Skip to content
Snippets Groups Projects

Compare revisions

Changes are shown as if the source revision was being merged into the target revision. Learn more about comparing revisions.

Source

Select target project
No results found

Target

Select target project
  • isaack/VMS-SUEE_2.0
  • ztk.me/VMS-z
2 results
Show changes
Commits on Source (6)
Hide whitespace changes
Inline Side-by-side
Showing
with 634 additions and 53 deletions
adcheck.php 0 → 100644
View file @ 99b589cd
<?php
if(!isset($_GET['data'])) exit;
require ('lib/datenbank.inc.php');
require ('lib/functions.lib.php');
require ('lib/session.lib.php');
require ('ext/ap/ads.inc.php');
list($art, $tan) = explode('-', $_GET['data']); // yeah sorry ;)
$art = base64_decode($art);
$tan = base64_decode($tan);
$kampdaten = getAdDataByArtAndTan( $art, $tan );
$result_color = 'red';
if( $tan == $_SESSION['current_ad']['tan'] &&
$art == $_SESSION['current_ad']['art'] &&
true == $_SESSION['current_ad']['paid']
)
{
$result_color = 'green';
}
?><!DOCTYPE html>
<html>
<head>
<!-- never is old spec but will be ignored by new browsers //-->
<meta name="referrer" content="never">
<meta name="referrer" content="no-referrer" />
<title>Hinweis</title>
</head>
<body bgcolor="<?php echo $result_color; ?>">
<?php if( 'green' == $result_color ) { ?>
Diese Anzeige wurde dir mit <?php echo $kampdaten['verdienst'] .' '. $pageconfig['waehrung']; ?> verg&uuml;tet.
<?php } else { ?>
Nope, das war nix
<?php } ?>
</body>
</html><?php
invalidateAlreadyRunningAd();
?>
adclick.php 0 → 100644
View file @ 99b589cd
<?php
if(!isset($_GET['data'])) exit;
require ('lib/datenbank.inc.php');
require ('lib/functions.lib.php');
require ('lib/session.lib.php');
require ('ext/ap/ads.inc.php');
list($art, $tan) = explode('-', $_GET['data']); // yeah sorry ;)
$art = base64_decode($art);
$tan = base64_decode($tan);
$kampdaten = getAdDataByArtAndTan( $art, $tan );
// TODO prevent malicious ziel urls
invalidateAlreadyRunningAd();
setCurrentRunningAd( $art, $tan );
?><!DOCTYPE html>
<html>
<head>
<!-- never is old spec but will be ignored by new browsers //-->
<meta name="referrer" content="never">
<meta name="referrer" content="no-referrer" />
<meta http-equiv="refresh" content="0; URL=<?php echo $kampdaten['ziel']; ?>">
<title>Anzeige</title>
</head>
<body>
<script>
var notified = false;
function notify()
{
if( false == notified )
{
notified = true;
window.opener.postMessage( { 'action': 'adcheck', 'art': '<?php echo $art; ?>', 'tan': '<?php echo $tan; ?>' }, '<?php echo $pageconfig['domain']; ?>');
}
return true;
}
</script>
<a href="<?php echo $kampdaten['ziel']; ?>" rel="noopener noreferrer nofollow" onclick="notify();" >Hier weiter, falls keine automatische Weiterleitung erfolgt.</a>
</body>
</html>
adminforce/frametest.php
View file @ 99b589cd
......@@ -7,8 +7,8 @@ if ($_GET['testen'] == 'true') {
if ($_GET['frame'] == 'true') {
echo 'Dies ist der Testframe';
} else {
@require_once ('../lib/functions.lib.php');
@db_connect();
require_once ( '../lib/datenbank.inc.php' );
require_once ( '../lib/functions.lib.php' );
if (!isset($_GET['art'])) $_GET['art'] = "";
if (!isset($forced['tan'])) $forced['tan'] = "";
if (!isset($forced['ziel'])) $forced['ziel'] = "";
......@@ -35,7 +35,6 @@ if ($_GET['testen'] == 'true') {
</frameset><noframes></noframes><noframes>Bei dir sind keine Frames aktiviert!</noframes>
</body>
</html>';
db_close();
}
} else {
echo 'Javascript Test! Bitte warte einen Moment!
......@@ -44,4 +43,4 @@ if ($_GET['testen'] == 'true') {
document.location = "frametest.php?url=' . $_GET['url'] . '&testen=true&tan=' . $_GET['tan'] . '";
//-->
</script>';
}
\ No newline at end of file
}
content/verdienen/forcedbanner.php
View file @ 99b589cd
......@@ -3,16 +3,18 @@ $sperre = mysqli_fetch_array(db_query("SELECT forced_sperre FROM ".$db_prefix."_
userstatus ();
include ('fakecheck/fc_redirect.php');
head ('Klickbanner');
$fstats_gesamt = mysqli_fetch_array(db_query('SELECT COUNT(t1.tan) AS ganzahl, SUM(t1.verdienst) AS gverdienst, SUM(t1.aufendhalt) AS gaufenthalt FROM '.$db_prefix.'_gebuchte_werbung t1
LEFT JOIN vms_userblacklist t4 ON t4.tan = t1.tan AND t4.uid = '.$_SESSION['uid'].'
$fstats_gesamt_query = db_query('SELECT COUNT(t1.tan) AS ganzahl, SUM(t1.verdienst) AS gverdienst, SUM(t1.aufendhalt) AS gaufenthalt FROM '.$db_prefix.'_gebuchte_werbung t1
LEFT JOIN vms_userblacklist t4 ON t4.uid = '.$_SESSION['uid'].'
LEFT JOIN vms_fb_blacklist AS t3 ON t3.kid = t1.kid AND t3.werbeart=t1.werbeart
WHERE (t3.kid IS NULL OR LOCATE(t3.sponsor, t1.ziel) = 0) AND t4.tan IS NULL AND t1.werbeart = "forcedbanner" and t1.reload >= 100 AND t1.menge > 0 AND t1.status = 1 AND t1.verdienst >= 0 AND t1.sponsor != '.$_SESSION['uid'].''));
WHERE (t3.kid IS NULL OR LOCATE(t3.sponsor, t1.ziel) = 0) AND t1.werbeart = "forcedbanner" and t1.reload >= 100 AND t1.menge > 0 AND t1.status = 1 AND t1.verdienst >= 0 AND t1.sponsor != '.$_SESSION['uid'].'');
$fstats_gesamt = mysqli_fetch_assoc($fstats_gesamt_query);
$fstats_uebrig = mysqli_fetch_array(db_query('SELECT COUNT(t1.tan) AS uanzahl, SUM(t1.verdienst) AS uverdienst FROM '.$db_prefix.'_gebuchte_werbung t1
LEFT JOIN vms_userblacklist t4 ON t4.tan = t1.tan AND t4.uid = '.$_SESSION['uid'].'
$fstats_uebrig_query = db_query('SELECT COUNT(t1.tan) AS uanzahl, SUM(t1.verdienst) AS uverdienst FROM '.$db_prefix.'_gebuchte_werbung t1
LEFT JOIN vms_userblacklist t4 ON t4.uid = '.$_SESSION['uid'].'
LEFT JOIN vms_fb_blacklist AS t3 ON t3.kid = t1.kid AND t3.werbeart=t1.werbeart
LEFT JOIN vms_reloads t2 ON (t1.tan = t2.tan AND (t2.uid = '.$_SESSION['uid'].' OR t2.ip = "'.$ip.'") AND t2.bis >= '.time().')
WHERE (t3.kid IS NULL OR LOCATE(t3.sponsor, t1.ziel) = 0) AND t4.tan IS NULL AND t2.tan IS NULL AND t1.werbeart = "forcedbanner" and t1.reload >= 100 AND t1.menge > 0 AND t1.status = 1 AND t1.verdienst >= 0 AND t1.sponsor != '.$_SESSION['uid'].''));
WHERE (t3.kid IS NULL OR LOCATE(t3.sponsor, t1.ziel) = 0) AND t2.tan IS NULL AND t1.werbeart = "forcedbanner" and t1.reload >= 100 AND t1.menge > 0 AND t1.status = 1 AND t1.verdienst >= 0 AND t1.sponsor != '.$_SESSION['uid'].'');
$fstats_uebrig = mysqli_fetch_assoc($fstats_uebrig_query);
$uebriga=100/$fstats_gesamt['ganzahl']*$fstats_uebrig['uanzahl'];
$uebrig=number_format($uebriga,2,',','.');
$abgebaut= 100-$uebriga;
......@@ -25,12 +27,12 @@ include ('fakecheck/fc_redirect.php');
<tr>
<td align='center'>&Oslash; Aufenthalt: ".number_format($fstats_gesamt['gaufenthalt']/$fstats_gesamt['ganzahl'],2,",",".")." Sekunden</td>
<td>&nbsp;&nbsp;</td>
<td align='center''>&Oslash; Verg&uuml;tung: ".number_format($fstats_gesamt['gverdienst']/$fstats_gesamt['ganzahl'],2,",",".")." ".$waehrung."</td>
<td align='center''>&Oslash; Verg&uuml;tung: ".number_format($fstats_gesamt['gverdienst']/$fstats_gesamt['ganzahl'],2,",",".")." ".$pageconfig['waehrung']."</td>
</tr>
<tr>
<td align='center''>Gesamtwert: ".$fstats_gesamt['gverdienst']." ".$waehrung."</td>
<td align='center''>Gesamtwert: ".$fstats_gesamt['gverdienst']." ".$pageconfig['waehrung']."</td>
<td>&nbsp;&nbsp;</td>
<td align='center'>Offen: ".$fstats_uebrig['uverdienst']." ".$waehrung."</td>
<td align='center'>Offen: ".$fstats_uebrig['uverdienst']." ".$pageconfig['waehrung']."</td>
</tr>
</table>
<div id='fortschritt' style='width: 380px; font-weight: bold; margin: 0 auto' align='center''></div>
......@@ -53,11 +55,11 @@ include ('fakecheck/fc_redirect.php');
$fbanner = db_query ('SELECT t1.*
FROM ' . $db_prefix . '_gebuchte_werbung t1
LEFT JOIN ' . $db_prefix . '_adscan_userblacklist t4 ON t4.tan = t1.tan AND t4.uid = ' . $_SESSION['uid'] . '
LEFT JOIN ' . $db_prefix . '_userblacklist t4 ON t4.uid = ' . $_SESSION['uid'] . '
LEFT JOIN ' . $db_prefix . '_fb_blacklist AS t3 ON t3.kid = t1.kid AND t3.werbeart=t1.werbeart
LEFT JOIN ' . $db_prefix . '_reloads t2
ON (t1.tan = t2.tan AND (t2.uid = ' . $_SESSION['uid'] . ' OR t2.ip = "' . $ip . '") AND t2.bis >= ' . time() . ')
WHERE (t3.kid IS NULL OR LOCATE(t3.sponsor, t1.ziel) = 0) AND t4.tan IS NULL AND t2.tan IS NULL AND t1.werbeart = "forcedbanner" AND t1.menge > 0 AND t1.status = 1 AND t1.verdienst > 0 AND t1.sponsor != ' . $_SESSION['uid'] . ' ORDER BY t1.verdienst DESC LIMIT ' . $usr['max_forced']);
WHERE (t3.kid IS NULL OR LOCATE(t3.sponsor, t1.ziel) = 0) AND t2.tan IS NULL AND t1.werbeart = "forcedbanner" AND t1.menge > 0 AND t1.status = 1 AND t1.verdienst > 0 AND t1.sponsor != ' . $_SESSION['uid'] . ' ORDER BY t1.verdienst DESC LIMIT ' . $usr['max_forced']);
while ($f_banner = mysqli_fetch_assoc ($fbanner)) {
echo '<div align="center" id="banner_' . $f_banner['tan'] . '"><a href="top_forcedbanner.php?tan=' . $f_banner['tan'] . '" target="_blank"><img src="' . $f_banner['banner'] . '" border="0" height="60" width="468" alt="' . $f_banner['tan'] . '" onClick="document.getElementById(\'banner_' . $f_banner['tan'] . '\').style.display=\'none\';"></a>'
......
content/verdienen/forcedbanner_nf.php 0 → 100644
View file @ 99b589cd
<?php
$sperre = mysqli_fetch_array(db_query("SELECT forced_sperre FROM ".$db_prefix."_kontodaten WHERE uid = '".$_SESSION['uid']."' "));
userstatus ();
head ('Klickbanner');
?>
<div id="forcedbanner_display"></div>
<input type="button" value="Neue Banner laden" id="loadAds_btn">
<script src="<?php echo $pageconfig['domain']; ?>/ext/js/forcedbanner_nf.js"></script>
<?php
foot ();
cron.php
View file @ 99b589cd
......@@ -4,7 +4,7 @@
require ( 'lib/datenbank.inc.php' );
require ( 'lib/functions.lib.php' );
db_connect();
if ($_GET['pw'] != $cron_pw) die('Zugriff verweigert!');
$cron = (int)$_GET['id'];
......@@ -34,4 +34,3 @@ if ( include ($result['datei']) ){
echo 'Cron gelaufen';
} else echo 'Cron nicht gelaufen';
db_close();
\ No newline at end of file
crons/db_backup.php
View file @ 99b589cd
......@@ -2,7 +2,7 @@
require('../lib/datenbank.inc.php');
require('../lib/functions.lib.php');
db_connect();
if($_GET['cron_pw'] == $cron_pw){
set_time_limit(0);
......@@ -27,5 +27,4 @@ if($_GET['cron_pw'] == $cron_pw){
mysqli_close($sql_open);
die();
}
db_close();
?>
\ No newline at end of file
?>
ext/ap/ads.inc.php 0 → 100644
View file @ 99b589cd
<?php
$adArten = array('forcedbanner' => 'forcedbanner',
);
/*
* TODO
* nothing checks wether user landed on blacklist...
* blacklist check is broken currently anyway
* please fix me
*/
function invalidateAlreadyRunningAd()
{
global $adArten,$ip,$db_prefix;
$result = false;
if( isset($_SESSION['current_ad']) )
{
$tan = ( isset($_SESSION['current_ad']['tan']) ) ? $_SESSION['current_ad']['tan'] : false;
$art = ( isset($_SESSION['current_ad']['art']) ) ? $_SESSION['current_ad']['art'] : '';
if( false !== $tan && in_array($art, $adArten) )
{
$dbArt = $adArten[$art];
$kamp = db_query ("SELECT `t1`.* FROM `" . $db_prefix . "_gebuchte_werbung` AS `t1`
LEFT JOIN `" . $db_prefix . "_reloads` AS `t2` ON (`t1`.`tan`=`t2`.`tan` AND (`t2`.`uid`=" . $_SESSION['uid'] . " OR `t2`.`ip`='" . $ip . "') AND `t2`.`bis` > " . time() . ")
WHERE `t1`.`tan` = '" . $tan . "' AND `t2`.`tan` IS NULL AND `t1`.`werbeart` = '".$dbArt."' LIMIT 1");
if ( mysqli_num_rows( $kamp ) )
{
$result = true;
$forced = mysqli_fetch_assoc( $kamp );
$new_reload = time() + $forced['reload'];
db_query("INSERT INTO `" . $db_prefix . "_reloads`
(`ip`,`uid`,`tan`,`bis`) VALUES
('" . $ip . "'," . $_SESSION['uid'] . ",'" . $tan . "'," . $new_reload . ")");
}
}
unset( $_SESSION['current_ad'] );
}
return $result;
}
function setCurrentRunningAd( $art, $tan )
{
$_SESSION['current_ad']['tan'] = $tan;
$_SESSION['current_ad']['art'] = $art;
$_SESSION['current_ad']['time'] = time();
$_SESSION['current_ad']['paid'] = false;
}
function handleAdPayout( $forced )
{
global $dbArten, $ip, $db_prefix;
db_query("UPDATE ".$db_prefix."_kontodaten SET klicks = klicks + 1, kv = kv + ".$forced['verdienst'].", fc_klicks = fc_klicks + 1 WHERE uid = '".$_SESSION['uid']."'"); // Hier Zusatz für Fakeschutz
kontobuchung ('+', $forced['verdienst'], create_code(14), $_SESSION['uid'], 1, 'Forcedbannerverdienst');
refumsatz ($forced['verdienst'], $_SESSION['uid']);
rallysystem ($_SESSION['uid'], '1', $forced['verdienst']);
bilanz($forced['preis'], $forced['verdienst'],'Werbebereich','Forcedbannerklick');
$new_reload = time() + $forced['reload'];
db_query("INSERT INTO " . $db_prefix . "_reloads (ip,uid,tan,bis) VALUES ('" . $ip . "'," . $_SESSION['uid'] . ",'" . $forced['tan'] . "'," . $new_reload . ")");
db_query("UPDATE " . $db_prefix . "_gebuchte_werbung SET menge = menge - 1 WHERE tan='" . $forced['tan'] . "'");
}
function checkAdOk( $art, $tan )
{
global $dbArten, $ip, $db_prefix, $sql_open;
$result = array('checkResult' => false);
$sql = "SELECT `t1`.* FROM `" . $db_prefix . "_gebuchte_werbung` AS `t1`
LEFT JOIN `" . $db_prefix . "_reloads` AS `t2` ON (`t1`.`tan`=`t2`.`tan` AND (`t2`.`uid`=" . $_SESSION['uid'] . " OR `t2`.`ip`='" . $ip . "') AND `t2`.`bis` > " . time() . ")
WHERE `t1`.`tan` = ? AND `t2`.`tan` IS NULL AND `t1`.`werbeart` = ? LIMIT 1";
$statement = mysqli_stmt_init( $sql_open );
mysqli_stmt_prepare( $statement, $sql );
mysqli_stmt_bind_param( $statement, "ss", $tan, $art );
if( mysqli_stmt_execute( $statement ) )
{
mysqli_stmt_store_result( $statement );
if ( mysqli_stmt_num_rows( $statement ) > 0 )
{
$timepassed = ( time() - $_SESSION['current_ad']['time'] ) +1;
$rows = db_fetch( $statement );
$forced = $row[0];
$result['data'] = $forced;
if( $timepassed >= $forced['aufendhalt'] )
{
handleAdPayout( $forced );
$_SESSION['current_ad']['paid'] = true;
$result['checkResult'] = true;
}
}
}
mysqli_stmt_close( $statement );
return $result;
}
function getNewAdData( $dbArt )
{
global $ip,$db_prefix;
$result = array('count' => 0, 'data' => array() );
$banner_sql = 'SELECT t1.*
FROM ' . $db_prefix . '_gebuchte_werbung t1
LEFT JOIN ' . $db_prefix . '_userblacklist t4 ON t4.uid = ' . $_SESSION['uid'] . '
LEFT JOIN ' . $db_prefix . '_fb_blacklist AS t3 ON t3.kid = t1.kid AND t3.werbeart=t1.werbeart
LEFT JOIN ' . $db_prefix . '_reloads t2
ON (t1.tan = t2.tan AND (t2.uid = ' . $_SESSION['uid'] . ' OR t2.ip = "' . $ip . '") AND t2.bis >= ' . time() . ')
WHERE
(t3.kid IS NULL OR LOCATE(t3.sponsor, t1.ziel) = 0) AND
t2.tan IS NULL AND
t1.werbeart = "'.$dbArt.'" AND
t1.menge > 0 AND
t1.status = 1 AND
t1.verdienst > 0 AND
t1.sponsor != ' . $_SESSION['uid'] . '
ORDER BY t1.verdienst DESC LIMIT 3';
$banner_res = db_query( $banner_sql );
$banner_c = mysqli_num_rows( $banner_res );
$result['count'] = $banner_c;
if( 0 < $banner_c )
{
while( $banner = mysqli_fetch_assoc( $banner_res ) )
$result['data'][] = $banner;
}
return $result;
}
function getAdDataByArtAndTan( $art, $tan )
{
global $db_prefix, $sql_open;
$row = false;
$sql = 'SELECT `uid`, `tan`, `kid`, `ziel`, `banner`, `verdienst`, `preis`, `aufendhalt`, `menge`, `reload`, `sponsor`, `werbeart`, `status` FROM `' . $db_prefix . '_gebuchte_werbung` WHERE `tan` = ? AND `werbeart` = ? LIMIT 1';
$statement = mysqli_prepare( $sql_open, $sql );
mysqli_stmt_bind_param( $statement, "ss", $tan, $art );
if( mysqli_stmt_execute( $statement ) )
{
mysqli_stmt_store_result( $statement );
if ( mysqli_stmt_num_rows( $statement ) > 0 )
{
$rows = db_fetch( $statement );
$row = $rows[0]; // should be there ... > 0
}
}
mysqli_stmt_close( $statement );
return $row;
//return array( 'uid' => $uid, 'tan' => $tan, 'kid' => $kid, 'ziel' => $ziel, 'banner' => $banner, 'verdienst' => $verdienst, 'preis' => $preis, 'aufendhalt' => $aufendhalt,
// 'menge' => $menge, 'reload' => $reload, 'sponsor' => $sponsor, 'werbeart' => $werbeart, 'status' => $status );
}
ext/ap/ads.php 0 → 100644
View file @ 99b589cd
<?php
ini_set('display_errors', '1');
require ('../../lib/datenbank.inc.php');
require ('../../lib/functions.lib.php');
require ('../../lib/session.lib.php');
userstatus();
require ('ads.inc.php');
$sperre_sql = "SELECT `forced_sperre` FROM `".$db_prefix."_kontodaten` WHERE `uid` = ".$_SESSION['uid'];
$sperre_res = db_query($sperre_sql);
$sperre = mysqli_fetch_assoc( $sperre_res );
if( 0 == $sperre['forced_sperre'] )
{
$result = array( 'count' => 0, 'data' => array() );
if( isset($_POST['action']) )
{
switch( $_POST['action'] )
{
case 'getNewAdData':
invalidateAlreadyRunningAd();
if( isset($_POST['adArt']) )
{
if( in_array($_POST['adArt'], $adArten) )
{
$dbArt = $adArten[$_POST['adArt']];
$result = getNewAdData( $dbArt );
}
}
break;
case 'checkAdOk':
if( isset( $_POST['art'] ) && isset( $_POST['tan'] ) )
$result = checkAdOk( $_POST['art'], $_POST['tan'] );
break;
case 'invalidateAd':
$result = invalidateAlreadyRunningAd();
break;
}
}
echo json_encode($result);
}
ext/js/basics.js 0 → 100644
View file @ 99b589cd
function sleep(ms)
{
return new Promise(resolve => setTimeout(resolve, ms));
}
ext/js/forcedbanner_nf.js 0 → 100644
View file @ 99b589cd
$( document ).ready( function()
{
var adFenster = new Array();
window.addEventListener("message", function(event)
{
if ( pageconfig['domain'] != event.origin )
{
return;
}
console.log(event.data);
var art = event.data['art'],
tan = event.data['tan'],
action = event.data['action'];
if( 'adcheck' == action )
{
console.log('okokok');
adFenster[art][tan]['opened'] = true;
}
}
);
function checkAdOk( art, tan )
{
console.log('checkadok');
if( false == adFenster[art][tan]['checked'] && false == adFenster[art][tan]['window'].closed )
{
var pdata = window.btoa(art) + '-' + window.btoa(tan)
adFenster[art][tan]['checked'] = true;
$.post( "ext/ap/ads.php",
{
'action': "checkAdOk",
'art': art,
'tan': tan
},
function(data, status)
{
window.open(pageconfig['domain']+'/adcheck.php?data='+pdata, art+'-'+tan, "height=120,width=200");
}
);
}
}
/*
* if u do something wrong, sorry no matter which ad was active, invalidate
*/
function invalidateAd( art, tan )
{
console.log('invalidatead');
adFenster[art][tan]['checked'] = true;
var pdata = window.btoa(art) + '-' + window.btoa(tan)
$.post( "ext/ap/ads.php",
{
'action': "invalidateAd"
},
function(data, status)
{
window.open(pageconfig['domain']+'/adcheck.php?data='+pdata, art+'-'+tan, "height=120,width=200");
}
);
}
async function startAdCountdown( art, tan, sec )
{
console.log('startadcountdown');
let timer = setInterval( () =>
{
console.log('checktimer');
if( true == adFenster[art][tan]['checked'] )
{
clearInterval(timer);
} else {
if( document.hasFocus() )
{
invalidateAd( art, tan );
clearInterval(timer);
}
if ( 'undefined' == adFenster[art][tan]['window'].closed || adFenster[art][tan]['window'].closed )
{
invalidateAd( art, tan );
clearInterval(timer);
}
}
},
100
);
await sleep(sec * 1000);
checkAdOk( art, tan );
}
/*
* communicates with ad window, placing detection of actual click
*/
function openAdWindow( art, tan, sec )
{
if ( 'undefined' == typeof adFenster[art] || (! adFenster[art] instanceof Array ) )
{
adFenster[art] = new Array();
}
if ( 'undefined' == typeof adFenster[art][tan] || (! adFenster[art][tan] instanceof Array ) )
{
adFenster[art][tan] = new Array();
}
if( ( 'undefined' == adFenster[art][tan]['window'] || null == adFenster[art][tan]['window'] ) || adFenster[art][tan]['window'].closed )
{
var data = window.btoa(art) + '-' + window.btoa(tan);
adFenster[art][tan]['window'] = window.open( pageconfig['domain'] + '/adclick.php?data='+data, "_blank" );
adFenster[art][tan]['window'].focus();
adFenster[art][tan]['opened'] = false;
adFenster[art][tan]['checked']= false;
console.log('meh');
adFenster[art][tan]['window'].onbeforeunload = function()
{ console.log('startadcountdowncall');
startAdCountdown( art, tan, sec );
}
}
}
/*
* gets executed after loading ads for every ad loaded
*/
function displayForcedBanner( data )
{
// {"count":1,"data":{"uid":"0","tan":"BxrPvnPbs8j7D1bNAL28KNQVxr4Szijb","kid":"0","ziel":"https:\/\/ztk.me","banner":"https:\/\/ztk.me","verdienst":"10.00","preis":"0.00","aufendhalt":"0","menge":"99999","reload":"3600","sponsor":"administrator","werbeart":"forcedbanner","status":"1"}}
var html = '<li class="list-group-item" data-tan="'+ data.tan + '" data-art="' + data.werbeart + '" data-sec="'+ data.aufendhalt + '"><img src="' + data.banner + '" style="min-width:60px; min-height:10px; cursor:pointer;" /></li>';
$( "#forcedbanner_display_grp" ).append( html );
}
/*
* gets executed on click on ad
*/
$( "#forcedbanner_display" ).on('click', function(e)
{
var elem = $( e.target ).closest( "li" );
var sec = elem.data('sec');
var tan = elem.data('tan');
var art = elem.data('art');
if (typeof tan !== typeof undefined && tan !== false)
{
if (typeof art !== typeof undefined && art !== false)
{
if (typeof sec !== typeof undefined && sec !== false)
{
$(elem).remove();
openAdWindow( art, tan, sec );
}
}
}
}
);
/*
* gets executed first, loads available ads and prepares the bootstrap <ul>-list for display
*/
function loadAds( art )
{
$.post( "ext/ap/ads.php",
{
'action': "getNewAdData",
'adArt' : art
},
function(data, status)
{
var useData = jQuery.parseJSON( data );
if( 0 < useData.count )
{
$( "#forcedbanner_display" ).html('<ul class="list-group" id="forcedbanner_display_grp"></ul>');
useData.data.forEach( displayForcedBanner );
}
}
);
}
$( "#loadAds_btn").on('click', function(e) { loadAds( 'forcedbanner' ) } );
loadAds( 'forcedbanner' );
}
);
index.php
View file @ 99b589cd
......@@ -14,7 +14,6 @@ if (!ini_get('display_errors')) {
}
require ('lib/datenbank.inc.php');
db_connect();
require ('lib/functions.lib.php');
require ('lib/session.lib.php');
require ('lib/run.inc.php');
......@@ -37,12 +36,10 @@ if (mysqli_num_rows($start_reload) != 0) {
$datetime = "2014-09-21 20:33:28";
}
$ts = strtotime($datetime);
?>
<!DOCTYPE html>
?><!DOCTYPE html>
<html lang='de'>
<head>
<title><?php echo $seitenname;?></title>
<title><?php echo $pageconfig['seitenname'];?></title>
<meta charset="UTF-8">
<meta name="generator" content="vms-script">
<meta name="Author" content="Designerscripte.net">
......@@ -54,13 +51,17 @@ $ts = strtotime($datetime);
<link href="css/bootstrap.min.css" rel="stylesheet">
<script src="http://code.jquery.com/jquery-latest.js"></script>
<script type="text/javascript" src="js/tcal.js"></script>
<script language="JavaScript" src="js/slider.js"></script>
<script type="text/javascript" src="js/slider.js"></script>
<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js"></script>
<script src="js/bootstrap.min.js"></script>
<script type="text/javascript" src="js/bootstrap.min.js"></script>
<script type="text/javascript" src="ext/js/basics.js"></script>
<script type="text/javascript" src="js/start_countdown.js"></script>
</head>
<body>
<script>
var pageconfig = new Array();
pageconfig['domain'] = '<?php echo $pageconfig['domain']; ?>';
</script>
<?php
if(!empty($meldung['meldung'])){
?>
......@@ -126,7 +127,7 @@ $ts = strtotime($datetime);
<li class="dropdown">
<a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-haspopup="true" aria-expanded="false">Start <span class="caret"></span></a>
<ul class="dropdown-menu">
<li><a href="<?php echo $domain;?>">Startseite</a></li>
<li><a href="<?php echo $pageconfig['domain'];?>">Startseite</a></li>
<li><a href="?content=/news">News</a></li>
<li><a href="?content=/intern/mediadaten">Mediadaten</a></li>
<li><a href="?content=/intern/agbs">AGB</a></li>
......@@ -152,7 +153,7 @@ $ts = strtotime($datetime);
<?php
if(isset($_SESSION['admin'])){
if($_SESSION['admin'] == 1){
echo '<li><a href="'.$domain.'/adminforce/index.php\">Adminforce</a></li>';
echo '<li><a href="'.$pageconfig['domain'].'/adminforce/index.php\">Adminforce</a></li>';
}
}
?>
......@@ -202,6 +203,5 @@ $ts = strtotime($datetime);
</body>
</html>
<?php
db_close();
if ($gzip_rate > 0) ob_end_flush();
?>
install/index.php
View file @ 99b589cd
......@@ -426,6 +426,48 @@ if(isset($_POST['datenbank_anlegen'])){
return 0;
}
}
/*
* taken from nieprzeklinaj at gmail dot com
* http://php.net/manual/de/mysqli-stmt.bind-result.php
*/
function db_fetch($result)
{
$array = array();
if($result instanceof mysqli_stmt)
{
$result->store_result();
$variables = array();
$data = array();
$meta = $result->result_metadata();
while($field = $meta->fetch_field())
$variables[] = &$data[$field->name]; // pass by reference
call_user_func_array(array($result, 'bind_result'), $variables);
$i=0;
while($result->fetch())
{
$array[$i] = array();
foreach($data as $k=>$v)
$array[$i][$k] = $v;
$i++;
// don\'t know why, but when I tried $array[] = $data, I got the same one result in all rows
}
}
elseif($result instanceof mysqli_result)
{
while($row = $result->fetch_assoc())
$array[] = $row;
}
return $array;
}
function pw_erstellen($pw){
global $pw_zusatz;
......
lib/datenbank.inc.php
View file @ 99b589cd
<?php
$db_host = "localhost";
// Mysql User
$db_user = "vms_suee2";
$db_user = "";
// Mysql PW
$db_pass = "lTxyJyZtmSQvaV6M";
$db_pass = "";
// Datenbank
$db_base = "vms_suee2";
$db_base = "";
//Datenbank Prefix
$db_prefix = "vms";
//Passwort zusatz
$pw_zusatz = 'fg65en';
$pw_zusatz = '';
// Verschlüsselungspasswort
$ver_schluessel = 'libh5476H6G4v0TB';
$ver_schluessel = '';
//Datenbankverbindung herstellen
$sql_open = @mysqli_connect($db_host, $db_user, $db_pass, $db_base) or die('Verbindung zum Mysql Server fehlgeschlagen! <br>Tipp: <a href="http://www.vms-tutorial.de/wiki//Lib/Functions">http://www.vms-tutorial.de/wiki//Lib/Functions</a>');
......@@ -50,6 +50,47 @@
}
}
/*
* taken from nieprzeklinaj at gmail dot com
* http://php.net/manual/de/mysqli-stmt.bind-result.php
*/
function db_fetch($result)
{
$array = array();
if($result instanceof mysqli_stmt)
{
$result->store_result();
$variables = array();
$data = array();
$meta = $result->result_metadata();
while($field = $meta->fetch_field())
$variables[] = &$data[$field->name]; // pass by reference
call_user_func_array(array($result, 'bind_result'), $variables);
$i=0;
while($result->fetch())
{
$array[$i] = array();
foreach($data as $k=>$v)
$array[$i][$k] = $v;
$i++;
// don't know why, but when I tried $array[] = $data, I got the same one result in all rows
}
}
elseif($result instanceof mysqli_result)
{
while($row = $result->fetch_assoc())
$array[] = $row;
}
return $array;
}
function pw_erstellen($pw){
global $pw_zusatz;
......
lib/session.lib.php
View file @ 99b589cd
......@@ -4,6 +4,7 @@ Datei : session.lib.php
Änderungen in dieser Datei nur dann vornehmen wenn Sie wissen was Sie tun!
*/
@session_start();
$ip = (isset($_SERVER['REMOTE_ADDR'])) ? $_SERVER['REMOTE_ADDR'] : '127.0.0.1';
// Variabeln definieren
if(isset($_POST['checkid'])){
if (!isset($_SESSION['login'])) $_SESSION['login'] = "";
......@@ -16,8 +17,8 @@ if(isset($_POST['checkid'])){
if (!isset($_GET['logout'])) $_GET['logout'] = "";
if (!isset($_GET['ref'])) $_GET['ref'] = "0";
}
if ($_SESSION['werber'] == "0") $_SESSION['werber'] = (int)$_GET['ref'];
if( ( !isset($_SESSION['werber']) || ("0" == $_SESSION['werber']) ) && isset($_GET['ref']) )
$_SESSION['werber'] = (int)$_GET['ref'];
// Seiteneinstellungen laden...
$pageconfig = mysqli_fetch_array(db_query("SELECT * FROM " . $db_prefix . "_seitenkonfig LIMIT 1"));
......@@ -32,7 +33,7 @@ if ($pageconfig['wartung'] == 1 && $_SESSION['uid'] != $admin_id) {
die();
}
// Login
if ($_POST['checkid'] == 'Login' && $_POST['nickname'] && $_POST['passwort']) {
if (isset($_POST['checkid']) && $_POST['checkid'] == 'Login' && $_POST['nickname'] && $_POST['passwort']) {
$_POST['nickname'] = addslashes($_POST['nickname']);
$pw = pw_erstellen($_POST['passwort']);
......@@ -76,10 +77,10 @@ WHERE u.nickname='" . $_POST['nickname'] . "' OR u.uid = '". $_POST['nickname']
$_GET['content'] = '/error/kein_zutritt';
}
} else {
if ($_POST['checkid'] == 'Login') $_GET['content'] = '/error/kein_zutritt';
if (isset($_POST['checkid']) && $_POST['checkid'] == 'Login') $_GET['content'] = '/error/kein_zutritt';
}
// Autologin
if ($_SESSION['login'] != 'true' && isset($_COOKIE['autologin']) && isset($_COOKIE['uid']) && isset($_COOKIE['passwort'])) {
if ( (isset($_SESSION['login']) && $_SESSION['login'] != 'true') || ( isset($_COOKIE['autologin']) && isset($_COOKIE['uid']) && isset($_COOKIE['passwort'])) ) {
$_COOKIE['uid'] = (int)$_COOKIE['uid'];
$_COOKIE['passwort'] = addslashes ($_COOKIE['passwort']);
......@@ -95,7 +96,7 @@ if ($_SESSION['login'] != 'true' && isset($_COOKIE['autologin']) && isset($_COOK
}
}
// Logout
if ($_GET['logout'] == 'true') {
if (isset($_GET['logout']) && $_GET['logout'] == 'true') {
setCookie('uid', '', time() - 86400 * 30);
setCookie('passwort', '', time() - 86400 * 30);
setCookie('autologin', '', time() - 86400 * 30);
......@@ -109,4 +110,4 @@ if (isset ($_SESSION['uid']) && isset ($_SESSION['passwort']) && !empty ($_SESSI
db_query ("UPDATE " . $db_prefix . "_kontodaten SET last_active = " . time() . " WHERE uid = " . $_SESSION['uid'] . " AND passwort = '" . $_SESSION['passwort'] . "' LIMIT 1");
}
?>
\ No newline at end of file
?>
pcheck.php
View file @ 99b589cd
<?php
require ( 'lib/datenbank.inc.php' );
require_once ('lib/functions.lib.php');
//Variablen vordefinieren
......@@ -10,9 +11,6 @@ if (!isset($_GET['auszahlen'])) $_GET['auszahlen'] = "false";
$_GET['uid'] = (int)$_GET['uid'];
$_GET['tan'] = addslashes ($_GET['tan']);
//DB Verbindung herstellen
db_connect();
$mail = mysqli_fetch_assoc(db_query("SELECT e.start,e.aufendhalt,e.status,e.uid,v.verdienst FROM ".$db_prefix."_paidmails_empfaenger e
LEFT JOIN ".$db_prefix."_paidmails_versendet v ON v.tan = e.tan
WHERE e.tan='".$_GET['tan']."' AND e.uid=".$_GET['uid']." AND e.gueltig > ".time()." LIMIT 1"));
......@@ -61,4 +59,3 @@ echo '
</table>
</body>
</html>';
db_close();
\ No newline at end of file
pclick.php
View file @ 99b589cd
<?php
require ( 'lib/datenbank.inc.php' );
require_once ('lib/functions.lib.php');
db_connect();
$_GET['uid'] = (int)$_GET['uid'];
$_GET['tan'] = addslashes ($_GET['tan']);
......@@ -18,5 +18,3 @@ echo '
<frame name="werbung" src="'.$mail['ziel'].'" scrolling="auto" frameborder="0">
</frameset>
</html>';
db_close();
pl.php
View file @ 99b589cd
<?
<?php
require_once ( 'lib/datenbank.inc.php' );
@require_once ('lib/functions.lib.php');
@db_connect();
@require_once ('lib/session.lib.php');
if (!isset($_GET['art'])) $_GET['art'] = "";
if (!isset($text['tan'])) $text['tan'] = "";
......@@ -21,4 +21,3 @@ $text = mysqli_fetch_array(db_query("SELECT * FROM ".$db_prefix."_gebuchte_werbu
</frameset>
</body>
</html>
<?db_close();?>