<!DOCTYPE HTML> <html> <head> </head> <body> <?php if ($_SERVER['REQUEST_METHOD'] == 'POST') { $email = $_POST['email']; $password = $_POST['password']; if (!$email || !$password) { echo 'Email and/or password can\' be empty'; } if ($email && $password) { addBooks($email, $password); } } ?> <h2>This will add 31 book codes to your account. Details are not stored.</h2> <form method="post" action="<?php echo htmlspecialchars($_SERVER["PHP_SELF"]);?>"> Email: <input type="text" name="email" value="<?php echo $email;?>"> <br><br> Password: <input type="password" name="password" value="<?php echo $password;?>"> <br><br> <input type="submit" name="submit" value="Submit"> </form> </body> </html> <?php function addBooks($user, $pass) { $codes = array('ABUCAST','ANNACAST','BALOOCAST','BUZZCAST','DORYCAST','FINDDORY4243','Finddory7373','FLOUNDERCAST','FROZEN305919','GASTONCAST','GOODDINO9228','INSIDEOUT596','KIDCUISINEFROZEN','KIDCUISINESTARWARS','MACQUACKCAST','MATERCAST','MAUICAST','MERIDACAST','NEMOCAST','NICKCAST','OLAFCAST','PIXAR1256473','Planes144748','PRINCESS4343','Princess6069','Princess8958','REXCAST','SULLYCAST','Toystory7054','Whisker90843','Zootopia6514'); $curl = curl_init(); curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($curl, CURLOPT_RETURNTRANSFER, true); curl_setopt($curl, CURLOPT_FOLLOWLOCATION, true); curl_setopt($curl, CURLOPT_USERAGENT, 'Mozilla/5.0 (Windows NT 6.1; WOW64; rv:51.0) Gecko/20100101 Firefox/51.0'); curl_setopt($curl, CURLOPT_CUSTOMREQUEST, 'POST'); curl_setopt($curl, CURLOPT_POSTFIELDS, null); curl_setopt($curl, CURLOPT_HEADER, true); curl_setopt($curl, CURLOPT_URL, 'https://registerdisney.go.com/jgc/v5/client/DCP-DISNEYSTORYCENTRAL.WEB-PROD/api-key?langPref=en-US'); $ret = curl_exec($curl); if (preg_match('/api-key: +(.*)/im', $ret, $regs)) { $api_key = $regs[1]; } curl_setopt($curl, CURLOPT_URL, 'https://ha.registerdisney.go.com/jgc/v5/client/DCP-DISNEYSTORYCENTRAL.WEB-PROD/guest/login?langPref=en-US'); curl_setopt($curl, CURLOPT_HTTPHEADER, array("Authorization: APIKEY {$api_key}", 'Content-type: application/json')); curl_setopt($curl, CURLOPT_HEADER, false); curl_setopt($curl, CURLOPT_POSTFIELDS, '{"loginValue":"'.$user.'","password":"'.$pass.'"}'); $ret = curl_exec($curl); $ret_arr = json_decode($ret, true); $firstname = $ret_arr['data']['profile']['firstName']; $lastname = $ret_arr['data']['profile']['lastName']; $swid = $ret_arr['data']['profile']['swid']; $swid = str_replace(array('{', '}'), '', $swid); $email = $ret_arr['data']['profile']['email']; curl_setopt($curl, CURLOPT_URL, 'https://disneystorycentral.com/rest/user/synchronize'); curl_setopt($curl, CURLOPT_POSTFIELDS, '{"firstname":"'.$firstname.'","lastname":"'.$lastname.'","swid":"'.$swid.'","email":"'.$email.'"}'); $ret = curl_exec($curl); $ret_arr = json_decode($ret, true); $userId = $ret_arr['didUser']['userId']; curl_setopt($curl, CURLOPT_URL, 'https://disneystorycentral.com/rest/users/'.$userId.'/profiles/'); curl_setopt($curl, CURLOPT_CUSTOMREQUEST, 'GET'); curl_setopt($curl, CURLOPT_POSTFIELDS, null); $ret = curl_exec($curl); $ret_arr = json_decode($ret, true); $profileId = $ret_arr[0]['profileId']; foreach ($codes as $codeValue) { curl_setopt($curl, CURLOPT_URL, 'https://disneystorycentral.com/rest/coderedemption/redeem/?locale=en_US&cachebuster='.rand(0,100000000)); curl_setopt($curl, CURLOPT_CUSTOMREQUEST, 'POST'); curl_setopt($curl, CURLOPT_POSTFIELDS, '{"codeValue":"'.$codeValue.'","itemBundleId":null,"itemIds":[],"userId":"'.$userId.'","profileId":"'.$profileId.'"}'); $ret = curl_exec($curl); } } ?>