frametest.php

<?php
if (!isset($_GET['frame'])) $_GET['frame'] = false;
if (!isset($_GET['testen'])) $_GET['testen'] = true;
if (!isset($_GET['tan'])) $_GET['tan'] = "";

if ($_GET['testen'] == 'true') {
    if ($_GET['frame'] == 'true') {
        echo 'Dies ist der Testframe';
    } else {
        @require_once ('../lib/functions.lib.php');
        @db_connect();
        if (!isset($_GET['art'])) $_GET['art'] = "";
        if (!isset($forced['tan'])) $forced['tan'] = "";
        if (!isset($forced['ziel'])) $forced['ziel'] = "";
        // SecVMS change begin
        $_GET['tan'] = addslashes ($_GET['tan']);
        // SecVMS change end
        $forced = mysql_fetch_assoc(db_query("SELECT ziel FROM " . $db_prefix . "_gebuchte_werbung WHERE tan='" . $_GET['tan'] . "' LIMIT 1"));
        if ($forced) {
            $ziel = $forced['ziel'];
        } else {
            $ziel = urldecode($_GET['url']);
        }
        echo '
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html>
<head>
	<title>Framekiller-Test by ' . $seitenname . '</title>
</head>

<frameset rows="75,*" border="0">
<frame src="frametest.php?testen=true&frame=true" name="abuse" frameborder="0" scrolling="no" marginheight="10">
<frame name="werbung" src="' . $ziel . '" scrolling="auto" frameborder="0" marginheight="10">
<noscript>Bei dir ist kein Javascript aktiviert!</noscript>
</frameset><noframes></noframes><noframes>Bei dir sind keine Frames aktiviert!</noframes>
</body>
</html>';
        db_close();
    }
} else {
    echo 'Javascript Test! Bitte warte einen Moment!
    <script type="text/javascript">
    <!--
    document.location = "frametest.php?url=' . $_GET['url'] . '&testen=true&tan=' . $_GET['tan'] . '";
    //-->
    </script>';
}