<?php
require_once '../core/classes.php'; 
require_once '../core/config.php';
require_once '../core/classes/user.php';
headStart();
$privatekey = $gameSettings["privatekey"]; // get the private key
header('content-type: application/json'); // set the content type to json which makes it look cool
function authticket($id, $name, $charapp, $jobid, $privatekey) { // clientticket generator provided by wumbomumbo/ficello! thank you
    $ticket = $id . "\n" . $jobid . "\n" . date('n\/j\/Y\ g\:i\:s\ A');
    openssl_sign($ticket, $sig, $privatekey, OPENSSL_ALGO_SHA1);
    $sig = base64_encode($sig);
    $ticket2 = $id . "\n" . $name . "\n" . $charapp . "\n". $jobid . "\n" . date('n\/j\/Y\ g\:i\:s\ A');
    openssl_sign($ticket2, $sig2, $privatekey, OPENSSL_ALGO_SHA1);
    $sig2 = base64_encode($sig2);
    $final = date('n\/j\/Y\ g\:i\:s\ A') . ";" . $sig2 . ";" . $sig;
    return($final);
}
if(isset($_GET["token"]) && isset($_GET["jobid"])) {
$token = $_GET["token"]; // get the token
$jobid = $_GET["jobid"]; // get the jobid
$checkjob = $con->prepare('SELECT COUNT(*) FROM jobs WHERE jobid=:jobid'); // bruh im too lazy to actually make a auto token generator thing and a table so rn this will be temporary
$checkjob->bindParam(':jobid', $jobid);
$checkjob->execute();
$anothermomentoftruth = $checkjob->fetchColumn();
$checkuser = $con->prepare('SELECT COUNT(*) FROM tokens WHERE token=:token'); // another temp workaround im gonna do token system and stuff whenever i feel like it
$checkuser->bindParam(':token', $token);
$checkuser->execute();
$anotheranothermomentoftruth = $checkuser->fetchColumn();
if ($anothermomentoftruth == 1 && $anotheranothermomentoftruth == 1) {
	$okbruh = "1";
	$haha = $con->prepare('SELECT COUNT(*) FROM tokens WHERE token=:token AND passedjoinscript=:passed'); // have we already passed the joinscript on this token?
    $haha->bindParam(':token', $token);
	$haha->bindParam(':passed', $okbruh);
    $haha->execute();
	$moretrolling = $haha->fetchColumn();
	if ($moretrolling == 1) {
		header("Location: /");
	} elseif ($moretrolling == 0) {
	$hahatroll = $con->prepare('UPDATE tokens SET passedjoinscript = 1 WHERE token=:token'); // make it pass the joinscript
	$hahatroll->bindParam(':token', $token);
    $hahatroll->execute();
	$getstuff = $con->prepare('SELECT placeid,userid FROM tokens WHERE token=:token'); // get user info
	$getstuff->bindParam(':token', $token);
    $getstuff->execute();
	$china = $getstuff->fetch(PDO::FETCH_BOTH);
    $placeid = $china['placeid'];
	$id = $china['userid'];
	$getusername = $con->prepare('SELECT username FROM users WHERE id=:id'); // get username
	$getusername->bindParam(':id', $id);
    $getusername->execute();
	$ok = $getusername->fetch(PDO::FETCH_BOTH);
	$username = $ok['username'];
	$china = $getstuff->fetch(PDO::FETCH_BOTH);
	$jobstuff = $con->prepare('SELECT jobid,placeid,port,ip FROM jobs WHERE jobid=:jobid'); // get server info
	$jobstuff->bindParam(':jobid', $jobid);
    $jobstuff->execute();
	$actualthing = $jobstuff->fetch(PDO::FETCH_BOTH);
	$jobid = $actualthing['jobid'];
	$placeid = $actualthing['placeid'];
	$port = $actualthing['port'];
	$ip = $actualthing['ip'];
	// still need to add charapp and membership
	$authticket = authticket($id, $username, "0", $jobid, $gameSettings["privatekey"]); // this is where the clientticket gets generated NOTE: make the charapp 0 if theres no charapp 
	// here the magic begins
    $joinscript = [
    "ClientPort" => 0,
    "MachineAddress" => $ip,
    "ServerPort" => $port,
    "PingUrl" => "",
    "PingInterval" => 20,
    "UserName" => $username,
    "SeleniumTestMode" => false,
    "UserId" => $id,
    "SuperSafeChat" => false,
    "CharacterAppearance" => "",
    "ClientTicket" => $authticket,
    "GameId" => $jobid,
    "PlaceId" => $placeid,
    "MeasurementUrl" => "",
    "WaitingForCharacterGuid" => "26eb3e21-aa80-475b-a777-b43c3ea5f7d2",
    "BaseUrl" => "http://" . $soapcfg["url"] . "/",
    "ChatStyle" => "ClassicAndBubble",
    "VendorId" => "0",
    "ScreenShotInfo" => "",
    "VideoInfo" => "",
    "CreatorId" => "",
    "CreatorTypeEnum" => "User",
    "MembershipType" => "None",
    "AccountAge" => 365,
    "CookieStoreFirstTimePlayKey" => "rbx_evt_ftp",
    "CookieStoreFiveMinutePlayKey" => "rbx_evt_fmp",
    "CookieStoreEnabled" => true,
    "IsRobloxPlace" => false, // this is for event games useful for awarding hats/gears/whatever
    "GenerateTeleportJoin" => false,
    "IsUnknownOrUnder13" => false,
    "SessionId" => "",
    "DataCenterId" => 0,
    "UniverseId" => $placeid,
    "BrowserTrackerId" => 0,
    "UsePortraitMode" => false,
    "FollowUserId" => 0,
    "characterAppearanceId" => $id
    ];
	} else {
		header("Location: /");
	}
} else {
	header("Location: /");
}
$user = new User($con, $_SESSION['user'] ?? 0);
function sign($script, $key) {
$signature = "";
openssl_sign($script, $signature, $key, OPENSSL_ALGO_SHA1);
return base64_encode($signature);
}
}

// IF U WROTE THIS SHIT BELOW THEN KYS // LOOOOOOOOL THIS COMMENT WAS WRITTEN A FEW MONTHS AGO AND IM DYING LOOOOL - Mario 2023

/*
$joinUser = [
    "id" => $_SESSION['user'],
    "username" => $user->getUsername(),
    "mship" => "None"
];*/

//$joinUser = [
//    "id" => rand(1,5),
//    "username" => "Grubloxxer-".getrandmax(),
//    "mship" => "None"
//];

//$place = [
//    "id" => $_GET["gameid"]
//];

//$placeCreator = [
//    "id" => 6945435215,
//    "username" => "PlaceCreator",
//];

//$charapp = $site["url"]."/v1.1/avatar-fetch?userId=".$joinUser["id"]."&placeId=".$place["id"];

//$server = [
//    "ip" => $_GET["ip"],
//    "port" => $_GET["port"]
//];

$data = json_encode($joinscript, JSON_UNESCAPED_SLASHES | JSON_NUMERIC_CHECK);
$signature = sign("\r\n" . $data, $gameSettings["privatekey"]);
exit("--rbxsig%". $signature . "%\r\n" . $data);
?>