function GetBattleNetURL($region, $path)
{
$region = trim(strtolower($region));
if (substr($path, 0, 1) == '/') {
$path = substr($path, 1);
}
$start = microtime(true);
$finalUrl = '';
while (!$finalUrl && $start + 5 > microtime(true)) {
$cacheKey = 'BattleNetKeyUsage';
if (!MCAdd($cacheKey . '_critical', 1, 5 * BATTLE_NET_REQUEST_PERIOD)) {
usleep(50000);
continue;
}
$apiHits = MCGet($cacheKey);
if ($apiHits === false) {
$apiHits = [];
}
$hitCount = count($apiHits);
if ($hitCount >= BATTLE_NET_REQUEST_LIMIT) {
$now = microtime(true);
while ($apiHits[0] < $now && $now < $apiHits[0] + BATTLE_NET_REQUEST_PERIOD) {
usleep(50000);
$now = microtime(true);
}
}
$apiHits[] = microtime(true);
$hitCount++;
if ($hitCount > BATTLE_NET_REQUEST_LIMIT) {
array_splice($apiHits, 0, $hitCount - BATTLE_NET_REQUEST_LIMIT);
}
MCSet($cacheKey, $apiHits, 10 * BATTLE_NET_REQUEST_PERIOD);
MCDelete($cacheKey . '_critical');
$pattern = $region == 'cn' ? 'https://api.battlenet.com.%s/%s%sapikey=%s' : 'https://%s.api.battle.net/%s%sapikey=%s';
$finalUrl = sprintf($pattern, $region, $path, strpos($path, '?') !== false ? '&' : '?', BATTLE_NET_KEY);
}
return $finalUrl ? $finalUrl : false;
}
function APIMaintenance($when = -1, $expire = false)
{
if (!function_exists('MCGet')) {
DebugMessage('Tried to test for APIMaintenance without memcache loaded!', E_USER_ERROR);
}
$cacheKey = 'APIMaintenance';
if ($when == -1) {
return MCGet($cacheKey);
}
if ($when === false) {
$when = 0;
}
if (!is_numeric($when)) {
$when = strtotime($when);
}
if ($when) {
if ($expire == false) {
$expire = $when + 72 * 60 * 60;
} elseif (!is_numeric($expire)) {
$expire = strtotime($expire);
}
DebugMessage('Setting API maintenance mode, expected to end ' . TimeDiff($when) . ', maximum ' . TimeDiff($expire));
MCSet($cacheKey, $when, $expire);
} else {
DebugMessage('Ending API maintenance mode.');
MCDelete($cacheKey);
}
return $when;
}
function DeleteRareWatch($loginState, $house, $seq)
{
$userId = $loginState['id'];
$seq = intval($seq, 10);
$db = DBConnect();
$sql = 'delete from tblUserRare where user=? and seq=?';
$stmt = $db->prepare($sql);
$stmt->bind_param('ii', $userId, $seq);
$stmt->execute();
$stmt->close();
if ($house) {
MCDelete(SUBSCRIPTION_RARE_CACHEKEY . $userId . '_' . $house);
}
MCDelete(SUBSCRIPTION_RARE_CACHEKEY . $userId . '_0');
return GetRareWatches($loginState, $house);
}
<?php
require_once __DIR__ . '/../incl/incl.php';
require_once __DIR__ . '/../incl/api.incl.php';
if (!isset($argv[1])) {
DebugMessage("Enter IP to ban on command line.\n");
exit(1);
}
$ip = trim($argv[1]);
if ($ip == false) {
MCDelete(BANLIST_CACHEKEY);
DebugMessage("Cleared banlist from memcache.\n");
exit;
}
$ret = BanIP($ip);
if ($ret) {
DebugMessage("{$ip} added to ban list.\n");
} else {
if (IPIsBanned($ip)) {
DebugMessage("{$ip} already on ban list.\n");
} else {
DebugMessage("{$ip} NOT added to ban list.\n");
}
}
function ActFetch()
{
$required = ['endpoint'];
foreach ($required as $v) {
if (!isset($_POST[$v])) {
ReturnBadRequest();
}
$_POST[$v] = substr($_POST[$v], 0, 512);
}
$key = 'tokennotify-' . md5($_POST['endpoint']);
$msg = MCGet($key);
if ($msg == false) {
$msg = 'Couldn\'t find notification data, but something probably happened that you should check out at WoWToken.info.';
} else {
MCDelete($key);
}
echo json_encode(['title' => 'WoWToken.info', 'notification' => ['body' => $msg, 'tag' => 'wowtoken', 'icon' => '/images/token-192x192.jpg']]);
}
<?php
require_once __DIR__ . '/../incl/incl.php';
require_once __DIR__ . '/../incl/api.incl.php';
if (!isset($argv[1])) {
DebugMessage("Enter IP to unban on command line.\n");
exit(1);
}
$ip = trim($argv[1]);
if (!IPIsBanned($ip)) {
DebugMessage("{$ip} was not banned.\n");
exit(1);
}
if (file_exists(BANLIST_FILENAME)) {
$lines = shell_exec('grep ' . escapeshellarg("^{$ip} ") . ' ' . escapeshellarg(BANLIST_FILENAME));
if (!$lines) {
DebugMessage('Found no lines in ' . BANLIST_FILENAME . "for {$ip}\n");
} else {
$other = shell_exec('grep -v ' . escapeshellarg("^{$ip} ") . ' ' . escapeshellarg(BANLIST_FILENAME));
file_put_contents(BANLIST_FILENAME, $other, LOCK_EX);
}
} else {
DebugMessage("Could not find " . BANLIST_FILENAME . "\n");
exit(1);
}
MCDelete(BANLIST_CACHEKEY);
MCDelete(BANLIST_CACHEKEY . '_' . $ip);
DebugMessage("{$ip} is unbanned.\n");
function BanIP($ip = false)
{
$exitAfter = false;
$addedBan = false;
if ($ip === false && PHP_SAPI != 'cli') {
$ip = $_SERVER['REMOTE_ADDR'];
$exitAfter = true;
}
if (!$ip) {
return false;
}
$ip = trim(strtolower($ip));
if (!IPIsBanned($ip)) {
file_put_contents(BANLIST_FILENAME, "\n{$ip} # " . date('Y-m-d H:i:s'), FILE_APPEND | LOCK_EX);
MCDelete(BANLIST_CACHEKEY);
MCDelete(BANLIST_CACHEKEY . '_' . $ip);
$addedBan = true;
}
if ($exitAfter) {
header('HTTP/1.1 429 Too Many Requests');
exit;
}
return $addedBan;
}
function MCHouseUnlock($house = null)
{
global $MCHousesLocked;
if (is_null($house)) {
$locked = array_keys($MCHousesLocked);
foreach ($locked as $house) {
MCHouseUnlock($house);
}
} else {
MCDelete('mchouselock_' . $house);
unset($MCHousesLocked[$house]);
}
}
function AddPaidTime($userId, $seconds)
{
$db = DBConnect();
$db->begin_transaction();
$stmt = $db->prepare('select paiduntil from tblUser where id = ? for update');
$stmt->bind_param('i', $userId);
$stmt->execute();
$paidUntil = null;
$stmt->bind_result($paidUntil);
if (!$stmt->fetch()) {
$paidUntil = false;
}
$stmt->close();
if ($paidUntil === false) {
$db->rollback();
DebugMessage("Could not find {$userId} when adding {$seconds} paid time");
return false;
}
if (is_null($paidUntil)) {
$paidUntil = time();
} else {
$paidUntil = strtotime($paidUntil);
if ($paidUntil <= time()) {
$paidUntil = time();
}
}
$paidUntil += $seconds;
$stmt = $db->prepare('update tblUser set paiduntil = from_unixtime(?) where id = ?');
$stmt->bind_param('ii', $paidUntil, $userId);
$stmt->execute();
$affected = $db->affected_rows;
$stmt->close();
$db->commit();
MCDelete(SUBSCRIPTION_PAID_CACHEKEY . $userId);
if (!$affected) {
DebugMessage("0 rows affected when adding {$seconds} paid time to user {$userId}");
return false;
}
return $paidUntil;
}
<?php
require_once __DIR__ . '/../incl/memcache.incl.php';
require_once __DIR__ . '/../incl/wowtoken-twitter.credentials.php';
header('Content-type: text/plain');
if (isset($_GET['newkey'])) {
$oauth = new OAuth($twitterCredentials['consumerKey'], $twitterCredentials['consumerSecret']);
$requestTokenInfo = $oauth->getRequestToken('https://api.twitter.com/oauth/request_token', 'https://wowtoken.info/twittertoken.php?callback=showkey');
if (!empty($requestTokenInfo)) {
MCSet('twittertoken-' . $requestTokenInfo['oauth_token'], $requestTokenInfo, 30 * 60);
header('Location: https://api.twitter.com/oauth/authorize?oauth_token=' . rawurlencode($requestTokenInfo['oauth_token']));
} else {
echo 'No request token info.';
}
}
if (isset($_GET['callback']) && $_GET['callback'] == 'showkey' && isset($_GET['oauth_token'])) {
$requestTokenInfo['oauth_token'] = $_GET['oauth_token'];
$verifier = $_GET['oauth_verifier'];
$requestTokenInfo = MCGet('twittertoken-' . $requestTokenInfo['oauth_token']);
if ($requestTokenInfo === false) {
echo 'Could not find cached token';
exit;
}
MCDelete('twittertoken-' . $requestTokenInfo['oauth_token']);
$oauth = new OAuth($twitterCredentials['consumerKey'], $twitterCredentials['consumerSecret']);
$oauth->setToken($requestTokenInfo['oauth_token'], $requestTokenInfo['oauth_token_secret']);
$accessToken = $oauth->getAccessToken('https://api.twitter.com/oauth/access_token', '', $verifier);
header('Content-type: text/plain');
print_r($accessToken);
}
