function Load_Configs() { chdir(dirname(__FILE__) . "/.."); // chdir(".."); // echo "CWD: ".getcwd()."<BR>"; $config_database_file_path = "config/config_database.php"; $config_settings_file_path = "config/config_settings.php"; $copy_stx = array_key_exists('copy_stx', $_POST) ? $_POST['copy_stx'] : NULL; $read_config_database_ok = read_ini_file($config_database_file_path, $GLOBALS['config_db']); if ($read_config_database_ok === 1) { //$config_success .= "DATABASE CONFIG READ OK<BR>"; // Create abbreviated variables for cleaner & easier code // 'config_db's variable names are generated by the config files, which are intended to be easy for the end user to understand $GLOBALS['db']['s_host'] = $GLOBALS['config_db']['db_source']['host']; $GLOBALS['db']['s_base'] = $GLOBALS['config_db']['db_source']['base']; $GLOBALS['db']['s_user'] = $GLOBALS['config_db']['db_source']['user']; $GLOBALS['db']['s_pass'] = $GLOBALS['config_db']['db_source']['pass']; $GLOBALS['db']['s_prefix'] = $GLOBALS['config_db']['db_source']['prefix']; $GLOBALS['db']['table_players'] = "`" . DB_Type_PlayersTable($GLOBALS['config_db']['db_config']['db_module_type']) . "`"; $GLOBALS['db']['x_host'] = $GLOBALS['config_db']['db_xray']['host']; $GLOBALS['db']['x_base'] = $GLOBALS['config_db']['db_xray']['base']; $GLOBALS['db']['x_user'] = $GLOBALS['config_db']['db_xray']['user']; $GLOBALS['db']['x_pass'] = $GLOBALS['config_db']['db_xray']['pass']; $GLOBALS['db']['x_prefix'] = $GLOBALS['config_db']['db_xray']['prefix']; $GLOBALS['db']['same'] = FixInput_Bool($GLOBALS['config_db']['db_config']['db_use_same']); $GLOBALS['db']['type'] = $GLOBALS['config_db']['db_config']['db_module_type']; $GLOBALS['db']['players'] = $GLOBALS['db']['s_prefix'] . DB_Type_PlayersTable($GLOBALS['db']['type']); } else { $show_process = true; echo "ERROR: Could not load database config file.<BR>({$config_database_file_path})<BR>"; } $read_config_settings_ok = read_ini_file($config_settings_file_path, $GLOBALS['config_settings']); $GLOBALS['config'] = $GLOBALS['config_settings']; if ($read_config_settings_ok === 1) { $GLOBALS['config']['settings']['first_setup'] = FixOutput_Bool($GLOBALS['config_settings']['settings']['first_setup'], true, false, true); } else { $show_process = true; echo "ERROR: Could not load settings config file.<BR>({$config_settings_file_path})<BR>"; } $db1_ok = Check_DB_Exists(true, $GLOBALS['db']['type'], $GLOBALS['db']['s_host'], $GLOBALS['db']['s_base'], $GLOBALS['db']['s_user'], $GLOBALS['db']['s_pass'], $GLOBALS['db']['s_prefix']); if (!$db1_ok) { echo "ERROR: There was an error validating the Source Database: [" . $GLOBALS['db']['s_base'] . "]<BR>"; } if ($copy_stx) { $db2_ok = Check_DB_Exists(false, "", $GLOBALS['db']['x_host'], $GLOBALS['db']['x_base'], $GLOBALS['db']['x_user'], $GLOBALS['db']['x_pass'], $GLOBALS['db']['x_prefix']); if (!$db2_ok) { echo "ERROR: There was an error validating the X-Ray Database: [" . $GLOBALS['db']['x_base'] . "]<BR>"; } } else { $db2_ok = $db1_ok; $GLOBALS['db']['x_host'] = $GLOBALS['db']['s_host']; $GLOBALS['db']['x_base'] = $GLOBALS['db']['s_base']; $GLOBALS['db']['x_user'] = $GLOBALS['db']['s_user']; $GLOBALS['db']['x_pass'] = $GLOBALS['db']['s_pass']; $GLOBALS['db']['x_prefix'] = $GLOBALS['db']['s_prefix']; } return $read_config_database_ok && $read_config_settings_ok && $db1_ok && $db2_ok; }
function Do_Auth($ip_only = false) { //echo "FIRST SETUP (Config): " . FixOutput_Bool($GLOBALS['config_settings']['settings']['first_setup'], "YES", "NO", "UNDEFINED") . "<BR>"; // Force IP to match Failsafe IPs list if running setup for first time if (FixOutput_Bool($GLOBALS['config_settings']['settings']['first_setup'], true, false, true)) { session_unset(); session_start(); $_SESSION['first_setup'] = true; $ip_only = true; } else { if (!isset($_SESSION)) { session_start(); } $_SESSION['first_setup'] = false; } // Initialize variables if (count($_GET) > 0) { $_POST = $_GET; } if (!isset($_POST['form'])) { $_POST['form'] = ""; } if (!isset($_POST['submit'])) { $_POST['submit'] = ""; } $IP_Users_list = array(); $login_error = ""; $logout_success = ""; $_SESSION['auth_is_valid'] = false; $_SESSION['first_setup'] = FixOutput_Bool($GLOBALS['config_settings']['settings']['first_setup'], true, false, true); if (!$ip_only) { //echo "IP-Only Authentication is OFF.<BR>"; if ($_SESSION['auth_is_valid'] == true) { /* echo "You are logged in!<br>"; echo "User ID: " . $_SESSION['viewer_id'] . "<br>"; echo "User Name: " . $_SESSION['viewer_name'] . "<br>"; echo "Password: "******"<br>"; */ } else { Use_DB("source"); //mysql_select_db($GLOBALS['db']['db_source']['base'], $GLOBALS['db']['s_resource']); $query_IP_Users = sprintf("SELECT * FROM `" . DB_Type_PlayersTable($GLOBALS['db']['type']) . "` WHERE ip LIKE %s ORDER BY playername ASC", GetSQLValueString("%" . $_SERVER['REMOTE_ADDR'] . "%", "text")); //echo "SQL[query_IP_Users]: <BR>". $query_IP_Users. "<BR>"; $res_IP_Users = mysql_query($query_IP_Users, $GLOBALS['db']['s_resource']) or die(mysql_error()); $totalRows_IP_Users = mysql_num_rows($res_IP_Users); // VALIDATE IP $ip_valid = false; if ($totalRows_IP_Users > 0) { while (($IP_Users_list[] = mysql_fetch_assoc($res_IP_Users)) || array_pop($IP_Users_list)) { } } else { //echo "WARNING: There are no known users with your IP.<BR>"; } if ($_POST['form'] == "loginform") { //echo "Login form detected...<BR>"; if ($GLOBALS['config_settings']['auth']['mode'] == "username") { // VALIDATE IP $ip_valid = false; if ($totalRows_IP_Users > 0) { //$playerid = $IP_Users_list[0]["playerid"]; $auth_allow_guest_users = FixInput_Bool($auth_allow_guest_users); $auth_admin_usernames_exploded = explode(",", $GLOBALS['config']['auth']['admin_usernames']); foreach ($auth_admin_usernames_exploded as &$input_fix_item) { $input_fix_item = trim($input_fix_item); } $auth_mod_usernames_exploded = explode(",", $GLOBALS['config']['auth']['mod_usernames']); foreach ($auth_mod_usernames_exploded as &$input_fix_item) { $input_fix_item = trim($input_fix_item); } $auth_user_usernames_exploded = explode(",", $GLOBALS['config']['auth']['user_usernames']); foreach ($auth_user_usernames_exploded as &$input_fix_item) { $input_fix_item = trim($input_fix_item); } //echo "AUTH_ADMIN_USERNAMES: "; print_r($auth_admin_usernames_exploded); echo "<BR>"; //echo "AUTH_MOD_USERNAMES: "; print_r($auth_mod_usernames_exploded); echo "<BR>"; //echo "AUTH_USER_USERNAMES: "; print_r($auth_user_usernames_exploded); echo "<BR>"; foreach ($IP_Users_list as $auth_test_item) { $ip_valid = true; if ($auth_test_item["playername"] == $_GET['my_username']) { foreach ($auth_admin_usernames_exploded as $admin_name_item) { if (!strnatcasecmp($admin_name_item, $auth_test_item["playername"])) { //echo "AUTH: VALID ADMINISTRATOR!<BR>"; $_SESSION["auth_admin"] = true; $_SESSION["auth_level"] = "Administrator"; break; $_SESSION["auth_username"] = $auth_test_item["playername"]; } } foreach ($auth_mod_usernames_exploded as $mod_name_item) { if (!strnatcasecmp($mod_name_item, $auth_test_item["playername"])) { //echo "AUTH: VALID MODERATOR!<BR>"; $_SESSION["auth_mod"] = true; $_SESSION["auth_level"] = "Moderator"; break; } } foreach ($auth_user_usernames_exploded as $user_name_item) { if (!strnatcasecmp($user_name_item, $auth_test_item["playername"])) { //echo "AUTH: VALID USER!<BR>"; $_SESSION["auth_user"] = true; $_SESSION["auth_level"] = "User"; break; } } if ($_SESSION["auth_admin"] || $_SESSION["auth_mod"] || $_SESSION["auth_user"]) { $_SESSION["auth_type"] = $GLOBALS['config_settings']['auth']['mode']; $_SESSION["account"] = $auth_test_item; $_SESSION['auth_is_valid'] = true; } } } } else { $login_error .= "ERROR: You do not have access to this page!<br>"; $_SESSION['auth_is_valid'] = false; } } elseif ($GLOBALS['config_settings']['auth']['mode'] == "password") { if ($_POST['login_password'] == "") { $login_error .= "ERROR: Password cannot be blank!<br>"; } if (!strnatcasecmp($GLOBALS['config']['auth']['admin_password'], $_POST['login_password'])) { //echo "AUTH: VALID ADMINISTRATOR!<BR>"; $_SESSION["auth_admin"] = true; $_SESSION["auth_level"] = "Administrator"; } elseif (!strnatcasecmp($GLOBALS['config']['auth']['mod_password'], $_POST['login_password'])) { //echo "AUTH: VALID MODERATOR!<BR>"; $_SESSION["auth_mod"] = true; $_SESSION["auth_level"] = "Moderator"; } elseif (!strnatcasecmp($GLOBALS['config']['auth']['user_password'], $_POST['login_password'])) { //echo "AUTH: VALID USER!<BR>"; $_SESSION["auth_user"] = true; $_SESSION["auth_level"] = "User"; } if ($_SESSION["auth_admin"] || $_SESSION["auth_mod"] || $_SESSION["auth_user"]) { $_SESSION["auth_type"] = $GLOBALS['config_settings']['auth']['mode']; $_SESSION["account"] = false; $_SESSION['auth_is_valid'] = true; } else { $login_error .= "ERROR: Incorrect password!<br>"; $_SESSION['auth_is_valid'] = false; } } } if ($GLOBALS['config_settings']['auth']['mode'] == "none") { $_SESSION["auth_user"] = true; $_SESSION["auth_level"] = "Administrator"; $_SESSION["auth_username"] = NULL; } } } if (!isset($_SESSION['auth_is_valid']) || !$_SESSION['auth_is_valid'] || $ip_only) { $auth_failsafe_ips_exploded = explode(",", $GLOBALS['config']['auth']['failsafe_ips']); foreach ($auth_failsafe_ips_exploded as &$input_fix_item) { $input_fix_item = trim($input_fix_item); } array_push($auth_failsafe_ips_exploded, "127.0.0.1", "::1"); //echo "FAILSAFE_IPS: "; print_r($auth_failsafe_ips_exploded); echo "<BR>"; foreach ($auth_failsafe_ips_exploded as $auth_test_item) { if ($_SERVER['REMOTE_ADDR'] == $auth_test_item) { $_SESSION["auth_admin"] = true; $_SESSION["auth_level"] = "Administrator"; $_SESSION["auth_type"] = "ip"; $_SESSION["account"] = false; $_SESSION['auth_is_valid'] = true; break; } } } if ($_POST['form'] == "logoutform" && $_POST['Submit'] == "Logout") { session_unset(); $logout_success .= "You have been logged off successfully.<br>"; $_SESSION['auth_is_valid'] = false; $_SESSION['first_setup'] = FixOutput_Bool($GLOBALS['config_settings']['settings']['first_setup'], true, false, true); $_SESSION['IP_Users_List'] = $IP_Users_list; } $GLOBALS['auth']['IP_Users_list'] = $IP_Users_list; //echo "FIRST SETUP (Session - Final): " . FixOutput_Bool($_SESSION['first_setup'], "YES", "NO", "UNDEFINED") . "<BR>"; //echo "AUTH VALID (Session - Final): " . FixOutput_Bool($_SESSION['auth_is_valid'], "YES", "NO", "UNDEFINED") . "<BR>"; return array("valid_ips" => $IP_Users_list, "login_error" => $login_error, "logout_success" => $logout_success); }