Updated from latest live version
This commit is contained in:
Daniel Winzen
18
admin.php
18
admin.php
@ -19,9 +19,6 @@
|
||||
*/
|
||||
|
||||
header('Content-Type: text/html; charset=UTF-8');
|
||||
header('Pragma: no-cache');
|
||||
header('Cache-Control: no-cache, no-store, must-revalidate, max-age=0');
|
||||
header('Expires: 0');
|
||||
if($_SERVER['REQUEST_METHOD']==='HEAD'){
|
||||
exit; // headers sent, no further processing needed
|
||||
}
|
||||
@ -38,7 +35,7 @@ echo '<meta http-equiv="Content-Type" content="text/html; charset=utf-8">';
|
||||
echo '<meta name=viewport content="width=device-width, initial-scale=1">';
|
||||
echo '<style type="text/css">.red{color:red;} .green{color:green;}</style>';
|
||||
echo '</head><body>';
|
||||
echo "<h2>$I[admintitle]</h2>";
|
||||
echo "<h1>$I[admintitle]</h1>";
|
||||
print_langs();
|
||||
|
||||
//check password
|
||||
@ -74,7 +71,7 @@ if(!isSet($_POST['pass']) || $_POST['pass']!==ADMINPASS){
|
||||
if(!empty($_REQUEST['desc'])){
|
||||
echo htmlspecialchars(trim($_REQUEST['desc']));
|
||||
}elseif(isSet($_REQUEST['addr'])){
|
||||
if(preg_match('~(^(https?://)?([a-z2-7]{16})(\.onion(/.*)?)?$)~i', trim($_REQUEST['addr']), $addr)){
|
||||
if(preg_match('~(^(https?://)?([a-z2-7]{16}|[a-z2-7]{56})(\.onion(/.*)?)?$)~i', trim($_REQUEST['addr']), $addr)){
|
||||
$addr=strtolower($addr[3]);
|
||||
$md5=md5($addr, true);
|
||||
$stmt=$db->prepare('SELECT description, category FROM ' . PREFIX . 'onions WHERE md5sum=?;');
|
||||
@ -118,7 +115,7 @@ if(!isSet($_POST['pass']) || $_POST['pass']!==ADMINPASS){
|
||||
echo '</form><br>';
|
||||
|
||||
if(!empty($_POST['addr'])){
|
||||
if(!preg_match('~(^(https?://)?([a-z2-7]{16})(\.onion(/.*)?)?$)~i', trim($_POST['addr']), $addr)){
|
||||
if(!preg_match('~(^(https?://)?([a-z2-7]{16}|[a-z2-7]{56})(\.onion(/.*)?)?$)~i', trim($_POST['addr']), $addr)){
|
||||
echo "<p class=\"red\">$I[invalonion]</p>";
|
||||
}else{
|
||||
$addr=strtolower($addr[3]);
|
||||
@ -163,7 +160,7 @@ if(!isSet($_POST['pass']) || $_POST['pass']!==ADMINPASS){
|
||||
$desc=preg_replace("/(\r?\n|\r\n?)/", '<br>', $desc);
|
||||
}
|
||||
if(!$stmt->fetch(PDO::FETCH_ASSOC)){ //not yet there, add it
|
||||
$stmt=$db->prepare('INSERT INTO ' . PREFIX . 'onions (address, description, md5sum, category, timeadded) VALUES (?, ?, ?, ?, ?);');
|
||||
$stmt=$db->prepare('INSERT INTO ' . PREFIX . 'onions (address, description, md5sum, category, timeadded, locked) VALUES (?, ?, ?, ?, ?, 1);');
|
||||
$stmt->execute([$addr, $desc, $md5, $category, time()]);
|
||||
echo "<p class=\"green\">$I[succadd]</p>";
|
||||
}elseif($desc!=''){ //update description+category
|
||||
@ -171,14 +168,14 @@ if(!isSet($_POST['pass']) || $_POST['pass']!==ADMINPASS){
|
||||
$stmt->execute([$desc, $category, $md5]);
|
||||
echo "<p class=\"green\">$I[succupddesc]</p>";
|
||||
}elseif($category!=0){ //only update category
|
||||
$stmt=$db->prepare('UPDATE ' . PREFIX . 'onions SET category=? WHERE md5sum=?;');
|
||||
$stmt=$db->prepare('UPDATE ' . PREFIX . 'onions SET category=?, locked=1 WHERE md5sum=?;');
|
||||
$stmt->execute([$category, $md5]);
|
||||
echo "<p class=\"green\">$I[succupdcat]!</p>";
|
||||
}else{ //no description or category change and already known
|
||||
echo "<p class=\"green\">$I[alreadyknown]</p>";
|
||||
}
|
||||
}elseif($_POST['action']===$I['phishing']){//mark as phishing clone
|
||||
if($_POST['original']!=='' && !preg_match('~(^(https?://)?([a-z2-7]{16})(\.onion(/.*)?)?$)~i', $_POST['original'], $orig)){
|
||||
if($_POST['original']!=='' && !preg_match('~(^(https?://)?([a-z2-7]{16}|[a-z2-7]{56})(\.onion(/.*)?)?$)~i', $_POST['original'], $orig)){
|
||||
echo "<p class=\"red\">$I[invalonion]</p>";
|
||||
}else{
|
||||
if(isset($orig[3])){
|
||||
@ -189,6 +186,8 @@ if(!isSet($_POST['pass']) || $_POST['pass']!==ADMINPASS){
|
||||
if($orig!==$addr){
|
||||
$stmt=$db->prepare('INSERT INTO ' . PREFIX . 'phishing (onion_id, original) VALUES ((SELECT id FROM ' . PREFIX . 'onions WHERE address=?), ?);');
|
||||
$stmt->execute([$addr, $orig]);
|
||||
$stmt=$db->prepare('UPDATE ' . PREFIX . 'onions SET locked=1 WHERE address=?;');
|
||||
$stmt->execute([$addr]);
|
||||
echo "<p class=\"green\">$I[succaddphish]</p>";
|
||||
}else{
|
||||
echo "<p class=\"red\">$I[samephish]</p>";
|
||||
@ -206,4 +205,3 @@ if(!isSet($_POST['pass']) || $_POST['pass']!==ADMINPASS){
|
||||
}
|
||||
echo '<br><p style="text-align:center;font-size:small;"><a target="_blank" href="https://github.com/DanWin/onion-link-list">Onion Link List - ' . VERSION . '</a></p>';
|
||||
echo '</body></html>';
|
||||
?>
|
||||
|
||||
@ -77,4 +77,3 @@ foreach($offline as $tmp){
|
||||
// $error_stmt->execute($tmp);
|
||||
//}
|
||||
$db->commit();
|
||||
?>
|
||||
|
||||
@ -30,13 +30,13 @@ define('PROXY', '127.0.0.1:9050'); // Socks5 Proxy to connect to (Tor)
|
||||
define('USERAGENT', 'Daniels Online-Test http://tt3j2x4k5ycaa5zt.onion/test.php'); // User-Agent to use when testing a site
|
||||
define('LANG', 'en'); // Default language
|
||||
define('PROMOTEPRICE', 0.025); // Price to promote a site for PROMOTETIME long
|
||||
define('PROMOTETIME', 864000); // Time (in seconds) to promote a site payed with PROMOTEPRICE - 864000 equals 10 days
|
||||
define('PROMOTETIME', 2592000); // Time (in seconds) to promote a site payed with PROMOTEPRICE - 864000 equals 10 days
|
||||
define('PER_PAGE', 50); // Sites listed per page
|
||||
define('VERSION', '1'); // Script version
|
||||
define('DBVERSION', 2); // Database layout version
|
||||
define('DBVERSION', 3); // Database layout version
|
||||
//Categories - new links will always be put into the first one, leave it to Unsorted
|
||||
//once configured, only add new categories at the end or you have to manually adjust the database.
|
||||
$categories=['Unsorted', 'Adult/Porn', 'Communication/Social', 'Cryptocurrencies', 'Empty/Error/Unknown', 'Forums', 'Hacking', 'Hosting', 'Libraries/Wikis', 'Link Lists', 'Market/Shop/Store', 'Other', 'Personal Sites/Blogs', 'Scam', 'Security/Privacy', 'Whistleblowing'];
|
||||
$categories=['Unsorted', 'Adult/Porn', 'Communication/Social', 'Forums', 'Hacking/Programming/Software', 'Hosting', 'Libraries/Wikis', 'Link Lists', 'Market/Shop/Store', 'Other', 'Personal Sites/Blogs', 'Security/Privacy/Encryption', 'Whistleblowing', 'Empty/Error/Unknown', 'Cryptocurrencies', 'Scams', 'Fun/Joke', 'Search', 'Autodetected scam (unchecked)'];
|
||||
|
||||
|
||||
// Language selection
|
||||
@ -55,9 +55,9 @@ if(isSet($_REQUEST['lang']) && isSet($L[$_REQUEST['lang']])){
|
||||
}else{
|
||||
$language=LANG;
|
||||
}
|
||||
include_once('lang_en.php'); //always include English
|
||||
require_once('lang_en.php'); //always include English
|
||||
if($language!=='en'){
|
||||
include_once("lang_$language.php"); //replace with translation if available
|
||||
require_once("lang_$language.php"); //replace with translation if available
|
||||
foreach($T as $name=>$translation){
|
||||
$I[$name]=$translation;
|
||||
}
|
||||
@ -66,9 +66,14 @@ if($language!=='en'){
|
||||
function print_langs(){
|
||||
global $I, $L;
|
||||
echo "<small>$I[language]: ";
|
||||
$query=preg_replace('/(&?lang=[a-z_\-]*)/i', '', $_SERVER['QUERY_STRING']);
|
||||
foreach($L as $code=>$name){
|
||||
echo " <a href=\"?lang=$code\">$name</a>";
|
||||
if($query===''){
|
||||
$uri="?lang=$code";
|
||||
}else{
|
||||
$uri='?'.htmlspecialchars($query)."&lang=$code";
|
||||
}
|
||||
echo " <a href=\"$uri\">$name</a>";
|
||||
}
|
||||
echo '</small>';
|
||||
}
|
||||
?>
|
||||
|
||||
11
lang_de.php
11
lang_de.php
@ -17,8 +17,6 @@
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
//Native language name: Deutsch
|
||||
$T=[
|
||||
'all' => 'Alle',
|
||||
'lastadded' => 'Zuletzt hinzugefügt',
|
||||
@ -86,12 +84,5 @@ $T=[
|
||||
'unknown' => 'Unbekannt',
|
||||
'language' => 'Sprache',
|
||||
'format' => 'Format',
|
||||
'pdo_mysqlextrequired' => 'Die pdo_mysql Erweiterung von PHP wird benötigt. Bitte installieren Sie diese zuerst.',
|
||||
'pcreextrequired' => 'Die pcre Erweiterung von PHP wird benötigt. Bitte installieren Sie diese zuerst.',
|
||||
'jsonextrequired' => 'Die json Erweiterung von PHP wird benötigt. Bitte installieren Sie diese zuerst.',
|
||||
'curlextrequired' => 'Die curl Erweiterung von PHP wird benötigt. Bitte installieren Sie diese zuerst.',
|
||||
'dateextrequired' => 'Die date Erweiterung von PHP wird benötigt. Bitte installieren Sie diese zuerst.',
|
||||
'succdbcreate' => 'Die Datenbank wurde erfolgreich erstellt!',
|
||||
'statusok' => 'Status: OK',
|
||||
'hidelocked' => 'Gesperrte nicht anzeigen',
|
||||
];
|
||||
?>
|
||||
|
||||
10
lang_en.php
10
lang_en.php
@ -17,7 +17,6 @@
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
$I=[
|
||||
'all' => 'All',
|
||||
'lastadded' => 'Last added',
|
||||
@ -85,12 +84,5 @@ $I=[
|
||||
'unknown' => 'Unknown',
|
||||
'language' => 'Language',
|
||||
'format' => 'Format',
|
||||
'pdo_mysqlextrequired' => 'The pdo_mysql extension of PHP is required. Please install it first.',
|
||||
'pcreextrequired' => 'The pcre extension of PHP is required. Please install it first.',
|
||||
'jsonextrequired' => 'The json extension of PHP is required. Please install it first.',
|
||||
'curlextrequired' => 'The curl extension of PHP is required. Please install it first.',
|
||||
'dateextrequired' => 'The date extension of PHP is required. Please install it first.',
|
||||
'succdbcreate' => 'The database has successfully been created!',
|
||||
'statusok' => 'Status: OK',
|
||||
'hidelocked' => 'Hide locked',
|
||||
];
|
||||
?>
|
||||
|
||||
@ -39,7 +39,6 @@ foreach($T as $id=>$value){
|
||||
foreach($I as $id=>$value){
|
||||
echo "\t'$id' => '".str_replace("'", "\'", $value)."',\n";
|
||||
}
|
||||
echo "];\n?>\n";
|
||||
echo "];\n";
|
||||
$file=ob_get_clean();
|
||||
file_put_contents("lang_$code.php", $file);
|
||||
?>
|
||||
|
||||
132
onions.php
132
onions.php
@ -44,7 +44,7 @@ function send_html(){
|
||||
asort($categories);
|
||||
//sql for special categories
|
||||
$special=[
|
||||
$I['all']=>"address!='' AND id NOT IN (SELECT onion_id FROM " . PREFIX . 'phishing) AND timediff<604800',
|
||||
$I['all']=>"address!='' AND category!=15 AND id NOT IN (SELECT onion_id FROM " . PREFIX . 'phishing) AND timediff<604800',
|
||||
$I['lastadded']=>"address!='' AND id NOT IN (SELECT onion_id FROM " . PREFIX . 'phishing)',
|
||||
$I['offline']=>"address!='' AND id NOT IN (SELECT onion_id FROM " . PREFIX . 'phishing) AND timediff>604800'
|
||||
];
|
||||
@ -61,10 +61,11 @@ function send_html(){
|
||||
echo '<!DOCTYPE html><html><head>';
|
||||
echo "<title>$I[title]</title>";
|
||||
echo '<meta http-equiv="Content-Type" content="text/html; charset=utf-8">';
|
||||
echo '<meta name=viewport content="width=device-width, initial-scale=1">';
|
||||
echo '<style type="text/css">.red{color:red;} .green{color:green;} .up td+td+td{background-color:#aaff88;} .down td+td+td{background-color:#ff4444;} .promo{outline:medium solid #FFD700;} .list{display: inline-block; padding: 0px; margin: 0px;} .list li{display:inline;} .active{font-weight:bold;} .down td+td+td+td+td,.up td+td+td+td+td{background-color:unset;}</style>';
|
||||
echo '<meta name="author" content="Daniel Winzen">';
|
||||
echo '<meta name="viewport" content="width=device-width, initial-scale=1">';
|
||||
echo '<style type="text/css">.red{color:red;} .green{color:green;} .up td+td+td{background-color:#aaff88;} .down td+td+td{background-color:#ff4444;} .promo{outline:medium solid #FFD700;} .list{display: inline-block; padding: 0px; margin: 0px;} .list li{display:inline;} .active{font-weight:bold;} .down td+td+td+td+td,.up td+td+td+td+td{background-color:unset;} #maintable td+td{word-break:break-all;} #maintable td+td+td{word-break:unset;}</style>';
|
||||
echo '</head><body>';
|
||||
echo "<h2>$I[title]</h2>";
|
||||
echo "<h1>$I[title]</h1>";
|
||||
print_langs();
|
||||
echo "<br><small>$I[format]: <a href=\"?format=text\">Text</a> <a href=\"?format=json\">JSON</a></small>";
|
||||
if(!isSet($db)){
|
||||
@ -72,6 +73,7 @@ function send_html(){
|
||||
echo '</body></html>';
|
||||
exit;
|
||||
}
|
||||
echo '<p>I\'m not responsible for any content of websites linked here. Be careful and use your brain.</p>';
|
||||
//update onions description form
|
||||
echo "<table><tr valign=\"top\"><td><form action=\"$_SERVER[SCRIPT_NAME]\" method=\"POST\">";
|
||||
echo "<input type=\"hidden\" name=\"pg\" value=\"$_REQUEST[newpg]\">";
|
||||
@ -85,7 +87,7 @@ function send_html(){
|
||||
if(!empty($_REQUEST['desc'])){//use posted description
|
||||
echo htmlspecialchars(trim($_REQUEST['desc']));
|
||||
}elseif(!empty($_REQUEST['addr'])){//fetch description from database
|
||||
if(preg_match('~(^(https?://)?([a-z0-9]*\.)?([a-z2-7]{16})(\.onion(/.*)?)?$)~i', trim($_REQUEST['addr']), $addr)){
|
||||
if(preg_match('~(^(https?://)?([a-z0-9]*\.)?([a-z2-7]{16}|[a-z2-7]{56})(\.onion(/.*)?)?$)~i', trim($_REQUEST['addr']), $addr)){
|
||||
$addr=strtolower($addr[4]);
|
||||
$md5=md5($addr, true);
|
||||
$stmt=$db->prepare('SELECT description, category FROM ' . PREFIX . 'onions WHERE md5sum=?;');
|
||||
@ -113,6 +115,7 @@ function send_html(){
|
||||
echo ">$name</option>";
|
||||
}
|
||||
echo '</select></p>';
|
||||
send_captcha();
|
||||
echo "<input type=\"submit\" name=\"action\" value=\"$I[update]\"></form></td>";
|
||||
//search from
|
||||
echo "<td><form action=\"$_SERVER[SCRIPT_NAME]\" method=\"post\">";
|
||||
@ -122,7 +125,26 @@ function send_html(){
|
||||
if(isSet($_REQUEST['q'])){
|
||||
echo htmlspecialchars($_REQUEST['q']);
|
||||
}
|
||||
echo '" required></p>';
|
||||
echo '"></p>';
|
||||
echo "<p>$I[category]: <select name=\"cat\">";
|
||||
echo '<option value="'.count($categories).'"';
|
||||
if($category>=count($categories)){
|
||||
echo ' selected';
|
||||
}
|
||||
echo ">$I[all]</option>";
|
||||
foreach($categories as $cat=>$name){
|
||||
echo "<option value=\"$cat\"";
|
||||
if($category==$cat){
|
||||
echo ' selected';
|
||||
}
|
||||
echo ">$name</option>";
|
||||
}
|
||||
echo '</select></p>';
|
||||
echo '<p><label><input type="checkbox" name="hidelocked" value="1"';
|
||||
if(isset($_REQUEST['hidelocked'])){
|
||||
echo ' checked';
|
||||
}
|
||||
echo ">$I[hidelocked]</label></p>";
|
||||
echo "<input type=\"submit\" name=\"action\" value=\"$I[search]\"></form></td>";
|
||||
echo '</tr></table><br>';
|
||||
//List special categories
|
||||
@ -166,10 +188,27 @@ function send_html(){
|
||||
}
|
||||
echo '</ul><br><br>';
|
||||
if($_SERVER['REQUEST_METHOD']==='POST' && !empty($_REQUEST['addr'])){
|
||||
if(!preg_match('~(^(https?://)?([a-z0-9]*\.)?([a-z2-7]{16})(\.onion(/.*)?)?$)~i', trim($_REQUEST['addr']), $addr)){
|
||||
if(!preg_match('~(^(https?://)?([a-z0-9]*\.)?([a-z2-7]{16}|[a-z2-7]{56})(\.onion(/.*)?)?$)~i', trim($_REQUEST['addr']), $addr)){
|
||||
echo "<p class=\"red\">$I[invalonion]</p>";
|
||||
echo "<p>$I[valid]: http://tt3j2x4k5ycaa5zt.onion</p>";
|
||||
}else{
|
||||
if(!isset($_REQUEST['challenge'])){
|
||||
send_error('Error: Wrong Captcha');
|
||||
}
|
||||
$stmt=$db->prepare('SELECT code FROM ' . PREFIX . 'captcha WHERE id=?;');
|
||||
$stmt->execute([$_REQUEST['challenge']]);
|
||||
$stmt->bindColumn(1, $code);
|
||||
if(!$stmt->fetch(PDO::FETCH_BOUND)){
|
||||
send_error('Error: Captcha expired');
|
||||
}
|
||||
$time=time();
|
||||
$stmt=$db->prepare('DELETE FROM ' . PREFIX . 'captcha WHERE id=? OR time<?;');
|
||||
$stmt->execute([$_REQUEST['challenge'], $time-3600]);
|
||||
if($_REQUEST['captcha']!==$code){
|
||||
if(strrev($_REQUEST['captcha'])!==$code){
|
||||
send_error('Error: Wrong captcha');
|
||||
}
|
||||
}
|
||||
$addr=strtolower($addr[4]);
|
||||
$md5=md5($addr, true);
|
||||
$stmt=$db->prepare('SELECT locked FROM ' . PREFIX . 'onions WHERE md5sum=?;');
|
||||
@ -204,17 +243,27 @@ function send_html(){
|
||||
}
|
||||
}
|
||||
}
|
||||
if($pages>1 && empty($_REQUEST['q'])){
|
||||
if($pages>1 && !isset($_REQUEST['q'])){
|
||||
$pagination=get_pagination($category, $pages);
|
||||
echo $pagination;
|
||||
}else{
|
||||
$pagination='';
|
||||
}
|
||||
if(!empty($_REQUEST['q'])){//run search query
|
||||
$stmt=$db->prepare('SELECT address, lasttest, lastup, timeadded, description, locked, special FROM ' . PREFIX . "onions WHERE address!='' AND id NOT IN (SELECT onion_id FROM " . PREFIX . 'phishing) AND timediff<604800 AND (description LIKE ? OR address LIKE ?) ORDER BY address;');
|
||||
if(isset($_REQUEST['q'])){//run search query
|
||||
$query=htmlspecialchars($_REQUEST['q']);
|
||||
$query="%$query%";
|
||||
$stmt->execute([$query, $query]);
|
||||
if(isset($_REQUEST['hidelocked'])){
|
||||
$hidelocked='AND locked=0';
|
||||
}else{
|
||||
$hidelocked='';
|
||||
}
|
||||
if($category>=count($categories)){
|
||||
$stmt=$db->prepare('SELECT address, lasttest, lastup, timeadded, description, locked, special FROM ' . PREFIX . "onions WHERE address!='' AND id NOT IN (SELECT onion_id FROM " . PREFIX . "phishing) AND timediff<604800 $hidelocked AND (description LIKE ? OR address LIKE ?) ORDER BY address;");
|
||||
$stmt->execute([$query, $query]);
|
||||
}else{
|
||||
$stmt=$db->prepare('SELECT address, lasttest, lastup, timeadded, description, locked, special FROM ' . PREFIX . "onions WHERE address!='' AND category=? AND id NOT IN (SELECT onion_id FROM " . PREFIX . "phishing) AND timediff<604800 $hidelocked AND (description LIKE ? OR address LIKE ?) ORDER BY address;");
|
||||
$stmt->execute([$category, $query, $query]);
|
||||
}
|
||||
$table=get_table($stmt, $numrows);
|
||||
printf("<p><b>$I[searchresult]</b></p>", $_REQUEST['q'], $numrows);
|
||||
echo $table;
|
||||
@ -232,7 +281,7 @@ function send_html(){
|
||||
$query.=' ORDER BY address';
|
||||
if($_REQUEST['pg']>0){
|
||||
$offset=PER_PAGE*($_REQUEST['pg']-1);
|
||||
$query.=' LIMIT ' . PER_PAGE . " OFFSET $offset";
|
||||
$query.=' LIMIT ' . PER_PAGE ." OFFSET $offset";
|
||||
}
|
||||
}
|
||||
$stmt=$db->query('SELECT address, lasttest, lastup, timeadded, description, locked, special FROM ' . PREFIX . "onions WHERE $query;");
|
||||
@ -258,7 +307,7 @@ function get_table(PDOStatement $stmt, &$numrows=0, $promoted=false){
|
||||
global $I, $db, $language;
|
||||
$time=time();
|
||||
ob_start();
|
||||
echo "<table border=\"1\"><tr><th>$I[link]</th><th>$I[description]</th><th>$I[lasttested]</th><th>$I[lastup]</th><th>$I[timeadded]</th><th>$I[actions]</th></tr>";
|
||||
echo "<table id=\"maintable\" border=\"1\"><tr><th>$I[link]</th><th>$I[description]</th><th>$I[lasttested]</th><th>$I[lastup]</th><th>$I[timeadded]</th><th>$I[actions]</th></tr>";
|
||||
if($promoted){//print promoted links at the top
|
||||
$time=time();
|
||||
$promo=$db->prepare('SELECT address, lasttest, lastup, timeadded, description, locked, special FROM ' . PREFIX . "onions WHERE special>? AND address!='' AND id NOT IN (SELECT onion_id FROM " . PREFIX . 'phishing) AND timediff<604800 ORDER BY address;');
|
||||
@ -310,6 +359,7 @@ function get_table(PDOStatement $stmt, &$numrows=0, $promoted=false){
|
||||
$edit="<form target=\"_blank\"><input name=\"addr\" value=\"$link[address]\" type=\"hidden\"><input type=\"hidden\" name=\"pg\" value=\"$_REQUEST[newpg]\"><input type=\"hidden\" name=\"lang\" value=\"$language\"><input value=\"$I[edit]\" type=\"submit\"></form>";
|
||||
}
|
||||
echo "<tr class=\"$class\"><td><a href=\"http://$link[address].onion\" target=\"_blank\">$link[address].onion</a></td><td>$link[description]</td><td>$lasttest</td><td>$lastup</td><td>$timeadded</td><td>$edit <form target=\"_blank\" method=\"post\" action=\"test.php\"><input name=\"addr\" value=\"$link[address]\" type=\"hidden\"><input type=\"hidden\" name=\"lang\" value=\"$language\"><input value=\"$I[test]\" type=\"submit\"></form></td></tr>";
|
||||
// echo "<tr class=\"$class\"><td><a href=\"http://$link[address].onion\" target=\"_blank\">$link[address].onion</a></td><td>$link[description]</td><td>$edit</td><td>$lasttest</td><td>$lastup</td><td>$timeadded</td><td><form target=\"_blank\" method=\"post\" action=\"test.php\"><input name=\"addr\" value=\"$link[address]\" type=\"hidden\"><input type=\"hidden\" name=\"lang\" value=\"$language\"><input value=\"$I[test]\" type=\"submit\"></form></td></tr>";
|
||||
++$numrows;
|
||||
}
|
||||
echo '</table>';
|
||||
@ -342,7 +392,7 @@ function print_phishing_table(){
|
||||
}
|
||||
|
||||
function send_text(){
|
||||
global $db;
|
||||
global $I, $db;
|
||||
if(!isSet($db)){
|
||||
die("$I[error]: $I[nodb]");
|
||||
}
|
||||
@ -354,7 +404,7 @@ function send_text(){
|
||||
}
|
||||
|
||||
function send_json(){
|
||||
global $db, $categories;
|
||||
global $I, $db, $categories;
|
||||
if(!isSet($db)){
|
||||
die("$I[error]: $I[nodb]");
|
||||
}
|
||||
@ -390,4 +440,54 @@ function get_pagination($category, $pages){
|
||||
echo "</ul><br><br>";
|
||||
return ob_get_clean();
|
||||
}
|
||||
?>
|
||||
|
||||
function send_captcha(){
|
||||
global $I, $db, $memcached;
|
||||
$difficulty=2;
|
||||
if($difficulty===0 || !extension_loaded('gd')){
|
||||
return;
|
||||
}
|
||||
$captchachars='ABCDEFGHJKMNPQRSTUVWXYZabcdefghjkmnpqrstuvwxyz23456789';
|
||||
$length=strlen($captchachars)-1;
|
||||
$code='';
|
||||
for($i=0;$i<5;++$i){
|
||||
$code.=$captchachars[mt_rand(0, $length)];
|
||||
}
|
||||
$randid=mt_rand();
|
||||
$time=time();
|
||||
$stmt=$db->prepare('INSERT INTO ' . PREFIX . 'captcha (id, time, code) VALUES (?, ?, ?);');
|
||||
$stmt->execute([$randid, $time, $code]);
|
||||
echo "<p>Copy: ";
|
||||
if($difficulty===1){
|
||||
$im=imagecreatetruecolor(55, 24);
|
||||
$bg=imagecolorallocate($im, 0, 0, 0);
|
||||
$fg=imagecolorallocate($im, 255, 255, 255);
|
||||
imagefill($im, 0, 0, $bg);
|
||||
imagestring($im, 5, 5, 5, $code, $fg);
|
||||
echo '<img width="55" height="24" src="data:image/gif;base64,';
|
||||
}else{
|
||||
$im=imagecreatetruecolor(55, 24);
|
||||
$bg=imagecolorallocate($im, 0, 0, 0);
|
||||
$fg=imagecolorallocate($im, 255, 255, 255);
|
||||
imagefill($im, 0, 0, $bg);
|
||||
imagestring($im, 5, 5, 5, $code, $fg);
|
||||
$line=imagecolorallocate($im, 255, 255, 255);
|
||||
for($i=0;$i<2;++$i){
|
||||
imageline($im, 0, mt_rand(0, 24), 55, mt_rand(0, 24), $line);
|
||||
}
|
||||
$dots=imagecolorallocate($im, 255, 255, 255);
|
||||
for($i=0;$i<100;++$i){
|
||||
imagesetpixel($im, mt_rand(0, 55), mt_rand(0, 24), $dots);
|
||||
}
|
||||
echo '<img width="55" height="24" src="data:image/gif;base64,';
|
||||
}
|
||||
ob_start();
|
||||
imagegif($im);
|
||||
imagedestroy($im);
|
||||
echo base64_encode(ob_get_clean()).'">';
|
||||
echo "<input type=\"hidden\" name=\"challenge\" value=\"$randid\"><input type=\"text\" name=\"captcha\" size=\"15\" autocomplete=\"off\"></p>";
|
||||
}
|
||||
|
||||
function send_error($msg){
|
||||
die("<p style=\"color:red;\">$msg</p></div></body></html>");
|
||||
}
|
||||
|
||||
@ -65,4 +65,3 @@ function check($link, $phishing_link){
|
||||
}
|
||||
}
|
||||
}
|
||||
?>
|
||||
|
||||
13
setup.php
13
setup.php
@ -17,7 +17,6 @@
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
include('common_config.php');
|
||||
if(!extension_loaded('pdo_mysql')){
|
||||
die($I['pdo_mysqlextrequired']);
|
||||
@ -51,8 +50,8 @@ try{
|
||||
}
|
||||
if(!@$db->query('SELECT * FROM ' . PREFIX . 'settings LIMIT 1;')){
|
||||
//create tables
|
||||
$db->exec('CREATE TABLE ' . PREFIX . 'onions (id int(10) UNSIGNED NOT NULL PRIMARY KEY AUTO_INCREMENT, address varchar(16) CHARACTER SET latin1 COLLATE latin1_general_ci NOT NULL, md5sum binary(16) NOT NULL UNIQUE, lasttest int(10) UNSIGNED NOT NULL, lastup int(10) UNSIGNED NOT NULL, timediff int(10) UNSIGNED NOT NULL, timeadded int(10) UNSIGNED NOT NULL, description text CHARACTER SET utf8mb4 NOT NULL, category smallint(6) NOT NULL, locked smallint(6) NOT NULL, special int(10) UNSIGNED NOT NULL, INDEX(address), INDEX(lasttest), INDEX(timediff), INDEX(category), INDEX(special));');
|
||||
$db->exec('CREATE TABLE ' . PREFIX . 'phishing (onion_id int(10) UNSIGNED NOT NULL PRIMARY_KEY, original varchar(16) CHARACTER SET latin1 COLLATE latin1_general_ci NOT NULL, FOREIGN KEY (onion_id) REFERENCES onions(id) ON DELETE CASCADE ON UPDATE CASCADE);');
|
||||
$db->exec('CREATE TABLE ' . PREFIX . "onions (id int(10) UNSIGNED NOT NULL PRIMARY KEY AUTO_INCREMENT, address varchar(56) CHARACTER SET latin1 COLLATE latin1_general_ci NOT NULL, md5sum binary(16) NOT NULL UNIQUE, lasttest int(10) UNSIGNED NOT NULL DEFAULT '0', lastup int(10) UNSIGNED NOT NULL DEFAULT '0', timediff int(10) UNSIGNED NOT NULL DEFAULT '0', timeadded int(10) UNSIGNED NOT NULL DEFAULT '0', description text CHARACTER SET utf8mb4 NOT NULL, category smallint(6) NOT NULL DEFAULT '0', locked smallint(6) NOT NULL DEFAULT '0', special int(10) UNSIGNED NOT NULL DEFAULT '0', INDEX(address), INDEX(lasttest), INDEX(timediff), INDEX(category), INDEX(special));");
|
||||
$db->exec('CREATE TABLE ' . PREFIX . 'phishing (onion_id int(10) UNSIGNED NOT NULL PRIMARY KEY, original varchar(56) CHARACTER SET latin1 COLLATE latin1_general_ci NOT NULL, FOREIGN KEY (onion_id) REFERENCES onions(id) ON DELETE CASCADE ON UPDATE CASCADE);');
|
||||
$db->exec('CREATE TABLE ' . PREFIX . 'settings (setting varchar(50) NOT NULL PRIMARY KEY, value varchar(20000) NOT NULL);');
|
||||
$stmt=$db->prepare('INSERT INTO ' . PREFIX . "settings (setting, value) VALUES ('version', ?);");
|
||||
$stmt->execute([DBVERSION]);
|
||||
@ -79,8 +78,14 @@ if(!@$db->query('SELECT * FROM ' . PREFIX . 'settings LIMIT 1;')){
|
||||
$stmt->execute($phishing);
|
||||
}
|
||||
}
|
||||
if($version<3){
|
||||
$db->exec('ALTER TABLE ' . PREFIX . 'onions CHANGE address address varchar(56) CHARACTER SET latin1 COLLATE latin1_general_ci NOT NULL;');
|
||||
$db->exec('ALTER TABLE ' . PREFIX . 'phishing CHANGE original original varchar(56) CHARACTER SET latin1 COLLATE latin1_general_ci NOT NULL;');
|
||||
}
|
||||
if($version<4){
|
||||
$db->exec("ALTER TABLE " . PREFIX . "onions CHANGE lasttest lasttest int(10) UNSIGNED NOT NULL DEFAULT '0', CHANGE lastup lastup int(10) UNSIGNED NOT NULL DEFAULT '0', CHANGE timediff timediff int(10) UNSIGNED NOT NULL DEFAULT '0', CHANGE timeadded timeadded int(10) UNSIGNED NOT NULL DEFAULT '0', CHANGE category category smallint(6) NOT NULL DEFAULT '0', CHANGE locked locked smallint(6) NOT NULL DEFAULT '0', CHANGE special special int(10) UNSIGNED NOT NULL DEFAULT '0'");
|
||||
}
|
||||
$stmt=$db->prepare('UPDATE ' . PREFIX . "settings SET value=? WHERE setting='version';");
|
||||
$stmt->execute([DBVERSION]);
|
||||
echo "$I[statusok]\n";
|
||||
}
|
||||
?>
|
||||
|
||||
21
test.php
21
test.php
@ -17,19 +17,19 @@
|
||||
* You should have received a copy of the GNU General Public License
|
||||
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
header('Content-Type: text/html; charset=UTF-8');
|
||||
if($_SERVER['REQUEST_METHOD']==='HEAD'){
|
||||
exit; // headers sent, no further processing needed
|
||||
}
|
||||
include('common_config.php');
|
||||
echo '<!DOCTYPE html><html><head>';
|
||||
echo "<title>Daniel - $I[testtitle]</title>";
|
||||
echo "<title>$I[testtitle]</title>";
|
||||
echo '<meta http-equiv="Content-Type" content="text/html; charset=utf-8">';
|
||||
echo '<meta name=viewport content="width=device-width, initial-scale=1">';
|
||||
echo '<meta name="author" content="Daniel Winzen">';
|
||||
echo '<meta name="viewport" content="width=device-width, initial-scale=1">';
|
||||
echo '<style type="text/css">.red{color:red;} .green{color:green;}</style>';
|
||||
echo '</head><body>';
|
||||
echo '<h2>Online-Test</h2>';
|
||||
echo '<h1>Online-Test</h1>';
|
||||
print_langs();
|
||||
echo "<p>$I[testdesc]</p>";
|
||||
echo "<form action=\"$_SERVER[SCRIPT_NAME]\" method=\"POST\">";
|
||||
@ -49,8 +49,9 @@ if(!empty($_REQUEST['addr'])){
|
||||
try{
|
||||
$db=new PDO('mysql:host=' . DBHOST . ';dbname=' . DBNAME . ';charset=utf8mb4', DBUSER, DBPASS, [PDO::ATTR_ERRMODE=>PDO::ERRMODE_WARNING, PDO::ATTR_PERSISTENT=>PERSISTENT]);
|
||||
}catch(PDOException $e){
|
||||
die('No DB connection');
|
||||
}
|
||||
if(!preg_match('~(^(https?://)?([a-z0-9]*\.)?([a-z2-7]{16})(\.onion(/.*)?)?$)~i', trim($_REQUEST['addr']), $addr)){
|
||||
if(!preg_match('~(^(https?://)?([a-z0-9]*\.)?([a-z2-7]{16}|[a-z2-7]{56})(\.onion(/.*)?)?$)~i', trim($_REQUEST['addr']), $addr)){
|
||||
echo "<p class=\"red\">$I[invalonion]</p>";
|
||||
echo "<p>$I[valid]: http://tt3j2x4k5ycaa5zt.onion</p>";
|
||||
}else{
|
||||
@ -61,6 +62,7 @@ if(!empty($_REQUEST['addr'])){
|
||||
curl_setopt($ch, CURLOPT_PROXY, PROXY);
|
||||
curl_setopt($ch, CURLOPT_PROXYTYPE, 7);
|
||||
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 15);
|
||||
curl_setopt($ch, CURLOPT_ENCODING, '');
|
||||
curl_setopt($ch, CURLOPT_URL, "http://$addr[4].onion/");
|
||||
$addr=strtolower($addr[4]);
|
||||
$md5=md5($addr, true);
|
||||
@ -70,10 +72,14 @@ if(!empty($_REQUEST['addr'])){
|
||||
if($orig=$phishing->fetch(PDO::FETCH_NUM)){
|
||||
printf("<p class=\"red\">$I[testphishing]</p>", "<a href=\"http://$orig[0].onion\">$orig[0].onion</a>");
|
||||
}
|
||||
if(curl_exec($ch)!==false){
|
||||
$stmt=$db->prepare('SELECT null FROM ' . PREFIX . 'onions WHERE md5sum=? AND timediff=0 AND lasttest>?;');
|
||||
$stmt->execute([$md5, time()-60]);
|
||||
if($stmt->fetch(PDO::FETCH_NUM)){
|
||||
echo "<p class=\"green\">$I[testonline]</p>";
|
||||
}elseif(curl_exec($ch)!==false){
|
||||
if(isSet($db)){
|
||||
//update entry in database
|
||||
$stmt=$db->prepare('SELECT * FROM ' . PREFIX . 'onions WHERE md5sum=?;');
|
||||
$stmt=$db->prepare('SELECT null FROM ' . PREFIX . 'onions WHERE md5sum=?;');
|
||||
$stmt->execute([$md5]);
|
||||
if(!$stmt->fetch(PDO::FETCH_NUM)){
|
||||
$db->prepare('INSERT INTO ' . PREFIX . 'onions (address, md5sum, timeadded) VALUES (?, ?, ?);')->execute([$addr, $md5, time()]);
|
||||
@ -93,4 +99,3 @@ if(!empty($_REQUEST['addr'])){
|
||||
}
|
||||
echo '<br><p style="text-align:center;font-size:small;"><a target="_blank" href="https://github.com/DanWin/onion-link-list">Onion Link List - ' . VERSION . '</a></p>';
|
||||
echo '</body></html>';
|
||||
?>
|
||||
|
||||
24
update.php
24
update.php
@ -18,28 +18,37 @@
|
||||
* along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
|
||||
// Executed every 24 hours via cron - checks for new sites.
|
||||
// Executed daily via cronjob - checks for new sites.
|
||||
include('common_config.php');
|
||||
try{
|
||||
$db=new PDO('mysql:host=' . DBHOST . ';dbname=' . DBNAME . ';charset=utf8mb4', DBUSER, DBPASS, [PDO::ATTR_ERRMODE=>PDO::ERRMODE_WARNING, PDO::ATTR_PERSISTENT=>PERSISTENT]);
|
||||
$db=new PDO('mysql:host=' . DBHOST . ';dbname=' . DBNAME, DBUSER, DBPASS, [PDO::ATTR_ERRMODE=>PDO::ERRMODE_WARNING, PDO::ATTR_PERSISTENT=>PERSISTENT]);
|
||||
}catch(PDOException $e){
|
||||
die($I['nodb']);
|
||||
}
|
||||
$ch=curl_init();
|
||||
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
|
||||
curl_setopt($ch, CURLOPT_USERAGENT, USERAGENT);
|
||||
curl_setopt($ch, CURLOPT_PROXY, PROXY);
|
||||
curl_setopt($ch, CURLOPT_PROXYTYPE, 7);
|
||||
curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 25);
|
||||
curl_setopt($ch, CURLOPT_TIMEOUT, 30);
|
||||
curl_setopt($ch, CURLOPT_ENCODING, '');
|
||||
$onions=[];
|
||||
|
||||
//sources to get links from
|
||||
check_links($onions, $ch, 'https://tt3j2x4k5ycaa5zt.onion.to/antanistaticmap/stats/yesterday');
|
||||
check_links($onions, $ch, 'https://tt3j2x4k5ycaa5zt.tor2web.org/antanistaticmap/stats/yesterday');
|
||||
check_links($onions, $ch, 'http://tt3j2x4k5ycaa5zt.onion/onions.php?format=text');
|
||||
check_links($onions, $ch, 'http://skunksworkedp2cg.onion/sites.txt');
|
||||
check_links($onions, $ch, 'http://7cbqhjnlkivmigxf.onion/');
|
||||
check_links($onions, $ch, 'https://tt3j2x4k5ycaa5zt.onion.link/antanistaticmap/stats/yesterday');
|
||||
check_links($onions, $ch, 'https://tt3j2x4k5ycaa5zt.onion.rip/antanistaticmap/stats/yesterday');
|
||||
check_links($onions, $ch, 'https://tt3j2x4k5ycaa5zt.onion.sh/antanistaticmap/stats/yesterday');
|
||||
check_links($onions, $ch, 'https://tt3j2x4k5ycaa5zt.tor2web.io/antanistaticmap/stats/yesterday');
|
||||
check_links($onions, $ch, 'http://visitorfi5kl7q7i.onion/address/');
|
||||
check_links($onions, $ch, 'https://onion.cab/list.php?a=list');
|
||||
check_links($onions, $ch, 'http://zlal32teyptf4tvi.onion/json/all');
|
||||
check_links($onions, $ch, 'http://7cbqhjnlkivmigxf.onion/');
|
||||
check_links($onions, $ch, 'http://dhosting4okcs22v.onion/list.php');
|
||||
check_links($onions, $ch, 'http://hostdanyyyf65r4b.onion/list.php');
|
||||
check_links($onions, $ch, 'http://cb3robuo3hobodw6.onion/darknet/');
|
||||
|
||||
//add them to the database
|
||||
add_onions($onions, $db);
|
||||
@ -49,7 +58,7 @@ $db->exec('DELETE FROM ' . PREFIX . "onions WHERE address!='' AND timediff>24192
|
||||
function check_links(&$onions, &$ch, $link){
|
||||
curl_setopt($ch, CURLOPT_URL, $link);
|
||||
$links=curl_exec($ch);
|
||||
if(preg_match_all('~(https?://)?([a-z0-9]*\.)?([a-z2-7]{16}).onion(/[^\s><"]*)?~i', $links, $addr)){
|
||||
if(preg_match_all('~(https?://)?([a-z0-9]*\.)?([a-z2-7]{16}|[a-z2-7]{56}).onion(/[^\s><"]*)?~i', $links, $addr)){
|
||||
foreach($addr[3] as $link){
|
||||
$link=strtolower($link);
|
||||
$onions[md5($link, true)]=$link;
|
||||
@ -57,7 +66,7 @@ function check_links(&$onions, &$ch, $link){
|
||||
}
|
||||
}
|
||||
|
||||
function add_onions(&$onions, PDO $db){
|
||||
function add_onions(&$onions, $db){
|
||||
$stmt=$db->query('SELECT md5sum FROM ' . PREFIX . 'onions;');
|
||||
while($tmp=$stmt->fetch(PDO::FETCH_NUM)){
|
||||
if(isSet($onions[$tmp[0]])){
|
||||
@ -72,4 +81,3 @@ function add_onions(&$onions, PDO $db){
|
||||
}
|
||||
$db->commit();
|
||||
}
|
||||
?>
|
||||
|
||||
Reference in New Issue
Block a user