Skip to content
Snippets Groups Projects

Compare revisions

Changes are shown as if the source revision was being merged into the target revision. Learn more about comparing revisions.

Source

Select target project
No results found

Target

Select target project
  • isaack/VMS-SUEE_2.0
  • ztk.me/VMS-z
2 results
Show changes
Expand all Hide whitespace changes
Inline Side-by-side
Showing
with 951 additions and 233 deletions
cron.php
View file @ ebb3bb47
......@@ -4,7 +4,7 @@
require ( 'lib/datenbank.inc.php' );
require ( 'lib/functions.lib.php' );
db_connect();
if ($_GET['pw'] != $cron_pw) die('Zugriff verweigert!');
$cron = (int)$_GET['id'];
......@@ -20,7 +20,8 @@ if($setting['buchungen_loeschen'] == 1){
}
## Alte Reloads löschen
db_query('DELETE FROM '.$db_prefix.'_reloads WHERE bis <= '.time().'');
db_query('DELETE FROM '.$db_prefix.'_content_reloads WHERE `until` <= '.time().'');
db_query('DELETE FROM '.$db_prefix.'_campaign_reloads WHERE `until` <= '.time().'');
## Abgelaufene Paidmails löschen
db_query('DELETE FROM '.$db_prefix.'_paidmails_empfaenger WHERE
status = 1 || status = 2 || gueltig < '.time().'');
......@@ -34,4 +35,3 @@ if ( include ($result['datei']) ){
echo 'Cron gelaufen';
} else echo 'Cron nicht gelaufen';
db_close();
\ No newline at end of file
crons/db_backup.php
View file @ ebb3bb47
......@@ -2,7 +2,7 @@
require('../lib/datenbank.inc.php');
require('../lib/functions.lib.php');
db_connect();
if($_GET['cron_pw'] == $cron_pw){
set_time_limit(0);
......@@ -27,5 +27,4 @@ if($_GET['cron_pw'] == $cron_pw){
mysqli_close($sql_open);
die();
}
db_close();
?>
\ No newline at end of file
?>
ext/ap/ads.php 0 → 100644
View file @ ebb3bb47
<?php
ini_set('display_errors', '1');
require ('../../lib/datenbank.inc.php');
require ('../../lib/functions.lib.php');
require ('../../lib/session.lib.php');
userstatus();
$sperre_sql = "SELECT `forced_sperre` FROM `".$db_prefix."_kontodaten` WHERE `uid` = ".$_SESSION['uid'];
$sperre_res = db_query($sperre_sql);
$sperre = mysqli_fetch_assoc( $sperre_res );
if( 0 == $sperre['forced_sperre'] )
{
$result = array( 'count' => 0, 'data' => array() );
if( isset($_POST['action']) )
{
switch( $_POST['action'] )
{
case 'getNewAdData':
$ptc->invalidateAlreadyRunningAd( $_SESSION['uid'], $ip );
if( isset($_POST['adArt']) )
{
$result = $campaigns->getNewAdData( $_POST['adArt'], $_SESSION['uid'], $ip );
}
break;
case 'checkAdOk':
if( isset( $_SESSION['current_ad']['id'] ) )
$result = $ptc->checkAdOkAndPay( $_SESSION['current_ad']['id'], $_SESSION['uid'], $ip );
break;
case 'invalidateAd':
$result = invalidateAlreadyRunningAd( $_SESSION['uid'], $ip );
break;
}
}
echo json_encode($result);
}
ext/js/basics.js 0 → 100644
View file @ ebb3bb47
function sleep(ms)
{
return new Promise(resolve => setTimeout(resolve, ms));
}
ext/js/forcedbanner_nf.js 0 → 100644
View file @ ebb3bb47
$( document ).ready( function()
{
var adFenster = new Array();
window.addEventListener("message", function(event)
{
if ( pageconfig['domain'] != event.origin )
{
return;
}
console.log(event.data);
var art = event.data['art'],
tan = event.data['tan'],
action = event.data['action'];
if( 'adcheck' == action )
{
console.log('okokok');
adFenster[art][tan]['opened'] = true;
}
}
);
function checkAdOk( art, tan )
{
console.log('checkadok');
if( false == adFenster[art][tan]['checked'] && false == adFenster[art][tan]['window'].closed )
{
var pdata = window.btoa(art) + '-' + window.btoa(tan)
adFenster[art][tan]['checked'] = true;
$.post( "ext/ap/ads.php",
{
'action': "checkAdOk",
'art': art,
'tan': tan
},
function(data, status)
{
window.open(pageconfig['domain']+'/adcheck.php?data='+pdata, art+'-'+tan, "height=120,width=200");
}
);
}
}
/*
* if u do something wrong, sorry no matter which ad was active, invalidate
*/
function invalidateAd( art, tan )
{
console.log('invalidatead');
adFenster[art][tan]['checked'] = true;
var pdata = window.btoa(art) + '-' + window.btoa(tan)
$.post( "ext/ap/ads.php",
{
'action': "invalidateAd"
},
function(data, status)
{
window.open(pageconfig['domain']+'/adcheck.php?data='+pdata, art+'-'+tan, "height=120,width=200");
}
);
}
async function startAdCountdown( art, tan, sec )
{
console.log('startadcountdown');
let timer = setInterval( () =>
{
console.log('checktimer');
if( true == adFenster[art][tan]['checked'] )
{
clearInterval(timer);
} else {
if( document.hasFocus() )
{
invalidateAd( art, tan );
clearInterval(timer);
}
if ( 'undefined' == adFenster[art][tan]['window'].closed || adFenster[art][tan]['window'].closed )
{
invalidateAd( art, tan );
clearInterval(timer);
}
}
},
100
);
await sleep(sec * 1000);
checkAdOk( art, tan );
}
/*
* communicates with ad window, placing detection of actual click
*/
function openAdWindow( art, tan, sec )
{
if ( 'undefined' == typeof adFenster[art] || (! adFenster[art] instanceof Array ) )
{
adFenster[art] = new Array();
}
if ( 'undefined' == typeof adFenster[art][tan] || (! adFenster[art][tan] instanceof Array ) )
{
adFenster[art][tan] = new Array();
}
if( ( 'undefined' == adFenster[art][tan]['window'] || null == adFenster[art][tan]['window'] ) || adFenster[art][tan]['window'].closed )
{
var data = window.btoa(art) + '-' + window.btoa(tan);
adFenster[art][tan]['window'] = window.open( pageconfig['domain'] + '/adclick.php?data='+data, "_blank" );
adFenster[art][tan]['window'].focus();
adFenster[art][tan]['opened'] = false;
adFenster[art][tan]['checked']= false;
console.log('meh');
adFenster[art][tan]['window'].onbeforeunload = function()
{ console.log('startadcountdowncall');
startAdCountdown( art, tan, sec );
}
}
}
/*
* gets executed on click on ad
*/
$( "#forcedbanner_display" ).on('click', function(e)
{
var elem = $( e.target ).closest( "li" );
var sec = elem.data('sec');
var tan = elem.data('tan');
var art = elem.data('art');
if (typeof tan !== typeof undefined && tan !== false)
{
if (typeof art !== typeof undefined && art !== false)
{
if (typeof sec !== typeof undefined && sec !== false)
{
$(elem).remove();
openAdWindow( art, tan, sec );
}
}
}
}
);
/*
* gets executed first, loads available ads and prepares the bootstrap <ul>-list for display
*/
function loadAds( art )
{
$.post( "ext/ap/ads.php",
{
'action': "getNewAdData",
'adArt' : art
},
function(data, status)
{
var useData = jQuery.parseJSON( data );
if( 0 < useData.count )
{
$( "#forcedbanner_display" ).html('<ul class="list-group" id="forcedbanner_display_grp"></ul>');
$( "#forcedBannerTmpl_list" ).tmpl( useData.data ).appendTo( $( "#forcedbanner_display ul" ) );
}
}
);
}
$( "#loadAds_btn").on('click', function(e) { loadAds( 'forcedbanner' ) } );
loadAds( 'forcedbanner' );
}
);
ext/js/jquery-3.3.1.min.js 0 → 100644
View file @ ebb3bb47
This diff is collapsed.
ext/js/jquery.tmpl.js 0 → 100644
View file @ ebb3bb47
This diff is collapsed.
index.php
View file @ ebb3bb47
......@@ -14,7 +14,6 @@ if (!ini_get('display_errors')) {
}
require ('lib/datenbank.inc.php');
db_connect();
require ('lib/functions.lib.php');
require ('lib/session.lib.php');
require ('lib/run.inc.php');
......@@ -28,21 +27,18 @@ if (!file_exists('content' . $_GET['content'] . '.php')) $_GET['content'] = '/er
if ($_GET['content'] == '/intern/startseite') @require_once ('lib/texte/alt_startseitenpopup.txt');
if ($_GET['content'] == '/betteln') @require_once ('lib/texte/alt_bettelseitenpopup.txt');
$grundconfig = mysqli_fetch_array(db_query("SELECT seitenname,domain FROM ".$db_prefix."_seitenkonfig "));
$start_reload = db_query("SELECT * FROM ".$db_prefix."_reloads WHERE uid = '".$_SESSION['uid']."' and tan = 'startseitenaufruf' and bis >= '".time()."'");
if (mysqli_num_rows($start_reload) != 0) {
$start = mysqli_fetch_array($start_reload);
$datetime = date("Y-m-d H:i:s", $start['bis']);
$start_reload = $ptc->isContentInReload( 1, $_SESSION['uid'], $ip, time());
if (true == $start_reload['in_reload'])
{
$datetime = date("Y-m-d H:i:s", $start_reload['until']);
}else{
$datetime = "2014-09-21 20:33:28";
$datetime = "2014-09-21 20:33:28";
}
$ts = strtotime($datetime);
?>
<!DOCTYPE html>
?><!DOCTYPE html>
<html lang='de'>
<head>
<title><?php echo $seitenname;?></title>
<title><?php echo $pageconfig['seitenname'];?></title>
<meta charset="UTF-8">
<meta name="generator" content="vms-script">
<meta name="Author" content="Designerscripte.net">
......@@ -52,15 +48,19 @@ $ts = strtotime($datetime);
<meta name="Robots" content="INDEX,FOLLOW">
<link rel="stylesheet" type="text/css" href="js/tcal.css" />
<link href="css/bootstrap.min.css" rel="stylesheet">
<script src="http://code.jquery.com/jquery-latest.js"></script>
<script src="ext/js/jquery-3.3.1.min.js"></script>
<script src="ext/js/jquery.tmpl.js"></script>
<script type="text/javascript" src="js/tcal.js"></script>
<script language="JavaScript" src="js/slider.js"></script>
<script src="https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js"></script>
<script src="js/bootstrap.min.js"></script>
<script type="text/javascript" src="js/slider.js"></script>
<script type="text/javascript" src="js/bootstrap.min.js"></script>
<script type="text/javascript" src="ext/js/basics.js"></script>
<script type="text/javascript" src="js/start_countdown.js"></script>
</head>
<body>
<script>
var pageconfig = new Array();
pageconfig['domain'] = '<?php echo $pageconfig['domain']; ?>';
</script>
<?php
if(!empty($meldung['meldung'])){
?>
......@@ -107,11 +107,11 @@ $ts = strtotime($datetime);
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
<a class="navbar-brand" href="<?php echo $grundconfig['domain'];?>"><?php echo $grundconfig['seitenname'];?></a>
<a class="navbar-brand" href="<?php echo $pageconfig['domain'];?>"><?php echo $pageconfig['seitenname'];?></a>
</div>
<div id="navbar" class="navbar-collapse collapse">
<ul class="nav navbar-nav">
<li class="active"><a href="<?php echo $grundconfig['domain'];?>">Start</a></li>
<li class="active"><a href="<?php echo $pageconfig['domain'];?>">Start</a></li>
<?php if ($_SESSION['login'] != true) { ?>
<li><a href="?content=/intern/anmelden">Registrieren</a></li>
<li><a href="?content=/intern/daten">Passwort anfordern!</a></li>
......@@ -126,7 +126,7 @@ $ts = strtotime($datetime);
<li class="dropdown">
<a href="#" class="dropdown-toggle" data-toggle="dropdown" role="button" aria-haspopup="true" aria-expanded="false">Start <span class="caret"></span></a>
<ul class="dropdown-menu">
<li><a href="<?php echo $domain;?>">Startseite</a></li>
<li><a href="<?php echo $pageconfig['domain'];?>">Startseite</a></li>
<li><a href="?content=/news">News</a></li>
<li><a href="?content=/intern/mediadaten">Mediadaten</a></li>
<li><a href="?content=/intern/agbs">AGB</a></li>
......@@ -152,7 +152,7 @@ $ts = strtotime($datetime);
<?php
if(isset($_SESSION['admin'])){
if($_SESSION['admin'] == 1){
echo '<li><a href="'.$domain.'/adminforce/index.php\">Adminforce</a></li>';
echo '<li><a href="'.$pageconfig['domain'].'/adminforce/index.php\">Adminforce</a></li>';
}
}
?>
......@@ -201,7 +201,3 @@ $ts = strtotime($datetime);
?>
</body>
</html>
<?php
db_close();
if ($gzip_rate > 0) ob_end_flush();
?>
install/index.php
View file @ ebb3bb47
......@@ -6,22 +6,21 @@ if(!isset($_GET['step'])){ $_GET['step'] = 0;}
require('../lib/functions.lib.php');
if(isset($_POST['datenbank_anlegen'])){
$inhalt = '
<?php
$inhalt = '<?php
define("DB_HOST","'.$_POST['host'].'");
define("DB_USER","'.$_POST['nutzername'].'");
define("DB_PASS","'.$_POST['passwort'].'");
define("DB_BASS","'.$_POST['db'].'");
define("DB_BASE","'.$_POST['db'].'");
define("PREFIX","'.$_POST['prefix'].'");
$db_prefix = "'.$_POST['prefix'].'";
//Passwort zusatz
define("PW_ZUSATZ","'. create_code(5) .'");
// Verschlsselungspasswort
define("VER_SCHLUESSEL","'. create_code(16) .'");
?>
';
?>';
$datei = fopen("../lib/db_config.php","w");
fwrite($datei, $inhalt,100000);
......@@ -373,105 +372,6 @@ if(!isset($_GET['step'])){ $_GET['step'] = 0;}
require('../lib/functions.lib.php');
if(isset($_POST['datenbank_anlegen'])){
$inhalt = '
<?php
$db_host = "'.$_POST['host'].'";
// Mysql User
$db_user = "'.$_POST['nutzername'].'";
// Mysql PW
$db_pass = "'.$_POST['passwort'].'";
// Datenbank
$db_base = "'.$_POST['db'].'";
//Datenbank Prefix
$db_prefix = "'.$_POST['prefix'].'";
//Passwort zusatz
$pw_zusatz = '. create_code(5) .';
// Verschlüsselungspasswort
$ver_schluessel = '. create_code(16) .';
//Datenbankverbindung herstellen
$sql_open = @mysqli_connect($db_host, $db_user, $db_pass, $db_base) or die(\'Verbindung zum Mysql Server fehlgeschlagen! <br>Tipp: <a href="http://www.vms-tutorial.de/wiki//Lib/Functions">http://www.vms-tutorial.de/wiki//Lib/Functions</a>\');
$sql_base = @mysqli_select_db($sql_open,$db_base) or die("Keine oder falsche Datenbank gewählt! Tipp: <br><a href=\'http://www.vms-tutorial.de/wiki//Lib/Functions\'>http://www.vms-tutorial.de/wiki//Lib/Functions</a>");
/**
* db_connect()
*
* @author designerscripte.net
* @category system Database
* @version 2.5.0
* @example db_query("SELECT `field` FROM `table` WHERE `field` = `value` ");
* @param mixed $sql_tag
* @return 0 bei Fehler Mysql_resource.
*
*/
function db_query($sql_tag) {
global $count_query,$sql_open;
$count_query++;
$fargs = func_get_args();
if (!empty($fargs)) {
$vargs = array();
foreach($fargs as $key => $arg) {
$vargs[$key] = mysqli_real_escape_string($sql_open,$arg);
}
array_shift($vargs);
if (!empty($vargs))$sql_tag = vsprintf($sql_tag, $vargs);
}
if ($ret = mysqli_query($sql_open,$sql_tag)) {
return $ret;
}else {
return 0;
}
}
function pw_erstellen($pw){
global $pw_zusatz;
$pw_er = hash("sha256",$pw.$pw_zusatz);
return $pw_er;
}
/**
* db_close()
*
* @author designerscripte.net
* @category system Database
* @version 2.5.0
* @example db_close();
* @return die(\'\'); bei fehler nichts bei erfolg
*/
function db_close() {
global $sql_open;
@mysqli_close($sql_open) or die(\'Konnte die Verbindung mit Datenbank nicht schliessen!\');
}
$daten = mysqli_fetch_array(db_query("SELECT domain,seitenname,waehrung,betreibermail,cron_pw FROM ".$db_prefix."_seitenkonfig "));
// Domain (ohne Slash am Ende)
$domain = $daten[\'domain\'];
// Seitenname
$seitenname = $daten[\'seitenname\'];
// Seitenwährung
$waehrung = $daten[\'waehrung\'];
// ID vom Admin
$admin_id = 1;
// Adminmail
$betreibermail = $daten[\'betreibermail\'];
// Passwort für Crons
$cron_pw = $daten[\'cron_pw\'];
// beliebiger Alphanumerischer String hilft beim Schutz vor Autoklickern
$percode = \'551c3d4318d668cc2b00d02b40d1e6cd282817c2be65d401ed0cff2e6b\';
/* Globale Variablen nichts ändern */
$ip = $_SERVER[\'REMOTE_ADDR\'];
?>
';
$datei = fopen("../lib/datenbank.inc.php","w");
fwrite($datei, $inhalt,100000);
fclose($datei);
}
if($_GET['step'] == 4 && $_GET['db'] == true){
require_once('../lib/datenbank.inc.php');
......
install/mysql.txt
View file @ ebb3bb47
......@@ -136,21 +136,26 @@ CREATE TABLE IF NOT EXISTS `vms_fb_blacklist` (
`werbeart` varchar(255) NOT NULL
) ENGINE=MyISAM DEFAULT CHARSET=latin1;
CREATE TABLE IF NOT EXISTS `vms_gebuchte_werbung` (
`uid` int(7) NOT NULL DEFAULT '0',
`tan` varchar(32) NOT NULL DEFAULT '',
`kid` int(11) NOT NULL DEFAULT '0',
`ziel` varchar(250) NOT NULL DEFAULT '',
`banner` varchar(250) NOT NULL DEFAULT '',
CREATE TABLE `vms_gebuchte_werbung` (
`id` bigint(1) UNSIGNED NOT NULL,
`uid` int(1) UNSIGNED NOT NULL DEFAULT '0',
`tan` varchar(32) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NOT NULL DEFAULT '',
`kid` int(1) UNSIGNED NOT NULL DEFAULT '0',
`ziel` varchar(250) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NOT NULL DEFAULT '',
`banner` varchar(250) CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NOT NULL DEFAULT '',
`verdienst` double(10,2) NOT NULL DEFAULT '0.00',
`preis` double(10,2) NOT NULL DEFAULT '0.00',
`aufendhalt` int(11) NOT NULL DEFAULT '0',
`menge` int(11) NOT NULL DEFAULT '0',
`reload` int(11) NOT NULL DEFAULT '0',
`aufendhalt` int(1) UNSIGNED NOT NULL DEFAULT '0',
`menge` int(1) UNSIGNED NOT NULL DEFAULT '0',
`reload` int(1) UNSIGNED NOT NULL DEFAULT '0',
`sponsor` varchar(25) NOT NULL DEFAULT '',
`werbeart` varchar(50) NOT NULL DEFAULT '',
`status` tinyint(1) NOT NULL DEFAULT '1'
) ENGINE=MyISAM DEFAULT CHARSET=latin1;
`addata` text CHARACTER SET utf8mb4 COLLATE utf8mb4_unicode_ci NOT NULL,
`status` tinyint(1) NOT NULL DEFAULT '1',
`created` timestamp NOT NULL DEFAULT CURRENT_TIMESTAMP,
`modified` timestamp NOT NULL DEFAULT '0000-00-00 00:00:00',
`expires` timestamp NOT NULL DEFAULT '0000-00-00 00:00:00'
) ENGINE=MyISAM DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;
CREATE TABLE IF NOT EXISTS `vms_geburtstag` (
`geb_mail` int(11) NOT NULL,
......@@ -597,7 +602,10 @@ ALTER TABLE `vms_fb_blacklist`
ADD UNIQUE KEY `sponsor` (`sponsor`,`kid`,`werbeart`);
ALTER TABLE `vms_gebuchte_werbung`
ADD KEY `klick4` (`werbeart`,`menge`,`status`,`verdienst`,`sponsor`), ADD KEY `crons` (`sponsor`,`werbeart`,`status`);
ADD PRIMARY KEY (`id`),
ADD UNIQUE KEY `tan` (`tan`),
ADD KEY `klick4` (`werbeart`,`menge`,`status`,`verdienst`,`sponsor`),
ADD KEY `crons` (`sponsor`,`werbeart`,`status`);
ALTER TABLE `vms_interface`
ADD KEY `interface` (`interface`);
......@@ -694,3 +702,11 @@ MODIFY `id` tinyint(1) NOT NULL AUTO_INCREMENT,AUTO_INCREMENT=30;
ALTER TABLE `vms_rallyorte`
MODIFY `id` int(11) NOT NULL AUTO_INCREMENT,AUTO_INCREMENT=8;
ALTER TABLE `vms_gebuchte_werbung`
MODIFY `id` bigint(1) UNSIGNED NOT NULL AUTO_INCREMENT;
DELIMITER $$
CREATE TRIGGER `campaign_update` BEFORE UPDATE ON `vms_gebuchte_werbung` FOR EACH ROW SET NEW.`modified` = CURRENT_TIMESTAMP
$$
DELIMITER ;
lib/class/chat.class.php
View file @ ebb3bb47
......@@ -2,10 +2,9 @@
class chatClass{
public static function getRestChatLines($id){
global $db_host,$db_user,$db_pass,$db_base;
$arr = array();
$jsonData = '{"results":[';
$db_connection = new mysqli( $db_host, $db_user, $db_pass, $db_base);
$db_connection = new mysqli( DB_HOST, DB_USER, DB_PASS, DB_BASE );
$db_connection->query( "SET NAMES 'UTF8'" );
$statement = $db_connection->prepare( "SELECT id, absender, nachricht, time FROM vms_chat WHERE id > ? ");
$statement->bind_param( 'i', $id);
......@@ -27,8 +26,7 @@ class chatClass{
}
public static function setChatLines( $chattext, $usrname, $color) {
global $db_host,$db_user,$db_pass,$db_base;
$db_connection = new mysqli( $db_host, $db_user, $db_pass, $db_base);
$db_connection = new mysqli( DB_HOST, DB_USER, DB_PASS, DB_BASE );
$db_connection->query( "SET NAMES 'UTF8'" );
$statement = $db_connection->prepare( "INSERT INTO chat( usrname, color, chattext) VALUES(?, ?, ?)");
$statement->bind_param( 'sss', $usrname, $color, $chattext);
......@@ -37,4 +35,4 @@ class chatClass{
$db_connection->close();
}
}
?>
\ No newline at end of file
?>
lib/datenbank.inc.php
View file @ ebb3bb47
<?php
$db_host = "localhost";
// Mysql User
$db_user = "vms_suee2";
// Mysql PW
$db_pass = "lTxyJyZtmSQvaV6M";
// Datenbank
$db_base = "vms_suee2";
//Datenbank Prefix
$db_prefix = "vms";
//Passwort zusatz
$pw_zusatz = 'fg65en';
// Verschlüsselungspasswort
$ver_schluessel = 'libh5476H6G4v0TB';
//Datenbankverbindung herstellen
$sql_open = @mysqli_connect($db_host, $db_user, $db_pass, $db_base) or die('Verbindung zum Mysql Server fehlgeschlagen! <br>Tipp: <a href="http://www.vms-tutorial.de/wiki//Lib/Functions">http://www.vms-tutorial.de/wiki//Lib/Functions</a>');
$sql_base = @mysqli_select_db($sql_open,$db_base) or die("Keine oder falsche Datenbank gewhlt! Tipp: <br><a href='http://www.vms-tutorial.de/wiki//Lib/Functions'>http://www.vms-tutorial.de/wiki//Lib/Functions</a>");
<?php
require_once( __DIR__ .'/db_config.php' );
require_once( __DIR__ .'/../class/database.php' );
//Datenbankverbindung herstellen
$sql_open = @mysqli_connect( DB_HOST, DB_USER, DB_PASS, DB_BASE ) or die('Verbindung zum Mysql Server fehlgeschlagen! <br>Tipp: <a href="http://www.vms-tutorial.de/wiki//Lib/Functions">http://www.vms-tutorial.de/wiki//Lib/Functions</a>');
// why?:
$sql_base = @mysqli_select_db($sql_open, DB_BASE ) or die("Keine oder falsche Datenbank gewhlt! Tipp: <br><a href='http://www.vms-tutorial.de/wiki//Lib/Functions'>http://www.vms-tutorial.de/wiki//Lib/Functions</a>");
// please use global $database, $GLOBALs['database'] or pass $database to class/function
// avoid cluttering the code with silly singleton calls, except when really needed,
// for example when connectiong to a different database, thank you
$database = Database::get(
array(
'type' => 'mysql',
'host' => DB_HOST,
'name' => DB_BASE,
'user' => DB_USER,
'pass' => DB_PASS,
)
);
/**
* db_connect()
*
......@@ -50,10 +52,50 @@
}
}
/*
* taken from nieprzeklinaj at gmail dot com
* http://php.net/manual/de/mysqli-stmt.bind-result.php
*/
function db_fetch($result)
{
$array = array();
if($result instanceof mysqli_stmt)
{
$result->store_result();
$variables = array();
$data = array();
$meta = $result->result_metadata();
while($field = $meta->fetch_field())
$variables[] = &$data[$field->name]; // pass by reference
call_user_func_array(array($result, 'bind_result'), $variables);
$i=0;
while($result->fetch())
{
$array[$i] = array();
foreach($data as $k=>$v)
$array[$i][$k] = $v;
$i++;
// don't know why, but when I tried $array[] = $data, I got the same one result in all rows
}
}
elseif($result instanceof mysqli_result)
{
while($row = $result->fetch_assoc())
$array[] = $row;
}
return $array;
}
function pw_erstellen($pw){
global $pw_zusatz;
$pw_er = hash("sha256",$pw.$pw_zusatz);
$pw_er = hash("sha256",$pw. PW_ZUSATZ );
return $pw_er;
}
......@@ -70,5 +112,4 @@
global $sql_open;
@mysqli_close($sql_open) or die('Konnte die Verbindung mit Datenbank nicht schliessen!');
}
?>
?>
lib/functions.lib.php
View file @ ebb3bb47
<?php
// Komprimierung der Ausgabe zwischen 0 & 10 wobei 0 die Komprimierung der Ausgabe deaktiviert Empfohlener Wert: 1
$gzip_rate = 0;
if( isset($database) )
{
require_once( __DIR__ . '/../class/campaigns.php' );
require_once( __DIR__ . '/../class/stats.php' );
require_once( __DIR__ . '/../class/ptc.php' );
$campaigns = new Campaigns($database);
$stats = new Stats($database);
$ptc = new Ptc($database, $campaigns);
} else {
throw new Exception( 'Please include lib/datenbank.inc.php before lib/functions.lib.php' );
}
/**
* create_code()
......@@ -170,13 +180,6 @@ function bilanz ($ein,$aus,$gruppe,$name) {
}
// GZip
if ($gzip_rate > 0) {
ini_set('zlib.output_compression_level', $gzip_rate);
if (ereg("gzip", getenv("HTTP_ACCEPT_ENCODING"))) ob_start("ob_gzhandler");
else ob_start();
}
// Datum im Facebook Stil
function niceDate($timestamp)
{
......@@ -289,18 +292,16 @@ function geoIP($ip){
}
function versch($text){
global $ver_schluessel;
$iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB);
$iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
$crypted = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, $ver_schluessel, $text, MCRYPT_MODE_ECB, $iv);
$crypted = mcrypt_encrypt(MCRYPT_RIJNDAEL_256, VER_SCHLUESSEL, $text, MCRYPT_MODE_ECB, $iv);
return $crypted;
}
function entsch($text){
global $ver_schluessel;
$iv_size = mcrypt_get_iv_size(MCRYPT_RIJNDAEL_256, MCRYPT_MODE_ECB);
$iv = mcrypt_create_iv($iv_size, MCRYPT_RAND);
$encrypted = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, $ver_schluessel, $text, MCRYPT_MODE_ECB, $iv);
$encrypted = mcrypt_decrypt(MCRYPT_RIJNDAEL_256, VER_SCHLUESSEL, $text, MCRYPT_MODE_ECB, $iv);
return $encrypted;
}
......
lib/funktionen/chat.php
View file @ ebb3bb47
......@@ -3,6 +3,7 @@ require_once('../../lib/datenbank.inc.php');
require_once('../../lib/functions.lib.php');
require_once('../../lib/session.lib.php');
$error = 0;
$zeit = time();
$sperre = mysqli_fetch_array(db_query("SELECT chat_sperre FROM ".$db_prefix."_userdaten WHERE uid = '". mysqli_real_escape_string($sql_open,$_SESSION['uid']) ."' "));
if($sperre['chat_sperre'] == '1'){ $error = 1; $meldung = 'Du bist für den Chat gesperrt.';}
......@@ -10,28 +11,27 @@ if(empty($_POST['inhalt'])){ $error = 1; $meldung = 'Bitte Text eingeben.';}
if($_SESSION['uid'] <= 0){ $error = 1; $meldung = 'Ung&uuml;ltige User-ID.';}
if($error == 0){
$reload = mysqli_fetch_array(db_query("SELECT bis FROM ".$db_prefix."_reloads WHERE uid = '".$_SESSION['uid']."' AND tan = 'sb_reload' "));
$zeit = time();
$reload = mysqli_fetch_array(db_query("SELECT `until` FROM ".$db_prefix."_content_reloads WHERE uid = '".$_SESSION['uid']."' AND cid = 2 "));
$text = $_POST['inhalt'];
$user = mysqli_fetch_array(db_query("SELECT nickname FROM ".$db_prefix."_userdaten WHERE uid = '".$_SESSION['uid']."' "));
db_query("INSERT INTO ".$db_prefix."_chat (absender, nachricht, time) VALUES ('".$user['nickname']."', '". mysqli_real_escape_string($sql_open,$text) ."', '".$zeit."')");
db_query("UPDATE ".$db_prefix."_kontodaten SET sb_texte = sb_texte + '1' WHERE uid = '".$_SESSION['uid']."' ");
if( time() >= $reload['bis']){
if( $zeit >= $reload['until']){
$daten = mysqli_fetch_array(db_query("SELECT sb_reload,sb_verguetung FROM ".$db_prefix."_chat_einstellungen "));
if($_COOKIE['adblocker'] == 1){
$verguetung = $daten['sb_verguetung']/2;
kontobuchung ('+', $verguetung/2, create_code(14), $_SESSION['uid'],'Chatverg&uuml;tung');
$error = 0; $meldung = 'Da du deinen Adblocker an hast, bekommst du nicht die ganze Chat Verg&uuml;tung.<br>
Du bekommst nur '. number_format($verguetung/2,2,',','.').' '.$waehrung.' anstatt die vollen '. number_format($verguetung,2,',','.').' '.$waehrung.'.';
Du bekommst nur '. number_format($verguetung/2,2,',','.').' '.$pageconfig['waehrung'].' anstatt die vollen '. number_format($verguetung,2,',','.').' '.$pageconfig['waehrung'].'.';
}else{
kontobuchung ('+', $daten['sb_verguetung'], create_code(14), $_SESSION['uid'],'Chatverg&uuml;tung');
$error = 0; $meldung = 'Chat Verg&uuml;tung erhalten.';
}
db_query("UPDATE ".$db_prefix."_kontodaten SET sb_verdienst = sb_verdienst + '".$daten['sb_verguetung']."' WHERE uid = '".$_SESSION['uid']."' ");
$sperre = time() + $daten['sb_reload'];
db_query("INSERT INTO ".$db_prefix."_reloads (uid,bis,tan) VALUES ('".$_SESSION['uid']."','".$sperre."','sb_reload') ");
$sperre = $zeit + $daten['sb_reload'];
$ptc->addContentToReload( 2, $_SESSION['uid'], $ip, $sperre );
}
}
......
lib/funktionen/konto/anmelden.php
View file @ ebb3bb47
......@@ -87,10 +87,10 @@ if (!isset($ak)) $ak = "";
)");
$email_message = 'Hallo ' . $_POST['nickname'] . ',
Du hast Dich soeben erfolgreich bei ' . $seitenname . ' angemeldet.
Du hast Dich soeben erfolgreich bei ' . $pageconfig['seitenname'] . ' angemeldet.
Bitte aktiviere jetzt Deinen Account, klicke dazu bitte auf den
Aktivierungslink: ' . $domain . '/?content=/intern/aktivieren&ak=' . $ak . '
Aktivierungslink: ' . $pageconfig['domain'] . '/?content=/intern/aktivieren&ak=' . $ak . '
----------------------------------------------------------
Kontonummer: ' . $uid . '
......@@ -101,11 +101,11 @@ if (!isset($ak)) $ak = "";
uns teilnehmen.
Mit freundlichen Gren
Das ' . $seitenname . ' Team
Das ' . $pageconfig['seitenname'] . ' Team
';
usermail($_POST['emailadresse'], "$seitenname Accountaktivierung", $email_message, '"' . $seitenname . '" <' . $betreibermail . '>');
usermail($_POST['emailadresse'], $pageconfig['seitenname']." Accountaktivierung", $email_message, '"' . $pageconfig['seitenname'] . '" <' . $betreibermail . '>');
$anmeldeok = "true";
}
$meldung = meldung($error,$meldung);
?>
\ No newline at end of file
?>
lib/session.lib.php
View file @ ebb3bb47
......@@ -4,6 +4,7 @@ Datei : session.lib.php
Änderungen in dieser Datei nur dann vornehmen wenn Sie wissen was Sie tun!
*/
@session_start();
$ip = (isset($_SERVER['REMOTE_ADDR'])) ? $_SERVER['REMOTE_ADDR'] : '127.0.0.1';
// Variabeln definieren
if(isset($_POST['checkid'])){
if (!isset($_SESSION['login'])) $_SESSION['login'] = "";
......@@ -16,8 +17,8 @@ if(isset($_POST['checkid'])){
if (!isset($_GET['logout'])) $_GET['logout'] = "";
if (!isset($_GET['ref'])) $_GET['ref'] = "0";
}
if ($_SESSION['werber'] == "0") $_SESSION['werber'] = (int)$_GET['ref'];
if( ( !isset($_SESSION['werber']) || ("0" == $_SESSION['werber']) ) && isset($_GET['ref']) )
$_SESSION['werber'] = (int)$_GET['ref'];
// Seiteneinstellungen laden...
$pageconfig = mysqli_fetch_array(db_query("SELECT * FROM " . $db_prefix . "_seitenkonfig LIMIT 1"));
......@@ -28,11 +29,11 @@ if ($pageconfig['wartung'] == 1 && $_SESSION['uid'] != $admin_id) {
$_SESSION['uid'] = "";
$_SESSION['passwort'] = "";
$_SESSION['login'] = "";
header ("location: " . $domain . "/wartung.php");
header ("location: " . $pageconfig['domain'] . "/wartung.php");
die();
}
// Login
if ($_POST['checkid'] == 'Login' && $_POST['nickname'] && $_POST['passwort']) {
if (isset($_POST['checkid']) && $_POST['checkid'] == 'Login' && $_POST['nickname'] && $_POST['passwort']) {
$_POST['nickname'] = addslashes($_POST['nickname']);
$pw = pw_erstellen($_POST['passwort']);
......@@ -61,7 +62,7 @@ WHERE u.nickname='" . $_POST['nickname'] . "' OR u.uid = '". $_POST['nickname']
$_SESSION['uid'] = $login_check['uid'];
$_SESSION['passwort'] = $login_check['passwort'];
$_SESSION['login'] = "true";
header ("location: " . $domain);
header ("location: " . $pageconfig['domain']);
die();
}
// Wenn User gesperrt wurde!
......@@ -76,10 +77,10 @@ WHERE u.nickname='" . $_POST['nickname'] . "' OR u.uid = '". $_POST['nickname']
$_GET['content'] = '/error/kein_zutritt';
}
} else {
if ($_POST['checkid'] == 'Login') $_GET['content'] = '/error/kein_zutritt';
if (isset($_POST['checkid']) && $_POST['checkid'] == 'Login') $_GET['content'] = '/error/kein_zutritt';
}
// Autologin
if ($_SESSION['login'] != 'true' && isset($_COOKIE['autologin']) && isset($_COOKIE['uid']) && isset($_COOKIE['passwort'])) {
if ( (isset($_SESSION['login']) && $_SESSION['login'] != 'true') || ( isset($_COOKIE['autologin']) && isset($_COOKIE['uid']) && isset($_COOKIE['passwort'])) ) {
$_COOKIE['uid'] = (int)$_COOKIE['uid'];
$_COOKIE['passwort'] = addslashes ($_COOKIE['passwort']);
......@@ -95,18 +96,18 @@ if ($_SESSION['login'] != 'true' && isset($_COOKIE['autologin']) && isset($_COOK
}
}
// Logout
if ($_GET['logout'] == 'true') {
if (isset($_GET['logout']) && $_GET['logout'] == 'true') {
setCookie('uid', '', time() - 86400 * 30);
setCookie('passwort', '', time() - 86400 * 30);
setCookie('autologin', '', time() - 86400 * 30);
$_SESSION['uid'] = "";
$_SESSION['passwort'] = "";
$_SESSION['login'] = "";
header ("location: " . $domain);
header ("location: " . $pageconfig['domain']);
die();
}
if (isset ($_SESSION['uid']) && isset ($_SESSION['passwort']) && !empty ($_SESSION['uid']) && !empty ($_SESSION['passwort'])) {
db_query ("UPDATE " . $db_prefix . "_kontodaten SET last_active = " . time() . " WHERE uid = " . $_SESSION['uid'] . " AND passwort = '" . $_SESSION['passwort'] . "' LIMIT 1");
}
?>
\ No newline at end of file
?>
lib/weristonline.php
View file @ ebb3bb47
<?php
$zeit = (5 * 60); // Sekunden seit der letzten Aktivität
$np = $domain . '/?content=/nickpage&amp;id='; // Nickpagelink
$np = $pageconfig['domain'] . '/?content=/nickpage&amp;id='; // Nickpagelink
// verhindern, dass die Datei direkt aufgerufen wird
if (!function_exists ("db_query")) die ("Kein Direktaufruf");
......@@ -26,4 +26,4 @@ else {
}
?>
\ No newline at end of file
?>
pcheck.php
View file @ ebb3bb47
<?php
require ( 'lib/datenbank.inc.php' );
require_once ('lib/functions.lib.php');
//Variablen vordefinieren
......@@ -10,9 +11,6 @@ if (!isset($_GET['auszahlen'])) $_GET['auszahlen'] = "false";
$_GET['uid'] = (int)$_GET['uid'];
$_GET['tan'] = addslashes ($_GET['tan']);
//DB Verbindung herstellen
db_connect();
$mail = mysqli_fetch_assoc(db_query("SELECT e.start,e.aufendhalt,e.status,e.uid,v.verdienst FROM ".$db_prefix."_paidmails_empfaenger e
LEFT JOIN ".$db_prefix."_paidmails_versendet v ON v.tan = e.tan
WHERE e.tan='".$_GET['tan']."' AND e.uid=".$_GET['uid']." AND e.gueltig > ".time()." LIMIT 1"));
......@@ -38,7 +36,7 @@ if ($_GET['auszahlen']!='true') {
bilanz(0,$mail['verdienst']);
db_query("UPDATE ".$db_prefix."_paidmails_empfaenger SET status=1 WHERE tan='".$_GET['tan']."' and uid=".$_GET['uid']." LIMIT 1");
db_query("UPDATE ".$db_prefix."_paidmails_versendet SET bestaedigt=bestaedigt+1 WHERE tan='".$_GET['tan']."' LIMIT 1");
$headmsg = $mail['verdienst'].' '.$waehrung.' gutgeschrieben!';
$headmsg = $mail['verdienst'].' '.$pageconfig['waehrung'].' gutgeschrieben!';
} else {
$headmsg = 'Wartezeit umgangen! Paidmail ungültig!';
db_query("UPDATE ".$db_prefix."_paidmails_empfaenger SET status=2 WHERE tan='".$_GET['tan']."' and uid=".$_GET['uid']." LIMIT 1");
......@@ -61,4 +59,3 @@ echo '
</table>
</body>
</html>';
db_close();
\ No newline at end of file
pclick.php
View file @ ebb3bb47
<?php
require ( 'lib/datenbank.inc.php' );
require_once ('lib/functions.lib.php');
db_connect();
$_GET['uid'] = (int)$_GET['uid'];
$_GET['tan'] = addslashes ($_GET['tan']);
......@@ -18,5 +18,3 @@ echo '
<frame name="werbung" src="'.$mail['ziel'].'" scrolling="auto" frameborder="0">
</frameset>
</html>';
db_close();
pl.php
View file @ ebb3bb47
<?
@require_once ('lib/functions.lib.php');
@db_connect();
@require_once ('lib/session.lib.php');
if (!isset($_GET['art'])) $_GET['art'] = "";
if (!isset($text['tan'])) $text['tan'] = "";
if (!isset($text['ziel'])) $text['ziel'] = "";
$text = mysqli_fetch_array(db_query("SELECT * FROM ".$db_prefix."_gebuchte_werbung WHERE tan='".$_GET['tan']."'"));
?>
<?php
require_once ( __DIR__ . '/lib/datenbank.inc.php' );
require_once ( __DIR__ . '/lib/functions.lib.php' );
require_once ( __DIR__ . '/lib/session.lib.php' );
$kampdaten = $campaigns->getByTanAndType( $_GET['tan'], 'paidlink' );
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
?><!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<html>
<head>
<title>Paidlink by <?=$seitenname;?></title>
<title>Paidlink by <?php echo $pageconfig['seitenname']; ?></title>
</head>
<frameset rows="25,*" border="0">
<frame name="abuse" src="topframe_text.php?tan=<?=$text['tan'];?>" scrolling="no" frameborder="0">
<frame name="werbung" src="<?=$text['ziel'];?>" scrolling="auto" frameborder="0">
<frame name="abuse" src="topframe_text.php?tan=<?php echo $kampdaten->tan; ?>" scrolling="no" frameborder="0">
<frame name="werbung" src="<?php echo $kampdaten->ziel;?>" scrolling="auto" frameborder="0">
</frameset>
</body>
</html>
<?db_close();?>