<?php // Si on demande le mot de passe pour la config en ligne if (!isset($_SESSION['adminserv']['check_password']) && !isset($_SESSION['adminserv']['get_password'])) { // On vérifie qu'une configuration existe, sinon on la créer if (class_exists('ServerConfig')) { // Si la configuration contient au moins 1 serveur et qu'il n'est pas l'exemple if (AdminServServerConfig::hasServer()) { // Connexion if (isset($_POST['as_server']) && isset($_POST['as_password']) && isset($_POST['as_adminlevel'])) { // Récupération des valeurs $serverName = $_POST['as_server']; $password = addslashes(htmlspecialchars(trim($_POST['as_password']))); if (AdminServConfig::MD5_PASSWORD) { $password = md5($password); } $adminLevel = addslashes(htmlspecialchars($_POST['as_adminlevel'])); // Vérification des valeurs if ($password == null) { AdminServ::error(Utils::t('Please put a password.')); } else { // Sessions & Cookies $_SESSION['adminserv']['sid'] = AdminServServerConfig::getServerId($serverName); $_SESSION['adminserv']['name'] = $serverName; $_SESSION['adminserv']['password'] = $password; $_SESSION['adminserv']['adminlevel'] = $adminLevel; Utils::addCookieData('adminserv', array($_SESSION['adminserv']['sid'], $adminLevel), AdminServConfig::COOKIE_EXPIRE); // Redirection if ($_SESSION['adminserv']['sid'] != -1 && $_SESSION['adminserv']['name'] != null && $_SESSION['adminserv']['password'] != null && $_SESSION['adminserv']['adminlevel'] != null) { Utils::redirection(); } else {
/** * Vérifie si l'ip de l'utilisateur est autorisé dans le niveau admin * * @param string $level -> Nom du niveau admin * @param string $server -> Nom du serveur * @return bool */ public static function userAllowed($levelName, $serverName = null) { $out = false; if ($serverName === null && defined('SERVER_NAME')) { $serverName = SERVER_NAME; } if (AdminServServerConfig::hasServer($serverName)) { $levelType = self::getType($levelName); if ($levelType) { $serverLevelTypeAccess = ServerConfig::$SERVERS[$serverName]['adminlevel'][$levelType]; if (is_array($serverLevelTypeAccess)) { if (in_array($_SERVER['REMOTE_ADDR'], $serverLevelTypeAccess)) { $out = true; } } else { if ($serverLevelTypeAccess === 'all') { $out = true; } elseif ($serverLevelTypeAccess === 'none') { $out = false; } else { $out = Utils::isLocalhostIP(); } } } } return $out; }
/** * Récupère la liste des serveurs configurés * * @return string */ public static function getServerList() { $out = null; if (class_exists('ServerConfig') && AdminServServerConfig::hasServer()) { if (isset($_GET['server']) && $_GET['server'] != null) { $currentServerId = intval($_GET['server']); } else { $currentServerId = Utils::readCookieData('adminserv', 0); } foreach (ServerConfig::$SERVERS as $server => $values) { $selected = AdminServServerConfig::getServerId($server) == $currentServerId ? ' selected="selected"' : null; $out .= '<option value="' . $server . '"' . $selected . '>' . $server . '</option>'; } } else { $out = '<option value="null">' . Utils::t('No server available') . '</option>'; } return $out; }
session_unset(); session_destroy(); session_start(); // Demande de password $_SESSION['adminserv']['check_password'] = true; Utils::redirection(false, '..'); } } } // Redirection vers les pages if ($allowRedirect) { session_unset(); session_destroy(); session_start(); $_SESSION['adminserv']['allow_config_servers'] = true; if (OnlineConfig::ADD_ONLY === true || AdminServServerConfig::hasServer() === false) { Utils::redirection(false, '../?p=config-addserver'); } else { Utils::redirection(false, '../?p=config-servers'); } } else { AdminServ::error(Utils::t('You are not allowed to configure the servers')); Utils::redirection(false, '..'); } } else { if (isset($_POST['configsavepassword'])) { $password = md5($_POST['savePassword']); if (($result = AdminServServerConfig::savePasswordConfig('./adminserv.cfg.php', $password)) !== true) { AdminServ::error(Utils::t('Unable to save password.') . ' (' . $result . ')'); Utils::redirection(false, '..'); } else {
?> <li class="accesslink"><a tabindex="7" class="button light" href="<?php echo AdminServ::getProtocolLink('#spectate=' . SERVER_LOGIN); ?> "><?php echo Utils::t('Access relay'); ?> </a></li> <?php } else { ?> <li class="accesslink"><a tabindex="8" class="button light" href="<?php echo AdminServ::getProtocolLink('#join=' . SERVER_LOGIN); ?> "><?php echo Utils::t('Access server'); ?> </a></li> <?php } ?> <?php } ?> <?php if (AdminServPlugin::hasPlugin() && AdminServAdminLevel::hasAccess('plugins_list')) { ?> <li><a tabindex="9" class="button light<?php if (USER_PAGE == 'plugins-list' || USER_PLUGIN) { echo ' active'; }