PDO::ERRMODE_WARNING, PDO::ATTR_PERSISTENT=>PERSISTENT]); }catch(PDOException $e){ die($I['nodb']); } asort($categories); echo ''; echo "$I[admintitle]"; echo ''; echo ''; echo ''; echo ''; echo ''; echo "

$I[admintitle]

"; print_langs(); //check password if(!isset($_POST['pass']) || $_POST['pass']!==ADMINPASS){ echo "'; if(isset($_POST['pass'])){ echo "

$I[wrongpass]

"; } }else{ $view_mode = isset($_POST['view_mode']) ? $_POST['view_mode'] : 'single'; if(isset($_POST['switch_view_mode'])){ $view_mode = $view_mode === 'single' ? 'multi' : 'single'; } echo ""; echo "

"; echo ""; echo ""; echo ""; if($view_mode === 'single') { echo "

$I[link]:

'; } else { echo ''; $stmt=$db->query('SELECT address, description, category, approved, locked FROM ' . PREFIX . "onions WHERE address!='';"); while($onion = $stmt->fetch(PDO::FETCH_ASSOC)){ echo ''; echo ""; } echo '

Select	Address	Description	Category	Status
	'.$onion['address'].'.onion	$onion[description]	{$categories[$onion['category']]}	Approved: $onion[approved] Locked: $onion[locked]

'; } echo "

$I[cloneof]:

'; echo "

$I[bitcoins]:

'; echo "

$I[adddesc]:
"; if(!empty($_REQUEST['desc'])){ echo htmlspecialchars(trim($_REQUEST['desc'])); }elseif(isset($_REQUEST['addr']) && is_string($_REQUEST['addr'])){ if(preg_match('~(^(https?://)?([a-z2-7]{16}|[a-z2-7]{56})(\.onion(/.*)?)?$)~i', trim($_REQUEST['addr']), $addr)){ $addr=strtolower($addr[3]); $md5=md5($addr, true); $stmt=$db->prepare('SELECT description, category FROM ' . PREFIX . 'onions WHERE md5sum=?;'); $stmt->execute([$md5]); if($desc=$stmt->fetch(PDO::FETCH_ASSOC)){ $category=$desc['category']; echo str_replace('<br>', "\n", $desc['description']); } } } echo '

'; if(isset($_REQUEST['cat']) && $_REQUEST['cat']=0){ $category=$_REQUEST['cat']; } if(!isset($category)){ $category=count($categories); } echo "

$I[category]:

'; echo ''; echo ''; echo ""; echo ""; echo ""; echo ""; echo ''; echo ""; echo ""; echo ""; echo ""; echo ''; echo ""; if(REQUIRE_APPROVAL) { echo ""; echo ""; } echo '

'; echo '
'; if(!empty($_POST['addr'])){ $addrs = is_array($_POST['addr']) ? $_POST['addr'] : [$_POST['addr']]; foreach ($addrs as $addr_single) { if ( ! preg_match( '~(^(https?://)?([a-z2-7]{16}|[a-z2-7]{56})(\.onion(/.*)?)?$)~i', trim( $addr_single ), $addr ) ) { echo "

$I[invalonion]

"; } else { $addr = strtolower( $addr[ 3 ] ); $md5 = md5( $addr, true ); if ( $_POST[ 'action' ] === $I[ 'remove' ] ) { //remove address from public display $db->prepare( 'UPDATE ' . PREFIX . "onions SET address='', locked=1, approved=-1 WHERE md5sum=?;" )->execute( [ $md5 ] ); echo "

$I[succremove]

"; } elseif ( $_POST[ 'action' ] === $I[ 'lock' ] ) { //lock editing $db->prepare( 'UPDATE ' . PREFIX . 'onions SET locked=1, approved=1 WHERE md5sum=?;' )->execute( [ $md5 ] ); echo "

$I[succlock]

"; } elseif ( $_POST[ 'action' ] === $I[ 'readd' ] ) { //add onion back, if previously removed $db->prepare( 'UPDATE ' . PREFIX . 'onions SET address=?, locked=1, approved=1 WHERE md5sum=?;' )->execute( [ $addr, $md5 ] ); echo "

$I[succreadd]

"; } elseif ( $_POST[ 'action' ] === $I[ 'unlock' ] ) { //unlock editing $db->prepare( 'UPDATE ' . PREFIX . 'onions SET locked=0, approved=1 WHERE md5sum=?;' )->execute( [ $md5 ] ); echo "

$I[succunlock]

"; } elseif ( $_POST[ 'action' ] === $I[ 'promote' ] ) { //promote link for payed time $stmt = $db->prepare( 'SELECT special FROM ' . PREFIX . 'onions WHERE md5sum=?;' ); $stmt->execute( [ $md5 ] ); $specialtime = $stmt->fetch( PDO::FETCH_NUM ); if ( $specialtime[ 0 ] < time() ) { $time = time() + ( ( $_POST[ 'btc' ] / PROMOTEPRICE ) * PROMOTETIME ); } else { $time = $specialtime[ 0 ] + ( ( $_POST[ 'btc' ] / PROMOTEPRICE ) * PROMOTETIME ); } $db->prepare( 'UPDATE ' . PREFIX . 'onions SET special=?, locked=1, approved=1 WHERE md5sum=?;' )->execute( [ $time, $md5 ] ); printf( "

$I[succpromote]

", date( 'Y-m-d H:i', $time ) ); } elseif ( $_POST[ 'action' ] === $I[ 'unpromote' ] ) { //remove promoted status $db->prepare( 'UPDATE ' . PREFIX . 'onions SET special=0 WHERE md5sum=?;' )->execute( [ $md5 ] ); echo "

$I[succunpromote]

"; } elseif ( $_POST[ 'action' ] === $I[ 'update' ] ) { //update description $stmt = $db->prepare( 'SELECT * FROM ' . PREFIX . 'onions WHERE md5sum=?;' ); $stmt->execute( [ $md5 ] ); if ( $category === count( $categories ) ) { $category = 0; } if ( ! isset( $_POST[ 'desc' ] ) ) { $desc = ''; } else { $desc = trim( $_POST[ 'desc' ] ); $desc = htmlspecialchars( $desc ); $desc = preg_replace( "/(\r?\n|\r\n?)/", '
', $desc ); } if ( ! $stmt->fetch( PDO::FETCH_ASSOC ) ) { //not yet there, add it $stmt = $db->prepare( 'INSERT INTO ' . PREFIX . 'onions (address, description, md5sum, category, timeadded, locked, approved) VALUES (?, ?, ?, ?, ?, 1, 1);' ); $stmt->execute( [ $addr, $desc, $md5, $category, time() ] ); echo "

$I[succadd]

"; } elseif ( $desc != '' ) { //update description+category $stmt = $db->prepare( 'UPDATE ' . PREFIX . 'onions SET description=?, category=?, locked=1, approved=1 WHERE md5sum=?;' ); $stmt->execute( [ $desc, $category, $md5 ] ); echo "

$I[succupddesc]

"; } elseif ( $category != 0 ) { //only update category $stmt = $db->prepare( 'UPDATE ' . PREFIX . 'onions SET category=?, locked=1, approved=1 WHERE md5sum=?;' ); $stmt->execute( [ $category, $md5 ] ); echo "

$I[succupdcat]!

"; } else { //no description or category change and already known echo "

$I[alreadyknown]

"; } } elseif ( $_POST[ 'action' ] === $I[ 'phishing' ] ) {//mark as phishing clone if ( $_POST[ 'original' ] !== '' && ! preg_match( '~(^(https?://)?([a-z2-7]{16}|[a-z2-7]{56})(\.onion(/.*)?)?$)~i', $_POST[ 'original' ], $orig ) ) { echo "

$I[invalonion]

"; } else { if ( isset( $orig[ 3 ] ) ) { $orig = strtolower( $orig[ 3 ] ); } else { $orig = ''; } if ( $orig !== $addr ) { $stmt = $db->prepare( 'INSERT INTO ' . PREFIX . 'phishing (onion_id, original) VALUES ((SELECT id FROM ' . PREFIX . 'onions WHERE address=?), ?);' ); $stmt->execute( [ $addr, $orig ] ); $stmt = $db->prepare( 'UPDATE ' . PREFIX . 'onions SET locked=1, approved=1 WHERE address=?;' ); $stmt->execute( [ $addr ] ); echo "

$I[succaddphish]

"; } else { echo "

$I[samephish]

"; } } } elseif ( $_POST[ 'action' ] === $I[ 'unphishing' ] ) { //remove phishing clone status $stmt = $db->prepare( 'DELETE FROM ' . PREFIX . 'phishing WHERE onion_id=(SELECT id FROM ' . PREFIX . 'onions WHERE address=?);' ); $stmt->execute( [ $addr ] ); echo "

$I[succrmphish]

"; } elseif ( $_POST[ 'action' ] === $I[ 'reject' ] ) { //lock editing $db->prepare( 'UPDATE ' . PREFIX . 'onions SET approved=-1 WHERE md5sum=?;' )->execute( [ $md5 ] ); echo "

$I[succreject]

"; } elseif ( $_POST[ 'action' ] === $I[ 'approve' ] ) { //lock editing $db->prepare( 'UPDATE ' . PREFIX . 'onions SET approved=1 WHERE md5sum=?;' )->execute( [ $md5 ] ); echo "

$I[succapprove]

"; } else { //no specific button was pressed echo "

$I[noaction]

"; } } } } } echo '

Onion Link List - ' . VERSION . '

'; echo '';