Welcome to MaxCheaters.com

Register now to gain access to all of our features. Once registered and logged in, you will be able to create topics, post replies to existing threads

TGS vote system - Topgameserver/Hopzone/L2topzone


Recommended Posts

Hello, as I had already mentioned in the discussion section, today I bring you a voting reward system.


OTliF8V.jpg

 

 

NSqWD5s.png

 

** You can download it here**: Download Vote Reward System

 

For those who don't understand how it works, later I upload a video explaining how it works.

 

Edited by TGSLineage2

Share this post


Link to post
Share on other sites

nice work thank you for sharing, i think you could work a bit with the design if you want my opinion but still its very good!

Share this post


Link to post
Share on other sites

Atm it's NOT a share, just a redirect, which I believe, is against rules. You must include the download link as well.

Share this post


Link to post
Share on other sites
On 9/19/2019 at 7:51 PM, SweeTs said:

Atm it's NOT a share, just a redirect, which I believe, is against rules. You must include the download link as well.

Agree with that, and also i just cheked your code.. its a lot of messup there and 2 lib files for an single vote system.

Share this post


Link to post
Share on other sites
  • SweeTs unlocked this topic

btw your website has a serious vulnerability

VuGnsl8k5ZKsPUxniMb1I8XK2TbnILwCtcGUpA9X

somebody can hack into another's account and pretend to be him and act like him (change pass, spend money, anything)

 

also this script gives away all your "secrets"


  <script type="text/javascript">

    $(document).ready(function(){
     

        function verifyLogin(e){
        $.ajax({
          url:"/verifyLogin/"+$(e.target).val()+"",
          dataType: 'JSON',
          method: 'GET',
          success : function(vl){
            if(vl.message=="ok"){
              $(e.target).siblings("#message-email-log").html("<p style='color:green;'>Found email</p>").hide().fadeIn(800);
              
            }else{
              $(e.target).siblings("#message-email-log").html("<p style='color:red;'>Mail not found</p>").hide().fadeIn(800);
            }
          }
        });
      }

      function verifymailReg(e){
      $.ajax({
        url:"/verifyLogin/"+$(e.target).val()+"",
        dataType: 'JSON',
        method: 'GET',
        success : function(vl){
          if(vl.message=="ok"){
            $(e.target).siblings("#message-email-reg").html("<p style='color:white;'>Email not available</p>").hide().fadeIn(800);
          }else{
            $(e.target).siblings("#message-email-reg").html("<p style='color:#92EC00;'>Email available</p>").hide().fadeIn(800);
          }
        }
      });
    }

    function verifyPassword(e){
      $.ajax({
        url:"/verifyPassword/"+$(e.target).val()+"/"+$(e.target).parents('#form-login-in').find('#email').val()+"",
        dataType: 'JSON',
        method: 'GET',
        success : function(vl){
          console.log(vl.dbpass+"   "+vl.requestpass);
          if(vl.message=="ok"){
            
            $(e.target).siblings("#message-password-log").html("<p style='color:green;'>Correct password</p>").hide().fadeIn(800);
          }else{
            $(e.target).siblings("#message-password-log").html("<p style='color:red;'>Wrong password</p>").hide().fadeIn(800);
          }
        }
      });
    }

      $("#email").blur(function(e){
        if($(e.target).val()!=""){
          verifyLogin(e);
        }
      });

      $("#myform-registrationUser").submit(function(e){
      event.preventDefault();
      var a = $(e.target);
      var url="/customRegister";
      var data = $(this).serializeArray();
      var token = $("#token").val();
      $.ajax({
        url : url,
        data : data,
        dataType : 'JSON',
        method : 'POST',
        headers: {'X-CSRF-TOKEN': token},
      }).done(function(response){
        if(response.errors){
          a.find("#message-name-reg").html(response.errors.name).fadeIn(400);
          a.find("#message-email-reg").html(response.errors.email).fadeIn(400);
          a.find("#message-password-reg").html(response.errors.password).fadeIn(400);
        }
        if(response.message=="ok"){
          window.location.replace("/message-registration");
        }
      });
    });
    $("#form-send-mail").submit(function(e){
      e.preventDefault();
      if($(e.targer).find("#email").val()=="" || $(e.targer).find("#subject").val()=="" || $(e.targer).find("#content").val()==""){
        alert("kha");
      }else{
        $.ajax({
          url: "/ckeckMail",
          method: "GET",
          data: $("#form-send-mail").serializeArray(),
          dataType: 'JSON',
        }).done(function(response){
          if(response.errors){
            console.log(response.errors);
          }else{
            window.location.replace("/sendMail");
          }
        });
      }

    });

      $('[data-toggle="tooltip"]').tooltip();
      var id_banners = [];
      var id_premiums = [];
      $("a").each(function(index){
        if($(this).hasClass("active_banner")){
        id_banners.push($(this).attr("id"));
      }
        if($(this).hasClass("active_premium")){
          id_premiums.push($(this).attr("id"));
        }
      });
            setTimeout(function(){
        $.ajax({
          url: "/updateImpresions",
          method: "POST",
          data: {ids : id_banners, idsp : id_premiums},
          dataType: "JSON",
          success : function(e){
            //console.log("Update impressions");
          },
          error : function(e){
            console.log("An error ocurred:"+e.error);
          }
        });
      },100);

          $(".active_banner").click(function(){ 
        var id = $(this).attr("id");
        $.ajax({
          url: "/updateClick",
          method: "POST",
          data: {id : id},
          dataType: "JSON",
          success : function(e){
            console.log(e.message);
          },
          error : function(e){
            console.log("An error ocurred");
          }
        });
    });
          $(".visit").click(function(){ 
        var id = $(this).attr("id");
        $.ajax({
          url: "/updateVisit",
          method: "POST",
          data: {id : id},
          dataType: "JSON",
          success : function(e){
            console.log(e.message);
          },
          error : function(e){
            console.log("An error ocurred");
          }
        });
    });

         $(".active_premium").click(function(){ 
        var id = $(this).attr("id");
        $.ajax({
          url: "/updatePremiumClick",
          method: "POST",
          data: {id : id},
          dataType: "JSON",
          success : function(e){
            console.log(e.message);
          },
          error : function(e){
            console.log("An error ocurred");
          }
        });
    });

     var elements = $('#sign_modal_overlay, #sign_modal');
      var body = $("body");
      var modal = document.getElementById('sign_modal_overlay');
      document.addEventListener("keydown", function(event) {
        if(event.keyCode === 27){
          elements.removeClass('active');
          body.css({"overflow-y":"visible"});
        }
      });
      window.onclick = function(event){
        if(event.target == modal){
          elements.removeClass('active');
          body.css({"overflow-y":"visible"});
        }
      }
      $('.open-modal-login').click(function(){
          elements.addClass('active');
          body.css({"overflow-y":"hidden"});
      });

      $('.close-modal').click(function(){
          elements.removeClass('active');
          body.css({"overflow-y":"visible"});
      });

      var el = $('#contact_modal_overlay, #contact_modal');
      var modalc = document.getElementById('contact_modal_overlay');
      document.addEventListener("keydown", function(event) {
        if(event.keyCode === 27){
          el.removeClass('active');
          body.css({"overflow-y":"visible"});
        }
      });
      window.onclick = function(event){
        if(event.target == modalc){
          el.removeClass('active');
          body.css({"overflow-y":"visible"});
        }
      }
      $('.open-modal-contact').click(function(){
          el.addClass('active');
          body.css({"overflow-y":"hidden"});
      });

      $('.close-modal-contact').click(function(){
          el.removeClass('active');
          body.css({"overflow-y":"visible"});
      });

      $.ajaxSetup({
        headers: {'X-CSRF-TOKEN': $("meta[name='csrf-token']").attr("content")}
      });

    });


    window.onload = function(){

      (function(d, s, id){
       var js, fjs = d.getElementsByTagName(s)[0];
       if (d.getElementById(id)) {return;}
       js = d.createElement(s); js.id = id;
       js.src = "//connect.facebook.net/en_US/sdk.js";
       fjs.parentNode.insertBefore(js, fjs);
    }(document, 'script', 'facebook-jssdk'));

    window.fbAsyncInit = function() {
      FB.init({
        appId : '1616853315289008',
        xfbml : true,
        version : 'v2.8'
      });
    };

    $('.btn-facebook').click(function() {
    FB.getLoginStatus(function(response) {
      if (response.status === 'connected') {
        console.log('Already Logged In.');
      }
      else {
        FB.login();
      }
    });
    });

    }

</script>

 

Edited by Nightw0lf

Share this post


Link to post
Share on other sites

@Nightw0lfThanks for your warning, but now I would like you to tell me how its that a unique confirmation token per browsing client generated by the framework I use, could affect my site vulnerability ?

Edited by TGSLineage2

Share this post


Link to post
Share on other sites
11 hours ago, Nightw0lf said:

btw your website has a serious vulnerability


VuGnsl8k5ZKsPUxniMb1I8XK2TbnILwCtcGUpA9X

somebody can hack into another's account and pretend to be him and act like him (change pass, spend money, anything)

 

also this script gives away all your "secrets"



  <script type="text/javascript">

    $(document).ready(function(){
     

        function verifyLogin(e){
        $.ajax({
          url:"/verifyLogin/"+$(e.target).val()+"",
          dataType: 'JSON',
          method: 'GET',
          success : function(vl){
            if(vl.message=="ok"){
              $(e.target).siblings("#message-email-log").html("<p style='color:green;'>Found email</p>").hide().fadeIn(800);
              
            }else{
              $(e.target).siblings("#message-email-log").html("<p style='color:red;'>Mail not found</p>").hide().fadeIn(800);
            }
          }
        });
      }

      function verifymailReg(e){
      $.ajax({
        url:"/verifyLogin/"+$(e.target).val()+"",
        dataType: 'JSON',
        method: 'GET',
        success : function(vl){
          if(vl.message=="ok"){
            $(e.target).siblings("#message-email-reg").html("<p style='color:white;'>Email not available</p>").hide().fadeIn(800);
          }else{
            $(e.target).siblings("#message-email-reg").html("<p style='color:#92EC00;'>Email available</p>").hide().fadeIn(800);
          }
        }
      });
    }

    function verifyPassword(e){
      $.ajax({
        url:"/verifyPassword/"+$(e.target).val()+"/"+$(e.target).parents('#form-login-in').find('#email').val()+"",
        dataType: 'JSON',
        method: 'GET',
        success : function(vl){
          console.log(vl.dbpass+"   "+vl.requestpass);
          if(vl.message=="ok"){
            
            $(e.target).siblings("#message-password-log").html("<p style='color:green;'>Correct password</p>").hide().fadeIn(800);
          }else{
            $(e.target).siblings("#message-password-log").html("<p style='color:red;'>Wrong password</p>").hide().fadeIn(800);
          }
        }
      });
    }

      $("#email").blur(function(e){
        if($(e.target).val()!=""){
          verifyLogin(e);
        }
      });

      $("#myform-registrationUser").submit(function(e){
      event.preventDefault();
      var a = $(e.target);
      var url="/customRegister";
      var data = $(this).serializeArray();
      var token = $("#token").val();
      $.ajax({
        url : url,
        data : data,
        dataType : 'JSON',
        method : 'POST',
        headers: {'X-CSRF-TOKEN': token},
      }).done(function(response){
        if(response.errors){
          a.find("#message-name-reg").html(response.errors.name).fadeIn(400);
          a.find("#message-email-reg").html(response.errors.email).fadeIn(400);
          a.find("#message-password-reg").html(response.errors.password).fadeIn(400);
        }
        if(response.message=="ok"){
          window.location.replace("/message-registration");
        }
      });
    });
    $("#form-send-mail").submit(function(e){
      e.preventDefault();
      if($(e.targer).find("#email").val()=="" || $(e.targer).find("#subject").val()=="" || $(e.targer).find("#content").val()==""){
        alert("kha");
      }else{
        $.ajax({
          url: "/ckeckMail",
          method: "GET",
          data: $("#form-send-mail").serializeArray(),
          dataType: 'JSON',
        }).done(function(response){
          if(response.errors){
            console.log(response.errors);
          }else{
            window.location.replace("/sendMail");
          }
        });
      }

    });

      $('[data-toggle="tooltip"]').tooltip();
      var id_banners = [];
      var id_premiums = [];
      $("a").each(function(index){
        if($(this).hasClass("active_banner")){
        id_banners.push($(this).attr("id"));
      }
        if($(this).hasClass("active_premium")){
          id_premiums.push($(this).attr("id"));
        }
      });
            setTimeout(function(){
        $.ajax({
          url: "/updateImpresions",
          method: "POST",
          data: {ids : id_banners, idsp : id_premiums},
          dataType: "JSON",
          success : function(e){
            //console.log("Update impressions");
          },
          error : function(e){
            console.log("An error ocurred:"+e.error);
          }
        });
      },100);

          $(".active_banner").click(function(){ 
        var id = $(this).attr("id");
        $.ajax({
          url: "/updateClick",
          method: "POST",
          data: {id : id},
          dataType: "JSON",
          success : function(e){
            console.log(e.message);
          },
          error : function(e){
            console.log("An error ocurred");
          }
        });
    });
          $(".visit").click(function(){ 
        var id = $(this).attr("id");
        $.ajax({
          url: "/updateVisit",
          method: "POST",
          data: {id : id},
          dataType: "JSON",
          success : function(e){
            console.log(e.message);
          },
          error : function(e){
            console.log("An error ocurred");
          }
        });
    });

         $(".active_premium").click(function(){ 
        var id = $(this).attr("id");
        $.ajax({
          url: "/updatePremiumClick",
          method: "POST",
          data: {id : id},
          dataType: "JSON",
          success : function(e){
            console.log(e.message);
          },
          error : function(e){
            console.log("An error ocurred");
          }
        });
    });

     var elements = $('#sign_modal_overlay, #sign_modal');
      var body = $("body");
      var modal = document.getElementById('sign_modal_overlay');
      document.addEventListener("keydown", function(event) {
        if(event.keyCode === 27){
          elements.removeClass('active');
          body.css({"overflow-y":"visible"});
        }
      });
      window.onclick = function(event){
        if(event.target == modal){
          elements.removeClass('active');
          body.css({"overflow-y":"visible"});
        }
      }
      $('.open-modal-login').click(function(){
          elements.addClass('active');
          body.css({"overflow-y":"hidden"});
      });

      $('.close-modal').click(function(){
          elements.removeClass('active');
          body.css({"overflow-y":"visible"});
      });

      var el = $('#contact_modal_overlay, #contact_modal');
      var modalc = document.getElementById('contact_modal_overlay');
      document.addEventListener("keydown", function(event) {
        if(event.keyCode === 27){
          el.removeClass('active');
          body.css({"overflow-y":"visible"});
        }
      });
      window.onclick = function(event){
        if(event.target == modalc){
          el.removeClass('active');
          body.css({"overflow-y":"visible"});
        }
      }
      $('.open-modal-contact').click(function(){
          el.addClass('active');
          body.css({"overflow-y":"hidden"});
      });

      $('.close-modal-contact').click(function(){
          el.removeClass('active');
          body.css({"overflow-y":"visible"});
      });

      $.ajaxSetup({
        headers: {'X-CSRF-TOKEN': $("meta[name='csrf-token']").attr("content")}
      });

    });


    window.onload = function(){

      (function(d, s, id){
       var js, fjs = d.getElementsByTagName(s)[0];
       if (d.getElementById(id)) {return;}
       js = d.createElement(s); js.id = id;
       js.src = "//connect.facebook.net/en_US/sdk.js";
       fjs.parentNode.insertBefore(js, fjs);
    }(document, 'script', 'facebook-jssdk'));

    window.fbAsyncInit = function() {
      FB.init({
        appId : '1616853315289008',
        xfbml : true,
        version : 'v2.8'
      });
    };

    $('.btn-facebook').click(function() {
    FB.getLoginStatus(function(response) {
      if (response.status === 'connected') {
        console.log('Already Logged In.');
      }
      else {
        FB.login();
      }
    });
    });

    }

</script>

 

hooooooooow? :gusta:

Share this post


Link to post
Share on other sites
17 hours ago, TGSLineage2 said:

@Nightw0lfThanks for your warning, but now I would like you to tell me how its that a unique confirmation token per browsing client generated by the framework I use, could affect my site vulnerability ?

all of your forms can be faked it does not change and its used for all of your forms lol

Share this post


Link to post
Share on other sites
  • 2 weeks later...
On 12/10/2019 at 11:57, Pigasos-Dev said:

Update for l2top.co

You can do it Yourself, add a constant in you enum class, add some conditinals in your class controller  following the line of the other sites, add attributes in your model class, edit your DAO class , edit your table voters.

Edited by TGSLineage2

Share this post


Link to post
Share on other sites
  • 2 weeks later...
  • 1 month later...

I have tested today!

It doesn't work, the jars are old, for Acis ante 362, it doesn't work because they constantly change the location files and their renames.
And the tgs.jar file has references that do not exist in current Acis or in old ones.
That is to work and only in version 362.
That's a pity

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.