<?phpset_time_limit(0);date_default_timezone_set("Australia/Melbourne");

1. <?php
2.  
3. set_time_limit(0);
4. date_default_timezone_set("Australia/Melbourne");
5. libxml_use_internal_errors(true);
6. ini_set('display_errors', 'on');
7. error_reporting(E_ALL);
8.  
9. do {
10. $server = new MSERVER();
11. unset($server);
12. } while (true);
13.  
14. class MSERVER {
15.  
16. private $info = array();
17. public $socket = array(null, null);
18. public $users = array();
19. public $ipbans = array();
20. public $protected = array();
21. public $rfilter = array();
22. public $debug = false;
23. public $hasGroupPowers = array("Lobby", "Help");
24.  
25. public function __construct() {
26. //require __DIR__ . "/../_class/config.php";
27. $config = (object) array( 'db' => array( 0 => 'localhost', 1 => 'root', 2 => 'Zpwx4rwtp7MB', 3 => 'u2277954_ichat2' ) ); //Configuracao
28. $this->mysql = new Database($config->db[0], $config->db[1], $config->db[2], $config->db[3]);
29.  
30. $this->resetConfig();
31. $this->bind();
32.  
33. while (true) {
34. $this->bind();
35.  
36. while ($this->socket[0]) {
37. $this->listen();
38. }
39.  
40. array_map('socket_close', $this->socket);
41. }
42. }
43.  
44. public function resetConfig() {
45. $this->config = $this->mysql->fetch_array("select * from `server` limit 0, 1;");
46. $this->config = (object) $this->config[0];
47.  
48. $this->config->spam_wait = 800;
49. $this->config->staff = (array) json_decode($this->config->staff);
50. $this->config->pawns = (array) json_decode($this->config->pawns);
51.  
52. $this->config->pcount = $this->mysql->fetch_array('select count(distinct `section`) as `count` from `powers`;');
53. $this->config->pcount = $this->config->pcount[0]['count'];
54.  
55. $this->hash = $this->mysql->rand(25); /* For API Laterz */
56. $this->ipbans = $this->mysql->fetch_array("select `ipbans` from `server`;");
57. $this->ipbans = (array) json_decode($this->ipbans[0]['ipbans']);
58. $this->mysql->query("update `server` set `pid`='" . getmypid() . "';");
59. }
60.  
61. public function bind() {
62. try {
63. global $argv;
64. $this->socket = array(
65. socket_create(AF_INET, SOCK_STREAM, SOL_TCP),
66. socket_create_listen(0)
67. );
68.  
69. socket_getsockname(end($this->socket), $ip, $port);
70. $this->mysql->query("update `server` set `ipc`={$port};");
71. socket_set_option($this->socket[0], SOL_SOCKET, SO_REUSEADDR, true);
72.  
73. if (!isset($argv[1]) || $argv[1] != 'debug') {
74. socket_bind($this->socket[0], $this->config->server_ip, $this->config->server_pt) or exit('line:' . __LINE__);
75. } else {
76. $this->debug = true;
77. print 'binding on debug port' . chr(10);
78. socket_bind($this->socket[0], $this->config->server_ip, $this->config->backup_pt) or exit('line:' . __LINE__);
79. }
80.  
81. socket_listen($this->socket[0]);
82. socket_set_block($this->socket[0]);
83. } catch (Exception $e) {
84. print $e->getMessage();
85. exit('line:' . __LINE__);
86. }
87. }
88.  
89. public function listen($null = null, $ipc = 0) {
90. /* Create Read Array */
91. $read = $this->socket;
92. foreach ($this->users as $user) {
93. $read[] = $user->sock;
94. }
95. $except = $read;
96. /* Accept / Filter New Connections */
97. if (@socket_select($read, $null, $except, null) < 1) {
98. continue;
99. }
100.  
101. foreach ($this->socket as $i => $psock) {
102. if (in_array($psock, $read)) {
103. switch ((int) $i) {
104. case 0:
105. $socket = socket_accept($psock);
106. socket_set_nonblock($socket);
107.  
108. if (!is_resource($socket) || count($this->users) >= $this->config->max_total) {
109. @socket_close($socket);
110. break;
111. }
112.  
113. socket_set_option($socket, SOL_SOCKET, SO_SNDTIMEO, array('sec' => 3, 'usec' => 0));
114.  
115. @socket_getpeername($socket, $ip);
116. foreach ($this->users as $user) {
117. if ($user->ipaddr == $ip) {
118. $ipc++;
119. }
120. }
121.  
122. if ($ipc > $this->config->max_per_ip || in_array($ip, $this->ipbans)) {
123. foreach ($this->users as $user) {
124. if ($user->ipaddr == $ip) {
125. $this->disconnect($user->index);
126. }
127. }
128. break;
129. }
130.  
131. do {
132. $index = $this->mysql->rand();
133. } while (isset($this->users[$index]));
134.  
135. $this->users[$index] = new client($socket, $this, $index, $ip);
136. break;
137.  
138. case 1:
139. $this->socket[] = socket_accept($psock);
140. break;
141.  
142. default: /* For API if I feel like making it later */
143. $data = trim(socket_read($psock, 1205));
144.  
145. if (strlen($data) <= 1) {
146. socket_close($psock);
147. unset($this->socket[$i]);
148. break;
149. }
150.  
151. $packet = simplexml_load_string($data);
152. $data = $this->GetMultiAttr($packet);
153.  
154. if (!method_exists($packet, 'getName')) {
155. break;
156. }
157.  
158. switch ($packet->getName()) {
159. case 'usercount':
160. socket_write($psock, count($this->users));
161. break;
162. case 'globalMessage':
163. foreach ($this->users as $i => $user) {
164. if ($user->online == true) {
165. $user->sendPacket('<fuckoff/>');
166. }
167. }
168. break;
169. }
170. break;
171. }
172. }
173. }
174. /* Read From Waiting Sockets, kill exceptions */
175. if (!is_array($except)) {
176. $except = array(); /* To avoid a possibility of an error below */
177. }
178.  
179. foreach ($this->users as $index => $user) {
180. if (in_array($user->sock, $except) || !$user->sock) {
181. unset($this->users[$index]);
182. } elseif (in_array($user->sock, $read)) {
183. $input = '';
184. while(@socket_recv($user->sock, $buf, (4096 * 4096), 0) >= 1)
185. {
186. $input .= $buf;
187. }
188. if (trim($input) == '' || ord(substr($input, 0, 1)) == 136) {
189. unset($this->users[$index]);
190. continue;
191. } elseif (substr_count($input, chr(0)) <= 1) {
192. $this->handle($input, $user);
193. }
194. }
195. }
196. }
197. private function handle($packet, &$user) {
198. $packet = str_replace('', '', $packet); //RIP Chrome
199.  
200. try {
201. if ($this->debug) {
202. var_dump($packet);
203. }
204.  
205.  
206. if ($user->mobile == false && substr($packet, 0, 1) !== '<') {
207. $user->mobile = true;
208. }
209.  
210. if (substr($packet, 0, 2) == '<x') {
211. $user->sendRoom($packet);
212. }
213.  
214. if ($user->mobile == true) {
215. if ($user->mobready == false) {
216. $user->buffer .= $packet;
217. if (strlen($user->buffer) >= 4096) {
218. throw new Exception();
219. }
220.  
221. if (is_numeric(strpos($user->buffer, "\r\n\r\n"))) {
222. $headers = array();
223. $lines = explode("\r\n", $user->buffer);
224. foreach ($lines as $line) {
225. $line = explode(': ', $line, 2);
226. if (count($line) < 2)
227. continue;
228. $headers[strtolower($line[0])] = $line[1];
229. }
230.  
231. if (!isset($headers['sec-websocket-key'])) {
232. throw new Exception();
233. }
234.  
235. $secAccept = base64_encode(pack('H*', sha1($headers['sec-websocket-key'] . '258EAFA5-E914-47DA-95CA-C5AB0DC85B11')));
236. $response = array();
237. array_push($response, "HTTP/1.1 101 Pulse");
238. array_push($response, "Upgrade: websocket");
239. array_push($response, "Connection: Upgrade");
240. array_push($response, "Sec-WebSocket-Accept: " . $secAccept);
241. @socket_write($user->sock, implode("\r\n", $response) . "\r\n\r\n");
242.  
243. $user->mobready = true;
244. }
245.  
246. return;
247. } else {
248. $packet = $this->unmask($packet);
249. if ($packet == false) {
250. throw new Exception(1);
251. }
252. }
253. }
254.  
255. if (strpos($packet, '<', 1) !== false) {
256. throw new Exception(2);
257. }
258. $packet2 = $packet;
259. $packet = simplexml_load_string(trim($packet));
260.  
261. if (!method_exists($packet, 'getName')) {
262. libxml_clear_errors(true);
263. throw new Exception(3);
264. }
265.  
266. $tag = strtolower($packet->getName());
267. $lPackets = array('policy-file-request', 'j2', 'y', 'login');
268.  
269. if (strlen($tag) > 25 || $tag == '') {
270. throw new Exception(4);
271. }
272.  
273. if (!isset($user->loginKey) || $user->loginKey == null) {
274. if (!in_array($tag, $lPackets)) {
275. throw new Exception(5);
276. }
277. } elseif ($user->authenticated == null && $tag != 'j2') {
278. throw new Exception(6);
279. } elseif (isset($user->id) && in_array($user->id, array(0, 2))) {
280. throw new Exception(7);
281. } elseif ($user->hidden == true && $user->online) {
282. $user->hidden = false;
283. $user->joinRoom($user->chat, false, true, $user->pool);
284. };
285. } catch (Exception $e) {
286. //print $e->getMessage() . "\n";
287. return $this->disconnect($user->index);
288. }
289.  
290.  
291. if (!$user->authenticated && !in_array($tag, $lPackets)) {
292. return $this->disconnect($user->index, true);
293. }
294.  
295. switch ($tag) {
296. //For bots
297. case 'login':
298. //$key = $this->getAttribute($packet, 'key');//lol later
299. $user2 = $this->getAttribute($packet, 'user');
300. $password = $this->getAttribute($packet, 'pass');
301. $userLogin = $this->mysql->fetch_array('select * from `users` where `username`=\'' . $this->mysql->sanatize($user2) . '\';');
302. if (!$this->mysql->validate($password, $userLogin[0]['password']) || empty($userLogin)) {
303. $user->sendPacket('<login t="Bad Username/Password." e="1" />');
304. } else {
305. $loginKey = md5(json_encode(array(time(), $userLogin[0]['username'], $userLogin[0]['password'])));
306. $this->mysql->query('update `users` set `loginKey`=\'' . $loginKey . '\' where `username`=\'' . $this->mysql->sanatize($userLogin[0]['username']) . '\';');
307.  
308. if ((floor(($userLogin[0]['days'] - time()) / (24 * 3600) + 0.3) >= 1 ? floor(($userLogin[0]['days'] - time()) / (24 * 3600) + 0.3) : 0) >= 1)
309. {
310. $upowers = $this->mysql->fetch_array("select * from `userpowers` where `userid`={$userLogin[0]['id']};");
311. $spowers = $this->mysql->fetch_array("select * from `powers` where `name` not like '%(Undefined)%';");
312. list($vals, $p, $dO, $powerO, $pp) = array(array(), array(), '', '', '');
313. foreach ($spowers as $i => $u)
314. {
315. $vals[$u["id"]] = array($u["section"], $u["subid"]);
316. if (!isset($p[$u["section"]]))
317. {
318. $p[$u["section"]] = 0;
319. }
320. }
321.  
322. foreach ($upowers as $i => $u)
323. {
324. if ($u["count"] >= 1 && isset($vals[$u["powerid"]]) && isset($p[$vals[$u["powerid"]][0]]))
325. {
326. $str = $u['powerid'] . '=' . ($u['count'] > 1 ? ($u['count'] - 1) : 1) . '|';
327. $dO .= $str;
328.  
329. if ($u['count'] > 1)
330. {
331. $powerO .= $str;
332. }
333.  
334. $p[$vals[$u["powerid"]][0]] += $vals[$u["powerid"]][1];
335. }
336. }
337. }
338.  
339. $nickname = explode('##', $userLogin[0]['nickname'], 2);
340. if (count($nickname) != 2) {
341. $nickname[1] = "";
342. }
343. $vars = "";
344. $vars .= 'userno="' . $userLogin[0]["id"] . '" ';
345. $vars .= 'avatar="' . $userLogin[0]["avatar"] . '" ';
346. $vars .= 'k1="' . $userLogin[0]["k"] . '" ';
347. $vars .= 'd0="' . $userLogin[0]["d0"] . '" ';
348. $vars .= 'd1="' . $userLogin[0]["days"] . '" ';
349. $vars .= 'd2="' . $userLogin[0]["d2"] . '" ';
350. $vars .= 'd3="" ';
351.  
352. foreach ($p as $i => $u)
353. $vars .= 'd' . (substr($i, 1) + 4) . '="' . $u . '" ';
354.  
355. $vars .= 'dt=0" ';
356. $vars .= 'homepage="' . $userLogin[0]["url"] . '" ';
357. $vars .= 'Powers="' . implode(",", $p) . '" ';
358. $vars .= 'PowerO="' . $powerO . '" ';
359. $vars .= 'status="' . $nickname[1] . '" ';
360. $vars .= 'dO="'.$dO.'" ';
361. $vars .= 'dx="' . $userLogin[0]["xats"] . '" ';
362. $vars .= 'registered="' . $userLogin[0]["username"] . '" ';
363. $vars .= 'k2="' . $userLogin[0]["k2"] . '" ';
364. $vars .= 'k3="' . $userLogin[0]["k3"] . '" ';
365. $vars .= 'name="' . $nickname[0] . '" ';
366. $vars .= 'loginKey="' . $loginKey . '"';
367. $user->sendPacket('<v ' . $vars . ' e="0" />');
368. }
369. break;
370.  
371. case substr($tag, 0, 1) == 'w':
372. $pool = substr($tag, 1, 2);
373. $chat = $this->mysql->fetch_array("select * from `chats` where `id`={$user->chat};");
374. $rank = str_replace('\'','"',$chat[0]['pools']);
375. $rank = json_decode($rank, true);
376. $rankS = $user->noToRank($rank['rnk']);
377. if($rankS == "o" && $user->rank != 1){
378. break;
379. }
380. elseif($rankS == "M" && ($user->rank != 1 && $user->rank != 4)){
381. break;
382. }
383. elseif($rankS == "m" && ($user->rank != 1 && $user->rank != 4 && $user->rank != 2)){
384. break;
385. }
386. elseif($rankS == "e" && ($user->rank != 1 && $user->rank != 4 && $user->rank != 2 && $user->rank != 3)){
387. break;
388. } else {
389. $user->sendRoom("<l u=\"{$user->id}\" />");
390. $user->switchingPools = true;
391. $user->joinRoom($user->chat, true, true, $pool);
392. }
393. break;
394.  
395.  
396.  
397. case 'f':
398. $users = $this->getAttribute($packet, 'o');
399. if ($users === false || $this->spamfilter($tag, $user, 200)) {
400. $this->disconnect($user->index);
401. } else {
402. $friends = (array) explode(' ', $users);
403. $online = array();
404. foreach ($this->users as $i => $_user) {
405. if ($_user->id != $user->id && in_array($_user->id, $friends) && $_user->hidden === false && !in_array($_user->id, $online)) {
406. array_push($online, $_user->id);
407. }
408. }
409. $user->sendPacket('<f v="' . implode(',', $online) . '" />');
410. }
411. break;
412.  
413. case 'policy-file-request':
414. if (isset($user->policy)) {
415. return $this->ipban($user->ipaddr);
416. }
417.  
418. $user->sendPacket('<cross-domain-policy><allow-access-from domain="*" to-ports="*" /></cross-domain-policy>');
419. $user->policy = 1;
420. break;
421.  
422. case 'y':
423. if (isset($user->loginKey) && $user->loginKey != null) {
424. return $this->ipban($user->ipaddr);
425. }
426.  
427. $user->loginKey = rand(10000000, 99999999);
428. $user->loginShift = rand(2, 5);
429. $user->loginTime = time();
430.  
431. $user->sendPacket('<y yi="' . $user->loginKey . '" yc="' . $user->loginTime . '" ys="' . $user->loginShift . '" />');
432. break;
433.  
434. case 'j2':
435.  
436. if ($user->authenticated == true) {
437. $user->sendPacket('<logout />');
438. return $this->disconnect($user->index);
439. }
440.  
441. if ($user->authenticate($packet) == false) {
442. $user->sendPacket('<n t="Voce deve registrar/fazer login!." />');
443. $user->sendPacket('<logout />');
444. $this->disconnect($user->index);
445. }
446.  
447.  
448.  
449. break;
450.  
451. case 'l':
452. $this->disconnect($user->index);
453. break;
454.  
455.  
456. case 'm':
457. if ($user->banned > time()) {
458. return false;
459. }
460.  
461. if (isset($this->protected[$user->chat])) {
462. if ($this->protected[$user->chat]['end'] < time()) {
463. unset($this->protected[$user->chat]);
464. $user->sendRoom("<m t=\"A protecao do chat foi desativa
465. pois ja se passarao 60 minutos.\" u=\"0\" />");
466. } elseif ($this->protected[$user->chat]['type'] == 'noguest') {
467. if ($user->rank == 5 || $user->rank == 40) {
468. return false;
469. }
470. } elseif ($this->protected[$user->chat]['type'] == 'unreg') {
471. if ($user->guest == true && in_array($user->rank, array(5, 40))) {
472. return false;
473. }
474. }
475. }
476.  
477. if (in_array($user->rank, array(5, 40)) && $user->guest == true) {
478. if (!isset($this->rfilter[$user->chat])) {
479. $this->rfilter[$user->chat] = array();
480. }
481.  
482. $ctime = time() - 5;
483. $count = 1;
484. foreach ($this->rfilter[$user->chat] as $i => $time) {
485. if ($ctime > $time) {
486. unset($this->rfilter[$user->chat][$i]);
487. continue;
488. }
489.  
490. $count++;
491. }
492.  
493. array_push($this->rfilter[$user->chat], time());
494. if ($count >= 12) {
495. $this->protected[$user->chat] = array('end' => time() + 3600, 'type' => 'unreg');
496. $user->sendRoom("<m u=\"0\" t=\"Protecao do chat foi ativada!(Raid Detected)\" />");
497. foreach ($this->users as $i => $u) {
498. if ($u->chat == $user->chat && in_array($u->rank, array(5, 40)) && $u->guest == true) {
499. $u->sendPacket('<n t="Protection ativada, chutando null users." />');
500. $this->disconnect($u->index);
501. }
502. }
503.  
504. unset($this->rfilter[$user->chat]);
505. }
506. }
507.  
508. $message = $this->getAttribute($packet, 't');
509.  
510. if (empty($message)) {
511. return false;
512. } elseif (substr($message, 0, 1) == '!') { // commands <-- That's there so I can ctrl+f to here quickly <:
513. $owner = in_array($user->id, $this->config->staff) ? true : false;
514.  
515. $args = explode(' ', substr($message, 1));
516. switch (strtolower($args[0])) {
517. case 'resetconfig':
518. if ($owner) {
519. $this->resetConfig();
520. $user->sendPacket('<m u="0" t="Configuration has been reloaded" />');
521. }
522. break;
523.  
524. case 'setrank':
525. if (!$owner) {
526. break;
527. }
528.  
529. switch ($s) {
530. case "mod":
531. case "moderator":
532. $return = 2;
533. break;
534.  
535. case "guest":
536. $return = 5;
537. break;
538.  
539. case "member":
540. $return = 3;
541. break;
542.  
543. case "owner":
544. $return = 4;
545. break;
546. }
547. $this->mysql->query('delete from `ranks` where `chatid`=' . $user->chat . ' and `userid`=' . $user->id . ';');
548. $this->mysql->query('insert into `ranks`(`userid`, `chatid`, `f`) values(' . $user->id . ', ' . $user->chat . ', ' . $return . ');');
549. $this->disconnect($user->index);
550. break;
551. case 'users':
552. if (!$member) {
553. break;
554. }
555. $user->sendRoom('<n t="0" t="' . count($this->users) . ' usuarios divertiendose en AMERIXAT!" />');
556. break;
557.  
558. case 'setxats':
559. if (count($args) != 3 || !$owner) {
560. break;
561. }
562. $uRow = $this->mysql->fetch_array('select `id`, `username`, `password` from `users` where `username`=\'' . $this->mysql->sanatize($args[1]) . '\';');
563. if (count($uRow) == 1 && is_numeric($args[2])) {
564. $this->mysql->query('update `users` set `xats`=' . $args[2] . ' where `username`=\'' . $this->mysql->sanatize($args[1]) . '\';');
565. $_user = $this->getuserbyid($uRow[0]['id'], $user->chat);
566. if ($_user != false) {
567. $_user->sendPacket($this->doLogin($uRow[0]['username'], $uRow[0]['password']));
568. }
569. }
570. break;
571.  
572.  
573. case 'setdays':
574. if (count($args) != 3 || !$owner) { break; }
575. $uRow = $this->mysql->fetch_array('select `id`, `username`, `password` from `users` where `username`=\'' . $this->mysql->sanatize($args[1]) . '\';');
576. if (count($uRow) == 1 && is_numeric($args[2]))
577. {
578. $this->mysql->query('update `users` set `days`=' . strtotime("+ " . $args[2] . " days") . ' where `username`=\'' . $this->mysql->sanatize($args[1]) . '\';');
579. $_user = $this->getuserbyid($uRow[0]['id'], $user->chat);
580. if ($_user != false)
581. {
582. $_user->sendPacket($this->doLogin($uRow[0]['username'], $uRow[0]['password']));
583. }
584. }
585. break;
586.  
587.  
588.  
589. case "clear":
590. if($rank > 3) {$user->sendPacket('<n t="You don\'t have a high enough rank!" />'); break;}
591. $this->mysql->query("delete from `messages` where `id` = '{$user->chat}';");
592. $user->sendRoom('<n t="Mensajes borrados!" />');
593. $this->disconnect($user->index);
594. $user->sendRoom("<l u=\"{$u->id}\" />");
595. break;
596.  
597. case 'roulette':
598. $num = floor(36 * (rand(0, 36) * rand(0, 36)));
599. $user->sendAll("<n t=\"$num IS Your Number!\" />");
600. return;
601.  
602. case 'release':
603. if (!$owner) {
604. break;
605. }
606. $power = $args[1];
607. $amount = $args[2];
608. $this->mysql->query("UPDATE `powers` SET `amount`='" . $amount . "' WHERE `name`='" . $power . "'");
609. $Mais = $amount == 1 ? "" : "s";
610. $user->sendAll("<n t=\"{$amount} {$power}{$Mais} Foi Liberado!\" />");
611. return;
612. break;
613.  
614. case 'unrelease':
615. if (!$owner) {
616. break;
617. }
618. $power = $args[1];
619. $amount = $args[2];
620. $this->mysql->query("UPDATE `powers` SET `amount`='" . $amount . "' WHERE `name`='" . $power . "'");
621. $Mais = $amount == 0 ? "" : "s";
622. $user->sendAll("<n t=\"{$amount} {$power}{$Mais} foi travado!\" />");
623. return;
624. break;
625.  
626. case "global":
627. if (!$owner) {
628. break;
629. }
630. $args = explode(' ', substr($message, 1), 2);
631. $sum = "<n t=\"{$args[1]}\" />";
632. $user->sendAll($sum);
633. return;
634. break;
635.  
636. case 'relog':
637. if (count($args) == 2 && $owner) {
638. $_user = $this->mysql->fetch_array('select * from `users` where `username`=\'' . $this->mysql->sanatize($args[1]) . '\';');
639. if (empty($_user)) {
640. break;
641. }
642. $online = $this->getuserbyid($_user[0]['id']);
643. if (is_object($online)) {
644. $online->sendPacket($this->doLogin($_user[0]['username'], $_user[0]['password']));
645. }
646. return;
647. }
648.  
649. break;
650.  
651. case 'limited':
652. if (!$owner) {
653. break;
654. }
655. $power = $args[1];
656. $this->mysql->query("UPDATE `powers` SET `limited`='1' WHERE `name`='" . $power . "'");
657. $user->sendRoom('<n t="0" t="o power [' . $power . '] agora e limitado!" i="0" />');
658. break;
659. case 'unlimited':
660. if (!$owner) {
661. break;
662. }
663. $power = $args[1];
664. $this->mysql->query("UPDATE `powers` SET `limited`='0' WHERE `name`='" . $power . "'");
665. $user->sendRoom('<n t="0" t="o power [' . $power . '] agora nao e mais limitado!" i="0" />');
666. break;
667.  
668. case 'every':
669. case 'nopowers':
670. if (count($args) != 2 || !$owner) {
671. break;
672. }
673. $uRow = $this->mysql->fetch_array('select * from `users` where `username`=\'' . $this->mysql->sanatize($args[1]) . '\';');
674. if (count($uRow) == 1) {
675. $this->mysql->query('delete from `userpowers` where `userid`=' . $uRow[0]['id'] . ';');
676. if (strtolower($args[0]) == 'every') {
677. $powers = $this->mysql->fetch_array('select `id`, `name` from `powers` where `name` not like \'%(Undefined)%\' and `subid`<2147483647;');
678. $inputs = '';
679. foreach ($powers as $power) {
680. if (!is_numeric($power['name'])) {
681. $inputs .= '(' . $uRow[0]['id'] . ', ' . $power['id'] . ', 1),';
682. }
683. }
684. $this->mysql->query('insert into `userpowers` (`userid`, `powerid`, `count`) values ' . substr($inputs, 0, -1) . ';');
685. }
686.  
687. $_user = $this->getuserbyid($uRow[0]['id'], $user->chat);
688. if ($_user != false) {
689. $_user->sendPacket($this->doLogin($uRow[0]['username'], $uRow[0]['password']));
690. }
691. }
692. break;
693. case 'gback':
694. if (!$owner) {
695. break;
696. }
697. $arg1 = $args[1];
698. $this->mysql->query("UPDATE `chats` SET `gback`='" . $arg1 . "' WHERE `id`='" . $user->chat . "'");
699. $user->sendPacket('<m u="0" t="gback has been updated [' . $arg1 . ']" i="0" />');
700. break;
701. case 'addpower':
702. case 'delpower':
703. if (count($args) == 3 && $owner) { /* Just cause I felt like doing it this way this time */
704. $_user = $this->mysql->fetch_array('select * from `users` where `username`=\'' . $this->mysql->sanatize($args[1]) . '\';');
705. $power = $this->mysql->fetch_array('select * from `powers` where `name`=\'' . $this->mysql->sanatize($args[2]) . '\';');
706. if (empty($_user) || empty($power)) {
707. break;
708. }
709. $this->mysql->query('delete from `userpowers` where `userid`=' . $_user[0]['id'] . ' and `powerid`=' . $power[0]['id'] . ';');
710. if (strtolower($args[0]) == 'addpower') {
711. $this->mysql->query('insert into `userpowers`(`userid`, `powerid`, `count`) values(' . $_user[0]['id'] . ', ' . $power[0]['id'] . ', 1);');
712. }
713.  
714. $online = $this->getuserbyid($_user[0]['id']);
715. if (is_object($online)) {
716. $online->sendPacket($this->doLogin($_user[0]['username'], $_user[0]['password']));
717. }
718. }
719. break;
720.  
721. case 'price':
722. $price = $this->mysql->fetch_array("SELECT * FROM `powers` WHERE `name`='".$args[1]."'");
723. $shitthatiactuallyneed = $price[0]['cost'];
724. $user->sendRoom('<n t="Price for the power ['.$args[1].'] - '.$shitthatiactuallyneed.'" u="1" />');
725. break;
726.  
727. case 'power':
728. $pinfo = $this->mysql->fetch_array("SELECT * FROM `powers` WHERE `name`='".$args[1]."'");
729. $desc = $pinfo[0]['description'];
730. $user->sendRoom('<n t="Description for power ['.$args[1].'] - '.$desc.'" u="0" />');
731. break;
732.  
733.  
734.  
735.  
736. case 'subst':
737. if(!$owner)
738. {
739. break;
740. }
741. $uRowPower = $this->mysql->fetch_array('select * from `powers` where `name`=\'' . $this->mysql->sanatize($args[2]) . '\';');
742. $uRow = $this->mysql->fetch_array('select * from `users` where `username`=\'' . $this->mysql->sanatize($args[1]) . '\';');
743. $curXats = $uRow[0]['xats'];
744. $price = $uRowPower[0]['cost'];
745. $total = $curXats - $price;
746. $user->sendRoom("<n t=\"0\" t=\"O USUARIO ".$args[1]." TEM O TOTAL DE ".$curXats." XATS PARA COMPRAR O POWER ".$args[2].", FALTAM Somente ".$total." xats.\" />");
747. break;
748.  
749. case 'setcost':
750. if(!$owner)
751. {
752. break;
753. }
754. $power = $args[1];
755. $this->mysql->query("UPDATE `powers` SET `cost`='".$args[2]."' WHERE `name`='".$power."'");
756. $user->sendRoom('<n t="0" t="Power ['.$power.'] Foi mudado o preco para ['.$args[2].']" i="0" />');
757. break;
758.  
759.  
760. case 'reset': // Torching
761. if(!$owner)
762. {
763. break;
764. }
765. $target = $args[1];
766. $t = $this->mysql->fetch_array("SELECT * FROM `users` WHERE `username`='".$target."';");
767. $i = $t[0]['id'];
768. $ray = floor(floor($id)) * 100 / 2;
769. $inf = base64_encode(serialize(base64_encode($ray)));
770. $this->mysql->query("DELETE FROM `userpowers` WHERE `userid`='".$i."';");
771. $this->mysql->query("DELETE FROM `ranks` WHERE `userid`='".$i."';");
772. if($user->id == '1' OR '-1')
773. {
774. $this->mysql->query("INSERT INTO torches(id, torchedBy, reason, ray_id) VALUES ('".$i."', '".$user->username."', 'Torched by an Administrator for unlisted reasons.', '".$inf."');");
775. } else {
776. $this->mysql->query("INSERT INTO torches(id, torchedBy, reason, ray_id) VALUES ('".$i."', '".$user->username."', 'Reason Unlistd.', '".$inf."');");
777. }
778. $user->sendPacket('<n t="USUARIO '.$target.' FOI RESETADO." />');
779. break;
780.  
781.  
782. case 'fondo':
783. if($user->id == 1)
784. if (!$owner) {
785. break;
786. }
787. $arg1 = $args[1];
788. $this->mysql->query("UPDATE `chats` SET `bg`='{$arg1}' WHERE `id`='".$user->chat."'");
789. $user->sendPacket('<m u="0" t="Ahora el fondo es '.$arg1.'" i="0" />');
790. break;
791.  
792. case 'value':
793. if(!$owner) {
794. break;
795. }
796. $uRow = $this->mysql->fetch_array('select * from `users` where `username`=\'' . $this->mysql->sanatize($args[1]) . '\';');
797. $user->sendRoom("<n t=\"0\" t=\" [".$args[1]."]: days-[".$uRow[0]['xats']."] days-[".$uRow[0]['days']."]\" />");
798. break;
799.  
800. case 'darid':
801. if (count($args) == 3 && is_numeric($args[2]) && $owner) {
802. $_user = $this->mysql->fetch_array('select * from `users` where `username`=\'' . $this->mysql->sanatize($args[1]) . '\';');
803. $_test = $this->mysql->fetch_array('select * from `users` where `id`=\'' . $this->mysql->sanatize($args[2]) . '\';');
804.  
805. if (!empty($_test)) {
806. $user->sendPacket('<m t="ID usada por ' . $_test[0]['username'] . '" u="0" />');
807. break;
808. }
809.  
810. if (empty($_user)) {
811. $user->sendPacket('<m t="Nombre no existe" u="0" />');
812. break;
813. }
814.  
815. $this->mysql->query('update `users` set `id`=' . $this->mysql->sanatize($args[2]) . ' where `id`=' . $_user[0]['id'] . ';');
816. $this->mysql->query('update `ranks` set `userid`=' . $this->mysql->sanatize($args[2]) . ' where `userid`=' . $_user[0]['id'] . ';');
817. $this->mysql->query('update `userpowers` set `userid`=' . $this->mysql->sanatize($args[2]) . ' where `userid`=' . $_user[0]['id'] . ';');
818.  
819. $online = $this->getuserbyid($_user[0]['id']);
820. if (is_object($online)) {
821. $online->sendPacket($this->doLogin($_user[0]['username'], $_user[0]['password']));
822. }
823. }
824. break;
825.  
826. case 'getmain':
827. case 'delrank':
828. if ($owner) {
829. $this->mysql->query('delete from `ranks` where `chatid`=' . $user->chat . ' and `userid`=' . $user->id . ';');
830. if (strtolower($args[0]) == 'getmain') {
831.  
832.  
833. $this->mysql->query('insert into `ranks`(`userid`, `chatid`, `f`) values(' . $user->id . ', ' . $user->chat . ', 1);');
834. }
835. $this->disconnect($user->index);
836. }
837. break;
838. }
839.  
840. } elseif (substr($message, 0, 1) == "!") {
841. if ($message == '/away' && $user->hasPower(144)) {
842. $user->f |= 0x4000;
843. $user->joinRoom($user->chat, false, true, $user->pool);
844. return;
845. } elseif ($message == '/back') {
846. if ($user->f & 0x4000 && $user->hasPower(144)) {
847. $user->f -= 0x4000;
848. $user->joinRoom($user->chat, false, true, $user->pool);
849. }
850.  
851. return;
852. } else {
853. switch (strtolower(substr($message, 1, 1))) {
854. case 'd':
855. if (in_array($user->rank, array(1, 2, 4))) {
856. $mid = substr($message, 2);
857.  
858. if (is_numeric($mid)) {
859. $res = $this->mysql->query('update `messages` set `visible`=0 where `id`=' . $user->chat . ' and `mid`=' . $mid . ';');
860. if ($res) {
861. $user->sendRoom('<m t="/' . $mid . '" u="0" />');
862. unset($user->last['m']);
863. }
864. } elseif ($mid == 'clear') {
865. $res = $this->mysql->query('update `messages` set `visible`=0 where `id`=' . $user->chat . ';');
866. }
867. }
868. return;
869. case 'p':
870. if ($user->rank == 1 || $user->rank == 4) {
871. if (!isset($this->protected[$user->chat])) {
872. $user->sendRoom("<m u=\"0\" t=\"Protecao ativada pelos proximos 60 minutos!({$user->id})\" />");
873. $this->protected[$user->chat] = array("end" => (time() + 3600), "type" => 'noguest');
874. return false;
875. } else {
876. unset($this->protected[$user->chat]);
877. $user->sendRoom("<m u=\"0\" t=\"Protecao desativada!({$user->id})\" />");
878. return false;
879. }
880. }
881. break;
882. case 's':
883. if ($user->rank != 1) {
884. return false;
885. }
886. $scroll = $this->mysql->sanatize(htmlspecialchars(substr($message, 2), ENT_QUOTES));
887. $this->mysql->query("update `chats` set `sc` = '{$scroll}' where `name` = '{$user->group}';");
888. $user->sendRoom("<m u=\"{$user->id}\" t=\"/s" . str_replace('"', '', htmlspecialchars_decode(stripslashes($scroll))) . "\" />");
889. break;
890. case 'g':
891. if ($user->hasPower(32)) {
892. $this->mysql->query('delete from `ranks` where `chatid`=' . $user->chat . ' and `userid`=' . $user->id . ';');
893. $user->joinRoom($user->chat, 0, true);
894. }
895. break;
896. default:
897. $user->message($message);
898. return false;
899. }
900. }
901. }
902.  
903. if ($this->spamfilter($tag, $user, 700))
904. break;
905. $this->mysql->query("insert into `messages` (`id`, `uid`, `message`, `name`, `registered`, `avatar`, `time`, `pool`) values ('{$this->mysql->sanatize($user->chat)}', '{$this->mysql->sanatize($user->id)}', '{$this->mysql->sanatize($message)}', '{$this->mysql->sanatize($user->nickname)}', '{$this->mysql->sanatize($user->username)}', '{$this->mysql->sanatize($user->avatar)}', '" . time() . "', '{$this->mysql->sanatize($user->pool)}');");
906. $user->message($message);
907. $user->last = array();
908. break;
909.  
910. case 'x':
911. $attr = $this->getMultiAttr($packet, array('x', 's', 'b', 'm', 'p', 'k', 'f', 'i', 'u', 'd', 't'));
912.  
913. if($attr['i'] == '30008' && $attr['u'] && $attr['d'] && $attr['t'])
914. {
915. $tradee = $this->getUserByID($attr['d'], $user->chat);
916.  
917. if(is_object($tradee))
918. { // [Client -> Server]: <x i="30008" u="1142540256" d="14200143" t="T,0;0;1=1|4=1|5=1|,0;0;,FFTJaooL4jQZK8L" />
919. // T,myxats;mydays;mypowers,yourxats;yourdays;yourpowers,mypass
920. if(substr($attr['t'], 0, 1) == 'T')
921. {
922. if(isset($tradee->trade[$user->id]))
923. {
924. $trade = explode(',', $attr['t']);
925. if(count($trade) == 4)
926. { // gotta do stuff here
927. $tdata = explode(';', $trade[1]);
928. $tusr2 = explode(';', $trade[2]);
929.  
930. if(count($tdata) == 3 && count($tusr2) == 3)
931. {
932. if(!is_numeric($tdata[0]) || !is_numeric($tdata[1]))
933. {
934. break;
935. }
936.  
937. elseif(!$this->mysql->checkPass($trade[3], $user->password))
938. {
939. $user->sendPacket('<n t="Senha errada" />');
940. $tradee->sendPacket('<n t="(' . $user->id . ') Senha errada" />');
941. }
942.  
943. elseif($tdata[0] > $user->xats || $tdata[0] < 0)
944. {
945. $user->sendPacket('<n t="Voce nao tem xats" />');
946. $tradee->sendPacket('<n t="(' . $user->id . ') Voce nao tem xats" />');
947. }
948.  
949. elseif($tdata[1] > $user->days || $tdata[1] < 0)
950. {
951. $user->sendPacket('<n t="voce nao tem days" />');
952. $tradee->sendPacket('<n t="(' . $user->id . ') voce nao tem days" />');
953. }
954.  
955. else
956. {
957. if($tusr2 != $tradee->trade[$user->id][1] || $tdata != $tradee->trade[$user->id][2])
958. {
959. $user->sendPacket('<n t="Ocorreu um erro na Transferencia Tente novamente" />');
960. $tradee->sendPacket('<n t="Ocorreu um erro na Transferencia Tente novamente" />');
961. }
962. else
963. {
964. $reset0 = $this->mysql->fetch_array('select `xats`, `days`, `password` from `users` where `id`=' . $user->id . ';');
965. $reset1 = $this->mysql->fetch_array('select `xats`, `days`, `password` from `users` where `id`=' . $tradee->id . ';');
966. $u1powers = $this->mysql->fetch_array('select * from `userpowers` where `userid`=' . $user->id);
967. $u2powers = $this->mysql->fetch_array('select * from `userpowers` where `userid`=' . $tradee->id);
968. $u1p = $u2p = $u1p0 = $u2p0 = array();
969. $u1t = $u2t = array(array(), array());
970. $user->xats = $reset0[0]['xats'];
971. $tradee->xats = $reset1[0]['xats'];
972. $user->days = floor(($reset0[0]['days'] - time()) / 86400);
973. $tradee->days = floor(($reset1[0]['days'] - time()) / 86400);
974.  
975. foreach($u1powers as $i => $u) $u1p[$u['powerid']] = $u['count'];
976. foreach($u2powers as $i => $u) $u2p[$u['powerid']] = $u['count'];
977. $u1trade = explode('|', $tdata[2]);
978. $u2trade = explode('|', $tradee->trade[$user->id][1][2]);
979. $u1p0 = $u1p; $u2p0 = $u2p;
980.  
981. foreach($u1trade as $i => $u)
982. {
983. $power = explode('=', $u);
984. if(count($power) == 2)
985. {
986. if(isset($u1p[$power[0]]) && $u1p[$power[0]] >= $power[1])
987. {
988. $u1p[$power[0]] = $u1p[$power[0]] - $power[1];
989. $u2p[$power[0]] = isset($u2p[$power[0]]) ? ($u2p[$power[0]] + $power[1]) : $power[1];
990. }
991. else
992. {
993. $user->sendPacket('<n t="voce nao tem powers" />');
994. $tradee->sendPacket('<n t="(' . $user->id . ') Voce nao tem powers" />');
995. break;
996. }
997. }
998. }
999.  
1000. foreach($u2trade as $i => $u)
1001. {
1002. $power = explode('=', $u);
1003. if(count($power) == 2)
1004. {
1005. if(isset($u2p[$power[0]]) && $u2p[$power[0]] >= $power[1])
1006. {
1007. $u2p[$power[0]] = $u2p[$power[0]] - $power[1];
1008. $u1p[$power[0]] = isset($u1p[$power[0]]) ? ($u1p[$power[0]] + $power[1]) : $power[1];
1009. }
1010. else
1011. {
1012. $tradee->sendPacket('<n t="voce nao tem powers" />');
1013. $user->sendPacket('<n t="(' . $user->id . ') Voce nao tem powers" />');
1014. break;
1015. }
1016. }
1017. }
1018.  
1019. $user->xats += $tradee->trade[$user->id][1][0];
1020. $tradee->xats -= $tradee->trade[$user->id][1][0];
1021.  
1022. $user->xats -= $tdata[0];
1023. $tradee->xats += $tdata[0];
1024.  
1025. $user->days -= $tdata[1];
1026. $tradee->days += $tdata[1];
1027.  
1028. $tradee->days -= $tradee->trade[$user->id][1][1];
1029. $user->days += $tradee->trade[$user->id][1][1];
1030.  
1031. $u1d = time() + ($user->days * 86400);
1032. $u2d = time() + ($user->days * 86400);
1033.  
1034. $this->mysql->query('update `users` set `xats`=' . $user->xats . ', `days`=' . $u1d . ' where `id`=' . $user->id . ';');
1035. $this->mysql->query('update `users` set `xats`=' . $tradee->xats . ', `days`=' . $u2d . ' where `id`=' . $tradee->id . ';');
1036.  
1037. foreach($u1p as $id => $count)
1038. {
1039. if($count < 1)
1040. {
1041. $this->mysql->query('delete from `userpowers` where `userid`=' . $user->id . ' and `powerid`=' . $id . ';');
1042. }
1043. elseif(isset($u1p0[$id]))
1044. {
1045. $this->mysql->query('update `userpowers` set `count`=' . $count . ' where `userid`=' . $user->id . ' and `powerid`=' . $id . ';');
1046. }
1047. else
1048. {
1049. $this->mysql->query('insert into `userpowers`(`userid`, `powerid`, `count`) values(' . $user->id . ', ' . $id . ', ' . $count . ');');
1050. }
1051. }
1052.  
1053. foreach($u2p as $id => $count)
1054. {
1055. if($count < 1)
1056. {
1057. $this->mysql->query('delete from `userpowers` where `userid`=' . $tradee->id . ' and `powerid`=' . $id . ';');
1058. }
1059. elseif(isset($u2p0[$id]))
1060. {
1061. $this->mysql->query('update `userpowers` set `count`=' . $count . ' where `userid`=' . $tradee->id . ' and `powerid`=' . $id . ';');
1062. }
1063. else
1064. {
1065. $this->mysql->query('insert into `userpowers`(`userid`, `powerid`, `count`) values(' . $tradee->id . ', ' . $id . ', ' . $count . ');');
1066. }
1067. }
1068. }
1069. $tradee->sendPacket('<n t="Trade Completado" />');
1070. $user->sendPacket('<n t="(' . $user->id . ') Trade Completado" />');
1071. $data1 = $this->doLogin($user->username, $user->password);
1072. $data2 = $this->doLogin($tradee->username, $tradee->password);
1073. $user->sendPacket($data1);
1074. $tradee->sendPacket($data2);
1075.  
1076. }
1077. }
1078. }
1079. }
1080. else
1081. {
1082. $trade = explode(',', $attr['t']);
1083. if(count($trade) == 4)
1084. {
1085. $tdata = explode(';', $trade[1]);
1086. $tdu2 = explode(';', $trade[2]);
1087. if(count($tdata) == 3 && count($tdu2) == 3)
1088. {
1089. if(!is_numeric($tdata[0]) || !is_numeric($tdata[1]))
1090. {
1091. break;
1092. }
1093.  
1094. elseif(!$this->mysql->checkPass($trade[3], $user->password))
1095. {
1096. $user->sendPacket('<n t="Mala Contraseña" />');
1097. $tradee->sendPacket('<n t="(' . $user->id . ') Mala contraseña" />');
1098. }
1099.  
1100. elseif($tdata[0] > $user->xats || $tdata[0] < 0)
1101. {
1102. $user->sendPacket('<n t="No tiene xats" />');
1103. $tradee->sendPacket('<n t="(' . $user->id . ') No tiene xats" />');
1104. }
1105.  
1106. elseif($tdata[1] > $user->days || $tdata[1] < 0)
1107. {
1108. $user->sendPacket('<n t="No tiene days" />');
1109. $user->sendPacket('<n t="(' . $user->id . ') No tiene days" />');
1110. }
1111.  
1112. else
1113. {
1114. $user->trade[$tradee->id] = array($trade, $tdata, $tdu2);
1115. }
1116. }
1117. }
1118. }
1119. }
1120.  
1121. $tradee->sendPacket($rawXML);
1122. }
1123.  
1124.  
1125. break;
1126. }
1127. else
1128. {
1129.  
1130. $x = $attr['x'];
1131. $s = $attr['s'];
1132. $b = $attr['b'];
1133. $m = $attr['m'];
1134. $p = $attr['p'];
1135. $k = $attr['k'];
1136. $f = $attr['f'];
1137. $i = $attr['i'];
1138. $user->sendPacket("<x i=\"{$i}\" u=\"{$user->id}\" b=\"{$b}\" x=\"{$x}\" t=\"{$m}\" />");
1139.  
1140. }
1141. break;
1142.  
1143.  
1144. case 'ap':
1145. $attributes = Array(
1146. 'a',
1147. 'p'
1148. );
1149. $attributes = $this->getMultiAttr( $packet, $attributes );
1150. $a = $attributes[ 'a' ];
1151. $p = $attributes[ 'p' ];
1152. $power = $this->mysql->fetch_array( "SELECT * FROM `powers` WHERE `id`='{$this->mysql->sanatize($p)}';" );
1153. $existe = $this->mysql->fetch_array( "SELECT * FROM `chat_powers` WHERE `power`='{$this->mysql->sanatize($p)}' AND `chat`='{$user->group}';" );
1154. $double = $this->mysql->fetch_array( "SELECT * FROM `userpowers` WHERE `powerid`='{$this->mysql->sanatize($p)}' AND `userid`='{$user->id}';" );
1155. $count = $this->mysql->fetch_array( "SELECT * FROM `chat_powers` WHERE `power`='{$this->mysql->sanatize($p)}' AND `usuario`='{$user->id}';" );
1156. switch ( $a )
1157. {
1158. case 1:
1159. If ( !$user->hasPower( $p ) )
1160. return $user->sendPacket( '<n t="Voce nao tem este power!" />' );
1161. If ( Isset( $existe[ 0 ][ 'id' ] ) )
1162. return $user->sendPacket( '<n t="Ja tem este power ativado neste chat!" />' );
1163. if ( $double[ 0 ][ 'count' ] < count( $count ) + 1 )
1164. return $user->sendPacket( '<n t="Voce precisa de mais um power deste compre mais uma unidade!" />' );
1165. $this->mysql->query( "INSERT INTO chat_powers(`chat`,`usuario`,`power`) VALUES ('{$user->group}','{$user->id}','{$this->mysql->sanatize($p)}');" );
1166. $user->sendPacket( '<n t="' . $power[ 0 ][ 'name' ] . ' foi assinado!" />' );
1167. break;
1168.  
1169. case 0:
1170. If ( !$user->hasPower( $p ) )
1171. return $user->sendPacket( '<n t="Voce nao tem este power!" />' );
1172. If ( !Isset( $existe[ 0 ][ 'id' ] ) )
1173. return $user->sendPacket( '<n t="Voce nao tem este power ativado aqui!" />' );
1174. $this->mysql->query( "DELETE FROM chat_powers WHERE `usuario`='{$user->id}' AND `power`='{$this->mysql->sanatize($p)}' AND `chat`='{$user->group}';" );
1175. $user->sendPacket( '<n t="' . $power[ 0 ][ 'name' ] . ' foi des-assinado!" />' );
1176. break;
1177. } //$a
1178. break;
1179. case 'a':
1180. if ($this->spamfilter($tag, $user, $this->config->spam_wait) || $user->banned > time())
1181. break;
1182. if ($user->guest == true) {
1183. return false;
1184. }
1185.  
1186. $attributes = array('x', 's', 'b', 'm', 'p', 'k', 'f');
1187. $attributes = $this->getMultiAttr($packet, $attributes);
1188. $x = $attributes['x'];
1189. $s = $attributes['s'];
1190. $b = $attributes['b'];
1191. $m = $attributes['m'];
1192. $p = $attributes['p'];
1193. $k = $attributes['k'];
1194. $f = $attributes['f'];
1195.  
1196. if (!$b && !$f) {
1197. if ($user->xats < 25) {
1198. return $user->sendPacket('<m t="/wVoce nao\'Tem xats o suficientes!" u="0" />');
1199. }
1200.  
1201. $usr = $this->mysql->fetch_array("select * from `users` where `id`='{$user->id}';");
1202. $usr = $usr[0];
1203. if (!$this->mysql->checkPass($p, $usr['password'])) {
1204. return $user->sendPacket('<v e="8" />');
1205. }
1206.  
1207. $user->xats = ($usr['xats'] - 25);
1208. $this->mysql->query("update `users` set `xats` = '{$user->xats}', `reserve`=`reserve`-25 where `id` = '{$user->id}';");
1209. $user->sendRoom("<a u=\"{$user->id}\" k=\"{$k}\" t=\"{$m}\" />", true);
1210. $user->sendPacket("<a u=\"{$user->id}\" k=\"{$k}\" t=\"{$m}\" c=\"{$user->xats}\" />");
1211. } else {
1212. switch ($k) {
1213. case 'Confetti':
1214. case 'Hearts':
1215. case 'Marriage':
1216. case 'Marry':
1217. case 'Rings':
1218. case 'Sunset':
1219. if ($user->d2 != 0){
1220. $user->sendPacket('<n t="/wYou already have a BFF or are married." u="0" />');
1221. break;
1222. }
1223. if ($user->id == $b){
1224. $user->sendPacket('<n t="/wYou can\'t marry yourself" u="0" />');
1225. break;
1226. }
1227. $usr = $this->mysql->fetch_array("select * from `users` where `id`='{$user->id}';");
1228. $usr = $usr[0];
1229. if (!$this->mysql->checkPass($p, $usr['password'])){
1230. return $user->sendPacket('<v e="8" />');
1231. }
1232. if ($user->xats < 200){
1233. $user->sendPacket('<v e="11" />');
1234. break;
1235. }
1236. $u = $this->getUserByID($b, $user->chat);
1237. if (!is_object($u)) { break; }
1238. if ($u->hasPower(99)){
1239. return $user->sendPacket('<n t="' . $u->id . ' has single power." />');
1240. }
1241. $user->xats = ($usr['xats'] - 200);
1242. if ($u->d2 != 0){
1243. $user->sendPacket('<m t="/wThat has a BFF or is already married." u="0" />');
1244. break;
1245. }
1246. $this->mysql->query("update `users` set `bride` = '{$u->id}', `d2` = '{$u->id}', `xats` = '{$user->xats}', `reserve`=`reserve`-200 where `id` = '{$user->id}';");
1247. $this->mysql->query("update `users` set `bride` = '{$user->id}', `d2` = '{$user->id}' where `id` = '{$u->id}';");
1248. $data1 = $this->doLogin($user->username, $user->password);
1249. $data2 = $this->doLogin($u->username, $u->password);
1250. $user->sendRoom("<a u=\"{$user->id}\" k=\"{$k}\" t=\"{$m}\" />", true);
1251. $user->sendPacket("<a u=\"{$user->id}\" k=\"{$k}\" t=\"{$m}\" c=\"{$user->xats}\" />");
1252. $user->sendPacket($data1);
1253. $u->sendPacket($data2);
1254. break;
1255.  
1256. case 'Argue':
1257. case 'Hippod':
1258. case 'Divorce':
1259. case 'Divorced':
1260. case 'Botd':
1261. $this->mysql->query("update `users` set `d0` = '0', `d2` = '0', `bride` = '' where `id` = '{$user->id}';");
1262. $user->sendRoom("<a u=\"{$user->id}\" k=\"{$k}\" t=\"{$m}\" />", true);
1263. $user->sendPacket("<a u=\"{$user->id}\" k=\"{$k}\" t=\"{$m}\" c=\"{$user->xats}\" />");
1264. $data1 = $this->doLogin($user->username, $user->password);
1265. $user->sendPacket($data1);
1266. break;
1267.  
1268. case 'Champagne':
1269. if ($user->d2 != 0){
1270. $user->sendPacket('<m t="/wYou\'re already BFF\'d | Married" u="0" />');
1271. break;
1272. }
1273. if ($user->id == $b){
1274. $user->sendPacket('<m t="/wYou can\'t BFF yourself" u="0" />');
1275. break;
1276. }
1277. $usr = $this->mysql->fetch_array("select * from `users` where `id`='{$user->id}';");
1278. $usr = $usr[0];
1279. if (!$this->mysql->checkPass($p, $usr['password'])){
1280. return $user->sendPacket('<v e="8" />');
1281. }
1282. if ($user->xats < 200){
1283. $user->sendPacket('<v e="11" />');
1284. break;
1285. }
1286. $u = $this->getUserByID($f, $user->chat);
1287. if (!is_object($u)) { break; }
1288. if ($u->hasPower(99)){
1289. return $user->sendPacket('<n t="' . $u->id . ' has single power." />');
1290. }
1291. $user->xats = ($usr['xats'] - 25);
1292. if ($u->d2 != 0){
1293. $user->sendPacket('<m t="/wThat user is already BFF\'d/Married" u="0" />');
1294. break;
1295. }
1296.  
1297. $this->mysql->query("update `users` set `d0` = '1', `d2` = '{$u->id}', `xats` = '{$user->xats}', `reserve`=`reserve`-25 where `id` = '{$user->id}';");
1298. $this->mysql->query("update `users` set `d0` = '1', `d2` = '{$user->id}' where `id` = '{$u->id}';");
1299. $data1 = $this->doLogin($user->username, $user->password);
1300. $data2 = $this->doLogin($u->username, $u->password);
1301. $user->sendRoom("<a u=\"{$user->id}\" k=\"{$k}\" t=\"{$m}\" />", true);
1302. $user->sendPacket("<a u=\"{$user->id}\" k=\"{$k}\" t=\"{$m}\" c=\"{$user->xats}\" />");
1303. $user->sendPacket($data1);
1304. $u->sendPacket($data2);
1305. break;
1306.  
1307. case 'T':
1308. If ( $x < 0 || !is_numeric( $x ) )
1309. {
1310. return $this->disconnect( $user->index );
1311. } //$x < 0 || !is_numeric( $x )
1312. $usr = $this->mysql->fetch_Array( "select * from `users` where `id`='{$user->id}';" );
1313. $usr = $usr[ 0 ];
1314. If ( $usr[ 'transferblock' ] > time() )
1315. {
1316. return $user->sendPacket( '<v e="10" />' );
1317. } //$usr[ 'transferblock' ] > time()
1318. If ( !$this->mysql->checkPass( $p, $usr[ 'password' ] ) )
1319. {
1320. return $user->sendPacket( '<v e="8" />' );
1321. } //!$this->mysql->checkPass( $p, $usr[ 'password' ] )
1322. If ( $x > $usr[ 'xats' ] )
1323. {
1324. return $user->sendPacket( '<v e="11" />' );
1325. } //$x > $usr[ 'xats' ]
1326. If ( $x > $usr[ 'xats' ] - $usr[ 'reserve' ] )
1327. {
1328. return $user->sendPacket( "<n t=\"Voce nao pode usar todos seus xats (Voce so podera usar " . ( $usr[ 'xats' ] - $usr[ 'reserve' ] ) . " xats).\" />" );
1329. } //$x > $usr[ 'xats' ] - $usr[ 'reserve' ]
1330. If ( strtotime( "+ $s days" ) > $usr[ 'days' ] )
1331. {
1332. return $user->sendPacket( '<v e="18" />' );
1333. } //strtotime( "+ $s days" ) > $usr[ 'days' ]
1334. $u = $this->getUserByID( $b, $user->chat );
1335. If ( !is_object( $u ) )
1336. {
1337. return $user->sendPacket( '<v e="0" m="a" t="" />' );
1338. } //!is_object( $u )
1339.  
1340. If ( $user->ipaddr == $u->ipaddr )
1341. {
1342. return $user->sendPacket( '<n t="Voce nao pode fazer transfer com si propio .-." />' );
1343. } //$user->ipaddr == $u->ipaddr
1344.  
1345. $u->xats += $x;
1346. If ( $u->days <= 0 )
1347. {
1348. $u->days = $s;
1349. } //$u->days <= 0
1350. Else
1351. {
1352. $u->days += $s;
1353. }
1354. $user->xats -= $x;
1355. $user->days -= $s;
1356. $uDAYS = strtotime( "+ " . $u->days . " days" );
1357. $UDAYS = strtotime( "+ " . $user->days . " days" );
1358. $this->mysql->query( "update `users` set `xats`='{$u->xats}', `days`='{$uDAYS}' where `id` = '{$u->id}';" );
1359. $this->mysql->query( "update `users` set `xats`='{$user->xats}', `days`='{$UDAYS}' where `id` = '{$user->id}';" );
1360. $this->mysql->query( "insert into `transfers` (`to`, `from`, `xats`, `days`, `timestamp`) values ('{$u->id}', '{$user->id}', '{$x}', '{$s}', '" . time() . "');" );
1361.  
1362. $user->sendPacket( "<a c=\"{$user->xats}\" u=\"{$user->id}\" b=\"{$b}\" s=\"{$s}\" x=\"{$x}\" k=\"T\" t=\"{$m}\" />" );
1363. $u->sendPacket( "<a c=\"{$u->xats}\" u=\"{$user->id}\" b=\"{$b}\" s=\"{$s}\" x=\"{$x}\" k=\"T\" t=\"{$m}\" />" );
1364.  
1365. $user->joinRoom( $user->chat, 1 );
1366. $u->joinRoom( $user->chat, 1 );
1367. break;
1368. } //$k
1369. }
1370. break;
1371.  
1372. case 'p':
1373. $u = $this->getuserbyid($this->getAttribute($packet, 'u', true), $user->chat);
1374. if (!is_object($u)) {
1375. break;
1376. }
1377.  
1378. $attr = $this->getMultiAttr($packet, array('t', 's'));
1379.  
1380. if (substr($attr['t'], 0, 1) == "/") {
1381. switch (1) {
1382. case substr( $attr[ 't' ], 1, 2 ) == 'nb':
1383. $verIficar = $this->mysql->fetch_Array( "SELECT * FROM `bans` WHERE userid = {$u->id} AND `chatid` = {$user->chat} AND type = 'f262144';" );
1384. If ( !@$verIficar[ 0 ][ 'index' ] )
1385. {
1386. $time = strtotime( "+ 20 years" );
1387. $this->mysql->query( "insert into `bans` (`chatid`, `userid`, `unbandate`, `ip`, `type`) values ('{$user->chat}', '{$u->id}', '{$time}', '{$u->ipaddr}', 'f262144');" );
1388. $u->joinRoom( $user->chat, False, True, 0 );
1389. $user->sendRoom( '<m p="' . substr( $attr[ 't' ], 3 ) . '" t="/nb' . substr( $attr[ 't' ], 3 ) . '" u="' . $user->id . '" d="' . $u->id . '" />', False, $u->id );
1390. } //!$verIficar[ 0 ][ 'index' ]
1391. Else
1392. {
1393. $this->mysql->query( "delete from `bans` where `chatid`='{$user->chat}' and `userid`='{$u->id}' and type='f262144';" );
1394. $u->f -= 262144;
1395. $u->joinRoom( $user->chat, 0, True );
1396. }
1397. break;
1398.  
1399.  
1400. case substr($attr['t'], 1, 2) == 'mo':
1401. if (!in_array($user->rank, array(1)) || !$this->higherRank($user->rank, $u->rank, true)) {
1402. break;
1403. }
1404. $time = round(substr($attr['t'], 3), 1);
1405. if (!is_numeric($time) || $time > 24 || $time < 1) {
1406. return $user->sendPacket("<n t=\"Please use the following format\n/mo2.5 for 2.5 hours.\nMax:24\nMin:1\" />");
1407. }
1408. $this->mysql->query("delete from `ranks` where `userid`='{$u->id}' and `chatid`='{$user->chat}';");
1409. $this->mysql->query("insert into `ranks`(`userid`, `chatid`, `f`, `tempend`) values('{$u->id}', '{$u->chatid}', 4, " . (time() + ($time * 60 * 60)) . ");");
1410. $x = "<i>";
1411. $x = htmlspecialchars($x);
1412. $user->sendRoom("<m u=\"{$user->id}\" t=\"{$x} I have made {$u->username} an owner for {$time} hours!\" />");
1413. $u->joinRoom($user->chat, 0, true);
1414. break;
1415.  
1416. case substr($attr['t'], 1, 2) == 'mb':
1417. if (!in_array($user->rank, array(1)) || !$this->higherRank($user->rank, $u->rank, true)) {
1418. break;
1419. }
1420. $time = round(substr($attr['t'], 3), 1);
1421. if (!is_numeric($time) || $time > 24 || $time < 1) {
1422. return $user->sendPacket("<n t=\"Please use the following format\n/mo2.5 for 2.5 hours.\nMax:24\nMin:1\" />");
1423. }
1424. $this->mysql->query("delete from `ranks` where `userid`='{$u->id}' and `chatid`='{$user->chat}';");
1425. $this->mysql->query("insert into `ranks`(`userid`, `chatid`, `f`, `tempend`) values('{$u->id}', '{$u->chatid}', 3, " . (time() + ($time * 60 * 60)) . ");");
1426. $x = "<i>";
1427. $x = htmlspecialchars($x);
1428. $user->sendRoom("<m u=\"{$user->id}\" t=\"{$x} I have made {$u->username} a Member for {$time} hours!\" />");
1429. $u->joinRoom($user->chat, 0, true);
1430. break;
1431.  
1432.  
1433.  
1434. case substr($attr['t'], 1, 1) == 'm':
1435. if (!in_array($user->rank, array(1, 4)) || !$this->higherRank($user->rank, $u->rank, true)) {
1436. break;
1437. }
1438. $time = round(substr($attr['t'], 2), 1);
1439. if (!is_numeric($time) || $time > 24 || $time < 1) {
1440. return $user->sendPacket("<n t=\"Please use the following format\n/m2.5 for 2.5 hours.\nMax:24\nMin:1\" />");
1441. }
1442. $this->mysql->query("delete from `ranks` where `userid`='{$u->id}' and `chatid`='{$user->chat}';");
1443. $this->mysql->query("insert into `ranks`(`userid`, `chatid`, `f`, `tempend`) values('{$u->id}', '{$u->chatid}', 2, " . (time() + ($time * 60 * 60)) . ");");
1444. $user->sendRoom("<m u=\"{$user->id}\" t=\"&lt;i&gt; I have made {$u->username} a moderator for {$time} hours!\" />");
1445. $u->joinRoom($user->chat, 0, true);
1446. break;
1447. default:
1448. $attr['t'] = htmlspecialchars($attr['t']);
1449. $attr['s'] = htmlspecialchars($attr['s']);
1450. $u->sendPacket("<p u=\"{$user->id}\" t=\"{$attr['t']}\" s=\"{$attr['s']}\" />");
1451. return;
1452. }
1453. } else {
1454. $attr['t'] = htmlspecialchars($attr['t']);
1455. $attr['s'] = htmlspecialchars($attr['s']);
1456. $u->sendPacket("<p u=\"{$user->id}\" t=\"{$attr['t']}\" s=\"{$attr['s']}\" />");
1457. if ($this->spamfilter($tag, $user, 700))
1458. break;
1459. }
1460. break;
1461.  
1462. case 'z':
1463. if ($user->switchingPools == true) {
1464. $user->switchingPools = false;
1465. break;
1466. }
1467. if ($this->spamfilter($tag, $user, 1))
1468. break;
1469. $d = $this->getAttribute($packet, 'd');
1470. $u = $this->getUserByID($d);
1471. if (!is_object($u)) {
1472. break;
1473. }
1474. if (!is_object($user)) {
1475. break;
1476. }
1477. $t2 = $this->getAttribute($packet, 't');
1478. $t = substr($t2, 0, 2);
1479. $t3 = substr($t2, 0, 3);
1480. $param = substr($t2, 2);
1481. switch ($t) {
1482. case '/l':
1483. if ($u->hidden == true) {
1484. return false;
1485. }
1486. $str = ((($u->p0 & 32) && ($u->chat != $user->chat)) || !isset($u->group)) ? " t=\"/a_Nofollow\"" : " t=\"/a_on {$u->group}\""; //Nofollow
1487. $user->sendPacket('<z b="1" d="' . $user->id . '" u="' . $u->id . '"' . ( $str ) . ' po="' . $u->dO . '" ' . $u->pStr . 'x="' . $u->xats . '" y="' . $u->days . '" q="3"' . ($u->username == '' ? '' : ' N="' . $u->username . '"') . ' n="' . html_entity_decode(htmlspecialchars_decode(($u->nickname))) . '" a="' . $this->mysql->sanatize($u->avatar) . '" h="' . $this->mysql->sanatize($u->url) . '" v="2" />');
1488. $u->sendPacket('<z b="1" d="' . $u->id . '" u="' . $user->id . '" t="/l" po="' . $user->dO . '" ' . $user->pStr . 'x="' . $user->xats . '" y="' . $user->days . '" q="3"' . ($user->username == '' ? '' : ' N="' . $user->username . '"') . ' n="' . html_entity_decode(htmlspecialchars_decode(($user->nickname))) . '" a="' . $this->mysql->sanatize($user->avatar) . '" h="' . $this->mysql->sanatize($user->url) . '" v="2" />');
1489. break;
1490. case '/a':
1491. break;
1492.  
1493. default:
1494. $t = $this->getAttribute($packet, 't');
1495. $s = $this->getAttribute($packet, 's');
1496. $u->sendPacket("<z u=\"" . $user->id . "\" t=\"" . $t . "\" s=\"" . $s . "\" d=\"" . $u->id . "\" />");
1497. break;
1498. }
1499. break;
1500.  
1501. case 'c':
1502. if ($this->spamfilter($tag, $user, 800))
1503. break;
1504. if ($user->banned > time()) {
1505. return false;
1506. }
1507.  
1508. if ($user->rExpire != 0 && $user->rExpire < time()) {
1509. $this->mysql->query("delete from `ranks` where `userid`={$user->id} and `chatid`='{$user->chat}';");
1510. $this->mysql->query("insert into `ranks`(`userid`, `chatid`, `f`) values({$user->id}, {$user->chat}, 3);");
1511. return $user->joinRoom($user->chat, 0, true);
1512. }
1513.  
1514. $attr = $this->getAttribute($packet, 'u', true);
1515. $t2 = $this->getAttribute($packet, 't');
1516. $uid = $this->getAttribute($packet, 'u');
1517. $game = $this->getAttribute($packet, 'w');
1518. $p = $this->getAttribute($packet, 'p');
1519. $u = $this->getUserByID($attr, $user->chat);
1520. $bchat = $this->mysql->fetch_array("select * from `chats` where `id`='{$user->chat}';");
1521. $blastban = $bchat[0]["blastban"];
1522. $blastkick = $bchat[0]["blastkick"];
1523. $blastpro = $bchat[0]["blastpro"];
1524. $blastde = $bchat[0]["blastde"];
1525. $param3 = substr($t2, 3);
1526. $param = substr($t2, 2);
1527.  
1528. if (!is_object($u)) {
1529. break;
1530. }
1531.  
1532.  
1533.  
1534.  
1535.  
1536.  
1537.  
1538.  
1539. switch (substr($t2, 0, 3)) {
1540. case '/gm':
1541. If ( $this->higherRank( $user->rank, $u->rank, True ) && in_Array( $user->rank, Array(
1542. 1,
1543. 2,
1544. 4
1545. ) ) )
1546. // Mute
1547. {
1548. $verIficar = $this->mysql->fetch_Array( "SELECT * FROM `bans` WHERE userid = {$u->id} AND `chatid` = {$user->chat} AND type = 'f256';" );
1549. If ( !$verIficar[ 0 ][ 'index' ] )
1550. {
1551. $time = $param3 == 0 ? strtotime( "+ 20 years" ) : strtotime( "+ {$param3} seconds" );
1552. $this->mysql->query( "insert into `bans` (`chatid`, `userid`, `unbandate`, `ip`, `type`) values ('{$user->chat}', '{$u->id}', '{$time}', '{$u->ipaddr}', 'f256');" );
1553. $u->joinRoom( $user->chat, False, True, 0 );
1554. $user->sendRoom( '<m p="' . $this->getAttribute( $packet, 'p' ) . '" t="/gm' . $param3 . '" u="' . $user->id . '" d="' . $u->id . '" />', False, $u->id );
1555. $u->banned = $time;
1556. } //!$verIficar[ 0 ][ 'index' ]
1557. Else
1558. {
1559. $this->mysql->query( "delete from `bans` where `chatid`='{$user->chat}' and `userid`='{$u->id}' and type='f256';" );
1560. $u->f -= 256;
1561. $u->joinRoom( $user->chat, 0, True );
1562. }
1563. } //$this->higherRank( $user->rank, $u->rank, True ) && in_Array( $user->rank, Array( 1, 2, 4 ) )
1564. return;
1565.  
1566. case '/gn':
1567. If ( $this->higherRank( $user->rank, $u->rank, True ) && in_Array( $user->rank, Array(
1568. 1,
1569. 2,
1570. 4
1571. ) ) )
1572. // Naughty
1573. {
1574. $verIficar = $this->mysql->fetch_Array( "SELECT * FROM `bans` WHERE userid = {$u->id} AND `chatid` = {$user->chat} AND type = 'f524288';" );
1575. If ( !$verIficar[ 0 ][ 'index' ] )
1576. {
1577. $time = $param3 == 0 ? strtotime( "+ 20 years" ) : strtotime( "+ {$param3} seconds" );
1578. $this->mysql->query( "insert into `bans` (`chatid`, `userid`, `unbandate`, `ip`, `type`) values ('{$user->chat}', '{$u->id}', '{$time}', '{$u->ipaddr}', 'f524288');" );
1579. $u->joinRoom( $user->chat, False, True, 0 );
1580. $user->sendRoom( '<m p="' . $this->getAttribute( $packet, 'p' ) . '" t="/gn' . $param3 . '" u="' . $user->id . '" d="' . $u->id . '" />', False, $u->id );
1581. //$user->sendRoom("<m p=\"{$pee}\" t=\"/k\" u=\"{$user->id}\" d=\"{$u->id}\" />", false);
1582. $this->disconnect($u->index);
1583. $user->sendRoom("<l u=\"{$u->id}\" />");
1584. $u->banned = $time;
1585. } //!$verIficar[ 0 ][ 'index' ]
1586. Else
1587. {
1588. $this->mysql->query( "delete from `bans` where `chatid`='{$user->chat}' and `userid`='{$u->id}' and type='f524288';" );
1589. $u->f -= 524288;
1590. $u->joinRoom( $user->chat, 0, True );
1591. }
1592. } //$this->higherRank( $user->rank, $u->rank, True ) && in_Array( $user->rank, Array( 1, 2, 4 ) )
1593. return;
1594.  
1595. case '/gy':
1596. If ( $this->higherRank( $user->rank, $u->rank, True ) && in_Array( $user->rank, Array(
1597. 1,
1598. 2,
1599. 4
1600. ) ) )
1601. // Yellowcard
1602. {
1603. $verIficar = $this->mysql->fetch_Array( "SELECT * FROM `bans` WHERE userid = {$u->id} AND `chatid` = {$user->chat} AND type = 'f1048576';" );
1604. If ( !$verIficar[ 0 ][ 'index' ] )
1605. {
1606. $time = $param3 == 0 ? strtotime( "+ 20 years" ) : strtotime( "+ {$param3} seconds" );
1607. $this->mysql->query( "insert into `bans` (`chatid`, `userid`, `unbandate`, `ip`, `type`) values ('{$user->chat}', '{$u->id}', '{$time}', '{$u->ipaddr}', 'f1048576');" );
1608. $u->joinRoom( $user->chat, False, True, 0 );
1609. $user->sendRoom( '<m p="' . $this->getAttribute( $packet, 'p' ) . '" t="/gy' . $param3 . '" u="' . $user->id . '" d="' . $u->id . '" />', False, $u->id );
1610. //$user->sendRoom("<m p=\"{$pee}\" t=\"/k\" u=\"{$user->id}\" d=\"{$u->id}\" />", false);
1611. $this->disconnect($u->index);
1612. $user->sendRoom("<l u=\"{$u->id}\" />");
1613. } //!$verIficar[ 0 ][ 'index' ]
1614. Else
1615. {
1616. $this->mysql->query( "delete from `bans` where `chatid`='{$user->chat}' and `userid`='{$u->id}' and type='f1048576';" );
1617. $u->f -= 1048576;
1618. $u->joinRoom( $user->chat, 0, True );
1619. }
1620. } //$this->higherRank( $user->rank, $u->rank, True ) && in_Array( $user->rank, Array( 1, 2, 4 ) )
1621. return;
1622.  
1623. case '/gg':
1624. If ( $this->higherRank( $user->rank, $u->rank, True ) && in_Array( $user->rank, Array(
1625. 1,
1626. 2,
1627. 4
1628. ) ) )
1629. // Gag
1630. {
1631. $verIficar = $this->mysql->fetch_Array( "SELECT * FROM `bans` WHERE userid = {$u->id} AND `chatid` = {$user->chat} AND type = 'f256';" );
1632. If ( !$verIficar[ 0 ][ 'index' ] )
1633. {
1634. $time = $param3 == 0 ? strtotime( "+ 20 years" ) : strtotime( "+ {$param3} seconds" );
1635. $this->mysql->query( "insert into `bans` (`chatid`, `userid`, `unbandate`, `ip`, `type`) values ('{$user->chat}', '{$u->id}', '{$time}', '{$u->ipaddr}', 'f256');" );
1636. $u->joinRoom( $user->chat, False, True, 1 );
1637. $user->sendRoom( '<m p="' . $this->getAttribute( $packet, 'p' ) . '" t="/gg' . $param3 . '" u="' . $user->id . '" d="' . $u->id . '" />', False, $u->id );
1638. //$user->sendRoom("<m p=\"{$pee}\" t=\"/k\" u=\"{$user->id}\" d=\"{$u->id}\" />", false);
1639. $this->disconnect($u->index);
1640. $user->sendRoom("<l u=\"{$u->id}\" />");
1641. $u->banned = $time;
1642. } //!$verIficar[ 0 ][ 'index' ]
1643. Else
1644. {
1645. $this->mysql->query( "delete from `bans` where `chatid`='{$user->chat}' and `userid`='{$u->id}' and type='f256';" );
1646. $u->f -= 256;
1647. $u->joinRoom( $user->chat, 0, True );
1648. }
1649. } //$this->higherRank( $user->rank, $u->rank, True ) && in_Array( $user->rank, Array( 1, 2, 4 ) )
1650. return;
1651.  
1652. case '/gd':
1653. if($this->higherRank($user->rank,$u->rank,true) && in_array($user->rank, array(1, 2, 4)))
1654. { // Dunce
1655. if($u->f & 0x8000)
1656. {
1657. $this->mysql->query("delete from `bans` where `chatid`='{$user->chat}' and `userid`='{$u->id}' or `chatid`='{$user->chat}' and `ip`='{$u->ipaddr}';");
1658. $user->sendRoom('<m t="/u" u="' . $user->id . '" d="' . $u->id . '" />');
1659. $u->sendPacket('<c u="0" d="' . $u->id . '" t="/u" />');
1660. $u->f -= 0x8000;
1661. $u->joinRoom($user->chat, false, true, 0);
1662. }
1663. else
1664. {
1665. $time = $param3 == 0 ? strtotime("+ 20 years") : strtotime("+ {$param3} seconds");
1666. $this->mysql->query("insert into `bans` (`chatid`, `userid`, `unbandate`, `ip`, `type`) values ('{$user->chat}', '{$u->id}', '{$time}', '{$u->ipaddr}', 'f32768');");
1667. if($u->group && $user->hasPower(296))
1668. {
1669. $user->sendRoom('<bl u="'.$user->id.'" d="'.$u->id.'" t="blastdunce" v="1" r="'.$this->BlastCor($u->rank).'" o="'.$this->BlastCargo($u->rank).'" /> ', false);
1670. }
1671. $u->joinRoom($user->chat, false, true, 0);
1672. $user->sendRoom('<m p="'.$this->getAttribute($packet, 'p').'" t="/gd3600'.$param3.'" u="'.$user->id.'" d="'.$u->id.'" w="158" />', false, $u->id);
1673. //$user->sendRoom("<m p=\"{$pee}\" t=\"/k\" u=\"{$user->id}\" d=\"{$u->id}\" />", false);
1674.  
1675. }
1676. }
1677. return;
1678. }
1679.  
1680. switch (substr($t2, 0, 2)) {
1681. case '/r': // Guest
1682. case '/e': // Member
1683. case '/m': // Mod
1684. case '/M': // Owner
1685. $ranks = array(
1686. 'r' => array(array(1, 2, 4), 5),
1687. 'e' => array(array(1, 2, 4), 3),
1688. 'm' => array(array(1, 4), 2),
1689. 'M' => array(array(1), 4)
1690. );
1691.  
1692. $rank = $ranks[substr($t2, 1, 1)];
1693.  
1694. if (in_array($user->rank, $rank[0]) && $this->higherRank($user->rank, $u->rank, true)) {
1695. $this->mysql->query('delete from `ranks` where `userid`=' . $u->id . ' and `chatid`=' . $user->chat . ';');
1696. $this->mysql->query('insert into `ranks`(`userid`, `chatid`, `f`) values(' . $u->id . ', ' . $user->chat . ', ' . $rank[1] . ');');
1697. $p = $this->getAttribute($packet, 'p');
1698. $silent = 'm'; //$user->hasPower(72) && in_array($user->rank, array(1, 4)) && $rank == $ranks['e'] ? 'c' : 'm';
1699. $u->sendPacket('<c p="' . $p . '" t="' . substr($t2, 0, 2) . '" u="' . $user->id . '" d="' . $u->id . '" />');
1700. //$user->sendRoom('<' . $silent . ' p="' . $p . '" t="' . substr($t2, 0, 2) . '" u="' . $user->id . '" d="' . $u->id . '" />');
1701. $user->sendRoom('<m u="' . $user->id . '" d="' . $u->id . '" t="/m" p="' . substr($t2, 1, 1) . '" />');
1702. /*
1703. * Guest: 0x009900
1704. * Member: 0x3366FF
1705. * Moderator: 0xFFFFFF
1706. * Owner: 0xFF9900
1707. */
1708. $cols = array(
1709. "/r" => "0x009900",
1710. "/e" => "0x3366FF",
1711. "/m" => "0xFFFFFF",
1712. "/M" => "0xFF9900"
1713. );
1714. $colIndex = substr($t2, 0, 2);
1715. $blaster = $cols[$colIndex];
1716. $oAttr = array(
1717. "/r" => "r",
1718. "/e" => "e",
1719. "/m" => "m",
1720. "/M" => "M"
1721. );
1722. $oIndex = substr($t2, 0, 2);
1723. $useO = $oAttr[$oIndex];
1724. if (in_array($user->group, $this->hasGroupPowers)) {
1725. $user->sendRoom('<bl u="' . $user->id . '" d="' . $u->id . '" t="blastpro" v="' . $blastpro . '" r="' . $blaster . '" o="' . $useO . '" />', false);
1726. }
1727. $u->joinRoom($user->chat, 0, true);
1728. }
1729. break;
1730.  
1731. case '/g': // Ban
1732. if (in_array($user->rank, array(1, 2, 4)) && $this->higherRank($user->rank, $u->rank, true)) {
1733. if ($user->rank == 2) { // Mod8
1734. $hours = round((($param3 / 60) / 60), 1);
1735. $mod8 = $user->haspower(3);
1736. if ($hours > 6 && !$mod8 || $mod8 && $hours > 8) {
1737. return;
1738. }
1739. }
1740.  
1741. $time = $param3 == 0 ? strtotime("+ 20 years") : strtotime("+ {$param3} seconds");
1742.  
1743. if ($game !== false && is_numeric($game) && $game > 0) {
1744. if ($user->hasPower($game)) {
1745. $this->mysql->query("insert into `bans` (`chatid`, `userid`, `unbandate`, `ip`, `type`) values ('{$user->chat}', '{$u->id}', '{$time}', '{$u->ipaddr}', 'w{$game}');");
1746. $user->sendRoom('<m p="' . $p . '" t="/g' . $param . '" w="' . $game . '" u="' . $user->id . '" d="' . $u->id . '" />');
1747. $u->sendPacket('<c p="' . $p . '" w="' . $game . '" t="/g' . $time . '" u="' . $user->id . '" d="' . $u->id . '" />');
1748. if (in_array($user->group, $this->hasGroupPowers)) {
1749. $user->sendRoom('<bl u="' . $user->id . '" d="' . $u->id . '" t="blastban" v="1" r="' . $this->BlastCor($u->rank) . '" o="' . $this->BlastCargo($u->rank) . '" />', false);
1750. }
1751. $u->joinRoom($user->chat, false, true, 0);
1752. } else {
1753. $user->sendPacket('<n t="You don\'t have that power!" />');
1754. }
1755. } else {
1756. $this->mysql->query("insert into `bans` (`chatid`, `userid`, `unbandate`, `ip`) values ('{$user->chat}', '{$u->id}', '{$time}', '{$u->ipaddr}');");
1757. $user->sendRoom('<m p="' . $this->getAttribute($packet, 'p') . '" t="/g' . $param . '" u="' . $user->id . '" d="' . $u->id . '" />');
1758. $u->sendPacket('<c p="' . $this->getAttribute($packet, 'p') . '" t="/g' . $time . '" u="' . $this->getAttribute($packet, 'u') . '" d="' . $this->getAttribute($packet, 'd') . '" />');
1759. $u->sendRoom("<l u=\"{$u->id}\" />");
1760. if (in_array($user->group, $this->hasGroupPowers)) {
1761. $user->sendRoom('<bl u="' . $user->id . '" d="' . $u->id . '" t="blastban" v="1" r="' . $this->BlastCor($u->rank) . '" o="' . $this->BlastCargo($u->rank) . '" />', false);
1762. }
1763. $u->sendRoom("<l u=\"{$u->id}\" />"); // Left off here [Blasts]
1764. $u->joinRoom($user->chat, false, true, 2);
1765. }
1766. }
1767. break;
1768.  
1769. case "/k": // Kick/Boot
1770. If ( in_Array( $user->rank, Array(
1771. 1,
1772. 2,
1773. 4
1774. ) ) && $this->higherRank( $user->rank, $u->rank, True ) )
1775. {
1776. $args = explode( "#", $pee = $this->getAttribute( $packet, 'p' ) );
1777. If ( count( $args ) == 2 )
1778. {
1779. $chat = $this->mysql->fetch_Array( "select * from `chats` where `id`='{$this->mysql->sanatize($args[1])}' or `name`='{$this->mysql->sanatize($args[1])}';" );
1780. If ( empty( $chat ) )
1781. {
1782. $user->sendPacket( "<n t=\"Este chat nao existe!\" />" );
1783. } //empty( $chat )
1784. Else
1785. {
1786. $user->sendRoom( "<m p=\"{$pee}\" t=\"/k\" u=\"{$user->id}\" d=\"{$u->id}\" />", False );
1787. $u->sendPacket( "<q p2=\"{$pee}\" u=\"{$u->id}\" d2=\"{$user->id}\" r=\"{$chat[0]['id']}\" />" );
1788. $u->joinRoom( $chat[ 0 ][ 'id' ], True );
1789. $user->sendRoom( "<l u=\"{$u->id}\" />" );
1790. }
1791. } //count( $args ) == 2
1792. Else
1793. {
1794. If ( count( $args ) == 3 && !$user->hasPower( 121 ) )
1795. {
1796. $user->sendPacket( "<n t=\"Voce nao tem o power ZAP!\" />" );
1797. } //count( $args ) == 3 && !$user->hasPower( 121 )
1798. Else
1799. {
1800. $user->sendRoom( "<m p=\"{$pee}\" t=\"/k\" u=\"{$user->id}\" d=\"{$u->id}\" />", False );
1801. $u->sendPacket( "<c p=\"{$pee}\" t=\"/k\" u=\"{$user->id}\" d=\"{$u->id}\" />" );
1802. $user->sendRoom( '<bl u="' . $user->id . '" d="' . $u->id . '" t="blastkick" v="' . $blastkick . '" r="' . $this->BlastCor( $u->rank ) . '" o="' . $this->BlastCargo( $u->rank ) . '" />', False );
1803. $this->disconnect( $u->index );
1804. $user->sendRoom( "<l u=\"{$u->id}\" />" );
1805. }
1806. }
1807. } //in_Array( $user->rank, Array( 1, 2, 4 ) ) && $this->higherRank( $user->rank, $u->rank, True )
1808. Else
1809. {
1810. $this->disconnect( $user->index );
1811. }
1812. break;
1813.  
1814. case '/u':
1815. if (in_array($user->rank, array(1, 2, 4)) && ($u->rank == 16 && $this->higherRank($user->rank, $u->rank, true))) {
1816. $this->mysql->query("delete from `bans` where `chatid`='{$user->chat}' and `userid`='{$u->id}' or `chatid`='{$user->chat}' and `ip`='{$u->ipaddr}';");
1817. $user->sendRoom('<m t="/u" u="' . $user->id . '" d="' . $u->id . '" />');
1818. $u->sendPacket('<c u="0" d="' . $u->id . '" t="/u" />');
1819. $u->joinRoom($user->chat, 0, true);
1820. }
1821. break;
1822. }
1823. break;
1824. default:
1825. $this->disconnect($user->index);
1826. break;
1827. }
1828. }
1829.  
1830. public function BlastCor($rank) {
1831. $ranks = array(1, 2, 3, 4, 5);
1832. $cor = "0x009900";
1833. if ($rank == 5)
1834. $cor = "0x009900";
1835. if ($rank == 4)
1836. $cor = "0xFF9900";
1837. if ($rank == 3)
1838. $cor = "0x3366FF";
1839. if ($rank == 2)
1840. $cor = "0xFFFFFF";
1841. if ($rank == 1)
1842. $cor = "X";
1843. return $cor;
1844. }
1845.  
1846. public function BlastCargo($rank) {
1847. $ranks = array(1, 2, 3, 4, 5);
1848. $cargo = "0x009900";
1849. if ($rank == 5)
1850. $cargo = "r"; // Guest
1851. if ($rank == 4)
1852. $cargo = "M"; // Owner
1853. if ($rank == 3)
1854. $cargo = "e"; // Member
1855. if ($rank == 2)
1856. $cargo = "m"; // Mod
1857. if ($rank == 1)
1858. $cargo = "X"; // Main Owner
1859. return $cargo;
1860. }
1861.  
1862. public function mask($packet) {
1863. $length = strlen($packet);
1864.  
1865. if ($length < 126) {
1866. return pack('CC', 0x80 | (0x1 & 0x0f), $length) . $packet;
1867. } elseif ($length < 65536) {
1868. return pack('CCn', 0x80 | (0x1 & 0x0f), 126, $length) . $packet;
1869. } else {
1870. return pack('CCNN', 0x80 | (0x1 & 0x0f), 127, $length) . $packet;
1871. }
1872. }
1873.  
1874. public function unmask($packet) {
1875. try {
1876. $length = ord($packet[1]) & 127;
1877. if ($length == 126) {
1878. $masks = substr($packet, 4, 4);
1879. $data = substr($packet, 8);
1880. } elseif ($length == 127) {
1881. $masks = substr($packet, 10, 4);
1882. $data = substr($packet, 14);
1883. } else {
1884. $masks = substr($packet, 2, 4);
1885. $data = substr($packet, 6);
1886. }
1887.  
1888. $response = '';
1889. $dlength = strlen($data);
1890. for ($i = 0; $i < $dlength; ++$i) {
1891. $response .= $data[$i] ^ $masks[$i % 4];
1892. }
1893.  
1894. return $response == '' ? false : $response;
1895. } catch (Exception $e) {
1896. return false;
1897. }
1898. }
1899.  
1900. public function doLogin($user, $pass) {
1901. /* Variables */
1902. $vals = array();
1903. $p = array();
1904. $pp = '';
1905. $dO = '';
1906. $powerO = '';
1907.  
1908. $user = $this->mysql->fetch_array('select * from `users` where `username`=\'' . $this->mysql->sanatize($user) . '\';');
1909. if (isset($user[0])) {
1910. $bride = $user[0]['d2'] == 0 ? false : $user[0]['bride'];
1911.  
1912. if ((floor(($user[0]['days'] - time()) / (24 * 3600) + 0.3) >= 1 ? floor(($user[0]['days'] - time()) / (24 * 3600) + 0.3) : 0) >= 1) {
1913. $upowers = $this->mysql->fetch_array('select * from `userpowers` where `userid`=' . $user[0]['id'] . ';');
1914. $spowers = $this->mysql->fetch_array('select * from `powers` where `name` not like \'%(Undefined)%\';');
1915.  
1916. foreach ($spowers as $power) {
1917. $vals[$power['id']] = array($power['section'], $power['subid']);
1918. $p[$power['section']] = 0;
1919. }
1920.  
1921. foreach ($upowers as $power) {
1922. if ($power['count'] >= 1 && isset($vals[$power['powerid']]) && isset($p[$vals[$power['powerid']][0]])) {
1923. $str = $power['powerid'] . '=' . ($power['count'] > 1 ? ($power['count'] - 1) : 1) . '|';
1924. $p[$vals[$power['powerid']][0]] += $vals[$power['powerid']][1];
1925. $dO .= $str;
1926. if ($power['count'] > 1) {
1927. $powerO .= $str;
1928. }
1929. }
1930. }
1931.  
1932. foreach ($p as $i => $u) {
1933. $pp .= " d" . (substr($i, 1) + 4) . "=\"{$u}\"";
1934. }
1935. }
1936.  
1937. $this->mysql->query("update `users` set `dO`='{$this->mysql->sanatize($powerO)}' where `username`='{$this->mysql->sanatize($user[0]['username'])}';");
1938.  
1939. return "<v RL=\"1\" i=\"{$user[0]['id']}\" c=\"{$user[0]['xats']}\" dt=\"0\" n=\"{$user[0]['username']}\" k1=\"{$user[0]['k']}\" k2=\"{$user[0]['k2']}\" k3=\"{$user[0]['k3']}\" bride=\"{$bride}\" d0=\"{$user[0]['d0']}\" d1=\"{$user[0]['days']}\" d2=\"{$user[0]['d2']}\" d3=\"\"{$pp} dx=\"{$user[0]['xats']}\" dO=\"{$powerO}\" PowerO=\"{$powerO}\" />";
1940. }
1941. return false;
1942. }
1943.  
1944. public function getUserByID($id, $chat = null) {
1945. if ($id == 2 || $id == 0) {
1946. return false;
1947. }
1948. foreach ($this->users as $user) {
1949. if ($user->id == $id && ($chat == null || $user->chat == $chat)) {
1950. return $user->online ? $user : false;
1951. }
1952. }
1953. return false;
1954. }
1955.  
1956. function higherRank($rank1, $rank2, $minMod = false) {
1957. if ($rank1 == $rank2) {
1958. return false;
1959. }
1960. $order = array(1, 2, 3, 4);
1961. if (in_array($rank1, $order) && !in_array($rank2, $order)) {
1962. return true;
1963. }
1964. if ($rank1 == 1) {
1965. return true;
1966. }
1967. if ($rank1 == 4 && $rank2 != 1) {
1968. return true;
1969. }
1970. if ($rank1 == 2 && $rank2 != 1 && $rank2 != 4) {
1971. return true;
1972. }
1973. if ($minMod == true) {
1974. return false;
1975. }
1976. if ($rank1 == 3 && $rank2 != 1 && $rank2 != 4 && $rank2 != 2) {
1977. return true;
1978. }
1979. return false;
1980. }
1981.  
1982. function objectToArray($object) {
1983. $array = array();
1984. foreach ($object as $member => $data) {
1985. $array[$member] = $data;
1986. }
1987. return $array;
1988. }
1989.  
1990. public function getAttribute($xml, $attName, $reverse = false) {
1991. $att = $this->objectToArray($xml->attributes());
1992. if ($reverse == true) {
1993. array_reverse($att);
1994. }
1995.  
1996. foreach ($att as $a => $b) {
1997. if ($a == $attName) {
1998. $b = htmlspecialchars($b);
1999. return $b;
2000. }
2001. }
2002. return false;
2003. }
2004.  
2005. public function getMultiAttr($xml, $names = array(), $values = array()) {
2006. setType($names, 'array');
2007. if (!method_exists($xml, 'attributes')) {
2008. return array();
2009. }
2010.  
2011. foreach ($names as $u) {
2012. $values[$u] = false;
2013. }
2014.  
2015. foreach ($xml->attributes() as $i => $u) {
2016. if (in_array($i, $names) || empty($names)) {
2017. $values[$i] = ((string) ((string) $u));
2018. }
2019. }
2020.  
2021. return $values;
2022. }
2023.  
2024. public function disconnect($userID, $logout = null, $num = null, $chatid = null) {
2025. if (isset($this->users[$userID]) && $user = $this->users[$userID]) {
2026. if (!is_null($logout) && $user->online) {
2027. $user->sendPacket("<logout />");
2028. }
2029.  
2030. if (is_resource($user->sock)) {
2031. socket_close($user->sock);
2032. $user->sock = null;
2033. }
2034. $user->online = false;
2035.  
2036. return true;
2037. }
2038. return false;
2039. }
2040.  
2041. public function ipban($ip, $dcall = true) {
2042. if (!filter_var($ip, FILTER_VALIDATE_IP)) {
2043. return false;
2044. }
2045.  
2046. $this->ipbans[] = $ip;
2047. if ($dcall == true) {
2048. foreach ($this->users as $u) {
2049. if ($u->ipaddr == $ip) {
2050. $this->disconnect($u->index);
2051. }
2052. }
2053. }
2054. $bans = json_encode($this->ipbans);
2055. $this->mysql->query("update `server` set `ipbans`='{$this->mysql->sanatize($bans)}';");
2056. return true;
2057. }
2058.  
2059. public function ipUnban($ip) {
2060. if (!filter_var($ip, FILTER_VALIDATE_IP)) {
2061. return false;
2062. }
2063. foreach ($this->ipbans as $index => $addr) {
2064. if ($ip == $addr) {
2065. unset($this->ipbans[$index]);
2066. $bans = json_encode($this->ipbans);
2067. $this->mysql->query("update `server` set `ipbans`='{$this->mysql->sanatize($bans)}';");
2068. return true;
2069. } else {
2070. continue;
2071. }
2072. }
2073. return false;
2074. }
2075.  
2076.  
2077.  
2078. public function spamfilter($element, $user, $ms = 800, $time = null, $dc = true) {
2079. if (is_null($time)) {
2080. $time = round(microtime(true) * 1000);
2081. }
2082. if (isset($user->last[$element]) && ($user->last[$element] + $ms) >= $time) {
2083. return (is_null($dc) ? true : $this->disconnect($user->index));
2084. }
2085. $user->last[$element] = $time;
2086. return false;
2087. }
2088.  
2089. }
2090.  
2091. class client {
2092.  
2093. public $sock, $parent;
2094. public $bride, $rank, $id, $username, $nickname, $k, $k2, $k3, $password, $avatar, $url, $powers, $room, $xats, $days, $chat, $banned, $hidden = false, $pool = 0, $switchingPools = false;
2095. public $d0, $d1, $d2, $d3, $d4, $d5, $d6, $dt, $dx, $dO, $p0, $p1, $p2, $p4, $PowerO, $d7, $p3, $homepage, $h, $group, $away = false, $pStr;
2096. public $loginKey = null, $last = array(), $authenticated = null, $online = false, $disconnect = false, $rExpire = 0, $chatPass = false, $pawn = '';
2097. public $mobready = false, $buffer = '';
2098.  
2099. public function __construct(&$socket, &$parent, $index, $ipaddr, $mobile = false) {
2100. list($this->index, $this->sock, $this->parent, $this->ipaddr, $this->mobile) = array(
2101. $index, $socket, $parent, $ipaddr, $mobile
2102. );
2103. }
2104.  
2105. public function resetDetails($id, $bans = null) {
2106. $user = $this->parent->mysql->fetch_array("select * from `users` where `id`='{$this->parent->mysql->sanatize($id)}' and `id` not in(0, 2);");
2107. if (empty($user)) {
2108. $this->guest = true;
2109. } else {
2110. if ($user[0]['username'] == '') {
2111. list($this->guest, $this->k, $this->k2, $this->k3) = array(
2112. true, $user[0]['k'], $user[0]['k2'], $user[0]['k3']
2113. );
2114. } else {
2115. $this->xats = $user[0]['xats'];
2116. $this->days = floor(($user[0]['days'] - time()) / (24 * 3600) + 0.3) >= 1 ? floor(($user[0]['days'] - time()) / (24 * 3600) + 0.3) : 0;
2117. $this->username = $user[0]['username'];
2118. $this->password = $user[0]['password'];
2119. $this->enabled = $user[0]['enabled'];
2120. $this->k = $user[0]['k'];
2121. $this->k2 = $user[0]['k2'];
2122. $this->k3 = $user[0]['k3'];
2123. $this->PowerO = $user[0]['dO'];
2124. $this->powers = $user[0]['powers'];
2125. $this->avatar = $user[0]['avatar'];
2126. $this->url = $user[0]['url'];
2127. $this->d1 = 0;
2128. $this->d2 = $user[0]['d2'];
2129. $this->bride = $user[0]['bride'];
2130. $this->d3 = null;
2131. $this->pawn = $user[0]['custpawn'] == 'off' ? '' : $user[0]['custpawn'];
2132.  
2133. if ($this->mobile) {
2134. $this->nickname = $this->username == '' ? 'Unregistered' : $this->username;
2135. } else {
2136. $this->nickname = explode("##", $user[0]['nickname'], 2);
2137. $this->nickname[0] = htmlspecialchars_decode($this->nickname[0]);
2138. $this->nickname = count($this->nickname) > 1 ? implode("##", $this->nickname) : $this->nickname[0];
2139. }
2140.  
2141. if (true || $user[0]['torched'] != 1) { // Torching - Add Later
2142. if (!$this->getPowers()) {
2143. return false;
2144. }
2145.  
2146. $this->dO = $user[0]['dO'];
2147. }
2148. $this->dt = null;
2149. $this->guest = false;
2150. }
2151.  
2152. $trolls = json_decode($user[0]['trolls'], true);
2153. if (is_array($trolls)) {
2154. foreach ($trolls as $i => $u) {
2155. $this->{$i} = $u;
2156. }
2157. }
2158. }
2159.  
2160. if ($this->guest === true) {
2161. $this->username = '';
2162. }
2163. return true;
2164. }
2165.  
2166. public function getPowers($pV = array()) {
2167. if ($this->days < 1)
2168. {
2169. for ($i = 0; $i <= $this->parent->config->pcount; $this->{'p' . $i++} = 0);
2170. return true;
2171. }
2172.  
2173. $powers = $this->parent->mysql->fetch_array('select * from `userpowers` where `userid`=' . $this->id . ';');
2174. $powerv = $this->parent->mysql->fetch_array('select `id`, `section`, `subid` from `powers` where `name` not like \'%(Undefined)%\';');
2175. $pv = $test = $final = array();
2176. foreach ($powerv as $power) {
2177. $pv[$power['id']] = array('sect' => $power['section'], 'sub' => (int) $power['subid']);
2178. $test[$power['section']] = 0;
2179. $last[$power['section']] = 0;
2180. }
2181.  
2182. foreach ($powers as $power) {
2183. $test[$pv[$power['powerid']]['sect']] += $pv[$power['powerid']]['sub'];
2184. }
2185.  
2186. foreach ($test as $sect => $val) {
2187. if ((int) $val != (int) $this->{$sect . 'v'}) {
2188. return false;
2189. }
2190. }
2191.  
2192. foreach ($powers as $power) {
2193. if (isset($pv[$power['powerid']])) {
2194. $power = $pv[$power['powerid']];
2195. if ((int) $this->{$power['sect'] . 'v'} & $test[$power['sect']]) {
2196. if (!((int) $power['sub'] & $test[$power['sect']])) {
2197. return false;
2198. }
2199.  
2200. if (!($this->{'m' . substr($power['sect'], 1)} & (int) $power['sub'])) {
2201. $last[$power['sect']] += (int) $power['sub'];
2202. }
2203. }
2204. }
2205. }
2206.  
2207. $this->pStr = '';
2208. foreach ($test as $sect => $u) {
2209. $this->{$sect} = $last[$sect];
2210. $this->pStr .= $sect . '="' . $this->{$sect} . '" ';
2211. }
2212.  
2213.  
2214.  
2215.  
2216.  
2217.  
2218.  
2219.  
2220. return true;
2221. }
2222.  
2223.  
2224. public function updateDetails() {
2225. $upowers = $this->parent->mysql->fetch_array('select * from `userpowers` where `userid`=' . $this->id . ';');
2226. $spowers = $this->parent->mysql->fetch_array('select * from `powers` where `name` not like \'%(Undefined)%\';');
2227.  
2228. $vals = array();
2229. $p = array();
2230. $powerO = '';
2231.  
2232. foreach ($spowers as $power)
2233. {
2234. $vals[$power['id']] = array($power['section'], $power['subid']);
2235. $p[$power['section']] = 0;
2236. }
2237.  
2238. foreach ($upowers as $power)
2239. {
2240. if ($power['count'] >= 1 && isset($vals[$power['powerid']]) && isset($p[$vals[$power['powerid']][0]]))
2241. {
2242. $str = $power['powerid'] . '=' . ($power['count'] > 1 ? ($power['count'] - 1) : 1) . '|';
2243. $p[$vals[$power['powerid']][0]] += $vals[$power['powerid']][1];
2244. if ($power['count'] > 1) {
2245. $powerO .= $str;
2246. }
2247. }
2248. }
2249. if ($this->id != 0 && $this->id != 2 && $this->mobile == false) {
2250. $this->parent->mysql->query(
2251. "update `users` set
2252. `nickname`='{$this->parent->mysql->sanatize($this->nickname)}',
2253. `avatar`='{$this->parent->mysql->sanatize($this->avatar)}',
2254. `url`='{$this->parent->mysql->sanatize($this->url)}',
2255. `dO`='{$this->parent->mysql->sanatize($powerO)}',
2256. `connectedlast`='{$this->ipaddr}'
2257. where `id`='{$this->parent->mysql->sanatize($this->id)}';"
2258. );
2259. }
2260. return ($this->id != 0 && $this->id != 2) ? true : false;
2261. }
2262.  
2263. public function hasPower($power) {
2264. list($subid, $section) = array(
2265. pow(2, $power % 32),
2266. $power >> 5
2267. );
2268.  
2269. return $this->{'p' . $section} & $subid ? true : false;
2270. ;
2271. }
2272.  
2273. public function authenticate($packet) {
2274. //print_r($packet->Attributes());
2275. /* Load Packet Information */
2276. /* Load Packet / Values */
2277. $attributes = array('u', 'N', 'k', 'pool', 'f', 'auth1', 'auth2', 'h', 'd0', 'a', 'c', 'banned', 'r');
2278. for ($i = 0; $i <= $this->parent->config->pcount; $i++) {
2279. array_push($attributes, 'd' . ($i + 4));
2280. array_push($attributes, 'm' . $i);
2281. }
2282.  
2283. $info = $this->getMultiAttr($packet, $attributes);
2284.  
2285. for ($i = 0; $i <= $this->parent->config->pcount; $i++) {
2286. $this->{'p' . $i . 'v'} = (int) $info['d' . ($i + 4)];
2287. $this->{'m' . $i} = (int) $info['m' . $i];
2288. }
2289. /* End */
2290. $this->id = (string) $info['u'];
2291. $this->d0 = (integer) $info['d0'];
2292. $this->f = (integer) $info['f'];
2293. $n = (string) $info['N'];
2294. $k = (integer) $info['k'];
2295. $pool = $this->pool;
2296.  
2297.  
2298. if ($this->mobile) {
2299. $this->f |= 0x0200;
2300. }
2301.  
2302.  
2303.  
2304.  
2305.  
2306.  
2307. $this->b = $this->f & 8 ? true : false;
2308. $chat = (int) $info['c'];
2309.  
2310. if ($this->days < 1)
2311. {
2312.  
2313. for ($i = 0; $i <= $this->parent->config->pcount; $i++)
2314. {
2315. $this->pStr .= 'p' . $i . '="0" ';
2316. }
2317. } else {
2318. for ($i = 0; $i <= $this->parent->config->pcount; $i++)
2319. {
2320. $this->{'p' . $i . 'v'} = isset($info['d' . ($i + 4)]) ? $info['d' . ($i + 4)] : 0;
2321. $this->{'m' . $i} = isset($info['m' . $i]) ? $info['m' . $i] : 0;
2322. $this->pStr .= 'p' . $i . '="' . $this->{'p' . $i . 'v'} . '" ';
2323. }
2324. }
2325. /* End */
2326. /* Reset details, Check powers */
2327. if (!$this->resetDetails($this->id)) {
2328. return false;
2329. }
2330. $this->url = (string) $info['h'];
2331. $this->avatar = (string) $info['a'];
2332. $xInfo = $this->parent->mysql->fetch_Array( "select * from `chats` where `id`='{$this->parent->mysql->sanatize($chat)}';" );
2333. $pBot = $this->parent->mysql->fetch_Array( "select * from `chat_powers` where `chat`='{$this->parent->mysql->sanatize($xInfo[0]['name'])}' and power=150;" );
2334. /* End */
2335. /* Bot Protection */
2336. if (!$this->mobile) {
2337. $this->bot1 = (int) $info['auth1'];
2338. $this->bot2 = (int) $info['auth2'];
2339.  
2340.  
2341.  
2342.  
2343.  
2344.  
2345. $bot2 = floor(pow(2, $this->loginShift % 27));
2346. $bot1 = floor(2 << ($this->loginKey % 94)) % $this->loginTime + $this->loginKey;
2347.  
2348. if ($bot1 != $this->bot1 || $bot2 != $this->bot2) {
2349. return false;
2350. }
2351. }
2352. /* End */
2353. /* Chat Password [get main] */
2354. if ($info['r'] !== false) {
2355. $this->chatPass = $info['r'];
2356. }
2357. /* Sanatize Name / Explode Status */
2358. $this->nickname = $this->getAttribute($packet, 'n');
2359. $this->nickname = explode('##', $this->nickname, 2);
2360. if (count($this->nickname) > 1) {
2361. $this->nickname[1] = htmlspecialchars(str_replace("", "", $this->nickname[1]));
2362. $this->nickname = implode('##', $this->nickname);
2363. } else {
2364. $this->nickname = $this->nickname[0];
2365. }
2366. if (strlen($this->nickname) > 255) {
2367. //return false;
2368. }
2369. /* End */
2370. /* Just some information checking for guest system, + user exists */
2371. if ($this->guest == true && isset($this->enabled) && $this->id != 2) {
2372. return false;
2373. } elseif ($this->id != 2 && is_numeric($k)) {
2374. $user = $this->parent->mysql->fetch_array("select * from `users` where `id`='{$this->parent->mysql->sanatize($this->id)}' and `k`='{$this->parent->mysql->sanatize($k)}' and `id`!='' and `k`!='';");
2375. if (empty($user)) {
2376. return false;
2377. } elseif ($user[0]['username'] == 'Unregistered') {
2378. $this->guest = true;
2379. } else {
2380. $this->guest = false;
2381. }
2382. } else {
2383. $this->guest = true;
2384. }
2385. /* End */
2386. $this->updateDetails();
2387. $this->authenticated = true;
2388. return $this->joinRoom($chat, 1, false, $pool);
2389. }
2390.  
2391. public function getAttribute($xml, $name) {
2392. if (method_exists($xml, 'attributes')) {
2393. foreach ($xml->attributes() as $a => $b) {
2394. if ($a == $name)
2395. return (string) $b;
2396. }
2397. }
2398. return false;
2399. }
2400.  
2401. public function getMultiAttr($xml, $names = array(), $values = array()) {
2402. setType($names, 'array');
2403. if (!method_exists($xml, 'attributes')) {
2404. return array();
2405. }
2406. foreach ($names as $u) {
2407. $values[$u] = false;
2408. }
2409. foreach ($xml->attributes() as $i => $u) {
2410. if (in_array($i, $names)) {
2411. $values[$i] = mb_convert_encoding((string) $u, "utf-8");
2412. }
2413. }
2414. return $values;
2415. }
2416.  
2417. public function message($t, $ex = true) {
2418. $this->sendMessage($t, $this->id, 0, false, $ex);
2419. }
2420.  
2421. public function sendMessage($t, $u = '[C]', $i = 0, $s = false, $ex = false) {
2422. if ($u == '[C]')
2423. $u = $this->id;
2424. $packet = "<m t=\"{$t}\" u=\"{$u}\" i=\"{$i}\" />";
2425. $ex != false ? $this->sendRoom($packet, $ex) : $this->sendPacket($packet);
2426. }
2427.  
2428. public function sendPacket($packet) {
2429. if ($this->sock) {
2430. if ($this->mobile == true) {
2431. $packet = simplexml_load_string($packet);
2432. if (!method_exists($packet, 'getName')) {
2433. $this->parent->disconnect($this->sock);
2434. return false;
2435. }
2436.  
2437. $json = new stdClass();
2438. $json->tag = $packet->getName();
2439. foreach ($packet->Attributes() as $i => $u) {
2440. $json->{$i} = (string) $u;
2441. }
2442.  
2443. $packet = json_encode($json);
2444. $packet = $this->parent->mask($packet);
2445. } elseif (substr($packet, -1) != chr(0)) {
2446. $packet .= chr(0);
2447. }
2448.  
2449. // socket_set_nonblock($this->sock);
2450. if (!@socket_write($this->sock, $packet, strlen($packet))) {
2451. $this->parent->disconnect($this->sock);
2452. return false;
2453. }
2454.  
2455. // socket_set_block($this->sock);
2456. return true;
2457. }
2458. }
2459.  
2460. public function sendAll($packet) {
2461. if (stristr($packet, strlen($packet) - 1, 1) != chr(0)) {
2462. $packet = $packet . chr(0);
2463. }
2464. foreach ($this->parent->users as &$user) {
2465. if (!@socket_write($user->sock, $packet, strlen($packet))) {
2466. $this->parent->disconnect($user->index);
2467. }
2468. }
2469. return true;
2470. }
2471.  
2472. public function parseRank($rank) {
2473. $ranks = array(1, 2, 3, 4, 5);
2474. if (!is_numeric($rank)) {
2475. switch (strtolower($rank)) {
2476. case 'guest': return 5;
2477. case 'owner': return 4;
2478. case 'member': return 3;
2479. case 'moderator': return 2;
2480. case 'mainowner': return 1;
2481. default: return 0;
2482. }
2483. } elseif (!in_array($rank, $ranks)) {
2484. return 0;
2485. }
2486. return $rank;
2487. }
2488.  
2489. public function rank($numrank, $word = null, $compare = null) { // Made this for the hell of it
2490. $ranks = array(
2491. 5 => array(5, 'guest'),
2492. 3 => array(4, 'member'),
2493. 2 => array(3, 'moderator'),
2494. 4 => array(2, 'owner'),
2495. 1 => array(1, 'mainOwner')
2496. );
2497. if (!in_array($numrank, $ranks)) {
2498. $rank = $ranks[5];
2499. } else {
2500. $rank = $ranks[$numrank];
2501. }
2502. return is_null($compare) ? (is_null($word) ? $rank[0] : $rank[1]) : ($rank[0] < $ranks[$compare][0] ? true : false);
2503. }
2504.  
2505. public function __destruct() {
2506. /* It's done like this to avoid a bitch of a memory leak */
2507. if (isset($this->id) && !isset($this->noLogout)) {
2508. $this->sendRoom('<l u="' . $this->id . '" />', true);
2509. }
2510. }
2511.  
2512. public function joinRoom($chat, $reload = true, $nodup = false, $pool = 0, $banTick = 0) {
2513. /* Initial Information */
2514.  
2515. list($this->pool, $this->hidden) = array($pool, false);
2516.  
2517. if (!$this->authenticated || !is_numeric($chat) || $chat < 1) {
2518. return false;
2519. }
2520.  
2521. $chat = $this->parent->mysql->fetch_array("select * from `chats` where `id`='{$this->parent->mysql->sanatize($chat)}';");
2522. if (empty($chat)) {
2523. return false;
2524. }
2525.  
2526.  
2527. list($this->chatid, $this->group) = array($chat[0]['id'], $chat[0]['name']);
2528. /* Do Ranks */
2529. $ranks = $this->parent->mysql->fetch_array("select * from `ranks` where `chatid`='{$chat[0]['id']}' and `userid`='{$this->parent->mysql->sanatize($this->id)}';");
2530. if ($this->chatPass !== false) {
2531. if ($this->parent->mysql->validate($this->chatPass, $chat[0]['pass']) === true) {
2532. if (empty($ranks)) {
2533. $this->parent->mysql->query("insert into `ranks`(`userid`, `chatid`, `f`) values({$this->id}, {$this->chatid}, 1);");
2534. } else {
2535. $this->parent->mysql->query("update `ranks` set `f`=1 where `userid`={$this->id} and `chatid`={$this->chatid};");
2536. }
2537. $ranks[0] = array(
2538. 'userid' => $this->id,
2539. 'chatid' => $this->chatid,
2540. 'f' => 1,
2541. 'tempend' => 0
2542. );
2543. }
2544. }
2545. if (!isset($ranks[0]['f'])) {
2546. $ranks[0] = array('f' => 5);
2547. $this->parent->mysql->query("insert into `ranks` (`userid`, `chatid`, `f`) values ('{$this->parent->mysql->sanatize($this->id)}', '{$chat[0]['id']}', '5');");
2548. } elseif ($ranks[0]['tempend'] > 0 && $ranks[0]['tempend'] < time()) {
2549. $ranks[0] = array("f" => 3);
2550. $this->parent->mysql->query("update `ranks` set `f`=3, `tempend`=0 where `userid`={$this->id} and `chatid`={$this->chatid};");
2551. } else {
2552. $userRank = $ranks[0]['f'];
2553. $this->rExpire = $ranks[0]['tempend'] > time() ? $ranks[0]['tempend'] : 0;
2554. }
2555.  
2556. $this->rank = $ranks[0]['f'];
2557.  
2558. if ($this->hasPower(29) && !$this->online && in_array($this->rank & 7, array(1, 4))) {
2559. $this->hidden = true;
2560.  
2561. if (!($this->f & 0x0400)) {
2562. $this->f += 0x0400;
2563. }
2564. } elseif ($this->f & 0x0400) {
2565. $this->f -= 0x0400;
2566. }
2567.  
2568. $this->updateDetails();
2569. $this->resetDetails($this->id, true);
2570. /* End */
2571. /* Update / Check Bans */
2572. $game = '';
2573. $this->banned = 0;
2574. $this->unban = false;
2575. $ban = $this->parent->mysql->fetch_array("select * from `bans` where `userid`='{$this->parent->mysql->sanatize($this->id)}' and `chatid`='{$this->parent->mysql->sanatize($chat[0]['id'])}' or `ip`='{$this->ipaddr}' and `chatid`='{$this->parent->mysql->sanatize($this->chatid)}' order by `unbandate` desc limit 0,1;");
2576. if (!empty($ban) && ($this->id == $ban[0]['userid'] || $this->ipaddr == $ban[0]['ip'])) {
2577. $ban = $ban[0];
2578. if ($ban['unbandate'] >= $this->loginTime) {
2579. if (substr($ban['type'], 0, 1) == 'w') {
2580. $this->rank = 16;
2581. $game = ' w="' . substr($ban['type'], 1) . '"';
2582. } elseif (substr($ban['type'], 0, 1) == 'r') {
2583. $this->rank |= (int) substr($ban['type'], 1);
2584. } elseif (substr($ban['type'], 0, 1) == 'f') {
2585. $this->f |= (int) substr($ban['type'], 1);
2586. } else {
2587. $this->rank = 16;
2588. }
2589.  
2590. if (!($this->f & 0x8000)) { // desban do dunced
2591. $this->banned = $ban['unbandate'];
2592. }
2593.  
2594. if (!($this->f & 0xFF)) { // desban do gag
2595. $this->banned = $ban['unbandate'];
2596. }
2597. } elseif ($this->id == $ban['userid']) {
2598. $this->unban = true;
2599. $this->parent->mysql->query("delete from `bans` where `userid`='{$this->parent->mysql->sanatize($this->id)}' and `chatid`='{$this->parent->mysql->sanatize($chat[0]['id'])}' and `unbandate`<={$this->loginTime};");
2600. }
2601. } elseif (empty($ban) && $this->b == true) {
2602. $this->unban = true;
2603. } elseif (isset($ban['unbandate'])) {
2604. $this->sendPacket("<n t=\"You are banned for " . round(($ban['unbandate'] - time()) / 60, 1) . " more minutes.\" />");
2605. }
2606. /* End */
2607. /* Chat Information */
2608. if (empty($chat[0]['attached'])) {
2609. $chat[0]['attached'] = array('Lobby', '1');
2610. } else {
2611. $info = $this->parent->mysql->fetch_array("select * from `chats` where `name`='{$this->parent->mysql->sanatize($chat[0]['attached'])}';");
2612. if (empty($info) || $info[0]['id'] == $chat[0]['id']) {
2613. $chat[0]['attached'] = array('Lobby', '1');
2614. } else {
2615. $chat[0]['attached'] = array(
2616. 0 => $info[0]['name'],
2617. 1 => $info[0]['id']
2618. );
2619. }
2620. }
2621. if ($chat[0]['attached'][1] == $this->chatid) {
2622. $chat[0]['attached'] = array('0', '0');
2623. }
2624.  
2625.  
2626. if ($this->unban == true) {
2627. $this->sendPacket('<c u="0" d="' . $this->id . '" t="/u" />');
2628. $this->unban = false;
2629. }
2630. $pawn = strlen($this->pawn) == 6 ? ' pawn="' . $this->pawn . '"' : '';
2631.  
2632. $this->sendPacket("<i{$pawn}{$game} b=\"{$chat[0]['bg']};={$chat[0]['attached'][0]};={$chat[0]['attached'][1]};=;={$chat[0]['radio']};={$chat[0]['button']}\" f=\"{$this->f}\" ".($this->days >= 1 ? 'v="3"' : 'v="1"')." r=\"{$this->rank}\" cb=\"10\" />");
2633. $pRankpool = $this->parent->mysql->fetch_Array( "SELECT * FROM `chat_powers` WHERE `chat`='" . $this->group . "' AND `power`=114;" );
2634. $pBanpool = $this->parent->mysql->fetch_Array( "SELECT * FROM `chat_powers` WHERE `chat`='" . $this->group . "' AND `power`=126;" );
2635. If ( !count( $pRankpool ) == 0 )
2636. $this->sendPacket( '<w v="'.$pool.' ' . $chat[0]['pool'] . '" />' );
2637. If ( !count( $pRankpool ) == 1 && !count( $pBanpool ) == 0 )
2638. $this->sendPacket( '<w v="'.$pool.' 0 2" />' );
2639. If ( !count( $pRankpool ) == 0 && !count( $pBanpool ) == 1 )
2640. $this->sendPacket( '<w v="'.$pool.' ' . str_replace('2', '', $chat[0]['pool']) . '" />' );
2641. // $this->sendPacket('<w v="'.$pool.' ' . $chat[0]['pool'] . '" />');
2642. $this->sendPacket($this->buildGp());
2643.  
2644. // $this->sendPacket('<gp p="0|0|1431372864|1074025493|273678340|268435456|16384|1|0|0|0|0|0|" g80="{\'mg\':\'0\',\'mb\':\'11\',\'kk\':\'0\',\'bn\':\'0\',\'ubn\':\'0\',\'prm\':\'0\',\'bge\':\'0\',\'mxt\':50,\'sme\':\'11\',\'dnc\':\'8\'}" g114="{\'m\':\'' . $chat[0]['chat'] . '\',\'t\':\'' . $chat[0]['mods'] . '\',\'rnk\':\'7\',\'b\':\'' . $chat[0]['banned'] . '\',\'v\':1}" g90="' . $chat[0]['badword'] . '" g74="' . $chat[0]['smiles'] . '" g106="' . $chat[0]['gback'] . '" g188="a91" g100="' . $chat[0]['link'] . '" u="1" />');
2645. //@$this->sendPacket('<gp g80="{\'mg\':\'0\',\'mb\':\'11\',\'kk\':\'0\',\'bn\':\'0\',\'ubn\':\'0\',\'prm\':\'0\',\'bge\':\'0\',\'mxt\':50,\'sme\':\'11\',\'dnc\':\'8\'}" g114="{\'m\':\'' . $chat[0]['chat'] . '\',\'t\':\'' . $chat[0]['mods'] . '\',\'rnk\':\'7\',\'b\':\'' . $chat[0]['banned'] . '\',\'v\':1}" g90="' . $chat[0]['badword'] . '" g74="' . $chat[0]['gline'] . '" g106="' . $chat[0]['gback'] . '" g188="a91" g100="' . $chat[0]['link'] . '" p="0|0|1431372864|1074025493|273678340|268435456|16384|1|0|0|0|0|0|" />'); /* End */
2646. /* Check if user is already on chat */
2647. if ($nodup == false) {
2648. while ($r = $this->parent->getUserByID((int) $this->id, (int) $chat[0]['id'])) {
2649. if (is_object($r) && $r->online === true) {
2650. $r->sendPacket("<dup />");
2651. $r->noLogout = true;
2652. $this->parent->disconnect($r->index, true);
2653. }
2654. }
2655. }
2656. /* End */
2657. /* Compile, and send user list */
2658. $this->chat = $chat[0]['id'];
2659. $myNick = explode("##", $this->nickname, 2);
2660. $myNick[0] = htmlspecialchars(html_entity_decode(htmlspecialchars_decode($myNick[0])));
2661. $myNick = count($myNick) > 1 ? implode("##", $myNick) : $myNick[0];
2662.  
2663. $myPack = "<u{$pawn} so=\"1\" f=\"{$this->f}\" flag=\"{$this->f}\" rank=\"{$this->rank}\" u=\"{$this->id}\" ".($this->days >= 1 ? ' q="3"' : ' q="1"') . ($this->username == '' ? '' : " N=\"{$this->username}\"") . " n=\"{$myNick}\" a=\"{$this->avatar}\" h=\"{$this->url}\" d0=\"{$this->d0}\" d2=\"{$this->d2}\" bride=\"{$this->bride}\" {$this->pStr}v=\"1\" />";
2664. $valid = simplexml_load_string($myPack);
2665. if (!method_exists($valid, 'getName')) {
2666. return false;
2667. } else {
2668. foreach ($this->parent->users as $user) {
2669. if ($this->mobile == true && $user->mobile == true && $user->ipaddr == $this->ipaddr && $user->username != $this->username) {
2670. $this->parent->disconnect($user->index);
2671. }
2672.  
2673. if ($user->chat == $chat[0]['id'] && $user->id != $this->id && $user->pool == $this->pool) {
2674. if (!in_array($user->id, array(0, 2)) && $user->hidden == false) {
2675. $user->bride = $user->d2 == 0 ? null : $user->d2;
2676. $nick = explode('##', $user->nickname, 2);
2677. $nick[0] = htmlspecialchars(html_entity_decode(htmlspecialchars_decode($nick[0])));
2678. $nick = count($nick) > 1 ? implode('##', $nick) : $nick[0];
2679. $pawn = strlen($user->pawn) == 6 ? ' pawn="' . $user->pawn . '"' : '';
2680.  
2681. $packet = "<u{$pawn} flag=\"{$user->f}\" s=\"1\" f=\"{$user->f}\" rank=\"{$user->rank}\" u=\"{$user->id}\" ".($user->days >= 1 ? ' q="3"' : ' q="1"') . ($user->username == '' ? '' : " N=\"{$user->username}\"") . " n=\"{$nick}\" a=\"{$user->avatar}\" h=\"{$user->url}\" d0=\"{$user->d0}\" d2=\"{$user->d2}\" bride=\"{$user->bride}\" {$user->pStr}v=\"1\" />";
2682. $valid = simplexml_load_string($packet);
2683.  
2684. if (method_exists($valid, 'getName')) {
2685. $this->sendPacket($packet);
2686. } else {
2687. $this->parent->disconnect($user->index);
2688. continue;
2689. }
2690. }
2691.  
2692. if (!in_array($this->id, array(0, 2)) && $this->hidden == false) {
2693. $user->sendPacket($myPack);
2694. }
2695. }
2696. }
2697. }
2698. /* End */
2699. /* Send Previous Messages (15) */
2700. if ($reload == true) {
2701. $messages = $this->parent->mysql->fetch_array("select * from `messages` where `id`='{$chat[0]['id']}' and `pool`={$this->pool} order by time desc limit 0,15;");
2702. for ($i = 0; $i < count($messages); $i++) {
2703. $message = $messages[count($messages) - $i - 1];
2704. if ($message['visible'] == '1') {
2705. $this->sendPacket("<m u=\"{$message['uid']}\" n=\"{$message['name']}\" N=\"{$message['registered']}\" a=\"{$message['avatar']}\" i=\"{$message['mid']}\" t=\"{$message['message']}\" s=\"1\" />");
2706. }
2707. }
2708. unset($messages);
2709. unset($message);
2710. }
2711. /* End */
2712. $this->sendPacket("<done />");
2713. /* Other info, scrollies, protection meh */
2714. $this->sendPacket("<m u=\"{$chat[0]['ch']}\" t=\"/s{$chat[0]['sc']}\" />");
2715.  
2716. if (isset($this->parent->protected[$this->chat])) {
2717. $time = floor(($this->parent->protected[$this->chat]['end'] - time()) / 60);
2718. switch ($this->parent->protected[$this->chat]['type']) {
2719. case 'noguest':
2720. $this->sendPacket("<z d=\"0\" u=\"0\" t=\"This chat is protected for another {$time} minutes. Guests cannot chat until given a higher rank.\" />");
2721. break;
2722. case 'unreg':
2723. $this->sendPacket("<z d=\"0\" u=\"0\" t=\"This chat is protected for another {$time} minutes. Unregistered users cannot chat until given a higher rank.\" />");
2724. break;
2725. }
2726. } elseif ($this->f & 1 && 1 == 2) {
2727. $this->sendPacket("<logout e=\"E12\" />");
2728. }
2729.  
2730. $this->online = true;
2731. /* End */
2732. return true;
2733. }
2734.  
2735. public function buildGp( )
2736. {
2737. $gdata = $this->parent->mysql->fetch_Array( "SELECT * FROM `chats` WHERE `name`='" . $this->group . "';" );
2738. $pBad = $this->parent->mysql->fetch_Array( "SELECT * FROM `chat_powers` WHERE `chat`='" . $this->group . "' AND `power`=90;" );
2739. $pAnnounce = $this->parent->mysql->fetch_Array( "SELECT * FROM `chat_powers` WHERE `chat`='" . $this->group . "' AND `power`=112;" );
2740. $pGback = $this->parent->mysql->fetch_Array( "SELECT * FROM `chat_powers` WHERE `chat`='" . $this->group . "' AND `power`=130;" );
2741. $pGline = $this->parent->mysql->fetch_Array( "SELECT * FROM `chat_powers` WHERE `chat`='" . $this->group . "' AND `power`=74;" );
2742. $gp = "<gp ";
2743. $gp .= "p=\"0|0|1431655744|1079334229|290459972|269549572|16645|272646145|4194305|0|0|0|0|\" ";
2744. $gp .= "g80=\"{'mm':'14','mbt':48,'ss':'14','prm':'14','dnc':'14','bdg':'8'}\" ";
2745. $gp .= "g148=\"{'ef':'0','bk':'0','col':'','v':'32'}\" ";
2746. If ( !count( $pBad ) == 0 )
2747. $gp .= "g90=\"{$gdata[0]['bad']}\" ";
2748. If ( !count( $pAnnounce ) == 0 )
2749. {
2750. $gp .= "g112=\"{$gdata[0]['announce']}\" ";
2751. } //!count( $pAnnounce ) == 0
2752. $gp .= "g246=\"{'dt':70,'v':1}\" ";
2753. $gp .= "g256=\"{'rnk':'2','dt':65,'rt':15,'rc':'1','tg':200,'v':1}\" ";
2754. //$gp .= "g278=\"{'ef':'0','bk':'0','v':1}\" ";
2755. If ( $gdata[ 0 ][ 'pools' ] != null )
2756. {
2757. $gp .= "g114=\"{'m':'{$gdata[0]['rankpool']}','t':'{$gdata[0]['staffpool']}','rnk':'7','b':'{$gdata[0]['banned']}','v':2}\" ";
2758. } //$gdata[ 0 ][ 'pools' ] != null
2759. $gp .= "g100=\"{$gdata[0]['link']}\" ";
2760. If ( !count( $pGline ) == 0 )
2761. $gp .= "g74=\"{$gdata[0]['gline']}\" ";
2762. If ( !count( $pGback ) == 0 )
2763. $gp .= "g106=\"{$gdata[0]['gback']}\" ";
2764. $gp .= "/>";
2765. return $gp;
2766. }
2767.  
2768. public function sendRoom($packet, $passme = false, $exclude = 0) {
2769. foreach ($this->parent->users as $user) {
2770. if (
2771. $user->chat == $this->chat &&
2772. $user->id != $exclude &&
2773. (
2774. isset($user->pool) &&
2775. isset($this->pool) &&
2776. $user->pool == $this->pool
2777. )
2778. ) {
2779. if ($user->id != $this->id || $passme == false) {
2780. $user->sendPacket($packet);
2781. }
2782. }
2783. }
2784. }
2785.  
2786. public function noToRank($rank){
2787. if ($rank >= 14){
2788. return 'o';
2789. };
2790. if ($rank >= 10){
2791. return 'M';
2792. };
2793. if ($rank >= 7){
2794. return 'm';
2795. };
2796. if ($rank >= 3){
2797. return 'e';
2798. };
2799. return 'r';
2800. }
2801.  
2802. }
2803.  
2804. class database {
2805.  
2806. public $link, $host, $user, $pass, $name;
2807. public $doe = true;
2808.  
2809. public function __construct($host = null, $user = null, $pass = null, $name = null) {
2810. if ($name != null) {
2811. $this->host = $host;
2812. $this->user = $user;
2813. $this->pass = $pass;
2814. $this->name = $name;
2815. }
2816.  
2817. if (!$this->connected()) {
2818. $this->link = @mysqli_connect($this->host, $this->user, $this->pass, $this->name);
2819. if (!$this->connected()) {
2820. $this->error("Failed to connect to `{$this->host}`.`{$this->name}` using password [" . (empty($this->pass) ? "NO" : 'YES') . "]");
2821. }
2822. } return true; // Cause I can put it there if I want to
2823. }
2824.  
2825. public function connected() {
2826. return @mysqli_ping($this->link) ? true : false;
2827. }
2828.  
2829. public function error($error) {
2830. print $error . chr(10);
2831. if ($this->doe == true) {
2832. exit('line:' . __LINE__);
2833. }
2834. }
2835.  
2836. public function query($query = "") {
2837. if (!is_string($query)) {
2838. return false;
2839. }
2840. $this->__construct();
2841. $return = mysqli_query($this->link, $query);
2842. return $return ? $return : false;
2843. }
2844.  
2845. public function fetch_array($query, $return = array()) {
2846. $this->__construct();
2847. if (!is_string($query) || !($res = $this->query($query))) {
2848. return array();
2849. }
2850. while ($data = mysqli_fetch_assoc($res)) {
2851. $return[] = $data;
2852. }
2853. return !empty($return) ? $return : array();
2854. }
2855.  
2856. public function sanatize($data) {
2857. if (is_array($data)) {
2858. return array_map(array($this, 'sanatize'), $data);
2859. }
2860. if (function_exists("mb_convert_encoding")) {
2861. $data = mb_convert_encoding($data, "UTF-8", 'auto');
2862. }
2863. return $this->link->real_escape_string($data);
2864. }
2865.  
2866. public function rand($length = 32, $low = true, $upp = true, $num = true, $indent = false) {
2867. $chars = array_merge(
2868. $low ? range('a', 'z') : array(), $upp ? range('A', 'Z') : array(), $num ? range('0', '9') : array()
2869. );
2870. for ($rand = ""; strlen($rand) < $length; $rand .= $chars[array_rand($chars)])
2871. ;
2872. if ($indent != false) {
2873. $rand = implode('-', str_split($rand, $indent));
2874. }
2875. return $rand;
2876. }
2877.  
2878. static function urs($x, $y) {
2879. return ($x >> $y) & (2147483647 >> ($y - 1));
2880. }
2881.  
2882. public function hash($str, $rawsalt = '', $hash = 'sha512') {
2883. if ($rawsalt == '') {
2884. $rawsalt = $this->rand(((strlen($str) % 3) + 1) * 5);
2885. }
2886.  
2887. $loc = array(hash('sha1', $rawsalt), hash('sha1', $str), '');
2888. foreach (str_split($loc[0], 1) as $index => $character) {
2889. $loc[2] .= $character . $loc[1][$index];
2890. }
2891.  
2892. $hash = hash($hash, $loc[2]);
2893. return substr_replace($hash, $rawsalt, (strlen($str) << 2) % strlen($hash), 0);
2894. }
2895.  
2896. public function validate($str, $hash, $engine = 'sha512') {
2897. $salt = substr($hash, (strlen($str) << 2) % strlen(hash($engine, 1)), ((strlen($str) % 3) + 1) * 5);
2898. return $this->hash($str, $salt, $engine) === $hash ? true : false;
2899. }
2900.  
2901. public function hashPass($pass, $salt = null, $hashtype = 'sha512', $hash = "") {
2902. return $this->hash($pass, $salt, $hashtype);
2903. }
2904.  
2905. public function checkPass($input, $real, $hash = 'sha512') {
2906. return $this->validate($input, $real, $hash);
2907. }
2908.  
2909. }