Skip to content
Snippets Groups Projects

Compare revisions

Changes are shown as if the source revision was being merged into the target revision. Learn more about comparing revisions.

Source

Select target project
No results found

Target

Select target project
  • isaack/VMS-SUEE_2.0
  • ztk.me/VMS-z
2 results
Show changes
Expand all Hide whitespace changes
Inline Side-by-side
Showing
with 955 additions and 236 deletions
cron.php
View file @ ea519a27
...@@ -4,7 +4,7 @@ ...@@ -4,7 +4,7 @@
require ( 'lib/datenbank.inc.php' ); require ( 'lib/datenbank.inc.php' );
require ( 'lib/functions.lib.php' ); require ( 'lib/functions.lib.php' );
db_connect();
if ($_GET['pw'] != $cron_pw) die('Zugriff verweigert!'); if ($_GET['pw'] != $cron_pw) die('Zugriff verweigert!');
$cron = (int)$_GET['id']; $cron = (int)$_GET['id'];
...@@ -20,7 +20,7 @@ if($setting['buchungen_loeschen'] == 1){ ...@@ -20,7 +20,7 @@ if($setting['buchungen_loeschen'] == 1){
} }
## Alte Reloads löschen ## Alte Reloads löschen
db_query('DELETE FROM '.$db_prefix.'_reloads WHERE bis <= '.time().''); $ptc->delAllReloads( );
## Abgelaufene Paidmails löschen ## Abgelaufene Paidmails löschen
db_query('DELETE FROM '.$db_prefix.'_paidmails_empfaenger WHERE db_query('DELETE FROM '.$db_prefix.'_paidmails_empfaenger WHERE
status = 1 || status = 2 || gueltig < '.time().''); status = 1 || status = 2 || gueltig < '.time().'');
...@@ -34,4 +34,3 @@ if ( include ($result['datei']) ){ ...@@ -34,4 +34,3 @@ if ( include ($result['datei']) ){
echo 'Cron gelaufen'; echo 'Cron gelaufen';
} else echo 'Cron nicht gelaufen'; } else echo 'Cron nicht gelaufen';
db_close();
\ No newline at end of file
crons/db_backup.php
View file @ ea519a27
...@@ -2,7 +2,7 @@ ...@@ -2,7 +2,7 @@
require('../lib/datenbank.inc.php'); require('../lib/datenbank.inc.php');
require('../lib/functions.lib.php'); require('../lib/functions.lib.php');
db_connect();
if($_GET['cron_pw'] == $cron_pw){ if($_GET['cron_pw'] == $cron_pw){
set_time_limit(0); set_time_limit(0);
...@@ -27,5 +27,4 @@ if($_GET['cron_pw'] == $cron_pw){ ...@@ -27,5 +27,4 @@ if($_GET['cron_pw'] == $cron_pw){
mysqli_close($sql_open); mysqli_close($sql_open);
die(); die();
} }
db_close(); ?>
?>
\ No newline at end of file
ext/ap/ads.php 0 → 100644
View file @ ea519a27
<?php
ini_set('display_errors', '1');
require ('../../lib/datenbank.inc.php');
require ('../../lib/functions.lib.php');
require ('../../lib/session.lib.php');
userstatus();
$sperre_sql = "SELECT `forced_sperre` FROM `".$db_prefix."_kontodaten` WHERE `uid` = ".$_SESSION['uid'];
$sperre_res = db_query($sperre_sql);
$sperre = mysqli_fetch_assoc( $sperre_res );
if( 0 == $sperre['forced_sperre'] )
{
$result = array( 'count' => 0, 'data' => array() );
if( isset($_POST['action']) )
{
switch( $_POST['action'] )
{
case 'getNewAdData':
$ptc->invalidateAlreadyRunningAd( $_SESSION['uid'], $ip );
if( isset($_POST['adArt']) )
{
$result = $campaigns->getNewAdData( $_POST['adArt'], $_SESSION['uid'], $ip );
}
break;
case 'checkAdOk':
if( isset( $_SESSION['current_ad']['id'] ) )
$result = $ptc->checkAdOkAndPay( $_SESSION['current_ad']['id'], $_SESSION['uid'], $ip );
break;
case 'invalidateAd':
$result = invalidateAlreadyRunningAd( $_SESSION['uid'], $ip );
break;
}
}
echo json_encode($result);
}
ext/js/basics.js 0 → 100644
View file @ ea519a27
function sleep(ms)
{
return new Promise(resolve => setTimeout(resolve, ms));
}
ext/js/forcedbanner_nf.js 0 → 100644
View file @ ea519a27
$( document ).ready( function()
{
var adFenster = new Array();
window.addEventListener("message", function(event)
{
if ( pageconfig['domain'] != event.origin )
{
return;
}
console.log(event.data);
var art = event.data['art'],
tan = event.data['tan'],
action = event.data['action'];
if( 'adcheck' == action )
{
console.log('okokok');
adFenster[art][tan]['opened'] = true;
}
}
);
function checkAdOk( art, tan )
{
console.log('checkadok');
if( false == adFenster[art][tan]['checked'] && false == adFenster[art][tan]['window'].closed )
{
var pdata = window.btoa(art) + '-' + window.btoa(tan)
adFenster[art][tan]['checked'] = true;
$.post( "ext/ap/ads.php",
{
'action': "checkAdOk",
'art': art,
'tan': tan
},
function(data, status)
{
window.open(pageconfig['domain']+'/adcheck.php?data='+pdata, art+'-'+tan, "height=120,width=200");
}
);
}
}
/*
* if u do something wrong, sorry no matter which ad was active, invalidate
*/
function invalidateAd( art, tan )
{
console.log('invalidatead');
adFenster[art][tan]['checked'] = true;
var pdata = window.btoa(art) + '-' + window.btoa(tan)
$.post( "ext/ap/ads.php",
{
'action': "invalidateAd"
},
function(data, status)
{
window.open(pageconfig['domain']+'/adcheck.php?data='+pdata, art+'-'+tan, "height=120,width=200");
}
);
}
async function startAdCountdown( art, tan, sec )
{
console.log('startadcountdown');
let timer = setInterval( () =>
{
console.log('checktimer');
if( true == adFenster[art][tan]['checked'] )
{
clearInterval(timer);
} else {
if( document.hasFocus() )
{
invalidateAd( art, tan );
clearInterval(timer);
}
if ( 'undefined' == adFenster[art][tan]['window'].closed || adFenster[art][tan]['window'].closed )
{
invalidateAd( art, tan );
clearInterval(timer);
}
}
},
100
);
await sleep(sec * 1000);
checkAdOk( art, tan );
}
/*
* communicates with ad window, placing detection of actual click
*/
function openAdWindow( art, tan, sec )
{
if ( 'undefined' == typeof adFenster[art] || (! adFenster[art] instanceof Array ) )
{
adFenster[art] = new Array();
}
if ( 'undefined' == typeof adFenster[art][tan] || (! adFenster[art][tan] instanceof Array ) )
{
adFenster[art][tan] = new Array();
}
if( ( 'undefined' == adFenster[art][tan]['window'] || null == adFenster[art][tan]['window'] ) || adFenster[art][tan]['window'].closed )
{
var data = window.btoa(art) + '-' + window.btoa(tan);
adFenster[art][tan]['window'] = window.open( pageconfig['domain'] + '/adclick.php?data='+data, "_blank" );
adFenster[art][tan]['window'].focus();
adFenster[art][tan]['opened'] = false;
adFenster[art][tan]['checked']= false;
console.log('meh');
adFenster[art][tan]['window'].onbeforeunload = function()
{ console.log('startadcountdowncall');
startAdCountdown( art, tan, sec );
}
}
}
/*
* gets executed on click on ad
*/
$( "#forcedbanner_display" ).on('click', function(e)
{
var elem = $( e.target ).closest( "li" );
var sec = elem.data('sec');
var tan = elem.data('tan');
var art = elem.data('art');
if (typeof tan !== typeof undefined && tan !== false)
{
if (typeof art !== typeof undefined && art !== false)
{
if (typeof sec !== typeof undefined && sec !== false)
{
$(elem).remove();
openAdWindow( art, tan, sec );
}
}
}
}
);
/*
* gets executed first, loads available ads and prepares the bootstrap <ul>-list for display
*/
function loadAds( art )
{
$.post( "ext/ap/ads.php",
{
'action': "getNewAdData",
'adArt' : art
},
function(data, status)
{
var useData = jQuery.parseJSON( data );
if( 0 < useData.count )
{
$( "#forcedbanner_display" ).html('<ul class="list-group" id="forcedbanner_display_grp"></ul>');
$( "#forcedBannerTmpl_list" ).tmpl( useData.data ).appendTo( $( "#forcedbanner_display ul" ) );
}
}
);
}
$( "#loadAds_btn").on('click', function(e) { loadAds( 'forcedbanner' ) } );
loadAds( 'forcedbanner' );
}
);
ext/js/jquery-3.3.1.min.js 0 → 100644
View file @ ea519a27
This diff is collapsed.
ext/js/jquery.tmpl.js 0 → 100644
View file @ ea519a27
This diff is collapsed.
index.php
View file @ ea519a27
...@@ -14,7 +14,6 @@ if (!ini_get('display_errors')) { ...@@ -14,7 +14,6 @@ if (!ini_get('display_errors')) {
} }
require ('lib/datenbank.inc.php'); require ('lib/datenbank.inc.php');
db_connect();
require ('lib/functions.lib.php'); require ('lib/functions.lib.php');
require ('lib/session.lib.php'); require ('lib/session.lib.php');
require ('lib/run.inc.php'); require ('lib/run.inc.php');
...@@ -28,21 +27,18 @@ if (!file_exists('content' . $_GET['content'] . '.php')) $_GET['content'] = '/er ...@@ -28,21 +27,18 @@ if (!file_exists('content' . $_GET['content'] . '.php')) $_GET['content'] = '/er
if ($_GET['content'] == '/intern/startseite') @require_once ('lib/texte/alt_startseitenpopup.txt'); if ($_GET['content'] == '/intern/startseite') @require_once ('lib/texte/alt_startseitenpopup.txt');
if ($_GET['content'] == '/betteln') @require_once ('lib/texte/alt_bettelseitenpopup.txt'); if ($_GET['content'] == '/betteln') @require_once ('lib/texte/alt_bettelseitenpopup.txt');
$grundconfig = mysqli_fetch_array(db_query("SELECT seitenname,domain FROM ".$db_prefix."_seitenkonfig ")); $start_reload = $ptc->isContentInReload( 1, $_SESSION['uid'], $ip, time());
$start_reload = db_query("SELECT * FROM ".$db_prefix."_reloads WHERE uid = '".$_SESSION['uid']."' and tan = 'startseitenaufruf' and bis >= '".time()."'"); if (true == $start_reload['in_reload'])
if (mysqli_num_rows($start_reload) != 0) { {
$start = mysqli_fetch_array($start_reload); $datetime = date("Y-m-d H:i:s", $start_reload['until']);
$datetime = date("Y-m-d H:i:s", $start['bis']);
}else{ }else{
$datetime = "2014-09-21 20:33:28"; $datetime = "2014-09-21 20:33:28";
} }
$ts = strtotime($datetime); $ts = strtotime($datetime);
?> ?><!DOCTYPE html>
<!DOCTYPE html>
<html lang='de'> <html lang='de'>
<head> <head>
<title><?php echo $seitenname;?></title> <title><?php echo $pageconfig['seitenname'];?></title>
<meta charset="UTF-8"> <meta charset="UTF-8">
<meta name="generator" content="vms-script"> <meta name="generator" content="vms-script">
<meta name="Author" content="Designerscripte.net"> <meta name="Author" content="Designerscripte.net">
...@@ -52,15 +48,19 @@ $ts = strtotime($datetime); ...@@ -52,15 +48,19 @@ $ts = strtotime($datetime);
<meta name="Robots" content="INDEX,FOLLOW"> <meta name="Robots" content="INDEX,FOLLOW">
<link rel="stylesheet" type="text/css" href="js/tcal.css" /> <link rel="stylesheet" type="text/css" href="js/tcal.css" />
<link href="css/bootstrap.min.css" rel="stylesheet"> <link href="css/bootstrap.min.css" rel="stylesheet">
<script src="http://code.jquery.com/jquery-latest.js"></script> <script src="ext/js/jquery-3.3.1.min.js"></script>
<script src="ext/js/jquery.tmpl.js"></script>
<script type="text/javascript" src="js/tcal.js"></script> <script type="text/javascript" src="js/tcal.js"></script>
<script language="JavaScript" src="js/slider.js"></script> <script type="text/javascript" src="js/slider.js"></script>
<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js"></script> <script type="text/javascript" src="js/bootstrap.min.js"></script>
<script src="js/bootstrap.min.js"></script> <script type="text/javascript" src="ext/js/basics.js"></script>
<script type="text/javascript" src="js/start_countdown.js"></script> <script type="text/javascript" src="js/start_countdown.js"></script>
</head> </head>
<body> <body>
<script>
var pageconfig = new Array();
pageconfig['domain'] = '<?php echo $pageconfig['domain']; ?>';
</script>
<?php <?php
if(!empty($meldung['meldung'])){ if(!empty($meldung['meldung'])){
?> ?>
...@@ -107,11 +107,11 @@ $ts = strtotime($datetime); ...@@ -107,11 +107,11 @@ $ts = strtotime($datetime);
<span class="icon-bar"></span> <span class="icon-bar"></span>
<span class="icon-bar"></span> <span class="icon-bar"></span>
</button> </button>
<a class="navbar-brand" href="<?php echo $grundconfig['domain'];?>"><?php echo $grundconfig['seitenname'];?></a> <a class="navbar-brand" href="<?php echo $pageconfig['domain'];?>"><?php echo $pageconfig['seitenname'];?></a>
</div> </div>
<div id="navbar" class="navbar-collapse collapse"> <div id="navbar" class="navbar-collapse collapse">
<ul class="nav navbar-nav"> <ul class="nav navbar-nav">
<li class="active"><a href="<?php echo $grundconfig['domain'];?>">Start</a></li> <li class="active"><a href="<?php echo $pageconfig['domain'];?>">Start</a></li>
<?php if ($_SESSION['login'] != true) { ?> <?php if ($_SESSION['login'] != true) { ?>
<li><a href="?content=/intern/anmelden">Registrieren</a></li> <li><a href="?content=/intern/anmelden">Registrieren</a></li>
<li><a href="?content=/intern/daten">Passwort anfordern!</a></li> <li><a href="?content=/intern/daten">Passwort anfordern!</a></li>
...@@ -126,7 +126,7 @@ $ts = strtotime($datetime); ...@@ -126,7 +126,7 @@ $ts = strtotime($datetime);
<li class="dropdown"> <li class="dropdown">
<a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-haspopup="true" aria-expanded="false">Start <span class="caret"></span></a> <a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-haspopup="true" aria-expanded="false">Start <span class="caret"></span></a>
<ul class="dropdown-menu"> <ul class="dropdown-menu">
<li><a href="<?php echo $domain;?>">Startseite</a></li> <li><a href="<?php echo $pageconfig['domain'];?>">Startseite</a></li>
<li><a href="?content=/news">News</a></li> <li><a href="?content=/news">News</a></li>
<li><a href="?content=/intern/mediadaten">Mediadaten</a></li> <li><a href="?content=/intern/mediadaten">Mediadaten</a></li>
<li><a href="?content=/intern/agbs">AGB</a></li> <li><a href="?content=/intern/agbs">AGB</a></li>
...@@ -152,7 +152,7 @@ $ts = strtotime($datetime); ...@@ -152,7 +152,7 @@ $ts = strtotime($datetime);
<?php <?php
if(isset($_SESSION['admin'])){ if(isset($_SESSION['admin'])){
if($_SESSION['admin'] == 1){ if($_SESSION['admin'] == 1){
echo '<li><a href="'.$domain.'/adminforce/index.php\">Adminforce</a></li>'; echo '<li><a href="'.$pageconfig['domain'].'/adminforce/index.php\">Adminforce</a></li>';
} }
} }
?> ?>
...@@ -201,7 +201,3 @@ $ts = strtotime($datetime); ...@@ -201,7 +201,3 @@ $ts = strtotime($datetime);
?> ?>
</body> </body>
</html> </html>
<?php
db_close();
if ($gzip_rate > 0) ob_end_flush();
?>
install/index.php
View file @ ea519a27
...@@ -6,22 +6,21 @@ if(!isset($_GET['step'])){ $_GET['step'] = 0;} ...@@ -6,22 +6,21 @@ if(!isset($_GET['step'])){ $_GET['step'] = 0;}
require('../lib/functions.lib.php'); require('../lib/functions.lib.php');
if(isset($_POST['datenbank_anlegen'])){ if(isset($_POST['datenbank_anlegen'])){
$inhalt = ' $inhalt = '<?php
<?php
define("DB_HOST","'.$_POST['host'].'"); define("DB_HOST","'.$_POST['host'].'");
define("DB_USER","'.$_POST['nutzername'].'"); define("DB_USER","'.$_POST['nutzername'].'");
define("DB_PASS","'.$_POST['passwort'].'"); define("DB_PASS","'.$_POST['passwort'].'");
define("DB_BASS","'.$_POST['db'].'"); define("DB_BASE","'.$_POST['db'].'");
define("PREFIX","'.$_POST['prefix'].'"); define("PREFIX","'.$_POST['prefix'].'");
$db_prefix = "'.$_POST['prefix'].'";
//Passwort zusatz //Passwort zusatz
define("PW_ZUSATZ","'. create_code(5) .'"); define("PW_ZUSATZ","'. create_code(5) .'");
// Verschlsselungspasswort // Verschlsselungspasswort
define("VER_SCHLUESSEL","'. create_code(16) .'"); define("VER_SCHLUESSEL","'. create_code(16) .'");
?> ?>';
';
$datei = fopen("../lib/db_config.php","w"); $datei = fopen("../lib/db_config.php","w");
fwrite($datei, $inhalt,100000); fwrite($datei, $inhalt,100000);
...@@ -373,105 +372,6 @@ if(!isset($_GET['step'])){ $_GET['step'] = 0;} ...@@ -373,105 +372,6 @@ if(!isset($_GET['step'])){ $_GET['step'] = 0;}
require('../lib/functions.lib.php'); require('../lib/functions.lib.php');
if(isset($_POST['datenbank_anlegen'])){
$inhalt = '
<?php
$db_host = "'.$_POST['host'].'";
// Mysql User
$db_user = "'.$_POST['nutzername'].'";
// Mysql PW
$db_pass = "'.$_POST['passwort'].'";
// Datenbank
$db_base = "'.$_POST['db'].'";
//Datenbank Prefix
$db_prefix = "'.$_POST['prefix'].'";
//Passwort zusatz
$pw_zusatz = '. create_code(5) .';
// Verschlüsselungspasswort
$ver_schluessel = '. create_code(16) .';
//Datenbankverbindung herstellen
$sql_open = @mysqli_connect($db_host, $db_user, $db_pass, $db_base) or die(\'Verbindung zum Mysql Server fehlgeschlagen! <br>Tipp: <a href="http://www.vms-tutorial.de/wiki//Lib/Functions">http://www.vms-tutorial.de/wiki//Lib/Functions</a>\');
$sql_base = @mysqli_select_db($sql_open,$db_base) or die("Keine oder falsche Datenbank gewählt! Tipp: <br><a href=\'http://www.vms-tutorial.de/wiki//Lib/Functions\'>http://www.vms-tutorial.de/wiki//Lib/Functions</a>");
/**
* db_connect()
*
* @author designerscripte.net
* @category system Database
* @version 2.5.0
* @example db_query("SELECT `field` FROM `table` WHERE `field` = `value` ");
* @param mixed $sql_tag
* @return 0 bei Fehler Mysql_resource.
*
*/
function db_query($sql_tag) {
global $count_query,$sql_open;
$count_query++;
$fargs = func_get_args();
if (!empty($fargs)) {
$vargs = array();
foreach($fargs as $key => $arg) {
$vargs[$key] = mysqli_real_escape_string($sql_open,$arg);
}
array_shift($vargs);
if (!empty($vargs))$sql_tag = vsprintf($sql_tag, $vargs);
}
if ($ret = mysqli_query($sql_open,$sql_tag)) {
return $ret;
}else {
return 0;
}
}
function pw_erstellen($pw){
global $pw_zusatz;
$pw_er = hash("sha256",$pw.$pw_zusatz);
return $pw_er;
}
/**
* db_close()
*
* @author designerscripte.net
* @category system Database
* @version 2.5.0
* @example db_close();
* @return die(\'\'); bei fehler nichts bei erfolg
*/
function db_close() {
global $sql_open;
@mysqli_close($sql_open) or die(\'Konnte die Verbindung mit Datenbank nicht schliessen!\');
}
$daten = mysqli_fetch_array(db_query("SELECT domain,seitenname,waehrung,betreibermail,cron_pw FROM ".$db_prefix."_seitenkonfig "));
// Domain (ohne Slash am Ende)
$domain = $daten[\'domain\'];
// Seitenname
$seitenname = $daten[\'seitenname\'];
// Seitenwährung
$waehrung = $daten[\'waehrung\'];
// ID vom Admin
$admin_id = 1;
// Adminmail
$betreibermail = $daten[\'betreibermail\'];
// Passwort für Crons
$cron_pw = $daten[\'cron_pw\'];
// beliebiger Alphanumerischer String hilft beim Schutz vor Autoklickern
$percode = \'551c3d4318d668cc2b00d02b40d1e6cd282817c2be65d401ed0cff2e6b\';
/* Globale Variablen nichts ändern */
$ip = $_SERVER[\'REMOTE_ADDR\'];
?>
';
$datei = fopen("../lib/datenbank.inc.php","w");
fwrite($datei, $inhalt,100000);
fclose($datei);
}
if($_GET['step'] == 4 && $_GET['db'] == true){ if($_GET['step'] == 4 && $_GET['db'] == true){
require_once('../lib/datenbank.inc.php'); require_once('../lib/datenbank.inc.php');
......
install/mysql.txt
View file @ ea519a27
...@@ -136,21 +136,26 @@ CREATE TABLE IF NOT EXISTS `vms_fb_blacklist` ( ...@@ -136,21 +136,26 @@ CREATE TABLE IF NOT EXISTS `vms_fb_blacklist` (
`werbeart` varchar(255) NOT NULL `werbeart` varchar(255) NOT NULL
) ENGINE=MyISAM DEFAULT CHARSET=latin1; ) ENGINE=MyISAM DEFAULT CHARSET=latin1;
CREATE TABLE IF NOT EXISTS `vms_gebuchte_werbung` ( CREATE TABLE `vms_gebuchte_werbung` (
`uid` int(7) NOT NULL DEFAULT '0', `id` bigint(1) UNSIGNED NOT NULL,
`tan` varchar(32) NOT NULL DEFAULT '', `uid` int(1) UNSIGNED NOT NULL DEFAULT '0',
`kid` int(11) NOT NULL DEFAULT '0', `tan` varchar(32) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NOT NULL DEFAULT '',
`ziel` varchar(250) NOT NULL DEFAULT '', `kid` int(1) UNSIGNED NOT NULL DEFAULT '0',
`banner` varchar(250) NOT NULL DEFAULT '', `ziel` varchar(250) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NOT NULL DEFAULT '',
`banner` varchar(250) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NOT NULL DEFAULT '',
`verdienst` double(10,2) NOT NULL DEFAULT '0.00', `verdienst` double(10,2) NOT NULL DEFAULT '0.00',
`preis` double(10,2) NOT NULL DEFAULT '0.00', `preis` double(10,2) NOT NULL DEFAULT '0.00',
`aufendhalt` int(11) NOT NULL DEFAULT '0', `aufendhalt` int(1) UNSIGNED NOT NULL DEFAULT '0',
`menge` int(11) NOT NULL DEFAULT '0', `menge` int(1) UNSIGNED NOT NULL DEFAULT '0',
`reload` int(11) NOT NULL DEFAULT '0', `reload` int(1) UNSIGNED NOT NULL DEFAULT '0',
`sponsor` varchar(25) NOT NULL DEFAULT '', `sponsor` varchar(25) NOT NULL DEFAULT '',
`werbeart` varchar(50) NOT NULL DEFAULT '', `werbeart` varchar(50) NOT NULL DEFAULT '',
`status` tinyint(1) NOT NULL DEFAULT '1' `addata` text CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NOT NULL,
) ENGINE=MyISAM DEFAULT CHARSET=latin1; `status` tinyint(1) NOT NULL DEFAULT '1',
`created` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
`modified` timestamp NOT NULL DEFAULT '0000-00-00 00:00:00',
`expires` timestamp NOT NULL DEFAULT '0000-00-00 00:00:00'
) ENGINE=MyISAM DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;
CREATE TABLE IF NOT EXISTS `vms_geburtstag` ( CREATE TABLE IF NOT EXISTS `vms_geburtstag` (
`geb_mail` int(11) NOT NULL, `geb_mail` int(11) NOT NULL,
...@@ -597,7 +602,10 @@ ALTER TABLE `vms_fb_blacklist` ...@@ -597,7 +602,10 @@ ALTER TABLE `vms_fb_blacklist`
ADD UNIQUE KEY `sponsor` (`sponsor`,`kid`,`werbeart`); ADD UNIQUE KEY `sponsor` (`sponsor`,`kid`,`werbeart`);
ALTER TABLE `vms_gebuchte_werbung` ALTER TABLE `vms_gebuchte_werbung`
ADD KEY `klick4` (`werbeart`,`menge`,`status`,`verdienst`,`sponsor`), ADD KEY `crons` (`sponsor`,`werbeart`,`status`); ADD PRIMARY KEY (`id`),
ADD UNIQUE KEY `tan` (`tan`),
ADD KEY `klick4` (`werbeart`,`menge`,`status`,`verdienst`,`sponsor`),
ADD KEY `crons` (`sponsor`,`werbeart`,`status`);
ALTER TABLE `vms_interface` ALTER TABLE `vms_interface`
ADD KEY `interface` (`interface`); ADD KEY `interface` (`interface`);
...@@ -694,3 +702,11 @@ MODIFY `id` tinyint(1) NOT NULL AUTO_INCREMENT,AUTO_INCREMENT=30; ...@@ -694,3 +702,11 @@ MODIFY `id` tinyint(1) NOT NULL AUTO_INCREMENT,AUTO_INCREMENT=30;
ALTER TABLE `vms_rallyorte` ALTER TABLE `vms_rallyorte`
MODIFY `id` int(11) NOT NULL AUTO_INCREMENT,AUTO_INCREMENT=8; MODIFY `id` int(11) NOT NULL AUTO_INCREMENT,AUTO_INCREMENT=8;
ALTER TABLE `vms_gebuchte_werbung`
MODIFY `id` bigint(1) UNSIGNED NOT NULL AUTO_INCREMENT;
DELIMITER $$
CREATE TRIGGER `campaign_update` BEFORE UPDATE ON `vms_gebuchte_werbung` FOR EACH ROW SET NEW.`modified` = CURRENT_TIMESTAMP
$$
DELIMITER ;
lib/class/chat.class.php
View file @ ea519a27
...@@ -2,10 +2,9 @@ ...@@ -2,10 +2,9 @@
class chatClass{ class chatClass{
public static function getRestChatLines($id){ public static function getRestChatLines($id){
global $db_host,$db_user,$db_pass,$db_base;
$arr = array(); $arr = array();
$jsonData = '{"results":['; $jsonData = '{"results":[';
$db_connection = new mysqli( $db_host, $db_user, $db_pass, $db_base); $db_connection = new mysqli( DB_HOST, DB_USER, DB_PASS, DB_BASE );
$db_connection->query( "SET NAMES 'UTF8'" ); $db_connection->query( "SET NAMES 'UTF8'" );
$statement = $db_connection->prepare( "SELECT id, absender, nachricht, time FROM vms_chat WHERE id > ? "); $statement = $db_connection->prepare( "SELECT id, absender, nachricht, time FROM vms_chat WHERE id > ? ");
$statement->bind_param( 'i', $id); $statement->bind_param( 'i', $id);
...@@ -27,8 +26,7 @@ class chatClass{ ...@@ -27,8 +26,7 @@ class chatClass{
} }
public static function setChatLines( $chattext, $usrname, $color) { public static function setChatLines( $chattext, $usrname, $color) {
global $db_host,$db_user,$db_pass,$db_base; $db_connection = new mysqli( DB_HOST, DB_USER, DB_PASS, DB_BASE );
$db_connection = new mysqli( $db_host, $db_user, $db_pass, $db_base);
$db_connection->query( "SET NAMES 'UTF8'" ); $db_connection->query( "SET NAMES 'UTF8'" );
$statement = $db_connection->prepare( "INSERT INTO chat( usrname, color, chattext) VALUES(?, ?, ?)"); $statement = $db_connection->prepare( "INSERT INTO chat( usrname, color, chattext) VALUES(?, ?, ?)");
$statement->bind_param( 'sss', $usrname, $color, $chattext); $statement->bind_param( 'sss', $usrname, $color, $chattext);
...@@ -37,4 +35,4 @@ class chatClass{ ...@@ -37,4 +35,4 @@ class chatClass{
$db_connection->close(); $db_connection->close();
} }
} }
?> ?>
\ No newline at end of file
lib/datenbank.inc.php
View file @ ea519a27
<?php <?php
$db_host = "localhost";
// Mysql User require_once( __DIR__ .'/db_config.php' );
$db_user = "vms_suee2"; require_once( __DIR__ .'/../class/database.php' );
// Mysql PW
$db_pass = "lTxyJyZtmSQvaV6M";
// Datenbank
$db_base = "vms_suee2";
//Datenbank Prefix
$db_prefix = "vms";
//Passwort zusatz
$pw_zusatz = 'fg65en';
// Verschlüsselungspasswort
$ver_schluessel = 'libh5476H6G4v0TB';
//Datenbankverbindung herstellen
$sql_open = @mysqli_connect($db_host, $db_user, $db_pass, $db_base) or die('Verbindung zum Mysql Server fehlgeschlagen! <br>Tipp: <a href="http://www.vms-tutorial.de/wiki//Lib/Functions">http://www.vms-tutorial.de/wiki//Lib/Functions</a>');
$sql_base = @mysqli_select_db($sql_open,$db_base) or die("Keine oder falsche Datenbank gewhlt! Tipp: <br><a href='http://www.vms-tutorial.de/wiki//Lib/Functions'>http://www.vms-tutorial.de/wiki//Lib/Functions</a>");
//Datenbankverbindung herstellen
$sql_open = @mysqli_connect( DB_HOST, DB_USER, DB_PASS, DB_BASE ) or die('Verbindung zum Mysql Server fehlgeschlagen! <br>Tipp: <a href="http://www.vms-tutorial.de/wiki//Lib/Functions">http://www.vms-tutorial.de/wiki//Lib/Functions</a>');
// why?:
$sql_base = @mysqli_select_db($sql_open, DB_BASE ) or die("Keine oder falsche Datenbank gewhlt! Tipp: <br><a href='http://www.vms-tutorial.de/wiki//Lib/Functions'>http://www.vms-tutorial.de/wiki//Lib/Functions</a>");
// please use global $database, $GLOBALs['database'] or pass $database to class/function
// avoid cluttering the code with silly singleton calls, except when really needed,
// for example when connectiong to a different database, thank you
$database = Database::get(
array(
'type' => 'mysql',
'host' => DB_HOST,
'name' => DB_BASE,
'user' => DB_USER,
'pass' => DB_PASS,
)
);
/** /**
* db_connect() * db_connect()
* *
...@@ -50,10 +52,50 @@ ...@@ -50,10 +52,50 @@
} }
} }
/*
* taken from nieprzeklinaj at gmail dot com
* http://php.net/manual/de/mysqli-stmt.bind-result.php
*/
function db_fetch($result)
{
$array = array();
if($result instanceof mysqli_stmt)
{
$result->store_result();
$variables = array();
$data = array();
$meta = $result->result_metadata();
while($field = $meta->fetch_field())
$variables[] = &$data[$field->name]; // pass by reference
call_user_func_array(array($result, 'bind_result'), $variables);
$i=0;
while($result->fetch())
{
$array[$i] = array();
foreach($data as $k=>$v)
$array[$i][$k] = $v;
$i++;
// don't know why, but when I tried $array[] = $data, I got the same one result in all rows
}
}
elseif($result instanceof mysqli_result)
{
while($row = $result->fetch_assoc())
$array[] = $row;
}
return $array;
}
function pw_erstellen($pw){ function pw_erstellen($pw){
global $pw_zusatz; $pw_er = hash("sha256",$pw. PW_ZUSATZ );
$pw_er = hash("sha256",$pw.$pw_zusatz);
return $pw_er; return $pw_er;
} }
...@@ -70,5 +112,4 @@ ...@@ -70,5 +112,4 @@
global $sql_open; global $sql_open;
@mysqli_close($sql_open) or die('Konnte die Verbindung mit Datenbank nicht schliessen!'); @mysqli_close($sql_open) or die('Konnte die Verbindung mit Datenbank nicht schliessen!');
} }
?> ?>
lib/functions.lib.php
View file @ ea519a27
<?php <?php
// Komprimierung der Ausgabe zwischen 0 & 10 wobei 0 die Komprimierung der Ausgabe deaktiviert Empfohlener Wert: 1 if( isset($database) )
$gzip_rate = 0; {
require_once( __DIR__ . '/../class/campaigns.php' );
require_once( __DIR__ . '/../class/stats.php' );
require_once( __DIR__ . '/../class/ptc.php' );
$campaigns = new Campaigns($database);
$stats = new Stats($database);
$ptc = new Ptc($database, $campaigns);
} else {
throw new Exception( 'Please include lib/datenbank.inc.php before lib/functions.lib.php' );
}
/** /**
* create_code() * create_code()
...@@ -170,13 +180,6 @@ function bilanz ($ein,$aus,$gruppe,$name) { ...@@ -170,13 +180,6 @@ function bilanz ($ein,$aus,$gruppe,$name) {
} }
// GZip
if ($gzip_rate > 0) {
ini_set('zlib.output_compression_level', $gzip_rate);
if (ereg("gzip", getenv("HTTP_ACCEPT_ENCODING"))) ob_start("ob_gzhandler");
else ob_start();
}
// Datum im Facebook Stil // Datum im Facebook Stil
function niceDate($timestamp) function niceDate($timestamp)
{ {
...@@ -289,18 +292,16 @@ function geoIP($ip){ ...@@ -289,18 +292,16 @@ function geoIP($ip){
} }
function versch($text){ function versch($text){
global $ver_schluessel;
$iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB); $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB);
$iv = mcrypt_create_iv($iv_size, MCRYPT_RAND); $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
$crypted = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $ver_schluessel, $text, MCRYPT_MODE_ECB, $iv); $crypted = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, VER_SCHLUESSEL, $text, MCRYPT_MODE_ECB, $iv);
return $crypted; return $crypted;
} }
function entsch($text){ function entsch($text){
global $ver_schluessel;
$iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB); $iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB);
$iv = mcrypt_create_iv($iv_size, MCRYPT_RAND); $iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
$encrypted = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $ver_schluessel, $text, MCRYPT_MODE_ECB, $iv); $encrypted = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, VER_SCHLUESSEL, $text, MCRYPT_MODE_ECB, $iv);
return $encrypted; return $encrypted;
} }
......
lib/funktionen/chat.php
View file @ ea519a27
...@@ -3,35 +3,37 @@ require_once('../../lib/datenbank.inc.php'); ...@@ -3,35 +3,37 @@ require_once('../../lib/datenbank.inc.php');
require_once('../../lib/functions.lib.php'); require_once('../../lib/functions.lib.php');
require_once('../../lib/session.lib.php'); require_once('../../lib/session.lib.php');
$error = 0; $error = 0;
$_zeit = time();
$sperre = mysqli_fetch_array(db_query("SELECT chat_sperre FROM ".$db_prefix."_userdaten WHERE uid = '". mysqli_real_escape_string($sql_open,$_SESSION['uid']) ."' ")); $sperre = mysqli_fetch_array(db_query("SELECT chat_sperre FROM ".$db_prefix."_userdaten WHERE uid = '". mysqli_real_escape_string($sql_open,$_SESSION['uid']) ."' "));
if($sperre['chat_sperre'] == '1'){ $error = 1; $meldung = 'Du bist für den Chat gesperrt.';} if($sperre['chat_sperre'] == '1'){ $error = 1; $meldung = 'Du bist für den Chat gesperrt.';}
if(empty($_POST['inhalt'])){ $error = 1; $meldung = 'Bitte Text eingeben.';} if(empty($_POST['inhalt'])){ $error = 1; $meldung = 'Bitte Text eingeben.';}
if($_SESSION['uid'] <= 0){ $error = 1; $meldung = 'Ung&uuml;ltige User-ID.';} if($_SESSION['uid'] <= 0){ $error = 1; $meldung = 'Ung&uuml;ltige User-ID.';}
if($error == 0){ if($error == 0)
$reload = mysqli_fetch_array(db_query("SELECT bis FROM ".$db_prefix."_reloads WHERE uid = '".$_SESSION['uid']."' AND tan = 'sb_reload' ")); {
$zeit = time(); $reload_info = $ptc->isContentInReload( 2, $_SESSION['uid'], $ip, $_zeit);
$text = $_POST['inhalt']; $text = $_POST['inhalt'];
$user = mysqli_fetch_array(db_query("SELECT nickname FROM ".$db_prefix."_userdaten WHERE uid = '".$_SESSION['uid']."' ")); $user = mysqli_fetch_array(db_query("SELECT nickname FROM ".$db_prefix."_userdaten WHERE uid = '".$_SESSION['uid']."' "));
db_query("INSERT INTO ".$db_prefix."_chat (absender, nachricht, time) VALUES ('".$user['nickname']."', '". mysqli_real_escape_string($sql_open,$text) ."', '".$zeit."')"); db_query("INSERT INTO ".$db_prefix."_chat (absender, nachricht, time) VALUES ('".$user['nickname']."', '". mysqli_real_escape_string($sql_open,$text) ."', '".$_zeit."')");
db_query("UPDATE ".$db_prefix."_kontodaten SET sb_texte = sb_texte + '1' WHERE uid = '".$_SESSION['uid']."' "); db_query("UPDATE ".$db_prefix."_kontodaten SET sb_texte = sb_texte + '1' WHERE uid = '".$_SESSION['uid']."' ");
if( time() >= $reload['bis']){ if( false === $reload_info['in_reload'] )
$daten = mysqli_fetch_array(db_query("SELECT sb_reload,sb_verguetung FROM ".$db_prefix."_chat_einstellungen ")); {
$daten = mysqli_fetch_array(db_query("SELECT sb_reload,sb_verguetung FROM ".$db_prefix."_chat_einstellungen "));
if($_COOKIE['adblocker'] == 1){ if($_COOKIE['adblocker'] == 1){
$verguetung = $daten['sb_verguetung']/2; $verguetung = $daten['sb_verguetung']/2;
kontobuchung ('+', $verguetung/2, create_code(14), $_SESSION['uid'],'Chatverg&uuml;tung'); kontobuchung ('+', $verguetung/2, create_code(14), $_SESSION['uid'],'Chatverg&uuml;tung');
$error = 0; $meldung = 'Da du deinen Adblocker an hast, bekommst du nicht die ganze Chat Verg&uuml;tung.<br> $error = 0; $meldung = 'Da du deinen Adblocker an hast, bekommst du nicht die ganze Chat Verg&uuml;tung.<br>
Du bekommst nur '. number_format($verguetung/2,2,',','.').' '.$waehrung.' anstatt die vollen '. number_format($verguetung,2,',','.').' '.$waehrung.'.'; Du bekommst nur '. number_format($verguetung/2,2,',','.').' '.$pageconfig['waehrung'].' anstatt die vollen '. number_format($verguetung,2,',','.').' '.$pageconfig['waehrung'].'.';
}else{ }else{
kontobuchung ('+', $daten['sb_verguetung'], create_code(14), $_SESSION['uid'],'Chatverg&uuml;tung'); kontobuchung ('+', $daten['sb_verguetung'], create_code(14), $_SESSION['uid'],'Chatverg&uuml;tung');
$error = 0; $meldung = 'Chat Verg&uuml;tung erhalten.'; $error = 0; $meldung = 'Chat Verg&uuml;tung erhalten.';
} }
db_query("UPDATE ".$db_prefix."_kontodaten SET sb_verdienst = sb_verdienst + '".$daten['sb_verguetung']."' WHERE uid = '".$_SESSION['uid']."' "); db_query("UPDATE ".$db_prefix."_kontodaten SET sb_verdienst = sb_verdienst + '".$daten['sb_verguetung']."' WHERE uid = '".$_SESSION['uid']."' ");
$sperre = time() + $daten['sb_reload']; $sperre = $_zeit + $daten['sb_reload'];
db_query("INSERT INTO ".$db_prefix."_reloads (uid,bis,tan) VALUES ('".$_SESSION['uid']."','".$sperre."','sb_reload') "); $ptc->addContentToReload( 2, $_SESSION['uid'], $ip, $sperre );
} }
} }
......
lib/funktionen/konto/anmelden.php
View file @ ea519a27
...@@ -87,10 +87,10 @@ if (!isset($ak)) $ak = ""; ...@@ -87,10 +87,10 @@ if (!isset($ak)) $ak = "";
)"); )");
$email_message = 'Hallo ' . $_POST['nickname'] . ', $email_message = 'Hallo ' . $_POST['nickname'] . ',
Du hast Dich soeben erfolgreich bei ' . $seitenname . ' angemeldet. Du hast Dich soeben erfolgreich bei ' . $pageconfig['seitenname'] . ' angemeldet.
Bitte aktiviere jetzt Deinen Account, klicke dazu bitte auf den Bitte aktiviere jetzt Deinen Account, klicke dazu bitte auf den
Aktivierungslink: ' . $domain . '/?content=/intern/aktivieren&ak=' . $ak . ' Aktivierungslink: ' . $pageconfig['domain'] . '/?content=/intern/aktivieren&ak=' . $ak . '
---------------------------------------------------------- ----------------------------------------------------------
Kontonummer: ' . $uid . ' Kontonummer: ' . $uid . '
...@@ -101,11 +101,11 @@ if (!isset($ak)) $ak = ""; ...@@ -101,11 +101,11 @@ if (!isset($ak)) $ak = "";
uns teilnehmen. uns teilnehmen.
Mit freundlichen Gren Mit freundlichen Gren
Das ' . $seitenname . ' Team Das ' . $pageconfig['seitenname'] . ' Team
'; ';
usermail($_POST['emailadresse'], "$seitenname Accountaktivierung", $email_message, '"' . $seitenname . '" <' . $betreibermail . '>'); usermail($_POST['emailadresse'], $pageconfig['seitenname']." Accountaktivierung", $email_message, '"' . $pageconfig['seitenname'] . '" <' . $betreibermail . '>');
$anmeldeok = "true"; $anmeldeok = "true";
} }
$meldung = meldung($error,$meldung); $meldung = meldung($error,$meldung);
?> ?>
\ No newline at end of file
lib/session.lib.php
View file @ ea519a27
...@@ -4,6 +4,7 @@ Datei : session.lib.php ...@@ -4,6 +4,7 @@ Datei : session.lib.php
Änderungen in dieser Datei nur dann vornehmen wenn Sie wissen was Sie tun! Änderungen in dieser Datei nur dann vornehmen wenn Sie wissen was Sie tun!
*/ */
@session_start(); @session_start();
$ip = (isset($_SERVER['REMOTE_ADDR'])) ? $_SERVER['REMOTE_ADDR'] : '127.0.0.1';
// Variabeln definieren // Variabeln definieren
if(isset($_POST['checkid'])){ if(isset($_POST['checkid'])){
if (!isset($_SESSION['login'])) $_SESSION['login'] = ""; if (!isset($_SESSION['login'])) $_SESSION['login'] = "";
...@@ -16,8 +17,8 @@ if(isset($_POST['checkid'])){ ...@@ -16,8 +17,8 @@ if(isset($_POST['checkid'])){
if (!isset($_GET['logout'])) $_GET['logout'] = ""; if (!isset($_GET['logout'])) $_GET['logout'] = "";
if (!isset($_GET['ref'])) $_GET['ref'] = "0"; if (!isset($_GET['ref'])) $_GET['ref'] = "0";
} }
if( ( !isset($_SESSION['werber']) || ("0" == $_SESSION['werber']) ) && isset($_GET['ref']) )
if ($_SESSION['werber'] == "0") $_SESSION['werber'] = (int)$_GET['ref']; $_SESSION['werber'] = (int)$_GET['ref'];
// Seiteneinstellungen laden... // Seiteneinstellungen laden...
$pageconfig = mysqli_fetch_array(db_query("SELECT * FROM " . $db_prefix . "_seitenkonfig LIMIT 1")); $pageconfig = mysqli_fetch_array(db_query("SELECT * FROM " . $db_prefix . "_seitenkonfig LIMIT 1"));
...@@ -28,11 +29,11 @@ if ($pageconfig['wartung'] == 1 && $_SESSION['uid'] != $admin_id) { ...@@ -28,11 +29,11 @@ if ($pageconfig['wartung'] == 1 && $_SESSION['uid'] != $admin_id) {
$_SESSION['uid'] = ""; $_SESSION['uid'] = "";
$_SESSION['passwort'] = ""; $_SESSION['passwort'] = "";
$_SESSION['login'] = ""; $_SESSION['login'] = "";
header ("location: " . $domain . "/wartung.php"); header ("location: " . $pageconfig['domain'] . "/wartung.php");
die(); die();
} }
// Login // Login
if ($_POST['checkid'] == 'Login' && $_POST['nickname'] && $_POST['passwort']) { if (isset($_POST['checkid']) && $_POST['checkid'] == 'Login' && $_POST['nickname'] && $_POST['passwort']) {
$_POST['nickname'] = addslashes($_POST['nickname']); $_POST['nickname'] = addslashes($_POST['nickname']);
$pw = pw_erstellen($_POST['passwort']); $pw = pw_erstellen($_POST['passwort']);
...@@ -61,7 +62,7 @@ WHERE u.nickname='" . $_POST['nickname'] . "' OR u.uid = '". $_POST['nickname'] ...@@ -61,7 +62,7 @@ WHERE u.nickname='" . $_POST['nickname'] . "' OR u.uid = '". $_POST['nickname']
$_SESSION['uid'] = $login_check['uid']; $_SESSION['uid'] = $login_check['uid'];
$_SESSION['passwort'] = $login_check['passwort']; $_SESSION['passwort'] = $login_check['passwort'];
$_SESSION['login'] = "true"; $_SESSION['login'] = "true";
header ("location: " . $domain); header ("location: " . $pageconfig['domain']);
die(); die();
} }
// Wenn User gesperrt wurde! // Wenn User gesperrt wurde!
...@@ -76,10 +77,10 @@ WHERE u.nickname='" . $_POST['nickname'] . "' OR u.uid = '". $_POST['nickname'] ...@@ -76,10 +77,10 @@ WHERE u.nickname='" . $_POST['nickname'] . "' OR u.uid = '". $_POST['nickname']
$_GET['content'] = '/error/kein_zutritt'; $_GET['content'] = '/error/kein_zutritt';
} }
} else { } else {
if ($_POST['checkid'] == 'Login') $_GET['content'] = '/error/kein_zutritt'; if (isset($_POST['checkid']) && $_POST['checkid'] == 'Login') $_GET['content'] = '/error/kein_zutritt';
} }
// Autologin // Autologin
if ($_SESSION['login'] != 'true' && isset($_COOKIE['autologin']) && isset($_COOKIE['uid']) && isset($_COOKIE['passwort'])) { if ( (isset($_SESSION['login']) && $_SESSION['login'] != 'true') || ( isset($_COOKIE['autologin']) && isset($_COOKIE['uid']) && isset($_COOKIE['passwort'])) ) {
$_COOKIE['uid'] = (int)$_COOKIE['uid']; $_COOKIE['uid'] = (int)$_COOKIE['uid'];
$_COOKIE['passwort'] = addslashes ($_COOKIE['passwort']); $_COOKIE['passwort'] = addslashes ($_COOKIE['passwort']);
...@@ -95,18 +96,18 @@ if ($_SESSION['login'] != 'true' && isset($_COOKIE['autologin']) && isset($_COOK ...@@ -95,18 +96,18 @@ if ($_SESSION['login'] != 'true' && isset($_COOKIE['autologin']) && isset($_COOK
} }
} }
// Logout // Logout
if ($_GET['logout'] == 'true') { if (isset($_GET['logout']) && $_GET['logout'] == 'true') {
setCookie('uid', '', time() - 86400 * 30); setCookie('uid', '', time() - 86400 * 30);
setCookie('passwort', '', time() - 86400 * 30); setCookie('passwort', '', time() - 86400 * 30);
setCookie('autologin', '', time() - 86400 * 30); setCookie('autologin', '', time() - 86400 * 30);
$_SESSION['uid'] = ""; $_SESSION['uid'] = "";
$_SESSION['passwort'] = ""; $_SESSION['passwort'] = "";
$_SESSION['login'] = ""; $_SESSION['login'] = "";
header ("location: " . $domain); header ("location: " . $pageconfig['domain']);
die(); die();
} }
if (isset ($_SESSION['uid']) && isset ($_SESSION['passwort']) && !empty ($_SESSION['uid']) && !empty ($_SESSION['passwort'])) { if (isset ($_SESSION['uid']) && isset ($_SESSION['passwort']) && !empty ($_SESSION['uid']) && !empty ($_SESSION['passwort'])) {
db_query ("UPDATE " . $db_prefix . "_kontodaten SET last_active = " . time() . " WHERE uid = " . $_SESSION['uid'] . " AND passwort = '" . $_SESSION['passwort'] . "' LIMIT 1"); db_query ("UPDATE " . $db_prefix . "_kontodaten SET last_active = " . time() . " WHERE uid = " . $_SESSION['uid'] . " AND passwort = '" . $_SESSION['passwort'] . "' LIMIT 1");
} }
?> ?>
\ No newline at end of file
lib/weristonline.php
View file @ ea519a27
<?php <?php
$zeit = (5 * 60); // Sekunden seit der letzten Aktivität $zeit = (5 * 60); // Sekunden seit der letzten Aktivität
$np = $domain . '/?content=/nickpage&amp;id='; // Nickpagelink $np = $pageconfig['domain'] . '/?content=/nickpage&amp;id='; // Nickpagelink
// verhindern, dass die Datei direkt aufgerufen wird // verhindern, dass die Datei direkt aufgerufen wird
if (!function_exists ("db_query")) die ("Kein Direktaufruf"); if (!function_exists ("db_query")) die ("Kein Direktaufruf");
...@@ -26,4 +26,4 @@ else { ...@@ -26,4 +26,4 @@ else {
} }
?> ?>
\ No newline at end of file
pcheck.php
View file @ ea519a27
<?php <?php
require ( 'lib/datenbank.inc.php' );
require_once ('lib/functions.lib.php'); require_once ('lib/functions.lib.php');
//Variablen vordefinieren //Variablen vordefinieren
...@@ -10,9 +11,6 @@ if (!isset($_GET['auszahlen'])) $_GET['auszahlen'] = "false"; ...@@ -10,9 +11,6 @@ if (!isset($_GET['auszahlen'])) $_GET['auszahlen'] = "false";
$_GET['uid'] = (int)$_GET['uid']; $_GET['uid'] = (int)$_GET['uid'];
$_GET['tan'] = addslashes ($_GET['tan']); $_GET['tan'] = addslashes ($_GET['tan']);
//DB Verbindung herstellen
db_connect();
$mail = mysqli_fetch_assoc(db_query("SELECT e.start,e.aufendhalt,e.status,e.uid,v.verdienst FROM ".$db_prefix."_paidmails_empfaenger e $mail = mysqli_fetch_assoc(db_query("SELECT e.start,e.aufendhalt,e.status,e.uid,v.verdienst FROM ".$db_prefix."_paidmails_empfaenger e
LEFT JOIN ".$db_prefix."_paidmails_versendet v ON v.tan = e.tan LEFT JOIN ".$db_prefix."_paidmails_versendet v ON v.tan = e.tan
WHERE e.tan='".$_GET['tan']."' AND e.uid=".$_GET['uid']." AND e.gueltig > ".time()." LIMIT 1")); WHERE e.tan='".$_GET['tan']."' AND e.uid=".$_GET['uid']." AND e.gueltig > ".time()." LIMIT 1"));
...@@ -38,7 +36,7 @@ if ($_GET['auszahlen']!='true') { ...@@ -38,7 +36,7 @@ if ($_GET['auszahlen']!='true') {
bilanz(0,$mail['verdienst']); bilanz(0,$mail['verdienst']);
db_query("UPDATE ".$db_prefix."_paidmails_empfaenger SET status=1 WHERE tan='".$_GET['tan']."' and uid=".$_GET['uid']." LIMIT 1"); db_query("UPDATE ".$db_prefix."_paidmails_empfaenger SET status=1 WHERE tan='".$_GET['tan']."' and uid=".$_GET['uid']." LIMIT 1");
db_query("UPDATE ".$db_prefix."_paidmails_versendet SET bestaedigt=bestaedigt+1 WHERE tan='".$_GET['tan']."' LIMIT 1"); db_query("UPDATE ".$db_prefix."_paidmails_versendet SET bestaedigt=bestaedigt+1 WHERE tan='".$_GET['tan']."' LIMIT 1");
$headmsg = $mail['verdienst'].' '.$waehrung.' gutgeschrieben!'; $headmsg = $mail['verdienst'].' '.$pageconfig['waehrung'].' gutgeschrieben!';
} else { } else {
$headmsg = 'Wartezeit umgangen! Paidmail ungültig!'; $headmsg = 'Wartezeit umgangen! Paidmail ungültig!';
db_query("UPDATE ".$db_prefix."_paidmails_empfaenger SET status=2 WHERE tan='".$_GET['tan']."' and uid=".$_GET['uid']." LIMIT 1"); db_query("UPDATE ".$db_prefix."_paidmails_empfaenger SET status=2 WHERE tan='".$_GET['tan']."' and uid=".$_GET['uid']." LIMIT 1");
...@@ -61,4 +59,3 @@ echo ' ...@@ -61,4 +59,3 @@ echo '
</table> </table>
</body> </body>
</html>'; </html>';
db_close();
\ No newline at end of file
pclick.php
View file @ ea519a27
<?php <?php
require ( 'lib/datenbank.inc.php' );
require_once ('lib/functions.lib.php'); require_once ('lib/functions.lib.php');
db_connect();
$_GET['uid'] = (int)$_GET['uid']; $_GET['uid'] = (int)$_GET['uid'];
$_GET['tan'] = addslashes ($_GET['tan']); $_GET['tan'] = addslashes ($_GET['tan']);
...@@ -18,5 +18,3 @@ echo ' ...@@ -18,5 +18,3 @@ echo '
<frame name="werbung" src="'.$mail['ziel'].'" scrolling="auto" frameborder="0"> <frame name="werbung" src="'.$mail['ziel'].'" scrolling="auto" frameborder="0">
</frameset> </frameset>
</html>'; </html>';
db_close();
pl.php
View file @ ea519a27
<? <?php
@require_once ('lib/functions.lib.php'); require_once ( __DIR__ . '/lib/datenbank.inc.php' );
@db_connect(); require_once ( __DIR__ . '/lib/functions.lib.php' );
@require_once ('lib/session.lib.php'); require_once ( __DIR__ . '/lib/session.lib.php' );
if (!isset($_GET['art'])) $_GET['art'] = "";
if (!isset($text['tan'])) $text['tan'] = "";
if (!isset($text['ziel'])) $text['ziel'] = "";
$text = mysqli_fetch_array(db_query("SELECT * FROM ".$db_prefix."_gebuchte_werbung WHERE tan='".$_GET['tan']."'"));
?>
$kampdaten = $campaigns->getByTanAndType( $_GET['tan'], 'paidlink' );
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> ?><!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html> <html>
<head> <head>
<title>Paidlink by <?=$seitenname;?></title> <title>Paidlink by <?php echo $pageconfig['seitenname']; ?></title>
</head> </head>
<frameset rows="25,*" border="0"> <frameset rows="25,*" border="0">
<frame name="abuse" src="topframe_text.php?tan=<?=$text['tan'];?>" scrolling="no" frameborder="0"> <frame name="abuse" src="topframe_text.php?tan=<?php echo $kampdaten->tan; ?>" scrolling="no" frameborder="0">
<frame name="werbung" src="<?=$text['ziel'];?>" scrolling="auto" frameborder="0"> <frame name="werbung" src="<?php echo $kampdaten->ziel;?>" scrolling="auto" frameborder="0">
</frameset> </frameset>
</body> </body>
</html> </html>
<?db_close();?>