-<?php\r
-/************************************************************************\r
- * MXChange v0.2.1 Start: 01/02/2004 *\r
- * =============== Last change: 09/04/2004 *\r
- * *\r
- * -------------------------------------------------------------------- *\r
- * File : view.php *\r
- * -------------------------------------------------------------------- *\r
- * Short description : View a banner and count his views *\r
- * -------------------------------------------------------------------- *\r
- * Kurzbeschreibung : Banner anzeigen und Views zaehlen *\r
- * -------------------------------------------------------------------- *\r
- * *\r
- * -------------------------------------------------------------------- *\r
- * Copyright (c) 2003 - 2008 by Roland Haeder *\r
- * For more information visit: http://www.mxchange.org *\r
- * *\r
- * This program is free software; you can redistribute it and/or modify *\r
- * it under the terms of the GNU General Public License as published by *\r
- * the Free Software Foundation; either version 2 of the License, or *\r
- * (at your option) any later version. *\r
- * *\r
- * This program is distributed in the hope that it will be useful, *\r
- * but WITHOUT ANY WARRANTY; without even the implied warranty of *\r
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *\r
- * GNU General Public License for more details. *\r
- * *\r
- * You should have received a copy of the GNU General Public License *\r
- * along with this program; if not, write to the Free Software *\r
- * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, *\r
- * MA 02110-1301 USA *\r
- ************************************************************************/\r
-\r
-// Load security stuff here (Oh, I hope this is not unsecure? Am I paranoia??? ;-) )\r
-require_once("inc/libs/security_functions.php");\r
-\r
-// Init "action" and "what"\r
-global $what, $action;\r
-$GLOBALS['what'] = ""; $GLOBALS['action'] = "";\r
-if (!empty($_GET['action'])) $GLOBALS['action'] = trim(strip_tags($_GET['action']));\r
-if (!empty($_GET['what'])) $GLOBALS['what'] = trim(strip_tags($_GET['what']));\r
-\r
-// Set module\r
-$GLOBALS['module'] = "view"; $CSS = -1;\r
-\r
-// Load the required file(s)\r
-require ("inc/config.php");\r
-\r
-if (((!empty($_GET['user'])) || (!empty($_GET['reseller']))) && (!empty($_GET['banner']))) {\r
- // Count banner view... we currently don't need the user's id but maybe\r
- $VIEW = 1;\r
-\r
- // for later things... ;-)\r
- $result = SQL_QUERY_ESC("SELECT url FROM "._MYSQL_PREFIX."_refbanner WHERE id=%d LIMIT 1", array(bigintval($_GET['banner'])), __FILE__, __LINE__);\r
- if (SQL_NUMROWS($result) == 1) {\r
- list($url) = SQL_FETCHROW($result);\r
- SQL_FREERESULT($result);\r
- $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_refbanner SET counter=counter+1 WHERE id=%d LIMIT 1", array(bigintval($_GET['banner'])), __FILE__, __LINE__);\r
-\r
- $type = substr($url, -3);\r
- header ("Content-Type: image/".$type);\r
- LOAD_URL($url);\r
- } else {\r
- // Free memory\r
- SQL_FREERESULT($result);\r
- }\r
- exit();\r
-} else {\r
- // Do nothing for now\r
- LOAD_URL (URL."/index.php");\r
-}\r
-\r
-//\r
-?>\r
+<?php
+/************************************************************************
+ * MXChange v0.2.1 Start: 01/02/2004 *
+ * =============== Last change: 09/04/2004 *
+ * *
+ * -------------------------------------------------------------------- *
+ * File : view.php *
+ * -------------------------------------------------------------------- *
+ * Short description : View a banner and count his views *
+ * -------------------------------------------------------------------- *
+ * Kurzbeschreibung : Banner anzeigen und Views zaehlen *
+ * -------------------------------------------------------------------- *
+ * *
+ * -------------------------------------------------------------------- *
+ * Copyright (c) 2003 - 2008 by Roland Haeder *
+ * For more information visit: http://www.mxchange.org *
+ * *
+ * This program is free software; you can redistribute it and/or modify *
+ * it under the terms of the GNU General Public License as published by *
+ * the Free Software Foundation; either version 2 of the License, or *
+ * (at your option) any later version. *
+ * *
+ * This program is distributed in the hope that it will be useful, *
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of *
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the *
+ * GNU General Public License for more details. *
+ * *
+ * You should have received a copy of the GNU General Public License *
+ * along with this program; if not, write to the Free Software *
+ * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, *
+ * MA 02110-1301 USA *
+ ************************************************************************/
+
+// Load security stuff here (Oh, I hope this is not unsecure? Am I paranoia??? ;-) )
+require_once("inc/libs/security_functions.php");
+
+// Init "action" and "what"
+global $what, $action;
+$GLOBALS['what'] = ""; $GLOBALS['action'] = "";
+if (!empty($_GET['action'])) $GLOBALS['action'] = secureString($_GET['action']);
+if (!empty($_GET['what'])) $GLOBALS['what'] = secureString($_GET['what']);
+
+// Set module
+$GLOBALS['module'] = "view"; $CSS = -1;
+
+// Load the required file(s)
+require ("inc/config.php");
+
+if (((!empty($_GET['user'])) || (!empty($_GET['reseller']))) && (!empty($_GET['banner']))) {
+ // Count banner view... we currently don't need the user's id but maybe
+ $VIEW = 1;
+
+ // for later things... ;-)
+ $result = SQL_QUERY_ESC("SELECT url FROM "._MYSQL_PREFIX."_refbanner WHERE id=%d LIMIT 1", array(bigintval($_GET['banner'])), __FILE__, __LINE__);
+ if (SQL_NUMROWS($result) == 1) {
+ list($url) = SQL_FETCHROW($result);
+ SQL_FREERESULT($result);
+ $result = SQL_QUERY_ESC("UPDATE "._MYSQL_PREFIX."_refbanner SET counter=counter+1 WHERE id=%d LIMIT 1", array(bigintval($_GET['banner'])), __FILE__, __LINE__);
+
+ $type = substr($url, -3);
+ @header ("Content-Type: image/".$type);
+ LOAD_URL($url, false);
+ } else {
+ // Free memory
+ SQL_FREERESULT($result);
+ }
+ exit();
+} else {
+ // Do nothing for now
+ LOAD_URL (URL."/index.php");
+}
+
+//
+?>