natasha_thomas Posted July 24, 2009 Share Posted July 24, 2009 Folks, i have two PHP scripts, i want to know what do both of them do, though i have lil bit idea about that. Scripts are below: index.php <?php /* * Full page Iframe to display the offer URL and prevent bots from following the link to the final destination URL * * Edit the values for $offerURL * Add content filler in the <noframes> section to help your quality score * Edit the title * Edit meta description content * Edit meta keywords content * * Save As: new file name * Upload to your server along with the r-decode.php file * * That's it! * */ $offerURL = "http://www.hostgator.com/";//put your offer's affiliate jump link here $offerURL = trim($offerURL);//do not edit this line $thisRedirectUrl = base64_encode($offerURL);//do not edit this line $thisRedirectUrl = "r-decode.php?{$thisRedirectUrl}";//do not edit this line ?><!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd"> <html> <head> <title>Edit Me</title> <META name="description" content=""> <META name="keywords" content=""> </head> <frameset rows="100%,*" border="0"> <frame src="<? echo $thisRedirectUrl; ?>" frameborder="0" /> <frame frameborder="0" noresize /> <noframes> Put content here... </noframes> </frameset> </html> r-decode.php <?php // Note: there's no need to modify this file. Just upload it to your server along with the iframe file. // this file redirects the user to your affiliate link while hiding the refer information from the destination URL $thisReferringUrl = @$_SERVER["HTTP_REFERER"];//use default in case the requested url is invalid $clientIPNumber = @$_SERVER["REMOTE_ADDR"]; $clitentBrowserUserAgent = @$_SERVER["HTTP_USER_AGENT"]; if (empty($clitentBrowserUserAgent)){ //no useragent means it's a bot header("HTTP/1.0 301 Permanent Redirect"); header("Location: http://127.0.0.1",true,301); exit; } $topMargin = rand(10,111); $thisRedirectUrl = null; $imagePropertiesArr = array(); if (!empty($imagesArr)){ $rand_key = array_rand($imagesArr, 1); $imageProperties = $imagesArr[$rand_key]; $imagePropertiesArr = explode("|",$imageProperties); } $url_encoded = @$_SERVER["QUERY_STRING"]; if (!empty($url_encoded)){ $url_encoded = trim($url_encoded); $url_decoded = base64_decode($url_encoded); if (checkValidURL($url_decoded)){ $thisRedirectUrl = $url_decoded; } } function checkValidURL($siteurl){ $siteurl = trim($siteurl); $siteurlVal = $siteurl; $siteurlVal = ereg_replace("[^a-zA-Z0-9?:=,;@#$|&+%\/._-]", "", $siteurlVal);//strip out invalid chars if ($siteurl != $siteurlVal) return false; if(ereg("^http://.+\\..+$", $siteurl) || ereg("^https://.+\\..+$", $siteurl)) return true; else return false; } if (empty($thisRedirectUrl)){ header("HTTP/1.1 404"); header("Location: 404"); exit; } //echo $thisRedirectUrl; //exit; //header("Expires: " . gmdate("D, d M Y H:i:s") . " GMT"); //header("Pragma: no-cache"); //header("HTTP/1.0 301 Permanent Redirect"); ?><html> <head> <meta name="robots" content="noindex,nofollow"> <meta http-equiv="refresh" content="0;url=<? echo $thisRedirectUrl; ?>" /> </head> <body> <script language="JavaScript" type="text/javascript"> function go(){ document.location.href="<? echo $thisRedirectUrl; ?>"; } setTimeout ('go()', 1); </script> </body> </html> Thanks for your help, Natasha Thomas Quote Link to comment https://forums.phpfreaks.com/topic/167257-what-does-this-piece-of-php-codes-do/ Share on other sites More sharing options...
George Botley Posted July 24, 2009 Share Posted July 24, 2009 From what I can see the scripts you are asking about are from an affiliate network. The affiliate network look like they are using frames to display content such as adverts from third party advertisers on a webpage where these scripts are present. As for the second script, it looks as though It is collecting information about a user such as their browser and so on, which is also passed onto the affiliate network. Quote Link to comment https://forums.phpfreaks.com/topic/167257-what-does-this-piece-of-php-codes-do/#findComment-881878 Share on other sites More sharing options...
ignace Posted July 24, 2009 Share Posted July 24, 2009 The first script loads an iframe and as a src it defines r-decode with some parameter. Now once the page loads the src is read and the php code inside r-decode executed. If it is a bot they are redirected to their loopback address. Quote Link to comment https://forums.phpfreaks.com/topic/167257-what-does-this-piece-of-php-codes-do/#findComment-881880 Share on other sites More sharing options...
Ditter Posted August 4, 2009 Share Posted August 4, 2009 You said it collects info for an affiliate site? Can you tell what affiliate site it is collecting for? The only destination I see is "http://127.0.0.1" which I thought was a loopback address? Meaning it just loops back to to: "$offerURL = "http://www.hostgator.com/";//put your offer's affiliate jump link here" Quote Link to comment https://forums.phpfreaks.com/topic/167257-what-does-this-piece-of-php-codes-do/#findComment-890208 Share on other sites More sharing options...
ignace Posted August 4, 2009 Share Posted August 4, 2009 You said it collects info for an affiliate site? Can you tell what affiliate site it is collecting for? The only destination I see is "http://127.0.0.1" which I thought was a loopback address? Meaning it just loops back to to: "$offerURL = "http://www.hostgator.com/";//put your offer's affiliate jump link here" 127.0.0.1 is indeed a loopback address depending on who is using it. If I use 127.0.0.1 then I'll be using my own loopback address and not yours (as you will use yours and not mine). 127.0.0.1 is a reserved class B network address. Like all addresses in the format x.x.x.0 and x.x.x.255. So when you order your crawler to go to 127.0.0.1 it will do so on its own server not yours (I think this must be the technical equivalent to: go **** yourself). Quote Link to comment https://forums.phpfreaks.com/topic/167257-what-does-this-piece-of-php-codes-do/#findComment-890442 Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.