Файл: mod/go.php
Строк: 14
<?php
include_once($_SERVER["DOCUMENT_ROOT"]."/inc/db.php");
if(isset($_GET['id'])){
if(isset($_GET['tok'])){
$token = $_SESSION['tok'] + $_GET['id'];
$ipgo = isset($_COOKIE['ip_go']) ? $_COOKIE['ip_go'] : $_SERVER['REMOTE_ADDR'];
$ip=$ipgo;
$_ua = isset($_SERVER['HTTP_X_OPERAMINI_PHONE_UA']) ? $_SERVER['HTTP_X_OPERAMINI_PHONE_UA'] : $_SERVER['HTTP_USER_AGENT'];
$go=$_GET['id'];
$data = mysql_query("SELECT * FROM `rek` WHERE `clicks` > '0' AND `id` = '".$go."' ORDER BY RAND() LIMIT 1");
if (mysql_num_rows($data)) {
while ($row = mysql_fetch_assoc($data)){
if ($token = $_GET['tok']){
if (mysql_num_rows(mysql_query("SELECT * FROM `go` WHERE `go` = '".$go."' AND `ip` = '".$ip."'"))){
header ('location: '.htmlspecialchars($row['url']).'');
} else {
if (mysql_query("UPDATE `rek` SET `go` = `go` + '1' WHERE `id` = '".$row['id']."'") && mysql_query("INSERT INTO `go` SET `go` = '".$row['id']."', `ip` = '".$ip."', `ua` = '".$_ua."'")) {
header ('location: '.htmlspecialchars($row['url']).'');
} else {
header('location: /');
}
}
} else {
header ('location: '.htmlspecialchars($row['url']).'');
}
}
} else {
header ('location: /');
}
}
} else {
header ('location: /');
}
?>