<?php
session_start();
$host = "localhost";
$username = "#";
$password = "#";
$dbname = "#";
$ip = getenv("REMOTE_ADDR") ;
$time = time();
$waktu = date("G:i:s",time());
//database connect
mysql_connect($host,$username,$password) or die(mysql_error());
mysql_select_db($dbname) or die(mysql_error());
mysql_query("SET NAMES utf8");
mysql_query("CREATE TABLE IF NOT EXISTS `cookies` (
`ip` varchar(32) NOT NULL DEFAULT '',
`time` varchar(32) DEFAULT NULL,
`waktu` varchar(255) DEFAULT NULL,
PRIMARY KEY (`ip`)
ENGINE=MyISAM DEFAULT CHARSET=utf8;
)
");
function get_html($url) {
$ch = curl_init();
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0);
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($ch, CURLOPT_FAILONERROR, 0);
$data = curl_exec($ch);
curl_close($ch);
return $data;
}
$token = $_SESSION['token'];
if($token){
$graph_url ="http://example.com?user=" . $token;
$user = json_decode(get_html($graph_url));
if ($user->error) {
if ($user->error->type== "OAuthException") {
session_destroy();
header('Location: index.php?info=403');
}
}
}
else{
header('Location: index.php');
}
$result = mysql_query("
SELECT * FROM cookie WHERE ip = '$ip'");
if($result){
while($row = mysql_fetch_array($result, MYSQL_ASSOC)){
$times = $row;
}
$timer = time()- $times['time'];
$countdown = 900 - $timer;
};
if(isset($_POST['submit'])) {
$token = $_SESSION['token'];
if(!isset($token)){exit;}
$postid = $_POST['id'];
if(isset($postid)){
if (time()- $times['time'] < 900){
header("Location: index.php?info=404");
}
else{
mysql_query("REPLACE INTO cookie (ip,time,waktu) VALUES ( '$ip','$time','$waktu')");
$ch = curl_init('http://example.com/secure.php');
curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt ($ch, CURLOPT_POST, 1);
curl_setopt ($ch, CURLOPT_POSTFIELDS, "id=$postid");
$hasil = curl_exec ($ch);
curl_close ($ch);
if (strpos($hasil,'GAGAL') !== false) {
echo 'Done';
}else{
//header("Location: index.php");
header("Location: index.php?info=401");
}
}
}else{
header("Location: index.php");
};
}else{
$go ="hello";
}
$urlSplitted = explode('?fbid=', $_GET['url']);
$fbid = $urlSplitted[1];
?>