-
Notifications
You must be signed in to change notification settings - Fork 8
/
macro2.php
50 lines (49 loc) · 1.22 KB
/
macro2.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
<?php
declare(strict_types=1);
/**
* MCCodes v2 by Dabomstew & ColdBlooded
*
* Repository: https://github.com/davemacaulay/mccodesv2
* License: MIT License
*/
$nohdr = 1;
global $db, $ir, $userid, $set, $domain;
require_once('globals.php');
if (!$set['validate_on'] || $ir['verified'])
{
echo 'What are you doing on this page? Go somewhere else.';
exit;
}
if (!isset($_POST['refer']) || !is_string($_POST['refer'])
|| !isset($_POST['captcha']) || !is_string($_POST['captcha']))
{
echo 'Invalid usage.';
exit;
}
$macro1_url =
"https://{$domain}/macro1.php?code=invalid&refer="
. urlencode(stripslashes($_POST['refer']));
if (!isset($_SESSION['captcha']))
{
header("Location: {$macro1_url}");
exit;
}
if ($_SESSION['captcha'] != stripslashes($_POST['captcha']))
{
header("Location: {$macro1_url}");
exit;
}
if (!isset($_POST['verf'])
|| !verify_csrf_code('validation', stripslashes($_POST['verf'])))
{
header("Location: {$macro1_url}");
exit;
}
$ref = $_POST['refer'];
unset($_SESSION['captcha']);
$dest_url = "https://{$domain}/{$ref}";
$db->query(
"UPDATE `users`
SET `verified` = 1
WHERE `userid` = {$userid}");
header("Location: {$dest_url}");