Psst.. new poll here.
Psst.. new forums here.
Microsoft is blocking us again (TY IP Reputation!) so just use oauth login instead. :)
Paste
Pasted as PHP by Tua zia ( 16 years ago )
<?php
/*
*
* @name game_update.php
* @package Obscure Intent Team
* @version $Id: game_update.php,v 1.1 2007/07/05 02:05:16 DarKnight Exp $
* @copyright (c) Obscure Intent Team
* @license http://opensource.org/licenses/gpl-license.php GNU Public License
*
*/
error_reporting( E_ALL );
ini_set( "display_errors", 1 );
$phpbb_root_path = './';
define('IN_PHPBB', true);
include($phpbb_root_path . 'extension.inc');
include($phpbb_root_path . 'common.'.$phpEx);
error_reporting( E_ALL );
ini_set( "display_errors", 1 );
$user->session_begin();
$auth->acl($userdata);
$user->setup();
if (!$userdata['is_registered'])
trigger_error( 'Solo gli utenti registrati possono giocare' );
$_Risposta = addslashes( $_REQUEST[ "a" ] );
$_livello = ( int ) $_REQUEST[ "l" ];
switch( $_livello )
{
case 0:
if( $user->data['livello_hg'] == 0 )
{
$sql = "UPDATE " . USERS_TABLE . " SET livello_hg = 1 WHERE user_id = '" . ( int )$user->data['user_id'] . "'";
$db -> sql_query( $sql );
Header( "Location: livello1.php" );
}
else
{
if( $user->data[ "livello_hg" ] == 12 )
{
Header( "Location: game_done.php" );
exit;
}
elseif( $user->data[ "livello_hg" ] > 9 && $user->data[ "livello_hg" ] < 12 )
$user->data[ "livello_hg" ] -= 2;
if ( $user->data[ "livello_hg" ] == 0 ) $user->data[ "livello_hg" ] = 1;
Header( "Location: livello" . $user->data[ "livello_hg" ] . ".php" );
}
break;
case 1:
if( $_Risposta == "sono0potente" )
{
$sql = "UPDATE " . USERS_TABLE . " SET livello_hg = 2 WHERE user_id = '" . ( int )$user->data['user_id'] . "'";
$db -> sql_query( $sql );
Header( "Location: livello2.php" );
}
else
Header( "Location: livello1.php" );
break;
case 2:
if( $_Risposta == "a3d11l1k1803M" )
{
$sql = "UPDATE " . USERS_TABLE . " SET livello_hg = 3 WHERE user_id = '" . ( int )$user->data['user_id'] . "'";
$db -> sql_query( $sql );
Header( "Location: livello3.php" );
}
else
Header( "Location: livello2.php" );
break;
case 3:
if( $_Risposta == "encomio" )
{
$sql = "UPDATE " . USERS_TABLE . " SET livello_hg = 4 WHERE user_id = '" . ( int )$user->data['user_id'] . "'";
$db -> sql_query( $sql );
Header( "Location: livello4.php" );
}
else
Header( "Location: livello3.php" );
break;
case 4:
if( $_Risposta == "h3llouser" )
{
$sql = "UPDATE " . USERS_TABLE . " SET livello_hg = 5 WHERE user_id = '" . ( int )$user->data['user_id'] . "'";
$db -> sql_query( $sql );
Header( "Location: livello5.php" );
}
else
Header( "Location: livello4.php" );
break;
case 5:
if( $_Risposta == "bongobingociao" )
{
$sql = "UPDATE " . USERS_TABLE . " SET livello_hg = 6 WHERE user_id = '" . ( int )$user->data['user_id'] . "'";
$db -> sql_query( $sql );
Header( "Location: livello6.php" );
}
else
Header( "Location: livello5.php" );
break;
case 6:
if( $_Risposta == "neocolonialistico" )
{
$sql = "UPDATE " . USERS_TABLE . " SET livello_hg = 7 WHERE user_id = '" . ( int )$user->data['user_id'] . "'";
$db -> sql_query( $sql );
Header( "Location: livello7.php" );
}
else
Header( "Location: livello6.php" );
break;
case 7:
if( $_Risposta == "sghr_hr_mns_sgd_qhfgs_oarr" )
{
$sql = "UPDATE " . USERS_TABLE . " SET livello_hg = 8 WHERE user_id = '" . ( int )$user->data['user_id'] . "'";
$db -> sql_query( $sql );
Header( "Location: livello8.php" );
}
elseif( $_Risposta == "this_is_not_the_right_pass" )
{
$sql = "UPDATE " . USERS_TABLE . " SET livello_hg = 4 WHERE user_id = '" . ( int )$user->data['user_id'] . "'";
$db -> sql_query( $sql );
echo "[removed]alert( 'Ti avevo avvisato che la password non era quella giusta! Retrocesso al livello 4!' );location.href='livello4.php';[removed]";
}
else
Header( "Location: livello7.php" );
break;
case 8:
if( $_Risposta == "degenerazione" )
{
$sql = "UPDATE " . USERS_TABLE . " SET livello_hg = 9 WHERE user_id = '" . ( int )$user->data['user_id'] . "'";
$db -> sql_query( $sql );
Header( "Location: livello9.php" );
}
else
Header( "Location: livello8.php" );
break;
case 9:
if( strtolower( $_Risposta ) == "union select pwd from hack_g where id_livello=9" OR
strtolower( $_Risposta ) == "union select pwd from hack_g where id_livello= 9" OR
strtolower( $_Risposta ) == "union select pwd from hack_g where id_livello =9" OR
strtolower( $_Risposta ) == "union select pwd from hack_g where id_livello = 9" )
{
$sql = "UPDATE " . USERS_TABLE . " SET livello_hg = 10 WHERE user_id = '" . ( int )$user->data['user_id'] . "'";
$db -> sql_query( $sql );
echo "[removed]alert( 'Ora f3319963720d2293ed504bb1f5c1c4a879147a34, ti conviene un bruteforce' );location.href='livello9.1.php';[removed]";
}
else
Header( "Location: livello9.php" );
break;
case 10:
if( $_Risposta == "dash" )
{
$sql = "UPDATE " . USERS_TABLE . " SET livello_hg = 11 WHERE user_id = '" . ( int )$user->data['user_id'] . "'";
$db -> sql_query( $sql );
Header( "Location: livello10.php" );
}
else
Header( "Location: livello9.1.php" );
break;
case 11:
if( $_Risposta == "ultima" )
{
$sql = "UPDATE " . USERS_TABLE . " SET livello_hg = 12 WHERE user_id = '" . ( int )$user->data['user_id'] . "'";
$db -> sql_query( $sql );
Header( "Location: game_done.php" );
}
else
Header( "Location: livello10.php" );
break;
}
?>
Revise this Paste