Initial commit

[2ch-be.git] / dev-test / rewrite / melon / mapi.php

<?php
include('../encrypt.php');

if(isset($_GET['tkn']) && !empty($_GET['tkn'])) {
        //echo $_GET['tkn'];
        if(trim($_GET['tkn']) != "Mn2X65LB07wOXgU") {
                echo "NG";
                exit;
        }
}

if (isset($_GET['d']) && isset($_GET['m']) && isset($_GET['r']) && isset($_GET['pts']) && $_GET['tkn']=="Mn2X65LB07wOXgU") {
        $d = trim($_GET['d']);
        $m = trim($_GET['m']);
        $r = trim($_GET['r']);
        $p = trim($_GET['pts']);
        $trans = trim($_GET['trans']);

        $d = strip_tags(addslashes($d));
        $m = strip_tags(addslashes($m));
        $r = strip_tags(addslashes($r));
        $trans = strip_tags(addslashes($trans));
        $p = strip_tags(addslashes($p));
        if(!filter_var($p, FILTER_VALIDATE_INT) || $p < 0) {
                echo "0";
                exit;
        }

        $d = urldecode($d);
        $m = urldecode($m);

        $d = Decrypt($d,KEY);
        $m = Decrypt($m,KEY);

        //echo $d."<br>".$m;
        //exit;

        $d = filter_var($d, FILTER_SANITIZE_EMAIL);
        #if (!filter_var($d, FILTER_VALIDATE_EMAIL)) {
        #       echo "0";
        #       exit;
        #}
        $m = filter_var($m, FILTER_SANITIZE_STRING);

        $fdir = substr($d, 0, 1);
        $sdir = substr($d, 1, 1);
        $data = @file(DB_PATH."$fdir/$sdir/$d");

        if(md5($m."kahitanupo")==trim($data[2])){
          echo $points = file_get_contents("http://tpol27.nttec.com/melon.php?subt=".$p."&usr=".$d."&r=".$r."&trans=".$trans);  
        }

        if(hash("sha256", $m."kahitanupo")==trim($data[2])){
          //echo "http://tpol27.nttec.com/melon.php?subt=".$p."&usr=".$d."&r=".$r;
          echo $points = file_get_contents("http://tpol27.nttec.com/melon.php?subt=".$p."&usr=".$d."&r=".$r."&trans=".$trans);
        }

} else {
        echo "0";
}

?>