/index.php
PHP | 337 lines | 296 code | 34 blank | 7 comment | 44 complexity | 66ebbcc97621fef2e78c4a6733788af8 MD5 | raw file
- <?php
- require 'core.php';
- session_start();
- \Slim\Slim::registerAutoloader();
- $app = new \Slim\Slim();
- $checkaddress = function ($app, $need = true) {
- return function () use ($app, $need) {
- if ($need) {
- if (empty($_SESSION['address'])) {
- $app->redirect($app->urlFor('root'));
- }
- } else {
- if (!empty($_SESSION['address'])) {
- $app->redirect($app->urlFor('faucet'));
- }
- }
- };
- };
- $checkclaim = function ($app) {
- return function () use ($app) {
- global $dispenseTime, $recaptchaPub, $recaptchaVersion;
- $address = $_SESSION['address'];
- $ip = getIP();
- $sql = "SELECT dispensed FROM dispenses WHERE email='$address' OR ip='$ip' ";
- $sql .= "ORDER BY id DESC LIMIT 1";
- $lastclaim_query = sql_query($sql);
- $canclaim = true;
- if ($lastclaim_query->num_rows) {
- $lastclaim = fetch_one($lastclaim_query);
- $lastclaim = strtotime($lastclaim);
- if ($lastclaim + $dispenseTime > time()) {
- $canclaim = false;
- $app->view()->setData('nextclaim', relative_time($lastclaim + $dispenseTime));
- }
- }
- $app->view()->setData('canclaim', $canclaim);
- if ($canclaim) {
- $app->view()->setData('recaptchaKey', $recaptchaPub);
- $app->view()->setData('recaptchaVersion', isset($recaptchaVersion) ? $recaptchaVersion : 1);
- }
- };
- };
- $app->hook('slim.before.dispatch', function () use ($app) {
- global $siteName, $squareAds, $textAds, $bannerAds, $rewards, $links;
- global $cashout, $googleAnalyticsId;
- $address = null;
- if (isset($_SESSION['address'])) {
- $address = $_SESSION['address'];
- }
- $flash = $app->view()->getData('flash');
- $error = '';
- if (isset($flash['error'])) {
- $error = $flash['error'];
- }
- $success = '';
- if (isset($flash['success'])) {
- $success = $flash['success'];
- }
- $app->view()->setData('success', $success);
- $app->view()->setData('error', $error);
- $app->view()->setData('address', $address);
- $app->view()->setData('siteName', $siteName);
- $app->view()->setData('squareAds', $squareAds);
- $app->view()->setData('textAds', $textAds);
- $app->view()->setData('bannerAds', $bannerAds);
- $app->view()->setData('rewards', isAssoc($rewards) ? array_keys($rewards) : $rewards);
- $app->view()->setData('links', $links);
- $app->view()->setData('cashout', $cashout);
- $app->view()->setData('isAdmin', false);
- $app->view()->setData('googleAnalyticsId', $googleAnalyticsId);
- });
- $app->get("/", $checkaddress($app, false), function () use ($app) {
- global $minReward, $maxReward, $dispenseTimeText, $apiKey, $guid;
- global $allowEmail, $allowCoin;
- $id = $app->request()->get('id');
- if (!is_null($id) && is_numeric($id)) {
- $_SESSION['referer'] = $id;
- }
- if (!empty($apiKey)) {
- $app->view()->setData('wallet', "<a href='https://coinbase.com'>Powered by Coinbase</a>");
- } elseif (!empty($guid)) {
- $app->view()->setData('wallet', "<a href='https://blockchain.info'>Powered by Blockchain.info</a>");
- }
- $addr = array();
- if ($allowCoin) {
- $addr[] = COIN_NAME;
- }
- if ($allowEmail) {
- $addr[] = "email";
- }
- $app->view()->setData('addressType', implode("/", $addr));
- $app->view()->setData('minReward', $minReward);
- $app->view()->setData('maxReward', $maxReward);
- $app->view()->setData('dispenseTimeText', $dispenseTimeText);
- $app->render('main.php', array('title' => 'Home'));
- })->name('root');
- $app->get("/about", function () use ($app) {
- $app->render('about.php', array('title' => 'About'));
- })->name('about');
- $checkadmin = function ($app) {
- return function () use ($app) {
- $app->view()->setData('isAdmin', isset($_SESSION['isadmin']) ? $_SESSION['isadmin'] : false);
- };
- };
- $app->get("/admin(/:cmd)", $checkadmin($app), function ($cmd = null) use ($app) {
- global $recaptchaPub, $recaptchaVersion, $fee;
- /*
- if (($cmdget = $app->request()->get('cmd')) != null) {
- $cmd = $cmdget;
- }
- */
- $flash = $app->view()->getData('flash');
- $isadmin = $app->view()->getData('isAdmin');
- switch ($cmd) {
- default:
- defaultlabel:
- if (!isset($_SESSION['isadmin'])) {
- $app->view()->setData('recaptchaKey', $recaptchaPub);
- $app->view()->setData('recaptchaVersion', isset($recaptchaVersion) ? $recaptchaVersion : 1);
- }
- $sql = "SELECT COUNT(*) AS num_addresses, MAX(balance) AS max_balance, SUM(balance) as sum_balance, ";
- $sql .= "MAX(totalbalance) as max_totalbalance, SUM(totalbalance) as sum_totalbalance ";
- $sql .= "FROM balances WHERE email <> 'SERVERBALANCE'";
- $stat_query = sql_query($sql);
- $statBalance = fetch_assoc($stat_query);
- $app->view()->setData('statBalance', $statBalance);
- $app->view()->setData('serverbalance', number_format(getserverbalance()));
- $app->render('admin.php', array('title' => 'Admin'));
- }
- })->name('admin');
- $app->post("/admin", $checkadmin($app), function () use ($app) {
- global $adminSeccode;
- $isadmin = $app->view()->getData('isAdmin');
- $cmd = $app->request()->post('cmd');
- switch ($cmd) {
- case "updatebalance":
- if (!$isadmin) {
- goto defaultlabel;
- }
- $balance = getserverbalance(true);
- if ($balance > 0) {
- $app->flash('success', "Balance is updated");
- } else {
- $app->flash('error', "Balance is not updated or balance is empty");
- }
- break;
- case "logout":
- unset($_SESSION['isadmin']);
- break;
- case "login":
- $seccode = $app->request()->post('seccode');
- if (!empty($adminSeccode) && $seccode === $adminSeccode) {
- if (checkRecaptcha($app->request(), getIP())) {
- $_SESSION['isadmin'] = true;
- } else {
- $app->flash('error', "CAPTCHA incorrect. Please try again.");
- }
- } else {
- $app->flash('error', "Invalid security code.");
- }
- break;
- default:
- defaultlabel:
- break;
- }
- $app->redirect($app->urlFor('admin'));
- })->name('post_admin');
- $app->get("/faucet", $checkaddress($app, true), $checkclaim($app), function () use ($app) {
- global $referPercent, $forcewait;
- $flash = $app->view()->getData('flash');
- $address = $app->view()->getData('address');
- $amount = null;
- if (isset($flash['amount'])) {
- $amount = $flash['amount'];
- }
- $sentamount = null;
- if (isset($flash['sentamount'])) {
- $sentamount = $flash['sentamount'];
- }
- $query_balance = sql_query("SELECT * FROM balances WHERE email='$address'");
- if ($query_balance->num_rows) {
- $balance = $query_balance->fetch_assoc();
- } else {
- $balance = array('balance' => 0, 'referralbalance' => 0, 'totalbalance' => 0, 'id' => 0);
- }
- $app->view()->setData('balance_current', $balance["balance"]);
- $app->view()->setData('balance_referral', $balance["referralbalance"]);
- $app->view()->setData('balance_alltime', $balance["totalbalance"]);
- $reflink = "http://" . $_SERVER['SERVER_NAME'] . $app->urlFor('root') . "?id=" . $balance["id"];
- $app->view()->setData('reflink', $reflink);
- $app->view()->setData('serverbalance', number_format(getserverbalance()));
- $app->view()->setData('forcewait', $forcewait);
- $app->view()->setData('referPercent', $referPercent);
- $app->view()->setData('amount', $amount);
- $app->view()->setData('sentamount', $sentamount);
- $app->render('faucet.php', array('title' => 'Faucet'));
- })->name('faucet');
- $app->post("/claim", $checkaddress($app, true), $checkclaim($app), function () use ($app) {
- global $mysqli, $rewards, $referPercent;
- $address = $app->view()->getData('address');
- if (checkRecaptcha($app->request(), getIP())) {
- $canclaim = $app->view()->getData('canclaim');
- if (!$canclaim) {
- $app->redirect($app->urlFor('faucet'));
- }
- $referral = isset($_SESSION['referer']) ? $_SESSION['referer'] : 0;
- if (isAssoc($rewards)) {
- $newRewards = array();
- foreach ($rewards as $reward => $value)
- {
- $newRewards = array_merge($newRewards, array_fill(0, $value, $reward));
- }
- } else {
- $newRewards = $rewards;
- }
- $amount = $newRewards[rand(0, count($newRewards)-1)];
- $sql = "INSERT INTO balances(balance, totalbalance, email, referredby) ";
- $sql .= "VALUES($amount, $amount, '$address', $referral) ON DUPLICATE KEY ";
- $sql .= "UPDATE balance = balance + $amount, totalbalance = totalbalance + $amount;";
- sql_query($sql);
- if ($mysqli->affected_rows == 2) {
- // existing user, check referral
- $referral_query = sql_query("SELECT referredby FROM balances WHERE email='$address'");
- $referral = fetch_one($referral_query);
- }
- $ua = $mysqli->real_escape_string($_SERVER['HTTP_USER_AGENT']);
- $ip = getIP();
- $date = date("Y-m-d H:i:s");
- $sql = "INSERT INTO dispenses(amount, dispensed, email, ip, useragent) ";
- $sql .= "VALUES('$amount', '$date', '$address', '$ip', '$ua')";
- sql_query($sql);
- if ($referral != 0) {
- $referredamount = $amount * ($referPercent / 100);
- $sql = "UPDATE balances SET balance = balance + $referredamount, referralbalance = referralbalance + $referredamount, totalbalance = totalbalance + $referredamount ";
- $sql .= "WHERE id='$referral'";
- sql_query($sql);
- }
- $app->view()->setData('canClaim', true);
- $app->view()->setData('nextClaim', relative_time(time()+1));
- $app->flash('amount', $amount);
- } else {
- $app->flash('error', "CAPTCHA incorrect. Please try again.");
- }
- $app->redirect($app->urlFor('faucet'));
- })->name('claim');
- $app->post("/cashout", $checkaddress($app, true), function () use ($app) {
- global $cashout;
- $address = $app->view()->getData('address');
- $balance_query = sql_query("SELECT balance FROM balances WHERE email='$address'");
- if ($balance_query->num_rows) {
- $balance = fetch_one($balance_query);
- if ($balance >= $cashout) {
- sql_query("UPDATE balances SET balance = balance - $balance WHERE email='$address'");
- // race attacks check
- $balance_query = sql_query("SELECT balance FROM balances WHERE email='$address'");
- $balancecheck = fetch_one($balance_query);
- if ($balancecheck >= 0) {
- try {
- sendMoney($address, $balance);
- $app->flash('sentamount', true);
- } catch (NoCashException $e) {
- $app->flash('error', "The site does not have enough coins to pay out! No balance deducted.");
- sql_query("UPDATE balances SET balance = balance + $balance WHERE email='$address'");
- } catch (Exception $e) {
- $response = $e->getMessage();
- $app->flash('error', "An error has occured - $response");
- sql_query("UPDATE balances SET balance = balance + $balance WHERE email='$address'");
- }
- }
- } else {
- $app->flash('error', "Amount is too small");
- }
- } else {
- $app->flash('error', "You don't have enough coins to cash out");
- }
- $app->redirect($app->urlFor('faucet'));
- })->name('cashout');
- $app->post("/faucet", function () use ($app) {
- global $mysqli, $allowEmail, $allowCoin;
- $address = $app->request()->post('address');
- if (!checkaddress($address)) {
- $err = array();
- if ($allowCoin) {
- $err[] = COIN_NAME;
- }
- if ($allowEmail) {
- $err[] = "email";
- }
- $app->flash('error', "Not a valid ".implode("/", $err)." address!");
- $app->redirect($app->urlFor('root'));
- }
- $_SESSION['address'] = $mysqli->real_escape_string($address);
- $app->redirect($app->urlFor('faucet'));
- })->name("post_faucet");
- $app->get('/(:segments+)', function ($segments) use ($app) {
- $app->redirect($app->urlFor('root'));
- })->name('catchall');
- $app->run();