gd/GMDprivateServer
1
0
Fork 0
mirror of https://github.com/Cvolton/GMDprivateServer.git synced 2025-09-06 21:12:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

Compare commits

base: gd:1d7d6ecef7c3475d9138b6b78d397614464616e1
Branches Tags
gd:master gd:lists gd:untested
...
compare: gd:c9f4e40f411d0c410c3ccd680d1c04616a8af7a7
Branches Tags
gd:master gd:lists gd:untested

2 Commits
1d7d6ecef7 ... c9f4e40f41

Author SHA1 Message Date
MegaSa1nt
c9f4e40f41 Songs and SFXs usage in levels 2024-12-14 05:00:42 +03:00
MegaSa1nt
f34a79be21 Automated Cron, messages read time, fixes, etc 2024-12-14 04:47:43 +03:00
59 changed files with 698 additions and 611 deletions
Expand all files Collapse all files

1
accounts/loginGJAccount.php
View File

@@ -14,6 +14,7 @@ $pass = 0;
if(!empty($_POST["password"])) $pass = GeneratePass::isValidUsrname($userName, $_POST["password"]);
elseif(!empty($_POST["gjp2"])) $pass = GeneratePass::isGJP2ValidUsrname($userName, $_POST["gjp2"]);
if($pass == 1) {
$gs->logAction($accountID, 2);
$userID = $gs->getUserID($accountID, $userName);
if(!is_numeric($udid)) {
$query2 = $db->prepare("SELECT userID FROM users WHERE extID = :udid");

11
config/misc.php
View File

@@ -184,4 +184,15 @@ $ratedLevelsInSent = false;
*/
$moderatorsListInGlobal = false;
/*
Run Cron automatically
This setting will enable automatic Cron
True — Cron should run automatically
False — Cron should run manually in dashboard
*/
$automaticCron = false;
?>

129
dashboard/account/changeUsername.php
View File

@@ -1,28 +1,34 @@
<?php
session_start();
require "../incl/dashboardLib.php";
require "../".$dbPath."incl/lib/Captcha.php";
require "../".$dbPath."incl/lib/connection.php";
require_once "../".$dbPath."config/security.php";
require "../".$dbPath."incl/lib/generatePass.php";
require "../".$dbPath."config/security.php";
require "../".$dbPath."config/misc.php";
require_once "../".$dbPath."incl/lib/Captcha.php";
require_once "../".$dbPath."incl/lib/generatePass.php";
require_once "../".$dbPath."incl/lib/exploitPatch.php";
require_once "../".$dbPath."incl/lib/mainLib.php";
require_once "../".$dbPath."incl/lib/cron.php";
$gs = new mainLib();
$dl = new dashboardLib();
$ep = new exploitPatch();
$dl->title($dl->getLocalizedString("changeNickTitle"));
$dl->printFooter('../');
if(isset($_SESSION["accountID"]) AND $_SESSION["accountID"] != 0){
if(!isset($_SESSION["accountID"]) || $_SESSION["accountID"] == 0) exit($dl->printSong('<div class="form">
<h1>'.$dl->getLocalizedString("errorGeneric").'</h1>
<form class="form__inner" method="post" action="./login/login.php">
<p id="dashboard-error-text">'.$dl->getLocalizedString("noLogin?").'</p>
<button type="button" onclick="a(\'login/login.php\')" class="btn-song">'.$dl->getLocalizedString("LoginBtn").'</button>
</form>
</div>', 'account'));
if($_POST["oldnickname"] != "" AND $_POST["newnickname"] != "" AND $_POST["password"] != "") {
if(!Captcha::validateCaptcha()) {
$dl->printSong('<div class="form">
exit($dl->printSong('<div class="form">
<h1>'.$dl->getLocalizedString("errorGeneric").'</h1>
<form class="form__inner" method="post" action="">
<p id="dashboard-error-text">'.$dl->getLocalizedString("invalidCaptcha").'</p>
<button type="button" onclick="a(\'account/changeUsername.php\', true, true, \'GET\')"class="btn-song">'.$dl->getLocalizedString("tryAgainBTN").'</button>
</form>
</div>', 'account');
die();
</div>', 'account'));
}
$userName = $gs->getAccountName($_SESSION["accountID"]);
$accID = $_SESSION["accountID"];
@@ -31,68 +37,63 @@ if($_POST["oldnickname"] != "" AND $_POST["newnickname"] != "" AND $_POST["passw
$getAccountData = $getAccountData->fetch();
$oldnick = ExploitPatch::charclean($_POST["oldnickname"]);
$newnick = str_replace(' ', '', ExploitPatch::charclean($_POST["newnickname"]));
if($oldnick != $userName){
$dl->printSong('<div class="form">
<h1>'.$dl->getLocalizedString("errorGeneric").'</h1>
<form class="form__inner" method="post" action="">
<p id="dashboard-error-text">'.$dl->getLocalizedString("wrongNick").'</p>
<button type="button" onclick="a(\'account/changeUsername.php\', true, true, \'GET\')"class="btn-primary">'.$dl->getLocalizedString("tryAgainBTN").'</button>
</form>
</div>', 'account');
die();
} elseif($userName == $newnick OR $oldnick == $newnick){
$dl->printSong('<div class="form">
<h1>'.$dl->getLocalizedString("errorGeneric").'</h1>
<form class="form__inner" method="post" action="">
<p id="dashboard-error-text">'.$dl->getLocalizedString("sameNick").'</p>
<button type="button" onclick="a(\'account/changeUsername.php\', true, true, \'GET\')"class="btn-primary">'.$dl->getLocalizedString("tryAgainBTN").'</button>
</form>
</div>', 'account');
die();
if($oldnick != $userName) {
exit($dl->printSong('<div class="form">
<h1>'.$dl->getLocalizedString("errorGeneric").'</h1>
<form class="form__inner" method="post" action="">
<p id="dashboard-error-text">'.$dl->getLocalizedString("wrongNick").'</p>
<button type="button" onclick="a(\'account/changeUsername.php\', true, true, \'GET\')"class="btn-primary">'.$dl->getLocalizedString("tryAgainBTN").'</button>
</form>
</div>', 'account'));
}
if($userName == $newnick || $oldnick == $newnick) {
exit($dl->printSong('<div class="form">
<h1>'.$dl->getLocalizedString("errorGeneric").'</h1>
<form class="form__inner" method="post" action="">
<p id="dashboard-error-text">'.$dl->getLocalizedString("sameNick").'</p>
<button type="button" onclick="a(\'account/changeUsername.php\', true, true, \'GET\')"class="btn-primary">'.$dl->getLocalizedString("tryAgainBTN").'</button>
</form>
</div>', 'account'));
}
$pass = $_POST["password"];
$pass = GeneratePass::isValidUsrname($userName, $pass);
$salt = "";
if($pass == 1) {
$query = $db->prepare("SELECT count(*) FROM accounts WHERE userName LIKE :userName");
$query->execute([':userName' => $newnick]);
$count = $query->fetchColumn();
if($count > 0){
$dl->printSong('<div class="form">
if($pass == 1) {
$query = $db->prepare("SELECT count(*) FROM accounts WHERE userName LIKE :userName");
$query->execute([':userName' => $newnick]);
$count = $query->fetchColumn();
if($count > 0) {
exit($dl->printSong('<div class="form">
<h1>'.$dl->getLocalizedString("errorGeneric").'</h1>
<form class="form__inner" method="post" action="">
<p id="dashboard-error-text">'.$dl->getLocalizedString("alreadyUsedNick").'</p>
<button type="button" onclick="a(\'account/changeUsername.php\', true, true, \'GET\')"class="btn-primary">'.$dl->getLocalizedString("tryAgainBTN").'</button>
</form>
</div>', 'account');
die();
</div>', 'account'));
}
$auth = $gs->randomString(8);
$query = $db->prepare("UPDATE accounts SET userName = :userName, salt = :salt, auth = :auth WHERE accountID = :accountid");
$query->execute([':userName' => $newnick, ':salt' => $salt, ':accountid' => $accID, ':auth' => $auth]);
$gs->sendLogsAccountChangeWebhook($accID, $accID, $getAccountData);
if($automaticCron) Cron::fixUsernames($accID, false);
$_SESSION["accountID"] = 0;
setcookie('auth', 'no', 2147483647, '/');
$dl->printSong('<div class="form">
<h1>'.$dl->getLocalizedString("changeNickTitle").'</h1>
<form class="form__inner" method="post" action=".">
<p>'.$dl->getLocalizedString("changedNick").'</p>
<button type="button" onclick="a(\'account/changeUsername.php\', true, true, \'GET\')"class="btn-primary">'.$dl->getLocalizedString("dashboard").'</button>
</form>
</div>', 'account');
} else {
$dl->printSong('<div class="form">
<h1>'.$dl->getLocalizedString("errorGeneric").'</h1>
<form class="form__inner" method="post" action="">
<p id="dashboard-error-text">'.$dl->getLocalizedString("wrongPass").'</p>
<button type="button" onclick="a(\'account/changeUsername.php\', true, true, \'GET\')" class="btn-primary">'.$dl->getLocalizedString("tryAgainBTN").'</button>
</form>
</div>', 'account');
}
$auth = $gs->randomString(8);
$query = $db->prepare("UPDATE accounts SET userName=:userName, salt=:salt, auth=:auth WHERE accountID=:accountid");
$query->execute([':userName' => $newnick, ':salt' => $salt, ':accountid' => $accID, ':auth' => $auth]);
$query = $db->prepare("UPDATE levels SET userName=:newnick WHERE userName=:oldnick");
$query->execute([':newnick' => $newnick, ':oldnick' => $oldnick]); // IMPORTANT: each level's username will change along with the account username
$query = $db->prepare("UPDATE users SET userName=:userName WHERE extID=:accountid");
$query->execute([':userName' => $newnick,':accountid' => $accID]);
$gs->sendLogsAccountChangeWebhook($accID, $accID, $getAccountData);
$_SESSION["accountID"] = 0;
setcookie('auth', 'no', 2147483647, '/');
$dl->printSong('<div class="form">
<h1>'.$dl->getLocalizedString("changeNickTitle").'</h1>
<form class="form__inner" method="post" action=".">
<p>'.$dl->getLocalizedString("changedNick").'</p>
<button type="button" onclick="a(\'account/changeUsername.php\', true, true, \'GET\')"class="btn-primary">'.$dl->getLocalizedString("dashboard").'</button>
</form>
</div>', 'account');
} else {
$dl->printSong('<div class="form">
<h1>'.$dl->getLocalizedString("errorGeneric").'</h1>
<form class="form__inner" method="post" action="">
<p id="dashboard-error-text">'.$dl->getLocalizedString("wrongPass").'</p>
<button type="button" onclick="a(\'account/changeUsername.php\', true, true, \'GET\')" class="btn-primary">'.$dl->getLocalizedString("tryAgainBTN").'</button>
</form>
</div>', 'account');
}
} else {
$dl->printSong('<div class="form">
<h1>'.$dl->getLocalizedString("changeNickTitle").'</h1>
@@ -122,13 +123,5 @@ if($pass == 1) {
}
});
</script>', 'account');
}} else {
$dl->printSong('<div class="form">
<h1>'.$dl->getLocalizedString("errorGeneric").'</h1>
<form class="form__inner" method="post" action="./login/login.php">
<p id="dashboard-error-text">'.$dl->getLocalizedString("noLogin?").'</p>
<button type="button" onclick="a(\'login/login.php\')" class="btn-song">'.$dl->getLocalizedString("LoginBtn").'</button>
</form>
</div>', 'account');
}
?>

58
dashboard/account/forceChange.php
View File

@@ -1,26 +1,25 @@
<?php
session_start();
require "../incl/dashboardLib.php";
require "../".$dbPath."incl/lib/Captcha.php";
require "../".$dbPath."incl/lib/connection.php";
require_once "../".$dbPath."config/security.php";
require "../".$dbPath."incl/lib/generatePass.php";
require "../".$dbPath."config/security.php";
require "../".$dbPath."config/misc.php";
require_once "../".$dbPath."incl/lib/Captcha.php";
require_once "../".$dbPath."incl/lib/generatePass.php";
require_once "../".$dbPath."incl/lib/exploitPatch.php";
require_once "../".$dbPath."incl/lib/mainLib.php";
require_once "../".$dbPath."incl/lib/cron.php";
$gs = new mainLib();
$dl = new dashboardLib();
$dl->printFooter('../');
$acc = $_SESSION["accountID"];
if(!$gs->checkPermission($acc, 'dashboardForceChangePassNick')) {
$dl->printSong('<div class="form">
<h1>'.$dl->getLocalizedString("errorGeneric").'</h1>
if(!$gs->checkPermission($acc, 'dashboardForceChangePassNick')) exit($dl->printSong('<div class="form">
<h1>'.$dl->getLocalizedString("errorGeneric").'</h1>
<p id="dashboard-error-text">'.$dl->getLocalizedString("noPermission").'</p>
<form class="form__inner" method="post" action=".">
<form class="form__inner" method="post" action=".">
<button type="button" onclick="a(\'\')" class="btn-primary">'.$dl->getLocalizedString("Kish!").'</button>
</form>
</div>', 'mod');
die();
}
</form>
</div>', 'mod'));
if($_POST["type"] == 0) {
$type = 'Password';
$inputtype = '<input type="hidden" name="type" value="0">';
@@ -31,14 +30,13 @@ if($_POST["type"] == 0) {
$dl->title($dl->getLocalizedString("force".$type));
if(!empty($_POST["userID"]) AND !empty($_POST[$type])) {
if(!Captcha::validateCaptcha()) {
$dl->printSong('<div class="form">
exit($dl->printSong('<div class="form">
<h1>'.$dl->getLocalizedString("errorGeneric").'</h1>
<form class="form__inner" method="post" action="">
<p id="dashboard-error-text">'.$dl->getLocalizedString("invalidCaptcha").'</p>
<button type="button" onclick="a(\'account/forceChange.php\', true, true, \'GET\')" class="btn-song">'.$dl->getLocalizedString("tryAgainBTN").'</button>
</form>
</div>', 'mod');
die();
</div>', 'mod'));
}
if(!empty($_POST["Nick"])) {
$newnick = str_replace(' ', '', ExploitPatch::charclean($_POST["Nick"]));
@@ -49,35 +47,33 @@ if(!empty($_POST["userID"]) AND !empty($_POST[$type])) {
$query->execute([':userName' => $newnick]);
$count = $query->fetchColumn();
if($count > 0) {
$dl->printSong('<div class="form">
<h1>'.$dl->getLocalizedString("errorGeneric").'</h1>
<form class="form__inner" method="post" action="">
<p id="dashboard-error-text">'.$dl->getLocalizedString("alreadyUsedNick").'</p>
<button type="button" onclick="a(\'account/forceChange.php\', true, true, \'GET\')" class="btn-primary">'.$dl->getLocalizedString("tryAgainBTN").'</button>
</form>
</div>', 'mod');
die();
exit($dl->printSong('<div class="form">
<h1>'.$dl->getLocalizedString("errorGeneric").'</h1>
<form class="form__inner" method="post" action="">
<p id="dashboard-error-text">'.$dl->getLocalizedString("alreadyUsedNick").'</p>
<button type="button" onclick="a(\'account/forceChange.php\', true, true, \'GET\')" class="btn-primary">'.$dl->getLocalizedString("tryAgainBTN").'</button>
</form>
</div>', 'mod'));
}
$getAccountData = $db->prepare("SELECT * FROM accounts WHERE accountID = :accountID");
$getAccountData->execute([':accountID' => $accID]);
$getAccountData = $getAccountData->fetch();
$query = $db->prepare("UPDATE accounts SET userName=:userName, salt=:salt WHERE accountID=:accountid");
$query->execute([':userName' => $newnick, ':salt' => $salt, ':accountid' => $accID]);
$query = $db->prepare("UPDATE users SET userName=:userName WHERE extID=:accountid");
$query->execute([':userName' => $newnick,':accountid' => $accID]);
$gs->sendLogsAccountChangeWebhook($accID, $acc, $getAccountData);
$auth = $gs->randomString(8);
$query = $db->prepare("UPDATE accounts SET auth = :auth WHERE accountID = :id");
$query->execute([':auth' => $auth, ':id' => $accID]);
$query = $db->prepare("UPDATE accounts SET userName = :userName, salt = :salt, auth = :auth WHERE accountID = :accountid");
$query->execute([':userName' => $newnick, ':salt' => $salt, ':accountid' => $accID, ':auth' => $auth]);
$gs->sendLogsAccountChangeWebhook($accID, $acc, $getAccountData);
$discord = $gs->hasDiscord($accID);
if($discord) $gs->changeDiscordUsername($discord, $newnick);
if($automaticCron) Cron::fixUsernames($_SESSION['accountID'], false);
$query = $db->prepare("INSERT INTO modactions (type, value, value2, timestamp, account) VALUES ('26',:userID, :type, :timestamp,:account)");
$query->execute([':userID' => $accID, ':timestamp' => time(), ':type' => $type, ':account' => $acc]);
$dl->printSong('<div class="form">
exit($dl->printSong('<div class="form">
<h1>'.$dl->getLocalizedString("changeNickTitle").'</h1>
<form class="form__inner" method="post" action="">
<p>'.sprintf($dl->getLocalizedString("forceChangedNick"), $newnick).'</p>
<button type="button" onclick="a(\'account/forceChange.php\', true, true, \'GET\')" class="btn-primary">'.$dl->getLocalizedString("dashboard").'</button>
</form>
</div>', 'mod');
</div>', 'mod'));
} elseif($type == 'Password') {
$newpass = $_POST["Password"];
if(is_numeric($_POST["userID"])) {

2
dashboard/api/getGMD.php
View File

@@ -12,7 +12,7 @@ require_once "../".$dbPath."incl/lib/mainLib.php";
require "../".$dbPath."config/misc.php";
$gs = new mainLib();
$levelID = ExploitPatch::number($_POST['levelID']);
$accountID = GJPCheck::getAccountIDOrDie(true) ?? $_SESSION['accountID'];
$accountID = GJPCheck::getAccountIDOrDie(true) ?: $_SESSION['accountID'];
if(!$levelID) exit(json_encode(['success' => false, 'error' => 0, 'message' => 'Invalid level ID.']));
$level = $db->prepare('SELECT * FROM levels WHERE levelID = :levelID');
$level->execute([':levelID' => $levelID]);

6
dashboard/api/login.php
View File

@@ -30,12 +30,16 @@ if(isset($_POST["userName"]) AND isset($_POST["password"])){
$auth["auth"] = $auth;
}
$color = $gs->getAccountCommentColor($accountID);
$gs->logAction($accountID, 2);
exit(json_encode(["success" => true, "user" => $userName, "accountID" => $accountID, "auth" => $auth["auth"], "color" => $color]));
} elseif(isset($_GET["auth"])) {
$auth = ExploitPatch::charclean($_GET["auth"]);
if(empty($auth)) exit(json_encode(['success' => false, 'error' => '-3']));
$check = GeneratePass::isValidToken($auth);
if(!is_array($check)) exit(json_encode(['success' => false, 'error' => $check]));
else exit(json_encode(['success' => true, 'accountID' => $check['accountID'], 'userID' => $check['userID'], 'user' => $check["userName"], 'color' => $check['color']]));
else {
$gs->logAction($check['accountID'], 2);
exit(json_encode(['success' => true, 'accountID' => $check['accountID'], 'userID' => $check['userID'], 'user' => $check["userName"], 'color' => $check['color']]));
}
} else exit(json_encode(['success' => false, 'error' => '0']));
?>

25
dashboard/api/runCron.php Normal file
View File

@@ -0,0 +1,25 @@
<?php
session_start();
header('Access-Control-Allow-Origin: *');
header('Access-Control-Allow-Methods: POST');
header("Access-Control-Allow-Headers: X-Requested-With");
require "../incl/dashboardLib.php";
require "../".$dbPath."incl/lib/connection.php";
require_once "../".$dbPath."incl/lib/cron.php";
require_once "../".$dbPath."incl/lib/GJPCheck.php";
if(!isset($_POST)) $_POST = json_decode(file_get_contents('php://input'), true);
$accountID = GJPCheck::getAccountIDOrDie(true) ?: $_SESSION['accountID'];
if(!$accountID) {
http_response_code(403);
exit(json_encode(['dashboard' => true, 'success' => false, 'error' => 1, 'message' => 'Please supply a valid account credentials.']));
}
$runCron = Cron::doEverything($accountID, true);
if(!$runCron) {
http_response_code(400);
exit(json_encode(['dashboard' => true, 'success' => false, 'error' => 2, 'message' => 'Please wait a few minutes before running Cron again.']));
}
exit(json_encode(['dashboard' => true, 'success' => true]));
?>

5
dashboard/incl/cvolton.css
View File

@@ -1038,6 +1038,7 @@ hr {
justify-content: space-between;
text-align: right;
align-items: baseline;
grid-gap: 3px;
}
.tooactive {
@@ -2632,4 +2633,8 @@ body:has(.audio) {
font-size: 25px;
cursor: pointer;
border-radius: 1000px;
}
.comments i {
color: #c0c0c0;
}

58
dashboard/incl/dashboardLib.php
View File

@@ -210,37 +210,6 @@ class dashboardLib {
if($lrEnabled == 1) echo '<a type="button" href="levels/levelReupload.php" onclick="a(\'levels/levelReupload.php\')"class="dropdown-item"><i class="fa-solid fa-arrow-down" style="position: absolute;font-size: 10px;margin: 0px 5px 5px -7px;" aria-hidden="false"></i><div class="icon"><i class="fa-solid fa-cloud" aria-hidden="false"></i></div>'.$this->getLocalizedString("levelReupload").'</a>
<a type="button" href="levels/levelToGD.php" onclick="a(\'levels/levelToGD.php\')"class="dropdown-item"><i class="fa-solid fa-arrow-up" style="position: absolute;font-size: 10px;margin: 0px 5px 5px -7px;" aria-hidden="false"></i><div class="icon"><i class="fa-solid fa-cloud" aria-hidden="false"></i></div>'.$this->getLocalizedString("levelToGD").'</a>';
echo '<button type="button" class="dropdown-item" id="crbtn" onclick="cron(), event.stopPropagation();"><div class="icon"><i id="iconcron" class="fa-solid fa-bars-progress"></i></div>'.$this->getLocalizedString('tryCron').'</button>
<script>
function cron() {
cr = new XMLHttpRequest();
cr.open("GET", "'.$dbPath.'tools/cron/cron.php", true);
var ic = document.getElementById("iconcron");
var on = document.getElementById("crbtn");
ic.classList.remove("fa-bars-progress");
ic.classList.add("fa-spinner");
ic.classList.add("fa-spin");
cr.onload = function (){
if(cr.response == "1") {
on.innerHTML = \'<div class="icon"><i id="iconcron" class="fa-solid fa-check"></i></div>'.$this->getLocalizedString('cronSuccess').'\';
ic.classList.remove("fa-spinner");
ic.classList.remove("fa-spin");
ic.classList.add("fa-bars-progress");
on.classList.add("dropdown-success");
on.classList.remove("dropdown-error");
on.disabled = true;
}
else {
on.innerHTML = \'<div class="icon"><i id="iconcron" class="fa-solid fa-xmark"></i></div>'.$this->getLocalizedString('cronError').'\';
ic.classList.remove("fa-spinner");
ic.classList.remove("fa-spin");
ic.classList.add("fa-bars-progress");
on.classList.remove("dropdown-success");
on.classList.add("dropdown-error");
}
}
cr.send();
}
</script>
</div>
</li>';
if($gs->checkPermission($_SESSION["accountID"], "dashboardModTools")) {
@@ -1044,6 +1013,31 @@ class dashboardLib {
setTimeout(function () {toast.remove()}, 300);
}, 3000);
}
function cron() {
var iconCron = document.getElementById("iconcron");
var cronButton = document.getElementById("crbtn");
iconCron.classList.remove("fa-bars-progress");
iconCron.classList.add("fa-spinner");
iconCron.classList.add("fa-spin");
fetch("api/runCron.php").then(r => r.json()).then(response => {
if(response.success) {
cronButton.innerHTML = \'<div class="icon"><i id="iconcron" class="fa-solid fa-check"></i></div>'.$this->getLocalizedString('cronSuccess').'\';
iconCron.classList.remove("fa-spinner");
iconCron.classList.remove("fa-spin");
iconCron.classList.add("fa-bars-progress");
cronButton.classList.add("dropdown-success");
cronButton.classList.remove("dropdown-error");
cronButton.disabled = true;
} else {
cronButton.innerHTML = \'<div class="icon"><i id="iconcron" class="fa-solid fa-xmark"></i></div>'.$this->getLocalizedString('cronError').'\';
iconCron.classList.remove("fa-spinner");
iconCron.classList.remove("fa-spin");
iconCron.classList.add("fa-bars-progress");
cronButton.classList.remove("dropdown-success");
cronButton.classList.add("dropdown-error");
}
});
}
window.addEventListener("popstate", function(e) {
a(e.target.location.href, true, true, "GET", false, "", true);
}, false);
@@ -1518,4 +1512,4 @@ class dashboardLib {
echo '<title>'.$title.' | '.$gdps.'</title>';
}
}
?>
?>

1
dashboard/incl/lang/localeCZ.php
View File

@@ -432,6 +432,7 @@ $string['youAreBannedFromCommenting'] = 'You are banned from commenting!';
$string['cantPostAccountCommentsAboveChars'] = 'You cannot post account comments above %1$s characters!';
$string['commentingIsDisabled'] = 'Commenting is currently disabled!';
$string['noWarnings'] = 'No warnings';
$string['messagingIsDisabled'] = 'Direct messages are currently disabled!';
$string['downloadLevelAsGMD'] = 'Save as .gmd';

1
dashboard/incl/lang/localeEN.php
View File

@@ -432,6 +432,7 @@ $string['youAreBannedFromCommenting'] = 'You are banned from commenting!';
$string['cantPostAccountCommentsAboveChars'] = 'You cannot post account comments above %1$s characters!';
$string['commentingIsDisabled'] = 'Commenting is currently disabled!';
$string['noWarnings'] = 'No warnings';
$string['messagingIsDisabled'] = 'Direct messages are currently disabled!';
$string['downloadLevelAsGMD'] = 'Save as .gmd';

3
dashboard/incl/lang/localeES.php
View File

@@ -432,6 +432,7 @@ $string['youAreBannedFromCommenting'] = '¡Estás baneado de los comentarios!';
$string['cantPostAccountCommentsAboveChars'] = '¡No puedes subir comentarios con más de %1$s letras!';
$string['commentingIsDisabled'] = '¡Los comentarios están deshabilitados actualmente!';
$string['noWarnings'] = '¡Sin advertencias!';
$string['messagingIsDisabled'] = 'Direct messages are currently disabled!';
$string['downloadLevelAsGMD'] = 'Guardar como .gmd';
@@ -642,4 +643,4 @@ $string["noPermission"] = "Permisos insuficientes";
$string["noLogin?"] = "No has iniciado sesión en tu cuenta";
$string["LoginBtn"] = "Inicia sesión en tu cuenta";
$string["dashboard"] = "Volver al panel";
$string["userID"] = 'ID del usuario';
$string["userID"] = 'ID del usuario';

1
dashboard/incl/lang/localeFR.php
View File

@@ -434,6 +434,7 @@ $string['youAreBannedFromCommenting'] = 'Vous êtes interdit de publier de nouve
$string['cantPostAccountCommentsAboveChars'] = 'Vous ne pouvez pas publier de posts de plus de %1$s charactères !';
$string['commentingIsDisabled'] = 'La publication de commentaires est actuellement désactivée !';
$string['noWarnings'] = 'Pas d\'avertissements';
$string['messagingIsDisabled'] = 'Direct messages are currently disabled!';
$string['downloadLevelAsGMD'] = 'Enregistrer en .gmd';

1
dashboard/incl/lang/localeID.php
View File

@@ -432,6 +432,7 @@ $string['youAreBannedFromCommenting'] = 'Kamu dilarang berkomentar!';
$string['cantPostAccountCommentsAboveChars'] = 'Kamu tidak bisa memposting komentar akun di atas %1$s huruf!';
$string['commentingIsDisabled'] = 'Berkomentar sedang dinonaktifkan!';
$string['noWarnings'] = 'Tidak ada peringatan';
$string['messagingIsDisabled'] = 'Direct messages are currently disabled!';
$string['downloadLevelAsGMD'] = 'Simpan sebagai .gmd';

1
dashboard/incl/lang/localeIT.php
View File

@@ -434,6 +434,7 @@ $string['youAreBannedFromCommenting'] = 'You are banned from commenting!';
$string['cantPostAccountCommentsAboveChars'] = 'You cannot post account comments above %1$s characters!';
$string['commentingIsDisabled'] = 'Commenting is currently disabled!';
$string['noWarnings'] = 'No warnings';
$string['messagingIsDisabled'] = 'Direct messages are currently disabled!';
$string['downloadLevelAsGMD'] = 'Save as .gmd';

1
dashboard/incl/lang/localePL.php
View File

@@ -431,6 +431,7 @@ $string['youAreBannedFromCommenting'] = 'You are banned from commenting!';
$string['cantPostAccountCommentsAboveChars'] = 'You cannot post account comments above %1$s characters!';
$string['commentingIsDisabled'] = 'Commenting is currently disabled!';
$string['noWarnings'] = 'No warnings';
$string['messagingIsDisabled'] = 'Direct messages are currently disabled!';
$string['downloadLevelAsGMD'] = 'Save as .gmd';

1
dashboard/incl/lang/localePT.php
View File

@@ -432,6 +432,7 @@ $string['youAreBannedFromCommenting'] = 'You are banned from commenting!';
$string['cantPostAccountCommentsAboveChars'] = 'You cannot post account comments above %1$s characters!';
$string['commentingIsDisabled'] = 'Commenting is currently disabled!';
$string['noWarnings'] = 'No warnings';
$string['messagingIsDisabled'] = 'Direct messages are currently disabled!';
$string['downloadLevelAsGMD'] = 'Save as .gmd';

1
dashboard/incl/lang/localeRU.php
View File

@@ -432,6 +432,7 @@ $string['youAreBannedFromCommenting'] = 'Вам запрещено коммен
$string['cantPostAccountCommentsAboveChars'] = 'Вы не можете публиковать посты свыше %1$s символов!';
$string['commentingIsDisabled'] = 'Комментирование на данный момент отключено!';
$string['noWarnings'] = 'Предупреждений нет';
$string['messagingIsDisabled'] = 'Личные сообщения на данный момент отключены!';
$string['downloadLevelAsGMD'] = 'Сохранить как .gmd';

1
dashboard/incl/lang/localeTR.php
View File

@@ -432,6 +432,7 @@ $string['youAreBannedFromCommenting'] = 'You are banned from commenting!';
$string['cantPostAccountCommentsAboveChars'] = 'You cannot post account comments above %1$s characters!';
$string['commentingIsDisabled'] = 'Commenting is currently disabled!';
$string['noWarnings'] = 'No warnings';
$string['messagingIsDisabled'] = 'Direct messages are currently disabled!';
$string['downloadLevelAsGMD'] = 'Save as .gmd';

1
dashboard/incl/lang/localeUA.php
View File

@@ -433,6 +433,7 @@ $string['youAreBannedFromCommenting'] = 'Вам запрещено коммен
$string['cantPostAccountCommentsAboveChars'] = 'Вы не можете публиковать посты свыше %1$s символов!';
$string['commentingIsDisabled'] = 'Комментирование на данный момент отключено!';
$string['noWarnings'] = 'Предупреждений нет';
$string['messagingIsDisabled'] = 'Личные сообщения на данный момент отключены!';
$string['downloadLevelAsGMD'] = 'Сохранить как .gmd';

1
dashboard/incl/lang/localeVI.php
View File

@@ -439,6 +439,7 @@ $string['youAreBannedFromCommenting'] = 'Bạn đã bị cấm bình luận!';
$string['cantPostAccountCommentsAboveChars'] = 'Bạn không thể đăng bình luận có độ dài trên %1$s ký tự!';
$string['commentingIsDisabled'] = 'Hiện tại, chức năng bình luận đã bị tắt!';
$string['noWarnings'] = 'Không có cảnh báo';
$string['messagingIsDisabled'] = 'Direct messages are currently disabled!';
$string['downloadLevelAsGMD'] = 'Lưu dưới dạng .gmd';
$string['songIsAvailable'] = 'Có sẵn';

3
dashboard/install.php
View File

@@ -309,6 +309,9 @@ if(!$installed) {
if(!empty($exist)) $db->query("ALTER TABLE `vaultcodes` DROP `type`");
$db->query("ALTER TABLE `vaultcodes` DROP `reward`");
}
$check = $db->query("SHOW COLUMNS FROM `messages` LIKE 'readTime'");
$exist = $check->fetchAll();
if(empty($exist)) $db->query("ALTER TABLE `messages` ADD `readTime` INT NOT NULL DEFAULT '0' AFTER `isNew`");
$lines = file($dbPath.'config/dashboard.php');
$first_line = $lines[2];
$lines = array_slice($lines, 1 + 2);

21
dashboard/levels/manageLevel.php
View File

@@ -1,13 +1,14 @@
<?php
session_start();
require "../incl/dashboardLib.php";
require "../".$dbPath."incl/lib/Captcha.php";
require "../".$dbPath."incl/lib/connection.php";
$dl = new dashboardLib();
require "../".$dbPath."config/misc.php";
require_once "../".$dbPath."incl/lib/mainLib.php";
require_once "../".$dbPath."incl/lib/exploitPatch.php";
require_once "../".$dbPath."incl/lib/Captcha.php";
require_once "../".$dbPath."incl/lib/cron.php";
$dl = new dashboardLib();
$gs = new mainLib();
require "../".$dbPath."incl/lib/connection.php";
require "../".$dbPath."incl/lib/exploitPatch.php";
$dl->title($dl->getLocalizedString("manageLevel"));
$dl->printFooter('../');
$manageLevelCheck = $gs->checkPermission($_SESSION["accountID"], "dashboardManageLevels");
@@ -37,6 +38,11 @@ if(isset($_GET['deleteLevel'])) {
$query->execute([':levelID' => $levelID]);
$query = $db->prepare("INSERT INTO modactions (type, value, value2, value3, timestamp, account) VALUES ('6', :value, :value2, :levelID, :timestamp, :id)");
$query->execute([':value' => "1", ":value2" => $level['levelName'], ':timestamp' => time(), ':id' => $_SESSION['accountID'], ':levelID' => $levelID]);
if($automaticCron) {
Cron::autoban($_SESSION['accountID'], false);
Cron::updateCreatorPoints($_SESSION['accountID'], false);
Cron::updateSongsUsage($_SESSION['accountID'], false);
}
$dl->printSong('<div class="form">
<h1>'.$dl->getLocalizedString("manageLevel").'</h1>
<form class="form__inner" method="post" action="">
@@ -121,7 +127,7 @@ if(!empty($_POST["levelName"]) && !empty($_POST["levelAuthor"])) {
}
if($starFeatured != $level['starFeatured']) {
$query = $db->prepare("INSERT INTO modactions (type, value, value3, timestamp, account) VALUES ('2', :value, :levelID, :timestamp, :id)");
$query->execute([':value' => 1, ':timestamp' => time(), ':id' => $_SESSION['accountID'], ':levelID' => $levelID]);
$query->execute([':value' => 1, ':timestamp' => time(), ':id' => $_SESSION['accountID'], ':levelID' => $levelID]);
}
if($starEpic != $level['starEpic']) {
$query = $db->prepare("INSERT INTO modactions (type, value, value3, timestamp, account) VALUES ('4', :value, :levelID, :timestamp, :id)");
@@ -154,6 +160,11 @@ if(!empty($_POST["levelName"]) && !empty($_POST["levelAuthor"])) {
$updateLevel = $db->prepare("UPDATE levels SET levelName = :levelName, extID = :extID, userID = :userID, levelDesc = :levelDesc, starStars = :stars, starFeatured = :starFeatured, starEpic = :starEpic, songID = :songID, password = :password, starCoins = :starCoins, unlisted = :unlisted, unlisted2 = :unlisted, updateLocked = :updateLocked, commentLocked = :commentLocked WHERE levelID = :levelID");
$updateLevel->execute([':levelName' => $newLevelName, ':extID' => $newLevelAuthor, ':userID' => $gs->getUserID($newLevelAuthor), ':levelDesc' => $newLevelDesc, ':stars' => $newStars, ':starFeatured' => $starFeatured, ':starEpic' => $starEpic, ':songID' => $newSongID, ':password' => $newPassword, ':starCoins' => $newVerifyCoins, ':unlisted' => $newUnlisted, ':updateLocked' => $newLockUpdating, ':commentLocked' => $newLockCommenting, ':levelID' => $levelID]);
if($newStars != $level['starStars']) $gs->sendRateWebhook($_SESSION['accountID'], $levelID);
if($automaticCron) {
Cron::autoban($_SESSION['accountID'], false);
Cron::updateCreatorPoints($_SESSION['accountID'], false);
Cron::updateSongsUsage($_SESSION['accountID'], false);
}
$gs->sendLogsLevelChangeWebhook($levelID, $_SESSION['accountID'], $level);
$dl->printSong('<div class="form">
<h1>'.$dl->getLocalizedString("manageLevel").'</h1>

13
dashboard/levels/shareCP.php
View File

@@ -1,14 +1,14 @@
<?php
session_start();
require "../incl/dashboardLib.php";
require "../".$dbPath."incl/lib/Captcha.php";
require "../".$dbPath."incl/lib/connection.php";
$dl = new dashboardLib();
require "../".$dbPath."config/misc.php";
require_once "../".$dbPath."incl/lib/Captcha.php";
require_once "../".$dbPath."incl/lib/mainLib.php";
require_once "../".$dbPath."incl/lib/exploitPatch.php";
require_once "../".$dbPath."incl/lib/cron.php";
$dl = new dashboardLib();
$gs = new mainLib();
require "../".$dbPath."incl/lib/connection.php";
require "../".$dbPath."incl/lib/exploitPatch.php";
$ep = new exploitPatch();
$dl->printFooter('../');
$dl->title($dl->getLocalizedString("shareCPTitle"));
if($gs->checkPermission($_SESSION["accountID"], "commandSharecpAll")){
@@ -68,7 +68,7 @@ if(!empty($_POST["username"]) AND !empty($_POST["level"])) {
$accountID = $_SESSION["accountID"];
$query = $db->prepare("INSERT INTO cpshares (levelID, userID) VALUES (:level, :user)");
$query->execute([':level' => $level, ':user' => $userID]);
$query = $db->prepare("UPDATE levels SET isCPShared=1 WHERE levelID=:level");
$query = $db->prepare("UPDATE levels SET isCPShared = 1 WHERE levelID = :level");
$query->execute([':level' => $level]);
$username = $gs->getAccountName($userID);
$query = $db->prepare("INSERT INTO modactions (type, value, timestamp, account, value3) VALUES ('11',:value,:timestamp,:account,:level)");
@@ -78,6 +78,7 @@ if(!empty($_POST["username"]) AND !empty($_POST["level"])) {
$res = $query->fetch();
$level = $res["levelName"];
$success = sprintf($dl->getLocalizedString("shareCPSuccessNew"), $level, $username);
if($automaticCron) Cron::updateCreatorPoints($_SESSION['accountID'], false);
$dl->printSong('<div class="form">
<h1>'.$dl->getLocalizedString("shareCPTitle").'</h1>
<form class="form__inner" method="post" action="">

9
dashboard/login/login.php
View File

@@ -4,12 +4,12 @@ require "../incl/dashboardLib.php";
require "../".$dbPath."incl/lib/connection.php";
require "../".$dbPath."config/security.php";
require "../".$dbPath."config/mail.php";
$dl = new dashboardLib();
require "../".$dbPath."incl/lib/generatePass.php";
require "../".$dbPath."incl/lib/exploitPatch.php";
require_once "../".$dbPath."incl/lib/generatePass.php";
require_once "../".$dbPath."incl/lib/exploitPatch.php";
require_once "../".$dbPath."incl/lib/mainLib.php";
require_once "../".$dbPath."incl/lib/Captcha.php";
$dl = new dashboardLib();
$gs = new mainLib();
require "../".$dbPath."incl/lib/Captcha.php";
if(isset($_SESSION["accountID"]) && $_SESSION["accountID"] != 0) header('Location: ../');
if(isset($_POST["resendMailUserName"]) && isset($_POST["resendMailEmail"]) && $mailEnabled) {
$dl->title($dl->getLocalizedString("resendMailTitle"));
@@ -86,6 +86,7 @@ if(isset($_POST["userName"]) && isset($_POST["password"])) {
}
$accountID = $gs->getAccountIDFromName($userName);
$_SESSION["accountID"] = $accountID;
$gs->logAction($accountID, 2);
$query = $db->prepare("SELECT auth FROM accounts WHERE accountID = :id");
$query->execute([':id' => $accountID]);
$auth = $query->fetch();

47
dashboard/messenger/index.php
View File

@@ -2,14 +2,14 @@
session_start();
require "../incl/dashboardLib.php";
require "../".$dbPath."incl/lib/connection.php";
$dl = new dashboardLib();
require "../".$dbPath."config/dashboard.php";
require_once "../incl/XOR.php";
require_once "../".$dbPath."incl/lib/mainLib.php";
require_once "../".$dbPath."incl/lib/automod.php";
require_once "../".$dbPath."incl/lib/exploitPatch.php";
$dl = new dashboardLib();
$gs = new mainLib();
require "../".$dbPath."incl/lib/exploitPatch.php";
require "../incl/XOR.php";
$xor = new XORCipher();
global $msgEnabled;
$dl->printFooter('../');
if(!isset($_POST["receiver"])) {
$getID = str_replace('%20', ' ', explode("/", $_GET["id"])[count(explode("/", $_GET["id"]))-1]);
@@ -57,7 +57,7 @@ if($msgEnabled == 0) {
</form>
</div>', 'msg'));
}
if(!isset($_SESSION["accountID"]) OR $_SESSION["accountID"] == 0) {
if(!isset($_SESSION["accountID"]) || $_SESSION["accountID"] == 0) {
$dl->title($dl->getLocalizedString("messenger"));
exit($dl->printSong('<div class="form">
<h1>'.$dl->getLocalizedString("errorGeneric").'</h1>
@@ -82,7 +82,7 @@ if($_POST['receiver'] != 0 && ExploitPatch::number($_POST['receiver']) != $_SESS
$subject = ExploitPatch::url_base64_encode(trim(ExploitPatch::rucharclean($_POST["subject"])));
$body = ExploitPatch::rucharclean($_POST["body"]);
if(Automod::isAccountsDisabled(3)) {
$alertScript = 'Messaging is disabled!';
$alertScript = $dl->getLocalizedString('messagingIsDisabled');
$subject = $body = "";
}
if(is_numeric(mb_substr($body, -3)) && !is_numeric(mb_substr($body, -4))) $body .= ' ';
@@ -111,31 +111,45 @@ if($_POST['receiver'] != 0 && ExploitPatch::number($_POST['receiver']) != $_SESS
$query->execute([':userID' => $gs->getUserID($_SESSION['accountID']), ':userName' => $gs->getAccountName($_SESSION['accountID']), ':body' => $body, ':subject' => $subject, ':accountID' => $_SESSION['accountID'], ':receiver' => $receiver, 'time' => time()]);
}
}
if($_POST['deleteMessage']) {
$deleteMessageID = ExploitPatch::number($_POST['deleteMessage']);
$messageCheck = $db->prepare("SELECT count(*) FROM messages WHERE toAccountID = :receiver AND accID = :accountID AND messageID = :messageID");
$messageCheck->execute([':receiver' => $receiver, ':accountID' => $_SESSION['accountID'], ':messageID' => $deleteMessageID]);
$messageCheck = $messageCheck->fetchColumn();
if($messageCheck) {
$deleteMessage = $db->prepare("DELETE FROM messages WHERE messageID = :messageID");
$deleteMessage->execute([':messageID' => $deleteMessageID]);
}
}
$query = $db->prepare("SELECT * FROM messages WHERE (accID = :accountID AND toAccountID = :receiver) OR (accID = :receiver AND toAccountID = :accountID) ORDER BY timestamp ASC");
$query->execute([':accountID' => $_SESSION['accountID'], ':receiver' => $receiver]);
$result = $query->fetchAll();
foreach($result AS &$messages) {
if($messages["accID"] == $_SESSION['accountID']) $div = 'you';
else $div = 'notyou';
$div = $messages["accID"] == $_SESSION['accountID'] ? 'you' : 'notyou';
$subject = htmlspecialchars(ExploitPatch::url_base64_decode($messages["subject"]));
$body = $dl->parseMessage(htmlspecialchars($xor->plaintext(ExploitPatch::url_base64_decode($messages["body"]), 14251)));
$receiverMessagesButton = '';
if($div == 'notyou') $receiverMessagesButton = '<button class="btn-circle" onclick="replyToMessage('.$messages['messageID'].')"><i class="fa-solid fa-reply"></i></button>';
$replyToMessageButton = $deleteMessageButton = $wasReadIcon = '';
if($div == 'notyou') $replyToMessageButton = '<button class="btn-circle" onclick="replyToMessage('.$messages['messageID'].')"><i class="fa-solid fa-reply"></i></button>';
else {
$deleteMessageButton = '<button class="btn-circle" onclick="deleteMessage('.$messages['messageID'].')"><i class="fa-solid fa-trash"></i></button>';
$wasReadIcon = ' <text>•</text> <i class="fa-solid fa-check'.($messages['readTime'] ? '-double" title="'.$dl->convertToDate($messages['readTime'], true) : '').'"></i>';
}
$chatMessages .= '<div class="message '.$div.'">
'.$deleteMessageButton.'
<div class="messenger'.$div.'">
<h2 id="messageSubject'.$messages['messageID'].'" class="subject'.$div.'">'.$subject.'</h2>
<h3 class="message'.$div.'">'.$body.'</h3>
<h3 id="comments" style="justify-content:flex-end">'.$dl->convertToDate($messages["timestamp"], true).'</h3>
<h3 class="comments" style="justify-content:flex-end">'.$dl->convertToDate($messages["timestamp"], true).$wasReadIcon.'</h3>
</div>
'.$receiverMessagesButton.'
'.$replyToMessageButton.'
</div>';
}
if(empty($chatMessages)) $chatMessages = '<div class="empty-section">
<i class="fa-solid fa-comment"></i>
<p>'.$dl->getLocalizedString('noMsgs').'</p>
</div>';
$readAllMessages = $db->prepare("UPDATE messages SET isNew = 1 WHERE accID = :receiver AND toAccountID = :accountID AND isNew = 0");
$readAllMessages->execute([':receiver' => $receiver, ':accountID' => $_SESSION['accountID']]);
$readAllMessages = $db->prepare("UPDATE messages SET isNew = 1, readTime = :readTime WHERE accID = :receiver AND toAccountID = :accountID AND readTime = 0");
$readAllMessages->execute([':receiver' => $receiver, ':accountID' => $_SESSION['accountID'], ':readTime' => time()]);
$chatBox = '<div class="messenger-username">
<button type="button" onclick="a(\'profile/'.$receiverUsername.'\', true, true, \'GET\')" class="goback" name="accountID" value="'.$receiver.'"><i class="fa-regular fa-user" aria-hidden="true"></i></button>
<h1>'.$receiverUsername.'</h1>
@@ -146,6 +160,7 @@ if($_POST['receiver'] != 0 && ExploitPatch::number($_POST['receiver']) != $_SESS
<div class="field"><input type="text" name="subject" id="chatSubject" placeholder="'.$dl->getLocalizedString("subject").'"></input></div>
<div class="field"><input type="text" name="body" id="chatBody" placeholder="'.$dl->getLocalizedString("msg").'"></input></div>
<input type="hidden" name="receiver" value="'.$receiver.'"></input>
<input type="hidden" id="deleteMessage" name="deleteMessage" value="0"></input>
<button type="button" onclick="a(\'messenger/'.$receiverUsername.'\', true, true, \'POST\')"; class="btn-primary btn-block" id="chatSubmit" disabled>'.$dl->getLocalizedString("send").'</button></form>';
$dl->title($dl->getLocalizedString("messenger").", ".$receiverUsername);
$pageScript .= PHP_EOL.'var element = document.getElementById("chatMessages");
@@ -175,6 +190,10 @@ if($_POST['receiver'] != 0 && ExploitPatch::number($_POST['receiver']) != $_SESS
document.getElementById("chatSubject").value = messageSubject;
document.getElementById("chatBody").focus();
}
function deleteMessage(messageID) {
document.getElementById("deleteMessage").value = messageID;
a("messenger/'.$receiverUsername.'", true, true, "POST");
}
'.(!empty($alertScript) ? 'alert("'.$alertScript.'");' : '').'';
}
$query = $db->prepare("SELECT * FROM messages, (SELECT max(messageID) messageIDs, (CASE WHEN accID = :accountID THEN toAccountID ELSE accID END) receiverID FROM messages WHERE accID = :accountID OR toAccountID = :accountID GROUP BY receiverID ORDER BY timestamp DESC) messageIDs WHERE messageID = messageIDs ORDER BY timestamp DESC");

5
dashboard/stats/manageSFX.php
View File

@@ -54,7 +54,10 @@ if(empty($result)) {
</div>', 'account');
die();
}
foreach($result as &$action) $songs .= $dl->generateSFXCard($action, '', false);
foreach($result as &$action) {
$whoused = '<p class="profilepic" style="display: inline-flex;justify-content: center;grid-gap: 7px;"><i class="fa-solid fa-gamepad"></i> '.$action['levelsCount'].'</p>';
$songs .= $dl->generateSFXCard($action, $whoused, false);
}
$pagel = '<div class="form new-form">
<h1 style="margin-bottom:5px">'.$dl->getLocalizedString("manageSFX").'</h1>
<div class="form-control new-form-control songs">

4
dashboard/stats/manageSongs.php
View File

@@ -63,9 +63,7 @@ foreach($result as &$action) {
$wholiked = $db->prepare("SELECT count(*) FROM favsongs WHERE songID = :id");
$wholiked->execute([':id' => $songsid]);
$wholiked = $wholiked->fetchColumn();
$whoused = $db->prepare("SELECT count(*) FROM levels WHERE songID = :id");
$whoused->execute([':id' => $songsid]);
$whoused = $whoused->fetchColumn();
$whoused = $action['levelsCount'];
$wholiked = '<p class="profilepic" style="display: inline-flex;justify-content: center;grid-gap: 7px;"><i class="fa-solid fa-heart"></i> '.$wholiked.'</p>';
$whoused = '<p class="profilepic" style="display: inline-flex;justify-content: center;grid-gap: 7px;"><i class="fa-solid fa-gamepad"></i> '.$whoused.'</p>';
$songs .= $dl->generateSongCard($action, $wholiked.$whoused, false);

7
incl/levels/deleteGJLevelUser.php
View File

@@ -1,9 +1,11 @@
<?php
chdir(dirname(__FILE__));
require "../lib/connection.php";
require "../../config/misc.php";
require_once "../lib/GJPCheck.php";
require_once "../lib/exploitPatch.php";
require_once "../lib/mainLib.php";
require_once "../lib/cron.php";
$gs = new mainLib();
$levelID = ExploitPatch::remove($_POST["levelID"]);
@@ -26,4 +28,9 @@ if(file_exists("../../data/levels/$levelID")) rename("../../data/levels/$levelID
echo "1";
$gs->logAction($accountID, 8, $getLevelData['levelName'], $getLevelData['levelDesc'], $getLevelData['extID'], $levelID, $getLevelData['starStars'], $getLevelData['starDifficulty']);
$gs->sendLogsLevelChangeWebhook($levelID, $accountID, $getLevelData);
if($automaticCron) {
Cron::autoban($accountID, false);
Cron::updateCreatorPoints($accountID, false);
Cron::updateSongsUsage($accountID, false);
}
?>

3
incl/levels/getGJDailyLevel.php
View File

@@ -1,10 +1,12 @@
<?php
chdir(dirname(__FILE__));
require "../lib/connection.php";
require "../../config/misc.php";
require_once "../lib/mainLib.php";
require_once "../lib/exploitPatch.php";
require_once "../lib/XORCipher.php";
require_once "../lib/generateHash.php";
require_once "../lib/cron.php";
$gs = new mainLib();
$gh = new generateHash();
$type = !empty($_POST["type"]) ? $_POST["type"] : (!empty($_POST["weekly"]) ? $_POST["weekly"] : 0);
@@ -35,6 +37,7 @@ if(!$daily['webhookSent']) {
$gs->sendDailyWebhook($daily['levelID'], $type);
$sent = $db->prepare('UPDATE '.$dailyTable.' SET webhookSent = 1 WHERE feaID = :feaID');
$sent->execute([':feaID' => $daily['feaID']]);
if($automaticCron) Cron::updateCreatorPoints($accountID, false);
}
$stringToAdd = '';
if($isEvent) {

10
incl/levels/suggestGJStars.php
View File

@@ -5,8 +5,6 @@ require_once "../lib/GJPCheck.php";
require_once "../lib/exploitPatch.php";
require_once "../lib/mainLib.php";
$gs = new mainLib();
$gjp2check = isset($_POST['gjp2']) ? $_POST['gjp2'] : $_POST['gjp'];
$gjp = ExploitPatch::remove($gjp2check);
$stars = ExploitPatch::remove($_POST["stars"]);
$feature = ExploitPatch::remove($_POST["feature"]);
$levelID = ExploitPatch::remove($_POST["levelID"]);
@@ -15,10 +13,10 @@ $difficulty = $gs->getDiffFromStars($stars);
if($gs->checkPermission($accountID, "actionRateStars")) {
$gs->featureLevel($accountID, $levelID, $feature);
$gs->verifyCoinsLevel($accountID, $levelID, 1);
$gs->rateLevel($accountID, $levelID, $stars, $difficulty["diff"], $difficulty["auto"], $difficulty["demon"], $feature);
echo 1;
$gs->rateLevel($accountID, $levelID, $stars, $difficulty["diff"], $difficulty["auto"], $difficulty["demon"]);
exit('1');
} elseif($gs->checkPermission($accountID, "actionSuggestRating")) {
$gs->suggestLevel($accountID, $levelID, $difficulty["diff"], $stars, $feature, $difficulty["auto"], $difficulty["demon"]);
echo 1;
} else echo -2;
exit('1');
} else exit('-2');
?>

5
incl/levels/uploadGJLevel.php
View File

@@ -2,10 +2,12 @@
//error_reporting(0);
chdir(dirname(__FILE__));
require "../lib/connection.php";
require "../../config/misc.php";
require_once "../lib/GJPCheck.php";
require_once "../lib/exploitPatch.php";
require_once "../lib/automod.php";
require_once "../lib/mainLib.php";
require_once "../lib/cron.php";
$gs = new mainLib();
if(Automod::isLevelsDisabled(0)) exit('-1');
//here im getting all the data
@@ -81,7 +83,6 @@ if($levelString != "" AND $levelName != "") {
if($level['updateLocked']) exit("-1");
$lvls = $querye->rowCount();
if($lvls == 1) {
require "../../config/misc.php";
$query = $db->prepare("SELECT * FROM levels WHERE levelID = :levelID");
$query->execute([":levelID"=> $levelID]);
$getLevelData = $query->fetch();
@@ -94,6 +95,7 @@ if($levelString != "" AND $levelName != "") {
$gs->logAction($id, 23, $levelName, $levelDesc, $levelID);
$gs->sendLogsLevelChangeWebhook($levelID, $id, $getLevelData);
Automod::checkLevelsCount();
if($automaticCron) Cron::updateSongsUsage($id, false);
} else {
$query->execute([':levelName' => $levelName, ':gameVersion' => $gameVersion, ':binaryVersion' => $binaryVersion, ':userName' => $userName, ':levelDesc' => $levelDesc, ':levelVersion' => $levelVersion, ':levelLength' => $levelLength, ':audioTrack' => $audioTrack, ':auto' => $auto, ':password' => $password, ':original' => $original, ':twoPlayer' => $twoPlayer, ':songID' => $songID, ':objects' => $objects, ':coins' => $coins, ':requestedStars' => $requestedStars, ':extraString' => $extraString, ':levelString' => "", ':levelInfo' => $levelInfo, ':secret' => $secret, ':uploadDate' => $uploadDate, ':userID' => $userID, ':id' => $id, ':unlisted' => $unlisted, ':hostname' => $hostname, ':ldm' => $ldm, ':wt' => $wt, ':wt2' => $wt2, ':unlisted2' => $unlisted2, ':settingsString' => $settingsString, ':songIDs' => $songIDs, ':sfxIDs' => $sfxIDs, ':ts' => $ts]);
$levelID = $db->lastInsertId();
@@ -102,6 +104,7 @@ if($levelString != "" AND $levelName != "") {
$gs->logAction($id, 22, $levelName, $levelDesc, $levelID);
$gs->sendLogsLevelChangeWebhook($levelID, $id);
Automod::checkLevelsCount();
if($automaticCron) Cron::updateSongsUsage($id, false);
}
} else {
exit('-1');

27
incl/lib/commands.php
View File

@@ -1,7 +1,7 @@
<?php
class Commands {
public static function ownCommand($command, $accountID, $targetExtID){
require_once "../lib/mainLib.php";
public static function ownCommand($command, $accountID, $targetExtID) {
require_once __DIR__."/mainLib.php";
$gs = new mainLib();
$commandInPerms = ucfirst(strtolower($command));
if($gs->checkPermission($accountID, "command".$commandInPerms."All") OR ($targetExtID == $accountID AND $gs->checkPermission($accountID, "command".$commandInPerms."Own"))) return true;
@@ -10,9 +10,11 @@ class Commands {
public static function doCommands($accountID, $comment, $levelID) {
if(!is_numeric($accountID) || !is_numeric($levelID) || substr($comment, 0, 1) != '!') return false;
if($levelID < 0) return self::doListCommands($accountID, $comment, $levelID);
require dirname(__FILE__)."/../lib/connection.php";
require_once "../lib/exploitPatch.php";
require_once "../lib/mainLib.php";
require __DIR__."/connection.php";
require __DIR__."/../../config/misc.php";
require_once __DIR__."/exploitPatch.php";
require_once __DIR__."/mainLib.php";
require_once __DIR__."/cron.php";
$gs = new mainLib();
$commentarray = explode(' ', $comment);
$uploadDate = time();
@@ -74,6 +76,7 @@ class Commands {
}
$gs->sendRateWebhook($accountID, $levelID);
$gs->sendLogsLevelChangeWebhook($levelID, $accountID, $getLevelData);
if($automaticCron) Cron::updateCreatorPoints($accountID, false);
return 'You successfully rated '.$gs->getLevelName($levelID).' as '.$diffic.', '.$starStars.' star'.($starStars == 1 ? '' : 's').'!';
break;
case '!unr':
@@ -86,6 +89,7 @@ class Commands {
$levelDiff = $gs->getLevelDiff($levelID);
$gs->sendRateWebhook($accountID, $levelID);
$gs->sendLogsLevelChangeWebhook($levelID, $accountID, $getLevelData);
if($automaticCron) Cron::updateCreatorPoints($accountID, false);
return 'You successfully unrated '.$gs->getLevelName($levelID).'!';
break;
case '!f':
@@ -148,6 +152,7 @@ class Commands {
$query->execute([':levelID' => $levelID, ':starFeatured' => $starFeatured]);
$query = $db->prepare("INSERT INTO modactions (type, value, value3, timestamp, account) VALUES ('".($column == 'starEpic' ? 4 : 2)."', :value, :levelID, :timestamp, :id)");
$query->execute([':value' => ($column == 'starEpic' ? $starArray[$commentarray[0]] - 1 : $starArray[$commentarray[0]]), ':timestamp' => $uploadDate, ':id' => $accountID, ':levelID' => $levelID]);
if($automaticCron) Cron::updateCreatorPoints($accountID, false);
return $returnText;
break;
case '!vc':
@@ -209,7 +214,7 @@ class Commands {
$query->execute([':levelID' => $levelID]);
$query = $db->prepare("INSERT INTO modactions (type, value, value2, value3, timestamp, account) VALUES ('6', :value, :value2, :levelID, :timestamp, :id)");
$query->execute([':value' => "1", ":value2" => $levelName, ':timestamp' => $uploadDate, ':id' => $accountID, ':levelID' => $levelID]);
if(file_exists(dirname(__FILE__)."../../data/levels/$levelID")) rename(dirname(__FILE__)."../../data/levels/$levelID", dirname(__FILE__)."../../data/levels/deleted/$levelID");
if(file_exists(__DIR__."../../data/levels/$levelID")) rename(__DIR__."../../data/levels/$levelID", __DIR__."../../data/levels/deleted/$levelID");
$gs->sendLogsLevelChangeWebhook($levelID, $accountID, $getLevelData);
return 'You successfully deleted '.$levelName.'!';
break;
@@ -263,6 +268,7 @@ class Commands {
$query = $db->prepare("INSERT INTO modactions (type, value, value3, timestamp, account) VALUES ('7', :value, :levelID, :timestamp, :id)");
$query->execute([':value' => $targetUserName, ':timestamp' => $uploadDate, ':id' => $accountID, ':levelID' => $levelID]);
$gs->sendLogsLevelChangeWebhook($levelID, $accountID, $getLevelData);
if($automaticCron) Cron::updateCreatorPoints($accountID, false);
return 'You successfully set '.$gs->getAccountName($targetAcc).' as creator of '.$gs->getLevelName($levelID).'!';
break;
case '!lockUpdating':
@@ -325,6 +331,7 @@ class Commands {
$query = $db->prepare("INSERT INTO modactions (type, value, timestamp, account, value3) VALUES ('16', :value, :timestamp, :id, :levelID)");
$query->execute([':value' => $song, ':timestamp' => $uploadDate, ':id' => $accountID, ':levelID' => $levelID]);
$gs->sendLogsLevelChangeWebhook($levelID, $accountID, $getLevelData);
if($automaticCron) Cron::updateSongsUsage($accountID, false);
return 'You successfully changed song of level '.$gs->getLevelName($levelID).' to '.$songInfo['authorName'].' - '.$songInfo['name'].' ('.$songInfo['ID'].')!';
}
}
@@ -371,6 +378,7 @@ class Commands {
$query->execute([':levelID' => $levelID]);
$query = $db->prepare("INSERT INTO modactions (type, value, value3, timestamp, account) VALUES ('11', :value, :levelID, :timestamp, :id)");
$query->execute([':value' => ExploitPatch::charclean($commentarray[1]), ':timestamp' => $uploadDate, ':id' => $accountID, ':levelID' => $levelID]);
if($automaticCron) Cron::updateCreatorPoints($accountID, false);
return 'You successfully shared Creator Points of level '.$gs->getLevelName($levelID).' with '.ExploitPatch::charclean($commentarray[1]).'!';
}
break;
@@ -420,6 +428,7 @@ class Commands {
$query->execute([':levelID' => $levelID, ':timestamp' => time(), ':duration' => $duration, ':rewards' => $rewards]);
$query = $db->prepare("INSERT INTO modactions (type, value, value2, value3, timestamp, account) VALUES ('44', :value, :value2, :levelID, :timestamp, :id)");
$query->execute([':value' => $duration, ':value2' => $rewards, ':timestamp' => $uploadDate, ':id' => $accountID, ':levelID' => $levelID]);
if($automaticCron) Cron::updateCreatorPoints($accountID, false);
return 'You successfully made '.$gs->getLevelName($levelID).' event level!';
}
return false;
@@ -427,9 +436,9 @@ class Commands {
public static function doListCommands($accountID, $command, $listID) {
if(substr($command,0,1) != '!') return false;
$listID = $listID * -1;
require dirname(__FILE__)."/../lib/connection.php";
require_once "../lib/exploitPatch.php";
require_once "../lib/mainLib.php";
require __DIR__."/connection.php";
require_once __DIR__."/exploitPatch.php";
require_once __DIR__."/mainLib.php";
$gs = new mainLib();
$carray = explode(' ', $command);
$getList = $db->prepare('SELECT * FROM lists WHERE listID = :listID');

328
incl/lib/cron.php Normal file
View File

@@ -0,0 +1,328 @@
<?php
class Cron {
public static function autoban($accountID, $checkForTime) {
require __DIR__."/connection.php";
require_once __DIR__."/mainLib.php";
$gs = new mainLib();
if($checkForTime) {
$check = $db->prepare("SELECT count(*) FROM actions WHERE type = 39 AND timestamp >= :timestamp");
$check->execute([':timestamp' => time() - 30]);
$check = $check->fetchColumn();
if($check) return false;
}
$query = $db->prepare("SELECT
10 + IFNULL(FLOOR(coins.coins * 1.25) + (coins1.coins), 0) as coins,
3 + IFNULL(FLOOR(levels.demons * 1.0625) + (demons.demons), 0) as demons,
212 + FLOOR((IFNULL(levels.stars, 0) + IFNULL(gauntlets.stars, 0) + IFNULL(mappacks.stars, 0)) + IFNULL(stars.stars, 0) * 1.25) as stars,
25 + IFNULL(moons.moons, 0) as moons
FROM
(SELECT SUM(coins) as coins FROM levels WHERE starCoins <> 0) coins
JOIN
(SELECT SUM(starDemon) as demons, SUM(starStars) as stars FROM levels) levels
JOIN
(SELECT SUM(starStars) as stars FROM dailyfeatures
INNER JOIN levels on levels.levelID = dailyfeatures.levelID) stars
JOIN
(SELECT SUM(starCoins) as coins FROM dailyfeatures
INNER JOIN levels on levels.levelID = dailyfeatures.levelID) coins1
JOIN
(SELECT SUM(starDemon) as demons FROM dailyfeatures
INNER JOIN levels on levels.levelID = dailyfeatures.levelID) demons
JOIN
(
SELECT (level1.stars + level2.stars + level3.stars + level4.stars + level5.stars) as stars FROM
(SELECT SUM(starStars) as stars FROM gauntlets
INNER JOIN levels on levels.levelID = gauntlets.level1) level1
JOIN
(SELECT SUM(starStars) as stars FROM gauntlets
INNER JOIN levels on levels.levelID = gauntlets.level2) level2
JOIN
(SELECT SUM(starStars) as stars FROM gauntlets
INNER JOIN levels on levels.levelID = gauntlets.level3) level3
JOIN
(SELECT SUM(starStars) as stars FROM gauntlets
INNER JOIN levels on levels.levelID = gauntlets.level4) level4
JOIN
(SELECT SUM(starStars) as stars FROM gauntlets
INNER JOIN levels on levels.levelID = gauntlets.level5) level5
) gauntlets
JOIN
(SELECT SUM(stars) as stars FROM mappacks) mappacks
JOIN
(SELECT SUM(starStars) as moons FROM levels WHERE levelLength = 5) moons
");
$query->execute();
$levelstuff = $query->fetch();
$stars = $levelstuff['stars'];
$coins = $levelstuff['coins'];
$demons = $levelstuff['demons'];
$moons = $levelstuff['moons'];
$query = $db->prepare("SELECT userID FROM users WHERE stars > :stars OR demons > :demons OR userCoins > :coins OR moons > :moons OR stars < 0 OR demons < 0 OR coins < 0 OR userCoins < 0 OR diamonds < 0 OR moons < 0");
$query->execute([':stars' => $stars, ':demons' => $demons, ':coins' => $coins, ':moons' => $moons]);
$query = $query->fetchAll();
foreach($query AS &$ban) {
$getUser = $db->prepare('SELECT stars, demons, userCoins, moons FROM users WHERE userID = :userID');
$getUser->execute([':userID' => $ban['userID']]);
$getUser = $getUser->fetch();
$maxText = 'MAX: ⭐'.$stars.' • 🌙'.$moons.' • 👿'.$demons.' • 🪙'.$coins.' | USER: ⭐'.$getUser['stars'].' • 🌙'.$getUser['moons'].' • 👿'.$getUser['demons'].' • 🪙'.$getUser['userCoins'];
$gs->banPerson(0, $ban['userID'], $maxText, 0, 1, 2147483647);
}
$gs->logAction($accountID, 39, $stars, $coins, $demons, $moons, count($query));
return true;
}
public static function updateCreatorPoints($accountID, $checkForTime) {
require __DIR__."/connection.php";
require_once __DIR__."/mainLib.php";
$gs = new mainLib();
if($checkForTime) {
$check = $db->prepare("SELECT count(*) FROM actions WHERE type = 40 AND timestamp >= :timestamp");
$check->execute([':timestamp' => time() - 30]);
$check = $check->fetchColumn();
if($check) return false;
}
$people = [];
/*
Creator Points for rated levels
*/
$query = $db->prepare("UPDATE users
LEFT JOIN
(
SELECT usersTable.userID, (IFNULL(starredTable.starred, 0) + IFNULL(featuredTable.featured, 0) + (IFNULL(epicTable.epic,0))) as CP FROM (
SELECT userID FROM users
) AS usersTable
LEFT JOIN
(
SELECT count(*) as starred, userID FROM levels WHERE starStars != 0 AND isCPShared = 0 GROUP BY(userID)
) AS starredTable ON usersTable.userID = starredTable.userID
LEFT JOIN
(
SELECT count(*) as featured, userID FROM levels WHERE starFeatured != 0 AND isCPShared = 0 GROUP BY(userID)
) AS featuredTable ON usersTable.userID = featuredTable.userID
LEFT JOIN
(
SELECT starEpic as epic, userID FROM levels WHERE starEpic != 0 AND isCPShared = 0 GROUP BY(userID)
) AS epicTable ON usersTable.userID = epicTable.userID
) calculated
ON users.userID = calculated.userID
SET users.creatorPoints = IFNULL(calculated.CP, 0)");
$query->execute();
/*
Creator Points sharing
*/
$query = $db->prepare("SELECT levelID, userID, starStars, starFeatured, starEpic FROM levels WHERE isCPShared != 0");
$query->execute();
$result = $query->fetchAll();
foreach($result AS &$level) {
$deservedcp = 0;
if($level["starStars"] != 0) $deservedcp++;
if($level["starFeatured"] != 0) $deservedcp++;
if($level["starEpic"] != 0) $deservedcp += $level["starEpic"];
$query = $db->prepare("SELECT userID FROM cpshares WHERE levelID = :levelID");
$query->execute([':levelID' => $level["levelID"]]);
$sharecount = $query->rowCount() + 1;
$addcp = $deservedcp / $sharecount;
$shares = $query->fetchAll();
foreach($shares as &$share) $people[$share["userID"]] += $addcp;
$people[$level["userID"]] += $addcp;
}
/*
Creator Points for levels in Map Packs
*/
$query = $db->prepare("SELECT levels FROM mappacks");
$query->execute();
$result = $query->fetchAll();
foreach($result AS &$pack) {
$query = $db->prepare("SELECT userID FROM levels WHERE levelID IN (".$pack['levels'].")");
$query->execute();
$levels = $query->fetch();
foreach($levels AS &$level) $people[$level["userID"]] += 1;
}
/*
Creator Points for levels in Gauntlets
*/
$query = $db->prepare("SELECT level1, level2, level3, level4, level5 FROM gauntlets");
$query->execute();
$result = $query->fetchAll();
foreach($result AS &$gauntlet) {
for($x = 1; $x < 6; $x++) {
$query = $db->prepare("SELECT userID FROM levels WHERE levelID = :levelID");
$query->execute([':levelID' => $gauntlet["level".$x]]);
$result = $query->fetch();
if($result) $people[$result["userID"]] += 1;
}
}
/*
Creator Points for Daily/Weekly levels
*/
$query = $db->prepare("SELECT levelID FROM dailyfeatures WHERE timestamp < :time");
$query->execute([':time' => time()]);
$result = $query->fetchAll();
foreach($result AS &$daily) {
$query = $db->prepare("SELECT userID, levelID FROM levels WHERE levelID = :levelID");
$query->execute([':levelID' => $daily["levelID"]]);
$result = $query->fetch();
if($result) $people[$result["userID"]] += 1;
}
/*
Creator Points for Event levels
*/
$query = $db->prepare("SELECT levelID FROM events WHERE timestamp < :time");
$query->execute([':time' => time()]);
$result = $query->fetchAll();
foreach($result AS &$event) {
$query = $db->prepare("SELECT userID, levelID FROM levels WHERE levelID = :levelID");
$query->execute([':levelID' => $event["levelID"]]);
$result = $query->fetch();
if($result) $people[$result["userID"]] += 1;
}
/*
Done
*/
foreach($people AS $user => $cp) {
$query4 = $db->prepare("UPDATE users SET creatorPoints = (creatorpoints + :creatorpoints) WHERE userID = :userID");
$query4->execute([':userID' => $user, ':creatorpoints' => $cp]);
}
$gs->logAction($accountID, 40);
return true;
}
public static function fixUsernames($accountID, $checkForTime) {
require __DIR__."/connection.php";
require_once __DIR__."/mainLib.php";
$gs = new mainLib();
if($checkForTime) {
$check = $db->prepare("SELECT count(*) FROM actions WHERE type = 41 AND timestamp >= :timestamp");
$check->execute([':timestamp' => time() - 30]);
$check = $check->fetchColumn();
if($check) return false;
}
$query = $db->prepare("UPDATE users
INNER JOIN accounts ON accounts.accountID = users.extID
SET users.userName = accounts.userName
WHERE users.extID REGEXP '^-?[0-9]+$'
AND LENGTH(accounts.userName) <= 69");
$query->execute();
$gs->logAction($accountID, 41);
return true;
}
public static function updateFriendsCount($accountID, $checkForTime) {
require __DIR__."/connection.php";
require_once __DIR__."/mainLib.php";
$gs = new mainLib();
if($checkForTime) {
$check = $db->prepare("SELECT count(*) FROM actions WHERE type = 42 AND timestamp >= :timestamp");
$check->execute([':timestamp' => time() - 30]);
$check = $check->fetchColumn();
if($check) return false;
}
$query = $db->prepare("UPDATE accounts
LEFT JOIN
(
SELECT a.person, (IFNULL(a.friends, 0) + IFNULL(b.friends, 0)) AS friends FROM (
SELECT count(*) as friends, person1 AS person FROM friendships GROUP BY(person1)
) AS a
JOIN
(
SELECT count(*) as friends, person2 AS person FROM friendships GROUP BY(person2)
) AS b ON a.person = b.person
) calculated
ON accounts.accountID = calculated.person
SET accounts.friendsCount = IFNULL(calculated.friends, 0)");
$query->execute();
$gs->logAction($accountID, 42);
return true;
}
public static function miscFixes($accountID, $checkForTime) {
require __DIR__."/connection.php";
require_once __DIR__."/mainLib.php";
$gs = new mainLib();
if($checkForTime) {
$check = $db->prepare("SELECT count(*) FROM actions WHERE type = 43 AND timestamp >= :timestamp");
$check->execute([':timestamp' => time() - 30]);
$check = $check->fetchColumn();
if($check) return false;
}
/*
Unbanning everyone who has expired ban
*/
$bans = $db->prepare('UPDATE bans SET isActive = 0 WHERE expires < :time');
$bans->execute([':time' => time()]);
/*
Unbanning IPs
*/
$getIPBans = $db->prepare("SELECT person FROM bans WHERE personType = 2 AND banType = 4 AND isActive = 0");
$getIPBans->execute();
$getIPBans = $getIPBans->fetchAll();
$IPBans = [];
foreach($getIPBans AS &$ban) {
$IPBans[] = $gs->IPForBan($ban['person'], true);
}
$bannedIPsString = implode("|", $IPBans);
$unbanIPs = $db->prepare('DELETE FROM bannedips WHERE IP REGEXP "'.$bannedIPsString.'"');
$unbanIPs->execute();
$gs->logAction($accountID, 43);
return true;
}
public static function updateSongsUsage($accountID, $checkForTime) {
require __DIR__."/connection.php";
require_once __DIR__."/mainLib.php";
$gs = new mainLib();
if($checkForTime) {
$check = $db->prepare("SELECT count(*) FROM actions WHERE type = 44 AND timestamp >= :timestamp");
$check->execute([':timestamp' => time() - 30]);
$check = $check->fetchColumn();
if($check) return false;
}
$query = $db->prepare("SELECT songID, songIDs, sfxIDs FROM levels");
$query->execute();
$levels = $query->fetchAll();
$songsUsage = $sfxsUsage = [];
/*
Count songs and SFXs usage
*/
$songsLibrary = json_decode(file_get_contents(__DIR__.'/../../music/ids.json'), true) ?: [];
$sfxsLibrary = json_decode(file_get_contents(__DIR__.'/../../sfx/ids.json'), true) ?: [];
foreach($levels AS &$level) {
$mainSong = $gs->getSongInfo($level['songID'], "*", $songsLibrary);
if($mainSong && $mainSong['isLocalSong']) $songsUsage[$mainSong['ID']]++;
$extraSongs = explode(',', $level['songIDs']);
foreach($extraSongs AS &$song) {
if(empty($song)) continue;
$extraSong = $gs->getSongInfo($song, "*", $songsLibrary);
if($extraSong && $extraSong['isLocalSong']) $songsUsage[$extraSong['ID']]++;
}
$extraSFXs = explode(',', $level['sfxIDs']);
foreach($extraSFXs AS &$sfx) {
if(empty($sfx)) continue;
$extraSFX = $gs->getLibrarySongInfo($sfx, 'sfx', $sfxsLibrary);
if($extraSFX && $extraSFX['isLocalSFX']) $sfxsUsage[$extraSFX['originalID']]++;
}
}
/*
Add this info to SQL
*/
$db->query("UPDATE songs SET levelsCount = 0");
$db->query("UPDATE sfxs SET levelsCount = 0");
foreach($songsUsage AS $song => $usage) {
$addInfo = $db->prepare("UPDATE songs SET levelsCount = :usage WHERE ID = :songID");
$addInfo->execute([':usage' => $usage, ':songID' => $song]);
}
foreach($sfxsUsage AS $sfx => $usage) {
$addInfo = $db->prepare("UPDATE sfxs SET levelsCount = :usage WHERE ID = :sfxID");
$addInfo->execute([':usage' => $usage, ':sfxID' => $sfx]);
}
$gs->logAction($accountID, 44, count($songsUsage), count($sfxsUsage));
return true;
}
public static function doEverything($accountID, $checkForTime) {
if(
!self::autoban($accountID, $checkForTime) ||
!self::updateCreatorPoints($accountID, $checkForTime) ||
!self::fixUsernames($accountID, $checkForTime) ||
!self::updateFriendsCount($accountID, $checkForTime) ||
!self::miscFixes($accountID, $checkForTime) ||
!self::updateSongsUsage($accountID, $checkForTime)
) return false;
return true;
}
}
?>

64
incl/lib/generatePass.php
View File

@@ -1,6 +1,5 @@
<?php
require_once dirname(__FILE__)."/mainLib.php";
require_once __DIR__."/mainLib.php";
class GeneratePass {
public static function GJP2fromPassword($pass) {
return sha1($pass . "mI29fmAnxgTs");
@@ -11,14 +10,13 @@ class GeneratePass {
}
public static function assignGJP2($accid, $pass) {
require dirname(__FILE__)."/connection.php";
require __DIR__."/connection.php";
$query = $db->prepare("UPDATE accounts SET gjp2 = :gjp2 WHERE accountID = :id");
$query->execute(["gjp2" => self::GJP2hash($pass), ":id" => $accid]);
}
public static function attemptsFromIP() {
require dirname(__FILE__)."/connection.php";
require __DIR__."/connection.php";
$gs = new mainLib();
$ip = $gs->getIP();
$newtime = time() - (60*60);
@@ -32,42 +30,46 @@ class GeneratePass {
}
public static function logInvalidAttemptFromIP($accountID) {
require __DIR__."/connection.php";
$gs = new mainLib();
$gs->logAction($accountID, 6, $accountID);
}
public static function assignModIPs($accountID, $ip) {
//this system is most likely going to be removed altogether soon
require dirname(__FILE__)."/connection.php";
require __DIR__."/connection.php";
$gs = new mainLib();
$modipCategory = $gs->getMaxValuePermission($accountID, "modipCategory");
if($modipCategory > 0){ //modIPs
if($modipCategory > 0) { //modIPs
$query4 = $db->prepare("SELECT count(*) FROM modips WHERE accountID = :id");
$query4->execute([':id' => $accountID]);
if ($query4->fetchColumn() > 0) {
$query6 = $db->prepare("UPDATE modips SET IP=:hostname, modipCategory=:modipCategory WHERE accountID=:id");
}else{
$query6 = $db->prepare("INSERT INTO modips (IP, accountID, isMod, modipCategory) VALUES (:hostname,:id,'1',:modipCategory)");
}
if($query4->fetchColumn() > 0) $query6 = $db->prepare("UPDATE modips SET IP = :hostname, modipCategory = :modipCategory WHERE accountID = :id");
else $query6 = $db->prepare("INSERT INTO modips (IP, accountID, isMod, modipCategory) VALUES (:hostname, :id, '1', :modipCategory)");
$query6->execute([':hostname' => $ip, ':id' => $accountID, ':modipCategory' => $modipCategory]);
}
}
public static function isGJP2Valid($accid, $gjp2) {
require dirname(__FILE__)."/connection.php";
require __DIR__."/connection.php";
$gs = new mainLib();
if(self::tooManyAttemptsFromIP()) return '-1';
$userInfo = $db->prepare("SELECT userName, gjp2, isActive FROM accounts WHERE accountID = :accid");
$userInfo->execute([':accid' => $accid]);
$userInfo = $userInfo->fetch();
if(!$userInfo) return 0;
if(!$userInfo) {
self::logInvalidAttemptFromIP(0);
return 0;
}
if(!$userInfo['gjp2']) return '-2';
if(password_verify($gjp2, $userInfo['gjp2'])) {
$checkBan = $gs->getPersonBan($accid, $gs->getUserID($accid, $userInfo['userName']), 4);
if($checkBan) return '-1';
self::assignModIPs($accid, $gs->getIP());
$gs->logAction($accid, 2);
return $userInfo['isActive'] ? 1 : '-2';
if($userInfo['isActive']) {
self::updateLastPlayed($accid);
return 1;
}
return '-2';
} else {
self::logInvalidAttemptFromIP($accid);
return 0;
@@ -75,7 +77,7 @@ class GeneratePass {
}
public static function isGJP2ValidUsrname($userName, $gjp2) {
require dirname(__FILE__)."/connection.php";
require __DIR__."/connection.php";
$query = $db->prepare("SELECT accountID FROM accounts WHERE userName LIKE :userName");
$query->execute([':userName' => $userName]);
if($query->rowCount() == 0) return 0;
@@ -85,14 +87,17 @@ class GeneratePass {
}
public static function isValid($accid, $pass) {
require dirname(__FILE__)."/connection.php";
require __DIR__."/connection.php";
$gs = new mainLib();
if(self::tooManyAttemptsFromIP()) return '-1';
$query = $db->prepare("SELECT userName, accountID, salt, password, isActive, gjp2 FROM accounts WHERE accountID = :accid");
$query->execute([':accid' => $accid]);
if($query->rowCount() == 0) return 0;
if($query->rowCount() == 0) {
self::logInvalidAttemptFromIP(0);
return 0;
}
$result = $query->fetch();
if(password_verify($pass, $result["password"])){
if(password_verify($pass, $result["password"])) {
if(!$result["gjp2"]) self::assignGJP2($accid, $pass);
$checkBan = $gs->getPersonBan($accid, $gs->getUserID($accid, $result['userName']), 4);
if($checkBan) {
@@ -100,8 +105,11 @@ class GeneratePass {
return -1;
}
self::assignModIPs($accid, $gs->getIP());
$gs->logAction($accid, 2);
return $result['isActive'] ? 1 : '-2';
if($userInfo['isActive']) {
self::updateLastPlayed($accid);
return 1;
}
return '-2';
} else {
// Code to validate password hashes created prior to March 2017 has been removed.
self::logInvalidAttemptFromIP($accid);
@@ -110,7 +118,7 @@ class GeneratePass {
}
public static function isValidUsrname($userName, $pass){
require dirname(__FILE__)."/connection.php";
require __DIR__."/connection.php";
$query = $db->prepare("SELECT accountID FROM accounts WHERE userName LIKE :userName");
$query->execute([':userName' => $userName]);
if($query->rowCount() == 0) return 0;
@@ -119,7 +127,7 @@ class GeneratePass {
}
public static function isValidToken($auth) {
require dirname(__FILE__)."/connection.php";
require __DIR__."/connection.php";
$gs = new mainLib();
if(self::tooManyAttemptsFromIP() || empty(trim($auth))) return '-3';
$query = $db->prepare("SELECT userName, accountID, isActive FROM accounts WHERE auth = :id");
@@ -135,10 +143,16 @@ class GeneratePass {
self::logInvalidAttemptFromIP($fetch['accountID']);
return '-1';
}
$gs->logAction($fetch['accountID'], 2);
self::updateLastPlayed($fetch['accountID']);
if(!$fetch['isActive']) return '-2';
return ['accountID' => $fetch['accountID'], 'userID' => $userID, 'userName' => $fetch['userName'], 'color' => $gs->getAccountCommentColor($fetch["accountID"])];
}
}
public static function updateLastPlayed($accountID) {
require __DIR__."/connection.php";
$update = $db->prepare("UPDATE users SET lastPlayed = :time WHERE extID = :accountID");
$update->execute([':accountID' => $accountID, ':time' => time()]);
}
}
?>

42
incl/lib/mainLib.php
View File

@@ -398,23 +398,22 @@ class mainLib {
}
return "1~|~".$song["ID"]."~|~2~|~".ExploitPatch::translit(str_replace("#", "", $song["name"]))."~|~3~|~".$song["authorID"]."~|~4~|~".ExploitPatch::translit($song["authorName"])."~|~5~|~".$song["size"]."~|~6~|~~|~10~|~".$dl."~|~7~|~~|~8~|~1".$extraSongString;
}
public function getSongInfo($id, $column = "*") {
public function getSongInfo($id, $column = "*", $library = false) {
if(!is_numeric($id)) return;
require __DIR__ . "/connection.php";
$sinfo = $db->prepare("SELECT $column FROM songs WHERE ID = :id");
$sinfo->execute([':id' => $id]);
$sinfo = $sinfo->fetch();
if(empty($sinfo)) {
$sinfo = $this->getLibrarySongInfo($id, 'music');
$sinfo = $this->getLibrarySongInfo($id, 'music', $library);
if(!$sinfo) return false;
else {
if($column != "*") return $sinfo[$column];
else return array("ID" => $sinfo["ID"], "name" => $sinfo["name"], "authorName" => $sinfo["authorName"], "size" => $sinfo["size"], "duration" => $sinfo["duration"], "download" => $sinfo["download"], "reuploadTime" => $sinfo["reuploadTime"], "reuploadID" => $sinfo["reuploadID"]);
else return array("isLocalSong" => false, "ID" => $sinfo["ID"], "name" => $sinfo["name"], "authorName" => $sinfo["authorName"], "size" => $sinfo["size"], "duration" => $sinfo["duration"], "download" => $sinfo["download"], "reuploadTime" => $sinfo["reuploadTime"], "reuploadID" => $sinfo["reuploadID"]);
}
}
else {
} else {
if($column != "*") return $sinfo[$column];
else return array("ID" => $sinfo["ID"], "name" => $sinfo["name"], "authorName" => $sinfo["authorName"], "size" => $sinfo["size"], "duration" => $sinfo["duration"], "download" => $sinfo["download"], "reuploadTime" => $sinfo["reuploadTime"], "reuploadID" => $sinfo["reuploadID"]);
else return array("isLocalSong" => true, "ID" => $sinfo["ID"], "name" => $sinfo["name"], "authorName" => $sinfo["authorName"], "size" => $sinfo["size"], "duration" => $sinfo["duration"], "download" => $sinfo["download"], "reuploadTime" => $sinfo["reuploadTime"], "reuploadID" => $sinfo["reuploadID"]);
}
}
public function getSFXInfo($id, $column = "*") {
@@ -808,6 +807,8 @@ class mainLib {
public function rateLevel($accountID, $levelID, $stars, $difficulty, $auto, $demon) {
if(!is_numeric($accountID)) return false;
require __DIR__ . "/connection.php";
require __DIR__ . "/../../config/misc.php";
require_once __DIR__ . "/cron.php";
$diffName = $this->getDiffFromStars($stars)["name"];
$query = "UPDATE levels SET starDemon=:demon, starAuto=:auto, starDifficulty=:diff, starStars=:stars, rateDate=:now WHERE levelID=:levelID";
$query = $db->prepare($query);
@@ -815,6 +816,7 @@ class mainLib {
$query = $db->prepare("INSERT INTO modactions (type, value, value2, value3, timestamp, account) VALUES ('1', :value, :value2, :levelID, :timestamp, :id)");
$query->execute([':value' => $diffName, ':timestamp' => time(), ':id' => $accountID, ':value2' => $stars, ':levelID' => $levelID]);
$this->sendRateWebhook($accountID, $levelID);
if($automaticCron) Cron::updateCreatorPoints($accountID, false);
}
public function featureLevel($accountID, $levelID, $state) {
if(!is_numeric($accountID)) return false;
@@ -1223,10 +1225,12 @@ class mainLib {
$server = $serverIDs[null];
foreach($sfxs AS &$customSFX) {
if(!isset($folderID[$customSFX['reuploadID']])) {
$idsConverter['count']++;
$idsConverter['IDs'][$idsConverter['count']] = ['server' => $server, 'ID' => $customSFX['ID'], 'name' => $customSFX['userName'].'\'s SFXs', 'type' => 1];
$idsConverter['originalIDs'][$server][$customSFX['reuploadID']] = $idsConverter['count'];
$newID = $idsConverter['count'];
if(empty($idsConverter['originalIDs'][$server][$customSFX['reuploadID']])) {
$idsConverter['count']++;
$idsConverter['IDs'][$idsConverter['count']] = ['server' => $server, 'ID' => $customSFX['ID'], 'name' => $customSFX['userName'].'\'s SFXs', 'type' => 1];
$idsConverter['originalIDs'][$server][$customSFX['reuploadID']] = $idsConverter['count'];
$newID = $idsConverter['count'];
} else $newID = $idsConverter['originalIDs'][$server][$customSFX['reuploadID']];
$library['folders'][$newID] = [
'name' => ExploitPatch::escapedat($customSFX['userName']).'\'s SFXs',
'type' => 1,
@@ -1239,10 +1243,12 @@ class mainLib {
];
$folderID[$customSFX['reuploadID']] = true;
}
$idsConverter['count']++;
$idsConverter['IDs'][$idsConverter['count']] = ['server' => $server, 'ID' => $customSFX['ID'], 'name' => $customSFX['name'], 'type' => 0];
$idsConverter['originalIDs'][$server][$customSFX['ID']] = $idsConverter['count'];
$customSFX['ID'] = $idsConverter['count'];
if(empty($idsConverter['originalIDs'][$server][$customSFX['ID'] + 8000000])) {
$idsConverter['count']++;
$idsConverter['IDs'][$idsConverter['count']] = ['server' => $server, 'ID' => $customSFX['ID'], 'name' => $customSFX['name'], 'type' => 0];
$idsConverter['originalIDs'][$server][$customSFX['ID'] + 8000000] = $idsConverter['count'];
$customSFX['ID'] = $idsConverter['count'];
} else $customSFX['ID'] = $idsConverter['originalIDs'][$server][$customSFX['ID'] + 8000000];
$library['files'][$customSFX['ID']] = $gdpsLibrary['files'][$customSFX['ID']] = [
'name' => ExploitPatch::escapedat($customSFX['name']),
'type' => 0,
@@ -1382,7 +1388,7 @@ class mainLib {
$result = isset($response['success']) ? $response['success'] : false;
return $result;
}
public function getLibrarySongInfo($id, $type = 'music') {
public function getLibrarySongInfo($id, $type = 'music', $extraLibrary = false) {
require __DIR__."/../../config/dashboard.php";
if(!file_exists(__DIR__.'/../../'.$type.'/ids.json')) return false;
$servers = $serverIDs = $serverNames = [];
@@ -1391,7 +1397,7 @@ class mainLib {
$serverNames[$customLib[0]] = $customLib[1];
$serverIDs[$customLib[2]] = $customLib[0];
}
$library = json_decode(file_get_contents(__DIR__.'/../../'.$type.'/ids.json'), true);
$library = $extraLibrary ? $extraLibrary : json_decode(file_get_contents(__DIR__.'/../../'.$type.'/ids.json'), true);
if(!isset($library['IDs'][$id]) || ($type == 'music' && $library['IDs'][$id]['type'] != 1)) return false;
if($type == 'music') {
$song = $library['IDs'][$id];
@@ -1405,7 +1411,7 @@ class mainLib {
$token = $this->randomString(11);
$expires = time() + 3600;
$link = $servers[$SFX['server']] != null ? $servers[$SFX['server']].'/sfx/s'.$SFX['ID'].'.ogg?token='.$token.'&expires='.$expires : $this->getSFXInfo($SFX['ID'], 'download');
return ['server' => $SFX['server'], 'ID' => $id, 'name' => $song['name'], 'download' => $link];
return ['isLocalSFX' => $servers[$SFX['server']] == null, 'server' => $SFX['server'], 'ID' => $id, 'name' => $song['name'], 'download' => $link, 'originalID' => $SFX['ID']];
}
}
public function getLibrarySongAuthorInfo($id) {
@@ -2086,7 +2092,7 @@ class mainLib {
$levelField = [$this->webhookLanguage('levelTitle', $webhookLangArray), sprintf($this->webhookLanguage('levelDesc', $webhookLangArray), '**'.$level['levelName'].'**', $creatorFormattedUsername), true];
$IDField = [$this->webhookLanguage('levelIDTitle', $webhookLangArray), $level['levelID'], true];
if($level['starStars'] == 1) $action = 0; elseif(($level['starStars'] < 5 AND $level['starStars'] != 0) AND !($level['starStars'] > 9 AND $level['starStars'] < 20)) $action = 1; else $action = 2;
$difficultyField = [$this->webhookLanguage('difficultyTitle', $webhookLangArray), sprintf($this->webhookLanguage('difficultyDesc'.$action, $webhookLangArray), $difficulty, $level['starStars']), true];
$difficultyField = [$this->webhookLanguage('difficultyTitle', $webhookLangArray), sprintf($this->webhookLanguage('difficultyDesc' . ($level['levelLength'] == 5 ? 'Moon' : '') . $action, $webhookLangArray), $difficulty, $level['starStars']), true];
$statsField = [$this->webhookLanguage('statsTitle', $webhookLangArray), $stats, true];
if($level['requestedStars'] == 1) $action = 0; elseif(($level['requestedStars'] < 5 AND $level['requestedStars'] != 0) AND !($level['requestedStars'] > 9 AND $level['requestedStars'] < 20)) $action = 1; else $action = 2;
$requestedField = $level['requestedStars'] > 0 ? [$this->webhookLanguage('requestedTitle', $webhookLangArray), sprintf($this->webhookLanguage('requestedDesc'.$action, $webhookLangArray), $level['requestedStars']), true] : [];

16
incl/messages/downloadGJMessage.php
View File

@@ -10,22 +10,20 @@ $gs = new mainLib();
$accountID = GJPCheck::getAccountIDOrDie();
$messageID = ExploitPatch::remove($_POST["messageID"]);
$query=$db->prepare("SELECT accID, toAccountID, timestamp, userName, messageID, subject, isNew, body FROM messages WHERE messageID = :messageID AND (accID = :accID OR toAccountID = :accID) LIMIT 1");
$query = $db->prepare("SELECT accID, toAccountID, timestamp, userName, messageID, subject, isNew, body FROM messages WHERE messageID = :messageID AND (accID = :accID OR toAccountID = :accID) LIMIT 1");
$query->execute([':messageID' => $messageID, ':accID' => $accountID]);
$result = $query->fetch();
if($query->rowCount() == 0){
exit("-1");
}
if(empty($_POST["isSender"])){
$query=$db->prepare("UPDATE messages SET isNew=1 WHERE messageID = :messageID AND toAccountID = :accID");
$query->execute([':messageID' => $messageID, ':accID' => $accountID]);
if($query->rowCount() == 0) exit("-1");
if(empty($_POST["isSender"])) {
$query = $db->prepare("UPDATE messages SET isNew = 1, readTime = :readTime WHERE messageID = :messageID AND toAccountID = :accID AND readTime = 0");
$query->execute([':messageID' => $messageID, ':accID' => $accountID, ':readTime' => time()]);
$accountID = $result["accID"];
$isSender = 0;
}else{
} else {
$isSender = 1;
$accountID = $result["toAccountID"];
}
$query=$db->prepare("SELECT userName, userID, extID, clan FROM users WHERE extID = :accountID");
$query = $db->prepare("SELECT userName, userID, extID, clan FROM users WHERE extID = :accountID");
$query->execute([':accountID' => $accountID]);
$result12 = $query->fetch();
$uploadDate = $gs->makeTime($result["timestamp"]);

7
incl/relationships/acceptGJFriendRequest.php
View File

@@ -1,9 +1,11 @@
<?php
chdir(dirname(__FILE__));
require "../lib/connection.php";
require "../lib/GJPCheck.php";
require "../../config/misc.php";
require_once "../lib/GJPCheck.php";
require_once "../lib/exploitPatch.php";
require_once "../lib/mainLib.php";
require_once "../lib/cron.php";
$gs = new mainLib();
if(empty($_POST["requestID"])) exit("-1");
$accountID = GJPCheck::getAccountIDOrDie();
@@ -18,7 +20,8 @@ if($toAccountID != $accountID OR $reqAccountID == $accountID) exit("-1");
$query = $db->prepare("INSERT INTO friendships (person1, person2, isNew1, isNew2) VALUES (:accountID, :targetAccountID, 1, 1)");
$query->execute([':accountID' => $reqAccountID, ':targetAccountID' => $toAccountID]);
$gs->logAction($accountID, 28, $reqAccountID);
$query = $db->prepare("DELETE from friendreqs WHERE ID=:requestID LIMIT 1");
$query = $db->prepare("DELETE from friendreqs WHERE ID = :requestID LIMIT 1");
$query->execute([':requestID' => $requestID]);
if($automaticCron) Cron::updateFriendsCount($accountID, false);
echo "1";
?>

3
incl/relationships/blockGJUser.php
View File

@@ -1,9 +1,11 @@
<?php
chdir(dirname(__FILE__));
require "../lib/connection.php";
require "../../config/misc.php";
require_once "../lib/GJPCheck.php";
require_once "../lib/exploitPatch.php";
require_once "../lib/mainLib.php";
require_once "../lib/cron.php";
$gs = new mainLib();
if(empty($_POST["targetAccountID"])) exit("-1");
@@ -17,5 +19,6 @@ $query->execute([':accountID' => $accountID, ':targetAccountID' => $targetAccoun
// Remove from friend list if the two users were friends
$query = $db->prepare("DELETE FROM friendships WHERE (person1 = :accountID AND person2 = :targetAccountID) OR (person1 = :targetAccountID AND person2 = :accountID)");
$query->execute([':accountID' => $accountID, ':targetAccountID' => $targetAccountID]);
if($automaticCron) Cron::updateFriendsCount($accountID, false);
$gs->logAction($accountID, 29, $targetAccountID);
echo 1;

8
incl/relationships/deleteGJFriendRequests.php
View File

@@ -1,15 +1,13 @@
<?php
chdir(dirname(__FILE__));
include "../lib/connection.php";
require "../lib/connection.php";
require_once "../lib/GJPCheck.php";
require_once "../lib/exploitPatch.php";
require_once "../lib/mainLib.php";
$gs = new mainLib();
if(empty($_POST["targetAccountID"])){
exit("-1");
}
if(empty($_POST["targetAccountID"])) exit("-1");
$accountID = GJPCheck::getAccountIDOrDie();
$targetAccountID = ExploitPatch::remove($_POST["targetAccountID"]);
$query = $db->prepare("DELETE from friendreqs WHERE (accountID = :accountID AND toAccountID = :targetAccountID) OR (toAccountID = :accountID AND accountID = :targetAccountID) LIMIT 1");
$query = $db->prepare("DELETE FROM friendreqs WHERE (accountID = :accountID AND toAccountID = :targetAccountID) OR (toAccountID = :accountID AND accountID = :targetAccountID) LIMIT 1");
if($query->execute([':accountID' => $accountID, ':targetAccountID' => $targetAccountID])) $gs->logAction($accountID, 30, $targetAccountID);
echo "1";

3
incl/relationships/removeGJFriend.php
View File

@@ -1,13 +1,16 @@
<?php
chdir(dirname(__FILE__));
require "../lib/connection.php";
require "../../config/misc.php";
require_once "../lib/GJPCheck.php";
require_once "../lib/exploitPatch.php";
require_once "../lib/mainLib.php";
require_once "../lib/cron.php";
$gs = new mainLib();
if(empty($_POST['targetAccountID'])) exit("-1");
$accountID = GJPCheck::getAccountIDOrDie();
$targetAccountID = ExploitPatch::remove($_POST["targetAccountID"]);
$query = $db->prepare("DELETE FROM friendships WHERE (person1 = :accountID AND person2 = :targetAccountID) OR (person2 = :accountID AND person1 = :targetAccountID)");
if($query->execute([':accountID' => $accountID, ':targetAccountID' => $targetAccountID])) $gs->logAction($accountID, 31, $targetAccountID);
if($automaticCron) Cron::updateFriendsCount($accountID, false);
echo "1";

6
incl/rewards/getGJSecretReward.php
View File

@@ -17,6 +17,12 @@ $vaultCode->execute([':code' => base64_encode($rewardKey)]);
$vaultCode = $vaultCode->fetch();
if(!$vaultCode || $vaultCode['uses'] == 0 || ($vaultCode['duration'] != 0 && $vaultCode['duration'] <= time())) exit('-1');
$check = $db->prepare("SELECT count(*) FROM actions WHERE type = 38 AND value = :vaultCode AND account = :extID");
$check->execute([':vaultCode' => $vaultCode['rewardID'], ':extID' => $extID]);
$check = $check->fetchColumn();
if($check) exit('-1');
if($vaultCode['uses'] > 0) {
$reduceUses = $db->prepare('UPDATE vaultcodes SET uses = uses - 1 WHERE rewardID = :rewardID');
$reduceUses->execute([':rewardID' => $vaultCode['rewardID']]);

1
tools/.htaccess
View File

@@ -1 +0,0 @@
Options +Indexes

60
tools/cron/autoban.php
View File

@@ -1,60 +0,0 @@
<?php
ob_flush();
flush();
require "../../incl/lib/connection.php";
require "../../incl/lib/mainLib.php";
$gs = new mainLib();
//note: this needs a better algorithm
$query = $db->prepare("
SELECT 10+IFNULL(FLOOR(coins.coins*1.25)+(coins1.coins),0) as coins, 3+IFNULL(FLOOR(levels.demons*1.0625)+(demons.demons),0) as demons, 212+FLOOR((IFNULL(levels.stars,0)+IFNULL(gauntlets.stars,0)+IFNULL(mappacks.stars,0))+IFNULL(stars.stars,0)*1.25) as stars, 25+IFNULL(moons.moons,0) as moons FROM
(SELECT SUM(coins) as coins FROM levels WHERE starCoins <> 0) coins
JOIN
(SELECT SUM(starDemon) as demons, SUM(starStars) as stars FROM levels) levels
JOIN
(SELECT SUM(starStars) as stars FROM dailyfeatures
INNER JOIN levels on levels.levelID = dailyfeatures.levelID) stars
JOIN
(SELECT SUM(starCoins) as coins FROM dailyfeatures
INNER JOIN levels on levels.levelID = dailyfeatures.levelID) coins1
JOIN
(SELECT SUM(starDemon) as demons FROM dailyfeatures
INNER JOIN levels on levels.levelID = dailyfeatures.levelID) demons
JOIN
(
SELECT (level1.stars + level2.stars + level3.stars + level4.stars + level5.stars) as stars FROM
(SELECT SUM(starStars) as stars FROM gauntlets
INNER JOIN levels on levels.levelID = gauntlets.level1) level1
JOIN
(SELECT SUM(starStars) as stars FROM gauntlets
INNER JOIN levels on levels.levelID = gauntlets.level2) level2
JOIN
(SELECT SUM(starStars) as stars FROM gauntlets
INNER JOIN levels on levels.levelID = gauntlets.level3) level3
JOIN
(SELECT SUM(starStars) as stars FROM gauntlets
INNER JOIN levels on levels.levelID = gauntlets.level4) level4
JOIN
(SELECT SUM(starStars) as stars FROM gauntlets
INNER JOIN levels on levels.levelID = gauntlets.level5) level5
) gauntlets
JOIN
(SELECT SUM(stars) as stars FROM mappacks) mappacks
JOIN
(SELECT SUM(starStars) as moons FROM levels WHERE levelLength = 5) moons
");
$query->execute();
$levelstuff = $query->fetch();
$stars = $levelstuff['stars']; $coins = $levelstuff['coins']; $demons = $levelstuff['demons']; $moons = $levelstuff['moons'];
$query = $db->prepare("SELECT userID FROM users WHERE stars > :stars OR demons > :demons OR userCoins > :coins OR moons > :moons OR stars < 0 OR demons < 0 OR coins < 0 OR userCoins < 0 OR diamonds < 0 OR moons < 0");
$query->execute([':stars' => $stars, ':demons' => $demons, ':coins' => $coins, ':moons' => $moons]);
$query = $query->fetchAll();
foreach($query AS &$ban) {
$getUser = $db->prepare('SELECT stars, demons, userCoins, moons FROM users WHERE userID = :userID');
$getUser->execute([':userID' => $ban['userID']]);
$getUser = $getUser->fetch();
$maxText = 'MAX: ⭐'.$stars.' • 🌙'.$moons.' • 👿'.$demons.' • 🪙'.$coins.' | USER: ⭐'.$getUser['stars'].' • 🌙'.$getUser['moons'].' • 👿'.$getUser['demons'].' • 🪙'.$getUser['userCoins'];
$gs->banPerson(0, $ban['userID'], $maxText, 0, 1, 2147483647);
}
ob_flush();
flush();
?>

27
tools/cron/cron.php
View File

@@ -1,27 +0,0 @@
<?php
chdir(dirname(__FILE__));
if(function_exists("set_time_limit")) set_time_limit(0);
include "fixcps.php";
ob_flush();
flush();
include "autoban.php";
ob_flush();
flush();
include "friendsLeaderboard.php";
ob_flush();
flush();
include "removeBlankLevels.php";
ob_flush();
flush();
include "songsCount.php";
ob_flush();
flush();
include "fixnames.php";
ob_flush();
flush();
include "misc.php";
ob_flush();
flush();
echo "1";
file_put_contents("../logs/cronlastrun.txt",time());
?>

122
tools/cron/fixcps.php
View File

@@ -1,122 +0,0 @@
<?php
chdir(dirname(__FILE__));
ob_flush();
flush();
if(file_exists("../logs/fixcpslog.txt")){
$cptime = file_get_contents("../logs/fixcpslog.txt");
$newtime = time() - 30;
if($cptime > $newtime){
$remaintime = time() - $cptime;
$remaintime = 30 - $remaintime;
$remainmins = floor($remaintime / 60);
$remainsecs = $remainmins * 60;
$remainsecs = $remaintime - $remainsecs;
exit("-1");
}
}
file_put_contents("../logs/fixcpslog.txt",time());
if(function_exists("set_time_limit")) set_time_limit(0);
$cplog = "";
$people = array();
require "../../incl/lib/connection.php";
require "../../config/misc.php";
//getting users
$query = $db->prepare("UPDATE users
LEFT JOIN
(
SELECT usersTable.userID, (IFNULL(starredTable.starred, 0) + IFNULL(featuredTable.featured, 0) + (IFNULL(epicTable.epic,0))) as CP FROM (
SELECT userID FROM users
) AS usersTable
LEFT JOIN
(
SELECT count(*) as starred, userID FROM levels WHERE starStars != 0 AND isCPShared = 0 ".(!$unlistedCreatorPoints ? "AND unlisted = 0 AND unlisted2 = 0" : "")." GROUP BY(userID)
) AS starredTable ON usersTable.userID = starredTable.userID
LEFT JOIN
(
SELECT count(*) as featured, userID FROM levels WHERE starFeatured != 0 AND isCPShared = 0 ".(!$unlistedCreatorPoints ? "AND unlisted = 0 AND unlisted2 = 0" : "")." GROUP BY(userID)
) AS featuredTable ON usersTable.userID = featuredTable.userID
LEFT JOIN
(
SELECT SUM(starEpic) as epic, userID FROM levels WHERE starEpic != 0 AND isCPShared = 0 ".(!$unlistedCreatorPoints ? "AND unlisted = 0 AND unlisted2 = 0" : "")." GROUP BY(userID)
) AS epicTable ON usersTable.userID = epicTable.userID
) calculated
ON users.userID = calculated.userID
SET users.creatorPoints = IFNULL(calculated.CP, 0)");
$query->execute();
/*
CP SHARING
*/
if ($unlistedCreatorPoints) $query = $db->prepare("SELECT levelID, userID, starStars, starFeatured, starEpic FROM levels WHERE isCPShared = 1");
else $query = $db->prepare("SELECT levelID, userID, starStars, starFeatured, starEpic FROM levels WHERE isCPShared = 1 AND unlisted = 0 AND unlisted2 = 0");
$query->execute();
$result = $query->fetchAll();
foreach($result as $level){
$deservedcp = 0;
if($level["starStars"] != 0){
$deservedcp++;
}
if($level["starFeatured"] != 0){
$deservedcp++;
}
if($level["starEpic"] != 0){
$deservedcp += $level["starEpic"]; // Epic - 1, Legendary - 2, Mythic - 3
}
$query = $db->prepare("SELECT userID FROM cpshares WHERE levelID = :levelID");
$query->execute([':levelID' => $level["levelID"]]);
$sharecount = $query->rowCount() + 1;
$addcp = $deservedcp / $sharecount;
$shares = $query->fetchAll();
foreach($shares as &$share){
$people[$share["userID"]] += $addcp;
}
$people[$level["userID"]] += $addcp;
}
/*
NOW to update GAUNTLETS CP
*/
$query = $db->prepare("SELECT level1,level2,level3,level4,level5 FROM gauntlets");
$query->execute();
$result = $query->fetchAll();
//getting gauntlets
foreach($result as $gauntlet) {
//getting lvls
for($x = 1; $x < 6; $x++){
if ($unlistedCreatorPoints) $query = $db->prepare("SELECT userID, levelID FROM levels WHERE levelID = :levelID");
else $query = $db->prepare("SELECT userID, levelID FROM levels WHERE levelID = :levelID AND unlisted = 0 AND unlisted2 = 0");
$query->execute([':levelID' => $gauntlet["level".$x]]);
$result = $query->fetch();
//getting users
if($result["userID"] != ""){
$cplog .= $result["userID"] . " - +1\r\n";
$people[$result["userID"]] = ($people[$result["userID"]] ?? 0) + 1;
}
}
}
/*
NOW to update DAILY CP
*/
$query = $db->prepare("SELECT levelID FROM dailyfeatures WHERE timestamp < :time");
$query->execute([':time' => time()]);
$result = $query->fetchAll();
//getting gauntlets
foreach($result as $daily) {
//getting lvls
if ($unlistedCreatorPoints) $query = $db->prepare("SELECT userID, levelID FROM levels WHERE levelID = :levelID");
else $query = $db->prepare("SELECT userID, levelID FROM levels WHERE levelID = :levelID AND unlisted = 0 AND unlisted2 = 0");
$query->execute([':levelID' => $daily["levelID"]]);
$result = $query->fetch();
//getting users
if($result["userID"] != ""){
$people[$result["userID"]] = ($people[$result["userID"]] ?? 0) + 1;
$cplog .= $result["userID"] . " - +1\r\n";
}
}
/*
DONE
*/
foreach($people as $user => $cp){
$query4 = $db->prepare("UPDATE users SET creatorPoints = (creatorpoints + :creatorpoints) WHERE userID=:userID");
$query4->execute([':userID' => $user, ':creatorpoints' => $cp]);
}
file_put_contents("../logs/cplog.txt",$cplog);
?>

23
tools/cron/fixnames.php
View File

@@ -1,23 +0,0 @@
<?php
$date = date("d-m");
if($date == "01-04"){
exit();
}
chdir(dirname(__FILE__));
ob_flush();
flush();
if(function_exists("set_time_limit")) set_time_limit(0);
require "../../incl/lib/connection.php";
$query = $db->prepare("UPDATE users
INNER JOIN accounts ON accounts.accountID = users.extID
SET users.userName = accounts.userName
WHERE users.extID REGEXP '^-?[0-9]+$'
AND LENGTH(accounts.userName) <= 69");
$query->execute();
$query = $db->prepare("UPDATE users
INNER JOIN accounts ON accounts.accountID = users.extID
SET users.userName = 'Invalid Username'
WHERE users.extID REGEXP '^-?[0-9]+$'
AND LENGTH(accounts.userName) > 69");
$query->execute();
?>

32
tools/cron/friendsLeaderboard.php
View File

@@ -1,32 +0,0 @@
<?php
chdir(dirname(__FILE__));
if(file_exists("../logs/fixfrndlog.txt")){
$cptime = file_get_contents("../logs/fixfrndlog.txt");
$newtime = time() - 30;
if($cptime > $newtime){
$remaintime = time() - $cptime;
$remaintime = 30 - $remaintime;
$remainmins = floor($remaintime / 60);
$remainsecs = $remainmins * 60;
$remainsecs = $remaintime - $remainsecs;
exit("-1");
}
}
file_put_contents("../logs/fixfrndlog.txt",time());
if(function_exists("set_time_limit")) set_time_limit(0);
require "../../incl/lib/connection.php";
$query = $db->prepare("UPDATE accounts
LEFT JOIN
(
SELECT a.person, (IFNULL(a.friends, 0) + IFNULL(b.friends, 0)) AS friends FROM (
SELECT count(*) as friends, person1 AS person FROM friendships GROUP BY(person1)
) AS a
JOIN
(
SELECT count(*) as friends, person2 AS person FROM friendships GROUP BY(person2)
) AS b ON a.person = b.person
) calculated
ON accounts.accountID = calculated.person
SET accounts.friendsCount = IFNULL(calculated.friends, 0)");
$query->execute();
?>

35
tools/cron/misc.php
View File

@@ -1,35 +0,0 @@
<?php
ob_flush();
flush();
if(file_exists("../logs/misc.txt")) {
$cptime = file_get_contents("../logs/misc.txt");
$newtime = time() - 30;
if($cptime > $newtime) exit("-1");
}
require "../../incl/lib/connection.php";
require_once "../../incl/lib/mainLib.php";
$gs = new mainLib();
/* Unbanning everyone who has expired ban */
$bans = $db->prepare('UPDATE bans SET isActive = 0 WHERE expires < :time');
$bans->execute([':time' => time()]);
/* Unbanning IPs */
$getIPBans = $db->prepare("SELECT person FROM bans WHERE personType = 2 AND banType = 4 AND isActive = 0");
$getIPBans->execute();
$getIPBans = $getIPBans->fetchAll();
$IPBans = [];
foreach($getIPBans AS &$ban) {
$IPBans[] = $gs->IPForBan($ban['person'], true);
}
$bannedIPsString = implode("|", $IPBans);
$unbanIPs = $db->prepare('DELETE FROM bannedips WHERE IP REGEXP "'.$bannedIPsString.'"');
$unbanIPs->execute();
file_put_contents("../logs/misc.txt",time());
ob_flush();
flush();
?>

51
tools/cron/removeBlankLevels.php
View File

@@ -1,51 +0,0 @@
<?php
require "../../incl/lib/connection.php";
$query = $db->prepare("DELETE FROM users WHERE extID = ''");
$query->execute();
$query = $db->prepare("DELETE FROM songs WHERE download = ''");
$query->execute();
ob_flush();
flush();
$query = $db->prepare("UPDATE levels SET password = 0 WHERE password = 2");
$query->execute();
ob_flush();
flush();
$query = $db->prepare("DELETE FROM songs WHERE download = '10' OR download LIKE 'file:%'");
$query->execute();
/*$query = $db->prepare("SELECT accountID, userName, registerDate FROM accounts");
$query->execute();
$result = $query->fetchAll();
echo "Deleting unused accounts<br>";
ob_flush();
flush();
foreach($result as &$account){
$query = $db->prepare("SELECT count(*) FROM users WHERE extID = :accountID");
$query->execute([':accountID' => $account["accountID"]]);
if($query->fetchColumn() == 0){
$time = time() - 2592000;
if($account["registerDate"] < $time){
echo "Deleted " . htmlspecialchars($account["userName"],ENT_QUOTES) . "<br>";
$query = $db->prepare("DELETE FROM accounts WHERE accountID = :accountID");
$query->execute([':accountID' => $account["accountID"]]);
ob_flush();
flush();
}
}
}*/
/*$query = $db->prepare("show tables");
$query->execute();
$tables = $query->fetchAll();
echo "Optimizing tables.<br>";
ob_flush();
flush();
foreach($tables as &$table){
$table = $table[0];
$query = $db->prepare("OPTIMIZE TABLE $table");
$query->execute();
echo "Optimized $table <br>";
ob_flush();
flush();
}*/
ob_flush();
flush();
?>

15
tools/cron/songsCount.php
View File

@@ -1,15 +0,0 @@
<?php
chdir(dirname(__FILE__));
if(function_exists("set_time_limit")) set_time_limit(0);
require "../../incl/lib/connection.php";
//var_dump($result);
//getting accounts
$query = $db->prepare("UPDATE songs
LEFT JOIN
(
SELECT count(*) AS levelsCount, songID FROM levels GROUP BY songID
) calculated
ON calculated.songID = songs.ID
SET songs.levelsCount = IFNULL(calculated.levelsCount, 0)");
$query->execute();
?>

3
tools/index.php
View File

@@ -1,3 +0,0 @@
<?php
header("Location: ../dashboard");
?>

0
tools/logs/cplog.txt
View File

0
tools/logs/cronlastrun.txt
View File

0
tools/logs/fixcpslog.txt
View File

0
tools/logs/fixfrndlog.txt
View File

0
tools/logs/fixnameslog.txt
View File

0
tools/logs/frndlog.txt
View File

0
tools/logs/snglog.txt
View File