if u steal ur gay

asset.php

@@ -0,0 +1,89 @@
+<?php
+// mario's 4 or 5 hour pain in the ass if u fucking steal im gonna rob u irl
+header('content-Type: text/plain');
+require_once 'core/config.php';
+if(isset($_GET['id'])) {
+	$id = (int)$_GET['id'];
+	$asset = @file_get_contents("https://assetdelivery.roblox.com/v1/asset/?id=" . $id);
+	if ($asset == FALSE) {
+		echo '{"message":"Request asset was not found"}';
+		die();
+	}
+	echo $asset;
+	die();
+}
+if(isset($_GET['gid'])) {
+	$gid = (int)$_GET['gid'];
+	if(file_exists(getcwd() . "/assets/actualassets/" . $gid)) {
+		$isplacecheck = $con->prepare('SELECT isplace FROM assets WHERE id=:id');
+	    $isplacecheck->bindParam(':id', $gid);
+        $isplacecheck->execute();
+		$letsdothis = $isplacecheck->fetch(PDO::FETCH_BOTH);
+        $theisplace = $letsdothis['isplace'];
+		if(isset($_GET['accesstoken']) && $theisplace == '1') {
+			$accesstoken = $_GET['accesstoken'];
+			$intensetrollingforGRUBLOX = $con->prepare('SELECT COUNT(*) FROM accesstokens WHERE accesstoken=:accesstoken');
+            $intensetrollingforGRUBLOX->bindParam(':accesstoken', $accesstoken);
+            $intensetrollingforGRUBLOX->execute();
+	        $moretroll = $intensetrollingforGRUBLOX->fetchColumn();
+			if ($moretroll == "0") {
+				echo '{"message":"Request asset was not found"}';
+			} elseif ($moretroll == '1') { // my fucking head is exploding
+				$place = $con->prepare('SELECT placeid FROM assets WHERE id=:id');
+	            $place->bindParam(':id', $gid);
+                $place->execute();
+		        $okbrah = $place->fetch(PDO::FETCH_BOTH);
+                $theisplace = $okbrah['placeid'];
+				$place = $con->prepare('SELECT placeid,hasgrabbedplace,hasbeeninvalidated,ip FROM accesstokens WHERE accesstoken=:accesstoken');
+	            $place->bindParam(':accesstoken', $accesstoken);
+                $place->execute();
+		        $okbrah = $place->fetch(PDO::FETCH_BOTH);
+                $placeidfromaccesstoken = $okbrah['placeid'];
+				$hasgrabbedplace = $okbrah['hasgrabbedplace'];
+				$hasbeeninvalidated = $okbrah['hasbeeninvalidated'];
+				$ipfromaccesstoken = $okbrah['ip'];
+				$grubloxmagic = $con->prepare('SELECT placeid FROM assets WHERE id=:id');
+	            $grubloxmagic->bindParam(':id', $gid);
+                $grubloxmagic->execute();
+		        $aaa = $grubloxmagic->fetch(PDO::FETCH_BOTH);
+                $placeidfromassets = $aaa['placeid'];
+				if ($placeidfromassets == $placeidfromaccesstoken && $hasgrabbedplace == '0' && $hasbeeninvalidated == '0') {
+					if ($devmode == "true") {
+						$ip = $_SERVER['REMOTE_ADDR'];
+
+					} elseif ($devmode == "false") {
+						$ip = $_SERVER["HTTP_CF_CONNECTING_IP"];
+					}
+					if ($ip == "::1") {
+						$ip = '127.0.0.1';
+					}
+					$ip = '127.0.0.1';
+					if ($ip == $ipfromaccesstoken) {
+						$trollinghd = '1';
+						$EXTREMETROLLINGENABLED = $con->prepare('UPDATE accesstokens SET hasgrabbedplace = :hasgrabbedplace WHERE accesstoken=:accesstoken');
+						$EXTREMETROLLINGENABLED->bindParam(':hasgrabbedplace', $trollinghd);
+						$EXTREMETROLLINGENABLED->bindParam(':accesstoken', $accesstoken);
+						$EXTREMETROLLINGENABLED->execute();
+						$assetfromfile = file_get_contents(getcwd() . "/assets/actualassets/" . $gid);
+						echo $assetfromfile;
+						die();
+					} else {
+						echo '{"message":"Request asset was not found"}';
+					}
+				} else {
+					echo '{"message":"Request asset was not found"}';
+				}
+			}
+		} elseif($theisplace == '0') {
+		    $assetfromfile = file_get_contents(getcwd() . "/assets/actualassets/" . $gid);
+			echo $assetfromfile;
+			die();
+		} else {
+				header("content-type: text/html");
+				echo '<iframe width="500" height="500" src="https://www.youtube.com/embed/hJGtSwpOddQ"></iframe>';
+				die();
+		}
+} else {
+	echo '{"message":"Request asset was not found"}';
+}
+}