%PDF- %PDF- 403WebShell
403Webshell
Server IP : 37.220.80.31  /  Your IP : 3.15.219.174
Web Server : Apache/2.4.52 (Ubuntu)
System : Linux 3051455-guretool.twc1.net 5.15.0-107-generic #117-Ubuntu SMP Fri Apr 26 12:26:49 UTC 2024 x86_64
User : www-root ( 1010)
PHP Version : 7.4.33
Disable Function : pcntl_alarm,pcntl_fork,pcntl_waitpid,pcntl_wait,pcntl_wifexited,pcntl_wifstopped,pcntl_wifsignaled,pcntl_wexitstatus,pcntl_wtermsig,pcntl_wstopsig,pcntl_signal,pcntl_signal_dispatch,pcntl_get_last_error,pcntl_strerror,pcntl_sigprocmask,pcntl_sigwaitinfo,pcntl_sigtimedwait,pcntl_exec,pcntl_getpriority,pcntl_setpriority,
MySQL : OFF  |  cURL : ON  |  WGET : OFF  |  Perl : OFF  |  Python : OFF  |  Sudo : OFF  |  Pkexec : OFF
Directory :  /var/www/www-root/data/www/dev.artlot24.ru/bitrix/modules/security/admin/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :

[ Back ]     

Current File : /var/www/www-root/data/www/dev.artlot24.ru/bitrix/modules/security/admin/security_session.php
<?php

use Bitrix\Main\Config\Configuration;
use Bitrix\Main\Localization\Loc;
use Bitrix\Main\Session\Handlers\StrictSessionHandler;
use Bitrix\Main\Session\SessionConfigurationResolver;

define("ADMIN_MODULE_NAME", "security");

require_once($_SERVER["DOCUMENT_ROOT"]."/bitrix/modules/main/include/prolog_admin_before.php");

CModule::IncludeModule('security');
IncludeModuleLangFile(__FILE__);

/**
 * @global CMain $APPLICATION
 * @global CUser $USER
 */
$canRead = $USER->CanDoOperation('security_session_settings_read');
$canWrite = $USER->CanDoOperation('security_session_settings_write');
if(!$canRead && !$canWrite)
	$APPLICATION->AuthForm(GetMessage("ACCESS_DENIED"));

$aTabs = array(
	array(
		"DIV" => "savedb",
		"TAB" => GetMessage("SEC_SESSION_ADMIN_SAVEDB_TAB_V2"),
		"ICON"=>"main_user_edit",
		"TITLE"=>GetMessage("SEC_SESSION_ADMIN_SAVEDB_TAB_TITLE_V2"),
	),
	array(
		"DIV" => "sessid",
		"TAB" => GetMessage("SEC_SESSION_ADMIN_SESSID_TAB"),
		"ICON"=>"main_user_edit",
		"TITLE"=>GetMessage("SEC_SESSION_ADMIN_SESSID_TAB_TITLE"),
	),
);
$tabControl = new CAdminTabControl("tabControl", $aTabs, true, true);

$returnUrl = $_GET["return_url"]? "&return_url=".urlencode($_GET["return_url"]): "";

if(
	$_SERVER['REQUEST_METHOD'] == "POST"
	&& (
		$_REQUEST['save'].$_REQUEST['apply'] != ""
		|| $_REQUEST['sessid_ttl_off'].$_REQUEST['sessid_ttl_on'] != ""
	)
	&& $canWrite
	&& check_bitrix_sessid()
)
{
	$ttl = intval($_POST["sessid_ttl"]);
	if($ttl <= 0)
		$ttl = 60;
	COption::SetOptionInt("main", "session_id_ttl", $ttl);

	if(array_key_exists("sessid_ttl_on", $_POST))
	{
		COption::SetOptionString("main", "use_session_id_ttl", "Y");
	}
	elseif(array_key_exists("sessid_ttl_off", $_POST))
	{
		COption::SetOptionString("main", "use_session_id_ttl", "N");
	}

	if($_REQUEST["save"] != "" && $_GET["return_url"] != "")
		LocalRedirect($_GET["return_url"]);
	else
		LocalRedirect("/bitrix/admin/security_session.php?lang=".LANGUAGE_ID.$returnUrl."&".$tabControl->ActiveTabParam());
}

$APPLICATION->SetTitle(GetMessage("SEC_SESSION_ADMIN_TITLE"));
require($_SERVER["DOCUMENT_ROOT"]."/bitrix/modules/main/include/prolog_admin_after.php");

$session = \Bitrix\Main\Application::getInstance()->getSession();
if (method_exists($session, 'getSessionHandler'))
{
	$sessionHandler = $session->getSessionHandler();
}
else
{
	$reflectionClass = new \ReflectionClass($session);
	$reflectionProperty = $reflectionClass->getProperty('sessionHandler');
	$reflectionProperty->setAccessible(true);
	$sessionHandler = $reflectionProperty->getValue($session);
}

$resolver = new SessionConfigurationResolver(Configuration::getInstance());
$sessionConfig = $resolver->getSessionConfig();
$generalHandlerType = $sessionConfig['handlers']['general']['type'] ?? null;
$sessionInFiles = $sessionHandler instanceof StrictSessionHandler;

$showSecondMessage = true;
$messages = array();
if (!$sessionInFiles)
{
	$messageType = "OK";
	$nameOfStorage = Loc::getMessage("SEC_SESSION_ADMIN_STORAGE_NAME_TYPE_" . strtoupper($generalHandlerType));
	$messageText = GetMessage("SEC_SESSION_ADMIN_STORAGE_WITH_SESSION_DATA", ['#NAME#' => $nameOfStorage]);

	if(COption::GetOptionString("main", "use_session_id_ttl") == "Y")
	{
		$messageText .= "<br>";
		$messageText .= GetMessage("SEC_SESSION_ADMIN_SESSID_ON");
		$showSecondMessage = false;
	}
	$messages[] = array("type" => $messageType, "text" => $messageText);
}
else
{
	$messageType = "ERROR";
	$messageText = GetMessage("SEC_SESSION_ADMIN_STORAGE_IN_FILES");
	if(COption::GetOptionString("main", "use_session_id_ttl") != "Y")
	{
		$messageText .= "<br>";
		$messageText .= GetMessage("SEC_SESSION_ADMIN_SESSID_OFF");
		$showSecondMessage = false;
	}
	$messages[] = array("type" => $messageType, "text" => $messageText);
}

if($showSecondMessage)
{
	if(COption::GetOptionString("main", "use_session_id_ttl") == "Y")
	{
		$messages[] = array(
			"type" => "OK",
			"text" => GetMessage("SEC_SESSION_ADMIN_SESSID_ON")
		);
	}
	else
	{
		$messages[] = array(
			"type" => "ERROR",
			"text" => GetMessage("SEC_SESSION_ADMIN_SESSID_OFF")
		);
	}
}

foreach($messages as $message)
{
	CAdminMessage::ShowMessage(array(
				"MESSAGE" => $message["text"],
				"TYPE" => $message["type"],
				"HTML" => true
			));
}
?>

<form method="POST" action="security_session.php?lang=<?=LANGUAGE_ID?><?=$returnUrl?>"  enctype="multipart/form-data" name="editform">
<?
$tabControl->Begin();
$tabControl->BeginNextTab();
?>
<tr>
	<td colspan="2">
		<?echo BeginNote();?><?echo GetMessage("SEC_SESSION_ADMIN_DB_NOTE_V2")?>
		<?echo EndNote(); ?>
	</td>
</tr>
<tr>
	<td colspan="2">
		<?echo BeginNote();?><span style="color:red">*</span><?echo GetMessage("SEC_SESSION_ADMIN_DB_WARNING")?>
		<?echo EndNote(); ?>
	</td>
</tr>
<?
$tabControl->BeginNextTab();
?>
<?if(COption::GetOptionString("main", "use_session_id_ttl") == "Y"):?>
		<td colspan="2" align="left">
			<input type="submit" name="sessid_ttl_off" value="<?echo GetMessage("SEC_SESSION_ADMIN_SESSID_BUTTON_OFF")?>"<?if(!$canWrite) echo " disabled"?>>
		</td>
	</tr>
<?else:?>
	<tr>
		<td colspan="2" align="left">
			<input type="submit" name="sessid_ttl_on" value="<?echo GetMessage("SEC_SESSION_ADMIN_SESSID_BUTTON_ON")?>"<?if(!$canWrite) echo " disabled"?> class="adm-btn-save">
		</td>
	</tr>
<?endif;?>
<tr>
	<td width="40%"><?echo GetMessage("SEC_SESSION_ADMIN_SESSID_TTL")?>:</td>
	<td width="60%"><input type="text" name="sessid_ttl" size="6" value="<?echo COption::GetOptionInt("main", "session_id_ttl", 60)?>"></td>
</tr>
<tr>
	<td colspan="2">
		<?echo BeginNote();?><?echo GetMessage("SEC_SESSION_ADMIN_SESSID_NOTE")?>
		<?echo EndNote(); ?>
	</td>
</tr>
<?
$tabControl->Buttons(
	array(
		"disabled"=>(!$canWrite),
		"back_url"=>$_GET["return_url"]? $_GET["return_url"]: "security_session.php?lang=".LANG,
	)
);
?>
<?echo bitrix_sessid_post();?>
<input type="hidden" name="lang" value="<?echo LANG?>">
<?
$tabControl->End();
?>
</form>
<?
require($_SERVER["DOCUMENT_ROOT"]."/bitrix/modules/main/include/epilog_admin.php");
?>

Youez - 2016 - github.com/yon3zu
LinuXploit