$I[wrongpass]
"; } }else{ echo "$I[invalonion]
"; }else{ $addr=strtolower($addr[3]); $md5=md5($addr, true); if($_POST['action']===$I['remove']){ //remove address from public display $db->prepare('UPDATE ' . PREFIX . "onions SET address='', locked=1 WHERE md5sum=?;")->execute([$md5]); echo "$I[succremove]
"; }elseif($_POST['action']===$I['lock']){ //lock editing $db->prepare('UPDATE ' . PREFIX . 'onions SET locked=1 WHERE md5sum=?;')->execute([$md5]); echo "$I[succlock]
"; }elseif($_POST['action']===$I['readd']){ //add onion back, if previously removed $db->prepare('UPDATE ' . PREFIX . 'onions SET address=?, locked=1 WHERE md5sum=?;')->execute([$addr, $md5]); echo "$I[succreadd]
"; }elseif($_POST['action']===$I['unlock']){ //unlock editing $db->prepare('UPDATE ' . PREFIX . 'onions SET locked=0 WHERE md5sum=?;')->execute([$md5]); echo "$I[succunlock]
"; }elseif($_POST['action']===$I['promote']){ //promote link for payed time $stmt=$db->prepare('SELECT special FROM ' . PREFIX . 'onions WHERE md5sum=?;'); $stmt->execute([$md5]); $specialtime=$stmt->fetch(PDO::FETCH_NUM); if($specialtime[0]$I[succpromote]
", date('Y-m-d H:i', $time)); }elseif($_POST['action']===$I['unpromote']){ //remove promoted status $db->prepare('UPDATE ' . PREFIX . 'onions SET special=0 WHERE md5sum=?;')->execute([$md5]); echo "$I[succunpromote]
"; }elseif($_POST['action']===$I['update']){ //update description $stmt=$db->prepare('SELECT * FROM ' . PREFIX . 'onions WHERE md5sum=?;'); $stmt->execute([$md5]); if($category===count($categories)){ $category=0; } if(!isSet($_POST['desc'])){ $desc=''; }else{ $desc=trim($_POST['desc']); $desc=htmlspecialchars($desc); $desc=preg_replace("/(\r?\n|\r\n?)/", '$I[succadd]
"; }elseif($desc!=''){ //update description+category $stmt=$db->prepare('UPDATE ' . PREFIX . 'onions SET description=?, category=?, locked=1 WHERE md5sum=?;'); $stmt->execute([$desc, $category, $md5]); echo "$I[succupddesc]
"; }elseif($category!=0){ //only update category $stmt=$db->prepare('UPDATE ' . PREFIX . 'onions SET category=? WHERE md5sum=?;'); $stmt->execute([$category, $md5]); echo "$I[succupdcat]!
"; }else{ //no description or category change and already known echo "$I[alreadyknown]
"; } }elseif($_POST['action']===$I['phishing']){//mark as phishing clone if($_POST['original']!=='' && !preg_match('~(^(https?://)?([a-z2-7]{16})(\.onion(/.*)?)?$)~i', $_POST['original'], $orig)){ echo "$I[invalonion]
"; }else{ if(isset($orig[3])){ $orig=strtolower($orig[3]); }else{ $orig=''; } if($orig!==$addr){ $stmt=$db->prepare('INSERT INTO ' . PREFIX . 'phishing (onion_id, original) VALUES ((SELECT id FROM ' . PREFIX . 'onions WHERE address=?), ?);'); $stmt->execute([$addr, $orig]); echo "$I[succaddphish]
"; }else{ echo "$I[samephish]
"; } } }elseif($_POST['action']===$I['unphishing']){ //remove phishing clone status $stmt=$db->prepare('DELETE FROM ' . PREFIX . 'phishing WHERE onion_id=(SELECT id FROM ' . PREFIX . 'onions WHERE address=?);'); $stmt->execute([$addr]); echo "$I[succrmphish]
"; }else{ //no specific button was pressed echo "$I[noaction]
"; } } } } echo '