IP.Board Development Console

[NewEraCracker]

I was bored and designed this script.
Enjoy developers

<?php
/**
 * IP.Board Development Console
 *
 * @author NewEraCracker
 * @version 1.0.0 Beta
 * @license Public Domain
 *
 * @notes IP.Board is a registered trademark of Invision Power Services
 *
 * Install Notes:
 * - Place in IP.Board root dir (That one with index.php, initdata.php, conf_global.php and others)
 * - You are advised to only use this in a developement enviroment. NEVER USE THIS IN PRODUCTION!
 */
 
//-----------------------------------
// USER CONFIGURABLE - CHANGE!
//-----------------------------------

/* Allowed Hosts */
$console['hosts'] = array(	'127.0.0.1',
							'localhost',
							'::1'	);

/* Authentication */
$console['username'] = 'developer';
$console['password'] = 'password';

//-----------------------------------
// NON CONFIGURABLE - DO NOT CHANGE
//-----------------------------------

/* Error handling */
error_reporting(E_ALL);
ini_set('display_errors',1);
ini_set('display_startup_errors',0);
ini_set('log_errors',0);

/* Init */
$console['exception'] = '';

/* Check Allowed Hosts */
if ( count($console['hosts']) )
{
	foreach( $console['hosts'] as $console['host'] )
	{
		$console['exception'] = '';
		if ( $_SERVER['REMOTE_ADDR'] == $console['host'] ) break;
		$console['exception'] = '[403 Forbidden] Your Host ('.$_SERVER['REMOTE_ADDR'].') is not allowed.';
	}
}
else
{
	$console['exception'] = '[403 Forbidden] Script not configured properly.';
}

/* Check for exception */
if ( $console['exception'] )
{
	header('HTTP/1.1 403 Forbidden');
	echo $console['exception'];
	exit();
}

/* Check Authentication */
if ( $console['username'] && $console['password'] )
{
	if ( isset($_SERVER["PHP_AUTH_USER"]) && isset($_SERVER["PHP_AUTH_PW"]) )
	{
		if ( $_SERVER["PHP_AUTH_USER"] != $console['username'] || $_SERVER["PHP_AUTH_PW"] != $console['password'] )
		{
			$console['exception'] = '[401 Unauthorized] Wrong authentication provided!';
		}
	}
	else
	{
		$console['exception'] = '[401 Unauthorized] No authentication provided!';
	}
}

/* Check for exception */
if ( $console['exception'] )
{
	header('HTTP/1.1 401 Unauthorized');
    header('WWW-Authenticate: Basic realm="IP.Board Development Console"');
	echo $console['exception'];
	exit();
}

/* Happy Console'ing */
if ( isset($_POST['text']) )
{
	$console['text'] = get_magic_quotes_gpc() ? stripslashes($_POST['text']) : $_POST['text'];

	define( 'IPB_THIS_SCRIPT', 'public' );
	require_once( './initdata.php' );

	require_once( IPS_ROOT_PATH . 'sources/base/ipsRegistry.php' );
	require_once( IPS_ROOT_PATH . 'sources/base/ipsController.php' );

	ipsRegistry::init();
}

/* Submit Form */
echo '<form action="" method="post">
	<textarea name="text" cols=100 rows=5>';

if ( isset($console['text']) )
{
	echo htmlspecialchars( $console['text'] );
}
else
{
	echo '$member = IPSMember::load( 1, \'sessions\', \'id\' ); var_dump($member);';
}

echo '</textarea>
	<br/>
	<input type="submit" value="Go !" name="submitcmd"/>
</form>
<br/>';

/* Echo & Eval */
if ( isset($console['text']) )
{
	echo 'RESULT: <br/><textarea cols=100 rows=35>';
	echo htmlspecialchars( eval($console['text']) );
	echo '</textarea><br/>';
}
?>

 

[Hy_Sultani]

what will this script do?

 

[vorazeal]

idk, allows IPB to be accessed through consoles !

 

[NewEraCracker]

This allows you to run any php code in your development environment in 127.0.0.1. It also allows you to run any method provided in IP.Board. This is useful to see which values functions return.