<?php
# Copyright (c) 2015 Jordan Turley, CSGO Win Big. All Rights Reserved.
include 'default.php';
$db = getDB();
$stmt = $db->query('SELECT * FROM history ORDER BY id DESC');
if ($stmt->rowCount() === 0) {
# It is the first ever pot, don't do anything
echo jsonErr('Don\'t do anything, the current pot is the first one');
return;
}
$mostRecentPot = $stmt->fetch();
echo jsonSuccess($mostRecentPot);
<?php
# Copyright (c) 2015 Jordan Turley, CSGO Win Big. All Rights Reserved.
session_start();
include 'default.php';
include 'SteamAuthentication/steamauth/userInfo.php';
$db = getDB();
if (!isset($_SESSION['steamid'])) {
echo jsonErr('You are not logged in.');
return;
}
$text = isset($_POST['text']) ? $_POST['text'] : null;
if (is_null($text) || strlen($text) === 0) {
echo jsonErr('The required text for the message was not sent correctly or was left blank. Please refresh and try again.');
return;
}
$steamUserID = $steamprofile['steamid'];
# Check if they are on the blacklist for the chat
$stmt = $db->query('SELECT * FROM chatBlacklist');
$blacklist = $stmt->fetchAll();
foreach ($blacklist as $user) {
$steamId64 = $user['steamId64'];
if ($steamId64 === $steamUserID) {
echo jsonSuccess(array('message' => 'You have been banned from the chat.'));
return;
}
}
$stmt = $db->prepare('INSERT INTO `chat` (`steamUserID`, `text`, `date`, `time`) VALUES (:userid, :text, CURDATE(), CURTIME())');
$stmt->bindValue(':userid', $steamUserID);
$stmt->bindValue(':text', $text);
$stmt->execute();
}
if ($price === 0) {
$price = intval($item['suggestedPriceMin']);
}
# If all of those are 0, set it to the Steam market price
if ($price === 0) {
$hash = urlencode($marketName);
$marketObj = json_decode(file_get_contents("http://steamcommunity.com/market/priceoverview/?currency=1&appid=730&market_hash_name={$hash}"), true);
if ($marketObj['success'] !== true) {
echo jsonErr('An error occured while fetching market price for an item.');
return;
}
$medianPrice = $marketObj['median_price'];
$lowestPrice = $marketObj['lowest_price'];
if (!isset($medianPrice) && !isset($lowestPrice)) {
echo jsonErr('One or more items was not found on the steam market place.');
return;
}
if (isset($medianPrice)) {
$price = doubleval(substr($medianPrice, 1)) * 100;
} else {
$price = doubleval(substr($lowestPrice, 1)) * 100;
}
}
$arr = array('classId' => $classId, 'instanceId' => $instanceId, 'marketName' => $marketName, 'rarityName' => $rarityName, 'rarityColor' => $rarityColor, 'price' => $price, 'iconUrl' => $iconUrl);
# Just in case the SteamBot decides to have the amount more than 1
for ($i1 = 0; $i1 < $amount; $i1++) {
array_push($itemsArr, $arr);
$totalPrice += $price;
}
}
<?php
session_start();
include 'default.php';
include 'SteamAuthentication/steamauth/userInfo.php';
$db = getDB();
$tradeUrl = isset($_POST['tradeUrl']) ? $_POST['tradeUrl'] : null;
if (is_null($tradeUrl) || strlen($tradeUrl) === 0) {
echo jsonErr('The required field was not sent.');
return;
}
# Check if user is logged in
if (!isset($_SESSION['steamid'])) {
echo jsonErr('You are not logged in.');
return;
}
if (!filter_var($tradeUrl, FILTER_VALIDATE_URL)) {
echo jsonSuccess(array('valid' => 0, 'errMsg' => 'The provided url was not valid.'));
return;
}
$query = parse_url($tradeUrl, PHP_URL_QUERY);
parse_str($query, $queryArr);
$tradeToken = isset($queryArr['token']) ? $queryArr['token'] : null;
if (is_null($tradeToken) || strlen($tradeToken) === 0) {
echo jsonSuccess(array('valid' => 0, 'errMsg' => 'Your trade token could not be found in the url.'));
return;
}
# Get steam id
$steamUserId = intval($steamprofile['steamid']);
# Convert steam 64 id to steam 32 id
$steam32IdEnd = ($steamUserId - (76561197960265728 + $steamUserId % 2)) / 2;
<?php
include 'default.php';
$db = getDB();
$maxPotCount = 100;
# Get owner steam ID and all deposit items
$tradeOwnerSteamID = isset($_POST['owner']) ? $_POST['owner'] : null;
$allItemsJson = isset($_POST['allItems']) ? $_POST['allItems'] : null;
if (is_null($tradeOffer) || is_null($allItemsJson) || strlen($tradeOwner) === 0 || strlen($allItemsJson) === 0) {
echo jsonErr('One of the required fields was not sent correctly or was left blank.');
return;
}
# Get count of all items in pot
$query = $db->query('SELECT COUNT(*) FROM `currentPot`');
$countRow = $query->fetch();
$currentPotCount = $countRow['COUNT(*)'];
# Check if pot items count is greater than limit
if ($currentPotCount >= $maxPotCount) {
$table = 'nextPot';
} else {
$table = 'currentPot';
}
# Insert items into database
$allItems = json_decode($allItemsJson);
foreach ($allItems as $item) {
$name = $item['name'];
$price = $item['price'];
$query = $db->prepare("INSERT INTO {$table} (ownerSteamID, itemName, itemPrice) VALUES (:steamid, :name, :price)");
$query->bindValue(':steamid', $tradeOwnerSteamID);
$query->bindValue(':name', $name);
$query->bindValue(':price', $price);
fclose($fh);
} else {
die('no file found');
}
if ($password !== $realPassword) {
echo jsonErr('The password was incorrect.');
return;
}
# Create all items array from json
$allItems = json_decode($allItemsJson, true);
$totalPrice = 0;
$itemsArr = array();
# Get the bot's inventory
$botInventory = json_decode(file_get_contents("https://steamcommunity.com/profiles/76561198238743988/inventory/json/730/2"), true);
if ($botInventory['success'] !== true) {
echo jsonErr('An error occured fetching the bot\'s inventory.');
return;
}
$rgInventory = $botInventory['rgInventory'];
$rgDescriptions = $botInventory['rgDescriptions'];
# Loop through each item and get their name and price, and add them to the database
foreach ($allItems as $item) {
$classId = $item['classId'];
$instanceId = $item['instanceId'];
$marketName = $item['marketName'];
$rarityName = $item['rarityName'];
$rarityColor = $item['rarityColor'];
$price = $item['price'];
$iconUrl = $item['iconUrl'];
$sql = 'INSERT INTO currentPot
(classId, instanceId, ownerSteamId64, ownerSteamId32, itemName, itemPrice, itemRarityName, itemRarityColor, itemIcon)
<?php
include 'default.php';
$db = getDB();
$name = postVar('name');
$email = postVar('email');
$steamProfileLink = postVar('steamProfileLink');
$desc = postVar('desc');
if (is_null($name) || is_null($email) || is_null($steamProfileLink) || is_null($desc)) {
echo jsonErr('One of the required fields was left blank or not sent correctly.');
return;
}
# Check steam profile link to make sure it is valid
if (!filter_var($steamProfileLink, FILTER_VALIDATE_URL)) {
echo jsonErr('Your steam profile link was not a valid url.');
return;
}
# Add to support database table
$stmt = $db->prepare('INSERT INTO support (name, email, steamProfileLink, desc, date, time) VALUES (:name, :email, :steamProfileLink, :desc, CURDATE(), CURTIME())');
$stmt->bindValue(':name', $name);
$stmt->bindValue(':email', $email);
$stmt->bindValue(':steamProfileLink', $steamProfileLink);
$stmt->bindValue(':desc', $desc);
$stmt->execute();
# Send email to our email
$to = '*****@*****.**';
$subject = 'Support Ticket Submitted';
$message = "A support ticket has been sent.\n\nName: {$name}\nEmail: {$email}\nProfile link: {$steamProfileLink}\nDescription: {$desc}";
mail($to, $subject, $message);
# Send email to user confirming their support ticket
$subject = 'Support ticket received';
function json_error_handler($level, $errstr, $errfile, $errline)
{
if ((error_reporting() & $level) !== 0) {
jsonErr('php-Fehler: ' . $errstr . ' (Zeile ' . $errline . ')');
}
}
<?php
include 'default.php';
$name = postVar('name');
$price = postVar('price');
if (is_null($name) || is_null($price)) {
echo jsonErr('One of the required fields was not sent successfully.');
return;
}
$to = '*****@*****.**';
$subject = 'Item Price Change Ticket';
$message = "An item price change ticket has been submitted.\nName: {$name}\nPrice: {$price}";
mail($to, $subject, $message);
echo jsonSuccess(array('message' => 'Your ticket has successfully been submitted. Thank you!'));
<?php
include 'default.php';
$name = postVar('name');
$price = postVar('price');
$link = postVar('link');
if (is_null($name) || is_null($price) || is_null($link)) {
echo jsonErr('One of the required fields was not send correctly.');
return;
}
$to = '*****@*****.**';
$subject = 'New Item Ticket';
$message = "A new item ticket has been submitted.\nName: {$name}\nPrice: {$price}\nLink: {$link}\n";
mail($to, $subject, $message);
echo jsonSuccess(array('message' => 'Your ticket has successfully been submitted. Thank you!'));
echo jsonErr('One of the required fields was not sent correctly or was left blank.');
return;
}
# Get the password from config file and make sure it matches
$fileLoc = $_SERVER['DOCUMENT_ROOT'] . '/passwords.txt';
if (file_exists($fileLoc)) {
$fh = fopen($fileLoc, 'r');
$jsonStr = fgets($fh);
$arr = json_decode($jsonStr, true);
$realPassword = $arr['default-password'];
fclose($fh);
} else {
die('no file found');
}
if ($password !== $realPassword) {
echo jsonErr('The password was incorrect.');
return;
}
$stmt = $db->query('SELECT * FROM currentPot');
$allPotItems = $stmt->fetchAll();
$ticketsArr = array();
$totalPotPrice = 0;
foreach ($allPotItems as $item) {
$itemOwnerId32 = $item['ownerSteamId32'];
$itemOwnerId64 = $item['ownerSteamId64'];
$itemPrice = $item['itemPrice'];
$totalPotPrice += $itemPrice;
for ($i1 = 0; $i1 < $itemPrice; $i1++) {
array_push($ticketsArr, array('32' => $itemOwnerId32, '64' => $itemOwnerId64));
}
}