Jump to content
MaxCheaters Official Group on Discord
-> Place your ad text here <-
LINEAGE2.GOLD INTERLUDE SERVER ON ESSENCE CLIENT

TGS vote system - Topgameserver/Hopzone/L2topzone

TGSLineage2

By TGSLineage2
in Server Shares & Files [L2J]

 Share

Recommended Posts

TGSLineage2 Newbie

TGSLineage2

Posted
Posted (edited)

Hello, as I had already mentioned in the discussion section, today I bring you a voting reward system.


OTliF8V.jpg

 

 

NSqWD5s.png

 

** You can download it here**: Download Vote Reward System

 

For those who don't understand how it works, later I upload a video explaining how it works.

 

Edited by TGSLineage2
SweeTs Rookie

SweeTs

Posted
Posted

Atm it's NOT a share, just a redirect, which I believe, is against rules. You must include the download link as well.

S-T-I-N-K-Y Enthusiast

S-T-I-N-K-Y

Posted
Posted
On 9/19/2019 at 7:51 PM, SweeTs said:

Atm it's NOT a share, just a redirect, which I believe, is against rules. You must include the download link as well.

Agree with that, and also i just cheked your code.. its a lot of messup there and 2 lib files for an single vote system.

  • SweeTs unlocked this topic
Nightw0lf Mentor

Nightw0lf

Posted
Posted (edited)

btw your website has a serious vulnerability 

VuGnsl8k5ZKsPUxniMb1I8XK2TbnILwCtcGUpA9X

somebody can hack into another's account and pretend to be him and act like him (change pass, spend money, anything)

 

also this script gives away all your "secrets" 


  <script type="text/javascript">

    $(document).ready(function(){
     

        function verifyLogin(e){
        $.ajax({
          url:"/verifyLogin/"+$(e.target).val()+"",
          dataType: 'JSON',
          method: 'GET',
          success : function(vl){
            if(vl.message=="ok"){
              $(e.target).siblings("#message-email-log").html("<p style='color:green;'>Found email</p>").hide().fadeIn(800);
              
            }else{
              $(e.target).siblings("#message-email-log").html("<p style='color:red;'>Mail not found</p>").hide().fadeIn(800);
            }
          }
        });
      }

      function verifymailReg(e){
      $.ajax({
        url:"/verifyLogin/"+$(e.target).val()+"",
        dataType: 'JSON',
        method: 'GET',
        success : function(vl){
          if(vl.message=="ok"){
            $(e.target).siblings("#message-email-reg").html("<p style='color:white;'>Email not available</p>").hide().fadeIn(800);
          }else{
            $(e.target).siblings("#message-email-reg").html("<p style='color:#92EC00;'>Email available</p>").hide().fadeIn(800);
          }
        }
      });
    }

    function verifyPassword(e){
      $.ajax({
        url:"/verifyPassword/"+$(e.target).val()+"/"+$(e.target).parents('#form-login-in').find('#email').val()+"",
        dataType: 'JSON',
        method: 'GET',
        success : function(vl){
          console.log(vl.dbpass+"   "+vl.requestpass);
          if(vl.message=="ok"){
            
            $(e.target).siblings("#message-password-log").html("<p style='color:green;'>Correct password</p>").hide().fadeIn(800);
          }else{
            $(e.target).siblings("#message-password-log").html("<p style='color:red;'>Wrong password</p>").hide().fadeIn(800);
          }
        }
      });
    }

      $("#email").blur(function(e){
        if($(e.target).val()!=""){
          verifyLogin(e);
        }
      });

      $("#myform-registrationUser").submit(function(e){
      event.preventDefault();
      var a = $(e.target);
      var url="/customRegister";
      var data = $(this).serializeArray();
      var token = $("#token").val();
      $.ajax({
        url : url,
        data : data,
        dataType : 'JSON',
        method : 'POST',
        headers: {'X-CSRF-TOKEN': token},
      }).done(function(response){
        if(response.errors){
          a.find("#message-name-reg").html(response.errors.name).fadeIn(400);
          a.find("#message-email-reg").html(response.errors.email).fadeIn(400);
          a.find("#message-password-reg").html(response.errors.password).fadeIn(400);
        }
        if(response.message=="ok"){
          window.location.replace("/message-registration");
        }
      });
    });
    $("#form-send-mail").submit(function(e){
      e.preventDefault();
      if($(e.targer).find("#email").val()=="" || $(e.targer).find("#subject").val()=="" || $(e.targer).find("#content").val()==""){
        alert("kha");
      }else{
        $.ajax({
          url: "/ckeckMail",
          method: "GET",
          data: $("#form-send-mail").serializeArray(),
          dataType: 'JSON',
        }).done(function(response){
          if(response.errors){
            console.log(response.errors);
          }else{
            window.location.replace("/sendMail");
          }
        });
      }

    });

      $('[data-toggle="tooltip"]').tooltip();
      var id_banners = [];
      var id_premiums = [];
      $("a").each(function(index){
        if($(this).hasClass("active_banner")){
        id_banners.push($(this).attr("id"));
      }
        if($(this).hasClass("active_premium")){
          id_premiums.push($(this).attr("id"));
        }
      });
            setTimeout(function(){
        $.ajax({
          url: "/updateImpresions",
          method: "POST",
          data: {ids : id_banners, idsp : id_premiums},
          dataType: "JSON",
          success : function(e){
            //console.log("Update impressions");
          },
          error : function(e){
            console.log("An error ocurred:"+e.error);
          }
        });
      },100);

          $(".active_banner").click(function(){ 
        var id = $(this).attr("id");
        $.ajax({
          url: "/updateClick",
          method: "POST",
          data: {id : id},
          dataType: "JSON",
          success : function(e){
            console.log(e.message);
          },
          error : function(e){
            console.log("An error ocurred");
          }
        });
    });
          $(".visit").click(function(){ 
        var id = $(this).attr("id");
        $.ajax({
          url: "/updateVisit",
          method: "POST",
          data: {id : id},
          dataType: "JSON",
          success : function(e){
            console.log(e.message);
          },
          error : function(e){
            console.log("An error ocurred");
          }
        });
    });

         $(".active_premium").click(function(){ 
        var id = $(this).attr("id");
        $.ajax({
          url: "/updatePremiumClick",
          method: "POST",
          data: {id : id},
          dataType: "JSON",
          success : function(e){
            console.log(e.message);
          },
          error : function(e){
            console.log("An error ocurred");
          }
        });
    });

     var elements = $('#sign_modal_overlay, #sign_modal');
      var body = $("body");
      var modal = document.getElementById('sign_modal_overlay');
      document.addEventListener("keydown", function(event) {
        if(event.keyCode === 27){
          elements.removeClass('active');
          body.css({"overflow-y":"visible"});
        }
      });
      window.onclick = function(event){
        if(event.target == modal){
          elements.removeClass('active');
          body.css({"overflow-y":"visible"});
        }
      }
      $('.open-modal-login').click(function(){
          elements.addClass('active');
          body.css({"overflow-y":"hidden"});
      });

      $('.close-modal').click(function(){
          elements.removeClass('active');
          body.css({"overflow-y":"visible"});
      });

      var el = $('#contact_modal_overlay, #contact_modal');
      var modalc = document.getElementById('contact_modal_overlay');
      document.addEventListener("keydown", function(event) {
        if(event.keyCode === 27){
          el.removeClass('active');
          body.css({"overflow-y":"visible"});
        }
      });
      window.onclick = function(event){
        if(event.target == modalc){
          el.removeClass('active');
          body.css({"overflow-y":"visible"});
        }
      }
      $('.open-modal-contact').click(function(){
          el.addClass('active');
          body.css({"overflow-y":"hidden"});
      });

      $('.close-modal-contact').click(function(){
          el.removeClass('active');
          body.css({"overflow-y":"visible"});
      });

      $.ajaxSetup({
        headers: {'X-CSRF-TOKEN': $("meta[name='csrf-token']").attr("content")}
      });

    });


    window.onload = function(){

      (function(d, s, id){
       var js, fjs = d.getElementsByTagName(s)[0];
       if (d.getElementById(id)) {return;}
       js = d.createElement(s); js.id = id;
       js.src = "//connect.facebook.net/en_US/sdk.js";
       fjs.parentNode.insertBefore(js, fjs);
    }(document, 'script', 'facebook-jssdk'));

    window.fbAsyncInit = function() {
      FB.init({
        appId : '1616853315289008',
        xfbml : true,
        version : 'v2.8'
      });
    };

    $('.btn-facebook').click(function() {
    FB.getLoginStatus(function(response) {
      if (response.status === 'connected') {
        console.log('Already Logged In.');
      }
      else {
        FB.login();
      }
    });
    });

    }

</script>

 

Edited by Nightw0lf
TGSLineage2 Newbie

TGSLineage2

Posted
  • Author
Posted (edited)

@Nightw0lfThanks for your warning, but now I would like you to tell me how its that a unique confirmation token per browsing client generated by the framework I use, could affect my site vulnerability ?

Edited by TGSLineage2
wongerlt Community Regular

wongerlt

Posted
Posted
11 hours ago, Nightw0lf said:

btw your website has a serious vulnerability 


VuGnsl8k5ZKsPUxniMb1I8XK2TbnILwCtcGUpA9X

somebody can hack into another's account and pretend to be him and act like him (change pass, spend money, anything)

 

also this script gives away all your "secrets" 



  <script type="text/javascript">

    $(document).ready(function(){
     

        function verifyLogin(e){
        $.ajax({
          url:"/verifyLogin/"+$(e.target).val()+"",
          dataType: 'JSON',
          method: 'GET',
          success : function(vl){
            if(vl.message=="ok"){
              $(e.target).siblings("#message-email-log").html("<p style='color:green;'>Found email</p>").hide().fadeIn(800);
              
            }else{
              $(e.target).siblings("#message-email-log").html("<p style='color:red;'>Mail not found</p>").hide().fadeIn(800);
            }
          }
        });
      }

      function verifymailReg(e){
      $.ajax({
        url:"/verifyLogin/"+$(e.target).val()+"",
        dataType: 'JSON',
        method: 'GET',
        success : function(vl){
          if(vl.message=="ok"){
            $(e.target).siblings("#message-email-reg").html("<p style='color:white;'>Email not available</p>").hide().fadeIn(800);
          }else{
            $(e.target).siblings("#message-email-reg").html("<p style='color:#92EC00;'>Email available</p>").hide().fadeIn(800);
          }
        }
      });
    }

    function verifyPassword(e){
      $.ajax({
        url:"/verifyPassword/"+$(e.target).val()+"/"+$(e.target).parents('#form-login-in').find('#email').val()+"",
        dataType: 'JSON',
        method: 'GET',
        success : function(vl){
          console.log(vl.dbpass+"   "+vl.requestpass);
          if(vl.message=="ok"){
            
            $(e.target).siblings("#message-password-log").html("<p style='color:green;'>Correct password</p>").hide().fadeIn(800);
          }else{
            $(e.target).siblings("#message-password-log").html("<p style='color:red;'>Wrong password</p>").hide().fadeIn(800);
          }
        }
      });
    }

      $("#email").blur(function(e){
        if($(e.target).val()!=""){
          verifyLogin(e);
        }
      });

      $("#myform-registrationUser").submit(function(e){
      event.preventDefault();
      var a = $(e.target);
      var url="/customRegister";
      var data = $(this).serializeArray();
      var token = $("#token").val();
      $.ajax({
        url : url,
        data : data,
        dataType : 'JSON',
        method : 'POST',
        headers: {'X-CSRF-TOKEN': token},
      }).done(function(response){
        if(response.errors){
          a.find("#message-name-reg").html(response.errors.name).fadeIn(400);
          a.find("#message-email-reg").html(response.errors.email).fadeIn(400);
          a.find("#message-password-reg").html(response.errors.password).fadeIn(400);
        }
        if(response.message=="ok"){
          window.location.replace("/message-registration");
        }
      });
    });
    $("#form-send-mail").submit(function(e){
      e.preventDefault();
      if($(e.targer).find("#email").val()=="" || $(e.targer).find("#subject").val()=="" || $(e.targer).find("#content").val()==""){
        alert("kha");
      }else{
        $.ajax({
          url: "/ckeckMail",
          method: "GET",
          data: $("#form-send-mail").serializeArray(),
          dataType: 'JSON',
        }).done(function(response){
          if(response.errors){
            console.log(response.errors);
          }else{
            window.location.replace("/sendMail");
          }
        });
      }

    });

      $('[data-toggle="tooltip"]').tooltip();
      var id_banners = [];
      var id_premiums = [];
      $("a").each(function(index){
        if($(this).hasClass("active_banner")){
        id_banners.push($(this).attr("id"));
      }
        if($(this).hasClass("active_premium")){
          id_premiums.push($(this).attr("id"));
        }
      });
            setTimeout(function(){
        $.ajax({
          url: "/updateImpresions",
          method: "POST",
          data: {ids : id_banners, idsp : id_premiums},
          dataType: "JSON",
          success : function(e){
            //console.log("Update impressions");
          },
          error : function(e){
            console.log("An error ocurred:"+e.error);
          }
        });
      },100);

          $(".active_banner").click(function(){ 
        var id = $(this).attr("id");
        $.ajax({
          url: "/updateClick",
          method: "POST",
          data: {id : id},
          dataType: "JSON",
          success : function(e){
            console.log(e.message);
          },
          error : function(e){
            console.log("An error ocurred");
          }
        });
    });
          $(".visit").click(function(){ 
        var id = $(this).attr("id");
        $.ajax({
          url: "/updateVisit",
          method: "POST",
          data: {id : id},
          dataType: "JSON",
          success : function(e){
            console.log(e.message);
          },
          error : function(e){
            console.log("An error ocurred");
          }
        });
    });

         $(".active_premium").click(function(){ 
        var id = $(this).attr("id");
        $.ajax({
          url: "/updatePremiumClick",
          method: "POST",
          data: {id : id},
          dataType: "JSON",
          success : function(e){
            console.log(e.message);
          },
          error : function(e){
            console.log("An error ocurred");
          }
        });
    });

     var elements = $('#sign_modal_overlay, #sign_modal');
      var body = $("body");
      var modal = document.getElementById('sign_modal_overlay');
      document.addEventListener("keydown", function(event) {
        if(event.keyCode === 27){
          elements.removeClass('active');
          body.css({"overflow-y":"visible"});
        }
      });
      window.onclick = function(event){
        if(event.target == modal){
          elements.removeClass('active');
          body.css({"overflow-y":"visible"});
        }
      }
      $('.open-modal-login').click(function(){
          elements.addClass('active');
          body.css({"overflow-y":"hidden"});
      });

      $('.close-modal').click(function(){
          elements.removeClass('active');
          body.css({"overflow-y":"visible"});
      });

      var el = $('#contact_modal_overlay, #contact_modal');
      var modalc = document.getElementById('contact_modal_overlay');
      document.addEventListener("keydown", function(event) {
        if(event.keyCode === 27){
          el.removeClass('active');
          body.css({"overflow-y":"visible"});
        }
      });
      window.onclick = function(event){
        if(event.target == modalc){
          el.removeClass('active');
          body.css({"overflow-y":"visible"});
        }
      }
      $('.open-modal-contact').click(function(){
          el.addClass('active');
          body.css({"overflow-y":"hidden"});
      });

      $('.close-modal-contact').click(function(){
          el.removeClass('active');
          body.css({"overflow-y":"visible"});
      });

      $.ajaxSetup({
        headers: {'X-CSRF-TOKEN': $("meta[name='csrf-token']").attr("content")}
      });

    });


    window.onload = function(){

      (function(d, s, id){
       var js, fjs = d.getElementsByTagName(s)[0];
       if (d.getElementById(id)) {return;}
       js = d.createElement(s); js.id = id;
       js.src = "//connect.facebook.net/en_US/sdk.js";
       fjs.parentNode.insertBefore(js, fjs);
    }(document, 'script', 'facebook-jssdk'));

    window.fbAsyncInit = function() {
      FB.init({
        appId : '1616853315289008',
        xfbml : true,
        version : 'v2.8'
      });
    };

    $('.btn-facebook').click(function() {
    FB.getLoginStatus(function(response) {
      if (response.status === 'connected') {
        console.log('Already Logged In.');
      }
      else {
        FB.login();
      }
    });
    });

    }

</script>

 

hooooooooow? :gusta:

Nightw0lf Mentor

Nightw0lf

Posted
Posted
17 hours ago, TGSLineage2 said:

@Nightw0lfThanks for your warning, but now I would like you to tell me how its that a unique confirmation token per browsing client generated by the framework I use, could affect my site vulnerability ?

all of your forms can be faked it does not change and its used for all of your forms lol

  • 2 weeks later...
TGSLineage2 Newbie

TGSLineage2

Posted
  • Author
Posted (edited)
On 12/10/2019 at 11:57, Pigasos-Dev said:

Update for l2top.co

You can do it Yourself, add a constant in you enum class, add some conditinals in your class controller  following the line of the other sites, add attributes in your model class, edit your DAO class , edit your table voters.

Edited by TGSLineage2
  • 2 weeks later...
  • 1 month later...
Smith Newbie

Smith

Posted
Posted

I have tested today!

It doesn't work, the jars are old, for Acis ante 362, it doesn't work because they constantly change the location files and their renames.
And the tgs.jar file has references that do not exist in current Acis or in old ones.
That is to work and only in version 362.
That's a pity

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing


  • Posts

    • kreis
      L2DragonLnads Custom High Five

      By kreis · Posted

      L2Virus the one who buyed those files from me.
    • ALISMS
      SMS.PRO - platform for selling your numbers

      By ALISMS · Posted

      Hi ️ Are you a supplier or do you have your own modem and are looking for a place to sell numbers?  SMS.PRO - The best option for selling your numbers  You choose the selling price yourself  Sale option: public (to everyone) or private (you choose who you want to sell to)  Everything works automatically  The simplest possible connection  Visit the website SMS.PRO and start selling your numbers.  Support @alismsorg_bot
    • L2Virus
      L2DragonLnads Custom High Five

      By L2Virus · Posted

      Good luck to anyone playing on this server . Kamael items are bugged ( stats are insane ) Commands not working properly ( .getreward for example  ... gives u free reward without voting ). When i had those files , i fixed most of the stuff .   Every 2-3 years , he closes the server because players report bugs to him about items , he dont know how to fix then he repeating the process again https://ibb.co/Fkv7y9hJ https://ibb.co/fdYP2bVQ https://ibb.co/sp1f8C61 https://ibb.co/CKZnCgL7 https://ibb.co/Z6GktJgP  
    • kreis
      L2DragonLnads Custom High Five

      By kreis · Posted

      Hello and welcome Server started 2026-01-05 Web site: https://l2dragonlands.eu Discrod: https://discord.gg/ngQUY8FB8G Rates >Xp x500 >Sp x500 >Drop x25 >Spoil x25 Enchant rates: Safe/max enchant +500  Blessed and simple scrolls max enchant (+200)  Enchant maneger to make +500.  In server items are progresed in tiers. Weapons: Starter > Vesper > Vorpal > Elegia > Ferrum. Armors: Starter > Moirai > Vesper > Vesper Noble > Vorpal > Elegia > Scarlet. Jewels: Starter > Vesper > Vorpal > Elegia > Ferrum. Cloaks: Pearl White > Pitch Black > Frintezza > Class Cloka > Hero > Scarlet. Acessories: Goblin Circlet 1/2lvl > Half Mask Mage 1/2lvl > Half Mask Fighter 1/2lvl > Flame of valakas > Gem Mask > Ferrum Helmet. Belt: Mithril Belt > Vitality Belt. Badges: For fighter and mage from 1lvl to 6lvl upgraded in order. Bracelets: Mithril > Shiny Fighter/Mage > 1/2lvl custom talismans in bracelest. Agathion: 7 tiers upgrade in order eatch one. Clan item shop/ New weapon Spadona upgradeble from 1lvl till 85lvl. Farm zones in order: >Giran Harbor > WasteLand > Gateway > Valley of Saints > Chromatic > Ruins of Despair > Soul Harbor > Dragon Valley. >LvL up zone >PvP zone Custom instance zone. Custom buff maneger it will grand big boost in stats. Lotery maneger to gamble. Extra features ALT+B: >Events  >Rankings  >Clan  >RB Status  >Updates and other Auto Event system: >Team VS Team event - Auto event  >Capture The Flag - Auto event Olympiad: >Retail olympiad game  >Competition period [2] week  >Olympiad start time [18:00] end [00:00]  >Maximum enchant in the Olympiad is +10, not custom items in olympiada only normal ones from shop.
    • protoftw
      Graphic/Html Designs - Protojah

      By protoftw · Posted

      L2 VOID - ADVERTISING BANNER   L2 FURY - ANIMATED BANNER   L2 HEROIC - ANIMATED BANNER   L2 WEED - ANIMATED BANNER   L2 REFORGE - ANIMATED LOGO   L2 WARZONE - ANIMATED LOGO   L2 ACME - SPLASH SCREEN   L2 DRUGS - ANIMATED BANNER   L2 GOLD - ADVERTISING BANNER   L2 AARON - ADVERTISING BANNER  

  • Topics

×
×
  • Create New...

Important Information

This community uses essential cookies to function properly. Non-essential cookies and third-party services are used only with your consent. Read our Privacy Policy and We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue..

AdBlock Extension Detected!

Our website is made possible by displaying online advertisements to our members.

Please disable AdBlock browser extension first, to be able to use our community.

I've Disabled AdBlock