<?phpset_time_limit(0);date_default_timezone_set("Australia/Melbourne");

1. <?php
2.  
3. set_time_limit(0);
4. date_default_timezone_set("Australia/Melbourne");
5. libxml_use_internal_errors(true);
6. ini_set('display_errors', 'on');
7. error_reporting(E_ALL);
8.  
9. do {
10. $server = new MSERVER();
11. unset($server);
12. } while (true);
13.  
14. class MSERVER {
15.  
16. private $info = array();
17. public $socket = array(null, null);
18. public $users = array();
19. public $ipbans = array();
20. public $protected = array();
21. public $rfilter = array();
22. public $debug = true;
23. public $hasGroupPowers = array("Lobby", "Help");
24.  
25. public function __construct() {
26. require __DIR__ . "/../_class/config.php";
27. // $config = (object) array( 'db' => array( 0 => 'localhost', 1 => 'root', 2 => '', 3 => 'xat' ) ); //Configuracao
28. $this->mysql = new Database($config->db[0], $config->db[1], $config->db[2], $config->db[3]);
29.  
30. $this->resetConfig();
31. $this->bind();
32.  
33. while (true) {
34. $this->bind();
35.  
36. while ($this->socket[0]) {
37. $this->listen();
38. }
39.  
40. array_map('socket_close', $this->socket);
41. }
42. }
43.  
44. public function resetConfig( )
45. {
46. $this->config = $this->mysql->fetch_Array( "select * from `server` limit 0, 1;" );
47. $this->config = (object) $this->config[0];
48.  
49. $this->config->spam_wait = 800;
50. $this->config->staff = @(Array) json_decode( $this->config->staff );
51. $this->config->pawns = @(Array) json_decode( $this->config->pawns );
52.  
53. $this->config->pcount = $this->mysql->fetch_Array( 'select count(distinct `section`) as `count` from `powers`;' );
54. $this->config->pcount = $this->config->pcount[ 0 ][ 'count' ];
55.  
56. $this->hash = $this->mysql->rand( 25 );
57. $this->ipbans = $this->mysql->fetch_Array( "select `ipbans` from `server`;" );
58. $this->ipbans = @(Array) json_decode( $this->ipbans[ 0 ][ 'ipbans' ] );
59. $this->mysql->query( "update `server` set `pid`='" . getmypid() . "';" );
60. }
61.  
62. public function bind( )
63. {
64. try
65. {
66. global $argv;
67. $this->socket = Array(
68. socket_create( AF_INET, SOCK_STREAM, SOL_TCP ),
69. socket_create_listen( 0 )
70. );
71.  
72. socket_getsockname( end( $this->socket ), $ip, $port );
73. $this->mysql->query( "update `server` set `ipc`={$port};" );
74. socket_set_option( $this->socket[ 0 ], SOL_SOCKET, SO_REUSEADDR, True );
75.  
76. If ( !Isset( $argv[ 1 ] ) || $argv[ 1 ] != 'debug' )
77. {
78. socket_bind( $this->socket[ 0 ], $this->config->server_ip, $this->config->server_pt ) or exit;
79. } //!Isset( $argv[ 1 ] ) || $argv[ 1 ] != 'debug'
80. Else
81. {
82. $this->debug = True;
83. socket_bind( $this->socket[ 0 ], $this->config->server_ip, $this->config->backup_pt ) or exit;
84. }
85.  
86. socket_listen( $this->socket[ 0 ] );
87. socket_set_block( $this->socket[ 0 ] );
88. }
89. catch ( Exception $e )
90. {
91. print $e->getMessage();
92. exit;
93. }
94. }
95.  
96.  
97. public function listen( $null = null, $ipc = 0 )
98. {
99. $read = $this->socket;
100. Foreach ( $this->users as $user )
101. {
102. $read[ ] = $user->sock;
103. } //$this->users as $user
104. $except = $read;
105. If ( @socket_select( $read, $null, $except, null ) < 1 )
106. {
107. continue;
108. } //@socket_select( $read, $null, $except, null ) < 1
109.  
110. Foreach ( $this->socket as $i => $psock )
111. {
112. If ( in_Array( $psock, $read ) )
113. {
114. switch ( (int) $i )
115. {
116. case 0:
117. $socket = socket_accept( $psock );
118. socket_set_nonblock($socket);
119. If ( !is_resource( $socket ) || count( $this->users ) >= $this->config->max_total )
120. {
121. @socket_close( $socket );
122. break;
123. } //!is_resource( $socket ) || count( $this->users ) >= $this->config->max_total
124.  
125. socket_getpeername( $socket, $ip );
126. Foreach ( $this->users as $user )
127. {
128. If ( $user->ipaddr == $ip )
129. {
130. $ipc++;
131. } //$user->ipaddr == $ip
132. } //$this->users as $user
133.  
134. If ( $ipc > $this->config->max_per_ip || in_Array( $ip, $this->ipbans ) )
135. {
136. Foreach ( $this->users as $user )
137. {
138. If ( $user->ipaddr == $ip )
139. {
140. $this->disconnect( $user->index );
141. } //$user->ipaddr == $ip
142. } //$this->users as $user
143. break;
144. } //$ipc > $this->config->max_per_ip || in_Array( $ip, $this->ipbans )
145.  
146. do
147. {
148. $index = $this->mysql->rand();
149. } while ( Isset( $this->users[ $index ] ) );
150.  
151. $this->users[ $index ] = new client( $socket, $this, $index, $ip );
152. break;
153.  
154. case 1:
155. $this->socket[ ] = socket_accept( $psock );
156. break;
157.  
158. } //(int) $i
159. } //in_Array( $psock, $read )
160. } //$this->socket as $i => $psock
161. If ( !is_Array( $except ) )
162. {
163. $except = Array( );
164. } //!is_Array( $except )
165.  
166. Foreach ( $this->users as $index => $user )
167. {
168. If ( in_Array( $user->sock, $except ) || !$user->sock )
169. {
170. unset( $this->users[ $index ] );
171. } //in_Array( $user->sock, $except ) || !$user->sock
172. ElseIf ( in_Array( $user->sock, $read ) )
173. {
174. $input = '';
175. while(@socket_recv($user->sock, $buf, (4096 * 4096), 0) >= 1)
176. {
177. $input .= $buf;
178. }
179. If ( trim( $input ) == '' || ord( substr( $input, 0, 1 ) ) == 136 )
180. {
181. unset( $this->users[ $index ] );
182. continue;
183. } //trim( $input ) == '' || ord( substr( $input, 0, 1 ) ) == 136
184. ElseIf ( substr_count( $input, chr( 0 ) ) <= 1 )
185. {
186. $this->handle( $input, $user );
187. } //substr_count( $input, chr( 0 ) ) <= 1
188. } //in_Array( $user->sock, $read )
189. } //$this->users as $index => $user
190. }
191.  
192.  
193.  
194. private function handle($packet, &$user) {
195. $packet = str_replace('', '', $packet); //RIP Chrome
196.  
197. try {
198. if ($this->debug) {
199. var_dump($packet);
200. }
201.  
202.  
203. if ($user->mobile == false && substr($packet, 0, 1) !== '<') {
204. $user->mobile = true;
205. }
206.  
207. if (substr($packet, 0, 2) == '<x') {
208. $user->sendRoom($packet);
209. }
210.  
211. if ($user->mobile == true) {
212. if ($user->mobready == false) {
213. $user->buffer .= $packet;
214. if (strlen($user->buffer) >= 4096) {
215. throw new Exception();
216. }
217.  
218. if (is_numeric(strpos($user->buffer, "\r\n\r\n"))) {
219. $headers = array();
220. $lines = explode("\r\n", $user->buffer);
221. foreach ($lines as $line) {
222. $line = explode(': ', $line, 2);
223. if (count($line) < 2)
224. continue;
225. $headers[strtolower($line[0])] = $line[1];
226. }
227.  
228. if (!isset($headers['sec-websocket-key'])) {
229. throw new Exception();
230. }
231.  
232. $secAccept = base64_encode(pack('H*', sha1($headers['sec-websocket-key'] . '258EAFA5-E914-47DA-95CA-C5AB0DC85B11')));
233. $response = array();
234. array_push($response, "HTTP/1.1 101 Pulse");
235. array_push($response, "Upgrade: websocket");
236. array_push($response, "Connection: Upgrade");
237. array_push($response, "Sec-WebSocket-Accept: " . $secAccept);
238. @socket_write($user->sock, implode("\r\n", $response) . "\r\n\r\n");
239.  
240. $user->mobready = true;
241. }
242.  
243. return;
244. } else {
245. $packet = $this->unmask($packet);
246. if ($packet == false) {
247. throw new Exception(1);
248. }
249. }
250. }
251.  
252. if (strpos($packet, '<', 1) !== false) {
253. throw new Exception(2);
254. }
255. $packet2 = $packet;
256. $packet = simplexml_load_string(trim($packet));
257.  
258. if (!method_exists($packet, 'getName')) {
259. libxml_clear_errors(true);
260. throw new Exception(3);
261. }
262.  
263. $tag = strtolower($packet->getName());
264. $lPackets = array('policy-file-request', 'j2', 'y', 'login');
265.  
266. if (strlen($tag) > 25 || $tag == '') {
267. throw new Exception(4);
268. }
269.  
270. if (!isset($user->loginKey) || $user->loginKey == null) {
271. if (!in_array($tag, $lPackets)) {
272. throw new Exception(5);
273. }
274. } elseif ($user->authenticated == null && $tag != 'j2') {
275. throw new Exception(6);
276. } elseif (isset($user->id) && in_array($user->id, array(0, 2))) {
277. throw new Exception(7);
278. } elseif ($user->hidden == true && $user->online) {
279. $user->hidden = false;
280. $user->joinRoom($user->chat, false, true, $user->pool);
281. };
282. } catch (Exception $e) {
283. //print $e->getMessage() . "\n";
284. return $this->disconnect($user->index);
285. }
286.  
287.  
288. if (!$user->authenticated && !in_array($tag, $lPackets)) {
289. return $this->disconnect($user->index, true);
290. }
291.  
292. switch ($tag) {
293. //For bots
294. case 'login':
295. //$key = $this->getAttribute($packet, 'key');//lol later
296. $user2 = $this->getAttribute($packet, 'user');
297. $password = $this->getAttribute($packet, 'pass');
298. $userLogin = $this->mysql->fetch_array('select * from `users` where `username`=\'' . $this->mysql->sanatize($user2) . '\';');
299. if (!$this->mysql->validate($password, $userLogin[0]['password']) || empty($userLogin)) {
300. $user->sendPacket('<login t="Bad Username/Password." e="1" />');
301. } else {
302. $loginKey = md5(json_encode(array(time(), $userLogin[0]['username'], $userLogin[0]['password'])));
303. $this->mysql->query('update `users` set `loginKey`=\'' . $loginKey . '\' where `username`=\'' . $this->mysql->sanatize($userLogin[0]['username']) . '\';');
304. //$user->sendPacket('<login t="'.$loginKey.'" e="0" />');
305. if ((floor(($userLogin[0]['days'] - time()) / (24 * 3600) + 0.3) >= 1 ? floor(($userLogin[0]['days'] - time()) / (24 * 3600) + 0.3) : 0) >= 1)
306. {
307. $upowers = $this->mysql->fetch_array("select * from `userpowers` where `userid`={$userLogin[0]['id']};");
308. $spowers = $this->mysql->fetch_array("select * from `powers` where `name` not like '%(Undefined)%';");
309. list($vals, $p, $dO, $powerO, $pp) = array(array(), array(), '', '', '');
310. foreach ($spowers as $i => $u)
311. {
312. $vals[$u["id"]] = array($u["section"], $u["subid"]);
313. if (!isset($p[$u["section"]]))
314. {
315. $p[$u["section"]] = 0;
316. }
317. }
318.  
319. foreach ($upowers as $i => $u)
320. {
321. if ($u["count"] >= 1 && isset($vals[$u["powerid"]]) && isset($p[$vals[$u["powerid"]][0]]))
322. {
323. $str = $u['powerid'] . '=' . ($u['count'] > 1 ? ($u['count'] - 1) : 1) . '|';
324. $dO .= $str;
325.  
326. if ($u['count'] > 1)
327. {
328. $powerO .= $str;
329. }
330.  
331. $p[$vals[$u["powerid"]][0]] += $vals[$u["powerid"]][1];
332. }
333. }
334. }
335.  
336. $nickname = explode('##', $userLogin[0]['nickname'], 2);
337. if (count($nickname) != 2) {
338. $nickname[1] = "";
339. }
340. $vars = "";
341. $vars .= 'userno="' . $userLogin[0]["id"] . '" ';
342. $vars .= 'avatar="' . $userLogin[0]["avatar"] . '" ';
343. $vars .= 'k1="' . $userLogin[0]["k"] . '" ';
344. $vars .= 'd0="' . $userLogin[0]["d0"] . '" ';
345. $vars .= 'd1="' . $userLogin[0]["days"] . '" ';
346. $vars .= 'd2="' . $userLogin[0]["d2"] . '" ';
347. $vars .= 'd3="" ';
348.  
349. foreach ($p as $i => $u)
350. $vars .= 'd' . (substr($i, 1) + 4) . '="' . $u . '" ';
351.  
352. $vars .= 'dt=0" ';
353. $vars .= 'homepage="' . $userLogin[0]["url"] . '" ';
354. $vars .= 'Powers="' . implode(",", $p) . '" ';
355. $vars .= 'PowerO="' . $powerO . '" ';
356. $vars .= 'status="' . $nickname[1] . '" ';
357. $vars .= 'dO="'.$dO.'" ';
358. $vars .= 'dx="' . $userLogin[0]["xats"] . '" ';
359. $vars .= 'registered="' . $userLogin[0]["username"] . '" ';
360. $vars .= 'k2="' . $userLogin[0]["k2"] . '" ';
361. $vars .= 'k3="' . $userLogin[0]["k3"] . '" ';
362. $vars .= 'name="' . $nickname[0] . '" ';
363. $vars .= 'loginKey="' . $loginKey . '"';
364. $user->sendPacket('<v ' . $vars . ' e="0" />');
365. }
366. break;
367.  
368. case substr($tag, 0, 1) == 'w':
369. $pool = substr($tag, 1, 2);
370. $chat = $this->mysql->fetch_array("select * from `chats` where `id`={$user->chat};");
371. $rank = str_replace('\'','"',$chat[0]['pools']);
372. $rank = json_decode($rank, true);
373. $rankS = $user->noToRank($rank['rnk']);
374. if($rankS == "o" && $user->rank != 1){
375. break;
376. }
377. elseif($rankS == "M" && ($user->rank != 1 && $user->rank != 4)){
378. break;
379. }
380. elseif($rankS == "m" && ($user->rank != 1 && $user->rank != 4 && $user->rank != 2)){
381. break;
382. }
383. elseif($rankS == "e" && ($user->rank != 1 && $user->rank != 4 && $user->rank != 2 && $user->rank != 3)){
384. break;
385. } else {
386. $user->sendRoom("<l u=\"{$user->id}\" />");
387. $user->switchingPools = true;
388. $user->joinRoom($user->chat, true, true, $pool);
389. }
390. break;
391.  
392.  
393.  
394. case 'f':
395. $users = $this->getAttribute($packet, 'o');
396. if ($users === false || $this->spamfilter($tag, $user, 200)) {
397. $this->disconnect($user->index);
398. } else {
399. $friends = (array) explode(' ', $users);
400. $online = array();
401. foreach ($this->users as $i => $_user) {
402. if ($_user->id != $user->id && in_array($_user->id, $friends) && $_user->hidden === false && !in_array($_user->id, $online)) {
403. array_push($online, $_user->id);
404. }
405. }
406. $user->sendPacket('<f v="' . implode(',', $online) . '" />');
407. }
408. break;
409.  
410. case 'policy-file-request':
411. if (isset($user->policy)) {
412. return $this->ipban($user->ipaddr);
413. }
414.  
415. $user->sendPacket('<cross-domain-policy><allow-access-from domain="*" to-ports="*" /></cross-domain-policy>');
416. $user->policy = 1;
417. break;
418.  
419. case 'r':
420. break;
421.  
422. case 'y':
423. if (isset($user->loginKey) && $user->loginKey != null) {
424. return $this->ipban($user->ipaddr);
425. }
426.  
427. $user->loginKey = rand(10000000, 99999999);
428. $user->loginShift = rand(2, 5);
429. $user->loginTime = time();
430.  
431. $user->sendPacket('<y yi="' . $user->loginKey . '" yc="' . $user->loginTime . '" ys="' . $user->loginShift . '" />');
432. break;
433.  
434. case 'j2':
435.  
436. if ($user->authenticated == true) {
437. $user->sendPacket('<logout />');
438. return $this->disconnect($user->index);
439. }
440.  
441. if ($user->authenticate($packet) == false) {
442. $user->sendPacket('<n t="You must re-login to be able to chat further." />');
443. $user->sendPacket('<logout />');
444. $this->disconnect($user->index);
445. }
446.  
447. break;
448.  
449. case 'l':
450. $this->disconnect($user->index);
451. break;
452.  
453.  
454. case 'm':
455. if ($user->banned > time()) {
456. return false;
457. }
458.  
459. if (isset($this->protected[$user->chat])) {
460. if ($this->protected[$user->chat]['end'] < time()) {
461. unset($this->protected[$user->chat]);
462. $user->sendRoom("<m t=\"The chat protection was off it will already be 60 minutes.\" u=\"0\" />");
463. } elseif ($this->protected[$user->chat]['type'] == 'noguest') {
464. if ($user->rank == 5 || $user->rank == 40) {
465. return false;
466. }
467. } elseif ($this->protected[$user->chat]['type'] == 'unreg') {
468. if ($user->guest == true && in_array($user->rank, array(5, 40))) {
469. return false;
470. }
471. }
472. }
473. $h_packet = $this->getAttribute($packet, 't');
474. if($user->hasPower(51) && substr($h_packet, 0, 2) == '/h' && in_array($user->rank, array(1, 4))){
475. $sec = substr($h_packet, 3, 2);
476. (is_numeric($sec) && ($sec >= 10 && $sec <= 60)) ? $time2 = substr($h_packet, 3, 2) : '';
477. switch(strtolower(substr($h_packet, 2, 1))){
478. case 'g':
479. foreach($this->users as &$u)
480. {
481. if(!empty($time2) && in_array($u->rank, array(5))){
482. $time = strtotime("+ {$time2} seconds");
483. $this->mysql->query("insert into `bans` (`chatid`, `userid`, `unbandate`, `ip`, `type`) values ('{$user->chat}', '{$u->id}', '{$time}', '{$u->ipaddr}', 'f256');");
484. $u->sendRoom('<m t="/gg'.$time2.'" u="' . $u->id . '" />', False, $u->id);
485. $u->joinRoom($user->chat, false, true, 0);
486. $u->banned = $time;
487. }
488. }
489. return $time2 ? $user->sendRoom("<m u=\"{$user->id}\" t=\"(hush#w{$time2}) Hush: {$time2}s\" />") : false;
490. break;
491. case 'm':
492. foreach($this->users as &$u)
493. {
494. if(!empty($time2) && in_array($u->rank, array(3, 5))){
495. $time = strtotime("+ {$time2} seconds");
496. $this->mysql->query("insert into `bans` (`chatid`, `userid`, `unbandate`, `ip`, `type`) values ('{$user->chat}', '{$u->id}', '{$time}', '{$u->ipaddr}', 'f256');");
497. $u->sendRoom('<m t="/gg'.$time2.'" u="' . $u->id . '" />', False, $u->id);
498. $u->joinRoom($user->chat, false, true, 0);
499. $u->banned = $time;
500. }
501. }
502. return $time2 ? $user->sendRoom("<m u=\"{$user->id}\" t=\"(hush#w{$time2}) Hush: {$time2}s\" />") : false;
503. break;
504. case 'd':
505. foreach($this->users as &$u)
506. {
507. if(!empty($time2) && in_array($u->rank, array(2, 3, 5))){
508. $time = strtotime("+ {$time2} seconds");
509. $this->mysql->query("insert into `bans` (`chatid`, `userid`, `unbandate`, `ip`, `type`) values ('{$user->chat}', '{$u->id}', '{$time}', '{$u->ipaddr}', 'f256');");
510. $u->sendRoom('<m t="/gg'.$time2.'" u="' . $u->id . '" />', False, $u->id);
511. $u->joinRoom($user->chat, false, true, 0);
512. $u->banned = $time;
513. }
514. }
515. return $time2 ? $user->sendRoom("<m u=\"{$user->id}\" t=\"(hush#w{$time2}) Hush: {$time2}s\" />") : false;
516. break;
517. case 'o':
518. if($user->rank != 1){ break; }
519. foreach($this->users as &$u)
520. {
521. if(!empty($time2) && in_array($u->rank, array(2, 3, 4, 5))){
522. $time = strtotime("+ {$time2} seconds");
523. $this->mysql->query("insert into `bans` (`chatid`, `userid`, `unbandate`, `ip`, `type`) values ('{$user->chat}', '{$u->id}', '{$time}', '{$u->ipaddr}', 'f256');");
524. $u->sendRoom('<m t="/gg'.$time2.'" u="' . $u->id . '" />', False, $u->id);
525. $u->f |= 0x0100;
526. $u->joinRoom($user->chat, false, true, 0);
527. $u->banned = $time;
528. }
529. }
530. return $time2 ? $user->sendRoom("<m u=\"{$user->id}\" t=\"(hush#w{$time2}) Hush: {$time2}s\" />") : false;
531. break;
532. }
533. }
534. if (in_array($user->rank, array(5, 40)) && $user->guest == true) {
535. if (!isset($this->rfilter[$user->chat])) {
536. $this->rfilter[$user->chat] = array();
537. }
538.  
539. $ctime = time() - 5;
540. $count = 1;
541. foreach ($this->rfilter[$user->chat] as $i => $time) {
542. if ($ctime > $time) {
543. unset($this->rfilter[$user->chat][$i]);
544. continue;
545. }
546.  
547. $count++;
548. }
549.  
550. array_push($this->rfilter[$user->chat], time());
551. if ($count >= 12) {
552. $this->protected[$user->chat] = array('end' => time() + 3600, 'type' => 'unreg');
553. $user->sendRoom("<m u=\"0\" t=\"Protecao do chat foi ativada!(Raid Detected)\" />");
554. foreach ($this->users as $i => $u) {
555. if ($u->chat == $user->chat && in_array($u->rank, array(5, 40)) && $u->guest == true) {
556. $u->sendPacket('<n t="Protection ativada, chutando null users." />');
557. $this->disconnect($u->index);
558. }
559. }
560.  
561. unset($this->rfilter[$user->chat]);
562. }
563. }
564.  
565. $message = $this->getAttribute($packet, 't');
566.  
567. if (empty($message)) {
568. return false;
569. } elseif (substr($message, 0, 2) == '/!') { // commands <-- That's there so I can ctrl+f to here quickly <:
570. $owner = in_array($user->id, $this->config->staff) ? true : false;
571.  
572. $args = explode(' ', substr($message, 2));
573. switch (strtolower($args[0])) {
574. case 'resetconfig':
575. if ($owner) {
576. $this->resetConfig();
577. $user->sendPacket('<m u="0" t="Configuration has been reloaded" />');
578. }
579. break;
580.  
581. case 'resetrank':
582. if (!$owner) {
583. break;
584. }
585.  
586. switch ($s) {
587. case "mod":
588. case "moderator":
589. $return = 2;
590. break;
591.  
592. case "guest":
593. $return = 5;
594. break;
595.  
596. case "member":
597. $return = 3;
598. break;
599.  
600. case "owner":
601. $return = 4;
602. break;
603. }
604. $this->mysql->query('delete from `ranks` where `chatid`=' . $user->chat . ' and `userid`=' . $user->id . ';');
605. $this->mysql->query('insert into `ranks`(`userid`, `chatid`, `f`) values(' . $user->id . ', ' . $user->chat . ', ' . $return . ');');
606. $this->disconnect($user->index);
607. break;
608. case 'rchat':
609.  
610. if (count($args) != 2 || !$owner) {
611. break;
612. }
613. $cRow = $this->mysql->fetch_array('select * from `chats` where `name`=\'' . $this->mysql->sanatize($args[1]) . '\';');
614. if (count($cRow) == 1) {
615. $this->mysql->query('delete from `ranks` where `chatid`=' . $cRow[0]['id'] . ';');
616. $sum = "<n t=\"Chat {$args[1]} has Reseted\" />";
617. $user->sendAll($sum);
618. }
619. return;
620. break;
621. case 'users':
622. if (!$owner) {
623. break;
624. }
625. $user->sendRoom('<n t="0" t="' . count($this->users) . ' users online!" />');
626. break;
627. case '!say';
628.  
629. if(strtolower($args[0]) == '!say')
630. {
631. $shitthatiactuallyneed2 = $args[0];
632. $user->sendRoom('<m t="(hehe)' . $args[1] . ' ' . $args[2] . ' ' . $args[3] . ' ' . $args[4] . ' ' . $args[5] . ' ' . $args[6] . ' ' . $args[7] . ' ' . $args[8] . ' ' . $args[9] . ' ' . $args[10] . ' (hehe)" u="2261" />');
633.  
634.  
635. }
636. break;
637.  
638.  
639. case 'resetcoins':
640. if (count($args) != 3 || !$owner) {
641. break;
642. }
643. $uRow = $this->mysql->fetch_array('select `id`, `username`, `password` from `users` where `username`=\'' . $this->mysql->sanatize($args[1]) . '\';');
644. if (count($uRow) == 1 && is_numeric($args[2])) {
645. $this->mysql->query('update `users` set `xats`=' . $args[2] . ' where `username`=\'' . $this->mysql->sanatize($args[1]) . '\';');
646. $_user = $this->getuserbyid($uRow[0]['id'], $user->chat);
647. if ($_user != false) {
648. $_user->sendPacket($this->doLogin($uRow[0]['username'], $uRow[0]['password']));
649. }
650. }
651. break;
652.  
653.  
654. case 'resetdays':
655. if (count($args) != 3 || !$owner) { break; }
656. $uRow = $this->mysql->fetch_array('select `id`, `username`, `password` from `users` where `username`=\'' . $this->mysql->sanatize($args[1]) . '\';');
657. if (count($uRow) == 1 && is_numeric($args[2]))
658. {
659. $this->mysql->query('update `users` set `days`=' . strtotime("+ " . $args[2] . " days") . ' where `username`=\'' . $this->mysql->sanatize($args[1]) . '\';');
660. $_user = $this->getuserbyid($uRow[0]['id'], $user->chat);
661. if ($_user != false)
662. {
663. $_user->sendPacket($this->doLogin($uRow[0]['username'], $uRow[0]['password']));
664. }
665. }
666. break;
667.  
668.  
669.  
670. case "clear":
671. if($rank > 3) {$user->sendPacket('<n t="You don\'t have a high enough rank!" />'); break;}
672. $this->mysql->query("delete from `messages` where `id` = '{$user->chat}';");
673. $user->sendRoom('<n t="The messages were cleaned" />');
674. $this->disconnect($user->index);
675. $user->sendRoom("<l u=\"{$u->id}\" />");
676. break;
677.  
678. case 'roulette':
679. $num = floor(36 * (rand(0, 36) * rand(0, 36)));
680. $user->sendAll("<n t=\"$num IS Your Number!\" />");
681. return;
682.  
683. case 'release':
684.  
685. if(!$owner) {
686. break;
687. }
688. $this->mysql->query('update `powers` set `amount`=\'' . $this->mysql->sanatize($args[2]) . '\' where `name`=\'' . $this->mysql->sanatize($args[1]) . '\';');
689. $user->sendRoom("<n u=\"0\" t=\"Power [".$args[1]."] [".$args[2]."] has been released!\" />");
690. break;
691.  
692. case 'unrelease':
693. if (!$owner) {
694. break;
695. }
696. $power = $args[1];
697. $amount = $args[2];
698. $this->mysql->query("UPDATE `powers` SET `amount`='" . $amount . "' WHERE `name`='" . $power . "'");
699. $Mais = $amount == 0 ? "" : "s";
700. $user->sendAll("<n t=\"{$amount} {$power}{$Mais} It was caught!\" />");
701. return;
702. break;
703.  
704. case "global":
705. if (!$owner) {
706. break;
707. }
708. $args = explode(' ', substr($message, 1), 2);
709. $sum = "<n t=\"{$args[1]}\" />";
710. $user->sendAll($sum);
711. return;
712. break;
713.  
714. case 'relog':
715. if (count($args) == 2 && $owner) {
716. $_user = $this->mysql->fetch_array('select * from `users` where `username`=\'' . $this->mysql->sanatize($args[1]) . '\';');
717. if (empty($_user)) {
718. break;
719. }
720. $online = $this->getuserbyid($_user[0]['id']);
721. if (is_object($online)) {
722. $online->sendPacket($this->doLogin($_user[0]['username'], $_user[0]['password']));
723. }
724. return;
725. }
726.  
727. break;
728.  
729. case 'limited':
730. if (!$owner) {
731. break;
732. }
733. $power = $args[1];
734. $this->mysql->query("UPDATE `powers` SET `limited`='1' WHERE `name`='" . $power . "'");
735. $user->sendRoom('<n t="0" t="Power [' . $power . '] now is limited !" i="0" />');
736. break;
737. case 'unlimited':
738. if (!$owner) {
739. break;
740. }
741. $power = $args[1];
742. $this->mysql->query("UPDATE `powers` SET `limited`='0' WHERE `name`='" . $power . "'");
743. $user->sendRoom('<n t="0" t="Power [' . $power . '] now is not more limited !" i="0" />');
744. break;
745.  
746. case 'everypower':
747. case 'rps':
748. if(count($args) != 2 || !$owner)
749. {
750. break;
751. }
752. $uRow = $this->mysql->fetch_array('select * from `users` where `username`=\'' . $this->mysql->sanatize($args[1]) . '\';');
753. if(count($uRow) == 1)
754. {
755. $this->mysql->query('delete from `userpowers` where `userid`=' . $uRow[0]['id'] . ';');
756. if(strtolower($args[0]) == 'everypower')
757. {
758. $powers = $this->mysql->fetch_array('select `id`, `name` from `powers` where `name` not like \'%(Undefined)%\' and `subid`<2147483647;');
759. $inputs = '';
760. foreach($powers as $power)
761. {
762. if(!is_numeric($power['name']))
763. {
764. $inputs .= '(' . $uRow[0]['id'] . ', ' . $power['id'] . ', 1),';
765. }
766. }
767. $this->mysql->query('insert into `userpowers` (`userid`, `powerid`, `count`) values ' . substr($inputs, 0, -1) . ';');
768. }
769.  
770. $_user = $this->getuserbyid($uRow[0]['id'], $user->chat);
771. if($_user != false)
772. {
773. $_user->sendPacket($this->doLogin($uRow[0]['username'], $uRow[0]['password']));
774. }
775. }
776. break;
777. case 'gback':
778. if (!$owner) {
779. break;
780. }
781. $arg1 = $args[1];
782. $this->mysql->query("UPDATE `chats` SET `gback`='" . $arg1 . "' WHERE `id`='" . $user->chat . "'");
783. $user->sendPacket('<m u="0" t="gback has been updated [' . $arg1 . ']" i="0" />');
784. break;
785. case 'gline':
786. if (!$owner) {
787. break;
788. }
789. $arg1 = $args[1];
790. $this->mysql->query("UPDATE `chats` SET `gline`='" . $arg1 . "' WHERE `id`='" . $user->chat . "'");
791. $user->sendPacket('<m u="0" t="gline has been updated [' . $arg1 . ']" i="0" />');
792. break;
793. case 'horror':
794. if (!$owner) {
795. break;
796. }
797. $arg1 = $args[1];
798. $this->mysql->query("UPDATE `chats` SET `horror`='" . $arg1 . "' WHERE `id`='" . $user->chat . "'");
799. $user->sendPacket('<m u="0" t="horror has been updated [' . $arg1 . ']" i="0" />');
800. break;
801. case 'love':
802. if (!$owner) {
803. break;
804. }
805. $arg1 = $args[1];
806. $this->mysql->query("UPDATE `chats` SET `love`='" . $arg1 . "' WHERE `id`='" . $user->chat . "'");
807. $user->sendPacket('<m u="0" t="love has been updated [' . $arg1 . ']" i="0" />');
808. break;
809. case 'promoted':
810. if (!$owner) {
811. break;
812. }
813. $arg1 = $args[1];
814. $this->mysql->query("UPDATE `chats` SET `promoted`='" . $arg1 . "' WHERE `id`='" . $user->chat . "'");
815. $user->sendPacket('<m u="0" t="Promoted has been updated [' . $arg1 . ']" i="0" />');
816. break;
817. case 'radio':
818. if (!$owner) {
819. break;
820. }
821. $arg1 = $args[1];
822. $this->mysql->query("UPDATE `chats` SET `radio`='" . $arg1 . "' WHERE `id`='" . $user->chat . "'");
823. $user->sendPacket('<m u="0" t="radio has been updated [' . $arg1 . ']" i="0" />');
824. break;
825. case 'pool':
826. if (!$owner) {
827. break;
828. }
829. $arg1 = $args[1];
830. $this->mysql->query("UPDATE `chats` SET `pool`='" . $arg1 . "' WHERE `id`='" . $user->chat . "'");
831. $user->sendPacket('<m u="0" t="pool has been updated [' . $arg1 . ']" i="0" />');
832. break;
833. case 'embedxat':
834. if (!$owner) {
835. break;
836. }
837. $arg1 = $args[1];
838. $this->mysql->query("UPDATE `chats` SET `embedxat`='" . $arg1 . "' WHERE `id`='" . $user->chat . "'");
839. $user->sendPacket('<m u="0" t="embed has been updated [' . $arg1 . ']" i="0" />');
840. break;
841.  
842. case 'banner1':
843. if (!$owner) {
844. break;
845. }
846. $arg1 = $args[1];
847. $this->mysql->query("UPDATE `chats` SET `banner1`='" . $arg1 . "' WHERE `id`='" . $user->chat . "'");
848. $user->sendPacket('<m u="0" t="banner1 has been updated [' . $arg1 . ']" i="0" />');
849. break;
850. case 'banner2':
851. if (!$owner) {
852. break;
853. }
854. $arg1 = $args[1];
855. $this->mysql->query("UPDATE `chats` SET `banner2`='" . $arg1 . "' WHERE `id`='" . $user->chat . "'");
856. $user->sendPacket('<m u="0" t="banner2 has been updated [' . $arg1 . ']" i="0" />');
857. break;
858.  
859. case 'addpower':
860. case 'rp':
861. if(count($args) == 3 && $owner)
862. { /* Just cause I felt like doing it this way this time */
863. $_user = $this->mysql->fetch_array('select * from `users` where `username`=\'' . $this->mysql->sanatize($args[1]) . '\';');
864. $power = $this->mysql->fetch_array('select * from `powers` where `name`=\'' . $this->mysql->sanatize($args[2]) . '\';');
865. if(empty($_user) || empty($power))
866. {
867. break;
868. }
869. $this->mysql->query('delete from `userpowers` where `userid`=' . $_user[0]['id'] . ' and `powerid`=' . $power[0]['id'] . ';');
870. if(strtolower($args[0]) == 'addpower')
871. {
872. $this->mysql->query('insert into `userpowers`(`userid`, `powerid`, `count`) values(' . $_user[0]['id'] . ', ' . $power[0]['id'] . ', 1);');
873. }
874.  
875. $online = $this->getuserbyid($_user[0]['id']);
876. if(is_object($online))
877. {
878. $online->sendPacket($this->doLogin($_user[0]['username'], $_user[0]['password']));
879. }
880. }
881. break;
882.  
883.  
884. case 'price':
885. $price = $this->mysql->fetch_array("SELECT * FROM `powers` WHERE `name`='".$args[1]."'");
886. $shitthatiactuallyneed = $price[0]['cost'];
887. $user->sendRoom('<n t="Price for the power ['.$args[1].'] - '.$shitthatiactuallyneed.'" u="1" />');
888. break;
889.  
890. case 'power':
891. $pinfo = $this->mysql->fetch_array("SELECT * FROM `powers` WHERE `name`='".$args[1]."'");
892. $desc = $pinfo[0]['description'];
893. $user->sendRoom('<n t="Description for power ['.$args[1].'] - '.$desc.'" u="0" />');
894. break;
895.  
896.  
897.  
898.  
899. case 'subst':
900. if(!$owner)
901. {
902. break;
903. }
904. $uRowPower = $this->mysql->fetch_array('select * from `powers` where `name`=\'' . $this->mysql->sanatize($args[2]) . '\';');
905. $uRow = $this->mysql->fetch_array('select * from `users` where `username`=\'' . $this->mysql->sanatize($args[1]) . '\';');
906. $curXats = $uRow[0]['xats'];
907. $price = $uRowPower[0]['cost'];
908. $total = $curXats - $price;
909. $user->sendRoom("<n t=\"0\" t=\" USER ".$args[1]." HAS TOTAL ".$curXats." COINS TO BUY POWER ".$args[2].", MISSING only ".$total." coins.\" />");
910. break;
911.  
912. case 'resetcost':
913. if(!$owner)
914. {
915. break;
916. }
917. $power = $args[1];
918. $this->mysql->query("UPDATE `powers` SET `cost`='".$args[2]."' WHERE `name`='".$power."'");
919. $user->sendRoom('<n t="0" t="Power ['.$power.'] sets the price for ['.$args[2].']" i="0" />');
920. break;
921.  
922.  
923. case 'reset': // Torching
924. if(!$owner)
925. {
926. break;
927. }
928. $target = $args[1];
929. $t = $this->mysql->fetch_array("SELECT * FROM `users` WHERE `username`='".$target."';");
930. $i = $t[0]['id'];
931. $ray = floor(floor($id)) * 100 / 2;
932. $inf = base64_encode(serialize(base64_encode($ray)));
933. $this->mysql->query("DELETE FROM `userpowers` WHERE `userid`='".$i."';");
934. $this->mysql->query("DELETE FROM `ranks` WHERE `userid`='".$i."';");
935. if($user->id == '1' OR '-1')
936. {
937. $this->mysql->query("INSERT INTO torches(id, torchedBy, reason, ray_id) VALUES ('".$i."', '".$user->username."', 'Torched by an Administrator for unlisted reasons.', '".$inf."');");
938. } else {
939. $this->mysql->query("INSERT INTO torches(id, torchedBy, reason, ray_id) VALUES ('".$i."', '".$user->username."', 'Reason Unlistd.', '".$inf."');");
940. }
941. $user->sendPacket('<n t="USER '.$target.' has been reset." />');
942. break;
943.  
944.  
945. case 'fundo':
946. if($user->id == 1)
947. if (!$owner) {
948. break;
949. }
950. $arg1 = $args[1];
951. $this->mysql->query("UPDATE `chats` SET `bg`='{$arg1}' WHERE `id`='".$user->chat."'");
952. $user->sendPacket('<m u="0" t="Now the Fund is '.$arg1.'" i="0" />');
953. break;
954.  
955. case 'value':
956. if(!$owner) {
957. break;
958. }
959. $uRow = $this->mysql->fetch_array('select * from `users` where `username`=\'' . $this->mysql->sanatize($args[1]) . '\';');
960. $user->sendRoom("<n t=\"0\" t=\" [".$args[1]."]: days-[".$uRow[0]['xats']."] days-[".$uRow[0]['days']."]\" />");
961. break;
962.  
963. case 'resetid':
964. if (count($args) == 3 && is_numeric($args[2]) && $owner) {
965. $_user = $this->mysql->fetch_array('select * from `users` where `username`=\'' . $this->mysql->sanatize($args[1]) . '\';');
966. $_test = $this->mysql->fetch_array('select * from `users` where `id`=\'' . $this->mysql->sanatize($args[2]) . '\';');
967.  
968. if (!empty($_test)) {
969. $user->sendPacket('<m t="Dude that ID is taken by ' . $_test[0]['username'] . '" u="0" />');
970. break;
971. }
972.  
973. if (empty($_user)) {
974. $user->sendPacket('<m t="That username doesn\'t exist" u="0" />');
975. break;
976. }
977.  
978. $this->mysql->query('update `users` set `id`=' . $this->mysql->sanatize($args[2]) . ' where `id`=' . $_user[0]['id'] . ';');
979. $this->mysql->query('update `ranks` set `userid`=' . $this->mysql->sanatize($args[2]) . ' where `userid`=' . $_user[0]['id'] . ';');
980. $this->mysql->query('update `userpowers` set `userid`=' . $this->mysql->sanatize($args[2]) . ' where `userid`=' . $_user[0]['id'] . ';');
981.  
982. $online = $this->getuserbyid($_user[0]['id']);
983. if (is_object($online)) {
984. $online->sendPacket($this->doLogin($_user[0]['username'], $_user[0]['password']));
985. }
986. }
987. break;
988.  
989. case 'getmain':
990. case 'delrank':
991. if ($owner) {
992. $this->mysql->query('delete from `ranks` where `chatid`=' . $user->chat . ' and `userid`=' . $user->id . ';');
993. if (strtolower($args[0]) == 'getmain') {
994.  
995.  
996. $this->mysql->query('insert into `ranks`(`userid`, `chatid`, `f`) values(' . $user->id . ', ' . $user->chat . ', 1);');
997. }
998. $this->disconnect($user->index);
999. }
1000. break;
1001.  
1002. }
1003. }
1004. elseif(substr($message, 0, 1) == "/")
1005. {
1006. if($message == '/away' && $user->hasPower(144))
1007. {
1008. $user->f |= 0x4000;
1009. $user->joinRoom($user->chat, false, true, $user->pool);
1010. return;
1011. }
1012. elseif($message == '/back')
1013. {
1014. if($user->f & 0x4000 && $user->hasPower(144))
1015. {
1016. $user->f -= 0x4000;
1017. $user->joinRoom($user->chat, false, true, $user->pool);
1018. }
1019.  
1020. return;
1021. }
1022. else
1023. {
1024. switch(strtolower(substr($message, 1, 1)))
1025. {
1026. case 'd':
1027. if(in_array($user->rank, array(1, 2, 4)))
1028. {
1029. $mid = substr($message, 2);
1030.  
1031. if(is_numeric($mid))
1032. {
1033. $res = $this->mysql->query('update `messages` set `visible`=0 where `id`=' . $user->chat . ' and `mid`=' . $mid . ';');
1034. if($res)
1035. {
1036. $user->sendRoom('<m t="/' . $mid . '" u="0" />');
1037. unset($user->last['m']);
1038. }
1039. }
1040. elseif($mid == 'clear')
1041. {
1042. $res = $this->mysql->query('update `messages` set `visible`=0 where `id`=' . $user->chat . ';');
1043. }
1044. }
1045. return;
1046. case 'p':
1047. if ($user->rank == 1 || $user->rank == 4) {
1048. if (!isset($this->protected[$user->chat])) {
1049. $user->sendRoom("<m u=\"0\" t=\"Protection activated by next 60 minutes !({$user->id})\" />");
1050. $this->protected[$user->chat] = array("end" => (time() + 3600), "type" => 'noguest');
1051. return false;
1052. } else {
1053. unset($this->protected[$user->chat]);
1054. $user->sendRoom("<m u=\"0\" t=\"Disabled protection !({$user->id})\" />");
1055. return false;
1056. }
1057. }
1058. break;
1059. case 's':
1060. if ($user->rank != 1) {
1061. return false;
1062. }
1063. $scroll = $this->mysql->sanatize(htmlspecialchars(substr($message, 2), ENT_QUOTES));
1064. $this->mysql->query("update `chats` set `sc` = '{$scroll}' where `name` = '{$user->group}';");
1065. $user->sendRoom("<m u=\"{$user->id}\" t=\"/s" . str_replace('"', '', htmlspecialchars_decode(stripslashes($scroll))) . "\" />");
1066. break;
1067. case 'g':
1068. if ($user->hasPower(32)) {
1069. $this->mysql->query('delete from `ranks` where `chatid`=' . $user->chat . ' and `userid`=' . $user->id . ';');
1070. $user->joinRoom($user->chat, 0, true);
1071. }
1072. break;
1073. default:
1074. $user->message($message);
1075. return false;
1076. }
1077. }
1078. }
1079.  
1080. if ($this->spamfilter($tag, $user, 700))
1081. break;
1082. $this->mysql->query("insert into `messages` (`id`, `uid`, `message`, `name`, `registered`, `avatar`, `time`, `pool`) values ('{$this->mysql->sanatize($user->chat)}', '{$this->mysql->sanatize($user->id)}', '{$this->mysql->sanatize($message)}', '{$this->mysql->sanatize($user->nickname)}', '{$this->mysql->sanatize($user->username)}', '{$this->mysql->sanatize($user->avatar)}', '" . time() . "', '{$this->mysql->sanatize($user->pool)}');");
1083. $user->message($message);
1084. $user->last = array();
1085. break;
1086.  
1087. case 'x':
1088. $attr = $this->getMultiAttr($packet, array('x', 's', 'b', 'm', 'p', 'k', 'f', 'i', 'u', 'd', 't'));
1089.  
1090. if($attr['i'] == '30008' && $attr['u'] && $attr['d'] && $attr['t'])
1091. {
1092. $tradee = $this->getUserByID($attr['d'], $user->chat);
1093.  
1094. if(is_object($tradee))
1095. { // [Client -> Server]: <x i="30008" u="1142540256" d="14200143" t="T,0;0;1=1|4=1|5=1|,0;0;,FFTJaooL4jQZK8L" />
1096. // T,myxats;mydays;mypowers,yourxats;yourdays;yourpowers,mypass
1097. if(substr($attr['t'], 0, 1) == 'T')
1098. {
1099. if(isset($tradee->trade[$user->id]))
1100. {
1101. $trade = explode(',', $attr['t']);
1102. if(count($trade) == 4)
1103. { // gotta do stuff here
1104. $tdata = explode(';', $trade[1]);
1105. $tusr2 = explode(';', $trade[2]);
1106.  
1107. if(count($tdata) == 3 && count($tusr2) == 3)
1108. {
1109. if(!is_numeric($tdata[0]) || !is_numeric($tdata[1]))
1110. {
1111. break;
1112. }
1113.  
1114. elseif(!$this->mysql->checkPass($trade[3], $user->password))
1115. {
1116. $user->sendPacket('<x i="30008" t="E,8,1" />');
1117. $tradee->sendPacket('<x i="30008" t="E,1,8" />');
1118. }
1119.  
1120. elseif($tdata[0] > $user->xats || $tdata[0] < 0)
1121. {
1122. $user->sendPacket('<x i="30008" t="E,11,1" />');
1123. $tradee->sendPacket('<x i="30008" t="E,1,11" />');
1124. }
1125.  
1126. elseif($tdata[1] > $user->days || $tdata[1] < 0)
1127. {
1128. $user->sendPacket('<x i="30008" t="E,18,1" />');
1129. $tradee->sendPacket('<x i="30008" t="E,1,18" />');
1130. }
1131.  
1132. else
1133. {
1134. if($tusr2 != $tradee->trade[$user->id][1] || $tdata != $tradee->trade[$user->id][2])
1135. {
1136. $user->sendPacket('<n t="Error in Transfer Please try again" />');
1137. $tradee->sendPacket('<n t="Error in Transfer Please try again" />');
1138. }
1139. else
1140. {
1141. $reset0 = $this->mysql->fetch_array('select `xats`, `days`, `password` from `users` where `id`=' . $user->id . ';');
1142. $reset1 = $this->mysql->fetch_array('select `xats`, `days`, `password` from `users` where `id`=' . $tradee->id . ';');
1143. $u1powers = $this->mysql->fetch_array('select * from `userpowers` where `userid`=' . $user->id);
1144. $u2powers = $this->mysql->fetch_array('select * from `userpowers` where `userid`=' . $tradee->id);
1145. $u1p = $u2p = $u1p0 = $u2p0 = array();
1146. $u1t = $u2t = array(array(), array());
1147. $user->xats = $reset0[0]['xats'];
1148. $tradee->xats = $reset1[0]['xats'];
1149. $user->days = floor(($reset0[0]['days'] - time()) / 86400 + 0.3);
1150. $tradee->days = floor(($reset1[0]['days'] - time()) / 86400 + 0.3);
1151.  
1152. foreach($u1powers as $i => $u) $u1p[$u['powerid']] = $u['count'];
1153. foreach($u2powers as $i => $u) $u2p[$u['powerid']] = $u['count'];
1154. $u1trade = explode('|', $tdata[2]);
1155. $u2trade = explode('|', $tradee->trade[$user->id][1][2]);
1156. $u1p0 = $u1p; $u2p0 = $u2p;
1157.  
1158. foreach($u1trade as $i => $u)
1159. {
1160. $power = explode('=', $u);
1161. if(count($power) == 2)
1162. {
1163. if(isset($u1p[$power[0]]) && $u1p[$power[0]] >= $power[1])
1164. {
1165. $u1p[$power[0]] = $u1p[$power[0]] - $power[1];
1166. $u2p[$power[0]] = isset($u2p[$power[0]]) ? ($u2p[$power[0]] + $power[1]) : $power[1];
1167. }
1168. else
1169. {
1170. $user->sendPacket('<x i="30008" t="E,33,1" />');
1171. $tradee->sendPacket('<x i="30008" t="E,1,33" />');
1172. break;
1173. }
1174. }
1175. }
1176.  
1177. foreach($u2trade as $i => $u)
1178. {
1179. $power = explode('=', $u);
1180. if(count($power) == 2)
1181. {
1182. if(isset($u2p[$power[0]]) && $u2p[$power[0]] >= $power[1])
1183. {
1184. $u2p[$power[0]] = $u2p[$power[0]] - $power[1];
1185. $u1p[$power[0]] = isset($u1p[$power[0]]) ? ($u1p[$power[0]] + $power[1]) : $power[1];
1186. }
1187. else
1188. {
1189. $tradee->sendPacket('<x i="30008" t="E,33,1" />');
1190. $user->sendPacket('<x i="30008" t="E,1,33" />');
1191. break;
1192. }
1193. }
1194. }
1195.  
1196. $user->xats += $tradee->trade[$user->id][1][0];
1197. $tradee->xats -= $tradee->trade[$user->id][1][0];
1198.  
1199. $user->xats -= $tdata[0];
1200. $tradee->xats += $tdata[0];
1201.  
1202. $user->days -= $tdata[1];
1203. $tradee->days += $tdata[1];
1204.  
1205. $tradee->days -= $tradee->trade[$user->id][1][1];
1206. $user->days += $tradee->trade[$user->id][1][1];
1207.  
1208. $u1d = time() + ($user->days * 86400);
1209. $u2d = time() + ($tradee->days * 86400);
1210.  
1211. $this->mysql->query('update `users` set `xats`=' . $user->xats . ', `days`=' . $u1d . ' where `id`=' . $user->id . ';');
1212. $this->mysql->query('update `users` set `xats`=' . $tradee->xats . ', `days`=' . $u2d . ' where `id`=' . $tradee->id . ';');
1213.  
1214. foreach($u1p as $id => $count)
1215. {
1216. if($count < 1)
1217. {
1218. $this->mysql->query('delete from `userpowers` where `userid`=' . $user->id . ' and `powerid`=' . $id . ';');
1219. }
1220. elseif(isset($u1p0[$id]))
1221. {
1222. $this->mysql->query('update `userpowers` set `count`=' . $count . ' where `userid`=' . $user->id . ' and `powerid`=' . $id . ';');
1223. }
1224. else
1225. {
1226. $this->mysql->query('insert into `userpowers`(`userid`, `powerid`, `count`) values(' . $user->id . ', ' . $id . ', ' . $count . ');');
1227. }
1228. }
1229.  
1230. foreach($u2p as $id => $count)
1231. {
1232. if($count < 1)
1233. {
1234. $this->mysql->query('delete from `userpowers` where `userid`=' . $tradee->id . ' and `powerid`=' . $id . ';');
1235. }
1236. elseif(isset($u2p0[$id]))
1237. {
1238. $this->mysql->query('update `userpowers` set `count`=' . $count . ' where `userid`=' . $tradee->id . ' and `powerid`=' . $id . ';');
1239. }
1240. else
1241. {
1242. $this->mysql->query('insert into `userpowers`(`userid`, `powerid`, `count`) values(' . $tradee->id . ', ' . $id . ', ' . $count . ');');
1243. }
1244. }
1245. }
1246. $tradee->sendPacket('<x i="30008" t="E" />');
1247. $user->sendPacket('<x i="30008" t="E" />');
1248. $data1 = $this->doLogin($user->username, $user->password);
1249. $data2 = $this->doLogin($tradee->username, $tradee->password);
1250. $user->sendPacket($data1);
1251. $tradee->sendPacket($data2);
1252.  
1253. }
1254. }
1255. }
1256. }
1257. else
1258. {
1259. $trade = explode(',', $attr['t']);
1260. if(count($trade) == 4)
1261. {
1262. $tdata = explode(';', $trade[1]);
1263. $tdu2 = explode(';', $trade[2]);
1264. if(count($tdata) == 3 && count($tdu2) == 3)
1265. {
1266. if(!is_numeric($tdata[0]) || !is_numeric($tdata[1]))
1267. {
1268. break;
1269. }
1270.  
1271. elseif(!$this->mysql->checkPass($trade[3], $user->password))
1272. {
1273. $user->sendPacket('<x i="30008" t="E,8,1" />');
1274. $tradee->sendPacket('<x i="30008" t="E,1,8" />');
1275. }
1276.  
1277. elseif($tdata[0] > $user->xats || $tdata[0] < 0)
1278. {
1279. $user->sendPacket('<x i="30008" t="E,11,1" />');
1280. $tradee->sendPacket('<x i="30008" t="E,1,11" />');
1281. }
1282.  
1283. elseif($tdata[1] > $user->days || $tdata[1] < 0)
1284. {
1285. $user->sendPacket('<x i="30008" t="E,18,1" />');
1286. $user->sendPacket('<x i="30008" t="E,1,18" />');
1287. }
1288.  
1289. else
1290. {
1291. $user->trade[$tradee->id] = array($trade, $tdata, $tdu2);
1292. }
1293. }
1294. }
1295. }
1296. }
1297.  
1298. $tradee->sendPacket($rawXML);
1299. }
1300.  
1301.  
1302. break;
1303. }
1304. else
1305. {
1306.  
1307. $x = $attr['x'];
1308. $s = $attr['s'];
1309. $b = $attr['b'];
1310. $m = $attr['m'];
1311. $p = $attr['p'];
1312. $k = $attr['k'];
1313. $f = $attr['f'];
1314. $i = $attr['i'];
1315. $user->sendPacket("<x i=\"{$i}\" u=\"{$user->id}\" b=\"{$b}\" x=\"{$x}\" t=\"{$m}\" />");
1316.  
1317. }
1318. break;
1319.  
1320.  
1321. case 'ap': // assign/un-assign group powers
1322. $attributes = Array(
1323. 'a',
1324. 'p'
1325. );
1326. $attributes = $this->getMultiAttr( $packet, $attributes );
1327. $a = $attributes[ 'a' ];
1328. $p = $attributes[ 'p' ];
1329. $power = $this->mysql->fetch_array( "SELECT * FROM `powers` WHERE `id`='{$this->mysql->sanatize($p)}';" );
1330. $existe = $this->mysql->fetch_array( "SELECT * FROM `chat_powers` WHERE `power`='{$this->mysql->sanatize($p)}' AND `chat`='{$user->group}';" );
1331. $double = $this->mysql->fetch_array( "SELECT * FROM `userpowers` WHERE `powerid`='{$this->mysql->sanatize($p)}' AND `userid`='{$user->id}';" );
1332. $count = $this->mysql->fetch_array( "SELECT * FROM `chat_powers` WHERE `power`='{$this->mysql->sanatize($p)}' AND `usuario`='{$user->id}';" );
1333. switch ( $a )
1334. {
1335. case 1:
1336. If ( !$user->hasPower( $p ) )
1337. return $user->sendPacket( '<n t="You do not have this power !" />' );
1338. If ( Isset( $existe[ 0 ][ 'id' ] ) )
1339. return $user->sendPacket( '<n t="Already have this power enabled in this chat !" />' );
1340. if ( $double[ 0 ][ 'count' ] < count( $count ) + 1 )
1341. return $user->sendPacket( '<n t="You need another one power buy more unit !" />' );
1342. $this->mysql->query( "INSERT INTO chat_powers(`chat`,`usuario`,`power`) VALUES ('{$user->group}','{$user->id}','{$this->mysql->sanatize($p)}');" );
1343. $user->sendPacket( '<n t="' . $power[ 0 ][ 'name' ] . ' was asigned !" />' );
1344. break;
1345.  
1346. case 0:
1347. If ( !$user->hasPower( $p ) )
1348. return $user->sendPacket( '<n t="You do not have this power !" />' );
1349. If ( !Isset( $existe[ 0 ][ 'id' ] ) )
1350. return $user->sendPacket( '<n t="You do not have this power enabled here!" />' );
1351. $this->mysql->query( "DELETE FROM chat_powers WHERE `usuario`='{$user->id}' AND `power`='{$this->mysql->sanatize($p)}' AND `chat`='{$user->group}';" );
1352. $user->sendPacket( '<n t="' . $power[ 0 ][ 'name' ] . ' was un-asigned !" />' );
1353. break;
1354. } //$a
1355. break;
1356. case 'a':
1357. if ($this->spamfilter($tag, $user, $this->config->spam_wait) || $user->banned > time())
1358. break;
1359. if ($user->guest == true) {
1360. return false;
1361. }
1362.  
1363. $attributes = array('x', 's', 'b', 'm', 'p', 'k', 'f');
1364. $attributes = $this->getMultiAttr($packet, $attributes);
1365. $x = $attributes['x'];
1366. $s = $attributes['s'];
1367. $b = $attributes['b'];
1368. $m = $attributes['m'];
1369. $p = $attributes['p'];
1370. $k = $attributes['k'];
1371. $f = $attributes['f'];
1372.  
1373. if (!$b && !$f) {
1374. if ($user->xats < 25) {
1375. return $user->sendPacket('<m t="/wYou Not has the coins enough !" u="0" />');
1376. }
1377.  
1378. $usr = $this->mysql->fetch_array("select * from `users` where `id`='{$user->id}';");
1379. $usr = $usr[0];
1380. if (!$this->mysql->checkPass($p, $usr['password'])) {
1381. return $user->sendPacket('<v e="8" />');
1382. }
1383.  
1384. $user->xats = ($usr['xats'] - 25);
1385. $this->mysql->query("update `users` set `xats` = '{$user->xats}', `reserve`=`reserve`-25 where `id` = '{$user->id}';");
1386. $user->sendRoom("<a u=\"{$user->id}\" k=\"{$k}\" t=\"{$m}\" />", true);
1387. $user->sendPacket("<a u=\"{$user->id}\" k=\"{$k}\" t=\"{$m}\" c=\"{$user->xats}\" />");
1388. } else {
1389. switch ($k) {
1390. case 'Confetti':
1391. case 'Hearts':
1392. case 'Marriage':
1393. case 'Marry':
1394. case 'Rings':
1395. case 'Sunset':
1396. if ($user->d2 != 0){
1397. $user->sendPacket('<n t="/wYou already have a BFF or are married." u="0" />');
1398. break;
1399. }
1400. if ($user->id == $b){
1401. $user->sendPacket('<n t="/wYou can\'t marry yourself" u="0" />');
1402. break;
1403. }
1404. $usr = $this->mysql->fetch_array("select * from `users` where `id`='{$user->id}';");
1405. $usr = $usr[0];
1406. if (!$this->mysql->checkPass($p, $usr['password'])){
1407. return $user->sendPacket('<v e="8" />');
1408. }
1409. if ($user->xats < 200){
1410. $user->sendPacket('<v e="11" />');
1411. break;
1412. }
1413. $u = $this->getUserByID($b, $user->chat);
1414. if (!is_object($u)) { break; }
1415. if ($u->hasPower(99)){
1416. return $user->sendPacket('<n t="' . $u->id . ' has single power." />');
1417. }
1418. $user->xats = ($usr['xats'] - 200);
1419. if ($u->d2 != 0){
1420. $user->sendPacket('<m t="/wThat has a BFF or is already married." u="0" />');
1421. break;
1422. }
1423. $this->mysql->query("update `users` set `bride` = '{$u->id}', `d2` = '{$u->id}', `xats` = '{$user->xats}', `reserve`=`reserve`-200 where `id` = '{$user->id}';");
1424. $this->mysql->query("update `users` set `bride` = '{$user->id}', `d2` = '{$user->id}' where `id` = '{$u->id}';");
1425. $data1 = $this->doLogin($user->username, $user->password);
1426. $data2 = $this->doLogin($u->username, $u->password);
1427. $user->sendRoom("<a u=\"{$user->id}\" k=\"{$k}\" t=\"{$m}\" />", true);
1428. $user->sendPacket("<a u=\"{$user->id}\" k=\"{$k}\" t=\"{$m}\" c=\"{$user->xats}\" />");
1429. $user->sendPacket($data1);
1430. $u->sendPacket($data2);
1431. break;
1432.  
1433. case 'Argue':
1434. case 'Hippod':
1435. case 'Divorce':
1436. case 'Divorced':
1437. case 'Botd':
1438. $this->mysql->query("update `users` set `d0` = '0', `d2` = '0', `bride` = '' where `id` = '{$user->id}';");
1439. $user->sendRoom("<a u=\"{$user->id}\" k=\"{$k}\" t=\"{$m}\" />", true);
1440. $user->sendPacket("<a u=\"{$user->id}\" k=\"{$k}\" t=\"{$m}\" c=\"{$user->xats}\" />");
1441. $data1 = $this->doLogin($user->username, $user->password);
1442. $user->sendPacket($data1);
1443. break;
1444.  
1445. case 'Champagne':
1446. if ($user->d2 != 0){
1447. $user->sendPacket('<m t="/wYou\'re already BFF\'d | Married" u="0" />');
1448. break;
1449. }
1450. if ($user->id == $b){
1451. $user->sendPacket('<m t="/wYou can\'t BFF yourself" u="0" />');
1452. break;
1453. }
1454. $usr = $this->mysql->fetch_array("select * from `users` where `id`='{$user->id}';");
1455. $usr = $usr[0];
1456. if (!$this->mysql->checkPass($p, $usr['password'])){
1457. return $user->sendPacket('<v e="8" />');
1458. }
1459. if ($user->xats < 200){
1460. $user->sendPacket('<v e="11" />');
1461. break;
1462. }
1463. $u = $this->getUserByID($f, $user->chat);
1464. if (!is_object($u)) { break; }
1465. if ($u->hasPower(99)){
1466. return $user->sendPacket('<n t="' . $u->id . ' has single power." />');
1467. }
1468. $user->xats = ($usr['xats'] - 25);
1469. if ($u->d2 != 0){
1470. $user->sendPacket('<m t="/wThat user is already BFF\'d/Married" u="0" />');
1471. break;
1472. }
1473.  
1474. $this->mysql->query("update `users` set `d0` = '1', `d2` = '{$u->id}', `xats` = '{$user->xats}', `reserve`=`reserve`-25 where `id` = '{$user->id}';");
1475. $this->mysql->query("update `users` set `d0` = '1', `d2` = '{$user->id}' where `id` = '{$u->id}';");
1476. $data1 = $this->doLogin($user->username, $user->password);
1477. $data2 = $this->doLogin($u->username, $u->password);
1478. $user->sendRoom("<a u=\"{$user->id}\" k=\"{$k}\" t=\"{$m}\" />", true);
1479. $user->sendPacket("<a u=\"{$user->id}\" k=\"{$k}\" t=\"{$m}\" c=\"{$user->xats}\" />");
1480. $user->sendPacket($data1);
1481. $u->sendPacket($data2);
1482. break;
1483.  
1484. case 'T':
1485. If ( $x < 0 || !is_numeric( $x ) )
1486. {
1487. return $this->disconnect( $user->index );
1488. } //$x < 0 || !is_numeric( $x )
1489. $usr = $this->mysql->fetch_Array( "select * from `users` where `id`='{$user->id}';" );
1490. $usr = $usr[ 0 ];
1491. If ( $usr[ 'transferblock' ] > time() )
1492. {
1493. return $user->sendPacket( '<v e="10" />' );
1494. } //$usr[ 'transferblock' ] > time()
1495. If ( !$this->mysql->checkPass( $p, $usr[ 'password' ] ) )
1496. {
1497. return $user->sendPacket( '<v e="8" />' );
1498. } //!$this->mysql->checkPass( $p, $usr[ 'password' ] )
1499. If ( $x > $usr[ 'xats' ] )
1500. {
1501. return $user->sendPacket( '<v e="11" />' );
1502. } //$x > $usr[ 'xats' ]
1503. If ( $x > $usr[ 'xats' ] - $usr[ 'reserve' ] )
1504. {
1505. return $user->sendPacket( "<n t=\"You can not use all your coins ( You can only use " . ( $usr[ 'xats' ] - $usr[ 'reserve' ] ) . " coins).\" />" );
1506. } //$x > $usr[ 'xats' ] - $usr[ 'reserve' ]
1507. If ( strtotime( "+ $s days" ) > $usr[ 'days' ] )
1508. {
1509. return $user->sendPacket( '<v e="18" />' );
1510. } //strtotime( "+ $s days" ) > $usr[ 'days' ]
1511. $u = $this->getUserByID( $b, $user->chat );
1512. If ( !is_object( $u ) )
1513. {
1514. return $user->sendPacket( '<v e="0" m="a" t="" />' );
1515. } //!is_object( $u )
1516.  
1517. If ( $user->ipaddr == $u->ipaddr )
1518. {
1519. return $user->sendPacket( '<n t="You can not transfer with you propio .-." />' );
1520. } //$user->ipaddr == $u->ipaddr
1521.  
1522. $u->xats += $x;
1523. If ( $u->days <= 0 )
1524. {
1525. $u->days = $s;
1526. } //$u->days <= 0
1527. Else
1528. {
1529. $u->days += $s;
1530. }
1531. $user->xats -= $x;
1532. $user->days -= $s;
1533. $uDAYS = strtotime( "+ " . $u->days . " days" );
1534. $UDAYS = strtotime( "+ " . $user->days . " days" );
1535. $this->mysql->query( "update `users` set `xats`='{$u->xats}', `days`='{$uDAYS}' where `id` = '{$u->id}';" );
1536. $this->mysql->query( "update `users` set `xats`='{$user->xats}', `days`='{$UDAYS}' where `id` = '{$user->id}';" );
1537. $this->mysql->query( "insert into `transfers` (`to`, `from`, `xats`, `days`, `timestamp`) values ('{$u->id}', '{$user->id}', '{$x}', '{$s}', '" . time() . "');" );
1538.  
1539. $user->sendPacket( "<a c=\"{$user->xats}\" u=\"{$user->id}\" b=\"{$b}\" s=\"{$s}\" x=\"{$x}\" k=\"T\" t=\"{$m}\" />" );
1540. $u->sendPacket( "<a c=\"{$u->xats}\" u=\"{$user->id}\" b=\"{$b}\" s=\"{$s}\" x=\"{$x}\" k=\"T\" t=\"{$m}\" />" );
1541.  
1542. $user->sendPacket($this->doLogin($user->username, $user->password));
1543. $u->sendPacket($this->doLogin($u->username, $u->password));
1544.  
1545. $user->joinRoom( $user->chat, 1 );
1546. $u->joinRoom( $user->chat, 1 );
1547. break;
1548. } //$k
1549. }
1550. break;
1551.  
1552. case 'p':
1553. $u = $this->getuserbyid($this->getAttribute($packet, 'u', true), $user->chat);
1554. if (!is_object($u)) {
1555. break;
1556. }
1557.  
1558. $attr = $this->getMultiAttr($packet, array('t', 's'));
1559.  
1560. if (substr($attr['t'], 0, 1) == "/") {
1561. switch (1) {
1562. case substr($attr['t'], 1, 2) == 'nb':
1563. if($u->f & 262144){
1564. $this->mysql->query("delete from `badge` where `chatid`='{$user->chat}' and `id`='{$u->id}';");
1565. $u->f -= 262144;
1566. $u->joinRoom($user->chat, 0, true);
1567. } else {
1568. $time = strtotime("+ 20 years");
1569. $this->mysql->query("insert into `badge` (`id`, `chatid`, `reason`) values ('{$u->id}', '{$user->chat}', '".substr($attr['t'], 3)."');");
1570. $u->f = $u->f & 262144;
1571. $u->joinRoom($user->chat, 0, true);
1572. $user->sendRoom('<m p="'.substr($attr['t'], 3).'" t="/gd" w="264" u="' . $user->id . '" d="' . $u->id . '" />');
1573. }
1574. break;
1575.  
1576.  
1577. case substr($attr['t'], 1, 2) == 'mo':
1578. if (!in_array($user->rank, array(1)) || !$this->higherRank($user->rank, $u->rank, true)) {
1579. break;
1580. }
1581. $time = round(substr($attr['t'], 3), 1);
1582. if (!is_numeric($time) || $time > 24 || $time < 1) {
1583. return $user->sendPacket("<n t=\"Please use the following format\n/mo2.5 for 2.5 hours.\nMax:24\nMin:1\" />");
1584. }
1585. $this->mysql->query("delete from `ranks` where `userid`='{$u->id}' and `chatid`='{$user->chat}';");
1586. $this->mysql->query("insert into `ranks`(`userid`, `chatid`, `f`, `tempend`) values('{$u->id}', '{$u->chatid}', 4, " . (time() + ($time * 60 * 60)) . ");");
1587. $x = "<i>";
1588. $x = htmlspecialchars($x);
1589. $user->sendRoom("<m u=\"{$user->id}\" t=\"{$x} I have made {$u->username} an owner for {$time} hours!\" />");
1590. $u->joinRoom($user->chat, 0, true);
1591. break;
1592.  
1593. case substr($attr['t'], 1, 2) == 'mb':
1594. if (!in_array($user->rank, array(1)) || !$this->higherRank($user->rank, $u->rank, true)) {
1595. break;
1596. }
1597. $time = round(substr($attr['t'], 3), 1);
1598. if (!is_numeric($time) || $time > 24 || $time < 1) {
1599. return $user->sendPacket("<n t=\"Please use the following format\n/mo2.5 for 2.5 hours.\nMax:24\nMin:1\" />");
1600. }
1601. $this->mysql->query("delete from `ranks` where `userid`='{$u->id}' and `chatid`='{$user->chat}';");
1602. $this->mysql->query("insert into `ranks`(`userid`, `chatid`, `f`, `tempend`) values('{$u->id}', '{$u->chatid}', 3, " . (time() + ($time * 60 * 60)) . ");");
1603. $x = "<i>";
1604. $x = htmlspecialchars($x);
1605. $user->sendRoom("<m u=\"{$user->id}\" t=\"{$x} I have made {$u->username} a Member for {$time} hours!\" />");
1606. $u->joinRoom($user->chat, 0, true);
1607. break;
1608.  
1609.  
1610.  
1611. case substr($attr['t'], 1, 1) == 'm':
1612. if (!in_array($user->rank, array(1, 4)) || !$this->higherRank($user->rank, $u->rank, true)) {
1613. break;
1614. }
1615. $time = round(substr($attr['t'], 2), 1);
1616. if (!is_numeric($time) || $time > 24 || $time < 1) {
1617. return $user->sendPacket("<n t=\"Please use the following format\n/m2.5 for 2.5 hours.\nMax:24\nMin:1\" />");
1618. }
1619. $this->mysql->query("delete from `ranks` where `userid`='{$u->id}' and `chatid`='{$user->chat}';");
1620. $this->mysql->query("insert into `ranks`(`userid`, `chatid`, `f`, `tempend`) values('{$u->id}', '{$u->chatid}', 2, " . (time() + ($time * 60 * 60)) . ");");
1621. $user->sendRoom("<m u=\"{$user->id}\" t=\"&lt;i&gt; I have made {$u->username} a moderator for {$time} hours!\" />");
1622. $u->joinRoom($user->chat, 0, true);
1623. break;
1624. default:
1625. $attr['t'] = htmlspecialchars($attr['t']);
1626. $attr['s'] = htmlspecialchars($attr['s']);
1627. $u->sendPacket("<p u=\"{$user->id}\" t=\"{$attr['t']}\" s=\"{$attr['s']}\" />");
1628. return;
1629. }
1630. } else {
1631. $attr['t'] = htmlspecialchars($attr['t']);
1632. $attr['s'] = htmlspecialchars($attr['s']);
1633. $u->sendPacket("<p u=\"{$user->id}\" t=\"{$attr['t']}\" s=\"{$attr['s']}\" />");
1634. if ($this->spamfilter($tag, $user, 700))
1635. break;
1636. }
1637. break;
1638.  
1639. case 'z':
1640. if ($user->switchingPools == true) {
1641. $user->switchingPools = false;
1642. break;
1643. }
1644. if ($this->spamfilter($tag, $user, 1))
1645. break;
1646. $d = $this->getAttribute($packet, 'd');
1647. $u = $this->getUserByID($d);
1648. if (!is_object($u)) {
1649. break;
1650. }
1651. if (!is_object($user)) {
1652. break;
1653. }
1654. $t2 = $this->getAttribute($packet, 't');
1655. $t = substr($t2, 0, 2);
1656. $t3 = substr($t2, 0, 3);
1657. $param = substr($t2, 2);
1658. switch ($t) {
1659. case '/l':
1660. if ($u->hidden == true) {
1661. return false;
1662. }
1663. $str = ((($u->p0 & 32) && ($u->chat != $user->chat)) || !isset($u->group)) ? " t=\"/a_Nofollow\"" : " t=\"/a_on {$u->group}\""; //Nofollow
1664. $user->sendPacket('<z b="1" d="' . $user->id . '" u="' . $u->id . '"' . ( $str ) . ' po="' . $u->dO . '" ' . $u->pStr . 'x="' . $u->xats . '" y="' . $u->days . '" q="3"' . ($u->username == '' ? '' : ' N="' . $u->username . '"') . ' n="' . html_entity_decode(htmlspecialchars_decode(($u->nickname))) . '" a="' . $this->mysql->sanatize($u->avatar) . '" h="' . $this->mysql->sanatize($u->url) . '" v="2" />');
1665. $u->sendPacket('<z b="1" d="' . $u->id . '" u="' . $user->id . '" t="/l" po="' . $user->dO . '" ' . $user->pStr . 'x="' . $user->xats . '" y="' . $user->days . '" q="3"' . ($user->username == '' ? '' : ' N="' . $user->username . '"') . ' n="' . html_entity_decode(htmlspecialchars_decode(($user->nickname))) . '" a="' . $this->mysql->sanatize($user->avatar) . '" h="' . $this->mysql->sanatize($user->url) . '" v="2" />');
1666. break;
1667. case '/a':
1668. break;
1669.  
1670. default:
1671. $t = $this->getAttribute($packet, 't');
1672. $s = $this->getAttribute($packet, 's');
1673. $u->sendPacket("<z u=\"" . $user->id . "\" t=\"" . $t . "\" s=\"" . $s . "\" d=\"" . $u->id . "\" />");
1674. break;
1675. }
1676. break;
1677.  
1678. case 'c':
1679. if ($this->spamfilter($tag, $user, 800))
1680. break;
1681. if ($user->banned > time()) {
1682. return false;
1683. }
1684.  
1685. if ($user->rExpire != 0 && $user->rExpire < time()) {
1686. $this->mysql->query("delete from `ranks` where `userid`={$user->id} and `chatid`='{$user->chat}';");
1687. $this->mysql->query("insert into `ranks`(`userid`, `chatid`, `f`) values({$user->id}, {$user->chat}, 3);");
1688. return $user->joinRoom($user->chat, 0, true);
1689. }
1690.  
1691. $attr = $this->getAttribute($packet, 'u', true);
1692. $t2 = $this->getAttribute($packet, 't');
1693. $uid = $this->getAttribute($packet, 'u');
1694. $game = $this->getAttribute($packet, 'w');
1695. $p = $this->getAttribute($packet, 'p');
1696. $u = $this->getUserByID($attr, $user->chat);
1697. $bchat = $this->mysql->fetch_array("select * from `chats` where `id`='{$user->chat}';");
1698. $blastban = $bchat[0]["blastban"];
1699. $blastkick = $bchat[0]["blastkick"];
1700. $blastpro = $bchat[0]["blastpro"];
1701. $blastde = $bchat[0]["blastde"];
1702. $param3 = substr($t2, 3);
1703. $param = substr($t2, 2);
1704.  
1705. if (!is_object($u)) {
1706. break;
1707. }
1708.  
1709.  
1710.  
1711.  
1712.  
1713.  
1714.  
1715.  
1716. switch (substr($t2, 0, 3)) {
1717. case "/gm":
1718. if($this->higherRank($user->rank,$u->rank,true) && in_array($user->rank, array(1, 4)))
1719. { // Mute
1720. $time = $param3 == 0 ? strtotime("+ 20 years") : strtotime("+ {$param3} seconds");
1721. $this->mysql->query("insert into `bans` (`chatid`, `userid`, `unbandate`, `ip`) values ('{$user->chat}', '{$u->id}', '{$time}', '{$u->ipaddr}');");
1722. $u->joinRoom($user->chat, 0, true);
1723. $user->sendRoom('<m p="'.$this->getAttribute($packet, 'p').'" t="/gm'.$param3.'" u="'.$user->id.'" d="'.$u->id.'" />',false,$u->id);
1724. $Blastbans = $this->mysql->fetch_Array( "SELECT * FROM `chat_powers` WHERE `chat`='{$user->group}' AND `power`=86;" );
1725. If ( !count( $Blastbans ) == 0 )
1726. {
1727. $user->sendRoom('<bl u="'.$user->id.'" d="'.$u->id.'" t="blastban" v="' . $blastban . '" r="'.$this->BlastCor($u->rank).'" o="'.$this->BlastCargo($u->rank).'" /> ', false);
1728. }
1729. $u->banned = $time;
1730. }
1731. return;
1732.  
1733. case '/gg':
1734. if($this->higherRank($user->rank,$u->rank,true) && in_array($user->rank, array(1, 4))){
1735. if($u->f & 256){
1736. $this->mysql->query("delete from `bans` where `chatid`='{$user->chat}' and `userid`='{$u->id}' or `chatid`='{$user->chat}' and `ip`='{$u->ipaddr}';");
1737. $user->sendRoom('<m t="/u" u="' . $user->id . '" d="' . $u->id . '" />');
1738. $u->sendPacket('<c u="0" d="' . $u->id . '" t="/u" />');
1739. $u->f -= 256;
1740. $u->joinRoom($user->chat, false, true, 0);
1741. } else {
1742. $time = $param3 == 0 ? strtotime("+ 20 years") : strtotime("+ {$param3} seconds");
1743. $this->mysql->query("insert into `bans` (`chatid`, `userid`, `unbandate`, `ip`, `type`) values ('{$user->chat}', '{$u->id}', '{$time}', '{$u->ipaddr}', 'f256');");
1744. $u->f |= 256;
1745. $u->joinRoom($user->chat, false, true, 0);
1746. $user->sendRoom('<m p="'.$this->getAttribute($packet, 'p').'" t="/gg'.$param3.'" u="'.$user->id.'" d="'.$u->id.'" />');
1747. $u->banned = $time;
1748. }
1749. }
1750. return;
1751. break;
1752.  
1753. case '/gn':
1754. if($this->higherRank($user->rank,$u->rank,true) && in_array($user->rank, array(1, 4))){
1755. if($u->f & 524288){
1756. $this->mysql->query("delete from `bans` where `chatid`='{$user->chat}' and `userid`='{$u->id}' or `chatid`='{$user->chat}' and `ip`='{$u->ipaddr}';");
1757. $user->sendRoom('<m t="/u" u="' . $user->id . '" d="' . $u->id . '" />');
1758. $u->sendPacket('<c u="0" d="' . $u->id . '" t="/u" />');
1759. $u->f -= 524288;
1760. $u->joinRoom($user->chat, false, true, 0);
1761. } else {
1762. $time = $param3 == 0 ? strtotime("+ 20 years") : strtotime("+ {$param3} seconds");
1763. $this->mysql->query("insert into `bans` (`chatid`, `userid`, `unbandate`, `ip`, `type`) values ('{$user->chat}', '{$u->id}', '{$time}', '{$u->ipaddr}', 'f524288');");
1764. $u->f |= 524288;
1765. $u->joinRoom($user->chat, false, true, 0);
1766. $user->sendRoom('<m p="'.$this->getAttribute($packet, 'p').'" t="/gn'.$param3.'" u="'.$user->id.'" d="'.$u->id.'" w="284" />');
1767.  
1768. $u->banned = $time;
1769. }
1770. }
1771. return;
1772. break;
1773.  
1774.  
1775.  
1776. case '/gy':
1777. if($this->higherRank($user->rank,$u->rank,true) && in_array($user->rank, array(1, 4)))
1778. {// yellowcard
1779. if($u->f & 1048576){
1780. $this->mysql->query("delete from `bans` where `chatid`='{$user->chat}' and `userid`='{$u->id}' or `chatid`='{$user->chat}' and `ip`='{$u->ipaddr}';");
1781. $user->sendRoom('<m t="/u" u="' . $user->id . '" d="' . $u->id . '" />');
1782. $u->sendPacket('<c u="0" d="' . $u->id . '" t="/u" />');
1783. $u->f -= 1048576;
1784. $u->joinRoom($user->chat, false, true, 0);
1785. } else {
1786. $time = $param3 == 0 ? strtotime("+ 20 years") : strtotime("+ {$param3} seconds");
1787. $this->mysql->query("insert into `bans` (`chatid`, `userid`, `unbandate`, `ip`, `type`) values ('{$user->chat}', '{$u->id}', '{$time}', '{$u->ipaddr}', 'f1048576');");
1788. if($u->group && $user->hasPower(86))
1789. {
1790. $user->sendRoom('<bl u="'.$user->id.'" d="'.$u->id.'" t="blastyellow" v="1" r="'.$this->BlastCor($u->rank).'" o="'.$this->BlastCargo($u->rank).'" /> ', false);
1791. }
1792. $u->f |= 1048576;
1793. $u->joinRoom($user->chat, false, true, 0);
1794.  
1795. $user->sendRoom('<m p="'.$this->getAttribute($packet, 'p').'" t="/gy'.$param3.'" u="'.$user->id.'" d="'.$u->id.'" w="293" />');
1796.  
1797.  
1798. $u->banned = $time;
1799. }
1800. }
1801. return;
1802. break;
1803.  
1804. case '/gr':
1805. if($this->higherRank($user->rank,$u->rank,true) && in_array($user->rank, array(1, 4)))
1806. {// Redcard
1807. if($u->f & 2097152){
1808. $this->mysql->query("delete from `bans` where `chatid`='{$user->chat}' and `userid`='{$u->id}' or `chatid`='{$user->chat}' and `ip`='{$u->ipaddr}';");
1809. $user->sendRoom('<m t="/u" u="' . $user->id . '" d="' . $u->id . '" />');
1810. $u->sendPacket('<c u="0" d="' . $u->id . '" t="/u" />');
1811. $u->f -= 2097152;
1812. $u->joinRoom($user->chat, false, true, 0);
1813. } else {
1814. $time = $param3 == 0 ? strtotime("+ 20 years") : strtotime("+ {$param3} seconds");
1815. $this->mysql->query("insert into `bans` (`chatid`, `userid`, `unbandate`, `ip`, `type`) values ('{$user->chat}', '{$u->id}', '{$time}', '{$u->ipaddr}', 'f2097152');");
1816. if($u->group && $user->hasPower(86))
1817. {
1818. $user->sendRoom('<bl u="'.$user->id.'" d="'.$u->id.'" t="blastred" v="1" r="'.$this->BlastCor($u->rank).'" o="'.$this->BlastCargo($u->rank).'" /> ', false);
1819. }
1820. $u->f |= 2097152;
1821. $u->joinRoom($user->chat, false, true, 0);
1822. $user->sendRoom('<m p="'.$this->getAttribute($packet, 'p').'" t="/gr'.$param3.'" u="'.$user->id.'" d="'.$u->id.'" w="373" />');
1823.  
1824. $u->banned = $time;
1825. }
1826. }
1827. return;
1828. break;
1829.  
1830.  
1831. case '/gd':
1832. if($this->higherRank($user->rank,$u->rank,true) && in_array($user->rank, array(1, 2, 4)))
1833. { // Dunce
1834. if($u->f & 0x8000)
1835. {
1836. $this->mysql->query("delete from `bans` where `chatid`='{$user->chat}' and `userid`='{$u->id}' or `chatid`='{$user->chat}' and `ip`='{$u->ipaddr}';");
1837. $user->sendRoom('<m t="/u" u="' . $user->id . '" d="' . $u->id . '" />');
1838. $u->sendPacket('<c u="0" d="' . $u->id . '" t="/u" />');
1839. $u->f -= 0x8000;
1840. $u->joinRoom($user->chat, false, true, 0);
1841. }
1842. else
1843. {
1844. $time = $param3 == 0 ? strtotime("+ 20 years") : strtotime("+ {$param3} seconds");
1845. $this->mysql->query("insert into `bans` (`chatid`, `userid`, `unbandate`, `ip`, `type`) values ('{$user->chat}', '{$u->id}', '{$time}', '{$u->ipaddr}', 'f32768');");
1846. if($u->group && $user->hasPower(86))
1847. {
1848. $user->sendRoom('<bl u="'.$user->id.'" d="'.$u->id.'" t="blastdunce" v="1" r="'.$this->BlastCor($u->rank).'" o="'.$this->BlastCargo($u->rank).'" /> ', false);
1849. }
1850. $u->joinRoom($user->chat, false, true, 0);
1851. $user->sendRoom('<m p="'.$this->getAttribute($packet, 'p').'" t="/gd'.$param3.'" u="'.$user->id.'" d="'.$u->id.'" w="158" />');
1852. //$user->sendRoom("<m p=\"{$pee}\" t=\"/k\" u=\"{$user->id}\" d=\"{$u->id}\" />", false);
1853.  
1854. }
1855. }
1856. return;
1857. }
1858.  
1859. switch (substr($t2, 0, 2)) {
1860. case '/r': // Guest
1861. case '/e': // Member
1862. case '/m': // Mod
1863. case '/M': // Owner
1864. $ranks = array(
1865. 'r' => array(array(1, 2, 4), 5),
1866. 'e' => array(array(1, 2, 4), 3),
1867. 'm' => array(array(1, 4), 2),
1868. 'M' => array(array(1), 4)
1869. );
1870.  
1871. $rank = $ranks[substr($t2, 1, 1)];
1872.  
1873. if (in_array($user->rank, $rank[0]) && $this->higherRank($user->rank, $u->rank, true)) {
1874. $this->mysql->query('delete from `ranks` where `userid`=' . $u->id . ' and `chatid`=' . $user->chat . ';');
1875. $this->mysql->query('insert into `ranks`(`userid`, `chatid`, `f`) values(' . $u->id . ', ' . $user->chat . ', ' . $rank[1] . ');');
1876. $p = $this->getAttribute($packet, 'p');
1877. $silent = 'm'; //$user->hasPower(72) && in_array($user->rank, array(1, 4)) && $rank == $ranks['e'] ? 'c' : 'm';
1878. $u->sendPacket('<c p="' . $p . '" t="' . substr($t2, 0, 2) . '" u="' . $user->id . '" d="' . $u->id . '" />');
1879. //$user->sendRoom('<' . $silent . ' p="' . $p . '" t="' . substr($t2, 0, 2) . '" u="' . $user->id . '" d="' . $u->id . '" />');
1880. $user->sendRoom('<m u="' . $user->id . '" d="' . $u->id . '" t="/m" p="' . substr($t2, 1, 1) . '" />');
1881. /*
1882. * Guest: 0x009900
1883. * Member: 0x3366FF
1884. * Moderator: 0xFFFFFF
1885. * Owner: 0xFF9900
1886. */
1887. $cols = array(
1888. "/r" => "0x009900",
1889. "/e" => "0x3366FF",
1890. "/m" => "0xFFFFFF",
1891. "/M" => "0xFF9900"
1892. );
1893. $colIndex = substr($t2, 0, 2);
1894. $blaster = $cols[$colIndex];
1895. $oAttr = array(
1896. "/r" => "r",
1897. "/e" => "e",
1898. "/m" => "m",
1899. "/M" => "M"
1900. );
1901. $oIndex = substr($t2, 0, 2);
1902. $useO = $oAttr[$oIndex];
1903.  
1904. $Blastpros = $this->mysql->fetch_Array( "SELECT * FROM `chat_powers` WHERE `chat`='{$user->group}' AND `power`=84;" );
1905. If ( !count( $Blastpros ) == 0 )
1906.  
1907. {
1908. $user->sendRoom('<bl u="'.$user->id.'" d="'.$u->id.'" t="blastpro" v="' . $blastpro . '" r="'.$blaster.'" o="'.$useO.'" />', false);
1909. }
1910. $u->joinRoom($user->chat, 0, true);
1911. }
1912. break;
1913.  
1914. case '/g': // Ban
1915. if (in_array($user->rank, array(1, 2, 4)) && $this->higherRank($user->rank, $u->rank, true)) {
1916. if ($user->rank == 2) { // Mod8
1917. $hours = round((($param3 / 60) / 60), 1);
1918. $mod8 = $user->haspower(3);
1919. if ($hours > 6 && !$mod8 || $mod8 && $hours > 8) {
1920. return;
1921. }
1922. }
1923.  
1924. $time = $param3 == 0 ? strtotime("+ 20 years") : strtotime("+ {$param3} seconds");
1925.  
1926. if ($game !== false && is_numeric($game) && $game > 0) {
1927. if ($user->hasPower($game)) {
1928. $this->mysql->query("insert into `bans` (`chatid`, `userid`, `unbandate`, `ip`, `type`) values ('{$user->chat}', '{$u->id}', '{$time}', '{$u->ipaddr}', 'w{$game}');");
1929. $user->sendRoom('<m p="' . $p . '" t="/g' . $param . '" w="' . $game . '" u="' . $user->id . '" d="' . $u->id . '" />');
1930. $u->sendPacket('<c p="' . $p . '" w="' . $game . '" t="/g' . $time . '" u="' . $user->id . '" d="' . $u->id . '" />');
1931. $Blastbans = $this->mysql->fetch_Array( "SELECT * FROM `chat_powers` WHERE `chat`='{$user->group}' AND `power`=86;" );
1932. If ( !count( $Blastbans ) == 0 )
1933. { $user->sendRoom('<bl u="' . $user->id . '" d="' . $u->id . '" t="blastban" v="1" r="' . $this->BlastCor($u->rank) . '" o="' . $this->BlastCargo($u->rank) . '" />', false);
1934. }
1935. $u->joinRoom($user->chat, false, true, 0);
1936. } else {
1937. $user->sendPacket('<n t="You don\'t have that power!" />');
1938. }
1939. } else {
1940. $this->mysql->query("insert into `bans` (`chatid`, `userid`, `unbandate`, `ip`) values ('{$user->chat}', '{$u->id}', '{$time}', '{$u->ipaddr}');");
1941. $user->sendRoom('<m p="' . $this->getAttribute($packet, 'p') . '" t="/g' . $param . '" u="' . $user->id . '" d="' . $u->id . '" />');
1942. $u->sendPacket('<c p="' . $this->getAttribute($packet, 'p') . '" t="/g' . $time . '" u="' . $this->getAttribute($packet, 'u') . '" d="' . $this->getAttribute($packet, 'd') . '" />');
1943. $u->sendRoom("<l u=\"{$u->id}\" />");
1944. $Blastbans = $this->mysql->fetch_Array( "SELECT * FROM `chat_powers` WHERE `chat`='{$user->group}' AND `power`=86;" );
1945. If ( !count( $Blastbans ) == 0 )
1946. { $user->sendRoom('<bl u="' . $user->id . '" d="' . $u->id . '" t="blastban" v="1" r="' . $this->BlastCor($u->rank) . '" o="' . $this->BlastCargo($u->rank) . '" />', false);
1947. }
1948. $u->sendRoom("<l u=\"{$u->id}\" />"); // Left off here [Blasts]
1949. $u->joinRoom($user->chat, false, true, 2);
1950. }
1951. }
1952. break;
1953.  
1954.  
1955.  
1956. case "/k": // Kick/Boot
1957. If ( in_Array( $user->rank, Array(
1958. 1,
1959. 2,
1960. 4
1961. ) ) && $this->higherRank( $user->rank, $u->rank, True ) )
1962. {
1963. $args = explode( "#", $pee = $this->getAttribute( $packet, 'p' ) );
1964. If ( count( $args ) == 2 )
1965. {
1966. $chat = $this->mysql->fetch_Array( "select * from `chats` where `id`='{$this->mysql->sanatize($args[1])}' or `name`='{$this->mysql->sanatize($args[1])}';" );
1967. If ( empty( $chat ) )
1968. {
1969. $user->sendPacket("<n t=\"That chat doesn't exist 3:\" />");
1970. } //empty( $chat )
1971. Else
1972. {
1973. $user->sendRoom( "<m p=\"{$pee}\" t=\"/k\" u=\"{$user->id}\" d=\"{$u->id}\" />", False );
1974. $u->sendPacket( "<q p2=\"{$pee}\" u=\"{$u->id}\" d2=\"{$user->id}\" r=\"{$chat[0]['id']}\" />" );
1975. $u->joinRoom( $chat[ 0 ][ 'id' ], True );
1976. $user->sendRoom( "<l u=\"{$u->id}\" />" );
1977. }
1978. } //count( $args ) == 2
1979. Else
1980. {
1981. If ( count( $args ) == 3 && !$user->hasPower( 121 ) )
1982. {
1983. $user->sendPacket("<n t=\"You don't have Zap power :c\" />");
1984. } //count( $args ) == 3 && !$user->hasPower( 121 )
1985. Else
1986. {
1987. $user->sendRoom( "<m p=\"{$pee}\" t=\"/k\" u=\"{$user->id}\" d=\"{$u->id}\" />", False );
1988. $u->sendPacket( "<c p=\"{$pee}\" t=\"/k\" u=\"{$user->id}\" d=\"{$u->id}\" />" );
1989. $user->sendRoom( '<bl u="' . $user->id . '" d="' . $u->id . '" t="blastkick" v="' . $blastkick . '" r="' . $this->BlastCor( $u->rank ) . '" o="' . $this->BlastCargo( $u->rank ) . '" />', False );
1990. $this->disconnect( $u->index );
1991. $user->sendRoom( "<l u=\"{$u->id}\" />" );
1992. }
1993. }
1994. } //in_Array( $user->rank, Array( 1, 2, 4 ) ) && $this->higherRank( $user->rank, $u->rank, True )
1995. Else
1996. {
1997. $this->disconnect( $user->index );
1998. }
1999. break;
2000.  
2001. case '/u':
2002. if (in_array($user->rank, array(1, 2, 4)) && ($u->rank == 16 && $this->higherRank($user->rank, $u->rank, true))) {
2003. $this->mysql->query("delete from `bans` where `chatid`='{$user->chat}' and `userid`='{$u->id}' or `chatid`='{$user->chat}' and `ip`='{$u->ipaddr}';");
2004. $user->sendRoom('<m t="/u" u="' . $user->id . '" d="' . $u->id . '" />');
2005. $u->sendPacket('<c u="0" d="' . $u->id . '" t="/u" />');
2006. $u->joinRoom($user->chat, 0, true);
2007. }
2008. break;
2009. }
2010. break;
2011. default:
2012. $this->disconnect($user->index);
2013. break;
2014. }
2015. }
2016.  
2017. public function BlastCor($rank) {
2018. $ranks = array(1, 2, 3, 4, 5);
2019. $cor = "0x009900";
2020. if ($rank == 5)
2021. $cor = "0x009900";
2022. if ($rank == 4)
2023. $cor = "0xFF9900";
2024. if ($rank == 3)
2025. $cor = "0x3366FF";
2026. if ($rank == 2)
2027. $cor = "0xFFFFFF";
2028. if ($rank == 1)
2029. $cor = "X";
2030. return $cor;
2031. }
2032.  
2033. public function BlastCargo($rank) {
2034. $ranks = array(1, 2, 3, 4, 5);
2035. $cargo = "0x009900";
2036. if ($rank == 5)
2037. $cargo = "r"; // Guest
2038. if ($rank == 4)
2039. $cargo = "M"; // Owner
2040. if ($rank == 3)
2041. $cargo = "e"; // Member
2042. if ($rank == 2)
2043. $cargo = "m"; // Mod
2044. if ($rank == 1)
2045. $cargo = "X"; // Main Owner
2046. return $cargo;
2047. }
2048.  
2049. public function mask($packet) {
2050. $length = strlen($packet);
2051.  
2052. if ($length < 126) {
2053. return pack('CC', 0x80 | (0x1 & 0x0f), $length) . $packet;
2054. } elseif ($length < 65536) {
2055. return pack('CCn', 0x80 | (0x1 & 0x0f), 126, $length) . $packet;
2056. } else {
2057. return pack('CCNN', 0x80 | (0x1 & 0x0f), 127, $length) . $packet;
2058. }
2059. }
2060.  
2061. public function unmask($packet) {
2062. try {
2063. $length = ord($packet[1]) & 127;
2064. if ($length == 126) {
2065. $masks = substr($packet, 4, 4);
2066. $data = substr($packet, 8);
2067. } elseif ($length == 127) {
2068. $masks = substr($packet, 10, 4);
2069. $data = substr($packet, 14);
2070. } else {
2071. $masks = substr($packet, 2, 4);
2072. $data = substr($packet, 6);
2073. }
2074.  
2075. $response = '';
2076. $dlength = strlen($data);
2077. for ($i = 0; $i < $dlength; ++$i) {
2078. $response .= $data[$i] ^ $masks[$i % 4];
2079. }
2080.  
2081. return $response == '' ? false : $response;
2082. } catch (Exception $e) {
2083. return false;
2084. }
2085. }
2086.  
2087. public function doLogin($user, $pass) {
2088. /* Variables */
2089. $vals = array();
2090. $p = array();
2091. $pp = '';
2092. $dO = '';
2093. $powerO = '';
2094.  
2095. $user = $this->mysql->fetch_array('select * from `users` where `username`=\'' . $this->mysql->sanatize($user) . '\';');
2096. if (isset($user[0])) {
2097. $bride = $user[0]['d2'] == 0 ? false : $user[0]['bride'];
2098.  
2099. if ((floor(($user[0]['days'] - time()) / (24 * 3600) + 0.3) >= 1 ? floor(($user[0]['days'] - time()) / (24 * 3600) + 0.3) : 0) >= 1) {
2100. $upowers = $this->mysql->fetch_array('select * from `userpowers` where `userid`=' . $user[0]['id'] . ';');
2101. $spowers = $this->mysql->fetch_array('select * from `powers` where `name` not like \'%(Undefined)%\';');
2102.  
2103. foreach ($spowers as $power) {
2104. $vals[$power['id']] = array($power['section'], $power['subid']);
2105. $p[$power['section']] = 0;
2106. }
2107.  
2108. foreach ($upowers as $power) {
2109. if ($power['count'] >= 1 && isset($vals[$power['powerid']]) && isset($p[$vals[$power['powerid']][0]])) {
2110. $str = $power['powerid'] . '=' . ($power['count'] > 1 ? ($power['count'] - 1) : 1) . '|';
2111. $p[$vals[$power['powerid']][0]] += $vals[$power['powerid']][1];
2112. $dO .= $str;
2113. if ($power['count'] > 1) {
2114. $powerO .= $str;
2115. }
2116. }
2117. }
2118.  
2119. foreach ($p as $i => $u) {
2120. $pp .= " d" . (substr($i, 1) + 4) . "=\"{$u}\"";
2121. }
2122. }
2123.  
2124. $this->mysql->query("update `users` set `dO`='{$this->mysql->sanatize($powerO)}' where `username`='{$this->mysql->sanatize($user[0]['username'])}';");
2125.  
2126. return "<v RL=\"1\" i=\"{$user[0]['id']}\" c=\"{$user[0]['xats']}\" dt=\"0\" n=\"{$user[0]['username']}\" k1=\"{$user[0]['k']}\" k2=\"{$user[0]['k2']}\" k3=\"{$user[0]['k3']}\" bride=\"{$bride}\" d0=\"{$user[0]['d0']}\" d1=\"{$user[0]['days']}\" d2=\"{$user[0]['d2']}\" d3=\"\"{$pp} dx=\"{$user[0]['xats']}\" dO=\"{$powerO}\" PowerO=\"{$powerO}\" />";
2127. }
2128. return false;
2129. }
2130.  
2131. public function getUserByID($id, $chat = null) {
2132. if ($id == 2 || $id == 0) {
2133. return false;
2134. }
2135. foreach ($this->users as $user) {
2136. if ($user->id == $id && ($chat == null || $user->chat == $chat)) {
2137. return $user->online ? $user : false;
2138. }
2139. }
2140. return false;
2141. }
2142.  
2143. function higherRank($rank1, $rank2, $minMod = false) {
2144. if ($rank1 == $rank2) {
2145. return false;
2146. }
2147. $order = array(1, 2, 3, 4);
2148. if (in_array($rank1, $order) && !in_array($rank2, $order)) {
2149. return true;
2150. }
2151. if ($rank1 == 1) {
2152. return true;
2153. }
2154. if ($rank1 == 4 && $rank2 != 1) {
2155. return true;
2156. }
2157. if ($rank1 == 2 && $rank2 != 1 && $rank2 != 4) {
2158. return true;
2159. }
2160. if ($minMod == true) {
2161. return false;
2162. }
2163. if ($rank1 == 3 && $rank2 != 1 && $rank2 != 4 && $rank2 != 2) {
2164. return true;
2165. }
2166. return false;
2167. }
2168.  
2169. function objectToArray($object) {
2170. $array = array();
2171. foreach ($object as $member => $data) {
2172. $array[$member] = $data;
2173. }
2174. return $array;
2175. }
2176.  
2177. public function getAttribute($xml, $attName, $reverse = false) {
2178. $att = $this->objectToArray($xml->attributes());
2179. if ($reverse == true) {
2180. array_reverse($att);
2181. }
2182.  
2183. foreach ($att as $a => $b) {
2184. if ($a == $attName) {
2185. $b = htmlspecialchars($b);
2186. return $b;
2187. }
2188. }
2189. return false;
2190. }
2191.  
2192. public function getMultiAttr($xml, $names = array(), $values = array()) {
2193. setType($names, 'array');
2194. if (!method_exists($xml, 'attributes')) {
2195. return array();
2196. }
2197.  
2198. foreach ($names as $u) {
2199. $values[$u] = false;
2200. }
2201.  
2202. foreach ($xml->attributes() as $i => $u) {
2203. if (in_array($i, $names) || empty($names)) {
2204. $values[$i] = ((string) ((string) $u));
2205. }
2206. }
2207.  
2208. return $values;
2209. }
2210.  
2211. public function disconnect($userID, $logout = null, $num = null, $chatid = null) {
2212. if (isset($this->users[$userID]) && $user = $this->users[$userID]) {
2213. if (!is_null($logout) && $user->online) {
2214. $user->sendPacket("<logout />");
2215. }
2216.  
2217. if (is_resource($user->sock)) {
2218. socket_close($user->sock);
2219. $user->sock = null;
2220. }
2221. $user->online = false;
2222.  
2223. return true;
2224. }
2225. return false;
2226. }
2227.  
2228. public function ipban($ip, $dcall = true) {
2229. if (!filter_var($ip, FILTER_VALIDATE_IP)) {
2230. return false;
2231. }
2232.  
2233. $this->ipbans[] = $ip;
2234. if ($dcall == true) {
2235. foreach ($this->users as $u) {
2236. if ($u->ipaddr == $ip) {
2237. $this->disconnect($u->index);
2238. }
2239. }
2240. }
2241. $bans = json_encode($this->ipbans);
2242. $this->mysql->query("update `server` set `ipbans`='{$this->mysql->sanatize($bans)}';");
2243. return true;
2244. }
2245.  
2246. public function ipUnban($ip) {
2247. if (!filter_var($ip, FILTER_VALIDATE_IP)) {
2248. return false;
2249. }
2250. foreach ($this->ipbans as $index => $addr) {
2251. if ($ip == $addr) {
2252. unset($this->ipbans[$index]);
2253. $bans = json_encode($this->ipbans);
2254. $this->mysql->query("update `server` set `ipbans`='{$this->mysql->sanatize($bans)}';");
2255. return true;
2256. } else {
2257. continue;
2258. }
2259. }
2260. return false;
2261. }
2262.  
2263.  
2264.  
2265. public function spamfilter($element, $user, $ms = 800, $time = null, $dc = true) {
2266. if (is_null($time)) {
2267. $time = round(microtime(true) * 1000);
2268. }
2269. if (isset($user->last[$element]) && ($user->last[$element] + $ms) >= $time) {
2270. return (is_null($dc) ? true : $this->disconnect($user->index));
2271. }
2272. $user->last[$element] = $time;
2273. return false;
2274. }
2275.  
2276. }
2277.  
2278. class client {
2279.  
2280. public $sock, $parent;
2281. public $bride, $rank, $id, $username, $nickname, $k, $k2, $k3, $password, $avatar, $url, $powers, $room, $xats, $days, $chat, $banned, $hidden = false, $pool = 0, $switchingPools = false;
2282. public $d0, $d1, $d2, $d3, $d4, $d5, $d6, $dt, $dx, $dO, $p0, $p1, $p2, $p4, $PowerO, $d7, $p3, $homepage, $h, $group, $away = false, $pStr;
2283. public $loginKey = null, $last = array(), $authenticated = null, $online = false, $disconnect = false, $rExpire = 0, $chatPass = false, $pawn = '';
2284. public $mobready = false, $buffer = '';
2285.  
2286. public function __construct(&$socket, &$parent, $index, $ipaddr, $mobile = false) {
2287. list($this->index, $this->sock, $this->parent, $this->ipaddr, $this->mobile) = array(
2288. $index, $socket, $parent, $ipaddr, $mobile
2289. );
2290. }
2291.  
2292. public function resetDetails($id, $bans = null) {
2293. $user = $this->parent->mysql->fetch_array("select * from `users` where `id`='{$this->parent->mysql->sanatize($id)}' and `id` not in(0, 2);");
2294. if (empty($user)) {
2295. $this->guest = true;
2296. } else {
2297. if ($user[0]['username'] == '') {
2298. list($this->guest, $this->k, $this->k2, $this->k3) = array(
2299. true, $user[0]['k'], $user[0]['k2'], $user[0]['k3']
2300. );
2301. } else {
2302. $this->xats = $user[0]['xats'];
2303. $this->days = floor(($user[0]['days'] - time()) / (24 * 3600) + 0.3) >= 1 ? floor(($user[0]['days'] - time()) / (24 * 3600) + 0.3) : 0;
2304. $this->username = $user[0]['username'];
2305. $this->password = $user[0]['password'];
2306. $this->enabled = $user[0]['enabled'];
2307. $this->k = $user[0]['k'];
2308. $this->k2 = $user[0]['k2'];
2309. $this->k3 = $user[0]['k3'];
2310. $this->PowerO = $user[0]['dO'];
2311. $this->powers = $user[0]['powers'];
2312. $this->avatar = $user[0]['avatar'];
2313. $this->url = $user[0]['url'];
2314. $this->d1 = 0;
2315. $this->d2 = $user[0]['d2'];
2316. $this->bride = $user[0]['bride'];
2317. $this->d3 = null;
2318. $this->pawn = $user[0]['custpawn'] == 'off' ? '' : $user[0]['custpawn'];
2319.  
2320. if ($this->mobile) {
2321. $this->nickname = $this->username == '' ? 'Unregistered' : $this->username;
2322. } else {
2323. $this->nickname = explode("##", $user[0]['nickname'], 2);
2324. $this->nickname[0] = htmlspecialchars_decode($this->nickname[0]);
2325. $this->nickname = count($this->nickname) > 1 ? implode("##", $this->nickname) : $this->nickname[0];
2326. }
2327.  
2328. if (true || $user[0]['torched'] != 1) { // Torching - Add Later
2329. if (!$this->getPowers()) {
2330. return false;
2331. }
2332.  
2333. $this->dO = $user[0]['dO'];
2334. }
2335. $this->dt = null;
2336. $this->guest = false;
2337. }
2338.  
2339. $trolls = json_decode($user[0]['trolls'], true);
2340. if (is_array($trolls)) {
2341. foreach ($trolls as $i => $u) {
2342. $this->{$i} = $u;
2343. }
2344. }
2345. }
2346.  
2347. if ($this->guest === true) {
2348. $this->username = '';
2349. }
2350. return true;
2351. }
2352.  
2353. public function getPowers($pV = array()) {
2354. if ($this->days < 1)
2355. {
2356. for ($i = 0; $i <= $this->parent->config->pcount; $this->{'p' . $i++} = 0);
2357. return true;
2358. }
2359.  
2360. $powers = $this->parent->mysql->fetch_array('select * from `userpowers` where `userid`=' . $this->id . ';');
2361. $powerv = $this->parent->mysql->fetch_array('select `id`, `section`, `subid` from `powers` where `name` not like \'%(Undefined)%\';');
2362. $pv = $test = $final = array();
2363. foreach ($powerv as $power) {
2364. $pv[$power['id']] = array('sect' => $power['section'], 'sub' => (int) $power['subid']);
2365. $test[$power['section']] = 0;
2366. $last[$power['section']] = 0;
2367. }
2368.  
2369. foreach ($powers as $power) {
2370. $test[$pv[$power['powerid']]['sect']] += $pv[$power['powerid']]['sub'];
2371. }
2372.  
2373. foreach ($test as $sect => $val) {
2374. if ((int) $val != (int) $this->{$sect . 'v'}) {
2375. return false;
2376. }
2377. }
2378.  
2379. foreach ($powers as $power) {
2380. if (isset($pv[$power['powerid']])) {
2381. $power = $pv[$power['powerid']];
2382. if ((int) $this->{$power['sect'] . 'v'} & $test[$power['sect']]) {
2383. if (!((int) $power['sub'] & $test[$power['sect']])) {
2384. return false;
2385. }
2386.  
2387. if (!($this->{'m' . substr($power['sect'], 1)} & (int) $power['sub'])) {
2388. $last[$power['sect']] += (int) $power['sub'];
2389. }
2390. }
2391. }
2392. }
2393.  
2394. $this->pStr = '';
2395. foreach ($test as $sect => $u) {
2396. $this->{$sect} = $last[$sect];
2397. $this->pStr .= $sect . '="' . $this->{$sect} . '" ';
2398. }
2399.  
2400.  
2401.  
2402.  
2403.  
2404.  
2405.  
2406.  
2407. return true;
2408. }
2409.  
2410.  
2411. public function updateDetails() {
2412. $upowers = $this->parent->mysql->fetch_array('select * from `userpowers` where `userid`=' . $this->id . ';');
2413. $spowers = $this->parent->mysql->fetch_array('select * from `powers` where `name` not like \'%(Undefined)%\';');
2414.  
2415. $vals = array();
2416. $p = array();
2417. $powerO = '';
2418.  
2419. foreach ($spowers as $power)
2420. {
2421. $vals[$power['id']] = array($power['section'], $power['subid']);
2422. $p[$power['section']] = 0;
2423. }
2424.  
2425. foreach ($upowers as $power)
2426. {
2427. if ($power['count'] >= 1 && isset($vals[$power['powerid']]) && isset($p[$vals[$power['powerid']][0]]))
2428. {
2429. $str = $power['powerid'] . '=' . ($power['count'] > 1 ? ($power['count'] - 1) : 1) . '|';
2430. $p[$vals[$power['powerid']][0]] += $vals[$power['powerid']][1];
2431. if ($power['count'] > 1) {
2432. $powerO .= $str;
2433. }
2434. }
2435. }
2436. if ($this->id != 0 && $this->id != 2 && $this->mobile == false) {
2437. $this->parent->mysql->query(
2438. "update `users` set
2439. `nickname`='{$this->parent->mysql->sanatize($this->nickname)}',
2440. `avatar`='{$this->parent->mysql->sanatize($this->avatar)}',
2441. `url`='{$this->parent->mysql->sanatize($this->url)}',
2442. `dO`='{$this->parent->mysql->sanatize($powerO)}',
2443. `connectedlast`='{$this->ipaddr}'
2444. where `id`='{$this->parent->mysql->sanatize($this->id)}';"
2445. );
2446. }
2447. return ($this->id != 0 && $this->id != 2) ? true : false;
2448. }
2449.  
2450. public function hasPower($power) {
2451. list($subid, $section) = array(
2452. pow(2, $power % 32),
2453. $power >> 5
2454. );
2455.  
2456. return $this->{'p' . $section} & $subid ? true : false;
2457. ;
2458. }
2459.  
2460. public function authenticate($packet) {
2461. //print_r($packet->Attributes());
2462. /* Load Packet Information */
2463. /* Load Packet / Values */
2464. $attributes = array('u', 'N', 'k', 'pool', 'f', 'auth1', 'auth2', 'h', 'd0', 'a', 'c', 'banned', 'r');
2465. for ($i = 0; $i <= $this->parent->config->pcount; $i++) {
2466. array_push($attributes, 'd' . ($i + 4));
2467. array_push($attributes, 'm' . $i);
2468. }
2469.  
2470. $info = $this->getMultiAttr($packet, $attributes);
2471.  
2472. for ($i = 0; $i <= $this->parent->config->pcount; $i++) {
2473. $this->{'p' . $i . 'v'} = (int) $info['d' . ($i + 4)];
2474. $this->{'m' . $i} = (int) $info['m' . $i];
2475. }
2476. /* End */
2477. $this->id = (string) $info['u'];
2478. $this->d0 = (integer) $info['d0'];
2479. $this->f = (integer) $info['f'];
2480. $n = (string) $info['N'];
2481. $k = (integer) $info['k'];
2482. $pool = $this->pool;
2483.  
2484.  
2485. if ($this->mobile) {
2486. $this->f |= 0x0200;
2487. }
2488.  
2489.  
2490.  
2491.  
2492.  
2493.  
2494. $this->b = $this->f & 8 ? true : false;
2495. $chat = (int) $info['c'];
2496.  
2497. if ($this->days < 1)
2498. {
2499.  
2500. for ($i = 0; $i <= $this->parent->config->pcount; $i++)
2501. {
2502. $this->pStr .= 'p' . $i . '="0" ';
2503. }
2504. } else {
2505. for ($i = 0; $i <= $this->parent->config->pcount; $i++)
2506. {
2507. $this->{'p' . $i . 'v'} = isset($info['d' . ($i + 4)]) ? $info['d' . ($i + 4)] : 0;
2508. $this->{'m' . $i} = isset($info['m' . $i]) ? $info['m' . $i] : 0;
2509. $this->pStr .= 'p' . $i . '="' . $this->{'p' . $i . 'v'} . '" ';
2510. }
2511. }
2512. /* End */
2513. /* Reset details, Check powers */
2514. if (!$this->resetDetails($this->id)) {
2515. return false;
2516. }
2517. $this->url = (string) $info['h'];
2518. $this->avatar = (string) $info['a'];
2519. $xInfo = $this->parent->mysql->fetch_Array( "select * from `chats` where `id`='{$this->parent->mysql->sanatize($chat)}';" );
2520. $pBot = $this->parent->mysql->fetch_Array( "select * from `chat_powers` where `chat`='{$this->parent->mysql->sanatize($xInfo[0]['name'])}' and power=150;" );
2521. /* End */
2522.  
2523. /* Chat Password [get main] */
2524. if ($info['r'] !== false) {
2525. $this->chatPass = $info['r'];
2526. }
2527. /* Sanatize Name / Explode Status */
2528. $this->nickname = $this->getAttribute($packet, 'n');
2529. $this->nickname = explode('##', $this->nickname, 2);
2530. if (count($this->nickname) > 1) {
2531. $this->nickname[1] = htmlspecialchars(str_replace("", "", $this->nickname[1]));
2532. $this->nickname = implode('##', $this->nickname);
2533. } else {
2534. $this->nickname = $this->nickname[0];
2535. }
2536. if (strlen($this->nickname) > 255) {
2537. //return false;
2538. }
2539. /* End */
2540. /* Just some information checking for guest system, + user exists */
2541. if ($this->guest == true && isset($this->enabled) && $this->id != 2) {
2542. return false;
2543. } elseif ($this->id != 2 && is_numeric($k)) {
2544. $user = $this->parent->mysql->fetch_array("select * from `users` where `id`='{$this->parent->mysql->sanatize($this->id)}' and `k`='{$this->parent->mysql->sanatize($k)}' and `id`!='' and `k`!='';");
2545. if (empty($user)) {
2546. return false;
2547. } elseif ($user[0]['username'] == 'Unregistered') {
2548. $this->guest = true;
2549. } else {
2550. $this->guest = false;
2551. }
2552. } else {
2553. $this->guest = true;
2554. }
2555. /* End */
2556. $this->updateDetails();
2557. $this->authenticated = true;
2558.  
2559. $banned = $this->parent->mysql->fetch_array("select * from `bans` where `chatid`='{$chat}' and `type`='';");
2560. $banned_id = (isset($banned[0]['userid'])) ? (int) $banned[0]['userid']: 0;
2561. if($this->id == $banned_id){
2562. return $this->joinRoom($chat, 1, false, 2);
2563. } else {
2564. return $this->joinRoom($chat, 1, false, $pool);
2565. }
2566. }
2567.  
2568. public function getAttribute($xml, $name) {
2569. if (method_exists($xml, 'attributes')) {
2570. foreach ($xml->attributes() as $a => $b) {
2571. if ($a == $name)
2572. return (string) $b;
2573. }
2574. }
2575. return false;
2576. }
2577.  
2578. public function getMultiAttr($xml, $names = array(), $values = array()) {
2579. setType($names, 'array');
2580. if (!method_exists($xml, 'attributes')) {
2581. return array();
2582. }
2583. foreach ($names as $u) {
2584. $values[$u] = false;
2585. }
2586. foreach ($xml->attributes() as $i => $u) {
2587. if (in_array($i, $names)) {
2588. $values[$i] = mb_convert_encoding((string) $u, "utf-8");
2589. }
2590. }
2591. return $values;
2592. }
2593.  
2594. public function message($t, $ex = true) {
2595. $this->sendMessage($t, $this->id, 0, false, $ex);
2596. }
2597.  
2598. public function sendMessage($t, $u = '[C]', $i = 0, $s = false, $ex = false) {
2599. if ($u == '[C]')
2600. $u = $this->id;
2601. $packet = "<m t=\"{$t}\" u=\"{$u}\" i=\"{$i}\" />";
2602. $ex != false ? $this->sendRoom($packet, $ex) : $this->sendPacket($packet);
2603. }
2604.  
2605. public function sendPacket($packet) {
2606. if ($this->sock) {
2607. if ($this->mobile == true) {
2608. $packet = simplexml_load_string($packet);
2609. if (!method_exists($packet, 'getName')) {
2610. $this->parent->disconnect($this->sock);
2611. return false;
2612. }
2613.  
2614. $json = new stdClass();
2615. $json->tag = $packet->getName();
2616. foreach ($packet->Attributes() as $i => $u) {
2617. $json->{$i} = (string) $u;
2618. }
2619.  
2620. $packet = json_encode($json);
2621. $packet = $this->parent->mask($packet);
2622. } elseif (substr($packet, -1) != chr(0)) {
2623. $packet .= chr(0);
2624. }
2625.  
2626. // socket_set_nonblock($this->sock);
2627. if (!@socket_write($this->sock, $packet, strlen($packet))) {
2628. $this->parent->disconnect($this->sock);
2629. return false;
2630. }
2631.  
2632. // socket_set_block($this->sock);
2633. return true;
2634. }
2635. }
2636.  
2637. public function sendAll($packet) {
2638. if (stristr($packet, strlen($packet) - 1, 1) != chr(0)) {
2639. $packet = $packet . chr(0);
2640. }
2641. foreach ($this->parent->users as &$user) {
2642. if (!@socket_write($user->sock, $packet, strlen($packet))) {
2643. $this->parent->disconnect($user->index);
2644. }
2645. }
2646. return true;
2647. }
2648.  
2649. public function parseRank($rank) {
2650. $ranks = array(1, 2, 3, 4, 5);
2651. if (!is_numeric($rank)) {
2652. switch (strtolower($rank)) {
2653. case 'guest': return 5;
2654. case 'owner': return 4;
2655. case 'member': return 3;
2656. case 'moderator': return 2;
2657. case 'mainowner': return 1;
2658. default: return 0;
2659. }
2660. } elseif (!in_array($rank, $ranks)) {
2661. return 0;
2662. }
2663. return $rank;
2664. }
2665.  
2666. public function rank($numrank, $word = null, $compare = null) { // Made this for the hell of it
2667. $ranks = array(
2668. 5 => array(5, 'guest'),
2669. 3 => array(4, 'member'),
2670. 2 => array(3, 'moderator'),
2671. 4 => array(2, 'owner'),
2672. 1 => array(1, 'mainOwner')
2673. );
2674. if (!in_array($numrank, $ranks)) {
2675. $rank = $ranks[5];
2676. } else {
2677. $rank = $ranks[$numrank];
2678. }
2679. return is_null($compare) ? (is_null($word) ? $rank[0] : $rank[1]) : ($rank[0] < $ranks[$compare][0] ? true : false);
2680. }
2681.  
2682. public function __destruct() {
2683. /* It's done like this to avoid a bitch of a memory leak */
2684. if (isset($this->id) && !isset($this->noLogout)) {
2685. $this->sendRoom('<l u="' . $this->id . '" />', true);
2686. }
2687. }
2688.  
2689. public function joinRoom($chat, $reload = true, $nodup = false, $pool = 0, $banTick = 0) {
2690. /* Initial Information */
2691.  
2692. list($this->pool, $this->hidden) = array($pool, false);
2693.  
2694. if (!$this->authenticated || !is_numeric($chat) || $chat < 1) {
2695. return false;
2696. }
2697.  
2698. $chat = $this->parent->mysql->fetch_array("select * from `chats` where `id`='{$this->parent->mysql->sanatize($chat)}';");
2699. if (empty($chat)) {
2700. return false;
2701. }
2702.  
2703.  
2704. list($this->chatid, $this->group) = array($chat[0]['id'], $chat[0]['name']);
2705.  
2706. $badge = $this->parent->mysql->fetch_array("select * from `badge` where `id`='{$this->parent->mysql->sanatize($this->id)}' and `chatid`='{$this->parent->mysql->sanatize($chat[0]['id'])}' order by `id` desc limit 0,1;");
2707. if($this->id == isset($badge[0]['id'])){
2708. $this->f += 262144;
2709. }
2710.  
2711. /* Do Ranks */
2712. $ranks = $this->parent->mysql->fetch_array("select * from `ranks` where `chatid`='{$chat[0]['id']}' and `userid`='{$this->parent->mysql->sanatize($this->id)}';");
2713. if ($this->chatPass !== false) {
2714. if ($this->parent->mysql->validate($this->chatPass, $chat[0]['pass']) === true) {
2715. if (empty($ranks)) {
2716. $this->parent->mysql->query("insert into `ranks`(`userid`, `chatid`, `f`) values({$this->id}, {$this->chatid}, 1);");
2717. } else {
2718. $this->parent->mysql->query("update `ranks` set `f`=1 where `userid`={$this->id} and `chatid`={$this->chatid};");
2719. }
2720. $ranks[0] = array(
2721. 'userid' => $this->id,
2722. 'chatid' => $this->chatid,
2723. 'f' => 1,
2724. 'tempend' => 0
2725. );
2726. }
2727. }
2728. if (!isset($ranks[0]['f'])) {
2729. $ranks[0] = array('f' => 5);
2730. $this->parent->mysql->query("insert into `ranks` (`userid`, `chatid`, `f`) values ('{$this->parent->mysql->sanatize($this->id)}', '{$chat[0]['id']}', '5');");
2731. } elseif ($ranks[0]['tempend'] > 0 && $ranks[0]['tempend'] < time()) {
2732. $ranks[0] = array("f" => 3);
2733. $this->parent->mysql->query("update `ranks` set `f`=3, `tempend`=0 where `userid`={$this->id} and `chatid`={$this->chatid};");
2734. } else {
2735. $userRank = $ranks[0]['f'];
2736. $this->rExpire = $ranks[0]['tempend'] > time() ? $ranks[0]['tempend'] : 0;
2737. }
2738.  
2739. $this->rank = $ranks[0]['f'];
2740.  
2741. if ($this->hasPower(29) && !$this->online && in_array($this->rank & 7, array(1, 4))) {
2742. $this->hidden = true;
2743.  
2744. if (!($this->f & 0x0400)) {
2745. $this->f += 0x0400;
2746. }
2747. } elseif ($this->f & 0x0400) {
2748. $this->f -= 0x0400;
2749. }
2750.  
2751. $this->updateDetails();
2752. $this->resetDetails($this->id, true);
2753. /* End */
2754. /* Update / Check Bans */
2755. $game = '';
2756. $this->banned = 0;
2757. $this->unban = false;
2758. $ban = $this->parent->mysql->fetch_array("select * from `bans` where `userid`='{$this->parent->mysql->sanatize($this->id)}' and `chatid`='{$this->parent->mysql->sanatize($chat[0]['id'])}' or `ip`='{$this->ipaddr}' and `chatid`='{$this->parent->mysql->sanatize($this->chatid)}' order by `unbandate` desc limit 0,1;");
2759. if (!empty($ban) && ($this->id == $ban[0]['userid'] || $this->ipaddr == $ban[0]['ip'])) {
2760. $ban = $ban[0];
2761. if ($ban['unbandate'] >= $this->loginTime) {
2762. if (substr($ban['type'], 0, 1) == 'w') {
2763. $this->rank = 16;
2764. $game = ' w="' . substr($ban['type'], 1) . '"';
2765. } elseif (substr($ban['type'], 0, 1) == 'r') {
2766. $this->rank |= (int) substr($ban['type'], 1);
2767. } elseif (substr($ban['type'], 0, 1) == 'f') {
2768. $this->f |= (int) substr($ban['type'], 1);
2769. } else {
2770. $this->rank = 16;
2771. }
2772.  
2773. if (!($this->f & 0x8000)) { // desban do dunced
2774. $this->banned = $ban['unbandate'];
2775. }
2776.  
2777. if (!($this->f & 0xFF)) { // desban do gag
2778. $this->banned = $ban['unbandate'];
2779. }
2780. } elseif ($this->id == $ban['userid']) {
2781. $this->unban = true;
2782. $this->parent->mysql->query("delete from `bans` where `userid`='{$this->parent->mysql->sanatize($this->id)}' and `chatid`='{$this->parent->mysql->sanatize($chat[0]['id'])}' and `unbandate`<={$this->loginTime};");
2783. }
2784. } elseif (empty($ban) && $this->b == true) {
2785. $this->unban = true;
2786. } elseif (isset($ban['unbandate'])) {
2787. $this->sendPacket("<n t=\"You are banned for " . round(($ban['unbandate'] - time()) / 60, 1) . " more minutes.\" />");
2788. }
2789. /* End */
2790. /* Chat Information */
2791. if (empty($chat[0]['attached'])) {
2792. $chat[0]['attached'] = array('Lobby', '1');
2793. } else {
2794. $info = $this->parent->mysql->fetch_array("select * from `chats` where `name`='{$this->parent->mysql->sanatize($chat[0]['attached'])}';");
2795. if (empty($info) || $info[0]['id'] == $chat[0]['id']) {
2796. $chat[0]['attached'] = array('Lobby', '1');
2797. } else {
2798. $chat[0]['attached'] = array(
2799. 0 => $info[0]['name'],
2800. 1 => $info[0]['id']
2801. );
2802. $this->f = $this->f |= 2;
2803. }
2804. }
2805. if ($chat[0]['attached'][1] == $this->chatid) {
2806. $chat[0]['attached'] = array('0', '0');
2807. }
2808.  
2809.  
2810. if ($this->unban == true) {
2811. $this->sendPacket('<c u="0" d="' . $this->id . '" t="/u" />');
2812. $this->unban = false;
2813. }
2814. $pawn = strlen($this->pawn) == 6 ? ' pawn="' . $this->pawn . '"' : '';
2815.  
2816. $this->sendPacket("<i{$pawn}{$game} b=\"{$chat[0]['bg']};={$chat[0]['attached'][0]};={$chat[0]['attached'][1]};=;={$chat[0]['radio']};={$chat[0]['button']}\" f=\"{$this->f}\" ".($this->days >= 1 ? 'v="3"' : 'v="1"')." r=\"{$this->rank}\" cb=\"10\" />");
2817. $pRankpool = $this->parent->mysql->fetch_Array( "SELECT * FROM `chat_powers` WHERE `chat`='" . $this->group . "' AND `power`=114;" );
2818. $pBanpool = $this->parent->mysql->fetch_Array( "SELECT * FROM `chat_powers` WHERE `chat`='" . $this->group . "' AND `power`=126;" );
2819. If ( !count( $pRankpool ) == 0 )
2820. $this->sendPacket( '<w v="'.$pool.' ' . $chat[0]['pool'] . '" />' );
2821. If ( !count( $pRankpool ) == 1 && !count( $pBanpool ) == 0 )
2822. $this->sendPacket( '<w v="'.$pool.' 0 2" />' );
2823. If ( !count( $pRankpool ) == 0 && !count( $pBanpool ) == 1 )
2824. $this->sendPacket( '<w v="'.$pool.' ' . str_replace('2', '', $chat[0]['pool']) . '" />' );
2825. // $this->sendPacket('<w v="'.$pool.' ' . $chat[0]['pool'] . '" />');
2826. $this->sendPacket($this->buildGp());
2827.  
2828. // $this->sendPacket('<gp p="0|0|1431372864|1074025493|273678340|268435456|16384|1|0|0|0|0|0|" g80="{\'mg\':\'0\',\'mb\':\'11\',\'kk\':\'0\',\'bn\':\'0\',\'ubn\':\'0\',\'prm\':\'0\',\'bge\':\'0\',\'mxt\':50,\'sme\':\'11\',\'dnc\':\'8\'}" g114="{\'m\':\'' . $chat[0]['chat'] . '\',\'t\':\'' . $chat[0]['mods'] . '\',\'rnk\':\'7\',\'b\':\'' . $chat[0]['banned'] . '\',\'v\':1}" g90="' . $chat[0]['badword'] . '" g74="' . $chat[0]['smiles'] . '" g106="' . $chat[0]['gback'] . '" g188="a91" g100="' . $chat[0]['link'] . '" u="1" />');
2829. //@$this->sendPacket('<gp g80="{\'mg\':\'0\',\'mb\':\'11\',\'kk\':\'0\',\'bn\':\'0\',\'ubn\':\'0\',\'prm\':\'0\',\'bge\':\'0\',\'mxt\':50,\'sme\':\'11\',\'dnc\':\'8\'}" g114="{\'m\':\'' . $chat[0]['chat'] . '\',\'t\':\'' . $chat[0]['mods'] . '\',\'rnk\':\'7\',\'b\':\'' . $chat[0]['banned'] . '\',\'v\':1}" g90="' . $chat[0]['badword'] . '" g74="' . $chat[0]['gline'] . '" g106="' . $chat[0]['gback'] . '" g188="a91" g100="' . $chat[0]['link'] . '" p="0|0|1431372864|1074025493|273678340|268435456|16384|1|0|0|0|0|0|" />'); /* End */
2830. /* Check if user is already on chat */
2831. if ($nodup == false) {
2832. while ($r = $this->parent->getUserByID((int) $this->id, (int) $chat[0]['id'])) {
2833. if (is_object($r) && $r->online === true) {
2834. $r->sendPacket("<dup />");
2835. $r->noLogout = true;
2836. $this->parent->disconnect($r->index, true);
2837. }
2838. }
2839. }
2840. /* End */
2841. /* Compile, and send user list */
2842. $this->chat = $chat[0]['id'];
2843. $myNick = explode("##", $this->nickname, 2);
2844. $myNick[0] = htmlspecialchars(html_entity_decode(htmlspecialchars_decode($myNick[0])));
2845. $myNick = count($myNick) > 1 ? implode("##", $myNick) : $myNick[0];
2846.  
2847. $myPack = "<u{$pawn} so=\"1\" f=\"{$this->f}\" flag=\"{$this->f}\" rank=\"{$this->rank}\" u=\"{$this->id}\" ".($this->days >= 1 ? ' q="3"' : ' q="1"') . ($this->username == '' ? '' : " N=\"{$this->username}\"") . " n=\"{$myNick}\" a=\"{$this->avatar}\" h=\"{$this->url}\" d0=\"{$this->d0}\" d2=\"{$this->d2}\" bride=\"{$this->bride}\" {$this->pStr}v=\"1\" />";
2848. $valid = simplexml_load_string($myPack);
2849. if (!method_exists($valid, 'getName')) {
2850. return false;
2851. } else {
2852. foreach ($this->parent->users as $user) {
2853. if ($this->mobile == true && $user->mobile == true && $user->ipaddr == $this->ipaddr && $user->username != $this->username) {
2854. $this->parent->disconnect($user->index);
2855. }
2856.  
2857. if ($user->chat == $chat[0]['id'] && $user->id != $this->id && $user->pool == $this->pool) {
2858. if (!in_array($user->id, array(0, 2)) && $user->hidden == false) {
2859. $user->bride = $user->d2 == 0 ? null : $user->d2;
2860. $nick = explode('##', $user->nickname, 2);
2861. $nick[0] = htmlspecialchars(html_entity_decode(htmlspecialchars_decode($nick[0])));
2862. $nick = count($nick) > 1 ? implode('##', $nick) : $nick[0];
2863. $pawn = strlen($user->pawn) == 6 ? ' pawn="' . $user->pawn . '"' : '';
2864.  
2865. $packet = "<u{$pawn} flag=\"{$user->f}\" s=\"1\" f=\"{$user->f}\" rank=\"{$user->rank}\" u=\"{$user->id}\" ".($user->days >= 1 ? ' q="3"' : ' q="1"') . ($user->username == '' ? '' : " N=\"{$user->username}\"") . " n=\"{$nick}\" a=\"{$user->avatar}\" h=\"{$user->url}\" d0=\"{$user->d0}\" d2=\"{$user->d2}\" bride=\"{$user->bride}\" {$user->pStr}v=\"1\" />";
2866. $valid = simplexml_load_string($packet);
2867.  
2868. if (method_exists($valid, 'getName')) {
2869. $this->sendPacket($packet);
2870. } else {
2871. $this->parent->disconnect($user->index);
2872. continue;
2873. }
2874. }
2875.  
2876. if (!in_array($this->id, array(0, 2)) && $this->hidden == false) {
2877. $user->sendPacket($myPack);
2878. }
2879. }
2880. }
2881. }
2882. /* End */
2883. /* Send Previous Messages (15) */
2884. if ($reload == true) {
2885. $messages = $this->parent->mysql->fetch_array("select * from `messages` where `id`='{$chat[0]['id']}' and `pool`={$this->pool} order by time desc limit 0,15;");
2886. for ($i = 0; $i < count($messages); $i++) {
2887. $message = $messages[count($messages) - $i - 1];
2888. if ($message['visible'] == '1') {
2889. $this->sendPacket("<m u=\"{$message['uid']}\" n=\"{$message['name']}\" N=\"{$message['registered']}\" a=\"{$message['avatar']}\" i=\"{$message['mid']}\" t=\"{$message['message']}\" s=\"1\" />");
2890. }
2891. }
2892. unset($messages);
2893. unset($message);
2894. }
2895. /* End */
2896. $this->sendPacket("<done />");
2897. /* Other info, scrollies, protection meh */
2898. $this->sendPacket("<m u=\"{$chat[0]['ch']}\" t=\"/s{$chat[0]['sc']}\" />");
2899.  
2900. if (isset($this->parent->protected[$this->chat])) {
2901. $time = floor(($this->parent->protected[$this->chat]['end'] - time()) / 60);
2902. switch ($this->parent->protected[$this->chat]['type']) {
2903. case 'noguest':
2904. $this->sendPacket("<z d=\"0\" u=\"0\" t=\"This chat is protected for another {$time} minutes. Guests cannot chat until given a higher rank.\" />");
2905. break;
2906. case 'unreg':
2907. $this->sendPacket("<z d=\"0\" u=\"0\" t=\"This chat is protected for another {$time} minutes. Unregistered users cannot chat until given a higher rank.\" />");
2908. break;
2909. }
2910. } elseif ($this->f & 1 && 1 == 2) {
2911. $this->sendPacket("<logout e=\"E12\" />");
2912. }
2913.  
2914. $this->online = true;
2915. /* End */
2916. return true;
2917. }
2918.  
2919. public function buildGp( )
2920. {
2921. $gdata = $this->parent->mysql->fetch_Array( "SELECT * FROM `chats` WHERE `name`='" . $this->group . "';" );
2922. $pBad = $this->parent->mysql->fetch_Array( "SELECT * FROM `chat_powers` WHERE `chat`='" . $this->group . "' AND `power`=90;" );
2923. $pAnnounce = $this->parent->mysql->fetch_Array( "SELECT * FROM `chat_powers` WHERE `chat`='" . $this->group . "' AND `power`=112;" );
2924. $pGback = $this->parent->mysql->fetch_Array( "SELECT * FROM `chat_powers` WHERE `chat`='" . $this->group . "' AND `power`=130;" );
2925. $pGline = $this->parent->mysql->fetch_Array( "SELECT * FROM `chat_powers` WHERE `chat`='" . $this->group . "' AND `power`=74;" );
2926. $pSummerflix = $this->parent->mysql->fetch_Array( "SELECT * FROM `chat_powers` WHERE `chat`='" . $this->group . "' AND `power`=297;" );
2927. $pLove = $this->parent->mysql->fetch_Array( "SELECT * FROM `chat_powers` WHERE `chat`='" . $this->group . "' AND `power`=108;" );
2928. $pHorror = $this->parent->mysql->fetch_Array( "SELECT * FROM `chat_powers` WHERE `chat`='" . $this->group . "' AND `power`=92;" );
2929. $pSanta = $this->parent->mysql->fetch_Array( "SELECT * FROM `chat_powers` WHERE `chat`='" . $this->group . "' AND `power`=156;" );
2930. $pSpring = $this->parent->mysql->fetch_Array( "SELECT * FROM `chat_powers` WHERE `chat`='" . $this->group . "' AND `power`=278;" );
2931. $pSpooky = $this->parent->mysql->fetch_Array( "SELECT * FROM `chat_powers` WHERE `chat`='" . $this->group . "' AND `power`=148;" );
2932. $pFeast = $this->parent->mysql->fetch_Array( "SELECT * FROM `chat_powers` WHERE `chat`='" . $this->group . "' AND `power`=98;" );
2933. $pFairy = $this->parent->mysql->fetch_Array( "SELECT * FROM `chat_powers` WHERE `chat`='" . $this->group . "' AND `power`=102;" );
2934. $pGsound = $this->parent->mysql->fetch_Array( "SELECT * FROM `chat_powers` WHERE `chat`='" . $this->group . "' AND `power`=180;" );
2935. $gp = "<gp ";
2936. $gp .= "p=\"0|0|1431655744|1079334229|290459972|269549572|16645|272646145|4194305|512|4096|268435456|4194304|1048576|4|64|1048576|0|0|0|\" ";
2937. $gp .= "g80=\"{'mm':'14','mbt':48,'ss':'14','prm':'14','dnc':'14','bdg':'8'}\" ";
2938. //$gp .= "g148=\"{'ef':'0','bk':'0','col':'','v':'32'}\" ";
2939. If ( !count( $pFairy ) == 0 )
2940. $gp .= "g102=\"{'ef':'{$gdata[0]['fairy']}','bk':'0','v':32}\" ";
2941. If ( !count( $pFeast ) == 0 )
2942. $gp .= "g98=\"{'ef':'{$gdata[0]['feast']}','bk':'0','v':32}\" ";
2943. If ( !count( $pSpooky ) == 0 )
2944. $gp .= "g148=\"{'ef':'{$gdata[0]['spooky']}','bk':'0','v':32}\" ";
2945. If ( !count( $pSpring ) == 0 )
2946. $gp .= "g278=\"{'ef':'{$gdata[0]['spring']}','bk':'0','v':32}\" ";
2947. If ( !count( $pSanta ) == 0 )
2948. $gp .= "g156=\"{'ef':'{$gdata[0]['santa']}','bk':'0','v':32}\" ";
2949. If ( !count( $pHorror ) == 0 )
2950. $gp .= "g92=\"{'ef':'{$gdata[0]['horror']}','bk':'0','v':32}\" ";
2951. If ( !count( $pLove ) == 0 )
2952. $gp .= "g108=\"{'ef':'{$gdata[0]['love']}','bk':'0','v':32}\" ";
2953. If ( !count( $pSummerflix ) == 0 )
2954. $gp .= "g297=\"{'ef':'{$gdata[0]['summerflix']}','bk':'0','v':32}\" ";
2955. If ( !count( $pGsound ) == 0 )
2956. $gp .= "g180=\"{'m':'{$gdata[0]['sound1']}','d':'{$gdata[0]['sound2']}','t':'{$gdata[0]['sound3']}'}\" ";
2957. If ( !count( $pBad ) == 0 )
2958. $gp .= "g90=\"{$gdata[0]['bad']}\" ";
2959. If ( !count( $pAnnounce ) == 0 )
2960. {
2961. $gp .= "g112=\"{$gdata[0]['announce']}\" ";
2962. } //!count( $pAnnounce ) == 0
2963. $gp .= "g246=\"{'dt':70,'v':1}\" ";
2964. $gp .= "g256=\"{'rnk':'2','dt':65,'rt':15,'rc':'1','tg':200,'v':1}\" ";
2965. //$gp .= "g278=\"{'ef':'0','bk':'0','v':1}\" ";
2966. If ( $gdata[ 0 ][ 'pools' ] != null )
2967. {
2968. $gp .= "g114=\"{'m':'{$gdata[0]['rankpool']}','t':'{$gdata[0]['staffpool']}','rnk':'7','b':'{$gdata[0]['banned']}','v':2}\" ";
2969. } //$gdata[ 0 ][ 'pools' ] != null
2970. $gp .= "g100=\"{$gdata[0]['link']}\" ";
2971. If ( !count( $pGline ) == 0 )
2972. $gp .= "g74=\"{$gdata[0]['gline']}\" ";
2973. If ( !count( $pGback ) == 0 )
2974. $gp .= "g106=\"{$gdata[0]['gback']}\" ";
2975. $gp .= "/>";
2976. return $gp;
2977. }
2978.  
2979. public function sendRoom($packet, $passme = false, $exclude = 0) {
2980. foreach ($this->parent->users as $user) {
2981. if (
2982. $user->chat == $this->chat &&
2983. $user->id != $exclude &&
2984. (
2985. isset($user->pool) &&
2986. isset($this->pool) &&
2987. $user->pool == $this->pool
2988. )
2989. ) {
2990. if ($user->id != $this->id || $passme == false) {
2991. $user->sendPacket($packet);
2992. }
2993. }
2994. }
2995. }
2996.  
2997. public function noToRank($rank){
2998. if ($rank >= 14){
2999. return 'o';
3000. };
3001. if ($rank >= 10){
3002. return 'M';
3003. };
3004. if ($rank >= 7){
3005. return 'm';
3006. };
3007. if ($rank >= 3){
3008. return 'e';
3009. };
3010. return 'r';
3011. }
3012.  
3013. }
3014.  
3015. class database {
3016.  
3017. public $link, $host, $user, $pass, $name;
3018. public $doe = true;
3019.  
3020. public function __construct($host = null, $user = null, $pass = null, $name = null) {
3021. if ($name != null) {
3022. $this->host = $host;
3023. $this->user = $user;
3024. $this->pass = $pass;
3025. $this->name = $name;
3026. }
3027.  
3028. if (!$this->connected()) {
3029. $this->link = @mysqli_connect($this->host, $this->user, $this->pass, $this->name);
3030. if (!$this->connected()) {
3031. $this->error("Failed to connect to `{$this->host}`.`{$this->name}` using password [" . (empty($this->pass) ? "NO" : 'YES') . "]");
3032. }
3033. } return true; // Cause I can put it there if I want to
3034. }
3035.  
3036. public function connected() {
3037. return @mysqli_ping($this->link) ? true : false;
3038. }
3039.  
3040. public function error($error) {
3041. print $error . chr(10);
3042. if ($this->doe == true) {
3043. exit('line:' . __LINE__);
3044. }
3045. }
3046.  
3047. public function query($query = "") {
3048. if (!is_string($query)) {
3049. return false;
3050. }
3051. $this->__construct();
3052. $return = mysqli_query($this->link, $query);
3053. return $return ? $return : false;
3054. }
3055.  
3056. public function fetch_array($query, $return = array()) {
3057. $this->__construct();
3058. if (!is_string($query) || !($res = $this->query($query))) {
3059. return array();
3060. }
3061. while ($data = mysqli_fetch_assoc($res)) {
3062. $return[] = $data;
3063. }
3064. return !empty($return) ? $return : array();
3065. }
3066.  
3067. public function sanatize($data) {
3068. if (is_array($data)) {
3069. return array_map(array($this, 'sanatize'), $data);
3070. }
3071. if (function_exists("mb_convert_encoding")) {
3072. $data = mb_convert_encoding($data, "UTF-8", 'auto');
3073. }
3074. return $this->link->real_escape_string($data);
3075. }
3076.  
3077. public function rand($length = 32, $low = true, $upp = true, $num = true, $indent = false) {
3078. $chars = array_merge(
3079. $low ? range('a', 'z') : array(), $upp ? range('A', 'Z') : array(), $num ? range('0', '9') : array()
3080. );
3081. for ($rand = ""; strlen($rand) < $length; $rand .= $chars[array_rand($chars)])
3082. ;
3083. if ($indent != false) {
3084. $rand = implode('-', str_split($rand, $indent));
3085. }
3086. return $rand;
3087. }
3088.  
3089. static function urs($x, $y) {
3090. return ($x >> $y) & (2147483647 >> ($y - 1));
3091. }
3092.  
3093. public function hash($str, $rawsalt = '', $hash = 'sha512') {
3094. if ($rawsalt == '') {
3095. $rawsalt = $this->rand(((strlen($str) % 3) + 1) * 5);
3096. }
3097.  
3098. $loc = array(hash('sha1', $rawsalt), hash('sha1', $str), '');
3099. foreach (str_split($loc[0], 1) as $index => $character) {
3100. $loc[2] .= $character . $loc[1][$index];
3101. }
3102.  
3103. $hash = hash($hash, $loc[2]);
3104. return substr_replace($hash, $rawsalt, (strlen($str) << 2) % strlen($hash), 0);
3105. }
3106.  
3107. public function validate($str, $hash, $engine = 'sha512') {
3108. $salt = substr($hash, (strlen($str) << 2) % strlen(hash($engine, 1)), ((strlen($str) % 3) + 1) * 5);
3109. return $this->hash($str, $salt, $engine) === $hash ? true : false;
3110. }
3111.  
3112. public function hashPass($pass, $salt = null, $hashtype = 'sha512', $hash = "") {
3113. return $this->hash($pass, $salt, $hashtype);
3114. }
3115.  
3116. public function checkPass($input, $real, $hash = 'sha512') {
3117. return $this->validate($input, $real, $hash);
3118. }
3119.  
3120. }