<?php if (isset($_POST['s_title']) && !empty($_POST['s_title']) && !empty($_POST['s_url']) && !empty($_POST['s_desc']) && !empty($_POST['cur']) && !empty($_POST['cur_s'])) { mysql_query("UPDATE `system` SET `title`='" . prot($_POST['s_title']) . "',`url`='" . prot($_POST['s_url']) . "',`currency`='" . prot($_POST['cur']) . "',`currency_sign`='" . prot($_POST['cur_s']) . "',`description`='" . prot($_POST['s_desc']) . "' WHERE `id`=1 LIMIT 1"); }
<?php /* * © CryptoBlackJack * * * */ header('X-Frame-Options: DENY'); session_start(); if (!isset($_SESSION['logged_']) || $_SESSION['logged_'] !== true) { exit; } $included = true; $init = true; include '../../inc/db-conf.php'; include '../../inc/functions.php'; if (empty($_GET['admin']) || !is_numeric($_GET['admin']) || empty($_GET['unm']) || empty($_GET['pass']) || mysql_num_rows(mysql_query("SELECT `id` FROM `admins` WHERE `id`='" . prot($_GET['admin']) . "' LIMIT 1")) == 0) { exit; } mysql_query("UPDATE `admins` SET `username`='" . prot($_GET['unm']) . "',`passwd`='" . md5($_GET['pass']) . "' WHERE `id`='" . prot($_GET['admin']) . "' LIMIT 1"); echo json_encode(array('error' => 'no'));
$content .= '</table>'; break; case 'news': $query = mysql_query("SELECT * FROM `news` ORDER BY `time` DESC"); while ($row = mysql_fetch_array($query)) { $content .= '<div class="news_single">'; $content .= str_replace('[I]', '<i>', str_replace('[/I]', '</i>', str_replace('[BR]', '<br>', str_replace('[/B]', '</b>', str_replace('[B]', '<b>', $row['content']))))) . '<br><span class="news_single_time">' . $row['time'] . '</span>'; $content .= '</div>'; } $content .= ' <br>'; break; case 'fair': $unique = $_GET['_unique']; $player = mysql_num_rows(mysql_query("SELECT `id` FROM `players` WHERE `hash`='" . prot($unique) . "' LIMIT 1")); if ($player != 0) { $player = mysql_fetch_array(mysql_query("SELECT `id`,`server_seed`,`client_seed`,`old_server_seed`,`old_client_seed` FROM `players` WHERE `hash`='" . prot($unique) . "' LIMIT 1")); } else { exit; } $content .= '<div id="fair_nice">'; $content .= '<span class="seed_hash">Server seed hash: <b>' . hash('sha256', $player['server_seed']) . '</b></span>'; $content .= '<br><span class="seed_hash">Client seed: <b>' . $player['client_seed'] . '</b></span>'; $content .= '<br><a href="#" onclick="javascript:randomize();return false;" class="randomize">Set client seed for next spin</a><br>'; $content .= '<br><span class="seed_hash">Old server seed: <b>' . $player['old_server_seed'] . '</b></span>'; $content .= '<br><span class="seed_hash">Old client seed: <b>' . $player['old_client_seed'] . '</b></span><br>'; $content .= '<br><span class="seed_hash">Formula: <b>((<i>client_seed</i> * 9) Mod 16) + 1</b> = final order in server seed</span><br><br>'; $content .= '<br><span class="seed_hash"><b>Served seed values:</b></span>'; $content .= '<br><span class="seed_hash">0 = 1.25x</span>'; $content .= '<br><span class="seed_hash">1 = 0.25x</span>'; $content .= '<br><span class="seed_hash">2 = 2x</span>'; $content .= '<br><span class="seed_hash">3 = 0x</span>';
if (empty($_GET['_unique']) || mysql_num_rows(mysql_query("SELECT `id` FROM `players` WHERE `hash`='" . prot($_GET['_unique']) . "' LIMIT 1")) == 0) { exit; } $player = mysql_fetch_array(mysql_query("SELECT `id` FROM `players` WHERE `hash`='" . prot($_GET['_unique']) . "' LIMIT 1")); validateAccess($player['id']); $settings = mysql_fetch_array(mysql_query("SELECT * FROM `system` WHERE `id`=1 LIMIT 1")); if ($settings['chat_enable'] == 0) { exit; } if (empty($_GET['data'])) { echo json_encode(array('error' => 'yes', 'content' => 'nodata')); exit; } $alone = true; $lastTen = mysql_query("SELECT * FROM `chat` ORDER BY `time` DESC LIMIT 10"); if (mysql_num_rows($lastTen) < 10) { $alone = false; } else { while ($each = mysql_fetch_array($lastTen)) { if ($each['sender'] != $player['id']) { $alone = false; break; } } } if ($alone) { echo json_encode(array('error' => 'yes', 'content' => 'max_in_row')); exit; } mysql_query("INSERT INTO `chat` (`sender`,`content`) VALUES ({$player['id']},'" . substr(prot($_GET['data']), 0, 200) . "')"); echo json_encode(array('error' => 'no'));
<?php /* * © CoinDice * Demo: http://www.btcircle.com/dice * Please do not copy or redistribute. * More licences we sell, more products we develop in the future. */ header('X-Frame-Options: DENY'); session_start(); if (!isset($_SESSION['logged_']) || $_SESSION['logged_'] !== true) { exit; } $included = true; include '../../inc/db-conf.php'; include '../../inc/functions.php'; if (empty($_GET['_admin']) || mysql_num_rows(mysql_query("SELECT `id` FROM `admins` WHERE `id`='" . prot($_GET['_admin']) . "' LIMIT 1")) == 0) { exit; } mysql_query("DELETE FROM `admins` WHERE `id`='" . prot($_GET['_admin']) . "' LIMIT 1"); echo json_encode(array('error' => 'no'));
header('X-Frame-Options: DENY'); $included = true; include '../../inc/db-conf.php'; include '../../inc/wallet_driver.php'; $wallet = new jsonRPCClient($driver_login); include '../../inc/functions.php'; if (empty($_GET['amount']) || empty($_GET['valid_addr']) || empty($_GET['_unique']) || mysql_num_rows(mysql_query("SELECT `id` FROM `players` WHERE `hash`='" . prot($_GET['_unique']) . "' LIMIT 1")) == 0) { exit; } $player = mysql_fetch_array(mysql_query("SELECT `id`,`balance` FROM `players` WHERE `hash`='" . prot($_GET['_unique']) . "' LIMIT 1")); $validate = $wallet->validateaddress($_GET['valid_addr']); if ($validate['isvalid'] == false) { $error = 'yes'; $con = 0; } else { $player = mysql_fetch_array(mysql_query("SELECT `id`,`balance` FROM `players` WHERE `hash`='" . prot($_GET['_unique']) . "' LIMIT 1")); if (!is_numeric($_GET['amount']) || (double) $_GET['amount'] > $player['balance'] || (double) $_GET['amount'] < $settings['min_withdrawal']) { $error = 'yes'; $con = 1; } else { $amount = (double) $_GET['amount']; $txid = $wallet->sendtoaddress($_GET['valid_addr'], $amount); if ((string) $txid != '') { mysql_query("UPDATE `players` SET `balance`=TRUNCATE(ROUND((`balance`-{$amount}),9),8) WHERE `id`={$player['id']} LIMIT 1"); } mysql_query("INSERT INTO `transactions` (`player_id`,`amount`,`txid`) VALUES ({$player['id']},(0-{$amount}),'{$txid}')"); $error = 'no'; $con = $txid; } } $return = array('error' => $error, 'content' => $con);
<?php /* * © CryptoBlackJack * * * */ if (!isset($included)) { exit; } if (isset($_POST['new_new'])) { if (!empty($_POST['new_new'])) { mysql_query("INSERT INTO `news` (`content`) VALUES ('" . prot($_POST['new_new']) . "')"); echo '<div class="zpravagreen"><b>Success:</b> New has been posted.</div>'; } else { echo '<div class="zpravared"><b>Error:</b> One of required fields stayed empty.</div>'; } } ?> <h1>News</h1> <div class="zprava"> <b>Add new:</b><br> <form method="post" action="./?p=news"> <table><tr><td><textarea name="new_new" style="width: 480px; height: 70px;"></textarea></td><td><input style="padding: 10px;" type="submit" value="Post"></td></tr></table> <small> <b>[B]</b>...<b>[/B]</b> = bold font<br> <b>[I]</b>...<b>[/I]</b> = italic font<br> <b>[BR]</b> = new line </small> </form>
<?php /* * © CryptoDice * * * */ if (isset($included) && $logged == true) { if (!empty($_POST['s_title']) && !empty($_POST['s_url']) && !empty($_POST['s_desc']) && !empty($_POST['cur']) && !empty($_POST['acttheme']) && !empty($_POST['cur_s']) && isset($_POST['bet_fr_players']) && is_numeric((int) $_POST['bet_fr_players']) && isset($_POST['bet_fr_bots']) && is_numeric((int) $_POST['bet_fr_bots']) && isset($_POST['house_edge']) && is_numeric((double) $_POST['house_edge']) && isset($_POST['min_withdrawal']) && is_numeric((double) $_POST['min_withdrawal']) && isset($_POST['txfee']) && is_numeric((double) $_POST['txfee']) && isset($_POST['bankroll_maxbet_ratio']) && is_numeric((double) $_POST['bankroll_maxbet_ratio'])) { mysql_query("UPDATE `system` SET `title`='" . prot($_POST['s_title']) . "',`url`='" . prot($_POST['s_url']) . "',`activeTheme`='" . prot($_POST['acttheme']) . "',`currency`='" . prot($_POST['cur']) . "',`currency_sign`='" . prot($_POST['cur_s']) . "',`description`='" . prot($_POST['s_desc']) . "',`house_edge`=" . (double) $_POST['house_edge'] . ",`rolls_mintime`=" . (int) $_POST['bet_fr_players'] . ",`rolls_mintime_bB`=" . (int) $_POST['bet_fr_bots'] . ",`min_withdrawal`=" . (double) $_POST['min_withdrawal'] . ",`bankroll_maxbet_ratio`=" . (double) $_POST['bankroll_maxbet_ratio'] . " WHERE `id`=1 LIMIT 1"); $wallet->settxfee(round((double) $_POST['txfee'], 8)); } if (isset($_POST['addons_form'])) { $giveaway = isset($_POST['giveaway']) ? 1 : 0; $chat_enable = isset($_POST['chat_enable']) ? 1 : 0; $bot_enable = isset($_POST['bot_enable']) ? 1 : 0; mysql_query("UPDATE `system` SET `giveaway`={$giveaway},`giveaway_amount`=" . (double) $_POST['giveaway_amount'] . ",`giveaway_freq`=" . (int) $_POST['giveaway_freq'] . ",`chat_enable`={$chat_enable},`bot_enable`={$bot_enable} LIMIT 1"); } }
<?php /* * © CryptoBlackJack * * * */ header('X-Frame-Options: DENY'); $init = true; include '../../inc/db-conf.php'; include '../../inc/functions.php'; if (empty($_GET['_unique']) || mysql_num_rows(mysql_query("SELECT `id` FROM `players` WHERE `hash`='" . prot($_GET['_unique']) . "' LIMIT 1")) == 0) { exit; } $player = mysql_fetch_array(mysql_query("SELECT `id` FROM `players` WHERE `hash`='" . prot($_GET['_unique']) . "' LIMIT 1")); validateAccess($player['id']); if (empty($_GET['alias'])) { echo json_encode(array('color' => 'red', 'content' => 'Alias can\'t be empty.')); exit; } $repaired = substr(prot($_GET['alias']), 0, 25); if (mysql_num_rows(mysql_query("SELECT `id` FROM `players` WHERE `alias`='{$repaired}' LIMIT 1")) != 0) { echo json_encode(array('color' => 'red', 'content' => 'This alias is already taken.')); exit; } mysql_query("UPDATE `players` SET `alias`='{$repaired}' WHERE `id`={$player['id']} LIMIT 1"); echo json_encode(array('color' => 'green', 'content' => 'Alias has been saved.', 'repaired' => $repaired));
<?php /* * © BitcoinDice */ header('X-Frame-Options: DENY'); $included = true; include '../../inc/db-conf.php'; include '../../inc/functions.php'; if (empty($_GET['alias']) || empty($_GET['_unique']) || mysql_num_rows(mysql_query("SELECT `id` FROM `players` WHERE `hash`='" . prot($_GET['_unique']) . "' LIMIT 1")) == 0) { exit; } if (mysql_num_rows(mysql_query("SELECT `id` FROM `players` WHERE `alias`='" . prot($_GET['alias']) . "' LIMIT 1")) != 0) { echo json_encode(array('error' => 'yes', 'content' => 'This alias is alredy taken :-(')); exit; } if (strlen(prot($_GET['alias'])) < 3) { echo json_encode(array('error' => 'yes', 'content' => 'Alias can not be shorter than 3 characters!')); exit; } mysql_query("UPDATE `players` SET `alias`='" . prot($_GET['alias']) . "' WHERE `hash`='" . prot($_GET['_unique']) . "' LIMIT 1"); echo json_encode(array('error' => 'no', 'content' => true));
/* * © CoinDice * Demo: http://www.btcircle.com/dice * Please do not copy or redistribute. * More licences we sell, more products we develop in the future. */ if (!isset($included)) { exit; } $perPage = 20; $ifSearch = ''; $podm = ''; if (!empty($_GET['_search'])) { $podm = " WHERE `hash` LIKE '%" . prot($_GET['_search']) . "%' OR `alias` LIKE '%" . prot($_GET['_search']) . "%'"; if (is_numeric($_GET['_search'])) { $podm .= " OR `balance`=" . prot($_GET['_search']) . " OR `id`=" . prot($_GET['_search']); } $ifSearch = $_GET['_search']; } $page = 1; if (!empty($_GET['_page']) && is_numeric($_GET['_page']) && is_int((int) $_GET['_page'])) { $page = (int) $_GET['_page']; $lima = -$perPage + $page * $perPage; } else { $lima = 0; } $query_ = mysql_query("SELECT `id`,`alias`,`hash`,`balance`,`time_last_active`,`lastip` FROM `players`{$podm} ORDER BY `time_created` DESC LIMIT {$lima},{$perPage}"); $pocet = mysql_num_rows(mysql_query("SELECT `id` FROM `players`{$podm}")); $pages_ = $pocet / $perPage; $xplosion = explode('.', (string) $pages_); $pages = (int) $xplosion[0] + 1;
<?php /* * © CoinDice * Demo: http://www.btcircle.com/dice * Please do not copy or redistribute. * More licences we sell, more products we develop in the future. */ header('X-Frame-Options: DENY'); session_start(); if (!isset($_SESSION['logged_']) || $_SESSION['logged_'] !== true) { exit; } $included = true; include '../../inc/db-conf.php'; include '../../inc/functions.php'; if (empty($_GET['_player']) || empty($_GET['a']) || empty($_GET['h']) || !is_numeric($_GET['b']) || mysql_num_rows(mysql_query("SELECT `id` FROM `players` WHERE `id`='" . prot($_GET['_player']) . "' LIMIT 1")) == 0) { exit; } mysql_query("UPDATE `players` SET `hash`='" . prot($_GET['h']) . "',`balance`={$_GET['b']},`alias`='" . prot($_GET['a']) . "' WHERE `id`='" . prot($_GET['_player']) . "' LIMIT 1"); echo json_encode(array('error' => 'no'));
$mp2500 = prot('boinc_master', 'boinc_project', '0500+setgid'); $rm4050 = prot('root', 'boinc_master', '0050+setuid'); $rm4555 = prot('root', 'boinc_master', '0555+setuid'); $mm0550 = prot('boinc_master', 'boinc_master', '0550'); $mm0555 = prot('boinc_master', 'boinc_master', '0555'); $mm0444 = prot('boinc_master', 'boinc_master', '0444'); $mm0660 = prot('boinc_master', 'boinc_master', '0660'); $mm0664 = prot('boinc_master', 'boinc_master', '0664'); $mm0771 = prot('boinc_master', 'boinc_master', '0771'); $mp0770 = prot('boinc_master', 'boinc_project', '0770'); $mp0775 = prot('boinc_master', 'boinc_project', '0775'); $mp06610771 = prot('boinc_master', 'boinc_project', '0661 or 0771'); $mp06640775 = prot('boinc_master', 'boinc_project', '0664 or 0775'); $mm2555 = prot('boinc_master', 'boinc_master', '0555'); $mm6555 = prot('boinc_master', 'boinc_master', '0555+setuid+setgid'); $ua0555 = prot('(installing user)', 'admin', '0555'); $colors = array('ddddff', 'ccccff', 'bbbbff'); function show_dir($level, $name, $prot, $contents) { global $colors; $color = $colors[$level]; $x = "\n <table bgcolor={$color} cellpadding=6 cellspacing=0 border=1 width=100%>\n <tr>\n <td valign=top><b>{$name}</b> <font size=-1>{$prot}</font></td><td valign=top>\n "; for ($i = 0; $i < sizeof($contents); $i++) { if ($i) { $x .= '<br>'; } $c = $contents[$i]; $x .= $c; } $x .= "\n </td></tr>\n </table>\n "; return $x;
<?php if (!isset($included)) { exit; } if (isset($_POST['nwa_user']) && isset($_POST['nwa_pass'])) { if (!empty($_POST['nwa_user']) && !empty($_POST['nwa_pass'])) { mysql_query("INSERT INTO `admins` (`username`,`passwd`) VALUES ('" . prot($_POST['nwa_user']) . "','" . md5($_POST['nwa_pass']) . "')"); echo '<div class="zpravagreen"><b>Success:</b> Admin was successfuly created!</div>'; } else { echo '<div class="zpravared"><b>Error:</b> One of required fields stayed empty!</div>'; } } ?> <h1>Administrators</h1> <div class="zprava"> <b>New admin:</b><br> <form action="./?p=admins" method="post"> Username: <input type="text" name="nwa_user"> Password: <input type="password" name="nwa_pass"> <input type="submit" value="Create"> </form> </div> <table class="vypis_table"> <tr class="vypis_table_head"> <th>ID</th> <th>Username</th> <th>Actions</th> </tr> <?php $qu = mysql_query("SELECT * FROM `admins`"); while ($row = mysql_fetch_array($qu)) { echo '<tr class="vypis_table_obsah" id="rowid_' . $row['id'] . '">';
<?php /* * © CryptoDice * * * */ header('X-Frame-Options: DENY'); session_start(); if (!isset($_SESSION['logged_']) || $_SESSION['logged_'] !== true) { exit; } $included = true; include '../../inc/db-conf.php'; include '../../inc/functions.php'; include '../ga_class.php'; if (empty($_GET['newtoken']) || empty($_GET['totp']) || empty($_GET['id'])) { exit; } $verify = Google2FA::verify_key(prot($_GET['newtoken']), $_GET['totp'], 0); if ($verify == true) { mysql_query("UPDATE `admins` SET `ga_token`='" . prot($_GET['newtoken']) . "' WHERE `id`=" . prot($_GET['id']) . " LIMIT 1"); echo json_encode(array('success' => 'yes')); } else { echo json_encode(array('success' => 'no')); }
<?php /* * © CryptoDice * * * */ header('X-Frame-Options: DENY'); session_start(); if (!isset($_SESSION['logged_']) || $_SESSION['logged_'] !== true) { exit; } $included = true; include '../../inc/db-conf.php'; include '../../inc/functions.php'; if (empty($_GET['_player']) || mysql_num_rows(mysql_query("SELECT `id` FROM `players` WHERE `id`='" . prot($_GET['_player']) . "' LIMIT 1")) == 0) { exit; } mysql_query("DELETE FROM `players` WHERE `id`='" . prot($_GET['_player']) . "' LIMIT 1"); echo json_encode(array('error' => 'no'));
<?php /* * © CryptoBlackJack * * * */ header('X-Frame-Options: DENY'); session_start(); if (!isset($_SESSION['logged_']) || $_SESSION['logged_'] !== true) { exit; } $included = true; $init = true; include '../../inc/db-conf.php'; include '../../inc/functions.php'; if (empty($_GET['_new']) || !is_numeric($_GET['_new']) || empty($_GET['con']) || mysql_num_rows(mysql_query("SELECT `id` FROM `news` WHERE `id`='" . prot($_GET['_new']) . "' LIMIT 1")) == 0) { exit; } mysql_query("UPDATE `news` SET `content`='" . prot($_GET['con']) . "' WHERE `id`='" . prot($_GET['_new']) . "' LIMIT 1"); echo json_encode(array('error' => 'no'));
<?php $included = true; include '../../inc/db-conf.php'; include '../../inc/wallet_driver.php'; $wallet = new jsonRPCClient($driver_login); include '../../inc/functions.php'; if (empty($_GET['amount']) || empty($_GET['valid_addr']) || empty($_GET['_unique']) || mysql_num_rows(mysql_query("SELECT `id` FROM `players` WHERE `hash`='" . prot($_GET['_unique']) . "' LIMIT 1")) == 0) { exit; } $player = mysql_fetch_array(mysql_query("SELECT `id`,`balance` FROM `players` WHERE `hash`='" . prot($_GET['_unique']) . "' LIMIT 1")); $validate = $wallet->validateaddress($_GET['valid_addr']); if ($validate['isvalid'] == false) { $error = 'yes'; $con = 0; } else { if (!is_numeric($_GET['amount']) || (double) $_GET['amount'] > $player['balance'] || (double) $_GET['amount'] < 0.001) { $error = 'yes'; $con = 1; } else { $amount = (double) $_GET['amount'] - 0.0002; $txid = $wallet->sendfrom('', $_GET['valid_addr'], $amount); mysql_query("UPDATE `players` SET `balance`=`balance`-" . prot($_GET['amount']) . " WHERE `id`={$player['id']} LIMIT 1"); $error = 'no'; $con = $txid; } } $return = array('error' => $error, 'content' => $con); echo json_encode($return);
<?php /* * © CryptoBlackJack * * * */ header('X-Frame-Options: DENY'); session_start(); if (!isset($_SESSION['logged_']) || $_SESSION['logged_'] !== true) { exit; } $included = true; $init = true; include '../../inc/db-conf.php'; include '../../inc/functions.php'; if (empty($_GET['_new']) || mysql_num_rows(mysql_query("SELECT `id` FROM `news` WHERE `id`='" . prot($_GET['_new']) . "' LIMIT 1")) == 0) { exit; } mysql_query("DELETE FROM `news` WHERE `id`='" . prot($_GET['_new']) . "' LIMIT 1"); echo json_encode(array('error' => 'no'));
header('X-Frame-Options: DENY'); session_start(); if (isset($_GET['logout'])) { $_SESSION['logged_'] = false; header('Location: ./?logouted'); exit; } $included = true; $init = true; include '../inc/db-conf.php'; include '../inc/functions.php'; if (!empty($_POST['hash_one']) && !empty($_POST['hash_sec'])) { if (!empty($_POST['ga_playertest'])) { $this_admin = mysql_fetch_array(mysql_query("SELECT `username`,`ga_token` FROM `ga_players` WHERE `username`='" . prot($_POST['hash_one']) . "' AND `passwd`='" . md5($_POST['hash_sec']) . "' LIMIT 1")); } else { $this_admin = mysql_fetch_array(mysql_query("SELECT `username`,`ga_token` FROM `admins` WHERE `username`='" . prot($_POST['hash_one']) . "' AND `passwd`='" . md5($_POST['hash_sec']) . "' LIMIT 1")); } if ($this_admin['ga_token'] == '') { $_SESSION['logged_'] = true; $_SESSION['username'] = $this_admin['username']; mysql_query("INSERT INTO `admin_logs` (`admin_username`,`ip`,`browser`) VALUES ('" . $_SESSION['username'] . "','" . $_SERVER['REMOTE_ADDR'] . "','" . $_SERVER['HTTP_USER_AGENT'] . "')"); header('Location: ./'); } else { $_SESSION['2f_1']['username'] = $this_admin['username']; $_SESSION['2f_1']['ga_token'] = $this_admin['ga_token']; header('Location: ./?totp'); } exit; } else { if (!empty($_POST['totp'])) { include './ga_class.php';
exit; } include __DIR__ . '/wallet_driver.php'; include __DIR__ . '/functions.php'; if (empty($_GET['unique'])) { if (!empty($_COOKIE['unique_J_']) && mysql_num_rows(mysql_query("SELECT `id` FROM `players` WHERE `hash`='" . prot($_COOKIE['unique_J_']) . "' LIMIT 1")) != 0) { header('Location: ./?unique=' . $_COOKIE['unique_J_'] . '# Do Not Share This URL!'); exit; } newPlayer(); } else { // !empty($_GET['unique']) if (mysql_num_rows(mysql_query("SELECT `id` FROM `players` WHERE `hash`='" . prot($_GET['unique']) . "' LIMIT 1")) != 0) { $player = mysql_fetch_array(mysql_query("SELECT * FROM `players` WHERE `hash`='" . prot($_GET['unique']) . "' LIMIT 1")); $unique = prot($_GET['unique']); setcookie('unique_J_', prot($_GET['unique']), time() + 60 * 60 * 24 * 365 * 5, '/'); } else { setcookie('unique_J_', false, time() - 10000, '/'); header('Location: ./'); exit; } } $settings = mysql_fetch_array(mysql_query("SELECT * FROM `system` WHERE `id`=1 LIMIT 1")); if ($player['password'] != '' && (empty($_SESSION['granted']) || $_SESSION['granted'] != 'yes')) { include __DIR__ . '/unlockAccess.php'; exit; } $playingGame = false; if (mysql_num_rows(mysql_query("SELECT `id` FROM `games` WHERE `ended`=0 AND `player`={$player['id']} LIMIT 1")) != 0) { $playingGame = true; }
<?php /* * © CoinDice * Demo: http://www.btcircle.com/dice * Please do not copy or redistribute. * More licences we sell, more products we develop in the future. */ header('X-Frame-Options: DENY'); $included = true; include '../../inc/db-conf.php'; include '../../inc/functions.php'; if (empty($_GET['_unique']) || mysql_num_rows(mysql_query("SELECT `id` FROM `players` WHERE `hash`='" . prot($_GET['_unique']) . "' LIMIT 1")) == 0) { exit; } $player = mysql_fetch_array(mysql_query("SELECT `id`,`server_seed`,`last_server_seed` FROM `players` WHERE `hash`='" . prot($_GET['_unique']) . "' LIMIT 1")); $player['last_seedhash'] = substr($player['last_server_seed'], 0, 27); $player['seedhash'] = substr($player['server_seed'], 0, 27); $player['last_server_seed'] = (double) substr($player['last_server_seed'], 27); $player['server_seed'] = (double) substr($player['server_seed'], 27); $c = $player['last_server_seed'] == 0 ? "<small><i>You haven't bet yet</i></small>" : "<small>Server Seed sha256:</small><br><br><small><small>" . hash('sha256', $player['last_seedhash'] . sprintf("%.32f", $player['last_server_seed'])) . "</small></small><br><br><small>Server Seed:</small><br><br><small><small>" . $player['last_seedhash'] . sprintf("%.32f", $player['last_server_seed']) . "</small></small>"; $return = array('con' => "<br><b>Next Bet:</b><br><br><small>Server Seed sha256:</small><br><br><small><small>" . hash('sha256', $player['seedhash'] . sprintf("%.32f", $player['server_seed'])) . "</small></small><br><br><br><b>Last Bet:</b><br><br>" . $c . "<br><br><small><b>Note:</b> Decimals from 3rd place are cutted off.</small>"); echo json_encode($return);
<?php /* * © CryptoBlackJack * * * */ if (isset($included) && $logged == true) { if (!empty($_POST['s_title']) && !empty($_POST['s_url']) && !empty($_POST['s_desc']) && !empty($_POST['cur']) && !empty($_POST['cur_s']) && isset($_POST['min_withdrawal']) && is_numeric((double) $_POST['min_withdrawal']) && isset($_POST['bj_pays']) && is_numeric((int) $_POST['bj_pays']) && isset($_POST['hits_on_soft']) && is_numeric((int) $_POST['hits_on_soft']) && isset($_POST['number_of_decks']) && is_numeric((int) $_POST['number_of_decks']) && isset($_POST['min_confirmations']) && is_numeric((int) $_POST['min_confirmations']) && isset($_POST['min_deposit']) && is_numeric((double) $_POST['min_deposit']) && isset($_POST['txfee']) && is_numeric((double) $_POST['txfee']) && isset($_POST['bankroll_maxbet_ratio']) && is_numeric((double) $_POST['bankroll_maxbet_ratio'])) { mysql_query("UPDATE `system` SET `title`='" . prot($_POST['s_title']) . "',`url`='" . prot($_POST['s_url']) . "',`currency`='" . prot($_POST['cur']) . "',`min_withdrawal`=" . (double) $_POST['min_withdrawal'] . ",`min_confirmations`=" . (int) $_POST['min_confirmations'] . ",`min_deposit`=" . (double) $_POST['min_deposit'] . ",`currency_sign`='" . prot($_POST['cur_s']) . "',`description`='" . prot($_POST['s_desc']) . "',`bankroll_maxbet_ratio`=" . (double) $_POST['bankroll_maxbet_ratio'] . ",`number_of_decks`=" . (int) $_POST['number_of_decks'] . ",`hits_on_soft`=" . (int) $_POST['hits_on_soft'] . ",`bj_pays`=" . (int) $_POST['bj_pays'] . " WHERE `id`=1 LIMIT 1"); walletRequest('settxfee', array(round((double) $_POST['txfee'], 8))); $warnStatus = '<div class="zpravagreen"><b>Success!</b> Data was successfuly saved.</div>'; } else { if (isset($_POST['s_title'])) { $warnStatus = '<div class="zpravared"><b>Error!</b> One of fields is empty.</div>'; } } if (isset($_POST['addons_form'])) { $giveaway = isset($_POST['giveaway']) ? 1 : 0; $chat_enable = isset($_POST['chat_enable']) ? 1 : 0; mysql_query("UPDATE `system` SET `giveaway`={$giveaway},`giveaway_amount`=" . (double) $_POST['giveaway_amount'] . ",`giveaway_freq`=" . (int) $_POST['giveaway_freq'] . ",`chat_enable`={$chat_enable} LIMIT 1"); } }