How do I get sure I'm not being hacked?

[D2S05]

Hi, I'm not sure if this is the correct subforum, feel free to move it if it's not.

I've been contacted by an agent from ztmc.com, this guy offered me $50.00 USD in advance each month for introducing text ads in our vb board. When I accepted, he sent me not a HTTP code as I though he would, but some php and xml files and I'd like to be sure those files are completely safe:

The instructions:

Quote:

* Upload the empty file named ad_network_ads_405.txt set the web server to have write permissions to this file. An easy way to set the permissions would be with the following command:

chmod 666 ad_network_ads_265.txt

* Upload ad_network_405.php (note both files should be uploaded to the root of the forums)
* In the Styles/Templates section of the Admin section, edit the SHOWTHREAD_SHOWPOST, printthread and footer templates, and add the following to it (somewhere appropriate):

footer:
$ad_network


# Import product-advertising_links.xml under AdminCP -> Plugin System -> Manage Products -> Add/Import Product

The xml file:

Code:

<?xml version="1.0" encoding="ISO-8859-1"?>

<product productid="advertising_links" active="1">
	<title>Advertising Links</title>
	<description><![CDATA[Allows you to run 5 advertising links on your forum]]></description>
	<version>1.0</version>
	<codes>
	</codes>
	<templates>
	</templates>
	<plugins>
		<plugin active="1">
			<title>Advertising Links On Archive</title>
			<hookname>archive_process_start</hookname>
			<phpcode><![CDATA[include ('ad_network_405.php');	
echo '<div style="border: 1px solid silver; padding: 8px; background: #eee; margin-bottom: 16px;"><center>';
echo $ad_network . '</center></div>';]]></phpcode>
		</plugin>
		<plugin active="1">
			<title>Advertising Links On Main Forum</title>
			<hookname>global_start</hookname>
			<phpcode><![CDATA[include ('ad_network_405.php');]]></phpcode>
		</plugin>
	</plugins>
	<phrases>
	</phrases>
	<options>
	</options>
</product>

The php file:

Code:

<?php
	// Last update:  October 6, 2005 5:49 pm (PST)

	function file_get_contents_an($url) {
		if (substr ($url, 0, 7) == 'http://') {
			$url = parse_url ($url);
			if ($handle = @fsockopen ($url['host'], 80)) {
				fwrite ($handle, "GET $url[path]?$url[query] HTTP/1.0\r\nHost: $url[host]\r\nConnection: Close\r\n\r\n");
				while (!feof($handle)) {
					$string .= @fread($handle, 40960);
				}
				$string = explode ("
", $string);
				$string = array_pop ($string);
			}
		} else {
			$handle = fopen($url, 'r');
			$string = fread($handle, 4096000);
			
		}
		fclose($handle);
		return $string;
	}
	
	if (!function_exists('make_seed')) {
		function make_seed() {
			list($usec, $sec) = explode(' ', microtime());
			return (float) $sec + ((float) $usec * 100000);
		}
		mt_srand (make_seed());
	}

	if (!isset($_SERVER)) $_SERVER = $HTTP_SERVER_VARS;

	$ad_file = 'ad_network_ads_405.txt';
	for ($i = 0; $i <= 11; $i++) {
		$path = substr ('../../../../../../../../../../', 0, $i * 3);
		if (file_exists ($path . $ad_file)) {
			$ad_file = $path . $ad_file;
			break;
		}
	}

	if (is_writable ($ad_file)) {
		$ad_network = array();
		$ads = file_get_contents_an ($ad_file);
		$ads = explode ('<ad_break>', $ads);
		$ads_temp = explode ('|', $ads[0]);

		$file = fopen($ad_file, 'r+');
		if (flock ($file, LOCK_EX|LOCK_NB, $would_block) && !$would_block) {
			if ((count ($ads) < $ads_temp[4] + 1 && $ads_temp[0] + $ads_temp[6] < time()) || $ads_temp[0] + $ads_temp[5] < time()) {
				$new_ad = file_get_contents_an ('http://ads.digitalpoint.com/network.php?c=' . $_SERVER['SERVER_NAME'] . '&type=link');
				if ($new_ad) {
					$ads_param = explode ('<ad_param>' , $new_ad);
					$new_ad = $ads_param[1];
					unset ($ads_param[1]);
					$ads_temp = explode ('|', $ads_temp[0] . '|' . $ads_temp[1] . '|' . $ads_temp[2] . '|' . $ads_param[0]);
				} else {
					$ads_param = array_slice ($ads_temp, 3, 6);
				}
				$ads_temp[1] = (integer)$ads_temp[1] + 1;
				if ($ads_temp[1] > $ads_temp[4]) $ads_temp[1] = 1;
				$ads[0] = time() . '|' . $ads_temp[1] . '|' . gethostbyname('validate.digitalpoint.com') . '|' . implode ('|', $ads_param);
				if ($new_ad) {
					$ads[$ads_temp[1]] = $new_ad;
					if (count ($ads) > $ads_temp[4] + 1) $ads = array_merge ((array)$ads[0], (array)array_slice ($ads, -$ads_temp[4]));
				}
				fwrite ($file, implode ('<ad_break>', $ads));
				ftruncate ($file, ftell($file));
			}
			flock ($file, LOCK_UN);
			fclose ($file);
		}
		$ads_x = 0;
		while (count ($ad_network) < 5) {
			if (count($ad_network) % 2 == 0 && false) {
				$ads_next = (hexdec(substr(md5($_SERVER['SERVER_NAME'] . $_SERVER['SCRIPT_NAME'] . $_SERVER['PATH_INFO'] . $_SERVER['QUERY_STRING']), 0, 6)) % (count($ads) - 1 - $ads_x)) + 1;
				$ads_x++;
			} else {
				$ads_next = mt_rand(1,count($ads) - 1);
			}
			$ad_network[] = $ads[$ads_next];
		}
		foreach ($ad_network as $key => $ad) {
			$split = explode ('<id>', $ad);
			$ad_ids[] = $split[1];
			$ad = $split[0];
			$ads_output = $ads_temp[2] == $_SERVER['REMOTE_ADDR'] || $_SERVER['SERVER_ADDR'] == $_SERVER['REMOTE_ADDR'];
			if ($ads_output) {
				$ad_network[$key] = str_replace ('" />', '" class="' . $ads_temp[3] . '" />', $ad);
			} else {
				$ad_network[$key] = str_replace ('" />', '">', $ad);
			}
		}
		$ad_network = implode (' | ', $ad_network);
		if ($ads_temp[7] && ($ads_output || preg_match('#(' . str_replace ('-', '|', $ads_temp[8]) . ')#si', $_SERVER['HTTP_USER_AGENT'])) && !$_SERVER['HTTPS']) $ad_network .= ' <img src="http://ads.digitalpoint.com/t-' . implode ('-', $ad_ids) . '.gif" width="1" height="1">';
	} else {
		$ad_network = 'You must set the ' . $ad_file . ' file to be writable (check file name as well).';
	}
		if (substr (@$_SERVER['DOCUMENT_NAME'], -6) == '.shtml') {
		ini_set ('zlib.output_compression', 0);
		echo $ad_network;
	}

?>

If you find anything suspicious or find them clean I'd really appreciate your opinion as I don't understand a bit of php or xml programming.


Thank you!