function data_dir($name) { $d = disciple_json()->serverdata . $name; if (!is_dir($d)) { mkdir($d, 0777, true); } return $d; }
function display_wad_table($limit = 0) { echo "\n<table>\n\t<tr>\n\t\t<th></th>\n\t\t<th>File</th>\n\t\t<th>Size</th>\n\t\t<th>Uploaded by</th>\n\t\t<th>Date and time</th>\n\t\t<th>MD5</th>\n\t</tr>\n"; $db = getsql(); $limitstring = ''; if ($limit > 0) { $limitstring = " LIMIT {$limit}"; } $q = $db->query("SELECT * FROM `wads` ORDER BY `time` DESC {$limitstring}"); if ($q->num_rows < 1) { echo "\n<div id='serversbox'>\n\t<div style='width: 100%; text-align: center'>\n\t\tThere are no WADs uploaded yet.\n\t\t"; if (is_authed()) { echo "\n\t\t<br />\n\t\tFeel free to upload one from the main WADs page.\n\t\t"; } echo "\n\t</div>\n</div>\n\t\t\t\t\t"; } elseif ($q->num_rows > 0) { while ($o = $q->fetch_object()) { $id = $o->id; $size = human_filesize(filesize(disciple_json()->serverdata . '/wads/' . $o->filename)); $filename = $o->filename; $uploader = $o->uploader; $uploader_name = user_info($uploader)->username; $time = date('Y-m-d \\a\\t H:i:s', $o->time); echo "\n<tr id='wadrow-{$id}'>\n\t<td>\n"; if (is_authed()) { if (user_info()->userlevel >= UL_ADMINISTRATOR || $uploader == $_SESSION['id']) { echo "<a href='javascript:deleteWad({$id});' title='Delete'><i class='material-icons'>delete</i></a>"; } if (user_info()->userlevel >= UL_ADMINISTRATOR) { if ($db->query("SELECT * FROM `wadbans` WHERE `md5`='" . $o->md5 . "'")->num_rows == 0) { echo "<a href='javascript:banWad({$id});' title='Ban'><i class='material-icons'>not_interested</i></a>"; } else { echo "<a href='javascript:unbanWad({$id});' title='Unban'><i class='material-icons'>done</i></a>"; } } } echo "\n</td>\n<td><a href='/wads/{$filename}'>{$filename}</a></td>\n<td>{$size}</td>\n<td>{$uploader_name}</td>\n<td>{$time}</td>\n<td id='wadmd5-{$id}'><a href='javascript:wadMd5({$id});'>Show</a></td>\n</tr>\n"; } echo "</table>"; } }
echo 1; } elseif ($call == 'md5') { $id = intval(api_checkarg_post('id')); if ($id == 0) { api_error(SN_API_CALL_BAD_PARAMETER, 'id is not a number'); } $db = getsql(); $q = $db->query(sprintf("SELECT md5,filename FROM wads WHERE id=%d", $id)); if ($q->num_rows < 1) { api_error(SN_API_CALL_BAD_PARAMETER, 'id is not a valid WAD id'); } $o = $q->fetch_object(); $md5 = $o->md5; // If empty, generate it if (empty($md5)) { $md5 = md5_file(disciple_json()->serverdata . '/wads/' . $o->filename); $db->query(sprintf("UPDATE `wads` SET `md5`='%s' WHERE `id`=%d", $md5, $id)); } echo sprintf('MD5OK %s', $md5); } elseif ($call == 'search') { $s = api_checkarg_post('q'); $db = getsql(); $q = $db->query(sprintf("SELECT id,filename FROM wads WHERE filename LIKE '%%%s%%'", $db->real_escape_string($s))); if ($q->num_rows < 1) { echo '[]'; exit; } $out = array(); while ($o = $q->fetch_object()) { array_push($out, array('id' => intval($o->id), 'plain' => $o->filename, 'html' => str_replace($s, "<span class='ul'>{$s}</span>", $o->filename))); }
?> </div> <?php } else { ?> <?php echo disciple_json()->site_name; ?> is a semi-automatic server hosting service for Zandronum. It allows users to host their own servers using a web-based interface, without any of the hassle that is port forwarding, seeing if other people can see your server, etc. <br/> <br/> To use <?php echo disciple_json()->site_name; ?> , simply <a href='/register'>register</a>. You can then host a maximum of <?php echo disciple_json()->serverlimit; ?> servers for free. <?php } ?> <br /> <?php sn_page_cfooter(); ?> <?php sn_page_end_container(); sn_page_footer();
<?php include dirname(dirname(dirname(__FILE__))) . '/common/config.php'; include 'apishared.php'; $db = getsql(); define('USERNAME_MAX_LENGTH', 20); define('PASSWORD_MAX_LENGTH', 70); $call = api_checkarg_post('fn'); if ($call == 'register') { $username = $db->real_escape_string(api_checkarg_post_required('username', 'Username')); if (preg_match('/[^a-zA-Z0-9_]+/', $username)) { api_error(SN_API_CALL_BAD_PARAMETER, 'Username contains invalid characters.'); } $qUserExists = $db->query(sprintf("SELECT `id` FROM `users` WHERE `username`='%s'", $username)); if ($qUserExists->num_rows > 0) { api_error(SN_USER_ALREADY_EXISTS, "Account {$username} already exists."); } $password = api_checkarg_post_required('password', 'Password'); $email = $db->real_escape_string(api_checkarg_post_required('email', 'E-mail')); if (strlen($username) > USERNAME_MAX_LENGTH) { api_error(SN_USERNAME_TOO_LONG, sprintf('Username "%s" is too long. The maximum length is %d characters. Pick a new name or trim your current one by %d characters.', $username, USERNAME_MAX_LENGTH, strlen($username) - USERNAME_MAX_LENGTH)); } if (strlen($password) > PASSWORD_MAX_LENGTH) { api_error(SN_PASSWORD_TOO_LONG, sprintf('Your password is too long. The maximum length is %d characters.', PASSWORD_MAX_LENGTH)); } $password_hashed = password_hash($password, PASSWORD_BCRYPT, array('cost' => 14)); $db->query(sprintf("INSERT INTO `users` (username, password, email, serverlimit) VALUES ('%s', '%s', '%s', %d)", $username, $password_hashed, $email, disciple_json()->serverlimit)); echo 1; }
<?php include dirname(dirname(dirname(__FILE__))) . '/common/config.php'; include dirname(dirname(dirname(__FILE__))) . '/common/server.php'; include dirname(dirname(dirname(__FILE__))) . '/common/session.php'; include 'apishared.php'; $call = api_checkarg_post('fn'); $db = getsql(); if ($call == 'create') { $binary = $db->real_escape_string(api_checkarg_post_required('binary', 'Zandronum version')); $hostname = $db->real_escape_string(api_checkarg_post_required('hostname', 'Host name')); $iwad = $db->real_escape_string(api_checkarg_post_required('iwad', 'IWAD')); $gamemode = $db->real_escape_string(api_checkarg_post_required('gamemode', 'Game mode')); $instagib = $db->real_escape_string(api_checkarg_post_required('instagib', 'Instagib') == 'true'); $buckshot = $db->real_escape_string(api_checkarg_post_required('buckshot', 'Buckshot') == 'true'); $stdata = $db->real_escape_string(api_checkarg_post_required('stdata', 'Skulltag data') == 'true'); $skill = intval(api_checkarg_post('skill', 0)); $dmflags = intval(api_checkarg_post('dmflags', 0)); $dmflags2 = intval(api_checkarg_post('dmflags2', 0)); $zadmflags = intval(api_checkarg_post('zadmflags', 0)); $compatflags = intval(api_checkarg_post('compatflags', 0)); $zacompatflags = intval(api_checkarg_post('zacompatflags', 0)); $wads = api_checkarg_post('wads', array()); $optwads = api_checkarg_post('optwads', array()); $binary = disciple_json()->main_binary; $iwad = data_dir('/iwads/') . $iwad . '.wad'; $s = new server($binary, $wads, $optwads, $iwad, $hostname, false, $gamemode, '', $skill, $stdata, $instagib, $buckshot, $dmflags, $dmflags2, $zadmflags, $compatflags, $zacompatflags); $s->start(); echo "1 " . $s->id; }
protected function generate_command_line() { $out = $this->binary; $out .= sprintf(' +set _sid %s ', $this->id); $out .= '-host '; foreach ($this->wads as $w) { $out .= sprintf('-file "%s" ', $w); } foreach ($this->optwads as $w) { $out .= sprintf('-optfile "%s" ', $w); } $out .= sprintf('-iwad "%s" ', $this->iwad); $out .= sprintf('+sv_hostname "%s %s" ', disciple_json()->hostname_prefix, $this->hostname); $gamemode = 'cooperative'; // Gamemode name to CVar switch ($this->gamemode) { case 'deathmatch': case 'terminator': case 'possession': case 'teampossession': case 'skulltag': case 'duel': case 'teamgame': case 'domination': case 'survival': case 'invasion': case 'cooperative': case 'ctf': $gamemode = $this->gamemode; break; case 'teamdm': $gamemode = 'teamplay'; break; case 'lms': $gamemode = 'lastmanstanding'; break; case 'teamlms': $gamemode = 'teamlastmanstanding'; break; case 'oneflag': $gamemode = 'oneflagctf'; break; default: $gamemode = 'cooperative'; break; } $out .= sprintf("+%s true ", $gamemode); $out .= sprintf("+skill %d ", $this->skill); $out .= sprintf("+instagib %d ", $this->instagib ? 1 : 0); $out .= sprintf("+buckshot %d ", $this->buckshot ? 1 : 0); $out .= sprintf("+dmflags %d ", $this->dmflags); $out .= sprintf("+dmflags2 %d ", $this->dmflags2); $out .= sprintf("+zadmflags %d ", $this->zadmflags); $out .= sprintf("+compatflags %d ", $this->compatflags); $out .= sprintf("+zacompatflags %d ", $this->zacompatflags); $out .= sprintf('+exec "%s" ', $this->config); return $out; }
<?php include dirname(dirname(__FILE__)) . '/common/pages.php'; include dirname(dirname(__FILE__)) . '/config/config.php'; ?> <?php sn_page_header(); ?> <?php sn_page_start_container(); ?> <h1>Log in to <?php echo disciple_json()->site_name; ?> </h1> <div style='text-align: center;'> <div class='card'> <?php // Handle errors that may have been sent back from api/login.php if (isset($_GET['nouser'])) { echo "<div class='submit-err'>User '" . $_GET['nouser'] . "' was not found.</div>"; } elseif (isset($_GET['badpass'])) { echo "<div class='submit-err'>Invalid password.</div>"; } elseif (isset($_GET['fromreg'])) { echo "<div class='submit-err' style='color:#FFF;'>Welcome, " . $_GET['fromreg'] . "! You may log in below.</div>"; } ?> <form action='/api/login.php' method='post'> <input type='text' placeholder='Username' name='user' /> <br />
function sn_page_cfooter() { $gendate = date('Y-m-d \\a\\t H:i:s.u'); $year = date('Y'); echo "\n<br />\n<footer id='cfooter'>\n\tGenerated by Disciple v" . DISCIPLE_VERSION . " at {$gendate}\n\t<br />\n\tCopyright © {$year} <a href='http://plussean.co.uk'>Sean Baggaley</a> and " . disciple_json()->site_name . ".\n</footer>\n"; }