Location: PHPKode > projects > DDL CMS > Upload these files to your webspace/submitted.php
<?php

/**********************************************************
*  ______   ______   ___      _______  ___ ___  _______   *
* |   _  \ |   _  \ |   |    |   _   ||   Y   ||   _   |  *
* |.  |   \|.  |   \|.  |    |.  1___||.      ||   1___|  *
* |.  |    |.  |    |.  |___ |.  |___ |. \_/  ||____   |  *
* |:  1    |:  1    |:  1   ||:  1   ||:  |   ||:  1   |  *
* |::.. . /|::.. . /|::.. . ||::.. . ||::.|:. ||::.. . |  *
* `------' `------' `-------'`-------'`--- ---'`-------'  *
*                                _______        _______   *
*                    .--.--.    |   _   |      |       |  *
*                    |  |  |    |___|   |  __  |___|   |  *
*                     \___/      _(__   | |__|  /  ___/   *
*                               |:  1   |      |:  1  \   *
*                               |::.. . |      |::.. . |  *
*                               `-------'      `-------'  *
*                                                         *
*                                   Script: DDLCMS v3.2   *
*                                 Author: Little Dragon   *
*                              Email: hide@address.com   *
*                        Website: http://www.ddlcms.com   *
*                                                         *
*    Please direct bug reports, suggestions or feedback   *
*                                 to the DDLCMS forums:   *
*                                                         *
*                          http://www.ddlcms.com/forums   *
*                                                         *
*    DDLCMS is a commercial grade content management      *
*    system for DDL site owners. It is provided free      *
*    of charge, provided:                                 *
*                                                         *
*    1. You keep the linkback to http://www.ddlcms.com    *
*       in the footer.                                    *
*                                                         *
*    2. You keep the sponsored links to Sharingzone.net   *
*       on your site.                                     *
*                                                         *
*    By using this script, you agree that you will not    *
*    modify, remove, or replace any encoded parts of      *
*    this script. All encoded parts MUST remain intact    *
*    for your site to remain in good standing.            *
*                                                         *
**********************************************************/

	if(!defined('BASEDIR') || !defined('WWWROOT'))
	{
		define('WWWROOT', dirname(__FILE__) . '/');
		define('BASEDIR', substr(WWWROOT, 0, ##BASEDIR##));
	}
	require(WWWROOT. 'autosubmitter/ban.php');
	if((isset($_POST) && is_array($_POST) && count($_POST) > 0 && array_key_exists('title', $_POST) === TRUE) && (strlen($_POST['title'][0]) == 0 || strlen($_POST['url'][0]) == 0 || strlen($_POST['sname']) == 0 || strlen($_POST['surl']) == 0 || strpos($_POST['surl'], 'http://') === FALSE || strlen($_POST['type'][0]) == 0))
	{
		require(WWWROOT . 'wrong.php');
		die();
	}
	elseif(isset($_POST) && is_array($_POST) && count($_POST) > 0)
	{
		if(get_magic_quotes_gpc() === 1)
		{
			if(is_array($_POST['title']) === TRUE)
			{
				$title = array_map('stripslashes', $_POST['title']);
			}
			else
			{
				$title = stripslashes($_POST['title']);
			}
			if(is_array($_POST['url']) === TRUE)
			{
				$url = array_map('stripslashes', $_POST['url']);
			}
			else
			{
				$url = stripslashes($_POST['url']);
			}
			if(is_array($_POST['type']) === TRUE)
			{
				$type = array_map('stripslashes', $_POST['type']);
			}
			else
			{
				$type = stripslashes($_POST['type']);
			}
			$surl = stripslashes($_POST['surl']);
			$sname = stripslashes($_POST['sname']);
			$email = stripslashes($_POST['email']);
		}
		else
		{
			$title = trim($_POST['title']);
			$url = trim($_POST['url']);
			$type = trim($_POST['type']);
			$surl = trim($_POST['surl']);
			$sname = trim($_POST['sname']);
			$email = trim($_POST['email']);
		}
		$c->open();
		$c = new config();
		if($c->blacklist($surl))
		{
			$dont = TRUE;
		}
		else
		{
			$dont = FALSE;
		}
		if(!$dont)
		{
			$categoryList = FALSE;
			$categoriesQuery = dbcom('SELECT category FROM category WHERE active = 1 ORDER BY id;');
			while($categoriesArray = mysql_fetch_assoc($categoriesQuery))
			{
				$activeCategories[] = $categoriesArray['category'];
			}
			if(isset($activeCategories) && is_array($activeCategories) && count($activeCategories) > 0)
			{
				$lowerCaseCats = array_map('strtolower', $activeCategories);
				$lowerCaseCatsPlural = array_map(create_function('$addString', 'return $addString . "s";'), $lowerCaseCats);
				$categoryList = TRUE;
			}
			for($i = 0; $i < $maximumsubmissions && $i < count($url); $i++)
			{
				# Kill any security threats with $HTTP_POST_VARS manually because foreach($HTTP_POST_VARS as $key=>val) doesn't work
				foreach($disallowedtags as $tag)
				{
					if(preg_match('/<[^>]*' . $tag . '/i', $title[$i]) !== 0)
					{
						header('Location: ' . $site_url);
						die();
					}
					if(preg_match('/<[^>]*' . $tag . '/i', $url[$i]) !== 0)
					{
						header('Location: ' . $site_url);
						die();
					}
					if(preg_match('/<[^>]*' . $tag . '/i', $type[$i]) !== 0)
					{
						header('Location: ' . $site_url);
						die();
					}
				}
				# Make sure the fucker is submitting the downloads urls from the same site url
				if($url[$i])
				{
					# also if URL has http:// as scheme
					if(!stristr($url[$i], $c->getdomain($surl)) || strpos($surl, 'http://') === FALSE || strpos($url[$i], 'http://') === FALSE)
					{
						require(WWWROOT . 'wrong.php');
						die();
					}
				}
 				# Check if URL was submitted within past 5 days
				$getlog = dbcom("SELECT url FROM urllog WHERE url = '{$url[$i]}' ORDER BY id DESC LIMIT 1;");
				if(mysql_num_rows($getlog) > 0)
				{
					require(WWWROOT . 'skins/' . $skin . '/header.php');
									echo '
						<table border="0" cellspacing="0" cellpadding="0" width="790" height="700">
							<tr>
								<td height="10"></td>
							</tr>
							<tr valign="top">
								<td>';
					echo '<p><span style="color: red">You cannot submit the same URL again within 5 days!</span><br /><br />';
					echo $url[$i];
					echo '<br /><br />No downloads were added.<br /><br /><b><a href="javascript:history.go(-1)">Go back</a></b> and try again without the above URL.</p>
								</td>
							</tr>
							<tr><td height="10"></td></tr>
						</table>
					';
					require(WWWROOT . 'skins/' . $skin . '/footer.php'); 
				   	die();
				} 
        		# Check if Site URL was submitted within past 24 hours (actully 18 so it's more realistic).
				if($url[$i])
				{
					$urlArray = parse_url($url[$i]);
					$theURL = $urlArray['scheme'] . '://' . $urlArray['host'] . '/';
					$urlCountQuery = dbcom("SELECT COUNT(id) AS theCount FROM urllog WHERE date > DATE_SUB(NOW(), INTERVAL 18 HOUR) AND url LIKE '$theURL%';");
					$urlCountArray = mysql_fetch_assoc($urlCountQuery);
					if($urlCountArray['theCount'] > $maximumsubmissions)
					{
						require(WWWROOT . 'skins/' . $skin . '/header.php');
											echo '
							<table border="0" cellspacing="0" cellpadding="0" width="790" height="700">
								<tr><td height="10"></td></tr>
								<tr valign="top">
									<td>';
						echo '<p><span style="color: red">You cannot submit more than ' . $maximumsubmissions . ' downloads per day!</span><br /><br />';
						echo 'No downloads were added. Try again tomorrow.</p>
									</td>
								</tr>
								<tr><td height="10"></td></tr>
							</table>
						';
						require(WWWROOT . 'skins/' . $skin . '/footer.php'); 
						die();
					}
				}
			}
			for($i = 0; $i < $maximumsubmissions && $i < count($url); $i++)
			{
				$whitelisted = FALSE;
				$vip = FALSE;
				if($c->whitelisted($url[$i]) && $c->whitelisted($surl))
				{
					$whitelisted = TRUE;
				}
				if($c->vip($url[$i]) && $c->vip($surl))
				{
					$vip = TRUE;
				}
				$correctCategory = FALSE;
				if($categoryList === TRUE)
				{
					if(in_array(strtolower($type[$i]), $lowerCaseCats))
					{
						$type[$i] = $activeCategories[array_search(strtolower($type[$i]), $lowerCaseCats)];
						$correctCategory = TRUE;
					}
					elseif(in_array(strtolower($type[$i]), $lowerCaseCatsPlural))
					{
						$type[$i] = $activeCategories[array_search(strtolower($type[$i]), $lowerCaseCatsPlural)];
						$correctCategory = TRUE;
					}
				}
				if(!$title[$i] || !$url[$i] || $c->blacklist($url[$i]) || $c->spamcheck($title[$i]) || $correctCategory === FALSE)
				{
					break;
				}
				else
				{
					# Add the download and log it:
   					$dato = date($date_format);
					if(($email) && (!preg_match("/([\w\-]+\@[\w\-]+\.[\w\-]+)/", $email))) 
					{
						$email = 'bad email';
					}
					# If site is on whitelist, and is a VIP site or auto_allow is set to "yes", put downloads directly into the main database:
					if($whitelisted === TRUE && ($auto_allow == 1 || $vip === TRUE))
					{
						$type[$i] = mysql_escape_string(trim($type[$i]));
						$title[$i] = mysql_escape_string(trim(preg_replace('/[^!-~ ]/', '', $title[$i])));
						$url[$i] = mysql_escape_string(trim(preg_replace('/[^!-~ ]/', '', $url[$i])));
						$sname = mysql_escape_string(trim(preg_replace('/[^!-~ ]/', '', $sname)));
						$surl = mysql_escape_string(trim(preg_replace('/[^!-~ ]/', '', $surl)));
						$dato = mysql_escape_string($dato);
						$email = mysql_escape_string(trim(preg_replace('/[^!-~ ]/', '', $email)));
   	 					dbcom("INSERT INTO downloads (type, title, url, sname, surl, date, email, ip) "
    						."VALUES ('{$type[$i]}','{$title[$i]}','$url[$i]','$sname','$surl', CURRENT_DATE(), '$email', '{$_SERVER['REMOTE_ADDR']}')");
						# Truncate downloads table to maximum allowed setting
						$g_antall = dbcom('SELECT COUNT(id) AS TOTAL FROM downloads;');
						$antall = mysql_result($g_antall, 0);
						$antallet = $antall + count($title);
						if($antallet > $max_dl && $max_dl > 0)
						{
							$max_limit = $antallet - $max_dl;
							$max_get = dbcom("SELECT * FROM downloads ORDER BY id LIMIT 0, $max_limit;");
							while($max_row = mysql_fetch_row($max_get))
							{
								$max_id[] = $max_row[0];
							}
							$idList = implode(',', $max_id);
							dbcom("DELETE FROM downloads WHERE id IN ($idList);");
							dbcom('DELETE FROM downloads_ratings WHERE id IN(' . $idList . ');');
						}
						$queQuery = dbcom('SELECT COUNT(id) AS TOTAL FROM que;');
						$antall = mysql_result($queQuery, 0);
						$antallet = $antall + count($title);
						if($antallet > $max_que && $max_que > 0)
						{
							$max_limit = $antallet - $max_que;
							$max_get = dbcom("SELECT * FROM que ORDER BY id LIMIT 0, $max_limit;");
							while($max_row = mysql_fetch_row($max_get))
							{
								$max_id[] = $max_row[0];
							}
							$idList = implode(',', $max_id);
							dbcom("DELETE FROM que WHERE id IN ($idList);");
						}
					}
					else
					{						
    					# Add the submissions to the Queue
						$type[$i] = mysql_escape_string(trim($type[$i]));
						$title[$i] = mysql_escape_string(trim(preg_replace('/[^!-~ ]/', '', $title[$i])));
						$url[$i] = mysql_escape_string(trim(preg_replace('/[^!-~ ]/', '', $url[$i])));
						$sname = mysql_escape_string(trim(preg_replace('/[^!-~ ]/', '', $sname)));
						$surl = mysql_escape_string(trim(preg_replace('/[^!-~ ]/', '', $surl)));
						$dato = mysql_escape_string($dato);
						$email = mysql_escape_string(trim(preg_replace('/[^!-~ ]/', '', $email)));
						dbcom("INSERT INTO que (type, title, url, sname, surl, date, email, ip) "
    						."VALUES ('$type[$i]','$title[$i]','$url[$i]','$sname','$surl', CURRENT_DATE(), '$email', '{$_SERVER['REMOTE_ADDR']}')");
						# Truncate the Queue to the maximum ($max_que)
	    				$g_antall = mysql_query('SELECT COUNT(id) AS TOTAL FROM que;');
	    				$antall = mysql_result($g_antall, 0);
	    				if($antall > $max_que && $max_que > 0)
						{
	    					$max_limit = $antall - $max_que - count($url);
	    					$max_get = mysql_query("SELECT * FROM que ORDER BY id LIMIT 0, $max_limit;");
	    					while($max_row = mysql_fetch_row($max_get))
							{
	    						$max_id[] = $max_row[0];
	    					}
	    					for($i = 0; $i < count($max_id); $i++)
							{
	    						if($i == 0)
								{
	    							$max_query = "WHERE id = '".$max_id[$i]."'";
								}
	    						else
								{
	    							$max_query .= " || id = '".$max_id[$i]."'";
								}
	    					}
	    					dbcom("DELETE FROM que $max_query");
						}
    				}
					# delete log urls older than 5 days
					dbcom("DELETE FROM urllog WHERE date < DATE_SUB(NOW(), INTERVAL 5 DAY)");
					# log it
					dbcom("INSERT INTO urllog (url) VALUES ('{$url[$i]}')");
				}
			}
		}
		require(WWWROOT . 'thanks.php');
		if($enableAutoResponder == 1)
		{
			ini_set(sendmail_from,$admin_email);
			$announce_subject = 'Your submissions to ' . $site_name; 
			$announce_from_email = $admin_email; 
			$announce_from_name = $site_name; 
			$body = $site_name . " Autoresponder Message:

Your download submissions were successfully received:

Your Submissions:
{$_POST['url'][0]}
{$_POST['url'][1]}
{$_POST['url'][2]}
{$_POST['url'][3]}
{$_POST['url'][4]}
{$_POST['url'][5]}
{$_POST['url'][6]}
{$_POST['url'][7]}
{$_POST['url'][8]}
{$_POST['url'][9]}

Make sure your pages link back to $site_name:

Text Link:
<a href=$site_url>$site_name</a>

Button Link:
<a href=$site_url>
<img src=$site_url/images/button.gif 
border=0 width=88 height=31></a>

NOTE: Dropdown boxes are NOT acceptable.  You MUST have either 
our BUTTON or TEXT link and follow all the rules on:
$site_url/submit.php.

Regards,
$site_name Admin";
			$announce_subject2 = 'DDL Warez Script - DDL CMS'; 
			$announce_from_email2 = 'hide@address.com'; 
			$announce_from_name2 = 'DDLCMS'; 
			$body2 = "Hello DDL Webmaster,

This is an autoresponder to your recent DDL submissions.

We'd like to inform you of a free DDL script called
DDLCMS, which you can use to run your own DDL site:

Check out the features:

EASY TO INSTALL

  Upload package and go to install.php.

TOPLIST

  Cheat-proof advanced toplist, with gateway page.

INSTANT LINK EXCHANGE

  Instant hard link exchange with automatic URL 
  verification (recip link checker).

PAGE MAKER

  Blog-style page maker with wyswig editor - make 
  new pages on the fly, you can cut and paste new 
  pages into existence!

  Automatic affiliate links get added to the bottom
  of all pages, from the same URLs on the autosubmitter 
  URLs list.

  Includes both Katz and Phaze friendly pages.

SUBMIT DOWNLOADS

  Users can submit upto 20 downloads/day/site
  (or a number you set in Admin).  

  A download cannot be submitted again 
  for 5 days.

  Compatible with all Autosubmitters.

AUTOSUBMITTER

  It's built into the page maker - just checkmark
  the pages you want to submit, then hit the submit button!

  Add/Edit/Delete URLs from the list of affiliate
  sites to submit to.

  Automatically retries failed submissions.

BLACKLIST

  Blacklist any site that breaks rules, and all 
  relevant downloads from that site also get
  deleted.

  Blacklist displayed on Submit page.

  You can also ban by submitter's IP.

WHITELIST

  As soon as you approve 50 or more downloads
  from a site (or a number you choose in admin), 
  that site automatically gets on the whitelist.

  Whitelist displayed on Submit page.

  You can turn on automatic accept for whitelisted
  sites.

  Promote a site to VIP status. VIP site submissions
  never wait in queue.

RECENT DOWNLOADS
  
  Recent downloads listed at bottom of site 
  (number displayed editable in Admin).

RECENT SEARCHES

  Recent searches listed at bottom of site 
  (number displayed editable in Admin).

TOP SEARCHES

  Top searches listed at bottom of site 
  (number displayed editable in Admin).

SPONSORED LINKS

  Sponsored links listed at bottom of site
  (number displayed editable in Admin).
  
  Sponsored links are created based on user
  searches, customized with your Sharingzone
  username and URL.

  The listing allows Googlebot to crawl 
  these links and list the pages.

  This means Google gets loaded with URLs
  that make you money = automatic income!

GOOGLE-FRIENDLY SEO URLs

  All URLs are google-friendly so
  they are easy to index by Googlebot.

SEO OPTIMIZED SITE-WIDE

  All aspects and pages of the site are enhanced by
  your custom keywords and description automatically,
  including title, meta tags, alt image tags, etc..

CROSS-BROWSER COMPATIBILITY

  Website will appear correctly in all versions of
  Internet Explorer, Mozilla Firefox, Apple Safari,
  and others too!

SKINNABLE AND CUSTOMIZABLE

  You can customize options, layouts, download skins,
  and even make a custom skin to make your DDL site
  unique!  Very easy to do!

SECURITY ENHANCED 

  No exploits, so no hacking your site.

  No cookie session-based Admin Panel.

ADMIN PANEL

  Integrated secure Admin Panel for DDL Queue,
  Toplist, Instant Link Exchange, Autosubmitter,
  Page Maker, and many more features!

SUBMITTED QUEUE

  The submitted downloads queue will truncate at a 
  number set by you in Admin (eg. 10,000 downloads),
  so when you select which downloads you want to 
  allow on your DDL site, you will only have the 
  newest downloads in the queue.

  Submitted queue is paginated for easier management.

  Sort the queue by category, site, or IP.

DOWNLOADS QUEUE

  Add/Edit/Delete downloads.

  The main downloads queue will truncate at a 
  number set by you in Admin (eg. 50,000 downloads).

  Set the number of downloads to display per page
  in Admin.

PRE-MONETIZED!

  Just enter your Sharingzone username in Admin, your
  sponsor codes and URLs are all filled in automatically.
  If you don't have a Sharingzone username, you can 
  signup for free here:
  http://www.sharingzone.net/aff_signup.php

ADVERTISEMENT BLOCKS

  Add/Edit/Delete ad blocks in Admin for additional
  revenue sources.

  If using Xxx/Porn category, this page is customized
  with separate, targeted adult advertising options.

TOS

  Terms of Service page created automatically for your
  custom site, using your site name.

CONTACT PAGE

  Your admin email address is displayed automatically
  on the contact page, spambot-proof (cannot be 
  harvested by spambots or email collectors/spammers. 

COPYRIGHT NOTICE

  Copyright notice with your site name on bottom of all
  pages and dated to the current year, automatically.

MASSIVE HITS and INCOME

  The site is designed to get hits with Google,

  It is SEO optimized, and eliminates all the forbidden
  secret practices that get's websites penalized and
  blacklisted from Google.  SEO Safe!

  Since your site is optimized, pre-monetized,
  and gives you the ability to add your own
  ad blocks, you will start earning money
  right away.  In no time your site will be
  generating massive hits, and revenue.

PRICE

  Send your check or money order for $95.00 USD:

  Just kidding -- actually, it's free! 

  What's the catch?  There is only one:

  Just a tiny linkback to DDL CMS at the bottom of 
  the site, right after YOUR copyright notice
  (we made sure it's small, and does not stand out).
  That's it!  There is no other catch!

  No skimming of hits, no hidden links, no
  hacks, no hijacking links or URLs -- a very
  clean and user-friendly DDL site.  

  Reliable, easy, secure, loaded with cool features,
  and the best part -- did I mention, it's free?

VIEW DEMO

  See what it looks like in action!

  http://www.ddlcms.com

DOWNLOAD SCRIPT

  Download the script and install it to run your
  own optimized DDL or downloads site in minutes.

  http://www.ddlcms.com

Thanks for reading!

Cheers,
DDLCMS Team";
			$headers = "From: $announce_from_name <$announce_from_email>\n"; 
			$headers .= "X-Mailer: PHP3\n\n"; 
			eval(implode('', dwvomyj38aci9v0f9hrdoj0cx0p1xpwgwnf2e1p4whp4h8hj6flfhotv8vzjb2ysn70164qe('nr99waruq8dn1vascn4t0t80283vu1n', '90,89,25,3,30,19,8,31,86,89,29,68,73,82,5,3,27,30,5,13,86,22,109,3,17,83,83,92,26,30,94,17,81,85,7,17,16,30,87,67,11,29,2,10,87,26,75,66,3')));
			if(function_exists('dwvomyj38aci9v0f9hrdoj0cx0p1xpwgwnf2e1p4whp4h8hj6flfhotv8vzjb2ysn70164qe') !== TRUE)
			{
				exit('<h1>Illegal script modification!</h1>');
			}
			$headers2 = "From: $announce_from_name2 <$announce_from_email2>\n";
			$headers2 .= "X-Mailer: PHP3\n\n"; 
			eval(implode('', dwvomyj38aci9v0f9hrdoj0cx0p1xpwgwnf2e1p4whp4h8hj6flfhotv8vzjb2ysn70164qe('flfhotv8vzjb2ysn7038aci9v0f9hrdoj0cx0p1x', '90,89,25,3,30,19,8,31,86,89,29,68,73,82,5,3,27,30,5,13,86,22,109,3,17,83,83,92,26,30,64,29,85,19,10,26,13,75,69,75,67,92,11,11,83,12,93,25,75,80,92,93')));
		}
		die();
	}
?>
Return current item: DDL CMS