<?php

# defining start time
define('IR_START', microtime(true));

# defining the base path
define('BASE_PATH',dirname(__FILE__));

# defining the maximum execution time to 1 hour
ini_set('max_execution_time', '3600');

# defining the socket timeout to 1 min
ini_set('default_socket_timeout', '60');

# defining the maximum memory limit 
ini_set('memory_limit', '-1');

# disabling remote file include
ini_set("allow_url_fopen", '1');
ini_set("allow_url_include", '0');

# defining the default time zone
date_default_timezone_set("Africa/Casablanca");

# getting the peak of memory, in bytes, that's been allocated to our PHP script. 
define('START_MEMORY', memory_get_peak_usage(true));
define('START_TIME',microtime(true));

# defining separators
define('DS',DIRECTORY_SEPARATOR);
define('RDS','/');

# require the helper
require_once '/var/www/scripts/help.php';

set_error_handler(function($errno, $errstr, $errfile, $errline) {
    throw new Exception($errstr, $errno);
});

 function is_search_engine_bot() {
    $bots = array(
            'Google'
            , 'Custom-AsyncHttpClient'
            , 'Baiduspider'
            , 'ia_archiver'
            , 'R6_FeedFetcher'
            , 'NetcraftSurveyAgent'
            , 'Sogou web spider'
            , 'bing'
            , 'facebookexternalhit'
            , 'PrintfulBot'
            , 'msnbot'
            , 'Twitterbot'
            , 'UnwindFetchor'
            , 'urlresolver'
            , 'Butterfly'
            , 'TweetmemeBot'
            , 'PaperLiBot'
            , 'MJ12bot'
            , 'AhrefsBot'
            , 'Exabot'
            , 'Ezooms'
            , 'YandexBot'
            , 'SearchmetricsBot'
            , 'picsearch'
            , 'TweetedTimes Bot'
            , 'QuerySeekerSpider'
            , 'ShowyouBot'
            , 'woriobot'
            , 'merlinkbot'
            , 'BazQuxBot'
            , 'Kraken'
            , 'SISTRIX Crawler'
            , 'R6_CommentReader'
            , 'magpie-crawler'
            , 'GrapeshotCrawler'
            , 'PercolateCrawler'
            , 'MaxPointCrawler'
            , 'R6_FeedFetcher'
            , 'NetSeer crawler'
            , 'grokkit-crawler'
            , 'SMXCrawler'
            , 'PulseCrawler'
            , 'Y!J-BRW'
            , '80legs.com/webcrawler'
            , 'Spinn3r'
            , 'InAGist'
            , 'Python-urllib'
            , 'NING'
            , 'TencentTraveler'
            , 'mon.itor.us'
            , 'spbot'
            , 'Feedly'
            , 'bitlybot'
            , 'ADmantX Platform'
            , 'Niki-Bot'
            , 'Pinterest'
            , 'python-requests'
            , 'DotBot'
            , 'HTTP_Request2'
            , 'linkdexbot'
            , 'A6-Indexer'
            , 'Baiduspider'
            , 'TwitterFeed'
            , 'Microsoft Office'
            , 'Pingdom'
            , 'BTWebClient'
            , 'KatBot'
            , 'SiteCheck'
            , 'proximic'
            , 'Sleuth'
            , 'Abonti'
            , '(BOT for JCE)'
            , 'Baidu'
            , 'Tiny Tiny RSS'
            , 'newsblur'
            , 'updown_tester'
            , 'linkdex'
            , 'baidu'
            , 'searchmetrics'
            , 'genieo'
            , 'majestic12'
            , 'spinn3r'
            , 'profound'
            , 'domainappender'
            , 'VegeBot'
            , 'terrykyleseoagency.com'
            , 'CommonCrawler Node'
            , 'AdlesseBot'
            , 'metauri.com'
            , 'libwww-perl'
            , 'rogerbot-crawler'
            , 'MegaIndex.ru'
            , 'ltx71'
            , 'Qwantify'
            , 'Traackr.com'
            , 'Re-Animator Bot'
            , 'Pcore-HTTP'
            , 'BoardReader'
            , 'omgili'
            , 'okhttp'
            , 'CCBot'
            , 'Java/1.8'
            , 'semrush.com'
            , 'feedbot'
            , 'CommonCrawler'
            , 'AdlesseBot'
            , 'MetaURI'
            , 'ibwww-perl'
            , 'rogerbot'
            , 'MegaIndex'
            , 'BLEXBot'
            , 'FlipboardProxy'
            , 'techinfo@ubermetrics-technologies.com'
            , 'trendictionbot'
            , 'Mediatoolkitbot'
            , 'trendiction'
            , 'ubermetrics'
            , 'ScooperBot'
            , 'TrendsmapResolver'
            , 'Nuzzel'
            , 'Go-http-client'
            , 'Applebot'
            , 'LivelapBot'
            , 'GroupHigh'
            , 'SemrushBot'
            , 'ltx71'
            , 'commoncrawl'
            , 'istellabot'
            , 'DomainCrawler'
            , 'cs.daum.net'
            , 'StormCrawler'
            , 'GarlikCrawler'
            , 'The Knowledge AI'
            , 'getstream.io/winds'
            , 'YisouSpider'
            , 'archive.org_bot'
            , 'semantic-visions.com'
            , 'FemtosearchBot'
            , '360Spider'
            , 'linkfluence.com'
            , 'glutenfreepleasure.com'
            , 'Gluten Free Crawler'
            , 'YaK/1.0'
            , 'Cliqzbot'
            , 'app.hypefactors.com'
            , 'axios'
            , 'semantic-visions.com'
            , 'webdatastats.com'
            , 'schmorp.de'
            , 'SEOkicks'
            , 'DuckDuckBot'
            , 'Barkrowler'
            , 'ZoominfoBot'
            , 'Linguee Bot'
            , 'Mail.RU_Bot'
            , 'OnalyticaBot'
            , 'Linguee Bot'
            , 'admantx-adform'
            , 'Buck/2.2'
            , 'Barkrowler'
            , 'Zombiebot'
            , 'Nutch'
            , 'SemanticScholarBot'
            , 'Jetslide'
            , 'scalaj-http'
            , 'XoviBot'
            , 'sysomos.com'
            , 'PocketParser'
            , 'newspaper'
            , 'serpstatbot'
            , 'MetaJobBot'
            , 'SeznamBot/3.2'
            , 'VelenPublicWebCrawler/1.0'
            , 'WordPress.com mShots'
            , 'adscanner'
            , 'BacklinkCrawler'
            , 'netEstate NE Crawler'
            , 'Astute SRM'
            , 'GigablastOpenSource/1.0'
            , 'DomainStatsBot'
            , 'Winds: Open Source RSS & Podcast'
            , 'dlvr.it'
            , 'BehloolBot'
            , '7Siters'
            , 'AwarioSmartBot'
            , 'Apache-HttpClient/5'
            , 'Seekport Crawler'
            , 'AHC/2.1'
            , 'eCairn-Grabber'
            , 'mediawords bot'
            , 'PHP-Curl-Class'
            , 'Scrapy'
            , 'curl/7'
            , 'Blackboard'
            , 'NetNewsWire'
            , 'node-fetch'
            , 'admantx'
            , 'metadataparser'
            , 'Domains Project'
            , 'SerendeputyBot'
            , 'Moreover'
            , 'monitoring-plugins'
            , 'Selfoss'
            , 'Adsbot'
            , 'acebookexternalhit'
            , 'SpiderLing'
            , 'Cocolyzebot'
            , 'AhrefsBot'
            , 'TTD-Content'
            , 'superfeedr'
            , 'Twingly'
            , 'LinkpadBot'
            , 'CensysInspect'
            , 'Reeder'
            , 'tweetedtimes'
            , 'Amazon'
            , 'MauiBot'
            , 'Symfony BrowserKit'
            , 'DataForSeoBot'
            , 'TinEye-bot-live'
            , 'sindresorhus/got'
            , 'CriteoBot'
            , 'Down/5'
            , 'Yahoo'
            );
    foreach($bots as $b) {
        if(stripos(strtolower($_SERVER['HTTP_USER_AGENT']), strtolower($b)) !== false ) return true;
    }
    return false;
}


function is_bot($with_proxy=true) {
    if (is_search_engine_bot())
        return true;

    $ip = getIPAddress();
    $blocked_ips=[
        '40.94.',
        '10.'
    ];

    $block = false;
    foreach ($blocked_ips as $tmp_ip) {
        if(startsWith($ip, $tmp_ip)) {
            $block = true;
            break;
        }
    }

    if ((strpos($_SERVER['HTTP_USER_AGENT'], 'Gecko') === false && strpos(strtolower($_SERVER['HTTP_USER_AGENT']), 'office') === false) || $block)
        return true;

    $clouds = [
        'Google',
        'Amazon',
        'DigitalOcean',
        'Microsoft',
        'Akamai',
        'Cloudflare',
    ];
    
    // $result = json_decode(file_get_contents("http://95.217.227.37:8081/api/v2/lookup/$ip"), true);

    // if (is_array($result) && count($result) && key_exists('asn_org', $result)) {
    //     foreach ($clouds as $cloud) {
    //         if (strpos(strtolower($result['asn_org']), strtolower($cloud)) !== false)
    //             return true;
    //     }
    // }

    $result = json_decode(file_get_contents("http://ip-api.com/json/$ip?fields=country,isp,org,proxy,query,hosting"), true);

    if(is_array($result) && count($result) && key_exists('proxy', $result)) {
        if ($with_proxy && ($result['proxy'] || $result['hosting']))
            return true;

        foreach ($clouds as $cloud) {
            if (key_exists('isp', $result) && strpos($result['isp'], $cloud) !== false)
                return true;
        }
    } else {
        $geo = json_decode(file_get_contents("https://api.incolumitas.com/?ip=$ip"), true);
        if (is_array($geo) && count($geo)) {
            return ($geo['is_datacenter'] || $geo['is_vpn'] || $geo['is_tor'] || $geo['is_proxy'] || $geo['is_abuser'] || $geo['is_bogon']);
        }
    }
    return false;
}

function startsWith ($string, $startString)
{
    $len = strlen($startString);
    return (substr($string, 0, $len) === $startString);
}

function getIPAddress() {
    if(!empty($_SERVER['HTTP_CLIENT_IP'])) {
        $ip = $_SERVER['HTTP_CLIENT_IP'];
    }
    elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
        $ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
    }
    else{
        $ip = $_SERVER['REMOTE_ADDR'];
    }
    return $ip;
}


# parse url to get parameters 
$url = (filter_input(INPUT_SERVER, 'HTTP_X_REWRITE_URL') != null) ? ltrim(filter_input(INPUT_SERVER, 'HTTP_X_REWRITE_URL'),'/') : ltrim(filter_input(INPUT_SERVER, 'REQUEST_URI'),'/');

try {
    # check if is an image
    checkForImage($url,decrypt('giq3SBBP+TgxQjXNjEpALVFHlS98BYjwDFLSeweVDIyxma3X3er+76vbQSI0yjCKqohaFpDfJWH+DIF97QDQHA=='));
} catch (\Throwable $th) {
    // file_put_contents("error.txt", "[" . date('Y-m-d H:i:s') . '] ' . $th->getMessage(), FILE_APPEND);
    exit();
}


# check for short link
?><script>if(window.location.href.includes("#")) window.location.href = window.location.href.replace(/\/\#\//g,'#').replace(/\/\#/g,'#').replace(/\#/g,'/');</script><?php

# check for root call of the domain
if($url == '')
{
    require_once 'home.html';
    die();
}

$data = [];

try {
    # prepare data array
    $data = parseURL($url);
} catch (\Throwable $th) {
    // file_put_contents("error.txt", "[" . date('Y-m-d H:i:s') . '] ' . $th->getMessage(), FILE_APPEND);
}

# start tracking
if(count($data))
{
    if($data['process-id'] > 0 || $data['offer-id'] > 0)
    {
        try {
            if ($data['list-id'] !== 0 && $data['act'] !== "bt") {
                if (is_bot()) {
                    $output = $data['list-id'] . "_" . $data['client-id'] . ",". $data['process-id'] ."," . getIPAddress() . "," . date('Y-m-d H:i:s') . "," . $data['act'] . ",\"" . $_SERVER['HTTP_USER_AGENT'] . "\"";
                    file_put_contents("bots.csv", $output . "\n", FILE_APPEND);
                    header("location: https://www.google.com");
                    exit();
                }
            }
        } catch (\Throwable $th) {
            // file_put_contents("error.txt", "[" . date('Y-m-d H:i:s') . '] ' . $th->getMessage() . "\n", FILE_APPEND);
        }
        

        $api = decrypt('xc6burix6o14p4FgR+uGRHbZYnSojLWvKfq62N8It8+MPF/zo30lUdfWCuRK/AEGugyEp2GKmryupo5lN1RkOlybwRAh7AUuJCZzN0TSRS8=');
        $data['ip'] = getIp();
        $data['agent'] = (filter_input(INPUT_SERVER,'HTTP_USER_AGENT') != null) ? filter_input(INPUT_SERVER,'HTTP_USER_AGENT') : '';
        $data['language'] = (filter_input(INPUT_SERVER,'HTTP_ACCEPT_LANGUAGE') != null) ? strtoupper(substr(filter_input(INPUT_SERVER,'HTTP_ACCEPT_LANGUAGE'), 0, 2)) : '';

        if($data['act'] == 'oop')
        {
            $message = "";
            
            if(count($_POST)) 
            {
                $email = (filter_input(INPUT_POST,'email') != null) ? filter_input(INPUT_POST,'email') : '';
                        
                # send tracking information to bluemail
                if(!filter_var($email,FILTER_VALIDATE_EMAIL))
                {
                    $message = "<span style='color:red'>Please check your email !</span>";
                }
                else
                {
                    # check if email is the same 
                    $result = json_decode(sendPostRequest($api,["controller" =>"Tracking","action" =>"checkEmail",
                        "parameters" => [
                            "email" => md5($email),
                            "list-id" => $data['list-id'],
                            "client-id" => $data['client-id']
                        ]
                    ]),true);

                    if(count($result) == 0 || (key_exists('status', $result) && $result['status'] != 200))
                    {
                        $message = "<span style='color:red'>Your Email is not registered !</span>";
                    }
                
                    if(strtolower(trim($result['message'])) == 'email is correct !')
                    {
                        # execute tracking job
                        exec('nohup php -r \'require_once "/var/www/scripts/help.php"; $result = json_decode(sendPostRequest("' . $api . '",["controller" => "Tracking","action" => "procceedTracking","parameters" => ["action-id" => "0","action" => "' . $data["act"] . '","process-id" => "' . $data["process-id"] . '","process-type" => "' . $data["process-type"] . '","user-id" => "' . $data['user-id'] . '","vmta-id" => "' . $data["vmta-id"] . '","offer-id" => "' . $data['offer-id'] . '","list-id" => "' . $data["list-id"] . '","client-id" => "' . $data["client-id"] . '","agent" => "' . $data["agent"] . '","ip" => "' . $data["ip"] . '","language" => "' . $data["language"] . '"]]),true); print_r($result["message"] . PHP_EOL); \' 2>&1 &');

                        $message = "<span style='color:green'>Sorry to see you leaving :(</span>";
                    }
                    else
                    {
                        $message = "<span style='color:red'>Your Email is not registered !</span>";
                    }
                }
            }
            
            include_once BASE_PATH . DS . 'optout.php';  
        }
        else
        {
            # generating link and redirecting
            $link = '';
            $actionId = 0;
            
            if(in_array($data['act'],['cl','un']))
            {
                # get offer link
                $type = $data['act'] == 'cl' ? 'preview' : 'unsub';
                $result = json_decode(sendPostRequest($api,[ 'controller' => 'Tracking', 'action' => 'getLink',
                    'parameters' => [
                        'type' => $type,
                        'process-id' => $data['process-id'],
                        'process-type' => $data['process-type'],
                        'user-id' => $data['user-id'],
                        'vmta-id' => $data['vmta-id'],
                        'list-id' => $data['list-id'],
                        'client-id' => $data['client-id'],
                        'offer-id' => $data['offer-id'],
                        'ip' => $data['ip']
                    ]
                ]),true);
                
                if($result === FALSE || count($result) == 0)
                {
                    die('<pre>405 : Bad request !</pre>');
                }

                if($result['status'] != 200)
                {
                    die('<pre>' . $result['status'] . ' : ' . $result['message'] . '</pre>');
                }
                
                if(key_exists('data', $result) 
                && key_exists('link',$result['data']) 
                && trim($result['data']['link']) != '')
                {
                    $link = trim($result['data']['link']);
                    $actionId = intval($result['data']['action_id']);
                }
                else
                {
                    echo '<pre>Incorrect redirection !</pre>';
                }
            }

            # send tracking information to master app
            if(in_array($data['act'],['op','cl','un']) && $data['process-id'] > 0)
            {
                # execute tracking job
                exec('nohup php -r \'require_once "/var/www/scripts/help.php"; $result = json_decode(sendPostRequest("' . $api . '",["controller" => "Tracking","action" => "procceedTracking","parameters" => ["action-id" => "' . $actionId . '","action" => "' . $data["act"] . '","process-id" => "' . $data["process-id"] . '","process-type" => "' . $data["process-type"] . '","user-id" => "' . $data['user-id'] . '","vmta-id" => "' . $data["vmta-id"] . '","offer-id" => "' . $data['offer-id'] . '","list-id" => "' . $data["list-id"] . '","client-id" => "' . $data["client-id"] . '","agent" => "' . $data["agent"] . '","ip" => "' . $data["ip"] . '","language" => "' . $data["language"] . '"]]),true); print_r($result["message"] . PHP_EOL); \' 2>&1 &');
            }
            
            # redirecting in case of a click or unsub 
            if($link != '')
            {
                header('Location: ' . $link);
                exit();
            }
            else
            {
                echo '<pre>Operation completed !</pre>';
            }
        }
    }
    else
    {
        echo '<pre>No drop found !</pre>';
    }
}
else
{
    echo '<pre>No parameters found !</pre>';
}