Most visitors online was 8830 , on 6 Feb 2024
Join our community of MMO enthusiasts and game developers! By registering, you'll gain access to discussions on the latest developments in MMO server files and collaborate with like-minded individuals. Join us today and unlock the potential of MMO server development!
Join Today!<?php
require("database.php");
require("properties.php");
$authorized = array("198.148.82.98"); // authorized ips to prevent exploitation
if(!in_array($_SERVER["REMOTE_ADDR"], $authorized)) // if the ip address isn't listed above the app will exit (not proceed)
exit;
$voterIP = $mysqli->real_escape_string($_POST["VoterIP"]); // voter ip address
$success = abs($mysqli->real_escape_string($_POST["Successful"])); // 1 for error, 0 for successful
$reason = $mysqli->real_escape_string($_POST["Reason"]); // log reason the vote failed
$pingUsername = $mysqli->real_escape_string($_POST["pingUsername"]);
// if successfull vote, reward your user, use your own database!
$result = $mysqli->query("SELECT ip, account FROM ".$prefix."votingrecords WHERE ip = '".$voterIP."'");
if($result !== FALSE)
{
$row = $mysqli->fetch_assoc($result);
$name = $row['account'];
if(is_array($row))
{
if($success == 0)
{
$reward = $mysqli->query("UPDATE accounts SET ".$colnx." = '".$colnx." + ".$rewardNX."', ".$colvp." = '".$colvp." + ".$rewardVP."' WHERE name='".$name."'");
}
}
}
$mysqli->close;
still doesn't work, made sure I voted with "&pingUsername=admin" & enabled fail votes pingbacks as well but still not gaining rewards.<?php
require("database.php");
require("properties.php");
$authorized = array("198.148.82.98"); // authorized ips to prevent exploitation
if(!in_array($_SERVER["REMOTE_ADDR"], $authorized)) // if the ip address isn't listed above the app will exit (not proceed)
exit;
$voterIP = $mysqli->real_escape_string($_POST["VoterIP"]); // voter ip address
$success = abs($mysqli->real_escape_string($_POST["Successful"])); // 1 for error, 0 for successful
$reason = $mysqli->real_escape_string($_POST["Reason"]); // log reason the vote failed
$pingUsername = $mysqli->real_escape_string($_POST["pingUsername"]);
// if successfull vote, reward your user, use your own database!
$result = $mysqli->query("SELECT ip, account FROM bit_votingrecords WHERE ip = '".$voterIP."'");
if($result !== FALSE)
{
$row = $mysqli->fetch_assoc($result);
$name = $row['account'];
if(is_array($row))
{
if($success == 1)
{
$reward = $mysqli->query("UPDATE accounts SET vp = vp + 1 WHERE name=admin");
}
}
}
$mysqli->close;
?>
-snip-
still doesn't work, made sure I voted with "&pingUsername=admin" & enabled fail votes pingbacks as well but still not gaining rewards.
<?php
require("config/database.php");
require("config/properties.php");
$isCloudflare = isset($_SERVER["HTTP_CF_CONNECTING_IP"]);
$authorized = array("198.148.82.98");
if(!in_array(($isCloudflare ? $_SERVER["HTTP_CF_CONNECTING_IP"] : $_SERVER['REMOTE_ADDR']),$authorized)) {
exit;
}
// Using PDO, but only because I'm too lazy to revert back to mysqli. Also, good practice for you.
// Normally, you would use prepared statements for PDO.
// But because I didn't know this at the time I first wrote this (literally a year ago), I used the quote function.
$db = new PDO("mysql:host=".$host['hostname'].";dbname=".$host['database']."", $host['user'], $host['password']);
// Look at all the stuff GTOP is sending us!
// We don't really need to quote/escape $success since abs() will only return an int regardless of what is put in the value.
$voterIP = $db->quote($_POST["VoterIP"]);
$success = abs($_POST["Successful"]);
$reason = $db->quote($_POST["Reason"]);
$pingUsername = $db->quote($_POST["pingUsername"]);
// Getting MapleBit stuff
$getVoteConfig = $db->query("SELECT * FROM ".$prefix."vote WHERE name LIKE '%GTOP%';");
$vote = $getVoteConfig->fetch(PDO::FETCH_ASSOC);
$nx = $vote['gnx'];
$vp = $vote['gvp'];
$time = time();
$times = 1;
/*
It is not necessary to check if the user has already voted within the past 12 hours previously for GTOP.
GTOP already handles this on their site, and they will send us an error if their vote is invalid.
So let's save ourselves the headache from verifying the time.
*/
// GTOP says yes!
if($success == 0) {
$getUser = $db->query("SELECT * FROM accounts WHERE name = ".$pingUsername.";");
$result = $getUser->rowCount();
if ($result >= 1) {
// Awesome sauce! GTOP says it's a yes, and the account exists! Let's give the player a big clap!
$giveReward = $db->query("UPDATE accounts SET ".$colnx." = ".$colnx." + ".$nx.", ".$colvp." = ".$colvp." + ".$vp." WHERE name = ".$pingUsername.";");
// Add to MapleBit's voting record!
$votingRecords = $db->prepare("INSERT INTO ".$prefix."votingrecords (siteid, ip, account, date, times) VALUES (:siteid, :ip, :account, :date, :times)");
$votingRecords->bindValue(':siteid', $vote['id']);
$votingRecords->bindValue(':ip', str_replace("'", "", $voterIP), PDO::PARAM_STR);
$votingRecords->bindValue(':account', str_replace("'", "", $pingUsername), PDO::PARAM_STR);
$votingRecords->bindValue(':date', $time, PDO::PARAM_STR);
$votingRecords->bindValue(':times', $times, PDO::PARAM_INT);
$votingRecords->execute();
} else {
// That's weird. An account that doesn't exist? This shouldn't happen (unless the user directly modified the URL and put in an invalid username), but you should add code here to log it.
}
} else {
// GTOP says something failed. We should add code to log it here.
}
?>