function AddBlock($nickname, $type, $steam, $length, $reason)
{
$objResponse = new xajaxResponse();
global $userbank, $username;
if (!$userbank->HasAccess(ADMIN_OWNER | ADMIN_ADD_BAN)) {
$objResponse->redirect("index.php?p=login&m=no_access", 0);
$log = new CSystemLog("w", "Hacking Attempt", $username . " tried to add a block, but doesnt have access.");
return $objResponse;
}
$steam = trim($steam);
$error = 0;
// If they didnt type a steamid
if (empty($steam)) {
$error++;
$objResponse->addAssign("steam.msg", "innerHTML", "You must type a Steam ID or Community ID");
$objResponse->addScript("\$('steam.msg').setStyle('display', 'block');");
} else {
if (!is_numeric($steam) && !validate_steam($steam) || is_numeric($steam) && (strlen($steam) < 15 || !validate_steam($steam = FriendIDToSteamID($steam)))) {
$error++;
$objResponse->addAssign("steam.msg", "innerHTML", "Please enter a valid Steam ID or Community ID");
$objResponse->addScript("\$('steam.msg').setStyle('display', 'block');");
} else {
$objResponse->addAssign("steam.msg", "innerHTML", "");
$objResponse->addScript("\$('steam.msg').setStyle('display', 'none');");
}
}
if ($error > 0) {
return $objResponse;
}
$nickname = RemoveCode($nickname);
$reason = RemoveCode($reason);
if (!$length) {
$len = 0;
} else {
$len = $length * 60;
}
// prune any old bans
PruneComms();
$typeW = "";
switch ((int) $type) {
case 1:
$typeW = "type = 1";
break;
case 2:
$typeW = "type = 2";
break;
case 3:
$typeW = "(type = 1 OR type = 2)";
break;
default:
$typeW = "";
break;
}
// Check if the new steamid is already banned
$chk = $GLOBALS['db']->GetRow("SELECT count(bid) AS count FROM " . DB_PREFIX . "_comms WHERE authid = ? AND (length = 0 OR ends > UNIX_TIMESTAMP()) AND RemovedBy IS NULL AND " . $typeW, array($steam));
if (intval($chk[0]) > 0) {
$objResponse->addScript("ShowBox('Error', 'SteamID: {$steam} is already blocked.', 'red', '');");
return $objResponse;
}
// Check if player is immune
$admchk = $userbank->GetAllAdmins();
foreach ($admchk as $admin) {
if ($admin['authid'] == $steam && $userbank->GetProperty('srv_immunity') < $admin['srv_immunity']) {
$objResponse->addScript("ShowBox('Error', 'SteamID: Admin " . $admin['user'] . " ({$steam}) is immune.', 'red', '');");
return $objResponse;
}
}
if ((int) $type == 1 || (int) $type == 3) {
$pre = $GLOBALS['db']->Prepare("INSERT INTO " . DB_PREFIX . "_comms(created,type,authid,name,ends,length,reason,aid,adminIp ) VALUES\r\n\t\t\t\t\t\t\t\t\t (UNIX_TIMESTAMP(),1,?,?,(UNIX_TIMESTAMP() + ?),?,?,?,?)");
$GLOBALS['db']->Execute($pre, array($steam, $nickname, $length * 60, $len, $reason, $userbank->GetAid(), $_SERVER['REMOTE_ADDR']));
}
if ((int) $type == 2 || (int) $type == 3) {
$pre = $GLOBALS['db']->Prepare("INSERT INTO " . DB_PREFIX . "_comms(created,type,authid,name,ends,length,reason,aid,adminIp ) VALUES\r\n\t\t\t\t\t\t\t\t\t (UNIX_TIMESTAMP(),2,?,?,(UNIX_TIMESTAMP() + ?),?,?,?,?)");
$GLOBALS['db']->Execute($pre, array($steam, $nickname, $length * 60, $len, $reason, $userbank->GetAid(), $_SERVER['REMOTE_ADDR']));
}
$objResponse->addScript("ShowBlockBox('" . $steam . "', '" . (int) $type . "', '" . (int) $len . "');");
$objResponse->addScript("TabToReload();");
$log = new CSystemLog("m", "Block Added", "Block against (" . $steam . ") has been added, reason: {$reason}, length: {$length}", true, $kickit);
return $objResponse;
}
function BanFriends($friendid, $name)
{
set_time_limit(0);
$objResponse = new xajaxResponse();
if ($GLOBALS['config']['config.enablefriendsbanning'] == 0 || !is_numeric($friendid)) {
return $objResponse;
}
global $userbank, $username;
if (!$userbank->HasAccess(ADMIN_OWNER | ADMIN_ADD_BAN)) {
$objResponse->redirect("index.php?p=login&m=no_access", 0);
$log = new CSystemLog("w", "Ошибка доступа", $username . " пытался забанить друга '" . RemoveCode($friendid) . "', не имея на это прав.");
return $objResponse;
}
$bans = $GLOBALS['db']->GetAll("SELECT CAST(MID(authid, 9, 1) AS UNSIGNED) + CAST('76561197960265728' AS UNSIGNED) + CAST(MID(authid, 11, 10) * 2 AS UNSIGNED) AS community_id FROM " . DB_PREFIX . "_bans WHERE RemoveType IS NULL;");
foreach ($bans as $ban) {
$already[] = $ban["community_id"];
}
$doc = new DOMDocument();
$result = get_headers("http://steamcommunity.com/profiles/" . $friendid . "/", 1);
$raw = file_get_contents(($result["Location"] != "" ? $result["Location"] : "http://steamcommunity.com/profiles/" . $friendid . "/") . "friends");
// get the friends page
@$doc->loadHTML($raw);
$divs = $doc->getElementsByTagName('div');
foreach ($divs as $div) {
if ($div->getAttribute('id') == "memberList") {
$memberdiv = $div;
break;
}
}
$total = 0;
$bannedbefore = 0;
$error = 0;
$links = $memberdiv->getElementsByTagName('a');
foreach ($links as $link) {
if ((strstr($link->getAttribute('href'), "http://steamcommunity.com/id/") || strstr($link->getAttribute('href'), "http://steamcommunity.com/profiles/")) && $link->childNodes->item(0)->nodeValue != "") {
$total++;
$url = parse_url($link->getAttribute('href'), PHP_URL_PATH);
$url = explode("/", $url);
if (in_array($url[2], $already)) {
$bannedbefore++;
continue;
}
if (strstr($link->getAttribute('href'), "http://steamcommunity.com/id/")) {
// we don't have the friendid as this player is using a custom id :S need to get the friendid
if ($tfriend = GetFriendIDFromCommunityID($url[2])) {
if (in_array($tfriend, $already)) {
$bannedbefore++;
continue;
}
$cust = $url[2];
$steamid = FriendIDToSteamID($tfriend);
$urltag = $tfriend;
} else {
$error++;
continue;
}
} else {
// just a normal friendid profile =)
$cust = NULL;
$steamid = FriendIDToSteamID($url[2]);
$urltag = $url[2];
}
$pre = $GLOBALS['db']->Prepare("INSERT INTO " . DB_PREFIX . "_bans(created,type,ip,authid,name,ends,length,reason,aid,adminIp ) VALUES\r\n\t\t\t\t\t\t\t\t\t(UNIX_TIMESTAMP(),?,?,?,?,UNIX_TIMESTAMP(),?,?,?,?)");
$GLOBALS['db']->Execute($pre, array(0, "", $steamid, utf8_decode($link->childNodes->item(0)->nodeValue), 0, "Бан друга Steam Commynity (" . htmlspecialchars($name) . ")", $userbank->GetAid(), $_SERVER['REMOTE_ADDR']));
}
}
if ($total == 0) {
$objResponse->addScript("ShowBox('Ошибка выборки друзей', 'Ошибка выборки друзей из профиля STEAM. Возможно его профиль скрыт, или у него нет друзей!', 'red', 'index.php?p=banlist', true);");
$objResponse->addScript("\$('dialog-control').setStyle('display', 'block');");
return $objResponse;
}
$objResponse->addScript("ShowBox('Дрзья были забанены', 'Забанено " . ($total - $bannedbefore - $error) . " из " . $total . " друзей у \\'" . htmlspecialchars($name) . "\\'.<br>" . $bannedbefore . " были забанены до этого.<br>" . $error . " ошибок.', 'green', 'index.php?p=banlist', true);");
$objResponse->addScript("\$('dialog-control').setStyle('display', 'block');");
$log = new CSystemLog("m", "Друзья забанены", "Забанено " . ($total - $bannedbefore - $error) . " из " . $total . " друзей у \\'" . htmlspecialchars($name) . "\\'.<br>" . $bannedbefore . " были забанены до этого.<br>" . $error . " ошибок.");
return $objResponse;
}
function BanFriends($friendid, $name)
{
set_time_limit(0);
$objResponse = new xajaxResponse();
if ($GLOBALS['config']['config.enablefriendsbanning'] == 0 || !is_numeric($friendid)) {
return $objResponse;
}
global $userbank, $username;
if (!$userbank->HasAccess(ADMIN_OWNER | ADMIN_ADD_BAN)) {
$objResponse->redirect("index.php?p=login&m=no_access", 0);
$log = new CSystemLog("w", "Hacking Attempt", $username . " tried to ban friends of '" . RemoveCode($friendid) . "', but doesnt have access.");
return $objResponse;
}
$bans = $GLOBALS['db']->GetAll("SELECT CAST(MID(authid, 9, 1) AS UNSIGNED) + CAST('76561197960265728' AS UNSIGNED) + CAST(MID(authid, 11, 10) * 2 AS UNSIGNED) AS community_id FROM " . DB_PREFIX . "_bans WHERE RemoveType IS NULL;");
foreach ($bans as $ban) {
$already[] = $ban["community_id"];
}
$doc = new DOMDocument();
$result = get_headers("http://steamcommunity.com/profiles/" . $friendid . "/", 1);
$raw = file_get_contents(($result["Location"] != "" ? $result["Location"] : "http://steamcommunity.com/profiles/" . $friendid . "/") . "friends");
// get the friends page
@$doc->loadHTML($raw);
$divs = $doc->getElementsByTagName('div');
foreach ($divs as $div) {
if ($div->getAttribute('id') == "memberList") {
$memberdiv = $div;
break;
}
}
$total = 0;
$bannedbefore = 0;
$error = 0;
$links = $memberdiv->getElementsByTagName('a');
foreach ($links as $link) {
if (strstr($link->getAttribute('href'), "http://steamcommunity.com/id/") || strstr($link->getAttribute('href'), "http://steamcommunity.com/profiles/")) {
$total++;
$url = parse_url($link->getAttribute('href'), PHP_URL_PATH);
$url = explode("/", $url);
if (in_array($url[2], $already)) {
$bannedbefore++;
continue;
}
if (strstr($link->getAttribute('href'), "http://steamcommunity.com/id/")) {
// we don't have the friendid as this player is using a custom id :S need to get the friendid
if ($tfriend = GetFriendIDFromCommunityID($url[2])) {
if (in_array($tfriend, $already)) {
$bannedbefore++;
continue;
}
$cust = $url[2];
$steamid = FriendIDToSteamID($tfriend);
$urltag = $tfriend;
} else {
$error++;
continue;
}
} else {
// just a normal friendid profile =)
$cust = NULL;
$steamid = FriendIDToSteamID($url[2]);
$urltag = $url[2];
}
// get the name
$friendName = $link->parentNode->childNodes->item(5)->childNodes->item(0)->nodeValue;
$friendName = str_replace(" ", "", $friendName);
$friendName = trim($friendName);
$pre = $GLOBALS['db']->Prepare("INSERT INTO " . DB_PREFIX . "_bans(created,type,ip,authid,name,ends,length,reason,aid,adminIp ) VALUES\r\n\t\t\t\t\t\t\t\t\t(UNIX_TIMESTAMP(),?,?,?,?,UNIX_TIMESTAMP(),?,?,?,?)");
$GLOBALS['db']->Execute($pre, array(0, "", $steamid, utf8_decode($friendName), 0, "Steam Community Friend Ban (" . htmlspecialchars($name) . ")", $userbank->GetAid(), $_SERVER['REMOTE_ADDR']));
}
}
if ($total == 0) {
$objResponse->addScript("ShowBox('Error retrieving friends', 'There was an error retrieving the friend list. Check if the profile isn\\'t private or if he hasn\\'t got any friends!', 'red', 'index.php?p=banlist', true);");
$objResponse->addScript("\$('dialog-control').setStyle('display', 'block');");
return $objResponse;
}
$objResponse->addScript("ShowBox('Friends banned successfully', 'Banned " . ($total - $bannedbefore - $error) . "/" . $total . " friends of \\'" . htmlspecialchars($name) . "\\'.<br>" . $bannedbefore . " were banned already.<br>" . $error . " failed.', 'green', 'index.php?p=banlist', true);");
$objResponse->addScript("\$('dialog-control').setStyle('display', 'block');");
$log = new CSystemLog("m", "Friends Banned", "Banned " . ($total - $bannedbefore - $error) . "/" . $total . " friends of \\'" . htmlspecialchars($name) . "\\'.<br>" . $bannedbefore . " were banned already.<br>" . $error . " failed.");
return $objResponse;
}
PageDie();
}
isset($_GET["page"]) ? $pagelink = "&page=" . $_GET["page"] : ($pagelink = "");
$errorScript = "";
if (isset($_POST['name'])) {
$_POST['steam'] = trim($_POST['steam']);
$_POST['type'] = (int) $_POST['type'];
// Form Validation
$error = 0;
// If they didn't type a steamid
if (empty($_POST['steam'])) {
$error++;
$errorScript .= "\$('steam.msg').innerHTML = 'You must type a Steam ID or Community ID';";
$errorScript .= "\$('steam.msg').setStyle('display', 'block');";
} else {
if (!is_numeric($_POST['steam']) && !validate_steam($_POST['steam']) || is_numeric($_POST['steam']) && (strlen($_POST['steam']) < 15 || !validate_steam($_POST['steam'] = FriendIDToSteamID($_POST['steam'])))) {
$error++;
$errorScript .= "\$('steam.msg').innerHTML = 'Please enter a valid Steam ID or Community ID';";
$errorScript .= "\$('steam.msg').setStyle('display', 'block');";
}
}
// Didn't type a custom reason
if ($_POST['listReason'] == "other" && empty($_POST['txtReason'])) {
$error++;
$errorScript .= "\$('reason.msg').innerHTML = 'You must type a reason';";
$errorScript .= "\$('reason.msg').setStyle('display', 'block');";
}
// prune any old bans
PruneComms();
if ($error == 0) {
// Check if the new steamid is already banned
} else {
if ($a_name != $userbank->GetProperty('user', $_GET['id']) && is_taken("admins", "user", $a_name)) {
$error++;
$errorScript .= "\$('adminname.msg').innerHTML = 'An admin with this name already exists.';";
$errorScript .= "\$('adminname.msg').setStyle('display', 'block');";
}
}
}
// If they didnt type a steamid
if (empty($a_steam) || strlen($a_steam) < 10) {
$error++;
$errorScript .= "\$('steam.msg').innerHTML = 'You must type a Steam ID or Community ID for the admin.';";
$errorScript .= "\$('steam.msg').setStyle('display', 'block');";
} else {
// Validate the steamid or fetch it from the community id
if (!is_numeric($a_steam) && !validate_steam($a_steam) || is_numeric($a_steam) && (strlen($a_steam) < 15 || !validate_steam($a_steam = FriendIDToSteamID($a_steam)))) {
$error++;
$errorScript .= "\$('steam.msg').innerHTML = 'Please enter a valid Steam ID or Community ID.';";
$errorScript .= "\$('steam.msg').setStyle('display', 'block');";
} else {
// Is an other admin already registred with that steam id?
if ($a_steam != $userbank->GetProperty('authid', $_GET['id']) && is_taken("admins", "authid", $a_steam)) {
$admins = $userbank->GetAllAdmins();
foreach ($admins as $admin) {
if ($admin['authid'] == $a_steam) {
$name = $admin['user'];
break;
}
}
$error++;
$errorScript .= "\$('steam.msg').innerHTML = 'Admin " . htmlspecialchars(addslashes($name)) . " already uses this Steam ID.';";
