} if ($job == "addMember") { header('Content-Type: application/json'); addMember(); } if ($job == "deleteMember") { header('Content-Type: application/json'); deleteMember(); } if ($job == "memberStateChange") { header('Content-Type: application/json'); memberStateChange(); } if ($job == "getProjectDetails") { header('Content-Type: application/json'); getProjectDetails(); } if ($job == "getProjectResponds") { header('Content-Type: application/json'); getProjectResponds(); } if ($job == "getSiteRuleList") { header('Content-Type: application/json'); getSiteRuleList(); } if ($job == "updateSiteRuleList") { header('Content-Type: application/json'); updateSiteRuleList(); } if ($job == "blockProjectWithWarning") { header('Content-Type: application/json');
define('METHUSELAH_INCLUDE_CHECK', true); define('METHUSELAH_INCLUDE_VOTES_CHECK', true); require_once "../toolbox_internal.php"; // Чтение входных данных $project = filter_input(INPUT_GET, 'project', FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_HIGH); $nickname = filter_input(INPUT_GET, 'nickname', FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_HIGH); $token = filter_input(INPUT_GET, 'token', FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_HIGH); // Хак, пока на МЦТопе не поправят запрос по тикету... if (strstr($project, "?nickname=") != false) { $exploded = explode("?nickname=", $project); $project = $exploded[0]; $nickname = $exploded[1]; } // Проверка корректности кода проекта if (isset($project) && strlen($project) == 5) { $project = getProjectDetails($project); } else { responseWithError("You cannot vote without project code"); } if (isset($nickname) && isset($token)) { $calcToken = md5($nickname . $project['secret_keyword']); if ($token == $calcToken) { $uuid = findProfileByName($nickname); if ($uuid == false) { responseWithError("Profile not found"); } // Поощрение voteOnTopAccepted($uuid, "mctop.su"); // Запись лога writeAccountLog($uuid, "Пользователь {$nickname} проголосовал на mctop.su и получил {$voteMoneyToAdd} монет."); die("OK");
<?php /* * IMPLEMENTATION OF: https://authserver.mojang.com/authenticate */ define('METHUSELAH_INCLUDE_CHECK', true); require_once "yggdrasil.php"; $payload = filterPostPayload(); $username = filter_var($payload['username'], FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_HIGH) or responseWithError("Method Not Allowed", "The method specified in the request is not allowed for the resource identified by the request URI."); $password = filter_var($payload['password'], FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_HIGH) or responseWithError("Method Not Allowed", "The method specified in the request is not allowed for the resource identified by the request URI."); $accessToken = md5(uniqid()); $clientToken = isset($payload['clientToken']) ? filter_var($payload['clientToken'], FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_HIGH) : null; $invalidateAllClientTokens = strlen($clientToken) == 0; // Предзагрузка информации о выбранном проекте $projectCode = isset($payload['project']) ? strtoupper(filter_var($payload['project'], FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_HIGH)) : $methuselah["auth-default-project"]; $projectInfo = getProjectDetails($projectCode); // Регистрация гостевого аккаунта if (isset($payload['guest'])) { $guestMode = filter_var($payload['guest'], FILTER_SANITIZE_STRING, FILTER_FLAG_STRIP_LOW | FILTER_FLAG_STRIP_HIGH); if ($guestMode) { if ($projectInfo['allow_guest_auth']) { $guestProfile = generateGuestAccount($clientToken); returnProfile($guestProfile); } else { // Если игрок пытается авторизоваться гостем, но проект запрещает, нет смысла продолжать выполнение скрипта returnWrongCredentials(); } } } // Регистрация лицензионного аккаунта if ($projectInfo['allow_license_auth']) {