<?php
function go_out()
 {
 global $frm;
 global $frm_cookie;
 global $frm_env;
 $frm['lid'] = intval($frm['lid']);
 if (!$frm['lid'])
  {
  header('Location: ' . encurl('?a=home'));
  exit();
  }
 $went = array();
 $went = preg_split('/;/', $frm_cookie['went']);
 if (!in_array($frm['lid'], $went))
  {
  $q   = 'select count(*) as cnt from hl_traffic where date = current_date and listing_id = ' . $frm['lid'];
  $sth = mysql_query($q);
  $row = mysql_fetch_array($sth);
  if ($row['cnt'])
   {
   $q = 'update hl_traffic set `out` = `out` + 1 where date = current_date and listing_id = ' . $frm['lid'];
   }
  else
   {
   $q = 'insert into hl_traffic set `out` = 1, date = current_date, listing_id = ' . $frm['lid'];
   }
  $sth = mysql_query($q);
  array_push($went, $frm['lid']);
  }
 setcookie('went', join(';', $went), time() + 630720000);
 $q   = 'select url, group_id from hl_listings where id = ' . $frm['lid'];
 $sth = mysql_query($q);
 $row = mysql_fetch_array($sth);
 header('Location: ' . $row['url']);
 exit();
 }
function go_in()
 {
 global $frm;
 global $frm_cookie;
 global $frm_env;
 $frm['lid'] = intval($frm['ref']);
 $q          = 'delete from hl_in_log where date + interval 1 day < now()';
 $sth        = mysql_query($q);
 $q          = 'select count(*) as cnt from hl_in_log where ip = \'' . $frm_env['REMOTE_ADDR'] . '\' and listing_id = ' . $frm['lid'];
 ($sth = mysql_query($q) || print mysql_error());
 $row = mysql_fetch_array($sth);
 if (!$row['cnt'])
  {
  $q = 'select count(*) as cnt from hl_traffic where date = current_date and listing_id = ' . $frm['lid'];
  ($sth = mysql_query($q) || print mysql_error());
  $row = mysql_fetch_array($sth);
  if ($row['cnt'])
   {
   $q = 'update hl_traffic set `in` = `in` + 1 where date = current_date and listing_id = ' . $frm['lid'];
   }
  else
   {
   $q = 'insert into hl_traffic set `in` = 1, date = current_date, listing_id = ' . $frm['lid'];
   }
  ($sth = mysql_query($q) || print mysql_error());
  $q = 'insert into hl_in_log set ip = \'' . $frm_env['REMOTE_ADDR'] . '\', listing_id = ' . $frm['lid'] . ', date = now()';
  ($sth = mysql_query($q) || print mysql_error());
  }
 }
function adsgo()
 {
 global $banners;
 global $frm;
 $aid = intval($frm['aid']);
 $bid = intval($frm['id']);
 if (!$banners[$aid . '_url_' . $bid])
  {
  header('Location: ' . encurl('?a=home'));
  exit();
  }
 count_hits('hit_' . $aid . '_' . $bid);
 header('Location: ' . $banners[$aid . '_url_' . $bid]);
 exit();
 }
if (file_exists('install.php'))
 {
 print 'Delete install.php file for security reason please!';
 exit();
 }
define('HotHyip_Lister_2010', 'answer');
ini_set('error_reporting', 'E_ALL & ~E_NOTICE');
require('include/libs/Smarty.class.php');
$smarty                = new Smarty();
$smarty->compile_check = true;
$smarty->template_dir  = './template/';
$smarty->compile_dir   = './template_cache';
include('include/config.inc.php');
include('include/config.php');
$dbconn = db_open();
if (!$dbconn)
 {
 print 'Cannot connect mysql';
 exit();
 }
if (($frm['a'] == 'image' && extension_loaded('gd')))
 {
 if (file_exists('include/image_custom.inc.php'))
  {
  include('include/image_custom.inc.php');
  }
 else
  {
  include('include/image.inc.php');
  }
 draw_image();
 exit();
 }
$mddomain = $frm_env['HTTP_HOST'];
  $mddomain = preg_replace ('/^www\\./', '', $mddomain);
  $key = strtoupper (md5 ($mddomain . 'jklfds89ufsdkfnsjfdksh') . md5 ($mdscriptname . '7hbfnbdnf') . md5 ('hyiplister' . $mddomain));
  $flag = 0;
  for ($i = 0; $i < 5; ++$i)
  {
    if ($i == 0)
    {
      $i = '';
    }

    $skey = substr ($settings['key' . $i], 100, -200);
    if ($key == $skey)
    {
      $flag = 1;
      continue;
    }
  }


/*
Remarked by phphyip.net
*/

session_start();
if ($frm['a'] == 'turing')
 {
 $i = 0;
 while ($i < 6)
  {
  $rand .= rand(0, 9);
  ++$i;
  }
 $GLOBALS['_SESSION']['vn'] = $rand;
 $string                    = $rand;
 header('Content-type: image/png');
 $im               = @imagecreate(@imagefontwidth(5) * @strlen($string) + 3, @imagefontheight(5) + 3);
 $background_color = imagecolorallocate($im, 255, 255, 255);
 $i                = 0;
 while ($i < strlen($string))
  {
  $text_color = imagecolorallocate($im, rand(0, 125), rand(0, 125), rand(0, 125));
  imagestring($im, 5, 2 + $i * imagefontwidth(5), 0 - 2 + rand(1, 5), $string[$i], $text_color);
  ++$i;
  }
 imagepng($im);
 imagedestroy($im);
 exit();
 }
$smarty->assign('sesname', session_name());
$smarty->assign('sesid', session_id());
$smarty->assign('rand', rand(10000, 99999));
foreach ($bannergroup as $id => $data)
 {
 if ($banners[$id . '_type'] == 1)
  {
  $ads[$id] = show_paidads($id);
  continue;
  }
 $ads[$id] = show_rand_paidads($id);
 }
$smarty->assign('ads', $ads);
$smarty->assign('banners', $banners);
$smarty->assign('settings', $settings);
$smarty->assign('frm', $frm);
if ($frm['a'] == 'go')
 {
 go_out();
 }
if ($frm['ref'])
 {
 go_in();
 }
if ($frm['a'] == 'goads')
 {
 adsgo();
 }
if ((($frm['a'] == 'details' || ($frm['a'] == 'ajdetails' && $frm['do'] == 'votes')) || ($frm['a'] == 'info' && $frm['do'] == 'lvotes')))
 {
 include('./include/geoip.inc.php');
 }
if ($settings['newlistings_box'])
 {
 $new_listings = array();
 $last_date    = '';
 $q            = 'select 
                hl_listings.*,
                date_format(hl_listings.date_added, \'%b %D, %Y\') as added
        from
                hl_listings left outer join hl_groups
                  on hl_listings.group_id = hl_groups.id
        where
                hl_groups.onnew = 1 and
                hl_listings.date_added + interval ' . $settings['new_for_days'] . ' day >= current_date and
                (hl_listings.expiration = 0 || date_added + interval hl_listings.expiration day >= current_date)
                and hl_listings.status = 1
        order by
                date_added desc,
                group_id';
 $sth          = mysql_query($q);
 while ($row = mysql_fetch_array($sth))
  {
  if ($last_date != $row['added'])
   {
   array_push($new_listings, array(
    'data_type' => 'date',
    'date' => $row['added']
   ));
   $last_date = $row['added'];
   }
  $row['data_type'] = 'listing';
  array_push($new_listings, $row);
  }
 $smarty->assign('new_listings', $new_listings);
 if (sizeof($new_listings) == 0)
  {
  $settings['newlistings_box'] = 0;
  $smarty->assign('settings', $settings);
  }
 }
if ($settings['textads_box'])
 {
 $textads = array();
 $q       = 'select 
             *,
             date_format(date + interval expiration day, \'%b-%e-%Y\') as exp_date
      from
             hl_ads
      where
           date <= current_date and
           ((expiration = 0) || (date + interval expiration day >= current_date))
      order by ordering
  ';
 ($sth = mysql_query($q) || print mysql_error());
 while ($row = mysql_fetch_array($sth))
  {
  array_push($textads, $row);
  }
 $smarty->assign('textads', $textads);
 }
if ($settings['toprcb_box'])
 {
 $toprcbs = array();
 $q       = 'SELECT max(r.rcb) as mrcb, l.name, l.id FROM hl_listings as l, hl_rcb as r WHERE l.hyip_status < 3 and r.status =1 and r.list_id = l.id group by l.name order by r.rcb desc limit 0,' . $settings['toprcb_count'];
 ($sth = mysql_query($q) || print mysql_error());
 while ($row = mysql_fetch_array($sth))
  {
  array_push($toprcbs, $row);
  }
 $smarty->assign('toprcbs', $toprcbs);
 }
if ($settings['partners_box'])
 {
 $ipartners = array();
 $q         = 'select * from hl_partners where status = 1 and onindex = 1 order by ordering, date_added';
 if (!($sth = mysql_query($q)))
  {
  exit(mysql_error());
  (bool) true;
  }
 $partners = array();
 while ($row = mysql_fetch_array($sth))
  {
  array_push($ipartners, $row);
  }
 $smarty->assign('ipartners', $ipartners);
 }
$groups_nav = array();
$q          = 'select * from hl_groups where status = 1 and nav_name != \'\' order by id';
$sth        = mysql_query($q);
while ($row = mysql_fetch_array($sth))
 {
 array_push($groups_nav, $row);
 }
$smarty->assign('groups_nav', $groups_nav);
$userinfo = array();
if ($frm['a'] == 'logout')
 {
 setcookie('password', 0, time() - 86400);
 $GLOBALS['_SESSION']['password'] = 0;
 header('Location:' . encurl('?'));
 exit();
 }
if ($frm['a'] == 'do_login')
 {
 $errors = array();
 if (auth_turing($frm['turing']))
  {
  $errors['turing'] = 1;
  }
 if (!$errors)
  {
  $username        = quote($frm['username']);
  $password        = quote($frm['password']);
  $password        = md5($password);
  $add_login_check = ' username = "' . $username . '" and status = 1 ';
  $q               = 'select * from hl_users where ' . $add_login_check;
  $sth             = mysql_query($q);
  while ($row = mysql_fetch_assoc($sth))
   {
   if (($row['confirm'] != 0 && $settings['user_confirmation_require']))
    {
    $errors['not_confirmed'] = 1;
    continue;
    }
   if ($row['password'] != $password)
    {
    $errors['password'] = 1;
    continue;
    }
   $chid               = $row['id'] . '-' . md5($hid);
   $userinfo           = $row;
   $userinfo['logged'] = 1;
   $ip                 = $frm_env['REMOTE_ADDR'];
   $q                  = 'update hl_users set hid = "' . $qhid . '", login_time = now(), login_ip = "' . $ip . '" where id = ' . $row['id'];
   mysql_query($q);
   setcookie('password', $chid, time() + 630720000);
   $GLOBALS['_SESSION']['password'] = $chid;
   }
  }
 else
  {
  if ($errors)
   {
   $frm['referrer'] = urldecode($frm['referrer']);
   header('Location: ' . encurl('?a=login&display=invalid_login&username=' . $frm['username']) . '?referrer=' . urlencode($frm['referrer']));
   db_close($dbconn);
   exit();
   }
  }
 if ($userinfo['logged'] == 1)
  {
  $smarty->assign('userinfo', $userinfo);
  $smarty->assign('referrer', '/' . ltrim(urldecode($frm['referrer']), '/'));
  $smarty->display('login_redirect.tpl');
  exit();
  }
 }
else
 {
 $password = $frm_cookie['password'];
 if (!$password)
  {
  $password = $_SESSION['password'];
  }
 $ip = $frm_env['REMOTE_ADDR'];
 list($user_id, $chid) = split('-', $password, 2);
 $user_id = intval($user_id);
 $chid    = quote($chid);
 if (0 < $user_id)
  {
  $add_login_check = ' id = ' . $user_id . ' and status = 1 ';
  if (!$settings['demomode'])
   {
   $add_login_check .= ' and login_time + interval 30 minute > now() and login_ip = "' . $ip . '" ';
   }
  $q   = 'select * from hl_users where ' . $add_login_check;
  $sth = mysql_query($q);
  while ($row = mysql_fetch_array($sth))
   {
   $qhid = $row['hid'];
   $hid  = substr($qhid, 5, 20);
   if ($chid == md5($hid))
    {
    $userinfo           = $row;
    $userinfo['logged'] = 1;
    $q                  = 'update hl_users set login_time = now() where id = ' . $row['id'];
    mysql_query($q);
    continue;
    }
   }
  }
 }
$smarty->assign('userinfo', $userinfo);
$smarty->assign('login_referrer', (isset($frm['referrer']) ? urlencode($frm['referrer']) : urlencode($come_url)));
include('include/news_box.inc');
if ($frm['a'] == 'search')
 {
 include('include/search.inc');
 }
else
 {
 if ($frm['a'] == 'view_statistics')
  {
  include('include/view_statistics.inc');
  }
 else
  {
  if ($frm['a'] == 'info')
   {
   include('include/info_statistics.inc');
   }
  else
   {
   if ($frm['a'] == 'details')
    {
    include('include/details.inc');
    }
   else
    {
    if ($frm['a'] == 'allrcblist')
     {
     include('include/allrcb.inc');
     }
    else
     {
     if ($frm['a'] == 'allrcbrequest')
      {
      include('include/allrcbrequest.inc');
      }
     else
      {
      if ($frm['a'] == 'add_vote')
       {
       include('include/add_vote.inc');
       }
      else
       {
       if ($frm['a'] == 'new')
        {
        include('include/new.inc');
        }
       else
        {
        if ($frm['a'] == 'addprogram')
         {
         include('include/addprogram.inc');
         }
        else
         {
         if ($frm['a'] == 'add')
          {
          include('include/add.inc');
          }
         else
          {
          if ($frm['a'] == 'advertise')
           {
           include('include/advertise.inc');
           }
          else
           {
           if ($frm['a'] == 'news')
            {
            include('include/news.inc');
            }
           else
            {
            if ($frm['a'] == 'ajdetails')
             {
             include('include/ajdetails.inc');
             }
            else
             {
             if ($frm['a'] == 'send_payment')
              {
              include('include/send_payment.inc');
              }
             else
              {
              if ($frm['a'] == 'paystatus')
               {
               $smarty->display('payment_status.tpl');
               }
              else
               {
               if ($frm['a'] == 'support')
                {
                include('include/support.inc');
                }
               else
                {
                if ($frm['a'] == 'maillist')
                 {
                 include('include/maillist.inc');
                 }
                else
                 {
                 if ($frm['a'] == 'rss')
                  {
                  include('include/rss.inc.php');
                  }
                 else
                  {
                  if ($frm['a'] == 'partners')
                   {
                   include('include/partners.inc');
                   }
                  else
                   {
                   if ($frm['a'] == 'directory')
                    {
                    include('include/directory.inc');
                    }
                   else
                    {
                    if ($frm['a'] == 'signup')
                     {
                     include('include/signup.inc');
                     }
                    else
                     {
                     if (($frm['a'] == 'login' && !$userinfo['logged']))
                      {
                      $smarty->display('user_login.tpl');
                      }
                     else
                      {
                      if ($frm['a'] == 'profile')
                       {
                       include('include/user_profile.inc');
                       }
                      else
                       {
                       if ($frm['a'] == 'forgot_password')
                        {
                        include('include/forgot_password.inc');
                        }
                       else
                        {
                        if ($frm['a'] == 'bookmarks')
                         {
                         include('include/bookmarks.inc');
                         }
                        else
                         {
                         if ($frm['a'] == 'refback_requests')
                          {
                          include('include/user_refbacks.inc');
                          }
                         else
                          {
                          if ($frm['a'] == 'cust')
                           {
                           $file = $frm['page'];
                           $file = basename($file);
                           if (file_exists('template/custom/' . $file . '.tpl'))
                            {
                            $smarty->display('custom/' . $file . '.tpl');
                            db_close($dbconn);
                            exit();
                            }
                           else
                            {
                            include('include/home.inc');
                            }
                           }
                          else
                           {
                           include('include/home.inc');
                           }
                          }
                         }
                        }
                       }
                      }
                     }
                    }
                   }
                  }
                 }
                }
               }
              }
             }
            }
           }
          }
         }
        }
       }
      }
     }
    }
   }
  }
 }
db_close($dbconn);
?>