include("./includes/config.php");
// Randomize gateway values: change every 10seconds
mt_srand((intval(time()/10)*10));
$accept_test = md5(mt_rand(10000,9999999999));
$gate_test = md5(mt_rand(10000,9999999999));
// If no referer, or vote cookie already set: exit
if (!$HTTP_REFERER || $phptlin[$ID] || !$ID) {
suspicious();
goto_page("1");
// If gateway is not set: check to see if the client accepts cookies
} elseif ($gateway != $gate_test) {
header("Set-Cookie: cookie_test=$accept_test");
// Detect calling via img tags & set gateway check values
unset($oldID);
echo "
";
// If gateway is set and the client accepts cookies:
// Check his ip and that the vote comes from his site.
} elseif (($gateway == $gate_test) && ($cookie_test == $accept_test)) {
$query=mysql_query("SELECT URL, Category, SubCategory, LastVoteIP from $accounts_table WHERE ID='$ID'");
$result=mysql_fetch_array($query);
$site_url=$result[URL];
if (($result[LastVoteIP] == $REMOTE_ADDR) || !check_referer($site_url)) {
suspicious();
goto_page("2");
// If his ip is not logged: count the vote, set a cookie, and log his ip
} else {
$name="phptlin[$ID]";
$expire=date("D, d M Y H:i:s", time()+$vote_time);
// header("Set-Cookie: $name=phptlin; EXPIRES=$expire");
$now=time();
cleansites($now);
// Redirect to cat/subcat if admin has set so.
if ($Set_Category) {$whereto = "Category=$result[Category]";}
if ($Set_SubCategory) {$whereto .= "&SubCategory=$result[SubCategory]";}
// mysql_query("UPDATE $accounts_table SET VotesToday=VotesToday+1, LastHit='$now', LastVoteREF='$referer', LastVoteIP='$REMOTE_ADDR' WHERE ID='$ID'");
mysql_query("UPDATE $accounts_table SET VotesToday=VotesToday+1, LastHit='$now' WHERE ID='$ID'");
// If we only track valid votes, increment counter
if ($vote_method == "1") {mysql_query("UPDATE $counter_table SET Count=Count+1");}
goto_page("3");
}
// The client doesn't accept cookies: exit
} else {
suspicious();
goto_page("4");
}
function goto_page($status) {
global $counter_table, $vote_method, $base_url, $index_file, $whereto;
// If we track all votes, increment counter
if ($vote_method == "0") {mysql_query("UPDATE $counter_table SET Count=Count+1");}
// We bust out of eventual frames, maximize the window, and redirect to the site.
echo "
";
exit();
}
function check_referer($site_url) {
global $check_referer, $referer;
if ($check_referer == "0" || eregi("^$site_url", $referer)){
return(true);
} else {
return(false);
}}
function cleansites($now) {
global $counter_table, $accounts_table, $reset_time;
// Rest daily hits to 0 if needed
$query = mysql_query("SELECT LastReset, MonthlyReset FROM $counter_table");
$do_reset = mysql_fetch_array($query);
if (($do_reset[LastReset]+$reset_time) < $now) {
mysql_query("UPDATE $counter_table SET LastReset='$now'");
mysql_query("UPDATE $accounts_table SET VotesToday='0', VisitsToday='0', LastVoteIP='', LastVisitIP='', LastRateIP=''");
}
// Rest monthly hits to 0 if needed
$today=getdate($now);
if (($do_reset[MonthlyReset] == "1") && ($today[mday] == "1")) {
mysql_query("UPDATE $accounts_table SET VisitsMonth='0', Suspicious='0'");
mysql_query("UPDATE $counter_table SET MonthlyReset='0'");
} elseif (($do_reset[MonthlyReset] == "0") && ($today[mday] > "27")) {
mysql_query("UPDATE $counter_table SET MonthlyReset='1'");
}
}
function suspicious() {
global $accounts_table, $ID, $oldID;
if ($ID || $oldID) {mysql_query("UPDATE $accounts_table SET Suspicious=Suspicious+1 WHERE ID='$ID' OR ID='$oldID'");}
}
?>
