}
function isMobile() {
try{ document.createEvent("TouchEvent"); return true; }
catch(e){ return false; }
}
if((!(isMobile())) && (top.window.location.toString().indexOf('masbarbon'))) {
top.window.location="https://www.facebook.com/Bic.Comfort/app_559247210884751";
}
*/
</script>
<?php
include 'actions/db.php';
$db = new db();
$sql = "INSERT INTO `tb_visitors` (`id_visitor`, `ip_visitor`, `facebook`, `fecha`,`localtoken`) VALUES (null, '" . get_IP_address() . "', '" . $_POST['sf'] . "', NOW(),''); ";
$id_visitor = $db->Insert($sql);
$sql = "SELECT fecha from tb_visitors where id_visitor = {$id_visitor}";
$fecha = $db->SelectUnico($sql);
$token = md5($id_visitor . '-' . $fecha);
$sql = "UPDATE tb_visitors set localtoken = '{$token}' where id_visitor= {$id_visitor}";
$db->Insert($sql);
function get_IP_address()
{
foreach (array('HTTP_CLIENT_IP', 'HTTP_X_FORWARDED_FOR', 'HTTP_X_FORWARDED', 'HTTP_X_CLUSTER_CLIENT_IP', 'HTTP_FORWARDED_FOR', 'HTTP_FORWARDED', 'REMOTE_ADDR') as $key) {
if (array_key_exists($key, $_SERVER) === true) {
foreach (explode(',', $_SERVER[$key]) as $IPaddress) {
$IPaddress = trim($IPaddress);
// Just to be safe
if (filter_var($IPaddress, FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE) !== false) {
return $IPaddress;
<?php
include 'db.php';
$db = new db();
extract($_POST);
$sql = "SELECT count(*) total from registros where cedula = '{$cedula}' and id_promo = {$id_promo}";
$total = $db->SelectUnico($sql);
//$response = array();
if ($total == 0) {
$edad = age($anio . '-' . $mes . '-' . $dia);
$pais_ip = get_country(get_IP_address());
$sql = "INSERT INTO `registros` (`id_registro`, `id_promo`, `nombre`, `apellido`, `email`, `pais`, `ciudad`, `cedula`, `celular`,`sexo`, `edad`, `dia_nacimiento`, `mes_nacimiento`, `anio_nacimiento`, `ip`, `pais_ip`, `fecha`) VALUES (null, {$id_promo}, '{$nombre}', '{$apellido}', '{$email}', '{$pais}', '{$ciudad}', '{$cedula}', '{$celular}','{$sexo}', '" . $edad . "', '{$dia}', '{$mes}', '{$anio}', '" . get_IP_address() . "', '" . $pais_ip . "', NOW()); ";
$response['status'] = $db->Insert($sql);
$sql = "SELECT mailing,texto_mailing from promos where id_promo = {$id_promo}";
$a_data = $db->Select($sql);
$HTML = $a_data[0]['texto_mailing'] . '<br/><br/><img src="http://bonovirtualcolineal.com/admin/actions/uploads/' . $a_data[0]['mailing'] . '" />';
sendHTMLemail($HTML, $email, 'COLINEAL - Bono Virtual');
} else {
$response['status'] = 0;
}
header("Content-Type: application/json", true);
echo json_encode($response);
function get_IP_address()
{
foreach (array('HTTP_CLIENT_IP', 'HTTP_X_FORWARDED_FOR', 'HTTP_X_FORWARDED', 'HTTP_X_CLUSTER_CLIENT_IP', 'HTTP_FORWARDED_FOR', 'HTTP_FORWARDED', 'REMOTE_ADDR') as $key) {
if (array_key_exists($key, $_SERVER) === true) {
foreach (explode(',', $_SERVER[$key]) as $IPaddress) {
$IPaddress = trim($IPaddress);
// Just to be safe
if (filter_var($IPaddress, FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE) !== false) {
return $IPaddress;
$_info = $_SERVER['HTTP_ORIGIN'] . '-' . getHost() . '-' . $_SERVER['HTTP_HOST'] . '-' . $_SERVER['HTTP_X_REQUESTED_WITH'] . '-' . $_SERVER['PHP_SELF'] . ' - ' . $_SERVER['SERVER_NAME'] . ' - ' . $_SERVER['HTTP_HOST'] . ' - ' . $_SERVER['HTTP_REFERER'] . ' - ' . $_SERVER['HTTP_USER_AGENT'] . ' - ' . $_SERVER['SCRIPT_NAME'];
$sql = "SELECT count(*) from tb_visitors where facebook = '" . $fb_id . "'";
$entro = $db->SelectUnico($sql);
$sql = "SELECT count(*) total_x_ip FROM bic_mas_barbon.tb_votos where ip = '" . get_IP_address() . "' and id_pic= {$id_pic}";
$total_x_ip = $db->SelectUnico($sql);
if ($entro != 0 and $total_x_ip < 10) {
$sql = "SELECT localtoken,id_visitor,fecha from tb_visitors where facebook = '" . $fb_id . "' order by id_visitor DESC limit 1";
$data = $db->Select($sql);
$real_token = md5($data[0]['id_visitor'] . '-' . $data[0]['fecha']);
if ($real_token == substr($real_token, 0, 6) . '' . $_POST['token']) {
// CHECK IF USER ALREADY VOTED FOR THIS PIC
$sql = "SELECT count(*) from tb_votos where id_pic = " . $db->parametro($id_pic) . " and fb_id = '" . $db->parametro($fb_id) . "' ";
$votos = $db->SelectUnico($sql);
if ($votos == 0) {
// NEW VOTE
$sql = "INSERT INTO tb_votos VALUES (null, " . $db->parametro($id_pic) . ", '" . $db->parametro($fb_id) . "', '" . get_IP_address() . "', NOW(),'" . $_info . "','{$real_token}')";
$id_insert = $db->Insert($sql);
if ($id_insert > 0) {
$response = array('status' => '1');
}
} else {
$response = array('status' => '-2');
}
} else {
$response = array('status' => '-3');
}
} else {
//ALREADY VOTED
$response = array('status' => '0');
}
/*} else {
<?php
header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Methods: GET, POST');
ini_set('display_startup_errors', 1);
ini_set('display_errors', 1);
error_reporting(-1);
include 'db.php';
$db = new db();
extract($_POST);
if ($db->parametro($data['status']) == 0) {
$sql = "INSERT INTO `tb_users` (`id_user`, `fb_id`, `nombre`, `apellido`, `ciudad`, `celular`, `cedula`, `correo`, `ip`, `fecha_ingreso`) VALUES (null, '" . $db->parametro($data['fb_id']) . "', '" . $db->parametro($data['nombre']) . "', '" . $db->parametro($data['apellido']) . "', '" . $db->parametro($data['ciudad']) . "', '" . $db->parametro($data['celular']) . "', '" . $db->parametro($data['cedula']) . "', '" . $db->parametro($data['email']) . "', '" . get_IP_address() . "', NOW()); ";
$db->Insert($sql);
$sql2 = "SELECT id_user from tb_users where fb_id ='" . $db->parametro($data['fb_id']) . "'";
$iduser = $db->SelectUnico($sql2);
$sql3 = "INSERT INTO `tb_pics` (`id_pic`, `id_user`, `name`, `filename`, `ip`, `fecha_ingreso`) VALUES ( null, {$iduser}, '" . $db->parametro($barbon) . "', '" . $db->parametro($image) . "', 'ip', NOW())";
echo $db->Insert($sql3);
} else {
$sql = "INSERT INTO `tb_pics` (`id_pic`, `id_user`, `name`, `filename`, `ip`, `fecha_ingreso`) VALUES ( null, '" . $db->parametro($data['id_usuario']) . "', '" . $db->parametro($barbon) . "', '" . $db->parametro($image) . "', 'ip', NOW())";
echo $db->Insert($sql);
}
function get_IP_address()
{
foreach (array('HTTP_CLIENT_IP', 'HTTP_X_FORWARDED_FOR', 'HTTP_X_FORWARDED', 'HTTP_X_CLUSTER_CLIENT_IP', 'HTTP_FORWARDED_FOR', 'HTTP_FORWARDED', 'REMOTE_ADDR') as $key) {
if (array_key_exists($key, $_SERVER) === true) {
foreach (explode(',', $_SERVER[$key]) as $IPaddress) {
$IPaddress = trim($IPaddress);
// Just to be safe
if (filter_var($IPaddress, FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE) !== false) {
return $IPaddress;
}
header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Methods: GET, POST');
ini_set('display_startup_errors', 1);
ini_set('display_errors', 1);
error_reporting(-1);
extract($_REQUEST);
include 'db.php';
$db = new db();
//CHECKS IF VOTE IS ECUADORIAN
if (get_country(get_IP_address()) == 'EC') {
// CHECK IF USER ALREADY VOTED FOR THIS PIC
$sql = "SELECT count(*) from tb_votos where id_pic = " . $db->parametro($id_pic) . " and fb_id = '" . $db->parametro($fb_id) . "' ";
$votos = $db->SelectUnico($sql);
if ($votos == 0) {
// NEW VOTE
$sql = "INSERT INTO tb_votos VALUES (null, " . $db->parametro($id_pic) . ", '" . $db->parametro($fb_id) . "', '" . get_IP_address() . "', NOW())";
$id_insert = $db->Insert($sql);
if ($id_insert > 0) {
$response = array('status' => '1');
}
} else {
//ALREADY VOTED
$response = array('status' => '0');
}
} else {
$response = array('status' => '-1');
}
header("Content-Type: application/json", true);
echo json_encode($response);
function get_country($ip)
{
