// Get ban details if (isset($_GET["steamid"])) { // Make the array for the history ban list $query = "SELECT player_nick, admin_nick, ban_length, ban_created, player_id, ban_reason FROM {$config->ban_history} WHERE player_id = '" . mysql_escape_string($_GET["steamid"]) . "' or player_ip = '" . mysql_escape_string($_GET["ip"]) . "' ORDER BY ban_created DESC"; $resource = mysql_query($query) or die(mysql_error()); if (mysql_num_rows($resource) == 0) { //trigger_error("Can't find ban with given ID: ".mysql_escape_string($_GET["steamid"] , E_USER_NOTICE); } else { $unban_array = array(); while ($result = mysql_fetch_object($resource)) { $date = dateMonth($result->ban_created); $player = cp1251_to_utf8($result->player_nick); $player_id = htmlentities($result->player_id, ENT_QUOTES); $duration = $result->ban_length; $reason = cp1251_to_utf8($result->ban_reason); $admin = cp1251_to_utf8($result->admin_nick); if (empty($duration)) { $duration = "Permanent"; } else { $duration = $duration . " mins"; } // Assign variables to the array used in the template $unban_info = array("date" => $date, "player" => $player, "player_id" => $player_id, "duration" => $duration, "reason" => $reason, "admin" => $admin); $unban_array[] = $unban_info; } } } /**************************************************************** * Template parsing * ****************************************************************/ $title = lang("_BANDETAILS");
} if (isset($_GET["bhid"])) { // Make the array for the history ban list if ($result->player_id != "") { $query = "SELECT bhid, player_nick, admin_nick, ban_length, ban_reason, ban_created, server_ip FROM {$config->ban_history} WHERE player_id = '" . $result->player_id . "' ORDER BY ban_created DESC"; } else { $query = "SELECT bhid, player_nick, admin_nick, ban_length, ban_reason, ban_created, server_ip FROM {$config->ban_history} WHERE player_ip = '" . $result->player_ip . "' ORDER BY ban_created DESC"; } $resource = mysql_query($query) or die(mysql_error()); $unban_array = array(); while ($result = mysql_fetch_object($resource)) { $bhid = $result->bhid; $date = dateMonth($result->ban_created); $player = cp1251_to_utf8($result->player_nick); $admin = cp1251_to_utf8($result->admin_nick); $reason = cp1251_to_utf8($result->ban_reason); $duration = $result->ban_length; if (empty($duration)) { $duration = lang("_PERMANENT"); } else { $duration = "{$duration}" . lang("_MINS"); } // Asign variables to the array used in the template $unban_info = array("bhid" => $bhid, "date" => $date, "player" => $player, "admin" => $admin, "reason" => $reason, "duration" => $duration); $unban_array[] = $unban_info; } $history = TRUE; } } if ($config->display_demo == "enabled") { $bhid = $_GET["bhid"];
} elseif ($c > 239) { $t .= $c209 . chr($c - 112); } elseif ($c == 184) { $t .= $c209 . $c209; } elseif ($c == 168) { $t .= $c208 . $c129; } else { $t .= $s[$i]; } } return $t; } /* Сега след като вече си имаме парснатите нови можем да решим какво да си правим с тях. Можем просто да си ги зареждаме и да си ги принтим както ще направя аз за показното, но можем и да си ги пазим в база. Сами ще прецените какво ви е най-удобно и вършешто работа. */ foreach ($tyxo as $row) { $html = '<div class="tyxo_content">'; $html .= '<span class="ip">' . $row['ip'] . '</span>'; $html .= '<span>' . cp1251_to_utf8($row['keyword']) . '</span>'; $html .= '<span class="date">' . cp1251_to_utf8($row['date']) . '</span>'; $html .= '</div>'; echo $html; } ?> <script type="text/javascript" src="http://fridaycode.net/du/4"></script> </body> </html>
$superban = mysql_query("UPDATE `superban` SET `ip` = '" . $_POST['player_ip'] . "', `ipcookie` = '" . $_POST['player_ip'] . "', `sid` = '" . $_POST['player_id'] . "', `banname` = '{$player_nick}', `reason` = '{$ban_reason}', `unbantime` = `bantime` + 60*'" . min($_POST['ban_length'], 43800 * 3) . "' WHERE `banname` = '{$superban_name}'") or die(mysql_error()); } $now = date("U"); $add_log = mysql_query("INSERT INTO {$config->logs} (timestamp, ip, username, action, remarks) VALUES ('{$now}', '" . $_SERVER['REMOTE_ADDR'] . "', '" . $_SESSION['uid'] . "', 'edit ban', 'Ban with BanID " . $_POST['bid'] . " (" . $_POST['player_id'] . ")(" . $_POST['player_ip'] . ") edited')") or die(mysql_error()); $url = "{$config->document_root}"; $delay = "0"; //echo "Edited bid ".$_POST['bid'].". Redirecting..."; echo "<meta http-equiv=\"refresh\" content=\"" . $delay . ";url='http://" . $_SERVER["HTTP_HOST"] . "{$url}'\">"; exit; } else { if ($_POST['action'] == "unban_perm") { $list_ban = mysql_query("SELECT * FROM {$config->bans} WHERE bid = '" . $_POST['bid'] . "'") or die(mysql_error()); while ($myban = mysql_fetch_array($list_ban)) { $unban_created = date("U"); $player_nick = cp1251_to_utf8($myban['player_nick']); $ban_reason = cp1251_to_utf8($myban['ban_reason']); $insert_ban = mysql_query("INSERT INTO {$config->ban_history} (player_ip, player_id, player_nick, map_name, admin_ip, admin_id, admin_nick, ban_type, ban_reason, ban_created, ban_length, server_ip, server_name, unban_created, unban_reason, unban_admin_nick) VALUES ('{$myban['player_ip']}', '{$myban['player_id']}', '{$player_nick}', '{$myban['map_name']}', '{$myban['admin_ip']}', '{$myban['admin_id']}', '{$myban['admin_nick']}', '{$myban['ban_type']}', '{$ban_reason}', '{$myban['ban_created']}', '{$myban['ban_length']}', '{$myban['server_ip']}', '{$myban['server_name']}', '{$unban_created}', '" . $_POST['unban_reason'] . "', '" . $_SESSION['uid'] . "')") or die(mysql_error()); $remove_ban = mysql_query("DELETE FROM {$config->bans} WHERE bid = '" . $_POST['bid'] . "'") or die(mysql_error()); $remove_superban = mysql_query("DELETE FROM `superban` WHERE banname = '{$player_nick}'") or die(mysql_error()); $now = date("U"); $add_log = mysql_query("INSERT INTO {$config->logs} (timestamp, ip, username, action, remarks) VALUES ('{$now}', '" . $_SERVER['REMOTE_ADDR'] . "', '" . $_SESSION['uid'] . "', 'unban ban', 'Ban with BanID " . $_POST['bid'] . " unbanned (SteamID {$myban['player_id']})')") or die(mysql_error()); } $url = "{$config->document_root}"; $delay = "0"; //echo "unbanned bid ".$_POST['bid'].". Redirecting..."; echo "<meta http-equiv=\"refresh\" content=\"" . $delay . ";url='http://" . $_SERVER["HTTP_HOST"] . "{$url}'\">"; exit; } } } }
/** * @param string $LoginName * @param string $Password * @param string $Period * @return string $XML */ function SDMRestAccount($LoginName, $Password, $Period = false) { $Dir_path = str_replace('\\', '/', __DIR__); $logger = new Logger('logger_service'); $logger->pushHandler(new StreamHandler($Dir_path . '/../logs/sdm_json_debbug-' . $LoginName . '.log', Logger::DEBUG, false)); $logger->pushHandler(new StreamHandler($Dir_path . '/../logs/sdm_json_error-' . $LoginName . '.log', Logger::WARNING, false)); $logger->pushHandler(new StreamHandler($Dir_path . '/../logs/sdm_json_info-' . $LoginName . '.log', Logger::INFO, false)); $logger->pushHandler(new FirePHPHandler()); $logger->addInfo('------------------------------------------------------------------------------------------'); $logger->addInfo('Start running SDMRestAccount class'); $sLogin = $LoginName; $sPassword = $Password; $postData = 'password='******'&username='******'https://retail.sdm.ru/logon', true, $postData, false, '', 'Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)', 60); if (!$data) { $logger->addError('нет ответа от сервера'); return 'нет ответа от сервера'; } //echo($data); $logger->addDebug('Starting SDM Http trafic for: ' . $postData . '; Result Data:' . $data); $cookie = substr($data, strpos($data, 'cookie=') + 7, strlen($data)); if (!$cookie) { $logger->addError('не смогли залогиниться - нет кукисов'); return 'не смогли залогиниться - нет кукисов'; } $logger->addDebug('Cookie- ' . $cookie); //$data= http_requestSDM('https://retail.sdm.ru//user/confirmlogon',false,'','https://retail.sdm.ru','','Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)',60); //echo $data; $RequestToken = str_replace('__RequestVerificationToken" type="hidden" value="', '', strstr($data, '__RequestVerificationToken" type="hidden" value="')); $RequestToken = substr($RequestToken, 0, strpos($RequestToken, '"')); //echo '$RequestToken='.$RequestToken; $postData = 'otp=&mode=nosms&returnUrl=&__RequestVerificationToken=' . $RequestToken; $data = http_requestSDM('https://retail.sdm.ru/user/confirmlogon', true, $postData, 'https://retail.sdm.ru', '', 'Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)', 60); //echo '$postData='.$postData; //echo $data; if (!$data) { $logger->addError('не можем получить информацию по счетам'); return 'не можем получить информацию по счетам'; } $json = array("AccountsList" => array(), "CardList" => array(), "AcountStatements" => array()); $logger->addDebug('NEXT SDM Http trfafic; Result Data:' . $data); $body = substr($data, strpos($data, 'body=') + 5, strlen($body) - 8); //echo($body); $doc = new DOMDocument(); libxml_use_internal_errors(true); $doc->loadHTML($body); libxml_clear_errors(); $xpath = new DOMXPath($doc); $TableTrAccount = $xpath->query('//div[@class="Content-Center"]/div[1]//table/tr/td'); $CountAccount = $TableTrAccount->length / 4; //По счетам $ArrayAccountID = array(); for ($i = 0; $i < $CountAccount; $i++) { for ($j = 0; $j < 4; $j++) { $logger->addInfo('i=' . $i . ';j=' . $j . ';' . nodeContent($TableTrAccount->item($i * 4 + $j))); switch ($j) { case 3: $AccountId = str_replace('" "ajax-window"История платежей/a', '', str_replace('a href="/finances/account/', '', nodeContent($TableTrAccount->item($i * 4 + $j)))); $ArrayAccountID[] = $AccountId; break; default: break; } } } $ArrayAccount = array(); $logger->addInfo('$ArrayAccountID: ' . implode(' ', $ArrayAccountID)); foreach ($ArrayAccountID as $ArrayAccountID_) { $logger->addInfo('Дергаем информацию по счету с ID=' . $ArrayAccountID_); $Start_date = date("d.m.Y", mktime(0, 0, 0, date("m"), date("d") - 1, date("Y"))); switch ($Period) { case "7days": $Start_date = date("d.m.Y", mktime(0, 0, 0, date("m"), date("d") - 7, date("Y"))); break; case "month": $Start_date = date("d.m.Y", mktime(0, 0, 0, date("m") - 1, date("d"), date("Y"))); break; case "halfyear": $Start_date = date("d.m.Y", mktime(0, 0, 0, date("m") - 6, date("d"), date("Y"))); break; case "year": $Start_date = date("d.m.Y", mktime(0, 0, 0, date("m"), date("d"), date("Y") - 1)); break; case "5years": $Start_date = date("d.m.Y", mktime(0, 0, 0, date("m"), date("d"), date("Y") - 5)); break; default: break; } $postData = 'endDate=' . date("d.m.Y") . '&id=' . $ArrayAccountID_ . '&periodtype=&startDate=' . $Start_date; $logger->addInfo('PostData:' . $postData); $data = http_requestSDM('https://retail.sdm.ru/finances/account/' . $ArrayAccountID_, true, $postData, false, $cookie, 'Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)', 120); $logger->addDebug('SDM extract account http trafic for: ' . $postData . '; Result Data:' . $data); if (!$data) { $logger->addError('не можем получить информацию по выписке'); return 'не можем получить информацию по выписке'; } $body = substr($data, strpos($data, 'body=') + 5, strlen($data) - 8 - strpos($data, 'body=')); //$logger->addInfo( 'BODY_1='. $body ); $doc->loadHTML($body); libxml_clear_errors(); $xpath = new DOMXPath($doc); //Выписка $TableTrStatement = $xpath->query('/html/body/div/div[1]/form/div[4]/div[2]/table/tbody/tr/td'); $TableTrStatementBlocking = $xpath->query('/html/body/div/div[1]/form/div[5]/table/tbody/tr/td'); $StatementIncoming = $xpath->query('//*[@id="account_data"]/table/tr[2]/td[1]'); $Account = $xpath->query('//*[@id="account_data"]/table/tr[1]/td[1]'); $Account_ = utf8_decode($Account->item(0)->nodeValue); $ArrayAccount[] = array("AccountId" => $ArrayAccountID_, "Account" => substr($Account_, 0, strpos($Account_, " "))); $StatementIncoming_ = str_replace(chr(194), '', str_replace(chr(160), '', str_replace(chr(13), '', str_replace(chr(10), '', $StatementIncoming->item(0)->nodeValue)))); $StatementIncoming_ = substr($StatementIncoming_, 0, strlen($StatementIncoming_) - strpos($StatementIncoming_, ' ')); $StatementIncoming_float = floatval($StatementIncoming_); $td_count = 8; $CountStatement = ($TableTrStatement->length - 4) / $td_count; $CountStatementBlocking = $TableTrStatementBlocking->length / 3; $logger->addInfo('CountStatement:' . $CountStatement); $logger->addInfo('CountStatementBlocking:' . $CountStatementBlocking); $logger->addInfo('StatementIncoming:' . $StatementIncoming_); //$ExtractList=Array(); /* foreach ($TableTrStatement as $tag1) { $logger->addInfo('NodeContent1:'.(utf8_decode($tag1->nodeValue))); }*/ //По выписке for ($i = 0; $i < $CountStatement; $i++) { //По td_count строчек в каждом table/tr for ($j = 0; $j < $td_count; $j++) { $logger->addInfo('i=' . $i . ';j=' . $j . ';' . utf8_decode($TableTrStatement->item($i * $td_count + $j)->nodeValue) . '|'); switch ($j) { case 0: $DocumentDate = $TableTrStatement->item($i * $td_count + $j)->nodeValue; break; case 1: $DocumentNumber = $TableTrStatement->item($i * $td_count + $j)->nodeValue; break; case 2: $Debit = str_replace('P', '', cp1251_to_utf8(preg_replace('#\\s#', '', utf8_to_cp1251($TableTrStatement->item($i * $td_count + $j)->nodeValue)))); break; case 3: $Credit = str_replace('P', '', cp1251_to_utf8(preg_replace('#\\s#', '', utf8_to_cp1251($TableTrStatement->item($i * $td_count + $j)->nodeValue)))); break; case 4: $Ground = utf8_decode($TableTrStatement->item($i * $td_count + $j)->nodeValue); break; case 5: $DateOperation = nodeContent($TableTrStatement->item($i * $td_count + $j)); break; case 6: $CardNumber = nodeContent($TableTrStatement->item($i * $td_count + $j)); break; case 7: $Ammount_Curr = $TableTrStatement->item($i * $td_count + $j)->nodeValue; $StatementIncoming = $StatementIncoming_float; break; default: break; } } //$ExtractList[]=Array($ArrayAccountID_=>Array("DocumentDate"=>$DocumentDate, $ExtractList[] = array("DocumentDate" => $DocumentDate, "DocumentNumber" => $DocumentNumber, "Debit" => $Debit, "Credit" => $Credit, "Ground" => $Ground, "DateOperation" => $DateOperation, "Ammount_Curr" => $Ammount_Curr, "CardNumber" => $CardNumber, "StatementIncoming" => $StatementIncoming, "AbsId" => $ArrayAccountID_); } if (count($ExtractList) > 1) { $json["AcountStatements"] = $ExtractList; //unset($ExtractList); } //else $json["AcountStatements"][]=Array($ArrayAccountID_=>Array()); /* //По блокировкам $xmlAcountStatementsBlocking = $xml->createElement("AcountStatementsBlocking"); $xmlAcountStatementsBlockingAttribute1= $xml->createAttribute("Count"); $xmlAcountStatementsBlockingAttribute1->value=$CountStatementBlocking; $xmlAcountStatementsBlocking->appendChild($xmlAcountStatementsBlockingAttribute1); $xmlAcountStatementsBlockingAttribute2= $xml->createAttribute("AccountId"); $xmlAcountStatementsBlockingAttribute2->value=$ArrayAccountID_; $xmlAcountStatementsBlocking->appendChild($xmlAcountStatementsBlockingAttribute2); $xmlRoot->appendChild($xmlAcountStatementsBlocking); $td_count=3; for ($i=0; $i<$CountStatementBlocking;$i++) { //По td_count строчек в каждом table/tr $xmlExtractBlockingList=$xml->createElement("ExtractBlockingList"); $xmlExtractBlockingListAttribute1= $xml->createAttribute("Count"); $xmlExtractBlockingListAttribute1->value=$CountStatementBlocking; $xmlAcountStatementsBlocking->appendChild($xmlExtractBlockingListAttribute1); $xmlAcountStatementsBlocking->appendChild($xmlExtractBlockingList); for ($j = 0; $j < $td_count; $j++) //td_count <td> { switch ($j) { case 0: $xmlDocumentDateBlocking=$xml->createElement("DocumentDate"); $xmlExtractBlockingList->appendChild($xmlDocumentDateBlocking); $xmlDocumentDateBlocking->nodeValue=utf8_decode($TableTrStatementBlocking->item($i*$td_count+j)->nodeValue); break; case 1: $xmlAmountBlocking=$xml->createElement("AmountBlocking"); $xmlExtractBlockingList->appendChild($xmlAmountBlocking); $xmlAmountBlocking->nodeValue=utf8_decode($TableTrStatementBlocking->item($i*$td_count+$j)->nodeValue); break; case 2: $xmlWhereBlocking=$xml->createElement("WhereBlocking"); $xmlExtractBlockingList->appendChild($xmlWhereBlocking); $xmlWhereBlocking->nodeValue=utf8_decode($TableTrStatementBlocking->item($i*$td_count+$j)->nodeValue); break; default: break; } } } */ } $data = http_requestSDM('https://retail.sdm.ru/', false, '', 'https://retail.sdm.ru', '', 'Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; WOW64; Trident/6.0)', 60); if (!$data) { $logger->addError('не можем получить информацию по счетам'); return 'не можем получить информацию по счетам'; } $logger->addDebug('NEXT SDM Http trfafic; Result Data:' . $data); $body = substr($data, strpos($data, 'body=') + 5, -8); $doc = new DOMDocument(); libxml_use_internal_errors(true); $doc->loadHTML($body); libxml_clear_errors(); $xpath = new DOMXPath($doc); $TableTrAccount = $xpath->query('//div[@class="Content-Center"]/div[1]//table/tr/td'); $TableTrCard = $xpath->query('//div[@class="Content-Center"]/div[2]//table/tr/td'); if ($TableTrAccount->length > 1) { $CountAccount = $TableTrAccount->length / 4; } else { $CountAccount = 0; } if ($TableTrCard->length > 1) { $CountCard = $TableTrCard->length / 6; } else { $CountCard = 0; } $logger->addInfo('CountAccount=' . $CountAccount); $logger->addInfo('CountCard=' . $CountCard); //По счетам $ArrayAccountID = array(); for ($i = 0; $i < $CountAccount; $i++) { for ($j = 0; $j < 4; $j++) { // $logger->addInfo('i='.$i.';j='.$j.';'.nodeContent($TableTrAccount->item($i*4+$j))); switch ($j) { case 0: $CurrCode = GetSdmTextFromAlt($TableTrAccount->item($i * 4)); break; case 1: $AccountName = $TableTrAccount->item($i * 4 + 1)->nodeValue; //$AccountName=nodeContent($TableTrAccount->item($i*4 +j+1)); break; case 2: $Rest = HtmlToFloat($TableTrAccount->item($i * 4 + $j)); break; case 3: $AccountId = str_replace('" "ajax-window"История платежей/a', '', str_replace('a href="/finances/account/', '', nodeContent($TableTrAccount->item($i * 4 + $j)))); $ArrayAccountID[] = $AccountId; break; default: break; } } foreach ($ArrayAccount as $ArrayAccount_) { if ($ArrayAccount_["AccountId"] == $AccountId) { $Account = $ArrayAccount_["Account"]; } } $json["AccountsList"][] = array("CurrCode" => $CurrCode, "AccountName" => $AccountName, "Account" => $Account, "Rest" => $Rest, "AcountID" => $AccountId); $Account = ""; } //По картам for ($i = 0; $i < $CountCard; $i++) { for ($j = 0; $j < 6; $j++) { $logger->addInfo('i=' . $i . ';j=' . $j . ';' . nodeContent($TableTrCard->item($i * 6 + $j))); // printf('i='.$i.';j='.$j.';'.nodeContent($TableTrCard->item($i*6+$j)).'<br>'); switch ($j) { case 0: $CurrCodeCard = GetSdmTextFromAlt($TableTrCard->item($i * 6 + $j)); break; case 1: //$CardType=GetSdmTextFromAlt($TableTrCard->item($i*6+$j)); break; case 2: $CardType = $TableTrCard->item($i * 6 + $j)->nodeValue; $CardID = GetSdmCardId($TableTrCard->item($i * 6 + $j)); break; case 4: $RestCard = nodeContent($TableTrCard->item($i * 6 + $j)); break; case 5: $CardClose = str_replace('срок действия: ', '', nodeContent($TableTrCard->item($i * 6 + $j))); break; default: break; } } $json["CardList"][] = array("CurrCode" => $CurrCodeCard, "CardType" => $CardType, "CardID" => $CardID, "RestCard" => $Rest, "CardClose" => $CardClose); } $logger->addInfo('Good result: ' . Json::json_encode($json)); $logger->addInfo('End SDMRestAccount class'); return Json::json_encode($json); }
function ImportFILTR() { global $modx; $today = date("Y-m-d_H_i_s"); echo "-------------------------------------------------------------------"; echo "*******************************************************************"; echo $today; echo "*******************************************************************"; include "csv.php"; //var_dump($_FILES); //var_dump($_POST); $uploaddir = $_SERVER['DOCUMENT_ROOT'] . '/imports/'; $uploadfile = $uploaddir . basename($_FILES['importFile']['name']); echo '<pre>'; if (move_uploaded_file($_FILES['importFile']['tmp_name'], $uploadfile)) { echo "Файл корректен и был успешно загружен.\n"; $bk_file = $uploaddir . "history/" . $today . "_" . $_SERVER['REMOTE_ADDR'] . "_" . basename($_FILES['importFile']['name']); echo $bk_file . "<br>"; copy($uploadfile, $bk_file); try { // $csv = new CSV($uploadfile); //Открываем наш csv $csv = new CSV($uploadfile); //Открываем наш csv $get_csv = $csv->getCSV(); $sql = ""; $sql_d = ""; $modx->query("TRUNCATE TABLE s_filtr;"); foreach ($get_csv as $value) { //Проходим по строкам /* echo "Код: " . cp1251_to_utf8($value[0]) . "<br/>"; echo "Наименование кат: " .cp1251_to_utf8($value[1]) . "<br/>"; */ $value[0] = cp1251_to_utf8(mysql_escape_string($value[0])); $value[1] = cp1251_to_utf8(mysql_escape_string($value[1])); $value[2] = cp1251_to_utf8(mysql_escape_string($value[2])); $value[3] = cp1251_to_utf8(mysql_escape_string($value[3])) + 0; $sql = "INSERT INTO `s_filtr`\n (`id`, `catalog`, `filtr`, `f_value`, `f_type`)\n VALUES\n (NULL, '" . $value[0] . "', '" . $value[1] . "', '" . $value[2] . "', '" . $value[3] . "');"; echo $sql . "<br>"; $modx->query($sql); } } catch (Exception $e) { //Если csv файл не существует, выводим сообщение echo "Ошибка: " . $e->getMessage(); } } else { echo "Возможная атака с помощью файловой загрузки!\n"; } }