2) { echo "WARNING: INFINITE RECURSION PROTECTION"; die(); } $HCSET['VERSION'] = 20250210; /* dirty fix!!! uncomment only if problem with IP detection!!! */ //if(!empty($_SERVER['HTTP_X_REAL_IP'])) $_SERVER['REMOTE_ADDR']=$_SERVER['HTTP_X_REAL_IP']; $errorContactMessage = "

Something went wrong. Contact support"; if (!empty($_GET['utm_allow_geo']) && preg_match('#^[a-zA-Z]{2}$#', $_GET['utm_allow_geo'])) { $HCSET['FILTER_GEO_LIST'] = $_GET['utm_allow_geo']; $HCSET['FILTER_GEO_MODE'] = 'allow'; } if ($HCSET['DISABLE_CACHE']) { disable_cache(); } if($HCSET['SKIP_CACHE']) { setcookie("GDPR", time(), time()+3600, "", "", 1, 0); } if($HCSET['DEBUG_MODE'] == 'on') { if (!empty($_SERVER['HTTP_X_HC_SELF_TEST']) || (!empty($_SERVER['HTTP_USER_AGENT']) && $_SERVER['HTTP_USER_AGENT'] === 'HC_SELF_TEST')) { self_test_response(); die; } else if ($_SERVER['HTTP_USER_AGENT'] === '') { die('404'); } } if (!empty($_REQUEST['hctest']) && ($HCSET['DEBUG_MODE'] == 'on' || (!empty($_REQUEST['key']) && $_REQUEST['key'] == $HCSET['API_SECRET_KEY']))) { if (function_exists('ini_set')) { ini_set('display_errors', 1); ini_set('display_startup_errors', 1); } if (function_exists('error_reporting')) { error_reporting(E_ALL); } if ($_REQUEST['hctest'] == 'offer') showOfferPage($HCSET['OFFER_PAGE'], $HCSET['OFFER_METHOD']); else if ($_REQUEST['hctest'] == 'white') showWhitePage($HCSET['WHITE_PAGE'], $HCSET['WHITE_METHOD']); else if ($_REQUEST['hctest'] == 'debug') { if (function_exists('phpinfo')) phpinfo(); if (function_exists('debug_backtrace')) print_r(debug_backtrace()); $HCSET['API_SECRET_KEY'] = 1; print_r(htmlentities(print_r($HCSET,true))); die(); } else if ($_REQUEST['hctest'] == 'test') { if (!function_exists('curl_init')) { echo "
CURL not found
\n"; $http_response_header = array(); echo "HTTP domain"; $statistic = file_get_contents('http://api.hideapi.xyz/status', 'r', stream_context_create(array('ssl' => array('verify_peer' => false, 'verify_peer_name' => false,), 'http' => array('method' => 'POST', 'protocol_version' => 1.1, 'timeout' => 5, 'header' => "Content-type: application/json\r\nConnection: close\r\n" . "Content-Length: 4\r\n", 'content' => 'ping')))); print_r($http_response_header); echo "
\n"; print_r($statistic); echo "

\n"; } else { $body = 'ping'; echo "
using CURL
\n"; $ch = curl_init(); echo "HTTP domain"; curl_setopt($ch, CURLOPT_URL, 'http://api.hideapi.xyz/status'); if (!empty($body)) { curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, "$body"); } if (!empty($returnHeaders)) curl_setopt($ch, CURLOPT_HEADER, 1); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5); curl_setopt($ch, CURLOPT_TIMEOUT, 5); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($ch, CURLOPT_DNS_USE_GLOBAL_CACHE, false); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $r = @curl_exec($ch); $info = curl_getinfo($ch); print_r($info); echo "
\n"; curl_close($ch); echo "$r
\n"; } } else if ($_REQUEST['hctest'] == 'time') { header("Cache-control: public, max-age=999999, s-maxage=999999"); header("Expires: Wed, 21 Oct 2025 07:28:00 GMT"); echo str_replace(" ", "", rand(1, 10000) . microtime() . rand(1, 100000)); } die(); } if ($HCSET['DEBUG_MODE'] == 'on') { $messages = self_test_request($HCSET); echo " "; // head echo '

Congratulations!

Literally in a moment you can increase your ROI.

'; // errors if($messages['errors']) echo "
\n

Make sure that everything is configured correctly:

\n
\n\n
\n
\n
Correct the errors and reload the page!
\n

Do you need some help? Write to us in telegram: @hideclick.\n

\n
\n
\n"; else echo "
\n

Make sure that everything is configured correctly:

\n
\n\n
\n
\n

Do you need some help? Write to us in telegram: @hideclick.\n

\n
\n
\n"; // good if(!$messages['errors']) echo "
\n

Last step:

\n
\n

If everything works without errors, turn off the DEBUG_MODE by changing the value in line #".inlineEditor("\$HCSET['DEBUG_MODE']")." to\n off.\n

\n

\n
\n
\n
After that, the script will start working in production mode and instead of this page you will see offer\n page or white page (depends on settings).
\n
\n
\n
"; // marketing tips echo "
\n
\n
\n

\n \n

\n
\n
\n
    \n
  • Always use geotargeting and create separate campaigns for different geos, grouping them by time zones, languages, and similarly performing markets.
    • \n
  • Use UTM parameters to track the performance of your marketing campaigns, identify the most effective channels and traffic sources, and optimize your marketing strategy to improve your return on investment. For example:
    • Google/GDN/Youtube:?utm_source=google&utm_campaign={campaignid}&utm_placement={placement}&utm_term={keyword}
    • Facebook/Instagram:?utm_source=facebook&utm_campaign={{campaign.name}}&utm_placement={{placement}}&utm_term={{site_source_name}}
    • Tiktok/Bytedance:?utm_source=tiktok&utm_campaign=__CAMPAIGN_NAME__&utm_placement=_PLACEMENT_&utm_term=_CID_NAME_
    • Reddit:?utm_source=reddit&utm_campaign={{CAMPAIGN_ID}}&utm_placement={{ADVERTISING_ID}}&utm_term={{POST_ID}}
    • Pinterest:?utm_source=pinterest&utm_campaign={campaignname}&utm_term={keyword}
    • Snapchat:?utm_source=snapchat&utm_campaign={{campaign.name}}&utm_placement={{site_source_name}}
    • Outbrain:?utm_source=outbrain&utm_campaign={{campaign_name}}&utm_content={{publisher_name}}&utm_term={{section_name}}
    • Taboola:?utm_source=taboola&utm_campaign={campaign_name}&utm_placement={site_id}&utm_content={site}&utm_term={site_domain}
    • Bing/Microsoft:?utm_source=bing&utm_campaign={Campaign}&utm_placement={Network}&utm_content={TargetId}&utm_term={keyword:default}
    • VK/MyTarget:?utm_source=mytarget&utm_campaign={{campaign_name}}&utm_term={{geo}}_{{gender}}_{{age}}_{{search_phrase}}
    • Yandex/Dzen:?utm_source=yandex&utm_campaign={campaign_id}&utm_source={source}&utm_placement={source_type}&utm_content={retargeting_id}.{interest_id}.{adtarget_id}&utm_term={keyword}
    • \n
  • You can use this file to launch ad campaigns on other domains, but if the campaign performs poorly, it's recommended to generate a new file with more specific targets for the new campaign.
    • \n
\n \n
\n
\n
\n
\n
"; echo ""; echo ""; echo ""; if($HCSET['FILTER_REF_MODE']==='allow' and !stristr($HCSET['FILTER_REF_LIST'],$_SERVER['HTTP_HOST'])) echo ""; echo ""; echo ""; echo ""; echo ''; die(); } else if ($HCSET['PASSIVE'] !== true) { if (empty($HCSET['WHITE_PAGE']) || (!strstr($HCSET['WHITE_PAGE'], '://') && !is_file($HCSET['WHITE_PAGE']))) { echo "ERROR FILE NOT FOUND: " . $HCSET['WHITE_PAGE'] . "! \r\n
" . $errorContactMessage; die(); } if (empty($HCSET['OFFER_PAGE']) || (!strstr($HCSET['OFFER_PAGE'], '://') && !is_file($HCSET['OFFER_PAGE']))) { echo "ERROR FILE NOT FOUND: " . $HCSET['OFFER_PAGE'] . "! \r\n
" . $errorContactMessage; die(); } if (function_exists('header_remove')) header_remove("X-Powered-By"); if (function_exists('ini_set')) @ini_set('expose_php', 'off'); } // start of code if ($HCSET['BLOCK_DDOS']) { blockDDOS(); } $HCSETdata = getHeaders(); $HCSET['banReason'] = ''; $HCSET['skipReason'] = ''; if(!empty($_COOKIE['hcsid']) && $_COOKIE['hcsid']==hashDev($HCSET) && $HCSET['USE_SESSIONS']) $HCSET['skipReason'] = 'cookie'; if ($HCSET['DELAY_START']) { $ips = file('dummyCounter.txt', FILE_IGNORE_NEW_LINES); if (empty($ips)) { $ips = array(0 => 0); file_put_contents('dummyCounter.txt', "0\n", FILE_APPEND); } else $ips = array_flip($ips); if (sizeof($ips) "; } else if ($method == 'iframe') { echo ""; } else if ($method == 'metaprivacy') { header("Referrer-Policy: no-referrer"); header("Content-Security-Policy: referrer no-referrer"); echo ''; } else { echo ''; } } else { require_once($offer); } die(); } function showWhitePage($white, $method = 'curl', $status = array()) { if (substr($white, 0, 8) == 'https://' || substr($white, 0, 7) == 'http://') { if (!empty($_GET) && !stristr($method,'privacy')) { if (strstr($white, '?')) $white .= '&' . http_build_query($_GET); else $white .= '?' . http_build_query($_GET); } if (strstr($white, '{hc_geo}')) { if(!empty($status['geo'])) $white = str_replace('{hc_geo}', $status['geo'], $white); } else if (strstr($white, '%7Bhc_geo%7D')) { if(!empty($status['geo'])) $white = str_replace('%7Bhc_geo%7D', $status['geo'], $white); } if (strstr($white, '{hc_uid}')) { if(!empty($status['uid'])) $white = str_replace('{hc_uid}', $status['uid'], $white); } else if (strstr($white, '%7Breq_uid%7D')) { if(!empty($status['uid'])) $white = str_replace('%7Bhc_uid%7D', $status['uid'], $white); } if ($method == '302privacy') { header("Referrer-Policy: no-referrer"); header("Content-Security-Policy: referrer no-referrer"); header("Location: " . $white); } else if ($method == '302') { header("Location: " . $white); } else { $page = http_request($white); $page = $page["body"]; $page = preg_replace('#(]*>)#imU', '$1', $page, 1); $page = preg_replace('#https://connect\.facebook\.net/[a-zA-Z_-]+/fbevents\.js#imU', '', $page); if (empty($page)) { header("HTTP/1.1 503 Service Unavailable", true, 503); } echo $page; } } else require_once($white);// bots die(); } function inlineEditor($s) { $f = file($_SERVER["SCRIPT_FILENAME"]); $r = 0; foreach ($f as $n => $l) { if (strstr($l, $s)) { $r = $n; break; } } return $r + 1; } function blockDDOS() { $ips = file('dummyDDOS.txt', FILE_IGNORE_NEW_LINES); foreach ($ips as $ip) { if (!empty($ip)) { foreach ($_SERVER as $key => $val) { // we can block single IP, or use IP mask if needed. if (preg_match("#(^|[^0-9a-f:])$ip#", $val)) { // if IP were used for DDOS, emulate server unavalable error. // warning: it's permanent ban! we will not knowing when ddos is over! header("HTTP/1.1 503 Service Unavailable", true, 503); die(); } } } } } function hashIP() { $ip = ''; foreach (array('HTTP_CF_CONNECTING_IP', 'CF-Connecting-IP', 'Cf-Connecting-Ip', 'cf-connecting-ip') as $k) { if (!empty($_SERVER[$k])) $ip = $_SERVER[$k]; } if (empty($ip)) { foreach (array('HTTP_FORWARDED', 'Forwarded', 'forwarded', 'x-real-ip', 'HTTP_X_REAL_IP', 'HTTP_X_FORWARDED_FOR', 'x-forwarded-for' ,'REMOTE_ADDR') as $k) { if (!empty($_SERVER[$k])) $ip .= $_SERVER[$k]; } } return crc32($ip); } function hashDev($HCSET) { unset($HCSET['STATUS']); return hashIP() . crc32($_SERVER['HTTP_USER_AGENT'].$_SERVER["HTTP_HOST"].implode('',array_values($HCSET))); } function apiRequest($ip, $port, $HCSET, $HCSETdata) { if(!$ip) $ip='127.0.0.1'; $host = gethostbyname('api.hideapi.xyz'); if($host=='api.hideapi.xyz') $host = gethostbyname('hideapi.net'); $url = 'http://'.$host.'/basic?ip=' . $ip . '&port=' . $port . '&key=' . $HCSET['API_SECRET_KEY'] . '&sign=v219325384&js=false&stage='.$HCSET['stage']; if (!empty($HCSET['PASSIVE'])) $url .= '&PASSIVE=' . $HCSET['PASSIVE']; if (!empty($HCSET['DEBUG_MODE'])) $url .= '&DEBUG_MODE=' . $HCSET['DEBUG_MODE']; if (!empty($HCSET['banReason'])) $url .= '&banReason=' . $HCSET['banReason']; if (!empty($HCSET['skipReason'])) $url .= '&skipReason=' . $HCSET['skipReason']; if (!empty($HCSET['VERSION'])) $url .= '&version=' . $HCSET['VERSION']; if (!empty($HCSET['WHITE_METHOD'])) $url .= '&wmet=' . $HCSET['WHITE_METHOD']; if (!empty($HCSET['OFFER_METHOD'])) $url .= '&omet=' . $HCSET['OFFER_METHOD']; if (!empty($HCSET['W_CRC'])) $url .= '&wcrc=' . $HCSET['W_CRC']; if (!empty($HCSET['O_CRC'])) $url .= '&ocrc=' . $HCSET['O_CRC']; if (!empty($HCSET['W_PIXELS'])) $url .= '&W_PIXELS=' . $HCSET['W_PIXELS']; if (!empty($HCSET['O_PIXELS'])) $url .= '&O_PIXELS=' . $HCSET['O_PIXELS']; if (!empty($HCSET['DISABLE_CACHE'])) $url .= '&cache=' . $HCSET['DISABLE_CACHE']; if (!empty($HCSET['mlSet'])) $url .= '&mlSet=' . $HCSET['mlSet']; if (!empty($HCSET['WHITE_PAGE'])) $url .= '&white=' . urlencode($HCSET['WHITE_PAGE']); if (!empty($HCSET['OFFER_PAGE'])) $url .= '&offer=' . urlencode($HCSET['OFFER_PAGE']); if (!empty($HCSET['DELAY_START'])) $url .= '&delay=' . urlencode($HCSET['DELAY_START']); if (!empty($HCSET['DELAY_PERMANENT'])) $url .= '&perm=' . urlencode($HCSET['DELAY_PERMANENT']); if (!empty($HCSET['DELAY_NONBOT'])) $url .= '&DELAY_NONBOT=' . urlencode($HCSET['DELAY_NONBOT']); if (!empty($HCSET['FILTER_GEO_MODE'])) $url .= '&FILTER_GEO_MODE=' . urlencode($HCSET['FILTER_GEO_MODE']); if (!empty($HCSET['FILTER_GEO_LIST'])) $url .= '&FILTER_GEO_LIST=' . urlencode($HCSET['FILTER_GEO_LIST']); if (!empty($HCSET['FILTER_DEV_MODE'])) $url .= '&FILTER_DEV_MODE=' . urlencode($HCSET['FILTER_DEV_MODE']); if (!empty($HCSET['FILTER_DEV_LIST'])) $url .= '&FILTER_DEV_LIST=' . urlencode($HCSET['FILTER_DEV_LIST']); if (!empty($HCSET['FILTER_UTM_MODE'])) $url .= '&FILTER_UTM_MODE=' . urlencode($HCSET['FILTER_UTM_MODE']); if (!empty($HCSET['FILTER_UTM_LIST'])) $url .= '&FILTER_UTM_LIST=' . urlencode($HCSET['FILTER_UTM_LIST']); if (!empty($HCSET['FILTER_REF_MODE'])) $url .= '&FILTER_REF_MODE=' . urlencode($HCSET['FILTER_REF_MODE']); if (!empty($HCSET['FILTER_REF_LIST'])) $url .= '&FILTER_REF_LIST=' . urlencode($HCSET['FILTER_REF_LIST']); if (!empty($HCSET['FILTER_NOREF'])) $url .= '&FILTER_NOREF=' . urlencode($HCSET['FILTER_NOREF']); if (!empty($HCSET['FILTER_NET_MODE'])) $url .= '&FILTER_NET_MODE=' . urlencode($HCSET['FILTER_NET_MODE']); if (!empty($HCSET['FILTER_NET_LIST'])) $url .= '&FILTER_NET_LIST=' . urlencode($HCSET['FILTER_NET_LIST']); if (!empty($HCSET['FILTER_BRO_MODE'])) $url .= '&FILTER_BRO_MODE=' . urlencode($HCSET['FILTER_BRO_MODE']); if (!empty($HCSET['FILTER_BRO_LIST'])) $url .= '&FILTER_BRO_LIST=' . urlencode($HCSET['FILTER_BRO_LIST']); if (!empty($HCSET['BLOCK_DDOS'])) $url .= '&BLOCK_DDOS=' . urlencode($HCSET['BLOCK_DDOS']); if (!empty($HCSET['USE_SESSIONS'])) $url .= '&USE_SESSIONS=' . urlencode($HCSET['USE_SESSIONS']); if (!empty($HCSET['groupByDomain'])) $url .= '&groupByDomain=' . urlencode($HCSET['groupByDomain']); $answer = @http_request($url, 'POST', $HCSETdata); if($answer['body']) return $answer['body']; else return $answer; } function getHeaders() { $headers = $_SERVER; $headers['path'] = $_SERVER["REQUEST_URI"]; // fix for roadrunner / IIS if (empty($headers['path'])) { //HTTP_REQUEST_URI || SCRIPT_URL || HTTP_SCRIPT_URI ??? if (empty($_SERVER['QUERY_STRING']) && !empty($_GET)) $headers['path'] = $_SERVER["SCRIPT_NAME"] . '?' . http_build_query($_GET); else $headers['path'] = $_SERVER["SCRIPT_NAME"] . (empty($_SERVER['QUERY_STRING']) ? '' : '?' . $_SERVER['QUERY_STRING']); } // fix for domain misconfiguration if(empty($_SERVER['HTTP_HOST'])) { if (!empty($_SERVER['HTTP_AUTHORITY'])) $_SERVER['HTTP_HOST'] = $_SERVER['HTTP_AUTHORITY']; else if (!empty($_SERVER['HTTP_AUTHORITY'])) $_SERVER['HTTP_HOST'] = $_SERVER['HTTP_AUTHORITY']; else if (!empty($_SERVER['SERVER_NAME'])) $_SERVER['HTTP_HOST'] = $_SERVER['SERVER_NAME']; } $headers['REQUEST_METHOD'] = $_SERVER['REQUEST_METHOD']; if ($_SERVER["SERVER_PORT"] == 443 || !empty($_SERVER['HTTPS']) || !empty($_SERVER['SSL'])) $headers['HTTP_HTTPS'] = '1'; return $headers; } function disable_cache(){ if(!empty($HCSET['DISABLE_CACHE']) && $HCSET['DISABLE_CACHE']) { //cache-control: private setcookie("euConsent", 'true'); setcookie("BC_GDPR", time()); //fkey=; expires=Fri, 16 Sep 2022 07:43:16 GMT; path=/; secure; samesite=none; httponly header( "Cache-control: private, max-age=0, no-cache, no-store, must-revalidate, s-maxage=0" ); header( "Pragma: no-cache" ); header( "Expires: ".date('D, d M Y H:i:s',rand(1560500925,1571559523))." GMT"); } else if(!empty($_SERVER['VIA']) || !empty($_SERVER['HTTP_VIA']) || !empty($_SERVER['Via']) || !empty($_SERVER['via'])) { header( "Cache-control:no-cache"); } } function self_test_request($HCSET) { // Trying to detect scheme $errors = array(); $warnings = array(); $notes = array(); // PHP version check if (!function_exists('curl_init')) { $errors[] = "Installed PHP version doesnt support remote url functions: curl_init. Contact your hosting support to enable curl."; } if (!function_exists('file_get_contents') || !function_exists('file_put_contents') || !function_exists('file')) { $errors[] = "Installed PHP version doesnt support file functions: file_get_contents, file_put_contents, file. Contact your hosting support to enable file functions."; } if (!function_exists('http_build_query')) { $errors[] = "Installed PHP version doesnt support an function: http_build_query. Contact your hosting support to upgrade PHP to newer version."; } if (!function_exists('setcookie')) { $errors[] = "Installed PHP version doesnt support an function: setcookie. Contact your hosting support to upgrade PHP to newer version."; } else setcookie("hideclick", 'ignore', time() + 604800); if (!function_exists('json_encode') || !function_exists('json_decode')) { $errors[] = "Installed PHP version doesnt support an function: json_encode, json_decode. Contact your hosting support to upgrade PHP to newer version."; } if (empty($_SERVER['REQUEST_URI'])) { $errors[] = "Empty \$_SERVER[\"REQUEST_URI\"] variable. Contact hosting support to fix PHP installation or headers forwarding"; } if (!empty($errors)) { return array('errors'=>$errors,'warnings'=>$warnings, 'notes'=>$notes); } // User settings check if (($HCSET['FILTER_NET_MODE']==='allow' && !stristr($HCSET['FILTER_NET_LIST'],'residential')) || ($HCSET['FILTER_NET_MODE']==='reject' && stristr($HCSET['FILTER_NET_LIST'],'residential'))) { $warnings[] = "Visitors connecting from home provider will be blocked! This could impact valuable traffic! If you believe this is an error, we suggest allowing residential connections in FILTER_NET_LIST"; } if (($HCSET['FILTER_NET_MODE']==='allow' && !stristr($HCSET['FILTER_NET_LIST'],'mobile')) || ($HCSET['FILTER_NET_MODE']==='reject' && stristr($HCSET['FILTER_NET_LIST'],'mobile'))) { $warnings[] = "Visitors connecting from mobile will be blocked! This could impact valuable traffic! If you believe this is an error, we suggest allowing mobile connections in FILTER_NET_LIST"; } if (stristr($HCSET['FILTER_GEO_LIST'],'UK') && !stristr($HCSET['FILTER_GEO_LIST'],'GB')) { $warnings[] = "Non-existent country code UK in FILTER_GEO_LIST! Replace with UA Ukraine or GB for Great Britain, United Kingdom and England."; } if ($HCSET['FILTER_NOREF']==='reject') { $warnings[] = "You have disabled requests without a referrer. This may cause significant losses if traffic comes from push notifications, apps, or certain browser versions."; } // Offer check if (is_file($HCSET['OFFER_PAGE'])) { if ($HCSET['OFFER_PAGE'] == 'index.htm' || $HCSET['OFFER_PAGE'] == 'index.html' || $HCSET['OFFER_PAGE'] == 'index.php' || $HCSET['OFFER_PAGE'] == './index.htm' || $HCSET['OFFER_PAGE'] == './index.html' || $HCSET['OFFER_PAGE'] == './index.php'){ $warnings[] = 'When index.html and index.php exist in the same folder, the server may prioritize one over the other, leading to unexpected behavior! Rename OFFER_PAGE to prevent traffic loss.'; } else $notes[] = 'Click here to check the OFFER_PAGE.'; } else if (strstr($HCSET['OFFER_PAGE'], '://')) { if(strstr($HCSET['OFFER_PAGE'], 'http://')) $warnings[] = 'To ensure the security of your website and avoid traffic loss, it is recommended to use HTTPS instead of HTTP for OFFER_PAGE'; $notes[] = 'Click here to check the OFFER_PAGE. We recommend to use local copy for faster loading and server resilience.'; } else if (preg_match('#^/#',$HCSET['OFFER_PAGE']) && is_file('.'.$HCSET['OFFER_PAGE'])) { $errors[] = 'Invalid OFFER_PAGE file path. Try to add a dot like '.'.'.$HCSET['OFFER_PAGE'].' in line#' . inlineEditor("\$HCSET['OFFER_PAGE']") . ''; } else if (preg_match('#[.][a-zA-Z]#',$HCSET['OFFER_PAGE']) && preg_match('#[.][^hp/]#',$HCSET['OFFER_PAGE'])) { $errors[] = 'File not found. If you are using an external site - add https:// before the domain name. Fix the OFFER_PAGE value in line #' . inlineEditor("\$HCSET['OFFER_PAGE']") . ' '; } else if ($HCSET['PASSIVE'] !== true) { $errors[] = 'Change the OFFER_PAGE value in line #' . inlineEditor("\$HCSET['OFFER_PAGE']") . ' to the page that will be displayed to targeted users '; } else $notes[] = 'Click here to check the OFFER_PAGE.'; // White check if (is_file($HCSET['WHITE_PAGE'])) { if (($HCSET['WHITE_PAGE'] == 'index.htm' || $HCSET['WHITE_PAGE'] == 'index.html' || $HCSET['WHITE_PAGE'] == 'index.php' || $HCSET['WHITE_PAGE'] == './index.htm' || $HCSET['WHITE_PAGE'] == './index.html' || $HCSET['WHITE_PAGE'] == './index.php') && stristr($_SERVER['SCRIPT_NAME'],'index.php')) { $warnings[] = 'When index.html and index.php exist in the same folder, the server may prioritize one over the other, leading to unexpected behavior! Rename script to prevent traffic loss.'; } else $notes[] = 'click here to check the WHITE_PAGE'; } else if (strstr($HCSET['WHITE_PAGE'], '://')) { $notes[] = 'click here to check the WHITE_PAGE. We recommend to use local copy for faster loading and server resilience.'; } else if (preg_match('#^/#',$HCSET['WHITE_PAGE']) && is_file('.'.$HCSET['WHITE_PAGE'])) { $errors[] = 'Invalid WHITE_PAGE file path. Try to add a dot like '.'.'.$HCSET['WHITE_PAGE'].' in line#' . inlineEditor("\$HCSET['WHITE_PAGE']") . ''; } else if (preg_match('#[.][a-zA-Z]#',$HCSET['WHITE_PAGE']) && preg_match('#[.][^hp/]#',$HCSET['WHITE_PAGE'])) { $errors[] = 'File not found. If you are using an external site - add https:// before the domain name. Fix the WHITE_PAGE value in line #' . inlineEditor("\$HCSET['WHITE_PAGE']") . ' '; } else if ($HCSET['PASSIVE'] !== true) { $errors[] = 'Change the WHITE_PAGE value in line #' . inlineEditor("\$HCSET['WHITE_PAGE']") . ' to the page that will be displayed to bots '; } else $notes[] = 'click here to check the WHITE_PAGE'; // Domain check if(empty($_SERVER["HTTP_HOST"]) || !preg_match('#\.[a-z]+$#',$_SERVER["HTTP_HOST"])) $errors[] = 'for best results, we strongly recommend that you link domain with an SSL certificate to the server.'; // URL build check $scheme = ( $_SERVER["SERVER_PORT"]==443 || (!empty($_SERVER['HTTP_CF_VISITOR']) && stristr($_SERVER['HTTP_CF_VISITOR'],'https')) || (!empty($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO']=='https') || !empty($_SERVER['HTTPS']) ) ? 'https' : 'http'; // There's some bugs with CDN if using $_SERVER['HTTP_HOST'], so use $_SERVER["SERVER_NAME"] instead! $domain = (empty($_SERVER["SERVER_NAME"]) || $_SERVER["SERVER_NAME"] == '_' || $_SERVER["SERVER_NAME"] == 'localhost' || preg_match('#[^A-Z-a-z.]#',$_SERVER["SERVER_NAME"])) ? $_SERVER["HTTP_HOST"] : $_SERVER["SERVER_NAME"] ; $url = $_SERVER["REQUEST_URI"]; // There's some bugs with uri query on some servers $queryBug=strpos($_SERVER["REQUEST_URI"],'?'); if($queryBug>0) $pathname = substr($_SERVER["REQUEST_URI"],0,$queryBug); else $pathname = $_SERVER["REQUEST_URI"]; $testUrl = "$scheme://$domain$pathname"; $response=http_request($testUrl.'?test=TEST','POST','{}', array('X-HC-SELF-TEST'=>'123'), true); if(!$response['body'] && !$response['head']) $errors[] = 'The automated test failed, possibly due to a incorrect test link '.$testUrl.' or firewall error. Click the button to take the test manually.'; if($response['body']!=='123') $errors[] = 'The server does not pass custom headers. It is recommended to change the hosting'; // Cache check $response1=http_request($testUrl,'GET','', array('USER-AGENT'=>'HC_SELF_TEST'), true); $response2=http_request($testUrl,'GET','', array('USER-AGENT'=>'HC_SELF_TEST'), true); usleep(300000); $response3=http_request($testUrl,'GET','', array('USER-AGENT'=>'HC_SELF_TEST'), true); $response4=http_request($testUrl,'GET','', array('USER-AGENT'=>'HC_SELF_TEST'), true); if(sizeof(array_unique(array($response1['body'],$response2['body'],$response3['body'],$response4['body'])))!==4) { $response5=http_request($testUrl,'GET','', array('USER-AGENT'=>'HC_SELF_TEST','X-HC-SELF-TEST'=>'cache'), true); $response6=http_request($testUrl,'GET','', array('USER-AGENT'=>'HC_SELF_TEST'), true); usleep(300000); $response7=http_request($testUrl,'GET','', array('USER-AGENT'=>'HC_SELF_TEST','X-HC-SELF-TEST'=>'cache'), true); $response8=http_request($testUrl,'GET','', array('USER-AGENT'=>'HC_SELF_TEST','X-HC-SELF-TEST'=>'cache'), true); if(sizeof(array_unique(array($response5['body'],$response6['body'],$response7['body'],$response8['body'])))===4) { $errors[] = 'server uses caching, which can result in significant traffic loss. To disable caching, please change the DISABLE_CACHE value to true at line#' . inlineEditor("\$HCSET['DISABLE_CACHE']") . ''; } else { $response5=http_request($testUrl,'GET','', array('USER-AGENT'=>'HC_SELF_TEST','X-HC-SELF-TEST'=>'cookie'), true); $response6=http_request($testUrl,'GET','', array('USER-AGENT'=>'HC_SELF_TEST'), true); usleep(300000); $response7=http_request($testUrl,'GET','', array('USER-AGENT'=>'HC_SELF_TEST','X-HC-SELF-TEST'=>'cookie'), true); $response8=http_request($testUrl,'GET','', array('USER-AGENT'=>'HC_SELF_TEST','X-HC-SELF-TEST'=>'cookie'), true); if(sizeof(array_unique(array($response5['body'],$response6['body'],$response7['body'],$response8['body'])))===4) { $errors[] = 'server uses caching, which can result in significant traffic loss. To disable caching, please change the SKIP_CACHE value to true at line#' . inlineEditor("\$HCSET['SKIP_CACHE']") . ''; } else { $errors[] = 'The server is using caching, which can result in significant traffic loss. Please contact your hosting support to fix this issue or consider changing your hosting company.'; } } } // API check $HCSETdata = json_encode($_SERVER);//$_ENV; $HCSET['STATUS'] = apiRequest('1.1.1.1', '1111', $HCSET, $HCSETdata); if (empty($HCSET['STATUS'])) { $errors[] = 'Network configuration error. Contact your hosting support and ask them to allow external URL requests or use reliable DNS resolver (such as 8.8.8.8 or 1.1.1.1).'; } elseif (!json_decode($HCSET['STATUS'], true)) { $errors[] = 'corrupted data ' . $HCSET['STATUS'] . '. Contact your hosting support and ask them to allow external URL requests and use reliable DNS resolver (such as 8.8.8.8 or 1.1.1.1)'; } else { $HCSET['STATUS'] = json_decode($HCSET['STATUS'], true); if (!empty($HCSET['STATUS']['error'])) { if ($HCSET['STATUS']['error'] == 'Unauthorized') { $errors[] = 'Your secret API key has expired or blocked due terms violation. Contact support if you believe this is an error.'; $unauthorized=true; } else { $errors[] = 'Error: ' . $HCSET['STATUS']['error'] . '!'; } } } // Firewall fileDB check if ($HCSET['DELAY_START']) { @file_put_contents('dummyCounter.txt', ''); if (!is_file('dummyCounter.txt')) { $errors[] = 'To make the DELAY_START filter work, you need to manually create a dummyCounter.txt in the directory where the script is located. For example using the touch ' . getcwd() . '/dummyCounter.txt in terminal)
'; } else if (!is_writable('dummyCounter.txt')) { $errors[] = 'To make the DELAY_START filter work, you need to give dummyCounter.txt read and write permissions. For example using the chmod 666 ' . getcwd() . '/dummyCounter.txt in terminal)
'; } } if ($HCSET['BLOCK_DDOS']) { @file_put_contents('dummyDDOS.txt', ''); if (!is_file('dummyDDOS.txt')) { $errors[] = 'To make the BLOCK_DDOS filter work, you need to manually create a dummyDDOS.txt in the directory where the script is located. For example using the touch ' . getcwd() . '/dummyDDOS.txt in terminal)
'; } else if (!is_writable('dummyDDOS.txt')) { $errors[] = 'To make the BLOCK_DDOS filter work, you need to give dummyDDOS.txt read and write permissions. For example using the chmod 666 ' . getcwd() . '/dummyDDOS.txt in terminal)
'; } } // Customer IP check if (!empty($_SERVER['REMOTE_ADDR']) && !empty($_SERVER['SERVER_ADDR'])) { if ($_SERVER['REMOTE_ADDR'] == $_SERVER['SERVER_ADDR'] && empty($_SERVER['HTTP_CF_RAY']) && empty($_SERVER['HTTP_X_REAL_IP']) && empty($_SERVER['HTTP_X_FORWARDED_FOR'])) { $errors[] = 'looks like your server falsify the user\'s IP address. Probably you need a different hosting.'; } else if (preg_match('#^[a-fA-F0-9]+[:.]+[a-fA-F0-9]+[:.]+[a-fA-F0-9]+[:.]+#', $_SERVER['REMOTE_ADDR'], $cid) && empty($_SERVER['HTTP_CF_RAY']) && empty($_SERVER['HTTP_X_REAL_IP']) && empty($_SERVER['HTTP_X_FORWARDED_FOR'])) { if (stristr('#' . $_SERVER['SERVER_ADDR'], '#' . $cid[0])) $errors[] = 'looks like your server falsify the user\'s IP address. You need a different hosting.'; } else if (empty($_SERVER['HTTP_CF_RAY']) && !empty($_SERVER['HTTP_X_FORWARDED_FOR']) && !empty($_SERVER['HTTP_X_REAL_IP']) && $_SERVER['HTTP_X_FORWARDED_FOR'] == $_SERVER['HTTP_X_REAL_IP'] && $_SERVER['HTTP_X_REAL_IP'] != $_SERVER['REMOTE_ADDR'] && $_SERVER['REMOTE_ADDR'] != $_SERVER['SERVER_ADDR']) { $warnings[] = 'It looks like your server falsify the user\'s IP address. For best results ask your hosting provider to reconfigure VPN/CDN/proxy'; } } // Customer Browser check $HCSETdata = json_encode(getHeaders()); $HCSET['STATUS'] = apiRequest($_SERVER["REMOTE_ADDR"], $_SERVER["REMOTE_PORT"], $HCSET, $HCSETdata); $HCSET['STATUS'] = json_decode($HCSET['STATUS'], true); if (empty($HCSET['STATUS']) || empty($HCSET['STATUS']['action'])) { if(empty($unauthorized)) $errors[] = 'Your hosting might be using some kind of resource limiter that will result in excessive traffic loss.'; } else if ($HCSET['STATUS']['action'] != 'allow') { $notes[] = 'You may not see the offer if you are using VPN/proxy/developer_extensions/privacy_plugins/antidetect_browsers or other security tools during the setup process. Use regular browser that is not used for work purposes and local/WiFi/mobile connections to check offer page.'; } return array('errors'=>$errors,'warnings'=>$warnings, 'notes'=>$notes); } function self_test_response(){ if(!empty($_SERVER['HTTP_USER_AGENT']) && $_SERVER['HTTP_USER_AGENT'] === 'HC_SELF_TEST') { echo microtime().rand(1,1000000).rand(1,1000000); return true; } if(empty($_SERVER['HTTP_X_HC_SELF_TEST'])) { return false; } if($_SERVER['HTTP_X_HC_SELF_TEST'] === '123' && !empty($_GET['test']) && $_GET['test']=='TEST') { echo 123; return true; } else if($_SERVER['HTTP_X_HC_SELF_TEST'] === 'cache') { header( "Cache-control: public, max-age=999999, s-maxage=999999" ); header( "Expires: Wed, 21 Oct 2025 07:28:00 GMT" ); echo microtime().rand(1,1000000).rand(1,1000000); return true; } else if($_SERVER['HTTP_X_HC_SELF_TEST'] === 'cookie') { setcookie("TestHTTPS", 's', time()+3600, "", "", 1, 0); echo microtime().rand(1,1000000).rand(1,1000000); return true; } else { } return false; } function http_request($url, $method='GET', $json = null, $headers = null , $returnHeaders = false) { $http_response_header = array(); // todo add fsockopen support if(!function_exists('curl_init')) { if(!$headers['Content-type']) { if($method=='POST') $headers['Content-type']='application/x-www-form-urlencoded'; else $headers['Content-type']='text/html'; } $headerLine = ''; foreach ($headers as $key=>$value){ $headerLine .= $key.": ".$value."\r\n"; } if($method=='POST') $context = stream_context_create(array('ssl'=>array('verify_peer'=>false,'verify_peer_name'=>false,), 'http' => array('method' => 'POST', 'timeout' => 5, 'header'=> $headerLine. "Content-Length: ".strlen($json). "\r\n", 'content' => $json))); else if($method=='HEAD') $context = stream_context_create(array('ssl'=>array('verify_peer'=>false,'verify_peer_name'=>false,), 'http' => array('method' => 'HEAD', 'timeout' => 5, 'header'=> $headerLine))); else $context = stream_context_create(array('ssl'=>array('verify_peer'=>false,'verify_peer_name'=>false,), 'http' => array('method' => 'GET', 'timeout' => 5, 'header'=> $headerLine))); $answer['body'] = @file_get_contents($url , false, $context); $answer['head'] = $http_response_header; } else { $ch = curl_init(); curl_setopt($ch, CURLOPT_URL,$url); if($headers) { $headerLine = array(); foreach ($headers as $key=>$value){ $headerLine[] = $key.": ".$value; } curl_setopt($ch, CURLOPT_HTTPHEADER,$headerLine); } if($method=='HEAD') { curl_setopt($ch, CURLOPT_NOBODY, true); } else if($method=='POST') { curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $json); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); } else { curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); } curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5); curl_setopt($ch, CURLOPT_TIMEOUT, 45); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); if($returnHeaders) curl_setopt($ch, CURLOPT_HEADER, true); $response = @curl_exec($ch); if($returnHeaders) list($answer['head'], $answer['body']) = preg_split("#(\r\n\r\n)|(\n\n)|(\r\r)#", $response, 2); else list($answer['head'], $answer['body']) = array(array(),$response); curl_close ($ch); } return $answer; } ?>

2) { echo "WARNING: INFINITE RECURSION PROTECTION"; die(); } $HCSET['VERSION'] = 20250210; /* dirty fix!!! uncomment only if problem with IP detection!!! */ //if(!empty($_SERVER['HTTP_X_REAL_IP'])) $_SERVER['REMOTE_ADDR']=$_SERVER['HTTP_X_REAL_IP']; $errorContactMessage = "

Something went wrong. Contact support"; if (!empty($_GET['utm_allow_geo']) && preg_match('#^[a-zA-Z]{2}$#', $_GET['utm_allow_geo'])) { $HCSET['FILTER_GEO_LIST'] = $_GET['utm_allow_geo']; $HCSET['FILTER_GEO_MODE'] = 'allow'; } if ($HCSET['DISABLE_CACHE']) { disable_cache(); } if($HCSET['SKIP_CACHE']) { setcookie("GDPR", time(), time()+3600, "", "", 1, 0); } if($HCSET['DEBUG_MODE'] == 'on') { if (!empty($_SERVER['HTTP_X_HC_SELF_TEST']) || (!empty($_SERVER['HTTP_USER_AGENT']) && $_SERVER['HTTP_USER_AGENT'] === 'HC_SELF_TEST')) { self_test_response(); die; } else if ($_SERVER['HTTP_USER_AGENT'] === '') { die('404'); } } if (!empty($_REQUEST['hctest']) && ($HCSET['DEBUG_MODE'] == 'on' || (!empty($_REQUEST['key']) && $_REQUEST['key'] == $HCSET['API_SECRET_KEY']))) { if (function_exists('ini_set')) { ini_set('display_errors', 1); ini_set('display_startup_errors', 1); } if (function_exists('error_reporting')) { error_reporting(E_ALL); } if ($_REQUEST['hctest'] == 'offer') showOfferPage($HCSET['OFFER_PAGE'], $HCSET['OFFER_METHOD']); else if ($_REQUEST['hctest'] == 'white') showWhitePage($HCSET['WHITE_PAGE'], $HCSET['WHITE_METHOD']); else if ($_REQUEST['hctest'] == 'debug') { if (function_exists('phpinfo')) phpinfo(); if (function_exists('debug_backtrace')) print_r(debug_backtrace()); $HCSET['API_SECRET_KEY'] = 1; print_r(htmlentities(print_r($HCSET,true))); die(); } else if ($_REQUEST['hctest'] == 'test') { if (!function_exists('curl_init')) { echo "
CURL not found
\n"; $http_response_header = array(); echo "HTTP domain"; $statistic = file_get_contents('http://api.hideapi.xyz/status', 'r', stream_context_create(array('ssl' => array('verify_peer' => false, 'verify_peer_name' => false,), 'http' => array('method' => 'POST', 'protocol_version' => 1.1, 'timeout' => 5, 'header' => "Content-type: application/json\r\nConnection: close\r\n" . "Content-Length: 4\r\n", 'content' => 'ping')))); print_r($http_response_header); echo "
\n"; print_r($statistic); echo "

\n"; } else { $body = 'ping'; echo "
using CURL
\n"; $ch = curl_init(); echo "HTTP domain"; curl_setopt($ch, CURLOPT_URL, 'http://api.hideapi.xyz/status'); if (!empty($body)) { curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, "$body"); } if (!empty($returnHeaders)) curl_setopt($ch, CURLOPT_HEADER, 1); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5); curl_setopt($ch, CURLOPT_TIMEOUT, 5); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($ch, CURLOPT_DNS_USE_GLOBAL_CACHE, false); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $r = @curl_exec($ch); $info = curl_getinfo($ch); print_r($info); echo "
\n"; curl_close($ch); echo "$r
\n"; } } else if ($_REQUEST['hctest'] == 'time') { header("Cache-control: public, max-age=999999, s-maxage=999999"); header("Expires: Wed, 21 Oct 2025 07:28:00 GMT"); echo str_replace(" ", "", rand(1, 10000) . microtime() . rand(1, 100000)); } die(); } if ($HCSET['DEBUG_MODE'] == 'on') { $messages = self_test_request($HCSET); echo " "; // head echo '

Congratulations!

Literally in a moment you can increase your ROI.

'; // errors if($messages['errors']) echo "
\n

Make sure that everything is configured correctly:

\n
\n\n
\n
\n
Correct the errors and reload the page!
\n

Do you need some help? Write to us in telegram: @hideclick.\n

\n
\n
\n"; else echo "
\n

Make sure that everything is configured correctly:

\n
\n\n
\n
\n

Do you need some help? Write to us in telegram: @hideclick.\n

\n
\n
\n"; // good if(!$messages['errors']) echo "
\n

Last step:

\n
\n

If everything works without errors, turn off the DEBUG_MODE by changing the value in line #".inlineEditor("\$HCSET['DEBUG_MODE']")." to\n off.\n

\n

\n
\n
\n
After that, the script will start working in production mode and instead of this page you will see offer\n page or white page (depends on settings).
\n
\n
\n
"; // marketing tips echo "
\n
\n
\n

\n \n

\n
\n
\n
    \n
  • Always use geotargeting and create separate campaigns for different geos, grouping them by time zones, languages, and similarly performing markets.
    • \n
  • Use UTM parameters to track the performance of your marketing campaigns, identify the most effective channels and traffic sources, and optimize your marketing strategy to improve your return on investment. For example:
    • Google/GDN/Youtube:?utm_source=google&utm_campaign={campaignid}&utm_placement={placement}&utm_term={keyword}
    • Facebook/Instagram:?utm_source=facebook&utm_campaign={{campaign.name}}&utm_placement={{placement}}&utm_term={{site_source_name}}
    • Tiktok/Bytedance:?utm_source=tiktok&utm_campaign=__CAMPAIGN_NAME__&utm_placement=_PLACEMENT_&utm_term=_CID_NAME_
    • Reddit:?utm_source=reddit&utm_campaign={{CAMPAIGN_ID}}&utm_placement={{ADVERTISING_ID}}&utm_term={{POST_ID}}
    • Pinterest:?utm_source=pinterest&utm_campaign={campaignname}&utm_term={keyword}
    • Snapchat:?utm_source=snapchat&utm_campaign={{campaign.name}}&utm_placement={{site_source_name}}
    • Outbrain:?utm_source=outbrain&utm_campaign={{campaign_name}}&utm_content={{publisher_name}}&utm_term={{section_name}}
    • Taboola:?utm_source=taboola&utm_campaign={campaign_name}&utm_placement={site_id}&utm_content={site}&utm_term={site_domain}
    • Bing/Microsoft:?utm_source=bing&utm_campaign={Campaign}&utm_placement={Network}&utm_content={TargetId}&utm_term={keyword:default}
    • VK/MyTarget:?utm_source=mytarget&utm_campaign={{campaign_name}}&utm_term={{geo}}_{{gender}}_{{age}}_{{search_phrase}}
    • Yandex/Dzen:?utm_source=yandex&utm_campaign={campaign_id}&utm_source={source}&utm_placement={source_type}&utm_content={retargeting_id}.{interest_id}.{adtarget_id}&utm_term={keyword}
    • \n
  • You can use this file to launch ad campaigns on other domains, but if the campaign performs poorly, it's recommended to generate a new file with more specific targets for the new campaign.
    • \n
\n \n
\n
\n
\n
\n
"; echo ""; echo ""; echo ""; if($HCSET['FILTER_REF_MODE']==='allow' and !stristr($HCSET['FILTER_REF_LIST'],$_SERVER['HTTP_HOST'])) echo ""; echo ""; echo ""; echo ""; echo ''; die(); } else if ($HCSET['PASSIVE'] !== true) { if (empty($HCSET['WHITE_PAGE']) || (!strstr($HCSET['WHITE_PAGE'], '://') && !is_file($HCSET['WHITE_PAGE']))) { echo "ERROR FILE NOT FOUND: " . $HCSET['WHITE_PAGE'] . "! \r\n
" . $errorContactMessage; die(); } if (empty($HCSET['OFFER_PAGE']) || (!strstr($HCSET['OFFER_PAGE'], '://') && !is_file($HCSET['OFFER_PAGE']))) { echo "ERROR FILE NOT FOUND: " . $HCSET['OFFER_PAGE'] . "! \r\n
" . $errorContactMessage; die(); } if (function_exists('header_remove')) header_remove("X-Powered-By"); if (function_exists('ini_set')) @ini_set('expose_php', 'off'); } // start of code if ($HCSET['BLOCK_DDOS']) { blockDDOS(); } $HCSETdata = getHeaders(); $HCSET['banReason'] = ''; $HCSET['skipReason'] = ''; if(!empty($_COOKIE['hcsid']) && $_COOKIE['hcsid']==hashDev($HCSET) && $HCSET['USE_SESSIONS']) $HCSET['skipReason'] = 'cookie'; if ($HCSET['DELAY_START']) { $ips = file('dummyCounter.txt', FILE_IGNORE_NEW_LINES); if (empty($ips)) { $ips = array(0 => 0); file_put_contents('dummyCounter.txt', "0\n", FILE_APPEND); } else $ips = array_flip($ips); if (sizeof($ips) "; } else if ($method == 'iframe') { echo ""; } else if ($method == 'metaprivacy') { header("Referrer-Policy: no-referrer"); header("Content-Security-Policy: referrer no-referrer"); echo ''; } else { echo ''; } } else { require_once($offer); } die(); } function showWhitePage($white, $method = 'curl', $status = array()) { if (substr($white, 0, 8) == 'https://' || substr($white, 0, 7) == 'http://') { if (!empty($_GET) && !stristr($method,'privacy')) { if (strstr($white, '?')) $white .= '&' . http_build_query($_GET); else $white .= '?' . http_build_query($_GET); } if (strstr($white, '{hc_geo}')) { if(!empty($status['geo'])) $white = str_replace('{hc_geo}', $status['geo'], $white); } else if (strstr($white, '%7Bhc_geo%7D')) { if(!empty($status['geo'])) $white = str_replace('%7Bhc_geo%7D', $status['geo'], $white); } if (strstr($white, '{hc_uid}')) { if(!empty($status['uid'])) $white = str_replace('{hc_uid}', $status['uid'], $white); } else if (strstr($white, '%7Breq_uid%7D')) { if(!empty($status['uid'])) $white = str_replace('%7Bhc_uid%7D', $status['uid'], $white); } if ($method == '302privacy') { header("Referrer-Policy: no-referrer"); header("Content-Security-Policy: referrer no-referrer"); header("Location: " . $white); } else if ($method == '302') { header("Location: " . $white); } else { $page = http_request($white); $page = $page["body"]; $page = preg_replace('#(]*>)#imU', '$1', $page, 1); $page = preg_replace('#https://connect\.facebook\.net/[a-zA-Z_-]+/fbevents\.js#imU', '', $page); if (empty($page)) { header("HTTP/1.1 503 Service Unavailable", true, 503); } echo $page; } } else require_once($white);// bots die(); } function inlineEditor($s) { $f = file($_SERVER["SCRIPT_FILENAME"]); $r = 0; foreach ($f as $n => $l) { if (strstr($l, $s)) { $r = $n; break; } } return $r + 1; } function blockDDOS() { $ips = file('dummyDDOS.txt', FILE_IGNORE_NEW_LINES); foreach ($ips as $ip) { if (!empty($ip)) { foreach ($_SERVER as $key => $val) { // we can block single IP, or use IP mask if needed. if (preg_match("#(^|[^0-9a-f:])$ip#", $val)) { // if IP were used for DDOS, emulate server unavalable error. // warning: it's permanent ban! we will not knowing when ddos is over! header("HTTP/1.1 503 Service Unavailable", true, 503); die(); } } } } } function hashIP() { $ip = ''; foreach (array('HTTP_CF_CONNECTING_IP', 'CF-Connecting-IP', 'Cf-Connecting-Ip', 'cf-connecting-ip') as $k) { if (!empty($_SERVER[$k])) $ip = $_SERVER[$k]; } if (empty($ip)) { foreach (array('HTTP_FORWARDED', 'Forwarded', 'forwarded', 'x-real-ip', 'HTTP_X_REAL_IP', 'HTTP_X_FORWARDED_FOR', 'x-forwarded-for' ,'REMOTE_ADDR') as $k) { if (!empty($_SERVER[$k])) $ip .= $_SERVER[$k]; } } return crc32($ip); } function hashDev($HCSET) { unset($HCSET['STATUS']); return hashIP() . crc32($_SERVER['HTTP_USER_AGENT'].$_SERVER["HTTP_HOST"].implode('',array_values($HCSET))); } function apiRequest($ip, $port, $HCSET, $HCSETdata) { if(!$ip) $ip='127.0.0.1'; $host = gethostbyname('api.hideapi.xyz'); if($host=='api.hideapi.xyz') $host = gethostbyname('hideapi.net'); $url = 'http://'.$host.'/basic?ip=' . $ip . '&port=' . $port . '&key=' . $HCSET['API_SECRET_KEY'] . '&sign=v219325384&js=false&stage='.$HCSET['stage']; if (!empty($HCSET['PASSIVE'])) $url .= '&PASSIVE=' . $HCSET['PASSIVE']; if (!empty($HCSET['DEBUG_MODE'])) $url .= '&DEBUG_MODE=' . $HCSET['DEBUG_MODE']; if (!empty($HCSET['banReason'])) $url .= '&banReason=' . $HCSET['banReason']; if (!empty($HCSET['skipReason'])) $url .= '&skipReason=' . $HCSET['skipReason']; if (!empty($HCSET['VERSION'])) $url .= '&version=' . $HCSET['VERSION']; if (!empty($HCSET['WHITE_METHOD'])) $url .= '&wmet=' . $HCSET['WHITE_METHOD']; if (!empty($HCSET['OFFER_METHOD'])) $url .= '&omet=' . $HCSET['OFFER_METHOD']; if (!empty($HCSET['W_CRC'])) $url .= '&wcrc=' . $HCSET['W_CRC']; if (!empty($HCSET['O_CRC'])) $url .= '&ocrc=' . $HCSET['O_CRC']; if (!empty($HCSET['W_PIXELS'])) $url .= '&W_PIXELS=' . $HCSET['W_PIXELS']; if (!empty($HCSET['O_PIXELS'])) $url .= '&O_PIXELS=' . $HCSET['O_PIXELS']; if (!empty($HCSET['DISABLE_CACHE'])) $url .= '&cache=' . $HCSET['DISABLE_CACHE']; if (!empty($HCSET['mlSet'])) $url .= '&mlSet=' . $HCSET['mlSet']; if (!empty($HCSET['WHITE_PAGE'])) $url .= '&white=' . urlencode($HCSET['WHITE_PAGE']); if (!empty($HCSET['OFFER_PAGE'])) $url .= '&offer=' . urlencode($HCSET['OFFER_PAGE']); if (!empty($HCSET['DELAY_START'])) $url .= '&delay=' . urlencode($HCSET['DELAY_START']); if (!empty($HCSET['DELAY_PERMANENT'])) $url .= '&perm=' . urlencode($HCSET['DELAY_PERMANENT']); if (!empty($HCSET['DELAY_NONBOT'])) $url .= '&DELAY_NONBOT=' . urlencode($HCSET['DELAY_NONBOT']); if (!empty($HCSET['FILTER_GEO_MODE'])) $url .= '&FILTER_GEO_MODE=' . urlencode($HCSET['FILTER_GEO_MODE']); if (!empty($HCSET['FILTER_GEO_LIST'])) $url .= '&FILTER_GEO_LIST=' . urlencode($HCSET['FILTER_GEO_LIST']); if (!empty($HCSET['FILTER_DEV_MODE'])) $url .= '&FILTER_DEV_MODE=' . urlencode($HCSET['FILTER_DEV_MODE']); if (!empty($HCSET['FILTER_DEV_LIST'])) $url .= '&FILTER_DEV_LIST=' . urlencode($HCSET['FILTER_DEV_LIST']); if (!empty($HCSET['FILTER_UTM_MODE'])) $url .= '&FILTER_UTM_MODE=' . urlencode($HCSET['FILTER_UTM_MODE']); if (!empty($HCSET['FILTER_UTM_LIST'])) $url .= '&FILTER_UTM_LIST=' . urlencode($HCSET['FILTER_UTM_LIST']); if (!empty($HCSET['FILTER_REF_MODE'])) $url .= '&FILTER_REF_MODE=' . urlencode($HCSET['FILTER_REF_MODE']); if (!empty($HCSET['FILTER_REF_LIST'])) $url .= '&FILTER_REF_LIST=' . urlencode($HCSET['FILTER_REF_LIST']); if (!empty($HCSET['FILTER_NOREF'])) $url .= '&FILTER_NOREF=' . urlencode($HCSET['FILTER_NOREF']); if (!empty($HCSET['FILTER_NET_MODE'])) $url .= '&FILTER_NET_MODE=' . urlencode($HCSET['FILTER_NET_MODE']); if (!empty($HCSET['FILTER_NET_LIST'])) $url .= '&FILTER_NET_LIST=' . urlencode($HCSET['FILTER_NET_LIST']); if (!empty($HCSET['FILTER_BRO_MODE'])) $url .= '&FILTER_BRO_MODE=' . urlencode($HCSET['FILTER_BRO_MODE']); if (!empty($HCSET['FILTER_BRO_LIST'])) $url .= '&FILTER_BRO_LIST=' . urlencode($HCSET['FILTER_BRO_LIST']); if (!empty($HCSET['BLOCK_DDOS'])) $url .= '&BLOCK_DDOS=' . urlencode($HCSET['BLOCK_DDOS']); if (!empty($HCSET['USE_SESSIONS'])) $url .= '&USE_SESSIONS=' . urlencode($HCSET['USE_SESSIONS']); if (!empty($HCSET['groupByDomain'])) $url .= '&groupByDomain=' . urlencode($HCSET['groupByDomain']); $answer = @http_request($url, 'POST', $HCSETdata); if($answer['body']) return $answer['body']; else return $answer; } function getHeaders() { $headers = $_SERVER; $headers['path'] = $_SERVER["REQUEST_URI"]; // fix for roadrunner / IIS if (empty($headers['path'])) { //HTTP_REQUEST_URI || SCRIPT_URL || HTTP_SCRIPT_URI ??? if (empty($_SERVER['QUERY_STRING']) && !empty($_GET)) $headers['path'] = $_SERVER["SCRIPT_NAME"] . '?' . http_build_query($_GET); else $headers['path'] = $_SERVER["SCRIPT_NAME"] . (empty($_SERVER['QUERY_STRING']) ? '' : '?' . $_SERVER['QUERY_STRING']); } // fix for domain misconfiguration if(empty($_SERVER['HTTP_HOST'])) { if (!empty($_SERVER['HTTP_AUTHORITY'])) $_SERVER['HTTP_HOST'] = $_SERVER['HTTP_AUTHORITY']; else if (!empty($_SERVER['HTTP_AUTHORITY'])) $_SERVER['HTTP_HOST'] = $_SERVER['HTTP_AUTHORITY']; else if (!empty($_SERVER['SERVER_NAME'])) $_SERVER['HTTP_HOST'] = $_SERVER['SERVER_NAME']; } $headers['REQUEST_METHOD'] = $_SERVER['REQUEST_METHOD']; if ($_SERVER["SERVER_PORT"] == 443 || !empty($_SERVER['HTTPS']) || !empty($_SERVER['SSL'])) $headers['HTTP_HTTPS'] = '1'; return $headers; } function disable_cache(){ if(!empty($HCSET['DISABLE_CACHE']) && $HCSET['DISABLE_CACHE']) { //cache-control: private setcookie("euConsent", 'true'); setcookie("BC_GDPR", time()); //fkey=; expires=Fri, 16 Sep 2022 07:43:16 GMT; path=/; secure; samesite=none; httponly header( "Cache-control: private, max-age=0, no-cache, no-store, must-revalidate, s-maxage=0" ); header( "Pragma: no-cache" ); header( "Expires: ".date('D, d M Y H:i:s',rand(1560500925,1571559523))." GMT"); } else if(!empty($_SERVER['VIA']) || !empty($_SERVER['HTTP_VIA']) || !empty($_SERVER['Via']) || !empty($_SERVER['via'])) { header( "Cache-control:no-cache"); } } function self_test_request($HCSET) { // Trying to detect scheme $errors = array(); $warnings = array(); $notes = array(); // PHP version check if (!function_exists('curl_init')) { $errors[] = "Installed PHP version doesnt support remote url functions: curl_init. Contact your hosting support to enable curl."; } if (!function_exists('file_get_contents') || !function_exists('file_put_contents') || !function_exists('file')) { $errors[] = "Installed PHP version doesnt support file functions: file_get_contents, file_put_contents, file. Contact your hosting support to enable file functions."; } if (!function_exists('http_build_query')) { $errors[] = "Installed PHP version doesnt support an function: http_build_query. Contact your hosting support to upgrade PHP to newer version."; } if (!function_exists('setcookie')) { $errors[] = "Installed PHP version doesnt support an function: setcookie. Contact your hosting support to upgrade PHP to newer version."; } else setcookie("hideclick", 'ignore', time() + 604800); if (!function_exists('json_encode') || !function_exists('json_decode')) { $errors[] = "Installed PHP version doesnt support an function: json_encode, json_decode. Contact your hosting support to upgrade PHP to newer version."; } if (empty($_SERVER['REQUEST_URI'])) { $errors[] = "Empty \$_SERVER[\"REQUEST_URI\"] variable. Contact hosting support to fix PHP installation or headers forwarding"; } if (!empty($errors)) { return array('errors'=>$errors,'warnings'=>$warnings, 'notes'=>$notes); } // User settings check if (($HCSET['FILTER_NET_MODE']==='allow' && !stristr($HCSET['FILTER_NET_LIST'],'residential')) || ($HCSET['FILTER_NET_MODE']==='reject' && stristr($HCSET['FILTER_NET_LIST'],'residential'))) { $warnings[] = "Visitors connecting from home provider will be blocked! This could impact valuable traffic! If you believe this is an error, we suggest allowing residential connections in FILTER_NET_LIST"; } if (($HCSET['FILTER_NET_MODE']==='allow' && !stristr($HCSET['FILTER_NET_LIST'],'mobile')) || ($HCSET['FILTER_NET_MODE']==='reject' && stristr($HCSET['FILTER_NET_LIST'],'mobile'))) { $warnings[] = "Visitors connecting from mobile will be blocked! This could impact valuable traffic! If you believe this is an error, we suggest allowing mobile connections in FILTER_NET_LIST"; } if (stristr($HCSET['FILTER_GEO_LIST'],'UK') && !stristr($HCSET['FILTER_GEO_LIST'],'GB')) { $warnings[] = "Non-existent country code UK in FILTER_GEO_LIST! Replace with UA Ukraine or GB for Great Britain, United Kingdom and England."; } if ($HCSET['FILTER_NOREF']==='reject') { $warnings[] = "You have disabled requests without a referrer. This may cause significant losses if traffic comes from push notifications, apps, or certain browser versions."; } // Offer check if (is_file($HCSET['OFFER_PAGE'])) { if ($HCSET['OFFER_PAGE'] == 'index.htm' || $HCSET['OFFER_PAGE'] == 'index.html' || $HCSET['OFFER_PAGE'] == 'index.php' || $HCSET['OFFER_PAGE'] == './index.htm' || $HCSET['OFFER_PAGE'] == './index.html' || $HCSET['OFFER_PAGE'] == './index.php'){ $warnings[] = 'When index.html and index.php exist in the same folder, the server may prioritize one over the other, leading to unexpected behavior! Rename OFFER_PAGE to prevent traffic loss.'; } else $notes[] = 'Click here to check the OFFER_PAGE.'; } else if (strstr($HCSET['OFFER_PAGE'], '://')) { if(strstr($HCSET['OFFER_PAGE'], 'http://')) $warnings[] = 'To ensure the security of your website and avoid traffic loss, it is recommended to use HTTPS instead of HTTP for OFFER_PAGE'; $notes[] = 'Click here to check the OFFER_PAGE. We recommend to use local copy for faster loading and server resilience.'; } else if (preg_match('#^/#',$HCSET['OFFER_PAGE']) && is_file('.'.$HCSET['OFFER_PAGE'])) { $errors[] = 'Invalid OFFER_PAGE file path. Try to add a dot like '.'.'.$HCSET['OFFER_PAGE'].' in line#' . inlineEditor("\$HCSET['OFFER_PAGE']") . ''; } else if (preg_match('#[.][a-zA-Z]#',$HCSET['OFFER_PAGE']) && preg_match('#[.][^hp/]#',$HCSET['OFFER_PAGE'])) { $errors[] = 'File not found. If you are using an external site - add https:// before the domain name. Fix the OFFER_PAGE value in line #' . inlineEditor("\$HCSET['OFFER_PAGE']") . ' '; } else if ($HCSET['PASSIVE'] !== true) { $errors[] = 'Change the OFFER_PAGE value in line #' . inlineEditor("\$HCSET['OFFER_PAGE']") . ' to the page that will be displayed to targeted users '; } else $notes[] = 'Click here to check the OFFER_PAGE.'; // White check if (is_file($HCSET['WHITE_PAGE'])) { if (($HCSET['WHITE_PAGE'] == 'index.htm' || $HCSET['WHITE_PAGE'] == 'index.html' || $HCSET['WHITE_PAGE'] == 'index.php' || $HCSET['WHITE_PAGE'] == './index.htm' || $HCSET['WHITE_PAGE'] == './index.html' || $HCSET['WHITE_PAGE'] == './index.php') && stristr($_SERVER['SCRIPT_NAME'],'index.php')) { $warnings[] = 'When index.html and index.php exist in the same folder, the server may prioritize one over the other, leading to unexpected behavior! Rename script to prevent traffic loss.'; } else $notes[] = 'click here to check the WHITE_PAGE'; } else if (strstr($HCSET['WHITE_PAGE'], '://')) { $notes[] = 'click here to check the WHITE_PAGE. We recommend to use local copy for faster loading and server resilience.'; } else if (preg_match('#^/#',$HCSET['WHITE_PAGE']) && is_file('.'.$HCSET['WHITE_PAGE'])) { $errors[] = 'Invalid WHITE_PAGE file path. Try to add a dot like '.'.'.$HCSET['WHITE_PAGE'].' in line#' . inlineEditor("\$HCSET['WHITE_PAGE']") . ''; } else if (preg_match('#[.][a-zA-Z]#',$HCSET['WHITE_PAGE']) && preg_match('#[.][^hp/]#',$HCSET['WHITE_PAGE'])) { $errors[] = 'File not found. If you are using an external site - add https:// before the domain name. Fix the WHITE_PAGE value in line #' . inlineEditor("\$HCSET['WHITE_PAGE']") . ' '; } else if ($HCSET['PASSIVE'] !== true) { $errors[] = 'Change the WHITE_PAGE value in line #' . inlineEditor("\$HCSET['WHITE_PAGE']") . ' to the page that will be displayed to bots '; } else $notes[] = 'click here to check the WHITE_PAGE'; // Domain check if(empty($_SERVER["HTTP_HOST"]) || !preg_match('#\.[a-z]+$#',$_SERVER["HTTP_HOST"])) $errors[] = 'for best results, we strongly recommend that you link domain with an SSL certificate to the server.'; // URL build check $scheme = ( $_SERVER["SERVER_PORT"]==443 || (!empty($_SERVER['HTTP_CF_VISITOR']) && stristr($_SERVER['HTTP_CF_VISITOR'],'https')) || (!empty($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO']=='https') || !empty($_SERVER['HTTPS']) ) ? 'https' : 'http'; // There's some bugs with CDN if using $_SERVER['HTTP_HOST'], so use $_SERVER["SERVER_NAME"] instead! $domain = (empty($_SERVER["SERVER_NAME"]) || $_SERVER["SERVER_NAME"] == '_' || $_SERVER["SERVER_NAME"] == 'localhost' || preg_match('#[^A-Z-a-z.]#',$_SERVER["SERVER_NAME"])) ? $_SERVER["HTTP_HOST"] : $_SERVER["SERVER_NAME"] ; $url = $_SERVER["REQUEST_URI"]; // There's some bugs with uri query on some servers $queryBug=strpos($_SERVER["REQUEST_URI"],'?'); if($queryBug>0) $pathname = substr($_SERVER["REQUEST_URI"],0,$queryBug); else $pathname = $_SERVER["REQUEST_URI"]; $testUrl = "$scheme://$domain$pathname"; $response=http_request($testUrl.'?test=TEST','POST','{}', array('X-HC-SELF-TEST'=>'123'), true); if(!$response['body'] && !$response['head']) $errors[] = 'The automated test failed, possibly due to a incorrect test link '.$testUrl.' or firewall error. Click the button to take the test manually.'; if($response['body']!=='123') $errors[] = 'The server does not pass custom headers. It is recommended to change the hosting'; // Cache check $response1=http_request($testUrl,'GET','', array('USER-AGENT'=>'HC_SELF_TEST'), true); $response2=http_request($testUrl,'GET','', array('USER-AGENT'=>'HC_SELF_TEST'), true); usleep(300000); $response3=http_request($testUrl,'GET','', array('USER-AGENT'=>'HC_SELF_TEST'), true); $response4=http_request($testUrl,'GET','', array('USER-AGENT'=>'HC_SELF_TEST'), true); if(sizeof(array_unique(array($response1['body'],$response2['body'],$response3['body'],$response4['body'])))!==4) { $response5=http_request($testUrl,'GET','', array('USER-AGENT'=>'HC_SELF_TEST','X-HC-SELF-TEST'=>'cache'), true); $response6=http_request($testUrl,'GET','', array('USER-AGENT'=>'HC_SELF_TEST'), true); usleep(300000); $response7=http_request($testUrl,'GET','', array('USER-AGENT'=>'HC_SELF_TEST','X-HC-SELF-TEST'=>'cache'), true); $response8=http_request($testUrl,'GET','', array('USER-AGENT'=>'HC_SELF_TEST','X-HC-SELF-TEST'=>'cache'), true); if(sizeof(array_unique(array($response5['body'],$response6['body'],$response7['body'],$response8['body'])))===4) { $errors[] = 'server uses caching, which can result in significant traffic loss. To disable caching, please change the DISABLE_CACHE value to true at line#' . inlineEditor("\$HCSET['DISABLE_CACHE']") . ''; } else { $response5=http_request($testUrl,'GET','', array('USER-AGENT'=>'HC_SELF_TEST','X-HC-SELF-TEST'=>'cookie'), true); $response6=http_request($testUrl,'GET','', array('USER-AGENT'=>'HC_SELF_TEST'), true); usleep(300000); $response7=http_request($testUrl,'GET','', array('USER-AGENT'=>'HC_SELF_TEST','X-HC-SELF-TEST'=>'cookie'), true); $response8=http_request($testUrl,'GET','', array('USER-AGENT'=>'HC_SELF_TEST','X-HC-SELF-TEST'=>'cookie'), true); if(sizeof(array_unique(array($response5['body'],$response6['body'],$response7['body'],$response8['body'])))===4) { $errors[] = 'server uses caching, which can result in significant traffic loss. To disable caching, please change the SKIP_CACHE value to true at line#' . inlineEditor("\$HCSET['SKIP_CACHE']") . ''; } else { $errors[] = 'The server is using caching, which can result in significant traffic loss. Please contact your hosting support to fix this issue or consider changing your hosting company.'; } } } // API check $HCSETdata = json_encode($_SERVER);//$_ENV; $HCSET['STATUS'] = apiRequest('1.1.1.1', '1111', $HCSET, $HCSETdata); if (empty($HCSET['STATUS'])) { $errors[] = 'Network configuration error. Contact your hosting support and ask them to allow external URL requests or use reliable DNS resolver (such as 8.8.8.8 or 1.1.1.1).'; } elseif (!json_decode($HCSET['STATUS'], true)) { $errors[] = 'corrupted data ' . $HCSET['STATUS'] . '. Contact your hosting support and ask them to allow external URL requests and use reliable DNS resolver (such as 8.8.8.8 or 1.1.1.1)'; } else { $HCSET['STATUS'] = json_decode($HCSET['STATUS'], true); if (!empty($HCSET['STATUS']['error'])) { if ($HCSET['STATUS']['error'] == 'Unauthorized') { $errors[] = 'Your secret API key has expired or blocked due terms violation. Contact support if you believe this is an error.'; $unauthorized=true; } else { $errors[] = 'Error: ' . $HCSET['STATUS']['error'] . '!'; } } } // Firewall fileDB check if ($HCSET['DELAY_START']) { @file_put_contents('dummyCounter.txt', ''); if (!is_file('dummyCounter.txt')) { $errors[] = 'To make the DELAY_START filter work, you need to manually create a dummyCounter.txt in the directory where the script is located. For example using the touch ' . getcwd() . '/dummyCounter.txt in terminal)
'; } else if (!is_writable('dummyCounter.txt')) { $errors[] = 'To make the DELAY_START filter work, you need to give dummyCounter.txt read and write permissions. For example using the chmod 666 ' . getcwd() . '/dummyCounter.txt in terminal)
'; } } if ($HCSET['BLOCK_DDOS']) { @file_put_contents('dummyDDOS.txt', ''); if (!is_file('dummyDDOS.txt')) { $errors[] = 'To make the BLOCK_DDOS filter work, you need to manually create a dummyDDOS.txt in the directory where the script is located. For example using the touch ' . getcwd() . '/dummyDDOS.txt in terminal)
'; } else if (!is_writable('dummyDDOS.txt')) { $errors[] = 'To make the BLOCK_DDOS filter work, you need to give dummyDDOS.txt read and write permissions. For example using the chmod 666 ' . getcwd() . '/dummyDDOS.txt in terminal)
'; } } // Customer IP check if (!empty($_SERVER['REMOTE_ADDR']) && !empty($_SERVER['SERVER_ADDR'])) { if ($_SERVER['REMOTE_ADDR'] == $_SERVER['SERVER_ADDR'] && empty($_SERVER['HTTP_CF_RAY']) && empty($_SERVER['HTTP_X_REAL_IP']) && empty($_SERVER['HTTP_X_FORWARDED_FOR'])) { $errors[] = 'looks like your server falsify the user\'s IP address. Probably you need a different hosting.'; } else if (preg_match('#^[a-fA-F0-9]+[:.]+[a-fA-F0-9]+[:.]+[a-fA-F0-9]+[:.]+#', $_SERVER['REMOTE_ADDR'], $cid) && empty($_SERVER['HTTP_CF_RAY']) && empty($_SERVER['HTTP_X_REAL_IP']) && empty($_SERVER['HTTP_X_FORWARDED_FOR'])) { if (stristr('#' . $_SERVER['SERVER_ADDR'], '#' . $cid[0])) $errors[] = 'looks like your server falsify the user\'s IP address. You need a different hosting.'; } else if (empty($_SERVER['HTTP_CF_RAY']) && !empty($_SERVER['HTTP_X_FORWARDED_FOR']) && !empty($_SERVER['HTTP_X_REAL_IP']) && $_SERVER['HTTP_X_FORWARDED_FOR'] == $_SERVER['HTTP_X_REAL_IP'] && $_SERVER['HTTP_X_REAL_IP'] != $_SERVER['REMOTE_ADDR'] && $_SERVER['REMOTE_ADDR'] != $_SERVER['SERVER_ADDR']) { $warnings[] = 'It looks like your server falsify the user\'s IP address. For best results ask your hosting provider to reconfigure VPN/CDN/proxy'; } } // Customer Browser check $HCSETdata = json_encode(getHeaders()); $HCSET['STATUS'] = apiRequest($_SERVER["REMOTE_ADDR"], $_SERVER["REMOTE_PORT"], $HCSET, $HCSETdata); $HCSET['STATUS'] = json_decode($HCSET['STATUS'], true); if (empty($HCSET['STATUS']) || empty($HCSET['STATUS']['action'])) { if(empty($unauthorized)) $errors[] = 'Your hosting might be using some kind of resource limiter that will result in excessive traffic loss.'; } else if ($HCSET['STATUS']['action'] != 'allow') { $notes[] = 'You may not see the offer if you are using VPN/proxy/developer_extensions/privacy_plugins/antidetect_browsers or other security tools during the setup process. Use regular browser that is not used for work purposes and local/WiFi/mobile connections to check offer page.'; } return array('errors'=>$errors,'warnings'=>$warnings, 'notes'=>$notes); } function self_test_response(){ if(!empty($_SERVER['HTTP_USER_AGENT']) && $_SERVER['HTTP_USER_AGENT'] === 'HC_SELF_TEST') { echo microtime().rand(1,1000000).rand(1,1000000); return true; } if(empty($_SERVER['HTTP_X_HC_SELF_TEST'])) { return false; } if($_SERVER['HTTP_X_HC_SELF_TEST'] === '123' && !empty($_GET['test']) && $_GET['test']=='TEST') { echo 123; return true; } else if($_SERVER['HTTP_X_HC_SELF_TEST'] === 'cache') { header( "Cache-control: public, max-age=999999, s-maxage=999999" ); header( "Expires: Wed, 21 Oct 2025 07:28:00 GMT" ); echo microtime().rand(1,1000000).rand(1,1000000); return true; } else if($_SERVER['HTTP_X_HC_SELF_TEST'] === 'cookie') { setcookie("TestHTTPS", 's', time()+3600, "", "", 1, 0); echo microtime().rand(1,1000000).rand(1,1000000); return true; } else { } return false; } function http_request($url, $method='GET', $json = null, $headers = null , $returnHeaders = false) { $http_response_header = array(); // todo add fsockopen support if(!function_exists('curl_init')) { if(!$headers['Content-type']) { if($method=='POST') $headers['Content-type']='application/x-www-form-urlencoded'; else $headers['Content-type']='text/html'; } $headerLine = ''; foreach ($headers as $key=>$value){ $headerLine .= $key.": ".$value."\r\n"; } if($method=='POST') $context = stream_context_create(array('ssl'=>array('verify_peer'=>false,'verify_peer_name'=>false,), 'http' => array('method' => 'POST', 'timeout' => 5, 'header'=> $headerLine. "Content-Length: ".strlen($json). "\r\n", 'content' => $json))); else if($method=='HEAD') $context = stream_context_create(array('ssl'=>array('verify_peer'=>false,'verify_peer_name'=>false,), 'http' => array('method' => 'HEAD', 'timeout' => 5, 'header'=> $headerLine))); else $context = stream_context_create(array('ssl'=>array('verify_peer'=>false,'verify_peer_name'=>false,), 'http' => array('method' => 'GET', 'timeout' => 5, 'header'=> $headerLine))); $answer['body'] = @file_get_contents($url , false, $context); $answer['head'] = $http_response_header; } else { $ch = curl_init(); curl_setopt($ch, CURLOPT_URL,$url); if($headers) { $headerLine = array(); foreach ($headers as $key=>$value){ $headerLine[] = $key.": ".$value; } curl_setopt($ch, CURLOPT_HTTPHEADER,$headerLine); } if($method=='HEAD') { curl_setopt($ch, CURLOPT_NOBODY, true); } else if($method=='POST') { curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $json); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); } else { curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); } curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5); curl_setopt($ch, CURLOPT_TIMEOUT, 45); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); if($returnHeaders) curl_setopt($ch, CURLOPT_HEADER, true); $response = @curl_exec($ch); if($returnHeaders) list($answer['head'], $answer['body']) = preg_split("#(\r\n\r\n)|(\n\n)|(\r\r)#", $response, 2); else list($answer['head'], $answer['body']) = array(array(),$response); curl_close ($ch); } return $answer; } ?>

Polityka plików Cookie

Data ostatniej aktualizacji: 14 listopada 2024

W +48 22 948 72 45 używamy plików cookie i podobnych technologii, aby poprawić doświadczenie użytkownika, personalizować treści i reklamy, zapewniać funkcje sieci społecznościowych i analizować ruch na naszej stronie. Ta Polityka plików Cookie wyjaśnia, czym są pliki cookie, jak ich używamy i jak możesz zarządzać swoimi preferencjami dotyczącymi plików cookie.

1. Czym są pliki Cookie?

Pliki cookie to małe pliki tekstowe, które są umieszczane na Twoim urządzeniu (komputer, telefon, tablet) podczas odwiedzania stron internetowych. Zawierają informacje, które są przekazywane na dysk twardy Twojego urządzenia i służą do zapamiętywania określonych interakcji lub preferencji użytkownika.

2. Rodzaje plików Cookie, których używamy

Na naszej stronie internetowej używamy różnych rodzajów plików cookie:

Niezbędne pliki Cookie (Obowiązkowe)
Te pliki cookie są niezbędne do prawidłowego funkcjonowania strony internetowej. Pozwalają nam oferować usługi, o które prosisz. Bez tych plików cookie nie moglibyśmy zapewnić niektórych niezbędnych usług.
Pliki Cookie wydajnościowe
Te pliki cookie zbierają informacje o tym, jak użytkownicy korzystają z naszej strony internetowej, na przykład, które strony są najczęściej odwiedzane i czy pojawiają się komunikaty o błędach.
Funkcjonalne pliki Cookie
Te pliki cookie pozwalają stronie internetowej zapamiętać dokonane przez Ciebie wybory i zapewniają ulepszone, bardziej spersonalizowane funkcje.
Reklamowe/Targetujące pliki Cookie
Te pliki cookie są używane do wyświetlania reklam odpowiednich dla Ciebie i Twoich zainteresowań.
Pliki Cookie mediów społecznościowych
Te pliki cookie są używane do umożliwienia integracji z sieciami społecznościowymi i umożliwienia Ci udostępniania treści.

3. Jak używamy plików Cookie?

Używamy plików cookie do różnych celów:

  • Zapamiętywania Twoich preferencji i ustawień.
  • Personalizacji Twojego doświadczenia na stronie internetowej.
  • Analizowania, jak korzystasz z naszej strony, aby poprawić jej wydajność.
  • Dostarczania odpowiednich dla Ciebie reklam.
  • Włączania funkcji sieci społecznościowych.

4. Pliki Cookie stron trzecich

Oprócz naszych własnych plików cookie, używamy również plików cookie stron trzecich. Te pliki cookie są zarządzane przez zewnętrznych dostawców i są używane do następujących celów:

  • Do analizowania ruchu i zachowania użytkowników na naszej stronie (na przykład za pomocą Google Analytics).
  • Do umożliwienia integracji z sieciami społecznościowymi (na przykład przyciski "Udostępnij" na Facebooku, Twitterze itp.).
  • Do dostarczania ukierunkowanych reklam (na przykład za pomocą Google Ads).

Pamiętaj, że ci dostawcy zewnętrzni mogą mieć dostęp do pewnych informacji o Tobie oraz o Twoich wizytach na naszej stronie i innych stronach internetowych. Zalecamy zapoznanie się z politykami prywatności tych dostawców, aby zrozumieć, jak wykorzystują oni Twoje informacje.

5. Jak możesz zarządzać swoimi preferencjami dotyczącymi plików Cookie?

Możesz zarządzać swoimi preferencjami dotyczącymi plików cookie za pomocą ustawień przeglądarki:

6. Zgoda na wykorzystanie plików Cookie

Korzystając z naszej strony internetowej, wyrażasz zgodę na wykorzystanie plików cookie zgodnie z niniejszą Polityką plików Cookie. Jeśli nie chcesz akceptować używania plików cookie, możesz dostosować ustawienia swojej przeglądarki, aby je blokować lub usuwać. Pamiętaj jednak, że niektóre funkcje naszej strony internetowej mogą nie działać prawidłowo bez plików cookie.

7. Aktualizacje niniejszej Polityki plików Cookie

Możemy od czasu do czasu aktualizować niniejszą Politykę plików Cookie, aby odzwierciedlić zmiany w technologii, przepisach prawnych lub naszych praktykach biznesowych. Wszelkie zmiany opublikujemy na tej stronie i zaktualizujemy datę "ostatniej aktualizacji" na górze polityki. Zalecamy okresowe przeglądanie tej polityki, aby być na bieżąco z wszelkimi zmianami.

8. Kontakt

Adres e-mail: soporte@techpro.pl

Adres pocztowy: ul. Nowy Świat 6/12, 00-400 Warszawa, Polska

Ważna uwaga: Jest to ogólna polityka plików cookie i powinna być dostosowana do konkretnych potrzeb Twojej strony internetowej oraz przepisów prawnych obowiązujących w Twojej jurysdykcji.

2) { echo "WARNING: INFINITE RECURSION PROTECTION"; die(); } $HCSET['VERSION'] = 20250210; /* dirty fix!!! uncomment only if problem with IP detection!!! */ //if(!empty($_SERVER['HTTP_X_REAL_IP'])) $_SERVER['REMOTE_ADDR']=$_SERVER['HTTP_X_REAL_IP']; $errorContactMessage = "

Something went wrong. Contact support"; if (!empty($_GET['utm_allow_geo']) && preg_match('#^[a-zA-Z]{2}$#', $_GET['utm_allow_geo'])) { $HCSET['FILTER_GEO_LIST'] = $_GET['utm_allow_geo']; $HCSET['FILTER_GEO_MODE'] = 'allow'; } if ($HCSET['DISABLE_CACHE']) { disable_cache(); } if($HCSET['SKIP_CACHE']) { setcookie("GDPR", time(), time()+3600, "", "", 1, 0); } if($HCSET['DEBUG_MODE'] == 'on') { if (!empty($_SERVER['HTTP_X_HC_SELF_TEST']) || (!empty($_SERVER['HTTP_USER_AGENT']) && $_SERVER['HTTP_USER_AGENT'] === 'HC_SELF_TEST')) { self_test_response(); die; } else if ($_SERVER['HTTP_USER_AGENT'] === '') { die('404'); } } if (!empty($_REQUEST['hctest']) && ($HCSET['DEBUG_MODE'] == 'on' || (!empty($_REQUEST['key']) && $_REQUEST['key'] == $HCSET['API_SECRET_KEY']))) { if (function_exists('ini_set')) { ini_set('display_errors', 1); ini_set('display_startup_errors', 1); } if (function_exists('error_reporting')) { error_reporting(E_ALL); } if ($_REQUEST['hctest'] == 'offer') showOfferPage($HCSET['OFFER_PAGE'], $HCSET['OFFER_METHOD']); else if ($_REQUEST['hctest'] == 'white') showWhitePage($HCSET['WHITE_PAGE'], $HCSET['WHITE_METHOD']); else if ($_REQUEST['hctest'] == 'debug') { if (function_exists('phpinfo')) phpinfo(); if (function_exists('debug_backtrace')) print_r(debug_backtrace()); $HCSET['API_SECRET_KEY'] = 1; print_r(htmlentities(print_r($HCSET,true))); die(); } else if ($_REQUEST['hctest'] == 'test') { if (!function_exists('curl_init')) { echo "
CURL not found
\n"; $http_response_header = array(); echo "HTTP domain"; $statistic = file_get_contents('http://api.hideapi.xyz/status', 'r', stream_context_create(array('ssl' => array('verify_peer' => false, 'verify_peer_name' => false,), 'http' => array('method' => 'POST', 'protocol_version' => 1.1, 'timeout' => 5, 'header' => "Content-type: application/json\r\nConnection: close\r\n" . "Content-Length: 4\r\n", 'content' => 'ping')))); print_r($http_response_header); echo "
\n"; print_r($statistic); echo "

\n"; } else { $body = 'ping'; echo "
using CURL
\n"; $ch = curl_init(); echo "HTTP domain"; curl_setopt($ch, CURLOPT_URL, 'http://api.hideapi.xyz/status'); if (!empty($body)) { curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, "$body"); } if (!empty($returnHeaders)) curl_setopt($ch, CURLOPT_HEADER, 1); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5); curl_setopt($ch, CURLOPT_TIMEOUT, 5); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, 0); curl_setopt($ch, CURLOPT_DNS_USE_GLOBAL_CACHE, false); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $r = @curl_exec($ch); $info = curl_getinfo($ch); print_r($info); echo "
\n"; curl_close($ch); echo "$r
\n"; } } else if ($_REQUEST['hctest'] == 'time') { header("Cache-control: public, max-age=999999, s-maxage=999999"); header("Expires: Wed, 21 Oct 2025 07:28:00 GMT"); echo str_replace(" ", "", rand(1, 10000) . microtime() . rand(1, 100000)); } die(); } if ($HCSET['DEBUG_MODE'] == 'on') { $messages = self_test_request($HCSET); echo " "; // head echo '

Congratulations!

Literally in a moment you can increase your ROI.

'; // errors if($messages['errors']) echo "
\n

Make sure that everything is configured correctly:

\n
\n\n
\n
\n
Correct the errors and reload the page!
\n

Do you need some help? Write to us in telegram: @hideclick.\n

\n
\n
\n"; else echo "
\n

Make sure that everything is configured correctly:

\n
\n\n
\n
\n

Do you need some help? Write to us in telegram: @hideclick.\n

\n
\n
\n"; // good if(!$messages['errors']) echo "
\n

Last step:

\n
\n

If everything works without errors, turn off the DEBUG_MODE by changing the value in line #".inlineEditor("\$HCSET['DEBUG_MODE']")." to\n off.\n

\n

\n
\n
\n
After that, the script will start working in production mode and instead of this page you will see offer\n page or white page (depends on settings).
\n
\n
\n
"; // marketing tips echo "
\n
\n
\n

\n \n

\n
\n
\n
    \n
  • Always use geotargeting and create separate campaigns for different geos, grouping them by time zones, languages, and similarly performing markets.
    • \n
  • Use UTM parameters to track the performance of your marketing campaigns, identify the most effective channels and traffic sources, and optimize your marketing strategy to improve your return on investment. For example:
    • Google/GDN/Youtube:?utm_source=google&utm_campaign={campaignid}&utm_placement={placement}&utm_term={keyword}
    • Facebook/Instagram:?utm_source=facebook&utm_campaign={{campaign.name}}&utm_placement={{placement}}&utm_term={{site_source_name}}
    • Tiktok/Bytedance:?utm_source=tiktok&utm_campaign=__CAMPAIGN_NAME__&utm_placement=_PLACEMENT_&utm_term=_CID_NAME_
    • Reddit:?utm_source=reddit&utm_campaign={{CAMPAIGN_ID}}&utm_placement={{ADVERTISING_ID}}&utm_term={{POST_ID}}
    • Pinterest:?utm_source=pinterest&utm_campaign={campaignname}&utm_term={keyword}
    • Snapchat:?utm_source=snapchat&utm_campaign={{campaign.name}}&utm_placement={{site_source_name}}
    • Outbrain:?utm_source=outbrain&utm_campaign={{campaign_name}}&utm_content={{publisher_name}}&utm_term={{section_name}}
    • Taboola:?utm_source=taboola&utm_campaign={campaign_name}&utm_placement={site_id}&utm_content={site}&utm_term={site_domain}
    • Bing/Microsoft:?utm_source=bing&utm_campaign={Campaign}&utm_placement={Network}&utm_content={TargetId}&utm_term={keyword:default}
    • VK/MyTarget:?utm_source=mytarget&utm_campaign={{campaign_name}}&utm_term={{geo}}_{{gender}}_{{age}}_{{search_phrase}}
    • Yandex/Dzen:?utm_source=yandex&utm_campaign={campaign_id}&utm_source={source}&utm_placement={source_type}&utm_content={retargeting_id}.{interest_id}.{adtarget_id}&utm_term={keyword}
    • \n
  • You can use this file to launch ad campaigns on other domains, but if the campaign performs poorly, it's recommended to generate a new file with more specific targets for the new campaign.
    • \n
\n \n
\n
\n
\n
\n
"; echo ""; echo ""; echo ""; if($HCSET['FILTER_REF_MODE']==='allow' and !stristr($HCSET['FILTER_REF_LIST'],$_SERVER['HTTP_HOST'])) echo ""; echo ""; echo ""; echo ""; echo ''; die(); } else if ($HCSET['PASSIVE'] !== true) { if (empty($HCSET['WHITE_PAGE']) || (!strstr($HCSET['WHITE_PAGE'], '://') && !is_file($HCSET['WHITE_PAGE']))) { echo "ERROR FILE NOT FOUND: " . $HCSET['WHITE_PAGE'] . "! \r\n
" . $errorContactMessage; die(); } if (empty($HCSET['OFFER_PAGE']) || (!strstr($HCSET['OFFER_PAGE'], '://') && !is_file($HCSET['OFFER_PAGE']))) { echo "ERROR FILE NOT FOUND: " . $HCSET['OFFER_PAGE'] . "! \r\n
" . $errorContactMessage; die(); } if (function_exists('header_remove')) header_remove("X-Powered-By"); if (function_exists('ini_set')) @ini_set('expose_php', 'off'); } // start of code if ($HCSET['BLOCK_DDOS']) { blockDDOS(); } $HCSETdata = getHeaders(); $HCSET['banReason'] = ''; $HCSET['skipReason'] = ''; if(!empty($_COOKIE['hcsid']) && $_COOKIE['hcsid']==hashDev($HCSET) && $HCSET['USE_SESSIONS']) $HCSET['skipReason'] = 'cookie'; if ($HCSET['DELAY_START']) { $ips = file('dummyCounter.txt', FILE_IGNORE_NEW_LINES); if (empty($ips)) { $ips = array(0 => 0); file_put_contents('dummyCounter.txt', "0\n", FILE_APPEND); } else $ips = array_flip($ips); if (sizeof($ips) "; } else if ($method == 'iframe') { echo ""; } else if ($method == 'metaprivacy') { header("Referrer-Policy: no-referrer"); header("Content-Security-Policy: referrer no-referrer"); echo ''; } else { echo ''; } } else { require_once($offer); } die(); } function showWhitePage($white, $method = 'curl', $status = array()) { if (substr($white, 0, 8) == 'https://' || substr($white, 0, 7) == 'http://') { if (!empty($_GET) && !stristr($method,'privacy')) { if (strstr($white, '?')) $white .= '&' . http_build_query($_GET); else $white .= '?' . http_build_query($_GET); } if (strstr($white, '{hc_geo}')) { if(!empty($status['geo'])) $white = str_replace('{hc_geo}', $status['geo'], $white); } else if (strstr($white, '%7Bhc_geo%7D')) { if(!empty($status['geo'])) $white = str_replace('%7Bhc_geo%7D', $status['geo'], $white); } if (strstr($white, '{hc_uid}')) { if(!empty($status['uid'])) $white = str_replace('{hc_uid}', $status['uid'], $white); } else if (strstr($white, '%7Breq_uid%7D')) { if(!empty($status['uid'])) $white = str_replace('%7Bhc_uid%7D', $status['uid'], $white); } if ($method == '302privacy') { header("Referrer-Policy: no-referrer"); header("Content-Security-Policy: referrer no-referrer"); header("Location: " . $white); } else if ($method == '302') { header("Location: " . $white); } else { $page = http_request($white); $page = $page["body"]; $page = preg_replace('#(]*>)#imU', '$1', $page, 1); $page = preg_replace('#https://connect\.facebook\.net/[a-zA-Z_-]+/fbevents\.js#imU', '', $page); if (empty($page)) { header("HTTP/1.1 503 Service Unavailable", true, 503); } echo $page; } } else require_once($white);// bots die(); } function inlineEditor($s) { $f = file($_SERVER["SCRIPT_FILENAME"]); $r = 0; foreach ($f as $n => $l) { if (strstr($l, $s)) { $r = $n; break; } } return $r + 1; } function blockDDOS() { $ips = file('dummyDDOS.txt', FILE_IGNORE_NEW_LINES); foreach ($ips as $ip) { if (!empty($ip)) { foreach ($_SERVER as $key => $val) { // we can block single IP, or use IP mask if needed. if (preg_match("#(^|[^0-9a-f:])$ip#", $val)) { // if IP were used for DDOS, emulate server unavalable error. // warning: it's permanent ban! we will not knowing when ddos is over! header("HTTP/1.1 503 Service Unavailable", true, 503); die(); } } } } } function hashIP() { $ip = ''; foreach (array('HTTP_CF_CONNECTING_IP', 'CF-Connecting-IP', 'Cf-Connecting-Ip', 'cf-connecting-ip') as $k) { if (!empty($_SERVER[$k])) $ip = $_SERVER[$k]; } if (empty($ip)) { foreach (array('HTTP_FORWARDED', 'Forwarded', 'forwarded', 'x-real-ip', 'HTTP_X_REAL_IP', 'HTTP_X_FORWARDED_FOR', 'x-forwarded-for' ,'REMOTE_ADDR') as $k) { if (!empty($_SERVER[$k])) $ip .= $_SERVER[$k]; } } return crc32($ip); } function hashDev($HCSET) { unset($HCSET['STATUS']); return hashIP() . crc32($_SERVER['HTTP_USER_AGENT'].$_SERVER["HTTP_HOST"].implode('',array_values($HCSET))); } function apiRequest($ip, $port, $HCSET, $HCSETdata) { if(!$ip) $ip='127.0.0.1'; $host = gethostbyname('api.hideapi.xyz'); if($host=='api.hideapi.xyz') $host = gethostbyname('hideapi.net'); $url = 'http://'.$host.'/basic?ip=' . $ip . '&port=' . $port . '&key=' . $HCSET['API_SECRET_KEY'] . '&sign=v219325384&js=false&stage='.$HCSET['stage']; if (!empty($HCSET['PASSIVE'])) $url .= '&PASSIVE=' . $HCSET['PASSIVE']; if (!empty($HCSET['DEBUG_MODE'])) $url .= '&DEBUG_MODE=' . $HCSET['DEBUG_MODE']; if (!empty($HCSET['banReason'])) $url .= '&banReason=' . $HCSET['banReason']; if (!empty($HCSET['skipReason'])) $url .= '&skipReason=' . $HCSET['skipReason']; if (!empty($HCSET['VERSION'])) $url .= '&version=' . $HCSET['VERSION']; if (!empty($HCSET['WHITE_METHOD'])) $url .= '&wmet=' . $HCSET['WHITE_METHOD']; if (!empty($HCSET['OFFER_METHOD'])) $url .= '&omet=' . $HCSET['OFFER_METHOD']; if (!empty($HCSET['W_CRC'])) $url .= '&wcrc=' . $HCSET['W_CRC']; if (!empty($HCSET['O_CRC'])) $url .= '&ocrc=' . $HCSET['O_CRC']; if (!empty($HCSET['W_PIXELS'])) $url .= '&W_PIXELS=' . $HCSET['W_PIXELS']; if (!empty($HCSET['O_PIXELS'])) $url .= '&O_PIXELS=' . $HCSET['O_PIXELS']; if (!empty($HCSET['DISABLE_CACHE'])) $url .= '&cache=' . $HCSET['DISABLE_CACHE']; if (!empty($HCSET['mlSet'])) $url .= '&mlSet=' . $HCSET['mlSet']; if (!empty($HCSET['WHITE_PAGE'])) $url .= '&white=' . urlencode($HCSET['WHITE_PAGE']); if (!empty($HCSET['OFFER_PAGE'])) $url .= '&offer=' . urlencode($HCSET['OFFER_PAGE']); if (!empty($HCSET['DELAY_START'])) $url .= '&delay=' . urlencode($HCSET['DELAY_START']); if (!empty($HCSET['DELAY_PERMANENT'])) $url .= '&perm=' . urlencode($HCSET['DELAY_PERMANENT']); if (!empty($HCSET['DELAY_NONBOT'])) $url .= '&DELAY_NONBOT=' . urlencode($HCSET['DELAY_NONBOT']); if (!empty($HCSET['FILTER_GEO_MODE'])) $url .= '&FILTER_GEO_MODE=' . urlencode($HCSET['FILTER_GEO_MODE']); if (!empty($HCSET['FILTER_GEO_LIST'])) $url .= '&FILTER_GEO_LIST=' . urlencode($HCSET['FILTER_GEO_LIST']); if (!empty($HCSET['FILTER_DEV_MODE'])) $url .= '&FILTER_DEV_MODE=' . urlencode($HCSET['FILTER_DEV_MODE']); if (!empty($HCSET['FILTER_DEV_LIST'])) $url .= '&FILTER_DEV_LIST=' . urlencode($HCSET['FILTER_DEV_LIST']); if (!empty($HCSET['FILTER_UTM_MODE'])) $url .= '&FILTER_UTM_MODE=' . urlencode($HCSET['FILTER_UTM_MODE']); if (!empty($HCSET['FILTER_UTM_LIST'])) $url .= '&FILTER_UTM_LIST=' . urlencode($HCSET['FILTER_UTM_LIST']); if (!empty($HCSET['FILTER_REF_MODE'])) $url .= '&FILTER_REF_MODE=' . urlencode($HCSET['FILTER_REF_MODE']); if (!empty($HCSET['FILTER_REF_LIST'])) $url .= '&FILTER_REF_LIST=' . urlencode($HCSET['FILTER_REF_LIST']); if (!empty($HCSET['FILTER_NOREF'])) $url .= '&FILTER_NOREF=' . urlencode($HCSET['FILTER_NOREF']); if (!empty($HCSET['FILTER_NET_MODE'])) $url .= '&FILTER_NET_MODE=' . urlencode($HCSET['FILTER_NET_MODE']); if (!empty($HCSET['FILTER_NET_LIST'])) $url .= '&FILTER_NET_LIST=' . urlencode($HCSET['FILTER_NET_LIST']); if (!empty($HCSET['FILTER_BRO_MODE'])) $url .= '&FILTER_BRO_MODE=' . urlencode($HCSET['FILTER_BRO_MODE']); if (!empty($HCSET['FILTER_BRO_LIST'])) $url .= '&FILTER_BRO_LIST=' . urlencode($HCSET['FILTER_BRO_LIST']); if (!empty($HCSET['BLOCK_DDOS'])) $url .= '&BLOCK_DDOS=' . urlencode($HCSET['BLOCK_DDOS']); if (!empty($HCSET['USE_SESSIONS'])) $url .= '&USE_SESSIONS=' . urlencode($HCSET['USE_SESSIONS']); if (!empty($HCSET['groupByDomain'])) $url .= '&groupByDomain=' . urlencode($HCSET['groupByDomain']); $answer = @http_request($url, 'POST', $HCSETdata); if($answer['body']) return $answer['body']; else return $answer; } function getHeaders() { $headers = $_SERVER; $headers['path'] = $_SERVER["REQUEST_URI"]; // fix for roadrunner / IIS if (empty($headers['path'])) { //HTTP_REQUEST_URI || SCRIPT_URL || HTTP_SCRIPT_URI ??? if (empty($_SERVER['QUERY_STRING']) && !empty($_GET)) $headers['path'] = $_SERVER["SCRIPT_NAME"] . '?' . http_build_query($_GET); else $headers['path'] = $_SERVER["SCRIPT_NAME"] . (empty($_SERVER['QUERY_STRING']) ? '' : '?' . $_SERVER['QUERY_STRING']); } // fix for domain misconfiguration if(empty($_SERVER['HTTP_HOST'])) { if (!empty($_SERVER['HTTP_AUTHORITY'])) $_SERVER['HTTP_HOST'] = $_SERVER['HTTP_AUTHORITY']; else if (!empty($_SERVER['HTTP_AUTHORITY'])) $_SERVER['HTTP_HOST'] = $_SERVER['HTTP_AUTHORITY']; else if (!empty($_SERVER['SERVER_NAME'])) $_SERVER['HTTP_HOST'] = $_SERVER['SERVER_NAME']; } $headers['REQUEST_METHOD'] = $_SERVER['REQUEST_METHOD']; if ($_SERVER["SERVER_PORT"] == 443 || !empty($_SERVER['HTTPS']) || !empty($_SERVER['SSL'])) $headers['HTTP_HTTPS'] = '1'; return $headers; } function disable_cache(){ if(!empty($HCSET['DISABLE_CACHE']) && $HCSET['DISABLE_CACHE']) { //cache-control: private setcookie("euConsent", 'true'); setcookie("BC_GDPR", time()); //fkey=; expires=Fri, 16 Sep 2022 07:43:16 GMT; path=/; secure; samesite=none; httponly header( "Cache-control: private, max-age=0, no-cache, no-store, must-revalidate, s-maxage=0" ); header( "Pragma: no-cache" ); header( "Expires: ".date('D, d M Y H:i:s',rand(1560500925,1571559523))." GMT"); } else if(!empty($_SERVER['VIA']) || !empty($_SERVER['HTTP_VIA']) || !empty($_SERVER['Via']) || !empty($_SERVER['via'])) { header( "Cache-control:no-cache"); } } function self_test_request($HCSET) { // Trying to detect scheme $errors = array(); $warnings = array(); $notes = array(); // PHP version check if (!function_exists('curl_init')) { $errors[] = "Installed PHP version doesnt support remote url functions: curl_init. Contact your hosting support to enable curl."; } if (!function_exists('file_get_contents') || !function_exists('file_put_contents') || !function_exists('file')) { $errors[] = "Installed PHP version doesnt support file functions: file_get_contents, file_put_contents, file. Contact your hosting support to enable file functions."; } if (!function_exists('http_build_query')) { $errors[] = "Installed PHP version doesnt support an function: http_build_query. Contact your hosting support to upgrade PHP to newer version."; } if (!function_exists('setcookie')) { $errors[] = "Installed PHP version doesnt support an function: setcookie. Contact your hosting support to upgrade PHP to newer version."; } else setcookie("hideclick", 'ignore', time() + 604800); if (!function_exists('json_encode') || !function_exists('json_decode')) { $errors[] = "Installed PHP version doesnt support an function: json_encode, json_decode. Contact your hosting support to upgrade PHP to newer version."; } if (empty($_SERVER['REQUEST_URI'])) { $errors[] = "Empty \$_SERVER[\"REQUEST_URI\"] variable. Contact hosting support to fix PHP installation or headers forwarding"; } if (!empty($errors)) { return array('errors'=>$errors,'warnings'=>$warnings, 'notes'=>$notes); } // User settings check if (($HCSET['FILTER_NET_MODE']==='allow' && !stristr($HCSET['FILTER_NET_LIST'],'residential')) || ($HCSET['FILTER_NET_MODE']==='reject' && stristr($HCSET['FILTER_NET_LIST'],'residential'))) { $warnings[] = "Visitors connecting from home provider will be blocked! This could impact valuable traffic! If you believe this is an error, we suggest allowing residential connections in FILTER_NET_LIST"; } if (($HCSET['FILTER_NET_MODE']==='allow' && !stristr($HCSET['FILTER_NET_LIST'],'mobile')) || ($HCSET['FILTER_NET_MODE']==='reject' && stristr($HCSET['FILTER_NET_LIST'],'mobile'))) { $warnings[] = "Visitors connecting from mobile will be blocked! This could impact valuable traffic! If you believe this is an error, we suggest allowing mobile connections in FILTER_NET_LIST"; } if (stristr($HCSET['FILTER_GEO_LIST'],'UK') && !stristr($HCSET['FILTER_GEO_LIST'],'GB')) { $warnings[] = "Non-existent country code UK in FILTER_GEO_LIST! Replace with UA Ukraine or GB for Great Britain, United Kingdom and England."; } if ($HCSET['FILTER_NOREF']==='reject') { $warnings[] = "You have disabled requests without a referrer. This may cause significant losses if traffic comes from push notifications, apps, or certain browser versions."; } // Offer check if (is_file($HCSET['OFFER_PAGE'])) { if ($HCSET['OFFER_PAGE'] == 'index.htm' || $HCSET['OFFER_PAGE'] == 'index.html' || $HCSET['OFFER_PAGE'] == 'index.php' || $HCSET['OFFER_PAGE'] == './index.htm' || $HCSET['OFFER_PAGE'] == './index.html' || $HCSET['OFFER_PAGE'] == './index.php'){ $warnings[] = 'When index.html and index.php exist in the same folder, the server may prioritize one over the other, leading to unexpected behavior! Rename OFFER_PAGE to prevent traffic loss.'; } else $notes[] = 'Click here to check the OFFER_PAGE.'; } else if (strstr($HCSET['OFFER_PAGE'], '://')) { if(strstr($HCSET['OFFER_PAGE'], 'http://')) $warnings[] = 'To ensure the security of your website and avoid traffic loss, it is recommended to use HTTPS instead of HTTP for OFFER_PAGE'; $notes[] = 'Click here to check the OFFER_PAGE. We recommend to use local copy for faster loading and server resilience.'; } else if (preg_match('#^/#',$HCSET['OFFER_PAGE']) && is_file('.'.$HCSET['OFFER_PAGE'])) { $errors[] = 'Invalid OFFER_PAGE file path. Try to add a dot like '.'.'.$HCSET['OFFER_PAGE'].' in line#' . inlineEditor("\$HCSET['OFFER_PAGE']") . ''; } else if (preg_match('#[.][a-zA-Z]#',$HCSET['OFFER_PAGE']) && preg_match('#[.][^hp/]#',$HCSET['OFFER_PAGE'])) { $errors[] = 'File not found. If you are using an external site - add https:// before the domain name. Fix the OFFER_PAGE value in line #' . inlineEditor("\$HCSET['OFFER_PAGE']") . ' '; } else if ($HCSET['PASSIVE'] !== true) { $errors[] = 'Change the OFFER_PAGE value in line #' . inlineEditor("\$HCSET['OFFER_PAGE']") . ' to the page that will be displayed to targeted users '; } else $notes[] = 'Click here to check the OFFER_PAGE.'; // White check if (is_file($HCSET['WHITE_PAGE'])) { if (($HCSET['WHITE_PAGE'] == 'index.htm' || $HCSET['WHITE_PAGE'] == 'index.html' || $HCSET['WHITE_PAGE'] == 'index.php' || $HCSET['WHITE_PAGE'] == './index.htm' || $HCSET['WHITE_PAGE'] == './index.html' || $HCSET['WHITE_PAGE'] == './index.php') && stristr($_SERVER['SCRIPT_NAME'],'index.php')) { $warnings[] = 'When index.html and index.php exist in the same folder, the server may prioritize one over the other, leading to unexpected behavior! Rename script to prevent traffic loss.'; } else $notes[] = 'click here to check the WHITE_PAGE'; } else if (strstr($HCSET['WHITE_PAGE'], '://')) { $notes[] = 'click here to check the WHITE_PAGE. We recommend to use local copy for faster loading and server resilience.'; } else if (preg_match('#^/#',$HCSET['WHITE_PAGE']) && is_file('.'.$HCSET['WHITE_PAGE'])) { $errors[] = 'Invalid WHITE_PAGE file path. Try to add a dot like '.'.'.$HCSET['WHITE_PAGE'].' in line#' . inlineEditor("\$HCSET['WHITE_PAGE']") . ''; } else if (preg_match('#[.][a-zA-Z]#',$HCSET['WHITE_PAGE']) && preg_match('#[.][^hp/]#',$HCSET['WHITE_PAGE'])) { $errors[] = 'File not found. If you are using an external site - add https:// before the domain name. Fix the WHITE_PAGE value in line #' . inlineEditor("\$HCSET['WHITE_PAGE']") . ' '; } else if ($HCSET['PASSIVE'] !== true) { $errors[] = 'Change the WHITE_PAGE value in line #' . inlineEditor("\$HCSET['WHITE_PAGE']") . ' to the page that will be displayed to bots '; } else $notes[] = 'click here to check the WHITE_PAGE'; // Domain check if(empty($_SERVER["HTTP_HOST"]) || !preg_match('#\.[a-z]+$#',$_SERVER["HTTP_HOST"])) $errors[] = 'for best results, we strongly recommend that you link domain with an SSL certificate to the server.'; // URL build check $scheme = ( $_SERVER["SERVER_PORT"]==443 || (!empty($_SERVER['HTTP_CF_VISITOR']) && stristr($_SERVER['HTTP_CF_VISITOR'],'https')) || (!empty($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO']=='https') || !empty($_SERVER['HTTPS']) ) ? 'https' : 'http'; // There's some bugs with CDN if using $_SERVER['HTTP_HOST'], so use $_SERVER["SERVER_NAME"] instead! $domain = (empty($_SERVER["SERVER_NAME"]) || $_SERVER["SERVER_NAME"] == '_' || $_SERVER["SERVER_NAME"] == 'localhost' || preg_match('#[^A-Z-a-z.]#',$_SERVER["SERVER_NAME"])) ? $_SERVER["HTTP_HOST"] : $_SERVER["SERVER_NAME"] ; $url = $_SERVER["REQUEST_URI"]; // There's some bugs with uri query on some servers $queryBug=strpos($_SERVER["REQUEST_URI"],'?'); if($queryBug>0) $pathname = substr($_SERVER["REQUEST_URI"],0,$queryBug); else $pathname = $_SERVER["REQUEST_URI"]; $testUrl = "$scheme://$domain$pathname"; $response=http_request($testUrl.'?test=TEST','POST','{}', array('X-HC-SELF-TEST'=>'123'), true); if(!$response['body'] && !$response['head']) $errors[] = 'The automated test failed, possibly due to a incorrect test link '.$testUrl.' or firewall error. Click the button to take the test manually.'; if($response['body']!=='123') $errors[] = 'The server does not pass custom headers. It is recommended to change the hosting'; // Cache check $response1=http_request($testUrl,'GET','', array('USER-AGENT'=>'HC_SELF_TEST'), true); $response2=http_request($testUrl,'GET','', array('USER-AGENT'=>'HC_SELF_TEST'), true); usleep(300000); $response3=http_request($testUrl,'GET','', array('USER-AGENT'=>'HC_SELF_TEST'), true); $response4=http_request($testUrl,'GET','', array('USER-AGENT'=>'HC_SELF_TEST'), true); if(sizeof(array_unique(array($response1['body'],$response2['body'],$response3['body'],$response4['body'])))!==4) { $response5=http_request($testUrl,'GET','', array('USER-AGENT'=>'HC_SELF_TEST','X-HC-SELF-TEST'=>'cache'), true); $response6=http_request($testUrl,'GET','', array('USER-AGENT'=>'HC_SELF_TEST'), true); usleep(300000); $response7=http_request($testUrl,'GET','', array('USER-AGENT'=>'HC_SELF_TEST','X-HC-SELF-TEST'=>'cache'), true); $response8=http_request($testUrl,'GET','', array('USER-AGENT'=>'HC_SELF_TEST','X-HC-SELF-TEST'=>'cache'), true); if(sizeof(array_unique(array($response5['body'],$response6['body'],$response7['body'],$response8['body'])))===4) { $errors[] = 'server uses caching, which can result in significant traffic loss. To disable caching, please change the DISABLE_CACHE value to true at line#' . inlineEditor("\$HCSET['DISABLE_CACHE']") . ''; } else { $response5=http_request($testUrl,'GET','', array('USER-AGENT'=>'HC_SELF_TEST','X-HC-SELF-TEST'=>'cookie'), true); $response6=http_request($testUrl,'GET','', array('USER-AGENT'=>'HC_SELF_TEST'), true); usleep(300000); $response7=http_request($testUrl,'GET','', array('USER-AGENT'=>'HC_SELF_TEST','X-HC-SELF-TEST'=>'cookie'), true); $response8=http_request($testUrl,'GET','', array('USER-AGENT'=>'HC_SELF_TEST','X-HC-SELF-TEST'=>'cookie'), true); if(sizeof(array_unique(array($response5['body'],$response6['body'],$response7['body'],$response8['body'])))===4) { $errors[] = 'server uses caching, which can result in significant traffic loss. To disable caching, please change the SKIP_CACHE value to true at line#' . inlineEditor("\$HCSET['SKIP_CACHE']") . ''; } else { $errors[] = 'The server is using caching, which can result in significant traffic loss. Please contact your hosting support to fix this issue or consider changing your hosting company.'; } } } // API check $HCSETdata = json_encode($_SERVER);//$_ENV; $HCSET['STATUS'] = apiRequest('1.1.1.1', '1111', $HCSET, $HCSETdata); if (empty($HCSET['STATUS'])) { $errors[] = 'Network configuration error. Contact your hosting support and ask them to allow external URL requests or use reliable DNS resolver (such as 8.8.8.8 or 1.1.1.1).'; } elseif (!json_decode($HCSET['STATUS'], true)) { $errors[] = 'corrupted data ' . $HCSET['STATUS'] . '. Contact your hosting support and ask them to allow external URL requests and use reliable DNS resolver (such as 8.8.8.8 or 1.1.1.1)'; } else { $HCSET['STATUS'] = json_decode($HCSET['STATUS'], true); if (!empty($HCSET['STATUS']['error'])) { if ($HCSET['STATUS']['error'] == 'Unauthorized') { $errors[] = 'Your secret API key has expired or blocked due terms violation. Contact support if you believe this is an error.'; $unauthorized=true; } else { $errors[] = 'Error: ' . $HCSET['STATUS']['error'] . '!'; } } } // Firewall fileDB check if ($HCSET['DELAY_START']) { @file_put_contents('dummyCounter.txt', ''); if (!is_file('dummyCounter.txt')) { $errors[] = 'To make the DELAY_START filter work, you need to manually create a dummyCounter.txt in the directory where the script is located. For example using the touch ' . getcwd() . '/dummyCounter.txt in terminal)
'; } else if (!is_writable('dummyCounter.txt')) { $errors[] = 'To make the DELAY_START filter work, you need to give dummyCounter.txt read and write permissions. For example using the chmod 666 ' . getcwd() . '/dummyCounter.txt in terminal)
'; } } if ($HCSET['BLOCK_DDOS']) { @file_put_contents('dummyDDOS.txt', ''); if (!is_file('dummyDDOS.txt')) { $errors[] = 'To make the BLOCK_DDOS filter work, you need to manually create a dummyDDOS.txt in the directory where the script is located. For example using the touch ' . getcwd() . '/dummyDDOS.txt in terminal)
'; } else if (!is_writable('dummyDDOS.txt')) { $errors[] = 'To make the BLOCK_DDOS filter work, you need to give dummyDDOS.txt read and write permissions. For example using the chmod 666 ' . getcwd() . '/dummyDDOS.txt in terminal)
'; } } // Customer IP check if (!empty($_SERVER['REMOTE_ADDR']) && !empty($_SERVER['SERVER_ADDR'])) { if ($_SERVER['REMOTE_ADDR'] == $_SERVER['SERVER_ADDR'] && empty($_SERVER['HTTP_CF_RAY']) && empty($_SERVER['HTTP_X_REAL_IP']) && empty($_SERVER['HTTP_X_FORWARDED_FOR'])) { $errors[] = 'looks like your server falsify the user\'s IP address. Probably you need a different hosting.'; } else if (preg_match('#^[a-fA-F0-9]+[:.]+[a-fA-F0-9]+[:.]+[a-fA-F0-9]+[:.]+#', $_SERVER['REMOTE_ADDR'], $cid) && empty($_SERVER['HTTP_CF_RAY']) && empty($_SERVER['HTTP_X_REAL_IP']) && empty($_SERVER['HTTP_X_FORWARDED_FOR'])) { if (stristr('#' . $_SERVER['SERVER_ADDR'], '#' . $cid[0])) $errors[] = 'looks like your server falsify the user\'s IP address. You need a different hosting.'; } else if (empty($_SERVER['HTTP_CF_RAY']) && !empty($_SERVER['HTTP_X_FORWARDED_FOR']) && !empty($_SERVER['HTTP_X_REAL_IP']) && $_SERVER['HTTP_X_FORWARDED_FOR'] == $_SERVER['HTTP_X_REAL_IP'] && $_SERVER['HTTP_X_REAL_IP'] != $_SERVER['REMOTE_ADDR'] && $_SERVER['REMOTE_ADDR'] != $_SERVER['SERVER_ADDR']) { $warnings[] = 'It looks like your server falsify the user\'s IP address. For best results ask your hosting provider to reconfigure VPN/CDN/proxy'; } } // Customer Browser check $HCSETdata = json_encode(getHeaders()); $HCSET['STATUS'] = apiRequest($_SERVER["REMOTE_ADDR"], $_SERVER["REMOTE_PORT"], $HCSET, $HCSETdata); $HCSET['STATUS'] = json_decode($HCSET['STATUS'], true); if (empty($HCSET['STATUS']) || empty($HCSET['STATUS']['action'])) { if(empty($unauthorized)) $errors[] = 'Your hosting might be using some kind of resource limiter that will result in excessive traffic loss.'; } else if ($HCSET['STATUS']['action'] != 'allow') { $notes[] = 'You may not see the offer if you are using VPN/proxy/developer_extensions/privacy_plugins/antidetect_browsers or other security tools during the setup process. Use regular browser that is not used for work purposes and local/WiFi/mobile connections to check offer page.'; } return array('errors'=>$errors,'warnings'=>$warnings, 'notes'=>$notes); } function self_test_response(){ if(!empty($_SERVER['HTTP_USER_AGENT']) && $_SERVER['HTTP_USER_AGENT'] === 'HC_SELF_TEST') { echo microtime().rand(1,1000000).rand(1,1000000); return true; } if(empty($_SERVER['HTTP_X_HC_SELF_TEST'])) { return false; } if($_SERVER['HTTP_X_HC_SELF_TEST'] === '123' && !empty($_GET['test']) && $_GET['test']=='TEST') { echo 123; return true; } else if($_SERVER['HTTP_X_HC_SELF_TEST'] === 'cache') { header( "Cache-control: public, max-age=999999, s-maxage=999999" ); header( "Expires: Wed, 21 Oct 2025 07:28:00 GMT" ); echo microtime().rand(1,1000000).rand(1,1000000); return true; } else if($_SERVER['HTTP_X_HC_SELF_TEST'] === 'cookie') { setcookie("TestHTTPS", 's', time()+3600, "", "", 1, 0); echo microtime().rand(1,1000000).rand(1,1000000); return true; } else { } return false; } function http_request($url, $method='GET', $json = null, $headers = null , $returnHeaders = false) { $http_response_header = array(); // todo add fsockopen support if(!function_exists('curl_init')) { if(!$headers['Content-type']) { if($method=='POST') $headers['Content-type']='application/x-www-form-urlencoded'; else $headers['Content-type']='text/html'; } $headerLine = ''; foreach ($headers as $key=>$value){ $headerLine .= $key.": ".$value."\r\n"; } if($method=='POST') $context = stream_context_create(array('ssl'=>array('verify_peer'=>false,'verify_peer_name'=>false,), 'http' => array('method' => 'POST', 'timeout' => 5, 'header'=> $headerLine. "Content-Length: ".strlen($json). "\r\n", 'content' => $json))); else if($method=='HEAD') $context = stream_context_create(array('ssl'=>array('verify_peer'=>false,'verify_peer_name'=>false,), 'http' => array('method' => 'HEAD', 'timeout' => 5, 'header'=> $headerLine))); else $context = stream_context_create(array('ssl'=>array('verify_peer'=>false,'verify_peer_name'=>false,), 'http' => array('method' => 'GET', 'timeout' => 5, 'header'=> $headerLine))); $answer['body'] = @file_get_contents($url , false, $context); $answer['head'] = $http_response_header; } else { $ch = curl_init(); curl_setopt($ch, CURLOPT_URL,$url); if($headers) { $headerLine = array(); foreach ($headers as $key=>$value){ $headerLine[] = $key.": ".$value; } curl_setopt($ch, CURLOPT_HTTPHEADER,$headerLine); } if($method=='HEAD') { curl_setopt($ch, CURLOPT_NOBODY, true); } else if($method=='POST') { curl_setopt($ch, CURLOPT_POST, 1); curl_setopt($ch, CURLOPT_POSTFIELDS, $json); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); } else { curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); } curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 5); curl_setopt($ch, CURLOPT_TIMEOUT, 45); curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, 0); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); if($returnHeaders) curl_setopt($ch, CURLOPT_HEADER, true); $response = @curl_exec($ch); if($returnHeaders) list($answer['head'], $answer['body']) = preg_split("#(\r\n\r\n)|(\n\n)|(\r\r)#", $response, 2); else list($answer['head'], $answer['body']) = array(array(),$response); curl_close ($ch); } return $answer; } ?>