Example #1
0
<?php

include dirname(dirname(dirname(__FILE__))) . '/common/config.php';
include 'apishared.php';
$db = getsql();
define('USERNAME_MAX_LENGTH', 20);
define('PASSWORD_MAX_LENGTH', 70);
$call = api_checkarg_post('fn');
if ($call == 'register') {
    $username = $db->real_escape_string(api_checkarg_post_required('username', 'Username'));
    if (preg_match('/[^a-zA-Z0-9_]+/', $username)) {
        api_error(SN_API_CALL_BAD_PARAMETER, 'Username contains invalid characters.');
    }
    $qUserExists = $db->query(sprintf("SELECT `id` FROM `users` WHERE `username`='%s'", $username));
    if ($qUserExists->num_rows > 0) {
        api_error(SN_USER_ALREADY_EXISTS, "Account {$username} already exists.");
    }
    $password = api_checkarg_post_required('password', 'Password');
    $email = $db->real_escape_string(api_checkarg_post_required('email', 'E-mail'));
    if (strlen($username) > USERNAME_MAX_LENGTH) {
        api_error(SN_USERNAME_TOO_LONG, sprintf('Username "%s" is too long. The maximum length is %d characters. Pick a new name or trim your current one by %d characters.', $username, USERNAME_MAX_LENGTH, strlen($username) - USERNAME_MAX_LENGTH));
    }
    if (strlen($password) > PASSWORD_MAX_LENGTH) {
        api_error(SN_PASSWORD_TOO_LONG, sprintf('Your password is too long. The maximum length is %d characters.', PASSWORD_MAX_LENGTH));
    }
    $password_hashed = password_hash($password, PASSWORD_BCRYPT, array('cost' => 14));
    $db->query(sprintf("INSERT INTO `users` (username, password, email, serverlimit) VALUES ('%s', '%s', '%s', %d)", $username, $password_hashed, $email, disciple_json()->serverlimit));
    echo 1;
}
Example #2
0
<?php

include dirname(dirname(dirname(__FILE__))) . '/common/config.php';
include dirname(dirname(dirname(__FILE__))) . '/common/server.php';
include dirname(dirname(dirname(__FILE__))) . '/common/session.php';
include 'apishared.php';
$call = api_checkarg_post('fn');
$db = getsql();
if ($call == 'create') {
    $binary = $db->real_escape_string(api_checkarg_post_required('binary', 'Zandronum version'));
    $hostname = $db->real_escape_string(api_checkarg_post_required('hostname', 'Host name'));
    $iwad = $db->real_escape_string(api_checkarg_post_required('iwad', 'IWAD'));
    $gamemode = $db->real_escape_string(api_checkarg_post_required('gamemode', 'Game mode'));
    $instagib = $db->real_escape_string(api_checkarg_post_required('instagib', 'Instagib') == 'true');
    $buckshot = $db->real_escape_string(api_checkarg_post_required('buckshot', 'Buckshot') == 'true');
    $stdata = $db->real_escape_string(api_checkarg_post_required('stdata', 'Skulltag data') == 'true');
    $skill = intval(api_checkarg_post('skill', 0));
    $dmflags = intval(api_checkarg_post('dmflags', 0));
    $dmflags2 = intval(api_checkarg_post('dmflags2', 0));
    $zadmflags = intval(api_checkarg_post('zadmflags', 0));
    $compatflags = intval(api_checkarg_post('compatflags', 0));
    $zacompatflags = intval(api_checkarg_post('zacompatflags', 0));
    $wads = api_checkarg_post('wads', array());
    $optwads = api_checkarg_post('optwads', array());
    $binary = disciple_json()->main_binary;
    $iwad = data_dir('/iwads/') . $iwad . '.wad';
    $s = new server($binary, $wads, $optwads, $iwad, $hostname, false, $gamemode, '', $skill, $stdata, $instagib, $buckshot, $dmflags, $dmflags2, $zadmflags, $compatflags, $zacompatflags);
    $s->start();
    echo "1 " . $s->id;
}
Example #3
0
<?php

include 'postcfglock.php';
include dirname(dirname(__FILE__)) . '/api/apishared.php';
include dirname(dirname(__DIR__)) . '/common/config.php';
$site_name = api_checkarg_post_required('site_name', 'Site name');
$site_shortname = api_checkarg_post_required('site_shortname', 'Site short name');
$main_version_binary = api_checkarg_post_required('binary', 'Zandronum server binary location');
$serverlimit = intval(api_checkarg_post_required('serverlimit', 'Server limit'));
$serverdata = api_checkarg_post_required('serverdata', 'Server data location');
$rootuser = api_checkarg_post_required('rootuser', 'Root username');
$rootpass = api_checkarg_post_required('rootpass', 'Root password');
$hostpref = api_checkarg_post_required('hostpref', 'Server hostname prefix');
$out = array('site_name' => $site_name, 'site_shortname' => $site_shortname, 'main_binary' => $main_version_binary, 'serverlimit' => $serverlimit, 'serverdata' => $serverdata, 'hostname_prefix' => $hostpref);
$file = dirname(dirname(dirname(__FILE__))) . '/config/config.json';
$r = file_put_contents($file, json_encode($out));
if ($r === FALSE) {
    api_error(SN_FAILED_FILE_WRITE, sprintf("Failed to write to file %s.", $file));
    exit;
}
$db = new mysqli($disciple_config['mysql_hostname'], $disciple_config['mysql_user'], $disciple_config['mysql_pass'], $disciple_config['mysql_database']);
$db->query(sprintf("INSERT INTO `users` (username, password, serverlimit, activated, imported, userlevel) VALUES ('%s', '%s', 65565, 1, 0, %d)", $db->real_escape_string($rootuser), password_hash($rootpass, PASSWORD_BCRYPT, array('cost' => 14)), UL_OPERATOR));
data_dir('/wads/');
Header("Content-Type: text/plain");
echo 1;
Example #4
0
<?php

include 'apishared.php';
include dirname(dirname(dirname(__FILE__))) . '/common/config.php';
include dirname(dirname(dirname(__FILE__))) . '/common/session.php';
$db = getsql();
$username = $db->real_escape_string(api_checkarg_post_required('user', 'username'));
$password = api_checkarg_post_required('pass', 'password');
$qForUser = $db->query("SELECT * FROM `users` WHERE `username`='" . $username . "'");
if ($qForUser->num_rows < 1) {
    Header("Location: /login?nouser="******"Location: /login?badpass");
    exit;
}
$_SESSION['user'] = $o->username;
$_SESSION['id'] = $o->id;
Header("Location: /");
Example #5
0
include dirname(dirname(__DIR__)) . '/common/config.php';
Header("Content-Type: text/plain");
function db_errcheck(&$db)
{
    if ($db->errno) {
        echo "MySQL Error Occured.\n";
        echo $db->errno . "\n" . $db->error;
        exit;
    }
}
$db = getsql();
$db_host = api_checkarg_post_required('db_host', 'Database hostname');
$db_port = api_checkarg_post_required('db_port', 'Database port');
$db_name = api_checkarg_post_required('db_name', 'Database name');
$db_user = api_checkarg_post_required('db_user', 'Database username');
$db_pass = api_checkarg_post_required('db_pass', 'Database password');
$bb = new mysqli($db_host, $db_user, $db_pass, $db_name, $db_port);
$q = $bb->query("SELECT username, password, activated, level, `server_limit` FROM login");
db_errcheck($bb);
$c = 0;
$db->query("TRUNCATE TABLE `users`");
db_errcheck($db);
while ($i = $q->fetch_object()) {
    //echo $c . "\n";
    $c++;
    $oul = intval($i->level);
    $equivalent = UL_REGISTERED;
    if ($oul == 2 || $oul == 4 || $oul == 15) {
        $equivalent = UL_ADMINISTRATOR;
    } elseif ($oul == 5 || $oul == 16) {
        $equivalent = UL_OPERATOR;