<?php @mysql_connect('localhost', 'root', 'Hillary99') or die('MYSQL ERROR:

1. <?php
2.  
3.   @mysql_connect('localhost', 'root', 'Hillary99') or die('MYSQL ERROR: SERVER CONNECT');
4.   @mysql_select_db('projects') or die('MYSQL_ERROR: DATABASE SELECT');
5.  
6.   $a = $_GET['a'];
7.  
8.   if (($a == 'a' || $a == '') && !$_SESSION['user']) header('Location: login');
9.  
10.   if ($a == 'i') {
11.     $i = @mysql_real_escape_string($_GET['i']);
12.     $n = number_format(get_downloads($i));
13.     if ($_GET['f'] == 't') die($n);
14.     $i = imagecreate(strlen($n) * 9 + 1, 13);
15.     $b = imagecolorallocate($i, 255, 255, 255);
16.     $t = imagecolorallocate($i, 0, 0, 0);
17.     imagestring($i, 5, 1, 0, $n, $t);
18.     header('Content-type: image/png');
19.     imagepng($i);
20.     imagedestroy($i);
21.     die();
22.   } else if ($a == 'd') {
23.     $i = $_GET['i'];
24.     if (!isset($i)) die('ERROR: NO ID');
25.     $q = 'SELECT url FROM ancp WHERE id = ' . $i;
26.     $u = ($r = @mysql_fetch_array(@mysql_query($q))) ? $r[0] : '';
27.     if ($u == '') die('ERROR: NO URL FOUND');
28.     else if (is404($u)) die('ERROR: URL RESOLVED TO 404');
29.     if (!@mysql_unbuffered_query('SELECT 1 FROM ancd WHERE p = \'' . $_SERVER['REMOTE_ADDR'] . '\'')) {
30.       @mysql_unbuffered_query('UPDATE ancp SET downlods = downloads + 1 WHERE id = ' . $i);
31.       @mysql_unbuffered_query('INSERT INTO ancd (pid, ip) VALUES (' . $i . ', \'' . $_SERVER['REMOTE_ADDR'] . '\')');
32.     }
33.     header('Location: ' . $u);
34.   } else {
35.     if ($_POST['submit'] == 'Add Program') {
36.       $_POST = @array_map('mysql_real_escape_string', $_POST);
37.       $n  = $_POST['n'];
38.       $l  = $_POST['l'];
39.       $u  = $_POST['u'];
40.       $d  = $_POST['d'];
41.       $p0 = $_POST['p0'];
42.       $p1 = $_POST['p1'];
43.      
44.       if (strlen($n) > 2) {
45.         if ($u && !is404($u)) {
46.           if ($p0 == $p1) {
47.             $q = 'INSERT INTO ancp (name, login, password, url, description) VALUES (\'' . $n . '\', \'' . $l . '\', \'' . md5($p0) . '\', \'' . $u . '\', \'' . $d . '\')';
48.             @mysql_query($q) or die(mysql_error());
49.           } else $error = 'The passwords did not match.';
50.         } else $error = 'Invalid URL provided.';
51.       } else $error = 'Your program name must be more than three characters long.';
52.     } else if ($_POST['submit'] == 'Login') {
53.       $_POST = @array_map('mysql_real_escape_string', $_POST);
54.       $u = $_POST['u'];
55.       $p = $_POST['p'];
56.      
57.       if ($u) {
58.         if ($p) {
59.           $q = 'SELECT id FROM ancu WHERE username = \'' . $u . '\' AND password = \'' . md5($p) . '\'';
60.           if (!@mysql_unbuffered_query($q)) $error = 'Invalid username or password';
61.           else {
62.             $_SESSION['user'] = $u;
63.             header('Location: settings');
64.           }
65.         } else $error = 'No password provided';
66.       } else $error = 'No username provided';
67.     }
68.  
69. ?>