<?phpsession_start();include "l/info.php";ini_set('display_errors',1);in

1. <?php
2. session_start();
3. include "l/info.php";
4. ini_set('display_errors',1);
5. ini_set('display_startup_erros',1);
6. error_reporting(E_ALL);
7. ini_set("magic_quotes_runtime", 0);
8. date_default_timezone_set('Brazil/East');
9. $servername = "mn20cf.com.mysql";
10. $username = "mn20cf_com_herox";
11. $password = "herox762762";
12. $dbname = "mn20cf_com_herox";
13. $conn = new mysqli($servername, $username, $password, $dbname);
14. if ($conn->connect_error) {
15. die("Connection failed: " . $conn->connect_error);
16. }
17. function anti_injection($sql)
18. {
19. $sql = trim($sql);
20. $sql = strip_tags($sql);
21. $sql = addslashes($sql);
22. $sql = utf8_decode($sql);
23. return $sql;
24. }
25. $co = $_COOKIE['info'];
26. $info = explode("&", $co);
27. $usuario = $info[0];
28. if(!$usuario == 'herox'){
29. die();
30. }
31. if($usuario == ''){
32. die();
33. }
34. if(isset($_SESSION['flood'])){
35. if(time() > $_SESSION['flood']){
36. session_destroy();
37. } else {
38. die("antflood");
39. }
40. }
41. $data = date("d/m/y H:m:s");
42. $sql = "SELECT * FROM ban WHERE usuario='$usuario'";
43. $result = $conn->query($sql);
44. $sql1 = "SELECT * FROM kick WHERE usuario='$usuario'";
45. $result1 = $conn->query($sql1);
46. $ranksql = "SELECT * FROM herox WHERE husuario='$usuario'";
47. $rankresult = $conn->query($ranksql);
48. $rank = $rankresult->fetch_array();
49. $rank = $rank['rank'];
50. if($result->num_rows == 1){
51. die("banido");
52. }
53. if($result1->num_rows == 1){
54. die("kickado");
55. }
56. if(isset($_GET['env']) == 'true'){
57.  
58.  
59. if(isset($_COOKIE['f'])){
60. $cookie = $_COOKIE['f'];
61. if($rank == 1){
62. setcookie("f", "0", time() + 10);
63. }
64. if($_COOKIE['f'] == 5 && $rank == 0){
65. setcookie("f", "6", time() + 1500);
66. $sql = "INSERT INTO chat_logs values(null,'<font color=red>HeroxBot</font>','O $usuario foi mutado por 25minutos por flood','$data')";
67. $conn->query($sql);
68. $_SESSION['flood'] = time() + (30 * 60);
69. die("antiflod");
70. }
71. if($_COOKIE['f'] >= 6 && $rank == 0){
72. die("antiflod");
73. }
74. setcookie("f", $cookie+1, time() + 10);
75. } else {
76. setcookie("f", "1", time() + 10);
77. }
78. $message = anti_injection($_GET['msg']);
79. $messagerry = array("project",".tk","habbo-project","http://projectshabbo.br22.net/","http://projectshabbo.br22.net/Scorpion2014","http://projectshabbo.br22.net/Scorpion2014/index.php","barrar","gq","projectshabbo","http://1tapprojects.com","1tapprojects","http://1tapprojects.com/hb/Scorpion2014/","Scorpion2014","goo.gl/bk06VJ","bk06VJ","scorpion","SCORPION","1tap","secdet.com.br","http","www","://","secdet");
80. $message = str_replace($messagerry, '<font color=red>bobba</font>', $message);
81. if($message == ''){
82. exit();
83. }
84. if(strstr($message, ':limpar') && $rank == 1){
85. $sql2 = "TRUNCATE chat_logs";
86. $conn->query($sql2);
87. exit;
88. }
89. if(strstr($message, ':ban') && $rank == 1){
90. $data = date("d/m H:i");
91. $ex = explode(" ",$message);
92. $sql2 = "INSERT INTO ban values(null,'$ex[1]','$ex[2]')";
93. $conn->query($sql2);
94. $sql = "INSERT INTO chat_logs values(null,'<font color=red>HeroxBot</font>','O $ex[1] foi banido do Herox','$data')";
95. $conn->query($sql);
96. exit();
97. }
98. if(strstr($message, ':desban') && $rank == 1){
99. $data = date("d/m H:i");
100. $ex = explode(" ",$message);
101. $sql2 = "DELETE FROM ban where usuario='$ex[1]'";
102. $conn->query($sql2);
103. $sql2 = "INSERT INTO chat_logs values(null,'<font color=red>HeroxBot</font>','O $ex[1] foi desbanido do Herox','$data')";
104. $conn->query($sql2);
105. exit();
106. }
107.  
108. if(strstr($message, ':kick') && $rank == 1){
109. $data = date("d/m H:i");
110. $ex = explode(" ",$message);
111. $sql1 = "INSERT INTO kick values('$ex[1]')";
112. $conn->query($sql1);
113. $sql2 = "INSERT INTO chat_logs values(null,'<font color=red>HeroxBot</font>','O $ex[1] foi kickado do Herox','$data')";
114. $conn->query($sql2);
115. exit();
116. }
117. if(strstr($message, ':presentes')){
118. $data = date("d/m H:i");
119. $a = "SELECT * FROM logs WHERE owner='$usuario'";
120. $aa = $conn->query($a);
121. $aaa = $aa->num_rows;
122. $sql2 = "INSERT INTO chat_logs values(null,'<font color=red>HeroxBot</font>','Olá <b>$usuario</b> vc tem $aaa presentes','$data')";
123. $conn->query($sql2);
124. exit();
125. }
126. if(strstr($message, ':deletar')){
127. $data = date("d/m H:i");
128. $sql2 = "DELETE FROM logs WHERE owner='$usuario'";
129. $conn->query($sql2);
130. $sql2 = "INSERT INTO chat_logs values(null,'<font color=red>HeroxBot</font>','<b>$usuario</b> limpou seus presentes','$data')";
131. $conn->query($sql2);
132. exit;
133. }
134. $sql2 = "INSERT INTO chat_logs values(null,'$usuario','$message','$data')";
135. $data = date("d/m H:i");
136. $conn->query($sql2);
137. } else if(isset($_GET['get']) == 'true'){
138. if(!isset($_GET['id'])){
139. die();
140. }
141. $id = $_GET['id'];
142. $arr = array();
143. $per = 0;
144. $sql1 = "SELECT id FROM chat_logs";
145. $result1 = $conn->query($sql1);
146. $idc=$result1->num_rows;
147. $sql = "SELECT * FROM chat_logs WHERE id>'$id' ORDER BY id DESC LIMIT 20";
148. $result = $conn->query($sql);
149. if ($result->num_rows > 0) {
150. while($row = $result->fetch_array()) {
151. $per = 1;
152. $arr[] = array(
153. 'id' => $row['id'],
154. 'usuario' => $row['usuario'],
155. 'message' => utf8_encode($row['message']),
156. 'data' => $row['data']
157. );
158. }
159. } else {
160. $per = 0;
161. }
162. echo json_encode(array('per' => ''.$per.'','id' => $idc,'message' => $arr));
163. $conn->close();
164. }
165. ?>