<?phpsession_start();include "l/info.php";ini_set('display_errors',1);in

1. <?php
2. session_start();
3. include "l/info.php";
4. ini_set('display_errors',1);
5. ini_set('display_startup_erros',1);
6. error_reporting(E_ALL);
7. ini_set("magic_quotes_runtime", 0);
8. date_default_timezone_set('Brazil/East');
9. $servername = "mn20cf.com.mysql";
10. $username = "mn20cf_com_herox";
11. $password = "herox762762";
12. $dbname = "mn20cf_com_herox";
13. $conn = new mysqli($servername, $username, $password, $dbname);
14. if ($conn->connect_error) {
15. die("Connection failed: " . $conn->connect_error);
16. }
17. function anti_injection($sql)
18. {
19. $sql = trim($sql);
20. $sql = strip_tags($sql);
21. $sql = addslashes($sql);
22. $sql = utf8_decode($sql);
23. return $sql;
24. }
25. $co = $_COOKIE['info'];
26. $info = explode("&", $co);
27. $usuario = $info[0];
28. if($usuario == 'herox'){
29.  
30. } else {
31. die();
32. }
33. if($usuario == ''){
34. die();
35. }
36. if(isset($_SESSION['flood'])){
37. if(time() > $_SESSION['flood']){
38. session_destroy();
39. } else {
40. die("antflood");
41. }
42. }
43. $data = date("d/m/y H:m:s");
44. $sql = "SELECT * FROM ban WHERE usuario='$usuario'";
45. $result = $conn->query($sql);
46. $sql1 = "SELECT * FROM kick WHERE usuario='$usuario'";
47. $result1 = $conn->query($sql1);
48. $ranksql = "SELECT * FROM herox WHERE husuario='$usuario'";
49. $rankresult = $conn->query($ranksql);
50. $rank = $rankresult->fetch_array();
51. $rank = $rank['rank'];
52. if($result->num_rows == 1){
53. die("banido");
54. }
55. if($result1->num_rows == 1){
56. die("kickado");
57. }
58. if(isset($_GET['env']) == 'true'){
59.  
60.  
61. if(isset($_COOKIE['f'])){
62. $cookie = $_COOKIE['f'];
63. if($rank == 1){
64. setcookie("f", "0", time() + 10);
65. }
66. if($_COOKIE['f'] == 5 && $rank == 0){
67. setcookie("f", "6", time() + 1500);
68. $sql = "INSERT INTO chat_logs values(null,'<font color=red>HeroxBot</font>','O $usuario foi mutado por 25minutos por flood','$data')";
69. $conn->query($sql);
70. $_SESSION['flood'] = time() + (30 * 60);
71. die("antiflod");
72. }
73. if($_COOKIE['f'] >= 6 && $rank == 0){
74. die("antiflod");
75. }
76. setcookie("f", $cookie+1, time() + 10);
77. } else {
78. setcookie("f", "1", time() + 10);
79. }
80. $message = anti_injection($_GET['msg']);
81. $messagerry = array("project",".tk","habbo-project","http://projectshabbo.br22.net/","http://projectshabbo.br22.net/Scorpion2014","http://projectshabbo.br22.net/Scorpion2014/index.php","barrar","gq","projectshabbo","http://1tapprojects.com","1tapprojects","http://1tapprojects.com/hb/Scorpion2014/","Scorpion2014","goo.gl/bk06VJ","bk06VJ","scorpion","SCORPION","1tap","secdet.com.br","http","www","://","secdet");
82. $message = str_replace($messagerry, '<font color=red>bobba</font>', $message);
83. if($message == ''){
84. exit();
85. }
86. if(strstr($message, ':limpar') && $rank == 1){
87. $sql2 = "TRUNCATE chat_logs";
88. $conn->query($sql2);
89. exit;
90. }
91. if(strstr($message, ':ban') && $rank == 1){
92. $data = date("d/m H:i");
93. $ex = explode(" ",$message);
94. $sql2 = "INSERT INTO ban values(null,'$ex[1]','$ex[2]')";
95. $conn->query($sql2);
96. $sql = "INSERT INTO chat_logs values(null,'<font color=red>HeroxBot</font>','O $ex[1] foi banido do Herox','$data')";
97. $conn->query($sql);
98. exit();
99. }
100. if(strstr($message, ':desban') && $rank == 1){
101. $data = date("d/m H:i");
102. $ex = explode(" ",$message);
103. $sql2 = "DELETE FROM ban where usuario='$ex[1]'";
104. $conn->query($sql2);
105. $sql2 = "INSERT INTO chat_logs values(null,'<font color=red>HeroxBot</font>','O $ex[1] foi desbanido do Herox','$data')";
106. $conn->query($sql2);
107. exit();
108. }
109.  
110. if(strstr($message, ':kick') && $rank == 1){
111. $data = date("d/m H:i");
112. $ex = explode(" ",$message);
113. $sql1 = "INSERT INTO kick values('$ex[1]')";
114. $conn->query($sql1);
115. $sql2 = "INSERT INTO chat_logs values(null,'<font color=red>HeroxBot</font>','O $ex[1] foi kickado do Herox','$data')";
116. $conn->query($sql2);
117. exit();
118. }
119. if(strstr($message, ':presentes')){
120. $data = date("d/m H:i");
121. $a = "SELECT * FROM logs WHERE owner='$usuario'";
122. $aa = $conn->query($a);
123. $aaa = $aa->num_rows;
124. $sql2 = "INSERT INTO chat_logs values(null,'<font color=red>HeroxBot</font>','Olá <b>$usuario</b> vc tem $aaa presentes','$data')";
125. $conn->query($sql2);
126. exit();
127. }
128. if(strstr($message, ':deletar')){
129. $data = date("d/m H:i");
130. $sql2 = "DELETE FROM logs WHERE owner='$usuario'";
131. $conn->query($sql2);
132. $sql2 = "INSERT INTO chat_logs values(null,'<font color=red>HeroxBot</font>','<b>$usuario</b> limpou seus presentes','$data')";
133. $conn->query($sql2);
134. exit;
135. }
136. $sql2 = "INSERT INTO chat_logs values(null,'$usuario','$message','$data')";
137. $data = date("d/m H:i");
138. $conn->query($sql2);
139. } else if(isset($_GET['get']) == 'true'){
140. if(!isset($_GET['id'])){
141. die();
142. }
143. $id = $_GET['id'];
144. $arr = array();
145. $per = 0;
146. $sql1 = "SELECT id FROM chat_logs";
147. $result1 = $conn->query($sql1);
148. $idc=$result1->num_rows;
149. $sql = "SELECT * FROM chat_logs WHERE id>'$id' ORDER BY id DESC LIMIT 20";
150. $result = $conn->query($sql);
151. if ($result->num_rows > 0) {
152. while($row = $result->fetch_array()) {
153. $per = 1;
154. $arr[] = array(
155. 'id' => $row['id'],
156. 'usuario' => $row['usuario'],
157. 'message' => utf8_encode($row['message']),
158. 'data' => $row['data']
159. );
160. }
161. } else {
162. $per = 0;
163. }
164. echo json_encode(array('per' => ''.$per.'','id' => $idc,'message' => $arr));
165. $conn->close();
166. }
167. ?>