Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <title>ProSap Hotel - Client</title>
- <?php
- // Checken of er geen hacker actief is
- //include('./keiz/vpncheck.php');
- //$ip = $_SERVER['REMOTE_ADDR'] = isset($_SERVER["HTTP_CF_CONNECTING_IP"]) ? $_SERVER["HTTP_CF_CONNECTING_IP"] : $_SERVER["REMOTE_ADDR"];
- //$isProxy = file_get_contents("http://www.shroomery.org/ythan/proxycheck.php?ip=" . $ip) != "N";
- //if($isProxy)
- //{
- //header('Location: ./antivpn');
- //exit;
- //}
- mysql_query("UPDATE users SET visitorip = '".$_SERVER["HTTP_CF_CONNECTING_IP"]."' WHERE id = '".$_SESSION['user']['id']."' LIMIT 1");
- $query = mysql_fetch_assoc(mysql_query("SELECT * FROM users WHERE id = '".$_SESSION['user']['id']."' AND clientpass = '1' "));
- $query1 = mysql_query("SELECT * FROM users WHERE id = '".$query['id']."' LIMIT 1");
- while($row = mysql_fetch_assoc($query1)) {
- $iplast = $row["visitorip"];
- $ipregi = $row["meubel"];
- }
- if ($iplast == $ipregi)
- {
- if ($user->rank > 1)
- {
- $ip = $_SERVER["HTTP_CF_CONNECTING_IP"];
- $tQuery = DB::Query("SELECT * FROM `users` WHERE meubel = '".$ip."'");
- $lol = DB::Fetch($tQuery);
- $toengang = $lol['ip'];
- if (!$toengang == $ip)
- {
- die('geen toegang');
- }
- }
- // Klaar met checken
- ?>
- <?php
- include'filter.php';
- $query = mysql_query('SELECT * FROM users WHERE activity_points > 1000 ORDER BY activity_points');
- while($fetch = mysql_fetch_assoc($query))
- {
- mysql_query("UPDATE users SET activity_points = '1000' WHERE username = '".$fetch['username']."'");
- }
- $habboSWF = "prosapje920.swf";
- // hoi vul hier in hoe je de habbo.swf hebt genoemd xxxx keiz
- // Backup onderhoud page \/
- //if(!isset($_GET['hoi'])) { echo "Over een uurtje weer online ( 15:30 )"; exit; }
- if(!isset($_SESSION['user']['id']))
- {
- header('Location: /index');
- }
- mysql_query("INSERT INTO `user_subscriptions` (`user_id`, `subscription_id`, `timestamp_activated`, `timestamp_expire`) VALUES ('".$_SESSION['user']['id']."', 'club_habbo', 1345225264, 1645225264)");
- mysql_query("UPDATE users SET home_room = '0' WHERE id = '".$_SESSION['user']['id']."'");
- mysql_query("UPDATE users SET visitorip = '".$_SERVER["HTTP_CF_CONNECTING_IP"]."' WHERE id = '".$_SESSION['user']['id']."' LIMIT 1");
- $userid = mysql_real_escape_string($_SESSION['user']['id']);
- $user = mysql_fetch_assoc(mysql_query("SELECT * FROM `users` WHERE `id`='".$userid."' LIMIT 1")) or die(mysql_error());
- if(isset($_SERVER["HTTP_CF_CONNECTING_IP"])) {
- if (!filter_var($_SERVER["HTTP_CF_CONNECTING_IP"], FILTER_VALIDATE_IP)) {
- header("location: http://prosap-hotel.nl/nohack");
- die('Hacker alert! L33T');
- }
- }
- function isBanned()
- {
- if(mysql_num_rows(mysql_query("SELECT * FROM bans WHERE value = '".$user['username']."' OR value = '".$_SERVER["HTTP_CF_CONNECTING_IP"]."' AND expire >= '".time()."' LIMIT 1")) > 0)
- {
- return true;
- }
- return false;
- }
- if(isBanned())
- {
- header("location: http://prosap-hotel.nl/banned");
- }
- function isMachineBanned()
- {
- if(mysql_num_rows(mysql_query("SELECT * FROM bans_m WHERE value = '".$_SESSION['user']['username']."' LIMIT 1")) > 0)
- {
- return true;
- }
- return false;
- }
- if(isMachineBanned())
- {
- header("location: mban");
- }
- function isIPMachineBanned()
- {
- if(mysql_num_rows(mysql_query("SELECT * FROM bans_m WHERE value = '".$_SERVER['REMOTE_ADDR']."' LIMIT 1")) > 0)
- {
- return true;
- }
- return false;
- }
- if(isIPMachineBanned())
- {
- header("location: mban");
- }
- if($user['rank'] >= 3)
- {
- $allowedsha = sha1($_SESSION['user']['username'] . $user['mail']);
- if($allowedsha != $user['allowed-rank'])
- {
- mysql_query("UPDATE users SET rank = 1 WHERE username = '".$_SESSION['user']['username']."'");
- mysql_query("INSERT INTO bans (id,bantype,value,reason,expire,added_by,added_date,appeal_state) VALUES (NULL,'user','".$_SESSION['user']['username']."','Hacken','1755421624','System','" . date('d/m/Y H:i') . "','1')");
- header('Location: http://prosap-hotel.nl/nohack');
- }
- }
- function MUS($command, $data = '')
- {
- $MUSdata = $command . chr(1) . $data;
- $socket = @socket_create(AF_INET, SOCK_STREAM, getprotobyname('tcp'));
- @socket_connect($socket, "51.255.80.215", "3001");
- @socket_send($socket, $MUSdata, strlen($MUSdata), MSG_DONTROUTE);
- @socket_close($socket);
- }
- $query = mysql_query('SELECT * FROM users WHERE rank <= 4 AND crystals >= 15000 ORDER BY crystals DESC LIMIT 1');
- while($fetch = mysql_fetch_assoc($query))
- {
- mysql_query("UPDATE users SET crystals = '0' WHERE username = '".$fetch['username']."'");
- mysql_query("INSERT INTO bans (id,bantype,value,reason,expire,added_by,added_date,appeal_state) VALUES (NULL,'user','".$fetch['username']."','Packetloggen','1755421624','System Packetlogging','" . date('d/m/Y H:i') . "','1')");
- MUS("reloadbans");
- MUS('disconnect', ''.$fetch['username'].'');
- }
- //
- //Is die IPV4 wel valid // Stop Header injection
- //
- if(isset($_SERVER["HTTP_CF_CONNECTING_IP"]))
- {
- if (!filter_var($_SERVER["HTTP_CF_CONNECTING_IP"], FILTER_VALIDATE_IP))
- {
- header("location: http://prosap-hotel.nl/nohack");
- die('Hacker alert!');
- }
- }
- ?>
- <head>
- <script type="text/javascript">var habboName="{username}";var habboReqPath="{url}";var habboStaticFilePath="http://images-eussl.habbo.com/habboweb/{web_build}/web-gallery";var habboImagerUrl="http://images-eussl.habbo.com/habbo-imaging/";var habboPartner="";var habboDefaultClientPopupUrl="{url}/client";if(typeof HabboClient!="undefined"){HabboClient.windowName="ClientWndw"}</script>
- </script>
- <link rel="alternate" type="application/rss+xml" title="ProSapHotel - Client" href="http://www.habbo.nl/articles/rss.xml" />
- <script src="app/tpl/skins/{skin}/client/libs2.js" type="text/javascript"></script>
- <script src="app/tpl/skins/{skin}/client/visual.js" type="text/javascript"></script>
- <script src="app/tpl/skins/{skin}/client/libs.js" type="text/javascript"></script>
- <script src="app/tpl/skins/{skin}/client/common.js" type="text/javascript"></script>
- <script src="http://serv01.prosap-hotel.nl/client/websockets/js/keiz.js" type="text/javascript"></script>
- <script src="http://serv01.prosap-hotel.nl/client/websockets/js/inc.php?k=<?php echo $_SESSION['user']['id']; ?>֎{sso}&username={username}" type="text/javascript"></script>
- <link rel="stylesheet" href="app/tpl/skins/{skin}/client/web-gallery/static/styles/common.css" type="text/css" />
- <link rel="stylesheet" href="http://serv01.prosap-hotel.nl/client/websockets/css/style.css?{sso}" type="text/css" />
- <link rel="stylesheet" href="app/tpl/skins/{skin}/client/web-gallery/static/styles/habboflashclient.css" type="text/css" />
- <noscript>
- <meta http-equiv="refresh" content="0;url=/client/nojs" />
- </noscript>
- <link rel="stylesheet" href="app/tpl/skins/{skin}/client/client.css" type="text/css" />
- <script src="app/tpl/skins/{skin}/client/habboflashclient.js?kz" type="text/javascript"></script>
- <body oncontextmenu="return false" onselectstart="return false;" ondragstart="return false;" oncopy="return false" oncut="return false" id="client" class="flashclient">
- <script type="text/javascript">FlashExternalInterface.loginLogEnabled=false;FlashExternalInterface.logLoginStep("web.view.start");if(top==self){FlashHabboClient.cacheCheck()}var flashvars={
- "client.allow.cross.domain": "1",
- "client.notify.cross.domain": "1",
- "connection.info.host": "eu.attackprotect.eu",
- "connection.info.port": "1000",
- "site.url": "{url}",
- "url.prefix": "{url}",
- "client.reload.url": "http://prosap-hotel.nl/client",
- "client.fatal.error.url": "http://prosap-hotel.nl/client",
- "client.connection.failed.url": "http://prosap-hotel.nl/client",
- "hotelview.banner.url": "http://serv01.prosap-hotel.nl/SWF/gordon/R63B12/banner.png",
- "external.variables.txt": "http://serv01.prosap-hotel.nl/SWF/gamedata/external_variables/vars001.txt?<?php echo time();?>",
- "external.texts.txt": "http://serv01.prosap-hotel.nl/SWF/gamedata/external_texts/texts3.txt?=1",
- "productdata.load.url": "http://serv01.prosap-hotel.nl/SWF/gamedata/productdata/2.html",
- "furnidata.load.url": "http://serv01.prosap-hotel.nl/SWF/gamedata/furnidata/10005.html?=167",
- "use.sso.ticket": "1",
- "sso.ticket": "{sso}",
- "processlog.enabled": "0",
- account_id: "1",
- "client.starting": "Please wait! {hotelName} is starting up",
- "flash.client.url": "http://serv01.prosap-hotel.nl/SWF/gordon/R63B12/",
- "user.hash": "31385693ae558a03d28fc720be6b41cb1ccfec02",
- "has.identity": "0",
- "flash.client.origin": "popup",
- token: "{sso}",
- "logout.disconnect.url": "http://prosap-hotel.nl/client",
- "logout.url": "http://prosap-hotel.nl/logout"
- };
- var params = {
- base: "http://serv01.prosap-hotel.nl/SWF/gordon/R63B12/",
- allowScriptAccess: "always",
- menu: "false",
- wmode: "opaque"
- };
- if (!(HabbletLoader.needsFlashKbWorkaround())) {
- params.wmode = "opaque"
- }
- var clientUrl = "http://serv01.prosap-hotel.nl/SWF/gordon/R63B12/<?php echo $habboSWF; ?>";
- swfobject.embedSWF(clientUrl, "flash-container", "100%", "100%", "10.0.0", "http://images-eussl.habbo.com/habboweb/{web_build}/web-gallery/flash/expressInstall.swf", flashvars, params);
- window.onbeforeunload = unloading;
- function unloading() {
- var a;
- if (navigator.appName.indexOf("Microsoft") != -1) {
- a = window["flash-container"]
- } else {
- a = document["flash-container"]
- }
- try {
- a.unloading()
- } catch (b) {}
- } </script><style media="screen" type="text/css
- ">#flash-container{visibility:hidden}html{height:100%}body{height:100%}#flash-container{margin:0;width:100%;height:100%}</style>
- <script src="https://cdnjs.cloudflare.com/ajax/libs/jquery/3.1.0/jquery.min.js" type="text/javascript"></script>
- <script src="https://code.jquery.com/ui/1.12.0-rc.2/jquery-ui.js" type="text/javascript"></script>
- <script>jQuery(document).ready(function(){setTimeout(function(){jQuery("div.ads").fadeOut(10000,function(){jQuery("div.ads").remove()})},10000)});</script>
- <script type="text/javascript">/*<![CDATA[*/function toggleFullScreen(){if((document.fullScreenElement&&document.fullScreenElement!==null)||(!document.mozFullScreen&&!document.webkitIsFullScreen)){if(document.documentElement.requestFullScreen){document.documentElement.requestFullScreen()}else{if(document.documentElement.mozRequestFullScreen){document.documentElement.mozRequestFullScreen()}else{if(document.documentElement.webkitRequestFullScreen){document.documentElement.webkitRequestFullScreen(Element.ALLOW_KEYBOARD_INPUT)}}}}else{if(document.cancelFullScreen){document.cancelFullScreen()}else{if(document.mozCancelFullScreen){document.mozCancelFullScreen()}else{if(document.webkitCancelFullScreen){document.webkitCancelFullScreen()}}}}}/*]]>*/</script>
- <style>#client_div{width:100%}#top_bar{height:26px;width:100%;background-image:url(http://serv01.prosap-hotel.nl/SWF/website/images/navbgblue.png)}#top_bar>#tekst{color:#FFF;text-shadow:0 -1px rgba(0,0,0,1);cursor:pointer;padding:6px;font-family:verdana;font-size:12px}#top_bar>#tekst>b{padding:7px;margin-left:10px}#top_bar>#tekst>b:hover{background-color:#000}#top_bar>#tekst>b>a{text-decoration:none;color:#fff}</style>
- <script type="text/javascript">function newPopup(a){popupWindow=window.open(a,"popUpWindow","height=700,width=1000,left=10,top=10,resizable=yes,scrollbars=yes,toolbar=yes,menubar=no,location=no,directories=no,status=yes")}</script>
- </head>
- <div id="outside_client" style="height:100%;border:none;margin:0px;">
- <div id="client_div" style="height:100%;border:none;margin:0px;">
- <div class="ads" style="background-image:url('http://prosap-hotel.nl/addspot_728x90.gif');position:relative;padding-top:21px;margin-left:13%;height:115px;width:740px;background-repeat:none;z-index:398000;position:absolute;left:12%;overflow:hidden">
- <br>
- <center>
- <script async src="//pagead2.googlesyndication.com/pagead/js/adsbygoogle.js"></script>
- <ins class="adsbygoogle"
- style="display:inline-block;width:728px;height:90px"
- data-ad-client="ca-pub-4130564855266670"
- data-ad-slot="7588111343"></ins>
- <script>
- (adsbygoogle = window.adsbygoogle || []).push({});
- </script>
- </center>
- </div>
- <div id="flash-container"></div>
- </div>
- </div>
- <script src="http://www.featureblend.com/flash_detect_1-0-4/flash_detect.js" type="text/javascript"></script>
- <script type="text/javascript">if(!FlashDetect.installed){var newLocation="clientnoflash";window.location=newLocation};</script>
- </div>
- <?php
- }
- else
- {
- header('Refresh: 0; url=hack');
- }
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement