Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <div id="withinvent" class="scroll"><!--?
- // Security & connect
- include $_SERVER["DOCUMENT_ROOT"] . '/engine/database.php';
- include $_SERVER["DOCUMENT_ROOT"] . '/steamauth/steamauth.php';
- include $_SERVER["DOCUMENT_ROOT"] . '/steamauth/userInfo.php';
- // Order BY Values
- function orderbv($ari) {
- $datas = json_decode($ari, true);
- usort($datas, function($as, $bs) {
- if ($as['price'] == $bs['price'])
- return 0;
- return $as['price'] < $bs['price'] ? 1 : -1;
- });
- $news = json_encode($datas);
- return $news;
- }
- // Order BY Values
- // Check for SQL injection
- function escape_inj($text) {
- $text = strtolower($text); // Go to low text
- if (!strpos($text, "select") && //
- !strpos($text, "union") && //
- !strpos($text, "select") && //
- !strpos($text, "order") && // Searching a BAD word
- !strpos($text, "where") && //
- !strpos($text, "char") && //
- !strpos($text, "from") //
- ) {
- return true; // If all is OK
- } else {
- return false; // If someone try to hack
- }
- }
- // Check for SQL injection
- // Random string
- function generateRandomString($length = 7) {
- $characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
- $charactersLength = strlen($characters);
- $randomString = '';
- for ($i = 0; $i < $length; $i++) {
- $randomString .= $characters[rand(0, $charactersLength - 1)];
- }
- return $randomString;
- }
- // Random string
- // Seconds to time
- function secondsToTime($seconds) {
- $dtF = new \DateTime('@0');
- $dtT = new \DateTime("@$seconds");
- return $dtF--->diff($dtT)->format('%a days, %h hours, %i minutes');
- }
- // Seconds to time
- // Chat list
- function chatlist() {
- $messages = mysql_query("SELECT `username`, `message`, `status` FROM (SELECT * FROM `chat` ORDER BY `id` DESC LIMIT 20) AS `i` ORDER BY `i`.`id` ASC;");
- while ($message = mysql_fetch_array($messages)) {
- if($message['status'] == 1) {
- $adminif = '<div class="admin">Administrator</div>';
- }
- elseif($message['status'] == 2) {
- $adminif = '<div class="moder">Moderator</div>';
- }
- else {
- $adminif = '';
- }
- echo '<div class="short">
- <div class="name">'.$message['username'].''.$adminif.'</div>
- <div class="text">'.strip_tags($message['message']).'</div>
- </div>';
- }
- }
- // Chat list
- // Chat send
- function chatsend($message) {
- global $steamprofile;
- if (empty($message)) {
- echo 4;
- exit();
- }
- if (empty($steamprofile['steamid'])) {
- echo 1;
- exit();
- }
- $main_users_js = mysql_fetch_assoc(mysql_query("SELECT id, ban, username, admin FROM `users` WHERE `steamid` = '" . $steamprofile['steamid'] . "' LIMIT 1"));
- $timing = mysql_fetch_assoc(mysql_query("SELECT time FROM `chat` WHERE `user_id` = '" . $main_users_js['id'] . "' ORDER BY `id` DESC LIMIT 1"));
- if (empty($timing['time'])) {
- $zd = strtotime("-10 minutes");
- } else {
- $zd = $timing['time'] + 7;
- }
- $time = strtotime("now");
- if ($zd > $time) {
- echo 2;
- exit();
- }
- if ($main_users_js['ban'] == 1) {
- echo 3;
- exit();
- }
- mysql_query("INSERT INTO `chat` (`message`,`user_id`,`time`,`username`,`status`) VALUES ('" . (string) mysql_real_escape_string(strip_tags($message)) . "','" . $main_users_js['id'] . "','" . $time . "','" . $main_users_js['username'] . "','" . $main_users_js['admin'] . "')");
- mysql_query("UPDATE `update` SET `status` = '1' WHERE `typegame` = '1'");
- echo 'success';
- }
- // Chat send
- // Rdeposit
- function rdeposit($sum, $coinpart) {
- global $steamprofile;
- global $rmaxbet;
- $sum = $sum;
- if ($sum < 0.1) {
- echo 4;
- exit();
- }
- if (empty($steamprofile['steamid'])) {
- echo 1;
- exit();
- }
- if ($sum > $rmaxbet) {
- echo 2;
- exit();
- }
- $mainjs = mysql_fetch_assoc(mysql_query("SELECT id, balance, avatar, username FROM `users` WHERE `steamid` = '" . $steamprofile['steamid'] . "' LIMIT 1"));
- if ($mainjs['balance'] < $sum) {
- echo 3;
- exit();
- }
- $gameifcan = mysql_fetch_assoc(mysql_query("SELECT time FROM `roulette` ORDER BY `id` DESC LIMIT 1"));
- $butsure = strtotime("now");
- if ($butsure >= $gameifcan['time']) {
- } else {
- echo 6;
- exit();
- }
- if ($coinpart == 1 || $coinpart == 2 || $coinpart == 3) {
- } else {
- echo 5;
- exit();
- }
- $lgame = mysql_fetch_assoc(mysql_query("SELECT id FROM `roulette` ORDER BY `id` DESC LIMIT 1"));
- $lbet = mysql_fetch_assoc(mysql_query("SELECT id, sum FROM `bets` WHERE `user_id` = '" . $mainjs['id'] . "' AND `type` = '" . $coinpart . "' LIMIT 1"));
- if ($lbet['sum'] + $sum > 150) {
- echo 2;
- exit();
- }
- mysql_query("UPDATE `users` SET `balance` = `balance` - '" . $sum . "' WHERE `id` = '" . $mainjs['id'] . "' LIMIT 1");
- if (empty($lbet['sum'])) {
- mysql_query("INSERT INTO `bets` (`game`,`user_id`,`sum`,`type`,`avatar`,`username`) VALUES ('" . $lgame['id'] . "', '" . $mainjs['id'] . "', '" . $sum . "', '" . $coinpart . "', '" . $mainjs['avatar'] . "', '" . $mainjs['username'] . "')");
- } else {
- mysql_query("UPDATE `bets` SET `sum` = `sum` + '" . $sum . "' WHERE `user_id` = '" . $mainjs['id'] . "' AND `type` = '" . $coinpart . "'");
- }
- mysql_query("UPDATE `update` SET `status` = '1' WHERE `typegame` = '2'");
- echo 'Success!';
- }
- // Rdeposit
- // Trade & email
- function tradelink($tradelink, $email) {
- global $steamprofile; // Steam data of player
- // Logged in
- if (empty($steamprofile['steamid'])) {
- echo 1;
- exit();
- }
- // Logged in
- // Trade link
- if (!empty($tradelink)) {
- if (stristr($tradelink, 'https://steamcommunity.com/tradeoffer/new/?partner=') !== FALSE) {
- $url = parse_url(mysql_escape_string($tradelink));
- parse_str($url['query'], $params);
- $value = '[' . json_encode($params) . ']';
- foreach (json_decode($value) as $i) {
- $partner = substr($i->partner, 0, 12);
- $token = substr($i->token, 0, 12);
- }
- if (strlen($partner) > 12 || strlen($token) > 12 || empty($partner) || empty($token)) {
- echo 2;
- exit;
- }
- $link = 'https://steamcommunity.com/tradeoffer/new/?partner=' . $partner . '&token=' . $token . '';
- mysql_query("UPDATE `users` SET `trade_link` = '" . $link . "' WHERE `steamid` = '" . $steamprofile['steamid'] . "'");
- echo 1;
- } else {
- echo 2;
- exit;
- }
- }
- // Trade link
- // Email
- if (!empty($email)) {
- if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
- echo 3;
- exit();
- } else {
- mysql_query("UPDATE `users` SET `email` = '" . $email . "' WHERE `steamid` = '" . $steamprofile['steamid'] . "'");
- }
- }
- // Email
- echo 'Success';
- }
- // Trade & email
- // Transfer balance
- function sendbalance($stb, $tbal) {
- global $steamprofile; // Steam data of player
- // Logged in
- if (empty($steamprofile['steamid'])) {
- echo 1;
- exit();
- }
- // Logged in
- // If empty
- if (empty($stb) || empty($tbal) || ($tbal <= 0)) {
- echo 5;
- exit();
- }
- // Myself
- if ($stb === $steamprofile['steamid']) {
- echo 4;
- exit();
- }
- // If dont exist
- $usersent = mysql_fetch_assoc(mysql_query("SELECT id FROM `users` WHERE `steamid` = '" . $stb . "' LIMIT 1"));
- if (empty($usersent['id'])) {
- echo 3;
- exit();
- }
- // If not enough balance
- $myuser = mysql_fetch_assoc(mysql_query("SELECT balance FROM `users` WHERE `steamid` = '" . $steamprofile['steamid'] . "' LIMIT 1"));
- if ($myuser['balance'] < $tbal) {
- echo 2;
- exit();
- }
- // If all is ok
- mysql_query("UPDATE `users` SET `balance` = `balance` - '" . $tbal . "' WHERE `steamid` = '" . $steamprofile['steamid'] . "' LIMIT 1");
- mysql_query("UPDATE `users` SET `balance` = `balance` + '" . $tbal . "' WHERE `steamid` = '" . $stb . "' LIMIT 1");
- echo 'Success';
- }
- // Transfer balance
- // Inventory of player
- function loadinvent() {
- global $minpriceofdeposititem;
- global $steamprofile; // Steam data of player
- // Logged in
- if (empty($steamprofile['steamid'])) {
- echo 1;
- exit();
- }
- // Logged in
- $brow = mysql_fetch_assoc(mysql_query("SELECT * FROM `inventories` WHERE `steamid` = '" . $steamprofile['steamid'] . "' LIMIT 1"));
- $timenow = strtotime("+15 minutes"); // Time
- $timenow1 = strtotime("now"); //
- mysql_query("DELETE FROM `inventories` WHERE `time` < '" . $timenow1 . "'");
- // Proxies
- if (empty($brow['id']) || ($timenow1 > $brow['time']) || empty($brow['inventory'])) {
- $onlinezs = mysql_fetch_array(mysql_query("SELECT COUNT(DISTINCT id) FROM proxies"));
- $midz = mt_rand(1, $onlinezs[0]); // Getting random bot
- $proxi = mysql_fetch_assoc(mysql_query("SELECT * FROM `proxies` WHERE `id` = '" . $midz . "' LIMIT 1"));
- $proxy_ip = $proxi['ip'];
- $proxy_login = $proxi['login'];
- $proxy_password = $proxi['password'];
- $auth = base64_encode("$proxy_login:$proxy_password");
- $aContext = array(
- 'http' => array(
- 'proxy' => "$proxy_ip",
- 'request_fulluri' => true,
- 'header' => "Proxy-Authorization: Basic $auth"
- )
- );
- $cxContext = stream_context_create($aContext);
- // Proxies
- $content = file_get_contents("http://steamcommunity.com/profiles/" . $steamprofile['steamid'] . "/inventory/json/730/2?l=en", False, $cxContext);
- $content = str_replace("`", "", $content);
- $content = str_replace("'", "", $content);
- if (empty($brow['id'])) {
- mysql_query("INSERT INTO `inventories` (`inventory`,`steamid`, `time`) VALUES ('" . mysql_real_escape_string($content) . "','" . $steamprofile['steamid'] . "','" . $timenow . "')");
- } else {
- mysql_query("UPDATE `inventories` SET `inventory` = '" . mysql_real_escape_string($content) . "', `time` = '" . $timenow . "' WHERE `steamid` = '" . $steamprofile['steamid'] . "'");
- }
- $result = json_decode($content); // Decodify
- } else {
- $result = json_decode($brow['inventory']);
- }
- // Inventory data
- // From DB
- if ($result->success !== true) { // Verify for an success request
- myinventory($zm);
- exit;
- }
- // JSONify
- $items = '';
- foreach ($result->rgInventory AS $report) {
- $check = 'count-' . $report->classid . '';
- if (empty($$check)) {
- $items .= '{"id":"' . $report->id . '","classid":"' . $report->classid . '"},';
- $$check = 1;
- } else {
- $$check = $$check + 1;
- }
- }
- $items = '[' . $items . ']';
- $items = str_replace("},]", "}]", $items);
- // JSONify
- // Get description of every item
- $allitem = '';
- foreach (json_decode($items) as $evitem) {
- foreach ($result->rgDescriptions AS $desc) {
- if ($evitem->classid == $desc->classid) {
- $priceindb = 0;
- $count = 'count-' . $desc->classid . '';
- $giro = $desc->market_hash_name;
- $newname = str_replace("'", "", $giro);
- $newname = str_replace("`", "", $newname);
- preg_match('/\((.+)\)/', $newname, $quality);
- $thequa = $quality[1];
- $price = mysql_fetch_assoc(mysql_query("SELECT price FROM `items_csgo` WHERE `name_en` = '" . (string)mysql_real_escape_string($desc->market_hash_name) . "' LIMIT 1"));
- $newname = str_replace("(".$thequa.")", "", $newname);
- if ($price['price'] < $minpriceofdeposititem) {
- $priceindb = 0;
- } else {
- $priceindb = $price['price'];
- }
- if ($desc->tradable == 1) {
- $allitem .= '{"market_hash_name":"' . $newname . '","classid":"' . $desc->classid . '","id":"' . $evitem->id . '","price":"' . $priceindb . '","count":"' . $$count . '", "quality":"' . $thequa . '", "tradable":"' . $desc->tradable . '"},';
- }
- break;
- }
- }
- }
- $allitem = '[' . $allitem . ']';
- $allitem = str_replace("},]", "}]", $allitem);
- // Get description of every item
- $news = orderbv($allitem);
- // Show items
- foreach (json_decode($news) as $showit) {
- if($showit->price <= 0) {
- $text = 'Junk';
- $onc = '';
- }
- else {
- $text = round($showit->price -($showit->price * 0.1),2);
- $onc = 'selectitem('.$showit->id.')';
- }
- echo '<div class="item">
- <div onclick="'.$onc.'" class="inner" id="'.$showit->id.'">
- <ul>
- <li>'.$showit->market_hash_name.'</li>
- <li>'.$showit->quality.'</li>
- </ul>
- <div class="pic"><img src="http://steamcommunity-a.akamaihd.net/economy/image/class/730/'.$showit->classid.'/200fx200f.png"></div>
- <div class="price"><div class="coin_icon"></div>'.$text.'</div>
- </div>
- </div>';
- }
- // Show items
- }
- // Inventory of player
- // Force refresh
- function forcerefresh() {
- global $steamprofile; // Steam data of player
- // Logged in
- if (empty($steamprofile['steamid'])) {
- echo 1;
- exit();
- }
- // Logged in
- mysql_query("DELETE FROM `inventories` WHERE `stemaid` = '".$steamprofile['steamid']."'");
- loadinvent();
- }
- // Force refresh
- // Deposit to jackpot
- function deposititem($playerpart) {
- global $minpriceofdeposititem;
- global $steamprofile;
- global $countmaxi;
- // Logged in
- if (empty($steamprofile['steamid'])) {
- echo 1;
- exit();
- }
- // Logged in
- // SQL injection
- if (!escape_inj($playerpart)) {
- echo 2;
- exit();
- }
- // SQL injection
- // Empty result
- if (empty($playerpart)) {
- echo 3;
- exit();
- }
- // Empty result
- // Trade-link
- $tradelink = mysql_fetch_assoc(mysql_query("SELECT id, steamid, trade_link FROM `users` WHERE `steamid` = '" . $steamprofile['steamid'] . "' LIMIT 1"));
- if (empty($tradelink['trade_link'])) {
- echo 4;
- exit();
- }
- // Trade-link
- // Simple JSON
- $playerpart = '[' . $playerpart . ']';
- $playerpart = str_replace("},]", "}]", $playerpart);
- // Simple JSON
- // Get your inventory
- // Proxies
- $brow = mysql_fetch_assoc(mysql_query("SELECT * FROM `inventories` WHERE `steamid` = '" . $steamprofile['steamid'] . "' LIMIT 1"));
- $content = json_decode($brow['inventory']);
- if ($content->success !== true) {
- echo 5;
- exit();
- }
- // Get your inventory
- // Anti-spam
- $lprize = mysql_fetch_assoc(mysql_query("SELECT time, status FROM `prize` WHERE `steamid` = '" . $steamprofile['steamid'] . "' ORDER BY `id` DESC LIMIT 1"));
- $timec = strtotime("now"); // Time
- if ($timec >= $lprize['time']) {
- } else {
- if ($lprize['status'] == 2 || $lprize['status'] == 3) {
- } else {
- echo 9;
- exit();
- }
- }
- // Anti-spam
- $steaminventory = '';
- // Building Steam Inventory
- foreach ($content->rgInventory AS $report) {
- $steaminventory .= '{"id":"' . $report->id . '", "classid":"' . $report->classid . '"},';
- }
- $steaminventory = '[' . $steaminventory . ']';
- $steaminventory = str_replace("},]", "}]", $steaminventory);
- // Building Steam Inventory
- // Verify Profile Items & Steam Items
- $cart = json_decode($steaminventory, true);
- foreach (json_decode($playerpart) as $vsv) {
- // Search in array
- $value = $vsv->id;
- foreach ($cart as $i => $v) {
- if ($v['id'] == $value) {
- unset($cart[$i]);
- $value = 'enough';
- foreach ($content->rgDescriptions AS $item) {
- if ($v['classid'] == $item->classid) {
- $marketname = $item->market_hash_name;
- $tradable = '' . $item->tradable . '';
- break;
- }
- } // Get Market_Hash_Name
- $hisitemnow .= '{"id":"' . $v['id'] . '", "classid":"' . $v['classid'] . '", "market_hash_name":"' . $marketname . '", "tradable":"' . $tradable . '"},';
- }
- }
- // Search in array
- }
- $hisitemnow = '[' . $hisitemnow . ']';
- $hisitemnow = str_replace("},]", "}]", $hisitemnow);
- // Verify Profile Items & Steam Items
- // Verify if items is enough
- if ((count(json_decode($hisitemnow))) == (count(json_decode($playerpart))) && (count(json_decode($hisitemnow))) > 0) {
- $totalsum = 0;
- $ccz = 0;
- foreach (json_decode($hisitemnow) as $pricezero) {
- $giro = $pricezero->market_hash_name;
- $newname = str_replace("'", "", $giro);
- $newname = str_replace("`", "", $newname);
- $price = mysql_fetch_assoc(mysql_query("SELECT price FROM `items_csgo` WHERE `name_en` = '" . $newname . "' LIMIT 1"));
- $totalsum = $totalsum + $price['price'];
- if ($price['price'] < $minpriceofdeposititem || $pricezero->tradable == 0) {
- $priceindb = 0;
- } else {
- $priceindb = $price['price'];
- }
- if (($priceindb == 0) || empty($priceindb)) {
- echo 7;
- exit();
- }
- $ccz = $ccz + 1;
- }
- if ($ccz > $countmaxi) {
- echo 8;
- exit();
- }
- $timenow = strtotime("+15 minutes"); // Time
- $online = mysql_fetch_array(mysql_query("SELECT COUNT(DISTINCT id) FROM bots WHERE `type` = '0'"));
- $mid = mt_rand(1, $online[0]); // Getting random bot
- $rsec = generateRandomString();
- $hisitemnow = str_replace("'", "", $hisitemnow);
- $hisitemnow = str_replace("`", "", $hisitemnow);
- mysql_query("INSERT INTO `prize` (`securitycode`,`status`, `items`, `token`, `steamid`, `bot_num`, `totalprice`, `value`, `time`, `typic`) VALUES ('" . $rsec . "','0','" . $hisitemnow . "','" . $tradelink['trade_link'] . "','" . $tradelink['steamid'] . "','" . $mid . "','" . $totalsum . "','1', '" . $timenow . "', '" . $getgame . "')");
- echo 'success';
- } else {
- echo 6;
- exit();
- }
- // Verify if items is enough
- // Success
- echo 'Success';
- }
- // Deposit to jackpot
- // Withdraw inventory
- function withinvent() {
- global $steamprofile; // Steam data of player
- // Logged in
- if (empty($steamprofile['steamid'])) {
- echo 1;
- exit();
- }
- // Logged in
- // From DB
- $result = '';
- $brow = mysql_query("SELECT id, item, time FROM `shop` WHERE `time` = '0' ORDER BY `price` DESC");
- while ($bg = mysql_fetch_array($brow)) {
- $vm = str_replace("}", "", $bg['item']);
- $result .= '' . $vm . ',"id":' . $bg['id'] . ',"timeme":' . $bg['time'] . '},';
- }
- $result = '[' . $result . ']';
- $result = str_replace("},]", "}]", $result);
- // From DB
- $allitem = '';
- foreach (json_decode($result) as $pricecheck) {
- $giro = $pricecheck->market_hash_name;
- $newname = str_replace("'", "", $giro);
- $newname = str_replace("`", "", $newname);
- preg_match('/\((.+)\)/', $newname, $quality);
- $thequa = $quality[1];
- $price = mysql_fetch_assoc(mysql_query("SELECT price FROM `items_csgo` WHERE `name_en` = '" . (string)mysql_real_escape_string($pricecheck->market_hash_name) . "' LIMIT 1"));
- $newname = str_replace("(".$thequa.")", "", $newname);
- $priceindb = $price['price'];
- $allitem .= '{"market_hash_name":"' . $newname . '","id":"' . $pricecheck->id . '","classid":"' . $pricecheck->classid . '","quality": "'.$thequa.'","price":"' . $priceindb . '", "icon_url":"' . $pricecheck->icon_url . '", "timeme":"' . $pricecheck->timeme . '"},';
- }
- $allitem = '[' . $allitem . ']';
- $allitem = str_replace("},]", "}]", $allitem);
- $news = orderbv($allitem);
- // Show Them
- foreach (json_decode($news) as $showit) {
- echo '<div class="item">
- <div onclick="selectitem('.$showit->id.')" class="inner" id="'.$showit->id.'">
- <ul>
- <li>'.$showit->market_hash_name.'</li>
- <li>'.$showit->quality.'</li>
- </ul>
- <div class="pic"><img src="http://steamcommunity-a.akamaihd.net/economy/image/class/730/'.$showit->classid.'/200fx200f.png"></div>
- <div class="price"><div class="coin_icon"></div>'.$showit->price.'</div>
- </div>
- </div>';
- }
- // Show Them
- }
- // Withdraw inventory
- // Withdraw items
- function withdrawitem($sitems) {
- global $steamprofile; // Steam data of player
- global $countmaxi;
- // Logged in
- if (empty($steamprofile['steamid'])) {
- echo 1;
- exit();
- }
- // Logged in
- // SQL injection
- if (!escape_inj($sitems)) {
- echo 2;
- exit();
- }
- // SQL injection
- // Empty result
- if (empty($sitems)) {
- echo 3;
- exit();
- }
- // Empty result
- // Trade-link
- $tradelink = mysql_fetch_assoc(mysql_query("SELECT id,trade_link,steamid,balance FROM `users` WHERE `steamid` = '" . $steamprofile['steamid'] . "' LIMIT 1"));
- if (empty($tradelink['trade_link'])) {
- echo 4;
- exit();
- }
- // Trade-link
- $newsi = '[' . $sitems . ']';
- $newsi = str_replace("},]", "}]", $newsi);
- $newf = '';
- foreach (json_decode($newsi) as $im) {
- $imshop = mysql_fetch_assoc(mysql_query("SELECT item, market_hash_name,price FROM `shop` WHERE `id` = '" . $im->id . "' LIMIT 1"));
- $price = mysql_fetch_assoc(mysql_query("SELECT price FROM `items_csgo` WHERE `name_en` = '".(string)mysql_real_escape_string($imshop['market_hash_name'])."' LIMIT 1"));
- if (empty($imshop['item'])) {
- echo 5;
- exit();
- }
- if($imshop['price'] <= 0) {
- echo 6;
- exit();
- }
- $newf .= '' . $imshop['item'] . ',';
- $tprice = $tprice + $imshop['price'];
- $tcount = $tcount + 1;
- }
- $newf = '[' . $newf . ']';
- $newf = str_replace("},]", "}]", $newf);
- $hzitem = '';
- if($tprice > $tradelink['balance']) {
- echo 7;
- exit();
- }
- if ($tcount > $countmaxi) {
- echo 8;
- exit();
- }
- mysql_query("UPDATE `users` SET `balance` = `balance` - '".$tprice."' WHERE `steamid` = '".$steamprofile['steamid']."' LIMIT 1");
- foreach (json_decode($newf) as $gom) {
- $hzitem .= '{"id":"' . $gom->assetid . '", "classid":"' . $gom->classid . '", "market_hash_name":"' . $gom->name . '"},';
- mysql_query("UPDATE `shop` SET `time` = '1' WHERE `assetid` = '".$gom->assetid ."'");
- }
- $hzitem = '[' . $hzitem . ']';
- $hzitem = str_replace("},]", "}]", $hzitem);
- $timenow = strtotime("+15 minutes"); // Time
- $online = mysql_fetch_array(mysql_query("SELECT COUNT(DISTINCT id) FROM bots"));
- $mid = mt_rand(1, $online[0]); // Getting random bot
- $rsec = generateRandomString();
- $hzitem = str_replace("'", "", $hzitem);
- $hzitem = str_replace("`", "", $hzitem);
- mysql_query("INSERT INTO `prize` (`securitycode`,`status`, `items`, `token`, `steamid`, `bot_num`, `totalprice`, `value`, `time`) VALUES ('" . $rsec . "','0','" . $hzitem . "','" . $tradelink['trade_link'] . "','" . $tradelink['steamid'] . "','" . $mid . "','".$tprice."','2', '" . $timenow . "')");
- echo 'Success';
- }
- // Withdraw items
- // Join jackpot
- function joinjackpot($sum) {
- global $steamprofile; // Steam data of player
- global $minbetjackpot; // Min bet
- // Logged in
- if (empty($steamprofile['steamid'])) {
- echo 1;
- exit();
- }
- // Logged in
- // 0 bet
- if ($sum == 0) {
- echo 3;
- exit();
- }
- // 0 bet
- // Min bet
- if ($minbetjackpot > $sum) {
- echo 4;
- exit();
- }
- // Min bet
- // User balance
- $userbalance = mysql_fetch_assoc(mysql_query("SELECT id, balance, username, avatar FROM `users` WHERE `steamid` = '".$steamprofile['steamid']."' LIMIT 1"));
- if ($sum > $userbalance['balance']) {
- echo 2;
- exit();
- }
- // User balance
- mysql_query("UPDATE `users` SET `balance` = `balance` - '".$sum."' LIMIT 1");
- $lastid = mysql_fetch_assoc(mysql_query("SELECT id FROM `jackpot` ORDER BY `id` DESC LIMIT 1"));
- // GET TICKET
- $lastticket = mysql_fetch_assoc(mysql_query("SELECT tt FROM `bets2` WHERE `game` = '".$lastid['id']."' ORDER BY `id` DESC LIMIT 1"));
- $newticket = $lastticket['tt'] + 1;
- $toticket = $newticket + ($sum * 100);
- // GET TICKET
- mysql_query("INSERT INTO `bets2` (`game`, `user_id`, `sum`, `username`, `avatar`, `ff`, `tt`) VALUES ('".$lastid['id']."', '".$userbalance['id']."', '".$sum."', '".$userbalance['username']."', '".$userbalance['avatar']."', '".$newticket."', '".$toticket."')");
- mysql_query("UPDATE `jackpot` SET `count` = `count` + 1, `sum` = `sum` + '".$sum."' WHERE `id` = '".$lastid['id']."'");
- mysql_query("UPDATE `update` SET `status` = '1' WHERE `typegame` = '4'");
- }
- // Join jackpot
- // Coinflip
- function coinflip($sumdeposit, $coinpartit) {
- global $steamprofile;
- global $mincoinflip;
- $profile = mysql_fetch_assoc(mysql_query("SELECT id, balance FROM `users` WHERE `steamid` = '" . $steamprofile['steamid'] . "' LIMIT 1"));
- $mybalance = $profile['balance'];
- if ($sumdeposit < 0.1) {
- echo 5;
- exit();
- }
- if (($coinpartit != 1) && ($coinpartit != 2)) {
- echo 3;
- exit;
- }
- if (empty($steamprofile['steamid'])) {
- echo 1;
- exit;
- }
- if (($sumdeposit > $mybalance) || !is_numeric($sumdeposit) || ($sumdeposit < $mincoinflip)) {
- echo 2;
- exit;
- }
- $userbets = mysql_fetch_array(mysql_query("SELECT COUNT(id) FROM `coinflip` WHERE `user_1` = '" . $steamprofile['steamid'] . "' and `user_2` = '0' LIMIT 5"));
- if($userbets[0] >= 5) { echo 4; exit; }
- mysql_query("UPDATE `users` SET `balance` = `balance` - " . $sumdeposit . " WHERE `id` = '" . $profile['id'] . "'");
- $rand_number = "0." . mt_rand(100000000, 999999999) . mt_rand(100000000, 999999999);
- $timenow = strtotime("+7 day");
- mysql_query("INSERT INTO `coinflip` (`user_1`, `user_2`, `sum`, `rand_number`, `coinpart`, `time`) VALUES ('" . $steamprofile['steamid'] . "', '0', '" . $sumdeposit . "', '" . $rand_number . "', '" . $coinpartit . "', '".$timenow."')");
- mysql_query("UPDATE `update` SET `status` = '1' WHERE `typegame` = '3'");
- }
- // Coinflip
- // Join coinflip
- function joincoinflip($gamenumber) {
- global $steamprofile;
- global $coef;
- // Select join profile
- $profile = mysql_fetch_assoc(mysql_query("SELECT id, balance FROM `users` WHERE `steamid` = '" . $steamprofile['steamid'] . "' LIMIT 1"));
- if (empty($steamprofile['steamid'])) {
- echo 1;
- exit;
- }
- // Select join profile
- // Get balance & game
- $coinflip = mysql_fetch_assoc(mysql_query("SELECT id, sum, user_2, user_1, rand_number, coinpart FROM `coinflip` WHERE `id` = '" . $gamenumber . "' LIMIT 1"));
- if ($coinflip['sum'] > $profile['balance']) {
- echo 2;
- exit;
- }
- if ($coinflip['user_2'] != 0 || $steamprofile['steamid'] === $coinflip['user_1']) {
- echo 3;
- exit;
- }
- // Get balance & game
- // Update balance
- $balancefirst = mysql_fetch_assoc(mysql_query("SELECT balance, bankwin FROM `users` WHERE `steamid` = '" . $coinflip['user_1'] . "' LIMIT 1"));
- mysql_query("UPDATE `users` SET `balance` = `balance` - " . $coinflip['sum'] . " WHERE `id` = '" . $profile['id'] . "'");
- // Update balance
- $date1 = date('Y-m-d');
- $timethis = strtotime("now") + 10;
- mysql_query("UPDATE `coinflip` SET `user_2` = '" . $steamprofile['steamid'] . "', `status` = '1', `time` = '" . $timethis . "' WHERE `id` = '" . $coinflip['id'] . "'");
- mysql_query("UPDATE `update` SET `status` = '1' WHERE `typegame` = '3'");
- echo 'Success';
- }
- // Join coinflip
- // Choose function
- $func = $_GET['function'];
- switch ($func) {
- default:
- break;
- case "chatsend":
- chatsend($_POST['chatmessage']);
- break;
- case "tradelink":
- tradelink($_POST['tradelink'], $_POST['email']);
- break;
- case "sendbalance":
- sendbalance(intval($_POST['steamid64']), floatval($_POST['tamount']));
- break;
- case "rdeposit":
- rdeposit(floatval($_POST['sum']), intval($_POST['coin']));
- break;
- case "loadinvent":
- loadinvent();
- break;
- case "chatlist":
- chatlist();
- break;
- case "forcerefresh":
- forcerefresh();
- break;
- case "withinvent":
- withinvent();
- break;
- case "deposititem":
- deposititem($_POST['itemselected']);
- break;
- case "withdrawitem":
- withdrawitem($_POST['itemselected']);
- break;
- case "joinjackpot":
- joinjackpot(floatval($_POST['sum']));
- break;
- case "coinflip":
- coinflip(floatval($_POST['sum']), intval($_POST['coinpart']));
- break;
- case "joincoinflip":
- joincoinflip(intval($_POST['game']));
- break;
- }
- // Choose function
- ?></div>
Add Comment
Please, Sign In to add comment