HEX
Server: Apache
System: Linux msm5694.mjhst.com 3.10.0-1160.119.1.el7.x86_64 #1 SMP Tue Jun 4 14:43:51 UTC 2024 x86_64
User: camjab_ssh (1000)
PHP: 5.3.29
Disabled: NONE
$ pwd: /home/httpd/html/porn.tw/public_html/controllers/
Upload Files
File: /home/httpd/html/porn.tw/public_html/controllers/control.rentVideo.php
<?
if(!$_SESSION['userid'] || !$vodMode) { 
	header("Location: $basehttp/login"); 
	exit();
}
$id = (int)$_GET['id'];
if($id > 0) { 

} else { 
	header("Location: $basehttp"); 
	exit();
} 


$userNumTokens = billingGetUserTokens($_SESSION['userid']);
$currentUserTokens = $userNumTokens['tokens']; 

//fetch video page data
$langSelect = "";
$langJoin = "";
$langWhere = "";
if ($currentLang) {
    $langSelect .= ", content_languages.title AS langTitle, content_languages.description AS langDescription, content_languages.keywords AS langKeywords";
    $langJoin .= " LEFT JOIN content_languages ON content_languages.content = content.record_num AND content_languages.language = '$currentLang'";
    $langWhere .= " ";
}
$rrow = dbRow("SELECT `content`.*, IFNULL(`content_views`.`views`, 0) AS `views`, IFNULL(`users`.`username`, 'Anonymous') AS `username` $langSelect FROM `content` LEFT JOIN `users` ON `users`.`record_num` = `content`.`submitter` LEFT JOIN `content_views` ON `content_views`.`content` = `content`.`record_num` $langJoin WHERE `content`.`record_num` = '$id' AND `content`.`enabled` = 1 AND `content`.`photos` = 0 $langWhere LIMIT 1", $video_cache_time > 0, $video_cache_time);


if($rrow['tokenCost'] == 0 && $vodRentalCost == 0) { 
	$_GET['confirm'] = true; //skip purchase, since the video is free.
}

if($rrow['tokenCost'] > 0) { 
	//we are overwriting the default token cost;
	$videoNumTokens = (int)$rrow['tokenCost'];
} else { 
	//we are using default token cost
	$videoNumTokens = (int)$vodRentalCost; 
}

if($videoNumTokens > $currentUserTokens) { 
	$insuffientTokens = true; 
}

if($_GET['confirm'] && !$insuffientTokens) { 
	//confirmed video purchase, subtract tokens and give access for period defined.
	billingManipulateUserTokens($_SESSION['userid'], 0-$videoNumTokens); //substract tokens from user, in this case we are doing zero minus token amount to give them a negative value.
	billingGrantAccessToContent($_SESSION['userid'], $rrow['record_num'], $vodRentalLength); //give user access to the video
	$link = generateUrl('video', $rrow['title'], $rrow['record_num']);
	header("Location: $link"); //send user back to the video they just bought
	exit();
}
@ Telegram