<?

# AdInformer
# Copyright 2003 Mark A. Aardsma <mark@adinformer.com>
# All Rights Reserved
# You may not use this software if you did not purchase it.
# You may not distribute this software to any other party.


# manual configuration options
# Set to the directory that contains your adinformer.ini file
# Path should end with a slash
$INI_FILE_PATH = "./ad/metric/";
$ADMIN_EMAIL = "webmaster03@ilrg.com";

$DOMAIN = ServerData("SERVER_NAME");

# END of configuration
# Do not modify anything beyond this point

if(!ReadIni()) {
  NotifyAdmin($ErrorMsg);
  ShowFailure();
}

if(!$INI['db_host'] || !$INI['db_db']) {
  NotifyAdmin("MySQL configuration not set in aninformer.ini. You need to run the admin script (index.php) first. If you see this error after running the admin script, you may need to contact AdInformer technical support.");
  ShowFailure();
}
  
if(!mysql_connect($INI['db_host'], $INI['db_username'], $INI['db_password'])) {
  $ErrorMsg = SQLErrorMsg("while connecting");
  NotifyAdmin($ErrorMsg);
  ShowFailure();
}

if(!mysql_select_db($INI['db_db'])) {
  $ErrorMsg = SQLErrorMsg("selecting db (" . $INI['db_db'] . ")");
  NotifyAdmin($ErrorMsg);
  ShowFailure();
}

$d = Data("d");
$mode = Data("mode");
# image is set through include
$kw = Data("kw");

if(!$d) {
  NotifyAdmin("No ad code (variable d) given. The jump.php script should only be linked to by URLs ending in ?d=<ad_code> where <ad_code> represents a valid ad code.");
  ShowFailure();
}

$REMOTE_ADDR = ServerData('REMOTE_ADDR');

if($mode == "ref") {
  if(Data("AIClickId")) {
    # don't override existing click with ref-mode click
    PrintNullScript();
    exit();
  }

  if(!PassedFraud($REMOTE_ADDR)) {
    PrintNullScript();
    exit();
  }

  PrintRefScript();
  exit();
}

if($mode == "do-ref") {
  $ref = Data("ref");
  if(!$ref) {
    # nothing to do
    ShowInvisibleImage();
    exit();
  }

  if(!PassedFraud($REMOTE_ADDR)) {
    ShowInvisibleImage();
    exit();
  }

  # need to extract root domain and keywords (if possible)
  if(preg_match("/(http|https):\/\/(.*?)\//", $ref, $matches)) {
    $domain = $matches[2];

    # store all in keyword field
    if(preg_match("/(q|query)=(.*?)(\&|\$)/", $ref, $matches)) {
      $kw = "$domain: $matches[2]";
    } else {
      $kw = "$domain";
    }
  } else {
    $kw = "unknown";
  }
}

# 3. Load ad data or fail
$d = addslashes(strtoupper($d));

$SQL = "select * from ai_ad where ad_code = \"$d\"";
$result = mysql_query($SQL);
if(!$result) {
  NotifyAdmin(SQLErrorMsg("loading ad data: $SQL"));
  ShowFailure();
}

$AdData = mysql_fetch_array($result);
if(!$AdData) {
  NotifyAdmin("Invalid ad code ($d) given. The jump.php script should only be linked to by URLs ending in ?d=<ad_code> where <ad_code> represents a valid ad code.");
  ShowFailure();
}

# 4. Check for existing AdInformer cookie and load previous jump information if from same ad
$AIClickId = Data("AIClickId");
if($AIClickId) {
  $AIClickd = addslashes($AIClickId);
  $SQL = "select * from ai_ad_click where click_id = \"$AIClickId\" and ad_code = \"$d\"";
  $result = mysql_query($SQL);
  if($result) {
    $ClickData = mysql_fetch_array($result);
  }
}

# 5. If not valid existing, Choose target URL

$SendTo = "";

if(!$force && $ClickData[sent_to]) {
  if($ClickData[sent_to] == $AdData[target_url_a]) {
    $SendTo = $ClickData[sent_to];
    $version = $ClickData[version];
  } else if ($ClickData[sent_to] == $AdData[target_url_b]) {
    $version = $ClickData[version];
    $SendTo = $ClickData[sent_to];
  }
}

if(!$SendTo) {
  if($AdData[target_url_b]) { # need to choose a or b target
    # determine version used for last click on this ad_code    
    $SQL = "select version from ai_ad_click where ad_code = \"$d\" order by click_id desc limit 1";
    $result = mysql_query($SQL);
    if($result) {
      $row = mysql_fetch_array($result);
      if($row[version] == "a") {
        $version = "b";
      } elseif($row[version] == "b") {
        $version = "a";
      }
    }

    if(!$version) {
      $Number = rand(0, 1);
      if($Number)
        $version = "b";
      else
        $version = "a";
    }

    if($version == "a") {
      $SendTo = $AdData[target_url_a];
    } else {
      $SendTo = $AdData[target_url_b];
    }
  } else { # only A
    $SendTo = $AdData[target_url_a];
    $version = "";
  }
}

if($image) {
  $SendTo = "[embedded image]";
  $version = '';
}

# 6. Log ad click, get visitor ID if not existing
if(!$kw)
  $kw = $AdData[def_keyword];

$kw = addslashes($kw);
if(!$ref) {
  $ref = addslashes(ServerData("HTTP_REFERER"));
}

$ua = addslashes(ServerData("HTTP_USER_AGENT"));

if(PassedFraud($REMOTE_ADDR)) {
  # get last non-free enter_cost
  $SQL = "select enter_cost from ai_ad_click where ad_code = \"$AdData[ad_code]\" and keyword = \"$kw\" and cost_entered = 'Y' order by click_id desc limit 1";
  $result = mysql_query($SQL);
  if(!$result) {
    NotifyAdmin(SQLErrorMsg("Getting previous cost: $SQL"));
    $GuessCost = 0;
  } else {
    $row = mysql_fetch_array($result);
    if($row)
      $GuessCost = $row[enter_cost];
    else
      $GuessCost = $AdData[def_cpc];
  }
  
  
  $SQL = "insert into ai_ad_click (click_id, ad_code, ad_id, group_id, outlet_id, keyword, http_referer, user_agent, remote_addr, guess_cost, enter_cost, sent_to, version, timestamp, buyer) values (0, \"$AdData[ad_code]\", \"$AdData[ad_id]\", \"$AdData[group_id]\", \"$AdData[outlet_id]\", \"$kw\", \"$ref\", \"$ua\", \"$REMOTE_ADDR\", \"$GuessCost\", '', \"$SendTo\", \"$version\", UNIX_TIMESTAMP(), '0')";
  mysql_query($SQL);
  if(SQLError()){
    NotifyAdmin(SQLErrorMsg("Logging click: $SQL"));
    ShowFailure();
  }

  $ClickId = mysql_insert_id();
} else { # end if passed fraud
  $ClickId = -1;
}

setcookie("AIClickId", $ClickId, time() + (60 * 60 * 24 * 60), "/", $DOMAIN);
setcookie("AIAdCode", "$AdData[ad_code]$version", time() + (60 * 60 * 24 * 60), "/", $DOMAIN);

# 8. Set custom cookie if configured 
if($INI[custom_adcode_cookie]) {
  setcookie($INI[custom_adcode_cookie], "$AdData[ad_code]$version", time() + (60 * 60 * 24 * 60), "/", $DOMAIN);
}

# print "Dummy redirecting to: $SendTo<br>\n";
if($image) { # dump image
  ShowInvisibleImage();
} else {
  header("Location: $SendTo");
}

exit();

function Data($VarName) {
  # use _REQUEST (_POST, _GET, _COOKIE,) first
  if(isset($_REQUEST[$VarName]))
    return $_REQUEST[$VarName];

  global $HTTP_POST_VARS;
  if(isset($HTTP_POST_VARS[$VarName]))
    return $HTTP_POST_VARS[$VarName];

  global $HTTP_GET_VARS;
  if(isset($HTTP_GET_VARS[$VarName]))
    return $HTTP_GET_VARS[$VarName];

  return "";
}

function PassedFraud($IP) {
  # is fraud control turned on?
  global $INI;

  if($INI[use_spam_controls] != 'Y' && $INI[use_spam_controls] != 'y') {
    return 1;
  }

  $Minutes = $INI[spam_min_sep];
  $MaxClicks = $INI[spam_max_clicks];

  if($Minutes < 1 || $MaxClicks < 1) {
    return 1;
  }

  $SQL = "select count(*) as count from ai_ad_click where remote_addr = \"$IP\" and timestamp >= (UNIX_TIMESTAMP() - ($Minutes * 60))";
  $result = mysql_query($SQL);
  if(!$result) {
    $ErrorMsg = SQLErrorMsg("while connecting");
    NotifyAdmin($ErrorMsg);
  }

  $row = mysql_fetch_array($result);
  $Clicks = $row[count];

  if($Clicks > $MaxClicks)
    return 0;

  return 1;
}

function ShowInvisibleImage() {
  header("Content-type: image/gif");

  $HexData = "47494638376101000100f700000000000000330000660000990000cc0000ff0033000033330033660033990033cc0033ff0066000066330066660066990066cc0066ff0099000099330099660099990099cc0099ff00cc0000cc3300cc6600cc9900cccc00ccff00ff0000ff3300ff6600ff9900ffcc00ffff3300003300333300663300993300cc3300ff3333003333333333663333993333cc3333ff3366003366333366663366993366cc3366ff3399003399333399663399993399cc3399ff33cc0033cc3333cc6633cc9933cccc33ccff33ff0033ff3333ff6633ff9933ffcc33ffff6600006600336600666600996600cc6600ff6633006633336633666633996633cc6633ff6666006666336666666666996666cc6666ff6699006699336699666699996699cc6699ff66cc0066cc3366cc6666cc9966cccc66ccff66ff0066ff3366ff6666ff9966ffcc66ffff9900009900339900669900999900cc9900ff9933009933339933669933999933cc9933ff9966009966339966669966999966cc9966ff9999009999339999669999999999cc9999ff99cc0099cc3399cc6699cc9999cccc99ccff99ff0099ff3399ff6699ff9999ffcc99ffffcc0000cc0033cc0066cc0099cc00cccc00ffcc3300cc3333cc3366cc3399cc33cccc33ffcc6600cc6633cc6666cc6699cc66cccc66ffcc9900cc9933cc9966cc9999cc99cccc99ffcccc00cccc33cccc66cccc99ccccccccccffccff00ccff33ccff66ccff99ccffccccffffff0000ff0033ff0066ff0099ff00ccff00ffff3300ff3333ff3366ff3399ff33ccff33ffff6600ff6633ff6666ff6699ff66ccff66ffff9900ff9933ff9966ff9999ff99ccff99ffffcc00ffcc33ffcc66ffcc99ffccccffccffffff00ffff33ffff66ffff99ffffccffffff0000000d0d0d1a1a1a2828283535354343435050505d5d5d6b6b6b787878868686939393a1a1a1aeaeaebbbbbbc9c9c9d6d6d6e4e4e4f1f1f1ffffff00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000021f904010000d7002c000000000100010000080400af0504003b";

  $len = strlen($HexData);
  print pack("H" . $len, $HexData);
}

function ServerData($VarName) {
  if(isset($_SERVER[$VarName]))
    return $_SERVER[$VarName];

  if(isset($_ENV[$VarName]))
    return $_ENV[$VarName];
  
  # then try HTTP_SERVER_VARS, HTTP_REQUEST_VARS, HTTP_ENV_VARS
  global $HTTP_SERVER_VARS;
  if(isset($HTTP_SERVER_VARS[$VarName]))
    return $HTTP_SERVER_VARS[$VarName];

  global $HTTP_ENV_VARS;
  if(isset($HTTP_ENV_VARS[$VarName]))
    return $HTTP_ENV_VARS[$VarName];

  return "";
}

function NotifyAdmin($ErrorMessage) {
  global $ADMIN_EMAIL;
  global $PHP_SELF;
  global $REMOTE_ADDR;
  global $HTTP_REFERER;

  $DateStamp = date("[Y-n-d h:i:s]");
 
  if(!$ADMIN_EMAIL)
   $ADMIN_EMAIL =  "webmaster@" . ServerData("SERVER_NAME");

  $Message = "$DateStamp\t $REMOTE_ADDR\t Error in $PHP_SELF\n";
  $Message .= "Referring page: $HTTP_REFERER\n";
  $Message .= "Error $While: $ErrorMessage\n";

  mail($ADMIN_EMAIL, "Error in $PHP_SELF", $Message);

  return 0;
}

function PrintNullScript() {
  header("Content-type: text/plain");

  print "// AI OK\n";

  return 1;
}

function PrintRefScript() {
  global $d;

  header("Content-type: text/plain");

  print "function urlencode(strText) {\n";
  print "  var isObj;\n";
  print "  var trimReg;\n";
  print "  if(typeof(strText) == \"string\") {\n";
  print "    if( strText != null ) {\n";
  print "      trimReg = /(^\s+)|(\s+$)/g;\n";
  print "      strText = strText.replace( trimReg, '');\n";
  print "      for(i=32;i<256;i++) {\n";
  print "        strText = strText.replace(String.fromCharCode(i),escape(String.fromCharCode(i)));\n";
  print "      }\n";
  print "    }\n";
  print "  } else {\n";
  print "    alert(typeof(strText));\n";
  print "  }\n";

  print "  return strText;\n";
  print "}\n";

  print "Ref = urlencode(document.referrer);\n";

  print "document.write(\"<img src=\\\"/image.php?d=$d&mode=do-ref&ref=\" + Ref + \"\\\">\");\n";

  return 1;
}

function ReadIni() {
  global $INI_FILE_PATH;
  global $INI;
  global $ErrorMsg;

  $ini = @fopen("${INI_FILE_PATH}adinformer.ini", "r");
  if(!$ini) {
    $ErrorMsg = "In ReadIni: Unable to open ini file (${INI_FILE_PATH}adinformer.ini) for reading. Make sure the INI_FILE_PATH setting in the jump.php file points to the location of adinformer.ini";
    return 0;
  }

  while(!feof($ini)) {
    $Line = fgets($ini, 1024);
    $Line = rtrim($Line);
    $LineParts = split("=", $Line, 2);
    $INI[$LineParts[0]] = $LineParts[1];
  }

  fclose($ini);  

  return 1;
}

function ShowFailure() {
  print "<html><head><title>Server Error</title></head>\n";
  print "<body bgcolor='#FFFFFF'>\n";
  print "<h1>Server Error</h1>\n";
  print "<p>We are currently experiencing technical difficulties. Our site administrator has been notified. Please try again later.</p><br>\n";
  print "</body></html>\n";

  exit();
}

function SQLError() {
  return mysql_errno();
}

function SQLErrorMsg($action) {
  return "SQL Error: $action<br>" . SQLError() . ": " . mysql_error() . ".";
}