1337

1. <?php
2. $logenable = true;
3. $debug = false;
4. $x = 90;
5. $y = 90;
6. $resized = imagecreatetruecolor($x,$y);
7.  
8. function loginfo($value){
9.     $file = 'LogsFile.txt';
10.     $current = file_get_contents($file);
11.     $tolog = "[".date("F j, Y, g:i a")."] - [" . $_SERVER['REMOTE_ADDR'] . "]" . "   ||   " . $value;
12.     $current .= $tolog."\n";
13.     file_put_contents($file, $current);
14. }
15.  
16. function LoadPNG($ext,$imgname)
17. {
18.     /* Attempt to open */
19.     if($ext == "png"){
20.         $im = @imagecreatefrompng($imgname);
21.         header('Content-Type: image/png');
22.     }else if($ext == "jpg"){
23.         $im = @imagecreatefromjpeg($imgname);
24.         header('Content-Type: image/jpeg');
25.     }else if($ext == "gif"){
26.         $im = imagecreatefromgif($imgname);
27.         header('Content-Type: image/gif');
28.     }
29.     return $im;
30. }
31.  
32. $api = "http://test.reactiongaming.us/api.php";
33. $hash = "API_HASH_HERE";
34. if(isset($_GET['id'])){
35.     //api.php?action=getAvatar&value=USERNAME&hash=API_KEY
36.     $id = $_GET['id'];
37.     $apigetav = $api."?action=getuserbyid&value=".$id."&hash=".$hash;
38.     $ch = curl_init();
39.     curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
40.     curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
41.     curl_setopt($ch, CURLOPT_URL,$apigetav);
42.     $result = json_decode(curl_exec($ch),true);
43.     $avatarlink = "http://test.reactiongaming.us/data/avatars/m/0/".$id.".jpg?".$result[0]['avatar_date'];
44.     if($result[0]['gender'] == "male"){
45.         if($result[0]['avatar_date']){
46.             $img = LoadPNG("jpg",$avatarlink);
47.         }else{
48.             $img = LoadPNG("png","http://test.reactiongaming.us/styles/default/xenforo/avatars/avatar_male_m.png");
49.         }
50.     }else if($result[0]['gender'] == "female"){
51.         if($result[0]['avatar_date']){
52.             $img = LoadPNG("jpg",$avatarlink);
53.         }else{
54.             $img = LoadPNG("png","http://test.reactiongaming.us/styles/default/xenforo/avatars/avatar_female_m.png");
55.         }  
56.     }else{
57.         if($result[0]['avatar_date']){
58.             $img = LoadPNG("jpg",$avatarlink);
59.         }else{
60.             $img = LoadPNG("png","http://test.reactiongaming.us/styles/default/xenforo/avatars/avatar_m.png");
61.         }      
62.     }
63.     imagecopyresampled($resized, $img, 0, 0, 0, 0, $x, $y, imagesx($img), imagesy($img));
64.     imagepng($resized);
65.     imagedestroy($img);
66.     loginfo('Avatar Request ID #'.$_GET['id']);
67.     break;
68. }else if(isset($_POST['user']) && isset($_POST['pass'])){
69.         loginfo("Received POST Request.");
70.         $username = $_POST['user'];
71.         $password = $_POST['pass'];
72.         $auth_url = $api."?action=authenticate&username=".$username."&password=".$password;
73.         $ch = curl_init();
74.         curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
75.         curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
76.         curl_setopt($ch, CURLOPT_URL,$auth_url);
77.         $auth_result = json_decode(curl_exec($ch),true);
78.         $hashkey = $auth_result['hash'];
79.         if(isset($hashkey)){
80.             $getuserinfo_req = $api."?action=getUser&value=".$username."&hash=".$hash;
81.             curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
82.             curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
83.             curl_setopt($ch, CURLOPT_URL,$getuserinfo_req);
84.             $getuserinfo_result = json_decode(curl_exec($ch),true);
85.             $name = $getuserinfo_result['username'];
86.             $userid = $getuserinfo_result['user_id'];
87.             $useremail = $getuserinfo_result['email'];
88.             if($getuserinfo_result['is_banned'] == 1){
89.                 echo "fail#You have been permanently banned from ReactM, which means you cannot play online again.#1#Anonymous#anonymous@example.com#0#";
90.                 loginfo($name . " , Banned user, tried to connect.");
91.                 die();
92.                 }else{
93.                     if($getuserinfo_result['user_state'] == "email_confirm"){
94.                         echo "fail#Account not activated, please check your email inbox.#1#Anonymous#anonymous@example.com#0#";
95.                         loginfo($name . " tried to connect with innactive account.");
96.                         die();
97.                     }else{
98.                         if($getuserinfo_result['is_admin'] == 1 || $getuserinfo_result['is_staff'] == 1){
99.                             echo "ok#Success.#".$userid."#".$name."#".$useremail."#1337#";
100.                             loginfo('Staff/Admin connected ['.$name.'].');
101.                             die();
102.                         }else{
103.                             echo "ok#Success.#".$userid."#".$name."#".$useremail."#1337#";
104.                             loginfo("Player connected [".$name."].");
105.                             die();
106.                         }
107.                     }
108.                 }
109.             }else if(isset($auth_result['error'])){
110.                 if($debug){
111.                     loginfo("Failed to login with username ".$_POST['user']." and password ".$_POST['pass'].".");
112.                 }else{
113.                     loginfo("failed to login [".$_POST['user']."]");   
114.                 }
115.                 echo "fail#Bad Username and Password Combination.#1#Anonymous#anonymous@example.com#0#";
116.                 die();
117.         }
118.         curl_close($ch);
119.         break;
120. }else{
121.     loginfo("tried to access script directly.");
122.     echo "gtfo m9, dun ivin trai.";
123.     die();
124. }
125. ?>