Пример #1
0
 public function isComplete()
 {
     $isComplete = true;
     if (emptyInput($this->flagType_id) || $this->flagType_textarea == true && emptyInput($this->flagText)) {
         $isComplete = false;
     }
     return $isComplete;
 }
Пример #2
0
} else {
    $change_rcon_pw = false;
}
// Whether to change DB PW or not
if ($pb == 'on') {
    $pb = 1;
} else {
    $pb = 0;
}
## Check for empty vars ##
emptyInput($name, 'server name');
emptyInput($ip, 'server IP');
emptyInput($rcon_ip, 'Rcon IP');
emptyInput($rcon_port, 'Rcon Port');
if ($change_rcon_pw == true) {
    emptyInput($rcon_pw, 'Rcon password');
}
// check that the rcon_ip is valid
if (!filter_var($rcon_ip, FILTER_VALIDATE_IP)) {
    sendBack('That Rcon IP Address is not valid');
}
// check that the rcon_ip is valid
if (!filter_var($ip, FILTER_VALIDATE_IP)) {
    sendBack('That server IP Address is not valid');
}
// Check Port is a number between 4-5 digits
if (!is_numeric($rcon_port) || !preg_match('/^[0-9]{4,5}$/', $rcon_port)) {
    sendBack('Rcon Port must be a number between 4-5 digits');
}
if ($is_add) {
    // if is add server request
Пример #3
0
     $td = new Encrypt($_SESSION['user']->getKey());
     $field = $td->decrypt($field);
     if (!$encrypted && $row->fieldName === 'age') {
         if ($field > 90) {
             $field = 'Over 90';
         }
     }
 }
 switch ($row->type) {
     case 'checkbox':
         $sql = "SELECT {$row->fieldName}_id as cbVal FROM {$row->pages_name}{$row->fieldName} WHERE {$row->pages_name}_id = ?";
         $pA = array('i', $dataRow->{$row->pages_name . '_id'});
         $cbVal = DB::query($sql, $pA);
         $field = $cbVal->getArray('cbVal');
         foreach ($cbFields[$row->pages_name][$row->fieldName] as $cb) {
             if (emptyInput($field)) {
                 $line[] = "";
                 continue;
             }
             if (in_array($cb, $field)) {
                 $line[] = "1";
             } else {
                 $line[] = "0";
             }
         }
         break;
     case 'text':
     case 'textarea':
         $line[] = '"' . $field . '"';
         break;
     default:
Пример #4
0
    sendGood('This blacklist ban has been re-activiated');
    exit;
    // no need to continue
} elseif ($_POST['ip']) {
    // if this is an add request
    if (!verifyFormToken('addbl', $tokens)) {
        // verify token
        ifTokenBad('BL Add');
    }
    // if bad log, add hack counter and throw error
    // set and clean vars
    $reason = cleanvar($_POST['reason']);
    $ip = cleanvar($_POST['ip']);
    // check for empty inputs
    emptyInput($reason, 'the reason');
    emptyInput($ip, 'IP Address');
    // if reason is default comment msg, send back with error
    if ($reason == "Enter a reason for this ban...") {
        sendBack('You must add a reason as to why this IP ban is being added');
    }
    // check if it is a valid IP address
    if (!filter_var($ip, FILTER_VALIDATE_IP)) {
        sendBack('That IP address is not valid');
    }
    $whitelist = array('token', 'reason', 'ip');
    // allow form fields to be sent
    // Building an array with the $_POST-superglobal
    foreach ($_POST as $key => $item) {
        if (!in_array($key, $whitelist)) {
            hack(1);
            // plus 1 to hack counter
Пример #5
0
        // verify token
        ifTokenBad('Reg Key Delete');
    }
    // if bad token, log and send error
    $result = $dbl->delKey($key);
    if ($result) {
        sendGood('Registration key deleted');
    } else {
        sendBack('There was an problem completeing your request');
    }
    exit;
    // no need continuing with this script
} elseif ($_POST['comment']) {
    // if this is an edit comment request
    $key = cleanvar($_POST['key']);
    $comment = cleanvar($_POST['comment']);
    emptyInput($comment, 'comment');
    $result = $dbl->editKeyComment($key, $comment, $mem->id);
    // this is an ajax request, so we need to echo error/success messages
    if ($result) {
        echo 'yes';
    } else {
        echo 'no';
    }
    exit;
    // no need to continue
} else {
    // if form not submitted
    set_error('Please do not load that page directly, thank you.');
    sendHome();
}
Пример #6
0
require '../inc.php';
// set and clean vars of unwanted materials
$username = cleanvar($_POST['username']);
$display = cleanvar($_POST['display']);
$pw1 = cleanvar($_POST['pw1']);
$pw2 = cleanvar($_POST['pw2']);
$key = cleanvar($_POST['key']);
$email = cleanvar($_POST['email']);
if ($pw1 != $pw2) {
    // if the passwords don't match send them back
    sendBack('The supplied passwords to do match');
}
// check for empty inputs
emptyInput($display, 'display name');
emptyInput($username, 'username');
emptyInput($pw1, 'your new password');
// check the new email address is a valid email address
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
    sendBack('That email address is not valid');
}
## Check if key and email are valid ##
$valid_key = $dbl->verifyRegKey($key, $email, $key_expire);
if (!$valid_key && key == "0") {
    // if the key sent is a valid one
    sendBack('The key or email you submitted are not valid.');
}
## Add user to users table ##
// generate a new salt for the user
$salt = genSalt();
// find the hash of the supplied password and the new salt
$password = genPW($pw1, $salt);
Пример #7
0
 public function checkComplete($page = NULL, $data = NULL, $record = NULL)
 {
     $checkComplete = true;
     if (!$page) {
         $page = $this->getPage();
     }
     // Fire this off first to prevent any possible complication of passing through the record to the form field processes
     $fields = $this->getFormFields($page, false, NULL, $record);
     if (!$record) {
         $record = $this->record;
     }
     if (!$data) {
         $data = $record->getData($page);
         if (!$data) {
             return false;
         }
     }
     foreach ($fields as $name => $values) {
         if (isset($values['mandatory'])) {
             $mand = $values['mandatory'];
             $fieldName = substr($name, strpos($name, "-") + 1);
             if (strpos($fieldName, "[")) {
                 $fieldName = substr($fieldName, 0, strpos($fieldName, "["));
             }
             if (strpos($mand, "_")) {
                 list($mandField, $mandValue) = explode("_", $mand);
             } else {
                 $mandField = $mand;
                 $mandValue = 1;
             }
             if ($mand == 1 || $data->get($mandField) == $mandValue) {
                 // If either mandatory is 1, or the fieldname in mandatory is truthy
                 if (emptyInput($data->get($fieldName)) && !(method_exists($data, 'getFlag') && $data->getFlag($page, $fieldName, $record->getID()))) {
                     // See if that field is filled and unflagged
                     $checkComplete = false;
                     // If not set return value as false and break (only takes one empty field to not be complete
                     break;
                 }
             }
         }
     }
     if ($checkComplete) {
         $data->complete = 1;
     } else {
         $data->complete = 0;
     }
     return $checkComplete;
 }
Пример #8
0
 $install_dir = $_SERVER['SCRIPT_NAME'];
 $echelon_dir = preg_replace('#install/index.php#', '', $install_dir);
 ## Create an Echelon salt
 $ech_salt = genSalt(16);
 $ses_salt = randPass(6);
 ## Get the form information ##
 $email = cleanvar($_POST['email']);
 $db_host = cleanvar($_POST['db-host']);
 $db_user = cleanvar($_POST['db-user']);
 $db_pass = cleanvar($_POST['db-pass']);
 $db_name = cleanvar($_POST['db-name']);
 emptyInput($email, 'your email address');
 emptyInput($db_host, 'your email address');
 emptyInput($db_host, 'database hostname');
 emptyInput($db_user, 'database username');
 emptyInput($db_name, 'database name');
 // check the new email address is a valid email address
 if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
     sendBack('That email is not valid');
 }
 ## test connection is to the Db works ##
 define("DBL_HOSTNAME", $db_host);
 // hostname of where the server is located
 define("DBL_USERNAME", $db_user);
 // username that can connect to that DB
 define("DBL_PASSWORD", $db_pass);
 // Password for that user
 define("DBL_DB", $db_name);
 // name of the database to connect to
 define("DB_CON_ERROR_SHOW", TRUE);
 // start connectionn to the DB
Пример #9
0
    ## if logged in users may skip this page
    sendHome();
    // send to the index/home page
} elseif ($_POST['f-name']) {
    ## if this is a log in request
    // if over the maxium amount of wrong attempts,
    // or if hack attempts detected, BL user IP and remove user
    locked();
    // set sent vars
    $username = cleanvar($_POST['f-name']);
    // strip and remove spaces from vars
    $pw = $_POST['f-pw'];
    $game_input = cleanvar($_POST['f-game']);
    // are they empty values
    emptyInput($username, 'username');
    emptyInput($pw, 'password');
    if (!verifyFormTokenLogin('login')) {
        // verify token
        wrong(1);
        // plus 1 to wrong counter
        hack(1);
        // plus 1 to hack counter
        writeLog('Login - Bad Token');
        // make note in log
        sendBack('Login Failed - Stop! Attack detected!!!');
        exit;
    }
    // Building a whitelist array with keys which will send through the form, no others would be accepted later on
    $whitelist = array('token', 'f-name', 'f-pw', 'f-game');
    // Building an array with the $_POST-superglobal
    foreach ($_POST as $key => $item) {
Пример #10
0
 public function addErrors($error)
 {
     // Takes the error Session variable and loops through the inputs to add error state
     foreach ($this->inputs as $input) {
         if (isset($error[$input->getName()])) {
             $errorVal = $error[$input->getName()]['value'];
             $errorMessage = $error[$input->getName()]['error'];
             if (emptyInput($input->getValue())) {
                 if ($errorVal !== false) {
                     $input->addValue($errorVal);
                 }
                 $input->setError('error', $errorMessage);
             } else {
                 $input->setError('error_value');
             }
         } else {
             if ($input->isMand() && emptyInput($input->getValue())) {
                 $input->setError('warning');
             }
         }
     }
 }
Пример #11
0
            // if is AJAX request
            echo $data;
        } else {
            sendBack('');
        }
        // sendBack with no error
    }
}
if (isset($_GET['auto'])) {
    echo $plugin->getLastChats($_GET['table-num'], $_GET['last-id']);
}
if (isset($_POST['tables'])) {
    if ($mem->reqLevel('chats_edit_tables')) {
        // extra perms needed to edit settings
        $tables = $_POST['tables'];
        $names = $_POST['table-names'];
        emptyInput($tables, 'tables');
        emptyInput($names, 'names');
        $num_tables = count(explode(',', $tables));
        $num_names = count(explode(',', $names));
        if ($num_tables != $num_names) {
            sendBack('You need to have the same number of tables listed as you do names');
        }
        $results = $plugin->editSettings($tables, $names);
        if (!$results) {
            sendBack('There was a problem. Maybe the table names you gave us are incorrect.');
        } else {
            sendGood('The chatlog settings have been updated');
        }
    }
}
Пример #12
0
$auth_name = 'comment';
$b3_conn = true;
// this page needs to connect to the B3 database
require '../../inc.php';
if (!isset($_POST['comment-sub'])) {
    // if the form is submitted
    set_error('Please do not call that page directly');
    send('../../');
}
## check that the sent form token is corret
if (verifyFormToken('comment', $tokens) == false) {
    // verify token
    ifTokenBad('Add comment');
}
// Gets vars from form
$cid = cleanvar($_POST['cid']);
$comment = cleanvar($_POST['comment']);
// Check for empties
emptyInput($comment, 'comment');
emptyInput($cid, 'client id not sent');
## Check sent client_id is a number ##
if (!isID($cid)) {
    sendBack('Invalid data sent, ban not added');
}
## Query ##
$result = $dbl->addEchLog('Comment', $comment, $cid, $mem->id, $game);
if ($result) {
    sendGood('Comment added');
} else {
    sendBack('There is a problem, your comment was not added to the database');
}
Пример #13
0
 /**
  * General Validation method - called from within
  */
 protected function validate()
 {
     $testVal = $this->validateType();
     // First check that the type of value is right
     $this->_valid = true;
     while (!is_null($testVal) && $this->_valid !== false && ($group = $this->_valRules->nextGroup())) {
         $groupVal = true;
         // If not already validated and there is a group to validate
         $groupType = $group->getType();
         // Is the group and AND or an OR?
         while ($rule = $group->nextRule()) {
             $ruleVal = true;
             if (is_null($rule['value'])) {
                 continue;
             }
             // Skip if nothing to validate against
             $limits = explode('/', $rule['value']);
             switch ($this->_varType) {
                 case 'number':
                 case 'duration':
                     // Only care about HARD validation for server
                     if ($rule['special'] == 'HARD' || is_null($rule['special'])) {
                         $ruleVal = $this->doCompare($testVal, $limits, $rule['operator']);
                     } elseif ($rule['special'] == 'REFERENCE') {
                         foreach ($limits as $key => $value) {
                             $numberLoc = explode('-', $value);
                             $numberCheck = $this->_data->getField($numberLoc[0], $numberLoc[1]);
                             if ($numberCheck) {
                                 $numberLimits[$key] = $rule['operator'] == 'AGE' ? strtotime($numberCheck) : $numberCheck;
                             } else {
                                 break 2;
                             }
                         }
                         $ruleVal = $this->doCompare($testVal, $numberLimits, $rule['operator']);
                     }
                     break;
                 case 'date':
                     $dateToTest = strtotime($testVal);
                     if ($rule['special'] == 'RELATIVE') {
                         // Dates relative to current date
                         foreach ($limits as $key => $value) {
                             if (is_integer($value)) {
                                 $dateLimits[$key] = strtotime("{$value} years");
                             } else {
                                 $dateLimits[$key] = strtotime(round($value * 365) . " days");
                             }
                         }
                         $ruleVal = $this->doCompare($dateToTest, $dateLimits, $rule['operator']);
                     } else {
                         if ($rule['special'] == 'ABSOLUTE') {
                             foreach ($limits as $key => $value) {
                                 $dateLimits[$key] = strtotime($value);
                             }
                             $ruleVal = $this->doCompare($dateToTest, $dateLimits, $rule['operator']);
                         } else {
                             if ($rule['special'] == 'REFERENCE') {
                                 foreach ($limits as $key => $value) {
                                     $dateLoc = explode('-', $value);
                                     $dateCheck = $this->_data->getField($dateLoc[0], $dateLoc[1]);
                                     if ($dateCheck) {
                                         $dateLimits[$key] = is_numeric($dateCheck) ? $dateCheck : strtotime($dateCheck);
                                     } else {
                                         // One of the reference dates is missing so break without testing
                                         break 2;
                                     }
                                 }
                                 $ruleVal = $this->doCompare($dateToTest, $dateLimits, $rule['operator']);
                             }
                         }
                     }
                     break;
                 case 'time':
                     if ($rule['special'] == 'REFERENCE') {
                         // Then we need to get the datetime
                         $testDate = $this->_data->getField($this->_page, str_replace('time', 'date', $this->_fieldName));
                         if ($testDate) {
                             $dateTimeToTest = strtotime("{$testDate} {$testVal}");
                             foreach ($limits as $key => $value) {
                                 $dateLoc = explode('-', $value);
                                 $checkDate = $this->_data->getField($dateLoc[0], $dateLoc[1] . 'date');
                                 $checkTime = $this->_data->getField($dateLoc[0], $dateLoc[1] . 'time');
                                 if ($checkDate) {
                                     $dateTimeLimits[$key] = strtotime("{$checkDate} {$checkTime}");
                                 } else {
                                     $dateTimeLimits[$key] = NULL;
                                 }
                             }
                             $ruleVal = $this->doCompare($dateTimeToTest, $dateTimeLimits, $rule['operator']);
                         }
                     }
                     break;
                 case 'text':
                 case 'textarea':
                 case 'email':
                     $check = preg_match($rule['value'], $testVal);
                     switch ($rule['operator']) {
                         case 'EQUAL':
                             if (!$check) {
                                 $ruleVal = false;
                             }
                             break;
                         case 'NOT EQUAL':
                             if ($check) {
                                 $ruleVal = false;
                             }
                             break;
                     }
                     break;
                 case 'select':
                 case 'radio':
                     if ($rule['operator'] == 'IN LIST' && $rule['special'] != 'FILTER') {
                         $checkTable = DB::clean($rule['value']);
                         if (strpos($checkTable, '-')) {
                             $filterBy = explode('-', $checkTable);
                             $checkTable = $filterBy[0];
                             $filterTable = $filterBy[1];
                         } else {
                             $filterTable = NULL;
                         }
                         $sql = "SELECT DISTINCT({$checkTable}.option_value) FROM {$checkTable}";
                         if ($filterTable) {
                             $sql .= " RIGHT JOIN {$filterTable}\n                                        ON {$checkTable}.id = {$filterTable}.{$checkTable}_id";
                         }
                         $result = DB::query($sql);
                         $idList = $result->getArray('option_value');
                         if (!in_array($testVal, $idList)) {
                             $ruleVal = false;
                         }
                     } else {
                         if ($rule['operator'] === 'NOT IN LIST') {
                             $excList = explode(',', $rule['value']);
                             if (in_array($testVal, $excList)) {
                                 $ruleVal = false;
                             }
                         } else {
                             if ($rule['special'] == 'REFERENCE') {
                                 $valArr = explode('-', $rule['value']);
                                 if ($valArr[0] == 'user') {
                                     $valNum = $_SESSION['user']->get($valArr[1]);
                                 }
                                 if ($valNum > $testVal) {
                                     $ruleVal = false;
                                 }
                             }
                         }
                     }
                     break;
                 case 'checkbox':
                     $checkTable = DB::clean($rule['value']);
                     $sql = "SELECT option_value FROM {$checkTable}";
                     $result = DB::query($sql);
                     $idList = $result->getArray('option_value');
                     if (in_array(0, $testVal)) {
                         // 0 represents the test not being done, so can be the only thing in the array
                         $validated = array(0);
                     } elseif (in_array(1, $testVal)) {
                         // 1 always represents 'None of the above', so can be the only thing in the array
                         $validated = array(1);
                     } else {
                         foreach ($testVal as $v) {
                             if (in_array($v, $idList)) {
                                 $validated[] = $v;
                             }
                         }
                     }
                     $value = $validated;
                     // Replace the array with the validated one
                     break;
                 case 'password':
                     if ($rule['value'] == 'newPassword') {
                         // If it's a new password for registration
                         if (is_array($testVal) && !emptyInput($testVal[0]) && $testVal[0] == $testVal[1]) {
                             // Ensure an array has been sent, it isn't empty and the passwords match
                             $this->_value = $testVal[1];
                         } else {
                             $ruleVal = false;
                         }
                     } else {
                         $checkPass = $this->_data->checkPassword($testVal[0]);
                         if ($checkPass && !emptyInput($testVal[1])) {
                             if ($testVal[1] == $testVal[2] && $testVal[0] != $testVal[1]) {
                                 $this->_value = $testVal[1];
                             } else {
                                 $ruleVal = false;
                             }
                         } else {
                             if ($checkPass) {
                                 $this->_value = $testVal[0];
                             } else {
                                 $ruleVal = false;
                             }
                         }
                     }
                     break;
             }
             if ($ruleVal === false) {
                 if (!is_null($rule['error'])) {
                     $this->_error = $rule['error'];
                 } else {
                     $this->generateError($rule);
                 }
             }
             if ($groupType == 'AND' && $ruleVal === false) {
                 // Only takes one false result to invalidate an AND
                 $groupVal = false;
                 break;
             } else {
                 if ($groupType == 'OR' && $ruleVal === true) {
                     // Only takes one true to validate an OR
                     $groupVal = true;
                     break;
                 }
             }
         }
         if ($groupVal == false) {
             // If any group is not valid then set var invalid and stop
             // testing (as valid being false busts out of the while)
             $this->_valid = false;
         }
     }
 }
Пример #14
0
        // verify token
        ifTokenBad('Change client mask level');
    }
}
## Set and clean vars ##
$level = cleanvar($_POST['level']);
$client_id = cleanvar($_POST['cid']);
$old_level = cleanvar($_POST['old-level']);
$password = cleanvar($_POST['password']);
## Check Empties ##
emptyInput($level, 'data not sent');
emptyInput($client_id, 'data not sent');
emptyInput($old_level, 'data not sent');
if (!$is_mask) {
    // only the client level needs a password
    emptyInput($password, 'current password');
}
## Check if the client_id is numeric ##
if (!isID($client_id)) {
    sendBack('Invalid data sent, greeting not changed');
}
## Do some mojo with the B3 group information ##
$b3_groups = $db->getB3Groups();
// change around the recieved data
$b3_groups_id = array();
foreach ($b3_groups as $group) {
    array_push($b3_groups_id, $group['id']);
    // make an array of all the group_bits that exsist
    $b3_groups_name[$group['id']] = $group['name'];
    // make an array of group_bits to matching names
}
Пример #15
0
    set_error('Please do not call that page directly, thank you.');
    send('../../index.php');
}
## get vars ##
$ban_id = cleanvar($_POST['banid']);
$type = cleanvar($_POST['type']);
$cid = cleanvar($_POST['cid']);
## check that the sent form token is correct ##
if (verifyFormToken('unban' . $ban_id, $tokens) == false) {
    // verify token
    ifTokenBad('Unban');
}
## Check for empties ##
emptyInput($type, 'data not sent');
emptyInput($ban_id, 'data not sent');
emptyInput($cid, 'data not sent');
## Check ban_id is a number ##
if (!isID($ban_id) || !isID($cid)) {
    sendBack('Invalid data sent, ban not added');
}
## Send query ##
$results = $db->makePenInactive($ban_id);
if (!$results) {
    // if bad send back warning
    sendBack('Penalty has not been removed');
}
## If a permaban send unban rcon command ##
if ($type == 'Ban') {
    ## Get the PBID of the client ##
    $pbid = $db->getPBIDfromPID($pen_id);
    ## Loop thro server for this game and send unban command and update ban file
Пример #16
0
if ($db_pw_cng == 'on') {
    $change_db_pw = true;
} else {
    $change_db_pw = false;
}
## Check for empty vars ##
emptyInput($name, 'game name');
emptyInput($name_short, 'short version of game name');
emptyInput($db_user, 'DB Username');
emptyInput($db_host, 'DB Host');
emptyInput($db_name, 'DB name');
if ($change_db_pw == true && !$is_add) {
    emptyInput($db_pw, 'DB password');
}
if (!$is_add) {
    emptyInput($password, 'your current password');
}
if ($is_add) {
    ## Check game is supported ##
    if (!array_key_exists($game_type, $supported_games)) {
        sendBack('That game type does not exist, please choose a game');
    }
}
if (!empty($g_plugins)) {
    foreach ($g_plugins as $plugin) {
        $enabled .= $plugin . ',';
    }
    $enabled = substr($enabled, 0, -1);
    // remove trailing comma
}
## Check that the DB information supplied will make a connection to the B3 database.
Пример #17
0
if ($pb_ban == 'on') {
    $is_pb_ban = true;
} else {
    $is_pb_ban = false;
    $duration_form = cleanvar($_POST['duration']);
    $time = cleanvar($_POST['time']);
    emptyInput($time, 'time frame');
    emptyInput($duration_form, 'penalty duration');
}
$reason = cleanvar($_POST['reason']);
$client_id = cleanvar($_POST['cid']);
$pbid = cleanvar($_POST['c-pbid']);
$c_name = cleanvar($_POST['c-name']);
$c_ip = cleanvar($_POST['c-ip']);
// check for empty reason
emptyInput($reason, 'ban reason');
## Check sent client_id is a number ##
if (!isID($client_id)) {
    sendBack('Invalid data sent, ban not added');
}
## Sort out some ban information
if ($is_pb_ban) {
    // if the ban is perma ban
    $type = 'Ban';
    $time_expire = '-1';
    $duration = 0;
} else {
    $type = 'TempBan';
    // NOTE: the duration in the DB is done in MINUTES and the time_expire is written in unix timestamp (in seconds)
    $duration = penDuration($time, $duration_form);
    $duration_secs = $duration * 60;
Пример #18
0
if (!$_POST['unban-sub']) {
    // if the form not is submitted
    set_error('Please do not call that page directly, thank you.');
    send('../../index.php');
}
## get vars ##
$ban_id = $_POST['banid'];
$type = cleanvar($_POST['type']);
## check that the sent form token is correct ##
if (verifyFormToken('unban' . $ban_id, $tokens) == false) {
    // verify token
    ifTokenBad('Unban');
}
## Check for empties ##
emptyInput($type, 'data not sent');
emptyInput($ban_id, 'data not sent');
## Check ban_id is a number ##
if (!isID($ban_id)) {
    sendBack('Invalid data sent, ban not added');
}
## Send query ##
$results = $db->makePenInactive($ban_id);
if (!$results) {
    // if bad send back warning
    sendBack('Penalty has not been removed');
}
## If a permaban send unban rcon command ##
if ($type == 'Ban') {
    ## Get the PBID of the client ##
    $pbid = $db->getPBIDfromPID($pen_id);
    ## Loop thro server for this game and send unban command and update ban file
Пример #19
0
    }
    if ($pass1 != $pass2) {
        // if the passwords don't match send them back
        sendBack('The supplied passwords to do match');
    }
    emptyInput($pass1, 'your new password');
    $is_change_pw = true;
    // this is a change password request aswell
} else {
    // this request requires no password change
    $is_change_pw = false;
}
// check for empty inputs
emptyInput($display, 'display name');
emptyInput($email, 'email');
emptyInput($cur_pw, 'your current password');
// check the new email address is a valid email address
if (!filter_var($email, FILTER_VALIDATE_EMAIL)) {
    sendBack('That email is not valid');
}
// check to see by comparing to session vars if the display name and email have been changed
if ($display != $mem->name || $email != $mem->email) {
    // sent display name does not match session and same with email
    $is_change_display_email = true;
} else {
    $is_change_display_email = false;
}
// this is not a change request
// if display/email not changed and its not a change pw request then return
if (!$is_change_display_email && !$is_change_pw) {
    sendBack('You didn\'t change anything, so Echelon has done nothing');
Пример #20
0
$auth_name = 'greeting';
$b3_conn = true;
// this page needs to connect to the B3 database
require '../../inc.php';
if ($_POST['greeting-sub']) {
    // if the form is submitted
    ## check that the sent form token is corret
    if (verifyFormToken('greeting', $tokens) == false) {
        // verify token
        ifTokenBad('Add comment');
    }
    $greeting = cleanvar($_POST['greeting']);
    $client_id = cleanvar($_POST['cid']);
    // NOTE: allow for an empty comment. An empty comment means no comment
    emptyInput($client_id, 'data not sent');
    if (!isID($client_id)) {
        sendBack('Invalid data sent, greeting not changed');
    }
    ## Add Log Message ##
    $comment = 'Greeting message changed';
    $dbl->addEchLog('Greeting', $comment, $client_id, $mem->id);
    ## Query ##
    $query = "UPDATE clients SET greeting = ? WHERE id = ? LIMIT 1";
    $stmt = $db->mysql->prepare($query) or sendBack('Database Error');
    $stmt->bind_param('si', $greeting, $client_id);
    $stmt->execute();
    if ($stmt->affected_rows) {
        sendGood('Greeting has been updated');
    } else {
        sendBack('Greeting was not updated');