if (empty($_POST['skin_id']) or !$user_admin) { aExit(1); } $skin_id = (int) $_POST['skin_id']; $sp_item = new SPItem($skin_id); if ($sp_item->Delete()) { aExit(0); } else { aExit(2); } break; case 'get': if (empty($_POST['skin_id'])) { aExit(1); } CaptchaCheck(2); $skin_id = (int) $_POST['skin_id']; $sp_item = new SPItem($skin_id); if ($user->isFemale() and !$sp_item->isFemaleSkin()) { aExit(3, 'Этот скин подходит только для персонажей мужского пола'); } elseif (!$user->isFemale() and $sp_item->isFemaleSkin()) { aExit(5, 'Этот скин подходит только для персонажей женского пола'); } if ($sp_item->ApplayToUser($user->id())) { aExit(0); } else { aExit(4); } break; case 'add': if (!$user->getPermission('sp_upload') or !$config['sp_upload'] and !$user_admin) {
$nextClaim = $user['last_claim'] + $timer * 60; if (time() >= $nextClaim) { if ($user['claim_cryptokey'] == "") { $cryptoGenNumber = rand(1, 256); $cryptoKey = hash('sha256', "Key_" . $user['address'] . time() . $cryptoGenNumber); $mysqli->query("UPDATE faucet_user_list Set claim_cryptokey = '{$cryptoKey}' WHERE id = '{$user['id']}'"); header("Location: index.php"); exit; } if ($_GET['c'] != "1") { $content .= "\n\t\t<h1>1. Claim</h1><br />\n\t\t<form method='post' action='verify.php'>\n\t\t<input type='hidden' name='verifykey' value='" . $user['claim_cryptokey'] . "'/>\n\t\t<input type='hidden' name='token' value='" . $_SESSION['token'] . "'/>\n\t\t<button type='submit' class='btn btn-success btn-lg'><span class='glyphicon glyphicon-menu-right' aria-hidden='true'></span> Next</button>\n\t\t</form>"; } else { if ($_GET['c'] == "1") { if ($_POST['verifykey'] == $user['claim_cryptokey']) { $mysqli->query("UPDATE faucet_user_list Set claim_cryptokey = '' WHERE id = '{$user['id']}'"); $CaptchaCheck = json_decode(CaptchaCheck($_POST['g-recaptcha-response']))->success; if (!$CaptchaCheck) { $content .= alert("danger", "Captcha is wrong. <a href='index.php'>Try again</a>."); } else { $VPNShield = $mysqli->query("SELECT * FROM faucet_settings WHERE id = '14' LIMIT 1")->fetch_assoc()['value']; if (checkDirtyIp($_SERVER['REMOTE_ADDR']) and $VPNShield == "yes") { $content .= alert("danger", "VPN/Proxy/Tor is not allowed on this faucet.<br />Please disable and <a href='index.php'>try again</a>."); } else { $ip = $mysqli->real_escape_string($_SERVER['REMOTE_ADDR']); $IpCheck = $mysqli->query("SELECT COUNT(id) FROM faucet_user_list WHERE ip_address = '{$ip}'")->fetch_row()[0]; if ($IpCheck >= 2) { $content .= alert("danger", "Using multiple accounts is not allowed."); } else { $IpCheckBan = $mysqli->query("SELECT COUNT(id) FROM faucet_banned_ip WHERE ip_address = '{$ip}'")->fetch_row()[0]; $AddressCheckBan = $mysqli->query("SELECT COUNT(id) FROM faucet_banned_address WHERE address = '{$user['address']}'")->fetch_row()[0]; if ($IpCheckBan >= 1 or $AddressCheckBan >= 1) {
exit; } loadTool('ajax.php'); loadTool('user.class.php'); DBinit('login'); if ($out) { header("Location: " . BASE_URL); MCRAuth::userLoad(); if (!empty($user)) { $user->logout(); } } elseif ($login) { $pass = Filter::input('pass'); $tmp_user = new User($login, strpos($login, '@') === false ? $bd_users['login'] : $bd_users['email']); $ajax_message['auth_fail_num'] = (int) $tmp_user->auth_fail_num(); if (!$tmp_user->id()) { aExit(4, lng('AUTH_NOT_EXIST')); } if ($tmp_user->auth_fail_num() >= 5) { CaptchaCheck(6); } if (!$tmp_user->authenticate($pass)) { $ajax_message['auth_fail_num'] = (int) $tmp_user->auth_fail_num(); aExit(1, lng('AUTH_FAIL') . '.<br /> <a href="#" style="color: #656565;" onclick="RestoreStart(); return false;">' . lng('AUTH_RESTORE') . ' ?</a>'); } if ($tmp_user->lvl() <= 0) { aExit(4, lng('USER_BANNED')); } $tmp_user->login(randString(15), GetRealIp(), Filter::input('save', 'post', 'bool')); aExit(0, 'success'); }
$new_pass = randString(8); $subject = lng('RESTORE_TITLE'); $message = '<html><body><p>' . lng('RESTORE_TITLE') . '. ' . lng('RESTORE_NEW') . ' ' . lng('LOGIN') . ': ' . $restore_user->name() . '. ' . lng('PASS') . ': ' . $new_pass . '</p></body></html>'; if (!EMail::Send($email, $subject, $message)) { aExit(4, lng('MAIL_FAIL')); } if ($restore_user->changePassword($new_pass) != 1) { aExit(5, ''); } aExit(0, lng('RESTORE_COMPLETE')); break; case 'comment': $comment = Filter::input('comment'); $item_type = Filter::input('item_type', 'post', 'int'); $item_id = Filter::input('item_id', 'post', 'int'); CaptchaCheck(3); if (empty($user) or !$comment or !$item_type or !$item_id) { aExit(1, lng('MESS_FAIL')); } loadTool('comment.class.php'); $comments_item = new Comments_Item(false, 'news/comments/'); $comments_item->aCreate($comment, $user, $item_id, $item_type); break; case 'del_com': $id = Filter::input('item_id', 'post', 'int'); if (empty($user) or !$id) { aExit(1); } loadTool('comment.class.php'); $comments_item = new Comments_Item($id); if (!$user->getPermission('adm_comm') and $comments_item->GetAuthorID() != $user->id()) {
exit; } if (empty($user) or $user->lvl() <= 0) { header("Location: " . BASE_URL); exit; } /* Default vars */ $page = lng('PAGE_OPTIONS'); $prefix = 'profile/'; $user_img_get = $user->getSkinLink() . '&refresh=' . rand(1000, 9999); $menu->SetItemActive('options'); if ($user->group() == 4 or !$user->email() or $user->gender() > 1) { // Not verificated EMail / Compatibility with older versions loadTool('ajax.php'); $html_info = ''; if (CaptchaCheck(0, false)) { $female = Filter::input('female', 'post', 'string', true); $email = Filter::input('email', 'post', 'mail', true); if ($female !== false and $user->gender() > 1) { $user->changeGender(!(int) $female ? 0 : 1); } if ($email) { $send_result = $user->changeEmail($email, true); if ($send_result == 1) { $html_info = lng('REG_CONFIRM_INFO'); } elseif ($send_result == 1902) { $html_info = lng('AUTH_EXIST_EMAIL'); } else { $html_info = lng('MAIL_FAIL'); } }