<?php include dirname(dirname(dirname(__FILE__))) . '/common/config.php'; include 'apishared.php'; $db = getsql(); define('USERNAME_MAX_LENGTH', 20); define('PASSWORD_MAX_LENGTH', 70); $call = api_checkarg_post('fn'); if ($call == 'register') { $username = $db->real_escape_string(api_checkarg_post_required('username', 'Username')); if (preg_match('/[^a-zA-Z0-9_]+/', $username)) { api_error(SN_API_CALL_BAD_PARAMETER, 'Username contains invalid characters.'); } $qUserExists = $db->query(sprintf("SELECT `id` FROM `users` WHERE `username`='%s'", $username)); if ($qUserExists->num_rows > 0) { api_error(SN_USER_ALREADY_EXISTS, "Account {$username} already exists."); } $password = api_checkarg_post_required('password', 'Password'); $email = $db->real_escape_string(api_checkarg_post_required('email', 'E-mail')); if (strlen($username) > USERNAME_MAX_LENGTH) { api_error(SN_USERNAME_TOO_LONG, sprintf('Username "%s" is too long. The maximum length is %d characters. Pick a new name or trim your current one by %d characters.', $username, USERNAME_MAX_LENGTH, strlen($username) - USERNAME_MAX_LENGTH)); } if (strlen($password) > PASSWORD_MAX_LENGTH) { api_error(SN_PASSWORD_TOO_LONG, sprintf('Your password is too long. The maximum length is %d characters.', PASSWORD_MAX_LENGTH)); } $password_hashed = password_hash($password, PASSWORD_BCRYPT, array('cost' => 14)); $db->query(sprintf("INSERT INTO `users` (username, password, email, serverlimit) VALUES ('%s', '%s', '%s', %d)", $username, $password_hashed, $email, disciple_json()->serverlimit)); echo 1; }
<?php include dirname(dirname(dirname(__FILE__))) . '/common/config.php'; include dirname(dirname(dirname(__FILE__))) . '/common/server.php'; include dirname(dirname(dirname(__FILE__))) . '/common/session.php'; include 'apishared.php'; $call = api_checkarg_post('fn'); $db = getsql(); if ($call == 'create') { $binary = $db->real_escape_string(api_checkarg_post_required('binary', 'Zandronum version')); $hostname = $db->real_escape_string(api_checkarg_post_required('hostname', 'Host name')); $iwad = $db->real_escape_string(api_checkarg_post_required('iwad', 'IWAD')); $gamemode = $db->real_escape_string(api_checkarg_post_required('gamemode', 'Game mode')); $instagib = $db->real_escape_string(api_checkarg_post_required('instagib', 'Instagib') == 'true'); $buckshot = $db->real_escape_string(api_checkarg_post_required('buckshot', 'Buckshot') == 'true'); $stdata = $db->real_escape_string(api_checkarg_post_required('stdata', 'Skulltag data') == 'true'); $skill = intval(api_checkarg_post('skill', 0)); $dmflags = intval(api_checkarg_post('dmflags', 0)); $dmflags2 = intval(api_checkarg_post('dmflags2', 0)); $zadmflags = intval(api_checkarg_post('zadmflags', 0)); $compatflags = intval(api_checkarg_post('compatflags', 0)); $zacompatflags = intval(api_checkarg_post('zacompatflags', 0)); $wads = api_checkarg_post('wads', array()); $optwads = api_checkarg_post('optwads', array()); $binary = disciple_json()->main_binary; $iwad = data_dir('/iwads/') . $iwad . '.wad'; $s = new server($binary, $wads, $optwads, $iwad, $hostname, false, $gamemode, '', $skill, $stdata, $instagib, $buckshot, $dmflags, $dmflags2, $zadmflags, $compatflags, $zacompatflags); $s->start(); echo "1 " . $s->id; }
<?php include 'postcfglock.php'; include dirname(dirname(__FILE__)) . '/api/apishared.php'; include dirname(dirname(__DIR__)) . '/common/config.php'; $site_name = api_checkarg_post_required('site_name', 'Site name'); $site_shortname = api_checkarg_post_required('site_shortname', 'Site short name'); $main_version_binary = api_checkarg_post_required('binary', 'Zandronum server binary location'); $serverlimit = intval(api_checkarg_post_required('serverlimit', 'Server limit')); $serverdata = api_checkarg_post_required('serverdata', 'Server data location'); $rootuser = api_checkarg_post_required('rootuser', 'Root username'); $rootpass = api_checkarg_post_required('rootpass', 'Root password'); $hostpref = api_checkarg_post_required('hostpref', 'Server hostname prefix'); $out = array('site_name' => $site_name, 'site_shortname' => $site_shortname, 'main_binary' => $main_version_binary, 'serverlimit' => $serverlimit, 'serverdata' => $serverdata, 'hostname_prefix' => $hostpref); $file = dirname(dirname(dirname(__FILE__))) . '/config/config.json'; $r = file_put_contents($file, json_encode($out)); if ($r === FALSE) { api_error(SN_FAILED_FILE_WRITE, sprintf("Failed to write to file %s.", $file)); exit; } $db = new mysqli($disciple_config['mysql_hostname'], $disciple_config['mysql_user'], $disciple_config['mysql_pass'], $disciple_config['mysql_database']); $db->query(sprintf("INSERT INTO `users` (username, password, serverlimit, activated, imported, userlevel) VALUES ('%s', '%s', 65565, 1, 0, %d)", $db->real_escape_string($rootuser), password_hash($rootpass, PASSWORD_BCRYPT, array('cost' => 14)), UL_OPERATOR)); data_dir('/wads/'); Header("Content-Type: text/plain"); echo 1;
<?php include 'apishared.php'; include dirname(dirname(dirname(__FILE__))) . '/common/config.php'; include dirname(dirname(dirname(__FILE__))) . '/common/session.php'; $db = getsql(); $username = $db->real_escape_string(api_checkarg_post_required('user', 'username')); $password = api_checkarg_post_required('pass', 'password'); $qForUser = $db->query("SELECT * FROM `users` WHERE `username`='" . $username . "'"); if ($qForUser->num_rows < 1) { Header("Location: /login?nouser="******"Location: /login?badpass"); exit; } $_SESSION['user'] = $o->username; $_SESSION['id'] = $o->id; Header("Location: /");
include dirname(dirname(__DIR__)) . '/common/config.php'; Header("Content-Type: text/plain"); function db_errcheck(&$db) { if ($db->errno) { echo "MySQL Error Occured.\n"; echo $db->errno . "\n" . $db->error; exit; } } $db = getsql(); $db_host = api_checkarg_post_required('db_host', 'Database hostname'); $db_port = api_checkarg_post_required('db_port', 'Database port'); $db_name = api_checkarg_post_required('db_name', 'Database name'); $db_user = api_checkarg_post_required('db_user', 'Database username'); $db_pass = api_checkarg_post_required('db_pass', 'Database password'); $bb = new mysqli($db_host, $db_user, $db_pass, $db_name, $db_port); $q = $bb->query("SELECT username, password, activated, level, `server_limit` FROM login"); db_errcheck($bb); $c = 0; $db->query("TRUNCATE TABLE `users`"); db_errcheck($db); while ($i = $q->fetch_object()) { //echo $c . "\n"; $c++; $oul = intval($i->level); $equivalent = UL_REGISTERED; if ($oul == 2 || $oul == 4 || $oul == 15) { $equivalent = UL_ADMINISTRATOR; } elseif ($oul == 5 || $oul == 16) { $equivalent = UL_OPERATOR;