function databaseAddService($account_id, $service_name, $service_description, $identifier) { $identifier = stripAlphaNumeric($identifier); //register database $service_id = createService($account_id, $service_name, $service_description, "database", array('db_name' => $identifier, 'db_host' => "localhost", 'db_username' => 'root', 'db_password' => '')); return $service_id; }
function rootJail($service_id, $username) { global $config; //get the identifier $id = stripAlphaNumeric(getServiceParam($service_id, "id")); if ($id === false) { die("Error: identifier for this service has not been set!\n"); } //make sure it hasn't been jailed yet if (getServiceParam($service_id, "jail") !== false || getServiceParam($service_id, "jail_user") !== false || getServiceParam($service_id, "jail_path") !== false) { die("Error: target service already has jail settings!\n"); } //get service type $type = getServiceType($service_id); if ($type !== "ghost" && $type !== "minecraft" && $type !== "garena" && $type !== "channel") { //not a process-based service, seems like it can't be jailed? die("Error: service doesn't seem to be process-based (type={$type})!\n"); } //add the system user if not exists if (!file_exists("/home/{$username}/")) { rexec('adduser --disabled-password --gecos "" ' . escapeshellarg($username)); } //copy to own directory, and set permissions of result so that username is owner //we use cp to ensure proper handling of symlinks (PHP documentation doesn't guarantee this) $source_path = $config[$type . "_path"] . $id . "/"; $target_path = "/home/{$username}/{$id}/"; rexec("cp -r " . escapeshellarg($source_path) . " " . escapeshellarg($target_path)); rexec("chown -R " . escapeshellarg($username . ":" . $username) . " " . escapeshellarg($target_path)); //also, depending on the service, user might need to access files in the service_path directory //so set permissions on that as well rexec("chown -R " . escapeshellarg(":" . $username) . " " . escapeshellarg($source_path)); rexec("chmod -R 770 " . escapeshellarg($source_path)); //depending on the service type, we may wish to rewrite some configuration files if ($type == "ghost") { //the "maps" and "replays" directory should be changed over to use absolute path to the subdirectory of source // (since this is how include/ghost.php handles it) $escaped_source_path = str_replace(array('$', '/', '['), array('\\$', '\\/', '\\['), $source_path); rexec("sed -i " . escapeshellarg("s/bot_mappath = maps/bot_mappath = {$escaped_source_path}maps/") . " " . escapeshellarg($target_path . "default.cfg")); rexec("sed -i " . escapeshellarg("s/bot_replaypath = replays/bot_replaypath = {$escaped_source_path}replays/") . " " . escapeshellarg($target_path . "default.cfg")); } //update the jail settings setServiceParam($service_id, "jail", "1"); setServiceParam($service_id, "jail_user", $username); setServiceParam($service_id, "jail_path", $target_path); }
function minecraftStop($service_id, $restart = false) { global $config; //get the identifier $id = stripAlphaNumeric(getServiceParam($service_id, "id")); if ($id === false) { return "Error: failed to find identifier. Perhaps this isn't a minecraft service?"; } //make sure we are allowed to stop the bot if (!$restart) { $nostop = getServiceParam($service_id, "nostop"); if ($nostop) { return "Error: you are not allowed to stop this server. Use restart instead."; } } //get the pid $pid = stripAlphaNumeric(getServiceParam($service_id, "pid")); if ($pid === false || $pid == 0) { if ($restart) { return true; } else { return "Error: the server is already offline."; } } //stop the bot $jail = jailEnabled($service_id); if ($jail) { jailExecute($service_id, "kill {$pid}"); } else { //make sure PID is still of pychop $result = exec("cat /proc/{$pid}/cmdline"); if (stripos($result, 'minecraft') !== false) { exec("kill {$pid}"); } } //reset the pid setServiceParam($service_id, "pid", 0); return true; }
function channelSetDatabase($service_id, $db_settings) { global $config; //get the identifier $id = stripAlphaNumeric(getServiceParam($service_id, "id")); if ($id === false) { return false; } //reconfigure channelReconfigure($service_id, array('db_server' => $db_settings['server'], 'db_database' => $db_settings['name'], 'db_user' => $db_settings['username'], 'db_password' => $db_settings['password']), true); }
function garenaStop($service_id, $force = false, $restart = false) { global $config; //get the identifier $id = stripAlphaNumeric(getServiceParam($service_id, "id")); if ($id === false) { return "Error: failed to find identifier. Perhaps this isn't a Garena service?"; } if ($force) { //get the pid $pid = stripAlphaNumeric(getServiceParam($service_id, "pid")); if ($pid === false || $pid == 0) { if ($restart) { return true; } else { return "Error: the bot is already offline."; } } //stop the bot $jail = jailEnabled($service_id); if ($jail) { jailExecute($service_id, "kill {$pid}"); } else { //make sure PID is still of garena $result = exec("cat /proc/{$pid}/cmdline"); if (stripos($result, 'java') !== false) { exec("kill {$pid}"); } } } else { //try to send an rcon stop command $config = garenaGetConfiguration($service_id, false); $fail = true; if (isset($config['gcb_rcon']) && isset($config['rcon_password']) && isset($config['rcon_port']) && ($config['gcb_rcon'] == "true" || $config['gcb_rcon'] == "1")) { $socket = @fsockopen("localhost", $config['rcon_port'], $errno, $errstr, 5); if ($socket) { $status = @fwrite($socket, $config['rcon_password'] . "\n"); if ($status !== false) { fwrite($socket, "exit nicely\n"); sleep(1); socket_close($socket); $fail = false; } } } //if we failed to send, then force stop it if ($fail) { garenaStop($service_id, true, $restart); } } //reset the pid setServiceParam($service_id, "pid", 0); return true; }
function getStyle() { if (isset($_SESSION['style'])) { return stripAlphaNumeric($_SESSION['style']); } else { $config = $GLOBALS['config']; return stripAlphaNumeric($config['style']); } }
function jailExecuteBackground($service_id, $command) { global $config; //get the identifier $id = stripAlphaNumeric(getServiceParam($service_id, "id")); if ($id === false) { return; } $jail_user = getServiceParam($service_id, "jail_user"); return execBackground("sudo -u " . escapeshellarg($jail_user) . " sh -c " . escapeshellarg($command)); }
<?php include "include/common.php"; include "config.php"; include "include/db_connect.php"; include "include/session.php"; if (isset($_REQUEST['page'])) { $helpName = stripAlphaNumeric($_REQUEST['page']); } else { $helpName = "index"; } $helpPage = "doc/help/" . basename($helpName) . ".html"; if (file_exists($helpPage)) { get_page('help', array('helpName' => $helpName, 'helpPage' => $helpPage, 'helpContents' => file_get_contents($helpPage))); } else { get_page('message', array('title' => 'Error', 'message' => 'Requested help page could not be found.')); }
<?php include "include/common.php"; include "config.php"; include "include/db_connect.php"; include "include/session.php"; $file = "submit/" . stripAlphaNumeric($_REQUEST['file']); $filename = $_REQUEST['filename']; if (file_exists($file)) { header('Content-Description: File Transfer'); header('Content-Type: application/octet-stream'); header('Content-Disposition: attachment; filename=' . basename($filename)); header('Content-Transfer-Encoding: binary'); header('Expires: 0'); header('Cache-Control: must-revalidate'); header('Pragma: public'); header('Content-Length: ' . filesize($file)); ob_clean(); flush(); readfile($file); } else { echo "Error: file not found!"; }
function ghostSetDatabase($service_id, $db_settings) { global $config; //get the identifier $id = stripAlphaNumeric(getServiceParam($service_id, "id")); if ($id === false) { return false; } //read/write the configuration file $jail = jailEnabled($service_id); if ($jail) { jailFileOpen($service_id, "ghost", "default.cfg"); } $fin = fopen($config['ghost_path'] . $id . "/default.cfg", 'r'); $fout = fopen($config['ghost_path'] . $id . "/default.cfg_", 'w'); while (($buffer = fgets($fin, 4096)) !== false) { $buffer = trim($buffer); if (strpos($buffer, "db_mysql_database") !== false) { fwrite($fout, "db_mysql_database = {$db_settings['name']}\n"); } else { if (strpos($buffer, "db_mysql_server") !== false) { fwrite($fout, "db_mysql_server = {$db_settings['server']}\n"); } else { if (strpos($buffer, "db_mysql_user") !== false) { fwrite($fout, "db_mysql_user = {$db_settings['username']}\n"); } else { if (strpos($buffer, "db_mysql_password") !== false) { fwrite($fout, "db_mysql_password = {$db_settings['password']}\n"); } else { fwrite($fout, $buffer . "\n"); } } } } } fclose($fin); fclose($fout); rename($config['ghost_path'] . $id . "/default.cfg_", $config['ghost_path'] . $id . "/default.cfg"); if ($jail) { jailFileOpen($service_id, "ghost", "default.cfg", true); } }