arriej/TSN-Ranksystem
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

release 1.2.12

Browse Source
This commit is contained in:
Newcomer1989
2019-02-24 02:49:55 +01:00
parent ce3c88d833
commit 357a38dbf8
57 changed files with 2054 additions and 1134 deletions
Download Patch File Download Diff File Expand all files Collapse all files

64
webinterface/resetpassword.php
View File

@@ -15,8 +15,8 @@ session_start();
require_once('../other/config.php');
require_once('../other/phpcommand.php');
function enter_logfile($logpath,$timezone,$loglevel,$logtext) {
$file = $logpath.'ranksystem.log';
function enter_logfile($cfg,$loglevel,$logtext,$norotate = false) {
$file = $cfg['logs_path'].'ranksystem.log';
if ($loglevel == 1) {
$loglevel = " CRITICAL ";
} elseif ($loglevel == 2) {
@@ -27,27 +27,22 @@ function enter_logfile($logpath,$timezone,$loglevel,$logtext) {
$loglevel = " NOTICE ";
} elseif ($loglevel == 5) {
$loglevel = " INFO ";
} elseif ($loglevel == 6) {
$loglevel = " DEBUG ";
}
$input = DateTime::createFromFormat('U.u', number_format(microtime(true), 6, '.', ''))->setTimeZone(new DateTimeZone($timezone))->format("Y-m-d H:i:s.u ").$loglevel.$logtext."\n";
$loghandle = fopen($file, 'a');
fwrite($loghandle, $input);
if (filesize($file) > 5242880) {
fwrite($loghandle, DateTime::createFromFormat('U.u', number_format(microtime(true), 6, '.', ''))->setTimeZone(new DateTimeZone($timezone))->format("Y-m-d H:i:s.u ")." NOTICE Logfile filesie of 5 MiB reached.. Rotate logfile.\n");
fwrite($loghandle, DateTime::createFromFormat('U.u', number_format(microtime(true), 6, '.', ''))->setTimeZone(new DateTimeZone($timezone))->format("Y-m-d H:i:s.u ")." NOTICE Restart Bot to continue with new log file...\n");
fwrite($loghandle, DateTime::createFromFormat('U.u', number_format(microtime(true), 6, '.', ''))->setTimeZone(new DateTimeZone($cfg['logs_timezone']))->format("Y-m-d H:i:s.u ").$loglevel.$logtext."\n");
fclose($loghandle);
if($norotate == false && filesize($file) > 5242880) {
$loghandle = fopen($file, 'a');
fwrite($loghandle, DateTime::createFromFormat('U.u', number_format(microtime(true), 6, '.', ''))->setTimeZone(new DateTimeZone($cfg['logs_timezone']))->format("Y-m-d H:i:s.u ")." NOTICE Logfile filesie of 5 MiB reached.. Rotate logfile.\n");
fclose($loghandle);
$file2 = "$file.old";
if (file_exists($file2)) unlink($file2);
rename($file, $file2);
if (substr(php_uname(), 0, 7) == "Windows") {
exec("del /F ".substr(__DIR__,0,-12).'logs/pid');
$WshShell = new COM("WScript.Shell");
$oExec = $WshShell->Run("cmd /C ".$phpcommand." ".substr(__DIR__,0,-12)."worker.php start", 0, false);
exit;
} else {
exec("rm -f ".substr(__DIR__,0,-12).'logs/pid');
exec($phpcommand." ".substr(__DIR__,0,-12)."worker.php start");
exit;
}
$loghandle = fopen($file, 'a');
fwrite($loghandle, DateTime::createFromFormat('U.u', number_format(microtime(true), 6, '.', ''))->setTimeZone(new DateTimeZone($cfg['logs_timezone']))->format("Y-m-d H:i:s.u ")." NOTICE Rotated logfile...\n");
fclose($loghandle);
}
}
@@ -68,7 +63,7 @@ function getclientip() {
return false;
}
if(($last_access = $mysqlcon->query("SELECT `last_access`,`count_access` FROM `$dbname`.`config`")->fetchAll()) === false) {
if ($last_access = $mysqlcon->query("SELECT * FROM `$dbname`.`cfg_params` WHERE `param` IN ('webinterface_access_last','webinterface_access_count')")->fetchAll(PDO::FETCH_KEY_PAIR) === false) {
$err_msg .= print_r($mysqlcon->errorInfo(), true);
}
@@ -85,49 +80,48 @@ if (($db_csrf = $mysqlcon->query("SELECT * FROM `$dbname`.`csrf_token` WHERE `se
$err_lvl = 3;
}
if (($last_access[0]['last_access'] + 1) >= time()) {
$again = $last_access[0]['last_access'] + 2 - time();
if (($last_access['webinterface_access_last'] + 1) >= time()) {
$again = $last_access['webinterface_access_last'] + 2 - time();
$err_msg = sprintf($lang['errlogin2'],$again);
$err_lvl = 3;
} elseif (isset($_POST['resetpw']) && isset($db_csrf[$_POST['csrf_token']]) && ($adminuuid==NULL || count($adminuuid) == 0)) {
} elseif (isset($_POST['resetpw']) && isset($db_csrf[$_POST['csrf_token']]) && ($cfg['webinterface_admin_client_unique_id_list']==NULL || count($cfg['webinterface_admin_client_unique_id_list']) == 0)) {
$err_msg = $lang['wirtpw1']; $err_lvl=3;
} elseif (isset($_POST['resetpw']) && isset($db_csrf[$_POST['csrf_token']])) {
$nowtime = time();
if($mysqlcon->exec("UPDATE `$dbname`.`config` SET `last_access`='$nowtime',`count_access`=`count_access` + 1") === false) { }
$newcount = $last_access['webinterface_access_count'] + 1;
if($mysqlcon->exec("INSERT INTO `$dbname`.`cfg_params` (`param`,`value`) VALUES ('webinterface_access_last','{$nowtime}'),('webinterface_access_count','{$newcount}') ON DUPLICATE KEY UPDATE `value`=VALUES(`value`)") === false) { }
require_once(substr(__DIR__,0,-12).'libs/ts3_lib/TeamSpeak3.php');
try {
if($ts['tsencrypt'] == 1) {
$ts3 = TeamSpeak3::factory("serverquery://".rawurlencode($ts['user']).":".rawurlencode($ts['pass'])."@".$ts['host'].":".$ts['query']."/?server_port=".$ts['voice']."&ssh=1");
if($cfg['teamspeak_query_encrypt_switch'] == 1) {
$ts3 = TeamSpeak3::factory("serverquery://".rawurlencode($cfg['teamspeak_query_user']).":".rawurlencode($cfg['teamspeak_query_pass'])."@".$cfg['teamspeak_host_address'].":".$cfg['teamspeak_query_port']."/?server_port=".$cfg['teamspeak_voice_port']."&ssh=1");
} else {
$ts3 = TeamSpeak3::factory("serverquery://".rawurlencode($ts['user']).":".rawurlencode($ts['pass'])."@".$ts['host'].":".$ts['query']."/?server_port=".$ts['voice']."&blocking=0");
$ts3 = TeamSpeak3::factory("serverquery://".rawurlencode($cfg['teamspeak_query_user']).":".rawurlencode($cfg['teamspeak_query_pass'])."@".$cfg['teamspeak_host_address'].":".$cfg['teamspeak_query_port']."/?server_port=".$cfg['teamspeak_voice_port']."&blocking=0");
}
try {
usleep($slowmode);
usleep($cfg['teamspeak_query_command_delay']);
$ts3->selfUpdate(array('client_nickname' => "Ranksystem - Reset Password"));
} catch (Exception $e) { }
usleep($slowmode);
usleep($cfg['teamspeak_query_command_delay']);
$allclients = $ts3->clientList();
$adminuuid_flipped = array_flip($adminuuid);
$pwd = substr(str_shuffle("abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789#*+;:-_~?=%&$<24>!()"),0,12);
$webpass = password_hash($pwd, PASSWORD_DEFAULT);
$cfg['webinterface_pass'] = password_hash($pwd, PASSWORD_DEFAULT);
foreach ($allclients as $client) {
if(in_array($client['client_unique_identifier'] , $adminuuid)) {
if(in_array($client['client_unique_identifier'] , $cfg['webinterface_admin_client_unique_id_list'])) {
$checkuuid = 1;
if($client['connection_client_ip'] == getclientip()) {
$checkip = 1;
if($mysqlcon->exec("UPDATE `$dbname`.`config` SET `webpass`='$webpass',`last_access`='0'") === false) {
if($mysqlcon->exec("INSERT INTO `$dbname`.`cfg_params` (`param`,`value`) VALUES ('webinterface_pass','{$cfg['webinterface_pass']}'),('webinterface_access_last','0') ON DUPLICATE KEY UPDATE `value`=VALUES(`value`)") === false) {
$err_msg = $lang['isntwidbmsg'].print_r($mysqlcon->errorInfo(), true); $err_lvl = 3;
} else {
try {
usleep($slowmode);
$ts3->clientGetByUid($client['client_unique_identifier'])->message(sprintf($lang['wirtpw4'], $webuser, $pwd, '[URL=http'.(!empty($_SERVER['HTTPS'])?"s":"").'://'.$_SERVER['SERVER_NAME'].dirname($_SERVER['SCRIPT_NAME']).']','[/URL]'));
usleep($cfg['teamspeak_query_command_delay']);
$ts3->clientGetByUid($client['client_unique_identifier'])->message(sprintf($lang['wirtpw4'], $cfg['webinterface_user'], $pwd, '[URL=http'.(!empty($_SERVER['HTTPS'])?"s":"").'://'.$_SERVER['SERVER_NAME'].dirname($_SERVER['SCRIPT_NAME']).']','[/URL]'));
$err_msg = sprintf($lang['wirtpw5'],'<a href="http'.(!empty($_SERVER['HTTPS'])?"s":"").'://'.$_SERVER['SERVER_NAME'].dirname($_SERVER['SCRIPT_NAME']).'/">','</a>'); $err_lvl = 1;
enter_logfile($logpath,$timezone,3,sprintf($lang['wirtpw6'],getclientip()));
enter_logfile($cfg,3,sprintf($lang['wirtpw6'],getclientip()));
} catch (Exception $e) {
$err_msg = $lang['errorts3'].$e->getCode().': '.$e->getMessage(); $err_lvl = 3;
}