From d9c64d32cb4b1d6d0e95595453460617d33cc2d4 Mon Sep 17 00:00:00 2001
From: ztk <support@ztk.me>
Date: Tue, 13 Nov 2018 01:46:01 +0100
Subject: [PATCH] missing and missing references on forcedbanner area
---
content/verdienen/forcedbanner.php | 24 +++++++++++++-----------
lib/session.lib.php | 9 +++++----
2 files changed, 18 insertions(+), 15 deletions(-)
diff --git a/content/verdienen/forcedbanner.php b/content/verdienen/forcedbanner.php
index 9ffb79c..81a707e 100644
--- a/content/verdienen/forcedbanner.php
+++ b/content/verdienen/forcedbanner.php
@@ -3,16 +3,18 @@ $sperre = mysqli_fetch_array(db_query("SELECT forced_sperre FROM ".$db_prefix."_
userstatus ();
include ('fakecheck/fc_redirect.php');
head ('Klickbanner');
- $fstats_gesamt = mysqli_fetch_array(db_query('SELECT COUNT(t1.tan) AS ganzahl, SUM(t1.verdienst) AS gverdienst, SUM(t1.aufendhalt) AS gaufenthalt FROM '.$db_prefix.'_gebuchte_werbung t1
- LEFT JOIN vms_userblacklist t4 ON t4.tan = t1.tan AND t4.uid = '.$_SESSION['uid'].'
+ $fstats_gesamt_query = db_query('SELECT COUNT(t1.tan) AS ganzahl, SUM(t1.verdienst) AS gverdienst, SUM(t1.aufendhalt) AS gaufenthalt FROM '.$db_prefix.'_gebuchte_werbung t1
+ LEFT JOIN vms_userblacklist t4 ON t4.uid = '.$_SESSION['uid'].'
LEFT JOIN vms_fb_blacklist AS t3 ON t3.kid = t1.kid AND t3.werbeart=t1.werbeart
- WHERE (t3.kid IS NULL OR LOCATE(t3.sponsor, t1.ziel) = 0) AND t4.tan IS NULL AND t1.werbeart = "forcedbanner" and t1.reload >= 100 AND t1.menge > 0 AND t1.status = 1 AND t1.verdienst >= 0 AND t1.sponsor != '.$_SESSION['uid'].''));
+ WHERE (t3.kid IS NULL OR LOCATE(t3.sponsor, t1.ziel) = 0) AND t1.werbeart = "forcedbanner" and t1.reload >= 100 AND t1.menge > 0 AND t1.status = 1 AND t1.verdienst >= 0 AND t1.sponsor != '.$_SESSION['uid'].'');
+ $fstats_gesamt = mysqli_fetch_assoc($fstats_gesamt_query);
- $fstats_uebrig = mysqli_fetch_array(db_query('SELECT COUNT(t1.tan) AS uanzahl, SUM(t1.verdienst) AS uverdienst FROM '.$db_prefix.'_gebuchte_werbung t1
- LEFT JOIN vms_userblacklist t4 ON t4.tan = t1.tan AND t4.uid = '.$_SESSION['uid'].'
+ $fstats_uebrig_query = db_query('SELECT COUNT(t1.tan) AS uanzahl, SUM(t1.verdienst) AS uverdienst FROM '.$db_prefix.'_gebuchte_werbung t1
+ LEFT JOIN vms_userblacklist t4 ON t4.uid = '.$_SESSION['uid'].'
LEFT JOIN vms_fb_blacklist AS t3 ON t3.kid = t1.kid AND t3.werbeart=t1.werbeart
LEFT JOIN vms_reloads t2 ON (t1.tan = t2.tan AND (t2.uid = '.$_SESSION['uid'].' OR t2.ip = "'.$ip.'") AND t2.bis >= '.time().')
- WHERE (t3.kid IS NULL OR LOCATE(t3.sponsor, t1.ziel) = 0) AND t4.tan IS NULL AND t2.tan IS NULL AND t1.werbeart = "forcedbanner" and t1.reload >= 100 AND t1.menge > 0 AND t1.status = 1 AND t1.verdienst >= 0 AND t1.sponsor != '.$_SESSION['uid'].''));
+ WHERE (t3.kid IS NULL OR LOCATE(t3.sponsor, t1.ziel) = 0) AND t2.tan IS NULL AND t1.werbeart = "forcedbanner" and t1.reload >= 100 AND t1.menge > 0 AND t1.status = 1 AND t1.verdienst >= 0 AND t1.sponsor != '.$_SESSION['uid'].'');
+ $fstats_uebrig = mysqli_fetch_assoc($fstats_uebrig_query);
$uebriga=100/$fstats_gesamt['ganzahl']*$fstats_uebrig['uanzahl'];
$uebrig=number_format($uebriga,2,',','.');
$abgebaut= 100-$uebriga;
@@ -25,12 +27,12 @@ include ('fakecheck/fc_redirect.php');
<tr>
<td align='center'>Ø Aufenthalt: ".number_format($fstats_gesamt['gaufenthalt']/$fstats_gesamt['ganzahl'],2,",",".")." Sekunden</td>
<td> </td>
- <td align='center''>Ø Vergütung: ".number_format($fstats_gesamt['gverdienst']/$fstats_gesamt['ganzahl'],2,",",".")." ".$waehrung."</td>
+ <td align='center''>Ø Vergütung: ".number_format($fstats_gesamt['gverdienst']/$fstats_gesamt['ganzahl'],2,",",".")." ".$pageconfig['waehrung']."</td>
</tr>
<tr>
- <td align='center''>Gesamtwert: ".$fstats_gesamt['gverdienst']." ".$waehrung."</td>
+ <td align='center''>Gesamtwert: ".$fstats_gesamt['gverdienst']." ".$pageconfig['waehrung']."</td>
<td> </td>
- <td align='center'>Offen: ".$fstats_uebrig['uverdienst']." ".$waehrung."</td>
+ <td align='center'>Offen: ".$fstats_uebrig['uverdienst']." ".$pageconfig['waehrung']."</td>
</tr>
</table>
<div id='fortschritt' style='width: 380px; font-weight: bold; margin: 0 auto' align='center''></div>
@@ -53,11 +55,11 @@ include ('fakecheck/fc_redirect.php');
$fbanner = db_query ('SELECT t1.*
FROM ' . $db_prefix . '_gebuchte_werbung t1
- LEFT JOIN ' . $db_prefix . '_adscan_userblacklist t4 ON t4.tan = t1.tan AND t4.uid = ' . $_SESSION['uid'] . '
+ LEFT JOIN ' . $db_prefix . '_userblacklist t4 ON t4.uid = ' . $_SESSION['uid'] . '
LEFT JOIN ' . $db_prefix . '_fb_blacklist AS t3 ON t3.kid = t1.kid AND t3.werbeart=t1.werbeart
LEFT JOIN ' . $db_prefix . '_reloads t2
ON (t1.tan = t2.tan AND (t2.uid = ' . $_SESSION['uid'] . ' OR t2.ip = "' . $ip . '") AND t2.bis >= ' . time() . ')
- WHERE (t3.kid IS NULL OR LOCATE(t3.sponsor, t1.ziel) = 0) AND t4.tan IS NULL AND t2.tan IS NULL AND t1.werbeart = "forcedbanner" AND t1.menge > 0 AND t1.status = 1 AND t1.verdienst > 0 AND t1.sponsor != ' . $_SESSION['uid'] . ' ORDER BY t1.verdienst DESC LIMIT ' . $usr['max_forced']);
+ WHERE (t3.kid IS NULL OR LOCATE(t3.sponsor, t1.ziel) = 0) AND t2.tan IS NULL AND t1.werbeart = "forcedbanner" AND t1.menge > 0 AND t1.status = 1 AND t1.verdienst > 0 AND t1.sponsor != ' . $_SESSION['uid'] . ' ORDER BY t1.verdienst DESC LIMIT ' . $usr['max_forced']);
while ($f_banner = mysqli_fetch_assoc ($fbanner)) {
echo '<div align="center" id="banner_' . $f_banner['tan'] . '"><a href="top_forcedbanner.php?tan=' . $f_banner['tan'] . '" target="_blank"><img src="' . $f_banner['banner'] . '" border="0" height="60" width="468" alt="' . $f_banner['tan'] . '" onClick="document.getElementById(\'banner_' . $f_banner['tan'] . '\').style.display=\'none\';"></a>'
diff --git a/lib/session.lib.php b/lib/session.lib.php
index d4acc66..30493fe 100644
--- a/lib/session.lib.php
+++ b/lib/session.lib.php
@@ -4,6 +4,7 @@ Datei : session.lib.php
Änderungen in dieser Datei nur dann vornehmen wenn Sie wissen was Sie tun!
*/
@session_start();
+$ip = (isset($_SERVER['REMOTE_ADDR'])) ? $_SERVER['REMOTE_ADDR'] : '127.0.0.1';
// Variabeln definieren
if(isset($_POST['checkid'])){
if (!isset($_SESSION['login'])) $_SESSION['login'] = "";
@@ -76,10 +77,10 @@ WHERE u.nickname='" . $_POST['nickname'] . "' OR u.uid = '". $_POST['nickname']
$_GET['content'] = '/error/kein_zutritt';
}
} else {
- if ($_POST['checkid'] == 'Login') $_GET['content'] = '/error/kein_zutritt';
+ if (isset($_POST['checkid']) && $_POST['checkid'] == 'Login') $_GET['content'] = '/error/kein_zutritt';
}
// Autologin
-if ($_SESSION['login'] != 'true' && isset($_COOKIE['autologin']) && isset($_COOKIE['uid']) && isset($_COOKIE['passwort'])) {
+if ( (isset($_SESSION['login']) && $_SESSION['login'] != 'true') || ( isset($_COOKIE['autologin']) && isset($_COOKIE['uid']) && isset($_COOKIE['passwort'])) ) {
$_COOKIE['uid'] = (int)$_COOKIE['uid'];
$_COOKIE['passwort'] = addslashes ($_COOKIE['passwort']);
@@ -95,7 +96,7 @@ if ($_SESSION['login'] != 'true' && isset($_COOKIE['autologin']) && isset($_COOK
}
}
// Logout
-if ($_GET['logout'] == 'true') {
+if (isset($_GET['logout']) && $_GET['logout'] == 'true') {
setCookie('uid', '', time() - 86400 * 30);
setCookie('passwort', '', time() - 86400 * 30);
setCookie('autologin', '', time() - 86400 * 30);
@@ -109,4 +110,4 @@ if (isset ($_SESSION['uid']) && isset ($_SESSION['passwort']) && !empty ($_SESSI
db_query ("UPDATE " . $db_prefix . "_kontodaten SET last_active = " . time() . " WHERE uid = " . $_SESSION['uid'] . " AND passwort = '" . $_SESSION['passwort'] . "' LIMIT 1");
}
-?>
\ No newline at end of file
+?>
--
GitLab