Stand/api.stand.one/discord/include.php
2024-10-16 11:20:42 +08:00

133 lines
3.8 KiB
PHP

<?php
if(empty($_GET["link_token"]))
{
?>
<p>If you're reading this, your browser is <span>not executing Javascript</span>. Must suck to have such a shit browser. <a href="https://stand.gg/account/">Back to account management.</a></p>
<script>
if(localStorage.getItem("link_token"))
{
document.querySelector("p").textContent="Please wait...";
setTimeout(function()
{
document.querySelector("p").textContent="It's probably done already and you're just experiencing a bug with your browser.";
},3000);
location.href=location.href+"&link_token="+localStorage.getItem("link_token");
}
else
{
document.querySelector("span").textContent="probably not allowing cookies";
}
</script>
<?php
exit;
}
if(empty($_GET["code"]))
{
die("Discord should've given you a code. I have no idea how you ended up in this state.");
}
header("Cache-Control: private, no-cache, max-age=0");
require __DIR__."/../common/include.php";
$res = $db->query("SELECT `id`,`privilege`,`last_known_discord_id` FROM `accounts` WHERE `link_token`=? AND `suspended_for`=''", "s", $_GET["link_token"]);
if(count($res) == 0)
{
?>
<p>Token has expired. <a href="https://stand.sh/account/">Back to account management.</a></p>
<?php
exit;
}
antisharing_tallyAccountAccess($res[0]["id"]);
$db->query("UPDATE `accounts` SET `link_token`='' WHERE `id`=?", "s", $res[0]["id"]);
// https://discord.com/oauth2/authorize?scope=bot&permissions=8&client_id=842826387501088778
//$token = "ODQyODI2Mzg3NTAxMDg4Nzc4.G16W6z.2dZbn-sxhkpdjHJm90jGPtNjfetlCbiE0CM2Ec";
// https://discord.com/oauth2/authorize?scope=bot&permissions=8&client_id=1269083011673096245
$token = "MTI2OTA4MzAxMTY3MzA5NjI0NQ.GuBmJi.RXn6kGMYQyF2JKB9OxdhXzGhVSWgJqzk1tW2Bw";
$guild_id = "956618713157763072";
$roleid_toxic = "956618713157763075";
$roleid_sane = "956618713157763074";
$roleid_basic = "956618713157763073";
$roleid_nsfwban = "956618713157763078";
/*$guild_id = "1017775626180112465";
$roleid_toxic = "1017775626180112468";
$roleid_sane = "1017775626180112467";
$roleid_basic = "1017775626180112466";
$roleid_nsfwban = "1017775626180112471";*/
function addRole($user_id, $role_id)
{
global $guild_id, $token;
$ch = curl_init();
curl_setopt_array($ch, [
CURLOPT_URL => "https://discordapp.com/api/v6/guilds/{$guild_id}/members/{$user_id}/roles/".$role_id,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_CUSTOMREQUEST => "PUT",
CURLOPT_POST => true,
CURLOPT_POSTFIELDS => [],
CURLOPT_HTTPHEADER => [
"Authorization: Bot {$token}"
]
]);
curl_exec($ch);
curl_close($ch);
}
function removeRole($user_id, $role_id)
{
global $guild_id, $token;
$ch = curl_init();
curl_setopt_array($ch, [
CURLOPT_URL => "https://discordapp.com/api/v6/guilds/{$guild_id}/members/{$user_id}/roles/".$role_id,
CURLOPT_RETURNTRANSFER => true,
CURLOPT_CUSTOMREQUEST => "DELETE",
CURLOPT_POST => true,
CURLOPT_POSTFIELDS => [],
CURLOPT_HTTPHEADER => [
"Authorization: Bot {$token}"
]
]);
curl_exec($ch);
curl_close($ch);
}
$ch = curl_init();
curl_setopt_array($ch, [
CURLOPT_URL => "https://discordapp.com/api/v6/oauth2/token",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_POST => true,
CURLOPT_POSTFIELDS => [
"client_id" => "1269083011673096245",
"client_secret" => "-7U1hdv9DuWD-dD0jkfXkNvGT3pYzQ19",
"grant_type" => "authorization_code",
"code" => $_GET["code"],
"redirect_uri" => $redirect_uri
]
]);
$json = json_decode(curl_exec($ch), true);
curl_close($ch);
if(!isset($json["access_token"]))
{
die("Error 1");
}
$ch = curl_init();
curl_setopt_array($ch, [
CURLOPT_URL => "https://discordapp.com/api/v6/users/@me",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_HTTPHEADER => [
"Authorization: Bearer ".$json["access_token"]
]
]);
$user = json_decode(curl_exec($ch), true);
curl_close($ch);
if(!isset($user["id"]))
{
die("Error 2");
}