strings have different sizes !"; return; } if (strlen($str1) != PAS_SIZE) { echo "

wrong string size"; return; } $startPos = 0; $retVal = ""; while($startPos < PAS_SIZE) { $hex1 = substr($str1, $startPos, 4); $hex2 = substr($str2, $startPos, 4); $startPos += 4; $num1 = 1 + "0x$hex1"; $num2 = 1 + "0x$hex2"; $num1--;$num2--; $num = $num1 ^ $num2; $retVal .= substr(sprintf("%x", "0x10000" + $num), 1); } return $retVal; } function xor_pas($hex_str) { return xorStr($hex_str, $GLOBALS["password"]); } function encode($sesID) { $sesID = xor_pas($sesID); return ENCODE_PREFIX . $sesID; } function decode($sesID) { $sedID = substr($sesID, strlen(ENCODE_PREFIX)); return xor_pas($sedID); } function isEncoded($sesID) { $prefixLen = strlen(ENCODE_PREFIX); return substr($sesID, 0 , $prefixLen) == ENCODE_PREFIX; } $Log_IP = $HTTP_POST_VARS["LOG_IP"]; if($Log_IP == "" || is_null($Log_IP)) { $HTTP_POST_VARS["LOG_IP"] = $REMOTE_ADDR; } //require_once($config->package_util."functions.php"); //GET ALL GET VARS while( list($key, $val) = each($HTTP_GET_VARS) ) { $HTTP_POST_VARS[$key] = $val; } $sesID = $HTTP_POST_VARS[SESSION_ID]; $foundSessionID = false; if ($sesID) { $foundSessionID = true; if (isEncoded($sesID)) { $encodedID = $sesID; $sesID = decode($encodedID); $HTTP_POST_VARS[SESSION_ID] = $sesID; } else { $encodedID = encode($sesID); } } //GET ALL POST VARS while(list($key, $val) = each($HTTP_POST_VARS)) { $repl = ereg_replace("&", "%26", $val); $param .= "&" . $key . "=" . stripslashes($repl); } $pos = strpos ($param, "parentid"); if ($pos === false) { $param = "parentid=" . parentID . $param; } else { $param = substr( $param, 1); } $pos = strpos ($param, "parentid"); //OPEN SOCKET $header = "POST ".PARENT_URL." HTTP/1.0\r\n"; $header .= "Content-type: application/x-www-form-urlencoded\r\n"; $header .= "Content-length: " . strlen($param) . "\r\n"; $header .= "Connection: close\r\n\r\n"; $fp = fsockopen(HOST_ADDRESS , 80, $errno, $errstr); $response = ""; $isBody = false; //echo "

in login php

"; //print "header $header
param $param"; if ($fp) { //echo "in login.php " . $header . $param . "
"; fputs($fp, $header . $param); while (!feof($fp)) { $line = fgets($fp,128); //check to remove received html header if ( $isBody == false && substr($line, 0, strlen(HEADER)) == HEADER ) $isBody = true; if ( $isBody == true ) $response .= $line; } /*if (!$foundSessionID) { $sesID = findSessionID($response); $encodedID = encode($sesID); } $response = str_replace($sesID, $encodedID, $response);*/ //echo " response = ".$response; print $response; $fp = fclose($fp); } else { echo "Error..."; } ?>