function kickAdmin($admin_id, $serverid, $userid) { include 'config.php'; $auth = auth($serverid, $userid); if ($auth == 1) { $pdo = new PDO($dsn, $dbuser, $pass); $ips = getips($serverid); $admins = str_replace('#' . $admin_id . '#', "#", $ips['admin_id']); $st = $pdo->prepare("UPDATE servers SET admin_id = :admins WHERE serverid = :serverid"); $st->bindParam(':admins', $admins, PDO::PARAM_STR); $st->bindParam(':serverid', $serverid); $st->execute(); return "Done"; } else { return "Perm Error"; } }
<?php session_start(); if (!isset($_SESSION['userid'])) { die('Bitte zuerst <a href="login.php">einloggen</a>'); } include 'functions.php'; //Type Converter $ips = getips($GET_['serverid']); $ctype = typeCon($ips['type']); echo $_SESSION['userid']; $auth = auth($GET_['serverid'], $_SESSION['userid']); $tday = date('G-i-s--j-m-y'); //Security checks if ($auth == 1) { echo "Server is going down..."; $out = shell_exec('screen -S ' . $ctype . $serverid . 'x -X kill'); exec('mv log/' . $serverid . '.n log/old/' . $tday . 'ID' . $serverid . '.n'); } elseif ($auth == 2) { echo "Server is going down..."; $out = shell_exec('screen -S ' . $ctype . $serverid . 'x -X kill'); exec('mv log/' . $serverid . '.n log/old/' . $tday . 'ID' . $serverid . '.n'); } else { //echo "You are not allowed to do this!"; } ?> <head> <meta http-equiv="refresh" content="0; url=dos.php" /> </head>
function accept_connection($socket) { while (1) { try { $conn = stream_socket_accept($socket, 0); stream_set_blocking($conn, 0); stream_set_timeout($conn, 120); debug("new connection"); $start = time(); while (!feof($conn)) { if (time() - $start > 10) { break; } $req = trim(stream_socket_recvfrom($conn, 1024)); if (strlen($req) == 0) { continue; } debug("received {$req}"); $eof = false; if (strpos($req, "EOF") !== false) { $eof = true; $req = str_replace("EOF", "", $req); } $cmd = explode("|", $req); debug("command count: " . (count($cmd) - 1)); for ($i = 0; $i < count($cmd) - 1; $i++) { $c = $cmd[$i]; debug("command #{$i}: {$c}"); $c = preg_replace('/ 0+(\\d+)$/', ' $1', $c); $id = substr($c, 0, strpos($c, " ")); $c = substr($c, strpos($c, " ") + 1); if (!preg_match(SYNTAX, $c) && !preg_match(SYNTAX_IP, $c) && !preg_match(SYNTAX_PORT, $c) || !is_numeric($id) && $id != '*') { debug("invalid entry: " . $cmd[$i]); continue; } $host = substr($c, strpos($c, "-s ") + strlen("-s "), strpos($c, "/32") - strpos($c, "-s ") - strlen("-s ")); $cmds = array(); $type = substr($c, 0, strpos($c, " ")); debug("type = {$type}"); if ((preg_match(SYNTAX, $c) || preg_match(SYNTAX_IP, $c)) && preg_match('/[^0-9\\.]/', $host)) { debug("getting ip"); $ips = getips($id, $host, $type); //debug("lock block 1 took " .(microtime(true) - $start)); debug("got ip"); // for these hosts, let the rules be evicted rather than remove them, since it will be overkill // as they are used very often foreach ($ips as $ip) { $cmds[] = str_replace($host, $ip, $c); } } else { $cmds[] = $c; } foreach ($cmds as $c) { $c = substr($c, strpos($c, " ") + 1); lock(); //$start = microtime(true); $adds = getVar(); if ($type == '-A') { $exists = $adds[$c]; if ($exists && my_array_search($id, $adds[$c]) !== false) { unlock(); continue; } $adds[$c][] = $id . ":" . time(); setVar($adds); if (!$exists) { debug("adding entry {$c}"); iptables($c, "-A"); } } else { if ($type == '-D') { if (checkDeleted($adds, $id, $c)) { debug("deleting entry {$c}"); iptables($c, "-D"); } } } //debug("lock block 2 took " .(microtime(true) - $start)); unlock(); } } if ($eof) { debug("next.."); break; } usleep(50000); } stream_socket_sendto($conn, "BYE"); @fclose($conn); } catch (Exception $e) { try { unlock(); // in case it was locked unlock(DNS_INDEX); } catch (Exception $ex) { // ignore } } usleep(50000); } }
</head> <body> <title>Game Server Interface</title> <script src="functions.js"></script> <link href="options.css" rel="stylesheet" type="text/css" /> <h1>Game Server Interface</h1> <a class="a2"href="logout.php">logout</a> <a class="a2" href="bugs/bug.php">Report Bug</a> <a class="a2" href="myprofile.php">My Profile</a> <?php include 'config.php'; include 'functions.php'; $serverid = $_GET['serverid']; $auth = auth($serverid, $userid); echo '<p>Your User-ID is: ' . $userid . '</p>'; $ips = getips($_GET['serverid']); $configs = shell_exec('ls ' . $direction1 . $serverid . '/costmstartparam'); $info = explode("\n", $configs); if ($auth == 1) { $arradmins = explode('#', $ips['admin_id']); echo '<div class="small"> <form action="allow.php?serverid=' . $serverid . '" method="post"> <input type="number" min="1" default="1" name="newadmin" placeholder=" id"> <input id="submitter" class="disableditem" type="submit" value="Confirm"> <label for="submitter" class="normala">add</label> </form>'; for ($i = 1; $i < count($arradmins) - 1; $i++) { echo '<span id=ad' . $arradmins[$i] . '>'; echo '<p2>[' . $arradmins[$i] . '</p2>'; echo '<a onclick=kick("' . $arradmins[$i] . '","' . $serverid . '") class="normala">Kick]</a></span> '; }