$_SESSION['ERROR'] = "Could not process request.<br>Please try again."; header('Location: ' . $referrer); //Redirect to previous page exit; } /* Check if email is valid. This should always be true since it is validated in our form on this page. */ $email = filter_var($_POST['email'], FILTER_SANITIZE_EMAIL); if (!filter_var($email, FILTER_VALIDATE_EMAIL)) { $_SESSION['ERROR'] = "Invalid email address.<br>Please try again."; header('Location: ' . $referrer); //Redirect to previous page exit; } /* Validate reCAPTCHA via our `reCAPTCHA()` function. (see: inc/recaptcha.php) */ if (!reCAPTCHA($_POST['g-recaptcha-response'])) { $_SESSION['ERROR'] = "Could not validate reCAPTCHA.<br>Please try again."; header('Location: ' . $referrer); //Redirect to previous page exit; } /* Save our remaining POST input. (Sanitizing is not needed at this point because it will be sent as plaintext.) */ $name = $_POST['name']; $subject = $_POST['subject']; $message = $_POST['message']; /* Email-related variables. */ $to = "*****@*****.**"; $from = "*****@*****.**"; $subject = "CSUClicker: {$subject}"; $message = "From: {$name} <{$email}>\r\n" . "Date: " . date('D, j M Y g:i:sa') . "\r\n" . "IP: " . $_SERVER['REMOTE_ADDR'] . "\r\n\r\n" . "Subject: {$subject}\r\n" . "Message: {$message}\r\n\r\n" . "!!DO NOT REPLY TO THIS EMAIL!!"; /* Send email to recipient via our `sendmail()` function. (see: inc/sendmail.php) */
$delk = substr(md5($_REQUEST['delk']), 2, 8); $key = $_REQUEST['key']; $HOST = gethostbyaddr($IP = getREMOTE_ADDR()); $idtag = false; if (preg_match("/^( | |\t)*\$/", $MESSAGE)) { error("本文がありません!", $FROM, $mail, $HOST, $MESSAGE); } if ($key == "" && preg_match("/^( | |\t)*\$/", $subject)) { error("サブジェクトが存在しません!", $FROM, $mail, $HOST, $MESSAGE); } if (!isset($_REQUEST['url']) || isset($_REQUEST['url']) && $_REQUEST['url'] != "") { error("投稿が禁止されています", $FROM, $mail, $HOST, $MESSAGE); } // reCAPTCHA if (!$key) { if (reCAPTCHA('スレッド作成', 'スレッド作成のは CAPTCHA 認証が必要です。') === false) { exit; } } // ホスト、禁止ホスト $IsBanned = false; $killip = file("killip.cgi"); $checkTwice = $IP != $HOST; // 是否需檢查第二次 $killip = explode(',', $killip[0]); foreach ($killip as $kill) { $kill = rtrim($kill); if ($kill) { $slash = substr_count($kill, '/'); if ($slash == 2) { // RegExp
function Login($user, $pass) { global $cookie, $domain, $referer, $pauth, $default_acc; $post = array(); $post['LoginForm%5Busername%5D'] = urlencode($user); $post['LoginForm%5Bpassword%5D'] = urlencode($pass); $post['LoginForm%5BrememberMe%5D'] = 1; if (empty($_POST['step']) || !in_array($_POST['step'], array('1', '2'))) { $page = geturl($domain, 80, '/login.html', $referer, 0, $post, 0, $_GET['proxy'], $pauth); is_page($page); $cookie = GetCookiesArr($page); if (stripos($page, 'The verification code is incorrect.') !== false) { $data = array(); $data['cookie'] = urlencode(encrypt(CookiesToStr($cookie))); $data['action'] = 'FORM'; if (!$default_acc) { $data['A_encrypted'] = 'true'; $data['up_login'] = urlencode(encrypt($user)); // encrypt() will keep this safe. $data['up_pass'] = urlencode(encrypt($pass)); // And this too. } if (preg_match('@https?://(?:[^/]+\\.)?(?:(?:google\\.com/recaptcha/api)|(?:recaptcha\\.net))/(?:(?:challenge)|(?:noscript))\\?k=([\\w\\.\\-]+)@i', $page, $cpid)) { $data['step'] = '1'; reCAPTCHA($pid[1], $data, 'Login'); } elseif (preg_match('@\\W(auth/captcha\\.html\\?v=\\w+)@i', $page, $cpid)) { $data['step'] = '2'; $imgReq = geturl($domain, 80, '/' . $cpid[1], $referer, $cookie, 0, 0, $_GET['proxy'], $pauth); is_page($imgReq); list($headers, $imgBody) = explode("\r\n\r\n", $imgReq, 2); unset($imgReq); if (substr($headers, 9, 3) != '200') { html_error('Error downloading captcha img.'); } $mimetype = preg_match('@image/[\\w+]+@', $headers, $mimetype) ? $mimetype[0] : 'image/png'; EnterCaptcha("data:{$mimetype};base64," . base64_encode($imgBody), $data, 20, 'Login'); } else { html_error('Login CAPTCHA not found.'); } exit; } is_present($page, 'Incorrect username or password', 'Login Failed: Email/Password incorrect.'); is_present($page, 'You logged in from different country IP', 'Login Failed: Your account was locked for security reasons, to unlock your account check your email.'); if (empty($cookie['c903aeaf0da94d1b365099298d28f38f'])) { html_error('Login Cookie Not Found.'); } if (empty($cookie['sessid'])) { html_error('Session Cookie Not Found.'); } $test = k2s_apireq('test'); if ($test['code'] != 403) { k2s_checkErrors($test, 'Login error'); } else { $page = geturl($domain, 80, '/', $referer . 'login.html', $cookie, 0, 0, $_GET['proxy'], $pauth); is_page($page); is_notpresent($page, '/auth/logout.html">Logout', 'Login Error.'); } SaveCookies($user, $pass); // Update cookies file return true; } if ($_POST['step'] == '1') { if (empty($_POST['recaptcha_response_field'])) { html_error('You didn\'t enter the image verification code.'); } $post['LoginForm%5BverifyCode%5D'] = ''; $post['recaptcha_challenge_field'] = urlencode($_POST['recaptcha_challenge_field']); $post['recaptcha_response_field'] = urlencode($_POST['recaptcha_response_field']); } else { if (empty($_POST['captcha'])) { html_error('You didn\'t enter the image verification code.'); } $post['LoginForm%5BverifyCode%5D'] = urlencode($_POST['captcha']); } $_POST['step'] = false; $cookie = StrToCookies(decrypt(urldecode($_POST['cookie']))); $page = geturl($domain, 80, '/login.html', $referer, $cookie, $post, 0, $_GET['proxy'], $pauth); is_page($page); $cookie = GetCookiesArr($page, $cookie); is_present($page, 'The verification code is incorrect.'); is_present($page, 'Incorrect username or password', 'Login Failed: Email/Password incorrect'); is_present($page, 'You logged in from different country IP', 'Login Failed: Your account was locked for security reasons, to unlock your account check your email'); if (empty($cookie['c903aeaf0da94d1b365099298d28f38f'])) { html_error('Login Cookie Not Found'); } if (empty($cookie['sessid'])) { html_error('Session Cookie Not Found'); } $test = k2s_apireq('test'); if ($test['code'] != 403) { k2s_checkErrors($test, 'Login Error'); } else { $page = geturl($domain, 80, '/', $referer . 'login.html', $cookie, 0, 0, $_GET['proxy'], $pauth); is_page($page); is_notpresent($page, '/auth/logout.html">Logout', 'Login Error'); } SaveCookies($user, $pass); // Update cookies file return true; }
</h2> <input name="url" type="text" placeholder="paste your url here"> <input type="submit" value="shorten"> <br> <div class="g-recaptcha" data-sitekey="<?php echo SITEKEY; ?> "></div> </form> </body> </html> <?php } else { if (reCAPTCHA()) { $url_scheme = parse_url($_POST['url'], PHP_URL_SCHEME); $filt = filter_var($_POST['url'], FILTER_VALIDATE_URL); if ($filt !== false && ($url_scheme == "http" || $url_scheme == "https")) { /**** HUMAN WITH GOOD URL ****/ // generate code $pattern = "abcdefghijklmnopqrstuvwxyz0123456789"; while (true) { $code = ""; for ($i = 0; $i < 6; $i++) { $code .= $pattern[rand(0, 35)]; } if (file_exists("./" . $code)) { continue; } else { break;