Jump to content
--> Place your ad text here <--
Get Free Banners - Giveaway MaxCheaters.com
We're Rebuilding – Join Our Staff Team

TGS vote system - Topgameserver/Hopzone/L2topzone

TGSLineage2

By TGSLineage2
in Server Shares & Files [L2J]

 Share

Recommended Posts

TGSLineage2 Newbie

TGSLineage2

Posted
Posted (edited)

Hello, as I had already mentioned in the discussion section, today I bring you a voting reward system.


OTliF8V.jpg

 

 

NSqWD5s.png

 

** You can download it here**: Download Vote Reward System

 

For those who don't understand how it works, later I upload a video explaining how it works.

 

Edited by TGSLineage2
StinkyMadness Enthusiast

StinkyMadness

Posted
Posted
On 9/19/2019 at 7:51 PM, SweeTs said:

Atm it's NOT a share, just a redirect, which I believe, is against rules. You must include the download link as well.

Agree with that, and also i just cheked your code.. its a lot of messup there and 2 lib files for an single vote system.

  • SweeTs unlocked this topic
Nightw0lf Experienced

Nightw0lf

Posted
Posted (edited)

btw your website has a serious vulnerability 

VuGnsl8k5ZKsPUxniMb1I8XK2TbnILwCtcGUpA9X

somebody can hack into another's account and pretend to be him and act like him (change pass, spend money, anything)

 

also this script gives away all your "secrets" 


  <script type="text/javascript">

    $(document).ready(function(){
     

        function verifyLogin(e){
        $.ajax({
          url:"/verifyLogin/"+$(e.target).val()+"",
          dataType: 'JSON',
          method: 'GET',
          success : function(vl){
            if(vl.message=="ok"){
              $(e.target).siblings("#message-email-log").html("<p style='color:green;'>Found email</p>").hide().fadeIn(800);
              
            }else{
              $(e.target).siblings("#message-email-log").html("<p style='color:red;'>Mail not found</p>").hide().fadeIn(800);
            }
          }
        });
      }

      function verifymailReg(e){
      $.ajax({
        url:"/verifyLogin/"+$(e.target).val()+"",
        dataType: 'JSON',
        method: 'GET',
        success : function(vl){
          if(vl.message=="ok"){
            $(e.target).siblings("#message-email-reg").html("<p style='color:white;'>Email not available</p>").hide().fadeIn(800);
          }else{
            $(e.target).siblings("#message-email-reg").html("<p style='color:#92EC00;'>Email available</p>").hide().fadeIn(800);
          }
        }
      });
    }

    function verifyPassword(e){
      $.ajax({
        url:"/verifyPassword/"+$(e.target).val()+"/"+$(e.target).parents('#form-login-in').find('#email').val()+"",
        dataType: 'JSON',
        method: 'GET',
        success : function(vl){
          console.log(vl.dbpass+"   "+vl.requestpass);
          if(vl.message=="ok"){
            
            $(e.target).siblings("#message-password-log").html("<p style='color:green;'>Correct password</p>").hide().fadeIn(800);
          }else{
            $(e.target).siblings("#message-password-log").html("<p style='color:red;'>Wrong password</p>").hide().fadeIn(800);
          }
        }
      });
    }

      $("#email").blur(function(e){
        if($(e.target).val()!=""){
          verifyLogin(e);
        }
      });

      $("#myform-registrationUser").submit(function(e){
      event.preventDefault();
      var a = $(e.target);
      var url="/customRegister";
      var data = $(this).serializeArray();
      var token = $("#token").val();
      $.ajax({
        url : url,
        data : data,
        dataType : 'JSON',
        method : 'POST',
        headers: {'X-CSRF-TOKEN': token},
      }).done(function(response){
        if(response.errors){
          a.find("#message-name-reg").html(response.errors.name).fadeIn(400);
          a.find("#message-email-reg").html(response.errors.email).fadeIn(400);
          a.find("#message-password-reg").html(response.errors.password).fadeIn(400);
        }
        if(response.message=="ok"){
          window.location.replace("/message-registration");
        }
      });
    });
    $("#form-send-mail").submit(function(e){
      e.preventDefault();
      if($(e.targer).find("#email").val()=="" || $(e.targer).find("#subject").val()=="" || $(e.targer).find("#content").val()==""){
        alert("kha");
      }else{
        $.ajax({
          url: "/ckeckMail",
          method: "GET",
          data: $("#form-send-mail").serializeArray(),
          dataType: 'JSON',
        }).done(function(response){
          if(response.errors){
            console.log(response.errors);
          }else{
            window.location.replace("/sendMail");
          }
        });
      }

    });

      $('[data-toggle="tooltip"]').tooltip();
      var id_banners = [];
      var id_premiums = [];
      $("a").each(function(index){
        if($(this).hasClass("active_banner")){
        id_banners.push($(this).attr("id"));
      }
        if($(this).hasClass("active_premium")){
          id_premiums.push($(this).attr("id"));
        }
      });
            setTimeout(function(){
        $.ajax({
          url: "/updateImpresions",
          method: "POST",
          data: {ids : id_banners, idsp : id_premiums},
          dataType: "JSON",
          success : function(e){
            //console.log("Update impressions");
          },
          error : function(e){
            console.log("An error ocurred:"+e.error);
          }
        });
      },100);

          $(".active_banner").click(function(){ 
        var id = $(this).attr("id");
        $.ajax({
          url: "/updateClick",
          method: "POST",
          data: {id : id},
          dataType: "JSON",
          success : function(e){
            console.log(e.message);
          },
          error : function(e){
            console.log("An error ocurred");
          }
        });
    });
          $(".visit").click(function(){ 
        var id = $(this).attr("id");
        $.ajax({
          url: "/updateVisit",
          method: "POST",
          data: {id : id},
          dataType: "JSON",
          success : function(e){
            console.log(e.message);
          },
          error : function(e){
            console.log("An error ocurred");
          }
        });
    });

         $(".active_premium").click(function(){ 
        var id = $(this).attr("id");
        $.ajax({
          url: "/updatePremiumClick",
          method: "POST",
          data: {id : id},
          dataType: "JSON",
          success : function(e){
            console.log(e.message);
          },
          error : function(e){
            console.log("An error ocurred");
          }
        });
    });

     var elements = $('#sign_modal_overlay, #sign_modal');
      var body = $("body");
      var modal = document.getElementById('sign_modal_overlay');
      document.addEventListener("keydown", function(event) {
        if(event.keyCode === 27){
          elements.removeClass('active');
          body.css({"overflow-y":"visible"});
        }
      });
      window.onclick = function(event){
        if(event.target == modal){
          elements.removeClass('active');
          body.css({"overflow-y":"visible"});
        }
      }
      $('.open-modal-login').click(function(){
          elements.addClass('active');
          body.css({"overflow-y":"hidden"});
      });

      $('.close-modal').click(function(){
          elements.removeClass('active');
          body.css({"overflow-y":"visible"});
      });

      var el = $('#contact_modal_overlay, #contact_modal');
      var modalc = document.getElementById('contact_modal_overlay');
      document.addEventListener("keydown", function(event) {
        if(event.keyCode === 27){
          el.removeClass('active');
          body.css({"overflow-y":"visible"});
        }
      });
      window.onclick = function(event){
        if(event.target == modalc){
          el.removeClass('active');
          body.css({"overflow-y":"visible"});
        }
      }
      $('.open-modal-contact').click(function(){
          el.addClass('active');
          body.css({"overflow-y":"hidden"});
      });

      $('.close-modal-contact').click(function(){
          el.removeClass('active');
          body.css({"overflow-y":"visible"});
      });

      $.ajaxSetup({
        headers: {'X-CSRF-TOKEN': $("meta[name='csrf-token']").attr("content")}
      });

    });


    window.onload = function(){

      (function(d, s, id){
       var js, fjs = d.getElementsByTagName(s)[0];
       if (d.getElementById(id)) {return;}
       js = d.createElement(s); js.id = id;
       js.src = "//connect.facebook.net/en_US/sdk.js";
       fjs.parentNode.insertBefore(js, fjs);
    }(document, 'script', 'facebook-jssdk'));

    window.fbAsyncInit = function() {
      FB.init({
        appId : '1616853315289008',
        xfbml : true,
        version : 'v2.8'
      });
    };

    $('.btn-facebook').click(function() {
    FB.getLoginStatus(function(response) {
      if (response.status === 'connected') {
        console.log('Already Logged In.');
      }
      else {
        FB.login();
      }
    });
    });

    }

</script>

 

Edited by Nightw0lf
TGSLineage2 Newbie

TGSLineage2

Posted
  • Author
Posted (edited)

@Nightw0lfThanks for your warning, but now I would like you to tell me how its that a unique confirmation token per browsing client generated by the framework I use, could affect my site vulnerability ?

Edited by TGSLineage2
wongerlt Collaborator

wongerlt

Posted
Posted
11 hours ago, Nightw0lf said:

btw your website has a serious vulnerability 


VuGnsl8k5ZKsPUxniMb1I8XK2TbnILwCtcGUpA9X

somebody can hack into another's account and pretend to be him and act like him (change pass, spend money, anything)

 

also this script gives away all your "secrets" 



  <script type="text/javascript">

    $(document).ready(function(){
     

        function verifyLogin(e){
        $.ajax({
          url:"/verifyLogin/"+$(e.target).val()+"",
          dataType: 'JSON',
          method: 'GET',
          success : function(vl){
            if(vl.message=="ok"){
              $(e.target).siblings("#message-email-log").html("<p style='color:green;'>Found email</p>").hide().fadeIn(800);
              
            }else{
              $(e.target).siblings("#message-email-log").html("<p style='color:red;'>Mail not found</p>").hide().fadeIn(800);
            }
          }
        });
      }

      function verifymailReg(e){
      $.ajax({
        url:"/verifyLogin/"+$(e.target).val()+"",
        dataType: 'JSON',
        method: 'GET',
        success : function(vl){
          if(vl.message=="ok"){
            $(e.target).siblings("#message-email-reg").html("<p style='color:white;'>Email not available</p>").hide().fadeIn(800);
          }else{
            $(e.target).siblings("#message-email-reg").html("<p style='color:#92EC00;'>Email available</p>").hide().fadeIn(800);
          }
        }
      });
    }

    function verifyPassword(e){
      $.ajax({
        url:"/verifyPassword/"+$(e.target).val()+"/"+$(e.target).parents('#form-login-in').find('#email').val()+"",
        dataType: 'JSON',
        method: 'GET',
        success : function(vl){
          console.log(vl.dbpass+"   "+vl.requestpass);
          if(vl.message=="ok"){
            
            $(e.target).siblings("#message-password-log").html("<p style='color:green;'>Correct password</p>").hide().fadeIn(800);
          }else{
            $(e.target).siblings("#message-password-log").html("<p style='color:red;'>Wrong password</p>").hide().fadeIn(800);
          }
        }
      });
    }

      $("#email").blur(function(e){
        if($(e.target).val()!=""){
          verifyLogin(e);
        }
      });

      $("#myform-registrationUser").submit(function(e){
      event.preventDefault();
      var a = $(e.target);
      var url="/customRegister";
      var data = $(this).serializeArray();
      var token = $("#token").val();
      $.ajax({
        url : url,
        data : data,
        dataType : 'JSON',
        method : 'POST',
        headers: {'X-CSRF-TOKEN': token},
      }).done(function(response){
        if(response.errors){
          a.find("#message-name-reg").html(response.errors.name).fadeIn(400);
          a.find("#message-email-reg").html(response.errors.email).fadeIn(400);
          a.find("#message-password-reg").html(response.errors.password).fadeIn(400);
        }
        if(response.message=="ok"){
          window.location.replace("/message-registration");
        }
      });
    });
    $("#form-send-mail").submit(function(e){
      e.preventDefault();
      if($(e.targer).find("#email").val()=="" || $(e.targer).find("#subject").val()=="" || $(e.targer).find("#content").val()==""){
        alert("kha");
      }else{
        $.ajax({
          url: "/ckeckMail",
          method: "GET",
          data: $("#form-send-mail").serializeArray(),
          dataType: 'JSON',
        }).done(function(response){
          if(response.errors){
            console.log(response.errors);
          }else{
            window.location.replace("/sendMail");
          }
        });
      }

    });

      $('[data-toggle="tooltip"]').tooltip();
      var id_banners = [];
      var id_premiums = [];
      $("a").each(function(index){
        if($(this).hasClass("active_banner")){
        id_banners.push($(this).attr("id"));
      }
        if($(this).hasClass("active_premium")){
          id_premiums.push($(this).attr("id"));
        }
      });
            setTimeout(function(){
        $.ajax({
          url: "/updateImpresions",
          method: "POST",
          data: {ids : id_banners, idsp : id_premiums},
          dataType: "JSON",
          success : function(e){
            //console.log("Update impressions");
          },
          error : function(e){
            console.log("An error ocurred:"+e.error);
          }
        });
      },100);

          $(".active_banner").click(function(){ 
        var id = $(this).attr("id");
        $.ajax({
          url: "/updateClick",
          method: "POST",
          data: {id : id},
          dataType: "JSON",
          success : function(e){
            console.log(e.message);
          },
          error : function(e){
            console.log("An error ocurred");
          }
        });
    });
          $(".visit").click(function(){ 
        var id = $(this).attr("id");
        $.ajax({
          url: "/updateVisit",
          method: "POST",
          data: {id : id},
          dataType: "JSON",
          success : function(e){
            console.log(e.message);
          },
          error : function(e){
            console.log("An error ocurred");
          }
        });
    });

         $(".active_premium").click(function(){ 
        var id = $(this).attr("id");
        $.ajax({
          url: "/updatePremiumClick",
          method: "POST",
          data: {id : id},
          dataType: "JSON",
          success : function(e){
            console.log(e.message);
          },
          error : function(e){
            console.log("An error ocurred");
          }
        });
    });

     var elements = $('#sign_modal_overlay, #sign_modal');
      var body = $("body");
      var modal = document.getElementById('sign_modal_overlay');
      document.addEventListener("keydown", function(event) {
        if(event.keyCode === 27){
          elements.removeClass('active');
          body.css({"overflow-y":"visible"});
        }
      });
      window.onclick = function(event){
        if(event.target == modal){
          elements.removeClass('active');
          body.css({"overflow-y":"visible"});
        }
      }
      $('.open-modal-login').click(function(){
          elements.addClass('active');
          body.css({"overflow-y":"hidden"});
      });

      $('.close-modal').click(function(){
          elements.removeClass('active');
          body.css({"overflow-y":"visible"});
      });

      var el = $('#contact_modal_overlay, #contact_modal');
      var modalc = document.getElementById('contact_modal_overlay');
      document.addEventListener("keydown", function(event) {
        if(event.keyCode === 27){
          el.removeClass('active');
          body.css({"overflow-y":"visible"});
        }
      });
      window.onclick = function(event){
        if(event.target == modalc){
          el.removeClass('active');
          body.css({"overflow-y":"visible"});
        }
      }
      $('.open-modal-contact').click(function(){
          el.addClass('active');
          body.css({"overflow-y":"hidden"});
      });

      $('.close-modal-contact').click(function(){
          el.removeClass('active');
          body.css({"overflow-y":"visible"});
      });

      $.ajaxSetup({
        headers: {'X-CSRF-TOKEN': $("meta[name='csrf-token']").attr("content")}
      });

    });


    window.onload = function(){

      (function(d, s, id){
       var js, fjs = d.getElementsByTagName(s)[0];
       if (d.getElementById(id)) {return;}
       js = d.createElement(s); js.id = id;
       js.src = "//connect.facebook.net/en_US/sdk.js";
       fjs.parentNode.insertBefore(js, fjs);
    }(document, 'script', 'facebook-jssdk'));

    window.fbAsyncInit = function() {
      FB.init({
        appId : '1616853315289008',
        xfbml : true,
        version : 'v2.8'
      });
    };

    $('.btn-facebook').click(function() {
    FB.getLoginStatus(function(response) {
      if (response.status === 'connected') {
        console.log('Already Logged In.');
      }
      else {
        FB.login();
      }
    });
    });

    }

</script>

 

hooooooooow? :gusta:

Nightw0lf Experienced

Nightw0lf

Posted
Posted
17 hours ago, TGSLineage2 said:

@Nightw0lfThanks for your warning, but now I would like you to tell me how its that a unique confirmation token per browsing client generated by the framework I use, could affect my site vulnerability ?

all of your forms can be faked it does not change and its used for all of your forms lol

  • 2 weeks later...
TGSLineage2 Newbie

TGSLineage2

Posted
  • Author
Posted (edited)
On 12/10/2019 at 11:57, Pigasos-Dev said:

Update for l2top.co

You can do it Yourself, add a constant in you enum class, add some conditinals in your class controller  following the line of the other sites, add attributes in your model class, edit your DAO class , edit your table voters.

Edited by TGSLineage2
  • 2 weeks later...
  • 1 month later...
Smith Newbie

Smith

Posted
Posted

I have tested today!

It doesn't work, the jars are old, for Acis ante 362, it doesn't work because they constantly change the location files and their renames.
And the tgs.jar file has references that do not exist in current Acis or in old ones.
That is to work and only in version 362.
That's a pity

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing


  • Posts

    • SocNet
      ⭐SOCNET BOOST⭐ is a new solution among all SMM panels

      By SocNet · Posted

      ➡ Discount for your purchase: APRIL (10% discount) ➡ Our Online Shop: https://socnet.store  ➡ Our SMM-Boosting Panel: https://socnet.pro  ➡ Telegram Shop Bot: https://socnet.shop  ➡ Telegram Support: https://t.me/solomon_bog  ➡ Telegram Channel: https://t.me/accsforyou_shop  ➡ Discord Support: @AllSocialNetworksShop  ➡ Discord Server: https://discord.gg/y9AStFFsrh  ➡ WhatsApp Support: https://wa.me/79051904467 ➡ WhatsApp Channel: https://whatsapp.com/channel/0029Vau0CMX002TGkD4uHa2n  ➡ Email Support: solomonbog@socnet.store 
    • SocNet
      SOCNET | The Social Media acocunts at low prices!

      By SocNet · Posted

      ➡ Discount for your purchase: APRIL (10% discount) ➡ Our Online Shop: https://socnet.store  ➡ Our SMM-Boosting Panel: https://socnet.pro  ➡ Telegram Shop Bot: https://socnet.shop  ➡ Telegram Support: https://t.me/solomon_bog  ➡ Telegram Channel: https://t.me/accsforyou_shop  ➡ Discord Support: @AllSocialNetworksShop  ➡ Discord Server: https://discord.gg/y9AStFFsrh  ➡ WhatsApp Support: https://wa.me/79051904467 ➡ WhatsApp Channel: https://whatsapp.com/channel/0029Vau0CMX002TGkD4uHa2n  ➡ Email Support: solomonbog@socnet.store 
    • zambog420
      Junior developer, looking to intern on a non-profit project.

      By zambog420 · Posted

      Okay, I understand. First, to get started by contributing to open projects and learning along the way. Then, when you mention starting my own project privately, do you mean taking a free datapack like L2jMobius and trying to make it functional for an online server? Great, thank you very much — all this information is really helpful. I’ve been reaching out to several server admins here in Argentina, but it seems like none of them have the time or interest to take on an intern or assistant. xd   P.S.: Are you the creator of Hopzone? Brings back memories of when I was a kid, downloading servers at the cyber café. For two dollars, I could spend the whole day playing and eating candy like crazy.   Another question: between L2jMobius, L2jServer, and aCis, which one has ALL of its code free? As you probably noticed, I'm using ChatGPT to help me translate things, lol, and it suggested the following: Project Status Open Source Accepts Juniors? Difficulty L2JMobius Very active Semi-closed Partially (with patches) Medium-High L2JServer Active Fully open Yes (directly on GitHub) Medium aCis Semi-active Unofficial Not very clear Low
    • Celestine
      SphereWeb CMS

      By Celestine · Posted

      @Logan22 Are you logan from mmo-dev forum?
    • vNShh
      VIDEO EDITING SERVICES, GRAPHICS FOR YOUR PROJECT

      By vNShh · Posted

      up

  • Topics

×
×
  • Create New...