function BlockPlayer($check, $sid, $num, $type, $length)
{
$objResponse = new xajaxResponse();
global $userbank, $username;
$sid = (int) $sid;
$length = (int) $length;
if (!$userbank->HasAccess(ADMIN_OWNER | ADMIN_ADD_BAN)) {
$objResponse->redirect("index.php?p=login&m=no_access", 0);
$log = new CSystemLog("w", "Hacking Attempt", $username . " tried to process a playerblock, but doesnt have access.");
return $objResponse;
}
//get the server data
$sdata = $GLOBALS['db']->GetRow("SELECT ip, port, rcon FROM " . DB_PREFIX . "_servers WHERE sid = '" . $sid . "';");
//test if server is online
if ($test = @fsockopen($sdata['ip'], $sdata['port'], $errno, $errstr, 2)) {
@fclose($test);
require_once INCLUDES_PATH . "/CServerRcon.php";
$r = new CServerRcon($sdata['ip'], $sdata['port'], $sdata['rcon']);
if (!$r->Auth()) {
$GLOBALS['db']->Execute("UPDATE " . DB_PREFIX . "_servers SET rcon = '' WHERE sid = '" . $sid . "' LIMIT 1;");
$objResponse->addAssign("srv_{$num}", "innerHTML", "<font color='red' size='1'>Wrong RCON Password, please change!</font>");
$objResponse->addScript('set_counter(1);');
return $objResponse;
}
$ret = $r->rconCommand("status");
// show hostname instead of the ip, but leave the ip in the title
require_once "../includes/system-functions.php";
$hostsearch = preg_match_all('/hostname:[ ]*(.+)/', $ret, $hostname, PREG_PATTERN_ORDER);
$hostname = trunc(htmlspecialchars($hostname[1][0]), 25, false);
if (!empty($hostname)) {
$objResponse->addAssign("srvip_{$num}", "innerHTML", "<font size='1'><span title='" . $sdata['ip'] . ":" . $sdata['port'] . "'>" . $hostname . "</span></font>");
}
$gothim = false;
$search = preg_match_all(STATUS_PARSE, $ret, $matches, PREG_PATTERN_ORDER);
//search for the steamid on the server
foreach ($matches[3] as $match) {
if (substr($match, 8) == substr($check, 8)) {
// gotcha!!! kick him!
$gothim = true;
$GLOBALS['db']->Execute("UPDATE `" . DB_PREFIX . "_comms` SET sid = '" . $sid . "' WHERE authid = '" . $check . "' AND RemovedBy IS NULL;");
$requri = substr($_SERVER['REQUEST_URI'], 0, strrpos($_SERVER['REQUEST_URI'], "pages/admin.blockit.php"));
$kick = $r->sendCommand("sc_fw_block " . $type . " " . $length . " " . $match);
$objResponse->addAssign("srv_{$num}", "innerHTML", "<font color='green' size='1'><b><u>Player Found & blocked!!!</u></b></font>");
$objResponse->addScript("set_counter('-1');");
return $objResponse;
}
}
if (!$gothim) {
$objResponse->addAssign("srv_{$num}", "innerHTML", "<font size='1'>Player not found.</font>");
$objResponse->addScript('set_counter(1);');
return $objResponse;
}
} else {
$objResponse->addAssign("srv_{$num}", "innerHTML", "<font color='red' size='1'><i>Can't connect to server.</i></font>");
$objResponse->addScript('set_counter(1);');
return $objResponse;
}
}
function PasteBlock($sid, $name)
{
$objResponse = new xajaxResponse();
global $userbank, $username;
$sid = (int) $sid;
if (!$userbank->HasAccess(ADMIN_OWNER | ADMIN_ADD_BAN)) {
$objResponse->redirect("index.php?p=login&m=no_access", 0);
$log = new CSystemLog("w", "Hacking Attempt", $username . " tried paste a block, but doesn't have access.");
return $objResponse;
}
require INCLUDES_PATH . '/CServerRcon.php';
//get the server data
$data = $GLOBALS['db']->GetRow("SELECT ip, port, rcon FROM " . DB_PREFIX . "_servers WHERE sid = ?;", array($sid));
if (empty($data['rcon'])) {
$objResponse->addScript("\$('dialog-control').setStyle('display', 'block');");
$objResponse->addScript("ShowBox('Error', 'No RCON password for server " . $data['ip'] . ":" . $data['port'] . "!', 'red', '', true);");
return $objResponse;
}
$r = new CServerRcon($data['ip'], $data['port'], $data['rcon']);
if (!$r->Auth()) {
$GLOBALS['db']->Execute("UPDATE " . DB_PREFIX . "_servers SET rcon = '' WHERE sid = ?;", array($sid));
$objResponse->addScript("\$('dialog-control').setStyle('display', 'block');");
$objResponse->addScript("ShowBox('Error', 'Wrong RCON password for server " . $data['ip'] . ":" . $data['port'] . "!', 'red', '', true);");
return $objResponse;
}
$ret = $r->rconCommand("status");
$search = preg_match_all(STATUS_PARSE, $ret, $matches, PREG_PATTERN_ORDER);
$i = 0;
$found = false;
$index = -1;
foreach ($matches[2] as $match) {
if ($match == $name) {
$found = true;
$index = $i;
break;
}
$i++;
}
if ($found) {
$steam = $matches[3][$index];
$name = $matches[2][$index];
$objResponse->addScript("\$('nickname').value = '" . addslashes($name) . "'");
$objResponse->addScript("\$('steam').value = '" . $steam . "'");
} else {
$objResponse->addScript("ShowBox('Error', 'Can\\'t get player info for " . addslashes(htmlspecialchars($name)) . ". Player is not on the server (" . $data['ip'] . ":" . $data['port'] . ") anymore!', 'red', '', true);");
$objResponse->addScript("\$('dialog-control').setStyle('display', 'block');");
return $objResponse;
}
$objResponse->addScript("SwapPane(0);");
$objResponse->addScript("\$('dialog-control').setStyle('display', 'block');");
$objResponse->addScript("\$('dialog-placement').setStyle('display', 'none');");
return $objResponse;
}
function SendMessage($sid, $name, $message)
{
$objResponse = new xajaxResponse();
global $userbank, $username;
if (!$userbank->is_admin()) {
$objResponse->redirect("index.php?p=login&m=no_access", 0);
$log = new CSystemLog("w", "Ошибка доступ", $username . " пытался отправить для '" . addslashes(htmlspecialchars($name)) . "' сообщение (\"" . RemoveCode($message) . "\"), не имея на это прав.");
return $objResponse;
}
$sid = (int) $sid;
require INCLUDES_PATH . '/CServerRcon.php';
//get the server data
$data = $GLOBALS['db']->GetRow("SELECT ip, port, rcon FROM " . DB_PREFIX . "_servers WHERE sid = '" . $sid . "';");
if (empty($data['rcon'])) {
$objResponse->addScript("ShowBox('Ошибка', 'Невозможно отправить сообщение для " . addslashes(htmlspecialchars($name)) . ". Не задан РКОН пароль!', 'red', '', true);");
return $objResponse;
}
$r = new CServerRcon($data['ip'], $data['port'], $data['rcon']);
if (!$r->Auth()) {
$GLOBALS['db']->Execute("UPDATE " . DB_PREFIX . "_servers SET rcon = '' WHERE sid = '" . $sid . "';");
$objResponse->addScript("ShowBox('Ошибка', 'Невозможно отправить сообщение для " . addslashes(htmlspecialchars($name)) . ". Неверноый РКОН пароль!', 'red', '', true);");
return $objResponse;
}
$ret = $r->sendCommand('sm_psay "' . $name . '" "' . addslashes($message) . '"');
new CSystemLog("m", "Сообщение отправлено", "Следующее сообщение было отправлено " . addslashes(htmlspecialchars($name)) . " на сервер " . $data['ip'] . ":" . $data['port'] . ": " . RemoveCode($message));
$objResponse->addScript("ShowBox('Сообщение отправлено', 'Сообщение для \\'" . addslashes(htmlspecialchars($name)) . "\\' успешно отправлено!', 'green', '', true);\$('dialog-control').setStyle('display', 'block');");
return $objResponse;
}
function SendRconSilent($rcon, $sid)
{
require_once INCLUDES_PATH . '/CServerRcon.php';
$serv = $GLOBALS['db']->GetRow("SELECT ip, port, rcon FROM " . DB_PREFIX . "_servers WHERE sid = '" . $sid . "';");
if (empty($serv['rcon'])) {
return false;
}
$test = @fsockopen($serv['ip'], $serv['port'], $errno, $errstr, 2);
if (!$test) {
return false;
}
$r = new CServerRcon($serv['ip'], $serv['port'], $serv['rcon']);
if (!$r->Auth()) {
$GLOBALS['db']->Execute("UPDATE " . DB_PREFIX . "_servers SET rcon = '' WHERE sid = '" . (int) $sid . "';");
return false;
}
$ret = $r->rconCommand($rcon);
if ($ret) {
return true;
}
return false;
}
function SendMessage($sid, $name, $message)
{
$objResponse = new xajaxResponse();
global $userbank, $username;
if (!$userbank->is_admin()) {
$objResponse->redirect("index.php?p=login&m=no_access", 0);
$log = new CSystemLog("w", "Hacking Attempt", $username . " tried to send ingame message to '" . addslashes(htmlspecialchars($name)) . "' (\"" . RemoveCode($message) . "\"), but doesnt have access.");
return $objResponse;
}
$sid = (int) $sid;
require INCLUDES_PATH . '/CServerRcon.php';
//get the server data
$data = $GLOBALS['db']->GetRow("SELECT ip, port, rcon FROM " . DB_PREFIX . "_servers WHERE sid = '" . $sid . "';");
if (empty($data['rcon'])) {
$objResponse->addScript("ShowBox('Error', 'Can\\'t send message to " . addslashes(htmlspecialchars($name)) . ". No RCON password!', 'red', '', true);");
return $objResponse;
}
$r = new CServerRcon($data['ip'], $data['port'], $data['rcon']);
if (!$r->Auth()) {
$GLOBALS['db']->Execute("UPDATE " . DB_PREFIX . "_servers SET rcon = '' WHERE sid = '" . $sid . "';");
$objResponse->addScript("ShowBox('Error', 'Can\\'t send message to " . addslashes(htmlspecialchars($name)) . ". Wrong RCON password!', 'red', '', true);");
return $objResponse;
}
$ret = $r->sendCommand('sm_psay "' . $name . '" "' . addslashes($message) . '"');
new CSystemLog("m", "Message sent to player", "The following message was sent to " . addslashes(htmlspecialchars($name)) . " on server " . $data['ip'] . ":" . $data['port'] . ": " . RemoveCode($message));
$objResponse->addScript("ShowBox('Message Sent', 'The message has been sent to player \\'" . addslashes(htmlspecialchars($name)) . "\\' successfully!', 'green', '', true);\$('dialog-control').setStyle('display', 'block');");
return $objResponse;
}
function KickPlayer($check, $sid, $num, $type)
{
$objResponse = new xajaxResponse();
global $userbank, $username;
$sid = (int) $sid;
if (!$userbank->HasAccess(ADMIN_OWNER | ADMIN_ADD_BAN)) {
$objResponse->redirect("index.php?p=login&m=no_access", 0);
$log = new CSystemLog("w", "Ошибка доступа", $username . " пытался кого-то кикнуть, не имея на это прав.");
return $objResponse;
}
//get the server data
$sdata = $GLOBALS['db']->GetRow("SELECT ip, port, rcon FROM " . DB_PREFIX . "_servers WHERE sid = '" . $sid . "';");
//test if server is online
if ($test = @fsockopen($sdata['ip'], $sdata['port'], $errno, $errstr, 2)) {
@fclose($test);
require_once INCLUDES_PATH . "/CServerRcon.php";
$r = new CServerRcon($sdata['ip'], $sdata['port'], $sdata['rcon']);
if (!$r->Auth()) {
$GLOBALS['db']->Execute("UPDATE " . DB_PREFIX . "_servers SET rcon = '' WHERE sid = '" . $sid . "' LIMIT 1;");
$objResponse->addAssign("srv_{$num}", "innerHTML", "<font color='red' size='1'>Неверный РКОН!</font>");
$objResponse->addScript('set_counter(1);');
return $objResponse;
}
$ret = $r->rconCommand("status");
// show hostname instead of the ip, but leave the ip in the title
require_once "../includes/system-functions.php";
$hostsearch = preg_match_all('/hostname:[ ]*(.+)/', $ret, $hostname, PREG_PATTERN_ORDER);
$hostname = trunc(htmlspecialchars($hostname[1][0]), 25, false);
if (!empty($hostname)) {
$objResponse->addAssign("srvip_{$num}", "innerHTML", "<font size='1'><span title='" . $sdata['ip'] . ":" . $sdata['port'] . "'>" . $hostname . "</span></font>");
}
$gothim = false;
$search = preg_match_all(STATUS_PARSE, $ret, $matches, PREG_PATTERN_ORDER);
//search for the steamid on the server
if ((int) $type == 0) {
foreach ($matches[3] as $match) {
if (substr($match, 8) == substr($check, 8)) {
// gotcha!!! kick him!
$gothim = true;
$GLOBALS['db']->Execute("UPDATE `" . DB_PREFIX . "_bans` SET sid = '" . $sid . "' WHERE authid = '" . $check . "' AND RemovedBy IS NULL;");
$requri = substr($_SERVER['REQUEST_URI'], 0, strrpos($_SERVER['REQUEST_URI'], "pages/admin.kickit.php"));
$kick = $r->sendCommand("kickid " . $match . " \"Вы были забанены, посетите http://" . $_SERVER['HTTP_HOST'] . $requri . " для большей информации.\"");
$objResponse->addAssign("srv_{$num}", "innerHTML", "<font color='green' size='1'><b><u>Игрок найден и кикнут!!!</u></b></font>");
$objResponse->addScript("set_counter('-1');");
return $objResponse;
}
}
} else {
if ((int) $type == 1) {
// search for the ip on the server
$id = 0;
foreach ($matches[8] as $match) {
$ip = explode(":", $match);
$ip = $ip[0];
if ($ip == $check) {
$userid = $matches[1][$id];
// gotcha!!! kick him!
$gothim = true;
$GLOBALS['db']->Execute("UPDATE `" . DB_PREFIX . "_bans` SET sid = '" . $sid . "' WHERE ip = '" . $check . "' AND RemovedBy IS NULL;");
$requri = substr($_SERVER['REQUEST_URI'], 0, strrpos($_SERVER['REQUEST_URI'], "pages/admin.kickit.php"));
$kick = $r->sendCommand("kickid " . $userid . " \"Вы были забанены, посетите http://" . $_SERVER['HTTP_HOST'] . $requri . " для большей информации.\"");
$objResponse->addAssign("srv_{$num}", "innerHTML", "<font color='green' size='1'><b><u>Игрок найден и кикнут!!!</u></b></font>");
$objResponse->addScript("set_counter('-1');");
return $objResponse;
}
$id++;
}
}
}
if (!$gothim) {
$objResponse->addAssign("srv_{$num}", "innerHTML", "<font size='1'>Игрок не найден.</font>");
$objResponse->addScript('set_counter(1);');
return $objResponse;
}
} else {
$objResponse->addAssign("srv_{$num}", "innerHTML", "<font color='red' size='1'><i>Нет соединения с сервером.</i></font>");
$objResponse->addScript('set_counter(1);');
return $objResponse;
}
}
