Untitled

<?php
/*
    Create two .txt files for storing ROBLOSECURITY and token.
    The script will automatically update the files when ROBLOSECURITY or token is no longer usable.
*/
// Input
//$subject          = $_GET['subject'];
//$body             = $_GET['body'];  //this was for something else
//$target_user_id   = $_GET['id'];
// Login User Data
$login_user       = 'username=publicapi&password=';
$file_path_rs     = 'rs.txt';
$file_path_token  = 'token.txt';
$current_rs       = file_get_contents($file_path_rs);
$current_token    = file_get_contents($file_path_token);
// [Function] Get ROBLOSECRUITY
function getRS()
{
    global $login_user, $file_path_rs;
    $get_cookies = curl_init('https://www.roblox.com/newlogin');
    curl_setopt_array($get_cookies,
        array(
            CURLOPT_RETURNTRANSFER => true,
            CURLOPT_HEADER => true,
            CURLOPT_POST => true,
            CURLOPT_POSTFIELDS => $login_user
                        //CURLOPT_USERAGENT => "Mozilla/5.0 (Windows NT 5.1) AppleWebKit/535.6 (KHTML, like Gecko) Chrome/16.0.897.0 Safari/535.6",
                        //CURLOPT_FOLLOWLOCATION => true,
                        //CURLOPT_REFERER => "http://www.roblox.com"
        )
    );
    $rs = (preg_match('/(\.ROBLOSECURITY=.*?);/', curl_exec($get_cookies), $matches) ? $matches[1] : '');
    file_put_contents($file_path_rs, $rs, true);
    curl_close($get_cookies);
    return $rs;
}
// [Function] Change User's Group Rank
function changeRank($rs, $token, $target_user_id, $subject, $body)
{
    global $subject, $body, $target_user_id, $file_path_token;

    $promote_user = curl_init("http://www.roblox.com/messages/api/send-message");
    curl_setopt_array($promote_user,
        array(
            CURLOPT_RETURNTRANSFER => true,
            CURLOPT_POST => true,
            CURLOPT_HEADER => true,
            CURLOPT_HTTPHEADER => array("Cookie: $rs", "X-CSRF-TOKEN: $token", "Content-Type: application/json"),
            CURLOPT_POSTFIELDS => json_encode(array(
   "recipientId"=>$target_user_id, "subject" => $subject,
    "body" => $body)),
                        CURLOPT_USERAGENT => "Mozilla/5.0 (Windows NT 5.1) AppleWebKit/535.6 (KHTML, like Gecko) Chrome/16.0.897.0 Safari/535.6",
                        CURLOPT_FOLLOWLOCATION => true,
                     )
    );
    $resp = curl_exec($promote_user);
    $resp_header_size = curl_getinfo($promote_user, CURLINFO_HEADER_SIZE);
    $resp_header = substr($resp, 0, $resp_header_size);
    $resp_body = substr($resp, $resp_header_size);
    if (preg_match('/GuestData/', $resp_header)) {
        // RS invalid
        $resp_body = changeRank( getRS(), $token );
    } else if (preg_match('/Token Validation Failed/', $resp_header)) {
        // Token invalid
        $new_token = (preg_match('/X-CSRF-TOKEN: (\S+)/', $resp_header, $matches) ? $matches[1] : '');
        file_put_contents($file_path_token, $new_token, true);
        $resp_body = changeRank( $rs, $new_token );
    }
    curl_close($promote_user);
    return $resp_body;
}
// Change user's group rank and echo results
echo changeRank(getRS(), $current_token, 21208890, "subject", "body");
?>