mega.co.nz_member.php

<?php
######## Account Info ########
/* Warning: Login uses a lot of CPU, make sure to upload at least 1 file in your account with this plugin for saving account data before adding it here.*/
$upload_acc['mega_co_nz']['user'] = ''; //Set your email
$upload_acc['mega_co_nz']['pass'] = ''; //Set your password
########################

$chunk_UL = false; // Set to true to upload only 1 encrypted chunk per request to mega. (Switch to true when you are getting many Data sending errors)
$calcMacEachChunk = true; // Set to false for get the file's cbc-mac after upload. (Sv will read the file 2 times & too high cpu usage in short time)

$_GET['proxy'] = isset($_GET['proxy']) ? $_GET['proxy'] : '';
$not_done = true;
$T8 = array('seqno' => mt_rand(), 'sid' => '');

echo "<center>Mega.co.nz plugin by <b>Th3-822</b></center><br />\n"; // Please, do not remove or change this line contents. - Th3-822
if (!extension_loaded('mcrypt') || !in_array('rijndael-128', mcrypt_list_algorithms(), true)) html_error("Mcrypt module isn't installed or it doesn't have support for the needed encryption.");

// OpenSSL is Much Faster (Only Works Since 5.4)
if (version_compare(PHP_VERSION, '5.4.0', '>=') && extension_loaded('openssl') && in_array('aes-128-cbc', openssl_get_cipher_methods(), true)) {
	function aes_cbc_encrypt($data, $key) {
		$data = str_pad($data, 16 * ceil(strlen($data) / 16), "\0"); // OpenSSL needs this padded.
		return openssl_encrypt($data, 'aes-128-cbc', $key, OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0");
	}
	function aes_cbc_decrypt($data, $key) {
		$data = str_pad($data, 16 * ceil(strlen($data) / 16), "\0"); // OpenSSL needs this padded.
		return openssl_decrypt($data, 'aes-128-cbc', $key, OPENSSL_RAW_DATA | OPENSSL_ZERO_PADDING, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0");
	}
} else {
	function aes_cbc_encrypt($data, $key) {
		return mcrypt_encrypt(MCRYPT_RIJNDAEL_128, $key, $data, MCRYPT_MODE_CBC, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0");
	}
	function aes_cbc_decrypt($data, $key) {
		return mcrypt_decrypt(MCRYPT_RIJNDAEL_128, $key, $data, MCRYPT_MODE_CBC, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0");
	}
}

if (!empty($upload_acc['mega_co_nz']['user']) && !empty($upload_acc['mega_co_nz']['pass'])) {
	$default_acc = true;
	$_REQUEST['T8']['up_login'] = $upload_acc['mega_co_nz']['user'];
	$_REQUEST['T8']['up_pass'] = $upload_acc['mega_co_nz']['pass'];
	$_REQUEST['action'] = 'Th3-822';
	echo "<center><b>Using Default Login.</b></center><br />\n";
} else $default_acc = false;

if (empty($_REQUEST['action']) || $_REQUEST['action'] != 'Th3-822') {
	echo "<table border='0' style='width:270px;' cellspacing='0' align='center'>
	<form method='POST'>
	<input type='hidden' name='action' value='Th3-822' />
	<tr><td style='white-space:nowrap;'>&nbsp;Email*</td><td>&nbsp;<input type='text' name='T8[up_login]' value='' style='width:160px;' /></td></tr>
	<tr><td style='white-space:nowrap;'>&nbsp;Password*</td><td>&nbsp;<input type='password' name='T8[up_pass]' value='' style='width:160px;' /></td></tr>\n";
	echo "<tr><td colspan='2' align='center'><br /><input type='submit' value='Upload' /></td></tr>\n";
	echo "<tr><td colspan='2' align='center'><small>*You can set it as default in <b>".basename(__FILE__)."</b></small></td></tr>\n";
	echo "</table>\n</form>\n";
	echo "<p style='text-align:center'>Login step may last <b>1 minute or more with high CPU usage</b>, longer passwords will increase that time.<br /><small>After a correct login, session will be stored for skip the login step.</small></p>";
	echo "<script type='text/javascript'>self.resizeTo(700,350);</script>\n"; //Resize upload window
} else {
	$login = $not_done = false;
	$domain = 'mega.co.nz';

	// Login
	echo "<table style='width:600px;margin:auto;'>\n<tr><td align='center'>\n<div id='login' width='100%' align='center'>Login to $domain</div>\n";

	if (!empty($_REQUEST['T8']['up_login']) && !empty($_REQUEST['T8']['up_pass'])) SavedLogin($_REQUEST['T8']['up_login'], $_REQUEST['T8']['up_pass']);
	else html_error('Login Error: Email or Password empty.');

	// Retrive upload ID
	echo "<script type='text/javascript'>document.getElementById('login').style.display='none';</script>\n<div id='info' width='100%' align='center'>Retrive upload url</div>\n";

	$ul_url = apiReq(array('a' => 'u', 's' => $fsize));
	if (is_numeric($ul_url[0])) check_errors($ul_url[0], 'Error getting upload url');
	$up_url = $ul_url[0]['p'];

	$ul_key = array();
	for ($i = 0; $i < 6; $i++) $ul_key[] = get_rand(3);

	// Uploading
	echo "<script type='text/javascript'>document.getElementById('info').style.display='none';</script>\n";

	$mac_str = '';
	$upfiles = T8_mega_upload($up_url, $ul_key, $lfile, $lname, $mac_str);

	// Upload Finished
	echo "<script type='text/javascript'>document.getElementById('progressblock').style.display='none';</script>\n";

	is_page($upfiles);

	if ($calcMacEachChunk) {
		$file_mac = str_to_a32($mac_str);
		mcrypt_generic_deinit($m_td1);
		mcrypt_module_close($m_td1);
		mcrypt_generic_deinit($m_td2);
		mcrypt_module_close($m_td2);
	} else $file_mac = FileMac($lfile, $fsize, a32_to_str(array_slice($ul_key, 0, 4)), a32_to_str(array($ul_key[4], $ul_key[5], $ul_key[4], $ul_key[5])));

	$body = substr($upfiles, strpos($upfiles, "\r\n\r\n") + 4);
	if (is_numeric($body)) check_errors($body, 'Upload Error');

	$meta_mac = array($file_mac[0] ^ $file_mac[1], $file_mac[2] ^ $file_mac[3]);
	$attributes = array('n' => basename($lname));
	$enc_attributes = enc_attr($attributes, array_slice($ul_key, 0, 4));
	$key = array($ul_key[0] ^ $ul_key[4], $ul_key[1] ^ $ul_key[5], $ul_key[2] ^ $meta_mac[0], $ul_key[3] ^ $meta_mac[1], $ul_key[4], $ul_key[5], $meta_mac[0], $meta_mac[1]);

	$file = apiReq(array('a' => 'p', 't' => $T8['root_id'], 'n' => array(array('h' => $body, 't' => 0, 'a' => base64url_encode($enc_attributes), 'k' => a32_to_base64(encrypt_key($key, $T8['master_key']))))));
	if (is_numeric($file[0])) check_errors($file[0], 'Save file error');

	$public_handle = apiReq(array('a' => 'l', 'n' => $file[0]['f'][0]['h']));
	if (is_numeric($public_handle[0])) check_errors($public_handle[0], 'Error getting public fileid');
	$key = substr($file[0]['f'][0]['k'], strpos($file[0]['f'][0]['k'], ':'));
	$decrypted_key = a32_to_base64(decrypt_key(base64_to_a32($key), $T8['master_key']));

	$download_link = "https://$domain/#!{$public_handle[0]}!$decrypted_key";
}

// secure_rand() function from: http://www.zimuel.it/en/strong-cryptography-in-php/
function secure_rand($length) {
	if (function_exists('openssl_random_pseudo_bytes')) {
		$rnd = openssl_random_pseudo_bytes($length, $strong);
		if ($strong === TRUE) return $rnd;
	}
	$sha = $rnd = '';
	if (file_exists('/dev/urandom')) {
		$fp = fopen('/dev/urandom', 'rb');
		if ($fp) {
			if (function_exists('stream_set_read_buffer')) stream_set_read_buffer($fp, 0);
			$sha = fread($fp, $length);
			fclose($fp);
		}
	}
	for ($i=0; $i<$length; $i++) {
		$sha = hash('sha256',$sha.mt_rand());
		$char = mt_rand(0,62);
		$rnd .= chr(hexdec($sha[$char].$sha[$char+1]));
	}
	return $rnd;
}

function get_rand($bytes) {
	return hexdec(bin2hex(secure_rand($bytes)));
}
function Get_Reply($content) {
	if (!function_exists('json_decode')) html_error('Error: Please enable JSON in php.');
	if (($pos = strpos($content, "\r\n\r\n")) > 0) $content = substr($content, $pos + 4);
	$cb_pos = strpos($content, '{');
	$sb_pos = strpos($content, '[');
	if ($cb_pos === false && $sb_pos === false) html_error('Json start braces not found.');
	$sb = ($cb_pos === false || $sb_pos < $cb_pos) ? true : false;
	$content = substr($content, strpos($content, ($sb ? '[' : '{')));$content = substr($content, 0, strrpos($content, ($sb ? ']' : '}')) + 1);
	if (empty($content)) html_error('No json content.');
	$rply = json_decode($content, true);
	if (!$rply || count($rply) == 0) html_error('Error reading json.');
	return $rply;
}
function apiReq($atrr) {
	$try = 0;
	do {
		if ($try > 0) sleep(mt_rand(2,3));
		$ret = doApiReq($atrr);
		$try++;
	} while ($try < 6 && $ret[0] == -3);
	return $ret;
}
function doApiReq($atrr) {
	global $T8;
	$domain = 'g.api.mega.co.nz';//$domain = 'eu.api.mega.co.nz';
	if (!function_exists('json_encode')) html_error('Error: Please enable JSON in php.');
	$cURL = $GLOBALS['options']['use_curl'] && extension_loaded('curl') && function_exists('curl_init') && function_exists('curl_exec') ? true : false;
	$chttps = false;
	if ($cURL) {
		$cV = curl_version();
		if (in_array('https', $cV['protocols'], true)) $chttps = true;
	}
	if (!extension_loaded('openssl') && !$chttps) html_error('You need to install/enable PHP\'s OpenSSL extension to support HTTPS connections.');
	elseif (!$chttps) $cURL = false;

	$sid = (!empty($T8['sid']) ? '&sid=' . $T8['sid'] : '');
	$post = json_encode($atrr);
	$referer = "https://mega.co.nz/\r\nContent-Type: application/json";
	if ($cURL) $page = cURL("https://$domain/cs?id=" . ($T8['seqno']++) . $sid, 0, "[$post]", $referer);
	else {
		global $pauth;
		$page = geturl($domain, 443, '/cs?id=' . ($T8['seqno']++) . $sid, $referer, 0, "[$post]", 0, 0, 0, 0, 'https');
		is_page($page);
	}
	list ($header, $page) = array_map('trim', explode("\r\n\r\n", $page, 2));
	if (is_numeric($page)) return array(intval($page));
	if (in_array(intval(substr($header, 9, 3)), array(500, 503))) return array(-3); //  500 Server Too Busy
	return Get_Reply($page);
}
function check_errors($err, $prefix = 'Error') {
	$isLogin = (stripos($prefix, 'login') !== false);
	switch ($err) {
		default: $msg = '*No message for this error*';break;
		case -1: $msg = 'An internal error has occurred';break;
		case -2: $msg = 'You have passed invalid arguments to this command, your rapidleech is outdated?';break;
		case -3: $msg = 'A temporary congestion or server malfunction prevented your request from being processed';break;
		case -4: $msg = 'You have exceeded your command weight per time quota. Please wait a few seconds, then try again';break;
		case -5: $msg = 'The upload has failed';break;
		case -6: $msg = 'Too many concurrent IP addresses are accessing this upload target URL';break;
		case -7: $msg = 'The upload file packet is out of range or not starting and ending on a chunk boundary';break;
		case -8: $msg = 'The upload target URL you are trying to access has expired. Please request a fresh one';break;
		case -9: $msg = ($isLogin ? 'Email/Password incorrect' : 'Resource not found or deleted');break;
		case -11: $msg = 'Access violation';break;
		case -13: $msg = ($isLogin ? 'Account not Activated yet' : 'Trying to access an incomplete file');break;
		case -14: $msg = 'A decryption operation failed';break;
		case -15: $msg = 'Invalid or expired user session, please relogin';break;
		case -16: $msg = 'User blocked';break;
		case -17: $msg = 'Request over quota';break;
		case -18: $msg = 'Resource temporarily not available, please try again later';break;
	}
	html_error("$prefix: [$err] $msg.");
}

// Using some functions from: http://julien-marchand.fr/blog/using-the-mega-api-with-php-examples/
function base64url_encode($data) {
	return strtr(rtrim(base64_encode($data), '='), '+/', '-_');//return strtr(base64_encode($data), '+/=', '-_,');
}
function base64url_decode($data) {
	if (($s = (2 - strlen($data) * 3) % 4) < 2) $data .= substr(',,', $s);
	return base64_decode(strtr($data, '-_,', '+/='));
}
function a32_to_str($hex) {
	return call_user_func_array('pack', array_merge(array('N*'), $hex));
}
function a32_to_base64($a) {
	return base64url_encode(a32_to_str($a));
}
function str_to_a32($b) {
	// Add padding, we need a string with a length multiple of 4
	$b = str_pad($b, 4 * ceil(strlen($b) / 4), "\0");
	return array_values(unpack('N*', $b));
}
function base64_to_a32($s) {
	return str_to_a32(base64url_decode($s));
}
function aes_cbc_encrypt_a32($data, $key) {
	return str_to_a32(aes_cbc_encrypt(a32_to_str($data), a32_to_str($key)));
}
function aes_cbc_decrypt_a32($data, $key) {
	return str_to_a32(aes_cbc_decrypt(a32_to_str($data), a32_to_str($key)));
}
function enc_attr($attr, $key) {
	$attr = 'MEGA' . json_encode($attr);
	return aes_cbc_encrypt($attr, a32_to_str($key));
}
function stringhash($s, $aeskey) {
	$s32 = str_to_a32($s);
	$h32 = array(0, 0, 0, 0);
	for ($i = 0; $i < count($s32); $i++) $h32[$i % 4] ^= $s32[$i];
	for ($i = 0; $i < 0x4000; $i++) $h32 = aes_cbc_encrypt_a32($h32, $aeskey);
	return a32_to_base64(array($h32[0], $h32[2]));
}
function prepare_key($a) {
	$pkey = array(0x93C467E3, 0x7DB0C7A4, 0xD1BE3F81, 0x0152CB56);
	$count_a = count($a);
	for ($r = 0; $r < 0x10000; $r++) {
		for ($j = 0; $j < $count_a; $j += 4) {
			$key = array(0, 0, 0, 0);
			for ($i = 0; $i < 4; $i++) if ($i + $j < $count_a) $key[$i] = $a[$i + $j];
			$pkey = aes_cbc_encrypt_a32($pkey, $key);
		}
	}
	return $pkey;
}
function encrypt_key($a, $key) {
	$x = array();
	for ($i = 0; $i < count($a); $i += 4) $x = array_merge($x, aes_cbc_encrypt_a32(array_slice($a, $i, 4), $key));
	return $x;
}
function decrypt_key($a, $key) {
	$x = array();
	for ($i = 0; $i < count($a); $i += 4) $x = array_merge($x, aes_cbc_decrypt_a32(array_slice($a, $i, 4), $key));
	return $x;
}
function mpi2bc($s) {
	$s = bin2hex(substr($s, 2));
	$len = strlen($s);
	$n = 0;
	for ($i = 0; $i < $len; $i++) $n = bcadd($n, bcmul(hexdec($s[$i]), bcpow(16, $len - $i - 1)));
	return $n;
}
function bin2int($str) {
	$result = 0;
	$n = strlen($str);
	do {
		$result = bcadd(bcmul($result, 256), ord($str[--$n]));
	} while ($n > 0);
	return $result;
}
function int2bin($num) {
	$result = '';
	do {
		$result .= chr(bcmod($num, 256));
		$num = bcdiv($num, 256);
	} while (bccomp($num, 0));
	return $result;
}
function bitOr($num1, $num2, $start_pos) {
	$start_byte = intval($start_pos / 8);
	$start_bit = $start_pos % 8;
	$tmp1 = int2bin($num1);
	$num2 = bcmul($num2, 1 << $start_bit);
	$tmp2 = int2bin($num2);
	if ($start_byte < strlen($tmp1)) {
		$tmp2 |= substr($tmp1, $start_byte);
		$tmp1 = substr($tmp1, 0, $start_byte) . $tmp2;
	} else $tmp1 = str_pad($tmp1, $start_byte, "\0") . $tmp2;
	return bin2int($tmp1);
}
function bitLen($num) {
	$tmp = int2bin($num);
	$bit_len = strlen($tmp) * 8;
	$tmp = ord($tmp[strlen($tmp) - 1]);
	if (!$tmp) $bit_len -= 8;
	else while (!($tmp & 0x80)) {
		$bit_len--;
		$tmp <<= 1;
	}
	return $bit_len;
}
function rsa_decrypt($enc_data, $p, $q, $d) {
	$enc_data = int2bin($enc_data);
	$exp = $d;
	$modulus = bcmul($p, $q);
	$data_len = strlen($enc_data);
	$chunk_len = bitLen($modulus) - 1;
	$block_len = intval(ceil($chunk_len / 8));
	$curr_pos = 0;
	$bit_pos = 0;
	$plain_data = 0;
	while ($curr_pos < $data_len) {
		$tmp = bin2int(substr($enc_data, $curr_pos, $block_len));
		$tmp = bcpowmod($tmp, $exp, $modulus);
		$plain_data = bitOr($plain_data, $tmp, $bit_pos);
		$bit_pos += $chunk_len;
		$curr_pos += $block_len;
	}
	return int2bin($plain_data);
}

function getRootNode($files = 0) {
	global $T8;
	if (empty($files) || !is_array($files) || count($files) < 1) $files = apiReq(array('a' => 'f', 'c' => 1));
	if (is_numeric($files[0])) check_errors($files[0], 'Cannot get Root folder ID');
	foreach ($files[0]['f'] as $file) if ($file['t'] == 2) {
		$T8['root_id'] = $file['h'];
		break;
	}
	if (empty($T8['root_id'])) html_error('Root folder ID not found.');
}

function getNextChunkLength($len) {
	if ($len < 131072) return 131072;
	elseif ($len < 262144) return 262144;
	elseif ($len < 393216) return 393216;
	elseif ($len < 524288) return 524288;
	elseif ($len < 655360) return 655360;
	elseif ($len < 786432) return 786432;
	elseif ($len < 917504) return 917504;
	else return 1048576;
}

function calcChunkMac($data, $key, $iv) {
	global $m_td1, $m_td2;
	$size = strlen($data);
	if ($size % 16 > 0) {
		$data .= str_repeat("\0", (16 - $size % 16));
		$size = strlen($data);
	}

	$init = mcrypt_generic_init($m_td2, $key, $iv);
	if ($init === false || $init < 0) html_error('Cannot init mcrypt');

	$size -= 16;
	if ($size > 0) mcrypt_generic($m_td2, substr($data, 0, $size));
	return mcrypt_generic($m_td1, mcrypt_generic($m_td2, substr($data, $size)));
}

function FileMac($file, $fsize, $key, $iv) {
	$fs = fopen($file, 'rb');
	$csize = 131072;
	$_data = '';
	$readed = 0;
	$m_td1 = mcrypt_module_open('rijndael-128', '', 'cbc', '');
	$m_td2 = mcrypt_module_open('rijndael-128', '', 'cbc', '');
	$init = mcrypt_generic_init($m_td1, $key, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0");
	if ($init === false || $init < 0) html_error('Cannot init mcrypt');
	echo "\n<script type='text/javascript'>document.getElementById('T8').innerHTML = 'CBC-MAC File: 0 %';document.getElementById('T8').style.display = 'block';</script>";
	while (!feof($fs)) {
		$data = fread($fs, $csize);
		if ($data === false) {
			fclose($fs);
			html_error(lang(112));
		}
		if ($_data !== '') {
			$data = $_data . $data;
			$_data = '';
		}
		if (strlen($data) < $csize && !feof($fs)) {
			$_data .= $data;
			continue;
		}
		if (strlen($data) > $csize) {
			$_data .= substr($data, $csize);
			$data = substr($data, 0, $csize);
		}

		$readed += $size = strlen($data);
		if ($size % 16 > 0) {
			$data .= str_repeat("\0", (16 - $size % 16));
			$size = strlen($data);
		}

		$init = mcrypt_generic_init($m_td2, $key, $iv);
		if ($init === false || $init < 0) html_error('Cannot init mcrypt');

		$size -= 16;
		if ($size > 0) mcrypt_generic($m_td2, substr($data, 0, $size));
		$mac_str = mcrypt_generic($m_td1, mcrypt_generic($m_td2, substr($data, $size)));

		if ($csize < 1048576) $csize = getNextChunkLength($csize);
		echo "\n<script type='text/javascript'>document.getElementById('T8').innerHTML = 'CBC-MAC File: ".($readed < $fsize ? round($readed / $fsize * 100, 2) : '100')." %';</script>";
		flush();
	}
	echo "\n<script type='text/javascript'>document.getElementById('T8').innerHTML = 'CBC-MAC File: 100 %';document.getElementById('T8').style.display = 'none';</script>";
	mcrypt_generic_deinit($m_td1);
	mcrypt_module_close($m_td1);
	mcrypt_generic_deinit($m_td2);
	mcrypt_module_close($m_td2);
	fclose($fs);
	return str_to_a32($mac_str);
}

function Login($user, $pass) {
	global $T8;
	if (!extension_loaded('bcmath')) html_error('This plugin needs BCMath extension for login.');
	$password_aes = prepare_key(str_to_a32($pass));
	$T8['user_handle'] = stringhash($user, $password_aes);
	$res = apiReq(array('a' => 'us', 'user' => $user, 'uh' => $T8['user_handle']));
	if (is_numeric($res[0])) check_errors($res[0], 'Cannot login');
	$T8['master_key'] = decrypt_key(base64_to_a32($res[0]['k']), $password_aes);
	$privk = a32_to_str(decrypt_key(base64_to_a32($res[0]['privk']), $T8['master_key']));
	$rsa_priv_key = array(0, 0, 0, 0);
	for ($i = 0; $i < 4; $i++) {
		$l = ((ord($privk[0]) * 256 + ord($privk[1]) + 7) / 8) + 2;
		$rsa_priv_key[$i] = mpi2bc(substr($privk, 0, $l));
		$privk = substr($privk, $l);
	}
	$T8['sid'] = rsa_decrypt(mpi2bc(base64url_decode($res[0]['csid'])), $rsa_priv_key[0], $rsa_priv_key[1], $rsa_priv_key[2]);
	$T8['sid'] = base64url_encode(substr(strrev($T8['sid']), 0, 43));
	getRootNode();
	t8ArrToCookieArr($rsa_priv_key);

	$quota = apiReq(array('a' => 'uq', 'strg' => 1));
	if (!is_array($quota[0])) check_errors($quota[0], 'Cannot get disk quota');
	SaveCookies($user, $pass); // Update cookies file.
	$cookie = '';
	if (($quota[0]['mstrg'] - $quota[0]['cstrg']) < $GLOBALS['fsize']) html_error('Insufficient Free Space in Account for Upload this File.');
}

function IWillNameItLater($cookie, $decrypt=true) {
	if (!is_array($cookie)) {
		if (!empty($cookie)) return $decrypt ? decrypt(urldecode($cookie)) : urlencode(encrypt($cookie));
		return '';
	}
	if (count($cookie) < 1) return $cookie;
	$keys = array_keys($cookie);
	$values = array_values($cookie);
	$keys = $decrypt ? array_map('decrypt', array_map('urldecode', $keys)) : array_map('urlencode', array_map('encrypt', $keys));
	$values = $decrypt ? array_map('decrypt', array_map('urldecode', $values)) : array_map('urlencode', array_map('encrypt', $values));
	return array_combine($keys, $values);
}

function SavedLogin($user, $pass) {
	global $T8, $cookie, $secretkey;
	if (!defined('DOWNLOAD_DIR')) {
		global $options;
		if (substr($options['download_dir'], -1) != '/') $options['download_dir'] .= '/';
		define('DOWNLOAD_DIR', (substr($options['download_dir'], 0, 6) == 'ftp://' ? '' : $options['download_dir']));
	}

	$user = strtolower($user);
	$filename = DOWNLOAD_DIR.basename('mega_ul.php');
	if (!file_exists($filename) || filesize($filename) <= 6) return Login($user, $pass);

	$file = file($filename);
	$savedcookies = unserialize($file[1]);
	unset($file);

	$hash = hash('crc32b', $user.':'.$pass);
	if (is_array($savedcookies) && array_key_exists($hash, $savedcookies)) {
		$_secretkey = $secretkey;
		$secretkey = hash('crc32b', $pass).sha1($user.':'.$pass).hash('crc32b', $user); // A 56 char key should be safer. :D
		$cookie = (decrypt(urldecode($savedcookies[$hash]['enc'])) == 'OK') ? IWillNameItLater($savedcookies[$hash]['cookie']) : '';
		$secretkey = $_secretkey;
		if ((is_array($cookie) && count($cookie) < 1) || empty($cookie)) return Login($user, $pass);

		$T8['sid'] = $cookie['sid'];
		$T8['user_handle'] = $cookie['user_handle'];
		$T8['master_key'] = base64_to_a32($cookie['master_key']);
		$T8['root_id'] = $cookie['root_id'];
		$rsa_priv_key = explode('/T8\\', $cookie['rsa_priv_key']);

		$quota = apiReq(array('a' => 'uq', 'strg' => 1)); // I'm using the 'User quota details' request for validating the session id.
		if (is_numeric($quota[0]) && $quota[0] < 0) {
			if ($quota[0] == -15) { // Session code expired... We need to get a newer one.
				if (!extension_loaded('bcmath')) html_error('This plugin needs BCMath extension for login.');
				$T8['sid'] = false; // Do not send old sid or it will get '-15' error.
				$res = apiReq(array('a' => 'us', 'user' => $user, 'uh' => $T8['user_handle']));
				if (is_numeric($res[0])) check_errors($res[0], 'Cannot re-login');
				$T8['sid'] = rsa_decrypt(mpi2bc(base64url_decode($res[0]['csid'])), $rsa_priv_key[0], $rsa_priv_key[1], $rsa_priv_key[2]);
				$T8['sid'] = base64url_encode(substr(strrev($T8['sid']), 0, 43));
				t8ArrToCookieArr();
			} else check_errors($quota[0], 'Cannot validate saved-login');
		}
		SaveCookies($user, $pass); // Update last used time.
		$cookie = '';
		if (($quota[0]['mstrg'] - $quota[0]['cstrg']) < $GLOBALS['fsize']) html_error('Insufficient Free Space in Account for Upload this File');
		return;
	}
	return Login($user, $pass);
}

function t8ArrToCookieArr($rsa_priv_key = 0) {
	global $cookie, $T8;
	if (empty($cookie) || !is_array($cookie)) $cookie = array();
	$cookie['sid'] = $T8['sid'];
	$cookie['user_handle'] = $T8['user_handle'];
	$cookie['master_key'] = a32_to_base64($T8['master_key']);
	$cookie['root_id'] = $T8['root_id'];
	if (!empty($rsa_priv_key) && is_array($rsa_priv_key) && count($rsa_priv_key) > 2) $cookie['rsa_priv_key'] = implode('/T8\\', array_slice($rsa_priv_key, 0, 3)); // For decrypt the SID we need only the first 3 elements of the priv key, so we will only save those 3 elements.
}

function SaveCookies($user, $pass) {
	global $cookie, $secretkey;
	$maxdays = 30; // Max days to keep cookies for more than 1 user.
	$filename = DOWNLOAD_DIR.basename('mega_ul.php');
	if (file_exists($filename) && filesize($filename) > 6) {
		$file = file($filename);
		$savedcookies = unserialize($file[1]);
		unset($file);

		// Remove old cookies
		if (is_array($savedcookies)) {
			foreach ($savedcookies as $k => $v) if (time() - $v['time'] >= ($maxdays * 24 * 60 * 60)) unset($savedcookies[$k]);
		} else $savedcookies = array();
	} else $savedcookies = array();
	$hash = hash('crc32b', $user.':'.$pass);
	$_secretkey = $secretkey;
	$secretkey = hash('crc32b', $pass).sha1($user.':'.$pass).hash('crc32b', $user); // A 56 char key should be safer. :D
	$savedcookies[$hash] = array('time' => time(), 'enc' => urlencode(encrypt('OK')), 'cookie' => IWillNameItLater($cookie, false));
	$secretkey = $_secretkey;

	write_file($filename, "<?php exit(); ?>\r\n" . serialize($savedcookies));
}

function chunk_ul($scheme, $host, $port, $url, $onlyOpen = false) {
	global $nn, $pauth, $fp, $errno, $errstr, $fsize, $pbChunkSize, $data, $zapros;
	if ($scheme == 'https://') {
		$scheme = 'tls://';
		$port = 443;
	}

	if (!empty($_GET['proxy'])) {
		$proxy = true;
		list($proxyHost, $proxyPort) = explode(':', $_GET['proxy'], 2);
		$host = $host . ($port != 80 && ($scheme != 'tls://' || $port != 443) ? ':' . $port : '');
		$url = $scheme . $host . $url;
	} else $proxy = false;

	if ($scheme != 'tls://') $scheme = '';
	$request = array();
	$request[] = 'POST ' . str_replace(' ', '%20', $url) . ' HTTP/1.0';
	$request[] = "Host: $host";
	$request[] = 'User-Agent: '. (defined('rl_UserAgent') ? rl_UserAgent : 'Opera/9.80 (Windows NT 6.1) Presto/2.12.388 Version/12.17');
	$request[] = 'Accept: */*';
	$request[] = 'Accept-Language: en-US;q=0.7,en;q=0.3';
	$request[] = 'Accept-Charset: utf-8,windows-1251;q=0.7,*;q=0.7';
	$request[] = 'Content-Type: application/octet-stream';
	$request[] = "Content-Length: ".($onlyOpen ? $fsize : strlen($data));
	if ($proxy && !empty($pauth)) $request[] = "Proxy-Authorization: Basic $pauth\r\n";
	$request[] = 'Connection: Close';

	$zapros = implode("\r\n", $request) . "\r\n\r\n";
	$errno = 0; $errstr = '';
	$posturl = (!empty($proxyHost) ? $scheme . $proxyHost : $scheme . $host) . ':' . (!empty($proxyPort) ? $proxyPort : $port);
	$fp = @stream_socket_client($posturl, $errno, $errstr, 120, STREAM_CLIENT_CONNECT);

	if (!$fp) {
		$dis_host = $proxy ? $proxyHost : $host;
		$dis_port = $proxy ? $proxyPort : $port;
		html_error(sprintf(lang(88), $dis_host, $dis_port));
	} elseif ($errno || $errstr) html_error($errstr);

	if (!@fputs($fp, $zapros)) html_error('Cannot send request headers.');
	fflush($fp);

	require_once(TEMPLATE_DIR . '/uploadui.php');
	echo "\n<script type='text/javascript'>document.getElementById('ul_con').innerHTML ='".($proxy ? (sprintf(lang(89), $proxyHost, $proxyPort) . "<br />'UPLOAD: <b>$url</b>...<br />") : sprintf(lang(90), $host, $port))."';document.getElementById('ul_fname').style.display = 'block';</script>";
	flush();

	if ($onlyOpen) return;
	global $timeStart, $totalsend, $time, $lastChunkTime;
	$dlen = strlen($data);
	$sended = 0;
	for ($s = 0; $s < ($dlen - 1); $s += $pbChunkSize) {
		$chunk = ($pbChunkSize >= ($dlen - $s)) ? substr($data, $s) : substr($data, $s, $pbChunkSize);
		$sendbyte = @fputs($fp, $chunk);
		fflush($fp);

		if ($sendbyte === false || strlen($chunk) > $sendbyte) {
			fclose($fp);
			html_error(lang(113));
		}

		$totalsend += $sendbyte;
		$sended += $sendbyte;

		$time = getmicrotime() - $timeStart;
		$chunkTime = $time - $lastChunkTime;
		if (($s + $sendbyte) <= ($dlen - 1) && $chunkTime < 1) continue;
		$chunkTime = (!($chunkTime < 0) && $chunkTime > 0) ? $chunkTime : 1;
		$lastChunkTime = $time;
		$speed = round($sended / 1024 / $chunkTime, 2);
		$percent = round($totalsend / $fsize * 100, 2);
		echo "<script type='text/javascript'>pr('$percent', '" . bytesToKbOrMbOrGb($totalsend) . "', '$speed');</script>\n";
		flush();
		$sended = 0;
	}
	if ($errno || $errstr) html_error($errstr);
	fflush($fp);

	$page = '';
	while (!feof($fp)) {
		$data = fgets($fp, 16384);
		if ($data === false) break;
		$page .= $data;
	}

	fclose($fp);
	$body = substr($page, strpos($page, "\r\n\r\n") + 4);
	if (is_numeric($body) && $body < 0) check_errors($body, 'Error while uploading chunk');
	return $page;
}

function T8_mega_upload($link, $ul_key, $file, $filename, &$mac_str = '') {
	global $nn, $fp, $fs, $errno, $errstr, $fsize, $pbChunkSize, $T8, $chunk_UL, $calcMacEachChunk, $zapros;
	$pbChunkSize = GetChunkSize($fsize);
	$_link = parse_url($link);
	$scheme = $_link['scheme'] . '://';
	$host = $_link['host'];
	$port = defport($_link);
	$url = $_link['path']. (!empty($_link['query']) ? '?'.$_link['query'] : '');
	unset($_link);
	$key = a32_to_str(array_slice($ul_key, 0, 4));

	$_td = mcrypt_module_open('rijndael-128', '', 'ctr', '');
	$init = mcrypt_generic_init($_td, $key, a32_to_str(array($ul_key[4], $ul_key[5], 0, 0)));
	if ($init === false || $init < 0) html_error('Cannot init mcrypt');

	if (!is_readable($file)) html_error(sprintf(lang(65), $file));

	echo "\n<p id='ul_con'></p>\n<p id='ul_fname' style='display:none'>" . lang(104) . " <b>$filename</b>, " . lang(56) . ' <b>' . bytesToKbOrMbOrGb($fsize) . "</b>...<br /></p><p id='T8' style='display:none'></p>\n";
	flush();

	if ($chunk_UL) global $chunkSize, $timeStart, $data, $totalsend, $time, $lastChunkTime;
	else chunk_ul($scheme, $host, $port, $url, true);

	$fs = fopen($file, 'rb');
	$chunkSize = 131072;
	$totalsend = $time = $lastChunkTime = 0;
	$_data = '';
	if ($calcMacEachChunk) {
		global $m_td1, $m_td2;
		$m_td1 = mcrypt_module_open('rijndael-128', '', 'cbc', '');
		$m_td2 = mcrypt_module_open('rijndael-128', '', 'cbc', '');
		$init = mcrypt_generic_init($m_td1, $key, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0");
		if ($init === false || $init < 0) html_error('Cannot init mcrypt');
		$c_mac = a32_to_str(array($ul_key[4], $ul_key[5], $ul_key[4], $ul_key[5]));
	}

	$timeStart = microtime(true);

	while (!feof($fs) && !$errno && !$errstr) {
		$data = fread($fs, $chunkSize);
		if ($data === false) {
			fclose($fs);
			if (!$chunk_UL) fclose($fp);
			html_error(lang(112));
		}
		if ($_data !== '') {
			$data = $_data . $data;
			$_data = '';
		}
		if (strlen($data) < $chunkSize && !feof($fs)) {
			$_data .= $data;
			continue;
		}
		if (strlen($data) > $chunkSize) {
			$_data .= substr($data, $chunkSize);
			$data = substr($data, 0, $chunkSize);
		}
		if ($calcMacEachChunk) $mac_str = calcChunkMac($data, $key, $c_mac);
		if ($chunkSize < 1048576) $chunkSize = getNextChunkLength($chunkSize);

		$data = mcrypt_generic($_td, $data);
		if ($chunk_UL) $page = chunk_ul($scheme, $host, $port, "$url/$totalsend-" . (($totalsend + strlen($data)) - 1));
		else {
			$dlen = strlen($data);
			$sended = 0;
			for ($s = 0; $s < ($dlen - 1); $s += $pbChunkSize) {
				$chunk = ($pbChunkSize >= ($dlen - $s)) ? substr($data, $s) : substr($data, $s, $pbChunkSize);
				$sendbyte = @fputs($fp, $chunk);
				fflush($fp);

				if ($sendbyte === false || strlen($chunk) > $sendbyte) {
					fclose($fs);
					fclose($fp);
					html_error(lang(113));
				}

				$totalsend += $sendbyte;
				$sended += $sendbyte;

				$time = getmicrotime() - $timeStart;
				$chunkTime = $time - $lastChunkTime;
				if (($s + $sendbyte) <= ($dlen - 1) && $chunkTime < 1) continue;
				$chunkTime = (!($chunkTime < 0) && $chunkTime > 0) ? $chunkTime : 1;
				$lastChunkTime = $time;
				$speed = round($sended / 1024 / $chunkTime, 2);
				$percent = round($totalsend / $fsize * 100, 2);
				echo "<script type='text/javascript'>pr('$percent', '" . bytesToKbOrMbOrGb($totalsend) . "', '$speed');</script>\n";
				flush();
				$sended = 0;
			}
		}
	}
	mcrypt_generic_deinit($_td);
	mcrypt_module_close($_td);
	if ($errno || $errstr) {
		$lastError = $errstr;
		return false;
	}

	if (!$chunk_UL) {
		fflush($fp);
		$page = '';
		while (!feof($fp)) {
			$data = fgets($fp, 16384);
			if ($data === false) break;
			$page .= $data;
		}
		fclose($fp);
	}
	fclose($fs);
	return $page;
}

//[23-7-2013] Written by Th3-822.
//[30-1-2014] Ephemeral account support removed, mega is not allowing anon users to generate public links. - Th3-822
//[15-4-2014] Fixed re-login error. - Th3-822
//[19-5-2016] Using OpenSSL where is possible for better login speed & Added free space check. - Th3-822

?>