/
verify.php
116 lines (101 loc) · 4.57 KB
/
verify.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
<?php
include("includes/core.php");
$content = "";
if($user){
$nextClaim = $user['last_claim'] + ($timer * 60);
if(time() < $nextClaim){
header("Location: index.php");
exit;
}
if(!isset($_POST['token']) || $_POST['token'] !== $_SESSION['token']) {
unset($_SESSION['token']);
$_SESSION['token'] = md5(md5(uniqid().uniqid().mt_rand()));
header("Location: index.php");
exit;
}
unset($_SESSION['token']);
$_SESSION['token'] = md5(md5(uniqid().uniqid().mt_rand()));
if(isset($_POST['verifykey'])){
if($_POST['verifykey'] != $user['claim_cryptokey']){
$content .= alert("danger", "Claim failed. <a href='index.php'>Go back</a>");
} else {
$reCaptchaPubKey = $mysqli->query("SELECT * FROM faucet_settings WHERE id = '9' LIMIT 1")->fetch_assoc()['value'];
if($reCaptchaPubKey){
$linksCaptcha .= "<a href='#' onClick='showCaptcha(1)'>reCaptcha</a> ";
$captchaContentBox .= "<div id='recaptcha-box'><center><div class='g-recaptcha' data-sitekey='".$reCaptchaPubKey."'></div></div>";
}
$solveMediaChallengeKey = $mysqli->query("SELECT * FROM faucet_settings WHERE id = '2' LIMIT 1")->fetch_assoc()['value'];
if($solveMediaChallengeKey){
$linksCaptcha .= "<a href='#' onCLick='showCaptcha(2)'>SolveMedia</a>";
$captchaContentBox .= "<div id='solvemedia-box'><center><script type=\"text/javascript\" src=\"http://api.solvemedia.com/papi/challenge.script?k=".$solveMediaChallengeKey."\"> </script> <noscript> <iframe src=\"http://api.solvemedia.com/papi/challenge.noscript?k=".$solveMediaChallengeKey."\" height=\"300\" width=\"500\" frameborder=\"0\"></iframe><br/> <textarea name=\"adcopy_challenge\" rows=\"3\" cols=\"40\"> </textarea> <input type=\"hidden\" name=\"adcopy_response\" value=\"manual_challenge\"/> </noscript></center></div>";
}
$hCaptchaPubKey = $mysqli->query("SELECT * FROM faucet_settings WHERE name = 'hcaptcha_pub_key'")->fetch_assoc()['value'];
if($hCaptchaPubKey){
$linksCaptcha .= "<a href='#' onCLick='showCaptcha(3)'>hCaptcha</a>";
$captchaContentBox .= "<div id='hcaptcha-box'><center><script src='https://www.hCaptcha.com/1/api.js?recaptchacompat=off' async defer></script>
<div class=\"h-captcha\" data-sitekey=\"{$hCaptchaPubKey}\"></div></center></div>";
}
$captchaContent .= "<strong>".$linksCaptcha."</strong><br /><br />
".$captchaContentBox."
<input type='hidden' id='selectedCaptcha__' name='selectedCaptcha' value='1' /><br />
<script>
if(document.getElementById('recaptcha-box')){
showCaptcha(1);
} else if(document.getElementById('hcaptcha-box')){
showCaptcha(3);
} else if(document.getElementById('solvemedia-box')){
showCaptcha(2);
}
function showCaptcha(captcha){
hideCaptchaBoxes();
if(captcha == 1){
document.getElementById('recaptcha-box').style.display = 'block';
document.getElementById('selectedCaptcha__').value = '1';
} else if(captcha == 2){
document.getElementById('solvemedia-box').style.display = 'block';
document.getElementById('selectedCaptcha__').value = '2';
} else if(captcha == 3){
document.getElementById('hcaptcha-box').style.display = 'block';
document.getElementById('selectedCaptcha__').value = '3';
}
}
function hideCaptchaBoxes(){
if(document.getElementById('recaptcha-box')){
document.getElementById('recaptcha-box').style.display = 'none';
}
if(document.getElementById('solvemedia-box')){
document.getElementById('solvemedia-box').style.display = 'none';
}
if(document.getElementById('hcaptcha-box')){
document.getElementById('hcaptcha-box').style.display = 'none';
}
}
</script>";
if(!$reCaptchaPubKey AND !$solveMediaChallengeKey){
$captchaContent = alert("info", "Admin hasn't set up the captcha system.");
}
$content .= "<h1>2. Solve Captcha</h1><br />
<form method='post' action='index.php?c=1'>
<div class='form-group'>
".$captchaContent."
</div><br />
<div class='form-group'>
<label>How many <strong>black</strong> dots do you see?</label><br />
<img src='captcha.php'><br />
<center><input type='number' class='form-control' style='width:80px;' name='secc2'></center>
</div><br />
<input type='hidden' name='verifykey' value='".$user['claim_cryptokey']."'/>
<input type='hidden' name='token' value='".$_SESSION['token']."'/>
<button type='submit' class='btn btn-success'>Claim</button>
</form>";
}
} else {
$content .= alert("danger", "Abusing the system is not allowed. <a href='index.php'>Go back</a>");
}
} else {
header("Location: index.php");
exit;
}
$tpl->assign("content", $content);
$tpl->display();
?>