Keep track of change date closed #9
This commit is contained in:
Daniel Winzen
@ -33,7 +33,7 @@ const PROMOTEPRICE = 0.025; // Price to promote a site for PROMOTETIME long
|
||||
const PROMOTETIME = 2592000; // Time (in seconds) to promote a site payed with PROMOTEPRICE - 864000 equals 10 days
|
||||
const PER_PAGE = 50; // Sites listed per page
|
||||
const VERSION = '1.1'; // Script version
|
||||
const DBVERSION = 6; // Database layout version
|
||||
const DBVERSION = 7; // Database layout version
|
||||
const REQUIRE_APPROVAL = false; // require admin approval of new sites? true/false
|
||||
const CANONICAL_URL = 'https://onions.danwin1210.me'; // our preferred domain for search engines
|
||||
//Categories - new links will always be put into the first one, leave it to Unsorted
|
||||
@ -86,27 +86,27 @@ function blacklist_scams(string $address, string $content){
|
||||
$cp_scams = ['Wonderful shop', '~ DROP BY TARYAXX ~', 'Magic CP', 'Lolita Club', 'Daft Tadjikskiy Sex Video _ Inductively Fiberless Porno Qom Along With Post Porn Com Numb _ Porn Zdarma', 'xPlay - hosting service for porn videos', 'DARK PRIVATE PACK', 'Good Porn'];
|
||||
//xonions
|
||||
if(strpos($content, '<p class="title"><a href="account.html" title="Asia Holiday">Asia Holiday</a></p>')){
|
||||
$move=$db->prepare("UPDATE onions SET address='', category=15, locked=1, description=CONCAT(description, ' - SCAM') WHERE address = ? AND locked=0;");
|
||||
$move->execute([$address]);
|
||||
$move=$db->prepare("UPDATE onions SET address='', category=15, locked=1, description=CONCAT(description, ' - SCAM'), timechanged=? WHERE address = ? AND locked=0;");
|
||||
$move->execute([time(), $address]);
|
||||
}
|
||||
//raped bitch
|
||||
if(strpos($content, 'rape material uploaded on highspeed servers that don\'t require')){
|
||||
$move=$db->prepare("UPDATE onions SET address='', category=15, locked=1, description=CONCAT(description, ' - SCAM') WHERE address = ? AND locked=0;");
|
||||
$move->execute([$address]);
|
||||
$move=$db->prepare("UPDATE onions SET address='', category=15, locked=1, description=CONCAT(description, ' - SCAM'), timechanged=? WHERE address = ? AND locked=0;");
|
||||
$move->execute([time(), $address]);
|
||||
}
|
||||
//underage cam girl
|
||||
if(strpos($content, 'also have some real underage prostitutes for you')){
|
||||
$move=$db->prepare("UPDATE onions SET address='', category=15, locked=1, description=CONCAT(description, ' - SCAM') WHERE address = ? AND locked=0;");
|
||||
$move->execute([$address]);
|
||||
$move=$db->prepare("UPDATE onions SET address='', category=15, locked=1, description=CONCAT(description, ' - SCAM'), timechanged=? WHERE address = ? AND locked=0;");
|
||||
$move->execute([time(), $address]);
|
||||
}
|
||||
if(preg_match('~<title>(.*?)</title>~s', $content, $matches)){
|
||||
if(in_array($matches[1], $scams, true) || preg_match('~(paypal|weed store|credit card|western union|Market Guns|weedstore|banknotes|porn hacker|hack facebook|hack twitter|hack insta|^amazin(\s|$)|Transfers?|btc generat|counterfeit|Cocaine|gift card|BITCOIN ADDRESS MARKET|mastercard|hidden\swiki|CCShop|bitcoin exploit|Bitcoin Generat|bitcoin x200|bitcoin x100|bitcoin x3|bitxoin x10|stolen bitcoin|galaxyshop|icloudremove|icloud activat|netflix|spotify|clone cc|clone card|cloned card|Preloaded|prepaid|moneygram|Financial Service|Delta Marketplace|apple product|apple shop|apple store|samsung product|apple market|samsung shop|hitman|hitmen|samsung store|samsung phone|Marijuana|deepmarket|drugs? store)~i', $matches[1])){
|
||||
$move=$db->prepare("UPDATE onions SET category=15, locked=1, description=CONCAT(description, ' - SCAM') WHERE address = ? AND locked=0;");
|
||||
$move->execute([$address]);
|
||||
$move=$db->prepare("UPDATE onions SET category=15, locked=1, description=CONCAT(description, ' - SCAM'), timechanged=? WHERE address = ? AND locked=0;");
|
||||
$move->execute([time(), $address]);
|
||||
}
|
||||
if(in_array($matches[1], $cp_scams, true) || preg_match('~(PTHC|Family Porn|Animal Porno|Child Porn|^CP|^Pedo|Underage|^baby|Little Girls|porno child|porn child|loliporn|H.M.M.|preteen|illegal sex|kids? porn|love cp|dog sex|zoo porn|daddy i love you|family love|xonions|best onion porn|onion link porn|^rape|young cam| cp |yespedo|little daughter|OnionDir - Adult|destroyed daughter|Deep-Pedo|hurt boy|child forbidden)~i', $matches[1])){
|
||||
$move=$db->prepare("UPDATE onions SET address='', category=15, locked=1, description=CONCAT(description, ' - SCAM') WHERE address = ? AND locked=0;");
|
||||
$move->execute([$address]);
|
||||
$move=$db->prepare("UPDATE onions SET address='', category=15, locked=1, description=CONCAT(description, ' - SCAM'), timechanged=? WHERE address = ? AND locked=0;");
|
||||
$move->execute([time(), $address]);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -23,12 +23,13 @@ function check(string $link, string $phishing_link){
|
||||
if(!empty($links) && !empty($phishing_links)){
|
||||
$phishings=$db->prepare('INSERT IGNORE INTO ' . PREFIX . 'phishing (onion_id, original) VALUES ((SELECT id FROM onions WHERE md5sum=?), ?);');
|
||||
$select=$db->prepare('SELECT id FROM ' . PREFIX . 'onions WHERE md5sum=?;');
|
||||
$insert=$db->prepare('INSERT INTO ' . PREFIX . 'onions (address, md5sum, timeadded) VALUES (?, ?, ?);');
|
||||
$update=$db->prepare('UPDATE ' . PREFIX . 'onions SET locked=1 WHERE md5sum=?;');
|
||||
$insert=$db->prepare('INSERT INTO ' . PREFIX . 'onions (address, md5sum, timeadded, timechanged) VALUES (?, ?, ?, ?);');
|
||||
$update=$db->prepare('UPDATE ' . PREFIX . 'onions SET locked=1, timechanged=? WHERE md5sum=?;');
|
||||
preg_match_all('~(https?://)?([a-z0-9]*\.)?([a-z2-7]{16}|[a-z2-7]{56}).onion(/[^\s><"]*)?~i', $links, $addr);
|
||||
preg_match_all('~(https?://)?([a-z0-9]*\.)?([a-z2-7]{16}|[a-z2-7]{56}).onion(/[^\s><"]*)?~i', $phishing_links, $phishing_addr);
|
||||
$count=count($addr[3]);
|
||||
if($count===count($phishing_addr[3])){ //only run with same data set
|
||||
$time = time();
|
||||
for($i=0; $i<$count; ++$i){
|
||||
if($addr[3][$i]!==$phishing_addr[3][$i]){
|
||||
$address=strtolower($addr[3][$i]);
|
||||
@ -36,10 +37,10 @@ function check(string $link, string $phishing_link){
|
||||
$md5=md5($phishing_address, true);
|
||||
$select->execute([$md5]);
|
||||
if(!$select->fetch(PDO::FETCH_NUM)){
|
||||
$insert->execute([$phishing_address, $md5, time()]);
|
||||
$insert->execute([$phishing_address, $md5, $time, $time]);
|
||||
}
|
||||
$phishings->execute([$md5, $address]);
|
||||
$update->execute([$md5]);
|
||||
$update->execute([$time, $md5]);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -35,11 +35,13 @@ do {
|
||||
} while ($active && $status == CURLM_OK);
|
||||
$online_stmt=$db->prepare('UPDATE ' . PREFIX . 'onions SET lasttest=?, lastup=lasttest, timediff=0 WHERE md5sum=?');
|
||||
$offline_stmt=$db->prepare('UPDATE ' . PREFIX . 'onions SET lasttest=?, timediff=lasttest-lastup WHERE md5sum=? AND lasttest<?');
|
||||
$desc_online_stmt=$db->prepare('UPDATE ' . PREFIX . 'onions SET description=?, category=0, locked=0 WHERE md5sum=?');
|
||||
$desc_empty_stmt=$db->prepare('UPDATE ' . PREFIX . 'onions SET description=?, category=13, locked=1 WHERE md5sum=?');
|
||||
$error_stmt=$db->prepare('UPDATE ' . PREFIX . 'onions SET category=13 WHERE md5sum=?'); //in case of error, move the address to an error category - edit the category id to fit yours!
|
||||
$desc_online_stmt=$db->prepare('UPDATE ' . PREFIX . 'onions SET description=?, category=0, locked=0, timechanged=? WHERE md5sum=?');
|
||||
$desc_empty_stmt=$db->prepare('UPDATE ' . PREFIX . 'onions SET description=?, category=13, locked=1, timechanged=? WHERE md5sum=?');
|
||||
$error_stmt=$db->prepare('UPDATE ' . PREFIX . 'onions SET category=13, timechanged=? WHERE md5sum=?'); //in case of error, move the address to an error category - edit the category id to fit yours!
|
||||
$phishing_stmt=$db->prepare('INSERT INTO ' . PREFIX . 'phishing (onion_id, original) VALUES (?, ?);');
|
||||
$update_phishing_stmt=$db->prepare('UPDATE ' . PREFIX . 'onions SET locked=1, timechanged=? WHERE md5sum=?;');
|
||||
$db->beginTransaction();
|
||||
$time = time();
|
||||
foreach($curl_handles as $handle){
|
||||
$content = curl_multi_getcontent($handle['handle']);
|
||||
curl_multi_remove_handle($mh, $handle['handle']);
|
||||
@ -54,22 +56,24 @@ foreach($curl_handles as $handle){
|
||||
if(($onion['description']==='' || $onion['description']==='Site hosted by Daniel\'s hosting service') && preg_match('~<title>([^<]+)</title>~i', $content, $match)){
|
||||
$desc=preg_replace("/(\r?\n|\r\n?)/", '<br>', htmlspecialchars(html_entity_decode(trim($match[1]))));
|
||||
if($desc!=='Site hosted by Daniel\'s hosting service'){
|
||||
$desc_online_stmt->execute([$desc, $onion['md5sum']]);
|
||||
$desc_online_stmt->execute([$desc, $onion['md5sum'], $time]);
|
||||
}else{
|
||||
$desc_empty_stmt->execute([$desc, $onion['md5sum']]);
|
||||
$desc_empty_stmt->execute([$desc, $onion['md5sum'], $time]);
|
||||
}
|
||||
}
|
||||
$online_stmt->execute([time(), $onion['md5sum']]);
|
||||
$online_stmt->execute([$time, $onion['md5sum']]);
|
||||
// checks for server errors, to move the address to a dedicated error category
|
||||
if($onion['category']==0 && $http_code>=400){
|
||||
$error_stmt->execute([$onion['md5sum']]);
|
||||
$error_stmt->execute([$onion['md5sum'], $time]);
|
||||
}
|
||||
$stmt->execute([$onion['id']]);
|
||||
if(!$stmt->fetch(PDO::FETCH_NUM)){
|
||||
if(preg_match('~^HTTP/1\.[10] 504 Connect to ([a-z2-7]{16}|[a-z2-7]{56})\.onion(:80)? failed: SOCKS error: host unreachable~', $content, $match)){
|
||||
$phishing_stmt->execute([$onion['id'], $match[2]]);
|
||||
$update_phishing_stmt->execute([$time, $onion['md5sum']]);
|
||||
}elseif(strpos($content, "<body>HttpReadDisconnect('Server disconnected',)</body>")!==false){
|
||||
$phishing_stmt->execute([$onion['id'], '']);
|
||||
$update_phishing_stmt->execute([$time, $onion['md5sum']]);
|
||||
}
|
||||
}
|
||||
if(preg_match('~window\.location\.replace\("http://'.$onion['address'].'.onion/(.*?)"\)~', $content, $matches)){
|
||||
@ -93,11 +97,11 @@ foreach($curl_handles as $handle){
|
||||
$content=curl_exec($ch);
|
||||
}
|
||||
if(preg_match_all('~<meta[^>]+http-equiv="refresh"[^>]+content="(\d+);[^>]*url=([^>"]+)">~', $content, $matches, PREG_SET_ORDER)){
|
||||
$time = null;
|
||||
$wait_time = null;
|
||||
$link_to_check = '';
|
||||
foreach($matches as $match){
|
||||
if($time === null || $time > $match[1]){
|
||||
$time = $match[1];
|
||||
if($wait_time === null || $wait_time > $match[1]){
|
||||
$wait_time = $match[1];
|
||||
$link_to_check = $match[2];
|
||||
}
|
||||
}
|
||||
@ -112,7 +116,7 @@ foreach($curl_handles as $handle){
|
||||
}
|
||||
blacklist_scams($onion['address'], $content);
|
||||
}else{
|
||||
$offline_stmt->execute([time(), $onion['md5sum'], time()]);
|
||||
$offline_stmt->execute([$time, $onion['md5sum'], $time]);
|
||||
}
|
||||
}
|
||||
$db->commit();
|
||||
|
||||
@ -83,19 +83,17 @@ function check_links(array &$onions, $ch, string $link_to_check, bool $scan_chil
|
||||
}
|
||||
|
||||
function add_onions(&$onions, $db){
|
||||
// $update=$db->prepare('UPDATE ' . PREFIX . "onions SET address = '', locked=1, description=CONCAT(description, ' - SCAM'), category=15 WHERE md5sum=? AND address!='';");
|
||||
$stmt=$db->query('SELECT md5sum FROM ' . PREFIX . 'onions;');
|
||||
while($tmp=$stmt->fetch(PDO::FETCH_NUM)){
|
||||
if(isset($onions[$tmp[0]])){
|
||||
unset($onions[$tmp[0]]);
|
||||
// $update->execute($tmp);
|
||||
}
|
||||
}
|
||||
$time=time();
|
||||
$insert=$db->prepare('INSERT INTO ' . PREFIX . 'onions (address, md5sum, timeadded) VALUES (?, ?, ?);');
|
||||
$insert=$db->prepare('INSERT INTO ' . PREFIX . 'onions (address, md5sum, timeadded, timechanged) VALUES (?, ?, ?, ?);');
|
||||
$db->beginTransaction();
|
||||
foreach($onions as $md5=>$addr){
|
||||
$insert->execute([$addr, $md5, $time]);
|
||||
$insert->execute([$addr, $md5, $time, $time]);
|
||||
}
|
||||
$db->commit();
|
||||
}
|
||||
|
||||
@ -14,7 +14,7 @@ $stmt=$db->prepare("SELECT address FROM onions INNER JOIN phishing ON (phishing.
|
||||
$stmt->execute([time()]);
|
||||
$onions=$stmt->fetchAll(PDO::FETCH_ASSOC);
|
||||
|
||||
$stmt=$db->prepare('UPDATE phishing, onions SET phishing.original=? WHERE phishing.onion_id=onions.id AND onions.address=?;');
|
||||
$stmt=$db->prepare('UPDATE phishing, onions SET phishing.original=?, onions.timechanged=? WHERE phishing.onion_id=onions.id AND onions.address=?;');
|
||||
|
||||
//do tests
|
||||
foreach($onions as $onion){
|
||||
@ -23,7 +23,7 @@ foreach($onions as $onion){
|
||||
preg_match('~(https?://)?([a-z0-9]*\.)?([a-z2-7]{16}|[a-z2-7]{56}).onion(/[^\s><"]*)?~i', $site, $addr);
|
||||
if($addr[3]!='' && $addr[3]!==$onion['address']){
|
||||
echo "scam: $onion[address] - original: $addr[3]\n";
|
||||
$stmt->execute([$addr[3], $onion['address']]);
|
||||
$stmt->execute([$addr[3], time(), $onion['address']]);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -6,54 +6,55 @@ try{
|
||||
die('No Connection to MySQL database!');
|
||||
}
|
||||
$stmt=$db->query("SELECT onions.address FROM onions LEFT JOIN phishing ON (phishing.onion_id=onions.id) WHERE onions.address!='' AND onions.category!=15 AND onions.category!=18 AND isnull(phishing.onion_id) LIMIT 2100,10000;");
|
||||
$move=$db->prepare("UPDATE onions SET category=18, locked=1 WHERE address=?;");
|
||||
$move=$db->prepare("UPDATE onions SET category=18, locked=1, timechanged=? WHERE address=?;");
|
||||
$ch=curl_init();
|
||||
set_curl_options($ch);
|
||||
curl_setopt($ch, CURLOPT_HEADER, true);
|
||||
while($tmp=$stmt->fetch(PDO::FETCH_NUM)){
|
||||
curl_setopt($ch, CURLOPT_URL, "http://".gethostbyname("$tmp[0].onion"));
|
||||
while($onion=$stmt->fetch(PDO::FETCH_ASSOC)){
|
||||
curl_setopt($ch, CURLOPT_URL, "http://".gethostbyname("$onion[address].onion"));
|
||||
$response=curl_exec($ch);
|
||||
$curl_info=curl_getinfo($ch);
|
||||
$header_size = $curl_info['header_size'];
|
||||
$header = substr($response, 0, $header_size);
|
||||
$body = substr($response, $header_size);
|
||||
curl_setopt($ch, CURLOPT_URL, "http://$tmp[0].onion");
|
||||
curl_setopt($ch, CURLOPT_URL, "http://$onion[address].onion");
|
||||
$response2=curl_exec($ch);
|
||||
$curl_info2=curl_getinfo($ch);
|
||||
$header_size2 = $curl_info2['header_size'];
|
||||
$header2 = substr($response2, 0, $header_size2);
|
||||
$body2 = substr($response2, $header_size2);
|
||||
echo $tmp[0];
|
||||
echo $onion['address'];
|
||||
$time = time();
|
||||
if(preg_match('~Expires:\sThu,\s19\sNov\s1981\s08:52:00\sGMT\r\n~', $header)){
|
||||
$move->execute($tmp);
|
||||
$move->execute([$time, $onion['address']]);
|
||||
echo " - SCAM - moved";
|
||||
}
|
||||
elseif(preg_match('~Expires: Sat, 17 Jun 2000 12:00:00 GMT\r\n~', $header)){
|
||||
$move->execute($tmp);
|
||||
$move->execute([$time, $onion['address']]);
|
||||
echo " - SCAM - moved";
|
||||
}
|
||||
elseif(preg_match('~Last-Modified:\sWed,\s08\sJun\s1955\s12:00:00\sGMT\r\n~', $header)){
|
||||
$move->execute($tmp);
|
||||
$move->execute([$time, $onion['address']]);
|
||||
echo " - SCAM - moved";
|
||||
}
|
||||
elseif(preg_match('~^HTTP/1\.1\s500\sInternal\sServer\sError\r\n~', $header) && $body==='' && preg_match('~^HTTP/1\.1\s500\sOK\r\n~', $header2)){
|
||||
$move->execute($tmp);
|
||||
$move->execute([$time, $onion['address']]);
|
||||
echo " - SCAM - moved";
|
||||
}
|
||||
elseif(preg_match('~^HTTP/1\.1\s500\sInternal\sServer\sError\r\n~', $header) && $body==='' && preg_match('~Connection:\s\[object\sObject]\r\n~', $header2)){
|
||||
$move->execute($tmp);
|
||||
$move->execute([$time, $onion['address']]);
|
||||
echo " - SCAM - moved";
|
||||
}
|
||||
elseif(preg_match('~^HTTP/1\.1\s200\sOK\r\nServer:\snginx/1\.6\.2~', $header) && $body==='404'){
|
||||
$move->execute($tmp);
|
||||
$move->execute([$time, $onion['address']]);
|
||||
echo " - SCAM - moved";
|
||||
}
|
||||
elseif(preg_match('~^HTTP/1\.1\s302\sFound\r\nLocation:\s/\r\n~', $header) && $body==='Found. Redirecting to /'){
|
||||
$move->execute($tmp);
|
||||
$move->execute([$time, $onion['address']]);
|
||||
echo " - SCAM - moved";
|
||||
}
|
||||
elseif(preg_match('~^HTTP/1\.1\s503\sForwarding\sfailure~', $header)){
|
||||
$move->execute($tmp);
|
||||
$move->execute([$time, $onion['address']]);
|
||||
echo " - SCAM - moved";
|
||||
}
|
||||
echo "\n";
|
||||
|
||||
@ -6,36 +6,36 @@ try{
|
||||
die('No Connection to MySQL database!');
|
||||
}
|
||||
$stmt=$db->query("SELECT onions.address FROM onions LEFT JOIN phishing ON (phishing.onion_id=onions.id) WHERE onions.address!='' AND onions.category!=15 AND isnull(phishing.onion_id) AND timeadded>1506800000;");
|
||||
$move=$db->prepare("UPDATE onions SET category=15, locked=1, description='WARNING - This site will crash your browser with infinite iframes.' WHERE address=?;");
|
||||
while($tmp=$stmt->fetch(PDO::FETCH_NUM)){
|
||||
$move=$db->prepare("UPDATE onions SET category=15, locked=1, description='WARNING - This site will crash your browser with infinite iframes.', timechanged=? WHERE address=?;");
|
||||
while($onion=$stmt->fetch(PDO::FETCH_ASSOC)){
|
||||
$ch=curl_init();
|
||||
set_curl_options($ch);
|
||||
curl_setopt($ch, CURLOPT_HEADER, true);
|
||||
curl_setopt($ch, CURLOPT_NOBODY, true);
|
||||
curl_setopt($ch, CURLOPT_URL, "http://".gethostbyname("$tmp[0].onion"));
|
||||
curl_setopt($ch, CURLOPT_URL, "http://".gethostbyname("$onion[address].onion"));
|
||||
$response=curl_exec($ch);
|
||||
$curl_info=curl_getinfo($ch);
|
||||
$header_size = $curl_info['header_size'];
|
||||
$header = substr($response, 0, $header_size);
|
||||
$body = substr($response, $header_size);
|
||||
curl_close($ch);
|
||||
//if(preg_match('~Location:\s/\r\n~', $header)){
|
||||
echo "$tmp[0].onion";
|
||||
$time = time();
|
||||
echo "$onion[address].onion";
|
||||
if(preg_match("~HTTP/1\.1\s404\sNot\sFound\r\nContent-Type:\stext/plain;\scharset=utf-8\r\nX-Content-Type-Options:\snosniff\r\nDate: .* GMT\r\nContent-Length:\s19~", $header)){
|
||||
echo " - SCAM - moved";
|
||||
$move->execute($tmp);
|
||||
$move->execute([$time, $onion['address']]);
|
||||
}
|
||||
if(preg_match('~Expires:\sThu,\s19\sNov\s1981\s08:52:00\sGMT\r\n~', $header) && $body==='HTTP error'){
|
||||
echo " - SCAM - moved";
|
||||
$move->execute($tmp);
|
||||
$move->execute([$time, $onion['address']]);
|
||||
}
|
||||
if(preg_match('~Expires:\sThu,\s19\sNov\s1981\s08:52:00\sGMT\r\nCache-Control:\sno-store,\sno-cache,\smust-revalidate\r\nPragma: no-cache\r\nServer: anon\r\n~', $header)){
|
||||
echo " - SCAM - moved";
|
||||
$move->execute($tmp);
|
||||
$move->execute([$time, $onion['address']]);
|
||||
}
|
||||
if(preg_match('~Expires:\sThu,\s19\sNov\s1981\s08:52:00\sGMT\r\nCache-Control:\sno-store,\sno-cache,\smust-revalidate\r\nPragma: no-cache\r\ncontent-length: 0\r\n~', $header) && $body!==''){
|
||||
echo " - SCAM - moved";
|
||||
$move->execute($tmp);
|
||||
$move->execute([$time, $onion['address']]);
|
||||
}
|
||||
if(preg_match('~^HTTP/1\.1\s500\sInternal\sServer\sError\r\n~', $header) && $body===''){
|
||||
echo " - SCAM";
|
||||
|
||||
@ -6,15 +6,15 @@ try{
|
||||
die('No Connection to MySQL database!');
|
||||
}
|
||||
$stmt=$db->query("SELECT onions.address FROM onions LEFT JOIN phishing ON (phishing.onion_id=onions.id) WHERE onions.address!='' AND isnull(phishing.onion_id) AND onions.id>22439;");
|
||||
$move=$db->prepare("UPDATE onions SET category=18, locked=1, description='Add injecting phishing clone of an existing site - SCAM' WHERE address=?;");
|
||||
$move=$db->prepare("UPDATE onions SET category=18, locked=1, description='Add injecting phishing clone of an existing site - SCAM', timechanged=? WHERE address=?;");
|
||||
$ch=curl_init();
|
||||
set_curl_options($ch);
|
||||
while($tmp=$stmt->fetch(PDO::FETCH_NUM)){
|
||||
curl_setopt($ch, CURLOPT_URL, "http://".gethostbyname("$tmp[0].onion"));
|
||||
while($onion=$stmt->fetch(PDO::FETCH_ASSOC)){
|
||||
curl_setopt($ch, CURLOPT_URL, "http://".gethostbyname("$onion[address].onion"));
|
||||
$response=curl_exec($ch);
|
||||
if($response==='<!-- <meta http-equiv="refresh"content="0; url=http://o2nlo5zjoxp25kfv.onion"> -->
|
||||
'){
|
||||
$move->execute($tmp);
|
||||
$move->execute([time(), $onion['address']]);
|
||||
echo " - SCAM - moved";
|
||||
}
|
||||
}
|
||||
|
||||
@ -6,31 +6,32 @@ try{
|
||||
die('No Connection to MySQL database!');
|
||||
}
|
||||
$stmt=$db->query("SELECT onions.address FROM onions LEFT JOIN phishing ON (phishing.onion_id=onions.id) WHERE onions.address!='' AND onions.locked=0 AND isnull(phishing.onion_id);");
|
||||
$move=$db->prepare("UPDATE onions SET category=18, locked=1, description='CP - SCAM' WHERE address=?;");
|
||||
while($tmp=$stmt->fetch(PDO::FETCH_NUM)){
|
||||
$move=$db->prepare("UPDATE onions SET category=18, locked=1, description='CP - SCAM', timechanged=? WHERE address=?;");
|
||||
while($onion=$stmt->fetch(PDO::FETCH_ASSOC)){
|
||||
$ch=curl_init();
|
||||
set_curl_options($ch);
|
||||
curl_setopt($ch, CURLOPT_HEADER, true);
|
||||
curl_setopt($ch, CURLOPT_NOBODY, true);
|
||||
curl_setopt($ch, CURLOPT_URL, "http://".gethostbyname("$tmp[0].onion"));
|
||||
curl_setopt($ch, CURLOPT_URL, "http://".gethostbyname("$onion[address].onion"));
|
||||
$response=curl_exec($ch);
|
||||
$curl_info=curl_getinfo($ch);
|
||||
$header_size = $curl_info['header_size'];
|
||||
$header = substr($response, 0, $header_size);
|
||||
$body = substr($response, $header_size);
|
||||
curl_close($ch);
|
||||
echo "$tmp[0].onion";
|
||||
$time = time();
|
||||
echo "$onion[address].onion";
|
||||
if(preg_match('~Last-Modified:\sSat,\s03\sAug\s2019\s15:40:54\sGMT\r\n~', $header)){
|
||||
echo " - SCAM - moved";
|
||||
$move->execute($tmp);
|
||||
$move->execute([$time, $onion['address']]);
|
||||
}
|
||||
if(preg_match('~Last-Modified:\sWed,\s03\sJul\s2019\s19:53:24\sGMT\r\n~', $header)){
|
||||
echo " - SCAM - moved";
|
||||
$move->execute($tmp);
|
||||
$move->execute([$time, $onion['address']]);
|
||||
}
|
||||
if(preg_match('~Last-Modified:\sTue,\s30\sJul\s2019\s19:11:00\sGMT\r\n~', $header)){
|
||||
echo " - SCAM - moved";
|
||||
$move->execute($tmp);
|
||||
$move->execute([$time, $onion['address']]);
|
||||
}
|
||||
echo "\n";
|
||||
}
|
||||
|
||||
@ -6,23 +6,23 @@ try{
|
||||
die('No Connection to MySQL database!');
|
||||
}
|
||||
$stmt=$db->query("SELECT onions.address FROM onions LEFT JOIN phishing ON (phishing.onion_id=onions.id) WHERE onions.address!='' AND onions.locked=0 AND isnull(phishing.onion_id);");
|
||||
$move=$db->prepare("UPDATE onions SET category=18, locked=1, description='Part of scam network - SCAM' WHERE address=?;");
|
||||
while($tmp=$stmt->fetch(PDO::FETCH_NUM)){
|
||||
$move=$db->prepare("UPDATE onions SET category=18, locked=1, description='Part of scam network - SCAM', timechanged=? WHERE address=?;");
|
||||
while($onion=$stmt->fetch(PDO::FETCH_ASSOC)){
|
||||
$ch=curl_init();
|
||||
set_curl_options($ch);
|
||||
curl_setopt($ch, CURLOPT_HEADER, true);
|
||||
curl_setopt($ch, CURLOPT_NOBODY, true);
|
||||
curl_setopt($ch, CURLOPT_URL, "http://".gethostbyname("$tmp[0].onion"));
|
||||
curl_setopt($ch, CURLOPT_URL, "http://".gethostbyname("$onion[address].onion"));
|
||||
$response=curl_exec($ch);
|
||||
$curl_info=curl_getinfo($ch);
|
||||
$header_size = $curl_info['header_size'];
|
||||
$header = substr($response, 0, $header_size);
|
||||
$body = substr($response, $header_size);
|
||||
curl_close($ch);
|
||||
echo "$tmp[0].onion";
|
||||
echo "$onion[address].onion";
|
||||
if(preg_match('~Last-Modified:\sFri,\s21\sDec\s2018\s17:30:54\sGMT\r\n~', $header)){
|
||||
echo " - SCAM - moved";
|
||||
$move->execute($tmp);
|
||||
$move->execute([time(), $onion['address']]);
|
||||
}
|
||||
echo "\n";
|
||||
}
|
||||
|
||||
@ -6,23 +6,23 @@ try{
|
||||
die('No Connection to MySQL database!');
|
||||
}
|
||||
$stmt=$db->query("SELECT onions.address FROM onions LEFT JOIN phishing ON (phishing.onion_id=onions.id) WHERE onions.address!='' AND onions.locked=0 AND isnull(phishing.onion_id);");
|
||||
$move=$db->prepare("UPDATE onions SET category=18, locked=1, description='Part of scam network - SCAM' WHERE address=?;");
|
||||
while($tmp=$stmt->fetch(PDO::FETCH_NUM)){
|
||||
$move=$db->prepare("UPDATE onions SET category=18, locked=1, description='Part of scam network - SCAM', timechanged=? WHERE address=?;");
|
||||
while($onion=$stmt->fetch(PDO::FETCH_ASSOC)){
|
||||
$ch=curl_init();
|
||||
set_curl_options($ch);
|
||||
curl_setopt($ch, CURLOPT_HEADER, true);
|
||||
curl_setopt($ch, CURLOPT_NOBODY, true);
|
||||
curl_setopt($ch, CURLOPT_URL, "http://".gethostbyname("$tmp[0].onion"));
|
||||
curl_setopt($ch, CURLOPT_URL, "http://".gethostbyname("$onion[address].onion"));
|
||||
$response=curl_exec($ch);
|
||||
$curl_info=curl_getinfo($ch);
|
||||
$header_size = $curl_info['header_size'];
|
||||
$header = substr($response, 0, $header_size);
|
||||
$body = substr($response, $header_size);
|
||||
curl_close($ch);
|
||||
echo "$tmp[0].onion";
|
||||
echo "$onion[address].onion";
|
||||
if(preg_match('~HTTP/1.1\s302\sFound\r\nLocation:.*\r\nContent-type:\stext/html;\scharset=UTF-8\r\nDate:.*\r\nServer:\slighttpd/1\.4\.45\sGMT\r\n~', $header)){
|
||||
echo " - SCAM - moved";
|
||||
$move->execute($tmp);
|
||||
$move->execute([time(), $onion['address']]);
|
||||
}
|
||||
echo "\n";
|
||||
}
|
||||
|
||||
@ -5,9 +5,9 @@ try{
|
||||
}catch(PDOException $e){
|
||||
die('No Connection to MySQL database!');
|
||||
}
|
||||
$stmt=$db->prepare("SELECT null FROM onions WHERE address = ?;");
|
||||
$move=$db->prepare("UPDATE onions SET category=18, locked=1, description=CONCAT(description, ' - Part of scam network - SCAM') WHERE address = ? AND locked=0;");
|
||||
$insert=$db->prepare('INSERT INTO onions (address, md5sum, timeadded, locked, description, category) VALUES (?, ?, ?, 1, "Part of scam network - SCAM", 18);');
|
||||
$stmt=$db->prepare("SELECT null FROM onions WHERE md5sum = ?;");
|
||||
$move=$db->prepare("UPDATE onions SET category=18, locked=1, description=CONCAT(description, ' - Part of scam network - SCAM'), timechanged=? WHERE md5sum = ? AND locked=0;");
|
||||
$insert=$db->prepare('INSERT INTO onions (address, md5sum, timeadded, locked, description, category, timechanged) VALUES (?, ?, ?, 1, "Part of scam network - SCAM", 18, ?);');
|
||||
for($i = 1; $i < 213; ++$i){
|
||||
$ch=curl_init();
|
||||
set_curl_options($ch);
|
||||
@ -21,12 +21,15 @@ for($i = 1; $i < 213; ++$i){
|
||||
$body = substr($response, $header_size);
|
||||
curl_close($ch);
|
||||
if(preg_match('~(https?://)?([a-z0-9]*\.)?([a-z2-7]{16}|[a-z2-7]{56}).onion(/[^\s><"]*)?~i', $header, $addr)){
|
||||
$time = time();
|
||||
$onion_addr = strtolower($addr[3]);
|
||||
$md5 = md5($onion_addr, true);
|
||||
$stmt->execute([$addr[3]]);
|
||||
if($stmt->fetch()){
|
||||
$move->execute([$addr[3]]);
|
||||
$move->execute([$time, $md5]);
|
||||
echo "SCAM - moved - $addr[3] - ";
|
||||
}else{
|
||||
$insert->execute([$addr[3], md5($addr[3], true), time()]);
|
||||
$insert->execute([$addr[3], $md5, $time, $time]);
|
||||
echo "SCAM - added - $addr[3] - ";
|
||||
}
|
||||
}
|
||||
|
||||
@ -51,7 +51,7 @@ try{
|
||||
if(!@$db->query('SELECT * FROM ' . PREFIX . 'settings LIMIT 1;')){
|
||||
//create tables
|
||||
$db->exec('CREATE TABLE ' . PREFIX . "captcha (id int(10) UNSIGNED NOT NULL PRIMARY KEY AUTO_INCREMENT, time int(10) UNSIGNED NOT NULL, code char(5) NOT NULL) ENGINE=MEMORY;");
|
||||
$db->exec('CREATE TABLE ' . PREFIX . "onions (id int(10) UNSIGNED NOT NULL PRIMARY KEY AUTO_INCREMENT, address varchar(56) CHARACTER SET latin1 COLLATE latin1_general_ci NOT NULL, md5sum binary(16) NOT NULL UNIQUE, lasttest int(10) UNSIGNED NOT NULL DEFAULT '0', lastup int(10) UNSIGNED NOT NULL DEFAULT '0', timediff int(10) UNSIGNED NOT NULL DEFAULT '0', timeadded int(10) UNSIGNED NOT NULL DEFAULT '0', description text CHARACTER SET utf8mb4 NOT NULL, category smallint(6) NOT NULL DEFAULT '0', locked smallint(6) NOT NULL DEFAULT '0', special int(10) UNSIGNED NOT NULL DEFAULT '0', approved smallint(6) NOT NULL DEFAULT '0', INDEX(address), INDEX(lasttest), INDEX(timediff), INDEX(category), INDEX(special));");
|
||||
$db->exec('CREATE TABLE ' . PREFIX . "onions (id int(10) UNSIGNED NOT NULL PRIMARY KEY AUTO_INCREMENT, address varchar(56) CHARACTER SET latin1 COLLATE latin1_general_ci NOT NULL, md5sum binary(16) NOT NULL UNIQUE, lasttest int(10) UNSIGNED NOT NULL DEFAULT '0', lastup int(10) UNSIGNED NOT NULL DEFAULT '0', timediff int(10) UNSIGNED NOT NULL DEFAULT '0', timeadded int(10) UNSIGNED NOT NULL DEFAULT '0', description text CHARACTER SET utf8mb4 NOT NULL, category smallint(6) NOT NULL DEFAULT '0', locked smallint(6) NOT NULL DEFAULT '0', special int(10) UNSIGNED NOT NULL DEFAULT '0', approved smallint(6) NOT NULL DEFAULT '0', timechanged int(10) UNSIGNED NOT NULL DEFAULT '0', INDEX(address), INDEX(lasttest), INDEX(timediff), INDEX(category), INDEX(special), INDEX(timechanged));");
|
||||
$db->exec('CREATE TABLE ' . PREFIX . 'phishing (onion_id int(10) UNSIGNED NOT NULL PRIMARY KEY, original varchar(56) CHARACTER SET latin1 COLLATE latin1_general_ci NOT NULL, FOREIGN KEY (onion_id) REFERENCES onions(id) ON DELETE CASCADE ON UPDATE CASCADE);');
|
||||
$db->exec('CREATE TABLE ' . PREFIX . 'settings (setting varchar(50) NOT NULL PRIMARY KEY, value varchar(20000) NOT NULL);');
|
||||
$stmt=$db->prepare('INSERT INTO ' . PREFIX . "settings (setting, value) VALUES ('version', ?);");
|
||||
@ -92,6 +92,9 @@ if(!@$db->query('SELECT * FROM ' . PREFIX . 'settings LIMIT 1;')){
|
||||
if($version < 6){
|
||||
$db->exec('ALTER TABLE ' . PREFIX . "onions ADD approved smallint(6) NOT NULL DEFAULT '0';");
|
||||
}
|
||||
if($version < 7){
|
||||
$db->exec('ALTER TABLE ' . PREFIX . "onions ADD timechanged int(10) UNSIGNED NOT NULL DEFAULT '0';");
|
||||
}
|
||||
$stmt=$db->prepare('UPDATE ' . PREFIX . "settings SET value=? WHERE setting='version';");
|
||||
$stmt->execute([DBVERSION]);
|
||||
echo "$I[statusok]\n";
|
||||
|
||||
213
www/admin.php
213
www/admin.php
@ -19,7 +19,7 @@ asort($categories);
|
||||
<meta name="robots" content="noindex">
|
||||
<link rel="canonical" href="<?php echo CANONICAL_URL . $_SERVER['SCRIPT_NAME']; ?>">
|
||||
<style type="text/css"><?php echo $style; ?></style>
|
||||
</head><body>
|
||||
</head><body><main>
|
||||
<h1><?php echo $I['admintitle']; ?></h1>
|
||||
<?php
|
||||
print_langs();
|
||||
@ -35,6 +35,110 @@ if(!isset($_POST['pass']) || $_POST['pass']!==ADMINPASS){
|
||||
echo "<p class=\"red\" role=\"alert\">$I[wrongpass]</p>";
|
||||
}
|
||||
}else{
|
||||
$msg = '';
|
||||
$category=count($categories);
|
||||
if(isset($_REQUEST['cat']) && $_REQUEST['cat']<count($categories) && $_REQUEST['cat']>=0){
|
||||
$category=$_REQUEST['cat'];
|
||||
}
|
||||
if(!empty($_POST['addr'])){
|
||||
$addrs = is_array($_POST['addr']) ? $_POST['addr'] : [$_POST['addr']];
|
||||
foreach ($addrs as $addr_single) {
|
||||
if ( ! preg_match( '~(^(https?://)?([a-z2-7]{16}|[a-z2-7]{56})(\.onion(/.*)?)?$)~i', trim( $addr_single ), $addr ) ) {
|
||||
$msg .= "<p class=\"red\" role=\"alert\">$I[invalonion]</p>";
|
||||
} else {
|
||||
$addr = strtolower( $addr[ 3 ] );
|
||||
$md5 = md5( $addr, true );
|
||||
if ( $_POST[ 'action' ] === $I[ 'remove' ] ) { //remove address from public display
|
||||
$db->prepare( 'UPDATE ' . PREFIX . "onions SET address='', locked=1, approved=-1, timechanged=? WHERE md5sum=?;" )->execute( [ time(), $md5 ] );
|
||||
$msg .= "<p class=\"green\" role=\"alert\">$I[succremove]</p>";
|
||||
} elseif ( $_POST[ 'action' ] === $I[ 'lock' ] ) { //lock editing
|
||||
$db->prepare( 'UPDATE ' . PREFIX . 'onions SET locked=1, approved=1, timechanged=? WHERE md5sum=?;' )->execute( [ time(), $md5 ] );
|
||||
$msg .= "<p class=\"green\"> role=\"alert\"$I[succlock]</p>";
|
||||
} elseif ( $_POST[ 'action' ] === $I[ 'readd' ] ) { //add onion back, if previously removed
|
||||
$db->prepare( 'UPDATE ' . PREFIX . 'onions SET address=?, locked=1, approved=1, timechanged=? WHERE md5sum=?;' )->execute( [ $addr, time(), $md5 ] );
|
||||
$msg .= "<p class=\"green\" role=\"alert\">$I[succreadd]</p>";
|
||||
} elseif ( $_POST[ 'action' ] === $I[ 'unlock' ] ) { //unlock editing
|
||||
$db->prepare( 'UPDATE ' . PREFIX . 'onions SET locked=0, approved=1, timechanged=? WHERE md5sum=?;' )->execute( [ time(), $md5 ] );
|
||||
$msg .= "<p class=\"green\" role=\"alert\">$I[succunlock]</p>";
|
||||
} elseif ( $_POST[ 'action' ] === $I[ 'promote' ] ) { //promote link for payed time
|
||||
$stmt = $db->prepare( 'SELECT special FROM ' . PREFIX . 'onions WHERE md5sum=?;' );
|
||||
$stmt->execute( [ $md5 ] );
|
||||
$specialtime = $stmt->fetch( PDO::FETCH_NUM );
|
||||
if ( $specialtime[ 0 ] < time() ) {
|
||||
$time = time() + ( ( $_POST[ 'btc' ] / PROMOTEPRICE ) * PROMOTETIME );
|
||||
} else {
|
||||
$time = $specialtime[ 0 ] + ( ( $_POST[ 'btc' ] / PROMOTEPRICE ) * PROMOTETIME );
|
||||
}
|
||||
$db->prepare( 'UPDATE ' . PREFIX . 'onions SET special=?, locked=1, approved=1, timechanged=? WHERE md5sum=?;' )->execute( [ $time, time(), $md5 ] );
|
||||
$msg .= sprintf( "<p class=\"green\" role=\"alert\">$I[succpromote]</p>", date( 'Y-m-d H:i', $time ) );
|
||||
} elseif ( $_POST[ 'action' ] === $I[ 'unpromote' ] ) { //remove promoted status
|
||||
$db->prepare( 'UPDATE ' . PREFIX . 'onions SET special=0, timechanged=? WHERE md5sum=?;' )->execute( [ time(), $md5 ] );
|
||||
$msg .= "<p class=\"green\" role=\"alert\">$I[succunpromote]</p>";
|
||||
} elseif ( $_POST[ 'action' ] === $I[ 'update' ] ) { //update description
|
||||
$stmt = $db->prepare( 'SELECT * FROM ' . PREFIX . 'onions WHERE md5sum=?;' );
|
||||
$stmt->execute( [ $md5 ] );
|
||||
if ( $category === count( $categories ) ) {
|
||||
$category = 0;
|
||||
}
|
||||
if ( ! isset( $_POST[ 'desc' ] ) ) {
|
||||
$desc = '';
|
||||
} else {
|
||||
$desc = trim( $_POST[ 'desc' ] );
|
||||
$desc = htmlspecialchars( $desc );
|
||||
$desc = preg_replace( "/(\r?\n|\r\n?)/", '<br>', $desc );
|
||||
}
|
||||
if ( ! $stmt->fetch( PDO::FETCH_ASSOC ) ) { //not yet there, add it
|
||||
$stmt = $db->prepare( 'INSERT INTO ' . PREFIX . 'onions (address, description, md5sum, category, timeadded, locked, approved, timechanged) VALUES (?, ?, ?, ?, ?, 1, 1, ?);' );
|
||||
$stmt->execute( [ $addr, $desc, $md5, $category, time(), time() ] );
|
||||
$msg .= "<p class=\"green\" role=\"alert\">$I[succadd]</p>";
|
||||
} elseif ( $desc != '' ) { //update description+category
|
||||
$stmt = $db->prepare( 'UPDATE ' . PREFIX . 'onions SET description=?, category=?, locked=1, approved=1, timechanged=? WHERE md5sum=?;' );
|
||||
$stmt->execute( [ $desc, $category, time(), $md5 ] );
|
||||
$msg .= "<p class=\"green\" role=\"alert\">$I[succupddesc]</p>";
|
||||
} elseif ( $category != 0 ) { //only update category
|
||||
$stmt = $db->prepare( 'UPDATE ' . PREFIX . 'onions SET category=?, locked=1, approved=1, timechanged=? WHERE md5sum=?;' );
|
||||
$stmt->execute( [ $category, time(), $md5 ] );
|
||||
$msg .= "<p class=\"green\" role=\"alert\">$I[succupdcat]!</p>";
|
||||
} else { //no description or category change and already known
|
||||
$msg .= "<p class=\"green\" role=\"alert\">$I[alreadyknown]</p>";
|
||||
}
|
||||
} elseif ( $_POST[ 'action' ] === $I[ 'phishing' ] ) {//mark as phishing clone
|
||||
if ( $_POST[ 'original' ] !== '' && ! preg_match( '~(^(https?://)?([a-z2-7]{16}|[a-z2-7]{56})(\.onion(/.*)?)?$)~i', $_POST[ 'original' ], $orig ) ) {
|
||||
$msg .= "<p class=\"red\" role=\"alert\">$I[invalonion]</p>";
|
||||
} else {
|
||||
if ( isset( $orig[ 3 ] ) ) {
|
||||
$orig = strtolower( $orig[ 3 ] );
|
||||
} else {
|
||||
$orig = '';
|
||||
}
|
||||
if ( $orig !== $addr ) {
|
||||
$stmt = $db->prepare( 'INSERT INTO ' . PREFIX . 'phishing (onion_id, original) VALUES ((SELECT id FROM ' . PREFIX . 'onions WHERE address=?), ?);' );
|
||||
$stmt->execute( [ $addr, $orig ] );
|
||||
$stmt = $db->prepare( 'UPDATE ' . PREFIX . 'onions SET locked=1, approved=1, timechanged=? WHERE address=?;' );
|
||||
$stmt->execute( [ time(), $addr ] );
|
||||
$msg .= "<p class=\"green\" role=\"alert\">$I[succaddphish]</p>";
|
||||
} else {
|
||||
$msg .= "<p class=\"red\" role=\"alert\">$I[samephish]</p>";
|
||||
}
|
||||
}
|
||||
} elseif ( $_POST[ 'action' ] === $I[ 'unphishing' ] ) { //remove phishing clone status
|
||||
$stmt = $db->prepare( 'DELETE FROM ' . PREFIX . 'phishing WHERE onion_id=(SELECT id FROM ' . PREFIX . 'onions WHERE address=?);' );
|
||||
$stmt->execute( [ $addr ] );
|
||||
$stmt = $db->prepare( 'UPDATE ' . PREFIX . 'onions SET locked=1, approved=1, timechanged=? WHERE address=?;' );
|
||||
$stmt->execute( [ time(), $addr ] );
|
||||
$msg .= "<p class=\"green\" role=\"alert\">$I[succrmphish]</p>";
|
||||
} elseif ( $_POST[ 'action' ] === $I[ 'reject' ] ) { //lock editing
|
||||
$db->prepare( 'UPDATE ' . PREFIX . 'onions SET approved=-1, timechanged=? WHERE md5sum=?;' )->execute( [ time(), $md5 ] );
|
||||
$msg .= "<p class=\"green\" role=\"alert\">$I[succreject]</p>";
|
||||
} elseif ( $_POST[ 'action' ] === $I[ 'approve' ] ) { //lock editing
|
||||
$db->prepare( 'UPDATE ' . PREFIX . 'onions SET approved=1, timechanged=? WHERE md5sum=?;' )->execute( [ time(), $md5 ] );
|
||||
$msg .= "<p class=\"green\" role=\"alert\">$I[succapprove]</p>";
|
||||
} else { //no specific button was pressed
|
||||
$msg .= "<p class=\"red\" role=\"alert\">$I[noaction]</p>";
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
$view_mode = isset($_POST['view_mode']) ? $_POST['view_mode'] : 'single';
|
||||
if(isset($_POST['switch_view_mode'])){
|
||||
$view_mode = $view_mode === 'single' ? 'multi' : 'single';
|
||||
@ -89,12 +193,6 @@ if(!isset($_POST['pass']) || $_POST['pass']!==ADMINPASS){
|
||||
}
|
||||
}
|
||||
echo '</textarea></p>';
|
||||
if(isset($_REQUEST['cat']) && $_REQUEST['cat']<count($categories) && $_REQUEST['cat']>=0){
|
||||
$category=$_REQUEST['cat'];
|
||||
}
|
||||
if(!isset($category)){
|
||||
$category=count($categories);
|
||||
}
|
||||
echo "<p><label>$I[category]: <select name=\"cat\">";
|
||||
foreach($categories as $cat=>$name){
|
||||
echo "<option value=\"$cat\"";
|
||||
@ -123,105 +221,8 @@ if(!isset($_POST['pass']) || $_POST['pass']!==ADMINPASS){
|
||||
}
|
||||
echo '</div></div>';
|
||||
echo '</form><br>';
|
||||
|
||||
if(!empty($_POST['addr'])){
|
||||
$addrs = is_array($_POST['addr']) ? $_POST['addr'] : [$_POST['addr']];
|
||||
foreach ($addrs as $addr_single) {
|
||||
if ( ! preg_match( '~(^(https?://)?([a-z2-7]{16}|[a-z2-7]{56})(\.onion(/.*)?)?$)~i', trim( $addr_single ), $addr ) ) {
|
||||
echo "<p class=\"red\" role=\"alert\">$I[invalonion]</p>";
|
||||
} else {
|
||||
$addr = strtolower( $addr[ 3 ] );
|
||||
$md5 = md5( $addr, true );
|
||||
if ( $_POST[ 'action' ] === $I[ 'remove' ] ) { //remove address from public display
|
||||
$db->prepare( 'UPDATE ' . PREFIX . "onions SET address='', locked=1, approved=-1 WHERE md5sum=?;" )->execute( [ $md5 ] );
|
||||
echo "<p class=\"green\" role=\"alert\">$I[succremove]</p>";
|
||||
} elseif ( $_POST[ 'action' ] === $I[ 'lock' ] ) { //lock editing
|
||||
$db->prepare( 'UPDATE ' . PREFIX . 'onions SET locked=1, approved=1 WHERE md5sum=?;' )->execute( [ $md5 ] );
|
||||
echo "<p class=\"green\"> role=\"alert\"$I[succlock]</p>";
|
||||
} elseif ( $_POST[ 'action' ] === $I[ 'readd' ] ) { //add onion back, if previously removed
|
||||
$db->prepare( 'UPDATE ' . PREFIX . 'onions SET address=?, locked=1, approved=1 WHERE md5sum=?;' )->execute( [ $addr, $md5 ] );
|
||||
echo "<p class=\"green\" role=\"alert\">$I[succreadd]</p>";
|
||||
} elseif ( $_POST[ 'action' ] === $I[ 'unlock' ] ) { //unlock editing
|
||||
$db->prepare( 'UPDATE ' . PREFIX . 'onions SET locked=0, approved=1 WHERE md5sum=?;' )->execute( [ $md5 ] );
|
||||
echo "<p class=\"green\" role=\"alert\">$I[succunlock]</p>";
|
||||
} elseif ( $_POST[ 'action' ] === $I[ 'promote' ] ) { //promote link for payed time
|
||||
$stmt = $db->prepare( 'SELECT special FROM ' . PREFIX . 'onions WHERE md5sum=?;' );
|
||||
$stmt->execute( [ $md5 ] );
|
||||
$specialtime = $stmt->fetch( PDO::FETCH_NUM );
|
||||
if ( $specialtime[ 0 ] < time() ) {
|
||||
$time = time() + ( ( $_POST[ 'btc' ] / PROMOTEPRICE ) * PROMOTETIME );
|
||||
} else {
|
||||
$time = $specialtime[ 0 ] + ( ( $_POST[ 'btc' ] / PROMOTEPRICE ) * PROMOTETIME );
|
||||
}
|
||||
$db->prepare( 'UPDATE ' . PREFIX . 'onions SET special=?, locked=1, approved=1 WHERE md5sum=?;' )->execute( [ $time, $md5 ] );
|
||||
printf( "<p class=\"green\" role=\"alert\">$I[succpromote]</p>", date( 'Y-m-d H:i', $time ) );
|
||||
} elseif ( $_POST[ 'action' ] === $I[ 'unpromote' ] ) { //remove promoted status
|
||||
$db->prepare( 'UPDATE ' . PREFIX . 'onions SET special=0 WHERE md5sum=?;' )->execute( [ $md5 ] );
|
||||
echo "<p class=\"green\" role=\"alert\">$I[succunpromote]</p>";
|
||||
} elseif ( $_POST[ 'action' ] === $I[ 'update' ] ) { //update description
|
||||
$stmt = $db->prepare( 'SELECT * FROM ' . PREFIX . 'onions WHERE md5sum=?;' );
|
||||
$stmt->execute( [ $md5 ] );
|
||||
if ( $category === count( $categories ) ) {
|
||||
$category = 0;
|
||||
}
|
||||
if ( ! isset( $_POST[ 'desc' ] ) ) {
|
||||
$desc = '';
|
||||
} else {
|
||||
$desc = trim( $_POST[ 'desc' ] );
|
||||
$desc = htmlspecialchars( $desc );
|
||||
$desc = preg_replace( "/(\r?\n|\r\n?)/", '<br>', $desc );
|
||||
}
|
||||
if ( ! $stmt->fetch( PDO::FETCH_ASSOC ) ) { //not yet there, add it
|
||||
$stmt = $db->prepare( 'INSERT INTO ' . PREFIX . 'onions (address, description, md5sum, category, timeadded, locked, approved) VALUES (?, ?, ?, ?, ?, 1, 1);' );
|
||||
$stmt->execute( [ $addr, $desc, $md5, $category, time() ] );
|
||||
echo "<p class=\"green\" role=\"alert\">$I[succadd]</p>";
|
||||
} elseif ( $desc != '' ) { //update description+category
|
||||
$stmt = $db->prepare( 'UPDATE ' . PREFIX . 'onions SET description=?, category=?, locked=1, approved=1 WHERE md5sum=?;' );
|
||||
$stmt->execute( [ $desc, $category, $md5 ] );
|
||||
echo "<p class=\"green\" role=\"alert\">$I[succupddesc]</p>";
|
||||
} elseif ( $category != 0 ) { //only update category
|
||||
$stmt = $db->prepare( 'UPDATE ' . PREFIX . 'onions SET category=?, locked=1, approved=1 WHERE md5sum=?;' );
|
||||
$stmt->execute( [ $category, $md5 ] );
|
||||
echo "<p class=\"green\" role=\"alert\">$I[succupdcat]!</p>";
|
||||
} else { //no description or category change and already known
|
||||
echo "<p class=\"green\" role=\"alert\">$I[alreadyknown]</p>";
|
||||
}
|
||||
} elseif ( $_POST[ 'action' ] === $I[ 'phishing' ] ) {//mark as phishing clone
|
||||
if ( $_POST[ 'original' ] !== '' && ! preg_match( '~(^(https?://)?([a-z2-7]{16}|[a-z2-7]{56})(\.onion(/.*)?)?$)~i', $_POST[ 'original' ], $orig ) ) {
|
||||
echo "<p class=\"red\" role=\"alert\">$I[invalonion]</p>";
|
||||
} else {
|
||||
if ( isset( $orig[ 3 ] ) ) {
|
||||
$orig = strtolower( $orig[ 3 ] );
|
||||
} else {
|
||||
$orig = '';
|
||||
}
|
||||
if ( $orig !== $addr ) {
|
||||
$stmt = $db->prepare( 'INSERT INTO ' . PREFIX . 'phishing (onion_id, original) VALUES ((SELECT id FROM ' . PREFIX . 'onions WHERE address=?), ?);' );
|
||||
$stmt->execute( [ $addr, $orig ] );
|
||||
$stmt = $db->prepare( 'UPDATE ' . PREFIX . 'onions SET locked=1, approved=1 WHERE address=?;' );
|
||||
$stmt->execute( [ $addr ] );
|
||||
echo "<p class=\"green\" role=\"alert\">$I[succaddphish]</p>";
|
||||
} else {
|
||||
echo "<p class=\"red\" role=\"alert\">$I[samephish]</p>";
|
||||
}
|
||||
}
|
||||
} elseif ( $_POST[ 'action' ] === $I[ 'unphishing' ] ) { //remove phishing clone status
|
||||
$stmt = $db->prepare( 'DELETE FROM ' . PREFIX . 'phishing WHERE onion_id=(SELECT id FROM ' . PREFIX . 'onions WHERE address=?);' );
|
||||
$stmt->execute( [ $addr ] );
|
||||
echo "<p class=\"green\" role=\"alert\">$I[succrmphish]</p>";
|
||||
} elseif ( $_POST[ 'action' ] === $I[ 'reject' ] ) { //lock editing
|
||||
$db->prepare( 'UPDATE ' . PREFIX . 'onions SET approved=-1 WHERE md5sum=?;' )->execute( [ $md5 ] );
|
||||
echo "<p class=\"green\" role=\"alert\">$I[succreject]</p>";
|
||||
} elseif ( $_POST[ 'action' ] === $I[ 'approve' ] ) { //lock editing
|
||||
$db->prepare( 'UPDATE ' . PREFIX . 'onions SET approved=1 WHERE md5sum=?;' )->execute( [ $md5 ] );
|
||||
echo "<p class=\"green\" role=\"alert\">$I[succapprove]</p>";
|
||||
} else { //no specific button was pressed
|
||||
echo "<p class=\"red\" role=\"alert\">$I[noaction]</p>";
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
echo $msg;
|
||||
}
|
||||
?>
|
||||
<br><p class="software-link"><a target="_blank" href="https://github.com/DanWin/onion-link-list" rel="noopener">Onion Link List - <?php echo VERSION; ?></a></p>
|
||||
</body></html>
|
||||
</main></body></html>
|
||||
|
||||
@ -74,12 +74,10 @@ function send_html(){
|
||||
echo '<link rel="canonical" href="' . CANONICAL_URL . $_SERVER['SCRIPT_NAME'] . (empty($_SERVER['QUERY_STRING']) ? '' : '?' . $_SERVER['QUERY_STRING']) . '">';
|
||||
echo '<style type="text/css">'.$style.'</style>';
|
||||
echo '<base rel="noopener" target="_blank">';
|
||||
echo '</head><body>';
|
||||
echo '</head><body><main>';
|
||||
echo "<h1>$I[title]</h1>";
|
||||
if(!isset($db)){
|
||||
echo "<p><b class=\"red\">$I[error]:</b> $I[nodb]</p>";
|
||||
echo '</body></html>';
|
||||
exit;
|
||||
send_error("<b>$I[error]:</b> $I[nodb]");
|
||||
}
|
||||
echo '<p>I\'m not responsible for any content of websites linked here. 99% of darkweb sites selling anything are scams. Be careful and use your brain. Every week I get 2-5 E-Mails from people that were desperate to make money and fell for scammers, don\'t be one of them!</p>';
|
||||
//update onions description form
|
||||
@ -246,18 +244,18 @@ function send_html(){
|
||||
$desc=preg_replace("/(\r?\n|\r\n?)/", '<br>', $desc);
|
||||
}
|
||||
if(!$stmt->fetch(PDO::FETCH_BOUND)){//new link, add to database
|
||||
$stmt=$db->prepare('INSERT INTO ' . PREFIX . 'onions (address, description, md5sum, category, timeadded) VALUES (?, ?, ?, ?, ?);');
|
||||
$stmt->execute([$addr, $desc, $md5, $category, time()]);
|
||||
$stmt=$db->prepare('INSERT INTO ' . PREFIX . 'onions (address, description, md5sum, category, timeadded, timechanged) VALUES (?, ?, ?, ?, ?, ?);');
|
||||
$stmt->execute([$addr, $desc, $md5, $category, time(), time()]);
|
||||
echo "<p class=\"green\" role=\"alert\">$I[succadd]</p>";
|
||||
}elseif($locked==1){//locked, not editable
|
||||
echo "<p class=\"red\" role=\"alert\">$I[faillocked]</p>";
|
||||
}elseif($desc!==''){//update description
|
||||
$stmt=$db->prepare('UPDATE ' . PREFIX . 'onions SET description=?, category=? WHERE md5sum=?;');
|
||||
$stmt->execute([$desc, $category, $md5]);
|
||||
$stmt=$db->prepare('UPDATE ' . PREFIX . 'onions SET description=?, category=?, timechanged=? WHERE md5sum=?;');
|
||||
$stmt->execute([$desc, $category, time(), $md5]);
|
||||
echo "<p class=\"green\" role=\"alert\">$I[succupddesc]</p>";
|
||||
}elseif($category!=0){//update category only
|
||||
$stmt=$db->prepare('UPDATE ' . PREFIX . 'onions SET category=? WHERE md5sum=?;');
|
||||
$stmt->execute([$category, $md5]);
|
||||
$stmt=$db->prepare('UPDATE ' . PREFIX . 'onions SET category=?, timechanged=? WHERE md5sum=?;');
|
||||
$stmt->execute([$category, time(), $md5]);
|
||||
echo "<p class=\"green\" role=\"alert\">$I[succupdcat]</p>";
|
||||
}else{//nothing changed and already known
|
||||
echo "<p class=\"green\" role=\"alert\">$I[alreadyknown]</p>";
|
||||
@ -322,7 +320,7 @@ function send_html(){
|
||||
echo '<br>';
|
||||
echo $pagination;
|
||||
echo '<br><p class="software-link"><a href="https://github.com/DanWin/onion-link-list" target="_blank" rel="noopener">Onion Link List - ' . VERSION . '</a></p>';
|
||||
echo '</body></html>';
|
||||
echo '</main></body></html>';
|
||||
}
|
||||
|
||||
function get_table(PDOStatement $stmt, int &$numrows = 0, bool $promoted = false) : string {
|
||||
@ -447,7 +445,7 @@ function send_json(){
|
||||
$admin_approval = PREFIX . 'onions.approved = 1 AND';
|
||||
}
|
||||
$data=['categories'=>$categories];
|
||||
$stmt=$db->query('SELECT address, category, description, locked, lastup, lasttest, timeadded FROM ' . PREFIX . "onions WHERE $admin_approval address!='' AND id NOT IN (SELECT onion_id FROM " . PREFIX . 'phishing) AND timediff<604800 ORDER BY address;');
|
||||
$stmt=$db->query('SELECT address, category, description, locked, lastup, lasttest, timeadded, timechanged FROM ' . PREFIX . "onions WHERE $admin_approval address!='' AND id NOT IN (SELECT onion_id FROM " . PREFIX . 'phishing) AND timediff<604800 ORDER BY address;');
|
||||
$data['onions']=$stmt->fetchALL(PDO::FETCH_ASSOC);
|
||||
$stmt=$db->query('SELECT md5sum FROM ' . PREFIX . "onions WHERE address='';");
|
||||
while($tmp=$stmt->fetch(PDO::FETCH_ASSOC)){
|
||||
@ -526,5 +524,5 @@ function send_captcha(){
|
||||
}
|
||||
|
||||
function send_error(string $msg){
|
||||
die("<p class=\"red\" role=\"alert\">$msg</p></div></body></html>");
|
||||
die("<p class=\"red\" role=\"alert\">$msg</p></div></main></body></html>");
|
||||
}
|
||||
|
||||
@ -10,7 +10,7 @@ echo '<meta name="viewport" content="width=device-width, initial-scale=1">';
|
||||
echo '<meta name="description" content="Test whether a Tor hidden service onion is online or offline">';
|
||||
echo '<link rel="canonical" href="' . CANONICAL_URL . $_SERVER['SCRIPT_NAME'] . '">';
|
||||
echo '<style type="text/css">'.$style.'</style>';
|
||||
echo '</head><body>';
|
||||
echo '</head><body><main>';
|
||||
echo "<h1>$I[testtitle]</h1>";
|
||||
print_langs();
|
||||
echo "<p>$I[testdesc]</p>";
|
||||
@ -108,4 +108,4 @@ if(!empty($_REQUEST['addr'])){
|
||||
}
|
||||
?>
|
||||
<br><p class="software-link"><a target="_blank" href="https://github.com/DanWin/onion-link-list" rel="noopener">Onion Link List - <?php echo VERSION; ?></a></p>
|
||||
</body></html>
|
||||
</main></body></html>
|
||||
|
||||
Reference in New Issue
Block a user