From 08ef6ee47dd4532e3cc015e4478f16a257ac2c17 Mon Sep 17 00:00:00 2001 From: Mario <100047175+Mariopizza1@users.noreply.github.com> Date: Mon, 13 Feb 2023 00:27:40 +0200 Subject: [PATCH] Update Join.php --- game/Join.php | 144 ++++++++++++++++++++++++++++++++------------------ 1 file changed, 93 insertions(+), 51 deletions(-) diff --git a/game/Join.php b/game/Join.php index d8f5450..f8325cb 100644 --- a/game/Join.php +++ b/game/Join.php @@ -4,68 +4,70 @@ session_start(); require_once '../core/config.php'; require_once '../core/classes/user.php'; +$privatekey = $gameSettings["privatekey"]; + header('content-type:application/json'); -$user = new User($con, $_SESSION['user'] ?? 0); -function sign($script, $key) { -$signature = ""; -openssl_sign($script, $signature, $key, OPENSSL_ALGO_SHA1); -return base64_encode($signature); +function authticket($id, $name, $charapp, $jobid, $privatekey) { + $ticket = $id . "\n" . $jobid . "\n" . date('n\/j\/Y\ g\:i\:s\ A'); + openssl_sign($ticket, $sig, $privatekey, OPENSSL_ALGO_SHA1); + $sig = base64_encode($sig); + $ticket2 = $id . "\n" . $name . "\n" . $charapp . "\n". $jobid . "\n" . date('n\/j\/Y\ g\:i\:s\ A'); + openssl_sign($ticket2, $sig2, $privatekey, OPENSSL_ALGO_SHA1); + $sig2 = base64_encode($sig2); + $final = date('n\/j\/Y\ g\:i\:s\ A') . ";" . $sig2 . ";" . $sig; + return($final); } - -/* -$joinUser = [ - "id" => $_SESSION['user'], - "username" => $user->getUsername(), - "mship" => "None" -];*/ - -$joinUser = [ - "id" => rand(1,5), - "username" => "Grubloxxer-".getrandmax(), - "mship" => "None" -]; - -$place = [ - "id" => $_GET["gameid"] -]; - -$placeCreator = [ - "id" => 6945435215, - "username" => "PlaceCreator", -]; - -$charapp = $site["url"]."/v1.1/avatar-fetch?userId=".$joinUser["id"]."&placeId=".$place["id"]; - -$server = [ - "ip" => $_GET["ip"], - "port" => $_GET["port"] -]; - -$joinscript = [ +$token = $_GET["token"]; +$jobid = $_GET["jobid"]; +$checkjob = $con->prepare('SELECT COUNT(*) FROM jobs WHERE jobid=:jobid'); // bruh im too lazy to actually make a auto token generator thing and a table so rn this will be temporary +$checkjob->bindParam(':jobid', $jobid); +$checkjob->execute(); +$anothermomentoftruth = $checkjob->fetchColumn(); +$checkuser = $con->prepare('SELECT COUNT(*) FROM users WHERE token=:token'); // another temp workaround im gonna do token system and stuff whenever i feel like it +$checkuser->bindParam(':token', $token); +$checkuser->execute(); +$anotheranothermomentoftruth = $checkuser->fetchColumn(); +if ($anothermomentoftruth == 1 && $anotheranothermomentoftruth == 1) { + $getstuff = $con->prepare('SELECT id,username FROM users WHERE token=:token'); + $getstuff->bindParam(':token', $token); + $getstuff->execute(); + $china = $getstuff->fetch(PDO::FETCH_BOTH); + $id = $china['id']; + $username = $china['username']; + $jobstuff = $con->prepare('SELECT jobid,placeid,port FROM jobs WHERE jobid=:jobid'); + $jobstuff->bindParam(':jobid', $jobid); + $jobstuff->execute(); + $actualthing = $jobstuff->fetch(PDO::FETCH_BOTH); + $jobid = $actualthing['jobid']; + $placeid = $actualthing['placeid']; + $port = $actualthing['port']; + // still need to add charapp and membership + $authticket = authticket($id, $username, "", $jobid, $gameSettings["privatekey"]); + $joinscript = [ "ClientPort" => 0, - "MachineAddress" => $server["ip"], - "ServerPort" => $server["port"], + "MachineAddress" => $AvailableGameservers["1"], + "ServerPort" => $port, "PingUrl" => "", "PingInterval" => 20, - "UserName" => $joinUser["username"], + "UserName" => $username, "SeleniumTestMode" => false, - "UserId" => $joinUser["id"], + "UserId" => $id, "SuperSafeChat" => false, - "CharacterAppearance" => $charapp, - "ClientTicket" => "", - "GameId" => $place["id"], - "PlaceId" => $place["id"], + "CharacterAppearance" => "", + "ClientTicket" => $authticket, + "GameId" => $placeid, + "PlaceId" => $placeid, "MeasurementUrl" => "", "WaitingForCharacterGuid" => "26eb3e21-aa80-475b-a777-b43c3ea5f7d2", - "BaseUrl" => $site["url"]."/", + "BaseUrl" => "http://" . $soapcfg['url'] . "/", "ChatStyle" => "ClassicAndBubble", "VendorId" => "0", "ScreenShotInfo" => "", "VideoInfo" => "", - "CreatorId" => $placeCreator["id"], + "CreatorId" => "", "CreatorTypeEnum" => "User", - "MembershipType" => $joinUser["mship"], - "AccountAge" => 3000000, + "MembershipType" => "None", + "AccountAge" => 365, "CookieStoreFirstTimePlayKey" => "rbx_evt_ftp", "CookieStoreFiveMinutePlayKey" => "rbx_evt_fmp", "CookieStoreEnabled" => true, @@ -78,10 +80,50 @@ $joinscript = [ "BrowserTrackerId" => 0, "UsePortraitMode" => false, "FollowUserId" => 0, - "characterAppearanceId" => $joinUser["id"] -]; + "characterAppearanceId" => $id + ]; +} else { + header("Location: /"); +} +$user = new User($con, $_SESSION['user'] ?? 0); +function sign($script, $key) { +$signature = ""; +openssl_sign($script, $signature, $key, OPENSSL_ALGO_SHA1); +return base64_encode($signature); +} + +// IF U WROTE THIS SHIT BELOW THEN KYS + +/* +$joinUser = [ + "id" => $_SESSION['user'], + "username" => $user->getUsername(), + "mship" => "None" +];*/ + +//$joinUser = [ +// "id" => rand(1,5), +// "username" => "Grubloxxer-".getrandmax(), +// "mship" => "None" +//]; + +//$place = [ +// "id" => $_GET["gameid"] +//]; + +//$placeCreator = [ +// "id" => 6945435215, +// "username" => "PlaceCreator", +//]; + +//$charapp = $site["url"]."/v1.1/avatar-fetch?userId=".$joinUser["id"]."&placeId=".$place["id"]; + +//$server = [ +// "ip" => $_GET["ip"], +// "port" => $_GET["port"] +//]; $data = json_encode($joinscript, JSON_UNESCAPED_SLASHES | JSON_NUMERIC_CHECK); $signature = sign("\r\n" . $data, $gameSettings["privatekey"]); exit("--rbxsig%". $signature . "%\r\n" . $data); -?> \ No newline at end of file +?>