record

=$a4+1)$a69="older messages are deleted"; else $a69="stayed: $a68"; ?> The whole records:  () ",$a41); $a41 = str_replace("\n","
",$a41); $a41 = str_replace("\r","
",$a41); $a41 = stripcslashes($a41); # $a41=str_replace("
","\n",$a41); ?>
 []
[read book]
#: 
----------
add
comment
=$a3){ ?>
First nessages Previous messages Next messages &a28=&a67=">Last messages






cellpadding=1 cellspacing=1 width=448>
read book | enter again | add record
",$a41); $a41 = str_replace("\n","
",$a41); $a41 = str_replace("\r","
",$a41); $a41=str_replace("|","I",$a41); $a41=str_replace("#","N",$a41); $a41=str_replace("","?>",$a41); $a41 = stripcslashes($a41); $a38=stripcslashes($a38); $a71=file('vierkir.php'); for($a29=0;$a29<=count($a71);$a29++){ if(@ereg("^$a30\|",$a71[$a29]))$a71[$a29]="$a30|$a31|$a32|$a33|$a34|$a35|$a36|$a37|$a38|$a39|$a40|$a41|\n";} $a60=fopen('vierkir.php',"w"); flock($a60,2); for($a29=0;$a29<=count($a71);$a29++){ if(isset($a71[$a29]))fputs($a60,$a71[$a29]);} flock($a60,3); fclose($a60); header("location:$a1?a66=a6&a26=$a26&a28=$a28&a67=$a67"); exit;} else{ $a71=file('vierkir.php'); for($a29=0;$a29<=count($a71);$a29++){ if(ereg("^$a30\|",$a71[$a29]))unset($a71[$a29]);} $a60=fopen('vierkir.php',"w"); flock($a60,2); for($a29=0;$a29<=count($a71);$a29++){ if(isset($a71[$a29]))fputs($a60,$a71[$a29]);} flock($a60,3); fclose($a60); header("location:$a1?a66=a6&a26=$a26&a28=$a28&a67=$a67"); exit;}}} function a10(){ global $a1,$a10,$a12,$a13,$a16,$a17,$a19,$a22,$a42,$a53,$a66,$a67,$a72,$a73,$a74; if($a67!=$a53){ if(!empty($a67)){ $a67=crypt($a67,$a10);}} if($a67!=$a53){ a1(); a7(); a2();} else{ if(empty($a42)){ a1(); ?>


Changing a password
method=post>
old password
new password
again new




Old password is invalid.




New password is not entered.




Mistake under repeat entering a new password.

"); flock($a60,3); fclose($a60); a1(); ?>





cellpadding=1 cellspacing=1 width=448>
read book | enter again | add record

  Adjustment
 filename of script of php_self (whereupon - rename file itself)
 filename of base of messages (whereupon - rename file itself)
 amount of records on one page
 maximum amount of record, keeping in base
 path to QIM (Quick ICQ Message)
 name of administrator
 E-Mail of administrator
name="a82" type="checkbox" value=1>  to report new messages on E-Mail of administrator
name="a83" type="checkbox" value=1>  to use 'bad words' filter


read book | enter again | add record
method=post>
  Interface
-   book name
-   background image
    color of main background
    color of main border
    background color of lining
    text color
    color of border of message
    color of headline of message
    color of text of headline
    color of subheading of message
    color of text of subheading
    background color of message
    color of text of message
    color of text of ICQ UIN & IP-address
    color of name of administrator


cellpadding=1 cellspacing=1 width=448 class="gbook">
read book | enter again | add record