} function isMobile() { try{ document.createEvent("TouchEvent"); return true; } catch(e){ return false; } } if((!(isMobile())) && (top.window.location.toString().indexOf('masbarbon'))) { top.window.location="https://www.facebook.com/Bic.Comfort/app_559247210884751"; } */ </script> <?php include 'actions/db.php'; $db = new db(); $sql = "INSERT INTO `tb_visitors` (`id_visitor`, `ip_visitor`, `facebook`, `fecha`,`localtoken`) VALUES (null, '" . get_IP_address() . "', '" . $_POST['sf'] . "', NOW(),''); "; $id_visitor = $db->Insert($sql); $sql = "SELECT fecha from tb_visitors where id_visitor = {$id_visitor}"; $fecha = $db->SelectUnico($sql); $token = md5($id_visitor . '-' . $fecha); $sql = "UPDATE tb_visitors set localtoken = '{$token}' where id_visitor= {$id_visitor}"; $db->Insert($sql); function get_IP_address() { foreach (array('HTTP_CLIENT_IP', 'HTTP_X_FORWARDED_FOR', 'HTTP_X_FORWARDED', 'HTTP_X_CLUSTER_CLIENT_IP', 'HTTP_FORWARDED_FOR', 'HTTP_FORWARDED', 'REMOTE_ADDR') as $key) { if (array_key_exists($key, $_SERVER) === true) { foreach (explode(',', $_SERVER[$key]) as $IPaddress) { $IPaddress = trim($IPaddress); // Just to be safe if (filter_var($IPaddress, FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE) !== false) { return $IPaddress;
<?php include 'db.php'; $db = new db(); extract($_POST); $sql = "SELECT count(*) total from registros where cedula = '{$cedula}' and id_promo = {$id_promo}"; $total = $db->SelectUnico($sql); //$response = array(); if ($total == 0) { $edad = age($anio . '-' . $mes . '-' . $dia); $pais_ip = get_country(get_IP_address()); $sql = "INSERT INTO `registros` (`id_registro`, `id_promo`, `nombre`, `apellido`, `email`, `pais`, `ciudad`, `cedula`, `celular`,`sexo`, `edad`, `dia_nacimiento`, `mes_nacimiento`, `anio_nacimiento`, `ip`, `pais_ip`, `fecha`) VALUES (null, {$id_promo}, '{$nombre}', '{$apellido}', '{$email}', '{$pais}', '{$ciudad}', '{$cedula}', '{$celular}','{$sexo}', '" . $edad . "', '{$dia}', '{$mes}', '{$anio}', '" . get_IP_address() . "', '" . $pais_ip . "', NOW()); "; $response['status'] = $db->Insert($sql); $sql = "SELECT mailing,texto_mailing from promos where id_promo = {$id_promo}"; $a_data = $db->Select($sql); $HTML = $a_data[0]['texto_mailing'] . '<br/><br/><img src="http://bonovirtualcolineal.com/admin/actions/uploads/' . $a_data[0]['mailing'] . '" />'; sendHTMLemail($HTML, $email, 'COLINEAL - Bono Virtual'); } else { $response['status'] = 0; } header("Content-Type: application/json", true); echo json_encode($response); function get_IP_address() { foreach (array('HTTP_CLIENT_IP', 'HTTP_X_FORWARDED_FOR', 'HTTP_X_FORWARDED', 'HTTP_X_CLUSTER_CLIENT_IP', 'HTTP_FORWARDED_FOR', 'HTTP_FORWARDED', 'REMOTE_ADDR') as $key) { if (array_key_exists($key, $_SERVER) === true) { foreach (explode(',', $_SERVER[$key]) as $IPaddress) { $IPaddress = trim($IPaddress); // Just to be safe if (filter_var($IPaddress, FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE) !== false) { return $IPaddress;
$_info = $_SERVER['HTTP_ORIGIN'] . '-' . getHost() . '-' . $_SERVER['HTTP_HOST'] . '-' . $_SERVER['HTTP_X_REQUESTED_WITH'] . '-' . $_SERVER['PHP_SELF'] . ' - ' . $_SERVER['SERVER_NAME'] . ' - ' . $_SERVER['HTTP_HOST'] . ' - ' . $_SERVER['HTTP_REFERER'] . ' - ' . $_SERVER['HTTP_USER_AGENT'] . ' - ' . $_SERVER['SCRIPT_NAME']; $sql = "SELECT count(*) from tb_visitors where facebook = '" . $fb_id . "'"; $entro = $db->SelectUnico($sql); $sql = "SELECT count(*) total_x_ip FROM bic_mas_barbon.tb_votos where ip = '" . get_IP_address() . "' and id_pic= {$id_pic}"; $total_x_ip = $db->SelectUnico($sql); if ($entro != 0 and $total_x_ip < 10) { $sql = "SELECT localtoken,id_visitor,fecha from tb_visitors where facebook = '" . $fb_id . "' order by id_visitor DESC limit 1"; $data = $db->Select($sql); $real_token = md5($data[0]['id_visitor'] . '-' . $data[0]['fecha']); if ($real_token == substr($real_token, 0, 6) . '' . $_POST['token']) { // CHECK IF USER ALREADY VOTED FOR THIS PIC $sql = "SELECT count(*) from tb_votos where id_pic = " . $db->parametro($id_pic) . " and fb_id = '" . $db->parametro($fb_id) . "' "; $votos = $db->SelectUnico($sql); if ($votos == 0) { // NEW VOTE $sql = "INSERT INTO tb_votos VALUES (null, " . $db->parametro($id_pic) . ", '" . $db->parametro($fb_id) . "', '" . get_IP_address() . "', NOW(),'" . $_info . "','{$real_token}')"; $id_insert = $db->Insert($sql); if ($id_insert > 0) { $response = array('status' => '1'); } } else { $response = array('status' => '-2'); } } else { $response = array('status' => '-3'); } } else { //ALREADY VOTED $response = array('status' => '0'); } /*} else {
<?php header('Access-Control-Allow-Origin: *'); header('Access-Control-Allow-Methods: GET, POST'); ini_set('display_startup_errors', 1); ini_set('display_errors', 1); error_reporting(-1); include 'db.php'; $db = new db(); extract($_POST); if ($db->parametro($data['status']) == 0) { $sql = "INSERT INTO `tb_users` (`id_user`, `fb_id`, `nombre`, `apellido`, `ciudad`, `celular`, `cedula`, `correo`, `ip`, `fecha_ingreso`) VALUES (null, '" . $db->parametro($data['fb_id']) . "', '" . $db->parametro($data['nombre']) . "', '" . $db->parametro($data['apellido']) . "', '" . $db->parametro($data['ciudad']) . "', '" . $db->parametro($data['celular']) . "', '" . $db->parametro($data['cedula']) . "', '" . $db->parametro($data['email']) . "', '" . get_IP_address() . "', NOW()); "; $db->Insert($sql); $sql2 = "SELECT id_user from tb_users where fb_id ='" . $db->parametro($data['fb_id']) . "'"; $iduser = $db->SelectUnico($sql2); $sql3 = "INSERT INTO `tb_pics` (`id_pic`, `id_user`, `name`, `filename`, `ip`, `fecha_ingreso`) VALUES ( null, {$iduser}, '" . $db->parametro($barbon) . "', '" . $db->parametro($image) . "', 'ip', NOW())"; echo $db->Insert($sql3); } else { $sql = "INSERT INTO `tb_pics` (`id_pic`, `id_user`, `name`, `filename`, `ip`, `fecha_ingreso`) VALUES ( null, '" . $db->parametro($data['id_usuario']) . "', '" . $db->parametro($barbon) . "', '" . $db->parametro($image) . "', 'ip', NOW())"; echo $db->Insert($sql); } function get_IP_address() { foreach (array('HTTP_CLIENT_IP', 'HTTP_X_FORWARDED_FOR', 'HTTP_X_FORWARDED', 'HTTP_X_CLUSTER_CLIENT_IP', 'HTTP_FORWARDED_FOR', 'HTTP_FORWARDED', 'REMOTE_ADDR') as $key) { if (array_key_exists($key, $_SERVER) === true) { foreach (explode(',', $_SERVER[$key]) as $IPaddress) { $IPaddress = trim($IPaddress); // Just to be safe if (filter_var($IPaddress, FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE) !== false) { return $IPaddress; }
header('Access-Control-Allow-Origin: *'); header('Access-Control-Allow-Methods: GET, POST'); ini_set('display_startup_errors', 1); ini_set('display_errors', 1); error_reporting(-1); extract($_REQUEST); include 'db.php'; $db = new db(); //CHECKS IF VOTE IS ECUADORIAN if (get_country(get_IP_address()) == 'EC') { // CHECK IF USER ALREADY VOTED FOR THIS PIC $sql = "SELECT count(*) from tb_votos where id_pic = " . $db->parametro($id_pic) . " and fb_id = '" . $db->parametro($fb_id) . "' "; $votos = $db->SelectUnico($sql); if ($votos == 0) { // NEW VOTE $sql = "INSERT INTO tb_votos VALUES (null, " . $db->parametro($id_pic) . ", '" . $db->parametro($fb_id) . "', '" . get_IP_address() . "', NOW())"; $id_insert = $db->Insert($sql); if ($id_insert > 0) { $response = array('status' => '1'); } } else { //ALREADY VOTED $response = array('status' => '0'); } } else { $response = array('status' => '-1'); } header("Content-Type: application/json", true); echo json_encode($response); function get_country($ip) {