API tools faq
paste
Advertisement
decript

Untitled

decript
Jun 30th, 2016
168
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 29.87 KB | None | 0 0
raw download clone embed print report
  1. clean($string) //sanitizes a specified string (result is only char/num)
  2. loggedIn() //checks if $_SESSION['id'] exists
  3. cleanIP($string) //cleans user ipv4, keeps periods
  4. isntBlank($string) //verifies that a string isn't blank
  5. metaRedirect($url) //simple print meta redirect function
  6. errorLog($string) //logs error to /logging/errors.log
  7. requestLog($string) //logs request to /logging/requests.log
  8. pageLog($string) //logs request to /logging/pages.log
  9. safeInclude($path) //argument is full path, safely includes file (doesnt check permissions)
  10. permissionCheck($page) //checks permissions for a specific page (e.x. "login")
  11. verifyUsernameLength($username) //verifies that a username fits criteria
  12. generateIP() //generate an IP for user registration
  13. verifyIP($ip) //verify generated IP isn't taken
  14. login($username, $password) //login user
  15. register($username, $password) //register user
  16. registerServers($id, $username) //register a users servers
  17. purchaseServer($itemID, $userID) //purchase servers
  18. wipeServers($id) //wipe a users servers back to default
  19. wipeBalance($id) //resets a players balance
  20. powerCheck($id) //returns a users total power level
  21. getBalance($id) //pulls a users total balance
  22. freeR1...R4($id) //gives a user a R1/R2/R3/R4 variant on function
  23. payUser($id, $amount) //server will pay a user a specific amount
  24. crackHash($hash) //begin cracking a hash
  25. checkHashing($id) //checks if a user is currently cracking a hash
  26. checkHashComplete($id) //checks if a user has finished his old task
  27. checkTimeLeft($id) //returns time left to break hash
  28. checkHashName($id) //pulls the hash string and returns itemID
  29.  
  30. <?php
  31.  
  32. require("settings.php");
  33.  
  34. //standard cleaning function for full string entries
  35. function clean($string){
  36. return preg_quote(htmlentities(mysql_real_escape_string($string)));
  37. }
  38.  
  39. //determine whether or not a user is logged in
  40. function loggedIn(){
  41. return isset($_SESSION['id']);
  42. }
  43.  
  44. //secondary clean function specifically for ip addresses
  45. function cleanIP($string){
  46. return mysql_escape_string($string);
  47. }
  48.  
  49. //function to verify string length is greater than 1
  50. function isntBlank($string){
  51. if((strlen($string) > 0) && (trim($string) != '')){
  52. return True;
  53. } else {
  54. return False;
  55. }
  56. }
  57.  
  58. //meta redirect function for easy of user
  59. function metaRedirect($url){
  60. print "<META http-equiv='refresh' content='0;URL=".$url."'>";
  61. }
  62.  
  63. //function to log errors to error.log located in the /inc/ folder
  64. function errorLog($string){
  65. $date = date_create(); $ip = $_SERVER['REMOTE_ADDR'];
  66. $timestamp = $date->getTimestamp();
  67. $myfile = fopen("./logging/error.log", "a") or die("Directory misconfigured or improper permissions!");
  68. fwrite($myfile, $ip.", ".$timestamp.", ".$string."\r\n");
  69. fclose($myfile);
  70. return True;
  71. }
  72.  
  73. //function to log requests that were successful
  74. function requestLog($string){
  75. $date = date_create(); $ip = $_SERVER['REMOTE_ADDR'];
  76. $timestamp = $date->getTimestamp();
  77. $myfile = fopen("./logging/requests.log", "a") or die("Directory misconfigured or improper permissions!");
  78. fwrite($myfile, $ip.", ".$timestamp.", ".$string."\r\n");
  79. fclose($myfile);
  80. return True;
  81. }
  82.  
  83. //function to log page requests
  84. function pageLog($string){
  85. $date = date_create(); $ip = $_SERVER['REMOTE_ADDR'];
  86. $timestamp = $date->getTimestamp();
  87. $myfile = fopen("./logging/pages.log", "a") or die("Directory misconfigured or improper permissions!");
  88. fwrite($myfile, $ip.", ".$timestamp.", ".$string."\r\n");
  89. fclose($myfile);
  90. return True;
  91. }
  92.  
  93. //safely include a page
  94. function safeInclude($path){
  95. if(file_exists($path)){
  96. include_once($path);
  97. $pageLog = "User successfully included the file located at '".$path."'.";
  98. pageLog($pageLog);
  99. return True;
  100. } else {
  101. if(file_exists("./pages/404.php")){
  102. include_once("./pages/404.php");
  103. $pageLog = "The backend was unable to locate the '".$path."' file. Please verify this file existsion and the request is legitimate.";
  104. pageLog($pageLog);
  105. return False;
  106. } else {
  107. $pageLog = "The backend was unable to locate the '/pages/404.php' file in excess to the '".$path."' file. Please verify this file extension and the request is legitimate.";
  108. pageLog($pageLog);
  109. return False;
  110. }
  111. }
  112. }
  113.  
  114. //check users permission for including files
  115. function permissionCheck($includePage){
  116. $includePage = clean($includePage);
  117. #=== CONFIGURABLE ===
  118. $guestPages = array("login", "register", "landing");
  119. $memberPages = array("home", "panel", "hack", "logout");
  120. #=== CONFIGURABLE ===
  121. $realPages = array_merge($guestPages, $memberPages);
  122. if(in_array($includePage, $realPages)){
  123. if(in_array($includePage, $guestPages) && loggedin()){ #check if member is trying to view guest only page
  124. metaRedirect("?page=home");
  125. $devError = "User attempted to include guest-only page while logged in.";
  126. errorLog($devError);
  127. return False;
  128. } elseif(in_array($includePage, $memberPages) && !loggedin()) { #check if guest is trying to view member only page
  129. metaRedirect("?page=login");
  130. $devError = "Guest attempted to include member-only page while logged out.";
  131. errorLog($devError);
  132. return False;
  133. } else {
  134. if(in_array($includePage, $guestPages) && !loggedin() or in_array($includePage, $memberPages) && loggedin()){ #validate request
  135. return True;
  136. }
  137. }
  138. } else {
  139. metaRedirect("?page=login");
  140. $devError = "Guest attempted to view a custom page that doesn't exist.";
  141. errorLog($devError);
  142. return False;
  143. }
  144. }
  145.  
  146. //verify username length for registration or other use
  147. function verifyUsernameLength($dirtyUsername){
  148. $username = clean($dirtyUsername);
  149. #=== CONFIGURABLE ===
  150. $minUsernameLength = 1;
  151. $maxUsernameLength = 10;
  152. #=== CONFIGURABLE ===
  153. if(isntBlank($username)){
  154. if($dirtyUsername == $username){
  155. if(strlen($username) < $maxUsernameLength && strlen($username) > $minUsernameLength){
  156. return True;
  157. } else {
  158. return False;
  159. }
  160. }
  161. }
  162. }
  163.  
  164. //function to generate IP
  165. function generateIP(){
  166. #=== CONFIGURABLE ===
  167. $firstBlock = rand(100,300);
  168. $secondBlock = rand(10,100);
  169. $thirdBlock = rand(10, 100);
  170. $fourthBlock = rand(1,100);
  171. #=== CONFIGURABLE ===
  172. $fullIP = $firstBlock.".".$secondBlock.".".$thirdBlock.".".$fourthBlock;
  173. if(verifyIP($fullIP)){ #call function verify ip to make sure it doesn't already exist in the database
  174. return $fullIP;
  175. } else {
  176. generateIP();
  177. }
  178. }
  179.  
  180. //function to verify ip address
  181. function verifyIP($dirtyIP){
  182. $ip = cleanIP($dirtyIP);
  183. if($dirtyIP == $ip && isntBlank($ip)){
  184. $query = mysql_query("SELECT * FROM `users` WHERE ipv4='$ip'");
  185. $numResults = mysql_num_rows($query);
  186. switch($numResults){
  187. case 0:
  188. return True;
  189. break;
  190. case 1:
  191. return False;
  192. break;
  193. }
  194. }
  195. }
  196.  
  197. //login function through login.php
  198. function login($dirtyUsername, $dirtyPassword){
  199. $username = clean($dirtyUsername);
  200. $password = hash('sha256', $dirtyPassword);
  201. if($username == $dirtyUsername){
  202. if(isntBlank($username) && (isntBlank($password))){
  203. if(verifyUsernameLength($username)){
  204. $query = mysql_query("SELECT * FROM `users` WHERE username='$username' AND password='$password'");
  205. $numResults = mysql_num_rows($query);
  206. switch($numResults){
  207. case 0: #zero results found - unsuccessful login
  208. $devError = "'".$username."' entered an incorrect username or password.";
  209. errorLog($devError);
  210. return False;
  211. break;
  212. case 1: #only one result found - successful login
  213. $fetch = mysql_fetch_array($query);
  214. $_SESSION['id'] = $fetch['id']; $_SESSION['username'] = $fetch['username']; $_SESSION['ipv4'] = $fetch['ipv4']; $_SESSION['ip'] = $fetch['ip']; $_SESSION['level'] = $fetch['level'];
  215. metaRedirect("?page=home");
  216. $requestLog = "'".$username."' has logged in successfully.";
  217. requestLog($requestLog);
  218. return True;
  219. break;
  220. case True: #more than one user exists
  221. if($numResults > 1){
  222. $query = mysql_query("DELETE FROM `users` WHERE username='$username' AND password='$password'");
  223. $devError = "'".$username."' logged in successfully but the selection query returned more than one result: deleting all profiles.";
  224. errorLog($devError);
  225. return False;
  226. }
  227. break;
  228. }
  229. } else {
  230. $devError = "Guest attempted to submit an username outside the length range.";
  231. errorLog($devError);
  232. return False;
  233. }
  234. } else {
  235. $devError = "'".$username."' attempted to login without supplying long enough input.";
  236. errorLog($devError);
  237. return False;
  238. }
  239. } else {
  240. $devError = "'".$username."' [probably] supplied illegal characters for their username.";
  241. errorLog($devError);
  242. return False;
  243. }
  244. }
  245.  
  246. //register function through register.php
  247. function register($dirtyUsername, $dirtyPassword){
  248. $username = clean($dirtyUsername);
  249. $password = hash('sha256', $dirtyPassword);
  250. $ip = $_SERVER['REMOTE_ADDR'];
  251. if($username == $dirtyUsername){
  252. if(isntBlank($username) && isntBlank($password)){
  253. $query = mysql_query("SELECT * FROM `users` WHERE username='$username'");
  254. $numResults = mysql_num_rows($query);
  255. switch($numResults){
  256. case 0: #username has not been taken
  257. $ipv4 = generateIP();
  258. $query = mysql_query("INSERT INTO `users`(`username`, `password`, `ip`, `ipv4`) VALUES ('$username', '$password', '$ip', '$ipv4')"); #entry into DB
  259. $query = mysql_query("SELECT `id` FROM `users` WHERE username='$username' AND password='$password'"); #pull ID from entry
  260. $fetch = mysql_fetch_array($query); $id = $fetch['id'];
  261. registerServers($id, $username);
  262. login($dirtyUsername, $dirtyPassword);
  263. $requestLog = "'".$username."' has registered successfully.";
  264. requestLog($requestLog);
  265. return True;
  266. break;
  267. case 1: #username has been taken
  268. $devError = "User attempted to register with the username '".$username."' while that username has already been taken. Request denied.";
  269. errorLog($devError);
  270. return False;
  271. break;
  272. }
  273. } else {
  274. $devError = "'".$username."' attempted to register while supplying empty fields. ";
  275. errorLog($devError);
  276. return False;
  277. }
  278. } else {
  279. $devError = "'".$username."' attempted to register while supplying dangerous input.";
  280. errorLog($devError);
  281. return False;
  282. }
  283. }
  284.  
  285. function registerServers($id, $username){
  286. $query = mysql_query("SELECT * FROM `servers` WHERE `uid`='$id'");
  287. $numResults = mysql_fetch_array($query);
  288. switch($numResults){
  289. case 0:
  290. $query = mysql_query("INSERT INTO servers(`uid`, `username`) VALUES ('$id', '$username')");
  291. $requestLog = "'".$id."' has registered their servers successfully.";
  292. requestLog($requestLog);
  293. return True;
  294. break;
  295. case 1:
  296. $devError = "'".$id."' has attempted to register servers even though an entry in the database already exists!";
  297. errorLog($devError);
  298. return False;
  299. break;
  300. }
  301. }
  302.  
  303. //function to purchase items from the shop
  304. function purchaseServer($dirtyItemID, $dirtyUserID){
  305. if(loggedIn()){
  306. #=== CONFIGURABLE ===
  307. $r1Price = 10;
  308. $r2Price = 100;
  309. $r3PRice = 1000;
  310. $r4Price = 10000;
  311. #=== CONFIGURABLE ===
  312. $itemID = clean($dirtyItemID);
  313. $userID = clean($dirtyUserID);
  314. if(isntBlank($itemID) && isntBlank($userID)){
  315. $query = mysql_query("SELECT `balance` FROM `users` WHERE id='$userID'");
  316. $numResults = mysql_num_rows($query);
  317. switch($numResults){
  318. case 0: #if user doesn't exist in the database
  319. $devError = "A request has been made to purchase '".$itemID."' by '".$userID."' when he doesn't exist in the database!";
  320. errorLog($devError);
  321. break;
  322. case 1: #if user exists in the database
  323. $fetch = mysql_fetch_array($query);
  324. $balance = $fetch['balance'];
  325. switch($itemID){
  326. case 1: #r1
  327. if($balance == $r1Price or $balance > $r1Price){
  328. $newBalance = $balance - $r1Price;
  329. $query = mysql_query("SELECT `r1` FROM `servers` WHERE uid='$userID'");
  330. $fetch = mysql_fetch_array($query); $currentAmountOfServers = $fetch['r1']; $newAmountOfServers = $currentAmountOfServers + 1;
  331. $query = mysql_query("UPDATE `servers` SET r1='$newAmountOfServers' WHERE uid='$userID'");
  332. $query = mysql_query("UPDATE `users` SET balance='$newBalance' WHERE id='$userID'");
  333. $requestLog = "'".$_SESSION['username']."' has just purchased serverID '".$itemID."'.";
  334. requestLog($requestLog);
  335. return True;
  336. } else {
  337. $devError = "User '".$_SESSION['username']."' attempted to purchase server '".$itemID."' with an insufficient balance.";
  338. errorLog($devError);
  339. return False;
  340. }
  341. break;
  342. case 2: #r2
  343. if($balance == $r2Price or $balance > $r2Price){
  344. $newBalance = $balance - $r1Price;
  345. $query = mysql_query("SELECT `r2` FROM `servers` WHERE uid='$userID'");
  346. $fetch = mysql_fetch_array($query); $currentAmountOfServers = $fetch['r2']; $newAmountOfServers = $currentAmountOfServers + 1;
  347. $query = mysql_query("UPDATE `servers` SET r2='$newAmountOfServers' WHERE uid='$userID'");
  348. $query = mysql_query("UPDATE `users` SET balance='$newBalance' WHERE id='$userID'");
  349. $requestLog = "'".$_SESSION['username']."' has just purchased serverID '".$itemID."'.";
  350. requestLog($requestLog);
  351. return True;
  352. } else {
  353. $devError = "User '".$_SESSION['username']."' attempted to purchase server '".$itemID."' with an insufficient balance.";
  354. errorLog($devError);
  355. return False;
  356. }
  357. break;
  358. case 3: #r3
  359. if($balance == $r3Price or $balance > $r3Price){
  360. $newBalance = $balance - $r1Price;
  361. $query = mysql_query("SELECT `r3` FROM `servers` WHERE uid='$userID'");
  362. $fetch = mysql_fetch_array($query); $currentAmountOfServers = $fetch['r3']; $newAmountOfServers = $currentAmountOfServers + 1;
  363. $query = mysql_query("UPDATE `servers` SET r3='$newAmountOfServers' WHERE uid='$userID'");
  364. $query = mysql_query("UPDATE `users` SET balance='$newBalance' WHERE id='$userID'");
  365. $requestLog = "'".$_SESSION['username']."' has just purchased serverID '".$itemID."'.";
  366. requestLog($requestLog);
  367. return True;
  368. } else {
  369. $devError = "User '".$_SESSION['username']."' attempted to purchase server '".$itemID."' with an insufficient balance.";
  370. errorLog($devError);
  371. return False;
  372. }
  373. break;
  374. case 4: #r4
  375. if($balance == $r4Price or $balance > $r4Price){
  376. $newBalance = $balance - $r1Price;
  377. $query = mysql_query("SELECT `r4` FROM `servers` WHERE uid='$userID'");
  378. $fetch = mysql_fetch_array($query); $currentAmountOfServers = $fetch['r4']; $newAmountOfServers = $currentAmountOfServers + 1;
  379. $query = mysql_query("UPDATE `servers` SET r4='$newAmountOfServers' WHERE uid='$userID'");
  380. $query = mysql_query("UPDATE `users` SET balance='$newBalance' WHERE id='$userID'");
  381. $requestLog = "'".$_SESSION['username']."' has just purchased serverID '".$itemID."'.";
  382. requestLog($requestLog);
  383. return True;
  384. } else {
  385. $devError = "User '".$_SESSION['username']."' attempted to purchase server '".$itemID."' with an insufficient balance.";
  386. errorLog($devError);
  387. return False;
  388. }
  389. break;
  390. }
  391. break;
  392. }
  393. } else {
  394. $devError = "Server is attempting to proccess a server purchase with blank or non-numeric data!";
  395. errorLog($devError);
  396. return False;
  397. }
  398. } else {
  399. $devError = "User by the IP of '".$_SERVER['REMOTE_ADDR']."' has somehow initiated a server purchase while being logged out.";
  400. errorLog($devError);
  401. return False;
  402. }
  403. }
  404.  
  405. //function to reset user back to starting amount of servers -TODO- errors
  406. function wipeServers($dirtyID){
  407. if(loggedin()){
  408. $userID = clean($dirtyID);
  409. if($dirtyID == $userID && isntBlank($userID)){
  410. $query = mysql_query("SELECT * FROM `servers` WHERE uid='$userID'");
  411. $numResults = mysql_num_rows($query);
  412. switch($numResults){
  413. case 0:
  414. $devError = "An administration attempt to wipe UID '".$userID."' has failed as they do not exist.";
  415. errorLog($devError);
  416. return False;
  417. break;
  418. case 1:
  419. $query = mysql_query("UPDATE `servers` SET r1=1, r2=0, r3=0, r4=0 WHERE uid='$userID'");
  420. $requestLog = "'".$userID." has just had his servers reset! pwn3d!";
  421. requestLog($requestLog);
  422. return True;
  423. break;
  424. }
  425. }
  426. }
  427. }
  428.  
  429. //function to wipe balance -TODO- all
  430. function wipeBalance($dirtyID){
  431. if(loggedin()){
  432. $userID = clean($dirtyID);
  433. if($dirtyID == $userID && isntBlank($userID)){
  434. $query = mysql_query("SELECT * FROM `users` WHERE id='$userID'");
  435. $numResults = mysql_num_rows($query);
  436. switch($numResults){
  437. case 0:
  438. $devError = "An administration attempt to delete balance from UID '".$userID."' has failed as they do not exist.";
  439. errorLog($devError);
  440. return False;
  441. break;
  442. case 1:
  443. $query = mysql_query("UPDATE `users` SET balance=0 WHERE id='$userID'");
  444. $requestLog = "'".$userID." has just had his balance reset! pwn3d!";
  445. requestLog($requestLog);
  446. return True;
  447. break;
  448. }
  449. }
  450. }
  451. }
  452.  
  453. //check how much power a user has
  454. function powerCheck($dirtyID){
  455. #=== CONFIGURABLE ===
  456. $r1PL = 10;
  457. $r2PL = 100;
  458. $r3PL = 1000;
  459. $r4PL = 10000;
  460. $edgeRate = 1.2;
  461. #=== CONFIGURABLE ===
  462. $cleanID = clean($dirtyID);
  463. if($cleanID == $dirtyID && isntBlank($cleanID)){
  464. $query = mysql_query("SELECT * FROM `servers` WHERE uid='$cleanID'");
  465. $numResults = mysql_num_rows($query);
  466. switch($numResults){
  467. case 0: #cannot locate user in servers...
  468. $devError = "Attempt to power-check UID '".$cleanID."' has failed per they are not located in the database.";
  469. errorLog($devError);
  470. return False;
  471. break;
  472. case 1: #successfully located user in servers
  473. $fetch = mysql_fetch_array($query);
  474. $r1Amount = $fetch['r1']; $r2Amount = $fetch['r2']; $r3Amount = $fetch['r3']; $r4Amount = $fetch['r4'];
  475. $r1TotalPower = intval($r1Amount * ($r1PL * $edgeRate)); $r2TotalPower = intval($r2Amount * ($r2PL * $edgeRate)); $r3TotalPower = intval($r3Amount * ($r3PL * $edgeRate)); $r4TotalPower = intval($r4Amount * ($r4PL * $edgeRate));
  476. $totalPower = $r1TotalPower + $r2TotalPower + $r3TotalPower + $r4TotalPower;
  477. $requestLog = "'".$cleanID."' has been successfully examined with a '".$totalPower."' botnets/second.";
  478. requestLog($requestLog);
  479. return $totalPower;
  480. break;
  481. }
  482. } else {
  483. $devError = "The data supplied to the function 'powerCheck' was invalid and/or blank.";
  484. errorLog($devError);
  485. return False;
  486. }
  487. }
  488.  
  489. //pull specific users balnace
  490. function getBalance($dirtyID){
  491. if(loggedin()){
  492. $cleanID = clean($dirtyID);
  493. if($cleanID == $dirtyID && isntBlank($cleanID)){
  494. $query = mysql_query("SELECT `balance` FROM `users` WHERE id='$cleanID'");
  495. $numResults = mysql_num_rows($query);
  496. switch($numResults){
  497. case 0:
  498. $devError = "Attempt to pull balance from user ID '".$cleanID."' failed because they do not exist..";
  499. errorLog($devError);
  500. return False;
  501. break;
  502. case 1:
  503. $fetch = mysql_fetch_array($query); $balance = $fetch['balance'];
  504. $requestLog = "'".$cleanID."' has a balance of '".$balance."'.";
  505. requestLog($requestLog);
  506. return $balance;
  507. break;
  508. }
  509. }
  510. }
  511. }
  512.  
  513. //give UID a free r1
  514. function freeR1($dirtyID){
  515. if(loggedin()){
  516. $cleanID = clean($dirtyID);
  517. if($cleanID == $dirtyID && isntBlank($cleanID)){
  518. $query = mysql_query("SELECT * FROM `servers` WHERE uid='$cleanID'");
  519. $numResults = mysql_num_rows($query);
  520. switch($numResults){
  521. case 0:
  522. $devError = "Attempt to pull balance from user ID '".$cleanID."' failed because they do not exist..";
  523. errorLog($devError);
  524. return False;
  525. break;
  526. case 1:
  527. $fetch = mysql_fetch_array($query); $r1Amount = $fetch['r1'];
  528. $newR1Amount = $r1Amount + 1;
  529. $query = mysql_query("UPDATE `servers` SET r1='$newR1Amount' WHERE uid='$cleanID'");
  530. $requestLog = "'".$cleanID."' has a new amount of R1's, '".$newR1Amount."'.";
  531. requestLog($requestLog);
  532. return True;
  533. break;
  534. }
  535. } else {
  536. $devError = "User attempted to 'freeR1' using an incorrectly formatted user ID!";
  537. errorLog($devError);
  538. return False;
  539. }
  540. } else {
  541. $devError = "Guest attempted to execute function 'freeR1' while logged out!";
  542. errorLog($devError);
  543. return False;
  544. }
  545. }
  546.  
  547. //give UID a free r2
  548. function freeR2($dirtyID){
  549. if(loggedin()){
  550. $cleanID = clean($dirtyID);
  551. if($cleanID == $dirtyID && isntBlank($cleanID)){
  552. $query = mysql_query("SELECT * FROM `servers` WHERE uid='$cleanID'");
  553. $numResults = mysql_num_rows($query);
  554. switch($numResults){
  555. case 0:
  556. $devError = "Attempt to pull balance from user ID '".$cleanID."' failed because they do not exist..";
  557. errorLog($devError);
  558. return False;
  559. break;
  560. case 1:
  561. $fetch = mysql_fetch_array($query); $r2Amount = $fetch['r2'];
  562. $newR2Amount = $r2Amount + 1;
  563. $query = mysql_query("UPDATE `servers` SET r2='$newR2Amount' WHERE uid='$cleanID'");
  564. $requestLog = "'".$cleanID."' has a new amount of R2's, '".$newR2Amount."'.";
  565. requestLog($requestLog);
  566. return True;
  567. break;
  568. }
  569. } else {
  570. $devError = "User attempted to 'freeR2' using an incorrectly formatted user ID!";
  571. errorLog($devError);
  572. return False;
  573. }
  574. } else {
  575. $devError = "Guest attempted to execute function 'freeR2' while logged out!";
  576. errorLog($devError);
  577. return False;
  578. }
  579. }
  580.  
  581. //give UID a free r3
  582. function freeR3($dirtyID){
  583. if(loggedin()){
  584. $cleanID = clean($dirtyID);
  585. if($cleanID == $dirtyID && isntBlank($cleanID)){
  586. $query = mysql_query("SELECT * FROM `servers` WHERE uid='$cleanID'");
  587. $numResults = mysql_num_rows($query);
  588. switch($numResults){
  589. case 0:
  590. $devError = "Attempt to pull balance from user ID '".$cleanID."' failed because they do not exist..";
  591. errorLog($devError);
  592. return False;
  593. break;
  594. case 1:
  595. $fetch = mysql_fetch_array($query); $r3Amount = $fetch['r3'];
  596. $newR3Amount = $r3Amount + 1;
  597. $query = mysql_query("UPDATE `servers` SET r3='$newR3Amount' WHERE uid='$cleanID'");
  598. $requestLog = "'".$cleanID."' has a new amount of R3's, '".$newR3Amount."'.";
  599. requestLog($requestLog);
  600. return True;
  601. break;
  602. }
  603. } else {
  604. $devError = "User attempted to 'freeR3' using an incorrectly formatted user ID!";
  605. errorLog($devError);
  606. return False;
  607. }
  608. } else {
  609. $devError = "Guest attempted to execute function 'freeR3' while logged out!";
  610. errorLog($devError);
  611. return False;
  612. }
  613. }
  614.  
  615. //give UID a free r4
  616. function freeR4($dirtyID){
  617. if(loggedin()){
  618. $cleanID = clean($dirtyID);
  619. if($cleanID == $dirtyID && isntBlank($cleanID)){
  620. $query = mysql_query("SELECT * FROM `servers` WHERE uid='$cleanID'");
  621. $numResults = mysql_num_rows($query);
  622. switch($numResults){
  623. case 0:
  624. $devError = "Attempt to pull balance from user ID '".$cleanID."' failed because they do not exist..";
  625. errorLog($devError);
  626. return False;
  627. break;
  628. case 1:
  629. $fetch = mysql_fetch_array($query); $r4Amount = $fetch['r4'];
  630. $newR4Amount = $r4Amount + 1;
  631. $query = mysql_query("UPDATE `servers` SET r4='$newR4Amount' WHERE uid='$cleanID'");
  632. $requestLog = "'".$cleanID."' has a new amount of R4's, '".$newR4Amount."'.";
  633. requestLog($requestLog);
  634. return True;
  635. break;
  636. }
  637. } else {
  638. $devError = "User attempted to 'freeR4' using an incorrectly formatted user ID!";
  639. errorLog($devError);
  640. return False;
  641. }
  642. } else {
  643. $devError = "Guest attempted to execute function 'freeR4' while logged out!";
  644. errorLog($devError);
  645. return False;
  646. }
  647. }
  648.  
  649. //function to pay user set amount
  650. function payUser($dirtyID, $dirtyAmount){
  651. if(loggedin()){
  652. $cleanID = clean($dirtyID);
  653. $cleanAmount = clean($dirtyAmount);
  654. if($cleanID == $dirtyID && isntBlank($cleanID) && $cleanAmount == $dirtyAmount && isntBlank($cleanAmount)){
  655. $query = mysql_query("SELECT `balance` FROM `users` WHERE id='$cleanID'");
  656. $numResults = mysql_num_rows($query);
  657. switch($numResults){
  658. case 0:
  659. $devError = "Attempt to pull balance from user ID '".$cleanID."' failed because they do not exist..";
  660. errorLog($devError);
  661. return False;
  662. break;
  663. case 1:
  664. $fetch = mysql_fetch_array($query); $balance = $fetch['balance'];
  665. $newBalance = $balance + $cleanAmount;
  666. $query = mysql_query("UPDATE `users` SET balance='$newBalance' WHERE id='$cleanID'");
  667. $requestLog = "'".$cleanID."' has a new balance of '".$newBalance."'.";
  668. requestLog($requestLog);
  669. return $balance;
  670. break;
  671. }
  672. } else {
  673. $devError = "User attempted to 'setBalance' using an incorrectly formatted user ID!";
  674. errorLog($devError);
  675. return False;
  676. }
  677. } else {
  678. $devError = "Guest attempted to execute function 'setBalance' while logged out!";
  679. errorLog($devError);
  680. return False;
  681. }
  682. }
  683.  
  684. //function to crack hash
  685. function crackHash($dirtyHash){
  686. if(loggedin()){
  687. $id = $_SESSION['id'];
  688. $username = $_SESSION['username'];
  689. $hash = clean($dirtyHash);
  690. if($hash == $dirtyHash){
  691. $powerLevel = powerCheck($id);
  692. $startTime = time(); #current time
  693. $endTime = time() + (10000 / $powerLevel); #time that needs to occur in order for hash to be cracked
  694. $query = mysql_query("SELECT * FROM `hashes` WHERE active='1' AND uid='$id'");
  695. $numResults = mysql_num_rows($query);
  696. switch($numResults){
  697. case 0: #user is not currently running an attack...
  698. $query = mysql_query("INSERT INTO `hashes`(`uid`, `startTimestamp`, `endTimestamp`, `hash`, `active`, `payout`) VALUES ('$id', '$startTime', '$endTime', '$hash', '1', '5')");
  699. $requestLog = "'".$id."' has just started a new attack!";
  700. requestLog($requestLog);
  701. break;
  702. case 1: #user is currently running an attack
  703. $devError = "User '".$username."' attempted to start attacking a hash when he is already running an attack!";
  704. errorLog($devError);
  705. return False;
  706. break;
  707. }
  708. } else {
  709. $devError = "User '".$username."' attempted to submit an unsanitary hash!";
  710. errorLog($devError);
  711. return False;
  712. }
  713. } else {
  714. $devError = "A guest attempted to use the function 'crackHash' while logged out!";
  715. errorLog($devError);
  716. return False;
  717. }
  718. }
  719.  
  720. //check if any attack is going on whatsoever
  721. function checkHashing($dirtyID){
  722. if(loggedin()){
  723. $cleanID = clean($dirtyID);
  724. if($cleanID == $dirtyID && isntBlank($cleanID)){
  725. $query = mysql_query("SELECT * FROM `hashes` WHERE active=1 AND uid='$cleanID'");
  726. $numResults = mysql_num_rows($query);
  727. switch($numResults){
  728. case 0:
  729. return False;
  730. break;
  731. case 1:
  732. return True;
  733. break;
  734. }
  735. } else {
  736. $devError = "There was an attempt to submit an unsanitary ID.";
  737. errorLog($devError);
  738. return False;
  739. }
  740. } else {
  741. $devError = "A guest attempted to use the function 'checkHashing' while logged out!";
  742. errorLog($devError);
  743. return False;
  744. }
  745. }
  746.  
  747. //function to check how far user is cracking a hash (and if done pay them)
  748. function checkHashComplete($dirtyID){
  749. if(loggedin()){
  750. $cleanID = clean($dirtyID);
  751. if($dirtyID == $cleanID && isntBlank($cleanID)){
  752. $query = mysql_query("SELECT * FROM `hashes` WHERE active=1 AND uid='$cleanID'");
  753. $numResults = mysql_num_rows($query);
  754. switch($numResults){
  755. case 0: #user has no active hash entries
  756. $devError = "User ID '".$cleanID."' has no active entries!";
  757. errorLog($devError);
  758. return False;
  759. break;
  760. case 1: #user has one active hash entry
  761. $fetch = mysql_fetch_array($query); $currentTime = time(); $endTime = $fetch['endTimestamp']; $payout = $fetch['payout'];
  762. if($currentTime > $endTime){ #the time has passed! user is granted moola!
  763. payUser($cleanID, $payout);
  764. $query = mysql_query("UPDATE `hashes` SET active=0 WHERE uid='$cleanID' AND active='1'");
  765. $requestLog = "A user by the ID of '".$cleanID."' has just finished attacking a hash.";
  766. requestLog($requestLog);
  767. return True;
  768. } else { #the time hasn't passed... the user has to wait...
  769. return False;
  770. }
  771. break;
  772. }
  773. } else {
  774. $devError = "User '".$username."' attempted to submit an unsanitary ID!";
  775. errorLog($devError);
  776. return False;
  777. }
  778. } else {
  779. $devError = "A guest attempted to use the function 'checkHashComplete' while logged out!";
  780. errorLog($devError);
  781. return False;
  782. }
  783. }
  784.  
  785. //return how much time is left on a hash
  786. function checkTimeLeft($dirtyID){
  787. if(loggedin()){
  788. $cleanID = clean($dirtyID);
  789. if($dirtyID == $cleanID && isntBlank($cleanID)){
  790. if(checkHashing($cleanID)){
  791. $query = mysql_query("SELECT * FROM `hashes` WHERE uid='$cleanID' AND active='1'");
  792. $fetch = mysql_fetch_array($query); $endTimestamp = $fetch['endTimestamp'];
  793. $timeLeft = $endTimestamp - time();
  794. return $timeLeft;
  795. } else {
  796. return False;
  797. }
  798. } else {
  799. $devError = "User '".$username."' attempted to submit an unsanitary ID!";
  800. errorLog($devError);
  801. return False;
  802. }
  803. } else {
  804. $devError = "A guest attempted to use the function 'checkTimeLeft' while logged out!";
  805. errorLog($devError);
  806. return False;
  807. }
  808. }
  809.  
  810. //return the hash
  811. function checkHashName($dirtyID){
  812. if(loggedin()){
  813. $cleanID = clean($dirtyID);
  814. if($dirtyID == $cleanID && isntBlank($cleanID)){
  815. if(checkHashing($cleanID)){
  816. $query = mysql_query("SELECT * FROM `hashes` WHERE uid='$cleanID' AND active='1'");
  817. $fetch = mysql_fetch_array($query); $hash = $fetch['hash'];
  818. return $hash;
  819. } else {
  820. return False;
  821. }
  822. } else {
  823. $devError = "User '".$username."' attempted to submit an unsanitary ID!";
  824. errorLog($devError);
  825. return False;
  826. }
  827. } else {
  828. $devError = "A guest attempted to use the function 'checkHashName' while logged out!";
  829. errorLog($devError);
  830. return False;
  831. }
  832. }
  833.  
  834. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!