connect(); $_clientIP = $_SERVER['HTTP_X_REAL_IP']; $allowed_ips = array('85.25.86.37', '88.198.8.143', '213.202.245.164', '88.198.111.10'); if(isset($_GET['id']) && is_numeric($_GET['id']) && $_GET['id'] > 0) { $s_id = $_GET['id']; } else { die('Wrong s_id'); } $query = $db->prepare('select s.*, u.usr_apikey from smsboxes s, user u ' . 'where s.s_id=' . $s_id . ' && s.s_usr_id = u.usr_id && ' . 'u.usr_flag_status > 0 limit 1'); $query->exec(); if($query->num_rows() != 1) { die('Ungültiger Aufruf'); } $smsbox = $query->get_row(); $url = parse_url($smsbox->s_url); if(!isset($_GET['key'])) { if(gethostbyname($url['host']) != $_clientIP && !in_array($_clientIP, $allowed_ips)) { #$query = $db->prepare('insert into blocked_ips(bi_ip, bi_dt) values("' . $_clientIP . '", now())'); #$query->exec(); echo 'IP ' . $_clientIP . ' falsch.'; exit; } } else { if(empty($_GET['key']) || $_GET['key'] != $smsbox->usr_apikey) { echo 'Key ' . $_GET['key'] . ' falsch'; exit; } } if($_GET['action'] == 'total') { $ret = $smsbox->s_max_freesms_per_day; } elseif($_GET['action'] == 'rest') { $sms_today = $smsbox->s_today_sms; $ret = $smsbox->s_max_freesms_per_day - $sms_today; } elseif($_GET['action'] == 'sms_yesterday') { $sms_yesterday = $db->value('d_cnt_sms', 'daily_sms_stats', 'd_s_id="' . $s_id . '" && ' . 'd_date="' . date('Y-m-d', strtotime('-1 day')) . '"'); $ret = $sms_yesterday; } elseif($_GET['action'] == 'total_sms') { $sms_total = $db->value('sum(d_cnt_sms)', 'daily_sms_stats', 'd_s_id="' . $s_id . '"'); echo mysql_error(); $ret = $sms_total; } else { sleep(rand(14,17)); $ret = rand(250,450); } if(empty($ret)) $ret = "0"; echo $ret; exit; ?>