Ejemplo n.º 1
1
function BlockPlayer($check, $sid, $num, $type, $length)
{
    $objResponse = new xajaxResponse();
    global $userbank, $username;
    $sid = (int) $sid;
    $length = (int) $length;
    if (!$userbank->HasAccess(ADMIN_OWNER | ADMIN_ADD_BAN)) {
        $objResponse->redirect("index.php?p=login&m=no_access", 0);
        $log = new CSystemLog("w", "Hacking Attempt", $username . " tried to process a playerblock, but doesnt have access.");
        return $objResponse;
    }
    //get the server data
    $sdata = $GLOBALS['db']->GetRow("SELECT ip, port, rcon FROM " . DB_PREFIX . "_servers WHERE sid = '" . $sid . "';");
    //test if server is online
    if ($test = @fsockopen($sdata['ip'], $sdata['port'], $errno, $errstr, 2)) {
        @fclose($test);
        require_once INCLUDES_PATH . "/CServerRcon.php";
        $r = new CServerRcon($sdata['ip'], $sdata['port'], $sdata['rcon']);
        if (!$r->Auth()) {
            $GLOBALS['db']->Execute("UPDATE " . DB_PREFIX . "_servers SET rcon = '' WHERE sid = '" . $sid . "' LIMIT 1;");
            $objResponse->addAssign("srv_{$num}", "innerHTML", "<font color='red' size='1'>Wrong RCON Password, please change!</font>");
            $objResponse->addScript('set_counter(1);');
            return $objResponse;
        }
        $ret = $r->rconCommand("status");
        // show hostname instead of the ip, but leave the ip in the title
        require_once "../includes/system-functions.php";
        $hostsearch = preg_match_all('/hostname:[ ]*(.+)/', $ret, $hostname, PREG_PATTERN_ORDER);
        $hostname = trunc(htmlspecialchars($hostname[1][0]), 25, false);
        if (!empty($hostname)) {
            $objResponse->addAssign("srvip_{$num}", "innerHTML", "<font size='1'><span title='" . $sdata['ip'] . ":" . $sdata['port'] . "'>" . $hostname . "</span></font>");
        }
        $gothim = false;
        $search = preg_match_all(STATUS_PARSE, $ret, $matches, PREG_PATTERN_ORDER);
        //search for the steamid on the server
        foreach ($matches[3] as $match) {
            if (substr($match, 8) == substr($check, 8)) {
                // gotcha!!! kick him!
                $gothim = true;
                $GLOBALS['db']->Execute("UPDATE `" . DB_PREFIX . "_comms` SET sid = '" . $sid . "' WHERE authid = '" . $check . "' AND RemovedBy IS NULL;");
                $requri = substr($_SERVER['REQUEST_URI'], 0, strrpos($_SERVER['REQUEST_URI'], "pages/admin.blockit.php"));
                $kick = $r->sendCommand("sc_fw_block " . $type . " " . $length . " " . $match);
                $objResponse->addAssign("srv_{$num}", "innerHTML", "<font color='green' size='1'><b><u>Player Found & blocked!!!</u></b></font>");
                $objResponse->addScript("set_counter('-1');");
                return $objResponse;
            }
        }
        if (!$gothim) {
            $objResponse->addAssign("srv_{$num}", "innerHTML", "<font size='1'>Player not found.</font>");
            $objResponse->addScript('set_counter(1);');
            return $objResponse;
        }
    } else {
        $objResponse->addAssign("srv_{$num}", "innerHTML", "<font color='red' size='1'><i>Can't connect to server.</i></font>");
        $objResponse->addScript('set_counter(1);');
        return $objResponse;
    }
}
Ejemplo n.º 2
1
function login($data)
{
    //global $tpl;
    $objResponse = new xajaxResponse();
    include 'settings/tables.php';
    /* Crypt Password with MD5 Method */
    $pw_crypted = MD5(mysql_real_escape_string($data['password']));
    //encrypt password with MD5
    $email = mysql_real_escape_string($data['email']);
    /******************************************/
    /* Create Object :: EXIST */
    $logon = new CheckExist();
    /******************************************/
    /* Check :: EXIST */
    $logon->tableE = $tbl_users;
    $logon->conditionE = " UserEmail = '" . $email . "' && UserPass = '******' && activation_code = '' ";
    $CheckData = $logon->exist();
    /******************************************/
    /* Change Status :: Login successful or failed */
    if ($CheckData == 1) {
        $logon->email = $email;
        $logon->pw = $pw_crypted;
        $logon->tbl_users = $tbl_users;
        //setcookie
        if (isset($data['autologon'])) {
            $logon->cookie_duration = 1;
        } else {
            $logon->cookie_duration = 0;
        }
        $logon->cookieset('ly');
        $objResponse->Script("document.getElementById('submit_login').onclick()");
        $objResponse->redirect(ROOT_DIR);
        //return true;
    } else {
        $logon->email = '';
        $logon->pw = '';
        //$logon->cookieset('l');
        $objResponse->assign("p_logon_failure", "style.display", 'block');
        $objResponse->assign("p_logon_failure", "innerHTML", "Login information could not be verified.<br> Please try it again.");
        //TODO move string to language file
        //$tpl->display("logon/login.tpl");
        //return false;
    }
    unset($logon);
    /******************************************/
    return $objResponse;
}
Ejemplo n.º 3
0
function reguser($form)
{
    global $db, $tablepre, $onlineip;
    $obj = new xajaxResponse();
    $usernamereg = '/^\\s*$|^c:\\con\\con$|[%,\\*\\"\\s\\t\\<\\>\\&]|\\xA1\\xA1|\\xAC\\xA3|^guest|^\\xD3\\xCE\\xBF\\xCD|\\xB9\\x43\\xAB\\xC8/i';
    $emailreg = '/^(([^<>()[\\]\\.,;:\\s@"\']+(\\.[^<>()[\\]\\.,;:\\s@"\']+)*)|("[^"\']+"))@((\\[\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}\\])|(([a-zA-Z\\d\\-]+\\.)+[a-zA-Z]{2,}))$/';
    $username = addslashes(trim($form['username']));
    $password = trim($form['password']);
    $email = trim($form['email']);
    if (empty($username) || preg_match($usernamereg, $username) || strlen($username) < 3 || strlen($username) > 15 || preg_match("~/|\\|\\'|\"~", $password) || strlen($password) < 6 || strlen($password) > 20 || !preg_match($emailreg, $email)) {
        return $obj->redirect(WEB_URL);
    }
    $sql = "SELECT * FROM `{$tablepre}members` where username='******' or (regip='{$onlineip}' AND DATE(regdate)=CURDATE())";
    $query = $db->query($sql) or error('Unable to fetch member.', __FILE__, __LINE__, $db->error());
    if ($db->num_rows($query)) {
        return $obj->script("\$('chk_stat').className = d_err;\$('chk_stat').setHTML('此ID已被注册或者您今天已经注册过会员,请勿多次提交申请。');\$('regbotton').disabled = 'disabled';");
    }
    $sql = "INSERT INTO `{$tablepre}members` (username,password,email,regdate,regip) VALUES ('{$username}',MD5('{$password}'),'{$email}',now(),'{$onlineip}')";
    $db->query($sql) or error('Unable to insert into member.', __FILE__, __LINE__, $db->error());
    $uid = $db->insert_id();
    $db->query("INSERT INTO `{$tablepre}box` (uid,time) VALUES ('{$uid}',now())") or error('Unable to insert into box.', __FILE__, __LINE__, $db->error());
    $db->query("INSERT INTO `{$tablepre}memberdata` (uid,username,lastloginip,lastvisit) VALUES ('{$uid}','{$username}','{$onlineip}',UNIX_TIMESTAMP())");
    $obj->script("\$('regbotton').disabled = 'disabled';alert('注册成功!');");
    return $obj;
}
Ejemplo n.º 4
0
/**
 * @deprecated #0015627
 */
function AddOpinion($source_uid, $dest_uid, $message, $rating, $counter, $from = 'frl')
{
    return false;
    $source_uid = get_uid(false);
    $objResponse = new xajaxResponse();
    $message = trim($message);
    if (!in_array($rating, array(-1, 0, 1))) {
        $objResponse->assign('rating_error', 'innerHTML', 'Вы не выбрали категорию отзыва');
    } elseif (opinions::CheckUserCanPost($source_uid, $dest_uid) != 0) {
        // левый пользователь
    } elseif ($message == '') {
        $objResponse->script("opinionFormError('error_msg');");
    } elseif (strlen($message) > opinions::$opinion_max_length) {
        $objResponse->script("opinionMaxLengthError('msg', " . opinions::$opinion_max_length . ');');
    } else {
        $message = str_replace('&', '&amp;', $message);
        $message = stripslashes($message);
        $message = change_q_x($message, FALSE, TRUE, '', false, false);
        $error = opinions::NewMsg($source_uid, $dest_uid, $message, $rating, getRemoteIP(), $new_id);
        if (!$error) {
            $msg = opinions::GetLastMessage($source_uid, $dest_uid);
            if ($msg) {
                $user = new users();
                $user->GetUserByUID($dest_uid);
                $objResponse->remove('form_container');
                if (is_emp() && $from == 'frl' || !is_emp() && $from == 'emp') {
                    $from = $from == 'frl' ? 'emp' : 'frl';
                    $objResponse->redirect("/users/{$user->login}/opinions/?from={$from}#o_{$new_id}");
                    return $objResponse;
                }
                $objResponse->prepend('messages_container', 'innerHTML', opinions::printTheme($msg, $from, $counter, $user));
                $objResponse->prepend('messages_container', 'innerHTML', opinions::printAddForm($source_uid, $dest_uid, $from));
                $nt = $rating == 1 ? 'plus' : ($rating == -1 ? 'minus' : 'neitral');
                $objResponse->call('opinionChConuters', NULL, 'ops-' . $from . $nt);
                $objResponse->script("opinionCheckMaxLengthStop('msg');");
                $objResponse->assign('no_messages', 'innerHTML', '');
            } else {
                $objResponse->script("alert('" . serialize($msg) . "')");
            }
        } else {
            $objResponse->script("alert('" . $error . "')");
        }
    }
    return $objResponse;
}
Ejemplo n.º 5
0
function addV($vF)
{
    global $db;
    $resp = new xajaxResponse();
    $title = $vF['name'];
    if (!$title) {
        return $resp->alert('标题为空');
    }
    $query = $db->query("INSERT INTO `vote` SET `title` = '{$title}'") or error('Unable to insert vote data', __FILE__, __LINE__, $db->error());
    $insert_id = $db->get_insert_id();
    foreach ($vF['add'] as $v) {
        $db->query("INSERT INTO `vote` values (null,'{$v}',0,0,{$insert_id})") or error('Unable to insert vote data', __FILE__, __LINE__, $db->error());
    }
    $resp->alert("添加成功!");
    $resp->redirect('vote_manager.php');
    //$resp->alert(print_r($vF['add'],true));
    return $resp->getXML();
}
Ejemplo n.º 6
0
 public function loginAjax($aData)
 {
     $oResp = new xajaxResponse();
     // walidacja danych
     $oValidator = new Module_Validator();
     $oValidator->field('type_id', $iTypeId)->rules('required|toint|not[0]');
     $oValidator->field('type_name', $sValue)->rules('required|hsc');
     if ($oValidator->validate()) {
     } else {
     }
     $oUser = Model_User::tryCreate($aData['login']);
     $sPassHash = md5($aData['password'] . 'fibonacci98765434567');
     if ($oUser !== null && $this->oAuth->login($oUser, $sPassHash)) {
         $oResp->redirect($this->getPageUrl('/'));
     } else {
         $oResp->assign('error_msg', 'innerHTML', 'Incorrect name or password');
     }
     return $oResp;
 }
Ejemplo n.º 7
0
function myFunction($post)
{
    $usuario = htmlentities($post['login']);
    $clave = htmlentities($post['password']);
    $db = new MySQL();
    $resultado = $db->consulta("Select vUsuClave,TipoUsuario_iTiUsuarioIdTipoUsuario from usuarios where vUsuUsuario='" . $usuario . "'");
    $filas = $db->num_rows($resultado);
    $respuesta = new xajaxResponse();
    if ($filas > 0) {
        $row = mysql_fetch_assoc($resultado);
        if ($row['vUsuClave'] == hash_hmac('md5', $clave, 'tesis')) {
            $resultado2 = $db->consulta("Select vUrl from tipousuario where iTiUsuarioIdTipoUsuario='" . $row['TipoUsuario_iTiUsuarioIdTipoUsuario'] . "' and Estado='A'");
            $row2 = mysql_fetch_assoc($resultado2);
            $respuesta->redirect($_configuration['root_web'] . $row2['vUrl']);
        } else {
            $respuesta->assign("mensaje", "innerHTML", "<div id='login_fail'>Contrase&ntilde;a Incorrecta</div>");
        }
    } else {
        $respuesta->assign("mensaje", "innerHTML", "<div id='login_fail'>Usuario Incorrecto</div>");
    }
    return $respuesta;
}
function SendMessage($sid, $name, $message)
{
    $objResponse = new xajaxResponse();
    global $userbank, $username;
    if (!$userbank->is_admin()) {
        $objResponse->redirect("index.php?p=login&m=no_access", 0);
        $log = new CSystemLog("w", "Ошибка доступ", $username . " пытался отправить для '" . addslashes(htmlspecialchars($name)) . "' сообщение (\"" . RemoveCode($message) . "\"), не имея на это прав.");
        return $objResponse;
    }
    $sid = (int) $sid;
    require INCLUDES_PATH . '/CServerRcon.php';
    //get the server data
    $data = $GLOBALS['db']->GetRow("SELECT ip, port, rcon FROM " . DB_PREFIX . "_servers WHERE sid = '" . $sid . "';");
    if (empty($data['rcon'])) {
        $objResponse->addScript("ShowBox('Ошибка', 'Невозможно отправить сообщение для " . addslashes(htmlspecialchars($name)) . ". Не задан РКОН пароль!', 'red', '', true);");
        return $objResponse;
    }
    $r = new CServerRcon($data['ip'], $data['port'], $data['rcon']);
    if (!$r->Auth()) {
        $GLOBALS['db']->Execute("UPDATE " . DB_PREFIX . "_servers SET rcon = '' WHERE sid = '" . $sid . "';");
        $objResponse->addScript("ShowBox('Ошибка', 'Невозможно отправить сообщение для " . addslashes(htmlspecialchars($name)) . ". Неверноый РКОН пароль!', 'red', '', true);");
        return $objResponse;
    }
    $ret = $r->sendCommand('sm_psay "' . $name . '" "' . addslashes($message) . '"');
    new CSystemLog("m", "Сообщение отправлено", "Следующее сообщение было отправлено " . addslashes(htmlspecialchars($name)) . " на сервер " . $data['ip'] . ":" . $data['port'] . ": " . RemoveCode($message));
    $objResponse->addScript("ShowBox('Сообщение отправлено', 'Сообщение для \\'" . addslashes(htmlspecialchars($name)) . "\\' успешно отправлено!', 'green', '', true);\$('dialog-control').setStyle('display', 'block');");
    return $objResponse;
}
Ejemplo n.º 9
0
function closePopup()
{
    $objResponse = new xajaxResponse();
    $objResponse->remove("popup");
    $objResponse->removeCSS('includes/layout/overlay.css');
    if ($_SESSION['popup_close_redirect'] == 'yes') {
        $project7 = new editsee_App();
        $_SESSION['popup_close_redirect'] = '';
        $_SESSION['temp_theme'] = '';
        $objResponse->redirect($project7->get_config('es_main_url'));
    }
    return $objResponse;
}
Ejemplo n.º 10
0
function LiveMessage($a) {
    global $db;
    $sessionid = $_SESSION['sessionid'];
    $name = htmlspecialchars($a['name']);
    $email = htmlspecialchars($a['email']);
    $country = htmlspecialchars($a['country']);
    $phone = htmlspecialchars($a['phone']);
    $departmentid = htmlspecialchars($a['departmentid']);
    $message = htmlspecialchars($a['message']);
    $timestamp = time();
    $ip = $_SERVER['REMOTE_ADDR'];
    $sql = "INSERT INTO `chat` (`sessionid`,`name`,`email`,`phone`,`departmentid`,`message`,`timestamp`,`ip`,`status`) VALUES('" . $sessionid . "','" . $name . "','" . $email . "','" . $phone . "','" . $departmentid . "','" . $message . "','" . $timestamp . "','" . $ip . "','2')";
    $db->query($sql);
    $sql = "DELETE FROM `sessions` WHERE `id`='" . $sessionid . "'";
    $db->query($sql);
    $text = "<?php echo $lang[shout_success]?>\n";
    $objResponse = new xajaxResponse('utf-8');
    $objResponse->addAssign('content', 'innerHTML', $text);
    $objResponse->redirect('../', 5);
    return $objResponse;
}
Ejemplo n.º 11
0
function deleteDirection($id)
{
    session_start();
    if (!hasPermissions('seo')) {
        return false;
    }
    $objResponse = new xajaxResponse();
    $id = intval($id);
    if (!$id) {
        $objResponse->alert('Идентификатор направления не указан');
        return $objResponse;
    }
    $seo = new seo();
    if (!$seo->deleteDirection($id)) {
        $objResponse->alert('Ошибка удаления');
        return $objResponse;
    }
    $objResponse->redirect('/catalog/admin/?direction=-1');
    return $objResponse;
}
Ejemplo n.º 12
0
function redirect()
{
    $objResponse = new xajaxResponse();
    $objResponse->redirect("http://www.xajaxproject.org");
    return $objResponse;
}
Ejemplo n.º 13
0
function rate($site, $id, $rating)
{
    global $memcache;
    global $duration;
    global $_COOKIE;
    global $tpl;
    include 'settings/tables.php';
    $objResponse = new xajaxResponse();
    if (!isset($_COOKIE["l"])) {
        $objResponse->redirect(ROOT_DIR);
        return $objResponse;
    }
    $l["token"] = substr($_COOKIE["l"], 3, -35);
    $mem_key1 = "user_data_" . $l["token"];
    $user_data = $memcache->get($mem_key1);
    $mem_key2 = "trigger_f_" . $l["token"];
    $trigger_f = $memcache->get($mem_key2);
    include 'modules/logon/get_userdata.php';
    $mem_key3 = "ay_flashes_voted_" . $l["token"];
    $mem_key4 = "ay_flashes_rated_" . $l["token"];
    $ay_flashes_voted = $memcache->get($mem_key3);
    $ay_flashes_rated = $memcache->get($mem_key4);
    $ay_flash_cats = $memcache->get('ay_flash_cats');
    include 'modules/flash/flashfeed_add.php';
    if ($site == 'flash') {
        $likes_str = 'p_likes_' . $id;
        $dislikes_str = 'p_dislikes_' . $id;
        $rate_str = 'p_rate_' . $id;
        $upd_data = new ModifyEntry();
        $upd_data->table = $tbl_flashes;
        $upd_data->condition = " ID = '{$id}' ";
        if ($rating == "like") {
            $upd_data->changes = " likes = likes+1, rating = rating+1 ";
        }
        if ($rating == "dislike") {
            $upd_data->changes = " dislikes = dislikes+1, rating = rating-1 ";
        }
        $upd_data->update();
        unset($upd_data);
        $ins_data = new ModifyEntry();
        $ins_data->table = $tbl_flash_ratings;
        $ins_data->cols = 'flashID, userID, rating';
        $ins_data->values = " '{$id}', '" . $user_data['ID'] . "', '{$rating}' ";
        $ins_data->insert();
        unset($ins_data);
        $flash_result = new SelectEntrys();
        $flash_result->cols = 'likes, dislikes';
        $flash_result->table = $tbl_flashes;
        $flash_result->condition = " ID = '{$id}' ";
        $flash_result->multiSelect = 1;
        $ay_flash_result = $flash_result->row();
        unset($flash_result);
        $ay_flashes_rated[] = $id;
        sort($ay_flashes_rated);
        $mem_key4 = "ay_flashes_rated_" . $l["token"];
        $memcache->replace($mem_key4, $ay_flashes_rated, false);
        $objResponse->assign($rate_str, "style.display", 'none');
        $objResponse->assign($likes_str, "innerHTML", $ay_flash_result[0]['likes']);
        $objResponse->assign($dislikes_str, "innerHTML", $ay_flash_result[0]['dislikes']);
    }
    return $objResponse;
}
Ejemplo n.º 14
0
function SendMessage($sid, $name, $message)
{
    $objResponse = new xajaxResponse();
    global $userbank, $username;
    if (!$userbank->is_admin()) {
        $objResponse->redirect("index.php?p=login&m=no_access", 0);
        $log = new CSystemLog("w", "Hacking Attempt", $username . " tried to send ingame message to '" . addslashes(htmlspecialchars($name)) . "' (\"" . RemoveCode($message) . "\"), but doesnt have access.");
        return $objResponse;
    }
    $sid = (int) $sid;
    require INCLUDES_PATH . '/CServerRcon.php';
    //get the server data
    $data = $GLOBALS['db']->GetRow("SELECT ip, port, rcon FROM " . DB_PREFIX . "_servers WHERE sid = '" . $sid . "';");
    if (empty($data['rcon'])) {
        $objResponse->addScript("ShowBox('Error', 'Can\\'t send message to " . addslashes(htmlspecialchars($name)) . ". No RCON password!', 'red', '', true);");
        return $objResponse;
    }
    $r = new CServerRcon($data['ip'], $data['port'], $data['rcon']);
    if (!$r->Auth()) {
        $GLOBALS['db']->Execute("UPDATE " . DB_PREFIX . "_servers SET rcon = '' WHERE sid = '" . $sid . "';");
        $objResponse->addScript("ShowBox('Error', 'Can\\'t send message to " . addslashes(htmlspecialchars($name)) . ". Wrong RCON password!', 'red', '', true);");
        return $objResponse;
    }
    $ret = $r->sendCommand('sm_psay "' . $name . '" "' . addslashes($message) . '"');
    new CSystemLog("m", "Message sent to player", "The following message was sent to " . addslashes(htmlspecialchars($name)) . " on server " . $data['ip'] . ":" . $data['port'] . ": " . RemoveCode($message));
    $objResponse->addScript("ShowBox('Message Sent', 'The message has been sent to player \\'" . addslashes(htmlspecialchars($name)) . "\\' successfully!', 'green', '', true);\$('dialog-control').setStyle('display', 'block');");
    return $objResponse;
}
Ejemplo n.º 15
0
/**
 * @param string $destDiv
 * @param int $msgId
 * @return xajaxResponse
 */
function takeGroupMail($destDiv = 'mod-webmail_inbox', $msgId = 1)
{
    global $prefs, $user, $webmaillib, $module_params;
    include_once 'lib/webmail/webmaillib.php';
    $contactlib = TikiLib::lib('contact');
    $categlib = TikiLib::lib('categ');
    $tikilib = TikiLib::lib('tiki');
    $trklib = TikiLib::lib('trk');
    if (isset($_SESSION['webmailinbox'][$destDiv]['module_params'])) {
        $module_params = $_SESSION['webmailinbox'][$destDiv]['module_params'];
    } else {
        $module_params = array();
        // TODO error?
    }
    $accountid = isset($module_params["accountid"]) ? $module_params['accountid'] : 0;
    $ls = $webmaillib->refresh_mailbox($user, $accountid, false);
    $cont = $webmaillib->get_mail_content($user, $accountid, $msgId);
    $acc = $webmaillib->get_webmail_account($user, $accountid);
    // make tracker item
    $m = $ls[$msgId - 1];
    $from = $m['from'];
    $subject = $m['subject'];
    $realmsgid = $m['realmsgid'];
    $maildate = $m['date'];
    $maildate = strtotime($maildate);
    $objResponse = new xajaxResponse();
    // check if already taken
    $itemid = $trklib->get_item_id($module_params['trackerId'], $module_params['messageFId'], $realmsgid);
    if ($itemid > 0) {
        $objResponse->script('doRefreshWebmail();alert("Sorry, that mail has been taken by another operator. Refreshing list...");');
    } else {
        $charset = $prefs['default_mail_charset'];
        if (empty($charset)) {
            $charset = 'UTF-8';
        }
        $items['data'][0]['fieldId'] = $module_params['fromFId'];
        $items['data'][0]['type'] = 't';
        $items['data'][0]['value'] = $from;
        $items['data'][1]['fieldId'] = $module_params['operatorFId'];
        $items['data'][1]['type'] = 'u';
        $items['data'][1]['value'] = $user;
        $items['data'][2]['fieldId'] = $module_params['subjectFId'];
        $items['data'][2]['type'] = 't';
        $items['data'][2]['value'] = $subject;
        $items['data'][3]['fieldId'] = $module_params['messageFId'];
        $items['data'][3]['type'] = 't';
        $items['data'][3]['value'] = $realmsgid;
        $items['data'][4]['fieldId'] = $module_params['contentFId'];
        $items['data'][4]['type'] = 'a';
        $items['data'][4]['value'] = htmlentities($cont['body'], ENT_QUOTES, $charset);
        $items['data'][5]['fieldId'] = $module_params['accountFId'];
        $items['data'][5]['type'] = 't';
        $items['data'][5]['value'] = $acc['account'];
        $items['data'][6]['fieldId'] = $module_params['datetimeFId'];
        $items['data'][6]['type'] = 'f';
        // f?
        $items['data'][6]['value'] = $maildate;
        $trklib->replace_item($module_params['trackerId'], 0, $items);
    }
    // make name for wiki page
    $pageName = str_replace('@', '_AT_', $m['sender']['email']);
    $contId = $contactlib->get_contactId_email($m['sender']['email'], $user);
    // add or update (?) contact
    $ext = $contactlib->get_ext_by_name($user, tra('Wiki Page'), $contId);
    if (!$ext) {
        $contactlib->add_ext($user, tra('Wiki Page'), true);
        // a public field
        $ext = $contactlib->get_ext_by_name($user, tra('Wiki Page'), $contId);
    }
    $arr = explode(" ", trim(html_entity_decode($m['sender']['name']), '"\' '), 2);
    if (count($arr) < 2) {
        $arr[] = '';
    }
    $contactlib->replace_contact($contId, $arr[0], $arr[1], $m['sender']['email'], '', $user, array($module_params['group']), array($ext['fieldId'] => $pageName), true);
    if (!$contId) {
        $contId = $contactlib->get_contactId_email($m['sender']['email'], $user);
    }
    // make or update wiki page
    $wikilib = TikiLib::lib('wiki');
    if (!$wikilib->page_exists($pageName)) {
        $comment = 'Generated by GroupMail on ' . date(DATE_RFC822);
        $description = "Page {$comment} for " . $m['sender']['email'];
        $data = '!GroupMail case with ' . $m['sender']['email'] . "\n";
        $data .= "''{$comment}''\n\n";
        $data .= "!!Info\n";
        $data .= "Contact info: [tiki-contacts.php?contactId={$contId}|" . $m['sender']['name'] . "]\n\n";
        $data .= "!!Logs\n";
        $data .= '{trackerlist trackerId="' . $module_params['trackerId'] . '" ' . 'fields="' . $module_params['fromFId'] . ':' . $module_params['operatorFId'] . ':' . $module_params['subjectFId'] . ':' . $module_params['datetimeFId'] . '" ' . 'popup="' . $module_params['fromFId'] . ':' . $module_params['contentFId'] . '" stickypopup="n" showlinks="y" shownbitems="n" showinitials="n"' . 'showstatus="n" showcreated="n" showlastmodif="n" filterfield="' . $module_params['fromFId'] . '" filtervalue="' . $m['sender']['email'] . '"}';
        $data .= "\n\n";
        $tikilib->create_page($pageName, 0, $data, $tikilib->now, $comment, $user, $tikilib->get_ip_address(), $description);
        $categlib->update_object_categories(array($categlib->get_category_id('Help Team Pages')), $pageName, 'wiki page');
        // TODO remove hard-coded cat name
    }
    $objResponse->redirect($wikilib->sefurl($pageName));
    return $objResponse;
}
function KickPlayer($check, $sid, $num, $type)
{
    $objResponse = new xajaxResponse();
    global $userbank, $username;
    $sid = (int) $sid;
    if (!$userbank->HasAccess(ADMIN_OWNER | ADMIN_ADD_BAN)) {
        $objResponse->redirect("index.php?p=login&m=no_access", 0);
        $log = new CSystemLog("w", "Ошибка доступа", $username . " пытался кого-то кикнуть, не имея на это прав.");
        return $objResponse;
    }
    //get the server data
    $sdata = $GLOBALS['db']->GetRow("SELECT ip, port, rcon FROM " . DB_PREFIX . "_servers WHERE sid = '" . $sid . "';");
    //test if server is online
    if ($test = @fsockopen($sdata['ip'], $sdata['port'], $errno, $errstr, 2)) {
        @fclose($test);
        require_once INCLUDES_PATH . "/CServerRcon.php";
        $r = new CServerRcon($sdata['ip'], $sdata['port'], $sdata['rcon']);
        if (!$r->Auth()) {
            $GLOBALS['db']->Execute("UPDATE " . DB_PREFIX . "_servers SET rcon = '' WHERE sid = '" . $sid . "' LIMIT 1;");
            $objResponse->addAssign("srv_{$num}", "innerHTML", "<font color='red' size='1'>Неверный РКОН!</font>");
            $objResponse->addScript('set_counter(1);');
            return $objResponse;
        }
        $ret = $r->rconCommand("status");
        // show hostname instead of the ip, but leave the ip in the title
        require_once "../includes/system-functions.php";
        $hostsearch = preg_match_all('/hostname:[ ]*(.+)/', $ret, $hostname, PREG_PATTERN_ORDER);
        $hostname = trunc(htmlspecialchars($hostname[1][0]), 25, false);
        if (!empty($hostname)) {
            $objResponse->addAssign("srvip_{$num}", "innerHTML", "<font size='1'><span title='" . $sdata['ip'] . ":" . $sdata['port'] . "'>" . $hostname . "</span></font>");
        }
        $gothim = false;
        $search = preg_match_all(STATUS_PARSE, $ret, $matches, PREG_PATTERN_ORDER);
        //search for the steamid on the server
        if ((int) $type == 0) {
            foreach ($matches[3] as $match) {
                if (substr($match, 8) == substr($check, 8)) {
                    // gotcha!!! kick him!
                    $gothim = true;
                    $GLOBALS['db']->Execute("UPDATE `" . DB_PREFIX . "_bans` SET sid = '" . $sid . "' WHERE authid = '" . $check . "' AND RemovedBy IS NULL;");
                    $requri = substr($_SERVER['REQUEST_URI'], 0, strrpos($_SERVER['REQUEST_URI'], "pages/admin.kickit.php"));
                    $kick = $r->sendCommand("kickid " . $match . " \"Вы были забанены, посетите http://" . $_SERVER['HTTP_HOST'] . $requri . " для большей информации.\"");
                    $objResponse->addAssign("srv_{$num}", "innerHTML", "<font color='green' size='1'><b><u>Игрок найден и кикнут!!!</u></b></font>");
                    $objResponse->addScript("set_counter('-1');");
                    return $objResponse;
                }
            }
        } else {
            if ((int) $type == 1) {
                // search for the ip on the server
                $id = 0;
                foreach ($matches[8] as $match) {
                    $ip = explode(":", $match);
                    $ip = $ip[0];
                    if ($ip == $check) {
                        $userid = $matches[1][$id];
                        // gotcha!!! kick him!
                        $gothim = true;
                        $GLOBALS['db']->Execute("UPDATE `" . DB_PREFIX . "_bans` SET sid = '" . $sid . "' WHERE ip = '" . $check . "' AND RemovedBy IS NULL;");
                        $requri = substr($_SERVER['REQUEST_URI'], 0, strrpos($_SERVER['REQUEST_URI'], "pages/admin.kickit.php"));
                        $kick = $r->sendCommand("kickid " . $userid . " \"Вы были забанены, посетите http://" . $_SERVER['HTTP_HOST'] . $requri . " для большей информации.\"");
                        $objResponse->addAssign("srv_{$num}", "innerHTML", "<font color='green' size='1'><b><u>Игрок найден и кикнут!!!</u></b></font>");
                        $objResponse->addScript("set_counter('-1');");
                        return $objResponse;
                    }
                    $id++;
                }
            }
        }
        if (!$gothim) {
            $objResponse->addAssign("srv_{$num}", "innerHTML", "<font size='1'>Игрок не найден.</font>");
            $objResponse->addScript('set_counter(1);');
            return $objResponse;
        }
    } else {
        $objResponse->addAssign("srv_{$num}", "innerHTML", "<font color='red' size='1'><i>Нет соединения с сервером.</i></font>");
        $objResponse->addScript('set_counter(1);');
        return $objResponse;
    }
}
Ejemplo n.º 17
0
function resendCode($sbr_id, $stage_id)
{
    require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/pskb.php';
    require_once $_SERVER['DOCUMENT_ROOT'] . '/classes/memBuff.php';
    $sbr_id = __paramValue('int', $sbr_id);
    $stage_id = __paramValue('int', $stage_id);
    $objResponse = new xajaxResponse();
    $objResponse->script("\$('alert_sms').removeClass('b-layout__txt_color_56bd06').removeClass('b-layout__txt_color_c7271e'); ");
    if (!$sbr_id) {
        $objResponse->script("\$('alert_sms').addClass('b-layout__txt_color_c7271e'); \n                              \$('alert_sms').set('html', 'Запрос не может быть обработан.');");
        //$objResponse->alert('Запрос не может быть обработан.');
        return $objResponse;
    }
    $m = new memBuff();
    $lasttime = $m->get(pskb::SMS_RESEND_KEY . $sbr_id);
    if ($lasttime) {
        $mins = ceil(($lasttime + 300 - time()) / 60);
        $objResponse->script("\$('alert_sms').addClass('b-layout__txt_color_c7271e'); \n                              \$('alert_sms').set('html', 'Еще раз выслать код можно будет через {$mins} минут" . ending($mins, 'у', 'ы', '') . ".');");
        //$objResponse->alert("Повторный запрос можно будет сделать примерно через {$mins} минут" . ending($mins, 'у', 'ы', '') );
        return $objResponse;
    }
    $uid = get_uid(0);
    if (!$uid) {
        $objResponse->redirect('/');
        return $objResponse;
    }
    $sbr = sbr_meta::getInstance();
    if (!$sbr->initFromId($sbr_id)) {
        $objResponse->script("\$('alert_sms').addClass('b-layout__txt_color_c7271e'); \n                              \$('alert_sms').set('html', 'Запрос не может быть обработан.');");
        return $objResponse;
    }
    $stage = $sbr->initFromStage($stage_id, false);
    if (!$stage) {
        $objResponse->script("\$('alert_sms').addClass('b-layout__txt_color_c7271e'); \n                              \$('alert_sms').set('html', 'Запрос не может быть обработан.');");
        return $objResponse;
    }
    if ($uid != $sbr->data['frl_id']) {
        $objResponse->script("\$('alert_sms').addClass('b-layout__txt_color_c7271e'); \n                              \$('alert_sms').set('html', 'Запрос не может быть обработан.');");
        //$objResponse->alert('Запрос не может быть обработан.');
        return $objResponse;
    }
    $pskb = new pskb($sbr);
    if (!$pskb->resendCode($stage)) {
        $objResponse->script("\$('alert_sms').addClass('b-layout__txt_color_c7271e'); \n                              \$('alert_sms').set('html', 'Не удалось выслать код.');");
        //$objResponse->alert('Ошибка запроса. Попробуйте еще раз.');
        return $objResponse;
    }
    $m->set(pskb::SMS_RESEND_KEY . $sbr_id, time(), 300);
    $objResponse->script("\$('alert_sms').addClass('b-layout__txt_color_56bd06'); \n                          \$('alert_sms').set('html', 'Код отправлен повторно.');\n                          \$('send_sms').destroy();\n                          \$('resend_sms').set('html', 'Еще раз выслать код можно будет через 5 минут.')");
    //$objResponse->alert('Код отправлен повторно.');
    if (defined('PSKB_TEST_MODE')) {
        $objResponse->script('document.location.reload();');
    }
    return $objResponse;
}
Ejemplo n.º 18
0
function insertdata($table, $data, $special = 0)
{
    //global $tpl;
    global $memcache;
    global $l;
    global $tpl;
    global $user_data;
    global $getmonth;
    $objResponse = new xajaxResponse();
    //include('settings/template.php');
    include 'settings/tables.php';
    if ($user_data == '' || !isset($user_data)) {
        require_once 'lib/functions/get_userdata.php';
    }
    //enter new diary entry
    if ($table == $tbl_diary) {
        if ($special == 1) {
            $html = $tpl->fetch("modules/improve/diary/add_pin.tpl");
            //         $objResponse->assign("add_pin","style.className",'pin');
            $objResponse->assign("add_pin", "innerHTML", $html);
            $objResponse->includeScript("js/pinterest.js");
            $objResponse->call("m_reload");
        } else {
            if ($data['image_file'] != '') {
                $objResponse->script("document.forms['insert'].submit();");
            } else {
                $mysqldate = date('Y-m-d H:i:s', time());
                $diary_note = mysql_real_escape_string(strip_tags($data['note']));
                //insert new entry
                $diary = new ModifyEntry();
                $diary->table = $table;
                $diary->cols = 'userID, entry, date';
                $diary->values = " '" . $user_data['ID'] . "', '" . $diary_note . "', '" . $mysqldate . "' ";
                $diary->insert();
                unset($diary);
                //TODO check if first entry and if yes update user array with start_month and start_year
                //refresh content
                include "lib/functions/fetch_diary.php";
                $tpl->assign('ay_diary', $ay_diary);
                $tpl->assign('at_least_one_entry', 1);
                //else $tpl->assign('at_least_one_entry', 0);
                //TODO why is this needed now!?
                $tpl->assign('user_data', $user_data);
                $html = $tpl->fetch("modules/home/diary_entries.tpl");
                $objResponse->assign("diary_entries", "innerHTML", $html);
                $objResponse->assign("add_pin", "innerHTML", '');
                $objResponse->includeScript("js/pinterest.js");
                $objResponse->call("m_reload");
            }
        }
    } elseif ($table == $tbl_goals) {
        $mysqldate = date('Y-m-d H:i:s', time());
        $note = strip_tags(mysql_real_escape_string($data['note']));
        //insert new entry
        $goals = new ModifyEntry();
        $goals->table = $table;
        $goals->cols = 'userID, goal, created';
        $goals->values = " '" . $user_data['ID'] . "', '" . $note . "', '" . $mysqldate . "' ";
        $goals->insert();
        unset($goals);
        //refresh content
        $html1 = $tpl->fetch("modules/improve/goals/sortfields.tpl");
        $objResponse->assign("sortfields", "innerHTML", $html1);
        include "lib/functions/fetch_goals.php";
        $tpl->assign('ay_goals', $ay_goals);
        $html2 = $tpl->fetch("modules/improve/goals/goal_entries.tpl");
        $objResponse->assign("goal_entries", "innerHTML", $html2);
        $objResponse->call("reset_input");
    } elseif ($table == $tbl_distorted_thoughts) {
        $mysqldate = date('Y-m-d H:i:s', time());
        $thought = strip_tags(mysql_real_escape_string($data['thought']));
        $response = strip_tags(mysql_real_escape_string($data['response']));
        $c_action = strip_tags(mysql_real_escape_string($data['c_action']));
        //insert new entry
        $thoughts = new ModifyEntry();
        $thoughts->table = $table;
        $thoughts->cols = 'userID, thought, response, action, created';
        $thoughts->values = " '" . $user_data['ID'] . "', '" . $thought . "', '" . $response . "', '" . $c_action . "', '" . $mysqldate . "' ";
        $thoughts->insert();
        unset($thoughts);
        //refresh content
        include "lib/functions/fetch_thoughts.php";
        $tpl->assign('ay_thoughts', $ay_thoughts);
        $html = $tpl->fetch("modules/improve/distorted_thoughts/thought_entries.tpl");
        $objResponse->assign("thought_entries", "innerHTML", $html);
        $objResponse->call("reset_input");
    } elseif ($table == $tbl_da_scale_results || $table == $tbl_bd_scale_results) {
        $i = 0;
        $dataValid = 1;
        $mysqldate = date('Y-m-d H:i:s', time());
        //check if all items have been answered
        for ($i = 1; $i <= $data['items_total']; $i++) {
            if (!isset($data[$i])) {
                $objResponse->alert('Please answer all items');
                // TODO put string in language file
                $dataValid = 0;
                break;
            }
        }
        //TODO store aggregated values in user table
        //all items have been answered
        if ($dataValid == 1) {
            $bd_total_score = 0;
            $da_total_score[0] = $da_total_score[1] = $da_total_score[2] = $da_total_score[3] = $da_total_score[4] = $da_total_score[5] = $da_total_score[6] = 0;
            //insert new entry
            $scale_data = new ModifyEntry();
            $scale_data->table = $table;
            for ($i = 1; $i <= $data['items_total']; $i++) {
                if (isset($data[$i])) {
                    $scale_data->cols = 'userID, itemID, value, date';
                    $scale_data->values = " '" . $user_data['ID'] . "', '" . $i . "', '" . $data[$i] . "', '" . $mysqldate . "' ";
                    $scale_data->insert();
                    if ($scale_data->errno() > 0) {
                        break;
                    }
                    if ($table == $tbl_da_scale_results) {
                        switch (true) {
                            case $i <= 5:
                                $da_total_score[0] = $da_total_score[0] + $data[$i];
                                break;
                            case $i <= 10:
                                $da_total_score[1] = $da_total_score[1] + $data[$i];
                                break;
                            case $i <= 15:
                                $da_total_score[2] = $da_total_score[2] + $data[$i];
                                break;
                            case $i <= 20:
                                $da_total_score[3] = $da_total_score[3] + $data[$i];
                                break;
                            case $i <= 25:
                                $da_total_score[4] = $da_total_score[4] + $data[$i];
                                break;
                            case $i <= 30:
                                $da_total_score[5] = $da_total_score[5] + $data[$i];
                                break;
                            case $i <= 35:
                                $da_total_score[6] = $da_total_score[6] + $data[$i];
                                break;
                        }
                    }
                    if ($table == $tbl_bd_scale_results) {
                        $bd_total_score = $bd_total_score + $data[$i];
                    }
                }
            }
            unset($scale_data);
            $scale_data = new ModifyEntry();
            $scale_data->table = $tbl_users;
            if ($table == $tbl_da_scale_results) {
                ksort($da_total_score);
            }
            if ($table == $tbl_da_scale_results) {
                $scale_data->changes = " da_latest_score = '" . serialize($da_total_score) . "' ";
            } else {
                $scale_data->changes = " bd_latest_score = '" . $bd_total_score . "' ";
            }
            $scale_data->condition = " ID = '" . $user_data['ID'] . "' ";
            $scale_data->update();
            if ($scale_data->errno() > 0) {
                break;
            }
            if ($table == $tbl_da_scale_results) {
                $user_data['da_latest_score'] = serialize($da_total_score);
            }
            if ($table == $tbl_bd_scale_results) {
                $user_data['bd_latest_score'] = $bd_total_score;
            }
            if (mod_memcache == 1) {
                $memcache->replace($mem_key1, $user_data, false);
            } else {
                $_SESSION['$mem_key1'] = $user_data;
            }
        }
        //update cached data in memcache or session
        //$l["token"] = substr($_COOKIE["l"], 3, -35);
        if ($table == $tbl_da_scale_results) {
            $mem_key2 = "da_scale_data_" . $l["token"];
            $mem_key2a = "da_scale_sep_strings_" . $l["token"];
            $mem_key2b = "da_scale_sep_dates_" . $l["token"];
            if (mod_memcache == 1) {
                $memcache->delete($mem_key2);
                $memcache->delete($mem_key2a);
                $memcache->delete($mem_key2b);
            } else {
                unset($_SESSION['$mem_key2']);
                unset($_SESSION['$mem_key2a']);
                unset($_SESSION['$mem_key2b']);
            }
        }
        if ($table == $tbl_bd_scale_results) {
            $mem_key3 = "bd_scale_data_" . $l["token"];
            if (mod_memcache == 1) {
                $memcache->delete($mem_key3);
            } else {
                unset($_SESSION['$mem_key3']);
            }
        }
        //redirect to overview/result page
        if ($dataValid == 1 && $scale_data->errno() == 0 && $table == $tbl_da_scale_results) {
            $objResponse->redirect(ROOT_DIR . 'analyze/da_scale/index.html');
        }
        if ($dataValid == 1 && $scale_data->errno() == 0 && $table == $tbl_bd_scale_results) {
            $objResponse->redirect(ROOT_DIR . 'analyze/bd_scale/index.html');
        }
        unset($scale_data);
    }
    return $objResponse;
}
function _publish_arquivo()
{
    global $arquivo;
    $objResponse = new xajaxResponse();
    if ($arquivo->publish()) {
        $objResponse->redirect("el-gallery_view.php?arquivoId={$arquivo->id}");
    } else {
        $objResponse->alert("Não foi possível publicar o arquivo");
    }
    return $objResponse;
}
Ejemplo n.º 20
0
function removeSeat($_draft_id)
{
    $objResponse = new xajaxResponse();
    #how many are in the draft?
    $players = mysql_num_rows(mysql_query("SELECT fk_user_id FROM md_draft2user WHERE fk_draft_id = {$_draft_id}"));
    mysql_query("UPDATE md_draft SET max_players = max_players - 1 WHERE max_players > {$players} AND draft_status = 0 AND pk_draft_id = {$_draft_id}");
    $draft_info = mysql_fetch_array(mysql_query("SELECT * FROM md_draft\n\t\tWHERE pk_draft_id = {$_draft_id}"));
    $drafterlist = drafterList($_draft_id);
    $objResponse->assign("drafterlist", "innerHTML", $drafterlist);
    if ($players == $draft_info["max_players"]) {
        $objResponse->redirect("draft.php?id=" . $_draft_id);
    }
    return $objResponse;
}
Ejemplo n.º 21
0
function PasteBlock($sid, $name)
{
    $objResponse = new xajaxResponse();
    global $userbank, $username;
    $sid = (int) $sid;
    if (!$userbank->HasAccess(ADMIN_OWNER | ADMIN_ADD_BAN)) {
        $objResponse->redirect("index.php?p=login&m=no_access", 0);
        $log = new CSystemLog("w", "Hacking Attempt", $username . " tried paste a block, but doesn't have access.");
        return $objResponse;
    }
    require INCLUDES_PATH . '/CServerRcon.php';
    //get the server data
    $data = $GLOBALS['db']->GetRow("SELECT ip, port, rcon FROM " . DB_PREFIX . "_servers WHERE sid = ?;", array($sid));
    if (empty($data['rcon'])) {
        $objResponse->addScript("\$('dialog-control').setStyle('display', 'block');");
        $objResponse->addScript("ShowBox('Error', 'No RCON password for server " . $data['ip'] . ":" . $data['port'] . "!', 'red', '', true);");
        return $objResponse;
    }
    $r = new CServerRcon($data['ip'], $data['port'], $data['rcon']);
    if (!$r->Auth()) {
        $GLOBALS['db']->Execute("UPDATE " . DB_PREFIX . "_servers SET rcon = '' WHERE sid = ?;", array($sid));
        $objResponse->addScript("\$('dialog-control').setStyle('display', 'block');");
        $objResponse->addScript("ShowBox('Error', 'Wrong RCON password for server " . $data['ip'] . ":" . $data['port'] . "!', 'red', '', true);");
        return $objResponse;
    }
    $ret = $r->rconCommand("status");
    $search = preg_match_all(STATUS_PARSE, $ret, $matches, PREG_PATTERN_ORDER);
    $i = 0;
    $found = false;
    $index = -1;
    foreach ($matches[2] as $match) {
        if ($match == $name) {
            $found = true;
            $index = $i;
            break;
        }
        $i++;
    }
    if ($found) {
        $steam = $matches[3][$index];
        $name = $matches[2][$index];
        $objResponse->addScript("\$('nickname').value = '" . addslashes($name) . "'");
        $objResponse->addScript("\$('steam').value = '" . $steam . "'");
    } else {
        $objResponse->addScript("ShowBox('Error', 'Can\\'t get player info for " . addslashes(htmlspecialchars($name)) . ". Player is not on the server (" . $data['ip'] . ":" . $data['port'] . ") anymore!', 'red', '', true);");
        $objResponse->addScript("\$('dialog-control').setStyle('display', 'block');");
        return $objResponse;
    }
    $objResponse->addScript("SwapPane(0);");
    $objResponse->addScript("\$('dialog-control').setStyle('display', 'block');");
    $objResponse->addScript("\$('dialog-placement').setStyle('display', 'none');");
    return $objResponse;
}
Ejemplo n.º 22
0
 /**
  * Logout Funktionalität
  *
  * @access public
  * @author prodigy
  * @since 31.12.2008
  * @version 0.1a
  */
 public function LogOut()
 {
     $objR = new xajaxResponse();
     session_destroy();
     $objR->redirect('./');
     return $objR;
 }