API

1. <?php
2. class MyRBLXClass
3. {
4. protected $encryption = 'sha256';
5. protected $dir = '7f25c7e2395c5f577842ff923f51f1e008909daef9dd560e71656a6bb4d231d0/';
6. public $user = 'Realist_Cube';
7.  
8. // Functions used by other functions
9. protected function file_get_contents_curl($url)
10. {
11. $ch = curl_init();
12.  
13. curl_setopt($ch, CURLOPT_HEADER, 0);
14. curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); //Set curl to return the data instead of printing it to the browser.
15. curl_setopt($ch, CURLOPT_URL, $url);
16.  
17. $data = curl_exec($ch);
18. curl_close($ch);
19.  
20. return $data;
21. }
22. protected function file_get_contents_cookie($url)
23. {
24. $rs = $this->dir . hash($this->encryption, $this->user);
25.  
26. $get_page_data = curl_init($url);
27. curl_setopt_array($get_page_data,
28. array(
29. CURLOPT_RETURNTRANSFER => true,
30. CURLOPT_HTTPHEADER => array("Cookie: $rs")
31. )
32. );
33. return $get_page_data;
34. }
35. protected function get_redirect_url($url)
36. {
37. $redirect_url = null;
38.  
39. $url_parts = @parse_url($url);
40. if (!$url_parts) return false;
41. if (!isset($url_parts['host'])) return false; //can't process relative URLs
42. if (!isset($url_parts['path'])) $url_parts['path'] = '/';
43. $sock = fsockopen($url_parts['host'], (isset($url_parts['port']) ? (int)$url_parts['port'] : 80), $errno, $errstr, 30);
44. if (!$sock) return false;
45.  
46. $request = "HEAD " . $url_parts['path'] . (isset($url_parts['query']) ? '?'.$url_parts['query'] : '') . " HTTP/1.1\r\n";
47. $request .= 'Host: ' . $url_parts['host'] . "\r\n";
48. $request .= "Connection: Close\r\n\r\n";
49. fwrite($sock, $request);
50. $response = '';
51. while(!feof($sock)) $response .= fread($sock, 8192);
52. fclose($sock);
53.  
54. if (preg_match('/^Location: (.+?)$/m', $response, $matches)){
55. if ( substr($matches[1], 0, 1) == "/" )
56. return $url_parts['scheme'] . "://" . $url_parts['host'] . trim($matches[1]);
57. else
58. return trim($matches[1]);
59. } else {
60. return false;
61. }
62. }
63. protected function get_all_redirects($url)
64. {
65. $redirects = array();
66. while ($newurl = $this->get_redirect_url($url)){
67. if (in_array($newurl, $redirects))
68. break;
69.  
70. $redirects[] = $newurl;
71. $url = $newurl;
72. }
73. return $redirects;
74. }
75.  
76. protected function get_final_redirect($url)
77. {
78. $redirects = $this->get_all_redirects($url);
79. if (count($redirects)>0)
80. return array_pop($redirects);
81.  
82. return $url;
83. }
84. protected function xpath($url,$path)
85. {
86. libxml_use_internal_errors(true);
87. $dom = new DomDocument;
88. $dom->loadHTML($this->file_get_contents_curl($url));
89. $xpath = new DomXPath($dom);
90. return $xpath->query($path);
91. }
92.  
93. protected function post_with_data($url,$data)
94. {
95. $ch = curl_init();
96. curl_setopt ($ch, CURLOPT_URL, $url);
97. curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
98. curl_setopt ($ch, CURLOPT_USERAGENT, "Googlebot/2.1");
99. curl_setopt ($ch, CURLOPT_TIMEOUT, 60);
100. curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, 0);
101. curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
102. curl_setopt ($ch, CURLOPT_COOKIEJAR, $this->do_hash($this->user));
103. curl_setopt ($ch, CURLOPT_COOKIEFILE, $this->do_hash($this->user));
104. curl_setopt ($ch, CURLOPT_REFERER, $url);
105.  
106. curl_setopt ($ch, CURLOPT_POSTFIELDS, $data);
107. curl_setopt ($ch, CURLOPT_POST, 1);
108.  
109. return curl_exec ($ch);
110. }
111.  
112. protected function request_with_cookie($url)
113. {
114. $ch = curl_init();
115. curl_setopt ($ch, CURLOPT_URL, $url);
116. curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
117. curl_setopt ($ch, CURLOPT_USERAGENT, "Googlebot/2.1");
118. curl_setopt ($ch, CURLOPT_TIMEOUT, 60);
119. curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, 0);
120. curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
121. curl_setopt ($ch, CURLOPT_COOKIEJAR, $this->do_hash($this->user));
122. curl_setopt ($ch, CURLOPT_COOKIEFILE, $this->do_hash($this->user));
123. curl_setopt ($ch, CURLOPT_REFERER, $url);
124.  
125. return curl_exec ($ch);
126. }
127.  
128. protected function remove_cookie()
129. {
130. unlink($this->do_hash($this->user));
131. }
132.  
133. protected function do_hash($var)
134. {
135. return $this->dir . '/' . hash($this->encryption, $var);
136. }
137.  
138. protected function get_verification_token($url,$bool=true)
139. {
140. $c = ($bool == false ? $url : $this->request_with_cookie($url));
141. $preg = preg_match('/<input name="__RequestVerificationToken" type="hidden" value="(.*?)"/', $c , $matches);
142. if(!$preg)
143. return false;
144.  
145. return $matches[1];
146. }
147.  
148. protected function get_defined_token($page,$token)
149. {
150. $preg = preg_match('/<input type="hidden" name="'.$token.'" id="'.$token.'" value="(.*?)"/', $page, $matches);
151. if(!$preg)
152. return false;
153.  
154. return $matches[1];
155. }
156.  
157. protected function get_x_csrf_token($url)
158. {
159. $preg = preg_match("/setToken\('(.*?)'\)/", $this->request_with_cookie($url), $matches);
160. if(!$preg)
161. return false;
162.  
163. return $matches[1];
164. }
165.  
166. protected function request_with_csrf($url,$tokenurl,$data='')
167. {
168. $token = $this->get_x_csrf_token($tokenurl);
169. $ch = curl_init();
170. curl_setopt ($ch, CURLOPT_URL, $url);
171. curl_setopt ($ch, CURLOPT_SSL_VERIFYPEER, FALSE);
172. curl_setopt ($ch, CURLOPT_USERAGENT, "Googlebot/2.1");
173. curl_setopt ($ch, CURLOPT_TIMEOUT, 60);
174. curl_setopt ($ch, CURLOPT_FOLLOWLOCATION, 0);
175. curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1);
176.  
177. curl_setopt($ch, CURLOPT_HTTPHEADER, array(
178. 'Connection: keep-alive',
179. 'X-CSRF-TOKEN: ' . $token,
180. 'X-Requested-With: XMLHttpRequest',
181. ));
182.  
183. curl_setopt ($ch, CURLOPT_COOKIEJAR, $this->do_hash($this->user));
184. curl_setopt ($ch, CURLOPT_COOKIEFILE, $this->do_hash($this->user));
185. curl_setopt ($ch, CURLOPT_REFERER, $url);
186.  
187. curl_setopt ($ch, CURLOPT_POST, 1);
188. curl_setopt ($ch, CURLOPT_POSTFIELDS, $data);
189.  
190. return curl_exec ($ch);
191. }
192.  
193. protected function get_country($country)
194. {
195. $list = array (
196. 'United States' => 1,
197. 'Germany' => 2,
198. 'Netherlands' => 3,
199. 'France' => 4,
200. 'Spain' => 5,
201. 'Italy' => 6,
202. 'Ireland' => 7,
203. 'Portugal' => 8,
204. 'Canada' => 9,
205. 'United Kingdom' => 10,
206. 'Australia' => 11,
207. 'New Zealand' => 12,
208. 'Brazil' => 13,
209. 'Philippines' => 14,
210. 'Denmark' => 15,
211. 'Sweden' => 16,
212. 'United Arab Emirates' => 17,
213. 'Poland' => 18,
214. 'Malaysia' => 19,
215. 'Turkey' => 20,
216. 'Norway' => 21,
217. 'Romania' => 22,
218. 'Thailand' => 23,
219. 'Singapore' => 24,
220. 'Mexico' => 25,
221. 'Saudi Arabia' => 26,
222. 'Belgium' => 27,
223. 'Lithuania' => 28,
224. 'Israel' => 29,
225. 'Indonesia' => 30,
226. 'Russia' => 31,
227. 'Finland' => 32,
228. );
229.  
230. if(array_key_exists($country,$list))
231. return $list[$country];
232.  
233. return 1;
234. }
235.  
236. protected function get_gender($gender)
237. {
238. $list = array (
239. 'Male' => 2,
240. 'Female' => 3,
241. );
242. if(array_key_exists($gender,$list))
243. return $list[$gender];
244.  
245. return 2;
246. }
247.  
248. protected function get_language($language)
249. {
250. $list = array (
251. 'English' => 1,
252. 'German' => 3,
253. );
254. if(array_key_exists($language,$list))
255. return $list[$language];
256.  
257. return 1;
258. }
259.  
260. protected function get_privacy_setting($type,$id)
261. {
262. $list = array (
263. 'SocialNetworksVisibilityPrivacy' => array (
264. 'AllUsers',
265. 'FriendsFollowingAndFollowers',
266. 'FriendsAndFollowing',
267. 'Friends',
268. 'NoOne',
269. ),
270.  
271. 'ChatVisibilityPrivacy' => array (
272. 'All',
273. 'Followers',
274. 'Following',
275. 'Friends',
276. 'Noone',
277. 'Disabled'
278. ),
279.  
280. 'PrivateMessagePrivacy' => array (
281. 'All',
282. 'Followers',
283. 'Following',
284. 'Friends',
285. 'NoOne'
286. ),
287.  
288. 'PartyInvitePrivacy' => array (
289. 'All',
290. 'Followers',
291. 'Following',
292. 'Friends',
293. 'Noone',
294. 'Disabled'
295. ),
296.  
297. 'PrivateServerInvitePrivacy' => array (
298. 'AllAuthenticatedUsers',
299. 'FriendsFollowingAndFollowers',
300. 'FriendsAndFollowing',
301. 'Friends',
302. 'NoOne'
303. ),
304.  
305. 'FollowMePrivacy' => array (
306. 'All',
307. 'Followers',
308. 'Following',
309. 'Friends',
310. 'Noone'
311. ),
312. );
313.  
314.  
315. if(array_key_exists($id,$list[$type]))
316. return $list[$type][$id];
317. }
318.  
319. protected function get_genre_setting($type)
320. {
321. $list = array (
322. 'All' => 1,
323. 'Building' => 19,
324. 'Horror' => 11,
325. 'Town and City' => 7,
326. 'Military' => 17,
327. 'Comedy' => 15,
328. 'Medieval' => 8,
329. 'Adventure' => 13,
330. 'Sci-Fi' => 9,
331. 'Naval' => 12,
332. 'FPS' => 20,
333. 'RPG' => 21,
334. 'Sports' => 14,
335. 'Fighting' => 10,
336. 'Western' => 16,
337. );
338.  
339.  
340. if(array_key_exists($type,$list))
341. return $list[$type];
342.  
343. return 1;
344. }
345. /*
346.  
347. Public functions, no priviliges needed in order to work
348.  
349. */
350.  
351.  
352. // Output: hash
353. public function UserHash()
354. {
355. return hash($this->encryption, $this->user);
356. }
357. // Output: bool/string
358. public function GetUserID($data)
359. {
360. $p = json_decode($this->file_get_contents_curl(( is_string($data) ? 'http://api.roblox.com/users/get-by-username?username=' : 'http://api.roblox.com/users/').$data), true);
361. return ((is_array($p) and array_key_exists('Id', $p)) ? $p['Id'] : '-1');
362.  
363. }
364.  
365. public function RealUser($id)
366. {
367. return json_decode($this->file_get_contents_curl('http://api.roblox.com/users/get-by-username?username='.$id), true)['errorMessage'];
368. }
369.  
370. // Output: array
371. public function GetGroupFunds($id)
372. {
373.  
374. $elements = array (
375. 'robux' => "(//div[contains(@id,'ctl00_cphRoblox_rbxGroupFundsPane_GroupFunds')]//span[contains(@class,'robux')])[1]",
376.  
377. );
378. $robux = 0;
379.  
380. foreach($elements as $name => $element)
381. {
382. foreach ($this->xpath('http://www.roblox.com/Groups/group.aspx?gid='.$id,$element) as $i => $node)
383. $robux = $node->textContent;
384. }
385. return $robux;
386. }
387.  
388. // Output: string
389. public function GetUserBlurb($id)
390. {
391. foreach ($this->xpath('http://www.roblox.com/users/' . $id . '/profile',"//span[@class='profile-about-content-text']") as $i => $node)
392. return $node->nodeValue;
393. }
394.  
395. // Output: string
396. public function GetUserName($id)
397. {
398. $p = json_decode($this->file_get_contents_curl('http://api.roblox.com/users/'.$id), true);
399. return ((is_array($p) and array_key_exists('Username', $p)) ? $p['Username'] : '-1');
400. }
401.  
402. // Output: array
403. public function GetUserStats($id)
404. {
405.  
406. $elements = array (
407. 'Friends' => "//span[@id='ctl00_cphRoblox_rbxUserStatisticsPane_lFriendsStatistics']",
408. 'Knockouts' => "//span[@id='ctl00_cphRoblox_rbxUserStatisticsPane_lKillsStatistics']",
409. 'Followers' => "//span[@id='ctl00_cphRoblox_rbxUserStatisticsPane_lFollowersStatistics']",
410. 'Place Visits' => "//span[@id='ctl00_cphRoblox_rbxUserStatisticsPane_lPlaceVisitsStatistics']",
411. 'Forum Posts' => "//span[@id='ctl00_cphRoblox_rbxUserStatisticsPane_lForumPostsStatistics']",
412. );
413. $data = array();
414.  
415. foreach($elements as $name => $element)
416. {
417. foreach ($this->xpath('http://www.roblox.com/User.aspx?ID='.$id,$element) as $i => $node)
418. $data[$name] = $node->nodeValue;
419. }
420.  
421. return $data;
422. }
423.  
424. // Output: array
425. public function GetUserStatus($id)
426. {
427. foreach ($this->xpath('http://www.roblox.com/users/' . $id . '/profile',"//span[@id='ctl00_cphRoblox_rbxUserPane_lUserOnlineStatus']") as $i => $node)
428. return array('Status' => $node->nodeValue);
429.  
430. foreach ($this->xpath('http://www.roblox.com/users/' . $id . '/profile',"//a[@id='ctl00_cphRoblox_rbxUserPane_UserOnlineStatusHyperLink']") as $i => $node)
431. return array('Status' => $node->nodeValue, 'URL' => 'http://roblox.com' . $node->getAttribute('href'));
432.  
433. }
434.  
435. // Output: array
436. public function GetGroupOwner($id)
437. {
438. return json_decode($this->file_get_contents_curl('http://api.roblox.com/groups/'.$id), true)['Owner']['Id'];
439. }
440.  
441. // Output: string
442. public function GetGroupName($id)
443. {
444. return json_decode($this->file_get_contents_curl('http://api.roblox.com/groups/'.$id), true)['Name'];
445. }
446.  
447. // Output: string
448. public function GetGroupMembers($id)
449. {
450. foreach ($this->xpath('http://www.roblox.com/Groups/group.aspx?gid='.$id,"//div[@id='MemberCount']") as $i => $node)
451. return str_replace("Members: ", '', $node->nodeValue);
452. }
453.  
454. // Output: string
455. public function GetGroupdescription($id)
456. {
457. return json_decode($this->file_get_contents_curl('http://api.roblox.com/groups/'.$id), true)['Description'];
458. }
459.  
460. // Output: string/url
461. public function GetGroupImg($id)
462. {
463. return json_decode($this->file_get_contents_curl('http://api.roblox.com/groups/'.$id), true)['EmblemUrl'];
464. }
465.  
466. // Output: array
467. public function GetGroupAllies($id)
468. {
469. return json_decode($this->file_get_contents_curl('http://api.roblox.com/groups/' . $id . '/allies'),true);
470. }
471.  
472. // Output: array
473. public function GetGroupEnemies($id)
474. {
475. return json_decode($this->file_get_contents_curl('http://api.roblox.com/groups/' . $id . '/enemies'),true);
476. }
477.  
478. // Output: array
479. public function GetGroupRoles($id)
480. {
481. return $this->file_get_contents_curl('http://www.roblox.com/api/groups/'.$id.'/RoleSets/');
482. }
483.  
484. /*
485.  
486. Functions for logged in users, priviliges may apply.
487.  
488. */
489.  
490. public function DoLogin()
491. {
492. $password = file_get_contents('Secure/password.txt');
493. $this->post_with_data('https://m.roblox.com/Login','UserName=' . $this->user . '&Password=' . $password);
494. }
495.  
496. public function IsLoggedIn()
497. {
498. if($this->request_with_cookie('http://www.roblox.com/Game/GetCurrentUser.ashx')!=='null')
499. return true;
500.  
501. $this->clear();
502. return false;
503. }
504.  
505. public function GetUserFunds()
506. {
507. return $this->request_with_cookie('http://api.roblox.com/my/balance');
508. }
509.  
510.  
511. public function ModifyAccount($bm,$bd,$by,$gender,$language,$country,$blurb,$newsletter,$yt,$twitch,$sn,$chat,$pm,$party,$vip,$follow)
512. {
513. $data =
514. '__RequestVerificationToken='.$this->get_verification_token('https://www.roblox.com/my/account').
515. '&BirthMonth='.(is_int($bm) ? $bm : 12).
516. '&BirthDay='.(is_int($bd) ? $bd : 28).
517. '&BirthYear='.(is_int($by) ? $by : 1969).
518. '&Gender='.$this->get_gender($gender).
519. '&LanguageId='.$this->get_language($language).
520. '&CountryId='.$this->get_country($country).
521. '&PersonalBlurb='.urlencode($blurb).
522. '&ReceiveNewsletter='.($newsletter ? 'true' : 'false').
523. '&YouTube='.urlencode($yt).
524. '&Twitch='.urlencode($twitch).
525. '&SocialNetworksVisibilityPrivacy='.$this->get_privacy_setting('SocialNetworksVisibilityPrivacy',$sn).
526. '&ChatVisibilityPrivacy='.$this->get_privacy_setting('ChatVisibilityPrivacy',$chat).
527. '&PrivateMessagePrivacy='.$this->get_privacy_setting('PrivateMessagePrivacy',$pm).
528. '&PartyInvitePrivacy='.$this->get_privacy_setting('PartyInvitePrivacy',$party).
529. '&PrivateServerInvitePrivacy='.$this->get_privacy_setting('PrivateServerInvitePrivacy',$vip).
530. '&FollowMePrivacy='.$this->get_privacy_setting('FollowMePrivacy',$follow);
531.  
532. $this->post_with_data('https://www.roblox.com/my/account/update',$data);
533. }
534.  
535. public function ChangePassword($old,$new)
536. {
537. $this->request_with_csrf('https://www.roblox.com/account/changepassword','https://www.roblox.com/my/account','oldPassword='.$old.'&newPassword='.$new.'&confirmNewPassword='.$new);
538. }
539.  
540. public function Clear()
541. {
542. $this->remove_cookie();
543. }
544.  
545. public function SetFeeling($status)
546. {
547. $this->post_with_data('http://m.roblox.com/Account/SetStatus', '__RequestVerificationToken='.$this->get_verification_token('http://m.roblox.com/').'&Status=' .$status);
548. }
549.  
550. public function SendPM($to,$subject,$content)
551. {
552. $this->post_with_data('http://m.roblox.com/messages/sendmessagework', '__RequestVerificationToken='.$this->get_verification_token('http://m.roblox.com/messages/sendmessage?Id='.$to).'&RecipientId=' .$to . '&Subject='.urlencode($subject).'&Body='.urlencode($content));
553. }
554. public function SetGroupRole($group,$target,$role)
555. {
556. foreach(json_decode($this->GetGroupRoles($group),true) as $roles){
557. if($roles['Name']==$role)
558. $this->request_with_csrf('http://www.roblox.com/groups/api/change-member-rank?groupId='.$group.'&newRoleSetId='.$roles['ID'].'&targetUserId='.$target, 'http://www.roblox.com/My/GroupAdmin.aspx?gid='.$group);
559. }
560. }
561.  
562. public function SendFR($target)
563. {
564. $this->request_with_csrf('http://www.roblox.com/friends/sendfriendrequest', 'http://www.roblox.com/User.aspx?ID='.$target, 'targetUserId='.$target);
565. }
566.  
567. public function FollowUser($target)
568. {
569. $this->post_with_data('http://www.roblox.com/user/follow','targetUserId='.$target);
570. }
571.  
572. public function UnfollowUser($target)
573. {
574. $this->post_with_data('http://www.roblox.com/user/unfollow','targetUserId='.$target);
575. }
576. public function BlockUser($target)
577. {
578. $this->request_with_csrf('http://www.roblox.com/userblock/blockuser','http://www.roblox.com/User.aspx?ID='.$target,'blockeeId='.$target);
579. }
580. public function UnblockUser($target)
581. {
582. $this->request_with_csrf('http://www.roblox.com/userblock/unblockuser', 'http://www.roblox.com/User.aspx?ID='.$target,'blockeeId='.$target);
583. }
584.  
585. public function IsUserFriended($from,$target)
586. {
587. return strpos($this->file_get_contents_curl('http://www.roblox.com/Game/LuaWebService/HandleSocialRequest.ashx?method=IsFriendsWith&playerId=' . $from . '&userId=' . $target), 'true') ? true : false;
588. }
589.  
590. public function IsUserFollower($from,$target)
591. {
592. return json_decode($this->request_with_cookie('http://api.roblox.com/user/following-exists?userId='.$from.'&followerUserId='.$target),true)['isFollowing'];
593. }
594. public function InviteToClan($group,$target)
595. {
596. $this->post_with_data('http://www.roblox.com/group/invite-to-clan','userIdToInvite='.$target.'&groupId='.$group.'&__RequestVerificationToken='.$this->get_verification_token('http://www.roblox.com/My/GroupAdmin.aspx?gid='.$group));
597. }
598.  
599. public function CancelClanInvite($group,$target)
600. {
601. $this->post_with_data('http://www.roblox.com/group/cancel-invitation','inviteeUserId='.$target.'&groupId='.$group.'&__RequestVerificationToken='.$this->get_verification_token('http://www.roblox.com/My/GroupAdmin.aspx?gid='.$group));
602. }
603. public function AcceptClanInvite($group,$bool)
604. {
605. $this->post_with_data('http://www.roblox.com/group/accept-decline-clan-invitation','isAccepting='.$bool.'&groupId='.$group.'&__RequestVerificationToken='.$this->get_verification_token('http://www.roblox.com/My/GroupAdmin.aspx?gid='.$group));
606. }
607. public function KickFromClan($group,$target)
608. {
609. $this->post_with_data('http://www.roblox.com/group/kick-from-clan','userIdToKick='.$target.'&groupId='.$group.'&__RequestVerificationToken='.$this->get_verification_token('http://www.roblox.com/My/GroupAdmin.aspx?gid='.$group));
610. }
611. public function KickFromGroup($group,$target,$bool)
612. {
613. $this->post_with_data('http://www.roblox.com/My/Groups.aspx/ExileUserAndDeletePost',json_encode(array('userId'=>$target, 'deleteAllPostsOption'=>$bool, 'rolesetId' => '', 'selectedGroupId' => $group)));
614. }
615. public function LeaveClan($group)
616. {
617. $this->post_with_data('http://www.roblox.com/group/leave-clan','groupId='.$group.'&__RequestVerificationToken='.$this->get_verification_token('http://www.roblox.com/My/Groups.aspx?gid='.$group));
618. }
619.  
620. public function GiveGroupFunds($group,$userid,$amount)
621. {
622. $this->request_with_csrf('http://www.roblox.com/groups/'.$group.'/one-time-payout/1/false','http://www.roblox.com/my/groupadmin.aspx?gid='.$group,'percentages='.urlencode(json_encode(array($userid => $amount))));
623.  
624. }
625.  
626. public function SendTrade($buyer,$itemid)
627. {
628. $BuyerInfo = json_decode(file_get_contents('http://www.robux.exchange/GetLimiteds.php?userId='.$buyer));
629. $ItemFromBuyer;
630. foreach ($BuyerInfo as $key => $value) {if ($key == "Limiteds") {foreach($value as $data => $val) {
631. if ($val->AveragePrice <= 300) {
632. $ItemFromBuyer = $val;
633. }
634. }}}
635.  
636. $SellerInfo = json_decode(file_get_contents('http://www.robux.exchange/GetLimiteds.php?userId='.$this->GetUserID($this->user)));
637. $ItemFromSeller;
638. foreach ($SellerInfo as $key1 => $value1) {if ($key1 == "Limiteds") {foreach($value1 as $data1 => $val1) {
639. $MatchID = preg_match('/\?id=(\d+)$/', $val1->ItemLink, $matches) ? $matches[1] : '';
640. if ($MatchID == $itemid) {
641. $ItemFromSeller = $val1;
642. }
643. }}}
644.  
645.  
646. $this->request_with_csrf('http://www.roblox.com/Trade/tradehandler.ashx','http://www.roblox.com/my/money.aspx#/#TradeItems_tab','cmd=send&TradeJSON='.urlencode('{"AgentOfferList":[{"AgentID":'.$this->GetUserID($this->user).',"OfferList":[{"Name":"'.$ItemFromSeller->Name.'","ImageLink":"'.$ItemFromSeller->ImageLink.'","ItemLink":"'.$ItemFromSeller->ItemLink.'","SerialNumber":"'.$ItemFromSeller->SerialNumber.'","SerialNumberTotal":"'.$ItemFromSeller->SerialNumberTotal.'","AveragePrice":"'.$ItemFromSeller->AveragePrice.'","OriginalPrice":"'.$ItemFromSeller->OriginalPrice.'","UserAssetID":"'.$ItemFromSeller->UserAssetID.'","MembershipLevel":null}],"OfferRobux":0,"OfferValue":'.$ItemFromSeller->AveragePrice.'},{"AgentID":'.$buyer.',"OfferList":[{"Name":"'.$ItemFromBuyer->Name.'","ImageLink":"'.$ItemFromBuyer->ImageLink.'","ItemLink":"'.$ItemFromBuyer->ItemLink.'","SerialNumber":"'.$ItemFromBuyer->SerialNumber.'","SerialNumberTotal":"'.$ItemFromBuyer->SerialNumberTotal.'","AveragePrice":"'.$ItemFromBuyer->AveragePrice.'","OriginalPrice":"'.$ItemFromBuyer->OriginalPrice.'","UserAssetID":"'.$ItemFromBuyer->UserAssetID.'","MembershipLevel":null}],"OfferRobux":0,"OfferValue":'.$ItemFromBuyer->AveragePrice.'}],"IsActive":false,"TradeStatus":"Open"}'));
647.  
648. return;
649.  
650. }
651.  
652. public function BuyAsset($asset,$currency=2) // 2 = tx; 1= r$
653. {
654. $data = $this->GetAsset($asset);
655. if($data['IsPublicDomain'] == false)
656. {
657. if($currency==2 and $data['PriceInTickets'] !== 'null') { $d = $data['PriceInTickets']; }
658. elseif($currency==1 and $data['PriceInRobux'] !== 'null') { $d = $data['PriceInRobux']; }
659. else { return; }
660.  
661. $this->request_with_csrf('http://www.roblox.com/API/Item.ashx?rqtype=purchase&productID=' . $data['ProductId'] . '&expectedCurrency=' . $currency . '&expectedPrice=' . $d .'&expectedSellerID=' . $data['Creator']['Id'], 'http://www.roblox.com/item.aspx?--&id=' . $asset);
662. }
663. else
664. $this->request_with_csrf('http://www.roblox.com/API/Item.ashx?rqtype=purchase&productID=' . $data['ProductId'] . '&expectedCurrency=1&expectedPrice=0&expectedSellerID=' . $data['Creator']['Id'], 'http://www.roblox.com/item.aspx?--&id=' . $asset);
665.  
666. }
667.  
668. public function GetAsset($asset)
669. {
670. return json_decode($this->file_get_contents_curl('http://api.roblox.com/Marketplace/ProductInfo?assetId=' . $asset), true);
671. }
672.  
673. public function ChangePlaceState($place,$active)
674. {
675. $this->request_with_csrf('http://www.roblox.com/build/set-place-state?placeId='. $place . '&active=' . $active, 'http://www.roblox.com/develop?close=1');
676. }
677.  
678. public function GetUserPlaces($user)
679. {
680. return json_decode($this->file_get_contents_curl('http://www.roblox.com/Contests/Handlers/Showcases.ashx?userId=' . $user), true);
681. }
682.  
683. public function HasAsset($user,$asset)
684. {
685. return (($this->file_get_contents_curl('http://api.roblox.com/Ownership/HasAsset?userId=' . $user . '&assetId=' . $asset) == 'true') ? true : false);
686. }
687.  
688. public function RedeemPromocode($code)
689. {
690. $this->post_with_data('http://www.roblox.com/promocodes/redeem?code='.$code,'');
691. }
692.  
693. public function UpdateAsset($id,$name,$description,$comments,$gengre,$selling,$robux=0,$tx=0)
694. {
695. $p = $this->request_with_cookie('http://www.roblox.com/My/Item.aspx?ID='.$id);
696.  
697. if ($robux == 0 and $tx ==0)
698. $this->post_with_data('http://www.roblox.com/My/Item.aspx?ID='.$id,
699. '__EVENTTARGET=ctl00$cphRoblox$SubmitButtonTop'.
700. '&__EVENTARGUMENT='.
701. '&__VIEWSTATE='.urlencode($this->get_defined_token($p, '__VIEWSTATE')).
702. '&__EVENTVALIDATION='.urlencode($this->get_defined_token($p, '__EVENTVALIDATION')).
703. '&ctl00$cphRoblox$NameTextBox='.urlencode($name).
704. '&ctl00$cphRoblox$DescriptionTextBox='.urlencode($description).
705. '&ctl00$cphRoblox$EnableCommentsCheckBox='.(($comments==true) ? 'on' : '').
706. '&GenreButtons2='.$this->get_genre_setting($genre).
707. '&ctl00$cphRoblox$actualGenreSelection='.$this->get_genre_setting($genre).
708. '&ctl00$cphRoblox$PublicDomainCheckBox='.(($selling==true) ? 'on' : '')
709. );
710.  
711. $this->post_with_data('http://www.roblox.com/My/Item.aspx?ID='.$id,
712. '__EVENTTARGET=ctl00$cphRoblox$SubmitButtonTop'.
713. '&__EVENTARGUMENT='.
714. '&__VIEWSTATE='.urlencode($this->get_defined_token($p, '__VIEWSTATE')).
715. '&__EVENTVALIDATION='.urlencode($this->get_defined_token($p, '__EVENTVALIDATION')).
716. 'ctl00$cphRoblox$NameTextBox='.urlencode($name).
717. '&ctl00$cphRoblox$DescriptionTextBox='.urlencode($description).
718. '&ctl00$cphRoblox$SellThisItemCheckBox='.(($selling==true) ? 'on' : '').
719. '&ctl00$cphRoblox$SellForRobux='.(($robux > 2) ? 'on' : '').
720. '&ctl00$cphRoblox$SellForTickets='.(($tx > 20) ? 'on' : '').
721. '&ctl00$cphRoblox$RobuxPrice='.(($robux > 2) ? $robux : 2).
722. '&ctl00$cphRoblox$TicketsPrice='.(($tx > 20) ? $tx : 20).
723. '&ctl00$cphRoblox$actualGenreSelection='.$this->get_genre_setting($genre).
724. '&GenreButtons2='.$this->get_genre_setting($genre).
725. '&ctl00$cphRoblox$EnableCommentsCheckBox='.(($comments==true) ? 'on' : '')
726. );
727.  
728.  
729. }
730.  
731. public function ToggleFavoriteAsset($id)
732. {
733. $this->post_with_data('http://www.roblox.com/favorite/toggle', 'assetId='.$id);
734. }
735.  
736. public function Vote($asset, $bool = null)
737. {
738. $this->post_with_data('http://www.roblox.com/voting/vote?assetId='.$asset.'&vote=' . (strtolower($bool)=='up') ? 'true' : (strtolower($bool)=='down') ? 'false' : 'null' , '');
739. }
740.  
741. public function SetGroupShout($group,$content)
742. {
743. $p = $this->request_with_cookie('http://www.roblox.com/My/Groups.aspx?gid='.$group);
744. $this->post_with_data('http://www.roblox.com/My/Groups.aspx?gid='.$group,
745. '&__RequestVerificationToken='.$this->get_verification_token($p,false).
746. '&__VIEWSTATE='.urlencode($this->get_defined_token($p, ('__VIEWSTATE'))).
747. '&__EVENTARGUMENT='.urlencode($this->get_defined_token($p, '__EVENTARGUMENT')).
748. '&__EVENTVALIDATION='.urlencode($this->get_defined_token($p, '__EVENTVALIDATION')).
749. '&ctl00$cphRoblox$GroupStatusPane$StatusTextBox='.urlencode($content).
750. '&ctl00$cphRoblox$GroupStatusPane$StatusSubmitButton='.urlencode('Group Shout')
751. );
752. }
753.  
754. public function SecurePost($var)
755. {
756. return mysql_real_escape_string(strip_tags(stripslashes($var)));
757. }
758.  
759. }
760. ?>