private function linuxAddModUserGenerate($userName, $password, $protected = false, $deactivate = false)
{
$password = $deactivate == false ? $password : passwordgenerate(10);
$userNameHome = $protected == false ? $this->appServerDetails['userName'] : $this->appServerDetails['userName'] . '/pserver';
// Check if the user can be found. If not, add it, if yes, edit
$this->shellScripts['user'] .= 'if [ "`id ' . $userName . ' 2>/dev/null`" == "" ]; then' . "\n";
$this->shellScripts['user'] .= 'CONFIGUSERID=' . $this->appMasterServerDetails['configUserID'] . "\n";
$this->shellScripts['user'] .= 'USER=`ls -la /var/run/screen | grep S-' . $userName . ' | head -n 1 | awk \'{print $3}\'`' . "\n";
$this->shellScripts['user'] .= 'if [ "$USER" != "" -a $USER -eq $USER 2> /dev/null ]; then CONFIGUSERID=$USER; fi' . "\n";
$this->shellScripts['user'] .= 'USERID=`getent passwd | cut -f3 -d: | sort -un | awk \'BEGIN { id=\'${CONFIGUSERID}\' } $1 == id { id++ } $1 > id { print id; exit }\'`' . "\n";
$this->shellScripts['user'] .= 'if [ "`ls -la /var/run/screen | awk \'{print $3}\' | grep $USERID`" == "" -a "`grep \\"x:$USERID:\\" /etc/passwd`" == "" ]; then' . "\n";
$this->shellScripts['user'] .= 'sudo /usr/sbin/useradd -m -p `perl -e \'print crypt("\'' . $password . '\'","Sa")\'` -d ' . $this->removeSlashes($this->appServerDetails['homeDir'] . '/' . $userNameHome) . ' -g ' . $this->appMasterServerDetails['ssh2User'] . ' -s /bin/bash -u $USERID ' . $userName . ' 2>/dev/null' . "\n";
$this->shellScripts['user'] .= 'else' . "\n";
$this->shellScripts['user'] .= 'while [ "`ls -la /var/run/screen | awk \'{print $3}\' | grep $USERID`" != "" -o "`grep \\"x:$USERID:\\" /etc/passwd`" != "" ]; do' . "\n";
$this->shellScripts['user'] .= 'USERID=$[USERID+1]' . "\n";
$this->shellScripts['user'] .= 'if [ "`ls -la /var/run/screen | awk \'{print $3}\' | grep $USERID`" == "" -a "`grep \\"x:$USERID:\\" /etc/passwd`" == "" ]; then' . "\n";
$this->shellScripts['user'] .= 'sudo /usr/sbin/useradd -m -p `perl -e \'print crypt("\'' . $password . '\'","Sa")\'` -m -d ' . $this->removeSlashes($this->appServerDetails['homeDir'] . '/' . $userNameHome) . ' -g ' . $this->appMasterServerDetails['ssh2User'] . ' -s /bin/bash -u $USERID ' . $userName . ' 2>/dev/null' . "\n";
$this->shellScripts['user'] .= 'fi' . "\n";
$this->shellScripts['user'] .= 'done' . "\n";
$this->shellScripts['user'] .= 'fi' . "\n";
$this->addLogline('user.log', 'User ' . $userName . ' added');
$this->shellScripts['user'] .= 'else' . "\n";
$this->shellScripts['user'] .= 'sudo /usr/sbin/usermod -p `perl -e \'print crypt("\'' . $password . '\'","Sa")\'` -m -d ' . $this->removeSlashes($this->appServerDetails['homeDir'] . '/' . $userNameHome) . ' ' . $userName . "\n";
$this->addLogline('user.log', 'User ' . $userName . ' edited');
$this->shellScripts['user'] .= 'fi' . "\n";
}
$hostExternalID = $row['externalID'];
$defaultDns = $row['defaultdns'];
$vhostTemplate = $row['vhostTemplate'];
$phpConfigurationMaster = @parse_ini_string($row['phpConfiguration'], true, INI_SCANNER_RAW);
foreach ($phpConfigurationMaster as $groupName => $array) {
reset($phpConfigurationMaster[$groupName]);
$phpConfiguration[$groupName] = key($phpConfigurationMaster[$groupName]);
}
}
$phpConfiguration = @json_encode($phpConfiguration);
if (!isid($webMasterID, 10)) {
$success['false'][] = 'No free host';
}
}
if (!isset($success['false'])) {
$password = (isset($data['password']) and strlen($data['password']) > 0) ? $data['password'] : passwordgenerate(10);
$query = $sql->prepare("INSERT INTO `webVhost` (`externalID`,`webMasterID`,`userID`,`active`,`hdd`,`ftpPassword`,`phpConfiguration`,`jobPending`,`resellerID`) VALUES (?,?,?,?,?,AES_ENCRYPT(?,?),?,'Y',?)");
$query->execute(array($externalServerID, $webMasterID, $localUserLookupID, $active, $hdd, $password, $aeskey, $phpConfiguration, $resellerID));
$localServerID = (int) $sql->lastInsertId();
$ftpUser = '******' . $localServerID;
if ($defaultDns == $dns or $dns == '') {
$dns = str_replace('..', '.', $ftpUser . '.' . $defaultDns);
}
$query = $sql->prepare("UPDATE `webVhost` SET `defaultDomain`=? WHERE `webVhostID`=? AND `resellerID`=? LIMIT 1");
$query->execute(array($dns, $localServerID, $resellerID));
$query = $sql->prepare("UPDATE `webVhost` SET `ftpUser`=? WHERE `webVhostID`=? AND `resellerID`=? LIMIT 1");
$query->execute(array($ftpUser, $localServerID, $resellerID));
$query = $sql->prepare("INSERT INTO `jobs` (`api`,`type`,`affectedID`,`invoicedByID`,`hostID`,`userID`,`name`,`status`,`date`,`action`,`extraData`,`resellerid`) VALUES ('A','wv',?,?,?,?,?,NULL,NOW(),'ad','',?)");
$query->execute(array($localServerID, $resellerID, $webMasterID, $localUserLookupID, $dns, $resellerID));
}
}
}
}
}
$i++;
$i2++;
}
}
}
header("Content-type:image/png");
imagepng($img);
}
}
}
} else {
if (!$ui->st('img', 'get')) {
$randompass = passwordgenerate(4);
$_SESSION['captcha'] = md5($randompass);
$captcha = $randompass;
$bildhoehe = 20;
$bildbreite = 40;
$bild = imagecreate($bildbreite, $bildhoehe);
imagecolorallocate($bild, 255, 255, 255);
$text = imagecolorallocate($bild, 0, 0, 0);
$font = 20;
$a = 2;
$x = floor($bildbreite / strlen($captcha)) - 0;
$captchaLength = strlen($captcha);
for ($b = 0; $b < $captchaLength; $b++) {
$c = mt_rand(0, 2);
imagestring($bild, $font, $a, $c, $captcha[$b], $text);
$a = $a + $x;
if (count($error) > 0) {
$token = md5(passwordgenerate(32));
$_SESSION['token'] = $token;
$comments = str_replace('<br />', '', $comments);
} else {
$comments = $name . ' (' . $email . '):<br />' . $comments;
$query = $sql->prepare("SELECT `email_setting_value` FROM `settings_email` WHERE `reseller_id`=? AND `email_setting_name`='email' LIMIT 1");
$query->execute(array($reseller_id));
if (sendmail('contact', $name, $comments, $query->fetchColumn())) {
unset($error);
$success = true;
} else {
$error[] = 'Sending the mail failed';
$token = md5(passwordgenerate(32));
$_SESSION['token'] = $token;
}
}
} else {
$token = md5(passwordgenerate(32));
$_SESSION['token'] = $token;
}
$page_data->title = $page_sprache->contact;
$page_data->setCanonicalUrl($s);
// https://github.com/easy-wi/developer/issues/62
$langLinks = array();
foreach ($languages as $l) {
$tempLanguage = getlanguagefile('page', $l, 0);
$langLinks[$l] = $page_data->seo == 'Y' ? szrp($tempLanguage->{$s}) : '?s=' . $s;
}
$page_data->langLinks($langLinks);
$template_file = 'contact.tpl';
$query = $sql->prepare("INSERT INTO `userdata` (`creationTime`,`updateTime`,`accounttype`,`active`,`cname`,`vname`,`name`,`mail`,`salt`,`phone`,`handy`,`fax`,`city`,`cityn`,`street`,`streetn`,`salutation`,`birthday`,`country`,`fdlpath`,`mail_backup`,`mail_gsupdate`,`mail_securitybreach`,`mail_serverdown`,`mail_ticket`,`mail_vserver`,`externalID`,`sourceSystemID`,`resellerid`) VALUES (NOW(),NOW(),'u',?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?)");
$query->execute(array($active, $tmpName, $vname, $name, $email, $salt, $phone, $handy, $fax, $city, $cityn, $street, $streetn, $salutation, $birthday, $country, $fdlpath, $mail_backup, $mail_gsupdate, $mail_securitybreach, $mail_serverdown, $mail_ticket, $mail_vserver, $externalID, json_encode(array('A' => $apiIP)), $resellerID));
$localID = $sql->lastInsertId();
if (isid($localID, 10)) {
$insert = true;
}
if (isset($prefix)) {
$username = $prefix . $localID;
}
} else {
if (!isset($success['false'])) {
$success['false'][] = 'No usergroup available';
}
}
if (!isset($success) and isset($insert) and $insert == true) {
$password = (!isset($data['password']) or in_array($data['password'], $bad)) ? passwordgenerate(10) : $data['password'];
$newHash = passwordCreate($name, $password);
if (is_array($newHash)) {
$query = $sql->prepare("UPDATE `userdata` SET `cname`=?,`security`=?,`salt`=? WHERE `id`=? LIMIT 1");
$query->execute(array($username, $newHash['hash'], $newHash['salt'], $localID));
} else {
$query = $sql->prepare("UPDATE `userdata` SET `cname`=?,`security`=? WHERE `id`=? LIMIT 1");
$query->execute(array($username, $newHash, $localID));
}
$query = $sql->prepare("INSERT INTO `userdata_groups` (`userID`,`groupID`,`resellerID`) VALUES (?,?,?)");
foreach ($userGroupIDs as $groupID) {
$query->execute(array($localID, $groupID, $resellerID));
}
} else {
if (!isset($success)) {
$success['false'][] = 'Could not write user to database';
$query->execute(array($id, $resellerLockupID));
$ftp = new EasyWiFTP($appServer->appMasterServerDetails['ssh2IP'], $appServer->appMasterServerDetails['ftpPort'], $appServer->appServerDetails['userNameExecute'], $appServer->appServerDetails['ftpPasswordExecute']);
if ($ftp->loggedIn) {
$ftp->downloadToTemp($appServer->appServerDetails['absoluteFTPPath'], 0, $files);
}
$query = $sql->prepare("UPDATE `gsswitch` SET `protected`=? WHERE `id`=? LIMIT 1");
$query->execute(array($protected, $id));
$appServer->getAppServerDetails($id);
if ($ftp->loggedIn) {
$ftp->createSecondFTPConnect($appServer->appMasterServerDetails['ssh2IP'], $appServer->appMasterServerDetails['ftpPort'], $appServer->appServerDetails['userNameExecute'], $appServer->appServerDetails['ftpPasswordExecute']);
if ($ftp->secondLoggedIn) {
$ftp->uploadFileFromTemp($appServer->appServerDetails['absoluteFTPPath']);
}
}
if ($appServer->appServerDetails['protectionModeStarted'] == 'Y') {
$query = $sql->prepare("UPDATE `gsswitch` SET `ppassword`=AES_ENCRYPT(?,?),`psince`=NOW() WHERE `id`=? LIMIT 1");
$query->execute(array(passwordgenerate(10), $aeskey, $id));
$appServer->getAppServerDetails($id);
$appServer->userCud('add');
$appServer->removeApp(array($appServer->appServerDetails['app']['templateChoosen']));
$appServer->addApp();
}
$ftp = null;
$appServer->startApp();
$appServer->execute();
$insertlog->execute();
if (isset($dbConnect['debug']) and $dbConnect['debug'] == 1) {
$template_file .= '<br><pre>' . implode("\r\n", $appServer->debug()) . '</pre>';
}
}
}
$autoRestart = $ui->active('autoRestart', 'post') ? $ui->active('autoRestart', 'post') : 'N';
$active = $ui->active('active', 'post') ? $ui->active('active', 'post') : 'Y';
$backup = $ui->active('backup', 'post') ? $ui->active('backup', 'post') : 'Y';
$password = $ui->active('password', 'post') ? $ui->active('password', 'post') : 'Y';
$lendserver = $ui->active('lendserver', 'post') ? $ui->active('lendserver', 'post') : 'Y';
$forcebanner = $ui->active('forcebanner', 'post') ? $ui->active('forcebanner', 'post') : 'Y';
$forcebutton = $ui->active('forcebutton', 'post') ? $ui->active('forcebutton', 'post') : 'Y';
$forceservertag = $ui->active('forceservertag', 'post') ? $ui->active('forceservertag', 'post') : 'Y';
$forcewelcome = $ui->active('forcewelcome', 'post') ? $ui->active('forcewelcome', 'post') : 'Y';
$flexSlotsPercent = $ui->id('flexSlotsPercent', 3, 'post');
$flexSlotsFree = $ui->id('flexSlotsFree', 11, 'post');
$oldSlots = 0;
if ($password == 'N') {
$initialpassword = '';
} else {
$initialpassword = $ui->password('initialpassword', 50, 'post') ? $ui->password('initialpassword', 50, 'post') : passwordgenerate(10);
}
// CSFR protection with hidden tokens. If token(true) returns false, we likely have an attack
if ($ui->w('action', 4, 'post') and !token(true)) {
unset($header, $text);
$errors = array('token' => $spracheResponse->token);
} else {
$errors = array();
}
if ($ui->st('d', 'get') == 'ad' and is_numeric($licenceDetails['lVo']) and $licenceDetails['lVo'] > 0 and $licenceDetails['left'] > 0 and !is_numeric($licenceDetails['left'])) {
$template_file = $gsprache->licence;
// Add and modify entries. Same validation can be used.
} else {
if ($ui->st('d', 'get') == 'ad' or $ui->st('d', 'get') == 'md') {
// Add jQuery plugin chosen to the header
$htmlExtraInformation['css'][] = '<link href="css/default/chosen/chosen.min.css" rel="stylesheet" type="text/css">';
$name = $ui->names('name', 255, 'post');
$vname = $ui->names('vname', 255, 'post');
$mail = $ui->ismail('mail', 'post');
$phone = $ui->phone('phone', 'post');
$handy = $ui->phone('handy', 'post');
$city = $ui->names('city', 50, 'post');
$cityn = $ui->id('cityn', 6, 'post');
$street = $ui->names('street', 50, 'post');
$streetn = $ui->streetNumber('streetn', 'post');
$country = $ui->st('country', 'post');
$fax = $ui->phone('fax', 'post');
$fdlpath = $ui->url('fdlpath', 'post');
$active = $ui->active('active', 'post') ? $ui->active('active', 'post') : 'Y';
$useractive = $ui->active('useractive', 'post') ? $ui->active('useractive', 'post') : 'Y';
$accountType = $ui->smallletters('accounttype', 1, 'post') ? $ui->smallletters('accounttype', 1, 'post') : '';
$password = $ui->password('password', 255, 'post') ? $ui->password('password', 255, 'post') : passwordgenerate(10);
$birthday = date('Y-m-d', strtotime($ui->isDate('birthday', 'post')));
$maxuser = $ui->id('maxuser', 10, 'post') ? $ui->id('maxuser', 10, 'post') : 0;
$maxgserver = $ui->id('maxgserver', 10, 'post') ? $ui->id('maxgserver', 10, 'post') : 0;
$maxvoserver = $ui->id('maxvoserver', 10, 'post') ? $ui->id('maxvoserver', 10, 'post') : 0;
$maxvserver = ($ui->id('maxvserver', 10, 'post') and $easywiModules['ro']) ? $ui->id('maxvserver', 10, 'post') : 0;
$maxdedis = ($ui->id('maxdedis', 10, 'post') and $easywiModules['ro']) ? $ui->id('maxdedis', 10, 'post') : 0;
$maxuserram = ($ui->id('maxuserram', 255, 'post') and $easywiModules['ro']) ? $ui->id('maxuserram', 255, 'post') : 0;
$maxusermhz = ($ui->id('maxusermhz', 255, 'post') and $easywiModules['ro']) ? $ui->id('maxusermhz', 255, 'post') : 0;
$mail_backup = $ui->active('mail_backup', 'post') ? $ui->active('mail_backup', 'post') : 'N';
$mail_serverdown = $ui->active('mail_serverdown', 'post') ? $ui->active('mail_serverdown', 'post') : 'N';
$mail_ticket = $ui->active('mail_ticket', 'post') ? $ui->active('mail_ticket', 'post') : 'N';
$mail_gsupdate = $ui->active('mail_gsupdate', 'post') ? $ui->active('mail_gsupdate', 'post') : 'N';
$mail_securitybreach = $ui->active('mail_securitybreach', 'post') ? $ui->active('mail_securitybreach', 'post') : 'N';
$mail_vserver = $ui->active('mail_vserver', 'post') ? $ui->active('mail_vserver', 'post') : 'N';
if ($accountType == 'a' and $ui->username('acname', 255, 'post')) {
public function setInactive($vhostID)
{
$this->changePassword($vhostID, passwordgenerate(10));
$this->removeVhost($vhostID, false);
$this->vhostData = false;
}
$displayToUser .= "<div class='alert alert-success'>{$v}</div>";
}
}
if (count($systemCheckError) == 0) {
$displayToUser .= "<div class='pager'><a href='?step=2{$languageGetParameter}' class='pull-right'><span class='btn btn-primary btn-lg'>{$languageObject->continue}</span></a></div>";
}
} else {
if (count($systemCheckError) > 0) {
}
}
if ($currentStep == 2 and count($systemCheckError) == 0) {
$host = 'localhost';
$db = '';
$user = '';
$pwd = '';
$aeskey = passwordgenerate(20);
if (file_exists(EASYWIDIR . '/stuff/config.php')) {
require_once EASYWIDIR . '/stuff/config.php';
}
if (file_exists(EASYWIDIR . '/stuff/keyphrasefile.php')) {
require_once EASYWIDIR . '/stuff/keyphrasefile.php';
}
$displayToUser = "******";
} else {
if ($currentStep > 2 and count($systemCheckError) == 0) {
if ($currentStep == 3 and isset($_POST['db'])) {
try {
$sql = new PDO("mysql:host={$_POST['host']};dbname={$_POST['db']}", $_POST['user'], $_POST['pwd'], array(PDO::MYSQL_ATTR_INIT_COMMAND => "SET NAMES utf8"));
$sql->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
$configFp = @fopen(EASYWIDIR . '/stuff/config.php', "w+");
if ($configFp) {
if (isset($data['port4']) and checkPorts(array($data['port4']), $ports) === true) {
$port = $data['port'];
}
while (in_array($port4, $ports)) {
$port4 += $portStep;
}
}
if ($portMax > 4) {
if (isset($data['port5']) and checkPorts(array($data['port5']), $ports) === true) {
$port = $data['port'];
}
while (in_array($port5, $ports)) {
$port5 += $portStep;
}
}
$initialpassword = (isset($data['initialpassword']) and wpreg_check($data['initialpassword'], 50) and strlen($data['initialpassword']) > 1) ? $data['initialpassword'] : passwordgenerate(10);
$taskset = (isset($data['taskset']) and active_check($data['taskset'])) ? $data['taskset'] : 'N';
$eacallowed = (isset($data['eacallowed']) and active_check($data['eacallowed'])) ? $data['eacallowed'] : 'N';
$brandname = (isset($data['brandname']) and active_check($data['brandname'])) ? $data['brandname'] : 'N';
$tvenable = (isset($data['tvenable']) and active_check($data['tvenable'])) ? $data['tvenable'] : 'N';
$pallowed = (isset($data['pallowed']) and active_check($data['pallowed'])) ? $data['pallowed'] : 'N';
$autoRestart = (isset($data['autoRestart']) and active_check($data['autoRestart'])) ? $data['autoRestart'] : 'Y';
$minram = (isset($data['minram']) and isid($data['minram'], 10)) ? $data['minram'] : '';
$maxram = (isset($data['maxram']) and isid($data['maxram'], 10)) ? $data['maxram'] : '';
$hdd = (isset($quotaActive) and $quotaActive == 'Y' and isset($data['hdd']) and isid($data['hdd'], 10)) ? $data['maxram'] : 0;
if (isset($data['coreCount']) and $data['coreCount'] > 0 and isset($calculatedCores)) {
$cores = $calculatedCores;
} else {
$cores = (isset($data['cores']) and cores($data['cores'])) ? $data['cores'] : '';
}
if (isset($data['installGames']) and wpreg_check($data['installGames'], 1)) {
} else {
if (json_encode(array('I' => $row['importID'])) == $sourceSystemID and getParam('externalID') == $externalID) {
printText('Gameserver found but update skipped since import only mode. Address: ' . getParam('ip') . ':' . getParam('port') . ' (' . getParam('shorten') . ')');
} else {
printText('Gameserver found but update skipped because source system differ. Address: ' . getParam('ip') . ':' . getParam('port') . ' (' . getParam('shorten') . ')');
}
}
} else {
unset($internalUserID, $customer);
$query4->execute(array(json_encode(array('I' => $row['importID'])), getParam('belongsToID'), $resellerID));
foreach ($query4->fetchAll(PDO::FETCH_ASSOC) as $row2) {
$internalUserID = $row2['id'];
$customer = $row2['cname'];
}
if (isset($internalUserID) and isset($customer) and isid($internalUserID, 11)) {
$passwordGenerate = passwordgenerate(10);
$query5->execute(array($passwordGenerate, $aeskey, $internalUserID, $gameRootIPs[$arrayIP]['id'], getParam('ip'), getParam('port'), getParam('port2'), getParam('slots'), $taskset, $core, getParam('protectionMode'), json_encode(array('I' => $row['importID'])), getParam('externalID'), $resellerID));
$switchID = $sql->lastInsertId();
$tickrate = getParam('tickrate') > 0 ? getParam('tickrate') : 66;
$startMap = strlen(getParam('startMap')) > 0 ? getParam('startMap') : $defaultMap;
$query6->execute(array($tickrate, $startMap, $switchID, $servertypeID, $resellerID));
$query7->execute(array($sql->lastInsertId(), $switchID));
$ftpConnectString = 'ftp://' . str_replace('//', '/', getParam('ip') . ':' . $gameRootIPs[$arrayIP]['ftpPort'] . '/' . getParam('path') . '/' . $servertypeModFolder);
$appServer = new AppServer($gameRootIPs[$arrayIP]['id']);
$appServer->getAppServerDetails($switchID);
$appServer->migrateToEasyWi(array('user' => getParam('ftpUser'), 'password' => getParam('ftpPass'), 'path' => '/' . getParam('path') . '/' . $servertypeModFolder, 'connectString' => $ftpConnectString), getParam('shorten'), $servertypeModFolder);
$appServer->execute();
printText('Import Gameserver. Address: ' . getParam('ip') . ':' . getParam('port') . '. And shorten:' . getParam('shorten'));
} else {
printText('Error: Import skipped since no user with external userID ' . getParam('belongsToID') . ' for gameserver with address: ' . getParam('ip') . ':' . getParam('port') . ' and shorten:' . getParam('shorten'));
}
if (!in_array($row['servertype'], $gameIDs)) {
$gamesToBeRemoved[$row['servertype']] = $row['shorten'];
}
// Avoid overhead with adding server types during modify operations
if (isset($gamesToBeInstalled[$row['servertype']])) {
unset($gamesToBeInstalled[$row['servertype']]);
unset($gameDetails[$row['servertype']]);
$installedGames[] = $row['id'];
}
}
$gamesRemoveAmount = count($gamesToBeRemoved);
$gamesAmount = count($gamesToBeInstalled);
// Make the inserts or updates define the log entry and get the affected rows from insert
if ($ui->st('action', 'post') == 'ad') {
$query = $sql->prepare("INSERT INTO `gsswitch` (`active`,`hdd`,`taskset`,`cores`,`userid`,`pallowed`,`eacallowed`,`lendserver`,`serverip`,`rootID`,`homeLabel`,`tvenable`,`port`,`port2`,`port3`,`port4`,`port5`,`minram`,`maxram`,`slots`,`war`,`brandname`,`autoRestart`,`ftppassword`,`ppassword`,`resellerid`,`serverid`,`stopped`,`externalID`) VALUES (?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,AES_ENCRYPT(?,?),AES_ENCRYPT(?,?),?,1,'Y',?)");
$query->execute(array($active, $hdd, $ui->active('taskset', 'post'), $usedCores, $userID, $protectionAllowed, $eacAllowed, $lendServer, $ip, $rootID, $homeLabel, $tvEnable, $port, $ui->port('port2', 'post'), $ui->port('port3', 'post'), $ui->port('port4', 'post'), $ui->port('port5', 'post'), $minRam, $maxRam, $slots, $war, $brandname, $autoRestart, $ftpPassword, $aeskey, passwordgenerate(10), $aeskey, $resellerLockupID, $ui->externalID('externalID', 'post')));
$id = $sql->lastInsertId();
$rowCount += $query->rowCount();
$loguseraction = '%add% %gserver% ' . $ip . ':' . $port;
}
// Insert new games
$query = $sql->prepare("INSERT INTO `serverlist` (`servertype`,`anticheat`,`switchID`,`fps`,`map`,`mapGroup`,`cmd`,`modcmd`,`owncmd`,`tic`,`gamemod`,`gamemod2`,`userfps`,`usertick`,`usermap`,`user_uploaddir`,`upload`,`uploaddir`,`resellerid`) VALUES (?,1,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,AES_ENCRYPT(?,?),?)");
foreach ($gameDetails as $gameID => $gameValues) {
$query->execute(array($gameID, $id, $ui->id('fps', 6, 'post', $gameID), $ui->mapname('map', 'post', $gameID), $ui->mapname('mapGroup', 'post', $gameID), $ui->startparameter('cmd', 'post', $gameID), $gameValues['modCmd'], $ui->active('ownCmd', 'post', $gameID), $ui->id('tic', 5, 'post', $gameID), $gameValues['gamemod'], $gameValues['gamemod2'], $ui->active('userFps', 'post', $gameID), $ui->active('userTick', 'post', $gameID), $ui->active('userMap', 'post', $gameID), $ui->active('userUploadDir', 'post', $gameID), $ui->id('upload', 1, 'post', $gameID), $ui->url('uploadDir', 'post', $gameID), $aeskey, $resellerLockupID));
$insertedServerIDs[] = $sql->lastInsertId();
$rowCount += $query->rowCount();
}
// Updating the serverlist if not set to be added, we need to run the update
$query = $sql->prepare("UPDATE `serverlist` SET `fps`=?,`map`=?,`mapGroup`=?,`cmd`=?,`owncmd`=?,`tic`=?,`userfps`=?,`usertick`=?,`usermap`=?,`user_uploaddir`=?,`upload`=?,`uploaddir`=AES_ENCRYPT(?,?) WHERE `switchID`=? AND `servertype`=? AND `resellerid`=? LIMIT 1");
foreach ($gameIDs as $gameID) {
if (!isset($gameDetails[$gameID])) {
$max_connections_per_hour = $row['max_connections_per_hour'];
$max_userconnections_per_hour = $row['max_userconnections_per_hour'];
}
if (!isset($hostID)) {
$success['false'][] = 'No free host';
}
}
if (!isset($success['false'])) {
$password = passwordgenerate(10);
$query = $sql->prepare("INSERT INTO `mysql_external_dbs` (`active`,`sid`,`uid`,`password`,`ips`,`manage_host_table`,`max_queries_per_hour`,`max_updates_per_hour`,`max_connections_per_hour`,`max_userconnections_per_hour`,`externalID`,`resellerid`) VALUES (?,?,?,AES_ENCRYPT(?,?),?,?,?,?,?,?,?,?)");
$query->execute(array($active, $hostID, $localUserLookupID, $password, $aeskey, '', $manage_host_table, $max_queries_per_hour, $max_updates_per_hour, $max_connections_per_hour, $max_userconnections_per_hour, $externalServerID, $resellerID));
$localID = $sql->lastInsertId();
$dbname = 'sql' . $localID;
if ($query->rowCount() > 0) {
if ($active == 'N') {
$password = passwordgenerate(20);
}
$query = $sql->prepare("UPDATE `mysql_external_dbs` SET `dbname`=?,`password`=AES_ENCRYPT(?,?) WHERE `id`=? AND `resellerid`=? LIMIT 1");
$query->execute(array($dbname, $password, $aeskey, $localID, $resellerID));
$query = $sql->prepare("UPDATE `jobs` SET `status`='2' WHERE `type`='my' AND (`status` IS NULL OR `status`='1') AND `affectedID`=? and `resellerID`=?");
$query->execute(array($localID, $resellerID));
$query = $sql->prepare("INSERT INTO `jobs` (`api`,`type`,`hostID`,`invoicedByID`,`affectedID`,`userID`,`name`,`status`,`date`,`action`,`resellerid`) VALUES ('A','my',?,?,?,?,?,NULL,NOW(),'ad',?)");
$query->execute(array($hostID, $resellerID, $localID, $localUserLookupID, $dbname, $resellerID));
} else {
$success['false'][] = 'Could not write database to database';
}
}
} else {
if (!isset($success['false'])) {
$active = active_check($data['active']);
$identifyUserBy = $data['identify_user_by'];
$query = $sql->prepare("INSERT INTO `userdata` (`cname`,`security`,`mail`,`accounttype`,`resellerid`) VALUES (?,?,?,'u',?)");
$query->execute(array($ui->username("{$lookUp}-username", 50, 'post'), $newHash, $ui->ismail("{$lookUp}-email", 'post'), $reseller_id));
}
$query = $sql->prepare("SELECT `id` FROM `userdata` WHERE `cname`=? AND `mail`=? AND `resellerid`=? ORDER BY `id` DESC LIMIT 1");
$query->execute(array($ui->username("{$lookUp}-username", 50, 'post'), $ui->ismail("{$lookUp}-email", 'post'), $reseller_id));
while ($row = $query->fetch(PDO::FETCH_ASSOC)) {
$customer = $row['id'];
$cnamenew = $ui->username("{$lookUp}-username", 50, 'post');
sendmail('emailuseradd', $customer, $cnamenew, $initialpassword);
}
}
} else {
$cldbid = rand(1, 100) . '.' . rand(1, 100);
$cnamenew = $prefix . $cldbid;
$query = $sql->prepare("INSERT INTO `userdata` (`cname`,`security`,`mail`,`accounttype`,`resellerid`) VALUES (?,?,?,'u',?)");
$query->execute(array($cnamenew, passwordgenerate(10), '*****@*****.**', $reseller_id));
$query = $sql->prepare("SELECT `id` FROM `userdata` WHERE `cname`=? AND `mail`='*****@*****.**' ORDER BY `id` DESC LIMIT 1");
$query->execute(array($cnamenew));
while ($row = $query->fetch(PDO::FETCH_ASSOC)) {
$customer = $row['id'];
$cnamenew = $prefix . $customer;
}
$query = $sql->prepare("UPDATE `userdata` SET `cname`=? WHERE `id`=? AND `resellerid`=? LIMIT 1");
$query->execute(array($cnamenew, $customer, $reseller_id));
}
if ($usernew == true) {
$query = $sql->prepare("SELECT `id` FROM `usergroups` WHERE `active`='Y' AND `defaultgroup`='Y' AND `grouptype`='u' AND `resellerid`=? LIMIT 1");
$query->execute(array($reseller_id));
$groupID = $query->fetchColumn();
$query = $sql->prepare("UPDATE `userdata` SET `usergroup`=? WHERE id=? AND `resellerid`=? LIMIT 1");
$query->execute(array($groupID, $customer, $reseller_id));
while ($row3 = $query3->fetch(PDO::FETCH_ASSOC)) {
$query4->execute(array($row3['server_id'], $row3['switchID'], $resellerLockupID));
$query5->execute(array($row3['anticheat'], $row3['map'], $row3['mapGroup'], $row3['template'], $row3['server_id'], $resellerLockupID));
$appServer->getAppServerDetails($row3['switchID']);
if ($row3['restart'] == 'N' and $row3['worldsafe'] == 'Y') {
$appServer->mcWorldSave();
echo 'MC worldsave: ' . $row2['server'] . "\r\n";
}
if ($row3['restart'] == 'N' and $row3['upload'] == 'Y') {
$appServer->demoUpload();
echo 'Demo upload for: ' . $row2['server'] . "\r\n";
}
if ($row3['restart'] == 'Y') {
if ($row3['protected'] == 'Y' and $row2['protected'] == 'N') {
$appServer->stopAppHard();
$query6->execute(array(passwordgenerate(20), $aeskey, $row3['switchID']));
$appServer->getAppServerDetails($row3['switchID']);
$appServer->removeApp($row3['template']);
$appServer->addApp($row3['template']);
}
$appServer->startApp();
echo 'Restarting server: ' . $row2['server'] . "\r\n";
}
if ($row3['backup'] == 'Y') {
$appServer->backupCreate($row2['backup']);
echo 'Backup server: ' . $row2['server'] . "\r\n";
}
}
}
$appServer->execute();
if (isset($dbConnect['debug']) and $dbConnect['debug'] == 1) {
while ($row = $query->fetch(PDO::FETCH_ASSOC)) {
$vd[$row['dnsID']] = $row['dns'];
}
$query = $sql->prepare("SELECT `id`,`ip` FROM `virtualcontainer` WHERE `userid`=? AND `resellerid`=? AND `active`='Y'");
$query->execute(array($user_id, $reseller_id));
while ($row = $query->fetch(PDO::FETCH_ASSOC)) {
$vs[$row['id']] = $row['ip'];
}
$query = $sql->prepare("SELECT `dedicatedID`,`ip` FROM `rootsDedicated` WHERE `userID`=? AND `resellerID`=? AND `active`='Y'");
$query->execute(array($user_id, $reseller_id));
while ($row = $query->fetch(PDO::FETCH_ASSOC)) {
$ro[$row['dedicatedID']] = $row['ip'];
}
}
if (!$ui->st('action', 'post') and $ui->st('d', 'get') == 'ad') {
$randompass = passwordgenerate(10);
$template_file = 'userpanel_substitutes_add.tpl';
} else {
if (!$ui->st('action', 'post') and $ui->id('id', 10, 'get') and ($ui->st('d', 'get') == 'md' or $ui->st('d', 'get') == 'dl')) {
$query = $sql->prepare("SELECT `loginName`,`active`,`name`,`vname` FROM `userdata_substitutes` WHERE `sID`=? AND `resellerID`=? LIMIT 1");
$query->execute(array($id, $reseller_id));
while ($row = $query->fetch(PDO::FETCH_ASSOC)) {
$loginName = $row['loginName'];
$active = $row['active'];
$name = $row['name'];
$vname = $row['vname'];
$template_file = $ui->st('d', 'get') == 'md' ? 'userpanel_substitutes_mod.tpl' : 'userpanel_substitutes_del.tpl';
}
if ($ui->st('d', 'get') == 'md') {
$as = array();
$query = $sql->prepare("SELECT `oID`,`oType` FROM `userdata_substitutes_servers` WHERE `sID`=? AND `resellerID`=?");
$port++;
}
$max_download_total_bandwidth = (isset($data['max_download_total_bandwidth']) and isid($data['max_download_total_bandwidth'], 255)) ? $data['max_download_total_bandwidth'] : 65536;
$max_upload_total_bandwidth = (isset($data['max_upload_total_bandwidth']) and isid($data['max_upload_total_bandwidth'], 255)) ? $data['max_upload_total_bandwidth'] : 65536;
$maxtraffic = (isset($data['maxtraffic']) and ($data['maxtraffic'] == 0 or $data['maxtraffic'] == '-1') or isid($data['maxtraffic'], 255)) ? $data['maxtraffic'] : 1024;
$forcebanner = (isset($data['forcebanner']) and active_check($data['forcebanner'])) ? $data['forcebanner'] : 'Y';
$forcebutton = (isset($data['forcebutton']) and active_check($data['forcebutton'])) ? $data['forcebutton'] : 'Y';
$forceservertag = (isset($data['forceservertag']) and active_check($data['forceservertag'])) ? $data['forceservertag'] : 'Y';
$forcewelcome = (isset($data['forcewelcome']) and active_check($data['forcewelcome'])) ? $data['forcewelcome'] : 'Y';
$lendserver = (isset($data['lendserver']) and active_check($data['lendserver'])) ? $data['lendserver'] : 'N';
$backup = (isset($data['backup']) and active_check($data['backup'])) ? $data['backup'] : 'Y';
$flexSlots = (isset($data['flexSlots']) and active_check($data['flexSlots'])) ? $data['flexSlots'] : 'N';
$flexSlotsFree = (isset($data['flexSlotsFree']) and isid($data['flexSlotsFree'], 11)) ? $data['flexSlotsFree'] : $defaultFlexSlotsFree;
$flexSlotsPercent = (isset($data['flexSlotsPercent']) and isid($data['flexSlotsPercent'], 3)) ? $data['flexSlotsPercent'] : $defaultFlexSlotsPercent;
$autoRestart = (isset($data['autoRestart']) and active_check($data['autoRestart'])) ? $data['autoRestart'] : 'Y';
$initialpassword = passwordgenerate(10);
$query = $sql->prepare("INSERT INTO `voice_server` (`active`,`lendserver`,`backup`,`userid`,`masterserver`,`ip`,`port`,`slots`,`initialpassword`,`password`,`max_download_total_bandwidth`,`max_upload_total_bandwidth`,`localserverid`,`maxtraffic`,`forcebanner`,`forcebutton`,`forceservertag`,`forcewelcome`,`externalID`,`jobPending`,`serverCreated`,`flexSlots`,`flexSlotsFree`,`flexSlotsPercent`,`autoRestart`,`resellerid`) VALUES (?,?,?,?,?,?,?,?,?,?,?,?,0,?,?,?,?,?,?,'Y',NOW(),?,?,?,?,?)");
$query->execute(array($active, $lendserver, $backup, $localUserLookupID, $hostID, $ip, $port, $slots, $initialpassword, $private, $max_download_total_bandwidth, $max_upload_total_bandwidth, $maxtraffic, $forcebanner, $forcebutton, $forceservertag, $forcewelcome, $externalServerID, $flexSlots, $flexSlotsFree, $flexSlotsPercent, $autoRestart, $resellerID));
$errorString = implode(', ', $query->errorInfo());
$localID = $sql->lastInsertId();
$localServerID = $localID;
if (isid($localID, 10)) {
if ($usedns == 'Y' and isset($data['tsdns']) and active_check($data['tsdns'])) {
$tsdns = $data['tsdns'];
} else {
if ($usedns == 'Y' and (!isset($data['tsdns']) or !active_check($data['tsdns']))) {
$tsdns = 'Y';
} else {
$tsdns = 'N';
}
}
header("Content-Type: text/xml; charset=UTF-8");
echo $xml->saveXML();
} else {
die('Module deactivated');
}
}
}
}
}
}
# Voiceserver
} else {
if (!isset($template_file) and $vostillrunning == false and isset($active) and $active == 'Y' and $servertype == 'v' and !$ui->escaped('ipblocked', 'post')) {
$serveravailable = false;
$freevoice = $vocount;
$password = passwordgenerate(10);
if ($vocount > 0) {
$masterservers = array();
$mastervoiceids = array();
$query = $sql->prepare("SELECT `id`,`maxserver`,`maxslots` FROM `voice_masterserver` WHERE `active`='Y' AND `resellerid`=?");
$query2 = $sql->prepare("SELECT `id`,`slots` FROM `voice_server` WHERE `lendserver`='Y' AND `active`='Y' AND `masterserver`=? AND `resellerid`=?");
$query3 = $sql->prepare("SELECT `id`,`started`,`lendtime` FROM `lendedserver` WHERE `serverid`=? AND `servertype`='v' AND `resellerid`=? LIMIT 1");
$query->execute(array($reseller_id));
while ($row = $query->fetch(PDO::FETCH_ASSOC)) {
$vomacount = 0;
$slots = 0;
$usedvoice = 0;
$query2->execute(array($row['id'], $reseller_id));
while ($row2 = $query2->fetch(PDO::FETCH_ASSOC)) {
$lendable = true;
$query3->execute(array($row2['id'], $reseller_id));
} else {
$spamArray = array();
}
$spamReason = implode(', ', $spamArray);
if (isset($commentsModerated) and $commentsModerated == 'Y' and (!isset($admin_id) and !isset($user_id))) {
$query = $sql->prepare("INSERT INTO `page_comments` (`date`,`moderateAccepted`,`pageTextID`,`replyTo`,`authorname`,`homepage`,`comment`,`ip`,`dns`,`markedSpam`,`spamReason`,`email`) VALUES (NOW(),'N',?,?,?,?,?,?,?,?,?,?)");
$query->execute(array($textID, $replyTo, $author, $url, $ui->escaped('comment', 'post'), $ui->ip('REMOTE_ADDR', 'server'), gethostbyaddr($ui->ip4('REMOTE_ADDR', 'server')), $isSpam, $spamReason, $email));
$_SESSION['toBeModerated'][] = $sql->lastInsertId();
} else {
$query = $sql->prepare("INSERT INTO `page_comments` (`date`,`moderateAccepted`,`pageTextID`,`replyTo`,`authorname`,`homepage`,`comment`,`ip`,`dns`,`markedSpam`,`spamReason`,`email`) VALUES (NOW(),'Y',?,?,?,?,?,?,?,?,?,?)");
$query->execute(array($textID, $replyTo, $author, $url, $ui->escaped('comment', 'post'), $ui->ip('REMOTE_ADDR', 'server'), gethostbyaddr($ui->ip4('REMOTE_ADDR', 'server')), $isSpam, $spamReason, $email));
}
}
}
$commentArray = array();
$token = md5(passwordgenerate(10));
$_SESSION['news'][$textID] = $token;
$OR = '';
if (isset($_SESSION['toBeModerated']) and count($_SESSION['toBeModerated']) > 0) {
foreach ($_SESSION['toBeModerated'] as $id) {
if (isid($id, 19)) {
$OR .= ' OR `commentID`=' . $id;
}
}
}
$query = $sql->prepare("SELECT `commentID`,`replyTo`,`date`,`authorname`,`homepage`,`comment` FROM `page_comments` WHERE `pageTextID`=? AND ((`markedSpam`!='Y' AND `moderateAccepted`='Y') {$OR}) AND `resellerid`=0 ORDER BY `replyTo` DESC,`commentID` DESC");
$query->execute(array($textID));
while ($row = $query->fetch(PDO::FETCH_ASSOC)) {
$commentDate = (isset($pageLanguage) and $pageLanguage == 'de') ? date('d.m.Y H:i', strtotime($row['date'])) : date('m.d.Y H:i', strtotime($row['date']));
$commentArray[] = array('commentID' => $row['commentID'], 'replyTo' => $row['replyTo'], 'homepage' => $row['homepage'], 'date' => $commentDate, 'author' => htmlentities($row['authorname']), 'comment' => htmlentities($row['comment']));
}
public function PXEFiles()
{
$removeArray = array();
foreach ($this->PXEData as $k => $v) {
$privateKey = EASYWIDIR . '/keys/' . removePub($v['keyname']);
$sftpObject = new Net_SFTP($v['ip'], $v['port']);
if ($sftpObject->error === false) {
if ($v['publickey'] == 'Y' and file_exists($privateKey)) {
$ssh2Pass = new Crypt_RSA();
if ($v['publickey'] == 'B') {
$ssh2Pass->setPassword($v['pass']);
}
$ssh2Pass->loadKey(file_get_contents($privateKey));
} else {
$ssh2Pass = $v['pass'];
}
if ($sftpObject->login($v['user'], $ssh2Pass)) {
foreach ($v['actions'] as $a) {
$extraSlash = (substr($v['PXEFolder'], -1) != '/' and strlen($v['PXEFolder']) > 0) ? '/' : '';
$pathWithPXEMac = $v['PXEFolder'] . $extraSlash . '01-' . str_replace(':', '-', $this->ID[$a['type']][$a['id']]['mac']);
$fileWithPath = substr($v['PXEFolder'], 0, 1) == '/' ? $pathWithPXEMac : '/home/' . $v['user'] . '/' . $pathWithPXEMac;
if (in_array($a['action'], array('dl', 'md', 'rp', 'rt'))) {
$sftpObject->delete($pathWithPXEMac);
} else {
if (in_array($a['action'], array('ad', 'ri', 'rc'))) {
$removeArray[] = array('type' => $a['type'] == 'dedicated' ? 'de' : 'vs', 'affectedID' => $a['id'], 'name' => $this->ID[$a['type']][$a['id']]['ip'], 'imageID' => $a['imageID'], 'hostID' => $a['hostID'], 'userID' => $a['userID'], 'resellerID' => $a['resellerID'], 'extraData' => array('runAt' => strtotime("+5 minutes")));
$query = $this->sql->prepare("SELECT `pxelinux` FROM `resellerimages` WHERE `id`=? AND `active`='Y' LIMIT 1");
$query->execute(array($a['imageID']));
$pxeconfig = $query->fetchColumn();
if (strlen($pxeconfig) > 0) {
$newPass = passwordgenerate(12);
$pxeconfig = str_replace('%rescuepass%', $newPass, $pxeconfig);
if ($a['type'] == 'dedicated') {
$query = $this->sql->prepare("UPDATE `rootsDedicated` SET `initialPass`=AES_ENCRYPT(?,?),`pxeID`=? WHERE `dedicatedID`=? LIMIT 1");
$query->execute(array($newPass, $this->aeskey, $k, $a['id']));
} else {
$query = $this->sql->prepare("UPDATE `virtualcontainer` SET `pass`=AES_ENCRYPT(?,?),`pxeID`=? WHERE `id`=? LIMIT 1");
$query->execute(array($newPass, $this->aeskey, $k, $a['id']));
}
$sftpObject->put($fileWithPath, $pxeconfig);
} else {
$tempBad[] = 'pxefile template empty for imageID: ' . $a['imageID'];
}
}
}
}
} else {
$tempBad[] = 'Could login to PXE server: ' . $v['ip'] . ':' . $v['port'];
}
} else {
$tempBad[] = 'Could not connect to PXE server: ' . $v['ip'] . ':' . $v['port'];
}
if (isset($tempBad) and isset($bad)) {
$bad = array_merge($bad, $tempBad);
} else {
if (isset($tempBad) and !isset($bad)) {
$bad = $tempBad;
}
}
}
if (isset($bad)) {
print_r(implode(' ', $bad));
}
return $removeArray;
}
