loadheader( $get, $filters, $page ); } return; } /* Validate cookie, if it exists */ if(isset($_COOKIE["pass"])){ if( // check if key is not malformed preg_match( '/^k[0-9]+\.[A-Za-z0-9_]{20}$/', $_COOKIE["pass"] ) && // does key exist apcu_exists($_COOKIE["pass"]) ){ // exists, increment counter $inc = apcu_inc($_COOKIE["pass"]); // we start counting from 1 // when it has been incremented to 102, it has reached // 100 reqs if($inc >= config::MAX_SEARCHES + 2){ // reached limit, delete and give captcha apcu_delete($_COOKIE["pass"]); }else{ // the cookie is OK! dont die() and give results apcu_inc("real_requests"); if($output === true){ $frontend->loadheader( $get, $filters, $page ); } return; } } } if($output === false){ http_response_code(401); // forbidden echo json_encode([ "status" => "The \"pass\" token in your cookies is missing or has expired!!" ]); die(); } /* Validate form data */ $lines = explode( "\r\n", file_get_contents("php://input") ); $invalid = false; $answers = []; $key = false; $error = ""; foreach($lines as $line){ $line = explode("=", $line, 2); if(count($line) !== 2){ $invalid = true; break; } preg_match( '/^c\[([0-9]+)\]$/', $line[0], $regex ); if( $line[1] != "on" || !isset($regex[0][1]) ){ // check if its the v key if( $line[0] == "v" && preg_match( '/^c[0-9]+\.[A-Za-z0-9_]{20}$/', $line[1] ) ){ $key = apcu_fetch($line[1]); apcu_delete($line[1]); } break; } $regex = (int)$regex[1]; if( $regex >= 16 || $regex <= -1 ){ $invalid = true; break; } $answers[] = $regex; } if( !$invalid && $key !== false // has captcha been gen'd? ){ $check = count($key); // validate answer for($i=0; $irandomchars(); apcu_inc($key, 1, $stupid, 86400); apcu_inc("real_requests"); setcookie( "pass", $key, [ "expires" => time() + 86400, // expires in 24 hours "samesite" => "Lax", "path" => "/" ] ); $frontend->loadheader( $get, $filters, $page ); return; }else{ $error = "
You were kicked out of Mensa. Please try again.
"; } } $key = "c" . apcu_inc("captcha_gen", 1) . "." . $this->randomchars(); $payload = [ "timetaken" => microtime(true), "class" => "", "right-left" => "", "right-right" => "", "left" => '
' . '

IQ test

' . 'IQ test has been enabled due to bot abuse on the network.
' . 'Solving this IQ test will let you make 100 searches today. I will add an invite system to bypass this soon...' . $error . '
' . '
' . '
' . 'Captcha image' . '
' . '' . '' . '' . '' . '' . '' . '' . '' . '' . '' . '' . '' . '' . '' . '' . '' . '' . '' . '' . '' . '' . '' . '' . '' . '' . '' . '' . '' . '' . '' . '' . '' . '
' . '
' . '
' . '' . '' . '
' . '
' ]; $frontend->loadheader( $get, $filters, $page ); echo $frontend->load("search.html", $payload); die(); } private function randomchars(){ $chars = array_merge( range("A", "Z"), range("a", "z"), range(0, 9) ); $chars[] = "_"; $c = count($chars) - 1; $key = ""; for($i=0; $i<20; $i++){ $key .= $chars[random_int(0, $c)]; } return $key; } }