<?php // $_GET['do'] // 1: add 1 to impression counter // 2: add 1 to clic

1. <?php
2. // $_GET['do']
3. // 1: add 1 to impression counter
4. // 2: add 1 to click counter
5. // 3: get num of impressions
6. // 4: get num of clicks
7.  
8. // table: customads
9. // id
10. // adname
11. // impressions
12. // clicks
13.  
14. $sv_name = "localhost";
15. $username = "root";
16. $password = "slash112bot";
17. $db_name = "customads";
18. $table = "customads";
19. $con = mysql_connect($sv_name, $username, $password) or die(mysql_error());
20. mysql_select_db($db_name, $con) or die(mysql_error());
21.  
22. $do = mysql_real_escape_string($_GET['do']);
23.  
24.  
25. if ($do == 1) {
26. $query = "UPDATE " . $table . " SET impressions=impressions+1 WHERE adname='dreamstar'";
27. mysql_query($query, $con) or die(mysql_error());
28. }
29. else if ($do == 2) {
30. $query = "UPDATE " . $table . " SET clicks=clicks+1 WHERE adname='dreamstar'";
31. mysql_query($query, $con) or die(mysql_error());
32. }
33. else if ($do == 3) {
34. $query = "SELECT * FROM " . $table;
35. $result = mysql_query($query, $con) or die(mysql_error());
36. while($row = mysql_fetch_array($result))
37. {
38. if ($row['adname'] == "dreamstar") {
39. echo $row['impressions'];
40. }
41. }
42. }
43. else if ($do == 4) {
44. $query = "SELECT * FROM " . $table;
45. $result = mysql_query($query, $con) or die(mysql_error());
46. while($row = mysql_fetch_array($result))
47. {
48. if ($row['adname'] == "dreamstar") {
49. echo $row['clicks'];
50. }
51. }
52. }
53. else {
54. echo "fuck off, hacker";
55. }
56. ?>