lkddi/nexusphp
1
0
Fork 0
mirror of https://github.com/lkddi/nexusphp.git synced 2026-04-03 14:10:57 +08:00
Code Issues Packages Projects Releases Wiki Activity
Files
php8
nexusphp/public/adredir.php
Koala Ng e65c9e4fb1 Update adredir.php 
添加登录检测后再跳转,防止被恶意引用
2025-09-12 18:17:51 +08:00

26 lines
1.0 KiB
PHP
Raw Permalink Blame History

<?php
require "../include/bittorrent.php";
dbconn();
require_once(get_langfile_path());
loggedinorreturn();
parked();
if ($enablead_advertisement != 'yes')
stderr($lang_adredir['std_error'], $lang_adredir['std_ad_system_disabled']);
$id=$_GET['id'] ?? 0;
if (!$id)
stderr($lang_adredir['std_error'], $lang_adredir['std_invalid_ad_id']);
$redir=htmlspecialchars_decode(urldecode($_GET['url']));
if (!$redir)
stderr($lang_adredir['std_error'], $lang_adredir['std_no_redirect_url']);
$adcount=get_row_count("advertisements", "WHERE id=".sqlesc($id));
if (!$adcount)
stderr($lang_adredir['std_error'], $lang_adredir['std_invalid_ad_id']);
if ($adclickbonus_advertisement){
$clickcount=get_row_count("adclicks", "WHERE adid=".sqlesc($id)." AND userid=".sqlesc($CURUSER['id']));
if (!$clickcount)
KPS("+",$adclickbonus_advertisement,$CURUSER['id']);
}
sql_query("INSERT INTO adclicks (adid, userid, added) VALUES (".sqlesc($id).", ".sqlesc($CURUSER['id']).", ".sqlesc(date("Y-m-d H:i:s")).")");
header("Location: $redir");
Reference in New Issue View Git Blame Copy Permalink