4 or $flag > 8 ) { break; } } if ( $deny_flag > 4 ) { $cookie_data = "ocer<>$time<>"; setcookie("coolusr", $cookie_data, time() + 10*24*60*60); die(); } # ポイント処理 $old_data = @file("./_log/acc_{$_REQUEST["num"]}.php"); $data = @fopen("./_log/acc_{$_REQUEST["num"]}.php", "a+"); flock($data, LOCK_EX); if ( count($old_data) >= 100 ) { array_splice($old_data, 0, 50); ftruncate($data, 0); foreach ( $old_data as $val ) { fputs($data, $val); } } fputs($data, "{$_SERVER["REMOTE_ADDR"]}\t$time\t\n"); flock($data, LOCK_UN); fclose($data); if ( $flag < 8 ) { $img_cnt = @file("_log/{$_REQUEST["num"]}.php"); $data = @fopen("_log/{$_REQUEST["num"]}.php", "a+"); flock($data, LOCK_EX); $img_cnt[0] = trim($img_cnt[0]); if ( !$img_cnt[0] ) { $img_cnt[0] = "0"; } $img_cnt[0]++; ftruncate($data, 0); fputs($data, "$img_cnt[0]\n&pt=$img_cnt[0]"); flock($data, LOCK_UN); fclose($data); } exit; } if ( mb_strpos($_SERVER["HTTP_REFERER"], "album.php" ) === FALSE and time() - $_REQUEST["fd"] > 100 ) { die(); } $_REQUEST["fc"] = pack("H*", $_REQUEST["fc"]); $_REQUEST["fc"] = trim($_REQUEST["fc"]); $chck_data = @file("./_log/acc_{$_REQUEST["fc"]}.php"); if ( !$chck_data ) { $chck_data = array(); } $accchck_data = array_reverse($chck_data); foreach ( $accchck_data as $vals ) { $val = mb_split("\t", $vals); if ( $val[0] == $_SERVER["REMOTE_ADDR"] ) { $flag ++; } if ( $time - $val[1] < $sec_vals[3] and $val[0] == $_SERVER["REMOTE_ADDR"] ) { $deny_flag ++; } if ( $deny_flag > 4 or $flag > 8 ) { break; } } if ( $deny_flag > 4 ) { $cookie_data = "ocer<>$time<>"; setcookie("coolusr", $cookie_data, time() + 10*24*60*60); die(); } $data = @file("./_log/{$_REQUEST["fn"]}.php"); foreach ( $data as $values ) { $value = mb_split("\t", $values); if ( $value[0] == $_REQUEST["fc"] ) { break; } } # ポイント処理 $old_data = @file("./_log/acc_{$_REQUEST["fc"]}.php"); $data = @fopen("./_log/acc_{$_REQUEST["fc"]}.php", "a+"); flock($data, LOCK_EX); if ( count($old_data) >= 100 ) { array_splice($old_data, 0, 50); ftruncate($data, 0); foreach ( $old_data as $val ) { fputs($data, $val); } } fputs($data, "{$_SERVER["REMOTE_ADDR"]}\t$time\n"); flock($data, LOCK_UN); fclose($data); if ( $flag < 8 ) { $img_cnt = @file("_log/{$_REQUEST["fc"]}.php"); $data = @fopen("_log/{$_REQUEST["fc"]}.php", "a+"); flock($data, LOCK_EX); $img_cnt[0] = trim($img_cnt[0]); if ( !$img_cnt[0] ) { $img_cnt[0] = "0"; } $img_cnt[0]++; ftruncate($data, 0); fputs($data, "$img_cnt[0]\n&pt=$img_cnt[0]"); flock($data, LOCK_UN); fclose($data); } $config = @file("_log/config.php") or die(); array_shift($config); array_pop($config); foreach ( $config as $val ) { $confg_val = mb_split("\t", $val); if ( $_REQUEST["fn"] == $confg_val[0] ) { break; } } $data = @file("./_log/{$_REQUEST["fn"]}.php"); foreach ( $data as $values ) { $value = mb_split("\t", $values); if ( $value[0] == $_REQUEST["fc"] ) { break; } } header("Content-type: image/jpeg"); header("Expires: Thu, 01 Dec 1994 16:00:00 GMT"); header("Last-Modified: ". gmdate("D, d M Y H:i:s"). " GMT"); header("Cache-Control: no-cache, must-revalidate"); header("Cache-Control: post-check=0, pre-check=0", false); header("Pragma: no-cache"); header("Content-Disposition: inline; filename=image.jpg"); header("Content-length: " . filesize("{$img_dir}/{$confg_val[2]}/{$_REQUEST["fc"]}{$value[28]}.jpg")); readfile("{$img_dir}/{$confg_val[2]}/{$_REQUEST["fc"]}{$value[28]}.jpg"); ?>