Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?php
- /*decoded decube.xyz*/
- session_start();
- error_reporting(30719);
- header("Content-type: text/html; charset=windows-1251");
- if (!DEFINED("ROOT_DIR")) {
- DEFINE("ROOT_DIR", $_SERVER["DOCUMENT_ROOT"]);
- }
- sleep(0);
- $json_result = array();
- $json_result["result"] = "";
- $json_result["message"] = "";
- $ajax_json = (isset($_SERVER["HTTP_ACCEPT"]) && (strpos($_SERVER["HTTP_ACCEPT"], "application/json") !== false) ? "json" : "nojson");
- if (isset($_SERVER["HTTP_X_REQUESTED_WITH"]) && ($_SERVER["HTTP_X_REQUESTED_WITH"] == "XMLHttpRequest")) {
- function json_encode_cp1251($json_arr)
- {
- $json_arr = json_encode($json_arr);
- $arr_replace_cyr = array("\u0410", "\u0430", "\u0411", "\u0431", "\u0412", "\u0432", "\u0413", "\u0433", "\u0414", "\u0434", "\u0415", "\u0435", "\u0401", "\u0451", "\u0416", "\u0436", "\u0417", "\u0437", "\u0418", "\u0438", "\u0419", "\u0439", "\u041a", "\u043a", "\u041b", "\u043b", "\u041c", "\u043c", "\u041d", "\u043d", "\u041e", "\u043e", "\u041f", "\u043f", "\u0420", "\u0440", "\u0421", "\u0441", "\u0422", "\u0442", "\u0423", "\u0443", "\u0424", "\u0444", "\u0425", "\u0445", "\u0426", "\u0446", "\u0427", "\u0447", "\u0428", "\u0448", "\u0429", "\u0449", "\u042a", "\u044a", "\u042d", "\u044b", "\u042c", "\u044c", "\u042d", "\u044d", "\u042e", "\u044e", "\u042f", "\u044f");
- $arr_replace_utf = array("А", "а", "Б", "б", "В", "в", "Г", "г", "Д", "д", "Е", "е", "Ё", "ё", "Ж", "ж", "З", "з", "И", "и", "Й", "й", "К", "к", "Л", "л", "М", "м", "Н", "н", "О", "о", "П", "п", "Р", "р", "С", "с", "Т", "т", "У", "у", "Ф", "ф", "Х", "х", "Ц", "ц", "Ч", "ч", "Ш", "ш", "Щ", "щ", "Ъ", "ъ", "Ы", "ы", "Ь", "ь", "Э", "э", "Ю", "ю", "Я", "я");
- $json_arr = str_replace($arr_replace_cyr, $arr_replace_utf, $json_arr);
- return $json_arr;
- }
- function myErrorHandler($errno, $errstr, $errfile, $errline, $js_result)
- {
- $ajax_json = (isset($_SERVER["HTTP_ACCEPT"]) && (strpos($_SERVER["HTTP_ACCEPT"], "application/json") !== false) ? "json" : "nojson");
- $message_text = false;
- $errfile = str_replace($_SERVER["DOCUMENT_ROOT"], "", $errfile);
- switch ($errno) {
- case 1:
- $message_text = "Fatal error[$errno]: $errstr in line $errline in $errfile";
- break;
- case 2:
- $message_text = "Warning[$errno]: $errstr in line $errline in $errfile";
- break;
- case 8:
- $message_text = "Notice[$errno]: $errstr in line $errline in $errfile";
- break;
- $message_text = "[$errno] $errstr in line $errline in $errfile";
- break;
- $js_result = ($ajax_json == "json" ? json_encode_cp1251(array("result" => "ERROR", "message" => iconv("CP1251", "UTF-8", $message_text))) : $message_text);
- }
- }
- require (ROOT_DIR . "/config.php");
- require_once (ROOT_DIR . "/funciones.php");
- require_once (ROOT_DIR . "/recaptcha/config_recaptcha.php");
- require_once (ROOT_DIR . "/recaptcha/lib/autoload.php");
- $laip = getRealIP();
- $set_error_handler = set_error_handler("myErrorHandler", 30719);
- if (!isset($siteKey) | !isset($secret) | (isset($siteKey) && isset($secret) && (($siteKey == false) | ($secret == false)))) {
- $message_text = "ERROR: Нет ключей!";
- $js_result = ($ajax_json == "json" ? json_encode_cp1251(array("result" => "ERROR", "message" => iconv("CP1251", "UTF-8", $message_text))) : $message_text);
- exit($js_result);
- return 1;
- }
- if (isset($_SESSION["userLog"]) && isset($_SESSION["userPas"])) {
- $message_text = "Вы уже авторизовались!";
- $js_result = ($ajax_json == "json" ? json_encode_cp1251(array("result" => "ERROR", "message" => iconv("CP1251", "UTF-8", $message_text))) : $message_text);
- exit($js_result);
- return 1;
- }
- $recaptcha = new ReCaptcha\ReCaptcha($secret);
- $response = $recaptcha->verify(strip_tags(htmlspecialchars(trim($_POST["recaptcha"]))), $laip);
- if ($response->isSuccess()) {
- $username = (isset($_POST["log_user"]) && preg_match("|^[a-zA-Z0-9\-_-]{3,20}$|", trim($_POST["log_user"])) ? htmlentities(stripslashes(trim($_POST["log_user"]))) : false);
- $password = (isset($_POST["pas_user"]) && preg_match("|^[a-zA-Z0-9\-_-]{6,20}$|", trim($_POST["pas_user"])) ? htmlentities(stripslashes(trim($_POST["pas_user"]))) : false);
- $enter_pas_oper = (isset($_POST["pas_oper"]) && preg_match("|^[0-9a-zA-Z]{7,9}$|", trim($_POST["pas_oper"])) ? htmlentities(stripslashes(trim($_POST["pas_oper"]))) : false);
- if ($username == false) {
- $message_text = "Логин должен быть от 3 до 20 символов, и содержать только латинские символы";
- $js_result = ($ajax_json == "json" ? json_encode_cp1251(array("result" => "ERROR", "message" => iconv("CP1251", "UTF-8", $message_text))) : $message_text);
- exit($js_result);
- return 1;
- }
- if ($password == false) {
- $message_text = "Пароль должен быть от 3 до 20 символов, и содержать только латинские символы";
- $js_result = ($ajax_json == "json" ? json_encode_cp1251(array("result" => "ERROR", "message" => iconv("CP1251", "UTF-8", $message_text))) : $message_text);
- exit($js_result);
- return 1;
- }
- ($sql = mysql_query("SELECT * FROM `tb_users` WHERE `username`='" . mysql_real_escape_string($username) . "' AND `password`='" . mysql_real_escape_string($password) . "'")) || exit($ajax_json == "json" ? json_encode_cp1251(array("result" => "ERROR", "message" => iconv("CP1251", "UTF-8", mysql_error()))) : mysql_error());
- if (0 < mysql_num_rows($sql)) {
- $row = mysql_fetch_assoc($sql);
- if (strtolower($username) != strtolower($row["username"])) {
- $message_text = "Логин введен не верно!";
- $js_result = ($ajax_json == "json" ? json_encode_cp1251(array("result" => "ERROR", "message" => iconv("CP1251", "UTF-8", $message_text))) : $message_text);
- exit($js_result);
- return 1;
- }
- if (strtolower($password) != strtolower($row["password"])) {
- $message_text = "Пароль введен не верно!";
- $js_result = ($ajax_json == "json" ? json_encode_cp1251(array("result" => "ERROR", "message" => iconv("CP1251", "UTF-8", $message_text))) : $message_text);
- exit($js_result);
- return 1;
- }
- if ($row["block_wmid"] == 1) {
- $message_text = "Необходимо авторизоваться через WebMomey Login";
- $js_result = ($ajax_json == "json" ? json_encode_cp1251(array("result" => "ERROR", "message" => iconv("CP1251", "UTF-8", $message_text))) : $message_text);
- exit($js_result);
- return 1;
- }
- if (($row["block_agent"] == 1) && ($row["lastiplog"] != $laip) && ($enter_pas_oper == false)) {
- $message_text = "У Вас изменился IP-адрес, необходимо ввести пароль для операций!";
- $js_result = ($ajax_json == "json" ? json_encode_cp1251(array("result" => "NeedPO", "message" => iconv("CP1251", "UTF-8", $message_text))) : $message_text);
- exit($js_result);
- return 1;
- }
- if (($row["block_agent"] == 1) && (strtolower($row["agent"]) != strtolower($_SERVER["HTTP_USER_AGENT"])) && ($enter_pas_oper == false)) {
- $message_text = "У Вас изменился браузер, необходимо ввести пароль для операций!";
- $js_result = ($ajax_json == "json" ? json_encode_cp1251(array("result" => "NeedPO", "message" => iconv("CP1251", "UTF-8", $message_text))) : $message_text);
- exit($js_result);
- return 1;
- }
- if (($row["block_agent"] == 1) && (($row["lastiplog"] != $laip) | (strtolower($row["agent"]) != strtolower($_SERVER["HTTP_USER_AGENT"]))) && ($enter_pas_oper == false)) {
- $message_text = "Необходимо ввести пароль для операций!";
- $js_result = ($ajax_json == "json" ? json_encode_cp1251(array("result" => "NeedPO", "message" => iconv("CP1251", "UTF-8", $message_text))) : $message_text);
- exit($js_result);
- return 1;
- }
- if (($row["block_agent"] == 1) && (($row["lastiplog"] != $laip) | (strtolower($row["agent"]) != strtolower($_SERVER["HTTP_USER_AGENT"]))) && (strtolower($row["pass_oper"]) != strtolower($enter_pas_oper))) {
- $message_text = "Пароль для операций введен не верно!";
- $js_result = ($ajax_json == "json" ? json_encode_cp1251(array("result" => "NeedPO", "message" => iconv("CP1251", "UTF-8", $message_text))) : $message_text);
- exit($js_result);
- return 1;
- }
- $_SESSION["partnerid"] = $row["id"];
- $_SESSION["userLog"] = $row["username"];
- $_SESSION["userPas"] = md5($row["password"]);
- $_SESSION["WMID"] = $row["wmid"];
- $_SESSION["IP"] = $laip;
- if ($row["user_status"] == 1) {
- $_SESSION["userLog_a"] = $row["username"];
- $_SESSION["userPas_a"] = md5($row["password"]);
- }
- SETCOOKIE("_user", $row["username"], time() + 7776000, "/");
- SETCOOKIE("_pid", md5($row["id"]), time() + 7776000, "/");
- $sql_r1 = mysql_query("SELECT `id` FROM `tb_users` WHERE `referer`='$username'");
- $referals1 = mysql_num_rows($sql_r1);
- $sql_r2 = mysql_query("SELECT `id` FROM `tb_users` WHERE `referer2`='$username'");
- $referals2 = mysql_num_rows($sql_r2);
- $sql_r3 = mysql_query("SELECT `id` FROM `tb_users` WHERE `referer3`='$username'");
- $referals3 = mysql_num_rows($sql_r3);
- if (($row["lastlogdate2"] != 0) && ($row["lastlogdate2"] < (time() - (7 * 24 * 60 * 60)))) {
- $reit_add = mysql_result(mysql_query("SELECT `price` FROM `tb_config` WHERE `item`='reit_noactive' AND `howmany`='1'"), 0, 0);
- }
- else {
- $reit_add = 0;
- }
- if (isset($row["wmid"]) && preg_match("|^[\d]{12}$|", trim($row["wmid"]))) {
- include_once (ROOT_DIR . "/auto_pay_req/wmxml.inc.php");
- $_RES_WM_11 = _WMXML11($row["wmid"]);
- $_ATTESTAT = (isset($_RES_WM_11["att"]) ? $_RES_WM_11["att"] : $row["attestat"]);
- }
- else {
- $_ATTESTAT = $row["attestat"];
- }
- include (ROOT_DIR . "/geoip/geoipcity.inc");
- include (ROOT_DIR . "/geoip/geoipregionvars.php");
- $gi = geoip_open(ROOT_DIR . "/geoip/GeoLiteCity.dat", GEOIP_STANDARD);
- $record = @geoip_record_by_addr($gi, $laip);
- @geoip_close($gi);
- $country_code = (isset($record->country_code) && ($record->country_code != false) ? $record->country_code : $row["country_cod"]);
- mysql_query("UPDATE `tb_users` SET \r\n\t\t\t\t\t\t\t\t`attestat`='$_ATTESTAT', \r\n\t\t\t\t\t\t\t\t`reiting`=`reiting`+'$reit_add', `country_cod`='$country_code', \r\n\t\t\t\t\t\t\t\t`referals`='$referals1', `referals2`='$referals2', `referals3`='$referals3', \r\n\t\t\t\t\t\t\t\t`lastlogdate`='" . DATE("d.m.Y") . "', `lastlogdate2`='" . time() . "', \r\n\t\t\t\t\t\t\t\t`lastiplog`='$laip', `kol_log`=`kol_log`+1, `agent`='" . $_SERVER["HTTP_USER_AGENT"] . "' \r\n\t\t\t\t\t\t\tWHERE `username`='$username'") || exit($ajax_json == "json" ? json_encode_cp1251(array("result" => "ERROR", "message" => iconv("CP1251", "UTF-8", mysql_error()))) : mysql_error());
- $_USER_T_ID = strtolower(md5($row["id"]));
- $_COOKIE_ID = (isset($_COOKIE["_pid"]) && preg_match("|^[0-9a-fA-F]{32}$|", htmlspecialchars(trim($_COOKIE["_pid"]))) ? htmlspecialchars(strtolower(trim($_COOKIE["_pid"]))) : false);
- if ($_COOKIE_ID != false) {
- ($sql_ban = mysql_query("SELECT `username` FROM `tb_users` WHERE md5(`id`)='$_COOKIE_ID'")) || exit($ajax_json == "json" ? json_encode_cp1251(array("result" => "ERROR", "message" => iconv("CP1251", "UTF-8", mysql_error()))) : mysql_error());
- if (0 < mysql_num_rows($sql_ban)) {
- $_COOKIE_NAME = mysql_result($sql_ban, 0, 0);
- if ($_USER_T_ID != $_COOKIE_ID) {
- ($sql_ch1 = mysql_query("SELECT `id` FROM `tb_ban_users` WHERE `name`='$_COOKIE_NAME'")) || exit($ajax_json == "json" ? json_encode_cp1251(array("result" => "ERROR", "message" => iconv("CP1251", "UTF-8", mysql_error()))) : mysql_error());
- if (mysql_num_rows($sql_ch1) == 0) {
- mysql_query("INSERT INTO `tb_ban_users` (`name`,`why`,`ip`,`date`,`time`) \r\n\t\t\t\t\t\t\t\t\t\t\tVALUES ('$_COOKIE_NAME','Мультиаккаунт ($_COOKIE_NAME, $username)','$ip','" . DATE("d.m.Y H:i") . "', '" . time() . "')") || exit($ajax_json == "json" ? json_encode_cp1251(array("result" => "ERROR", "message" => iconv("CP1251", "UTF-8", mysql_error()))) : mysql_error());
- mysql_query("UPDATE `tb_users` SET `ban_date`='" . time() . "' WHERE `username`='$_COOKIE_NAME' AND `ban_date`='0'") || exit($ajax_json == "json" ? json_encode_cp1251(array("result" => "ERROR", "message" => iconv("CP1251", "UTF-8", mysql_error()))) : mysql_error());
- }
- ($sql_ch2 = mysql_query("SELECT `id` FROM `tb_ban_users` WHERE `name`='$username'")) || exit($ajax_json == "json" ? json_encode_cp1251(array("result" => "ERROR", "message" => iconv("CP1251", "UTF-8", mysql_error()))) : mysql_error());
- if (mysql_num_rows($sql_ch2) == 0) {
- mysql_query("INSERT INTO `tb_ban_users` (`name`,`why`,`ip`,`date`,`time`) \r\n\t\t\t\t\t\t\t\t\t\t\tVALUES ('$username','Мультиаккаунт ($_COOKIE_NAME, $username)','$ip','" . DATE("d.m.Y H:i") . "', '" . time() . "')") || exit($ajax_json == "json" ? json_encode_cp1251(array("result" => "ERROR", "message" => iconv("CP1251", "UTF-8", mysql_error()))) : mysql_error());
- mysql_query("UPDATE `tb_users` SET `ban_date`='" . time() . "' WHERE `username`='$username' AND `ban_date`='0'") || exit($ajax_json == "json" ? json_encode_cp1251(array("result" => "ERROR", "message" => iconv("CP1251", "UTF-8", mysql_error()))) : mysql_error());
- }
- }
- }
- }
- $message_text = "Авторизация прошла успешно!";
- $js_result = ($ajax_json == "json" ? json_encode_cp1251(array("result" => "OK", "message" => iconv("CP1251", "UTF-8", $message_text))) : $message_text);
- exit($js_result);
- return 1;
- }
- $message_text = "Логин или пароль введен не верно!";
- $js_result = ($ajax_json == "json" ? json_encode_cp1251(array("result" => "ERROR", "message" => iconv("CP1251", "UTF-8", $message_text))) : $message_text);
- exit($js_result);
- return 1;
- }
- $_ERR_CODE = false;
- foreach ($response->getErrorCodes() as $code) {
- $_ERR_CODE .= $code;
- }
- $message_text = (isset($_ERR_CODE) && (htmlspecialchars(trim($_ERR_CODE)) != false) ? "Необходимо подтвердить, что Вы не робот!" : "Обновите страницу!");
- $js_result = ($ajax_json == "json" ? json_encode_cp1251(array("result" => "ERROR", "message" => iconv("CP1251", "UTF-8", $message_text))) : $message_text);
- exit($js_result);
- return 1;
- }
- $message_text = "ERROR: Не корректный запрос!";
- $js_result = ($ajax_json == "json" ? json_encode_cp1251(array("result" => "ERROR", "message" => iconv("CP1251", "UTF-8", $message_text))) : $message_text);
- exit($js_result);
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement