<?php
// Si on demande le mot de passe pour la config en ligne
if (!isset($_SESSION['adminserv']['check_password']) && !isset($_SESSION['adminserv']['get_password'])) {
// On vérifie qu'une configuration existe, sinon on la créer
if (class_exists('ServerConfig')) {
// Si la configuration contient au moins 1 serveur et qu'il n'est pas l'exemple
if (AdminServServerConfig::hasServer()) {
// Connexion
if (isset($_POST['as_server']) && isset($_POST['as_password']) && isset($_POST['as_adminlevel'])) {
// Récupération des valeurs
$serverName = $_POST['as_server'];
$password = addslashes(htmlspecialchars(trim($_POST['as_password'])));
if (AdminServConfig::MD5_PASSWORD) {
$password = md5($password);
}
$adminLevel = addslashes(htmlspecialchars($_POST['as_adminlevel']));
// Vérification des valeurs
if ($password == null) {
AdminServ::error(Utils::t('Please put a password.'));
} else {
// Sessions & Cookies
$_SESSION['adminserv']['sid'] = AdminServServerConfig::getServerId($serverName);
$_SESSION['adminserv']['name'] = $serverName;
$_SESSION['adminserv']['password'] = $password;
$_SESSION['adminserv']['adminlevel'] = $adminLevel;
Utils::addCookieData('adminserv', array($_SESSION['adminserv']['sid'], $adminLevel), AdminServConfig::COOKIE_EXPIRE);
// Redirection
if ($_SESSION['adminserv']['sid'] != -1 && $_SESSION['adminserv']['name'] != null && $_SESSION['adminserv']['password'] != null && $_SESSION['adminserv']['adminlevel'] != null) {
Utils::redirection();
} else {
/**
* Vérifie si l'ip de l'utilisateur est autorisé dans le niveau admin
*
* @param string $level -> Nom du niveau admin
* @param string $server -> Nom du serveur
* @return bool
*/
public static function userAllowed($levelName, $serverName = null)
{
$out = false;
if ($serverName === null && defined('SERVER_NAME')) {
$serverName = SERVER_NAME;
}
if (AdminServServerConfig::hasServer($serverName)) {
$levelType = self::getType($levelName);
if ($levelType) {
$serverLevelTypeAccess = ServerConfig::$SERVERS[$serverName]['adminlevel'][$levelType];
if (is_array($serverLevelTypeAccess)) {
if (in_array($_SERVER['REMOTE_ADDR'], $serverLevelTypeAccess)) {
$out = true;
}
} else {
if ($serverLevelTypeAccess === 'all') {
$out = true;
} elseif ($serverLevelTypeAccess === 'none') {
$out = false;
} else {
$out = Utils::isLocalhostIP();
}
}
}
}
return $out;
}
/**
* Récupère la liste des serveurs configurés
*
* @return string
*/
public static function getServerList()
{
$out = null;
if (class_exists('ServerConfig') && AdminServServerConfig::hasServer()) {
if (isset($_GET['server']) && $_GET['server'] != null) {
$currentServerId = intval($_GET['server']);
} else {
$currentServerId = Utils::readCookieData('adminserv', 0);
}
foreach (ServerConfig::$SERVERS as $server => $values) {
$selected = AdminServServerConfig::getServerId($server) == $currentServerId ? ' selected="selected"' : null;
$out .= '<option value="' . $server . '"' . $selected . '>' . $server . '</option>';
}
} else {
$out = '<option value="null">' . Utils::t('No server available') . '</option>';
}
return $out;
}
session_unset();
session_destroy();
session_start();
// Demande de password
$_SESSION['adminserv']['check_password'] = true;
Utils::redirection(false, '..');
}
}
}
// Redirection vers les pages
if ($allowRedirect) {
session_unset();
session_destroy();
session_start();
$_SESSION['adminserv']['allow_config_servers'] = true;
if (OnlineConfig::ADD_ONLY === true || AdminServServerConfig::hasServer() === false) {
Utils::redirection(false, '../?p=config-addserver');
} else {
Utils::redirection(false, '../?p=config-servers');
}
} else {
AdminServ::error(Utils::t('You are not allowed to configure the servers'));
Utils::redirection(false, '..');
}
} else {
if (isset($_POST['configsavepassword'])) {
$password = md5($_POST['savePassword']);
if (($result = AdminServServerConfig::savePasswordConfig('./adminserv.cfg.php', $password)) !== true) {
AdminServ::error(Utils::t('Unable to save password.') . ' (' . $result . ')');
Utils::redirection(false, '..');
} else {
?>
<li class="accesslink"><a tabindex="7" class="button light" href="<?php
echo AdminServ::getProtocolLink('#spectate=' . SERVER_LOGIN);
?>
"><?php
echo Utils::t('Access relay');
?>
</a></li>
<?php
} else {
?>
<li class="accesslink"><a tabindex="8" class="button light" href="<?php
echo AdminServ::getProtocolLink('#join=' . SERVER_LOGIN);
?>
"><?php
echo Utils::t('Access server');
?>
</a></li>
<?php
}
?>
<?php
}
?>
<?php
if (AdminServPlugin::hasPlugin() && AdminServAdminLevel::hasAccess('plugins_list')) {
?>
<li><a tabindex="9" class="button light<?php
if (USER_PAGE == 'plugins-list' || USER_PLUGIN) {
echo ' active';
}
