From 31cbeefa04ece0d97ab63fcb3a552b4700c241b0 Mon Sep 17 00:00:00 2001
From: Mario <100047175+Mariopizza1@users.noreply.github.com>
Date: Mon, 22 May 2023 13:21:11 +0300
Subject: [PATCH] Update Join.php

---
 game/Join.php | 44 +++++++++++++++++++++++---------------------
 1 file changed, 23 insertions(+), 21 deletions(-)

diff --git a/game/Join.php b/game/Join.php
index dd39da3..ddcafc7 100644
--- a/game/Join.php
+++ b/game/Join.php
@@ -1,12 +1,11 @@
 <?php
-require_once 'core/classes.php'; 
-headStart();require_once '../core/config.php';
+require_once '../core/classes.php'; 
+require_once '../core/config.php';
 require_once '../core/classes/user.php';
-
-$privatekey = $gameSettings["privatekey"];
-
-header('content-type:application/json');
-function authticket($id, $name, $charapp, $jobid, $privatekey) {
+headStart();
+$privatekey = $gameSettings["privatekey"]; // get the private key
+header('content-type: application/json'); // set the content type to json which makes it look cool
+function authticket($id, $name, $charapp, $jobid, $privatekey) { // clientticket generator provided by wumbomumbo/ficello! thank you
     $ticket = $id . "\n" . $jobid . "\n" . date('n\/j\/Y\ g\:i\:s\ A');
     openssl_sign($ticket, $sig, $privatekey, OPENSSL_ALGO_SHA1);
     $sig = base64_encode($sig);
@@ -16,8 +15,9 @@ function authticket($id, $name, $charapp, $jobid, $privatekey) {
     $final = date('n\/j\/Y\ g\:i\:s\ A') . ";" . $sig2 . ";" . $sig;
     return($final);
 }
-$token = $_GET["token"];
-$jobid = $_GET["jobid"];
+if(isset($_GET["token"]) && isset($_GET["jobid"])) {
+$token = $_GET["token"]; // get the token
+$jobid = $_GET["jobid"]; // get the jobid
 $checkjob = $con->prepare('SELECT COUNT(*) FROM jobs WHERE jobid=:jobid'); // bruh im too lazy to actually make a auto token generator thing and a table so rn this will be temporary
 $checkjob->bindParam(':jobid', $jobid);
 $checkjob->execute();
@@ -28,30 +28,30 @@ $checkuser->execute();
 $anotheranothermomentoftruth = $checkuser->fetchColumn();
 if ($anothermomentoftruth == 1 && $anotheranothermomentoftruth == 1) {
 	$okbruh = "1";
-	$haha = $con->prepare('SELECT COUNT(*) FROM tokens WHERE token=:token AND passedjoinscript=:passed');
+	$haha = $con->prepare('SELECT COUNT(*) FROM tokens WHERE token=:token AND passedjoinscript=:passed'); // have we already passed the joinscript on this token?
     $haha->bindParam(':token', $token);
 	$haha->bindParam(':passed', $okbruh);
     $haha->execute();
 	$moretrolling = $haha->fetchColumn();
 	if ($moretrolling == 1) {
 		header("Location: /");
-	} else if ($moretrolling == 0) {
-	$hahatroll = $con->prepare('UPDATE tokens SET passedjoinscript = 1 WHERE token=:token');
+	} elseif ($moretrolling == 0) {
+	$hahatroll = $con->prepare('UPDATE tokens SET passedjoinscript = 1 WHERE token=:token'); // make it pass the joinscript
 	$hahatroll->bindParam(':token', $token);
     $hahatroll->execute();
-	$getstuff = $con->prepare('SELECT placeid,userid FROM tokens WHERE token=:token');
+	$getstuff = $con->prepare('SELECT placeid,userid FROM tokens WHERE token=:token'); // get user info
 	$getstuff->bindParam(':token', $token);
     $getstuff->execute();
 	$china = $getstuff->fetch(PDO::FETCH_BOTH);
     $placeid = $china['placeid'];
 	$id = $china['userid'];
-	$getusername = $con->prepare('SELECT username FROM users WHERE id=:id');
+	$getusername = $con->prepare('SELECT username FROM users WHERE id=:id'); // get username
 	$getusername->bindParam(':id', $id);
     $getusername->execute();
 	$ok = $getusername->fetch(PDO::FETCH_BOTH);
 	$username = $ok['username'];
 	$china = $getstuff->fetch(PDO::FETCH_BOTH);
-	$jobstuff = $con->prepare('SELECT jobid,placeid,port,ip FROM jobs WHERE jobid=:jobid');
+	$jobstuff = $con->prepare('SELECT jobid,placeid,port,ip FROM jobs WHERE jobid=:jobid'); // get server info
 	$jobstuff->bindParam(':jobid', $jobid);
     $jobstuff->execute();
 	$actualthing = $jobstuff->fetch(PDO::FETCH_BOTH);
@@ -60,8 +60,9 @@ if ($anothermomentoftruth == 1 && $anotheranothermomentoftruth == 1) {
 	$port = $actualthing['port'];
 	$ip = $actualthing['ip'];
 	// still need to add charapp and membership
-	$authticket = authticket($id, $username, "", $jobid, $gameSettings["privatekey"]);
-	$joinscript = [
+	$authticket = authticket($id, $username, "0", $jobid, $gameSettings["privatekey"]); // this is where the clientticket gets generated NOTE: make the charapp 0 if theres no charapp 
+	// here the magic begins
+    $joinscript = [
     "ClientPort" => 0,
     "MachineAddress" => $ip,
     "ServerPort" => $port,
@@ -77,7 +78,7 @@ if ($anothermomentoftruth == 1 && $anotheranothermomentoftruth == 1) {
     "PlaceId" => $placeid,
     "MeasurementUrl" => "",
     "WaitingForCharacterGuid" => "26eb3e21-aa80-475b-a777-b43c3ea5f7d2",
-    "BaseUrl" => "http://" . $soapcfg['url'] . "/",
+    "BaseUrl" => "http://" . $soapcfg["url"] . "/",
     "ChatStyle" => "ClassicAndBubble",
     "VendorId" => "0",
     "ScreenShotInfo" => "",
@@ -89,12 +90,12 @@ if ($anothermomentoftruth == 1 && $anotheranothermomentoftruth == 1) {
     "CookieStoreFirstTimePlayKey" => "rbx_evt_ftp",
     "CookieStoreFiveMinutePlayKey" => "rbx_evt_fmp",
     "CookieStoreEnabled" => true,
-    "IsRobloxPlace" => false,
+    "IsRobloxPlace" => false, // this is for event games useful for awarding hats/gears/whatever
     "GenerateTeleportJoin" => false,
     "IsUnknownOrUnder13" => false,
     "SessionId" => "",
     "DataCenterId" => 0,
-    "UniverseId" => 3,
+    "UniverseId" => $placeid,
     "BrowserTrackerId" => 0,
     "UsePortraitMode" => false,
     "FollowUserId" => 0,
@@ -112,8 +113,9 @@ $signature = "";
 openssl_sign($script, $signature, $key, OPENSSL_ALGO_SHA1);
 return base64_encode($signature);
 }
+}
 
-// IF U WROTE THIS SHIT BELOW THEN KYS
+// IF U WROTE THIS SHIT BELOW THEN KYS // LOOOOOOOOL THIS COMMENT WAS WRITTEN A FEW MONTHS AGO AND IM DYING LOOOOL - Mario 2023
 
 /*
 $joinUser = [