예제 #1
0
 function api_checkarg_post_required($arg, $friendly)
 {
     $arg = api_checkarg_post($arg);
     if (empty($arg)) {
         api_error(SN_API_CALL_EMPTY_PARAMETER, sprintf("Field '%s' is required.", $friendly));
     }
     return $arg;
 }
예제 #2
0
파일: wads.php 프로젝트: csnxs/disciple
} elseif ($call == 'search') {
    $s = api_checkarg_post('q');
    $db = getsql();
    $q = $db->query(sprintf("SELECT id,filename FROM wads WHERE filename LIKE '%%%s%%'", $db->real_escape_string($s)));
    if ($q->num_rows < 1) {
        echo '[]';
        exit;
    }
    $out = array();
    while ($o = $q->fetch_object()) {
        array_push($out, array('id' => intval($o->id), 'plain' => $o->filename, 'html' => str_replace($s, "<span class='ul'>{$s}</span>", $o->filename)));
    }
    Header("Content-Type: text/json");
    echo json_encode($out);
} elseif ($call == 'info') {
    $id = intval(api_checkarg_post('id'));
    $db = getsql();
    if ($id == 0) {
        api_error(SN_API_CALL_BAD_PARAMETER, 'id is not a number');
    }
    $q = $db->query(sprintf("SELECT id,filename,md5 FROM wads WHERE id=%d", $id));
    if ($q->num_rows < 1) {
        api_error(SN_API_CALL_BAD_PARAMETER, 'id is not a valid WAD id');
    }
    $o = $q->fetch_object();
    if (user_info()->userlevel < UL_ADMINISTRATOR && $o->owner != $_SESSION['id']) {
        api_error(SN_FORBIDDEN, 'You do not have access to this operation.');
    }
    Header("Content-Type: text/json");
    echo json_encode(array('id' => intval($o->id), 'filename' => $o->filename, 'md5' => $o->md5));
}
예제 #3
0
파일: user.php 프로젝트: csnxs/disciple
<?php

include dirname(dirname(dirname(__FILE__))) . '/common/config.php';
include 'apishared.php';
$db = getsql();
define('USERNAME_MAX_LENGTH', 20);
define('PASSWORD_MAX_LENGTH', 70);
$call = api_checkarg_post('fn');
if ($call == 'register') {
    $username = $db->real_escape_string(api_checkarg_post_required('username', 'Username'));
    if (preg_match('/[^a-zA-Z0-9_]+/', $username)) {
        api_error(SN_API_CALL_BAD_PARAMETER, 'Username contains invalid characters.');
    }
    $qUserExists = $db->query(sprintf("SELECT `id` FROM `users` WHERE `username`='%s'", $username));
    if ($qUserExists->num_rows > 0) {
        api_error(SN_USER_ALREADY_EXISTS, "Account {$username} already exists.");
    }
    $password = api_checkarg_post_required('password', 'Password');
    $email = $db->real_escape_string(api_checkarg_post_required('email', 'E-mail'));
    if (strlen($username) > USERNAME_MAX_LENGTH) {
        api_error(SN_USERNAME_TOO_LONG, sprintf('Username "%s" is too long. The maximum length is %d characters. Pick a new name or trim your current one by %d characters.', $username, USERNAME_MAX_LENGTH, strlen($username) - USERNAME_MAX_LENGTH));
    }
    if (strlen($password) > PASSWORD_MAX_LENGTH) {
        api_error(SN_PASSWORD_TOO_LONG, sprintf('Your password is too long. The maximum length is %d characters.', PASSWORD_MAX_LENGTH));
    }
    $password_hashed = password_hash($password, PASSWORD_BCRYPT, array('cost' => 14));
    $db->query(sprintf("INSERT INTO `users` (username, password, email, serverlimit) VALUES ('%s', '%s', '%s', %d)", $username, $password_hashed, $email, disciple_json()->serverlimit));
    echo 1;
}
예제 #4
0
파일: server.php 프로젝트: csnxs/disciple
<?php

include dirname(dirname(dirname(__FILE__))) . '/common/config.php';
include dirname(dirname(dirname(__FILE__))) . '/common/server.php';
include dirname(dirname(dirname(__FILE__))) . '/common/session.php';
include 'apishared.php';
$call = api_checkarg_post('fn');
$db = getsql();
if ($call == 'create') {
    $binary = $db->real_escape_string(api_checkarg_post_required('binary', 'Zandronum version'));
    $hostname = $db->real_escape_string(api_checkarg_post_required('hostname', 'Host name'));
    $iwad = $db->real_escape_string(api_checkarg_post_required('iwad', 'IWAD'));
    $gamemode = $db->real_escape_string(api_checkarg_post_required('gamemode', 'Game mode'));
    $instagib = $db->real_escape_string(api_checkarg_post_required('instagib', 'Instagib') == 'true');
    $buckshot = $db->real_escape_string(api_checkarg_post_required('buckshot', 'Buckshot') == 'true');
    $stdata = $db->real_escape_string(api_checkarg_post_required('stdata', 'Skulltag data') == 'true');
    $skill = intval(api_checkarg_post('skill', 0));
    $dmflags = intval(api_checkarg_post('dmflags', 0));
    $dmflags2 = intval(api_checkarg_post('dmflags2', 0));
    $zadmflags = intval(api_checkarg_post('zadmflags', 0));
    $compatflags = intval(api_checkarg_post('compatflags', 0));
    $zacompatflags = intval(api_checkarg_post('zacompatflags', 0));
    $wads = api_checkarg_post('wads', array());
    $optwads = api_checkarg_post('optwads', array());
    $binary = disciple_json()->main_binary;
    $iwad = data_dir('/iwads/') . $iwad . '.wad';
    $s = new server($binary, $wads, $optwads, $iwad, $hostname, false, $gamemode, '', $skill, $stdata, $instagib, $buckshot, $dmflags, $dmflags2, $zadmflags, $compatflags, $zacompatflags);
    $s->start();
    echo "1 " . $s->id;
}