<?phpset_time_limit(0);date_default_timezone_set("America/Sao_Paulo");libx

1. <?php
2. set_time_limit(0);
3. date_default_timezone_set("America/Sao_Paulo");
4. libxml_use_internal_errors(false);
5. ini_set('display_errors', 'off');
6. ini_set('log_errors', 0);
7. ini_set('error_log', 'superxat.log');
8. error_reporting(E_ALL);
9. do
10. {
11. $server = new UXAT();
12. unset($server);
13. }
14. while (true);
15. class UXAT
16. {
17. private $info = array();
18. public $socket = array(null, null);
19. public $users = array();
20. public $ipbans = array();
21. public $protected = array();
22. public $rfilter = array();
23. public $debug = false;
24. public $nulleGp;
25. public $loginTime;
26. public $hasGroupPowers = array("Lobby");
27. public $trade = [];
28. public function __construct()
29. {
30. //require __DIR__ . "/../_class/config.php";
31. $this->flags = (object)array('away' => '16384', 'naugthy' => '524288', 'gag' => '256', 'yellowcard' => '1048576','redcard' => '2097152', 'dunce' => '32768'); //Flags
32. $config = (object)array('db' => array(0 => 'localhost', 1 => 'root', 2 => '', 3 => 'xat')); //Configuracao
33. $this->mysql = new Database($config->db[0], $config->db[1], $config->db[2], $config->db[3]);
34. $this->resetConfig();
35. $this->bind();
36. while (true)
37. {
38. $this->bind();
39. while ($this->socket[0])
40. {
41. $this->listen();
42. }
43. array_map('socket_close', $this->socket);
44. }
45. }
46. /* config da database Server */
47. public function resetConfig()
48. {
49. $this->config = $this->mysql->fetch_array("select * from `server` limit 0, 1;");
50. $this->config = (object)$this->config[0];
51. $this->config->spam_wait = 800;
52. $this->config->staff = (array)json_decode($this->config->staff);
53. $this->config->volunteers = (array)json_decode($this->config->volunteers);
54. $this->config->pawns = (array)json_decode($this->config->pawns);
55. $this->config->pcount = $this->mysql->fetch_array('select count(distinct `section`) as `count` from `powers`;');
56. $this->config->pcount = $this->config->pcount[0]['count'];
57. $this->hash = $this->mysql->rand(25); /* For API Laterz */
58. $this->ipbans = $this->mysql->fetch_array("select `ipbans` from `server`;");
59. $this->ipbans = (array)json_decode($this->ipbans[0]['ipbans']);
60. $this->loginTime = time();
61. $this->mysql->query("update `server` set `pid`='" . getmypid() . "';");
62. }
63. public function array_column(array $input, $columnKey, $indexKey = null)
64. {
65. $array = array();
66. foreach ($input as $value)
67. {
68. if (!array_key_exists($columnKey, $value))
69. {
70. trigger_error("Key \"$columnKey\" does not exist in array");
71. return false;
72. }
73. if (is_null($indexKey))
74. {
75. $array[] = $value[$columnKey];
76. }
77. else
78. {
79. if (!array_key_exists($indexKey, $value))
80. {
81. trigger_error("Key \"$indexKey\" does not exist in array");
82. return false;
83. }
84. if (!is_scalar($value[$indexKey]))
85. {
86. trigger_error("Key \"$indexKey\" does not contain scalar value");
87. return false;
88. }
89. $array[$value[$indexKey]] = $value[$columnKey];
90. }
91. }
92. return $array;
93. }
94. public function bind()
95. {
96. try
97. {
98. global $argv;
99. $this->socket = [socket_create(AF_INET, SOCK_STREAM, SOL_TCP), socket_create_listen(0) ];
100. socket_getsockname(end($this->socket), $ip, $port);
101. $this->mysql->query("update `server` set `ipc`={$port};");
102. socket_set_option($this->socket[0], SOL_SOCKET, SO_REUSEADDR, True);
103. if (!Isset($argv[1]) || $argv[1] != 'debug')
104. {
105. socket_bind($this->socket[0], $this->config->server_ip, $this->config->server_pt) or exit;
106. } //!Isset( $argv[ 1 ] ) || $argv[ 1 ] != 'debug'
107. else
108. {
109. $this->debug = True;
110. socket_bind($this->socket[0], $this->config->server_ip, $this->config->backup_pt) or exit;
111. }
112. socket_listen($this->socket[0]);
113. socket_set_block($this->socket[0]);
114. }
115. catch(Exception $e)
116. {
117. print $e->getMessage();
118. exit;
119. }
120. }
121. public function recv($socket)
122. {
123. $len = 32768;
124. $data = "";
125. $i = 0;
126. while (true)
127. {
128. $bytes = socket_recv($socket, $chunk, $len, 0);
129. $data .= $chunk;
130. if ($bytes < $len || $i == 5) break;
131. $i++;
132. }
133. return $data;
134. }
135. public function listen($null = null, $except = null, $ipc = 0)
136. {
137. $read = $this->socket;
138. foreach ($this->users as $user)
139. {
140. $read[] = $user->sock;
141. }
142. if (@socket_select($read, $null, $except, null) < 1)
143. {
144. return;
145. }
146. foreach ($this->socket as $i => $psock)
147. {
148. if (in_Array($psock, $read))
149. {
150. switch ((int)$i)
151. {
152. case 0:
153. $socket = socket_accept($psock);
154. socket_set_nonblock($socket);
155. if (!is_resource($socket) || count($this->users) >= $this->config->max_total)
156. {
157. @socket_close($socket);
158. break;
159. }
160. socket_getpeername($socket, $ip);
161. foreach ($this->users as $user)
162. {
163. if ($user->ipaddr == $ip)
164. {
165. $ipc++;
166. }
167. }
168. if ($ipc > $this->config->max_per_ip || in_Array($ip, $this->ipbans))
169. {
170. foreach ($this->users as $user)
171. {
172. if ($user->ipaddr == $ip)
173. {
174. $this->disconnect($user->index);
175. }
176. }
177. break;
178. }
179. do
180. {
181. $index = $this->mysql->rand();
182. }
183. while (Isset($this->users[$index]));
184. $this->users[$index] = new client($socket, $this, $index, $ip);
185. break;
186. case 1:
187. $this->socket[] = socket_accept($psock);
188. break;
189. default:
190. $data = @trim(socket_read($psock, 1204));
191. if (strlen($data) <= 1)
192. {
193. socket_close($psock);
194. unset($this->socket[$i]);
195. break;
196. }
197. $packet = @simplexml_load_string($data);
198. $data = $this->GetMultiAttr($packet);
199. if (!method_exists($packet, 'getName'))
200. {
201. break;
202. }
203. foreach ($packet->Attributes() as $i => $u)
204. {
205. $return[$i] = (string)((string)$u);
206. print_r($return);
207. }
208. switch ($packet->getName())
209. {
210. case 'gift':
211. $user = $this->getUserByID($return['u']);
212. if (!is_object($user)) break;
213. $user->sendRoom($user->createPacket("a", array("u" => $return['u'], "k" => "Gifts", "t" => $return['text'], "c" => $return['c'])));
214. break;
215. }
216. }
217. }
218. }
219. if (!is_Array($except))
220. {
221. $except = Array();
222. }
223. foreach ($this->users as $index => $user)
224. {
225. if (in_Array($user->sock, $except) || !$user->sock)
226. {
227. unset($this->users[$index]);
228. }
229. ElseIf (in_Array($user->sock, $read))
230. {
231. $input = $this->recv($user->sock);
232. while (@socket_recv($user->sock, $buf, (1024 * 1024), 0) >= 1) //CONFIGURAR RAM 2GB
233. //while(@socket_recv($user->sock, $buf, 8192, 0)) //CONFIGURAR RAM 4 GB
234.  
235. {
236. $input .= $buf;
237. }
238. if (trim($input) == '' || ord(substr($input, 0, 1)) == 136)
239. {
240. unset($this->users[$index]);
241. continue;
242. }
243. ElseIf (substr_count($input, chr(0)) <= 1)
244. {
245. $this->handle($input, $user);
246. } //substr_count( $input, chr( 0 ) ) <= 1
247.  
248. }
249. }
250. }
251. private function handle($packet, &$user)
252. {
253. $packet = str_replace('', '', $packet); //RIP Chrome
254. try
255. {
256. if ($this->debug)
257. {
258. var_dump($packet);
259. }
260. if ($user->mobile == false && substr($packet, 0, 1) !== '<')
261. {
262. $user->mobile = true;
263. }
264. if ($user->mobile == true)
265. {
266. if ($user->mobready == false)
267. {
268. $user->buffer .= $packet;
269. if (strlen($user->buffer) >= 4096)
270. {
271. throw new Exception();
272. }
273. if (is_numeric(strpos($user->buffer, "\r\n\r\n")))
274. {
275. $headers = array();
276. $lines = explode("\r\n", $user->buffer);
277. foreach ($lines as $line)
278. {
279. $line = explode(': ', $line, 2);
280. if (count($line) < 2) continue;
281. $headers[strtolower($line[0]) ] = $line[1];
282. }
283. if (!isset($headers['sec-websocket-key']))
284. {
285. throw new Exception();
286. }
287. $secAccept = base64_encode(pack('H*', sha1($headers['sec-websocket-key'] . '258EAFA5-E914-47DA-95CA-C5AB0DC85B11')));
288. $response = array();
289. array_push($response, "HTTP/1.1 101 Pulse");
290. array_push($response, "Upgrade: websocket");
291. array_push($response, "Connection: Upgrade");
292. array_push($response, "Sec-WebSocket-Accept: " . $secAccept);
293. @socket_write($user->sock, implode("\r\n", $response) . "\r\n\r\n");
294. $user->mobready = true;
295. }
296. return;
297. }
298. else
299. {
300. $packet = $this->unmask($packet);
301. if ($packet == false)
302. {
303. throw new Exception(1);
304. }
305. }
306. }
307. if (strpos($packet, '<', 1) !== false)
308. {
309. throw new Exception(2);
310. }
311. $packet2 = $packet;
312. $packet = $this->parsePacket($packet);
313. $tag = strtolower($packet['node']);
314. $packet = $packet['elements'];
315. $lPackets = array('policy-file-request', 'j2', 'y', 'v');
316. if (strlen($tag) > 25 || $tag == '')
317. {
318. throw new Exception(4);
319. }
320. if (!isset($user->loginKey) || $user->loginKey == null)
321. {
322. if (!in_array($tag, $lPackets))
323. {
324. throw new Exception(5);
325. }
326. }
327. elseif ($user->authenticated == null && $tag != 'j2' && $tag != 'v')
328. {
329. throw new Exception(6);
330. }
331. elseif (isset($user->id) && in_array($user->id, array(0, 2)))
332. {
333. throw new Exception(7);
334. }
335. elseif ($user->hidden == true && $user->online)
336. {
337. $user->hidden = false;
338. $user->joinRoom($user->chat, false, true, $user->pool);
339. };
340. }
341. catch(Exception $e)
342. {
343. //print $e->getMessage() . "\n";
344. return $this->disconnect($user->index);
345. }
346. if (!$user->authenticated && !in_array($tag, $lPackets))
347. {
348. return $this->disconnect($user->index, true);
349. }
350. switch ($tag)
351. {
352. case 'v':
353. $user2 = $this->getAttribute($packet, 'n');
354. $password = $this->getAttribute($packet, 'p');
355. $userLogin = $this->mysql->fetch_array('select * from `users` where `username`=\'' . $this->mysql->sanatize($user2) . '\';');
356. if (!$this->mysql->validate($password, $userLogin[0]['password']) || empty($userLogin))
357. {
358. $user->joinRoom(2, false, true, $user->pool);
359. }
360. else
361. {
362. $user->sendPacket($this->doLogin($user2, $password));
363. }
364. break;
365. case substr($tag, 0, 1) == 'w':
366. $pool = substr($tag, 1, 2);
367. $chat = $this->mysql->fetch_array("select * from `chats` where `id`={$user->chat};");
368. $rank = str_replace('\'', '"', $chat[0]['pools']);
369. $rank = json_decode($rank, true);
370. $rankS = $user->noToRank($rank['rnk']);
371. if ($rankS == "o" && $user->rank != 1)
372. {
373. break;
374. }
375. elseif ($rankS == "M" && ($user->rank != 1 && $user->rank != 4))
376. {
377. break;
378. }
379. elseif ($rankS == "m" && ($user->rank != 1 && $user->rank != 4 && $user->rank != 2))
380. {
381. break;
382. }
383. elseif ($rankS == "e" && ($user->rank != 1 && $user->rank != 4 && $user->rank != 2 && $user->rank != 3))
384. {
385. break;
386. }
387. else
388. {
389. $user->sendRoom($user->createPacket("l", array("u" => $user->id)));
390. $user->switchingPools = true;
391. $user->joinRoom($user->chat, false, true, $pool, true);
392. $user->sendRoom($user->createPacket("m", array("t" => "/RTypeOff", "u" => $user->id)));
393. }
394. break;
395. case 'f': /* packet para add amigos */
396. $users = $this->getAttribute($packet, 'o');
397. $friends = (array)explode(' ', $users);
398. $online = array();
399. foreach ($this->users as $i => $_user)
400. {
401. if ($_user->id != $user->id && in_array($_user->id, $friends) && $_user->hidden === false && !in_array($_user->id, $online))
402. {
403. array_push($online, $_user->id);
404. }
405. }
406. $user->sendPacket($user->createPacket("f", array("v" => implode(',', $online))));
407. break;
408. case 'policy-file-request':
409. if (isset($user->policy))
410. {
411. return $this->ipban($user->ipaddr);
412. }
413. $user->sendPacket('<cross-domain-policy><allow-access-from domain="*" to-ports="*" /></cross-domain-policy>');
414. $user->policy = 1;
415. break;
416. case 'r':
417. break;
418. case 'y': /* packets de conexao do xat */
419. if (isset($user->loginKey) && $user->loginKey != null)
420. {
421. return $this->ipban($user->ipaddr);
422. }
423. $user->loginKey = rand(10000000, 99999999);
424. $user->loginShift = rand(2, 5);
425. $user->loginTime = time();
426. $user->sendPacket($user->createPacket('y', array('i' => $user->loginKey, 'c' => $user->loginTime, 'p' => '100_100_5_100', 'y' => $user->loginKey, 'cb' => $user->loginTime)));
427. break;
428. case 'j2':
429. if ($user->authenticated == true)
430. {
431. $user->sendPacket('<logout />');
432. return $this->disconnect($user->index);
433. }
434. if ($user->authenticate($packet) == false)
435. {
436. $user->sendPacket('<n t="You must re-login to be able to chat further." />');
437. $user->sendPacket('<logout />');
438. $this->disconnect($user->index);
439. }
440. $chatr = $this->mysql->fetch_array("select * from `chats` where `id`={$user->chat};");
441. if (isset($chatr[0]['MembersOnly2']) && $chatr[0]['MembersOnly2'] == 1)
442. {
443. if ($user->guest == true && in_array($user->rank, array(5, 40)))
444. {
445. $user->sendPacket('<m u="0" t="This is a registered users only chat, you can private chat an owner or moderator and ask to join." i="0" />');
446. }
447. }
448. $user->sendRoom($user->createPacket('m', array('t' => '/RTypeOff', 'u' => $user->id)));
449. /*End*/
450. if ($user->isAssigned($packet['c'], 220))
451. {
452. $user->sendPacket($user->createPacket('g', array('u' => $packet['u'], 'x' => '20048')));
453. }
454. if ($user->guest == true || $user->authenticated == true)
455. {
456. $users = array();
457. foreach ($this->users as & $u)
458. {
459. @array_push($users, $u->group);
460. }
461. $count = @array_count_values($users);
462. $this->mysql->query('update `chats` set `users`=' . (isset($count[$user->group]) ? $count[$user->group] : 0) . ' where `name`=\'' . $user->group . '\';');
463. }
464. $usr = $this->mysql->fetch_array("select * from `users` where `id`={$packet['u']};");
465. if (isset($usr[0]['block']) && $usr[0]['block'] != 0)
466. {
467. $user->sendPacket('<n t="Blocked <i>" />');
468. $user->sendPacket('<logout />');
469. $this->disconnect($user->index);
470. }
471. break;
472. /* Packet de desconexao */
473. case 'l':
474. $this->disconnect($user->index);
475. $this->disconnect($user->id);
476. $user->sendRoom($user->createPacket('l', array('u' => $user->id)));
477. break;
478. case 'm': /* proteçao de desativar xat */
479. if ($user->banned > time())
480. {
481. return false;
482. }
483. if ($user->f & 128)
484. {
485. if ($user->rank == 5)
486. {
487. break;
488. }
489. }
490. if ($user->f & 256)
491. {
492. break;
493. }
494. $chatr = $this->mysql->fetch_array("select * from `chats` where `id`={$user->chat};");
495. if ($chatr[0]['MembersOnly2'] == 1)
496. {
497. if ($user->guest == true && in_array($user->rank, array(5, 40)))
498. {
499. break;
500. }
501. }
502. if (isset($this->protected[$user->chat]))
503. {
504. if ($this->protected[$user->chat]['end'] < time())
505. {
506. unset($this->protected[$user->chat]);
507. $user->sendRoom("<m t=\"A protecao do chat foi desativa pois ja se passarao 60 minutos.\" u=\"0\" />");
508. }
509. elseif ($this->protected[$user->chat]['type'] == 'noguest')
510. {
511. if ($user->rank == 5 || $user->rank == 40)
512. {
513. return false;
514. $user->f |= 256;
515. }
516. }
517. elseif ($this->protected[$user->chat]['type'] == 'raid')
518. {
519. if ($user->rank == 5 || $user->rank == 40)
520. {
521. $user->sendPacket($user->createPacket("logout", array("e" => "E38")));
522. return false;
523. $this->disconnect($user->index);
524. }
525. }
526. elseif ($this->protected[$user->chat]['type'] == 'unreg')
527. {
528. if ($user->guest == true && in_array($user->rank, array(5, 40)))
529. {
530. return false;
531. }
532. }
533. }
534. $h_packet = $this->getAttribute($packet, 't');
535. if ($user->hasPower(51) && substr($h_packet, 0, 2) == '/h' && in_array($user->rank, array(1, 4)))
536. {
537. $sec = substr($h_packet, 3, 2);
538. (is_numeric($sec) && ($sec >= 10 && $sec <= 60)) ? $time2 = substr($h_packet, 3, 2) : '';
539. switch (strtolower(substr($h_packet, 2, 1)))
540. {
541. case 'g':
542. /* Hush mutar cargos */
543. foreach ($this->users as & $u)
544. {
545. if ($u->chat == $user->chat && !empty($time2) && in_array($u->rank, array(5)))
546. {
547. $time = strtotime("+ {$time2} seconds");
548. $this->mysql->query("insert into `bans` (`chatid`, `userid`, `unbandate`, `ip`, `type`) values ('{$user->chat}', '{$u->id}', '{$time}', '{$u->ipaddr}', 'f256');");
549. $u->sendRoom($user->createPacket("m", array("t" => "/gg{$time}", "u" => $u->id)), False, $u->id);
550. $u->joinRoom($user->chat, false, true, 0);
551. $u->banned = $time;
552. }
553. }
554. return $time2 ? $user->sendRoom($user->createPacket("m", array("u" => $user->id, "t" => "(hush#w{$time}) Hush: {$time}s"))) : false;
555. break;
556. case 'm':
557. foreach ($this->users as & $u)
558. {
559. if ($u->chat == $user->chat && !empty($time2) && in_array($u->rank, array(3, 5)))
560. {
561. $time = strtotime("+ {$time2} seconds");
562. $this->mysql->query("insert into `bans` (`chatid`, `userid`, `unbandate`, `ip`, `type`) values ('{$user->chat}', '{$u->id}', '{$time}', '{$u->ipaddr}', 'f256');");
563. $u->sendRoom($u->createPacket("m", array("t" => "/gg{$time2}", "u" => $u->id)), False, $u->id);
564. $u->joinRoom($user->chat, false, true, 0);
565. $u->banned = $time;
566. }
567. }
568. return $time2 ? $user->sendRoom($user->createPacket("m", array("u" => $user->id, "t" => "(hush#w{$time2}) Hush: {$time2}s"))) : false;
569. break;
570. case 'd':
571. foreach ($this->users as & $u)
572. {
573. if ($u->chat == $user->chat && !empty($time2) && in_array($u->rank, array(2, 3, 5)))
574. {
575. $time = strtotime("+ {$time2} seconds");
576. $this->mysql->query("insert into `bans` (`chatid`, `userid`, `unbandate`, `ip`, `type`) values ('{$user->chat}', '{$u->id}', '{$time}', '{$u->ipaddr}', 'f256');");
577. $u->sendRoom($u->createPacket("m", array("t" => "/gg{$time2}", "u" => $u->id)), False, $u->id);
578. $u->joinRoom($user->chat, false, true, 0);
579. $u->banned = $time;
580. }
581. }
582. return $time2 ? $user->sendRoom($user->createPacket("m", array("u" => $user->id, "t" => "(hush#w{$time2}) Hush: {$time2}s"))) : false;
583. break;
584. case 'o':
585. if ($user->rank != 1)
586. {
587. break;
588. }
589. foreach ($this->users as & $u)
590. {
591. if ($u->chat == $user->chat && !empty($time2) && in_array($u->rank, array(2, 3, 4, 5)))
592. {
593. $time = strtotime("+ {$time2} seconds");
594. $this->mysql->query("insert into `bans` (`chatid`, `userid`, `unbandate`, `ip`, `type`) values ('{$user->chat}', '{$u->id}', '{$time}', '{$u->ipaddr}', 'f256');");
595. $u->sendRoom($u->createPacket("m", array("t" => "/gg{$time2}", "u" => $u->id)), False, $u->id);
596. $u->f |= 0x0100;
597. $u->joinRoom($user->chat, false, true, 0);
598. $u->banned = $time;
599. }
600. }
601. return $time2 ? $user->sendRoom($user->createPacket("m", array("u" => $user->id, "t" => "(hush#w{$time2}) Hush: {$time2}s"))) : false;
602. break;
603. }
604. }
605. if (in_array($user->rank, array(5, 40)) && $user->guest == true)
606. {
607. if (!isset($this->rfilter[$user->chat]))
608. {
609. $this->rfilter[$user->chat] = array();
610. }
611. $ctime = time() - 5;
612. $count = 1;
613. foreach ($this->rfilter[$user->chat] as $i => $time)
614. {
615. if ($ctime > $time)
616. {
617. unset($this->rfilter[$user->chat][$i]);
618. continue;
619. }
620. $count++;
621. }
622. array_push($this->rfilter[$user->chat], time());
623. if ($count >= 12)
624. {
625. $this->protected[$user->chat] = array('end' => time() + 3600, 'type' => 'unreg');
626. $user->sendRoom($user->createPacket("m", array("u" => 0, "t" => "Protecao do chat foi ativada!(Raid Detected)")));
627. foreach ($this->users as $i => $u)
628. {
629. if ($u->chat == $user->chat && in_array($u->rank, array(5, 40)) && $u->guest == true)
630. {
631. $u->sendPacket('<n t="Protection ativada, chutando null users." />');
632. $this->disconnect($u->index);
633. }
634. }
635. unset($this->rfilter[$user->chat]);
636. }
637. }
638. $message = $this->getAttribute($packet, 't');
639. if (empty($message))
640. {
641. return false;
642. }
643. elseif (substr($message, 0, 1) == '!')
644. {
645. $owner = in_array($user->id, $this->config->staff) ? true : false;
646. $volunt = in_array($user->id, $this->config->volunteers) ? true : false;
647. $args = explode(chr(32), substr($message, 1));
648. switch (strtolower($args[0]))
649. {
650. case 'users':
651. if ($owner || $volunt)
652. {
653. $user->sendPacket('<m t="Tem ' . count($this->users) . ' usuarios online!!" u="0" />');
654. }
655. return;
656. break;
657. case 'setdays':
658. if (!$owner || count($args) != 3)
659. {
660. break;
661. }
662. $uRow = $this->mysql->fetch_array('select `id`, `username`, `password` from `users` where `username`=\'' . $this->mysql->sanatize($args[1]) . '\'');
663. if (count($uRow) == 1 && is_numeric($args[2]))
664. {
665. $days = $this->getDays($args[2]);
666. $udays = time() + ($days * 86400);
667. $this->mysql->query('update `users` set `days`= (days +' . $udays . ') where `username`=\'' . $this->mysql->sanatize($args[1]) . '\';');
668. $_user = $this->getuserbyid($uRow[0]['id'], $user->chat);
669. if ($_user != false)
670. {
671. $_user->sendPacket($this->doLogin($uRow[0]['username'], $uRow[0]['password']));
672. }
673. }
674. return;
675. break;
676. case 'addxats':
677. if (count($args) == 3 && $owner)
678. {
679. $uRow = $this->mysql->fetch_array('select `id`, `username`, `password` from `users` where `username`=\'' . $this->mysql->sanatize($args[1]) . '\';');
680. if (count($uRow) == 1 && is_numeric($args[2]))
681. {
682. $this->mysql->query('update `users` set `xats`= (xats +' . $args[2] . ') where `username`=\'' . $this->mysql->sanatize($args[1]) . '\';');
683. $_user = $this->getuserbyid($uRow[0]['id'], $user->chat);
684. if ($_user != false)
685. {
686. $_user->sendPacket($this->doLogin($uRow[0]['username'], $uRow[0]['password']));
687. }
688. }
689. }
690. return;
691. break;
692. case 'setxats':
693. if (count($args) != 3 || $owner)
694. {
695. $uRow = $this->mysql->fetch_array('select `id`, `username`, `password` from `users` where `username`=\'' . $this->mysql->sanatize($args[1]) . '\';');
696. if (count($uRow) == 1 && is_numeric($args[2]))
697. {
698. $this->mysql->query('update `users` set `xats`=' . $args[2] . ' where `username`=\'' . $this->mysql->sanatize($args[1]) . '\';');
699. $_user = $this->getuserbyid($uRow[0]['id'], $user->chat);
700. if ($_user != false)
701. {
702. $_user->sendPacket($this->doLogin($uRow[0]['username'], $uRow[0]['password']));
703. }
704. }
705. }
706. return;
707. break;
708. case 'setdays1':
709. if (count($args) != 3 || $owner)
710. {
711. $uRow = $this->mysql->fetch_array('select `id`, `username`, `password` from `users` where `username`=\'' . $this->mysql->sanatize($args[1]) . '\';');
712. if (count($uRow) == 1 && is_numeric($args[2]))
713. {
714. $this->mysql->query('update `users` set `days`=' . strtotime("+ " . $args[2] . " days") . ' where `username`=\'' . $this->mysql->sanatize($args[1]) . '\';');
715. $_user = $this->getuserbyid($uRow[0]['id'], $user->chat);
716. if ($_user != false)
717. {
718. $_user->sendPacket($this->doLogin($uRow[0]['username'], $uRow[0]['password']));
719. }
720. }
721. }
722. return;
723. break;
724. case 'clears':
725. if (!$owner)
726. {
727. break;
728. }
729. $this->mysql->query('truncate `messages`;');
730. $this->mysql->query('truncate `offline_messages`;');
731. $user->sendPacket('<m t="Mesajele au fost curatate!" u="0" />');
732. $this->disconnect($user->index);
733. $user->sendRoom("<l u=\"{$u->id}\" />");
734. return;
735. break;
736. case 'us':
737. if (!$owner)
738. {
739. break;
740. }
741. $this->mysql->query("DELETE FROM users WHERE username IS NULL");
742. $user->sendPacket('<m t="Todos os usuários nulos foram deletados!" u="0" />');
743. $this->disconnect($user->index);
744. $user->sendRoom("<l u=\"{$u->id}\" />");
745. return;
746. break;
747. case 'clear':
748. if ($owner || $volunt)
749. {
750. $this->mysql->query('update `messages` set `visible`=0 where `id`=' . $user->chat . ';');
751. $user->sendRoom('<n t="0" t="Mensagens do xat limpas!" />');
752. $user->joinRoom($user->chat, 1, True);
753. foreach ($this->users as & $u)
754. {
755. $this->disconnect($u->index);
756. }
757. }
758. return;
759. break;
760. /* powers status */
761. case 'release':
762. if ($owner)
763. {
764. $power = $args[1];
765. $amount = $args[2];
766. $this->mysql->query("UPDATE `powers` SET `amount`='" . $amount . "' WHERE `name`='" . $power . "'");
767. $Mais = $amount == 1 ? "" : "s";
768. $user->sendAll("<n t=\"{$amount} {$power}{$Mais} a fost limitata!\" />");
769. }
770. return;
771. break;
772. case 'unrelease':
773. if ($owner)
774. {
775. $power = $args[1];
776. $amount = $args[2];
777. $this->mysql->query("UPDATE `powers` SET `amount`='" . $amount . "' WHERE `name`='" . $power . "'");
778. $Mais = $amount == 0 ? "" : "s";
779. $user->sendAll("<n t=\"{$amount} {$power}{$Mais} a fost delimitata!\" />");
780. }
781. return;
782. break;
783. case 'userip':
784. if ($owner)
785. {
786. $uRow = $this->mysql->fetch_array('select * from `users` where `username`=\'' . $this->mysql->sanatize($args[1]) . '\';');
787. $user->sendPacket("<m t=\"Utilizatorul [" . $args[1] . "] are ip: " . $uRow[0]['connectedlast'] . " sa inregistrat : " . $uRow[0]['time_stamp'] . " are id : " . $uRow[0]['id'] . "\" u=\"0\" />");
788. }
789. return;
790. break;
791. case 'resetrank':
792. if ($owner)
793. {
794. $target = $args[1];
795. $t = $this->mysql->fetch_array("SELECT * FROM `users` WHERE `id`='" . $target . "';");
796. $i = $t[0]['id'];
797. $this->mysql->query("DELETE FROM `ranks` WHERE `userid`='" . $i . "';");
798. $user->sendPacket('<n t="0" t="o cargo do id ' . $target . ' foi resetado." />');
799. }
800. return;
801. break;
802. case 'global':
803. $args = explode(' ', substr($message, 1), 2);
804. $sum = "<n u=\"0\" t=\"{$args[1]}\" />";
805. $user->sendPacket($sum);
806. return;
807. break;
808. case 'relog':
809. if (count($args) == 2 && $owner) {
810. $_user = $this->mysql->fetch_array('select * from `users` where `username`=\'' . $this->mysql->sanatize($args[1]) . '\';');
811. if (empty($_user)) {
812. break;
813. }
814. $online = $this->getuserbyid($_user[0]['id']);
815. if (is_object($online)) {
816. $online->sendPacket($this->doLogin($_user[0]['username'], $_user[0]['password']));
817. }
818. }
819. return;
820. break;
821. case 'anunt':
822. if ($owner)
823. {
824. $args = explode(' ', substr($message, 1), 2);
825. $sum = "<m t=\"{$args[1]}\" u=\"0\" />";
826. $user->sendAll($sum);
827. }
828. return;
829. break;
830. case 'limited':
831. if ($owner)
832. {
833. $power = $args[1];
834. $this->mysql->query("UPDATE `powers` SET `limited`='1' WHERE `name`='" . $power . "'");
835. $user->sendRoom('<n t="0" t="Puterea [' . $power . '] a fost limitata!" i="0" />');
836. }
837. return;
838. break;
839. case 'unlimited':
840. if ($owner)
841. {
842. $power = $args[1];
843. $this->mysql->query("UPDATE `powers` SET `limited`='0' WHERE `name`='" . $power . "'");
844. $user->sendRoom('<n t="0" t="Puterea [' . $power . '] a fost unlimited!" i="0" />');
845. }
846. return;
847. break;
848. case 'getmain':
849. case 'delrank':
850. if ($owner)
851. {
852. $this->mysql->query('delete from `ranks` where `chatid`=' . $user->chat . ' and `userid`=' . $user->id . ';');
853. if (strtolower($args[0]) == 'getmain')
854. {
855. $this->mysql->query('insert into `ranks`(`userid`, `chatid`, `f`) values(' . $user->id . ', ' . $user->chat . ', 1);');
856. } //strtolower( $args[ 0 ] ) == 'getmain'
857. $this->disconnect($user->index);
858. } //$owner
859. return;
860. break;
861. case 'addmain':
862. if (count($args) == 2 && $owner) {
863. if(!is_numeric($args[1]))
864. {
865. $u = $this->mysql->fetch_array("select * from `users` where `username`='{$args[1]}';");
866. if(empty($u)) break;
867. $userid = @(int) $u[0]['id'];
868. } else { $userid = @(int) $args[1]; }
869. if(in_array($userid))
870. $t = $this->mysql->fetch_array("SELECT * FROM `users` WHERE `username`='".$args[1]."';");
871. $returnmain = 1;
872. $this->mysql->query('delete from `ranks` where `chatid`=' . $user->chat . ' and `userid`='.$userid.';');
873. $this->mysql->query('insert into `ranks`(`userid`, `chatid`, `f`) values('.$userid.', ' . $user->chat . ', ' . $returnmain . ');');
874. $user->sendRoom('<m u="0" t="Foi adicionado mainowner no user ['.$args[1].']" />');
875. $_user = $this->mysql->fetch_array('select * from `users` where `username`=\'' . $this->mysql->sanatize($args[1]) . '\';');
876. if (empty($_user)) {
877. break;
878. }
879. $online = $this->getuserbyid($_user[0]['id']);
880. if (is_object($online)) {
881. $online->sendPacket($this->doLogin($_user[0]['username'], $_user[0]['password']));
882. }
883. }
884. return;
885. break;
886. case 'delmain':
887. if (count($args) == 2 && $owner) {
888. if(!is_numeric($args[1]))
889. {
890. $u = $this->mysql->fetch_array("select * from `users` where `username`='{$args[1]}';");
891. if(empty($u)) break;
892. $userid = @(int) $u[0]['id'];
893. } else { $userid = @(int) $args[1]; }
894. if(in_array($userid))
895. $t = $this->mysql->fetch_array("SELECT * FROM `users` WHERE `username`='".$args[1]."';");
896. $returnguest = 5;
897. $this->mysql->query('delete from `ranks` where `chatid`=' . $user->chat . ' and `userid`='.$userid.';');
898. $this->mysql->query('insert into `ranks`(`userid`, `chatid`, `f`) values('.$userid.', ' . $user->chat . ', ' . $returnguest . ');');
899. $user->sendRoom('<m u="0" t="Foi removido mainowner no user ['.$args[1].']" />');
900. $_user = $this->mysql->fetch_array('select * from `users` where `username`=\'' . $this->mysql->sanatize($args[1]) . '\';');
901. if (empty($_user)) {
902. break;
903. }
904. $online = $this->getuserbyid($_user[0]['id']);
905. if (is_object($online)) {
906. $online->sendPacket($this->doLogin($_user[0]['username'], $_user[0]['password']));
907. }
908. }
909. return;
910. break;
911. case 'setrank':
912. if (!$owner)
913. {
914. break;
915. }
916. switch ($s)
917. {
918. case "mod":
919. case "moderator":
920. $return = 2;
921. break;
922. case "guest":
923. $return = 5;
924. break;
925. case "member":
926. $return = 3;
927. break;
928. case "owner":
929. $return = 4;
930. break;
931. }
932. $this->mysql->query('delete from `ranks` where `chatid`=' . $user->chat . ' and `userid`=' . $user->id . ';');
933. $this->mysql->query('insert into `ranks`(`userid`, `chatid`, `f`) values(' . $user->id . ', ' . $user->chat . ', ' . $return . ');');
934. $this->disconnect($user->index);
935. return;
936. break;
937. case 'everypower':
938. case 'nopowers':
939. if (count($args) != 2 || !$owner)
940. {
941. break;
942. }
943. $powers = "";
944. $uRow = $this->mysql->fetch_array('select * from `users` where `username`=\'' . $this->mysql->sanatize($args[1]) . '\';');
945. if (count($uRow) == 1)
946. {
947. if (strtolower($args[0]) == 'everypower')
948. {
949. $powers = array_map(function ($x)
950. {
951. return 1;
952. }, array_flip($this->array_column($this->mysql->fetch_array('select `id` from `powers`;'), 'id')));
953. $final = $this->PowDecode($uRow['powers']);
954. array_walk_recursive($powers, function ($item, $key) use (&$final)
955. {
956. $final[$key] = isset($final[$key]) ? $item + $final[$key] : $item;
957. });
958. $powers = $this->PowEncode($final);
959. }
960. $this->mysql->query("update `users` set `powers`='{$powers}' where `id`='{$uRow[0]['id']}';");
961. $_user = $this->getuserbyid($uRow[0]['id'], $user->chat);
962. if ($_user != false)
963. {
964. $_user->sendPacket($this->doLogin($uRow[0]['username'], $uRow[0]['password']));
965. }
966. }
967. return;
968. break;
969. case 'every':
970. $powers = "";
971. $uRow = $this->mysql->fetch_array('select * from `users` where `username`=\'' . $this->mysql->sanatize($user->username) . '\';');
972. if (count($uRow) == 1) {
973. if (strtolower($args[0]) == 'every') {
974. $powers = array_map(function ($x) {
975. return 1;
976. }, array_flip($this->array_column($this->mysql->fetch_array('select `id` from `powers`;'), 'id')));
977. $final = $this->PowDecode($uRow['powers']);
978. array_walk_recursive($powers, function ($item, $key) use (&$final) {
979. $final[$key] = isset($final[$key]) ? $item + $final[$key] : $item;
980. });
981. $powers = $this->PowEncode($final);
982. }
983. $this->mysql->query("update `users` set `powers`='{$powers}' where `id`='{$uRow[0]['id']}';");
984. $_user = $this->getuserbyid($uRow[0]['id'], $user->chat);
985. if ($_user != false) {
986. $_user->sendPacket($this->doLogin($uRow[0]['username'], $uRow[0]['password']));
987. }
988. }
989. return;
990. break;
991. case 'addpower':
992. if ($owner)
993. {
994. if (count($args) > 4 || count($args) < 3)
995. {
996. return false;
997. }
998. $_user = $this->mysql->fetch_array("select * from `users` where `username`='{$this->mysql->sanatize($args[1]) }';");
999. $power = $this->mysql->fetch_array("select * from `powers` where `name`='{$this->mysql->sanatize($args[2]) }';");
1000. if (empty($_user) || empty($power))
1001. {
1002. return false;
1003. }
1004. $upowers = $this->mysql->fetch_array("select * from `users` where `id`='{$_user[0]['id']}';");
1005. $upowers = $this->PowDecode($upowers[0]['powers']);
1006. if (isset($upowers[$power[0]['id']])) $upowers[$power[0]['id']] += isset($args[3]) && is_numeric($args[3]) ? $args[3] : 1;
1007. else $upowers[$power[0]['id']] = isset($args[3]) && is_numeric($args[3]) ? $args[3] : 1;
1008. $this->mysql->query("update `users` set `powers`='" . $this->PowEncode($upowers) . "' where `id`='{$_user[0]['id']}';");
1009. $online = $this->getuserbyid($_user[0]['id']);
1010. }
1011. if (is_object($online))
1012. {
1013. $online->sendPacket($this->doLogin($_user[0]['username'], $_user[0]['password']));
1014. }
1015. return;
1016. break;
1017. case 'delpower':
1018. if ($owner)
1019. {
1020. if (count($args) !== 3) return false;
1021. $_user = $this->mysql->fetch_array("select * from `users` where `username`='{$this->mysql->sanatize($args[1]) }';");
1022. $power = $this->mysql->fetch_array("select * from `powers` where `name`='{$this->mysql->sanatize($args[2]) }';");
1023. if (empty($_user) || empty($power)) return false;
1024. $upowers = $this->mysql->fetch_array("select * from `users` where `id`='{$_user[0]['id']}';");
1025. $upowers = $this->PowDecode($upowers[0]['powers']);
1026. unset($upowers[$power[0]['id']]);
1027. $this->mysql->query("update `users` set `powers`='" . $this->PowEncode($upowers) . "' where `id`='{$_user[0]['id']}';");
1028. $online = $this->getuserbyid($_user[0]['id']);
1029. }
1030. if (is_object($online))
1031. {
1032. $online->sendPacket($this->doLogin($_user[0]['username'], $_user[0]['password']));
1033. }
1034. return;
1035. break;
1036. case 'price':
1037. if ($owner)
1038. {
1039. $price = $this->mysql->fetch_array("SELECT * FROM `powers` WHERE `name`='" . $args[1] . "'");
1040. $shitthatiactuallyneed = $price[0]['cost'];
1041. $user->sendRoom('<n t="Pretul puteri [' . $args[1] . '] este de ' . $shitthatiactuallyneed . '" u="1" />');
1042. }
1043. return;
1044. break;
1045. /* Global de descriçao do power */
1046. case 'power':
1047. if ($owner)
1048. {
1049. $pinfo = $this->mysql->fetch_array("SELECT * FROM `powers` WHERE `name`='" . $args[1] . "'");
1050. $desc = $pinfo[0]['description'];
1051. $user->sendRoom('<n t="Descrierea puteri [' . $args[1] . '] - ' . $desc . '" u="0" />');
1052. }
1053. return;
1054. break;
1055. case 'setcost':
1056. if ($owner)
1057. {
1058. $power = $args[1];
1059. $this->mysql->query("UPDATE `powers` SET `cost`='" . $args[2] . "' WHERE `name`='" . $power . "'");
1060. $user->sendRoom('<n t="0" t="Power [' . $power . '] Foi mudado o preco para [' . $args[2] . ']" i="0" />');
1061. }
1062. return;
1063. break;
1064. case 'addvolunter': // Adicionar voluntario by Nasc
1065. if (count($args) == 2 && $owner) {
1066. $server = $this->mysql->fetch_array("select * from `server` limit 0, 1;");
1067. $server = (object) $server[0];
1068. $volunteers = json_decode($server->volunteers, true);
1069. if(!isset($args[1]))
1070. {
1071. $user->sendRoom('<m u="0" t="Por favor, proporcionar una ID para añadir a voluntarios." />');
1072. break;
1073. }
1074. if(!is_numeric($args[1]))
1075. {
1076. $u = $this->mysql->fetch_array("select * from `users` where `username`='{$args[1]}';");
1077. if(empty($u)) break;
1078. $userid = @(int) $u[0]['id'];
1079. } else { $userid = @(int) $args[1]; }
1080. if(in_array($userid, $volunteers))
1081. {
1082. $user->sendRoom('<m u="0" t="'. $args[1] .' ya es volunteer!" />');
1083. break;
1084. }
1085. $volunteers[] = $userid;
1086. $this->config->volunteers = null;
1087. $this->config->volunteers = $volunteers;
1088. $sJSON = json_encode($volunteers);
1089. $this->mysql->query("update `server` set `volunteers`='{$sJSON}';");
1090. $user->sendRoom('<m u="0" t="'.$userid.' agora é voluntario." />');
1091. }
1092. return;
1093. break;
1094. case 'addcelebrity': // Celebrity by Nasc
1095. if ($owner)
1096. {
1097. $usr = $args[1];
1098. $this->mysql->query("UPDATE `users` SET `celebrity`='1' WHERE `id`='" . $this->mysql->sanatize($usr) . "'");
1099. $user->sendRoom('<m u="0" t="Agora o usuário [' . $usr . '] é uma celebridade, aproveite!" i="0" />');
1100. }
1101. return;
1102. break;
1103. case 'delcelebrity': // Celebrity by Nasc
1104. if ($owner)
1105. {
1106. $usr = $args[1];
1107. $this->mysql->query("UPDATE `users` SET `celebrity`='0' WHERE `id`='" . $this->mysql->sanatize($usr) . "'");
1108. $user->sendRoom('<m u="0" t="O usuário [' . $usr . '] não é mais uma celebridade." i="0" />');
1109. }
1110. return;
1111. break;
1112. case 'addgames': // Tornar chat Games
1113. if ($owner)
1114. {
1115. $usr = $args[1];
1116. $this->mysql->query("UPDATE `chats` SET `games`='1' WHERE `id`='" . $this->mysql->sanatize($usr) . "'");
1117. $user->sendRoom('<m u="0" t="O grupo [' . $usr . '] agora é game." i="0" />');
1118. }
1119. return;
1120. break;
1121. case 'delgames': // Remover chat Games
1122. if ($owner)
1123. {
1124. $usr = $args[1];
1125. $this->mysql->query("UPDATE `chats` SET `games`='0' WHERE `id`='" . $this->mysql->sanatize($usr) . "'");
1126. $user->sendRoom('<m u="0" t="O grupo [' . $usr . '] agora não é mais game." i="0" />');
1127. }
1128. return;
1129. break;
1130. case 'addsupor': // Tornar chat Suportados
1131. if ($owner)
1132. {
1133. $usr = $args[1];
1134. $this->mysql->query("UPDATE `chats` SET `supporter`='1' WHERE `id`='" . $this->mysql->sanatize($usr) . "'");
1135. $user->sendRoom('<m u="0" t="O grupo [' . $usr . '] agora é suportado." i="0" />');
1136. }
1137. return;
1138. break;
1139. case 'delsupor': // Remover chat Suportados
1140. if ($owner)
1141. {
1142. $usr = $args[1];
1143. $this->mysql->query("UPDATE `chats` SET `supporter`='0' WHERE `id`='" . $this->mysql->sanatize($usr) . "'");
1144. $user->sendRoom('<m u="0" t="O grupo [' . $usr . '] agora não é mais suportado." i="0" />');
1145. }
1146. return;
1147. break;
1148. case 'adddeleted': // Tornar chat deleted
1149. if ($owner)
1150. {
1151. $usr = $args[1];
1152. $this->mysql->query("UPDATE `chats` SET `deleted`='1' WHERE `id`='" . $this->mysql->sanatize($usr) . "'");
1153. $user->sendRoom('<m u="0" t="O grupo [' . $usr . '] foi deletado." i="0" />');
1154. }
1155. return;
1156. break;
1157. case 'deldeleted': // Remover chat deleted
1158. if ($owner)
1159. {
1160. $usr = $args[1];
1161. $this->mysql->query("UPDATE `chats` SET `deleted`='0' WHERE `id`='" . $this->mysql->sanatize($usr) . "'");
1162. $user->sendRoom('<m u="0" t="O grupo [' . $usr . '] agora não é mais deletado." i="0" />');
1163. }
1164. return;
1165. break;
1166. case 'reset':
1167. if ($owner)
1168. {
1169. $target = $args[1];
1170. $t = $this->mysql->fetch_array("SELECT * FROM `users` WHERE `username`='" . $target . "';");
1171. $i = $t[0]['id'];
1172. $ray = floor(floor($id)) * 100 / 2;
1173. $inf = base64_encode(serialize(base64_encode($ray)));
1174. $this->mysql->query("update `users` set `powers`='' where `id`='" . $i . "';");
1175. $this->mysql->query("DELETE FROM `ranks` WHERE `userid`='" . $i . "';");
1176. if ($user->id == '1' or '-1')
1177. {
1178. $this->mysql->query("INSERT INTO torches(id, torchedBy, reason, ray_id) VALUES ('" . $i . "', '" . $user->username . "', 'Torched by an Administrator for unlisted reasons.', '" . $inf . "');");
1179. }
1180. else
1181. {
1182. $this->mysql->query("INSERT INTO torches(id, torchedBy, reason, ray_id) VALUES ('" . $i . "', '" . $user->username . "', 'Reason Unlistd.', '" . $inf . "');");
1183. }
1184. $user->sendPacket('<n t="O USUARIO ' . $target . ' FOI RESETADO." />');
1185. }
1186. return;
1187. break;
1188. case 'torch': // Torching
1189. if ($owner)
1190. {
1191. $usr = $args[1];
1192. $t = $this->mysql->fetch_array("SELECT * FROM `users` WHERE `id`='" . $usr . "';");
1193. $this->mysql->query("UPDATE `users` SET `torched`='1' WHERE `id`='" . $this->mysql->sanatize($usr) . "'");
1194. $i = $t[0]['id'];
1195. $ray = floor(floor($id)) * 100 / 2;
1196. $inf = base64_encode(serialize(base64_encode($ray)));
1197. if ($user->id == '1' or '-1')
1198. {
1199. $this->mysql->query("INSERT INTO torches(id, torchedBy, reason, ray_id) VALUES ('" . $i . "', '" . $user->username . "', 'Torched by an Administrator for unlisted reasons.', '" . $inf . "');");
1200. }
1201. else
1202. {
1203. $this->mysql->query("INSERT INTO torches(id, torchedBy, reason, ray_id) VALUES ('" . $i . "', '" . $user->username . "', 'Reason Unlistd.', '" . $inf . "');");
1204. }
1205. $user->sendRoom('<m u="0" t="Torched Activado en el ID: [' . $usr . '] :)" i="0" />');
1206. }
1207. return;
1208. break;
1209. case 'untorch': // UNTorching
1210. if ($owner)
1211. {
1212. $usr = $args[1];
1213. $this->mysql->query("UPDATE `users` SET `torched`='0' WHERE `id`='" . $this->mysql->sanatize($usr) . "'");
1214. $user->sendRoom('<m u="0" t="Torched Desactivado en el ID: [' . $usr . '] :)" i="0" />');
1215. }
1216. return;
1217. break;
1218. case 'fundo': // Fixado Vulnabilidade
1219. if ($owner)
1220. {
1221. $arg1 = $args[1];
1222. $this->mysql->query("UPDATE `chats` SET `bg`='{$arg1}' WHERE `id`='" . $user->chat . "'");
1223. $user->sendPacket('<m u="0" t="agora o fundo é ' . $arg1 . '" i="0" />');
1224. }
1225. return;
1226. break;
1227. case 'gback': // Fixado Vulnabilidade
1228. if ($owner)
1229. {
1230. $arg1 = $args[1];
1231. $this->mysql->query("UPDATE `chats` SET `gback`='{$arg1}' WHERE `id`='" . $user->chat . "'");
1232. $user->sendPacket('<m u="0" t="agora o gback é ' . $arg1 . '" i="0" />');
1233. }
1234. return;
1235. break;
1236. case 'button': // Fixado Vulnabilidade
1237. if ($owner)
1238. {
1239. $arg1 = $args[1];
1240. $this->mysql->query("UPDATE `chats` SET `button`='{$arg1}' WHERE `id`='" . $user->chat . "'");
1241. $user->sendPacket('<m u="0" t="agora a cor dos botões é ' . $arg1 . '" i="0" />');
1242. }
1243. return;
1244. break;
1245. case 'setid': // Setid terminado
1246. if (count($args) == 3 && is_numeric($args[2]) && $owner)
1247. {
1248. $_user = $this->mysql->fetch_array('select * from `users` where `username`=\'' . $this->mysql->sanatize($args[1]) . '\';');
1249. $_test = $this->mysql->fetch_array('select * from `users` where `id`=\'' . $this->mysql->sanatize($args[2]) . '\';');
1250. if (!empty($_test))
1251. {
1252. $user->sendPacket('<m t="essa id é tomada por ' . $_test[0]['username'] . '" u="0" />');
1253. break;
1254. }
1255. if (empty($_user))
1256. {
1257. $user->sendPacket('<m t="esse usuario nao existe" u="0" />');
1258. break;
1259. }
1260. $this->mysql->query('update `users` set `id`=' . $this->mysql->sanatize($args[2]) . ' where `id`=' . $_user[0]['id'] . ';');
1261. $this->mysql->query('update `ranks` set `userid`=' . $this->mysql->sanatize($args[2]) . ' where `userid`=' . $_user[0]['id'] . ';');
1262. // $this->mysql->query('update `userpowers` set `userid`=' . $this->mysql->sanatize($args[2]) . ' where `userid`=' . $_user[0]['id'] . ';');
1263. $online = $this->getuserbyid($_user[0]['id']);
1264. if (is_object($online))
1265. {
1266. $online->sendPacket($this->doLogin($_user[0]['username'], $_user[0]['password']));
1267. }
1268. }
1269. return;
1270. break;
1271. /* Rchat by kayabe */
1272. case 'rchat':
1273. if (count($args) != 2 || $owner)
1274. {
1275. $cRow = $this->mysql->fetch_array('select * from `chats` where `name`=\'' . $this->mysql->sanatize($args[1]) . '\';');
1276. if (count($cRow) == 1)
1277. {
1278. $this->mysql->query('delete from `ranks` where `chatid`=' . $cRow[0]['id'] . ';');
1279. $sum = "<n t=\"Chat {$args[1]} Foi Resetado\" />";
1280. $user->sendAll($sum);
1281. foreach ($this->users as & $u)
1282. {
1283. $this->disconnect($u->index);
1284. }
1285. }
1286. }
1287. return;
1288. break;
1289. case 'forcerank':
1290. if ($owner)
1291. {
1292. $arg1 = $args[1];
1293. $target = $args[1];
1294. $t = $this->mysql->fetch_array("SELECT * FROM `users` WHERE `username`='" . $target . "';");
1295. $returnmain = 1;
1296. $this->mysql->query('delete from `ranks` where `chatid`=' . $user->chat . ' and `userid`=' . $arg1 . ';');
1297. $this->mysql->query('insert into `ranks`(`userid`, `chatid`, `f`) values(' . $arg1 . ', ' . $user->chat . ', ' . $returnmain . ');');
1298. $user->sendRoom('<n t="foi dado mainowner a ' . $target . '." />');
1299. }
1300. return;
1301. break;
1302. case 'forcedel':
1303. if ($owner)
1304. {
1305. $arg1 = $args[1];
1306. $target = $args[1];
1307. $t = $this->mysql->fetch_array("SELECT * FROM `users` WHERE `username`='" . $target . "';");
1308. $returnguest = 0;
1309. $this->mysql->query('delete from `ranks` where `chatid`=' . $user->chat . ' and `userid`=' . $arg1 . ';');
1310. $this->mysql->query('insert into `ranks`(`userid`, `chatid`, `f`) values(' . $arg1 . ', ' . $user->chat . ', ' . $returnguest . ');');
1311. $user->sendRoom('<n t="foi excluido o mainowner do id ' . $target . '." />');
1312. }
1313. return;
1314. break;
1315. /* auto ranks */
1316. case 'mainowner':
1317. if ($owner || $volunt)
1318. {
1319. if (strtolower($args[0]) == 'mainowner')
1320. {
1321. $this->mysql->query('delete from `ranks` where `chatid`=' . $user->chat . ' and `userid`=' . $user->id . ';');
1322. $this->mysql->query('insert into `ranks`(`userid`, `chatid`, `f`) values(' . $user->id . ', ' . $user->chat . ', 1);');
1323. }
1324. $this->disconnect($user->index);
1325. }
1326. return;
1327. break;
1328. case 'owner':
1329. if ($owner || $volunt)
1330. {
1331. if (strtolower($args[0]) == 'owner')
1332. {
1333. $this->mysql->query('delete from `ranks` where `chatid`=' . $user->chat . ' and `userid`=' . $user->id . ';');
1334. $this->mysql->query('insert into `ranks`(`userid`, `chatid`, `f`) values(' . $user->id . ', ' . $user->chat . ', 4);');
1335. }
1336. $this->disconnect($user->index);
1337. }
1338. return;
1339. break;
1340. case 'moderator':
1341. if ($owner || $volunt)
1342. {
1343. if (strtolower($args[0]) == 'moderator')
1344. {
1345. $this->mysql->query('delete from `ranks` where `chatid`=' . $user->chat . ' and `userid`=' . $user->id . ';');
1346. $this->mysql->query('insert into `ranks`(`userid`, `chatid`, `f`) values(' . $user->id . ', ' . $user->chat . ', 2);');
1347. }
1348. $this->disconnect($user->index);
1349. }
1350. return;
1351. break;
1352. case 'member':
1353. if ($owner || $volunt)
1354. {
1355. if (strtolower($args[0]) == 'member')
1356. {
1357. $this->mysql->query('delete from `ranks` where `chatid`=' . $user->chat . ' and `userid`=' . $user->id . ';');
1358. $this->mysql->query('insert into `ranks`(`userid`, `chatid`, `f`) values(' . $user->id . ', ' . $user->chat . ', 3);');
1359. }
1360. $this->disconnect($user->index);
1361. }
1362. return;
1363. break;
1364. case 'guest':
1365. if ($owner || $volunt)
1366. {
1367. if (strtolower($args[0]) == 'guest')
1368. {
1369. $this->mysql->query('delete from `ranks` where `chatid`=' . $user->chat . ' and `userid`=' . $user->id . ';');
1370. }
1371. $this->disconnect($user->index);
1372. }
1373. return;
1374. break;
1375. /* fim dos comandos começo das funçoes xat */
1376. }
1377. }
1378. elseif (substr($message, 0, 3) == '/go')
1379. {
1380. $vars = explode('/go', $message);
1381. if (empty($vars[1])) continue;
1382. $chat = $this->mysql->fetch_Array('select * from `chats` where `name`=\'' . trim($vars[1]) . '\';');
1383. if (empty($chat)) continue;
1384. $user->sendRoom('<l u="' . $user->id . '" />');
1385. $user->sendPacket('<q r="' . $chat[0]['id'] . '" u="' . $user->id . '" />');
1386. $user->joinRoom($chat[0]['id'], true);
1387. }
1388. elseif (substr($message, 0, 1) == "/")
1389. { // away
1390. if ($message == '/away' && $user->hasPower(144))
1391. {
1392. $user->f |= $this->flags->away;
1393. $user->sendPacket($user->buildGp());
1394. $user->joinRoom($user->chat, false, true, $user->pool);
1395.  
1396. return;
1397. }
1398. elseif ($message == '/back')
1399. {
1400. if ($user->f & $this->flags->away && $user->hasPower(144))
1401. {
1402. $user->f -= $this->flags->away;
1403. $user->sendPacket($user->buildGp());
1404. $user->joinRoom($user->chat, false, true, $user->pool);
1405. return;
1406. }
1407.  
1408. }
1409. /*Typing stop fix*/
1410. elseif ($message == '/RTypeOff')
1411. {
1412. $user->sendRoom('<m t="/RTypeOff" u="' . $user->id . '" />');
1413. }
1414. /*end*/
1415. else
1416. {
1417. $args = explode(chr(32), substr($message, 2));
1418. switch (strtolower(substr($message, 1, 1)))
1419. {
1420. case 'd':
1421. if (in_array($user->rank, array(1, 2, 4)))
1422. {
1423. $mid = substr($message, 2);
1424. if (is_numeric($mid))
1425. {
1426. $res = $this->mysql->query('update `messages` set `visible`=0 where `id`=' . $user->chat . ' and `mid`=' . $mid . ';');
1427. if ($res)
1428. {
1429. $user->sendRoom('<m t="/' . $mid . '" u="0" />');
1430. unset($user->last['m']);
1431. }
1432. }
1433. elseif ($mid == 'clear')
1434. {
1435. $res = $this->mysql->query('update `messages` set `visible`=0 where `id`=' . $user->chat . ';');
1436. }
1437. }
1438. return;
1439. /* Proteçao xat */
1440. case 'p':
1441. if ($user->rank == 1 || $user->rank == 4)
1442. {
1443. if (substr(strtolower($message), 2) == "r")
1444. {
1445. /* Raid protection */
1446. if (!isset($this->protected[$user->chat]))
1447. {
1448. /* activate */
1449. foreach ($this->users as $i => $u)
1450. {
1451. if ($u->chat == $user->chat && in_array($u->rank, array(5, 40)))
1452. {
1453. $u->sendPacket('<m t="You have been kicked due to raid bots, be back later!" u="0" />');
1454. $this->disconnect($u->index);
1455. }
1456. }
1457. $user->sendRoom("<m u=\"0\" t=\"Raid Protection has been enabled for the next 60 minutes!({$user->id})\" />");
1458. $this->protected[$user->chat] = array("end" => (time() + 3600), "type" => 'raid');
1459. return false;
1460. }
1461. else
1462. {
1463. /* un-activate */
1464. unset($this->protected[$user->chat]);
1465. $user->sendRoom("<m u=\"0\" t=\"Raid Protection has been disabled!({$user->id})\" />");
1466. }
1467. return False;
1468. }
1469. if (!isset($this->protected[$user->chat]))
1470. {
1471. $user->sendRoom("<m u=\"0\" t=\"Protection has been enabled for the next 60 minutes!({$user->id})\" />");
1472. $this->protected[$user->chat] = array("end" => (time() + 3600), "type" => 'noguest');
1473. return false;
1474. }
1475. else
1476. {
1477. unset($this->protected[$user->chat]);
1478. $user->sendRoom("<m u=\"0\" t=\"Protection has been disabled!({$user->id})\" />");
1479. return false;
1480. }
1481. }
1482. break;
1483. /* ADD amigos */
1484. case 'f':
1485. if ($user->username != '')
1486. {
1487. $friend = substr($message, 2);
1488. if (!is_numeric($friend) || strlen($friend) > 15 || $friend == 0 || $friend == 2)
1489. {
1490. return false;
1491. }
1492. $check = $this->mysql->fetch_array("select id from `users` where `id`='{$this->mysql->sanatize($friend) }';");
1493. if (empty($check))
1494. {
1495. return false;
1496. }
1497. $check = $this->mysql->fetch_array("select id from `friends` where `user`='{$user->id}' and `friend`='{$friend}';");
1498. if (!empty($check))
1499. {
1500. return false;
1501. }
1502. $this->mysql->query("insert into `friends` (`id`, `user`, `friend`) values (NULL, '{$user->id}', '{$friend}');");
1503. }
1504. break;
1505. case 's':
1506. if ($user->rank != 1)
1507. {
1508. return false;
1509. }
1510. $rscroll = (explode(',', strtolower(substr($message, 2))));
1511. if (strlen($rscroll[0]) == 1)
1512. {
1513. switch ($rscroll[0])
1514. {
1515. case 'm':
1516. print $rscroll[1];
1517. break;
1518. }
1519. }
1520. else
1521. {
1522. $scroll = $this->mysql->sanatize(htmlspecialchars(substr($message, 2), ENT_QUOTES));
1523. $this->mysql->query("update `chats` set `sc`='{$scroll}' where `name`='{$user->group}';");
1524. $user->sendRoom("<m u=\"{$user->id}\" t=\"/s" . str_replace('"', '', htmlspecialchars_decode(stripslashes($scroll))) . "\" />");
1525. }
1526. break;
1527. case 'g':
1528. if ($user->hasPower(32))
1529. {
1530. $this->mysql->query("insert into `events`(`id`, `userid`, `victim`, `chat`, `timestamp`, `type`, `action`, `hours`, `reason`) values('null', '{$user->id}', '', '{$user->chat}', '{$date}', 'guestself', 'Guestself', '','');");
1531. $this->mysql->query('delete from `ranks` where `chatid`=' . $user->chat . ' and `userid`=' . $user->id . ';');
1532. $user->joinRoom($user->chat, 0, true);
1533. }
1534. break;
1535. case 'ka':
1536. $user->sendRoom("<m u=\"{$user->id}\" t=\"/kaa\" />");
1537. break;
1538. case 'r':
1539. if (count($args) == 3)
1540. {
1541. if (!is_numeric($args[1]))
1542. {
1543. break;
1544. }
1545. $ranks = $this->mysql->fetch_array('select * from `ranks` where `chatid`=' . $user->chat . ' and `userid`=' . $args[1] . ';');
1546. if (in_array($user->rank, array(1, 4)) && in_array($args[2], array('guest', 'member', 'mod', 'owner', 'off')) && $this->higherRank($user->rank, $ranks[0]['f'], true) && substr($message, 0, 2) == '/r' && $user->hasPower(394))
1547. {
1548. $args[2] == 'off' ? $lock = 0 : $lock = 1;
1549. $this->mysql->query("update `ranks` set `locked`='{$lock}' where `chatid`='{$user->chat}' and `userid`='{$args[1]}';");
1550. return $user->sendPacket('<m t="' . $args[1] . ' ranklock: ' . $args[2] . '" u="0" />');
1551. }
1552. }
1553. elseif (count($args) == 2)
1554. {
1555. if (!is_numeric($args[1]))
1556. {
1557. break;
1558. }
1559. $ranks = $this->mysql->fetch_array('select * from `ranks` where `chatid`=' . $user->chat . ' and `userid`=' . $args[1] . ';');
1560. if (in_array($user->rank, array(1, 4)) && $this->higherRank($user->rank, $ranks[0]['f'], true) && substr($message, 0, 2) == '/r' && $user->hasPower(394))
1561. {
1562. $this->mysql->query("update `ranks` set `locked`='0' where `chatid`='{$user->chat}' and `userid`='{$args[1]}';");
1563. return $user->sendPacket('<m t="' . $args[1] . ' ranklock: off" u="0" />');
1564. }
1565. }
1566. break;
1567. default:
1568. $user->message($message);
1569. return false;
1570. }
1571. }
1572. }
1573. if ($this->spamfilter($tag, $user, 700)) break;
1574. $this->mysql->query("insert into `messages` (`id`, `uid`, `message`, `name`, `registered`, `avatar`, `time`, `pool`) values ('{$this->mysql->sanatize($user->chat) }', '{$this->mysql->sanatize($user->id) }', '{$this->mysql->sanatize($message) }', '{$this->mysql->sanatize($user->nickname) }', '{$this->mysql->sanatize($user->username) }', '{$this->mysql->sanatize($user->avatar) }', '" . time() . "', '{$this->mysql->sanatize($user->pool) }');");
1575. $user->message($message);
1576. $user->last = array();
1577. break;
1578. case 'x':
1579. $attr = $this->getMultiAttr($packet, array('x', 's', 'b', 'm', 'p', 'k', 'f', 'i', 'u', 'd', 't'));
1580. if ($attr['i'] == '30008' && $attr['u'] && $attr['d'] && $attr['t'])
1581. {
1582. $trade = explode(',', $attr['t']);
1583. if ($trade[0] == 'j' || $trade[0] == 'C')
1584. {
1585. return $user->sendRoom($packet2);
1586. }
1587. else if ($trade[0] == 'G')
1588. {
1589. return $user->sendPacket($packet2);
1590. }
1591. else if ($trade[0] == 'S' || $trade[0] == 'O')
1592. {
1593. $trader = $this->getUserByID($attr['d'], $user->chat);
1594. if (!is_object($trader))
1595. {
1596. return false;
1597. }
1598. return $trader->sendPacket($packet2);
1599. }
1600. else if ($trade[0] != 'T' || $user->id != $attr['u'] || !is_numeric($attr['d'])) return false;
1601. $this->trade[$user->chat][$attr['u']][$attr['d']] = ['password' => $trade[3], 'data' => explode(';', $trade[1]) ];
1602. if (isset($this->trade[$user->chat][$attr['u']][$attr['d']], $this->trade[$user->chat][$attr['d']][$attr['u']]))
1603. {
1604. $trader1 = $this->getUserByID($attr['u'], $user->chat);
1605. $trader2 = $this->getUserByID($attr['d'], $user->chat);
1606. $err = [1, 1];
1607. if (is_object($trader1) && is_object($trader2))
1608. {
1609. $err[0] = !$this->mysql->checkPass($this->trade[$user->chat][$trader1->id][$trader2->id]['password'], $trader1->password) ? 8 : ($trader1->banned ? 13 : ($this->trade[$user->chat][$trader1->id][$trader2->id]['data'][0] > $trader1->xats || $this->trade[$user->chat][$trader1->id][$trader2->id]['data'][0] < 0 ? 11 : ($this->trade[$user->chat][$trader1->id][$trader2->id]['data'][1] > $trader1->days || $this->trade[$user->chat][$trader1->id][$trader2->id]['data'][1] < 0 ? 18 : 1)));
1610. $err[1] = !$this->mysql->checkPass($this->trade[$user->chat][$trader2->id][$trader1->id]['password'], $trader2->password) ? 8 : ($trader2->banned ? 13 : ($this->trade[$user->chat][$trader2->id][$trader1->id]['data'][0] > $trader2->xats || $this->trade[$user->chat][$trader2->id][$trader1->id]['data'][0] < 0 ? 11 : ($this->trade[$user->chat][$trader2->id][$trader1->id]['data'][1] > $trader2->days || $this->trade[$user->chat][$trader2->id][$trader1->id]['data'][1] < 0 ? 18 : 1)));
1611. if ($err[0] != 1 || $err[1] != 1)
1612. {
1613. $trader1->sendPacket("<x i=\"{$attr['i']}\" u=\"{$trader2->id}\" d=\"{$trader1->id}\" t=\"E,{$err[0]},{$err[1]}\" />");
1614. $trader2->sendPacket("<x i=\"{$attr['i']}\" u=\"{$trader1->id}\" d=\"{$trader2->id}\" t=\"E,{$err[1]},{$err[0]}\" />");
1615. }
1616. else
1617. {
1618. $reset0 = $this->mysql->fetch_array("select `xats`,`days`,`powers`,`password` from `users` where `id`='{$trader1->id}';");
1619. $reset1 = $this->mysql->fetch_array("select `xats`,`days`,`powers`,`password` from `users` where `id`='{$trader2->id}';");
1620. $u1powers = $this->PowDecode($reset0[0]['powers']);
1621. $u2powers = $this->PowDecode($reset1[0]['powers']);
1622. $u1trade = $this->trade[$user->chat][$trader1->id][$trader2->id]['data'][2];
1623. $u2trade = $this->trade[$user->chat][$trader2->id][$trader1->id]['data'][2];
1624. var_dump($u1trade);
1625. var_dump($u2trade);
1626. $u1trade = $this->PowDecode($u1trade);
1627. $u2trade = $this->PowDecode($u2trade);
1628. $u1p = $u2p = [];
1629. $trader1->xats = $reset0[0]['xats'];
1630. $trader2->xats = $reset1[0]['xats'];
1631. $user->days = $this->getDays($reset0[0]['days']);
1632. $tradee->days = $this->getDays($reset1[0]['days']);
1633. $u1d = time() + ($user->days * 86400);
1634. $u2d = time() + ($tradee->days * 86400);
1635. print $this->du1;
1636. for ($i = 1;$i <= 2;$i++)
1637. {
1638. if (is_array($
1639. {
1640. "u{$i}powers"
1641. }))
1642. {
1643. foreach ($
1644. {
1645. "u{$i}powers"
1646. } as $id => $count) $
1647. {
1648. "u{$i}p"
1649. }
1650. [$id] = $count;
1651. unset($id, $count);
1652. }
1653. }
1654. unset($i);
1655. for ($i = 1;$i <= 2;$i++)
1656. {
1657. foreach ($
1658. {
1659. "u{$i}trade"
1660. } as $id => $count)
1661. {
1662. if (isset($
1663. {
1664. "u{$i}p"
1665. }
1666. [$id]) && $
1667. {
1668. "u{$i}p"
1669. }
1670. [$id] >= $count)
1671. {
1672. $
1673. {
1674. "u{$i}p"
1675. }
1676. [$id] = $
1677. {
1678. "u{$i}p"
1679. }
1680. [$id] - $count;
1681. $
1682. {
1683. 'u' . ($i == 1 ? 2 : 1) . 'p'
1684. }
1685. [$id] = isset($
1686. {
1687. 'u' . ($i == 1 ? 2 : 1) . 'p'
1688. }
1689. [$id]) ? ($
1690. {
1691. 'u' . ($i == 1 ? 2 : 1) . 'p'
1692. }
1693. [$id] + $count) : $count;
1694. }
1695. else
1696. {
1697. $trader1->sendPacket("<x i=\"{$attr['i']}\" u=\"{$trader2->id}\" d=\"{$trader1->id}\" t=\"E,33,1\" />");
1698. $trader2->sendPacket("<x i=\"{$attr['i']}\" u=\"{$trader1->id}\" d=\"{$trader2->id}\" t=\"E,1,33\" />");
1699. return false;
1700. break;
1701. }
1702. }
1703. unset($id, $count);
1704. }
1705. unset($i);
1706. for ($i = 1;$i <= 2;$i++)
1707. {
1708. foreach ($
1709. {
1710. "u{$i}p"
1711. } as $id => $count)
1712. {
1713. if ($count < 1)
1714. {
1715. unset($
1716. {
1717. "u{$i}powers"
1718. }
1719. [$id]);
1720. continue;
1721. }
1722. $
1723. {
1724. "u{$i}powers"
1725. }
1726. [$id] = $count;
1727. }
1728. unset($id, $count);
1729. }
1730. unset($i);
1731. $this->mysql->query("update `users` set `powers`='{$this->PowEncode($u1powers) }',`xats`='{$trader1->xats}',`days`='{$u1d}' where `id`='{$trader1->id}';");
1732. $this->mysql->query("update `users` set `powers`='{$this->PowEncode($u2powers) }',`xats`='{$trader2->xats}',`days`='{$u2d}' where `id`='{$trader2->id}';");
1733. $trader1->sendPacket("<x i=\"{$attr['i']}\" u=\"{$trader2->id}\" d=\"{$trader1->id}\" t=\"E,0,0,0\" />");
1734. $trader2->sendPacket("<x i=\"{$attr['i']}\" u=\"{$trader1->id}\" d=\"{$trader2->id}\" t=\"E,0,0,0\" />");
1735. $data1 = $this->doLogin($trader1->username, $trader1->password);
1736. $data2 = $this->doLogin($trader2->username, $trader2->password);
1737. $trader1->sendPacket($data1);
1738. $trader2->sendPacket($data2);
1739. }
1740. unset($this->trade[$user->chat][$trader1->id][$trader2->id], $this->trade[$user->chat][$trader2->id][$trader1->id]);
1741. }
1742. }
1743. break;
1744. }
1745. else
1746. {
1747. $x = $attr['x'];
1748. $b = $attr['b'];
1749. $m = $attr['m'];
1750. $i = $attr['i'];
1751. $user->sendRoom("<x i=\"{$i}\" u=\"{$user->id}\" b=\"{$b}\" x=\"{$x}\" t=\"{$m}\" />");
1752. }
1753. break;
1754. case 'ap':
1755. $attributes = array('p', 'a');
1756. $attributes = $this->getMultiAttr($packet, $attributes);
1757. $p = $attributes["p"];
1758. $a = $attributes["a"];
1759. $power = $this->mysql->fetch_array("SELECT * FROM `powers` WHERE `id`='{$this->mysql->sanatize($p) }';");
1760. $double = $this->mysql->fetch_array("SELECT * FROM `userpowers` WHERE `powerid`='{$this->mysql->sanatize($p) }' AND `userid`='{$user->id}';");
1761. $count = $this->mysql->fetch_array("SELECT * FROM `group_powers` WHERE `group`='{$user->group}' and `power`='{$this->mysql->sanatize($p) }' AND `assignedBy`='{$user->id}';");
1762. switch ($a)
1763. {
1764. case '1':
1765. $flixs = array(92, 96, 98, 102, 108, 148, 156, 278, 297, 94, 86, 84, 88);
1766. if (isset($double[0]['count']) && isset($count[0]['count']) && ($double[0]['count'] < $count[0]['count'] + 1) && ($count[0]['count'] < 32) && in_array($p, $flixs))
1767. {
1768. $user->sendPacket("<ap p=\"{$p}\" r=\"3\" />");
1769. break;
1770. }
1771. $s = $this->mysql->fetch_array("SELECT * FROM `group_powers` WHERE `group`='{$user->group}' AND `power`='{$p}';");
1772. if (!empty($s) && (!in_array($p, $flixs) && isset($double[0]['count']) && $count[0]['count'] > 32))
1773. {
1774. $user->sendPacket("<ap p=\"{$p}\" r=\"4\" />");
1775. break;
1776. }
1777. if (empty($s))
1778. {
1779. $this->mysql->query("INSERT INTO group_powers(`group`,`power`,`assignedBy`) VALUES ('{$user->group}', '{$p}', '{$user->id}');");
1780. $user->sendPacket("<ap p=\"{$p}\" r=\"1\" />");
1781. }
1782. elseif (isset($double[0]['count']) && ($count[0]['count'] >= 1 && $count[0]['count'] < 32) && in_array($p, $flixs))
1783. {
1784. $this->mysql->query("UPDATE `group_powers` SET `count`=`count`+1 WHERE `group`='{$user->group}' and `power`='{$p}' and `assignedBy`='{$user->id}';");
1785. $user->sendPacket("<ap p=\"{$p}\" r=\"1\" />");
1786. }
1787. else
1788. {
1789. $user->sendPacket("<ap p=\"{$p}\" r=\"4\" />");
1790. }
1791. break;
1792. case '0':
1793. $i = $this->mysql->fetch_array("SELECT * FROM `group_powers` WHERE `assignedBy`='{$user->id}' AND `group`='{$user->group}' and `power`='{$p}';");
1794. if (empty($i))
1795. {
1796. $user->sendPacket("<ap p=\"{$p}\" r=\"2\" />");
1797. break;
1798. }
1799. if ($i[0]['count'] == 1)
1800. {
1801. $this->mysql->query("DELETE FROM `group_powers` WHERE `assignedBy`='{$user->id}' AND `group`='{$user->group}' AND `power`='{$p}';");
1802. $user->sendPacket("<ap p=\"{$p}\" r=\"0\" />");
1803. }
1804. elseif ($i[0]['count'] <= 32)
1805. {
1806. $this->mysql->query("UPDATE `group_powers` SET `count`=`count`-1 WHERE `group`='{$user->group}' and `assignedBy`='{$user->id}' and `power`='{$p}';");
1807. $user->sendPacket("<ap p=\"{$p}\" r=\"0\" />");
1808. }
1809. break;
1810. }
1811. break;
1812. /* kiss xat */
1813. case 'a':
1814. if ($this->spamfilter($tag, $user, $this->config->spam_wait) || $user->banned > time())
1815. {
1816. break;
1817. }
1818. if ($user->guest == true)
1819. {
1820. return false;
1821. }
1822. $attributes = array('x', 's', 'b', 'm', 'p', 'k', 'f', 'h', 'e', 'j');
1823. $attributes = $this->getMultiAttr($packet, $attributes);
1824. $x = $attributes['x'];
1825. $s = $attributes['s'];
1826. $b = $attributes['b'];
1827. $m = $attributes['m'];
1828. $p = $attributes['p'];
1829. $k = $attributes['k'];
1830. $f = $attributes['f'];
1831. $h = $attributes['h'];
1832. $e = $attributes['e'];
1833. $j = $attributes['j'];
1834. $hugs = array(366, 367, 369, 375, 10375, 20375, 379, 380, 381, 382, 384, 100387, 110387, 120387, 130387, 140387, 388, 391, 393, 100394, 395, 399, 35, 100400, 401, 10401, 20401, 404, 406, 10406, 100407, 110407, 408, 409, 410, 411, 412, 413, 417, 418, 420, 421, 427, 431, 437, 439, 456, 463, 465, 471, 476, 482, 486, 498); // adauga id de la puterea cu hugs,
1835. $jinxList = array("jumble", "dle", "reverse", "mix", "ends", "hang", "egg", "space"); // adauga nume jinx
1836. if (in_array($h % 10000, $hugs))
1837. {
1838. $jinxTime = 0;
1839. $jinxName = "";
1840. $jinxProbability = 0;
1841. preg_match_all('/[a-z]+|\d+/', $j, $matches);
1842. if (count($matches) == 3)
1843. {
1844. $jinxTime = time() + (intval($matches[0]) * 60);
1845. $jinxName = strtolower($matches[1]);
1846. $jinxProbability = intval($matches[2]);
1847. }
1848. if ($user->hasPower($h % 10000))
1849. {
1850. if (!$e && $b)
1851. { #hugall - pc
1852. $usr = $this->mysql->fetch_array("select * from `users` where `id`='{$user->id}';");
1853. $usr = $usr[0];
1854. if ($usr['xats'] < 10) return $user->sendPacket($user->createPacket("v", array("e" => 1, "t" => "You don't have enough xats!")));
1855. break;
1856. $user->xats = ($usr['xats'] - 10);
1857. $u = $this->getUserByID($b, $user->chat);
1858. if (!is_object($u)) break;
1859. if (in_array($jinxName, $jinxList))
1860. {
1861. $u->jinx = "{$jinxTime}{$jinxName}{$jinxProbability}";
1862. $j = "{$jinxTime}{$jinxName}{$jinxProbability}";
1863. }
1864. $this->mysql->query("update `users` set `xats` = '{$user->xats}', `reserve`=`reserve`-10 where `id` = '{$user->id}';");
1865. $user->sendRoom($user->createPacket("a", array("u" => $user->id, "b" => $u->id, "h" => $h, "t" => $m, "j" => $j)), true);
1866. $user->sendRoom($user->createPacket("a", array("u" => $user->id, "b" => $u->id, "h" => $h, "t" => $m, "c" => $user->xats, "j" => $j)));
1867. }
1868. else if (!$e && !$b)
1869. { #hug / hugall - only main
1870. $usr = $this->mysql->fetch_array("select * from `users` where `id`='{$user->id}';");
1871. $usr = $usr[0];
1872. if (in_array($jinxName, $jinxList) || in_array($j, $jinxList)) return $user->sendPacket('<m t="testttttttttttmessages" u="0" />');
1873. $user->xats = ($usr['xats'] - 10);
1874. $this->mysql->query("update `users` set `xats` = '{$user->xats}', `reserve`=`reserve`-10 where `id` = '{$user->id}';");
1875. $user->sendRoom($user->createPacket("a", array("u" => $user->id, "h" => $h, "t" => $m, "c" => $user->xats, "j" => $j)));
1876. }
1877. else
1878. { #hug - only pc
1879. $u = $this->getUserByID($b, $user->chat);
1880. if (!is_object($u)) break;
1881. if (in_array($jinxName, $jinxList))
1882. {
1883. $u->jinx = "{$jinxTime}{$jinxName}{$jinxProbability}";
1884. $j = "{$jinxTime}{$jinxName}{$jinxProbability}";
1885. }
1886. $u->sendRoom($user->createPacket("z", array("d" => $b, "u" => $user->id, "h" => $h, "t" => $m, "s" => 2, "T" => 1, "j" => $j)));
1887. $user->sendRoom($user->createPacket("a", array("u" => $user->id, "b" => $b, "h" => $h, "t" => $m, "c" => $user->xats, "j" => $j)));
1888. }
1889. }
1890. }
1891. else if (!$b && !$f)
1892. {
1893. if ($user->xats < 25)
1894. {
1895. return $user->sendPacket($user->createPacket("v", array("e" => 1, "t" => "You don't have enough xats!")));
1896. break;
1897. }
1898. $usr = $this->mysql->fetch_array("select * from `users` where `id`='{$user->id}';");
1899. $usr = $usr[0];
1900. if (!$this->mysql->checkPass($p, $usr['password']))
1901. {
1902. return $user->sendPacket($user->createPacket("v", array("e" => 8)));
1903. break;
1904. }
1905. $user->xats = ($usr['xats'] - 25);
1906. $this->mysql->query("update `users` set `xats` = '{$user->xats}', `reserve`=`reserve`-25 where `id` = '{$user->id}';");
1907. $user->sendRoom($user->createPacket("a", array("u" => $user->id, "k" => $k, "t" => $m), true));
1908. }
1909. else
1910. {
1911. switch ($k)
1912. {
1913. /* married e bff terminado e divorce terminado */
1914. case 'Confetti':
1915. case 'Hearts':
1916. case 'Marriage':
1917. case 'Marry':
1918. case 'Rings':
1919. case 'Sunset':
1920. if ($user->d2 != 0)
1921. {
1922. return $user->sendPacket($user->createPacket("v", array("e" => 1, "t" => "You already have a BFF or are married.")));
1923. break;
1924. }
1925. if ($user->id == $b)
1926. {
1927. return $user->sendPacket($user->createPacket("v", array("e" => 1, "t" => "You can't marry yourself")));
1928. break;
1929. }
1930. $usr = $this->mysql->fetch_array("select * from `users` where `id`='{$user->id}';");
1931. $usr = $usr[0];
1932. if (!$this->mysql->checkPass($p, $usr['password']))
1933. {
1934. return $user->sendPacket($user->createPacket("v", array("e" => 8)));
1935. break;
1936. }
1937. if ($user->xats < 200)
1938. {
1939. return $user->sendPacket($user->createPacket("v", array("e" => 11)));
1940. break;
1941. }
1942. $u = $this->getUserByID($b, $user->chat);
1943. if (!is_object($u))
1944. {
1945. break;
1946. }
1947. if ($u->hasPower(99))
1948. {
1949. return $user->sendPacket($user->createPacket("v", array("e" => 50)));
1950. break;
1951. }
1952. $user->xats = ($usr['xats'] - 200);
1953. if ($u->d2 != 0)
1954. {
1955. return $user->sendPacket($user->createPacket("v", array("e" => 1, "t" => "That has a BFF or is already married.")));
1956. break;
1957. }
1958. $this->mysql->query("update `users` set `bride` = '{$u->id}', `d2` = '{$u->id}', `xats` = '{$user->xats}', `reserve`=`reserve`-200 where `id` = '{$user->id}';");
1959. $this->mysql->query("update `users` set `bride` = '{$user->id}', `d2` = '{$user->id}' where `id` = '{$u->id}';");
1960. $data1 = $this->doLogin($user->username, $user->password);
1961. $data2 = $this->doLogin($u->username, $u->password);
1962. $user->sendRoom($user->createPacket("a", array("u" => $user->id, "k" => $k, "t" => $m)), true);
1963. $user->sendPacket($user->createPacket("a", array("u" => $user->id, "k" => $k, "t" => $m, "c" => $user->xats)));
1964. $user->sendPacket($data1);
1965. $u->sendPacket($data2);
1966. break;
1967. case 'Beer':
1968. case 'Photo':
1969. case 'Donut':
1970. case 'Led':
1971. case 'Champagne':
1972. if ($user->d2 != 0)
1973. {
1974. return $user->sendPacket($user->createPacket("v", array("e" => 1, "t" => "You're already BFF | Married")));
1975. break;
1976. }
1977. if ($user->id == $b)
1978. {
1979. return $user->sendPacket($user->createPacket("v", array("e" => 1, "t" => "You can't BFF yourself")));
1980. break;
1981. }
1982. $usr = $this->mysql->fetch_array("select * from `users` where `id`='{$user->id}';");
1983. $usr = $usr[0];
1984. if (!$this->mysql->checkPass($p, $usr['password']))
1985. {
1986. return $user->sendPacket($user->createPacket("v", array("e" => 8)));
1987. break;
1988. }
1989. if ($user->xats < 200)
1990. {
1991. return $user->sendPacket($user->createPacket("v", array("e" => 11)));
1992. break;
1993. }
1994. $u = $this->getUserByID($f, $user->chat);
1995. if (!is_object($u))
1996. {
1997. break;
1998. }
1999. if ($u->hasPower(99))
2000. {
2001. return $user->sendPacket($user->createPacket("v", array("e" => 50)));
2002. break;
2003. }
2004. $user->xats = ($usr['xats'] - 25);
2005. if ($u->d2 != 0)
2006. {
2007. return $user->sendPacket($user->createPacket("v", array("e" => 1, "t" => "That user is already BFF' Married")));
2008. break;
2009. }
2010. $this->mysql->query("update `users` set `d0` = '1', `d2` = '{$u->id}', `xats` = '{$user->xats}', `reserve`=`reserve`-25 where `id` = '{$user->id}';");
2011. $this->mysql->query("update `users` set `d0` = '1', `d2` = '{$user->id}' where `id` = '{$u->id}';");
2012. $data1 = $this->doLogin($user->username, $user->password);
2013. $data2 = $this->doLogin($u->username, $u->password);
2014. $user->sendRoom($user->createPacket("a", array("u" => $user->id, "k" => $k, "t" => $m)), true);
2015. $user->sendPacket($user->createPacket("a", array("u" => $user->id, "k" => $k, "t" => $m, "c" => $user->xats)));
2016. $user->sendPacket($data1);
2017. $u->sendPacket($data2);
2018. break;
2019. case 'Argue':
2020. case 'Hippod':
2021. case 'Divorce':
2022. case 'Divorced':
2023. case 'Botd':
2024. $usr = $this->mysql->fetch_array("select * from `users` where `id`='{$user->id}';");
2025. $usr = $usr[0];
2026. if (!$this->mysql->checkPass($p, $usr['password']))
2027. {
2028. return $user->sendPacket($user->createPacket("v", array("e" => 8)));
2029. break;
2030. }
2031. $this->mysql->query("update `users` set `d0` = '0', `d2` = '0', `bride` = '' where `id` = '{$user->id}';");
2032. $this->mysql->query("update `users` set `d0` = '0', `d2` = '0', `married` = '' where `id` = '{$user->id}';");
2033. $user->sendRoom($user->createPacket("a", array("u" => $user->id, "k" => $k, "t" => $m)), true);
2034. $user->sendPacket($user->createPacket("a", array("u" => $user->id, "k" => $k, "t" => $m, "c" => $user->xats)));
2035. $data1 = $this->doLogin($user->username, $user->password);
2036. $user->sendPacket($data1);
2037. break;
2038. case 'T':
2039. if ($x < 0 || !is_numeric($x))
2040. {
2041. $this->disconnect($user->index);
2042. }
2043. else
2044. {
2045. $usr = $this->mysql->fetch_array("select * from `users` where `id`='{$user->id}';");
2046. $usr = $usr[0];
2047. $s = intval($s);
2048. if ($usr['transferblock'] > time())
2049. {
2050. return $user->sendPacket($user->createPacket("v", array("e" => 10)));
2051. break;
2052. }
2053. else if (!$this->mysql->checkPass($p, $usr['password']))
2054. {
2055. return $user->sendPacket($user->createPacket("v", array("e" => 8)));
2056. break;
2057. }
2058. else if ($x > $usr['xats'])
2059. {
2060. return $user->sendPacket($user->createPacket("v", array("e" => 11)));
2061. break;
2062. }
2063. else if ($s > 7970)
2064. {
2065. return $user->sendPacket($user->createPacket("v", array("e" => 18)));
2066. break;
2067. }
2068. else if (strtotime("+ {$s} days") > $usr['days'])
2069. {
2070. return $user->sendPacket($user->createPacket("v", array("e" => 18)));
2071. break;
2072. }
2073. else
2074. {
2075. $u = $this->getUserByID($b, $user->chat);
2076. if (!is_object($u))
2077. {
2078. $user->sendPacket('<v e="0" m="a" t="" />');
2079. }
2080. else
2081. {
2082. /*if ($user->ipaddr == $u->ipaddr) {
2083. return $user->sendPacket('<n t="You can\'t trade with yourself D:" />');
2084. }*/
2085. $u->xats += $x;
2086. $u->days = $u->days <= 0 ? $s : $u->days + $s;
2087. $user->xats -= $x;
2088. $user->days -= $s;
2089. $this->mysql->query("update `users` set `xats`='{$u->xats}', `days`='" . strtotime("+ " . $u->days . " days") . "' where `id` = '{$u->id}';");
2090. $this->mysql->query("update `users` set `xats`='{$user->xats}', `days`='" . strtotime("+ " . $user->days . " days") . "' where `id` = '{$user->id}';");
2091. $this->mysql->query("insert into `transfers` (`to`, `from`, `xats`, `days`, `timestamp`) values ('{$u->id}', '{$user->id}', '{$x}', '{$s}', '" . time() . "');");
2092. $user->sendPacket($user->createPacket("a", array("c" => $user->xats, "u" => $user->id, "b" => $b, "s" => $s, "x" => $x, "k" => "T", "t" => $m)));
2093. $u->sendPacket($u->createPacket("a", array("c" => $u->xats, "u" => $user->id, "b" => $b, "s" => $s, "x" => $x, "h" => "T", "t" => $m)));
2094. $user->joinRoom($user->chat, $user->pool);
2095. $u->joinRoom($u->chat, $u->pool);
2096. }
2097. }
2098. }
2099. break;
2100. }
2101. }
2102. break;
2103. case 'p':
2104. $u = $this->getuserbyid($this->getAttribute($packet, 'u', true), $user->chat);
2105. if (!is_object($u))
2106. {
2107. break;
2108. }
2109. $attr = $this->getMultiAttr($packet, array('t', 's'));
2110. /* badge - temp mod -temp own - temp member */
2111. if (substr($attr['t'], 0, 1) == "/")
2112. {
2113. switch (1)
2114. {
2115. case substr($attr['t'], 1, 2) == 'nb':
2116. if (!in_array($user->rank, array(1, 2, 4)) || !$this->higherRank($user->rank, $u->rank, true))
2117. {
2118. break;
2119. }
2120. if ($u->f & 262144)
2121. {
2122. $this->mysql->query("insert into `events`(`id`, `userid`, `victim`, `chat`, `timestamp`, `type`, `action`, `hours`, `reason`) values('null', '{$user->id}', '{$u->id}', '{$user->chat}', '{$date}', 'b2', 'Un Badge', 'forever','{$reason}');");
2123. $this->mysql->query("delete from `badge` where `chatid`='{$user->chat}' and `id`='{$u->id}';");
2124. $u->f -= 262144;
2125. $u->sendPacket('<c u="' . $u->id . '" t="/u" />');
2126. $user->sendRoom('<m t="/u" u="' . $user->id . '" d="' . $u->id . '" />');
2127. $u->joinRoom($user->chat, 0, true);
2128. }
2129. else
2130. {
2131. $time = strtotime("+ 20 years");
2132. $this->mysql->query("insert into `events`(`id`, `userid`, `victim`, `chat`, `timestamp`, `type`, `action`, `hours`, `reason`) values('null', '{$user->id}', '{$u->id}', '{$user->chat}', '{$date}', 'b1', 'Awarded a badge', 'forever','{$reason}');");
2133. $this->mysql->query("insert into `badge` (`id`, `chatid`, `reason`) values ('{$u->id}', '{$user->chat}', '" . substr($attr['t'], 3) . "');");
2134. $u->joinRoom($user->chat, 0, true);
2135. $user->sendRoom('<m p="' . substr($attr['t'], 3) . '" t="/gd" w="264" u="' . $user->id . '" d="' . $u->id . '" />');
2136. }
2137. break;
2138. /*RankScroll*/
2139. /*end*/
2140. case substr($attr['t'], 1, 2) == 'mo':
2141. if (!in_array($user->rank, array(1, 2, 4)) || !$this->higherRank($user->rank, $u->rank, true))
2142. {
2143. break;
2144. }
2145. $time = round(substr($attr['t'], 3), 1);
2146. if (!is_numeric($time) || $time > 24 || $time < 1)
2147. {
2148. return $user->sendPacket("<n t=\"Please use the following format\n/mo2.5 for 2.5 hours.\nMax:24\nMin:1\" />");
2149. }
2150. $date = time();
2151. $this->mysql->query("insert into `events`(`id`, `userid`, `victim`, `chat`, `timestamp`, `type`, `action`, `hours`, `reason`) values('null', '{$user->id}', '{$u->id}', '{$user->chat}', '{$date}', 'mo', 'Make owner', '{$time}', '');");
2152. $this->mysql->query("delete from `ranks` where `userid`='{$u->id}' and `chatid`='{$user->chat}';");
2153. $this->mysql->query("insert into `ranks`(`userid`, `chatid`, `f`, `tempend`) values('{$u->id}', '{$u->chatid}', 4, " . (time() + ($time * 60 * 60)) . ");");
2154. $x = "<i>";
2155. $x = htmlspecialchars($x);
2156. $user->sendRoom("<m u=\"{$user->id}\" t=\"&lt;i&gt; I have made {$u->username} an owner for {$time} hours!\" />");
2157. $u->joinRoom($user->chat, 0, true);
2158. break;
2159. case substr($attr['t'], 1, 2) == 'mb':
2160. if (!in_array($user->rank, array(1, 2, 4)) || !$this->higherRank($user->rank, $u->rank, true))
2161. {
2162. break;
2163. }
2164. $time = round(substr($attr['t'], 3), 1);
2165. if (!is_numeric($time) || $time > 24 || $time < 1)
2166. {
2167. return $user->sendPacket("<n t=\"Please use the following format\n/mo2.5 for 2.5 hours.\nMax:24\nMin:1\" />");
2168. }
2169. $date = time();
2170. $this->mysql->query("insert into `events`(`id`, `userid`, `victim`, `chat`, `timestamp`, `type`, `action`, `hours`, `reason`) values('null', '{$user->id}', '{$u->id}', '{$user->chat}', '{$date}', 'mo', 'Make owner', '{$time}', '');");
2171. $this->mysql->query("delete from `ranks` where `userid`='{$u->id}' and `chatid`='{$user->chat}';");
2172. $this->mysql->query("insert into `ranks`(`userid`, `chatid`, `f`, `tempend`) values('{$u->id}', '{$u->chatid}', 3, " . (time() + ($time * 60 * 60)) . ");");
2173. $x = "<i>";
2174. $x = htmlspecialchars($x);
2175. $user->sendRoom("<m u=\"{$user->id}\" t=\"&lt;i&gt; I have made {$u->username} a Member for {$time} hours!\" />");
2176. $u->joinRoom($user->chat, 0, true);
2177. break;
2178. case substr($attr['t'], 1, 1) == 'm':
2179. if (!in_array($user->rank, array(1, 4)) || !$this->higherRank($user->rank, $u->rank, true))
2180. {
2181. break;
2182. }
2183. $time = round(substr($attr['t'], 2), 1);
2184. if (!is_numeric($time) || $time > 24 || $time < 1)
2185. {
2186. return $user->sendPacket("<n t=\"Please use the following format\n/m2.5 for 2.5 hours.\nMax:24\nMin:1\" />");
2187. }
2188. $date = time();
2189. $this->mysql->query("insert into `events`(`id`, `userid`, `victim`, `chat`, `timestamp`, `type`, `action`, `hours`, `reason`) values('null', '{$user->id}', '{$u->id}', '{$user->chat}', '{$date}', 'rank', 'Make mod', '{$time}','');");
2190. $this->mysql->query("delete from `ranks` where `userid`='{$u->id}' and `chatid`='{$user->chat}';");
2191. $this->mysql->query("insert into `ranks`(`userid`, `chatid`, `f`, `tempend`) values('{$u->id}', '{$u->chatid}', 2, " . (time() + ($time * 60 * 60)) . ");");
2192. $user->sendRoom("<m u=\"{$user->id}\" t=\"&lt;i&gt; I have made {$u->username} a moderator for {$time} hours!\" />");
2193. $u->joinRoom($user->chat, 0, true);
2194. break;
2195. default:
2196. $attr['t'] = htmlspecialchars($attr['t']);
2197. $attr['s'] = htmlspecialchars($attr['s']);
2198. $u->sendPacket("<p u=\"{$user->id}\" t=\"{$attr['t']}\" s=\"{$attr['s']}\" />");
2199. return;
2200. }
2201. }
2202. else
2203. {
2204. $attr['t'] = htmlspecialchars($attr['t']);
2205. $attr['s'] = htmlspecialchars($attr['s']);
2206. $u->sendPacket("<p u=\"{$user->id}\" t=\"{$attr['t']}\" s=\"{$attr['s']}\" />");
2207. if ($this->spamfilter($tag, $user, 700)) break;
2208. }
2209. break;
2210. case 'p2':
2211. $u = $this->getUserByID($this->getAttribute($packet, 'u', true), $user->chat);
2212. if (!is_object($u)) break;
2213. $attr = $this->getMultiAttr($packet, array('t', 's'));
2214. $u->sendPacket("<p u=\"{$user->id}\" t=\"{$attr["t"]}\" s=\"{$attr["s"]}\" u=\"{$u->id}\" />");
2215. break;
2216. case 'z':
2217. if ($user->switchingPools == true)
2218. {
2219. $user->switchingPools = false;
2220. break;
2221. }
2222. if ($this->spamfilter($tag, $user, 1)) break;
2223. $d = $this->getAttribute($packet, 'd');
2224. $u = $this->getUserByID($d, $user->chatid);
2225. if ($u == false)
2226. {
2227. foreach ($this->users as & $_user)
2228. {
2229. if ((is_numeric($d) && $_user->id == $d))
2230. {
2231. if ($_user->online)
2232. {
2233. $u = $_user;
2234. break;
2235. }
2236. }
2237. }
2238. }
2239. if (!is_object($u))
2240. {
2241. $t = $this->getAttribute($packet, 't');
2242. if (trim($t) != "" && substr($t, 0, 1) !== "/" && is_numeric($d))
2243. {
2244. if (strlen($t) < 300)
2245. {
2246. $d = $this->mysql->sanatize($d);
2247. $check = $this->mysql->fetch_array("select xto from `offline_messages` where `xto`='{$d}' and `xfrom`='{$user->id}' and `unread`='1';");
2248. if (count($check) >= 12)
2249. {
2250. return $user->sendPacket("<n t=\"Max offline unread msgs: 12\" />");
2251. }
2252. unset($check);
2253. $msg = $this->mysql->sanatize($t);
2254. $this->mysql->query("insert into `offline_messages` (id, xto, xfrom, xmessage, unread) VALUES (NULL, '{$d}', '{$user->id}', '{$msg}', 1);");
2255. }
2256. }
2257. break;
2258. }
2259. if (!is_object($user))
2260. {
2261. break;
2262. }
2263. $t2 = $this->getAttribute($packet, 't');
2264. $t = substr($t2, 0, 2);
2265. $t3 = substr($t2, 0, 3);
2266. $param = substr($t2, 2);
2267. switch ($t)
2268. {
2269. /* locarizaçao usuario e nofollow */
2270. case '/l':
2271. if ($u->hidden == true)
2272. {
2273. return false;
2274. }
2275. $check = $this->mysql->fetch_array("SELECT * FROM `friends` WHERE `user`='{$u->id}' and `friend`='{$user->id}';");
2276. $check2 = $this->mysql->fetch_array("SELECT * FROM `friends` WHERE `user`='{$user->id}' and `friend`='{$u->id}';");
2277. if (empty($check) || empty($check2))
2278. {
2279. $str = " t=\"/a_\"";
2280. }
2281. else
2282. {
2283. $str = (($u->haspower(5) && $u->chat != $user->chat) || !isset($u->group)) ? " t=\"/a_NF\"" : " t=\"/ahttp://{$this->config->server_domain}/{$u->group}\"";
2284. }
2285. if ($u->haspower(27))
2286. {
2287. $user->sendPacket('<z b="1" d="' . $user->id . '" u="' . $u->id . '"' . ($str) . ' po="' . $u->dO . '" ' . $u->pStr . 'x="' . $u->xats . '" y="' . $u->days . ($u->days >= 1 ? '" q="3"' : '" q="1"') . ($u->username == '' ? '' : ' N="' . $u->username . '"') . ' n="' . html_entity_decode(htmlspecialchars_decode(($u->nickname))) . '" a="' . $this->mysql->sanatize($u->avatar) . '" h="' . $this->mysql->sanatize($u->url) . '" v="7" />');
2288. $u->sendPacket('<z b="1" d="' . $u->id . '" u="' . $user->id . '" t="/l" po="' . $user->dO . '" ' . $user->pStr . 'x="' . $user->xats . '" y="' . $user->days . ($user->days >= 1 ? '" q="3"' : '" q="1"') . ($user->username == '' ? '' : ' N="' . $user->username . '"') . ' n="' . html_entity_decode(htmlspecialchars_decode(($user->nickname))) . '" a="' . $this->mysql->sanatize($user->avatar) . '" h="' . $this->mysql->sanatize($user->url) . '" v="7" />');
2289. }
2290. else
2291. {
2292. $user->sendPacket('<z b="1" d="' . $user->id . '" u="' . $u->id . '"' . ($str) . ' po="' . $u->dO . '" ' . $u->pStr . 'x="' . $u->xats . '" y="' . $u->days . ($u->days >= 1 ? '" q="3"' : '" q="1"') . ($u->username == '' ? '' : ' N="' . $u->username . '"') . ' n="' . html_entity_decode(htmlspecialchars_decode(($u->nickname))) . '" a="' . $this->mysql->sanatize($u->avatar) . '" h="' . $this->mysql->sanatize($u->url) . '" v="7" />');
2293. $u->sendPacket('<z b="1" d="' . $u->id . '" u="' . $user->id . '" t="/l" po="' . $user->dO . '" ' . $user->pStr . 'x="' . $user->xats . '" y="' . $user->days . ($user->days >= 1 ? '" q="3"' : '" q="1"') . ($user->username == '' ? '' : ' N="' . $user->username . '"') . ' n="' . html_entity_decode(htmlspecialchars_decode(($user->nickname))) . '" a="' . $this->mysql->sanatize($user->avatar) . '" h="' . $this->mysql->sanatize($user->url) . '" v="7" />');
2294. $guser = $this->mysql->fetch_array("SELECT * FROM `users` WHERE `id`='" . $u->id . "';");
2295. if (!empty($guser[0]['tickle']))
2296. {
2297. $user->sendPacket("<z u=\"" . $u->id . "\" t=\"[Auto-msg] " . $guser[0]['tickle'] . "\" d=\"" . $user->id . "\" />");
2298. }
2299. }
2300. break;
2301. case '/a':
2302. $checkk = $this->mysql->fetch_array("SELECT * FROM `friends` WHERE `user`='{$u->id}' and `friend`='{$user->id}';");
2303. $check2 = $this->mysql->fetch_array("SELECT * FROM `friends` WHERE `user`='{$user->id}' and `friend`='{$u->id}';");
2304. if (empty($checkk) || empty($check2))
2305. {
2306. $str = " t=\"/a_\"";
2307. }
2308. else
2309. {
2310. $str = (($u->haspower(5) && $u->chat != $user->chat) || !isset($u->group)) ? " t=\"/a_NF\"" : " t=\"/ahttp://{$this->config->server_domain}/{$u->group}\"";
2311. }
2312. $check = $this->mysql->fetch_array("SELECT * FROM `friends` WHERE `user`='{$user->id}' and `friend`='{$u->id}';");
2313. if ($check)
2314. {
2315. if ($u->haspower(27))
2316. {
2317. $user->sendRoom('<z d="' . $user->id . '" u="' . $u->id . ($str) . $u->pStr . 'x="' . $u->xats . '" y="' . $u->days . '" d0="' . $u->d0 . ($u->days >= 1 ? ' q="3"' : ' q="1"') . ($u->username == '' ? '' : ' N="' . $u->username . '"') . ' n="' . html_entity_decode(htmlspecialchars_decode(($u->nickname))) . '" a="' . $this->mysql->sanatize($u->avatar) . '" h="' . $this->mysql->sanatize($u->url) . '" pawn="' . $this->mysql->sanatize($u->pawn) . '" v="7" />');
2318. }
2319. else
2320. {
2321. $user->sendRoom('<z d="' . $user->id . '" u="' . $u->id . ($str) . $u->pStr . 'x="' . $u->xats . '" y="' . $u->days . '" d0="' . $u->d0 . ($u->days >= 1 ? ' q="3"' : ' q="1"') . ($u->username == '' ? '' : ' N="' . $u->username . '"') . ' n="' . html_entity_decode(htmlspecialchars_decode(($u->nickname))) . '" a="' . $this->mysql->sanatize($u->avatar) . '" h="' . $this->mysql->sanatize($u->url) . '" pawn="' . $this->mysql->sanatize($u->pawn) . '" v="2" />');
2322. }
2323. }
2324. break;
2325. default:
2326. var_dump("PV ???");
2327. //$u = $this->getUserByID($this->getAttribute($packet, 'u', true), $user->chat);
2328. //if(!is_object($u)) break;
2329. $t = $this->getAttribute($packet, 't');
2330. $s = $this->getAttribute($packet, 's');
2331. $u->sendPacket("<z u=\"" . $user->id . "\" t=\"" . $t . "\" s=\"" . $s . "\" d=\"" . $u->id . "\" />");
2332. break;
2333. }
2334. break;
2335. case 'c':
2336. if ($this->spamfilter($tag, $user, 800))
2337. {
2338. break;
2339. }
2340. if ($user->banned > time())
2341. {
2342. return false;
2343. }
2344. if ($user->rExpire != 0 && $user->rExpire < time())
2345. {
2346. $this->mysql->query("delete from `ranks` where `userid`={$user->id} and `chatid`='{$user->chat}';");
2347. $this->mysql->query("insert into `ranks`(`userid`, `chatid`, `f`) values({$user->id}, {$user->chat}, 3);");
2348. return $user->joinRoom($user->chat, 0, true);
2349. }
2350. $attr = $this->getAttribute($packet, 'u', true);
2351. $t2 = $this->getAttribute($packet, 't');
2352. $uid = $this->getAttribute($packet, 'u');
2353. $game = $this->getAttribute($packet, 'w');
2354. $p = $this->getAttribute($packet, 'p');
2355. $u = $this->getUserByID($attr, $user->chat);
2356. $bchat = $this->mysql->fetch_array("select * from `chats` where `id`='{$user->chat}';");
2357. $Blastbans = $this->mysql->fetch_Array("SELECT * FROM `group_powers` WHERE `group`='{$user->group}' AND `power`=86;");
2358. $blastkicks = $this->mysql->fetch_Array("SELECT * FROM `group_powers` WHERE `group`='{$user->group}' AND `power`=94;");
2359. $Blastpros = $this->mysql->fetch_Array("SELECT * FROM `group_powers` WHERE `group`='{$user->group}' AND `power`=84;");
2360. $Blastdes = $this->mysql->fetch_Array("SELECT * FROM `group_powers` WHERE `group`='{$user->group}' AND `power`=88;");
2361. $blastban = $bchat[0]["blastban"];
2362. $blastkick = $bchat[0]["blastkick"];
2363. $blastpro = $bchat[0]["blastpro"];
2364. $blastde = $bchat[0]["blastde"];
2365. $param3 = substr($t2, 3);
2366. $param = substr($t2, 2);
2367. print substr($t2, 0, 2);
2368. print substr($t2, 0, 3);
2369. switch (substr($t2, 0, 2))
2370. {
2371. case '/b':
2372. $friend = explode(',', $t2);
2373. if ($friend[1] == '1' && $friend[2] !== '')
2374. {
2375. $friend_id = $this->mysql->fetch_array("SELECT id FROM `users` WHERE `username`='{$friend[2]}';");
2376. $this->mysql->query("insert into `friends` (`id`, `user`, `friend`) values (NULL, '{$user->id}', '{$friend_id[0]['id']}');");
2377. }
2378. elseif ($friend[1] == '2' && $friend[0][2] !== '')
2379. {
2380. $this->mysql->query("delete from `friends` where `user`={$user->id} and `friend`='" . str_replace('/b ', '', $friend[0]) . "';");
2381. }
2382. break;
2383. }
2384. if (!is_object($u))
2385. {
2386. return;
2387. } //Delete friend
2388. switch (substr($t2, 0, 3))
2389. {
2390. case '/gm':
2391. if ($this->higherRank($user->rank, $u->rank, true) && in_array($user->rank, array(1, 4)))
2392. {
2393. $gag = $this->mysql->fetch_array("select * from `bans` where `userid`='{$u->id}' and `chatid`='{$u->chat}' and `type`='f256';");
2394. if ($u->f & 256)
2395. {
2396. $date = time();
2397. $this->mysql->query("delete from `bans` where `chatid`='{$user->chat}' and `userid`='{$u->id}' or `chatid`='{$user->chat}' and `ip`='{$u->ipaddr}';");
2398. $user->sendRoom($user->createPacket("m", array("t" => "/u", "u" => $user->id, "d" => $u->id)));
2399. $user->sendRoom($user->createPacket("m", array("t" => "/p", "u" => $user->id, "d" => $u->id)));
2400. $u->f -= 256;
2401. $u->joinRoom($user->chat, false, true, 0);
2402. }
2403. else
2404. {
2405. $time = $param3 == 0 ? strtotime("+ 20 years") : strtotime("+ {$param3} seconds");
2406. $this->mysql->query("insert into `events`(`id`, `userid`, `victim`, `chat`, `timestamp`, `type`, `action`, `hours`, `reason`) values('null', '{$user->id}', '{$u->id}', '{$user->chat}', '{$date}', 'mute', 'Mute', '{$time}', '{$p}');");
2407. $this->mysql->query("insert into `bans` (`chatid`, `userid`, `unbandate`, `ip`, `type`) values ('{$user->chat}', '{$u->id}', '{$time}', '{$u->ipaddr}', 'f256');");
2408. $u->joinRoom($user->chat, false, true, 0);
2409. $u->f |= 256;
2410. $user->sendRoom($user->createPacket('m', array('p' => $this->getAttribute($packet, 'p'), 't' => '/gm', "u" => $user->id, 'd' => $u->id)));
2411.  
2412. $u->banned = $time;
2413. }
2414. }
2415. return;
2416. break;
2417. case '/gg':
2418. if ($this->higherRank($user->rank, $u->rank, true) && in_array($user->rank, array(1, 4)))
2419. {
2420. $gag = $this->mysql->fetch_array("select * from `bans` where `userid`='{$u->id}' and `chatid`='{$u->chat}' and `type`='f256';");
2421. if ($u->f & 256)
2422. {
2423. $date = time();
2424. $this->mysql->query("delete from `bans` where `chatid`='{$user->chat}' and `userid`='{$u->id}' or `chatid`='{$user->chat}' and `ip`='{$u->ipaddr}';");
2425. $user->sendRoom($user->createPacket("m", array("t" => "/u", "u" => $user->id, "d" => $u->id)));
2426. $u->f -= 256;
2427. $u->joinRoom($user->chat, false, true, 0);
2428. }
2429. else
2430. {
2431. $time = $param3 == 0 ? strtotime("+ 20 years") : strtotime("+ {$param3} seconds");
2432. $this->mysql->query("insert into `events`(`id`, `userid`, `victim`, `chat`, `timestamp`, `type`, `action`, `hours`, `reason`) values('null', '{$user->id}', '{$u->id}', '{$user->chat}', '{$date}', 'gag', 'Gag', '{$time}', '{$p}');");
2433. $this->mysql->query("insert into `bans` (`chatid`, `userid`, `unbandate`, `ip`, `type`) values ('{$user->chat}', '{$u->id}', '{$time}', '{$u->ipaddr}', 'f256');");
2434. $u->joinRoom($user->chat, false, true, 0);
2435. $u->f |= 256;
2436. $user->sendRoom($user->createPacket("m", array("p" => $this->getAttribute($packet, 'p'), "t" => "/gg{$param3}", "u" => $user->id, "d" => $u->id)));
2437. $u->banned = $time;
2438. }
2439. }
2440. return;
2441. break;
2442. case '/gn':
2443. if ($this->higherRank($user->rank, $u->rank, true) && in_array($user->rank, array(1, 4)))
2444. {
2445. // naughty
2446. if ($u->f & 524288)
2447. {
2448. $date = time();
2449. $this->mysql->query("insert into `events`(`id`, `userid`, `victim`, `chat`, `timestamp`, `type`, `action`, `hours`) values('null', '{$user->id}', '{$u->id}', '{$user->chat}', '{$date}', 'n2', 'UnNaughty', '', '{$p}');");
2450. $this->mysql->query("delete from `bans` where `chatid`='{$user->chat}' and `userid`='{$u->id}' or `chatid`='{$user->chat}' and `ip`='{$u->ipaddr}';");
2451. $user->sendRoom('<m t="/u" u="' . $user->id . '" d="' . $u->id . '" />');
2452. $u->f -= 524288;
2453. $u->joinRoom($user->chat, false, true, 0);
2454. }
2455. else
2456. {
2457. $date = time();
2458. $time = $this->loginTime * $this->loginTime;
2459. $this->mysql->query("insert into `events`(`id`, `userid`, `victim`, `chat`, `timestamp`, `type`, `action`, `hours`) values('null', '{$user->id}', '{$u->id}', '{$user->chat}', '{$date}', 'n1', 'Naughty', 'forever', '{$p}');");
2460. $this->mysql->query("insert into `bans` (`chatid`, `userid`, `unbandate`, `ip`, `type`) values ('{$user->chat}', '{$u->id}', '{$time}', '{$u->ipaddr}', 'f524288');");
2461. $u->f |= 524288;
2462. $u->joinRoom($user->chat, false, true, 0);
2463. $user->sendRoom('<m p="' . $this->getAttribute($packet, 'p') . '" t="/gn' . $param3 . '" u="' . $user->id . '" d="' . $u->id . '" w="284" />');
2464. $u->banned = $time;
2465. }
2466. }
2467. return;
2468. break;
2469. case '/gy':
2470. if ($this->higherRank($user->rank, $u->rank, True) && in_Array($user->rank, Array(1, 2, 4)))
2471. // Yellowcard
2472.  
2473. {
2474. print $u->id;
2475. print $user->chat;
2476. $verIficar = $this->mysql->fetch_array("select * from `bans` where `userid`='{$u->id}' and `chatid`='{$u->chat}' and `type`='f1048576';");
2477. if (!$verIficar)
2478. {
2479. $date = time();
2480. $time = $this->loginTime * $this->loginTime;
2481. $this->mysql->query("insert into `events`(`id`, `userid`, `victim`, `chat`, `timestamp`, `type`, `action`, `hours`, `reason`) values('null', '{$user->id}', '{$u->id}', '{$user->chat}', '{$date}', 'y1', 'Yellowcard', 'forever', '{$p}');");
2482. $this->mysql->query("insert into `bans` (`chatid`, `userid`, `unbandate`, `ip`, `type`) values ('{$user->chat}', '{$u->id}', '{$time}', '{$u->ipaddr}', 'f1048576');");
2483. $u->f |= 0x100000;
2484. $user->sendRoom('<m p="' . $this->getAttribute($packet, 'p') . '" t="/gy' . $param3 . '" u="' . $user->id . '" d="' . $u->id . '" w="292" />');
2485. $u->joinRoom($user->chat, False, True, 0);
2486. $user->sendRoom("<bl u=\"{$user->id}\" d=\"{$u->id}\" t=\"blastyellow\" v=\"1\" r=\"{$this->blastCor($u->rank) }\" o=\"{$this->blastCargo($u->rank) }\" />");
2487. } //!$verIficar[ 0 ][ 'index' ]
2488. else
2489. {
2490. $date = time();
2491. $this->mysql->query("insert into `events`(`id`, `userid`, `victim`, `chat`, `timestamp`, `type`, `action`, `hours`, `reason`) values('null', '{$user->id}', '{$u->id}', '{$user->chat}', '{$date}', 'y2', 'UnYellowcard', '', '');");
2492. $this->mysql->query("delete from `bans` where `chatid`='{$user->chat}' and `userid`='{$u->id}' and type='f1048576';");
2493. $u->f -= 0x100000;
2494. $u->sendPacket('<c u="' . $u->id . '" t="/u" />');
2495. $u->joinRoom($user->chat, 0, True);
2496. }
2497. } //$this->higherRank( $user->rank, $u->rank, True ) && in_Array( $user->rank, Array( 1, 2, 4 ) )
2498. return;
2499. break;
2500. case '/gr':
2501. if ($this->higherRank($user->rank, $u->rank, True) && in_Array($user->rank, Array(1, 2, 4)))
2502. // redcard
2503.  
2504. {
2505. $verIficar = $this->mysql->fetch_Array("SELECT * FROM `bans` WHERE userid = {$u->id} AND `chatid` = {$user->chat} AND type = 'f2097152';");
2506. if (!$verIficar[0]['index'])
2507. {
2508. $date = time();
2509. $time = $param3 == 0 ? strtotime("+ 20 years") : strtotime("+ {$param3} seconds");
2510. $this->mysql->query("insert into `events`(`id`, `userid`, `victim`, `chat`, `timestamp`, `type`, `action`, `hours`, `reason`) values('null', '{$user->id}', '{$u->id}', '{$user->chat}', '{$date}', 'r1', 'Redcard', 'forever', '{$p}');");
2511. $this->mysql->query("insert into `bans` (`chatid`, `userid`, `unbandate`, `ip`, `type`) values ('{$user->chat}', '{$u->id}', '{$time}', '{$u->ipaddr}', 'f2097152');");
2512. $u->joinRoom($user->chat, False, True, 0);
2513. $user->sendRoom('<m p="' . $this->getAttribute($packet, 'p') . '" t="/gr' . $param3 . '" u="' . $user->id . '" d="' . $u->id . '" />', False, $u->id);
2514. $user->sendRoom("<bl u=\"{$user->id}\" d=\"{$u->id}\" t=\"blastred\" v=\"1\" r=\"{$this->blastCor($u->rank) }\" o=\"{$this->blastCargo($u->rank) }\" />");
2515. }
2516. else
2517. {
2518. $date = time();
2519. $this->mysql->query("insert into `events`(`id`, `userid`, `victim`, `chat`, `timestamp`, `type`, `action`, `hours`, `reason`) values('null', '{$user->id}', '{$u->id}', '{$user->chat}', '{$date}', 'r2', 'UnRedcard', '', '');");
2520. $this->mysql->query("delete from `bans` where `chatid`='{$user->chat}' and `userid`='{$u->id}' and type='f2097152';");
2521. $u->f -= 2097152;
2522. $u->joinRoom($user->chat, 0, True);
2523. }
2524. }
2525. return;
2526. break;
2527. case '/gd':
2528. if (!in_array($user->rank, array(1, 2, 4)))
2529. {
2530. return;
2531. }
2532. else
2533. {
2534. if ($u->f & 32768)
2535. {
2536. $this->mysql->query("delete from `bans` where `userid`='{$u->id}' and `chatid`='{$u->chat}' and `type`='f32768';");
2537. $this->mysql->query("insert into `events`(`id`, `userid`, `victim`, `chat`, `timestamp`, `type`, `action`, `hours`, `reason`) values('null', '{$user->id}', '{$u->id}', '{$user->chat}', '{$date}', 'undunce', 'un-dunce', '', '');");
2538. $u->f -= 32768;
2539. $u->nulleGp = true;
2540. $u->joinRoom($user->chat, false, true, $u->pool);
2541. $user->sendRoom($user->createPacket("m", array("t" => "/u", "u" => $user->id, "d" => $u->id, "w" => "158", "E" => time())));
2542. }
2543. else
2544. {
2545. $date = time();
2546. $time = $param3 == 0 ? strtotime("+ 20 years") : strtotime("+ {$param3} seconds");
2547. $this->mysql->query("insert into `events`(`id`, `userid`, `victim`, `chat`, `timestamp`, `type`, `action`, `hours`, `reason`) values('null', '{$user->id}', '{$u->id}', '{$user->chat}', '{$date}', 'dunce', 'Dunce', 'forever', '{$p}');");
2548. $this->mysql->query("insert into `bans` (`chatid`, `userid`, `unbandate`, `ip`, `type`) values ('{$user->chat}', '{$u->id}', '{$time}', '{$u->ipaddr}', 'f32768');");
2549. if (!count($Blastbans) == 0 && $Blastbans[0]['enabled'] == 1)
2550. {
2551. $user->sendRoom($this->Blaster($user->id, $u->id, $u->rank, "blastdunce", $blastban), false);
2552. }
2553. $u->f |= 32768;
2554. $u->nulleGp = true;
2555. $user->sendRoom($user->createPacket("m", array("t" => "/gd{$param}", "u" => $user->id, "d" => $u->id, "w" => "158", "E" => time())));
2556. $u->unban = true;
2557. $u->joinRoom($user->chat, false, true, 0);
2558. }
2559. }
2560. return;
2561. break;
2562. }
2563. switch (substr($t2, 0, 2))
2564. {
2565. case '/r':
2566. case '/e':
2567. case '/m':
2568. case '/M':
2569. $ranks = array('r' => array(array(1, 2, 4), 5), 'e' => array(array(1, 2, 4), 3), 'm' => array(array(1, 4), 2), 'M' => array(array(1), 4));
2570. $rank = $ranks[substr($t2, 1, 1) ];
2571. $locked = $this->mysql->fetch_array("select * from `ranks` where `userid`='{$u->id}' and `chatid`='{$user->chat}';");
2572. if ($locked[0]['locked'] == 0 && in_array($user->rank, $rank[0]) && $this->higherRank($user->rank, $u->rank, true))
2573. {
2574. if ($locked[0]['f'] == 5 && $rank[1] == 4)
2575. {
2576. $wblast = 'blastpro';
2577. }
2578. elseif ($locked[0]['f'] == 5 && $rank[1] == 3)
2579. {
2580. $wblast = 'blastpro';
2581. }
2582. elseif ($locked[0]['f'] == 5 && $rank[1] == 2)
2583. {
2584. $wblast = 'blastpro';
2585. }
2586. elseif ($locked[0]['f'] == 3 && $rank[1] == 4)
2587. {
2588. $wblast = 'blastpro';
2589. }
2590. elseif ($locked[0]['f'] == 3 && $rank[1] == 2)
2591. {
2592. $wblast = 'blastpro';
2593. }
2594. elseif ($locked[0]['f'] == 2 && $rank[1] == 4)
2595. {
2596. $wblast = 'blastpro';
2597. }
2598. else
2599. {
2600. $wblast = 'blastde';
2601. }
2602. $this->mysql->query('delete from `ranks` where `userid`=' . $u->id . ' and `chatid`=' . $user->chat . ';');
2603. $this->mysql->query('insert into `ranks` (`userid`, `chatid`, `f`) values(' . $u->id . ', ' . $user->chat . ', ' . $rank[1] . ');');
2604. $p = $this->getAttribute($packet, 'p');
2605. $silent = $user->hasPower(142) && substr($t2, 0, 2) == '/e' && in_array($user->rank, array(1, 2, 4)) && $rank == $ranks['e'] ? 'c' : 'm';
2606. $u->sendPacket('<c p="' . $p . '" t="' . substr($t2, 0, 2) . '" u="' . $user->id . '" d="' . $u->id . '" />');
2607. if($u->f & 256){
2608. $this->mysql->query("delete from `bans` where `chatid`='{$user->chat}' and `userid`='{$u->id}' or `chatid`='{$user->chat}' and `ip`='{$u->ipaddr}';");
2609. $user->sendRoom('<m t="/p" u="' . $user->id . '" d="' . $u->id . '" />');
2610. $u->f -= 256;
2611. }
2612.  
2613. $this->mysql->query("delete from `bans` where `chatid`='{$user->chat}' and `userid`='{$u->id}' and type='f256';");
2614. $user->sendRoom('<' . $silent . ' u="' . $user->id . '" d="' . $u->id . '" t="/m" p="' . substr($t2, 1, 1) . '" />');
2615. $cols = array("/r" => "0x009900", "/e" => "0x3366FF", "/m" => "0xFFFFFF", "/M" => "0xFF9900");
2616. $colIndex = substr($t2, 0, 2);
2617. $blaster = $cols[$colIndex];
2618. $oAttr = array("/r" => "r", "/e" => "e", "/m" => "m", "/M" => "M");
2619. $oIndex = substr($t2, 0, 2);
2620. $useO = $oAttr[$oIndex];
2621. if (!count($Blastpros) == 0 && $Blastpros[0]['enabled'] == 1 && $wblast == "blastpro")
2622. {
2623. $user->sendRoom('<bl u="' . $user->id . '" d="' . $u->id . '" t="' . $wblast . '" v="' . $blastpro . '" r="' . $blaster . '" o="' . $useO . '" />', false);
2624. }
2625. elseif (!count($Blastdes) == 0 && $Blastdes[0]['enabled'] == 1 && $wblast == "blastde")
2626. {
2627. $user->sendRoom('<bl u="' . $user->id . '" d="' . $u->id . '" t="' . $wblast . '" v="' . $blastde . '" r="' . $blaster . '" o="' . $useO . '" />', false);
2628. }
2629. $u->nulleGp = true;
2630. $u->joinRoom($user->chat, 0, true);
2631.  
2632. }
2633. break;
2634. case '/g': // Ban
2635. if (in_array($user->rank, array(1, 2, 4)) && $this->higherRank($user->rank, $u->rank, true))
2636. {
2637. if ($user->rank == 2)
2638. { // Mod8
2639. $hours = round((($param3 / 60) / 60), 1);
2640. $mod8 = $user->haspower(3);
2641. if ($hours > 6 && !$mod8 || $mod8 && $hours > 8)
2642. {
2643. return;
2644. }
2645. }
2646. $time = $param3 == 0 ? strtotime("+ 20 years") : strtotime("+ {$param3} seconds");
2647. if ($game !== false && is_numeric($game) && $game > 0)
2648. {
2649. if ($user->hasPower($game))
2650. {
2651. $date = time();
2652. switch ($game)
2653. {
2654. case 134:
2655. $gban = "SnakeBan";
2656. break;
2657. case 136:
2658. $gban = "SpaceBan";
2659. break;
2660. case 140:
2661. $gban = "MatchBan";
2662. break;
2663. case 152:
2664. $gban = "MazeBan";
2665. break;
2666. case 162:
2667. $gban = "CodeBan";
2668. break;
2669. case 176:
2670. $gban = "Reverse";
2671. break;
2672. case 184:
2673. $gban = "Zip";
2674. break;
2675. }
2676. $verIficar = $this->mysql->fetch_Array("SELECT * FROM `bans` WHERE userid = {$u->id} AND `chatid` = {$user->chat} AND type = 'w{$game}';");
2677. if (!$verIficar[0]['index'])
2678. {
2679. $this->mysql->query("insert into `events`(`id`, `userid`, `victim`, `chat`, `timestamp`, `type`, `action`, `hours`, `reason`) values('null', '{$user->id}', '{$u->id}', '{$user->chat}', '{$date}', '{$game}', '{$gban}', '{$time}', '{$p}');");
2680. $this->mysql->query("insert into `bans` (`chatid`, `userid`, `unbandate`, `ip`, `type`) values ('{$user->chat}', '{$u->id}', '{$time}', '{$u->ipaddr}', 'w{$game}');");
2681. $user->sendRoom('<m p="' . $p . '" t="/g' . $param . '" w="' . $game . '" u="' . $user->id . '" d="' . $u->id . '" />');
2682. $u->sendPacket('<m p="' . $p . '" w="' . $game . '" t="/g' . $time . '" u="' . $user->id . '" d="' . $u->id . '" />');
2683. if (!count($Blastbans) == 0 && $Blastbans[0]['enabled'] == 1)
2684. {
2685. $user->sendRoom('<bl u="' . $user->id . '" d="' . $u->id . '" t="blastban" v="' . $blastban . '" r="' . $this->BlastCor($u->rank) . '" o="' . $this->BlastCargo($u->rank) . '" />', false);
2686. }
2687. $u->joinRoom($user->chat, false, true, 0);
2688. }
2689. else
2690. {
2691. $this->mysql->query("delete from `bans` where `chatid`='{$user->chat}' and `userid`='{$u->id}' and type='w{$game}';");
2692. $user->sendRoom('<m t="/u" u="' . $user->id . '" d="' . $u->id . '" />');
2693. $u->sendPacket('<c u="0" d="' . $u->id . '" t="/u" />');
2694. $u->joinRoom($user->chat, false, true, 0);
2695. }
2696. }
2697. else
2698. {
2699. $user->sendPacket('<n t="You don\'t have that power!" />');
2700. }
2701. }
2702. else
2703. {
2704. $date = time();
2705. $this->mysql->query("insert into `events`(`id`, `userid`, `victim`, `chat`, `timestamp`, `type`, `action`, `hours`, `reason`) values('null', '{$user->id}', '{$u->id}', '{$user->chat}', '{$date}', 'g', 'Ban', '{$time}', '{$p}');");
2706. $this->mysql->query("insert into `bans` (`chatid`, `userid`, `unbandate`, `ip`) values ('{$user->chat}', '{$u->id}', '{$time}', '{$u->ipaddr}');");
2707. $user->sendRoom('<m p="' . $this->getAttribute($packet, 'p') . '" t="/g' . $param . '" u="' . $user->id . '" d="' . $u->id . '" />');
2708. $u->sendPacket('<c p="' . $this->getAttribute($packet, 'p') . '" t="/g' . $time . '" u="' . $this->getAttribute($packet, 'u') . '" d="' . $this->getAttribute($packet, 'd') . '" />');
2709. $u->sendRoom("<l u=\"{$u->id}\" />");
2710. if (!count($Blastbans) == 0 && $Blastbans[0]['enabled'] == 1)
2711. {
2712. $user->sendRoom('<bl u="' . $user->id . '" d="' . $u->id . '" t="blastban" v="' . $blastban . '" r="' . $this->BlastCor($u->rank) . '" o="' . $this->BlastCargo($u->rank) . '" />', false);
2713. }
2714. $u->sendRoom("<l u=\"{$u->id}\" />"); // Left off here [Blasts]
2715. $u->joinRoom($user->chat, false, true, 2);
2716. }
2717. }
2718. break;
2719. case "/k":
2720. $checkUser = $user->rank == 3 && $u->banned > time() ? True : False;
2721. if ((in_Array($user->rank, Array(1, 2, 4)) && $this->higherRank($user->rank, $u->rank, True)) || $checkUser)
2722. {
2723. $args = explode("#", $pee = $this->getAttribute($packet, 'p'));
2724. if (count($args) == 2)
2725. {
2726. $chat = $this->mysql->fetch_Array("select * from `chats` where `id`='{$this->mysql->sanatize($args[1]) }' or `name`='{$this->mysql->sanatize($args[1]) }';");
2727. if (empty($chat))
2728. {
2729. $user->sendPacket("<n t=\"Este chat nao existe!\" />");
2730. }
2731. Else
2732. {
2733. $this->mysql->query("insert into `events`(`id`, `userid`, `victim`, `chat`, `timestamp`, `type`, `action`, `hours`, `reason`) values('null', '{$user->id}', '{$u->id}', '{$user->chat}', '{$date}', 'k', 'Boot', '', '{$pee}');");
2734. $user->sendRoom("<m p=\"{$pee}\" t=\"/k\" u=\"{$user->id}\" d=\"{$u->id}\" />", False);
2735. $u->sendPacket("<q p2=\"{$pee}\" u=\"{$u->id}\" d2=\"{$user->id}\" r=\"{$chat[0]['id']}\" />");
2736. if (!count($blastkicks) == 0 && $blastkicks[0]['enabled'] == 1)
2737. {
2738. $user->sendRoom('<bl u="' . $user->id . '" d="' . $u->id . '" t="blastkick" v="' . $blastkick . '" r="' . $this->BlastCor($u->rank) . '" o="' . $this->BlastCargo($u->rank) . '" />', False);
2739. }
2740. $u->joinRoom($chat[0]['id'], True);
2741. $user->sendRoom("<l u=\"{$u->id}\" />");
2742. }
2743. }
2744. Else
2745. {
2746. if (count($args) == 3 && !$user->hasPower(121))
2747. {
2748. $user->sendPacket("<n t=\"Voce nao tem o power ZAP!\" />");
2749. }
2750. Else
2751. {
2752. $user->sendRoom("<m p=\"{$pee}\" t=\"/k\" u=\"{$user->id}\" d=\"{$u->id}\" />", False);
2753. $u->sendPacket("<c p=\"{$pee}\" t=\"/k\" u=\"{$user->id}\" d=\"{$u->id}\" />");
2754. $this->mysql->query("insert into `events`(`id`, `userid`, `victim`, `chat`, `timestamp`, `type`, `action`, `hours`, `reason`) values('null', '{$user->id}', '{$u->id}', '{$user->chat}', '{$date}', 'k', 'Kick', '', '{$pee}');");
2755. if (!count($blastkicks) == 0 && $blastkicks[0]['enabled'] == 1)
2756. {
2757. $user->sendRoom('<bl u="' . $user->id . '" d="' . $u->id . '" t="blastkick" v="' . $blastkick . '" r="' . $this->BlastCor($u->rank) . '" o="' . $this->BlastCargo($u->rank) . '" />', False);
2758. }
2759. $this->disconnect($u->index);
2760. $user->sendRoom("<l u=\"{$u->id}\" />");
2761. }
2762. }
2763. }
2764. Else
2765. {
2766. $this->disconnect($user->index);
2767. }
2768. break;
2769. case '/u':
2770. if (in_array($user->rank, array(1, 2, 4)) && ($u->rank == 16 && $this->higherRank($user->rank, $u->rank, true)))
2771. {
2772. $date = time();
2773. $this->mysql->query("insert into `events`(`id`, `userid`, `victim`, `chat`, `timestamp`, `type`, `action`, `hours`, `reason`) values('null', '{$user->id}', '{$u->id}', '{$user->chat}', '{$date}', 'unban', 'Unban', '', '');");
2774. $this->mysql->query("delete from `bans` where `chatid`='{$user->chat}' and `userid`='{$u->id}' or `chatid`='{$user->chat}' and `ip`='{$u->ipaddr}';");
2775. $user->sendRoom('<m t="/u" u="' . $user->id . '" d="' . $u->id . '" />');
2776. $u->sendPacket('<c u="0" d="' . $u->id . '" t="/u" />');
2777. $u->sendRoom("<l u=\"{$u->id}\" />");
2778. $u->joinRoom($user->chat, false, true, 0);
2779. $user->joinRoom($user->chat, false, true, $user->pool);
2780. }
2781. break;
2782. }
2783. break;
2784. default:
2785. $this->disconnect($user->index);
2786. break;
2787. }
2788. }
2789. public function BlastCor($rank)
2790. {
2791. switch ($rank)
2792. {
2793. case 5:
2794. $cor = "0x009900";
2795. break;
2796. case 4:
2797. $cor = "0xFF9900";
2798. break;
2799. case 3:
2800. $cor = "0x3366FF";
2801. break;
2802. case 2:
2803. $cor = "0xFFFFFF";
2804. break;
2805. case 1:
2806. $cor = "X";
2807. break;
2808. default:
2809. $cor = "0x009900";
2810. }
2811. return $cor;
2812. }
2813. public function BlastCargo($rank)
2814. {
2815. switch ($rank)
2816. {
2817. case 5:
2818. $rank = "r";
2819. break;
2820. case 4:
2821. $rank = "M";
2822. break;
2823. case 3:
2824. $rank = "e";
2825. break;
2826. case 2:
2827. $rank = "m";
2828. break;
2829. case 1:
2830. $rank = "X";
2831. break;
2832. default:
2833. $rank = "0x009900";
2834. }
2835. return $rank;
2836. }
2837. public function Blaster($myid, $userid, $rank, $blast, $blasttype)
2838. {
2839. return "<bl u=\"{$myid}\" d=\"{$userid}\" t=\"{$blast}\" v=\"{$blasttype}\" r=\"{$this->blastCor($rank) }\" o=\"{$this->blastCargo($rank) }\" />";
2840. }
2841. public function mask($packet)
2842. {
2843. $length = strlen($packet);
2844. if ($length < 126)
2845. {
2846. return pack('CC', 0x80 | (0x1 & 0x0f), $length) . $packet;
2847. }
2848. elseif ($length < 65536)
2849. {
2850. return pack('CCn', 0x80 | (0x1 & 0x0f), 126, $length) . $packet;
2851. }
2852. else
2853. {
2854. return pack('CCNN', 0x80 | (0x1 & 0x0f), 127, $length) . $packet;
2855. }
2856. }
2857. public function unmask($packet)
2858. {
2859. try
2860. {
2861. $length = ord($packet[1]) & 127;
2862. if ($length == 126)
2863. {
2864. $masks = substr($packet, 4, 4);
2865. $data = substr($packet, 8);
2866. }
2867. elseif ($length == 127)
2868. {
2869. $masks = substr($packet, 10, 4);
2870. $data = substr($packet, 14);
2871. }
2872. else
2873. {
2874. $masks = substr($packet, 2, 4);
2875. $data = substr($packet, 6);
2876. }
2877. $response = '';
2878. $dlength = strlen($data);
2879. for ($i = 0;$i < $dlength;++$i)
2880. {
2881. $response .= $data[$i] ^ $masks[$i % 4];
2882. }
2883. return $response == '' ? false : $response;
2884. }
2885. catch(Exception $e)
2886. {
2887. return false;
2888. }
2889. }
2890. /* funçao de transferencia de power para conta */
2891. public function doLogin($user, $pass)
2892. {
2893. /* Variables */
2894. $vals = array();
2895. $p = array();
2896. $pp = '';
2897. $dO = '';
2898. $powerO = '';
2899. $user = $this->mysql->fetch_array('select * from `users` where `username`=\'' . $this->mysql->sanatize($user) . '\';');
2900. if (isset($user[0]))
2901. {
2902. $bride = $user[0]['d2'] == 0 ? false : $user[0]['bride'];
2903. if ($user[0]['torched'] != 1)
2904. {
2905. if ((floor(($user[0]['days'] - time()) / (24 * 3600) + 0.3) >= 1 ? floor(($user[0]['days'] - time()) / (24 * 3600) + 0.3) : 0) >= 1)
2906. {
2907. $upowers = $this->PowDecode($user[0]['powers']);
2908. $spowers = $this->mysql->fetch_array('select * from `powers` where `name` not like \'%(Undefined)%\';');
2909. foreach ($spowers as $power)
2910. {
2911. $vals[$power['id']] = array($power['section'], $power['subid']);
2912. $p[$power['section']] = 0;
2913. }
2914. foreach ($upowers as $powerid => $count)
2915. {
2916. if ($count >= 1 && isset($vals[$powerid]) && isset($p[$vals[$powerid][0]]))
2917. {
2918. $str = $powerid . '=' . ($count > 1 ? ($count - 1) : 1) . '|';
2919. $p[$vals[$powerid][0]] += $vals[$powerid][1];
2920. $dO .= $str;
2921. if ($count > 1)
2922. {
2923. $powerO .= $str;
2924. }
2925. }
2926. }
2927. foreach ($p as $i => $u)
2928. {
2929. $pp .= " d" . (substr($i, 1) + 4) . "=\"{$u}\"";
2930. }
2931. }
2932. $this->mysql->query("update `users` set `dO`='{$this->mysql->sanatize($powerO) }' where `username`='{$this->mysql->sanatize($user[0]['username']) }';");
2933. if ($user[0]['torched'] == 1)
2934. {
2935. $user[0]['xats'] = 0;
2936. $user[0]['days'] = 0;
2937. }
2938. return "<v RL=\"1\" i=\"{$user[0]['id']}\" c=\"{$user[0]['xats']}\" dt=\"0\" n=\"{$user[0]['username']}\" k1=\"{$user[0]['k']}\" k2=\"{$user[0]['k2']}\" k3=\"{$user[0]['k3']}\" bride=\"{$bride}\" d0=\"{$user[0]['d0']}\" d1=\"{$user[0]['days']}\" d2=\"{$user[0]['d2']}\" d3=\"\"{$pp} dx=\"{$user[0]['xats']}\" dO=\"{$powerO}\" PowerO=\"{$powerO}\" />";
2939. }
2940. }
2941. return false;
2942. }
2943. public function getUserByID($id, $chat = null)
2944. {
2945. if ($id == 2 || $id == 0)
2946. {
2947. return false;
2948. }
2949. foreach ($this->users as $user)
2950. {
2951. if ($user->id == $id && ($chat == null || $user->chat == $chat))
2952. {
2953. return $user->online ? $user : false;
2954. }
2955. }
2956. return false;
2957. }
2958. /* funçao de identificaçao de cargo para block nas pools */
2959. function higherRank($rank1, $rank2, $minMod = false) {
2960. if ($rank1 == $rank2) {
2961. return false;
2962. }
2963. $order = array(1, 2, 3, 4);
2964. if (in_array($rank1, $order) && !in_array($rank2, $order)) {
2965. return true;
2966. }
2967. if ($rank1 == 1) {
2968. return true;
2969. }
2970. if ($rank1 == 4 && $rank2 != 1) {
2971. return true;
2972. }
2973. if ($rank1 == 2 && $rank2 != 1 && $rank2 != 4) {
2974. return true;
2975. }
2976. if ($minMod == true) {
2977. return false;
2978. }
2979. if ($rank1 == 3 && $rank2 != 1 && $rank2 != 4 && $rank2 != 2) {
2980. return true;
2981. }
2982. return false;
2983. }
2984. public function getAttribute($att, $attName, $reverse = false)
2985. {
2986. if ($reverse == true)
2987. {
2988. array_reverse($att);
2989. }
2990. foreach ($att as $a => $b)
2991. {
2992. if ($a == $attName)
2993. {
2994. $b = htmlspecialchars($b);
2995. return $b;
2996. }
2997. }
2998. return false;
2999. }
3000. public function getMultiAttr($xml, $names = array(), $values = array())
3001. {
3002. setType($names, 'array');
3003. foreach ($names as $u)
3004. {
3005. $values[$u] = false;
3006. }
3007. foreach ($xml as $i => $u)
3008. {
3009. if (in_array($i, $names) || empty($names))
3010. {
3011. $values[$i] = ((string)((string)$u));
3012. }
3013. }
3014. return $values;
3015. }
3016. public function disconnect($userID, $logout = null, $num = null, $chatid = null)
3017. {
3018. if (isset($this->users[$userID]) && $user = $this->users[$userID])
3019. {
3020. if (!is_null($logout) && $user->online)
3021. {
3022. if ($user->hasPower(172))
3023. {
3024. $user->sendRoom('<m t="/RTypeOff" u="' . $user->id . '" />');
3025. }
3026. $user->sendPacket("<logout />");
3027. }
3028. if (is_resource($user->sock))
3029. {
3030. socket_close($user->sock);
3031. $user->sock = null;
3032. }
3033. $user->online = false;
3034. return true;
3035. }
3036. return false;
3037. }
3038. public function ipban($ip, $dcall = true)
3039. {
3040. if (!filter_var($ip, FILTER_VALIDATE_IP))
3041. {
3042. return false;
3043. }
3044. $this->ipbans[] = $ip;
3045. if ($dcall == true)
3046. {
3047. foreach ($this->users as $u)
3048. {
3049. if ($u->ipaddr == $ip)
3050. {
3051. $this->disconnect($u->index);
3052. }
3053. }
3054. }
3055. $bans = json_encode($this->ipbans);
3056. $this->mysql->query("update `server` set `ipbans`='{$this->mysql->sanatize($bans) }';");
3057. return true;
3058. }
3059. public function ipUnban($ip)
3060. {
3061. if (!filter_var($ip, FILTER_VALIDATE_IP))
3062. {
3063. return false;
3064. }
3065. foreach ($this->ipbans as $index => $addr)
3066. {
3067. if ($ip == $addr)
3068. {
3069. unset($this->ipbans[$index]);
3070. $bans = json_encode($this->ipbans);
3071. $this->mysql->query("update `server` set `ipbans`='{$this->mysql->sanatize($bans) }';");
3072. return true;
3073. }
3074. else
3075. {
3076. continue;
3077. }
3078. }
3079. return false;
3080. }
3081. public function spamfilter($element, $user, $ms = 800, $time = null, $dc = true)
3082. {
3083. if (is_null($time))
3084. {
3085. $time = round(microtime(true) * 1000);
3086. }
3087. if (isset($user->last[$element]) && ($user->last[$element] + $ms) >= $time)
3088. {
3089. return (is_null($dc) ? true : $this->disconnect($user->index));
3090. }
3091. $user->last[$element] = $time;
3092. return false;
3093. }
3094. public function temp_unsanitize($str)
3095. {
3096. $str = str_replace(chr(0xCB) . chr(0x83), '>', $str);
3097. $str = str_replace('&lt;', '<', $str);
3098. $str = str_replace('&apos;', "'", $str);
3099. $str = str_replace('&quot;', '"', $str);
3100. $str = str_replace('&amp;', '&', $str);
3101. return $str;
3102. }
3103. public function parsePacket($string)
3104. {
3105. $node = null;
3106. $elements = [];
3107. $string = trim($string);
3108. if (strlen($string) < 3) throw new Exception();
3109. if ($string[0] != '<' || substr($string, -2) != '/>') throw new Exception();
3110. $string = substr($string, 1, -2);
3111. $pos = strpos($string, ' ');
3112. $node = ($pos === false) ? $string : substr($string, 0, $pos);
3113. $n = preg_match_all('! ([^ =]+(?:="[^"]+"|="")?)!', $string, $matches);
3114. for ($i = 0;$i < $n;$i++)
3115. {
3116. $pos = strpos($matches[1][$i], '=');
3117. $elements[($pos === false ? : substr($matches[1][$i], 0, $pos)) ] = ($pos === false ? $matches[1][$i] : $this->temp_unsanitize(substr($matches[1][$i], $pos + 2, -1)));
3118. }
3119. return ['node' => $node, 'elements' => $elements];
3120. }
3121. public function PowEncode($array = null)
3122. {
3123. $str = "";
3124. if (is_array($array))
3125. {
3126. foreach ($array as $i => $u) $str .= "{$i}={$u}|";
3127. }
3128. return $str;
3129. }
3130. public function PowDecode($str = null)
3131. {
3132. $encPow = [];
3133. if (is_string($str) && $str != null)
3134. {
3135. $oPow = explode('|', rtrim($str, '|'));
3136. foreach ($oPow as $u)
3137. {
3138. $pow = explode("=", $u);
3139. if (!isset($pow[0])) return [];
3140. if (!isset($pow[1]) || $pow[1] <= 0 || $pow[1] > 10000) $pow[1] = 1;
3141. $encPow[$pow[0]] = (int)$pow[1];
3142. }
3143. }
3144. return $encPow;
3145. }
3146. public function getDays($days)
3147. {
3148. return floor(($days - time()) / (24 * 3600) + 0.3) >= 1 ? floor(($days - time()) / (24 * 3600) + 0.3) : 0;
3149. }
3150. }
3151. /* class do client do server para identificar as funçoes */
3152. class client {
3153.  
3154. public $sock, $parent;
3155. public $bride, $rank, $id, $username, $nickname, $k, $k2, $k3, $password, $avatar, $url, $powers, $room, $xats, $days, $chat, $banned, $hidden = false, $pool = 0, $switchingPools = false;
3156. public $d0, $d1, $d2, $d3, $d4, $d5, $d6, $dt, $dx, $dO, $p0, $p1, $p2, $p4, $PowerO, $d7, $p3, $homepage, $h, $group, $away = false, $pStr;
3157. public $loginKey = null, $last = array(), $authenticated = null, $online = false, $disconnect = false, $rExpire = 0, $chatPass = false, $pawn = '';
3158. public $mobready = false, $buffer = '';
3159. public $guest;
3160.  
3161. public function __construct(&$socket, &$parent, $index, $ipaddr, $mobile = false)
3162. {
3163. list($this->index, $this->sock, $this->parent, $this->ipaddr, $this->mobile) = array($index, $socket, $parent, $ipaddr, $mobile);
3164. }
3165. public function resetDetails($id, $bans = null)
3166. {
3167. $user = $this->parent->mysql->fetch_array("select * from `users` where `id`='{$this->parent->mysql->sanatize($id) }' and `id` not in(0, 2);");
3168. if (empty($user))
3169. {
3170. $this->guest = true;
3171. }
3172. else
3173. {
3174. if ($user[0]['username'] == '')
3175. {
3176. list($this->guest, $this->k, $this->k2, $this->k3) = array(true, $user[0]['k'], $user[0]['k2'], $user[0]['k3']);
3177. }
3178. else
3179. {
3180. $this->xats = $user[0]['xats'];
3181. $this->days = floor(($user[0]['days'] - time()) / (24 * 3600) + 0.3) >= 1 ? floor(($user[0]['days'] - time()) / (24 * 3600) + 0.3) : 0;
3182. $avatar = htmlspecialchars(substr($user[0]['avatar'], 0, strpos($user[0]['avatar'] . '&', '&')));
3183. $url = htmlspecialchars(substr($user[0]['url'], 0, strpos($user[0]['url'] . '&', '&')));
3184. $this->username = $user[0]['username'];
3185. $this->password = $user[0]['password'];
3186. $this->enabled = $user[0]['enabled'];
3187. $this->k = $user[0]['k'];
3188. $this->k2 = $user[0]['k2'];
3189. $this->k3 = $user[0]['k3'];
3190. $this->PowerO = $user[0]['dO'];
3191. $this->powers = $user[0]['powers'];
3192. $this->avatar = $avatar;
3193. $this->url = $url;
3194. $this->d1 = 0;
3195. $this->d2 = $user[0]['d2'];
3196. $this->bride = $user[0]['bride'];
3197. $this->d3 = null;
3198. $this->pawn = $user[0]['pawn'] == 'off' ? '' : $user[0]['pawn'];
3199. if ($this->mobile)
3200. {
3201. $this->nickname = $this->username == '' ? 'Unregistered' : $this->username;
3202. }
3203. else
3204. { //$this->mobile
3205. $this->nickname = explode("##", $user[0]['nickname'], 2);
3206. $this->nickname[0] = htmlspecialchars_decode($this->nickname[0]);
3207. $this->nickname = count($this->nickname) > 1 ? implode("##", $this->nickname) : $this->nickname[0];
3208. }
3209. if (true || $user[0]['torched'] != 1)
3210. { // Torching - Add Later
3211. if (!$this->getPowers())
3212. {
3213. return false;
3214. }
3215. $this->dO = $user[0]['dO'];
3216. }
3217. $this->dt = null;
3218. $this->guest = false;
3219. }
3220. $trolls = json_decode($user[0]['trolls'], true);
3221. if (is_array($trolls))
3222. {
3223. foreach ($trolls as $i => $u)
3224. {
3225. $this->{$i} = $u;
3226. }
3227. }
3228. }
3229. if ($this->guest === true)
3230. {
3231. $this->username = '';
3232. }
3233. return true;
3234. }
3235. public function getPowers($pV = array())
3236. {
3237. if ($this->days < 1)
3238. {
3239. for ($i = 0;$i <= $this->parent->config->pcount;$this->{'p' . $i++} = 0);
3240. return true;
3241. }
3242. $powers = $this->parent->mysql->fetch_array('select `powers` from `users` where `id`=' . $this->id . ';');
3243. $powers = isset($powers[0]['powers']) ? $this->parent->PowDecode($powers[0]['powers']) : [];
3244. $powerv = $this->parent->mysql->fetch_array('select `id`, `section`, `subid` from `powers` where `name` not like \'%(Undefined)%\';');
3245. $pv = $test = $final = array();
3246. foreach ($powerv as $power)
3247. {
3248. $pv[$power['id']] = array('sect' => $power['section'], 'sub' => (int)$power['subid']);
3249. $test[$power['section']] = 0;
3250. $last[$power['section']] = 0;
3251. }
3252. foreach ($powers as $powerid => $count)
3253. {
3254. if (isset($test[$pv[$powerid]['sect']]))
3255. {
3256. $test[$pv[$powerid]['sect']] += $pv[$powerid]['sub'];
3257. }
3258. }
3259. foreach ($test as $sect => $val)
3260. {
3261. if (isset($this->{$sect . 'v'}) && (int)$val != (int)$this->{$sect . 'v'})
3262. {
3263. return false;
3264. }
3265. }
3266. foreach ($powers as $powerid => $count)
3267. {
3268. if (isset($pv[$powerid]))
3269. {
3270. $power = $pv[$powerid];
3271. if ((int)$this->{$power['sect'] . 'v'} & $test[$power['sect']])
3272. {
3273. if (!((int)$power['sub'] & $test[$power['sect']]))
3274. {
3275. return false;
3276. }
3277. if (!($this->{'m' . substr($power['sect'], 1) } & (int)$power['sub']))
3278. {
3279. $last[$power['sect']] += (int)$power['sub'];
3280. }
3281. }
3282. }
3283. }
3284. $this->pStr = '';
3285. foreach ($test as $sect => $u)
3286. {
3287. $this->{$sect} = $last[$sect];
3288. $this->pStr .= $sect . '="' . $this->{$sect} . '" ';
3289. }
3290. return true;
3291. }
3292. public function updateDetails()
3293. {
3294. $upowers = $this->parent->mysql->fetch_array('select `powers` from `users` where `id`=' . $this->id . ';');
3295. $upowers = isset($upowers[0]['powers']) ? $this->parent->PowDecode($upowers[0]['powers']) : [];
3296. $spowers = $this->parent->mysql->fetch_array('select * from `powers` where `name` not like \'%(Undefined)%\';');
3297. $vals = array();
3298. $p = array();
3299. $powerO = '';
3300. foreach ($spowers as $power)
3301. {
3302. $vals[$power['id']] = array($power['section'], $power['subid']);
3303. $p[$power['section']] = 0;
3304. }
3305. foreach ($upowers as $powerid => $count)
3306. {
3307. if ($count >= 1 && isset($vals[$powerid]) && isset($p[$vals[$powerid][0]]))
3308. {
3309. $str = $powerid . '=' . ($count > 1 ? ($count - 1) : 1) . '|';
3310. $p[$vals[$powerid][0]] += $vals[$powerid][1];
3311. if ($count > 1)
3312. {
3313. $powerO .= $str;
3314. }
3315. }
3316. }
3317. if ($this->id != 0 && $this->id != 2 && $this->mobile == false)
3318. {
3319. $this->parent->mysql->query("update `users` set `nickname`='{$this->parent->mysql->sanatize($this->nickname) }', `avatar`='{$this->parent->mysql->sanatize($this->avatar) }', `url`='{$this->parent->mysql->sanatize($this->url) }', `dO`='{$this->parent->mysql->sanatize($powerO) }', `connectedlast`='{$this->ipaddr}' where `id`='{$this->parent->mysql->sanatize($this->id) }';");
3320. }
3321. return ($this->id != 0 && $this->id != 2) ? true : false;
3322. }
3323. public function hasPower($power)
3324. {
3325. list($subid, $section) = array(pow(2, $power % 32), $power >> 5);
3326. return isset($this->{'p' . $section}) && $this->{'p' . $section} & $subid ? true : false;;
3327. }
3328. public function authenticate($packet)
3329. {
3330. $attributes = array('u', 'N', 'k', 'pool', 'f', 'f2', 'l5', 'l3', 'l4', 'l2', 'h', 'd0', 'a', 'c', 'banned', 'r', 'i', 'p', 'v', 'rank');
3331. for ($i = 0;$i <= $this->parent->config->pcount;$i++)
3332. {
3333. array_push($attributes, 'd' . ($i + 4));
3334. array_push($attributes, 'm' . $i);
3335. }
3336. $info = $this->getMultiAttr($packet, $attributes);
3337. for ($i = 0;$i <= $this->parent->config->pcount;$i++)
3338. {
3339. $this->{'p' . $i . 'v'} = (int)$info['d' . ($i + 4) ];
3340. $this->{'m' . $i} = (int)$info['m' . $i];
3341. }
3342. /* End */
3343. $this->id = (string)$info['u'];
3344. $this->d0 = (integer)$info['d0'];
3345. $this->f = (integer)$info['f'];
3346. $this->f = (integer)$info['f2'];
3347. $this->v = (integer)$info['v'];
3348. $this->L5 = (integer)$info['l5'];
3349. $n = (string)$info['N'];
3350. $k = (integer)$info['k'];
3351. $pool = $this->pool;
3352. if ($this->mobile && !($this->f & 0x0200))
3353. {
3354. $this->f |= 0x0200;
3355. }
3356. $this->b = $this->f & 8 ? true : false;
3357. $chat = (int)$info['c'];
3358. if ($this->days < 1)
3359. {
3360. for ($i = 0;$i <= $this->parent->config->pcount;$i++)
3361. {
3362. $this->pStr .= 'p' . $i . '="0" ';
3363. }
3364. }
3365. else
3366. {
3367. for ($i = 0;$i <= $this->parent->config->pcount;$i++)
3368. {
3369. $this->{'p' . $i . 'v'} = isset($info['d' . ($i + 4) ]) ? $info['d' . ($i + 4) ] : 0;
3370. $this->{'m' . $i} = isset($info['m' . $i]) ? $info['m' . $i] : 0;
3371. $this->pStr .= 'p' . $i . '="' . $this->{'p' . $i . 'v'} . '" ';
3372. }
3373. }
3374. /* End */
3375. /* Reset details, Check powers */
3376. if (!$this->resetDetails($this->id))
3377. {
3378. return false;
3379. }
3380. $this->url = (string)$info['h'];
3381. $this->avatar = (string)$info['a'];
3382. $xInfo = $this->parent->mysql->fetch_Array("select * from `chats` where `id`='{$this->parent->mysql->sanatize($chat) }';");
3383. if ($xInfo[0]['botid'] == $info['u'])
3384. {
3385. $this->f |= 0x2000;
3386. }
3387. $l5 = $this->getL5($this->loginKey, "100_100_5_100");
3388. print $l5;
3389. #if($this->L5 != $l5){
3390. #return false;
3391. #}
3392. if ($info['r'] !== false)
3393. {
3394. $this->chatPass = $info['r'];
3395. }
3396. /* Sanatize Name / Explode Status */
3397. $this->nickname = $this->getAttribute($packet, 'n');
3398. $this->nickname = explode('##', $this->nickname, 2);
3399. if (count($this->nickname) > 1)
3400. {
3401. $this->nickname[1] = htmlspecialchars(str_replace("", "", $this->nickname[1]));
3402. $this->nickname = implode('##', $this->nickname);
3403. }
3404. else
3405. {
3406. $this->nickname = $this->nickname[0];
3407. }
3408. if (strlen($this->nickname) > 255)
3409. {
3410. //return false;
3411.  
3412. }
3413. /* End */
3414. /* Just some information checking for guest system, + user exists */
3415. if ($this->guest == true && isset($this->enabled) && $this->id != 2)
3416. {
3417. return false;
3418. }
3419. elseif ($this->id != 2 && is_numeric($k))
3420. {
3421. $user = $this->parent->mysql->fetch_array("select * from `users` where `id`='{$this->parent->mysql->sanatize($this->id) }' and `k`='{$this->parent->mysql->sanatize($k) }' and `id`!='' and `k`!='';");
3422. $cyan = $this->parent->mysql->fetch_array("select * from `cyan` where `userid`='{$this->parent->mysql->sanatize($this->id) }';");
3423. if ($cyan)
3424. {
3425. if (time() > $cyan[0]['endtime'])
3426. {
3427. $this->parent->mysql->query("update `users` set `d0`='0' `id`='" . $this->id . "';");
3428. }
3429. }
3430. if (empty($user))
3431. {
3432. return false;
3433. }
3434. elseif ($user[0]['username'] == 'Unregistered')
3435. {
3436. $this->guest = true;
3437. }
3438. else
3439. {
3440. $this->guest = false;
3441. }
3442. }
3443. else
3444. {
3445. $this->guest = true;
3446. }
3447. $this->updateDetails();
3448. $this->authenticated = true;
3449. $banned = $this->parent->mysql->fetch_array("select * from `bans` where `chatid`='{$chat}' and `type`='';");
3450. $banned_id = (isset($banned[0]['userid'])) ? (int)$banned[0]['userid'] : 0;
3451. //join new pools fixed by devil for aspixat
3452. $cpool = floor($xInfo[0]['users'] / 30); // 30 in 1 pool
3453. $npool = $cpool != 0 ? $cpool + 2 : 0;
3454. $pool = $npool;
3455. if ($this->id == $banned_id)
3456. {
3457. return $this->joinRoom($chat, 1, false, 2);
3458. }
3459. else
3460. {
3461. #return $this->joinRoom($chat, 1, false, $pool);
3462. return $this->joinRoom($chat, false, true, $pool);
3463. }
3464. }
3465. public function getAttribute($xml, $name)
3466. {
3467. foreach ($xml as $a => $b)
3468. {
3469. if ($a == $name) return (string)$b;
3470. }
3471. return false;
3472. }
3473. public function getMultiAttr($xml, $names = array(), $values = array())
3474. {
3475. setType($names, 'array');
3476. foreach ($names as $u)
3477. {
3478. $values[$u] = false;
3479. }
3480. foreach ($xml as $i => $u)
3481. {
3482. if (in_array($i, $names))
3483. {
3484. $values[$i] = mb_convert_encoding((string)$u, "utf-8");
3485. }
3486. }
3487. return $values;
3488. }
3489. public function message($t, $ex = true)
3490. {
3491. $this->sendMessage($t, $this->id, 0, false, $ex);
3492. }
3493. public function sendMessage($t, $u = '[C]', $i = 0, $s = false, $ex = false)
3494. {
3495. if ($u == '[C]') $u = $this->id;
3496. $packet = "<m t=\"{$t}\" u=\"{$u}\" i=\"{$i}\" />";
3497. $ex != false ? $this->sendRoom($packet, $ex) : $this->sendPacket($packet);
3498. }
3499. public function write($tag, $data)
3500. {
3501. $packet = "<" . $tag;
3502. if (!empty($data) && is_array($data))
3503. {
3504. foreach ($data as $k => $v)
3505. {
3506. $packet .= " " . $k . "=\"" . $v . "\"";
3507. }
3508. }
3509. $packet .= " />";
3510. if ($packet{strlen($packet) - 1} != chr(0)) $packet .= chr(0);
3511. print_r($data);
3512. socket_write($this->sock, $packet);
3513. }
3514. public function createPacket($type, $values)
3515. {
3516. $xml = Array();
3517. Foreach ($values AS $n => $v)
3518. {
3519. If ($v !== False) $xml[] = "{$n}=\"{$this->parent->mysql->sanatize($v) }\"";
3520. }
3521. $return = "<{$type} " . implode(chr(32), $xml) . " />";
3522. print_r($return);
3523. return $return;
3524. }
3525. public function sendPacket($packet)
3526. {
3527. if ($this->sock)
3528. {
3529. if ($this->mobile == true)
3530. {
3531. $packet = simplexml_load_string($packet);
3532. if (!method_exists($packet, 'getName'))
3533. {
3534. $this->parent->disconnect($this->sock);
3535. return false;
3536. }
3537. $json = new stdClass();
3538. $json->tag = $packet->getName();
3539. foreach ($packet->Attributes() as $i => $u)
3540. {
3541. $json->{$i} = (string)$u;
3542. }
3543. $packet = json_encode($json);
3544. $packet = $this->parent->mask($packet);
3545. }
3546. elseif (substr($packet, -1) != chr(0))
3547. {
3548. $packet .= chr(0);
3549. }
3550. if (!@socket_write($this->sock, $packet, strlen($packet)))
3551. {
3552. $this->parent->disconnect($this->sock);
3553. return false;
3554. }
3555. return true;
3556. }
3557. }
3558. public function sendAll($packet)
3559. {
3560. if (stristr($packet, strlen($packet) - 1, 1) != chr(0))
3561. {
3562. $packet = $packet . chr(0);
3563. }
3564. foreach ($this->parent->users as & $user)
3565. {
3566. if (!@socket_write($user->sock, $packet, strlen($packet)))
3567. {
3568. $this->parent->disconnect($user->index);
3569. }
3570. }
3571. return true;
3572. }
3573. public function parseRank($rank)
3574. {
3575. $ranks = array(1, 2, 3, 4, 5);
3576. if (!is_numeric($rank))
3577. {
3578. switch (strtolower($rank))
3579. {
3580. case 'guest':
3581. return 5;
3582. case 'owner':
3583. return 4;
3584. case 'member':
3585. return 3;
3586. case 'moderator':
3587. return 2;
3588. case 'mainowner':
3589. return 1;
3590. default:
3591. return 0;
3592. }
3593. }
3594. elseif (!in_array($rank, $ranks))
3595. {
3596. return 0;
3597. }
3598. return $rank;
3599. }
3600. public function rank($numrank, $word = null, $compare = null)
3601. { // Made this for the hell of it
3602. $ranks = array(5 => array(5, 'guest'), 3 => array(4, 'member'), 2 => array(3, 'moderator'), 4 => array(2, 'owner'), 1 => array(1, 'mainOwner'));
3603. if (!in_array($numrank, $ranks))
3604. {
3605. $rank = $ranks[5];
3606. }
3607. else
3608. {
3609. $rank = $ranks[$numrank];
3610. }
3611. return is_null($compare) ? (is_null($word) ? $rank[0] : $rank[1]) : ($rank[0] < $ranks[$compare][0] ? true : false);
3612. }
3613. public function __destruct()
3614. {
3615. if ($this->hasPower(172))
3616. {
3617. $this->sendRoom('<m t="/RTypeOff" u="' . $this->id . '" />');
3618. }
3619. if (isset($this->id) && !isset($this->noLogout))
3620. {
3621. $this->sendRoom('<l u="' . $this->id . '" />', true);
3622. }
3623. }
3624. public function getL5($i, $p)
3625. {
3626. $l5_info = explode('_', $p);
3627. $p_w = $l5_info[0];
3628. $p_h = $l5_info[1];
3629. $p_octaves = $l5_info[2];
3630. $p_seed = $l5_info[3];
3631. $t1 = $p_w * $p_h;
3632. $t = $i % $t1;
3633. $p_x = $t % $p_w;
3634. $p_y = floor($t / $p_w) + 1;
3635. $file = fopen("100_100_5_" . $p_seed . ".txt", "r");
3636. $contents = '';
3637. $contents = fread($file, filesize($p . ".txt"));
3638. explode('\n', $contents);
3639. fclose($file);
3640. $value = explode(":", $contents);
3641. $ifp = "" . $p_x . "," . $p_y . "";
3642. $split = str_replace(',', '', $ifp);
3643. return $value[$split];
3644. print $value[$split];
3645.  
3646. }
3647. public function joinRoom($chat, $reload = true, $nodup = false, $pool = 0, $noi = false, $norel = false)
3648. {
3649. /* Initial Information */
3650. list($this->pool, $this->hidden) = array($pool, false);
3651. if (!$this->authenticated || !is_numeric($chat) || $chat < 1)
3652. {
3653. return false;
3654. }
3655. $chat = $this->parent->mysql->fetch_array("select * from `chats` where `id`='{$this->parent->mysql->sanatize($chat) }';");
3656. if (empty($chat))
3657. {
3658. return false;
3659. }
3660. list($this->chatid, $this->group) = array($chat[0]['id'], $chat[0]['name']);
3661. $badge = $this->parent->mysql->fetch_array("select * from `badge` where `id`='{$this->parent->mysql->sanatize($this->id) }' and `chatid`='{$this->parent->mysql->sanatize($chat[0]['id']) }' order by `id` desc limit 0,1;");
3662. if ($this->id == isset($badge[0]['id']))
3663. {
3664. $this->f |= 262144;
3665. }
3666. /* Do Ranks */
3667. $ranks = $this->parent->mysql->fetch_array("select * from `ranks` where `chatid`='{$chat[0]['id']}' and `userid`='{$this->parent->mysql->sanatize($this->id) }';");
3668. if ($this->chatPass !== false)
3669. {
3670. if ($this->parent->mysql->validate($this->chatPass, $chat[0]['pass']) === true)
3671. {
3672. if (empty($ranks))
3673. {
3674. $this->parent->mysql->query("insert into `ranks`(`userid`, `chatid`, `f`) values({$this->id}, {$this->chatid}, 1);");
3675. }
3676. else
3677. {
3678. $this->parent->mysql->query("update `ranks` set `f`=1 where `userid`={$this->id} and `chatid`={$this->chatid};");
3679. }
3680. $ranks[0] = array('userid' => $this->id, 'chatid' => $this->chatid, 'f' => 1, 'tempend' => 0);
3681. }
3682. }
3683. if (!isset($ranks[0]['f']))
3684. {
3685. $ranks[0] = array('f' => 5);
3686. $this->parent->mysql->query("insert into `ranks` (`userid`, `chatid`, `f`) values ('{$this->parent->mysql->sanatize($this->id) }', '{$chat[0]['id']}', '5');");
3687. }
3688. elseif ($ranks[0]['tempend'] > 0 && $ranks[0]['tempend'] < time())
3689. {
3690. $ranks[0] = array("f" => 3);
3691. $this->parent->mysql->query("update `ranks` set `f`=3, `tempend`=0 where `userid`={$this->id} and `chatid`={$this->chatid};");
3692. }
3693. else
3694. {
3695. $userRank = $ranks[0]['f'];
3696. $this->rExpire = $ranks[0]['tempend'] > time() ? $ranks[0]['tempend'] : 0;
3697. }
3698. $this->rank = $ranks[0]['f'];
3699. if ($this->hasPower(29) && !$this->online && in_array($this->rank & 7, array(1, 4)))
3700. {
3701. $this->hidden = true;
3702. if (!($this->f & 0x0400))
3703. {
3704. $this->f += 0x0400;
3705. }
3706. }
3707. elseif ($this->f & 0x0400)
3708. {
3709. $this->f -= 0x0400;
3710. $this->nulleGp = true;
3711. }
3712. $this->updateDetails();
3713. $this->resetDetails($this->id, true);
3714. /* End */
3715. /* Update / Check Bans */
3716. $game = '';
3717. $this->banned = 0;
3718. $this->unban = false;
3719. $ban = $this->parent->mysql->fetch_array("select * from `bans` where `userid`='{$this->parent->mysql->sanatize($this->id) }' and `chatid`='{$this->parent->mysql->sanatize($chat[0]['id']) }' or `ip`='{$this->ipaddr}' and `chatid`='{$this->parent->mysql->sanatize($this->chatid) }' order by `unbandate` desc limit 0,1;");
3720. if (!empty($ban) && ($this->id == $ban[0]['userid'] || $this->ipaddr == $ban[0]['ip']))
3721. {
3722. $ban = $ban[0];
3723. $date = time();
3724. if ($ban['unbandate'] >= $this->loginTime)
3725. {
3726. $banflag = (int)substr($ban['type'], 1);
3727. switch (substr($ban['type'], 0, 1))
3728. {
3729. case 'w':
3730. $game = " w=\"{$banflag}\"";
3731. break;
3732. case 'r':
3733. $this->rank |= $banflag;
3734. break;
3735. case 'f':
3736. $this->f |= $banflag;
3737. break;
3738. default:
3739. $this->rank = 16;
3740. }
3741. if (!($this->f & 0x8000))
3742. { // desban do dunced
3743. $this->banned = $ban['unbandate'];
3744. }
3745. if ($this->f & 256)
3746. { // desban do dunced
3747. $this->sendPacket($this->createPacket("c", array("u" => $this->id, "t" => "/p,{$ban['unbandate']}")));
3748. }
3749. else
3750. {
3751. $this->sendPacket($this->createPacket("c", array("u" => $this->id, "t" => "/p")));
3752. }
3753. }
3754. elseif ($this->id == $ban['userid'])
3755. {
3756. $this->unban = true;
3757. $this->parent->mysql->query("delete from `bans` where `userid`='{$this->parent->mysql->sanatize($this->id) }' and `chatid`='{$this->parent->mysql->sanatize($chat[0]['id']) }' and `unbandate`<={$this->loginTime};");
3758. }
3759. }
3760. elseif (empty($ban) && $this->b == true)
3761. {
3762. $this->unban = true;
3763. }
3764. elseif (isset($ban['unbandate']))
3765. {
3766. $this->sendPacket("<n t=\"You are banned for " . round(($ban['unbandate'] - time()) / 60, 1) . " more minutes.\" />");
3767. }
3768. /* End */
3769. /* Chat Information */
3770. if (empty($chat[0]['attached']))
3771. {
3772. $chat[0]['attached'] = array('Ajuda', '9');
3773. }
3774. else
3775. {
3776. $info = $this->parent->mysql->fetch_array("select * from `chats` where `name`='{$this->parent->mysql->sanatize($chat[0]['attached']) }';");
3777. if (empty($info) || $info[0]['id'] == $chat[0]['id'])
3778. {
3779. $chat[0]['attached'] = array('Ajuda', '9');
3780. }
3781. else
3782. {
3783. $chat[0]['attached'] = array(0 => $info[0]['name'], 1 => $info[0]['id']);
3784. $this->f |= 2;
3785. }
3786. }
3787. if ($chat[0]['attached'][1] == $this->chatid)
3788. {
3789. $chat[0]['attached'] = array('0', '0');
3790. }
3791. if ($chat[0]['NoSmilie'] == 1)
3792. { // Funçoes de OPÇOES EXTRA
3793. $this->f |= 0x0800;
3794. }
3795. if ($chat[0]['DefNoSound'] == 1)
3796. {
3797. $this->f |= 131072;
3798. }
3799. if ($chat[0]['MembersOnly'] == 1)
3800. {
3801. $this->f |= 128;
3802. }
3803. if ($chat[0]['MembersOnly2'] == 1)
3804. {
3805. $this->f |= 0x100000;
3806. }
3807. if ($chat[0]['Live'] == 1)
3808. {
3809. $this->f |= 0x200000;
3810. }
3811. if ($chat[0]['NoList'] == 1)
3812. {
3813. $this->f |= 0x0200;
3814. }
3815. if ($chat[0]['NoStore'] == 1)
3816. {
3817. $this->parent->mysql->query("update `messages` set `visible`=0 where `id`='{$this->chatid}';");
3818. }
3819. if ($this->unban == true)
3820. {
3821. $this->sendPacket('<c u="0" d="' . $this->id . '" t="/u" />');
3822. $this->unban = true;
3823. }
3824. if ($this->days >= 1)
3825. {
3826. $this->v |= 0x03;
3827. }
3828. else
3829. {
3830. $this->v |= 0x01;
3831. }
3832. if ($this->haspower(0))
3833. {
3834. $this->v |= 0x04;
3835. }
3836.  
3837. $this->sendPacket($this->buildGp());
3838.  
3839. if ($noi == false)
3840. {
3841. $this->sendPacket($this->buildGp());
3842. $lang = strlen($chat[0]['lang']) >= 1 ? $chat[0]['lang'] : '';
3843. $b = "{$chat[0]['bg']};={$chat[0]['attached'][0]};={$chat[0]['attached'][1]};={$lang};={$chat[0]['radio']};={$chat[0]['button']}";
3844. $this->sendPacket($this->createPacket("i{$game}", array("b" => $b, "f" => $this->f, "f2" => $this->f, "v" => $this->v, "B" => 150, "r" => $this->rank, "cb" => $this->loginTime)));
3845. $this->sendPacket($this->buildGp());
3846. }
3847.  
3848. $this->sendPacket($this->buildGp());
3849.  
3850. if ($this->isAssigned($this->group, 114) && $this->isAssigned($this->group, 126))
3851. {
3852. $this->sendPacket($this->createPacket("w", array("v" => "{$pool} 0 2 1")));
3853. }
3854. elseif ($this->isAssigned($this->group, 114) && !$this->isAssigned($this->group, 126))
3855. {
3856. $this->sendPacket($this->createPacket("w", array("v" => "{$pool} 0 2")));
3857. }
3858. if ($nodup == false)
3859. {
3860. while ($r = $this->parent->getUserByID((int)$this->id, (int)$chat[0]['id']))
3861. {
3862. if (is_object($r) && $r->online === true)
3863. {
3864. $r->sendPacket("<dup />");
3865. $r->noLogout = true;
3866. $this->parent->disconnect($r->index, true);
3867. }
3868. }
3869. }
3870. /* Compile, and send user list */
3871. $this->chat = $chat[0]['id'];
3872. $myNick = explode("##", $this->nickname, 2);
3873. $myNick[0] = htmlspecialchars(html_entity_decode(htmlspecialchars_decode($myNick[0])));
3874. $myNick = count($myNick) > 1 ? implode("##", $myNick) : $myNick[0];
3875. $myPack = "<u{$game} f=\"{$this->f}\" f2=\"{$this->f}\" flag=\"{$this->f}\" so=\"1\" rank=\"{$this->rank}\" u=\"{$this->id}\" " . ($this->days >= 1 ? ' q="3"' : ' q="1"') . ($this->username == '' ? '' : " N=\"{$this->username}\"") . " n=\"{$myNick}\" a=\"{$this->avatar}\" h=\"{$this->url}\" d0=\"{$this->d0}\" d2=\"{$this->d2}\" bride=\"{$this->bride}\" {$this->pStr} v=\"{$this->v}\" />";
3876. foreach ($this->parent->users as $user)
3877. {
3878. if ($this->mobile == true && $user->mobile == true && $user->ipaddr == $this->ipaddr && $user->username != $this->username)
3879. {
3880. $this->parent->disconnect($user->index);
3881. }
3882. if ($user->chat == $chat[0]['id'] && $user->id != $this->id && $user->pool == $this->pool)
3883. {
3884. if (!in_array($user->id, array(0, 2)) && $user->hidden == false)
3885. {
3886. $user->bride = $user->d2 == 0 ? null : $user->d2;
3887. $nick = explode('##', $user->nickname, 2);
3888. $nick[0] = htmlspecialchars(html_entity_decode(htmlspecialchars_decode($nick[0])));
3889. $nick = count($nick) > 1 ? implode('##', $nick) : $nick[0];
3890. $packet = "<u{$game} flag=\"{$user->f}\" f2=\"{$this->f}\" s=\"1\" f=\"{$user->f}\" rank=\"{$user->rank}\" u=\"{$user->id}\" " . ($user->days >= 1 ? ' q="3"' : ' q="1"') . ($user->username == '' ? '' : " N=\"{$user->username}\"") . " n=\"{$nick}\" a=\"{$user->avatar}\" h=\"{$user->url}\" d0=\"{$user->d0}\" d2=\"{$user->d2}\" bride=\"{$user->bride}\" {$user->pStr} v=\"{$this->v}\" />";
3891. var_dump($packet);
3892. $valid = simplexml_load_string($packet);
3893. if (method_exists($valid, 'getName'))
3894. {
3895. $this->sendPacket($packet);
3896. }
3897. else
3898. {
3899. $this->parent->disconnect($user->index);
3900. continue;
3901. }
3902. }
3903. if (!in_array($this->id, array(0, 2)) && $this->hidden == false)
3904. {
3905. var_dump($myPack);
3906. $user->sendPacket($myPack);
3907. }
3908. }
3909. }
3910. /* End */
3911. /* Send Previous Messages (15) */
3912. if ($reload == true)
3913. {
3914. $messages = $this->parent->mysql->fetch_array("select * from `messages` where `id`='{$chat[0]['id']}' and `pool`={$this->pool} order by time desc limit 0,15;");
3915. for ($i = 0;$i < count($messages);$i++)
3916. {
3917. $message = $messages[count($messages) - $i - 1];
3918. if (isset($this->parent->protected[$user->chat]['type']) && $this->parent->protected[$user->chat]['type'] == 'raid' && $this->rank == 5)
3919. {
3920. break;
3921. }
3922. if ($message['visible'] == '1')
3923. {
3924. $user_message = $this->parent->mysql->fetch_array("select `days` from `users` where `id`='{$message['uid']}';");
3925. $days = floor(($user_message[0]['days'] - time()) / (24 * 3600) + 0.3);
3926. $days = $days >= 1 ? $days : 0;
3927. if ($user->id != $chat[0]['botid'])
3928. {
3929. $this->sendPacket("<m u=\"{$message['uid']}\" n=\"{$message['name']}\" " . ($days >= 1 ? ' q="3"' : ' q="1"') . ($message['registered'] == '' ? '' : " N=\"{$message['registered']}\"") . " a=\"{$message['avatar']}\" i=\"{$message['mid']}\" t=\"{$message['message']}\" s=\"1\" />");
3930. }
3931. }
3932. }
3933. unset($messages);
3934. unset($message);
3935. }
3936. /* End */
3937. $this->sendPacket("<done />");
3938. /* Other info, scrollies, protection meh */
3939. if ($this->isAssigned($this->group, 488))
3940. {
3941. switch ($this->rank)
3942. {
3943. case 2:
3944. $this->sendPacket("<m u=\"{$chat[0]['ch']}\" t=\"/sYou is moderator\" />");
3945. break;
3946. case 3:
3947. $this->sendPacket("<m u=\"{$chat[0]['ch']}\" t=\"/sYou is member\" />");
3948. break;
3949. case 4:
3950. $this->sendPacket("<m u=\"{$chat[0]['ch']}\" t=\"/sYou is Owner\" />");
3951. break;
3952. case 5:
3953. $this->sendPacket("<m u=\"{$chat[0]['ch']}\" t=\"/sYou is Guest\" />");
3954. break;
3955. default:
3956. $this->sendPacket("<m u=\"{$chat[0]['ch']}\" t=\"/s{$chat[0]['sc']}\" />");
3957. }
3958. }
3959. else
3960. {
3961. $this->sendPacket("<m u=\"{$chat[0]['ch']}\" t=\"/s{$chat[0]['sc']}\" />");
3962. }
3963. if (isset($this->parent->protected[$this->chat]))
3964. {
3965. $time = floor(($this->parent->protected[$this->chat]['end'] - time()) / 60);
3966. switch ($this->parent->protected[$this->chat]['type'])
3967. {
3968. case 'noguest':
3969. $this->sendPacket("<z d=\"0\" u=\"0\" t=\"This chat is protected for another {$time} minutes. Guests cannot chat until given a higher rank.\" />");
3970.  
3971. break;
3972. case 'unreg':
3973. $this->sendPacket("<z d=\"0\" u=\"0\" t=\"This chat is protected for another {$time} minutes. Unregistered users cannot chat until given a higher rank.\" />");
3974. break;
3975. case 'raid':
3976. $this->sendPacket("<z d=\"0\" u=\"0\" t=\"Chat in protect Raid mode For {$time} minutes.\" />");
3977. break;
3978. }
3979. }
3980. elseif ($this->f & 1 && 1 == 2)
3981. {
3982. $this->sendPacket("<logout e=\"E12\" />");
3983. }
3984. if (isset($this->parent->protected[$user->chat]['type']) && $this->parent->protected[$user->chat]['type'] == 'raid' && $this->rank == 5)
3985. {
3986. $this->sendPacket("<logout e=\"E38\" />");
3987. }
3988. $check = $this->parent->mysql->fetch_array("select xfrom,xmessage from `offline_messages` where `xto`='{$this->id}' and `unread`='1' limit 0,5;");
3989. if (!empty($check))
3990. {
3991. foreach ($check as $c)
3992. {
3993. $this->sendPacket("<z u=\"" . $c["xfrom"] . "\" t=\"" . $c["xmessage"] . "\" s=\"2\" d=\"" . $this->id . "\" />");
3994. }
3995. $this->parent->mysql->query("update `offline_messages` set `unread`='0' where `xto`='{$this->id}';");
3996. }
3997. $this->online = true;
3998. /* End */
3999. return true;
4000. }
4001. public function isAssigned($group, $p)
4002. {
4003. $assigned = $this->parent->mysql->fetch_array("select * from `group_powers` where `group`='{$group}' and `power`='{$p}' and `enabled`='1';");
4004. empty($assigned) ? $a = false : $a = true;
4005. return $a;
4006. }
4007. public function flixs($p, $group, $data)
4008. {
4009. $power = $this->parent->mysql->fetch_array("select * from `group_powers` where `group`='{$group}' and `power`='{$p}';");
4010. $data = json_decode($data, true);
4011. $data['v'] = $power[0]['count'];
4012. $data = str_replace('"', "'", json_encode($data));
4013. empty($data) ? $gp = '' : $gp = "g{$p}=\"{$data}\" ";
4014. return $gp;
4015. }
4016. public function buildGp(){
4017. $gdata = $this->parent->mysql->fetch_array("SELECT * FROM `chats` WHERE `name`='" . $this->group . "';");
4018. $group_powers = $this->parent->mysql->fetch_array("select * from `group_powers` as `gp` INNER JOIN `powers` as `pw` ON gp.power = pw.id WHERE gp.group = '".$this->group."' and gp.enabled='1';");
4019. $section = array();
4020. foreach($group_powers as $gp){ @$section[$gp['section']] |= $gp['subid']; }
4021. for($i=0; $i<14; $i++){ ${'p'.$i} = isset($section['p'.$i]) ? $section['p'.$i] : 0; }
4022. $p = array($p0, $p1, $p2, $p3, $p4, $p5, $p6, $p7, $p8, $p9, $p10, $p11, $p12, $p13);
4023. $gpp = implode('|', $p);
4024. $gp = "<gp ";
4025. $gp .= "p=\"{$gpp}\" ";
4026. if($this->isAssigned($this->group, 74) && !empty($gdata[0]['gline'])){$gp .= "g74=\"{$gdata[0]['gline']}\" ";}
4027. if($this->isAssigned($this->group, 80) && !empty($gdata[0]['gcontrol'])){$gp .= "g80='{$gdata[0]['gcontrol']}' "; }
4028. if($this->isAssigned($this->group, 90) && !empty($gdata[0]['bad'])){$gp .= "g90=\"{$gdata[0]['bad']}\" ";}
4029. if($this->isAssigned($this->group, 92) && !empty($gdata[0]['horrorflix'])){$gp .= $this->flixs(92, $this->group, $gdata[0]['horrorflix']);}
4030. if($this->isAssigned($this->group, 96) && !empty($gdata[0]['winterflix'])){$gp .= $this->flixs(96, $this->group, $gdata[0]['winterflix']);}
4031. if($this->isAssigned($this->group, 98) && !empty($gdata[0]['feastflix'])){$gp .= $this->flixs(98, $this->group, $gdata[0]['feastflix']);}
4032. if($this->isAssigned($this->group, 100) && !empty($gdata[0]['link'])){$gp .= "g100=\"{$gdata[0]['link']}\" ";}
4033. if($this->isAssigned($this->group, 102) && !empty($gdata[0]['fairyflix'])){$gp .= $this->flixs(102, $this->group, $gdata[0]['fairyflix']);}
4034. if($this->isAssigned($this->group, 108) && !empty($gdata[0]['loveflix'])){$gp .= $this->flixs(108, $this->group, $gdata[0]['loveflix']);}
4035. if($this->isAssigned($this->group, 112) && !empty($gdata[0]['announce'])){$gp .= "g112=\"{$gdata[0]['announce']}\" ";}
4036. if($this->isAssigned($this->group, 114) && !empty($gdata[0]['pools'])){$gp .= "g114='{$gdata[0]['pools']}' "; }
4037. if($this->isAssigned($this->group, 130) || $this->isAssigned($this->group, 106)){
4038. if($this->isAssigned($this->group, 106) && substr($gdata[0]['gback'], 0, 1) == '#' && strlen(substr($gdata[0]['gback'], 1)) == 6){
4039. $gback = substr($gdata[0]['gback'], 1).'#';
4040. $gp .= "g106=\"{$gback}\" ";
4041. }
4042. elseif($this->isAssigned($this->group, 106) && substr($gdata[0]['gback'], 6, 1) == '#' && strlen(substr($gdata[0]['gback'], 0, 6)) == 6){
4043. $gp .= "g106=\"{$gdata[0]['gback']}\" ";
4044. }
4045. elseif($this->isAssigned($this->group, 130) && $this->isAssigned($this->group, 106) && substr($gdata[0]['gback'], 0, 1) != '#' && substr($gdata[0]['gback'], 6, 1) == '#'){
4046. $gp .= "g106\"{$gdata[0]['gback']}\" ";
4047. }
4048. elseif($this->isAssigned($this->group, 130) && substr($gdata[0]['gback'], 0, 1) != '#'){
4049. $gp .= "g130='{$gdata[0]['gback']}' ";
4050. }
4051. }
4052. if($this->isAssigned($this->group, 148) && !empty($gdata[0]['spookyflix'])){$gp .= $this->flixs(148, $this->group, $gdata[0]['spookyflix']);}
4053. if($this->isAssigned($this->group, 156) && !empty($gdata[0]['santaflix'])){$gp .= $this->flixs(156, $this->group, $gdata[0]['santaflix']);}
4054. if($this->isAssigned($this->group, 180) && !empty($gdata[0]['gsound'])){$gp .= "g180='{$gdata[0]['gsound']}' "; }
4055. if($this->isAssigned($this->group, 206) && !empty($gdata[0]['customlang'])){$gp .= "g206='{$gdata[0]['customlang']}' "; }
4056. if($this->isAssigned($this->group, 246)){$gp .= "g246=\"{'dt':70,'v':1}\" ";}
4057. if($this->isAssigned($this->group, 150) && !empty($gdata[0]['botid'])){$gp .= "g150='{$gdata[0]['botid']}' ";}
4058. if($this->isAssigned($this->group, 252) && !empty($gdata[0]['redirect'])){$gp .= "g252='{$gdata[0]['redirect']}' ";}
4059. if($this->isAssigned($this->group, 256)){$gp .= "g256=\"{'rnk':'2','dt':65,'rt':15,'rc':'1','tg':200,'v':1}\" ";}
4060. if($this->isAssigned($this->group, 278) && !empty($gdata[0]['springflix'])){$gp .= $this->flixs(278, $this->group, $gdata[0]['springflix']);}
4061. if($this->isAssigned($this->group, 297) && !empty($gdata[0]['summerflix'])){$gp .= $this->flixs(297, $this->group, $gdata[0]['summerflix']);}
4062. $gp .= "/>";
4063. var_dump($gp);
4064. return $gp;
4065. }
4066. public function sendRoom($packet, $passme = false, $exclude = 0) {
4067. foreach ($this->parent->users as $user) {
4068. if (
4069. $user->chat == $this->chat &&
4070. $user->id != $exclude &&
4071. (
4072. isset($user->pool) &&
4073. isset($this->pool) &&
4074. $user->pool == $this->pool
4075. )
4076. ) {
4077. if ($user->id != $this->id || $passme == false) {
4078. $user->sendPacket($packet);
4079. }
4080. }
4081. }
4082. }
4083.  
4084. public function noToRank($rank)
4085. {
4086. if ($rank >= 14)
4087. {
4088. return 'o';
4089. };
4090. if ($rank >= 10)
4091. {
4092. return 'M';
4093. };
4094. if ($rank >= 7)
4095. {
4096. return 'm';
4097. };
4098. if ($rank >= 3)
4099. {
4100. return 'e';
4101. };
4102. return 'r';
4103. }
4104. public function getDays($days)
4105. {
4106. return floor(($days - time()) / (24 * 3600) + 0.3) >= 1 ? floor(($days - time()) / (24 * 3600) + 0.3) : 0;
4107. }
4108. }
4109. class database
4110. {
4111. public $link, $host, $user, $pass, $name, $pdo;
4112. public $doe = true;
4113. public function __construct($host = null, $user = null, $pass = null, $name = null)
4114. {
4115. if ($name != null)
4116. {
4117. $this->host = $host;
4118. $this->user = $user;
4119. $this->pass = $pass;
4120. $this->name = $name;
4121. }
4122. if (!$this->connected())
4123. {
4124. $this->link = @mysqli_connect($this->host, $this->user, $this->pass, $this->name);
4125. $this->pdo = new PDO("mysql:host={$this->host};dbname={$this->name}", "{$this->user}", "{$this->pass}");
4126. if (!$this->connected())
4127. {
4128. $this->error("Failed to connect to `{$this->host}`.`{$this->name}` using password [" . (empty($this->pass) ? "NO" : 'YES') . "]");
4129. }
4130. }
4131. return true; // Cause I can put it there if I want to
4132.  
4133. }
4134. public function connected()
4135. {
4136. return @mysqli_ping($this->link) ? true : false;
4137. }
4138. public function error($error)
4139. {
4140. print $error . chr(10);
4141. if ($this->doe == true)
4142. {
4143. exit('line:' . __LINE__);
4144. }
4145. }
4146. public function query($query = "")
4147. {
4148. if (!is_string($query))
4149. {
4150. return false;
4151. }
4152. $this->__construct();
4153. $return = $this->pdo->prepare($query);
4154. $return->execute();
4155. #$return = mysqli_query($this->link, $query);
4156. return $return ? $return : false;
4157. }
4158. public function fetch_array($query, $return = array())
4159. {
4160. $this->__construct();
4161. if (!is_string($query) || !($res = $this->query($query)))
4162. {
4163. return array();
4164. }
4165. while ($data = $res->fetch(\PDO::FETCH_ASSOC))
4166. {
4167. $return[] = $data;
4168. }
4169. return !empty($return) ? $return : array();
4170. }
4171. public function sanatize($data)
4172. {
4173. if (is_array($data))
4174. {
4175. return array_map(array($this, 'sanatize'), $data);
4176. }
4177. if (function_exists("mb_convert_encoding"))
4178. {
4179. $data = mb_convert_encoding($data, "UTF-8", 'auto');
4180. }
4181. return $this->link->real_escape_string($data);
4182. }
4183. public function rand($length = 32, $low = true, $upp = true, $num = true, $indent = false)
4184. {
4185. $chars = array_merge($low ? range('a', 'z') : array(), $upp ? range('A', 'Z') : array(), $num ? range('0', '9') : array());
4186. for ($rand = "";strlen($rand) < $length;$rand .= $chars[array_rand($chars) ]);
4187. if ($indent != false)
4188. {
4189. $rand = implode('-', str_split($rand, $indent));
4190. }
4191. return $rand;
4192. }
4193. static function urs($x, $y)
4194. {
4195. return ($x >> $y) & (2147483647 >> ($y - 1));
4196. }
4197. public function hash($str, $rawsalt = '', $hash = 'sha512')
4198. {
4199. if ($rawsalt == '')
4200. {
4201. $rawsalt = $this->rand(((strlen($str) % 3) + 1) * 5);
4202. }
4203. $loc = array(hash('sha1', $rawsalt), hash('sha1', $str), '');
4204. foreach (str_split($loc[0], 1) as $index => $character)
4205. {
4206. $loc[2] .= $character . $loc[1][$index];
4207. }
4208. $hash = hash($hash, $loc[2]);
4209. return substr_replace($hash, $rawsalt, (strlen($str) << 2) % strlen($hash), 0);
4210. }
4211. public function validate($str, $hash, $engine = 'sha512')
4212. {
4213. $salt = substr($hash, (strlen($str) << 2) % strlen(hash($engine, 1)), ((strlen($str) % 3) + 1) * 5);
4214. return $this->hash($str, $salt, $engine) === $hash ? true : false;
4215. }
4216. public function hashPass($pass, $salt = null, $hashtype = 'sha512', $hash = "")
4217. {
4218. return $this->hash($pass, $salt, $hashtype);
4219. }
4220. public function checkPass($input, $real, $hash = 'sha512')
4221. {
4222. return $this->validate($input, $real, $hash);
4223. }
4224. }