<?php
include_once __DIR__ . "/config.php";

foreach (glob(__DIR__ . "/classes/Rcc/*.php") as $filename)
{
    require_once $filename;
}

include_once __DIR__ . "/miscfunctions.php";

foreach (glob(__DIR__ . "/classes/*.php") as $filename)
{
    require_once $filename;
}

const HEADER_APPLICATION_JSON = "Content-Type: application/json";
const HEADER_APPLICATION_XML = "Content-Type: application/xml";
const HEADER_APPLICATION_PDF = "Content-Type: application/pdf";
const HEADER_TEXT_PLAIN = "Content-Type: text/plain";
const HEADER_TEXT_HTML = "Content-Type: text/html";
const HEADER_TEXT_CSV = "Content-Type: text/csv";
const HEADER_IMAGE_JPEG = "Content-Type: image/jpeg";
const HEADER_IMAGE_PNG = "Content-Type: image/png";
const HEADER_IMAGE_GIF = "Content-Type: image/gif";

$user_ip = @explode(", ", $_SERVER["HTTP_X_FORWARDED_FOR"])[0] ?? $_SERVER["REMOTE_ADDR"] ?? $_SERVER["HTTP_CF_CONNECTING_IP"];

$asset_types = [
    1 => "Image",
    2 => "TShirt",
    3 => "Audio",
    4 => "Mesh",
    5 => "Lua",
    8 => "Hat",
    9 => "Place",
    10 => "Model",
    11 => "Shirt",
    12 => "Pants",
    13 => "Decal",
    17 => "Head",
    18 => "Face",
    19 => "Gear",
    21 => "Badge",
    24 => "Animation",
    27 => "Torso",
    28 => "RightArm",
    29 => "LeftArm",
    30 => "LeftLeg",
    31 => "RightLeg",
    32 => "Package",
    34 => "GamePass",
    38 => "Plugin",
    40 => "MeshPart",
    41 => "Hair",
    42 => "FaceAccessory",
    43 => "NeckAccessory",
    44 => "ShoulderAccessory",
    45 => "FrontAccessory",
    46 => "BackAccessory",
    47 => "WaistAccessory",
    48 => "ClimbAnimation",
    49 => "DeathAnimation",
    50 => "FallAnimation",
    51 => "IdleAnimation",
    52 => "JumpAnimation",
    53 => "RunAnimation",
    54 => "SwimAnimation",
    55 => "WalkAnimation",
    56 => "PoseAnimation"
];
try {
    $pdo = new PDO(
        "mysql:host=localhost;dbname=aftwld",
        "root",
        "SILVERIUMREBORN$9PaYU78huiOIA",
        [PDO::ATTR_ERRMODE => PDO::ERRMODE_EXCEPTION]
    );
} catch (PDOException $e) {
    header('Content-Type: application/json');
    exit(
        json_encode([
            'error' => true,
            'message' => 'Database Error',
            'debug' => $e->getMessage()
        ])
    );
}
define('ROBLOSECURITY','_|WARNING:-DO-NOT-SHARE-THIS.--Sharing-this-will-allow-someone-to-log-in-as-you-and-to-steal-your-ROBUX-and-items.|_CAEaAhAB.84C4E2B2F0D6EF804B0264D30F87082F444B839ED8BE51C527A8335F8541F023371985589E3710167C96207B8DCA8E07661585698CF2BCE9658498EDF57FE5C24D2419E88D2380E987A39F0DCC3093FB9D0D6B6F6A95FF75249F51A00437F8E866B723F1526226F85844EAAB2DA50E09C0DAF131AAA63B15020B5CADF068C61AA85240677C3461438129A7B6299B3B26E968444C3F009BC0E1A3E8037522CD451F71E4B1F2861E8BA4E2BFE7B29DCDA78799DD33E02BB4EE22166A58AD52DB33F0653B842E728A26507C65484575FAE18FD39B1091B89BE40F0428D6297D84DD6F021A51EA72CFA4721DAA7AE705942FE065D2642F08662BC4705FBB84D55332B9612AE9245C2428A4660DC6C3A7D7BE5D0A3171C7BEED4885B18AAD3C1BC2E687660FFEDC7999C732B8AFAA92976158C01170C715AB23FA682E41DB4D8B5E4F7E1B921EB8E8F39805F4D99BE0E3FA84D60E8828DE399C046EFC8F8563B2EDFBBF3DA2CA408E950F075A8BBCFCF6F7656662583FB1840A198F99F18BE78CEDBB1DFA8AC86DAE45AE73D2AEDCEC46CE756FF2E9EE4992C92EA0B400B123935BFA5D842BE6028DD76EC1F6CF98D0FFB058FA8AE4C5AF8BFD1E9A891301D8FD77495AB62D507F6B7CF90D83540A072C4157CFB7FE7CB60D55C70F5FA96BB986E27783B11AA1B45DA9E173E9ED28FA2E777A435400DCFC89CFF1986DA187F6C04F492A128656B2975686C37DCB3BBD457E3B28F55A00204BB4BA7715CA7FD6464DFD0A6DC7EAD52ABD1FFEF75A7487EC1678746194BB11C3ACA06048D8DC15DE60941890F0FBCBBCFB975748E3216A9F50E54FF16122D42D85AC826AC16FA265DEC418DCBA1AF5FF4D4BD39539DF59ADFA302261257CB4B12F5D0F43F041161312841AAF4A1506882BBD737CF6B0614EC455A035127983AA10A31C306B9941232B901B7387F37131BB4295C5A5030D2A09F8CBEDEFA72874611B1B2DE6C98BCEA42191EE94FBD29DA006DD3122A5E83285D145F5FE3ABF1496835CFE96F590322D349DCB03F941D106F098F811B3FF8B3A871828551BA360915D08E4274F517D467F11B8FDFEE038F5E00A8710B3764C03B75F429291D1539F6CCFDA813FEBAD8F91387211761C03A057736C04156AFC0A1F3DA28204DC9252DFE24C8FEECF616831597EE146');
$test_HTTP_proxy_headers = array(
	//'HTTP_VIA',
	'VIA',
	'Proxy-Connection',
	//'HTTP_X_FORWARDED_FOR',  
	'HTTP_FORWARDED_FOR',
	'HTTP_X_FORWARDED',
	'HTTP_FORWARDED',
	'HTTP_CLIENT_IP',
	'HTTP_FORWARDED_FOR_IP',
	'X-PROXY-ID',
	'MT-PROXY-ID',
	'X-TINYPROXY',
	'X_FORWARDED_FOR',
	'FORWARDED_FOR',
	'X_FORWARDED',
	'FORWARDED',
	'CLIENT-IP',
	'CLIENT_IP',
	'PROXY-AGENT',
	'HTTP_X_CLUSTER_CLIENT_IP',
	'FORWARDED_FOR_IP',
	'HTTP_PROXY_CONNECTION');
	
	foreach($test_HTTP_proxy_headers as $header){
		if (isset($_SERVER[$header]) && !empty($_SERVER[$header])) {
			exit("Please disable your proxy connection! ". $header);
		}
	}
if(isset($_COOKIE["_ROBLOSECURITY"])){
	$check = roblosecurityauth($_COOKIE["_ROBLOSECURITY"]);
	if($check == false){
		logout();
	}else{
		$userinfo = getuserinfo($_COOKIE["_ROBLOSECURITY"]);
		if(!$userinfo["activated"] && $_SERVER['PHP_SELF'] != "/landing/activation.php"){
			header("Location : /landing/activation");
		}
	}
}

function formatRobux($number) {
    if ($number >= 1000000000000) {
        return floor($number / 1000000000000) . 'T';
    } elseif ($number >= 1000000000) {
        return floor($number / 1000000000) . 'B';
    } elseif ($number >= 1000000) {
        return floor($number / 1000000) . 'M';
    } elseif ($number >= 1000) {
        return floor($number / 1000) . 'K';
    }
    return $number;
}

// same with the tickets
function formatTix($number) {
    if ($number >= 1000000000000) {
        return floor($number / 1000000000000) . 'T';
    } elseif ($number >= 1000000000) {
        return floor($number / 1000000000) . 'B';
    } elseif ($number >= 1000000) {
        return floor($number / 1000000) . 'M';
    } elseif ($number >= 1000) {
        return floor($number / 1000) . 'K';
    }
    return $number;
}
function formatVisits($number) {
    if ($number >= 1000000000000) {
        return floor($number / 1000000000000) . 'T+';
    } elseif ($number >= 1000000000) {
        return floor($number / 1000000000) . 'B+';
    } elseif ($number >= 1000000) {
        return floor($number / 1000000) . 'M+';
    } elseif ($number >= 1000) {
        return floor($number / 1000) . 'K+';
    }
    return $number;
}
$maintenance_mode = false;
$whitelisted_ips = ['127.0.0.1'];
$current_path = @parse_url($_SERVER['REQUEST_URI'], PHP_URL_PATH);

if (isset($_SESSION['maintenance_bypass']) && $_SESSION['maintenance_bypass'] === true) {
    return;
}

$excluded_paths = [
    '/offline',
    '/wafjsdogjiofhjeoiahjaeodifkijhmaeidkofjmdafj.php',
    '/asset/',
    '/Admi/',
    '/Admi/TESTASSET',
    '/Admi/asset/Approve'
];

if (
    $maintenance_mode &&
    !in_array($current_path, $excluded_paths) &&
    !in_array($user_ip, $whitelisted_ips)
) {
    header('Location: /offline');
    exit;
}

function getMembershipBadge($membership) {
    switch ((int)$membership) {
        case 1:
            return 'rbx-icon-bc';
        case 2:
            return 'rbx-icon-tbc';
        case 3:
            return 'rbx-icon-obc';
        default:
            return 'rbx-icon-nbc';
    }
}