· 5 years ago · Feb 18, 2020, 07:04 AM
1# SkillonNet Hacked #
2# Did not respond to emails for over 2 weeks #
3# Hereby we are going to leak all source code of all casinos using SkillonNet #
4
5<?php
6Class Email{
7
8
9 private $secret_key = '6Lc8_zQUAAAAALO6wkWpyJOrDhnUJ9n9ailyhgTJ';
10 private $_request = [];
11 private $_code = 200;
12 private $_include = [
13 'HTTP_USER_AGENT',
14 'REMOTE_ADDR',
15 'REQUEST_METHOD'
16 ];
17
18
19 public function __construct(){
20
21
22 if($_SERVER['REQUEST_METHOD'] != "POST"){
23 $this->response("Page not Found", 404);
24 }
25
26
27 if(empty($_POST)){
28 $_POST = json_decode(file_get_contents('php://input'), true);
29 }
30
31
32 $this->_request = $this->prepareRequest($_POST);
33
34
35 foreach ($this->_include as $key => $value) {
36
37
38 if(!empty($_SERVER[$value])){
39 $this->_request[$value] = $_SERVER[$value];
40 }else{
41 $this->_request[$value] = null;
42 }
43 }
44 }
45
46
47 public function sendEmail(){
48
49
50 $this->checkRequest();
51
52
53 try {
54 $message = "<html>
55 <head>
56 <title>SkillOnNet.com contact form</title>
57 </head>
58 <body>
59 <h4>Contact form details:</h4>
60 <ul>
61 <li>Name: ".$this->_request['name']."</li>
62 <li>Email: ".$this->_request['email']."</li>
63 <li>Company: ".$this->_request['company']."</li>
64 <li>Telephone: ".$this->_request['telephone']."</li>
65 </ul>
66 <h5>Message:</h5>
67 <p>".$this->_request['message']."</p>
68 </body>
69 </html>";
70
71
72 $to = 'sergio@kpaxmarketing.com';//, tech@kpaxmarketing.com
73 $subject = 'SkillOnNet.com contact form!';
74
75
76 $headers = 'MIME-Version: 1.0' . "\r\n";
77 $headers .= 'Content-type: text/html; charset=utf-8' . "\r\n";
78 $headers .= "From: ".$this->_request['name']." <".$this->_request['email']."> \r\n";
79
80
81 mail($to, $subject, $message, $headers);
82
83
84 } catch (Exception $e) {
85 $this->response([
86 'message' => $e->getMessage()
87 ], 422);
88 }
89
90
91 $this->response([
92 'message' => 'Your message sent, We\'ll get back to you within the next 72 hours.'
93 ], 200);
94
95
96 }
97
98
99 public function response($data, $status = 200){
100 $this->_code = ($status) ? $status : 200;
101 $this->set_headers();
102 echo json_encode($data);
103 exit();
104 }
105
106
107 private function checkRequest(){
108 $request = $this->_request;
109
110
111 if(empty($request['response'])){
112 $this->response([
113 'message' => 'Please ensure that you are a human!'
114 ], 422);
115 }
116
117
118 if(!$this->checkCaptcha($request['response'])){
119 $this->response([
120 'message' => 'Please ensure that you are a human!'
121 ], 422);
122 }
123
124
125 if(empty($request['name'])){
126 $this->response([
127 'message' => 'The name field is required.'
128 ], 422);
129 }else{
130 if(!preg_match('/^[\w-]+$/i', $request['name'])){
131 $this->response([
132 'message' => 'The name may only contain letters, numbers, and dashes.'
133 ], 422);
134 }
135 }
136
137
138 if(empty($request['email'])){
139 $this->response([
140 'message' => 'The email field is required.'
141 ], 422);
142 }else{
143 if(!filter_var($request['email'], FILTER_VALIDATE_EMAIL)){
144 $this->response([
145 'message' => 'The email must be a valid email address.'
146 ], 422);
147 }
148 }
149
150
151 if(!empty($request['telephone'])){
152 if(!ctype_digit((string)$request['telephone'])){
153 $this->response([
154 'message' => 'The telephone must be a number.'
155 ], 422);
156 }
157 }
158
159
160 if(!empty($request['company'])){
161 if(!preg_match('/^[\w-]+$/i', $request['company'])){
162 $this->response([
163 'message' => 'The company may only contain letters, numbers, and dashes.'
164 ], 422);
165 }
166 }
167
168
169 if(empty($request['message'])){
170 $this->response([
171 'message' => 'The message field is required.'
172 ], 422);
173 }else{
174 $length = strlen(trim($request['message']));
175
176
177 if($length > 500 && $length < 10){
178 $this->response([
179 'message' => 'The message must be between 10 and 500 characters.'
180 ], 422);
181 }
182 }
183 }
184
185
186 private function checkCaptcha($response){
187
188
189 $parameters = http_build_query([
190 'secret' => $this->secret_key,
191 'remoteip' => $this->_request['REMOTE_ADDR'],
192 'response' => $response
193 ]);
194
195
196 $url = 'https://www.google.com/recaptcha/api/siteverify?' . $parameters;
197 $checkResponse = null;
198
199
200 // prefer curl, but fall back to file_get_contents
201 if (function_exists('curl_version')) {
202
203
204 $curl = curl_init($url);
205 curl_setopt($curl, CURLOPT_HEADER, false);
206 curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
207 curl_setopt($curl, CURLOPT_TIMEOUT, 1);
208
209
210 $checkResponse = curl_exec($curl);
211
212
213 } else {
214
215
216 $checkResponse = file_get_contents($url);
217
218
219 }
220
221
222 if (is_null($checkResponse) || empty( $checkResponse )) {
223 return false;
224 }
225
226
227 $decodedResponse = json_decode($checkResponse, true);
228
229
230 return $decodedResponse['success'];
231 }
232
233
234 private function prepareRequest($data){
235 $clean_input = array();
236 if(is_array($data)){
237 foreach($data as $k => $v){
238 $clean_input[$k] = $this->prepareRequest($v);
239 }
240 }else{
241 if(get_magic_quotes_gpc()){
242 $data = trim(stripslashes($data));
243 }
244
245
246 $data = strip_tags($data);
247 $clean_input = trim($data);
248 }
249
250
251 return $clean_input;
252 }
253
254
255 public function getRequest(){
256 return $this->_request;
257 }
258
259
260 private function set_headers(){
261 header("HTTP/1.1 ".$this->_code." ".$this->status_message());
262 header("Content-Type:application/json");
263 }
264
265
266 private function status_message(){
267 $status = [
268 200 => 'OK',
269 201 => 'Created',
270 204 => 'No Content',
271 404 => 'Not Found',
272 406 => 'Not Acceptable',
273 422 => 'Unprocessable Entity'
274 ];
275 return ($status[$this->_code])?$status[$this->_code]:$status[500];
276 }
277}
278
279
280$mail = New Email;
281
282
283
284
285$mail->sendEmail();
286
287
288?>