function licenceRequest($return = false)
{
global $sql, $ui;
$licencecode = webhostRequest('l.easy-wi.com', $ui->server['HTTP_HOST'], '/licence.php', null, 80);
$licencecode = cleanFsockOpenRequest($licencecode, '{', '}');
$json = @json_decode($licencecode);
if ($json and isset($json->v)) {
$licencecode = array();
foreach ($json as $k => $v) {
$licencecode[$k] = $v;
}
$licencecode['lt'] = time();
$licencecode = json_encode($licencecode);
$query2 = $sql->prepare("UPDATE `settings` SET `licence`=?,`version`=?,`releasenotesDE`=?,`releasenotesEN`=? WHERE `resellerid`=0 LIMIT 1");
$query2->execute(array($licencecode, $json->v, $json->de, $json->en));
}
return $return == true ? $licencecode : false;
}
function getMinecraftVersion($release = 'release')
{
$responseBody = webhostRequest('s3.amazonaws.com', 'https://easy-wi.com', '/Minecraft.Download/versions/versions.json');
$json = @json_decode(cleanFsockOpenRequest($responseBody, '{', '}'));
return $json ? array('version' => $json->latest->{$release}, 'downloadPath' => 'https://s3.amazonaws.com/Minecraft.Download/versions/' . $json->latest->{$release} . '/minecraft_server.' . $json->latest->{$release} . '.jar') : array('version' => '', 'downloadPath' => '');
}
}
}
}
$query2 = $sql->prepare("SELECT * FROM `feeds_url` WHERE `resellerID`=?");
$query2->execute(array($lookUpID));
while ($row2 = $query2->fetch(PDO::FETCH_ASSOC)) {
unset($gZipped);
if ($feedsActive == 'Y' and $row2['active'] == 'Y' and ($diff > $row['updateMinutes'] or !isset($jobUpdating))) {
$modified = date('D, d M Y H:i:s T', strtotime($row2['modified']));
$twitter = $row2['twitter'];
$feedID = $row2['feedID'];
if ($twitter == 'Y') {
if (isset($printToConsole)) {
print "Getting Updates for Twitter Feed {$row2['loginName']}\r\n";
}
$json = webhostRequest('api.twitter.com', 'easy-wi.com', '/1/statuses/user_timeline.json?include_rts=false&exclude_replies=true&screen_name=' . $row2['loginName'] . '&count=' . $newsAmount, 443);
$json = cleanFsockOpenRequest($json, '[', ']');
foreach (json_decode($json) as $tweet) {
if (isset($tweet->text)) {
$feedTitle = substr($tweet->text, 0, 50) . '...';
$description = $tweet->text;
$link = 'https://twitter.com/' . $tweet->user->screen_name . '/status/' . $tweet->id_str;
$pubDate = date('Y-m-d H:i:s', strtotime($tweet->created_at));
$content = '';
$author = $tweet->user->name;
$creator = $tweet->user->name;
$feedsArray[$feedID][] = array('title' => $feedTitle, 'description' => $description, 'link' => $link, 'pubDate' => $pubDate, 'content' => $content, 'author' => $author, 'creator' => $creator);
}
}
} else {
if (isset($printToConsole)) {
if (is_array($reply)) {
echo 'Version for ' . $row['shorten'] . ' is: ' . $reply['version'] . "\r\n";
if (strlen($reply['version']) > 1) {
$query2->execute(array($reply['version'], $reply['downloadPath'], $row['shorten']));
}
}
}
echo "Fetch version for valves appIDs\r\n";
$steamVersion = array();
$query2 = $sql->prepare("UPDATE `servertypes` SET `steamVersion`=? WHERE `appID`=?");
$query = $sql->prepare("SELECT t.`appID`,t.`shorten` FROM `servertypes` t INNER JOIN `rservermasterg` r ON t.`id`=r.`servertypeid` WHERE t.`appID` IS NOT NULL AND t.`steamgame`!='N' GROUP BY t.`appID` ORDER BY t.`appID`");
$query->execute();
while ($row = $query->fetch(PDO::FETCH_ASSOC)) {
if (!in_array($row['appID'], array(null, '', false))) {
$lookUpAppID = workAroundForValveChaos($row['appID'], $row['shorten']);
$json = webhostRequest('api.steampowered.com', 'easy-wi.com', '/ISteamApps/UpToDateCheck/v0001/?appid=' . $lookUpAppID . '&version=0.0.0.0&format=json');
$decoded = @json_decode($json);
if ($decoded and !isset($decoded->response->error) and isset($decoded->response->required_version)) {
$query2->execute(array($decoded->response->required_version, $row['appID']));
echo 'Version for appID ' . $row['appID'] . ' is: ' . $decoded->response->required_version . "\r\n";
} else {
if (isset($decoded->response->error)) {
echo 'Error for appID ' . $row['appID'] . ' is: ' . $decoded->response->error . "\r\n";
} else {
echo 'Error for appID ' . $row['appID'] . ' is: Could not retrieve JSON string' . "\r\n";
}
}
}
}
$webhostdomain = webhostdomain(0);
$query = $sql->prepare("SELECT `timezone`,`voice_autobackup`,`voice_autobackup_intervall`,`voice_maxbackup`,`down_checks`,`resellerid` FROM `settings`");
function checkForSpam($checkURL = null)
{
global $ui, $blockLinks, $languageFilter, $page_data, $user_language, $textID, $blockWords, $honeyPotKey, $tornevall, $sql;
$spamReason = array();
$ips = array();
// Check if IP exists at DB as a spammer
if ($checkURL == null) {
$hostByIp = '';
if ($ui->ip4('REMOTE_ADDR', 'server')) {
$hostByIp = gethostbyaddr($ui->ip4('REMOTE_ADDR', 'server'));
$ips[] = $hostByIp;
}
$query = $sql->prepare("SELECT COUNT(`commentID`) AS `amount` FROM `page_comments` WHERE `markedSpam`='Y' AND (`ip`=? OR `dns`=?) AND `resellerid`=0 LIMIT 1");
$query->execute(array($ui->ip('REMOTE_ADDR', 'server'), $hostByIp));
if ($query->fetchColumn() > 0) {
$spamReason[] = 'IP or Host already known for spam';
}
} else {
$check = str_replace(array('https://', 'http://', 'ftps://', 'ftp://'), '', $checkURL);
$ips = gethostbynamel($check);
foreach ($ips as $ip) {
$query = $sql->prepare("SELECT COUNT(`commentID`) AS `amount` FROM `page_comments` WHERE `markedSpam`='Y' AND `ip`=? AND `resellerid`=0 LIMIT 1");
$query->execute(array($ip));
if ($query->fetchColumn() > 0 and !in_array('IP or Host already known for spam', $spamReason)) {
$spamReason[] = 'IP or Host already known for spam';
}
}
}
// reverse DNS does not add up
if ($checkURL == null and count($spamReason) == 0 and $ui->ip4('REMOTE_ADDR', 'server') and !in_array($ui->ip4('REMOTE_ADDR', 'server'), gethostbynamel($ips))) {
$spamReason[] = 'Fake IP';
}
// hidden fields have been filled
if ($checkURL == null and count($spamReason) == 0 and strlen($ui->escaped('mail', 'post')) > 0) {
$spamReason[] = 'XSS: Hidden field';
}
// CSFR token does not add up
if ($checkURL == null and count($spamReason) == 0 and (!isset($_SESSION['news'][$textID]) or $_SESSION['news'][$textID] != $ui->escaped('token', 'post'))) {
$spamReason[] = 'XSS: Token';
}
// Links not allowed in comments
if ($checkURL == null and count($spamReason) == 0 and $blockLinks == 'Y') {
foreach (array('http://', 'https://', 'ftp://', 'ftps://') as $key) {
if (strpos($ui->escaped('comment', 'post'), $key) !== false and !in_array('URL Spam', $spamReason)) {
$spamReason[] = 'URL Spam';
}
}
}
// Post contains blacklisted words
if ($checkURL == null and count($spamReason) == 0) {
foreach (explode(', ', $blockWords) as $word) {
if (strlen(trim($word)) > 0 and strpos($ui->escaped('comment', 'post'), trim($word)) !== false and !in_array('Word Blacklist', $spamReason)) {
$spamReason[] = 'Word Blacklist';
}
}
}
// use google translation REST API for language detection. If the current page contains a different language we likely have a spammer
if ($checkURL == null and count($spamReason) == 0 and $languageFilter == 'Y') {
$raw = webhostRequest('translate.google.com', $page_data->pageurl, '/translate_a/t?client=x&text=' . urlencode(htmlentities(substr($ui->escaped('comment', 'post'), 0, 200))));
$json = json_decode($raw);
if ($json and isset($json->src) and $json->src != $user_language) {
$spamReason[] = 'Language';
}
}
// check if the remote address (IP) is known for spamming at the tornevall.org list
if (count($spamReason) == 0 and ($checkURL != null or $ui->ip4('REMOTE_ADDR', 'server')) and ($honeyPotKey != null and $honeyPotKey != '' or $tornevall == 'Y')) {
if ($checkURL != null) {
$ips = array($ui->ip4('REMOTE_ADDR', 'server'));
}
foreach ($ips as $ip) {
$ipRevers = implode('.', array_reverse(explode('.', $ip)));
if (count($spamReason) == 0 and $tornevall == 'Y' and (bool) checkdnsrr($ipRevers . '.opm.tornevall.org.', 'A')) {
$spamReason[] = 'IP is listed at dnsbl.tornevall.org';
}
if (count($spamReason) == 0 and $honeyPotKey != null and $honeyPotKey != '') {
$ex = explode('.', gethostbyname($honeyPotKey . '.' . $ipRevers . '.dnsbl.httpbl.org'));
if ($ex[0] == 127) {
$types = array(1 => 'Suspicious', 2 => 'Harvester', 3 => 'Suspicious & Harvester', 4 => 'Comment Spammer', 5 => 'Suspicious & Comment Spammer', 6 => 'Harvester & Comment Spammer', 7 => 'Suspicious & Harvester & Comment Spammer');
if ($ex[3] != 0) {
$spamReason[] = 'IP seems to be a ' . $types[$ex[3]] . '. It was last seen ' . $ex[1] . ' day(s) ago and has a threat score of ' . $ex[2];
}
}
}
}
}
return $spamReason;
}
error_reporting(E_ALL | E_STRICT);
define('EASYWIDIR', dirname(dirname(__FILE__)));
require_once EASYWIDIR . '/stuff/methods/functions.php';
require_once EASYWIDIR . '/stuff/methods/vorlage.php';
$currentStep = (isset($_GET['step']) and $_GET['step'] > 0 and $_GET['step'] < 10) ? (int) $_GET['step'] : 0;
$progressPercent = 100 / 9 * $currentStep;
$acceptLanguage = strtolower(substr($_SERVER['HTTP_ACCEPT_LANGUAGE'], 0, 2));
$fallbackLanguage = file_exists(EASYWIDIR . '/install/' . $acceptLanguage . '.xml') ? $acceptLanguage : 'en';
$menuLanguage = (isset($_GET['language']) and strlen($_GET['language']) == 2 and file_exists(EASYWIDIR . '/install/' . $_GET['language'] . '.xml')) ? $_GET['language'] : $fallbackLanguage;
$languageGetParameter = '&language=' . $menuLanguage;
$languageObject = simplexml_load_file(EASYWIDIR . '/install/' . $menuLanguage . '.xml');
$displayToUser = '';
$systemCheckOk = array();
$systemCheckError = array();
if ($currentStep == 0) {
$licencecode = webhostRequest('l.easy-wi.com', $_SERVER['HTTP_HOST'], '/version.php', null, 80);
$licencecode = cleanFsockOpenRequest($licencecode, '{', '}');
$json = @json_decode($licencecode);
if (!$json or '5.10' == $json->v) {
$displayToUser = "******";
} else {
$displayToUser = "******";
}
} else {
if (version_compare(PHP_VERSION, '5.3.0') >= 0) {
$systemCheckOk['php'] = $languageObject->system_ok_php_version . PHP_VERSION;
} else {
$systemCheckError['php'] = $languageObject->error_system_php_version . PHP_VERSION;
}
if (extension_loaded('openssl')) {
$systemCheckOk['openssl'] = $languageObject->system_ok_openssl;
}
// Substitutes
unset($left);
$start = 0;
// Prepare queries only once to avoid overhead
$query2 = $sql->prepare("SELECT `sID` FROM `userdata_substitutes` WHERE `sourceSystemID`=? AND `externalID`=? AND `resellerID`=? LIMIT 1");
$query4 = $sql->prepare("SELECT `id` FROM `userdata` WHERE `sourceSystemID`=? AND `externalID`=? AND `resellerID`=? LIMIT 1");
$query3 = $sql->prepare("UPDATE `userdata_substitutes` SET `loginName`=?,`name`=?,`vname`=? WHERE `sID`=? LIMIT 1");
$query5 = $sql->prepare("INSERT INTO `userdata_substitutes` (`userID`,`loginName`,`name`,`vname`,`passwordHashed`,`sourceSystemID`,`externalID`,`resellerID`) VALUES (?,?,?,?,?,?,?,?)");
$query6 = $sql->prepare("SELECT `id` FROM `gsswitch` WHERE `sourceSystemID`=? AND `externalID`=? AND `userid`=? AND `resellerid`=? LIMIT 1");
$query7 = $sql->prepare("INSERT INTO `userdata_substitutes_servers` (`sID`,`oType`,`oID`,`resellerID`) VALUE (?,'gs',?,?) ON DUPLICATE KEY UPDATE `resellerID`=`resellerID`");
$query8 = $sql->prepare("SELECT `id` FROM `voice_server` WHERE `sourceSystemID`=? AND `externalID`=? AND `userid`=? AND `resellerid`=? LIMIT 1");
$query9 = $sql->prepare("INSERT INTO `userdata_substitutes_servers` (`sID`,`oType`,`oID`,`resellerID`) VALUE (?,'vo',?,?) ON DUPLICATE KEY UPDATE `resellerID`=`resellerID`");
while (!isset($left) or $left > 0) {
$getRequest = '/' . $row['file'] . '?passwordToken=' . urlencode($row['token']) . '&list=substitutes&start=' . urlencode($start) . '&chunkSize=' . urlencode($row['chunkSize']) . '&lastID=' . urlencode($row['lastID']) . '&updateTime=' . urlencode($row['lastCheck']);
$rawResponse = webhostRequest($row['domain'], 'https://easy-wi.com', $getRequest, null, $port);
$response = cleanFsockOpenRequest($rawResponse, '{', '}');
$decoded = json_decode($response);
unset($response);
if ($decoded and isset($decoded->error)) {
$left = 0;
if (is_array($decoded->error)) {
printText('Error: ' . implode(', ', $decoded->error));
} else {
printText('Error: ' . $decoded->error);
}
} else {
if ($decoded and isset($decoded->total)) {
if (isset($left)) {
$left -= $row['chunkSize'];
} else {
$fileAuth = $row['file'];
$xml = new DOMDocument('1.0', 'utf-8');
$element = $xml->createElement('user');
$key = $xml->createElement('username', $username);
$element->appendChild($key);
$key = $xml->createElement('pwd', $password);
$element->appendChild($key);
$key = $xml->createElement('mail', $mail);
$element->appendChild($key);
$key = $xml->createElement('externalID', $externalID);
$element->appendChild($key);
$xml->appendChild($element);
$postXML = urlencode(base64_encode($xml->saveXML()));
}
if (isset($activeAuth) and $activeAuth == 'Y') {
$reply = webhostRequest($domainAuth, $ui->escaped('HTTP_HOST', 'server'), $fileAuth, array('authPWD' => $pwdAuth, 'userAuth' => $userAuth, 'postXML' => $postXML), $portAuth);
$xmlReply = @simplexml_load_string($reply);
if ($xmlReply and isset($xmlReply->success) and $xmlReply->success == 1 and $xmlReply->user == $username) {
$passwordCorrect = true;
$newHash = passwordCreate($username, $password);
if (is_array($newHash)) {
$query = $sql->prepare("UPDATE `userdata` SET `security`=?,`salt`=? WHERE `id`=? LIMIT 1");
$query->execute(array($newHash['hash'], $newHash['salt'], $id));
} else {
$query = $sql->prepare("UPDATE `userdata` SET `security`=? WHERE `id`=? LIMIT 1");
$query->execute(array($newHash, $id));
}
} else {
if ($xmlReply and strlen($xmlReply->error) > 0) {
$externalAuthError = $xmlReply->error;
} else {
public function startStop()
{
foreach ($this->startStop as $a) {
$postParams = array();
$file = '';
$requestString = $a['action'] == 're' ? $this->ID['dedicated'][$a['id']]['apiRequestRestart'] : $this->ID['dedicated'][$a['id']]['apiRequestStop'];
$apiPath = str_replace(array('http://', 'https://', ':8080', ':80', ':443'), '', $this->ID['dedicated'][$a['id']]['apiURL']);
$ex = preg_split("/\\//", $apiPath, -1, PREG_SPLIT_NO_EMPTY);
$i = 1;
$exCount = count($ex);
while ($exCount > $i) {
$file .= '/' . $ex[$i];
$i++;
}
$file .= '/';
if ($this->ID['dedicated'][$a['id']]['apiRequestType'] == 'G') {
$file .= $requestString;
} else {
foreach (explode('&', str_replace(array('&', '?'), array('&', ''), $requestString)) as $param) {
$ex = explode('=', $param);
if (isset($ex[1])) {
$postParams[$ex[0]] = $ex[1];
}
}
}
webhostRequest($ex[0], 'easy-wi.com', $file, $postParams, $this->ID['dedicated'][$a['id']]['https'] == 'Y' ? 443 : 80);
}
return true;
}
