Esempio n. 1
1
function BlockPlayer($check, $sid, $num, $type, $length)
{
    $objResponse = new xajaxResponse();
    global $userbank, $username;
    $sid = (int) $sid;
    $length = (int) $length;
    if (!$userbank->HasAccess(ADMIN_OWNER | ADMIN_ADD_BAN)) {
        $objResponse->redirect("index.php?p=login&m=no_access", 0);
        $log = new CSystemLog("w", "Hacking Attempt", $username . " tried to process a playerblock, but doesnt have access.");
        return $objResponse;
    }
    //get the server data
    $sdata = $GLOBALS['db']->GetRow("SELECT ip, port, rcon FROM " . DB_PREFIX . "_servers WHERE sid = '" . $sid . "';");
    //test if server is online
    if ($test = @fsockopen($sdata['ip'], $sdata['port'], $errno, $errstr, 2)) {
        @fclose($test);
        require_once INCLUDES_PATH . "/CServerRcon.php";
        $r = new CServerRcon($sdata['ip'], $sdata['port'], $sdata['rcon']);
        if (!$r->Auth()) {
            $GLOBALS['db']->Execute("UPDATE " . DB_PREFIX . "_servers SET rcon = '' WHERE sid = '" . $sid . "' LIMIT 1;");
            $objResponse->addAssign("srv_{$num}", "innerHTML", "<font color='red' size='1'>Wrong RCON Password, please change!</font>");
            $objResponse->addScript('set_counter(1);');
            return $objResponse;
        }
        $ret = $r->rconCommand("status");
        // show hostname instead of the ip, but leave the ip in the title
        require_once "../includes/system-functions.php";
        $hostsearch = preg_match_all('/hostname:[ ]*(.+)/', $ret, $hostname, PREG_PATTERN_ORDER);
        $hostname = trunc(htmlspecialchars($hostname[1][0]), 25, false);
        if (!empty($hostname)) {
            $objResponse->addAssign("srvip_{$num}", "innerHTML", "<font size='1'><span title='" . $sdata['ip'] . ":" . $sdata['port'] . "'>" . $hostname . "</span></font>");
        }
        $gothim = false;
        $search = preg_match_all(STATUS_PARSE, $ret, $matches, PREG_PATTERN_ORDER);
        //search for the steamid on the server
        foreach ($matches[3] as $match) {
            if (substr($match, 8) == substr($check, 8)) {
                // gotcha!!! kick him!
                $gothim = true;
                $GLOBALS['db']->Execute("UPDATE `" . DB_PREFIX . "_comms` SET sid = '" . $sid . "' WHERE authid = '" . $check . "' AND RemovedBy IS NULL;");
                $requri = substr($_SERVER['REQUEST_URI'], 0, strrpos($_SERVER['REQUEST_URI'], "pages/admin.blockit.php"));
                $kick = $r->sendCommand("sc_fw_block " . $type . " " . $length . " " . $match);
                $objResponse->addAssign("srv_{$num}", "innerHTML", "<font color='green' size='1'><b><u>Player Found & blocked!!!</u></b></font>");
                $objResponse->addScript("set_counter('-1');");
                return $objResponse;
            }
        }
        if (!$gothim) {
            $objResponse->addAssign("srv_{$num}", "innerHTML", "<font size='1'>Player not found.</font>");
            $objResponse->addScript('set_counter(1);');
            return $objResponse;
        }
    } else {
        $objResponse->addAssign("srv_{$num}", "innerHTML", "<font color='red' size='1'><i>Can't connect to server.</i></font>");
        $objResponse->addScript('set_counter(1);');
        return $objResponse;
    }
}
Esempio n. 2
0
function PasteBlock($sid, $name)
{
    $objResponse = new xajaxResponse();
    global $userbank, $username;
    $sid = (int) $sid;
    if (!$userbank->HasAccess(ADMIN_OWNER | ADMIN_ADD_BAN)) {
        $objResponse->redirect("index.php?p=login&m=no_access", 0);
        $log = new CSystemLog("w", "Hacking Attempt", $username . " tried paste a block, but doesn't have access.");
        return $objResponse;
    }
    require INCLUDES_PATH . '/CServerRcon.php';
    //get the server data
    $data = $GLOBALS['db']->GetRow("SELECT ip, port, rcon FROM " . DB_PREFIX . "_servers WHERE sid = ?;", array($sid));
    if (empty($data['rcon'])) {
        $objResponse->addScript("\$('dialog-control').setStyle('display', 'block');");
        $objResponse->addScript("ShowBox('Error', 'No RCON password for server " . $data['ip'] . ":" . $data['port'] . "!', 'red', '', true);");
        return $objResponse;
    }
    $r = new CServerRcon($data['ip'], $data['port'], $data['rcon']);
    if (!$r->Auth()) {
        $GLOBALS['db']->Execute("UPDATE " . DB_PREFIX . "_servers SET rcon = '' WHERE sid = ?;", array($sid));
        $objResponse->addScript("\$('dialog-control').setStyle('display', 'block');");
        $objResponse->addScript("ShowBox('Error', 'Wrong RCON password for server " . $data['ip'] . ":" . $data['port'] . "!', 'red', '', true);");
        return $objResponse;
    }
    $ret = $r->rconCommand("status");
    $search = preg_match_all(STATUS_PARSE, $ret, $matches, PREG_PATTERN_ORDER);
    $i = 0;
    $found = false;
    $index = -1;
    foreach ($matches[2] as $match) {
        if ($match == $name) {
            $found = true;
            $index = $i;
            break;
        }
        $i++;
    }
    if ($found) {
        $steam = $matches[3][$index];
        $name = $matches[2][$index];
        $objResponse->addScript("\$('nickname').value = '" . addslashes($name) . "'");
        $objResponse->addScript("\$('steam').value = '" . $steam . "'");
    } else {
        $objResponse->addScript("ShowBox('Error', 'Can\\'t get player info for " . addslashes(htmlspecialchars($name)) . ". Player is not on the server (" . $data['ip'] . ":" . $data['port'] . ") anymore!', 'red', '', true);");
        $objResponse->addScript("\$('dialog-control').setStyle('display', 'block');");
        return $objResponse;
    }
    $objResponse->addScript("SwapPane(0);");
    $objResponse->addScript("\$('dialog-control').setStyle('display', 'block');");
    $objResponse->addScript("\$('dialog-placement').setStyle('display', 'none');");
    return $objResponse;
}
function SendMessage($sid, $name, $message)
{
    $objResponse = new xajaxResponse();
    global $userbank, $username;
    if (!$userbank->is_admin()) {
        $objResponse->redirect("index.php?p=login&m=no_access", 0);
        $log = new CSystemLog("w", "Ошибка доступ", $username . " пытался отправить для '" . addslashes(htmlspecialchars($name)) . "' сообщение (\"" . RemoveCode($message) . "\"), не имея на это прав.");
        return $objResponse;
    }
    $sid = (int) $sid;
    require INCLUDES_PATH . '/CServerRcon.php';
    //get the server data
    $data = $GLOBALS['db']->GetRow("SELECT ip, port, rcon FROM " . DB_PREFIX . "_servers WHERE sid = '" . $sid . "';");
    if (empty($data['rcon'])) {
        $objResponse->addScript("ShowBox('Ошибка', 'Невозможно отправить сообщение для " . addslashes(htmlspecialchars($name)) . ". Не задан РКОН пароль!', 'red', '', true);");
        return $objResponse;
    }
    $r = new CServerRcon($data['ip'], $data['port'], $data['rcon']);
    if (!$r->Auth()) {
        $GLOBALS['db']->Execute("UPDATE " . DB_PREFIX . "_servers SET rcon = '' WHERE sid = '" . $sid . "';");
        $objResponse->addScript("ShowBox('Ошибка', 'Невозможно отправить сообщение для " . addslashes(htmlspecialchars($name)) . ". Неверноый РКОН пароль!', 'red', '', true);");
        return $objResponse;
    }
    $ret = $r->sendCommand('sm_psay "' . $name . '" "' . addslashes($message) . '"');
    new CSystemLog("m", "Сообщение отправлено", "Следующее сообщение было отправлено " . addslashes(htmlspecialchars($name)) . " на сервер " . $data['ip'] . ":" . $data['port'] . ": " . RemoveCode($message));
    $objResponse->addScript("ShowBox('Сообщение отправлено', 'Сообщение для \\'" . addslashes(htmlspecialchars($name)) . "\\' успешно отправлено!', 'green', '', true);\$('dialog-control').setStyle('display', 'block');");
    return $objResponse;
}
function SendRconSilent($rcon, $sid)
{
    require_once INCLUDES_PATH . '/CServerRcon.php';
    $serv = $GLOBALS['db']->GetRow("SELECT ip, port, rcon FROM " . DB_PREFIX . "_servers WHERE sid = '" . $sid . "';");
    if (empty($serv['rcon'])) {
        return false;
    }
    $test = @fsockopen($serv['ip'], $serv['port'], $errno, $errstr, 2);
    if (!$test) {
        return false;
    }
    $r = new CServerRcon($serv['ip'], $serv['port'], $serv['rcon']);
    if (!$r->Auth()) {
        $GLOBALS['db']->Execute("UPDATE " . DB_PREFIX . "_servers SET rcon = '' WHERE sid = '" . (int) $sid . "';");
        return false;
    }
    $ret = $r->rconCommand($rcon);
    if ($ret) {
        return true;
    }
    return false;
}
Esempio n. 5
0
function SendMessage($sid, $name, $message)
{
    $objResponse = new xajaxResponse();
    global $userbank, $username;
    if (!$userbank->is_admin()) {
        $objResponse->redirect("index.php?p=login&m=no_access", 0);
        $log = new CSystemLog("w", "Hacking Attempt", $username . " tried to send ingame message to '" . addslashes(htmlspecialchars($name)) . "' (\"" . RemoveCode($message) . "\"), but doesnt have access.");
        return $objResponse;
    }
    $sid = (int) $sid;
    require INCLUDES_PATH . '/CServerRcon.php';
    //get the server data
    $data = $GLOBALS['db']->GetRow("SELECT ip, port, rcon FROM " . DB_PREFIX . "_servers WHERE sid = '" . $sid . "';");
    if (empty($data['rcon'])) {
        $objResponse->addScript("ShowBox('Error', 'Can\\'t send message to " . addslashes(htmlspecialchars($name)) . ". No RCON password!', 'red', '', true);");
        return $objResponse;
    }
    $r = new CServerRcon($data['ip'], $data['port'], $data['rcon']);
    if (!$r->Auth()) {
        $GLOBALS['db']->Execute("UPDATE " . DB_PREFIX . "_servers SET rcon = '' WHERE sid = '" . $sid . "';");
        $objResponse->addScript("ShowBox('Error', 'Can\\'t send message to " . addslashes(htmlspecialchars($name)) . ". Wrong RCON password!', 'red', '', true);");
        return $objResponse;
    }
    $ret = $r->sendCommand('sm_psay "' . $name . '" "' . addslashes($message) . '"');
    new CSystemLog("m", "Message sent to player", "The following message was sent to " . addslashes(htmlspecialchars($name)) . " on server " . $data['ip'] . ":" . $data['port'] . ": " . RemoveCode($message));
    $objResponse->addScript("ShowBox('Message Sent', 'The message has been sent to player \\'" . addslashes(htmlspecialchars($name)) . "\\' successfully!', 'green', '', true);\$('dialog-control').setStyle('display', 'block');");
    return $objResponse;
}
function KickPlayer($check, $sid, $num, $type)
{
    $objResponse = new xajaxResponse();
    global $userbank, $username;
    $sid = (int) $sid;
    if (!$userbank->HasAccess(ADMIN_OWNER | ADMIN_ADD_BAN)) {
        $objResponse->redirect("index.php?p=login&m=no_access", 0);
        $log = new CSystemLog("w", "Ошибка доступа", $username . " пытался кого-то кикнуть, не имея на это прав.");
        return $objResponse;
    }
    //get the server data
    $sdata = $GLOBALS['db']->GetRow("SELECT ip, port, rcon FROM " . DB_PREFIX . "_servers WHERE sid = '" . $sid . "';");
    //test if server is online
    if ($test = @fsockopen($sdata['ip'], $sdata['port'], $errno, $errstr, 2)) {
        @fclose($test);
        require_once INCLUDES_PATH . "/CServerRcon.php";
        $r = new CServerRcon($sdata['ip'], $sdata['port'], $sdata['rcon']);
        if (!$r->Auth()) {
            $GLOBALS['db']->Execute("UPDATE " . DB_PREFIX . "_servers SET rcon = '' WHERE sid = '" . $sid . "' LIMIT 1;");
            $objResponse->addAssign("srv_{$num}", "innerHTML", "<font color='red' size='1'>Неверный РКОН!</font>");
            $objResponse->addScript('set_counter(1);');
            return $objResponse;
        }
        $ret = $r->rconCommand("status");
        // show hostname instead of the ip, but leave the ip in the title
        require_once "../includes/system-functions.php";
        $hostsearch = preg_match_all('/hostname:[ ]*(.+)/', $ret, $hostname, PREG_PATTERN_ORDER);
        $hostname = trunc(htmlspecialchars($hostname[1][0]), 25, false);
        if (!empty($hostname)) {
            $objResponse->addAssign("srvip_{$num}", "innerHTML", "<font size='1'><span title='" . $sdata['ip'] . ":" . $sdata['port'] . "'>" . $hostname . "</span></font>");
        }
        $gothim = false;
        $search = preg_match_all(STATUS_PARSE, $ret, $matches, PREG_PATTERN_ORDER);
        //search for the steamid on the server
        if ((int) $type == 0) {
            foreach ($matches[3] as $match) {
                if (substr($match, 8) == substr($check, 8)) {
                    // gotcha!!! kick him!
                    $gothim = true;
                    $GLOBALS['db']->Execute("UPDATE `" . DB_PREFIX . "_bans` SET sid = '" . $sid . "' WHERE authid = '" . $check . "' AND RemovedBy IS NULL;");
                    $requri = substr($_SERVER['REQUEST_URI'], 0, strrpos($_SERVER['REQUEST_URI'], "pages/admin.kickit.php"));
                    $kick = $r->sendCommand("kickid " . $match . " \"Вы были забанены, посетите http://" . $_SERVER['HTTP_HOST'] . $requri . " для большей информации.\"");
                    $objResponse->addAssign("srv_{$num}", "innerHTML", "<font color='green' size='1'><b><u>Игрок найден и кикнут!!!</u></b></font>");
                    $objResponse->addScript("set_counter('-1');");
                    return $objResponse;
                }
            }
        } else {
            if ((int) $type == 1) {
                // search for the ip on the server
                $id = 0;
                foreach ($matches[8] as $match) {
                    $ip = explode(":", $match);
                    $ip = $ip[0];
                    if ($ip == $check) {
                        $userid = $matches[1][$id];
                        // gotcha!!! kick him!
                        $gothim = true;
                        $GLOBALS['db']->Execute("UPDATE `" . DB_PREFIX . "_bans` SET sid = '" . $sid . "' WHERE ip = '" . $check . "' AND RemovedBy IS NULL;");
                        $requri = substr($_SERVER['REQUEST_URI'], 0, strrpos($_SERVER['REQUEST_URI'], "pages/admin.kickit.php"));
                        $kick = $r->sendCommand("kickid " . $userid . " \"Вы были забанены, посетите http://" . $_SERVER['HTTP_HOST'] . $requri . " для большей информации.\"");
                        $objResponse->addAssign("srv_{$num}", "innerHTML", "<font color='green' size='1'><b><u>Игрок найден и кикнут!!!</u></b></font>");
                        $objResponse->addScript("set_counter('-1');");
                        return $objResponse;
                    }
                    $id++;
                }
            }
        }
        if (!$gothim) {
            $objResponse->addAssign("srv_{$num}", "innerHTML", "<font size='1'>Игрок не найден.</font>");
            $objResponse->addScript('set_counter(1);');
            return $objResponse;
        }
    } else {
        $objResponse->addAssign("srv_{$num}", "innerHTML", "<font color='red' size='1'><i>Нет соединения с сервером.</i></font>");
        $objResponse->addScript('set_counter(1);');
        return $objResponse;
    }
}