Jump to content
MaxCheaters Official Group on Discord
iPerfeсt development of all interfaces

TGS vote system - Topgameserver/Hopzone/L2topzone

TGSLineage2

By TGSLineage2
in Server Shares & Files [L2J]

 Share

Recommended Posts

TGSLineage2 Newbie

TGSLineage2

Posted
Posted (edited)

Hello, as I had already mentioned in the discussion section, today I bring you a voting reward system.


OTliF8V.jpg

 

 

NSqWD5s.png

 

** You can download it here**: Download Vote Reward System

 

For those who don't understand how it works, later I upload a video explaining how it works.

 

Edited by TGSLineage2
SweeTs Rookie

SweeTs

Posted
Posted

Atm it's NOT a share, just a redirect, which I believe, is against rules. You must include the download link as well.

S-T-I-N-K-Y Enthusiast

S-T-I-N-K-Y

Posted
Posted
On 9/19/2019 at 7:51 PM, SweeTs said:

Atm it's NOT a share, just a redirect, which I believe, is against rules. You must include the download link as well.

Agree with that, and also i just cheked your code.. its a lot of messup there and 2 lib files for an single vote system.

  • SweeTs unlocked this topic
Nightw0lf Mentor

Nightw0lf

Posted
Posted (edited)

btw your website has a serious vulnerability 

VuGnsl8k5ZKsPUxniMb1I8XK2TbnILwCtcGUpA9X

somebody can hack into another's account and pretend to be him and act like him (change pass, spend money, anything)

 

also this script gives away all your "secrets" 


  <script type="text/javascript">

    $(document).ready(function(){
     

        function verifyLogin(e){
        $.ajax({
          url:"/verifyLogin/"+$(e.target).val()+"",
          dataType: 'JSON',
          method: 'GET',
          success : function(vl){
            if(vl.message=="ok"){
              $(e.target).siblings("#message-email-log").html("<p style='color:green;'>Found email</p>").hide().fadeIn(800);
              
            }else{
              $(e.target).siblings("#message-email-log").html("<p style='color:red;'>Mail not found</p>").hide().fadeIn(800);
            }
          }
        });
      }

      function verifymailReg(e){
      $.ajax({
        url:"/verifyLogin/"+$(e.target).val()+"",
        dataType: 'JSON',
        method: 'GET',
        success : function(vl){
          if(vl.message=="ok"){
            $(e.target).siblings("#message-email-reg").html("<p style='color:white;'>Email not available</p>").hide().fadeIn(800);
          }else{
            $(e.target).siblings("#message-email-reg").html("<p style='color:#92EC00;'>Email available</p>").hide().fadeIn(800);
          }
        }
      });
    }

    function verifyPassword(e){
      $.ajax({
        url:"/verifyPassword/"+$(e.target).val()+"/"+$(e.target).parents('#form-login-in').find('#email').val()+"",
        dataType: 'JSON',
        method: 'GET',
        success : function(vl){
          console.log(vl.dbpass+"   "+vl.requestpass);
          if(vl.message=="ok"){
            
            $(e.target).siblings("#message-password-log").html("<p style='color:green;'>Correct password</p>").hide().fadeIn(800);
          }else{
            $(e.target).siblings("#message-password-log").html("<p style='color:red;'>Wrong password</p>").hide().fadeIn(800);
          }
        }
      });
    }

      $("#email").blur(function(e){
        if($(e.target).val()!=""){
          verifyLogin(e);
        }
      });

      $("#myform-registrationUser").submit(function(e){
      event.preventDefault();
      var a = $(e.target);
      var url="/customRegister";
      var data = $(this).serializeArray();
      var token = $("#token").val();
      $.ajax({
        url : url,
        data : data,
        dataType : 'JSON',
        method : 'POST',
        headers: {'X-CSRF-TOKEN': token},
      }).done(function(response){
        if(response.errors){
          a.find("#message-name-reg").html(response.errors.name).fadeIn(400);
          a.find("#message-email-reg").html(response.errors.email).fadeIn(400);
          a.find("#message-password-reg").html(response.errors.password).fadeIn(400);
        }
        if(response.message=="ok"){
          window.location.replace("/message-registration");
        }
      });
    });
    $("#form-send-mail").submit(function(e){
      e.preventDefault();
      if($(e.targer).find("#email").val()=="" || $(e.targer).find("#subject").val()=="" || $(e.targer).find("#content").val()==""){
        alert("kha");
      }else{
        $.ajax({
          url: "/ckeckMail",
          method: "GET",
          data: $("#form-send-mail").serializeArray(),
          dataType: 'JSON',
        }).done(function(response){
          if(response.errors){
            console.log(response.errors);
          }else{
            window.location.replace("/sendMail");
          }
        });
      }

    });

      $('[data-toggle="tooltip"]').tooltip();
      var id_banners = [];
      var id_premiums = [];
      $("a").each(function(index){
        if($(this).hasClass("active_banner")){
        id_banners.push($(this).attr("id"));
      }
        if($(this).hasClass("active_premium")){
          id_premiums.push($(this).attr("id"));
        }
      });
            setTimeout(function(){
        $.ajax({
          url: "/updateImpresions",
          method: "POST",
          data: {ids : id_banners, idsp : id_premiums},
          dataType: "JSON",
          success : function(e){
            //console.log("Update impressions");
          },
          error : function(e){
            console.log("An error ocurred:"+e.error);
          }
        });
      },100);

          $(".active_banner").click(function(){ 
        var id = $(this).attr("id");
        $.ajax({
          url: "/updateClick",
          method: "POST",
          data: {id : id},
          dataType: "JSON",
          success : function(e){
            console.log(e.message);
          },
          error : function(e){
            console.log("An error ocurred");
          }
        });
    });
          $(".visit").click(function(){ 
        var id = $(this).attr("id");
        $.ajax({
          url: "/updateVisit",
          method: "POST",
          data: {id : id},
          dataType: "JSON",
          success : function(e){
            console.log(e.message);
          },
          error : function(e){
            console.log("An error ocurred");
          }
        });
    });

         $(".active_premium").click(function(){ 
        var id = $(this).attr("id");
        $.ajax({
          url: "/updatePremiumClick",
          method: "POST",
          data: {id : id},
          dataType: "JSON",
          success : function(e){
            console.log(e.message);
          },
          error : function(e){
            console.log("An error ocurred");
          }
        });
    });

     var elements = $('#sign_modal_overlay, #sign_modal');
      var body = $("body");
      var modal = document.getElementById('sign_modal_overlay');
      document.addEventListener("keydown", function(event) {
        if(event.keyCode === 27){
          elements.removeClass('active');
          body.css({"overflow-y":"visible"});
        }
      });
      window.onclick = function(event){
        if(event.target == modal){
          elements.removeClass('active');
          body.css({"overflow-y":"visible"});
        }
      }
      $('.open-modal-login').click(function(){
          elements.addClass('active');
          body.css({"overflow-y":"hidden"});
      });

      $('.close-modal').click(function(){
          elements.removeClass('active');
          body.css({"overflow-y":"visible"});
      });

      var el = $('#contact_modal_overlay, #contact_modal');
      var modalc = document.getElementById('contact_modal_overlay');
      document.addEventListener("keydown", function(event) {
        if(event.keyCode === 27){
          el.removeClass('active');
          body.css({"overflow-y":"visible"});
        }
      });
      window.onclick = function(event){
        if(event.target == modalc){
          el.removeClass('active');
          body.css({"overflow-y":"visible"});
        }
      }
      $('.open-modal-contact').click(function(){
          el.addClass('active');
          body.css({"overflow-y":"hidden"});
      });

      $('.close-modal-contact').click(function(){
          el.removeClass('active');
          body.css({"overflow-y":"visible"});
      });

      $.ajaxSetup({
        headers: {'X-CSRF-TOKEN': $("meta[name='csrf-token']").attr("content")}
      });

    });


    window.onload = function(){

      (function(d, s, id){
       var js, fjs = d.getElementsByTagName(s)[0];
       if (d.getElementById(id)) {return;}
       js = d.createElement(s); js.id = id;
       js.src = "//connect.facebook.net/en_US/sdk.js";
       fjs.parentNode.insertBefore(js, fjs);
    }(document, 'script', 'facebook-jssdk'));

    window.fbAsyncInit = function() {
      FB.init({
        appId : '1616853315289008',
        xfbml : true,
        version : 'v2.8'
      });
    };

    $('.btn-facebook').click(function() {
    FB.getLoginStatus(function(response) {
      if (response.status === 'connected') {
        console.log('Already Logged In.');
      }
      else {
        FB.login();
      }
    });
    });

    }

</script>

 

Edited by Nightw0lf
TGSLineage2 Newbie

TGSLineage2

Posted
  • Author
Posted (edited)

@Nightw0lfThanks for your warning, but now I would like you to tell me how its that a unique confirmation token per browsing client generated by the framework I use, could affect my site vulnerability ?

Edited by TGSLineage2
wongerlt Community Regular

wongerlt

Posted
Posted
11 hours ago, Nightw0lf said:

btw your website has a serious vulnerability 


VuGnsl8k5ZKsPUxniMb1I8XK2TbnILwCtcGUpA9X

somebody can hack into another's account and pretend to be him and act like him (change pass, spend money, anything)

 

also this script gives away all your "secrets" 



  <script type="text/javascript">

    $(document).ready(function(){
     

        function verifyLogin(e){
        $.ajax({
          url:"/verifyLogin/"+$(e.target).val()+"",
          dataType: 'JSON',
          method: 'GET',
          success : function(vl){
            if(vl.message=="ok"){
              $(e.target).siblings("#message-email-log").html("<p style='color:green;'>Found email</p>").hide().fadeIn(800);
              
            }else{
              $(e.target).siblings("#message-email-log").html("<p style='color:red;'>Mail not found</p>").hide().fadeIn(800);
            }
          }
        });
      }

      function verifymailReg(e){
      $.ajax({
        url:"/verifyLogin/"+$(e.target).val()+"",
        dataType: 'JSON',
        method: 'GET',
        success : function(vl){
          if(vl.message=="ok"){
            $(e.target).siblings("#message-email-reg").html("<p style='color:white;'>Email not available</p>").hide().fadeIn(800);
          }else{
            $(e.target).siblings("#message-email-reg").html("<p style='color:#92EC00;'>Email available</p>").hide().fadeIn(800);
          }
        }
      });
    }

    function verifyPassword(e){
      $.ajax({
        url:"/verifyPassword/"+$(e.target).val()+"/"+$(e.target).parents('#form-login-in').find('#email').val()+"",
        dataType: 'JSON',
        method: 'GET',
        success : function(vl){
          console.log(vl.dbpass+"   "+vl.requestpass);
          if(vl.message=="ok"){
            
            $(e.target).siblings("#message-password-log").html("<p style='color:green;'>Correct password</p>").hide().fadeIn(800);
          }else{
            $(e.target).siblings("#message-password-log").html("<p style='color:red;'>Wrong password</p>").hide().fadeIn(800);
          }
        }
      });
    }

      $("#email").blur(function(e){
        if($(e.target).val()!=""){
          verifyLogin(e);
        }
      });

      $("#myform-registrationUser").submit(function(e){
      event.preventDefault();
      var a = $(e.target);
      var url="/customRegister";
      var data = $(this).serializeArray();
      var token = $("#token").val();
      $.ajax({
        url : url,
        data : data,
        dataType : 'JSON',
        method : 'POST',
        headers: {'X-CSRF-TOKEN': token},
      }).done(function(response){
        if(response.errors){
          a.find("#message-name-reg").html(response.errors.name).fadeIn(400);
          a.find("#message-email-reg").html(response.errors.email).fadeIn(400);
          a.find("#message-password-reg").html(response.errors.password).fadeIn(400);
        }
        if(response.message=="ok"){
          window.location.replace("/message-registration");
        }
      });
    });
    $("#form-send-mail").submit(function(e){
      e.preventDefault();
      if($(e.targer).find("#email").val()=="" || $(e.targer).find("#subject").val()=="" || $(e.targer).find("#content").val()==""){
        alert("kha");
      }else{
        $.ajax({
          url: "/ckeckMail",
          method: "GET",
          data: $("#form-send-mail").serializeArray(),
          dataType: 'JSON',
        }).done(function(response){
          if(response.errors){
            console.log(response.errors);
          }else{
            window.location.replace("/sendMail");
          }
        });
      }

    });

      $('[data-toggle="tooltip"]').tooltip();
      var id_banners = [];
      var id_premiums = [];
      $("a").each(function(index){
        if($(this).hasClass("active_banner")){
        id_banners.push($(this).attr("id"));
      }
        if($(this).hasClass("active_premium")){
          id_premiums.push($(this).attr("id"));
        }
      });
            setTimeout(function(){
        $.ajax({
          url: "/updateImpresions",
          method: "POST",
          data: {ids : id_banners, idsp : id_premiums},
          dataType: "JSON",
          success : function(e){
            //console.log("Update impressions");
          },
          error : function(e){
            console.log("An error ocurred:"+e.error);
          }
        });
      },100);

          $(".active_banner").click(function(){ 
        var id = $(this).attr("id");
        $.ajax({
          url: "/updateClick",
          method: "POST",
          data: {id : id},
          dataType: "JSON",
          success : function(e){
            console.log(e.message);
          },
          error : function(e){
            console.log("An error ocurred");
          }
        });
    });
          $(".visit").click(function(){ 
        var id = $(this).attr("id");
        $.ajax({
          url: "/updateVisit",
          method: "POST",
          data: {id : id},
          dataType: "JSON",
          success : function(e){
            console.log(e.message);
          },
          error : function(e){
            console.log("An error ocurred");
          }
        });
    });

         $(".active_premium").click(function(){ 
        var id = $(this).attr("id");
        $.ajax({
          url: "/updatePremiumClick",
          method: "POST",
          data: {id : id},
          dataType: "JSON",
          success : function(e){
            console.log(e.message);
          },
          error : function(e){
            console.log("An error ocurred");
          }
        });
    });

     var elements = $('#sign_modal_overlay, #sign_modal');
      var body = $("body");
      var modal = document.getElementById('sign_modal_overlay');
      document.addEventListener("keydown", function(event) {
        if(event.keyCode === 27){
          elements.removeClass('active');
          body.css({"overflow-y":"visible"});
        }
      });
      window.onclick = function(event){
        if(event.target == modal){
          elements.removeClass('active');
          body.css({"overflow-y":"visible"});
        }
      }
      $('.open-modal-login').click(function(){
          elements.addClass('active');
          body.css({"overflow-y":"hidden"});
      });

      $('.close-modal').click(function(){
          elements.removeClass('active');
          body.css({"overflow-y":"visible"});
      });

      var el = $('#contact_modal_overlay, #contact_modal');
      var modalc = document.getElementById('contact_modal_overlay');
      document.addEventListener("keydown", function(event) {
        if(event.keyCode === 27){
          el.removeClass('active');
          body.css({"overflow-y":"visible"});
        }
      });
      window.onclick = function(event){
        if(event.target == modalc){
          el.removeClass('active');
          body.css({"overflow-y":"visible"});
        }
      }
      $('.open-modal-contact').click(function(){
          el.addClass('active');
          body.css({"overflow-y":"hidden"});
      });

      $('.close-modal-contact').click(function(){
          el.removeClass('active');
          body.css({"overflow-y":"visible"});
      });

      $.ajaxSetup({
        headers: {'X-CSRF-TOKEN': $("meta[name='csrf-token']").attr("content")}
      });

    });


    window.onload = function(){

      (function(d, s, id){
       var js, fjs = d.getElementsByTagName(s)[0];
       if (d.getElementById(id)) {return;}
       js = d.createElement(s); js.id = id;
       js.src = "//connect.facebook.net/en_US/sdk.js";
       fjs.parentNode.insertBefore(js, fjs);
    }(document, 'script', 'facebook-jssdk'));

    window.fbAsyncInit = function() {
      FB.init({
        appId : '1616853315289008',
        xfbml : true,
        version : 'v2.8'
      });
    };

    $('.btn-facebook').click(function() {
    FB.getLoginStatus(function(response) {
      if (response.status === 'connected') {
        console.log('Already Logged In.');
      }
      else {
        FB.login();
      }
    });
    });

    }

</script>

 

hooooooooow? :gusta:

Nightw0lf Mentor

Nightw0lf

Posted
Posted
17 hours ago, TGSLineage2 said:

@Nightw0lfThanks for your warning, but now I would like you to tell me how its that a unique confirmation token per browsing client generated by the framework I use, could affect my site vulnerability ?

all of your forms can be faked it does not change and its used for all of your forms lol

  • 2 weeks later...
TGSLineage2 Newbie

TGSLineage2

Posted
  • Author
Posted (edited)
On 12/10/2019 at 11:57, Pigasos-Dev said:

Update for l2top.co

You can do it Yourself, add a constant in you enum class, add some conditinals in your class controller  following the line of the other sites, add attributes in your model class, edit your DAO class , edit your table voters.

Edited by TGSLineage2
  • 2 weeks later...
  • 1 month later...
Smith Newbie

Smith

Posted
Posted

I have tested today!

It doesn't work, the jars are old, for Acis ante 362, it doesn't work because they constantly change the location files and their renames.
And the tgs.jar file has references that do not exist in current Acis or in old ones.
That is to work and only in version 362.
That's a pity

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing


  • Posts

    • zambog420
      I haven't even opened a single server yet, and I'm already o

      By zambog420 · Posted

      For the first time in thousands of posts I've read on this forum, I’ve actually found a message that is enriching on both a personal and professional level. I’ll take your advice to heart: I’m going to start creating more and stop overthinking things that get me nowhere. I totally agree about the toxic community; it's a shame. Time to keep working. Thanks a lot for your input.   Exactly, that’s why the Scryde method and their merge system work so well. People don't lose their progress and can still keep rushing new servers. Obviously, gameplay has mutated into something much faster-paced, but obviously, this happens in real life too, everyone is more accelerated and on edge. Thanks to social media and mental conditioning. But, well, it’s something we have to accept. Don't even get me started on gambling and online casinos; that’s a whole other topic regarding all the P2W servers.   Really, amen bro.
    • Databay
      █ 7,000,000+ RESIDENTIAL PROXIES ✅ FROM 0.65$ / GB █

      By Databay · Posted

      This is a bump: https://databay.com/
    • UnknownSoldier
      I haven't even opened a single server yet, and I'm already o

      By UnknownSoldier · Posted

      Hello, the server lifespan isn't something that only affects Argentina; just look at the South American and European communities. Those distant days you mentioned, when we were younger, which I completely agree with, are long gone. Today, the community plays RUSH for 30 or 60 days and seeks the adrenaline rush of starting over. As for free or paid packs, there are many options, but in all of them, you'll have to create your own unique style.  
    • Splicho
      NimeraCP: A Modern Web Control Panel for L2java

      By Splicho · Posted

      Introducing: NimeraCP V2! What's New: Realtime Tickets (Receive + Send messages without refreshing page, instant delivery to player) Powered by WebSockets Realtime Rankings/Stats (Receive instant updates without refreshing page) Powered by WebSockets - PvP/Boss Rankings/Clan Rankings etc... oAuth Login + Register (VK, Discord, Google) Two Factor Authentication (Authenticator App) Passkey coming soon! Theme Editor New Arcade Game: Rock Paper Scissors Let players gamble wagering their topped up wallet balance! Discord Webhooks: Receive messages to discord via Bot or Webhook for certain events New Player registration New Payment received New Ticket Opened and more Complete UI Overhaul NimeracCP V2 is now fully multilangual supporting the following languages: English Ελληνικά Português / Brasileiro Español Русский Українська 한국어 Onboarding: Easy installation wizard via /onboarding on first use of the panel for easy installation. Feature Flags: You have full control over the UI. Disable/Enable pages + features via Admin CP CloudFlare R2 Bucket integration: The panel comes with Bucket storage integration for all kinds of assets uploaded to the panel.   A new website shop at https://nimeracp.com/ is also coming soon, including full installation docs.  You can join the discord for further updates/questions: https://discord.nimeracp.com/
    • Banshee Garnet
      L2OFF Services

      By Banshee Garnet · Posted

      thanks for choosing me ! 

  • Topics

×
×
  • Create New...

Important Information

This community uses essential cookies to function properly. Non-essential cookies and third-party services are used only with your consent. Read our Privacy Policy and We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue..

AdBlock Extension Detected!

Our website is made possible by displaying online advertisements to our members.

Please disable AdBlock browser extension first, to be able to use our community.

I've Disabled AdBlock