tommern82.com
Open in
urlscan Pro
178.21.130.30
Public Scan
URL:
https://tommern82.com/index.html
Submission Tags: @ecarlesi threat phishing Search All
Submission: On January 09 via api from IT — Scanned from NO
Submission Tags: @ecarlesi threat phishing Search All
Submission: On January 09 via api from IT — Scanned from NO
Form analysis 2 forms found in the DOM
Name: loginform — POST <?php echo basename(__FILE__); ?>
<form name="loginform" method="post" accept-charset="UTF-8" action="<?php echo basename(__FILE__); ?>" id="loginform">
<input type="hidden" name="form_name" value="loginform">
<table id="Login1" class="wb-theme-content">
<tbody>
<tr>
<td class="input wb-theme-header">Login</td>
</tr>
<tr>
<td class="label"><label for="username">Brukernavn</label></td>
</tr>
<tr>
<td class="row"><input class="input wb-theme-content" name="username" type="text" id="username" value="<?php echo $username; ?>"></td>
</tr>
<tr>
<td class="label"><label for="password">Passord</label></td>
</tr>
<tr>
<td class="row"><input class="input wb-theme-content" name="password" type="password" id="password" value="<?php echo $password; ?>"></td>
</tr>
<tr>
<td class="row"><input id="rememberme" type="checkbox" name="rememberme"><label for="rememberme">Husk meg</label></td>
</tr>
<tr>
<td style="text-align:left;vertical-align:bottom"><input class="button wb-theme-button" type="submit" name="login" value="Login" id="login"></td>
</tr>
</tbody>
</table>
</form>Name: signupform — POST <?php echo basename(__FILE__); ?>
<form name="signupform" method="post" accept-charset="UTF-8" action="<?php echo basename(__FILE__); ?>" id="signupform">
<input type="hidden" name="form_name" value="signupform">
<table id="Signup1" class="wb-theme-content">
<tbody>
<tr>
<td class="input wb-theme-header">Sign up for a new account</td>
</tr>
<tr>
<td class="label"><label for="fullname">Full Name</label></td>
</tr>
<tr>
<td class="row"><input class="input wb-theme-content" name="fullname" type="text" id="fullname" value="<?php echo htmlspecialchars($newfullname); ?>"></td>
</tr>
<tr>
<td class="label"><label for="username">User Name</label></td>
</tr>
<tr>
<td class="row"><input class="input wb-theme-content" name="username" type="text" id="username" value="<?php echo htmlspecialchars($newusername); ?>"></td>
</tr>
<tr>
<td class="label"><label for="password">Password</label></td>
</tr>
<tr>
<td class="row"><input class="input wb-theme-content" name="password" type="password" id="password"></td>
</tr>
<tr>
<td class="label"><label for="confirmpassword">Confirm Password</label></td>
</tr>
<tr>
<td class="row"><input class="input wb-theme-content" name="confirmpassword" type="password" id="confirmpassword"></td>
</tr>
<tr>
<td class="label"><label for="email">E-mail</label></td>
</tr>
<tr>
<td class="row"><input class="input wb-theme-content" name="email" type="text" id="email" value="<?php echo htmlspecialchars($newemail); ?>"></td>
</tr>
<tr>
<td><!--?php echo $error_message; ?--></td>
</tr>
<tr>
<td style="text-align:center;vertical-align:bottom"><input class="button wb-theme-button" type="submit" name="signup" value="Create User" id="signup"></td>
</tr>
</tbody>
</table>
</form>Text Content
'.mysqli_error($db)); } mysqli_select_db($db, $mysql_database) or die('Failed to
select database
'.mysqli_error($db)); mysqli_set_charset($db, 'utf8'); $username =
mysqli_real_escape_string($db, $_POST['username']); $sql = "SELECT * FROM
".$mysql_table." WHERE username = '".$username."' OR email = '".$username."'";
$result = mysqli_query($db, $sql); if ($data = mysqli_fetch_array($result)) { if
($crypt_pass == $data['password'] && $data['active'] != 0) { $found = true;
$db_email = $data['email']; $db_fullname = $data['fullname']; $db_username =
$data['username']; $db_role = $data['role']; $folder =
substr($_SERVER['REQUEST_URI'], 0, strrpos($_SERVER['REQUEST_URI'], '/') + 1);
$db_avatar = (isset($_SERVER['HTTPS']) ? "https" : "http") .
"://$_SERVER[HTTP_HOST]$folder" . "avatars/" . $data['avatar']; $sql = "INSERT
USERS_LOG
(`username`,`date`,`time`,`ip_address`,`user_agent`,`referrer`,`status`) VALUES
('$db_username','$log_date','$log_time','$log_ip_address','$log_user_agent','$log_referrer',
'SUCCESS')"; mysqli_query($db, $sql); } else { $username =
mysqli_real_escape_string($db, $_POST['username']); $sql = "INSERT USERS_LOG
(`username`,`date`,`time`,`ip_address`,`user_agent`,`referrer`,`status`) VALUES
('$username','$log_date','$log_time','$log_ip_address','$log_user_agent','$log_referrer',
'FAILED')"; mysqli_query($db, $sql); } } mysqli_close($db); if ($found == false)
{ header('Location: '.$error_page); exit; } else { $_SESSION['email'] =
$db_email; $_SESSION['fullname'] = $db_fullname; $_SESSION['username'] =
$db_username; $_SESSION['role'] = $db_role; $_SESSION['avatar'] = $db_avatar;
$_SESSION['expires_by'] = time() + $session_timeout;
$_SESSION['expires_timeout'] = $session_timeout; $rememberme =
isset($_POST['rememberme']) ? true : false; if ($rememberme) {
setcookie('username', $db_username, time() + 3600*24*30); setcookie('password',
$_POST['password'], time() + 3600*24*30); } header('Location: '.$success_page);
exit; } } $username = isset($_COOKIE['username']) ? $_COOKIE['username'] : '';
$password = isset($_COOKIE['password']) ? $_COOKIE['password'] : '';
$mysql_server = 'sql32.mcb.webhuset.no'; $mysql_username = '189035_brukere';
$mysql_password = '9389Tom'; $mysql_database = '189035_brukere'; $mysql_table =
'USERS'; $success_page = ''; $newusername = ''; $newemail = ''; $newfullname =
''; $error_message = ''; if ($_SERVER['REQUEST_METHOD'] == 'POST' &&
isset($_POST['form_name']) && $_POST['form_name'] == 'signupform') {
$newusername = $_POST['username']; $newemail = $_POST['email']; $newpassword =
$_POST['password']; $confirmpassword = $_POST['confirmpassword']; $newfullname =
$_POST['fullname']; $code = 'NA'; if ($newpassword != $confirmpassword) {
$error_message = 'Password and Confirm Password are not the same!'; } else if
(!preg_match("/^[A-Za-z0-9-_!@$ ]{1,50}$/", $newusername)) { $error_message =
'Username is not valid, please check and try again!'; } else if
(!preg_match("/^[A-Za-z0-9-_!@$]{1,50}$/", $newpassword)) { $error_message =
'Password is not valid, please check and try again!'; } else if
(!preg_match("/^[A-Za-z0-9-_!@$ ]{1,50}$/", $newfullname)) { $error_message =
'Fullname is not valid, please check and try again!'; } else if
(!preg_match("/^.+@.+\..+$/", $newemail)) { $error_message = 'Email is not a
valid email address. Please check and try again.'; } if (empty($error_message))
{ $db = mysqli_connect($mysql_server, $mysql_username, $mysql_password); if
(!$db) { die('Failed to connect to database server!
'.mysqli_error($db)); } mysqli_select_db($db, $mysql_database) or die('Failed to
select database
'.mysqli_error($db)); mysqli_set_charset($db, 'utf8'); $sql = "SELECT username
FROM ".$mysql_table." WHERE username = '".$newusername."'"; $result =
mysqli_query($db, $sql); if ($data = mysqli_fetch_array($result)) {
$error_message = 'Username already used. Please select another username.'; } }
if (empty($error_message)) { $crypt_pass = md5($newpassword); $newusername =
mysqli_real_escape_string($db, $newusername); $newemail =
mysqli_real_escape_string($db, $newemail); $newfullname =
mysqli_real_escape_string($db, $newfullname); $sql = "INSERT `".$mysql_table."`
(`username`, `password`, `fullname`, `email`, `active`, `code`, `role`) VALUES
('$newusername', '$crypt_pass', '$newfullname', '$newemail', 1, '$code', '')";
$result = mysqli_query($db, $sql); mysqli_close($db); $subject = 'Your new
account'; $message = 'A new account has been setup.'; $message .= "\r\nUsername:
"; $message .= $newusername; $message .= "\r\nPassword: "; $message .=
$newpassword; $message .= "\r\n"; $header = "From:
webmaster@yourwebsite.com"."\r\n"; $header .= "Reply-To:
webmaster@yourwebsite.com"."\r\n"; $header .= "MIME-Version: 1.0"."\r\n";
$header .= "Content-Type: text/plain; charset=utf-8"."\r\n"; $header .=
"Content-Transfer-Encoding: 8bit"."\r\n"; $header .= "X-Mailer: PHP
v".phpversion(); mail($newemail, $subject, $message, $header); header('Location:
'.$success_page); exit; } } ?> Home
Velkommen!
Login Registrer Login
Login Brukernavn Passord Husk meg
Sign up for a new account Full Name User Name Password Confirm Password E-mail
* Hjem
* Om oss
* Kontakt oss
* Galleri
1.
2.
3.
4.
5.
© Copyright 2024 Vermelid Transport AS- All Rights Reserved.