arriej/TSN-Ranksystem
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

release 1.2.4

Browse Source
This commit is contained in:
Newcomer1989
2018-02-12 06:31:19 +01:00
parent c7fb3673df
commit 28aeb8ec6f
53 changed files with 2092 additions and 1647 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
webinterface/addon_assign_groups.php
View File

@@ -25,44 +25,36 @@ function getclientip() {
if (isset($_POST['logout'])) {
echo "logout";
$_SESSION = array();
session_destroy();
if($_SERVER['HTTPS'] == "on") {
header("Location: https://".$_SERVER['HTTP_HOST'].rtrim(dirname($_SERVER['PHP_SELF']), '/\\'));
} else {
header("Location: http://".$_SERVER['HTTP_HOST'].rtrim(dirname($_SERVER['PHP_SELF']), '/\\'));
}
rem_session_ts3($rspathhex);
header("Location: //".$_SERVER['HTTP_HOST'].rtrim(dirname($_SERVER['PHP_SELF']), '/\\'));
exit;
}
if (!isset($_SESSION['username']) || $_SESSION['username'] != $webuser || $_SESSION['password'] != $webpass || $_SESSION['clientip'] != getclientip()) {
if($_SERVER['HTTPS'] == "on") {
header("Location: https://".$_SERVER['HTTP_HOST'].rtrim(dirname($_SERVER['PHP_SELF']), '/\\'));
} else {
header("Location: http://".$_SERVER['HTTP_HOST'].rtrim(dirname($_SERVER['PHP_SELF']), '/\\'));
}
if (!isset($_SESSION[$rspathhex.'username']) || $_SESSION[$rspathhex.'username'] != $webuser || $_SESSION[$rspathhex.'password'] != $webpass || $_SESSION[$rspathhex.'clientip'] != getclientip()) {
header("Location: //".$_SERVER['HTTP_HOST'].rtrim(dirname($_SERVER['PHP_SELF']), '/\\'));
exit;
}
require_once('nav.php');
if(!isset($_POST['number']) || $_POST['number'] == "yes") {
$_SESSION['showexcepted'] = "yes";
$_SESSION[$rspathhex.'showexcepted'] = "yes";
$filter = " AND except='0'";
} else {
$_SESSION['showexcepted'] = "no";
$_SESSION[$rspathhex.'showexcepted'] = "no";
$filter = "";
}
$assign_groups_active = 0;
if (isset($_POST['update']) && $_SESSION['username'] == $webuser && $_SESSION['password'] == $webpass && $_SESSION['clientip'] == getclientip()) {
if (isset($_POST['update']) && $_SESSION[$rspathhex.'username'] == $webuser && $_SESSION[$rspathhex.'password'] == $webpass && $_SESSION[$rspathhex.'clientip'] == getclientip()) {
$assign_groups_limit = $_POST['assign_groups_limit'];
$assign_groups_groupids = $_POST['assign_groups_groupids'];
if (isset($_POST['assign_groups_active'])) $assign_groups_active = 1; else $assign_groups_active = 0;
if (isset($_POST['assign_groups_active'])) $assign_groups_active = 1;
if ($mysqlcon->exec("UPDATE $dbname.addons_config SET value = CASE param WHEN 'assign_groups_active' THEN '$assign_groups_active' WHEN 'assign_groups_limit' THEN '$assign_groups_limit' WHEN 'assign_groups_groupids' THEN '$assign_groups_groupids' END WHERE param IN ('assign_groups_active','assign_groups_groupids','assign_groups_limit')") === false) {
$err_msg = print_r($mysqlcon->errorInfo(), true);
$err_lvl = 3;
} else {
$err_msg .= $lang['wisvsuc']." ".$lang['wisv'];
$err_msg = $lang['wisvsuc'];
$err_lvl = NULL;
}
$addons_config['assign_groups_groupids']['value'] = $_POST['assign_groups_groupids'];

27
webinterface/admin.php
View File

@@ -22,32 +22,23 @@ function getclientip() {
if (isset($_POST['logout'])) {
echo "logout";
$_SESSION = array();
session_destroy();
if($_SERVER['HTTPS'] == "on") {
header("Location: https://".$_SERVER['HTTP_HOST'].rtrim(dirname($_SERVER['PHP_SELF']), '/\\'));
} else {
header("Location: http://".$_SERVER['HTTP_HOST'].rtrim(dirname($_SERVER['PHP_SELF']), '/\\'));
}
rem_session_ts3($rspathhex);
header("Location: //".$_SERVER['HTTP_HOST'].rtrim(dirname($_SERVER['PHP_SELF']), '/\\'));
exit;
}
if (!isset($_SESSION['username']) || $_SESSION['username'] != $webuser || $_SESSION['password'] != $webpass || $_SESSION['clientip'] != getclientip()) {
if($_SERVER['HTTPS'] == "on") {
header("Location: https://".$_SERVER['HTTP_HOST'].rtrim(dirname($_SERVER['PHP_SELF']), '/\\'));
} else {
header("Location: http://".$_SERVER['HTTP_HOST'].rtrim(dirname($_SERVER['PHP_SELF']), '/\\'));
}
if (!isset($_SESSION[$rspathhex.'username']) || $_SESSION[$rspathhex.'username'] != $webuser || $_SESSION[$rspathhex.'password'] != $webpass || $_SESSION[$rspathhex.'clientip'] != getclientip()) {
header("Location: //".$_SERVER['HTTP_HOST'].rtrim(dirname($_SERVER['PHP_SELF']), '/\\'));
exit;
}
require_once('nav.php');
if(!isset($_POST['number']) || $_POST['number'] == "yes") {
$_SESSION['showexcepted'] = "yes";
$_SESSION[$rspathhex.'showexcepted'] = "yes";
$filter = " AND except='0'";
} else {
$_SESSION['showexcepted'] = "no";
$_SESSION[$rspathhex.'showexcepted'] = "no";
$filter = "";
}
@@ -57,7 +48,7 @@ if(($dbuserdata = $mysqlcon->query("SELECT uuid,cldbid,name FROM $dbname.user WH
}
$user_arr = $dbuserdata->fetchAll(PDO::FETCH_ASSOC);
if (isset($_POST['update']) && $_SESSION['username'] == $webuser && $_SESSION['password'] == $webpass && $_SESSION['clientip'] == getclientip()) {
if (isset($_POST['update']) && $_SESSION[$rspathhex.'username'] == $webuser && $_SESSION[$rspathhex.'password'] == $webpass && $_SESSION[$rspathhex.'clientip'] == getclientip()) {
$setontime = 0;
if($_POST['setontime_day']) { $setontime = $setontime + $_POST['setontime_day'] * 86400; }
if($_POST['setontime_hour']) { $setontime = $setontime + $_POST['setontime_hour'] * 3600; }
@@ -106,8 +97,8 @@ if (isset($_POST['update']) && $_SESSION['username'] == $webuser && $_SESSION['p
<div class="col-sm-8 pull-right">
<select class="selectpicker show-tick form-control" id="number" name="number" onchange="this.form.submit();">
<?PHP
echo '<option value="yes"'; if(!isset($_SESSION['showexcepted']) || $_SESSION['showexcepted'] == "yes") echo " selected=selected"; echo '>hide</option>';
echo '<option value="no"'; if(isset($_SESSION['showexcepted']) && $_SESSION['showexcepted'] == "no") echo " selected=selected"; echo '>show</option>';
echo '<option value="yes"'; if(!isset($_SESSION[$rspathhex.'showexcepted']) || $_SESSION[$rspathhex.'showexcepted'] == "yes") echo " selected=selected"; echo '>hide</option>';
echo '<option value="no"'; if(isset($_SESSION[$rspathhex.'showexcepted']) && $_SESSION[$rspathhex.'showexcepted'] == "no") echo " selected=selected"; echo '>show</option>';
?>
</select>
</div>

128
webinterface/bot.php
View File

@@ -21,21 +21,47 @@ function getclientip() {
return false;
}
function getlog($logpath,$number_lines,$filters,$filter2) {
function getlog($logpath,$number_lines,$filters,$filter2,$inactivefilter = NULL) {
$lines=array();
if(file_exists($logpath."ranksystem.log")) {
$fp = fopen($logpath."ranksystem.log", "r");
while(!feof($fp)) {
$line = fgets($fp, 4096);
$buffer=array();
while($line = fgets($fp, 4096)) {
array_push($buffer, $line);
}
fclose($fp);
$buffer = array_reverse($buffer);
foreach($buffer as $line) {
if(substr($line, 0, 2) != "20" && in_array($lastfilter, $filters)) {
array_push($lines, $line);
if (count($lines)>$number_lines) {
break;
}
continue;
}
foreach($filters as $filter) {
if(($filter != NULL && strstr($line, $filter) && $filter2 == NULL) || ($filter2 != NULL && strstr($line, $filter2) && $filter != NULL && strstr($line, $filter))) {
array_push($lines, $line);
if (count($lines)>$number_lines) array_shift($lines);
if($filter == "CRITICAL" || $filter == "ERROR") {
array_push($lines, '<span class="text-danger">'.$line.'</span>');
} else {
array_push($lines, $line);
}
$lastfilter = $filter;
if (count($lines)>$number_lines) {
break 2;
}
continue;
} elseif($inactivefilter != NULL) {
foreach($inactivefilter as $defilter) {
if($defilter != NULL && strstr($line, $defilter)) {
$lastfilter = $defilter;
continue;
}
}
continue;
}
}
}
fclose($fp);
}
} else {
$lines[] = "No log entry found...\n";
$lines[] = "The logfile will be created with next startup.\n";
@@ -60,118 +86,144 @@ if (isset($_POST['number'])) {
} else {
$number_lines = 20;
}
$_SESSION['number_lines'] = $number_lines;
} elseif (isset($_SESSION['number_lines'])) {
$number_lines = $_SESSION['number_lines'];
$_SESSION[$rspathhex.'number_lines'] = $number_lines;
} elseif (isset($_SESSION[$rspathhex.'number_lines'])) {
$number_lines = $_SESSION[$rspathhex.'number_lines'];
}
if(isset($_SESSION['logfilter2'])) {
$filter2 = $_SESSION['logfilter2'];
if(isset($_SESSION[$rspathhex.'logfilter2'])) {
$filter2 = $_SESSION[$rspathhex.'logfilter2'];
} else {
$filter2 = '';
}
$filters = '';
$inactivefilter = '';
if(isset($_POST['logfilter']) && in_array('critical', $_POST['logfilter'])) {
$filters .= "CRITICAL,";
} elseif(isset($_POST['logfilter'])) {
$inactivefilter .= "CRITICAL,";
}
if(isset($_POST['logfilter']) && in_array('error', $_POST['logfilter'])) {
$filters .= "ERROR,";
} elseif(isset($_POST['logfilter'])) {
$inactivefilter .= "ERROR,";
}
if(isset($_POST['logfilter']) && in_array('warning', $_POST['logfilter'])) {
$filters .= "WARNING,";
} elseif(isset($_POST['logfilter'])) {
$inactivefilter .= "WARNING,";
}
if(isset($_POST['logfilter']) && in_array('notice', $_POST['logfilter'])) {
$filters .= "NOTICE,";
} elseif(isset($_POST['logfilter'])) {
$inactivefilter .= "NOTICE,";
}
if(isset($_POST['logfilter']) && in_array('info', $_POST['logfilter'])) {
$filters .= "INFO,";
} elseif(isset($_POST['logfilter'])) {
$inactivefilter .= "INFO,";
}
if(isset($_POST['logfilter']) && in_array('debug', $_POST['logfilter'])) {
$filters .= "DEBUG,";
} elseif(isset($_POST['logfilter'])) {
$inactivefilter .= "DEBUG,";
}
if(isset($_POST['logfilter'][0])) {
$filter2 = $_POST['logfilter'][0];
$_SESSION['logfilter2'] = $filter2;
$_SESSION[$rspathhex.'logfilter2'] = $filter2;
}
if($filters != '') {
$_SESSION['logfilter'] = $filters;
$_SESSION[$rspathhex.'logfilter'] = $filters;
}
if (!isset($_SESSION['logfilter'])) {
$_SESSION['logfilter'] = "CRITICAL,ERROR,WARNING,NOTICE,INFO,DEBUG";
if($inactivefilter != '') {
$_SESSION[$rspathhex.'inactivefilter'] = $inactivefilter;
}
if(isset($_SESSION[$rspathhex.'inactivefilter']) && $_SESSION[$rspathhex.'inactivefilter'] != NULL) {
$inactivefilter = explode(',', $_SESSION[$rspathhex.'inactivefilter']);
}
$filters = explode(',', $_SESSION['logfilter']);
if (!isset($_SESSION[$rspathhex.'logfilter'])) {
$_SESSION[$rspathhex.'logfilter'] = "CRITICAL,ERROR,WARNING,NOTICE,INFO,DEBUG";
}
$filters = explode(',', $_SESSION[$rspathhex.'logfilter']);
if (isset($_POST['logout'])) {
echo "logout";
$_SESSION = array();
session_destroy();
if($_SERVER['HTTPS'] == "on") {
header("Location: https://".$_SERVER['HTTP_HOST'].rtrim(dirname($_SERVER['PHP_SELF']), '/\\'));
} else {
header("Location: http://".$_SERVER['HTTP_HOST'].rtrim(dirname($_SERVER['PHP_SELF']), '/\\'));
}
rem_session_ts3($rspathhex);
header("Location: //".$_SERVER['HTTP_HOST'].rtrim(dirname($_SERVER['PHP_SELF']), '/\\'));
exit;
}
if (!isset($_SESSION['username']) || $_SESSION['username'] != $webuser || $_SESSION['password'] != $webpass || $_SESSION['clientip'] != getclientip()) {
if($_SERVER['HTTPS'] == "on") {
header("Location: https://".$_SERVER['HTTP_HOST'].rtrim(dirname($_SERVER['PHP_SELF']), '/\\'));
} else {
header("Location: http://".$_SERVER['HTTP_HOST'].rtrim(dirname($_SERVER['PHP_SELF']), '/\\'));
}
if (!isset($_SESSION[$rspathhex.'username']) || $_SESSION[$rspathhex.'username'] != $webuser || $_SESSION[$rspathhex.'password'] != $webpass || $_SESSION[$rspathhex.'clientip'] != getclientip()) {
header("Location: //".$_SERVER['HTTP_HOST'].rtrim(dirname($_SERVER['PHP_SELF']), '/\\'));
exit;
}
require_once('nav.php');
$logoutput = getlog($logpath,$number_lines,$filters,$filter2);
$logoutput = getlog($logpath,$number_lines,$filters,$filter2,$inactivefilter);
if (isset($_POST['start']) && $_SESSION['username'] == $webuser && $_SESSION['password'] == $webpass && $_SESSION['clientip'] == getclientip()) {
if (isset($_POST['start']) && $_SESSION[$rspathhex.'username'] == $webuser && $_SESSION[$rspathhex.'password'] == $webpass && $_SESSION[$rspathhex.'clientip'] == getclientip()) {
if(substr(sprintf('%o', fileperms($logpath)), -3, 1)!='7') {
$err_msg = "!!!! Logs folder is not writable !!!!<br>Cancel start request!"; $err_lvl = 3;
} else {
if (substr(php_uname(), 0, 7) == "Windows") {
$WshShell = new COM("WScript.Shell");
$oExec = $WshShell->Run("cmd /C ".$phpcommand." ".substr(__DIR__,0,-12)."\worker.php start", 0, false);
if (file_exists(substr(__DIR__,0,-12)."\logs\autostart_deactivated")) {
unlink(substr(__DIR__,0,-12)."\logs\autostart_deactivated");
}
} else {
exec($phpcommand." ".substr(__DIR__,0,-12)."worker.php start");
if (file_exists(substr(__DIR__,0,-12)."logs/autostart_deactivated")) {
unlink(substr(__DIR__,0,-12)."logs/autostart_deactivated");
}
}
$err_msg = $lang['wibot2'];
$err_lvl = 1;
usleep(80000);
$logoutput = getlog($logpath,$number_lines,$filters,$filter2);
$logoutput = getlog($logpath,$number_lines,$filters,$filter2,$inactivefilter);
}
}
if (isset($_POST['stop']) && $_SESSION['username'] == $webuser && $_SESSION['password'] == $webpass && $_SESSION['clientip'] == getclientip()) {
if (isset($_POST['stop']) && $_SESSION[$rspathhex.'username'] == $webuser && $_SESSION[$rspathhex.'password'] == $webpass && $_SESSION[$rspathhex.'clientip'] == getclientip()) {
if (substr(php_uname(), 0, 7) == "Windows") {
$WshShell = new COM("WScript.Shell");
$oExec = $WshShell->Run("cmd /C ".$phpcommand." ".substr(__DIR__,0,-12)."\worker.php stop", 0, false);
file_put_contents(substr(__DIR__,0,-12)."\logs\autostart_deactivated");
} else {
exec($phpcommand." ".substr(__DIR__,0,-12)."worker.php stop");
file_put_contents(substr(__DIR__,0,-12)."logs/autostart_deactivated");
}
$err_msg = $lang['wibot1'];
$err_lvl = 1;
usleep(80000);
$logoutput = getlog($logpath,$number_lines,$filters,$filter2);
$logoutput = getlog($logpath,$number_lines,$filters,$filter2,$inactivefilter);
}
if (isset($_POST['restart']) && $_SESSION['username'] == $webuser && $_SESSION['password'] == $webpass && $_SESSION['clientip'] == getclientip()) {
if (isset($_POST['restart']) && $_SESSION[$rspathhex.'username'] == $webuser && $_SESSION[$rspathhex.'password'] == $webpass && $_SESSION[$rspathhex.'clientip'] == getclientip()) {
if(substr(sprintf('%o', fileperms($logpath)), -3, 1)!='7') {
$err_msg = "!!!! Logs folder is not writable !!!!<br>Cancel restart request!"; $err_lvl = 3;
} else {
if (substr(php_uname(), 0, 7) == "Windows") {
$WshShell = new COM("WScript.Shell");
$oExec = $WshShell->Run("cmd /C ".$phpcommand." ".substr(__DIR__,0,-12)."\worker.php restart", 0, false);
if (file_exists(substr(__DIR__,0,-12)."\logs\autostart_deactivated")) {
unlink(substr(__DIR__,0,-12)."\logs\autostart_deactivated");
}
} else {
exec($phpcommand." ".substr(__DIR__,0,-12)."worker.php restart");
if (file_exists(substr(__DIR__,0,-12)."logs/autostart_deactivated")) {
unlink(substr(__DIR__,0,-12)."logs/autostart_deactivated");
}
}
$err_msg = $lang['wibot3'];
$err_lvl = 1;
usleep(80000);
$logoutput = getlog($logpath,$number_lines,$filters,$filter2);
$logoutput = getlog($logpath,$number_lines,$filters,$filter2,$inactivefilter);
}
}
@@ -302,7 +354,7 @@ if($ts['host'] == NULL || $ts['query'] == NULL || $ts['voice'] == NULL || $ts['u
</div>
<div class="row">
<div class="col-lg-12">
<pre><?PHP krsort($logoutput); foreach ($logoutput as $line) { echo $line; } ?></pre>
<pre><?PHP foreach ($logoutput as $line) { echo $line; } ?></pre>
</div>
</div>
</div>

19
webinterface/changepassword.php
View File

@@ -58,28 +58,19 @@ function getclientip() {
}
if (isset($_POST['logout'])) {
$_SESSION = array();
session_destroy();
if($_SERVER['HTTPS'] == "on") {
header("Location: https://".$_SERVER['HTTP_HOST'].rtrim(dirname($_SERVER['PHP_SELF']), '/\\'));
} else {
header("Location: http://".$_SERVER['HTTP_HOST'].rtrim(dirname($_SERVER['PHP_SELF']), '/\\'));
}
rem_session_ts3($rspathhex);
header("Location: //".$_SERVER['HTTP_HOST'].rtrim(dirname($_SERVER['PHP_SELF']), '/\\'));
exit;
}
if (!isset($_SESSION['username']) || $_SESSION['username'] != $webuser || $_SESSION['password'] != $webpass || $_SESSION['clientip'] != getclientip()) {
if($_SERVER['HTTPS'] == "on") {
header("Location: https://".$_SERVER['HTTP_HOST'].rtrim(dirname($_SERVER['PHP_SELF']), '/\\'));
} else {
header("Location: http://".$_SERVER['HTTP_HOST'].rtrim(dirname($_SERVER['PHP_SELF']), '/\\'));
}
if (!isset($_SESSION[$rspathhex.'username']) || $_SESSION[$rspathhex.'username'] != $webuser || $_SESSION[$rspathhex.'password'] != $webpass || $_SESSION[$rspathhex.'clientip'] != getclientip()) {
header("Location: //".$_SERVER['HTTP_HOST'].rtrim(dirname($_SERVER['PHP_SELF']), '/\\'));
exit;
}
require_once('nav.php');
if (isset($_POST['changepw']) && $_SESSION['username'] == $webuser && $_SESSION['password'] == $webpass && $_SESSION['clientip'] == getclientip()) {
if (isset($_POST['changepw']) && $_SESSION[$rspathhex.'username'] == $webuser && $_SESSION[$rspathhex.'password'] == $webpass && $_SESSION[$rspathhex.'clientip'] == getclientip()) {
$newpass = password_hash($_POST['newpwd1'], PASSWORD_DEFAULT);
if (!password_verify($_POST['oldpwd'], $webpass)) {
$err_msg = $lang['wichpw1']; $err_lvl = 3;

148
webinterface/core.php
View File

@@ -21,28 +21,69 @@ function getclientip() {
}
if (isset($_POST['logout'])) {
$_SESSION = array();
session_destroy();
if($_SERVER['HTTPS'] == "on") {
header("Location: https://".$_SERVER['HTTP_HOST'].rtrim(dirname($_SERVER['PHP_SELF']), '/\\'));
} else {
header("Location: http://".$_SERVER['HTTP_HOST'].rtrim(dirname($_SERVER['PHP_SELF']), '/\\'));
}
rem_session_ts3($rspathhex);
header("Location: //".$_SERVER['HTTP_HOST'].rtrim(dirname($_SERVER['PHP_SELF']), '/\\'));
exit;
}
if (!isset($_SESSION['username']) || $_SESSION['username'] != $webuser || $_SESSION['password'] != $webpass || $_SESSION['clientip'] != getclientip()) {
if($_SERVER['HTTPS'] == "on") {
header("Location: https://".$_SERVER['HTTP_HOST'].rtrim(dirname($_SERVER['PHP_SELF']), '/\\'));
} else {
header("Location: http://".$_SERVER['HTTP_HOST'].rtrim(dirname($_SERVER['PHP_SELF']), '/\\'));
}
if (!isset($_SESSION[$rspathhex.'username']) || $_SESSION[$rspathhex.'username'] != $webuser || $_SESSION[$rspathhex.'password'] != $webpass || $_SESSION[$rspathhex.'clientip'] != getclientip()) {
header("Location: //".$_SERVER['HTTP_HOST'].rtrim(dirname($_SERVER['PHP_SELF']), '/\\'));
exit;
}
require_once('nav.php');
if (isset($_POST['update']) && $_SESSION['username'] == $webuser && $_SESSION['password'] == $webpass && $_SESSION['clientip'] == getclientip()) {
if (isset($_POST['update']) && $_SESSION[$rspathhex.'username'] == $webuser && $_SESSION[$rspathhex.'password'] == $webpass && $_SESSION[$rspathhex.'clientip'] == getclientip()) {
if(($groupslist = $mysqlcon->query("SELECT * FROM $dbname.groups")->fetchAll(PDO::FETCH_UNIQUE|PDO::FETCH_ASSOC)) === false) {
enter_logfile($logpath,$timezone,1,"Select on DB failed for group check: ".print_r($mysqlcon->errorInfo(), true));
}
if(empty($_POST['boost'])) {
$boostarr = null;
} else {
foreach (explode(',', $_POST['boost']) as $entry) {
list($key, $value1, $value2) = explode('=>', $entry);
$boostarr[$key] = array("group"=>$key,"factor"=>$value1,"time"=>$value2);
}
}
if(empty($_POST['grouptime'])) {
$grouparr = null;
} else {
foreach (explode(',', $_POST['grouptime']) as $entry) {
list($time, $groupid) = explode('=>', $entry);
$grouparr[$groupid] = $time;
}
}
$err_msg = '';
$errcnf = 0;
if(isset($groupslist) && $groupslist != NULL) {
foreach($grouparr as $groupid => $time) {
if(!isset($groupslist[$groupid]) && $groupid != NULL) {
$err_msg .= sprintf($lang['upgrp0001'], $groupid, $lang['wigrptime']).'<br>';
$err_lvl = 3;
$errcnf++;
}
}
foreach($boostarr as $groupid => $value) {
if(!isset($groupslist[$groupid]) && $groupid != NULL) {
$err_msg .= sprintf($lang['upgrp0001'], $groupid, $lang['wiboost']).'<br>';
$err_lvl = 3;
$errcnf++;
}
}
foreach(array_flip(explode(',', $_POST['exceptgroup'])) as $groupid => $value) {
if(!isset($groupslist[$groupid]) && $groupid != NULL) {
$err_msg .= sprintf($lang['upgrp0001'], $groupid, $lang['wiexgrp']).'<br>';
$err_lvl = 3;
$errcnf++;
}
}
}
unset($groupslist);
$substridle = $_POST['substridle'];
$exceptuuid = $_POST['exceptuuid'];
$exceptgroup = $_POST['exceptgroup'];
@@ -54,19 +95,28 @@ if (isset($_POST['update']) && $_SESSION['username'] == $webuser && $_SESSION['p
if (isset($_POST['cleanclients'])) $cleanclients = 1; else $cleanclients = 0;
$cleanperiod = $_POST['cleanperiod'];
$boost = $_POST['boost'];
if ($mysqlcon->exec("UPDATE $dbname.config set substridle='$substridle',exceptuuid='$exceptuuid',exceptgroup='$exceptgroup',exceptcid='$exceptcid',grouptime='$grouptime',ignoreidle='$ignoreidle',resetbydbchange='$resetbydbchange',cleanclients='$cleanclients',cleanperiod='$cleanperiod',boost='$boost',resetexcept='$resetexcept'") === false) {
$err_msg = print_r($mysqlcon->errorInfo(), true);
$err_lvl = 3;
} else {
$err_msg = $lang['wisvsuc']." ".sprintf($lang['wisvres'], '&nbsp;&nbsp;<form class="btn-group" name="restart" action="bot.php" method="POST"><button
type="submit" class="btn btn-primary" name="restart"><i class="fa fa-fw fa-refresh"></i>&nbsp;'.$lang['wibot7'].'</button></form>');
$err_lvl = NULL;
}
$config[0]['grouptime'] = $_POST['grouptime'];
$config[0]['exceptuuid'] = $_POST['exceptuuid'];
$config[0]['exceptgroup'] = $_POST['exceptgroup'];
$config[0]['exceptcid'] = $_POST['exceptcid'];
$config[0]['boost'] = $_POST['boost'];
if($_POST['registercid'] == NULL) {
$registercid = 0;
} else {
$registercid = $_POST['registercid'];
}
if($errcnf == 0) {
if ($mysqlcon->exec("UPDATE $dbname.config set substridle='$substridle',exceptuuid='$exceptuuid',exceptgroup='$exceptgroup',exceptcid='$exceptcid',grouptime='$grouptime',ignoreidle='$ignoreidle',resetbydbchange='$resetbydbchange',cleanclients='$cleanclients',cleanperiod='$cleanperiod',boost='$boost',resetexcept='$resetexcept',registercid='$registercid'") === false) {
$err_msg = print_r($mysqlcon->errorInfo(), true);
$err_lvl = 3;
} else {
$err_msg = $lang['wisvsuc']." ".sprintf($lang['wisvres'], '&nbsp;&nbsp;<form class="btn-group" name="restart" action="bot.php" method="POST"><button
type="submit" class="btn btn-primary" name="restart"><i class="fa fa-fw fa-refresh"></i>&nbsp;'.$lang['wibot7'].'</button></form>');
$err_lvl = NULL;
}
} else {
$err_msg .= "<br>".$lang['errgrpid'];
}
$config['grouptime'] = $_POST['grouptime'];
$config['exceptuuid'] = $_POST['exceptuuid'];
$config['exceptgroup'] = $_POST['exceptgroup'];
$config['exceptcid'] = $_POST['exceptcid'];
$config['boost'] = $_POST['boost'];
}
?>
<div id="page-wrapper">
@@ -108,21 +158,21 @@ if (isset($_POST['update']) && $_SESSION['username'] == $webuser && $_SESSION['p
<div class="form-group">
<label class="col-sm-4 control-label" data-toggle="modal" data-target="#wiexuiddesc"><?php echo $lang['wiexuid']; ?><i class="help-hover glyphicon glyphicon-question-sign"></i></label>
<div class="col-sm-8">
<textarea class="form-control" data-pattern="^([A-Za-z0-9\\\/\+]{27}=,)*([A-Za-z0-9\\\/\+]{27}=)$" data-error="Check all unique IDs are correct and your list do not ends with a comma!" rows="1" name="exceptuuid" maxlength="999"><?php echo $config[0]['exceptuuid']; ?></textarea>
<textarea class="form-control" data-pattern="^([A-Za-z0-9\\\/\+]{27}=,)*([A-Za-z0-9\\\/\+]{27}=)$" data-error="Check all unique IDs are correct and your list do not ends with a comma!" rows="1" name="exceptuuid" maxlength="999"><?php echo $config['exceptuuid']; ?></textarea>
<div class="help-block with-errors"></div>
</div>
</div>
<div class="form-group">
<label class="col-sm-4 control-label" data-toggle="modal" data-target="#wiexgrpdesc"><?php echo $lang['wiexgrp']; ?><i class="help-hover glyphicon glyphicon-question-sign"></i></label>
<div class="col-sm-8">
<textarea class="form-control" data-pattern="^([0-9]{1,9},)*[0-9]{1,9}$" data-error="Only use digits separated with a comma! Also must the first and last value be digit!" rows="1" name="exceptgroup" maxlength="999"><?php echo $config[0]['exceptgroup']; ?></textarea>
<textarea class="form-control" data-pattern="^([0-9]{1,9},)*[0-9]{1,9}$" data-error="Only use digits separated with a comma! Also must the first and last value be digit!" rows="1" name="exceptgroup" maxlength="999"><?php echo $config['exceptgroup']; ?></textarea>
<div class="help-block with-errors"></div>
</div>
</div>
<div class="form-group">
<label class="col-sm-4 control-label" data-toggle="modal" data-target="#wiexciddesc"><?php echo $lang['wiexcid']; ?><i class="help-hover glyphicon glyphicon-question-sign"></i></label>
<div class="col-sm-8">
<textarea class="form-control" data-pattern="^([0-9]{1,9},)*[0-9]{1,9}$" data-error="Only use digits separated with a comma! Also must the first and last value be digit!" rows="1" name="exceptcid" maxlength="999"><?php echo $config[0]['exceptcid']; ?></textarea>
<textarea class="form-control" data-pattern="^([0-9]{1,9},)*[0-9]{1,9}$" data-error="Only use digits separated with a comma! Also must the first and last value be digit!" rows="1" name="exceptcid" maxlength="999"><?php echo $config['exceptcid']; ?></textarea>
<div class="help-block with-errors"></div>
</div>
</div>
@@ -132,7 +182,7 @@ if (isset($_POST['update']) && $_SESSION['username'] == $webuser && $_SESSION['p
<div class="form-group required-field-block">
<label class="col-sm-4 control-label" data-toggle="modal" data-target="#wigrptimedesc"><?php echo $lang['wigrptime']; ?><i class="help-hover glyphicon glyphicon-question-sign"></i></label>
<div class="col-sm-8">
<textarea class="form-control" data-pattern="^([0-9]{1,9}=>[0-9]{1,9},)*[0-9]{1,9}=>[0-9]{1,9}$" data-error="Wrong definition, please look at description for more details. No comma at ending!" rows="5" name="grouptime" maxlength="5000" required><?php echo $config[0]['grouptime']; ?></textarea>
<textarea class="form-control" data-pattern="^([0-9]{1,9}=>[0-9]{1,9},)*[0-9]{1,9}=>[0-9]{1,9}$" data-error="Wrong definition, please look at description for more details. No comma at ending!" rows="5" name="grouptime" maxlength="5000" required><?php echo $config['grouptime']; ?></textarea>
<div class="required-icon"><div class="text">*</div></div>
<div class="help-block with-errors"></div>
</div>
@@ -193,10 +243,28 @@ if (isset($_POST['update']) && $_SESSION['username'] == $webuser && $_SESSION['p
</div>
</div>
</div>
<div class="row">&nbsp;</div>
<div class="row">&nbsp;</div>
<div class="form-group">
<label class="col-sm-4 control-label" data-toggle="modal" data-target="#wiverifydesc"><?php echo $lang['wiverify']; ?><i class="help-hover glyphicon glyphicon-question-sign"></i></label>
<div class="col-sm-8">
<input type="text" class="form-control" name="registercid" value="<?php echo $registercid; ?>">
<script>
$("input[name='registercid']").TouchSpin({
min: 0,
max: 16777215,
verticalbuttons: true,
prefix: 'ID:'
});
</script>
</div>
</div>
<div class="row">&nbsp;</div>
<div class="row">&nbsp;</div>
<div class="form-group">
<label class="col-sm-4 control-label" data-toggle="modal" data-target="#wiboostdesc"><?php echo $lang['wiboost']; ?><i class="help-hover glyphicon glyphicon-question-sign"></i></label>
<div class="col-sm-8">
<textarea class="form-control" data-pattern="^([1-9][0-9]{0,9}=>[0-9]{0,9}=>[1-9][0-9]{0,9},)*[1-9][0-9]{0,9}=>[0-9]{0,9}=>[1-9][0-9]{0,9}$" data-error="Wrong definition, please look at description for more details. No comma at ending!" rows="5" name="boost" maxlength="999"><?php echo $config[0]['boost']; ?></textarea>
<textarea class="form-control" data-pattern="^([1-9][0-9]{0,9}=>[0-9]{0,9}=>[1-9][0-9]{0,9},)*[1-9][0-9]{0,9}=>[0-9]{0,9}=>[1-9][0-9]{0,9}$" data-error="Wrong definition, please look at description for more details. No comma at ending!" rows="5" name="boost" maxlength="999"><?php echo $config['boost']; ?></textarea>
<div class="help-block with-errors"></div>
</div>
</div>
@@ -374,6 +442,22 @@ if (isset($_POST['update']) && $_SESSION['username'] == $webuser && $_SESSION['p
</div>
</div>
</div>
<div class="modal fade" id="wiverifydesc" tabindex="-1">
<div class="modal-dialog">
<div class="modal-content">
<div class="modal-header">
<button type="button" class="close" data-dismiss="modal" aria-label="Close"><span aria-hidden="true">&times;</span></button>
<h4 class="modal-title"><?php echo $lang['wiverify']; ?></h4>
</div>
<div class="modal-body">
<?php echo $lang['wiverifydesc']; ?>
</div>
<div class="modal-footer">
<button type="button" class="btn btn-default" data-dismiss="modal"><?PHP echo $lang['stnv0002']; ?></button>
</div>
</div>
</div>
</div>
<div class="modal fade" id="wiboostdesc" tabindex="-1">
<div class="modal-dialog">
<div class="modal-content">

19
webinterface/db.php
View File

@@ -21,28 +21,19 @@ function getclientip() {
}
if (isset($_POST['logout'])) {
$_SESSION = array();
session_destroy();
if($_SERVER['HTTPS'] == "on") {
header("Location: https://".$_SERVER['HTTP_HOST'].rtrim(dirname($_SERVER['PHP_SELF']), '/\\'));
} else {
header("Location: http://".$_SERVER['HTTP_HOST'].rtrim(dirname($_SERVER['PHP_SELF']), '/\\'));
}
rem_session_ts3($rspathhex);
header("Location: //".$_SERVER['HTTP_HOST'].rtrim(dirname($_SERVER['PHP_SELF']), '/\\'));
exit;
}
if (!isset($_SESSION['username']) || $_SESSION['username'] != $webuser || $_SESSION['password'] != $webpass || $_SESSION['clientip'] != getclientip()) {
if($_SERVER['HTTPS'] == "on") {
header("Location: https://".$_SERVER['HTTP_HOST'].rtrim(dirname($_SERVER['PHP_SELF']), '/\\'));
} else {
header("Location: http://".$_SERVER['HTTP_HOST'].rtrim(dirname($_SERVER['PHP_SELF']), '/\\'));
}
if (!isset($_SESSION[$rspathhex.'username']) || $_SESSION[$rspathhex.'username'] != $webuser || $_SESSION[$rspathhex.'password'] != $webpass || $_SESSION[$rspathhex.'clientip'] != getclientip()) {
header("Location: //".$_SERVER['HTTP_HOST'].rtrim(dirname($_SERVER['PHP_SELF']), '/\\'));
exit;
}
require_once('nav.php');
if (isset($_POST['update']) && $_SESSION['username'] == $webuser && $_SESSION['password'] == $webpass && $_SESSION['clientip'] == getclientip()) {
if (isset($_POST['update']) && $_SESSION[$rspathhex.'username'] == $webuser && $_SESSION[$rspathhex.'password'] == $webpass && $_SESSION[$rspathhex.'clientip'] == getclientip()) {
$newconfig='<?php
$db[\'type\']="'.$_POST['dbtype'].'";
$db[\'host\']="'.$_POST['dbhost'].'";

24
webinterface/index.php
View File

@@ -67,22 +67,18 @@ if(($last_access[0]['last_access'] + 1) >= time()) {
$err_msg = sprintf($lang['errlogin2'],$again);
$err_lvl = 3;
} elseif ($last_access[0]['count_access'] >= 10) {
enter_logfile($logpath,$timezone,3,"Much incorrect logins detected on the webinterface. Blocked login for 300 seconds! Last access from IP ".getclientip().".");
enter_logfile($logpath,$timezone,3,sprintf($lang['brute'], getclientip()));
$err_msg = $lang['errlogin3'];
$err_lvl = 3;
$bantime = time() + 299;
if($mysqlcon->exec("UPDATE $dbname.config SET last_access='$bantime', count_access='0'") === false) { }
} elseif (isset($_POST['username']) && $_POST['username'] == $webuser && password_verify($_POST['password'], $webpass)) {
$_SESSION['username'] = $webuser;
$_SESSION['password'] = $webpass;
$_SESSION['clientip'] = getclientip();
$_SESSION['newversion'] = $newversion;
$_SESSION[$rspathhex.'username'] = $webuser;
$_SESSION[$rspathhex.'password'] = $webpass;
$_SESSION[$rspathhex.'clientip'] = getclientip();
$_SESSION[$rspathhex.'newversion'] = $newversion;
if($mysqlcon->exec("UPDATE $dbname.config SET count_access='0'") === false) { }
if($_SERVER['HTTPS'] == "on") {
header("Location: https://".$_SERVER['HTTP_HOST'].rtrim(dirname($_SERVER['PHP_SELF']), '/\\')."/ts.php");
} else {
header("Location: http://".$_SERVER['HTTP_HOST'].rtrim(dirname($_SERVER['PHP_SELF']), '/\\')."/ts.php");
}
header("Location: //".$_SERVER['HTTP_HOST'].rtrim(dirname($_SERVER['PHP_SELF']), '/\\')."/bot.php");
exit;
} elseif(isset($_POST['username'])) {
$nowtime = time();
@@ -91,12 +87,8 @@ if(($last_access[0]['last_access'] + 1) >= time()) {
$err_lvl = 3;
}
if(isset($_SESSION['username']) && $_SESSION['username'] == $webuser && $_SESSION['password'] == $webpass) {
if($_SERVER['HTTPS'] == "on") {
header("Location: https://".$_SERVER['HTTP_HOST'].rtrim(dirname($_SERVER['PHP_SELF']), '/\\')."/ts.php");
} else {
header("Location: http://".$_SERVER['HTTP_HOST'].rtrim(dirname($_SERVER['PHP_SELF']), '/\\')."/ts.php");
}
if(isset($_SESSION[$rspathhex.'username']) && $_SESSION[$rspathhex.'username'] == $webuser && $_SESSION[$rspathhex.'password'] == $webpass) {
header("Location: //".$_SERVER['HTTP_HOST'].rtrim(dirname($_SERVER['PHP_SELF']), '/\\')."/bot.php");
}
require_once('nav.php');

19
webinterface/msg.php
View File

@@ -21,28 +21,19 @@ function getclientip() {
}
if (isset($_POST['logout'])) {
$_SESSION = array();
session_destroy();
if($_SERVER['HTTPS'] == "on") {
header("Location: https://".$_SERVER['HTTP_HOST'].rtrim(dirname($_SERVER['PHP_SELF']), '/\\'));
} else {
header("Location: http://".$_SERVER['HTTP_HOST'].rtrim(dirname($_SERVER['PHP_SELF']), '/\\'));
}
rem_session_ts3($rspathhex);
header("Location: //".$_SERVER['HTTP_HOST'].rtrim(dirname($_SERVER['PHP_SELF']), '/\\'));
exit;
}
if (!isset($_SESSION['username']) || $_SESSION['username'] != $webuser || $_SESSION['password'] != $webpass || $_SESSION['clientip'] != getclientip()) {
if($_SERVER['HTTPS'] == "on") {
header("Location: https://".$_SERVER['HTTP_HOST'].rtrim(dirname($_SERVER['PHP_SELF']), '/\\'));
} else {
header("Location: http://".$_SERVER['HTTP_HOST'].rtrim(dirname($_SERVER['PHP_SELF']), '/\\'));
}
if (!isset($_SESSION[$rspathhex.'username']) || $_SESSION[$rspathhex.'username'] != $webuser || $_SESSION[$rspathhex.'password'] != $webpass || $_SESSION[$rspathhex.'clientip'] != getclientip()) {
header("Location: //".$_SERVER['HTTP_HOST'].rtrim(dirname($_SERVER['PHP_SELF']), '/\\'));
exit;
}
require_once('nav.php');
if (isset($_POST['update']) && $_SESSION['username'] == $webuser && $_SESSION['password'] == $webpass && $_SESSION['clientip'] == getclientip()) {
if (isset($_POST['update']) && $_SESSION[$rspathhex.'username'] == $webuser && $_SESSION[$rspathhex.'password'] == $webpass && $_SESSION[$rspathhex.'clientip'] == getclientip()) {
$rankupmsg = addslashes($_POST['rankupmsg']);
$servernews = addslashes($_POST['servernews']);
$nextupinfomsg1 = addslashes($_POST['nextupinfomsg1']);

23
webinterface/nav.php
View File

@@ -1,3 +1,12 @@
<?PHP
$job_check = $mysqlcon->query("SELECT * FROM $dbname.job_check")->fetchAll(PDO::FETCH_UNIQUE|PDO::FETCH_ASSOC);
if((time() - $job_check['last_update']['timestamp']) < 259200 && !isset($_SESSION[$rspathhex.'upinfomsg'])) {
if(!isset($err_msg)) {
$err_msg = '<i class="fa fa-fw fa-info-circle"></i>&nbsp;'.sprintf($lang['upinf2'], date("Y-m-d H:i",$job_check['last_update']['timestamp']), '<a href="//ts-n.net/ranksystem.php?changelog" target="_blank"><i class="fa fa-fw fa-book"></i>&nbsp;', '</a>'); $err_lvl = 1;
$_SESSION[$rspathhex.'upinfomsg'] = 1;
}
}
?>
<!DOCTYPE html>
<html lang="<?PHP echo $language; ?>">
<head>
@@ -35,8 +44,8 @@
<nav class="navbar navbar-inverse navbar-fixed-top">
<div class="navbar-header">
<a class="navbar-brand" href="index.php">TSN Ranksystem - Webinterface <?PHP echo $currvers;?></a>
<?PHP if(isset($_SESSION['newversion']) && version_compare(substr($_SESSION['newversion'], 0, 5), substr($currvers, 0, 5), '>') && $_SESSION['newversion'] != '') {
echo '<a class="navbar-brand" href="http://ts-n.net/ranksystem.php" target="_blank">'.$lang['winav9'].' ['.$_SESSION['newversion'].']</a>';
<?PHP if(isset($_SESSION[$rspathhex.'newversion']) && version_compare(substr($_SESSION[$rspathhex.'newversion'], 0, 5), substr($currvers, 0, 5), '>') && $_SESSION[$rspathhex.'newversion'] != '') {
echo '<a class="navbar-brand" href="//ts-n.net/ranksystem.php?changelog" target="_blank">'.$lang['winav9'].' ['.$_SESSION[$rspathhex.'newversion'].']</a>';
} ?>
</div>
<?PHP if(basename($_SERVER['SCRIPT_NAME']) == "stats.php") { ?>
@@ -50,8 +59,12 @@
<?PHP } ?>
<ul class="nav navbar-right top-nav">
<?PHP
echo '<li><a href="http',(!empty($_SERVER['HTTPS'])?'s':''),'://',$_SERVER['SERVER_NAME'],substr(dirname($_SERVER['SCRIPT_NAME']),0,-12),'stats/"><i class="fa fa-fw fa-bar-chart"></i>&nbsp;',$lang['winav6'],'</a></li>';
if(isset($_SESSION['username']) && $_SESSION['username'] == $webuser && $_SESSION['password'] == $webpass) { ?>
if($_SERVER['SERVER_PORT'] == 443 || $_SERVER['SERVER_PORT'] == 80) {
echo '<li><a href="//',$_SERVER['SERVER_NAME'],substr(dirname($_SERVER['SCRIPT_NAME']),0,-12),'stats/"><i class="fa fa-fw fa-bar-chart"></i>&nbsp;',$lang['winav6'],'</a></li>';
} else {
echo '<li><a href="//',$_SERVER['SERVER_NAME'],':',$_SERVER['SERVER_PORT'],substr(dirname($_SERVER['SCRIPT_NAME']),0,-12),'stats/"><i class="fa fa-fw fa-bar-chart"></i>&nbsp;',$lang['winav6'],'</a></li>';
}
if(isset($_SESSION[$rspathhex.'username']) && $_SESSION[$rspathhex.'username'] == $webuser && $_SESSION[$rspathhex.'password'] == $webpass) { ?>
<li>
<a href="changepassword.php"><i class="fa fa-lock"></i>&nbsp;<?PHP echo $lang['pass2']; ?></a>
</li>
@@ -142,7 +155,7 @@
</div>
</nav>
<?PHP
if($adminuuid==NULL && $_SESSION['username'] == $webuser && !isset($err_msg)) {
if($adminuuid==NULL && $_SESSION[$rspathhex.'username'] == $webuser && !isset($err_msg)) {
$err_msg = $lang['winav11']; $err_lvl = 3;
}

28
webinterface/other.php
View File

@@ -21,28 +21,19 @@ function getclientip() {
}
if (isset($_POST['logout'])) {
$_SESSION = array();
session_destroy();
if($_SERVER['HTTPS'] == "on") {
header("Location: https://".$_SERVER['HTTP_HOST'].rtrim(dirname($_SERVER['PHP_SELF']), '/\\'));
} else {
header("Location: http://".$_SERVER['HTTP_HOST'].rtrim(dirname($_SERVER['PHP_SELF']), '/\\'));
}
rem_session_ts3($rspathhex);
header("Location: //".$_SERVER['HTTP_HOST'].rtrim(dirname($_SERVER['PHP_SELF']), '/\\'));
exit;
}
if (!isset($_SESSION['username']) || $_SESSION['username'] != $webuser || $_SESSION['password'] != $webpass || $_SESSION['clientip'] != getclientip()) {
if($_SERVER['HTTPS'] == "on") {
header("Location: https://".$_SERVER['HTTP_HOST'].rtrim(dirname($_SERVER['PHP_SELF']), '/\\'));
} else {
header("Location: http://".$_SERVER['HTTP_HOST'].rtrim(dirname($_SERVER['PHP_SELF']), '/\\'));
}
if (!isset($_SESSION[$rspathhex.'username']) || $_SESSION[$rspathhex.'username'] != $webuser || $_SESSION[$rspathhex.'password'] != $webpass || $_SESSION[$rspathhex.'clientip'] != getclientip()) {
header("Location: //".$_SERVER['HTTP_HOST'].rtrim(dirname($_SERVER['PHP_SELF']), '/\\'));
exit;
}
require_once('nav.php');
if (isset($_POST['update']) && $_SESSION['username'] == $webuser && $_SESSION['password'] == $webpass && $_SESSION['clientip'] == getclientip()) {
if (isset($_POST['update']) && $_SESSION[$rspathhex.'username'] == $webuser && $_SESSION[$rspathhex.'password'] == $webpass && $_SESSION[$rspathhex.'clientip'] == getclientip()) {
$timezone = $_POST['timezone'];
$timeformat = $_POST['dateformat'];
$logpath = addslashes($_POST['logpath']);
@@ -60,7 +51,8 @@ if (isset($_POST['update']) && $_SESSION['username'] == $webuser && $_SESSION['p
$err_lvl = NULL;
}
$logpath = $_POST['logpath'];
$config[0]['uniqueid'] = $_POST['uniqueid'];
$config['uniqueid'] = $_POST['uniqueid'];
$config['adminuuid'] = $_POST['adminuuid'];
}
?>
<div id="page-wrapper">
@@ -130,8 +122,8 @@ if (isset($_POST['update']) && $_SESSION['username'] == $webuser && $_SESSION['p
<div class="form-group">
<label class="col-sm-4 control-label" data-toggle="modal" data-target="#wiadmuuiddesc"><?php echo $lang['wiadmuuid']; ?><i class="help-hover glyphicon glyphicon-question-sign"></i></label>
<div class="col-sm-8 required-field-block">
<input type="text" class="form-control" data-pattern="^([A-Za-z0-9\\\/\+]{27}=)$" data-error="Check the entered unique ID!" name="adminuuid" value="<?php echo $adminuuid; ?>" required>
<div class="help-block with-errors"></div>
<textarea class="form-control" data-pattern="^([A-Za-z0-9\\\/\+]{27}=,)*([A-Za-z0-9\\\/\+]{27}=)$" data-error="Check all unique IDs are correct and your list do not ends with a comma!" rows="1" name="adminuuid" maxlength="500"><?php echo $config['adminuuid']; ?></textarea>
<div class="help-block with-errors"></div>
<div class="required-icon"><div class="text">*</div></div>
</div>
</div>
@@ -164,7 +156,7 @@ if (isset($_POST['update']) && $_SESSION['username'] == $webuser && $_SESSION['p
<div class="form-group">
<label class="col-sm-4 control-label" data-toggle="modal" data-target="#wiupuiddesc"><?php echo $lang['wiupuid']; ?><i class="help-hover glyphicon glyphicon-question-sign"></i></label>
<div class="col-sm-8">
<textarea class="form-control" data-pattern="^([A-Za-z0-9\\\/\+]{27}=,)*([A-Za-z0-9\\\/\+]{27}=)$" data-error="Check all unique IDs are correct and your list do not ends with a comma!" rows="1" name="uniqueid" maxlength="500"><?php echo $config[0]['uniqueid']; ?></textarea>
<textarea class="form-control" data-pattern="^([A-Za-z0-9\\\/\+]{27}=,)*([A-Za-z0-9\\\/\+]{27}=)$" data-error="Check all unique IDs are correct and your list do not ends with a comma!" rows="1" name="uniqueid" maxlength="500"><?php echo $config['uniqueid']; ?></textarea>
<div class="help-block with-errors"></div>
</div>
</div>

7
webinterface/resetpassword.php
View File

@@ -66,7 +66,7 @@ if (($last_access[0]['last_access'] + 1) >= time()) {
$again = $last_access[0]['last_access'] + 2 - time();
$err_msg = sprintf($lang['errlogin2'],$again);
$err_lvl = 3;
} elseif (isset($_POST['resetpw']) && $adminuuid==NULL) {
} elseif (isset($_POST['resetpw']) && ($adminuuid==NULL || count($adminuuid) == 0)) {
$err_msg = $lang['wirtpw1']; $err_lvl=3;
} elseif (isset($_POST['resetpw'])) {
$nowtime = time();
@@ -83,9 +83,10 @@ if (($last_access[0]['last_access'] + 1) >= time()) {
usleep($slowmode);
$allclients = $ts3->clientList();
$adminuuid_flipped = array_flip($adminuuid);
foreach ($allclients as $client) {
if($client['client_unique_identifier'] == $adminuuid) {
if(in_array($client['client_unique_identifier'] , $adminuuid)) {
$uuid = $client['client_unique_identifier'];
$checkuuid = 1;
if($client['connection_client_ip'] == getclientip()) {

19
webinterface/stats.php
View File

@@ -21,28 +21,19 @@ function getclientip() {
}
if (isset($_POST['logout'])) {
$_SESSION = array();
session_destroy();
if($_SERVER['HTTPS'] == "on") {
header("Location: https://".$_SERVER['HTTP_HOST'].rtrim(dirname($_SERVER['PHP_SELF']), '/\\'));
} else {
header("Location: http://".$_SERVER['HTTP_HOST'].rtrim(dirname($_SERVER['PHP_SELF']), '/\\'));
}
rem_session_ts3($rspathhex);
header("Location: //".$_SERVER['HTTP_HOST'].rtrim(dirname($_SERVER['PHP_SELF']), '/\\'));
exit;
}
if (!isset($_SESSION['username']) || $_SESSION['username'] != $webuser || $_SESSION['password'] != $webpass || $_SESSION['clientip'] != getclientip()) {
if($_SERVER['HTTPS'] == "on") {
header("Location: https://".$_SERVER['HTTP_HOST'].rtrim(dirname($_SERVER['PHP_SELF']), '/\\'));
} else {
header("Location: http://".$_SERVER['HTTP_HOST'].rtrim(dirname($_SERVER['PHP_SELF']), '/\\'));
}
if (!isset($_SESSION[$rspathhex.'username']) || $_SESSION[$rspathhex.'username'] != $webuser || $_SESSION[$rspathhex.'password'] != $webpass || $_SESSION[$rspathhex.'clientip'] != getclientip()) {
header("Location: //".$_SERVER['HTTP_HOST'].rtrim(dirname($_SERVER['PHP_SELF']), '/\\'));
exit;
}
require_once('nav.php');
if (isset($_POST['update']) && $_SESSION['username'] == $webuser && $_SESSION['password'] == $webpass && $_SESSION['clientip'] == getclientip()) {
if (isset($_POST['update']) && $_SESSION[$rspathhex.'username'] == $webuser && $_SESSION[$rspathhex.'password'] == $webpass && $_SESSION[$rspathhex.'clientip'] == getclientip()) {
if (isset($_POST['showexcld'])) $showexcld = 1; else $showexcld = 0;
if (isset($_POST['showcolrg'])) $showcolrg = 1; else $showcolrg = 0;

42
webinterface/ts.php
View File

@@ -21,28 +21,19 @@ function getclientip() {
}
if (isset($_POST['logout'])) {
$_SESSION = array();
session_destroy();
if($_SERVER['HTTPS'] == "on") {
header("Location: https://".$_SERVER['HTTP_HOST'].rtrim(dirname($_SERVER['PHP_SELF']), '/\\'));
} else {
header("Location: http://".$_SERVER['HTTP_HOST'].rtrim(dirname($_SERVER['PHP_SELF']), '/\\'));
}
rem_session_ts3($rspathhex);
header("Location: //".$_SERVER['HTTP_HOST'].rtrim(dirname($_SERVER['PHP_SELF']), '/\\'));
exit;
}
if (!isset($_SESSION['username']) || $_SESSION['username'] != $webuser || $_SESSION['password'] != $webpass || $_SESSION['clientip'] != getclientip()) {
if($_SERVER['HTTPS'] == "on") {
header("Location: https://".$_SERVER['HTTP_HOST'].rtrim(dirname($_SERVER['PHP_SELF']), '/\\'));
} else {
header("Location: http://".$_SERVER['HTTP_HOST'].rtrim(dirname($_SERVER['PHP_SELF']), '/\\'));
}
if (!isset($_SESSION[$rspathhex.'username']) || $_SESSION[$rspathhex.'username'] != $webuser || $_SESSION[$rspathhex.'password'] != $webpass || $_SESSION[$rspathhex.'clientip'] != getclientip()) {
header("Location: //".$_SERVER['HTTP_HOST'].rtrim(dirname($_SERVER['PHP_SELF']), '/\\'));
exit;
}
require_once('nav.php');
if (isset($_POST['update']) && $_SESSION['username'] == $webuser && $_SESSION['password'] == $webpass && $_SESSION['clientip'] == getclientip()) {
if (isset($_POST['update']) && $_SESSION[$rspathhex.'username'] == $webuser && $_SESSION[$rspathhex.'password'] == $webpass && $_SESSION[$rspathhex.'clientip'] == getclientip()) {
$tshost = $_POST['tshost'];
$tsquery = $_POST['tsquery'];
$tsvoice = $_POST['tsvoice'];
@@ -78,16 +69,17 @@ if (isset($_POST['update']) && $_SESSION['username'] == $webuser && $_SESSION['p
</h1>
</div>
</div>
<form class="form-horizontal" name="update" method="POST">
<form class="form-horizontal" data-toggle="validator" name="update" method="POST">
<div class="row">
<div class="col-md-6">
<div class="panel panel-default">
<div class="panel-body">
<div class="form-group">
<div class="form-group required-field-block">
<label class="col-sm-4 control-label" data-toggle="modal" data-target="#wits3hostdesc"><?php echo $lang['wits3host']; ?><i class="help-hover glyphicon glyphicon-question-sign"></i></label>
<div class="col-sm-8 required-field-block">
<input type="text" class="form-control" name="tshost" value="<?php echo $ts['host']; ?>" maxlength="64" required>
<div class="col-sm-8">
<input type="text" class="form-control" data-pattern="^[^.]+[^:]*$" data-error="Do not enter the port inside this field. You should enter the port (e.g. 9987) inside the TS3-Voice-Port!" name="tshost" value="<?php echo $ts['host']; ?>" maxlength="64" required>
<div class="required-icon"><div class="text">*</div></div>
<div class="help-block with-errors"></div>
</div>
</div>
<div class="form-group">
@@ -381,5 +373,19 @@ if (isset($_POST['update']) && $_SESSION['username'] == $webuser && $_SESSION['p
</div>
</div>
</div>
<script>
$('form[data-toggle="validator"]').validator({
custom: {
pattern: function ($el) {
var pattern = new RegExp($el.data('pattern'));
return pattern.test($el.val());
}
},
delay: 100,
errors: {
pattern: "There should be an error in your value, please check all could be right!"
}
});
</script>
</body>
</html>