2 /************************************************************************
3 * MXChange v0.2.1 Start: 10/24/2003 *
4 * =============== Last change: 06/30/2004 *
6 * -------------------------------------------------------------------- *
7 * File : frametester.php *
8 * -------------------------------------------------------------------- *
9 * Short description : Test your website against frame killers *
10 * -------------------------------------------------------------------- *
11 * Kurzbeschreibung : Testet die Mitgliedsseite gegen Frame-Killer *
12 * -------------------------------------------------------------------- *
14 * -------------------------------------------------------------------- *
15 * Copyright (c) 2003 - 2008 by Roland Haeder *
16 * For more information visit: http://www.mxchange.org *
18 * This program is free software; you can redistribute it and/or modify *
19 * it under the terms of the GNU General Public License as published by *
20 * the Free Software Foundation; either version 2 of the License, or *
21 * (at your option) any later version. *
23 * This program is distributed in the hope that it will be useful, *
24 * but WITHOUT ANY WARRANTY; without even the implied warranty of *
25 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
26 * GNU General Public License for more details. *
28 * You should have received a copy of the GNU General Public License *
29 * along with this program; if not, write to the Free Software *
30 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, *
32 ************************************************************************/
34 // Some security stuff...
35 if (!defined('__SECURITY')) {
36 $INC = substr(dirname(__FILE__), 0, strpos(dirname(__FILE__), "/inc") + 4) . "/security.php";
42 if (!empty($_GET['order'])) {
43 // Order number placed, is he also logged in?
45 // Ok, test passed... :)
46 $result = SQL_QUERY_ESC("SELECT subject, url FROM "._MYSQL_PREFIX."_pool WHERE id=%s AND sender=%s AND data_type='TEMP' LIMIT 1",
47 array(bigintval($_GET['order']), $GLOBALS['userid']), __FILE__, __LINE__);
49 // Finally is the entry valid?
50 if (SQL_NUMROWS($result) == 1) {
51 // Load subject and URL (but forwhat do we need the subject line here???
52 list($sub, $url) = SQL_FETCHROW($result);
54 // This fixes a white page
60 // Matching line not found!
61 LOAD_URL("modules.php?module=index&what=login");
65 SQL_FREERESULT($result);
67 // He is no longer logged in
68 LOAD_URL("modules.php?module=index&what=login");
72 if ((!empty($_POST['url'])) || (!empty($_GET['url'])) || (!empty($_GET['frame']))) {
73 // Default URL is ours
76 // Decode URL if set in GET parameters
77 if (!empty($_GET['url'])) $url = gzuncompress(base64_decode(str_replace(" ", "+", COMPILE_CODE(urldecode($_GET['url'])))));
79 // Use URL from POST data if set
80 if (!empty($_POST['url'])) $url = $_POST['url'];
82 // Add missing element
84 if (!empty($_GET['frame'])) $frame = SQL_ESCAPE($_GET['frame']);
92 define('__ORDER_VALUE', bigintval($_GET['order']));
93 define('__URL_VALUE' , DEREFERER($url));
94 LOAD_TEMPLATE("member_order_frametester");
98 define('__URL_VALUE' , DEREFERER($url));
99 LOAD_TEMPLATE("guest_frametester");
105 OUTPUT_HTML("<STRONG class=\"guest_done\">".GUEST_FRAMETESTER_TOP."</SPAN>");
108 case "back": // Back buttom
109 LOAD_TEMPLATE("member_order_back", false, $_GET['order']);
112 case "send": // Send mail away
113 LOAD_TEMPLATE("member_order_send", false, $_GET['order']);
118 LOAD_URL("modules.php?module=login");