示例#1
0
function getContact($idContact)
{
    //Realiza el query en la base de datos
    $mysqli = makeSqlConnection();
    $sql = "SELECT * FROM contacts a LEFT JOIN contacts_cstm ac ON a.id = ac.id_c WHERE id = '{$idContact}'";
    $res = $mysqli->query($sql);
    $rows = array();
    while ($r = mysqli_fetch_assoc($res)) {
        $obj = (object) $r;
        $obj->email_address = getEmail($idContact);
        $obj->idAccount = getAccountId($idContact);
        $obj->nameAccount = getAccountName($obj->idAccount);
        $obj->reports_to_name = getContactName($obj->reports_to_id);
        $obj->created_by_name = getUserName($obj->created_by);
        $obj->modified_user_name = getUserName($obj->modified_user_id);
        $obj->assigned_user_name = getUserName($obj->user_id_c);
        $obj->nameCampaign = getCampaignName($obj->campaign_id);
        $a = (array) $obj;
        $rows[] = $a;
    }
    if (empty($rows)) {
        return '{"results" :[]}';
    } else {
        //Convierte el arreglo en json y lo retorna
        $temp = json_encode(utf8ize($rows));
        return '{"results" :' . $temp . '}';
    }
}
示例#2
0
function autoSubscribe($email, $uname)
{
    global $uname;
    $account_id = getAccountId($_SESSION['uname']);
    if ($account_id == '') {
        $account_id = getAccountId($uname);
    }
    $result = mysql_query("select subscriber_id from subscriber where account_id='{$account_id}' AND subscriber_email = '{$email}' ") or die("mysql error@ finding account funder id @ line # 204");
    $row = mysql_fetch_row($result);
    $subscriber_id = $row[0];
    if (!$subscriber_id) {
        $query = "INSERT INTO subscriber (subscriber_id, account_id, project_id, subscriber_email, subscriber_status, subscriber_datetime) \n        VALUES ('','{$account_id}','{$account_id}','{$email}','1', NOW())";
        mysql_query($query) or die("failed");
        return "subscribed";
    } else {
        return "already-subscribed";
    }
}
示例#3
0
function ViewCommunityProfile($sid, $name)
{
    $objResponse = new xajaxResponse();
    global $userbank, $username;
    if (!$userbank->is_admin()) {
        $objResponse->redirect("index.php?p=login&m=no_access", 0);
        $log = new CSystemLog("w", "Hacking Attempt", $username . " tried to view profile of '" . htmlspecialchars($name) . "', but doesnt have access.");
        return $objResponse;
    }
    $sid = (int) $sid;
    require INCLUDES_PATH . '/CServerRcon.php';
    //get the server data
    $data = $GLOBALS['db']->GetRow("SELECT ip, port, rcon FROM " . DB_PREFIX . "_servers WHERE sid = '" . $sid . "';");
    if (empty($data['rcon'])) {
        $objResponse->addScript("ShowBox('Error', 'Can\\'t get playerinfo for " . addslashes(htmlspecialchars($name)) . ". No RCON password!', 'red', '', true);");
        return $objResponse;
    }
    $r = new CServerRcon($data['ip'], $data['port'], $data['rcon']);
    if (!$r->Auth()) {
        $GLOBALS['db']->Execute("UPDATE " . DB_PREFIX . "_servers SET rcon = '' WHERE sid = '" . $sid . "';");
        $objResponse->addScript("ShowBox('Error', 'Can\\'t get playerinfo for " . addslashes(htmlspecialchars($name)) . ". Wrong RCON password!', 'red', '', true);");
        return $objResponse;
    }
    // search for the playername
    $ret = $r->rconCommand("status");
    $search = preg_match_all(STATUS_PARSE, $ret, $matches, PREG_PATTERN_ORDER);
    $i = 0;
    $found = false;
    $index = -1;
    foreach ($matches[2] as $match) {
        if ($match == $name) {
            $found = true;
            $index = $i;
            break;
        }
        $i++;
    }
    if ($found) {
        $steam = $matches[3][$index];
        // Hack to support steam3 [U:1:X] representation.
        if (strpos($steam, "[U:") === 0) {
            $steam = renderSteam2(getAccountId($steam), 0);
        }
        $objResponse->addScript("\$('dialog-control').setStyle('display', 'block');\$('dialog-content-text').innerHTML = 'Generating Community Profile link for " . addslashes(htmlspecialchars($name)) . ", please wait...<br /><font color=\"green\">Done.</font><br /><br /><b>Watch the profile <a href=\"http://www.steamcommunity.com/profiles/" . SteamIDToFriendID($steam) . "/\" title=\"" . addslashes(htmlspecialchars($name)) . "\\'s Profile\" target=\"_blank\">here</a>.</b>';");
        $objResponse->addScript("window.open('http://www.steamcommunity.com/profiles/" . SteamIDToFriendID($steam) . "/', 'Community_" . $steam . "');");
    } else {
        $objResponse->addScript("ShowBox('Error', 'Can\\'t get playerinfo for " . addslashes(htmlspecialchars($name)) . ". Player not on the server anymore!', 'red', '', true);");
    }
    return $objResponse;
}
示例#4
0
function KickPlayer($check, $sid, $num, $type)
{
    $objResponse = new xajaxResponse();
    global $userbank, $username;
    $sid = (int) $sid;
    if (!$userbank->HasAccess(ADMIN_OWNER | ADMIN_ADD_BAN)) {
        $objResponse->redirect("index.php?p=login&m=no_access", 0);
        $log = new CSystemLog("w", "Hacking Attempt", $username . " tried to process a playerkick, but doesnt have access.");
        return $objResponse;
    }
    //get the server data
    $sdata = $GLOBALS['db']->GetRow("SELECT ip, port, rcon FROM " . DB_PREFIX . "_servers WHERE sid = '" . $sid . "';");
    //test if server is online
    if ($test = @fsockopen($sdata['ip'], $sdata['port'], $errno, $errstr, 2)) {
        @fclose($test);
        require_once INCLUDES_PATH . "/CServerRcon.php";
        $r = new CServerRcon($sdata['ip'], $sdata['port'], $sdata['rcon']);
        if (!$r->Auth()) {
            $GLOBALS['db']->Execute("UPDATE " . DB_PREFIX . "_servers SET rcon = '' WHERE sid = '" . $sid . "' LIMIT 1;");
            $objResponse->addAssign("srv_{$num}", "innerHTML", "<font color='red' size='1'>Wrong RCON Password, please change!</font>");
            $objResponse->addScript('set_counter(1);');
            return $objResponse;
        }
        $ret = $r->rconCommand("status");
        // show hostname instead of the ip, but leave the ip in the title
        require_once "../includes/system-functions.php";
        $hostsearch = preg_match_all('/hostname:[ ]*(.+)/', $ret, $hostname, PREG_PATTERN_ORDER);
        $hostname = trunc(htmlspecialchars($hostname[1][0]), 25, false);
        if (!empty($hostname)) {
            $objResponse->addAssign("srvip_{$num}", "innerHTML", "<font size='1'><span title='" . $sdata['ip'] . ":" . $sdata['port'] . "'>" . $hostname . "</span></font>");
        }
        $gothim = false;
        $search = preg_match_all(STATUS_PARSE, $ret, $matches, PREG_PATTERN_ORDER);
        //search for the steamid on the server
        if ((int) $type == 0) {
            foreach ($matches[3] as $match) {
                if (getAccountId($match) == getAccountId($check)) {
                    // gotcha!!! kick him!
                    $gothim = true;
                    $GLOBALS['db']->Execute("UPDATE `" . DB_PREFIX . "_bans` SET sid = '" . $sid . "' WHERE authid = '" . $check . "' AND RemovedBy IS NULL;");
                    $requri = substr($_SERVER['REQUEST_URI'], 0, strrpos($_SERVER['REQUEST_URI'], "pages/admin.kickit.php"));
                    $kick = $r->sendCommand("kickid " . $match . " \"You have been banned by this server, check http://" . $_SERVER['HTTP_HOST'] . $requri . " for more info.\"");
                    $objResponse->addAssign("srv_{$num}", "innerHTML", "<font color='green' size='1'><b><u>Player Found & Kicked!!!</u></b></font>");
                    $objResponse->addScript("set_counter('-1');");
                    return $objResponse;
                }
            }
        } else {
            if ((int) $type == 1) {
                // search for the ip on the server
                $id = 0;
                foreach ($matches[8] as $match) {
                    $ip = explode(":", $match);
                    $ip = $ip[0];
                    if ($ip == $check) {
                        $userid = $matches[1][$id];
                        // gotcha!!! kick him!
                        $gothim = true;
                        $GLOBALS['db']->Execute("UPDATE `" . DB_PREFIX . "_bans` SET sid = '" . $sid . "' WHERE ip = '" . $check . "' AND RemovedBy IS NULL;");
                        $requri = substr($_SERVER['REQUEST_URI'], 0, strrpos($_SERVER['REQUEST_URI'], "pages/admin.kickit.php"));
                        $kick = $r->sendCommand("kickid " . $userid . " \"You have been banned by this server, check http://" . $_SERVER['HTTP_HOST'] . $requri . " for more info.\"");
                        $objResponse->addAssign("srv_{$num}", "innerHTML", "<font color='green' size='1'><b><u>Player Found & Kicked!!!</u></b></font>");
                        $objResponse->addScript("set_counter('-1');");
                        return $objResponse;
                    }
                    $id++;
                }
            }
        }
        if (!$gothim) {
            $objResponse->addAssign("srv_{$num}", "innerHTML", "<font size='1'>Player not found.</font>");
            $objResponse->addScript('set_counter(1);');
            return $objResponse;
        }
    } else {
        $objResponse->addAssign("srv_{$num}", "innerHTML", "<font color='red' size='1'><i>Can't connect to server.</i></font>");
        $objResponse->addScript('set_counter(1);');
        return $objResponse;
    }
}
示例#5
0
<?php

include_once '../mysql.php';
include_once '../json.php';
include_once '../utils.php';
// To generate the JSON answer.
$success = FALSE;
$errorMessage = '';
if (isset($_POST['name']) && isset($_POST['oldName']) && isset($_POST['type']) && isset($_POST['privateId'])) {
    $name = strip_tags($_POST['name']);
    $oldName = strip_tags($_POST['oldName']);
    $type = strip_tags($_POST['type']);
    $privateId = strip_tags($_POST['privateId']);
    $accountId = getAccountId('', $privateId);
    if ($accountId !== FALSE) {
        $pdos = $GLOBALS['pdo']->prepare('
				UPDATE
					`Category`
				SET
					`Name` = :name
				WHERE
					`Name` = :oldName
				AND
					`Type` = :type
				AND
					`Account` = :account
			');
        $pdos->bindValue(':name', $name);
        $pdos->bindValue('type', $type);
        $pdos->bindValue(':oldName', $oldName);
        $pdos->bindValue(':account', $accountId);
function checkMultiplePlayers($sid, $steamids)
{
    require_once INCLUDES_PATH . '/CServerRcon.php';
    $serv = $GLOBALS['db']->GetRow("SELECT ip, port, rcon FROM " . DB_PREFIX . "_servers WHERE sid = '" . $sid . "';");
    if (empty($serv['rcon'])) {
        return false;
    }
    $test = @fsockopen($serv['ip'], $serv['port'], $errno, $errstr, 2);
    if (!$test) {
        return false;
    }
    $r = new CServerRcon($serv['ip'], $serv['port'], $serv['rcon']);
    if (!$r->Auth()) {
        $GLOBALS['db']->Execute("UPDATE " . DB_PREFIX . "_servers SET rcon = '' WHERE sid = '" . (int) $sid . "';");
        return false;
    }
    $ret = $r->rconCommand("status");
    $search = preg_match_all(STATUS_PARSE, $ret, $matches, PREG_PATTERN_ORDER);
    $i = 0;
    $found = array();
    foreach ($matches[3] as $match) {
        foreach ($steamids as $steam) {
            if (getAccountId($match) == getAccountId($steam)) {
                $steam = $matches[3][$i];
                $name = $matches[2][$i];
                $time = $matches[4][$i];
                $ping = $matches[5][$i];
                $ip = explode(":", $matches[8][$i]);
                $ip = $ip[0];
                $found[$steam] = array('name' => $name, 'steam' => $steam, 'ip' => $ip, 'time' => $time, 'ping' => $ping);
                break;
            }
        }
        $i++;
    }
    return $found;
}
示例#7
0
        $result[$ds['Category']] = array('boy' => $ds['Boy'], 'girl' => $ds['Girl'], 'unisex' => $ds['Unisex']);
    }
    return $result;
}
// To generate the JSON answer.
$success = FALSE;
$errorMessage = '';
$students = array();
$studentCategories = array();
$teachers = array();
$teacherCategories = array();
$studentCouple1 = 0;
$studentCouple2 = 0;
if (isset($_POST['publicId']) && isset($_POST['voteCode'])) {
    $publicId = strip_tags($_POST['publicId']);
    $accountId = getAccountId($publicId, '');
    $voteCode = strip_tags($_POST['voteCode']);
    if ($accountId !== FALSE) {
        $voteCodeId = checkVoteCode($voteCode, $accountId);
        if ($voteCodeId) {
            $votes = getVotes($voteCodeId);
            $students = getNames('student', $accountId);
            $studentCategories = getCategories('student', $accountId, $votes);
            $teachers = getNames('teacher', $accountId);
            $teacherCategories = getCategories('teacher', $accountId, $votes);
            $pdos = $GLOBALS['pdo']->prepare('
					SELECT
						`Couple1`, `Couple2`
					FROM
						`CoupleVote`
					WHERE
示例#8
0
function autoSubscribe($email)
{
    $account_id = getAccountId($_SESSION['uname']);
    $result = mysql_query("select subscriber_id from subscriber where account_id='{$account_id}' AND subscriber_email = '{$email}' ") or die("mysql error@ finding account funder id @ line # 204");
    $row = mysql_fetch_row($result);
    $subscriber_id = $row[0];
    if (!$subscriber_id) {
        $query = "INSERT INTO subscriber (subscriber_id, account_id, project_id, subscriber_email, subscriber_status, subscriber_datetime) \n        VALUES ('','{$account_id}','{$account_id}','{$email}','1', NOW())";
        mysql_query($query) or die("mysql error@ inserting funding info @autoSubscribe");
    }
}
示例#9
0
 $bannedcfg = file($_FILES["importFile"]["tmp_name"]);
 $bancnt = 0;
 foreach ($bannedcfg as $ban) {
     $line = explode(" ", trim($ban));
     if ($line[1] == "0") {
         if (validate_ip($line[2])) {
             $check = $GLOBALS['db']->Execute("SELECT ip FROM `" . DB_PREFIX . "_bans` WHERE ip = ? AND RemoveType IS NULL", array($line[2]));
             if ($check->RecordCount() == 0) {
                 $bancnt++;
                 $pre = $GLOBALS['db']->Prepare("INSERT INTO " . DB_PREFIX . "_bans(created,authid,ip,name,ends,length,reason,aid,adminIp,type) VALUES\r\n\t\t\t\t\t\t\t\t\t\t(UNIX_TIMESTAMP(),?,?,?,(UNIX_TIMESTAMP() + ?),?,?,?,?,?)");
                 $GLOBALS['db']->Execute($pre, array("", $line[2], "Imported Ban", 0, 0, "banned_ip.cfg import", $_COOKIE['aid'], $_SERVER['REMOTE_ADDR'], 1));
             }
         } else {
             // if its an banned_user.cfg
             if (!validate_steam($line[2])) {
                 if (($accountId = getAccountId($line[2])) !== -1) {
                     $steam = renderSteam2($accountId, 0);
                 } else {
                     continue;
                 }
             } else {
                 $steam = $line[2];
             }
             $check = $GLOBALS['db']->Execute("SELECT authid FROM `" . DB_PREFIX . "_bans` WHERE authid = ? AND RemoveType IS NULL", array($steam));
             if ($check->RecordCount() == 0) {
                 if (!isset($_POST['friendsname']) || $_POST['friendsname'] != "on" || ($pname = GetCommunityName($steam)) == "") {
                     $pname = "Imported Ban";
                 }
                 $bancnt++;
                 $pre = $GLOBALS['db']->Prepare("INSERT INTO " . DB_PREFIX . "_bans(created,authid,ip,name,ends,length,reason,aid,adminIp,type) VALUES\r\n\t\t\t\t\t\t\t\t\t\t(UNIX_TIMESTAMP(),?,?,?,(UNIX_TIMESTAMP() + ?),?,?,?,?,?)");
                 $GLOBALS['db']->Execute($pre, array($steam, "", $pname, 0, 0, "banned_user.cfg import", $_COOKIE['aid'], $_SERVER['REMOTE_ADDR'], 0));