function AddAdmin($mask, $srv_mask, $a_name, $a_steam, $a_email, $a_password, $a_password2, $a_sg, $a_wg, $a_serverpass, $a_webname, $a_servername, $server, $singlesrv) { $objResponse = new xajaxResponse(); global $userbank, $username; if (!$userbank->HasAccess(ADMIN_OWNER | ADMIN_ADD_ADMINS)) { $objResponse->redirect("index.php?p=login&m=no_access", 0); $log = new CSystemLog("w", "Hacking Attempt", $username . " tried to add an admin, but doesnt have access."); return $objResponse; } $a_name = RemoveCode($a_name); $a_steam = RemoveCode($a_steam); $a_email = RemoveCode($a_email); $a_servername = $a_servername == "0" ? null : RemoveCode($a_servername); $a_webname = RemoveCode($a_webname); $mask = (int) $mask; $error = 0; //No name if (empty($a_name)) { $error++; $objResponse->addAssign("name.msg", "innerHTML", "You must type a name for the admin."); $objResponse->addScript("\$('name.msg').setStyle('display', 'block');"); } else { if (strstr($a_name, "'")) { $error++; $objResponse->addAssign("name.msg", "innerHTML", "An admin name can not contain a \" ' \"."); $objResponse->addScript("\$('name.msg').setStyle('display', 'block');"); } else { if (is_taken("admins", "user", $a_name)) { $error++; $objResponse->addAssign("name.msg", "innerHTML", "An admin with this name already exists"); $objResponse->addScript("\$('name.msg').setStyle('display', 'block');"); } else { $objResponse->addAssign("name.msg", "innerHTML", ""); $objResponse->addScript("\$('name.msg').setStyle('display', 'none');"); } } } // If they didnt type a steamid if (empty($a_steam) || strlen($a_steam) < 10) { $error++; $objResponse->addAssign("steam.msg", "innerHTML", "You must type a Steam ID or Community ID for the admin."); $objResponse->addScript("\$('steam.msg').setStyle('display', 'block');"); } else { // Validate the steamid or fetch it from the community id if (!is_numeric($a_steam) && !validate_steam($a_steam) || is_numeric($a_steam) && (strlen($a_steam) < 15 || !validate_steam($a_steam = FriendIDToSteamID($a_steam)))) { $error++; $objResponse->addAssign("steam.msg", "innerHTML", "Please enter a valid Steam ID or Community ID."); $objResponse->addScript("\$('steam.msg').setStyle('display', 'block');"); } else { if (is_taken("admins", "authid", $a_steam)) { $admins = $userbank->GetAllAdmins(); foreach ($admins as $admin) { if ($admin['authid'] == $a_steam) { $name = $admin['user']; break; } } $error++; $objResponse->addAssign("steam.msg", "innerHTML", "Admin " . htmlspecialchars(addslashes($name)) . " already uses this Steam ID."); $objResponse->addScript("\$('steam.msg').setStyle('display', 'block');"); } else { $objResponse->addAssign("steam.msg", "innerHTML", ""); $objResponse->addScript("\$('steam.msg').setStyle('display', 'none');"); } } } // No email if (empty($a_email)) { // An E-Mail address is only required for users with web permissions. if ($mask != 0) { $error++; $objResponse->addAssign("email.msg", "innerHTML", "You must type an e-mail address."); $objResponse->addScript("\$('email.msg').setStyle('display', 'block');"); } } else { // Is an other admin already registred with that email address? if (is_taken("admins", "email", $a_email)) { $admins = $userbank->GetAllAdmins(); foreach ($admins as $admin) { if ($admin['email'] == $a_email) { $name = $admin['user']; break; } } $error++; $objResponse->addAssign("email.msg", "innerHTML", "This email address is already being used by " . htmlspecialchars(addslashes($name)) . "."); $objResponse->addScript("\$('email.msg').setStyle('display', 'block');"); } else { $objResponse->addAssign("email.msg", "innerHTML", ""); $objResponse->addScript("\$('email.msg').setStyle('display', 'none');"); /* if(!validate_email($a_email)) { $error++; $objResponse->addAssign("email.msg", "innerHTML", "Please enter a valid email address."); $objResponse->addScript("$('email.msg').setStyle('display', 'block');"); } else { $objResponse->addAssign("email.msg", "innerHTML", ""); $objResponse->addScript("$('email.msg').setStyle('display', 'none');"); }*/ } } // no pass if (empty($a_password)) { // A password is only required for users with web permissions. if ($mask != 0) { $error++; $objResponse->addAssign("password.msg", "innerHTML", "You must type a password."); $objResponse->addScript("\$('password.msg').setStyle('display', 'block');"); } } else { if (strlen($a_password) < MIN_PASS_LENGTH) { $error++; $objResponse->addAssign("password.msg", "innerHTML", "Your password must be at-least " . MIN_PASS_LENGTH . " characters long."); $objResponse->addScript("\$('password.msg').setStyle('display', 'block');"); } else { $objResponse->addAssign("password.msg", "innerHTML", ""); $objResponse->addScript("\$('password.msg').setStyle('display', 'none');"); // No confirmation typed if (empty($a_password2)) { $error++; $objResponse->addAssign("password2.msg", "innerHTML", "You must confirm the password"); $objResponse->addScript("\$('password2.msg').setStyle('display', 'block');"); } else { if ($a_password != $a_password2) { $error++; $objResponse->addAssign("password2.msg", "innerHTML", "Your passwords don't match"); $objResponse->addScript("\$('password2.msg').setStyle('display', 'block');"); } else { $objResponse->addAssign("password2.msg", "innerHTML", ""); $objResponse->addScript("\$('password2.msg').setStyle('display', 'none');"); } } } } // Choose to use a server password if ($a_serverpass != "-1") { // No password given? if (empty($a_serverpass)) { $error++; $objResponse->addAssign("a_serverpass.msg", "innerHTML", "You must type a server password or uncheck the box."); $objResponse->addScript("\$('a_serverpass.msg').setStyle('display', 'block');"); } else { if (strlen($a_serverpass) < MIN_PASS_LENGTH) { $error++; $objResponse->addAssign("a_serverpass.msg", "innerHTML", "Your password must be at-least " . MIN_PASS_LENGTH . " characters long."); $objResponse->addScript("\$('a_serverpass.msg').setStyle('display', 'block');"); } else { $objResponse->addAssign("a_serverpass.msg", "innerHTML", ""); $objResponse->addScript("\$('a_serverpass.msg').setStyle('display', 'none');"); } } } else { $objResponse->addAssign("a_serverpass.msg", "innerHTML", ""); $objResponse->addScript("\$('a_serverpass.msg').setStyle('display', 'none');"); // Don't set "-1" as password ;) $a_serverpass = ""; } // didn't choose a server group if ($a_sg == "-2") { $error++; $objResponse->addAssign("server.msg", "innerHTML", "You must choose a group."); $objResponse->addScript("\$('server.msg').setStyle('display', 'block');"); } else { $objResponse->addAssign("server.msg", "innerHTML", ""); $objResponse->addScript("\$('server.msg').setStyle('display', 'none');"); } // chose to create a new server group if ($a_sg == 'n') { // didn't type a name if (empty($a_servername)) { $error++; $objResponse->addAssign("servername_err", "innerHTML", "You need to type a name for the new group."); $objResponse->addScript("\$('servername_err').setStyle('display', 'block');"); } else { if (strstr($a_servername, ',')) { $error++; $objResponse->addAssign("servername_err", "innerHTML", "Group name cannot contain a ','"); $objResponse->addScript("\$('servername_err').setStyle('display', 'block');"); } else { $objResponse->addAssign("servername_err", "innerHTML", ""); $objResponse->addScript("\$('servername_err').setStyle('display', 'none');"); } } } // didn't choose a web group if ($a_wg == "-2") { $error++; $objResponse->addAssign("web.msg", "innerHTML", "You must choose a group."); $objResponse->addScript("\$('web.msg').setStyle('display', 'block');"); } else { $objResponse->addAssign("web.msg", "innerHTML", ""); $objResponse->addScript("\$('web.msg').setStyle('display', 'none');"); } // Choose to create a new webgroup if ($a_wg == 'n') { // But didn't type a name if (empty($a_webname)) { $error++; $objResponse->addAssign("webname_err", "innerHTML", "You need to type a name for the new group."); $objResponse->addScript("\$('webname_err').setStyle('display', 'block');"); } else { if (strstr($a_webname, ',')) { $error++; $objResponse->addAssign("webname_err", "innerHTML", "Group name cannot contain a ','"); $objResponse->addScript("\$('webname_err').setStyle('display', 'block');"); } else { $objResponse->addAssign("webname_err", "innerHTML", ""); $objResponse->addScript("\$('webname_err').setStyle('display', 'none');"); } } } // Ohnoes! something went wrong, stop and show errs if ($error) { ShowBox_ajx("Error", "There are some errors in your input. Please correct them.", "red", "", true, $objResponse); return $objResponse; } // ############################################################## // ## Start adding to DB ## // ############################################################## $gid = 0; $groupID = 0; $inGroup = false; $wgid = NextAid(); $immunity = 0; // Extract immunity from server mask string if (strstr($srv_mask, "#")) { $immunity = "0"; $immunity = substr($srv_mask, strpos($srv_mask, "#") + 1); $srv_mask = substr($srv_mask, 0, strlen($srv_mask) - strlen($immunity) - 1); } // Avoid negative immunity $immunity = $immunity > 0 ? $immunity : 0; // Handle Webpermissions // Chose to create a new webgroup if ($a_wg == 'n') { $add_webgroup = $GLOBALS['db']->Execute("INSERT INTO " . DB_PREFIX . "_groups(type, name, flags)\r\n\t\t\t\t\t\t\t\t\t\tVALUES (?,?,?)", array(1, $a_webname, $mask)); $web_group = (int) $GLOBALS['db']->Insert_ID(); // We added those permissons to the group, so don't add them as custom permissions again $mask = 0; } else { if ($a_wg != 'c' && $a_wg > 0) { $web_group = (int) $a_wg; } else { $web_group = -1; } } // Handle Serverpermissions // Chose to create a new server admin group if ($a_sg == 'n') { $add_servergroup = $GLOBALS['db']->Execute("INSERT INTO " . DB_PREFIX . "_srvgroups(immunity, flags, name, groups_immune)\r\n\t\t\t\t\tVALUES (?,?,?,?)", array($immunity, $srv_mask, $a_servername, " ")); $server_admin_group = $a_servername; $server_admin_group_int = (int) $GLOBALS['db']->Insert_ID(); // We added those permissons to the group, so don't add them as custom permissions again $srv_mask = ""; } else { if ($a_sg != 'c' && $a_sg > 0) { $server_admin_group = $GLOBALS['db']->GetOne("SELECT `name` FROM " . DB_PREFIX . "_srvgroups WHERE id = '" . (int) $a_sg . "'"); $server_admin_group_int = (int) $a_sg; } else { $server_admin_group = ""; $server_admin_group_int = -1; } } // Add the admin $aid = $userbank->AddAdmin($a_name, $a_steam, $a_password, $a_email, $web_group, $mask, $server_admin_group, $srv_mask, $immunity, $a_serverpass); if ($aid > -1) { // Grant permissions to the selected server groups $srv_groups = explode(",", $server); $addtosrvgrp = $GLOBALS['db']->Prepare("INSERT INTO " . DB_PREFIX . "_admins_servers_groups(admin_id,group_id,srv_group_id,server_id) VALUES (?,?,?,?)"); foreach ($srv_groups as $srv_group) { if (!empty($srv_group)) { $GLOBALS['db']->Execute($addtosrvgrp, array($aid, $server_admin_group_int, substr($srv_group, 1), '-1')); } } // Grant permissions to individual servers $srv_arr = explode(",", $singlesrv); $addtosrv = $GLOBALS['db']->Prepare("INSERT INTO " . DB_PREFIX . "_admins_servers_groups(admin_id,group_id,srv_group_id,server_id) VALUES (?,?,?,?)"); foreach ($srv_arr as $server) { if (!empty($server)) { $GLOBALS['db']->Execute($addtosrv, array($aid, $server_admin_group_int, '-1', substr($server, 1))); } } if (isset($GLOBALS['config']['config.enableadminrehashing']) && $GLOBALS['config']['config.enableadminrehashing'] == 1) { // rehash the admins on the servers $serveraccessq = $GLOBALS['db']->GetAll("SELECT s.sid FROM `" . DB_PREFIX . "_servers` s\r\n\t\t\t\t\t\t\t\t\t\t\t\tLEFT JOIN `" . DB_PREFIX . "_admins_servers_groups` asg ON asg.admin_id = '" . (int) $aid . "'\r\n\t\t\t\t\t\t\t\t\t\t\t\tLEFT JOIN `" . DB_PREFIX . "_servers_groups` sg ON sg.group_id = asg.srv_group_id\r\n\t\t\t\t\t\t\t\t\t\t\t\tWHERE ((asg.server_id != '-1' AND asg.srv_group_id = '-1')\r\n\t\t\t\t\t\t\t\t\t\t\t\tOR (asg.srv_group_id != '-1' AND asg.server_id = '-1'))\r\n\t\t\t\t\t\t\t\t\t\t\t\tAND (s.sid IN(asg.server_id) OR s.sid IN(sg.server_id)) AND s.enabled = 1"); $allservers = array(); foreach ($serveraccessq as $access) { if (!in_array($access['sid'], $allservers)) { $allservers[] = $access['sid']; } } $objResponse->addScript("ShowRehashBox('" . implode(",", $allservers) . "','Admin Added', 'The admin has been added successfully', 'green', 'index.php?p=admin&c=admins');TabToReload();"); } else { $objResponse->addScript("ShowBox('Admin Added', 'The admin has been added successfully', 'green', 'index.php?p=admin&c=admins');TabToReload();"); } $log = new CSystemLog("m", "Admin added", "Admin (" . $a_name . ") has been added"); return $objResponse; } else { $objResponse->addScript("ShowBox('User NOT Added', 'The admin failed to be added to the database. Check the logs for any SQL errors.', 'red', 'index.php?p=admin&c=admins');"); } }
function AddAdmin($mask, $srv_mask, $a_name, $a_steam, $a_email, $a_password, $a_password2, $a_sg, $a_wg, $a_serverpass, $a_webname, $a_servername, $server, $singlesrv) { $objResponse = new xajaxResponse(); global $userbank, $username; if (!$userbank->HasAccess(ADMIN_OWNER | ADMIN_ADD_ADMINS)) { $objResponse->redirect("index.php?p=login&m=no_access", 0); $log = new CSystemLog("w", "Ошибка доступа", $username . " пытался добавить админа, не имея на то прав."); return $objResponse; } $a_name = RemoveCode($a_name); $a_steam = RemoveCode($a_steam); $a_email = RemoveCode($a_email); $a_servername = $a_servername == "0" ? null : RemoveCode($a_servername); $a_webname = RemoveCode($a_webname); $mask = (int) $mask; $error = 0; //No name if (empty($a_name)) { $error++; $objResponse->addAssign("name.msg", "innerHTML", "Введите имя админа."); $objResponse->addScript("\$('name.msg').setStyle('display', 'block');"); } else { if (strstr($a_name, "'")) { $error++; $objResponse->addAssign("name.msg", "innerHTML", "Имя админа не должно содержать символы \" ' \"."); $objResponse->addScript("\$('name.msg').setStyle('display', 'block');"); } else { if (is_taken("admins", "user", $a_name)) { $error++; $objResponse->addAssign("name.msg", "innerHTML", "Имя уже существует"); $objResponse->addScript("\$('name.msg').setStyle('display', 'block');"); } else { $objResponse->addAssign("name.msg", "innerHTML", ""); $objResponse->addScript("\$('name.msg').setStyle('display', 'none');"); } } } // If they didnt type a steamid if (empty($a_steam) || strlen($a_steam) < 10) { $error++; $objResponse->addAssign("steam.msg", "innerHTML", "Введите Steam ID или Community ID админа."); $objResponse->addScript("\$('steam.msg').setStyle('display', 'block');"); } else { // Validate the steamid or fetch it from the community id if (!is_numeric($a_steam) && !validate_steam($a_steam) || is_numeric($a_steam) && (strlen($a_steam) < 15 || !validate_steam($a_steam = FriendIDToSteamID($a_steam)))) { $error++; $objResponse->addAssign("steam.msg", "innerHTML", "Введите действительный Steam ID или Community ID."); $objResponse->addScript("\$('steam.msg').setStyle('display', 'block');"); } else { if (is_taken("admins", "authid", $a_steam)) { $admins = $userbank->GetAllAdmins(); foreach ($admins as $admin) { if ($admin['authid'] == $a_steam) { $name = $admin['user']; break; } } $error++; $objResponse->addAssign("steam.msg", "innerHTML", "Этот Steam ID уже используется админом " . htmlspecialchars(addslashes($name)) . " ."); $objResponse->addScript("\$('steam.msg').setStyle('display', 'block');"); } else { $objResponse->addAssign("steam.msg", "innerHTML", ""); $objResponse->addScript("\$('steam.msg').setStyle('display', 'none');"); } } } // No email if (empty($a_email)) { // An E-Mail address is only required for users with web permissions. if ($mask != 0) { $error++; $objResponse->addAssign("email.msg", "innerHTML", "Введите адрес e-mail."); $objResponse->addScript("\$('email.msg').setStyle('display', 'block');"); } } else { // Is an other admin already registred with that email address? if (is_taken("admins", "email", $a_email)) { $admins = $userbank->GetAllAdmins(); foreach ($admins as $admin) { if ($admin['email'] == $a_email) { $name = $admin['user']; break; } } $error++; $objResponse->addAssign("email.msg", "innerHTML", "Этот e-mail уже используется админом " . htmlspecialchars(addslashes($name)) . "."); $objResponse->addScript("\$('email.msg').setStyle('display', 'block');"); } else { $objResponse->addAssign("email.msg", "innerHTML", ""); $objResponse->addScript("\$('email.msg').setStyle('display', 'none');"); /* if(!validate_email($a_email)) { $error++; $objResponse->addAssign("email.msg", "innerHTML", "Please enter a valid email address."); $objResponse->addScript("$('email.msg').setStyle('display', 'block');"); } else { $objResponse->addAssign("email.msg", "innerHTML", ""); $objResponse->addScript("$('email.msg').setStyle('display', 'none');"); }*/ } } // no pass if (empty($a_password)) { // A password is only required for users with web permissions. if ($mask != 0) { $error++; $objResponse->addAssign("password.msg", "innerHTML", "Введите пароль."); $objResponse->addScript("\$('password.msg').setStyle('display', 'block');"); } } else { if (strlen($a_password) < MIN_PASS_LENGTH) { $error++; $objResponse->addAssign("password.msg", "innerHTML", "Длина пароля не менее " . MIN_PASS_LENGTH . " символов."); $objResponse->addScript("\$('password.msg').setStyle('display', 'block');"); } else { $objResponse->addAssign("password.msg", "innerHTML", ""); $objResponse->addScript("\$('password.msg').setStyle('display', 'none');"); // No confirmation typed if (empty($a_password2)) { $error++; $objResponse->addAssign("password2.msg", "innerHTML", "Подтвердите пароль"); $objResponse->addScript("\$('password2.msg').setStyle('display', 'block');"); } else { if ($a_password != $a_password2) { $error++; $objResponse->addAssign("password2.msg", "innerHTML", "Пароли не соответствуют"); $objResponse->addScript("\$('password2.msg').setStyle('display', 'block');"); } else { $objResponse->addAssign("password2.msg", "innerHTML", ""); $objResponse->addScript("\$('password2.msg').setStyle('display', 'none');"); } } } } // Choose to use a server password if ($a_serverpass != "-1") { // No password given? if (empty($a_serverpass)) { $error++; $objResponse->addAssign("a_serverpass.msg", "innerHTML", "Введите пароль сервера, либо снимите галочку."); $objResponse->addScript("\$('a_serverpass.msg').setStyle('display', 'block');"); } else { if (strlen($a_serverpass) < MIN_PASS_LENGTH) { $error++; $objResponse->addAssign("a_serverpass.msg", "innerHTML", "Длина пароля не менее " . MIN_PASS_LENGTH . " символов."); $objResponse->addScript("\$('a_serverpass.msg').setStyle('display', 'block');"); } else { $objResponse->addAssign("a_serverpass.msg", "innerHTML", ""); $objResponse->addScript("\$('a_serverpass.msg').setStyle('display', 'none');"); } } } else { $objResponse->addAssign("a_serverpass.msg", "innerHTML", ""); $objResponse->addScript("\$('a_serverpass.msg').setStyle('display', 'none');"); // Don't set "-1" as password ;) $a_serverpass = ""; } // didn't choose a server group if ($a_sg == "-2") { $error++; $objResponse->addAssign("server.msg", "innerHTML", "Выберите группу."); $objResponse->addScript("\$('server.msg').setStyle('display', 'block');"); } else { $objResponse->addAssign("server.msg", "innerHTML", ""); $objResponse->addScript("\$('server.msg').setStyle('display', 'none');"); } // chose to create a new server group if ($a_sg == 'n') { // didn't type a name if (empty($a_servername)) { $error++; $objResponse->addAssign("servername_err", "innerHTML", "Введите имя новой группы."); $objResponse->addScript("\$('servername_err').setStyle('display', 'block');"); } else { if (strstr($a_servername, ',')) { $error++; $objResponse->addAssign("servername_err", "innerHTML", "Имя группы не может содержать запятую ','"); $objResponse->addScript("\$('servername_err').setStyle('display', 'block');"); } else { $objResponse->addAssign("servername_err", "innerHTML", ""); $objResponse->addScript("\$('servername_err').setStyle('display', 'none');"); } } } // didn't choose a web group if ($a_wg == "-2") { $error++; $objResponse->addAssign("web.msg", "innerHTML", "Выберите группу."); $objResponse->addScript("\$('web.msg').setStyle('display', 'block');"); } else { $objResponse->addAssign("web.msg", "innerHTML", ""); $objResponse->addScript("\$('web.msg').setStyle('display', 'none');"); } // Choose to create a new webgroup if ($a_wg == 'n') { // But didn't type a name if (empty($a_webname)) { $error++; $objResponse->addAssign("webname_err", "innerHTML", "Введите имя новой группы."); $objResponse->addScript("\$('webname_err').setStyle('display', 'block');"); } else { if (strstr($a_webname, ',')) { $error++; $objResponse->addAssign("webname_err", "innerHTML", "Имя группы не может содержать запятую ','"); $objResponse->addScript("\$('webname_err').setStyle('display', 'block');"); } else { $objResponse->addAssign("webname_err", "innerHTML", ""); $objResponse->addScript("\$('webname_err').setStyle('display', 'none');"); } } } // Ohnoes! something went wrong, stop and show errs if ($error) { ShowBox_ajx("Error", "Допущены ошибки. Пожалуйста, исправьте их.", "red", "", true, $objResponse); return $objResponse; } // ############################################################## // ## Start adding to DB ## // ############################################################## $gid = 0; $groupID = 0; $inGroup = false; $wgid = NextAid(); $immunity = 0; // Extract immunity from server mask string if (strstr($srv_mask, "#")) { $immunity = "0"; $immunity = substr($srv_mask, strpos($srv_mask, "#") + 1); $srv_mask = substr($srv_mask, 0, strlen($srv_mask) - strlen($immunity) - 1); } // Avoid negative immunity $immunity = $immunity > 0 ? $immunity : 0; // Handle Webpermissions // Chose to create a new webgroup if ($a_wg == 'n') { $add_webgroup = $GLOBALS['db']->Execute("INSERT INTO " . DB_PREFIX . "_groups(type, name, flags)\r\n\t\t\t\t\t\t\t\t\t\tVALUES (?,?,?)", array(1, $a_webname, $mask)); $web_group = (int) $GLOBALS['db']->Insert_ID(); // We added those permissons to the group, so don't add them as custom permissions again $mask = 0; } else { if ($a_wg != 'c' && $a_wg > 0) { $web_group = (int) $a_wg; } else { $web_group = -1; } } // Handle Serverpermissions // Chose to create a new server admin group if ($a_sg == 'n') { $add_servergroup = $GLOBALS['db']->Execute("INSERT INTO " . DB_PREFIX . "_srvgroups(immunity, flags, name, groups_immune)\r\n\t\t\t\t\tVALUES (?,?,?,?)", array($immunity, $srv_mask, $a_servername, " ")); $server_admin_group = $a_servername; $server_admin_group_int = (int) $GLOBALS['db']->Insert_ID(); // We added those permissons to the group, so don't add them as custom permissions again $srv_mask = ""; } else { if ($a_sg != 'c' && $a_sg > 0) { $server_admin_group = $GLOBALS['db']->GetOne("SELECT `name` FROM " . DB_PREFIX . "_srvgroups WHERE id = '" . (int) $a_sg . "'"); $server_admin_group_int = (int) $a_sg; } else { $server_admin_group = ""; $server_admin_group_int = -1; } } // Add the admin $aid = $userbank->AddAdmin($a_name, $a_steam, $a_password, $a_email, $web_group, $mask, $server_admin_group, $srv_mask, $immunity, $a_serverpass); if ($aid > -1) { // Grant permissions to the selected server groups $srv_groups = explode(",", $server); $addtosrvgrp = $GLOBALS['db']->Prepare("INSERT INTO " . DB_PREFIX . "_admins_servers_groups(admin_id,group_id,srv_group_id,server_id) VALUES (?,?,?,?)"); foreach ($srv_groups as $srv_group) { if (!empty($srv_group)) { $GLOBALS['db']->Execute($addtosrvgrp, array($aid, $server_admin_group_int, substr($srv_group, 1), '-1')); } } // Grant permissions to individual servers $srv_arr = explode(",", $singlesrv); $addtosrv = $GLOBALS['db']->Prepare("INSERT INTO " . DB_PREFIX . "_admins_servers_groups(admin_id,group_id,srv_group_id,server_id) VALUES (?,?,?,?)"); foreach ($srv_arr as $server) { if (!empty($server)) { $GLOBALS['db']->Execute($addtosrv, array($aid, $server_admin_group_int, '-1', substr($server, 1))); } } if (isset($GLOBALS['config']['config.enableadminrehashing']) && $GLOBALS['config']['config.enableadminrehashing'] == 1) { // rehash the admins on the servers $serveraccessq = $GLOBALS['db']->GetAll("SELECT s.sid FROM `" . DB_PREFIX . "_servers` s\r\n\t\t\t\t\t\t\t\t\t\t\t\tLEFT JOIN `" . DB_PREFIX . "_admins_servers_groups` asg ON asg.admin_id = '" . (int) $aid . "'\r\n\t\t\t\t\t\t\t\t\t\t\t\tLEFT JOIN `" . DB_PREFIX . "_servers_groups` sg ON sg.group_id = asg.srv_group_id\r\n\t\t\t\t\t\t\t\t\t\t\t\tWHERE ((asg.server_id != '-1' AND asg.srv_group_id = '-1')\r\n\t\t\t\t\t\t\t\t\t\t\t\tOR (asg.srv_group_id != '-1' AND asg.server_id = '-1'))\r\n\t\t\t\t\t\t\t\t\t\t\t\tAND (s.sid IN(asg.server_id) OR s.sid IN(sg.server_id)) AND s.enabled = 1"); $allservers = array(); foreach ($serveraccessq as $access) { if (!in_array($access['sid'], $allservers)) { $allservers[] = $access['sid']; } } $objResponse->addScript("ShowRehashBox('" . implode(",", $allservers) . "','Админ добавлен', 'Админ успешно добавлен', 'green', 'index.php?p=admin&c=admins');TabToReload();"); } else { $objResponse->addScript("ShowBox('Админ добавлен', 'Админ успешно добавлен', 'green', 'index.php?p=admin&c=admins');TabToReload();"); } $log = new CSystemLog("m", "Админ добавлен", "Админ (" . $a_name . ") добавлен"); return $objResponse; } else { $objResponse->addScript("ShowBox('Пользователь не добавлен', 'Ошибка при добавлении админа в базу. Проверьте лог на наличие SQL ошибок.', 'red', 'index.php?p=admin&c=admins');"); } }