Skip to content
Snippets Groups Projects

Compare revisions

Changes are shown as if the source revision was being merged into the target revision. Learn more about comparing revisions.

Source

Select target project
No results found

Target

Select target project
  • isaack/VMS-SUEE_2.0
  • ztk.me/VMS-z
2 results
Show changes
Commits on Source (33)
Showing
with 871 additions and 703 deletions
# Ignore any file named foo.txt. # Ignore any file named foo.txt.
lib/datenbank.inc.php lib/db_config.php
\ No newline at end of file
<?php
if(!isset($_GET['data'])) exit;
require ('lib/datenbank.inc.php');
require ('lib/functions.lib.php');
require ('lib/session.lib.php');
list($art, $tan) = explode('-', $_GET['data']); // yeah sorry ;)
$art = base64_decode($art);
$tan = base64_decode($tan);
$kampdaten = $vms->campaigns->getByTanAndType( $tan, $art );
$result_color = 'red';
if( $tan == $_SESSION['current_ad']['tan'] &&
$art == $_SESSION['current_ad']['art'] &&
true == $_SESSION['current_ad']['paid'] &&
false !== $kampdaten
)
{
$result_color = 'green';
}
?><!DOCTYPE html>
<html>
<head>
<!-- never is old spec but will be ignored by new browsers //-->
<meta name="referrer" content="never">
<meta name="referrer" content="no-referrer" />
<title>Hinweis</title>
</head>
<body bgcolor="<?php echo $result_color; ?>">
<?php if( 'green' == $result_color ) { ?>
Diese Anzeige wurde dir mit <?php echo $kampdaten->verdienst .' '. $pageconfig['waehrung']; ?> verg&uuml;tet.
<?php } else { ?>
Nope, das war nix
<?php } ?>
</body>
</html><?php
$vms->ptc->invalidateAlreadyRunningAd( $_SESSION['uid'], $ip );
?>
<?php
ini_set('display_errors', 1);
if(!isset($_GET['data'])) exit;
require ('lib/datenbank.inc.php');
require ('lib/functions.lib.php');
require ('lib/session.lib.php');
list($art, $tan) = explode('-', $_GET['data']); // yeah sorry ;)
$art = base64_decode($art);
$tan = base64_decode($tan);
$kampdaten = $vms->campaigns->getByTanAndType( $tan, $art );
// TODO prevent malicious ziel urls
$vms->ptc->invalidateAlreadyRunningAd( $_SESSION['uid'], $ip );
$vms->ptc->setCurrentRunningAd( $art, $kampdaten->id, $tan );
?><!DOCTYPE html>
<html>
<head>
<!-- never is old spec but will be ignored by new browsers //-->
<meta name="referrer" content="never">
<meta name="referrer" content="no-referrer" />
<?php
if( 0 == $kampdaten->use_frame )
{ ?>
<meta http-equiv="refresh" content="0; URL=<?php echo $kampdaten->ziel; ?>">
<?php
} else { ?>
<link rel="stylesheet" type="text/css" href="ext/css/frame_ads.css">
<script src="<?php echo $pageconfig['domain']; ?>/ext/js/jquery-3.3.1.min.js"></script>
<script src="<?php echo $pageconfig['domain']; ?>/ext/js/visibility.core.js"></script>
<script src="<?php echo $pageconfig['domain']; ?>/ext/js/visibility.fallback.js"></script>
<script src="<?php echo $pageconfig['domain']; ?>/ext/js/ptc.js"></script>
<?php } ?>
<title>Anzeige</title>
</head>
<body>
<script>
var notified = false;
var campaign_data = <?php echo json_encode(array('earnings' => $kampdaten->verdienst, 'wait_time' => $kampdaten->aufendhalt, 'ad_type' => $kampdaten->werbeart, 'tan' => $kampdaten->tan)); ?>;
function notify()
{
if( false == notified )
{
notified = true;
window.opener.postMessage( { 'action': 'adcheck', 'art': campaign_data['ad_type'], 'tan': campaign_data['tan'] }, '<?php echo $pageconfig['domain']; ?>');
}
return true;
}
</script>
<?php
if( 0 == $kampdaten->use_frame )
{
?>
<a href="<?php echo $kampdaten->ziel; ?>" rel="noopener noreferrer nofollow" onclick="notify();" >Hier weiter, falls keine automatische Weiterleitung erfolgt.</a>
<?php } else { ?>
<div id="ad_bar">
<ul>
<li><a href="">Melden</a></li>
<li><a href="">Blacklist</a></li>
<li><a href="">Merken</a></li>
<li style="float:right"><span class="active" id="ad_status" >Bitte&nbsp;warten</span></li>
</ul>
</div>
<script src="ext/js/frame_ad.js"></script>
<iframe src="https://www.whatismyreferer.com/" id="ad_frame" sandbox="allow-scripts allow-popups allow-pointer-lock allow-forms"></iframe>
<?php } ?>
</body>
</html>
...@@ -576,7 +576,7 @@ $gesperrt = explode(',', $ralleydaten['sperruser']); ...@@ -576,7 +576,7 @@ $gesperrt = explode(',', $ralleydaten['sperruser']);
while ($pa = mysqli_fetch_array($platz)) { while ($pa = mysqli_fetch_array($platz)) {
if (!in_array($pa['uid'], $gesperrt)) { if (!in_array($pa['uid'], $gesperrt)) {
if ($ralleydaten['gewinner_anzahl'] >= $rp) { if ($ralleydaten['gewinner_anzahl'] >= $rp) {
$mg = number_format(($ralleydaten['gewinn_topf'] / 100 * $ralleydaten['p' . $rp]), 2, ',', '.') . ' ' . $waehrung; $mg = number_format(($ralleydaten['gewinn_topf'] / 100 * $ralleydaten['p' . $rp]), 2, ',', '.') . ' ' . $pageconfig['waehrung'];
} else $mg = '---'; } else $mg = '---';
if ($pa['punkte'] < $ralleydaten['mindestpunktzhl']) $mindestpunkt = '<span style="color:#FF6600;">Nicht erreicht.</span>'; if ($pa['punkte'] < $ralleydaten['mindestpunktzhl']) $mindestpunkt = '<span style="color:#FF6600;">Nicht erreicht.</span>';
if ($pa['punkte'] >= $ralleydaten['mindestpunktzhl']) $mindestpunkt = '<span style="color:#339966;">Erreicht.</span>'; if ($pa['punkte'] >= $ralleydaten['mindestpunktzhl']) $mindestpunkt = '<span style="color:#339966;">Erreicht.</span>';
...@@ -591,7 +591,7 @@ while ($pa = mysqli_fetch_array($platz)) { ...@@ -591,7 +591,7 @@ while ($pa = mysqli_fetch_array($platz)) {
} }
for($x = $rp;$x < 11;$x++) { for($x = $rp;$x < 11;$x++) {
$mg = number_format($rally['p' . $rp], 2, ',', '.') . ' ' . $waehrung; $mg = number_format($rally['p' . $rp], 2, ',', '.') . ' ' . $pageconfig['waehrung'];
$row = ($rp % 2 == 0) ? 0 : 1; $row = ($rp % 2 == 0) ? 0 : 1;
if ($x > $rally['plaetze']) $mg = '---'; if ($x > $rally['plaetze']) $mg = '---';
?> ?>
...@@ -614,4 +614,4 @@ for($x = $rp;$x < 11;$x++) { ...@@ -614,4 +614,4 @@ for($x = $rp;$x < 11;$x++) {
<input type="Submit" name="reset" value="Reseten"><input type="Submit" name="auswert" value="Auswerten"> <input type="Submit" name="reset" value="Reseten"><input type="Submit" name="auswert" value="Auswerten">
</div> </div>
</form> </form>
<?php foot(); <?php foot();
\ No newline at end of file
<?php head("Admin ForcedBanner"); <?php head("Admin ForcedBanner");
if (!isset($_GET['tan'])) $_GET['tan'] = '';
if (!isset($_GET['loeschen'])) $_GET['loeschen'] = ''; if (!isset($_GET['loeschen'])) $_GET['loeschen'] = '';
if ($_GET['loeschen'] == 'true' && $_GET['tan']) { if ($_GET['loeschen'] == 'true' && isset($_GET['id']) )
db_query("DELETE FROM " . $db_prefix . "_gebuchte_werbung WHERE tan='" . $_GET['tan'] . "' and sponsor='administrator' LIMIT 1"); {
echo $vms->campaigns->delete( array( 'id' => $_GET['id'] ) ) .' Banner gel&ouml;scht';
} }
$forcedbanner = db_query("SELECT * FROM " . $db_prefix . "_gebuchte_werbung WHERE sponsor='administrator' and werbeart = 'forcedbanner' and status = '1' ORDER BY kid ASC"); $forcedbanner = $vms->campaigns->getAll( 'forcedbanner', 1, 'administrator');
while ($anzeigen = mysqli_fetch_array($forcedbanner)) { foreach($forcedbanner['data'] as $anzeigen)
{
echo ' echo '
<table width="100%" cellpadding="0" cellspacing="1" border="0" bgcolor="#c0c0c0"> <table width="100%" cellpadding="0" cellspacing="1" border="0" bgcolor="#c0c0c0">
<tr bgcolor="#f0f0f0"> <tr bgcolor="#f0f0f0">
<td align="center" width="50%"><b>TAN:</b>&nbsp;' . $anzeigen['tan'] . '</td> <td align="center" width="50%"><b>TAN:</b>&nbsp;' . $anzeigen->tan . '</td>
<td align="center" width="50%"><b>Vergütung:</b>&nbsp;' . number_format($anzeigen['verdienst'], 2, ",", ".") . '</td> <td align="center" width="50%"><b>Verg&uuml;tung:</b>&nbsp;' . number_format($anzeigen->verdienst, 2, ",", ".") . '</td>
</tr> </tr>
<tr bgcolor="#f0f0f0"> <tr bgcolor="#f0f0f0">
<td align="left" colspan="2"><br><b>Ziel:</b> <a href="' . $anzeigen['ziel'] . '">' . $anzeigen['ziel'] . '</a> <br><b>Banner:</b> <a href="' . $anzeigen['banner'] . '">' . $anzeigen['banner'] . '</a><br><br></td> <td align="left" colspan="2"><br><b>Ziel:</b> <a href="' . $anzeigen->ziel . '">' . $anzeigen->ziel . '</a> <br><b>Banner:</b> <a href="' . $anzeigen->banner . '">' . $anzeigen->banner . '</a><br><br></td>
</tr> </tr>
<tr bgcolor="#f0f0f0"> <tr bgcolor="#f0f0f0">
<td align="center" width="50%"><b>Reload:</b>&nbsp;' . $anzeigen['reload'] / 3600 . 'h <b>Rest:</b>&nbsp;' . number_format($anzeigen['menge'], 0, ",", ".") . ' Klicks</td> <td align="center" width="50%"><b>Reload:</b>&nbsp;' . $anzeigen->reload / 3600 . 'h <b>Rest:</b>&nbsp;' . number_format($anzeigen->menge, 0, ",", ".") . ' Klicks</td>
<td align="center" width="50%"><a href="?content=/interfacebanner/admin&amp;loeschen=true&amp;tan=' . $anzeigen['tan'] . '" target="_self">Löschen</a></td> <td align="center" width="50%"><a href="?content=/interfacebanner/admin&amp;loeschen=true&amp;id=' . $anzeigen->id . '" target="_self">Löschen</a></td>
</tr> </tr>
</table> </table>
<br> <br>
...@@ -30,5 +32,3 @@ while ($anzeigen = mysqli_fetch_array($forcedbanner)) { ...@@ -30,5 +32,3 @@ while ($anzeigen = mysqli_fetch_array($forcedbanner)) {
foot(); foot();
?> ?>
<?php head("ForcedBanner Blacklist"); <?php head("ForcedBanner Blacklist");
if (!isset($_GET['kid'])) $_GET['kid'] = ''; if (!isset($_GET['id'])) $_GET['id'] = false;
if (!isset($_GET['loeschen'])) $_GET['loeschen'] = ''; if (!isset($_GET['loeschen'])) $_GET['loeschen'] = '';
if (!isset($_GET['blacklist'])) $_GET['blacklist'] = ''; if (!isset($_GET['blacklist'])) $_GET['blacklist'] = '';
if ($_GET['loeschen'] == 'true' && $_GET['kid']) { if ($_GET['loeschen'] == 'true' && $_GET['id'])
db_query("DELETE FROM " . $db_prefix . "_gebuchte_werbung WHERE kid='" . $_GET['kid'] . "' and status = '2' and sponsor='" . $_GET['sponsor'] . "' LIMIT 1"); {
$vms->campaigns->delete( array( 'id' => $_GET['id'] ) );
} }
if ($_GET['blacklist'] == 'true' && $_GET['kid']) { if ($_GET['blacklist'] == 'true' && $_GET['id'])
db_query("UPDATE " . $db_prefix . "_gebuchte_werbung SET status = '1' WHERE kid='" . $_GET['kid'] . "' and sponsor='" . $_GET['sponsor'] . "' LIMIT 1"); {
$vms->campaigns->update( array( 'status' => 1 ), array( 'id' => $_GET['id'] ) );
} }
$forcedbanner = db_query("SELECT * FROM " . $db_prefix . "_gebuchte_werbung WHERE werbeart = 'forcedbanner' and status = '2' ORDER BY kid ASC"); $forcedbanner = $vms->campaigns->getAll( 'forcedbanner', 2);
while ($anzeigen = mysqli_fetch_array($forcedbanner)) { foreach( $forcedbanner['data'] as $anzeigen)
{
echo ' echo '
<table width="100%" cellpadding="0" cellspacing="1" border="0" bgcolor="#c0c0c0"> <table width="100%" cellpadding="0" cellspacing="1" border="0" bgcolor="#c0c0c0">
<tr bgcolor="#f0f0f0"> <tr bgcolor="#f0f0f0">
<td align="center" width="50%">TAN:&nbsp;' . $anzeigen['tan'] . '<br>KID:&nbsp;' . $anzeigen['kid'] . ' (' . $anzeigen['sponsor'] . ')</td> <td align="center" width="50%">TAN:&nbsp;' . $anzeigen->tan . '<br>KID:&nbsp;' . $anzeigen->kid . ' (' . $anzeigen->sponsor . ')</td>
<td align="center" width="50%">Bet:&nbsp;' . number_format($anzeigen['preis'], 2, ",", ".") . ' / User:&nbsp;' . number_format($anzeigen['verdienst'], 2, ",", ".") . '</td> <td align="center" width="50%">Bet:&nbsp;' . number_format($anzeigen->preis, 2, ",", ".") . ' / User:&nbsp;' . number_format($anzeigen->verdienst, 2, ",", ".") . '</td>
</tr> </tr>
<tr bgcolor="#f0f0f0"> <tr bgcolor="#f0f0f0">
<td align="center" colspan="2"><a href="' . $anzeigen['ziel'] . '" target="_blank"><img alt="Sponsorenbanner" src="' . $anzeigen['banner'] . '" border="0" width="468" height="60"></a></td> <td align="center" colspan="2"><a href="' . $anzeigen->ziel . '" target="_blank"><img alt="Sponsorenbanner" src="' . $anzeigen->banner . '" border="0" width="468" height="60"></a></td>
</tr> </tr>
<tr bgcolor="#f0f0f0"> <tr bgcolor="#f0f0f0">
<td align="center" width="50%">Reload:&nbsp;' . $anzeigen['reload'] / 3600 . ' Std. / Rest:&nbsp;' . number_format($anzeigen['menge'], 0, ",", ".") . '</td> <td align="center" width="50%">Reload:&nbsp;' . $anzeigen->reload / 3600 . ' Std. / Rest:&nbsp;' . number_format($anzeigen->menge, 0, ",", ".") . '</td>
<td align="center" width="50%"><a href="?content=/interfacebanner/blacklist&amp;sponsor=' . $anzeigen['sponsor'] . '&amp;loeschen=true&amp;kid=' . $anzeigen['kid'] . '" target="_self">Löschen</a> <a href="?content=/interfacebanner/blacklist&amp;sponsor=' . $anzeigen['sponsor'] . '&amp;blacklist=true&amp;kid=' . $anzeigen['kid'] . '" target="_self">Löschen-Blacklist</a></td> <td align="center" width="50%"><a href="?content=/interfacebanner/blacklist&amp;sponsor=' . $anzeigen->sponsor . '&amp;loeschen=true&amp;id=' . $anzeigen->id . '" target="_self">L&ouml;schen</a> <a href="?content=/interfacebanner/blacklist&amp;sponsor=' . $anzeigen->sponsor . '&amp;blacklist=true&amp;id=' . $anzeigen->id . '" target="_self">Freischalten</a></td>
</tr> </tr>
</table> </table>
<br> <br>
...@@ -33,4 +36,3 @@ while ($anzeigen = mysqli_fetch_array($forcedbanner)) { ...@@ -33,4 +36,3 @@ while ($anzeigen = mysqli_fetch_array($forcedbanner)) {
foot(); foot();
?> ?>
This diff is collapsed.
...@@ -78,10 +78,9 @@ foot(); ...@@ -78,10 +78,9 @@ foot();
db_query ('DELETE FROM '.$db_prefix.'_werberdaten WHERE uid = '.$row['uid']); db_query ('DELETE FROM '.$db_prefix.'_werberdaten WHERE uid = '.$row['uid']);
db_query ('UPDATE '.$db_prefix.'_werberdaten SET werber = 0 WHERE werber = '.$row['uid']); db_query ('UPDATE '.$db_prefix.'_werberdaten SET werber = 0 WHERE werber = '.$row['uid']);
db_query ('DELETE FROM '.$db_prefix.'_admin_abuse WHERE uid = '.$row['uid']); db_query ('DELETE FROM '.$db_prefix.'_admin_abuse WHERE uid = '.$row['uid']);
db_query ('DELETE FROM '.$db_prefix.'_adscan_userblacklist WHERE uid = '.$row['uid']);
db_query ('DELETE FROM vms_buchungen WHERE uid = '.$row['uid']); db_query ('DELETE FROM vms_buchungen WHERE uid = '.$row['uid']);
db_query ('DELETE FROM vms_reloads WHERE uid = '.$row['uid']);
db_query ('DELETE FROM vms_schnittstelle_anfragen WHERE uid = '.$row['uid']); db_query ('DELETE FROM vms_schnittstelle_anfragen WHERE uid = '.$row['uid']);
$vms->reloads->deleteByUserId( $row['uid'] );
echo '<font color="#00d000">User Gel&ouml;scht</font><br />'; echo '<font color="#00d000">User Gel&ouml;scht</font><br />';
$infotext= ' Hallo '.$row['nickname'].' $infotext= ' Hallo '.$row['nickname'].'
...@@ -122,4 +121,4 @@ foot(); ...@@ -122,4 +121,4 @@ foot();
} }
foot(); foot();
} }
\ No newline at end of file
...@@ -45,7 +45,7 @@ define("NAV_LEISTE","6"); ...@@ -45,7 +45,7 @@ define("NAV_LEISTE","6");
<tr> <tr>
<th>Zeit</th> <th>Zeit</th>
<th>Buchung</th> <th>Buchung</th>
<th><?php echo $waehrung;?></th> <th><?php echo $pageconfig['waehrung'];?></th>
<th>Verwendungszweck</th> <th>Verwendungszweck</th>
<th>TAN</th> <th>TAN</th>
<th>Kontobuchung erfolgreich</th> <th>Kontobuchung erfolgreich</th>
...@@ -53,4 +53,4 @@ define("NAV_LEISTE","6"); ...@@ -53,4 +53,4 @@ define("NAV_LEISTE","6");
<?php echo $buchungen;?> <?php echo $buchungen;?>
</table> </table>
<?php echo $nav_minus;?> <?php echo $nav_minus;?>
\ No newline at end of file
...@@ -4,7 +4,7 @@ ...@@ -4,7 +4,7 @@
<table class="table table-striped"> <table class="table table-striped">
<tr> <tr>
<td><b>Kontostand</b>:</td> <td><b>Kontostand</b>:</td>
<td><?php echo number_format($alledaten['kontostand'],2,",",".").' '.$waehrung;?></td> <td><?php echo number_format($alledaten['kontostand'],2,",",".").' '.$pageconfig['waehrung'];?></td>
</tr> </tr>
<tr> <tr>
<td><br /><b>Summe</b>:</td> <td><br /><b>Summe</b>:</td>
...@@ -22,4 +22,4 @@ ...@@ -22,4 +22,4 @@
<div class="text-center"> <div class="text-center">
<input type="submit" name="finanze" class="btn btn-default" value="&raquo; Buchen" /> <input type="submit" name="finanze" class="btn btn-default" value="&raquo; Buchen" />
</div> </div>
</form> </form>
\ No newline at end of file
...@@ -22,11 +22,11 @@ ...@@ -22,11 +22,11 @@
<tr bgcolor="#ededed"> <tr bgcolor="#ededed">
<td>&nbsp;<b>ForcedKlicks</b>:</td> <td>&nbsp;<b>ForcedKlicks</b>:</td>
<td width=50 align="right"><?php echo $alledaten['klicks'];?>&nbsp;</td> <td width=50 align="right"><?php echo $alledaten['klicks'];?>&nbsp;</td>
<td align="right"><?php echo number_format ($alledaten['kv'], 2, ',', '.').' '.$waehrung;?>&nbsp;</td> <td align="right"><?php echo number_format ($alledaten['kv'], 2, ',', '.').' '.$pageconfig['waehrung'];?>&nbsp;</td>
</tr> </tr>
<tr bgcolor="#fafafa"> <tr bgcolor="#fafafa">
<td>&nbsp;<b>Betteln</b>:</td> <td>&nbsp;<b>Betteln</b>:</td>
<td align="right"><?php echo $alledaten['angebettelt'];?>&nbsp;</td> <td align="right"><?php echo $alledaten['angebettelt'];?>&nbsp;</td>
<td align="right"><?php echo number_format ($alledaten['bv'], 2, ',', '.').' '.$waehrung;?>&nbsp;</td> <td align="right"><?php echo number_format ($alledaten['bv'], 2, ',', '.').' '.$pageconfig['waehrung'];?>&nbsp;</td>
</tr> </tr>
</table> </table>
\ No newline at end of file
...@@ -25,7 +25,7 @@ $einnahme = $_POST['buchungsmenge']; ...@@ -25,7 +25,7 @@ $einnahme = $_POST['buchungsmenge'];
} }
bilanz($einnahme,$ausgabe); bilanz($einnahme,$ausgabe);
$nachricht = 'Hallo,'."\n\n".'Es wurde soeben eine Buchung auf dein Userkonto ausgeführt:'."\n\n".$_POST['buchungsart'].' '.number_format($_POST['buchungssumme'], 2, ',', '.').' '.$waehrung.' '.$_POST['buchungstext']."\n\n\n".'Mit freundlichen Grüßen, dein '.$seitenname.'-Team'; $nachricht = 'Hallo,'."\n\n".'Es wurde soeben eine Buchung auf dein Userkonto ausgeführt:'."\n\n".$_POST['buchungsart'].' '.number_format($_POST['buchungssumme'], 2, ',', '.').' '.$pageconfig['waehrung'].' '.$_POST['buchungstext']."\n\n\n".'Mit freundlichen Grüßen, dein '.$seitenname.'-Team';
if (isset ($_POST['send_mail']) && $_POST['send_mail'] == 'ja') usermail ($_POST['email'],$seitenname.' Kontobuchung', $nachricht, '"'.$seitenname.'" <'.$betreibermail.'>'); if (isset ($_POST['send_mail']) && $_POST['send_mail'] == 'ja') usermail ($_POST['email'],$seitenname.' Kontobuchung', $nachricht, '"'.$seitenname.'" <'.$betreibermail.'>');
} }
} }
...@@ -109,4 +109,4 @@ $alledaten = userinfo($_GET['uid']); ...@@ -109,4 +109,4 @@ $alledaten = userinfo($_GET['uid']);
</div> </div>
</div> </div>
<?php foot(); ?> <?php foot(); ?>
\ No newline at end of file
...@@ -15,13 +15,25 @@ if ($_POST['buchen'] == 'Jetzt Buchen') { ...@@ -15,13 +15,25 @@ if ($_POST['buchen'] == 'Jetzt Buchen') {
if (!is_numeric($_POST['menge'])) $buchungsfehler .= 'Bei Menge nur Zahlen!<br>'; if (!is_numeric($_POST['menge'])) $buchungsfehler .= 'Bei Menge nur Zahlen!<br>';
if (!$_POST['banner_url'] or !$_POST['menge'] or !$_POST['ziel'] or !$_POST['reload']) $buchungsfehler .= 'Bitte alle Felder ausfüllen!<br>'; if (!$_POST['banner_url'] or !$_POST['menge'] or !$_POST['ziel'] or !$_POST['reload']) $buchungsfehler .= 'Bitte alle Felder ausfüllen!<br>';
if ($_POST['reload'] < 1 or $_POST['reload'] > 24 or !is_numeric($_POST['reload'])) $buchungsfehler .= 'Bei Reloadzeit nur Zahlen und zwischen 1 und 24 Stunden!<br>'; if ($_POST['reload'] < 1 or $_POST['reload'] > 24 or !is_numeric($_POST['reload'])) $buchungsfehler .= 'Bei Reloadzeit nur Zahlen und zwischen 1 und 24 Stunden!<br>';
if ($_POST['aufendhalt'] < 0 or $_POST['aufendhalt'] > 30 or !is_numeric($_POST['aufendhalt'])) $buchungsfehler .= 'Bei dem Aufendhalt nur Zahlen und zwischen 0 und 30 Sekunden!<br>'; if ($_POST['aufendhalt'] < 0 or !is_numeric($_POST['aufendhalt'])) $buchungsfehler .= 'Aufenthalt nur Zahlen und mindestens 1 Sek.!<br>';
if ($_POST['aufendhalt'] > 30 or $_POST['aufendhalt'] < 0 or !is_numeric($_POST['aufendhalt'])) $buchungsfehler .= 'Aufendhalt nur Zahlen und zwischen 1 und 30 Sek.!<br>';
// Buchung durchführen // Buchung durchführen
if (!$buchungsfehler) { if (!$buchungsfehler) {
$buchungs_id = create_code(32); $buchungs_id = create_code(32);
$reload = $_POST['reload'] * 60 * 60; $reload = $_POST['reload'] * 60 * 60;
db_query("INSERT INTO " . $db_prefix . "_gebuchte_werbung (tan,ziel,banner,aufendhalt,menge,preis,verdienst,werbeart,status,reload,sponsor) VALUES ('" . $buchungs_id . "','" . $_POST['ziel'] . "','" . $_POST['banner_url'] . "','" . $_POST['aufendhalt'] . "','" . $_POST['menge'] . "','0','" . $_POST['verdienst'] . "','forcedbanner','1','" . $reload . "','administrator')"); $data = array(
'tan' => $buchungs_id,
'ziel' => $_POST['ziel'],
'banner' => $_POST['banner_url'],
'aufendhalt' => $_POST['aufendhalt'],
'menge' => $_POST['menge'],
'preis' => 0,
'verdienst' => $_POST['verdienst'],
'werbeart' => 'forcedbanner',
'status' => 1,
'reload' => $reload,
'sponsor' => 'administrator',
);
$vms->campaigns->insert( $data );
$buchung = 'true'; $buchung = 'true';
} }
} }
...@@ -63,11 +75,11 @@ head("Formular Forcedbanner 468*60"); ...@@ -63,11 +75,11 @@ head("Formular Forcedbanner 468*60");
</tr> </tr>
<tr> <tr>
<td>Aufendhalt (Sekunden)</td> <td>Aufendhalt (Sekunden)</td>
<td><input type="Text" name="aufendhalt" value="' . $_POST['aufendhalt'] . '" style="width:40px" maxlength="2"> max. 30</td> <td><input type="Text" name="aufendhalt" value="' . $_POST['aufendhalt'] . '" style="width:40px" maxlength="2"></td>
</tr> </tr>
<tr> <tr>
<td align="center" valign="middle" colspan="2"><input type="Submit" name="buchen" value="Jetzt Buchen"></td> <td align="center" valign="middle" colspan="2"><input type="Submit" name="buchen" value="Jetzt Buchen"></td>
</tr> </tr>
</table> </table>
</form>'; </form>';
foot(); foot();
\ No newline at end of file
...@@ -31,8 +31,8 @@ WHERE (e.freigabe_fuer = '3' or e.freigabe_fuer = '2') AND k.status=1 ORDER BY R ...@@ -31,8 +31,8 @@ WHERE (e.freigabe_fuer = '3' or e.freigabe_fuer = '2') AND k.status=1 ORDER BY R
while ($versendet = mysqli_fetch_array($senden)) { while ($versendet = mysqli_fetch_array($senden)) {
db_query("INSERT INTO " . $db_prefix . "_paidmails_empfaenger (uid,gueltig,tan,status,aufendhalt) VALUES ('" . $versendet['uid'] . "','" . $bis . "','" . $tan . "','0','" . $_POST['aufendhalt'] . "')"); db_query("INSERT INTO " . $db_prefix . "_paidmails_empfaenger (uid,gueltig,tan,status,aufendhalt) VALUES ('" . $versendet['uid'] . "','" . $bis . "','" . $tan . "','0','" . $_POST['aufendhalt'] . "')");
$message = 'Hallo, $message = 'Hallo,
dieses ist eine neue ' . $seitenname . ' Paidmail, für dessen Bestätigung dieses ist eine neue ' . $pageconfig['seitenname'] . ' Paidmail, für dessen Bestätigung
Du ' . $_POST['verdienst'] . ' ' . $waehrung . ' für ' . $_POST['aufendhalt'] . ' Sek. aufenthalt erhälst! Du ' . $_POST['verdienst'] . ' ' . $pageconfig['waehrung'] . ' für ' . $_POST['aufendhalt'] . ' Sek. aufenthalt erhälst!
Diese Paidmail ist gültig bis ' . date("d.m.Y - H:i:s", $bis) . ' Diese Paidmail ist gültig bis ' . date("d.m.Y - H:i:s", $bis) . '
' . $_POST['beschreibung'] . ' ' . $_POST['beschreibung'] . '
...@@ -40,17 +40,17 @@ WHERE (e.freigabe_fuer = '3' or e.freigabe_fuer = '2') AND k.status=1 ORDER BY R ...@@ -40,17 +40,17 @@ WHERE (e.freigabe_fuer = '3' or e.freigabe_fuer = '2') AND k.status=1 ORDER BY R
' . $_POST['mailtext'] . ' ' . $_POST['mailtext'] . '
-------------------------------------------------------------------- --------------------------------------------------------------------
Die Betreiber von ' . $seitenname . ' distanzieren sich vom Inhalt dieser Mail! Die Betreiber von ' . $pageconfig['seitenname'] . ' distanzieren sich vom Inhalt dieser Mail!
Diese Mail ist kein Spam da der Empfänger als Mitglied von Diese Mail ist kein Spam da der Empfänger als Mitglied von
' . $seitenname . ' dem Empfang zugestimmt hat. ' . $pageconfig['seitenname'] . ' dem Empfang zugestimmt hat.
Bestätigungslink: Bestätigungslink:
' . $domain . '/pclick.php?tan=' . $tan . '&uid=' . $versendet["uid"] . ' ' . $pageconfig['domain'] . '/pclick.php?tan=' . $tan . '&uid=' . $versendet["uid"] . '
Mit freundlichen Grüßen Mit freundlichen Grüßen
Das ' . $seitenname . ' Team'; Das ' . $pageconfig['seitenname'] . ' Team';
usermail($versendet['emailadresse'], 'Neue ' . $seitenname . ' Paidmail', $message, '"' . $seitenname . '" <' . $betreibermail . '>') or die('Versandfehler'); usermail($versendet['emailadresse'], 'Neue ' . $pageconfig['seitenname'] . ' Paidmail', $message, '"' . $pageconfig['seitenname'] . '" <' . $betreibermail . '>') or die('Versandfehler');
} }
$msg_send = '<b><div align="center"><font color="#800000">Diese Paidmail wurd an ' . $_POST['menge'] . ' User versendet</font></div></b>'; $msg_send = '<b><div align="center"><font color="#800000">Diese Paidmail wurd an ' . $_POST['menge'] . ' User versendet</font></div></b>';
} }
...@@ -94,4 +94,4 @@ echo ' ...@@ -94,4 +94,4 @@ echo '
</form> </form>
' . $msg_send; ' . $msg_send;
foot(); foot();
\ No newline at end of file
<?php
if (!isset($_GET['frame'])) $_GET['frame'] = false;
if (!isset($_GET['testen'])) $_GET['testen'] = true;
if (!isset($_GET['tan'])) $_GET['tan'] = "";
if ($_GET['testen'] == 'true') {
if ($_GET['frame'] == 'true') {
echo 'Dies ist der Testframe';
} else {
@require_once ('../lib/functions.lib.php');
@db_connect();
if (!isset($_GET['art'])) $_GET['art'] = "";
if (!isset($forced['tan'])) $forced['tan'] = "";
if (!isset($forced['ziel'])) $forced['ziel'] = "";
// SecVMS change begin
$_GET['tan'] = addslashes ($_GET['tan']);
// SecVMS change end
$forced = mysql_fetch_assoc(db_query("SELECT ziel FROM " . $db_prefix . "_gebuchte_werbung WHERE tan='" . $_GET['tan'] . "' LIMIT 1"));
if ($forced) {
$ziel = $forced['ziel'];
} else {
$ziel = urldecode($_GET['url']);
}
echo '
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html>
<head>
<title>Framekiller-Test by ' . $seitenname . '</title>
</head>
<frameset rows="75,*" border="0">
<frame src="frametest.php?testen=true&frame=true" name="abuse" frameborder="0" scrolling="no" marginheight="10">
<frame name="werbung" src="' . $ziel . '" scrolling="auto" frameborder="0" marginheight="10">
<noscript>Bei dir ist kein Javascript aktiviert!</noscript>
</frameset><noframes></noframes><noframes>Bei dir sind keine Frames aktiviert!</noframes>
</body>
</html>';
db_close();
}
} else {
echo 'Javascript Test! Bitte warte einen Moment!
<script type="text/javascript">
<!--
document.location = "frametest.php?url=' . $_GET['url'] . '&testen=true&tan=' . $_GET['tan'] . '";
//-->
</script>';
}
\ No newline at end of file
...@@ -9,16 +9,17 @@ ...@@ -9,16 +9,17 @@
if ($_GET['content'] {0} != '/') $_GET['content'] = '/' . $_GET['content']; if ($_GET['content'] {0} != '/') $_GET['content'] = '/' . $_GET['content'];
} }
if (!ini_get('display_errors')) { if (!ini_get('display_errors')) {
ini_set('display_errors', '0'); ini_set('display_errors', '1');
} }
if (!isset($_GET['content']) || empty ($_GET['content'])) $_GET['content'] = '/startseite'; if (!isset($_GET['content']) || empty ($_GET['content'])) $_GET['content'] = '/startseite';
if (!file_exists('content' . $_GET['content'] . '.php')) $_GET['content'] = '/error/keine_seite'; if (!file_exists('content' . $_GET['content'] . '.php')) $_GET['content'] = '/error/keine_seite';
require ('../lib/datenbank.inc.php'); require ('../lib/datenbank.inc.php');
require ('../lib/functions.lib.php'); require ('../lib/functions.lib.php');
session_start(); session_start();
$pageconfig = mysqli_fetch_array(db_query("SELECT * FROM " . $db_prefix . "_seitenkonfig LIMIT 1"));
require ('lib/layout.lib.php'); require ('lib/layout.lib.php');
require ( '../lib/extras.lib.php' ); require ( '../lib/extras.lib.php' );
require ('../lib/extra/mail.php'); require ('../lib/extra/mail.php');
...@@ -45,9 +46,7 @@ if (!ini_get('display_errors')) { ...@@ -45,9 +46,7 @@ if (!ini_get('display_errors')) {
} }
} }
?> ?><!DOCTYPE html>
<!DOCTYPE html>
<html lang='de'> <html lang='de'>
<head> <head>
<title>..:: Adminforce ::..</title> <title>..:: Adminforce ::..</title>
...@@ -83,7 +82,7 @@ if (!ini_get('display_errors')) { ...@@ -83,7 +82,7 @@ if (!ini_get('display_errors')) {
<span class="icon-bar"></span> <span class="icon-bar"></span>
<span class="icon-bar"></span> <span class="icon-bar"></span>
</button> </button>
<a class="navbar-brand" href="<?php echo $domain.'/adminforce';?>">..:: Adminforce ::..</a> <a class="navbar-brand" href="<?php echo $pageconfig['domain'].'/adminforce';?>">..:: Adminforce ::..</a>
</div> </div>
<div id="navbar" class="navbar-collapse collapse"> <div id="navbar" class="navbar-collapse collapse">
<?php if(isset($_SESSION['admin']) && $_SESSION['admin'] == 1){?> <?php if(isset($_SESSION['admin']) && $_SESSION['admin'] == 1){?>
...@@ -104,7 +103,7 @@ if (!ini_get('display_errors')) { ...@@ -104,7 +103,7 @@ if (!ini_get('display_errors')) {
<div class="container-fluid"> <div class="container-fluid">
<div class="row"> <div class="row">
<div class="col-sm-3 col-md-2 sidebar"> <div class="col-sm-3 col-md-2 sidebar">
<?php if($_SESSION['admin'] == 1) require_once('lib/menue_links.php');?> <?php if(isset($_SESSION['admin']) && $_SESSION['admin'] == 1) require_once('lib/menue_links.php');?>
</div> </div>
<div class="col-sm-9 col-sm-offset-3 col-md-10 col-md-offset-2 main"> <div class="col-sm-9 col-sm-offset-3 col-md-10 col-md-offset-2 main">
<div class="jumbotron"> <div class="jumbotron">
...@@ -144,15 +143,16 @@ if (!ini_get('display_errors')) { ...@@ -144,15 +143,16 @@ if (!ini_get('display_errors')) {
</div> </div>
<?php <?php
} }
if($_SESSION['admin'] == 1) { if( isset($_SESSION['admin']) && $_SESSION['admin'] == 1 )
if(file_exists('../install')){ {
echo '<div class="alert alert-danger text-center">Du musst den Ordner install noch l&ouml;schen</div>'; if(file_exists('../install')){
} echo '<div class="alert alert-danger text-center">Du musst den Ordner install noch l&ouml;schen</div>';
require_once('content'.$_GET['content'].'.php'); }
require_once('content'.$_GET['content'].'.php');
}else{ }else{
echo ' echo '
<form method="post"> <form method="post">
<input type="Text" name="loginname" value="'.$_POST['loginname'].'" placeholder="Username"> <input type="Text" name="loginname" value="" placeholder="Username">
<input type="Password" name="passwort" value="" placeholder="Passwort"> <input type="Password" name="passwort" value="" placeholder="Passwort">
<button type="submit" name="check" value="Login">Login</button> <button type="submit" name="check" value="Login">Login</button>
</form> </form>
......
...@@ -10,8 +10,8 @@ $qres = db_query("SHOW TABLES") or die(mysqli_error($sql_open)); ...@@ -10,8 +10,8 @@ $qres = db_query("SHOW TABLES") or die(mysqli_error($sql_open));
while (list($tabelle) = mysqli_fetch_row($qres)){ while (list($tabelle) = mysqli_fetch_row($qres)){
db_query("DROP TABLE IF EXISTS ". $tabelle); db_query("DROP TABLE IF EXISTS ". $tabelle);
} }
// DB_PASS on cli ... happy person watching process list
$command='mysql -h' .$db_host .' -u' .$db_user .' -p' .$db_pass .' ' .$db_base .' < backup/' .$_POST['datei']; $command='mysql -h' .DB_HOST .' -u' .DB_USER .' -p' .DB_PASS .' ' . DB_BASE .' < backup/' .$_POST['datei'];
exec($command,$output=array(),$worked); exec($command,$output=array(),$worked);
$meldung = meldung(0,'Die Daten aus der Datei <b>' .$_POST['datei'] .'</b> wurden erfolgreich eingespielt in der Datenbank <b>' .$_POST['datei'] .'</b>'); $meldung = meldung(0,'Die Daten aus der Datei <b>' .$_POST['datei'] .'</b> wurden erfolgreich eingespielt in der Datenbank <b>' .$_POST['datei'] .'</b>');
...@@ -21,4 +21,4 @@ if (is_writable('backup/' .$_POST['datei'])) { ...@@ -21,4 +21,4 @@ if (is_writable('backup/' .$_POST['datei'])) {
$fp = versch($fp); $fp = versch($fp);
file_put_contents('backup/' .$_POST['datei'], $fp); file_put_contents('backup/' .$_POST['datei'], $fp);
} }
?> ?>
\ No newline at end of file
<?php
// https://raw.githubusercontent.com/daveismyname/pdo-wrapper/master/database.php
require_once( __DIR__ .'/databaseTable.php' );
class DaveDatabase extends PDO
{
/**
* @var array Array of saved databases for reusing
*/
protected static $instances = array();
/**
* Static method get
*
* @param array $group
* @return \helpers\database
*/
public static function get($group = false)
{
// Determining if exists or it's not empty, then use default group defined in config
$group = !$group ? array (
'type' => DB_TYPE,
'host' => DB_HOST,
'name' => DB_NAME,
'user' => DB_USER,
'pass' => DB_PASS
) : $group;
// Group information
$type = $group['type'];
$host = $group['host'];
$name = $group['name'];
$user = $group['user'];
$pass = $group['pass'];
// ID for database based on the group information
$id = "$type.$host.$name.$user.$pass";
// Checking if the same
if (isset(self::$instances[$id])) {
return self::$instances[$id];
}
$instance = new Database("$type:host=$host;dbname=$name;charset=utf8", $user, $pass);
$instance->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
// Setting Database into $instances to avoid duplication
self::$instances[$id] = $instance;
//return the pdo instance
return $instance;
}
/**
* run raw sql queries
* @param string $sql sql command
* @return none
*/
public function raw($sql)
{
$this->query($sql);
}
/**
* method for selecting records from a database
* @param string $sql sql query
* @param array $array named params
* @param object $fetchMode
* @param string $class class name
* @return array returns an array of records
*/
public function select($sql, $array = array(), $fetchMode = PDO::FETCH_OBJ, $class = '')
{
// Append select if it isn't appended.
if (strtolower(substr($sql, 0, 7)) !== 'select ') {
$sql = "SELECT " . $sql;
}
$stmt = $this->prepare($sql);
foreach ($array as $key => $value) {
if (is_int($value)) {
$stmt->bindValue("$key", $value, PDO::PARAM_INT);
} else {
$stmt->bindValue("$key", $value);
}
}
$stmt->execute();
if ($fetchMode === PDO::FETCH_CLASS) {
return $stmt->fetchAll($fetchMode, $class);
} else {
return $stmt->fetchAll($fetchMode);
}
}
/**
* Count method
* @param string $table table name
* @param string $column optional
*/
public function count($table, $column= 'id') {
$stmt = $this->prepare("SELECT $column FROM $table");
$stmt->execute();
return $stmt->rowCount();
}
/**
* insert method
* @param string $table table name
* @param array $data array of columns and values
*/
public function insert($table, $data)
{
ksort($data);
$fieldNames = implode(',', array_keys($data));
$fieldValues = ':'.implode(', :', array_keys($data));
$stmt = $this->prepare("INSERT INTO $table ($fieldNames) VALUES ($fieldValues)");
foreach ($data as $key => $value) {
$stmt->bindValue(":$key", $value);
}
$stmt->execute();
return $this->lastInsertId();
}
/**
* update method
* @param string $table table name
* @param array $data array of columns and values
* @param array $where array of columns and values
*/
public function update($table, $data, $where)
{
ksort($data);
$fieldDetails = null;
foreach ($data as $key => $value) {
$fieldDetails .= "$key = :$key,";
}
$fieldDetails = rtrim($fieldDetails, ',');
$whereDetails = null;
$i = 0;
foreach ($where as $key => $value) {
if ($i == 0) {
$whereDetails .= "$key = :$key";
} else {
$whereDetails .= " AND $key = :$key";
}
$i++;
}
$whereDetails = ltrim($whereDetails, ' AND ');
$stmt = $this->prepare("UPDATE $table SET $fieldDetails WHERE $whereDetails");
foreach ($data as $key => $value) {
$stmt->bindValue(":$key", $value);
}
foreach ($where as $key => $value) {
$stmt->bindValue(":$key", $value);
}
$stmt->execute();
return $stmt->rowCount();
}
/**
* Delete method
* @param string $table table name
* @param array $data array of columns and values
* @param array $where array of columns and values
* @param integer $limit limit number of records
*/
public function delete($table, $where, $limit = 1)
{
ksort($where);
$whereDetails = null;
$i = 0;
foreach ($where as $key => $value) {
if ($i == 0) {
$whereDetails .= "$key = :$key";
} else {
$whereDetails .= " AND $key = :$key";
}
$i++;
}
$whereDetails = ltrim($whereDetails, ' AND ');
//if limit is a number use a limit on the query
if (is_numeric($limit)) {
$uselimit = "LIMIT $limit";
}
$stmt = $this->prepare("DELETE FROM $table WHERE $whereDetails $uselimit");
foreach ($where as $key => $value) {
$stmt->bindValue(":$key", $value);
}
$stmt->execute();
return $stmt->rowCount();
}
/**
* truncate table
* @param string $table table name
*/
public function truncate($table)
{
return $this->exec("TRUNCATE TABLE $table");
}
}
class Database extends DaveDatabase
{
private $table_objects = array();
public function getTable( $table_name )
{
if( !isset($this->table_objects[$table_name]) )
{
$this->loadTableObject( $table_name );
}
return ( isset($this->table_objects[$table_name]) ) ? $this->table_objects[$table_name] : false;
}
private function loadTableObject( $table_name )
{
$result = false;
$filepath = __DIR__ .'/database/'.$table_name.'.ext.php';
if( !file_exists( $filepath ) )
{
$this->tryCreateTableDefinition( $table_name );
}
if( file_exists( $filepath ) )
{
require_once( $filepath );
$class_name = 'Table'. $table_name;
if( class_exists( $class_name ) )
{
$this->table_objects[$table_name] = new $class_name();
$result = true;
}
}
return $result;
}
private function tryCreateTableDefinition( $table_name )
{
$table_class = new DatabaseTable($this, $table_name);
$table_class->getColumnMeta();
var_dump($table_class->fields);
var_dump($table_class->field_meta);
var_dump($table_class->primary_key);
}
public function rawInsert( $sql, $data )
{
$stmt = $this->prepare($sql);
foreach ($data as $key => $value) {
$stmt->bindValue("$key", $value);
}
$stmt->execute();
return $this->lastInsertId();
}
public function rawDelete( $sql, $data )
{
$stmt = $this->prepare( $sql );
foreach ($data as $key => $value) {
$stmt->bindValue("$key", $value);
}
$stmt->execute();
return $stmt->rowCount();
}
/*
* $db->select("`username` FROM `members` WHERE `memberID` = :id and `email` = :email", array(':id' => 1, ':email' => 'someone@domain.com'));
* $db->selectAll("members", "WHERE `memberID` = :id and `email` = :email", array(':id' => 1, ':email' => 'someone@domain.com'));
*/
public function selectAll($sql, $array = array(), $fetchMode = PDO::FETCH_OBJ, $class = '')
{
}
/**
* sqlUpdate method
* @param string $sql the query
* @param array $data array of columns and values
*/
public function sqlUpdate($sql, $array = array())
{
$stmt = $this->prepare($sql);
foreach ($array as $key => $value) {
if (is_int($value))
{
$stmt->bindValue("$key", $value, PDO::PARAM_INT);
}
else
{
$stmt->bindValue("$key", $value);
}
}
$stmt->execute();
return $stmt->rowCount();
}
}
<?php
class DatabaseTable
{
public $fields = array();
public $field_meta = array();
public $primary_key = NULL;
private $database;
private $table_name;
public function __construct( $database, $table_name )
{
$this->database = $database;
$this->table_name = $table_name;
}
/**
* Will attempt to bind columns with datatypes based on parts of the column type name
* Any part of the name below will be picked up and converted unless otherwise sepcified
* Example: 'VARCHAR' columns have 'CHAR' in them, so 'char' => PDO::PARAM_STR will convert
* all columns of that type to be bound as PDO::PARAM_STR
* If there is no specification for a column type, column will be bound as PDO::PARAM_STR
*/
protected $pdo_bind_types = array(
'char' => PDO::PARAM_STR,
'int' => PDO::PARAM_INT,
'bool' => PDO::PARAM_BOOL,
'date' => PDO::PARAM_STR,
'time' => PDO::PARAM_INT,
'text' => PDO::PARAM_STR,
'blob' => PDO::PARAM_LOB,
'binary' => PDO::PARAM_LOB
);
/**
* Parse PDO-produced column type
* [internal function]
*/
protected function parseColumnType($col_type)
{
$col_info = array();
$col_parts = explode(" ", $col_type);
if( $fparen = strpos($colParts[0], "(") )
{
$col_info['type'] = substr($col_parts[0], 0, $fparen);
$col_info['pdo_type'] = '';
$col_info['length'] = str_replace(")", "", substr($col_parts[0], $fparen+1));
$col_info['attributes'] = isset($col_parts[1]) ? $col_parts[1] : NULL;
}
else
{
$col_info['type'] = $col_parts[0];
}
// PDO Bind types
$pdo_type = '';
foreach($this->pdo_bind_types as $pKey => $pType)
{
if(strpos(' '.strtolower($col_info['type']).' ', $pKey))
{
$col_info['pdo_type'] = $pType;
break;
}
else
{
$col_info['pdo_type'] = PDO::PARAM_STR;
}
}
return $col_info;
}
/**
* Automatically get column metadata
*/
protected function getColumnMeta($refresh = false)
{
if( $refresh )
{
// Clear any previous column/field info
$this->fields = array();
$this->field_meta = array();
$this->primary_key = NULL;
}
// Automatically retrieve column information if column info not specified
if( count($this->fields) == 0 || count($this->field_meta) == 0 )
{
// Fetch all columns and store in $this->fields
// TODO prepared statement ...
$columns = $this->database->query("SHOW COLUMNS FROM " . $this->table_name, PDO::FETCH_ASSOC);
foreach( $columns as $key => $col )
{
// Insert into fields array
$col_name = $col['Field'];
$this->fields[$col_name] = $col;
if( $col['Key'] == "PRI" && empty($this->primary_key) )
{
$this->primary_key = $col_name;
}
// Set field types
$col_type = $this->parseColumnType($col['Type']);
$this->field_meta[$col_name] = $col_type;
}
}
return true;
}
}
<?php
class zCampaigns
{
public $parent;
const FIELDS_gebuchte_werbung = ' `t1`.`id`, `t1`.`uid`, `t1`.`tan`, `t1`.`kid`, `t1`.`ziel`, `t1`.`banner`,
`t1`.`verdienst`, `t1`.`preis`, `t1`.`aufendhalt`, `t1`.`menge`, `t1`.`reload`,
`t1`.`sponsor`, `t1`.`werbeart`, `t1`.`use_frame`, `t1`.`addata`, `t1`.`status`,
`t1`.`created`, `t1`.`modified`, `t1`.`expires` ';
public function __construct( $zVms )
{
$this->parent = $zVms;
}
public function decreaseAvailCountById( $cid, $value = 1 )
{
$sql = 'UPDATE `'. DB_PREFIX . '_gebuchte_werbung` SET `menge` = GREATEST(0, `menge` - :value ) WHERE `id`= :id';
$sql_params = array(
':id' => $cid,
':value' => $value
);
return $this->parent->database->sqlUpdate($sql, $sql_params);
}
public function getIsClickableById( $cid, $ip, $uid, $time )
{
$sql = self::FIELDS_gebuchte_werbung .'
FROM `'. DB_PREFIX .'_gebuchte_werbung` AS `t1`
LEFT JOIN `'. DB_PREFIX .'_campaign_reloads` AS `t2` ON
(
`t1`.`id` = `t2`.`cid` AND
(
`t2`.`uid` = :t2uid OR
`t2`.`ip` = :t2ip
) AND
`t2`.`until` > :t2until
)
WHERE
`t1`.`id` = :t1cid AND
`t2`.`cid` IS NULL AND
`t1`.`menge` >= 1 AND
`t1`.`status` = 1 AND
`t1`.`sponsor` != :t1uid
LIMIT 1';
$sql_params = array(
':t2uid' => $uid,
':t2ip' => inet_pton($ip),
':t2until'=> $time,
':t1cid' => $cid,
':t1uid' => $uid,
);
$result = $this->parent->database->select( $sql, $sql_params );
return ( isset($result[0]) ) ? $result[0] : false;
}
public function getIsClickableByTanAndType( $tan, $type, $ip, $uid, $zeit )
{
$sql = self::FIELDS_gebuchte_werbung .'
FROM `'. DB_PREFIX .'_gebuchte_werbung` AS `t1`
LEFT JOIN `'. DB_PREFIX .'_campaign_reloads` AS `t2` ON
(
`t1`.`id` = `t2`.`cid` AND
(
`t2`.`uid` = :t2uid OR
`t2`.`ip` = :t2ip
) AND
`t2`.`until` > :t2until
)
WHERE
`t1`.`tan` = :t1tan AND
`t2`.`cid` IS NULL AND
`t1`.`werbeart` = :t1type AND
`t1`.`menge` >= 1 AND
`t1`.`status` = 1 AND
`t1`.`sponsor` != :t1uid
LIMIT 1';
$sql_params = array(
':t2uid' => $uid,
':t2ip' => inet_pton($ip),
':t2until' => $zeit,
':t1tan' => $tan,
':t1type' => $type,
':t1uid' => $uid,
);
$result = $this->parent->database->select( $sql, $sql_params );
return ( isset($result[0]) ) ? $result[0] : false;
}
public function getByTanAndType( $tan, $type, $status = false )
{
$where_status = ( false !== $status ) ? ' AND `status` = :status ' : '';
$sql = self::FIELDS_gebuchte_werbung .' FROM `'.DB_PREFIX.'_gebuchte_werbung` AS `t1` WHERE `tan` = :tan AND `werbeart` = :type '.$where_status.' LIMIT 1';
$sql_params = array(
':tan' => $tan,
':type' => $type,
);
if( false !== $status )
{
$sql_params[':status'] = $status;
}
$result = $this->parent->database->select($sql, $sql_params);
return ( isset($result[0]) ) ? $result[0] : false;
}
// TODO fix blacklisting
public function getNewAdData( $art, $uid, $ip, $limit = 3 )
{
$zeit = time();
$result = array('count' => 0, 'data' => array() );
$num_limit = (int)$limit;
$sql = self::FIELDS_gebuchte_werbung .'
FROM `' . DB_PREFIX . '_gebuchte_werbung` AS `t1`
LEFT JOIN `' . DB_PREFIX . '_campaign_reloads` AS `t2` ON (`t1`.`id` = `t2`.`cid` AND ( `t2`.`uid` = :ruid OR `t2`.`ip` = :ip ) AND `t2`.`until` >= :until)
LEFT JOIN `' . DB_PREFIX . '_fb_blacklist` AS `t3` ON `t3`.`kid` = `t1`.`kid` AND `t3`.`werbeart`=`t1`.`werbeart`
LEFT JOIN `' . DB_PREFIX . '_userblacklist` AS `t4` ON `t4`.`uid` = :ubuid
WHERE
(`t3`.`kid` IS NULL OR LOCATE(`t3`.`sponsor`, `t1`.`ziel`) = 0) AND
`t2`.`cid` IS NULL AND
`t1`.`werbeart` = :wart AND
`t1`.`menge` > 0 AND
`t1`.`status` = 1 AND
`t1`.`verdienst` > 0 AND
`t1`.`sponsor` != :spuid
ORDER BY `t1`.`verdienst` DESC LIMIT '.$num_limit;
$sql_params = array(
':ruid' => $uid,
':ip' => inet_pton($ip),
':until' => $zeit,
':ubuid' => $uid,
':wart' => $art,
':spuid' => $uid,
);
$result['data'] = $this->parent->database->select($sql, $sql_params);
$result['count'] = count($result['data']);
return $result;
}
public function getAll( $art, $status = false, $sponsor = false, $limit = false, $start = false)
{
$result = array('count' => 0, 'data' => array() );
$sql_params = array();
$sql = self::FIELDS_gebuchte_werbung .' FROM `' . DB_PREFIX . '_gebuchte_werbung` AS `t1`
WHERE';
if( false !== $sponsor )
{
$sql .= '`t1`.`sponsor` = :sponsor AND ';
$sql_params[':sponsor'] = $sponsor;
}
if( false !== $status )
{
$sql .= '`t1`.`status` = :status AND ';
$sql_params[':status'] = $status;
}
$sql .= '`t1`.`werbeart` = :wart
ORDER BY kid ASC ';
$sql_params[':wart'] = $art;
$result['data'] = $this->parent->database->select($sql, $sql_params);
$result['count'] = count($result['data']);
return $result;
}
public function delete( $where )
{
return $this->parent->database->delete( '`' . DB_PREFIX . '_gebuchte_werbung`' , $where );
}
public function update( $data, $where )
{
return $this->parent->database->update( '`' . DB_PREFIX . '_gebuchte_werbung`' , $data, $where );
}
public function insert( $data )
{
return $this->parent->database->insert( '`' . DB_PREFIX . '_gebuchte_werbung`' , $data );
}
public function getTimeToFirstOffReloadAd( $art, $uid )
{
$zeit = time();
$retval = NULL;
$sql = ' `r`.`until` FROM `'.DB_PREFIX.'_campaign_reloads` AS `r`
LEFT JOIN `'.DB_PREFIX.'_gebuchte_werbung` AS `ad` ON (`ad`.`id` = `r`.`cid` AND `ad`.`status` = 1 AND `ad`.`werbeart` = :wart AND `ad`.`sponsor` != :spuid)
WHERE
`r`.`uid` = :ruid AND `ad`.`id` IS NOT NULL AND `r`.`until` > :until
ORDER BY `r`.`until` ASC LIMIT 1';
$sql_params = array(
':wart' => $art,
':spuid' => $uid,
':ruid' => $uid,
':until' => $zeit,
);
$result = $this->parent->database->select($sql, $sql_params);
if( isset($result[0]) )
{
$res = $result[0];
$retval = (($res->until - $zeit ) >= 0) ? ($res->until - $zeit) : NULL;
}
return $retval;
}
}