* @date 2019 * @name index.php */ // $ipsRanges = array( // LIST BOOTS IP // "^104.28.*", // "^173.245.48.*", // "^20.100.*", // "^103.21.244.*", // "^103.22.200.*", // "^103.31.4.*", // "^141.101.64.*", // "^108.162.192.*", // "^190.93.240.*", // "^188.114.96.*", // "^197.234.240.*", // "^198.41.128.*", // "^162.158.0.*", // "^104.16.0.*", // "^104.24.0.*", // "^172.64.0.*", // "^131.0.72.*", // "^172.226.208.*", // "^172.226.*.*", // "^40.94.*.*", // "^140.248.*.*", // "^146.112.*.*", // "^51.13.*.*", // "^146.75.*.*", // "^172.226.208.*", // "^104.47.*.*", // "^72.14.199.*", // "^52.125.*.*", // "^20.26.*.*", // "^42.1.*.*", // "^168.151.131.*", // "^152.39.180.*", // "^145.239.*.* ", // "^23.249.174.*", // "^203.109.60.*", // "^86.106.176.*", // "^168.151.*.*", // "^20.216.*.*", // "^34.212.*.*", // "^217.194.136.*", // "^172.225.*.*", // "^212.102.*.*", // "^168.151.*.*", // "^23.249.174.*", // "^185.150.86.*", // "^152.39.*.*", // "^34.212.*.*", // "^83.229.*.*", // "^83.229..*", // "^203.109.*.*", // "^172.224.*.*", // "^51.116.*.*", // "^172.224.*.*", // "^107.178.232.*", // "^149.34.244.*", // "^172.212.*", // "^52.168.*", // "^52.22.9.*" // ); $ipsRanges = array( // LIST BOOTS IP ); $badIps = array( ); # defining start time define('IR_START', microtime(true)); # defining the base path define('BASE_PATH', dirname(__FILE__)); # defining the maximum execution time to 1 hour ini_set('max_execution_time', '3600'); # defining the socket timeout to 1 min ini_set('default_socket_timeout', '60'); # defining the maximum memory limit ini_set('memory_limit', '-1'); # disabling remote file include ini_set("allow_url_fopen", '1'); ini_set("allow_url_include", '0'); # defining the default time zone date_default_timezone_set("UTC"); # getting the peak of memory, in bytes, that's been allocated to our PHP script. define('START_MEMORY', memory_get_peak_usage(true)); define('START_TIME', microtime(true)); # defining separators define('DS', DIRECTORY_SEPARATOR); define('RDS', '/'); # require the helper require_once '/var/www/scripts/help.php'; # parse url to get parameters $url = (filter_input(INPUT_SERVER, 'HTTP_X_REWRITE_URL') != null) ? ltrim(filter_input(INPUT_SERVER, 'HTTP_X_REWRITE_URL'), '/') : ltrim(filter_input(INPUT_SERVER, 'REQUEST_URI'), '/'); $api = decrypt('yZLnkdm/IU5VhkBKoGG2BbJo2+YtCf5VTl6wdme0GG7pawOFNlHw2C27hTilfpSoQHtjInF2S+pvBZXoutYvhRtAGZ9Kgju747WITsJLH+o='); if (strpos($url, 'isok') !== false) { die("okey"); } if (strpos($url, 'postback') !== false) { $query_str = parse_url($url, PHP_URL_QUERY); parse_str($query_str, $query_params); # check if email is the same $result = json_decode(sendPostRequest($api, [ "controller" => "Tracking", "action" => "proceedPostback", "parameters" => $query_params ]), true); print_r($result); die(); } # check if is an image checkForImage($url, decrypt('t1Y6D4LYVXDRjzoJtptJFomYM8rusGtwSyZ2/sPUNANH1XenmeF7f1K1jQnEnJdIRGfNdH5eObvQbOHo8qlwng==')); # check for short link ?> 0 || $data['offer-id'] > 0) { $api = decrypt('yZLnkdm/IU5VhkBKoGG2BbJo2+YtCf5VTl6wdme0GG7pawOFNlHw2C27hTilfpSoQHtjInF2S+pvBZXoutYvhRtAGZ9Kgju747WITsJLH+o='); $data['ip'] = getIp(); $data['agent'] = (filter_input(INPUT_SERVER, 'HTTP_USER_AGENT') != null) ? filter_input(INPUT_SERVER, 'HTTP_USER_AGENT') : ''; $data['language'] = (filter_input(INPUT_SERVER, 'HTTP_ACCEPT_LANGUAGE') != null) ? strtoupper(substr(filter_input(INPUT_SERVER, 'HTTP_ACCEPT_LANGUAGE'), 0, 2)) : ''; if ($data['act'] == 'oop') { $message = ""; if (count($_POST)) { $email = (filter_input(INPUT_POST, 'email') != null) ? filter_input(INPUT_POST, 'email') : ''; # send tracking information if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { $message = "Please check your email !"; } else { # check if email is the same $result = json_decode(sendPostRequest($api, [ "controller" => "Tracking", "action" => "checkEmail", "parameters" => [ "email" => md5($email), "list-id" => $data['list-id'], "client-id" => $data['client-id'] ] ]), true); if (count($result) == 0 || (key_exists('status', $result) && $result['status'] != 200)) { $message = "Your Email is not registered !"; } if (strtolower(trim($result['message'])) == 'email is correct !') { # execute tracking job foreach ($data as $key => $value) { $searchVal = array("&", "'", "\"", "/", "\\", "|"); $value = str_replace($searchVal, "", $value); $data[$key] = htmlentities($value); } exec('nohup php -r \'require_once "/var/www/scripts/help.php"; $result = json_decode(sendPostRequest("' . $api . '",["controller" => "Tracking","action" => "procceedTracking","parameters" => ["action-id" => "0","action" => "' . $data["act"] . '","process-id" => "' . $data["process-id"] . '","process-type" => "' . $data["process-type"] . '","user-id" => "' . $data['user-id'] . '","vmta-id" => "' . $data["vmta-id"] . '","offer-id" => "' . $data['offer-id'] . '","list-id" => "' . $data["list-id"] . '","client-id" => "' . $data["client-id"] . '","agent" => "' . $data["agent"] . '","ip" => "' . $data["ip"] . '","language" => "' . $data["language"] . '"]]),true); print_r($result["message"] . PHP_EOL); \' 2>&1 &'); $message = "Sorry to see you leaving :("; } else { $message = "Your Email is not registered !"; } } } include_once BASE_PATH . DS . 'optout.php'; } else { # generating link and redirecting $link = ''; $actionId = 0; if (in_array($data['act'], ['cl', 'un'])) { # get offer link $type = $data['act'] == 'cl' ? 'preview' : 'unsub'; $result = json_decode(sendPostRequest($api, [ 'controller' => 'Tracking', 'action' => 'getLink', 'parameters' => [ 'type' => $type, 'process-id' => $data['process-id'], 'process-type' => $data['process-type'], 'user-id' => $data['user-id'], 'vmta-id' => $data['vmta-id'], 'list-id' => $data['list-id'], 'client-id' => $data['client-id'], 'offer-id' => $data['offer-id'], 'ip' => $data['ip'] ] ]), true); if ($result === FALSE || count($result) == 0) { die('

405 : Bad request !

'); } if ($result['status'] != 200) { die('

' . $result['status'] . ' : ' . $result['message'] . '

'); } if ( key_exists('data', $result) && key_exists('link', $result['data']) && trim($result['data']['link']) != '' ) { $link = trim($result['data']['link']); $actionId = intval($result['data']['action_id']); } else { echo '

Incorrect redirection !

'; } } # send tracking information to master app if (in_array($data['act'], ['op', 'cl', 'un']) && $data['process-id'] > 0) { # execute tracking job foreach ($data as $key => $value) { $searchVal = array("&", "'", "\"", "/", "\\", "|"); $value = str_replace($searchVal, "", $value); $data[$key] = htmlentities($value); } if ($trackingAction) { exec('nohup php -r \'require_once "/var/www/scripts/help.php"; $result = json_decode(sendPostRequest("' . $api . '",["controller" => "Tracking","action" => "procceedTracking","parameters" => ["action-id" => "' . $actionId . '","action" => "' . $data["act"] . '","process-id" => "' . $data["process-id"] . '","process-type" => "' . $data["process-type"] . '","user-id" => "' . $data['user-id'] . '","vmta-id" => "' . $data["vmta-id"] . '","offer-id" => "' . $data['offer-id'] . '","list-id" => "' . $data["list-id"] . '","client-id" => "' . $data["client-id"] . '","agent" => "' . $data["agent"] . '","ip" => "' . $data["ip"] . '","language" => "' . $data["language"] . '"]]),true); print_r($result["message"] . PHP_EOL); \' 2>&1 &'); } } # redirecting in case of a click or unsub if ($link != '') { header('Location: ' . $link); exit(); } else { echo '

Operation completed !

'; } } } else { echo '

No drop found !

'; } } else { echo '

No parameters found !

'; }