arriej/TSN-Ranksystem
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

release 1.3.9

Browse Source
This commit is contained in:
Newcomer1989
2020-08-03 13:02:27 +02:00
parent 2336177eca
commit d196dfb1f6
62 changed files with 3731 additions and 4211 deletions
Download Patch File Download Diff File Expand all files Collapse all files

63
webinterface/rank.php
View File

@@ -1,49 +1,6 @@
<?PHP
ini_set('session.cookie_httponly', 1);
ini_set('session.use_strict_mode', 1);
if(in_array('sha512', hash_algos())) {
ini_set('session.hash_function', 'sha512');
}
if(isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == "on") {
ini_set('session.cookie_secure', 1);
if(!headers_sent()) {
header("Strict-Transport-Security: max-age=31536000; includeSubDomains; preload;");
}
}
session_start();
require_once('../other/config.php');
function getclientip() {
if (!empty($_SERVER['HTTP_CLIENT_IP']))
return $_SERVER['HTTP_CLIENT_IP'];
elseif(!empty($_SERVER['HTTP_X_FORWARDED_FOR']))
return $_SERVER['HTTP_X_FORWARDED_FOR'];
elseif(!empty($_SERVER['HTTP_X_FORWARDED']))
return $_SERVER['HTTP_X_FORWARDED'];
elseif(!empty($_SERVER['HTTP_FORWARDED_FOR']))
return $_SERVER['HTTP_FORWARDED_FOR'];
elseif(!empty($_SERVER['HTTP_FORWARDED']))
return $_SERVER['HTTP_FORWARDED'];
elseif(!empty($_SERVER['REMOTE_ADDR']))
return $_SERVER['REMOTE_ADDR'];
else
return false;
}
if (isset($_POST['logout'])) {
rem_session_ts3($rspathhex);
header("Location: //".$_SERVER['HTTP_HOST'].rtrim(dirname($_SERVER['PHP_SELF']), '/\\'));
exit;
}
if (!isset($_SESSION[$rspathhex.'username']) || $_SESSION[$rspathhex.'username'] != $cfg['webinterface_user'] || $_SESSION[$rspathhex.'password'] != $cfg['webinterface_pass'] || $_SESSION[$rspathhex.'clientip'] != getclientip()) {
header("Location: //".$_SERVER['HTTP_HOST'].rtrim(dirname($_SERVER['PHP_SELF']), '/\\'));
exit;
}
require_once('nav.php');
$csrf_token = bin2hex(openssl_random_pseudo_bytes(32));
require_once('_preload.php');
require_once('_nav.php');
if ($mysqlcon->exec("INSERT INTO `$dbname`.`csrf_token` (`token`,`timestamp`,`sessionid`) VALUES ('$csrf_token','".time()."','".session_id()."')") === false) {
$err_msg = print_r($mysqlcon->errorInfo(), true);
@@ -223,18 +180,18 @@ if (isset($_POST['update_old']) && isset($db_csrf[$_POST['csrf_token']])) {
<?PHP
foreach ($groupslist as $groupID => $groupParam) {
if ($groupID == $sgroup) $selected=" selected"; else $selected="";
if (isset($groupParam['iconid']) && $groupParam['iconid'] != 0) $iconid=$groupParam['iconid']; else $iconid="placeholder";
if (isset($groupParam['iconid']) && $groupParam['iconid'] != 0) $iconid=$groupParam['iconid']."."; else $iconid="placeholder.png";
if ($groupParam['type'] == 0 || $groupParam['type'] == 2) $disabled=" disabled"; else $disabled="";
if ($groupParam['type'] == 0) $grouptype=" [TEMPLATE GROUP]"; else $grouptype="";
if ($groupParam['type'] == 2) $grouptype=" [QUERY GROUP]";
if ($groupID != 0) {
echo '<option data-content="<img src=\'../tsicons/',$iconid,'.',$groupParam['ext'],'\' width=\'16\' height=\'16\'>&nbsp;&nbsp;',$groupParam['sgidname'],'&nbsp;<span class=\'text-muted small\'>SGID:&nbsp;',$groupID,$grouptype,'</span>" value="',$groupID,'"',$selected,$disabled,'></option>';
echo '<option data-content="<img src=\'../tsicons/',$iconid,$groupParam['ext'],'\' width=\'16\' height=\'16\'>&nbsp;&nbsp;',$groupParam['sgidname'],'&nbsp;<span class=\'text-muted small\'>SGID:&nbsp;',$groupID,$grouptype,'</span>" value="',$groupID,'"',$selected,$disabled,'></option>';
}
}
?>
</select>
</div>
<div class="col-sm-1 text-center delete" name="delete"><i class="fas fa-trash" style="margin-top:10px;cursor:pointer;"></i></div>
<div class="col-sm-1 text-center delete" name="delete"><i class="fas fa-trash" style="margin-top:10px;cursor:pointer;" title="delete line"></i></div>
<div class="col-sm-2"></div>
</div>
<?PHP
@@ -244,7 +201,7 @@ if (isset($_POST['update_old']) && isset($db_csrf[$_POST['csrf_token']])) {
<div class="col-sm-9"></div>
<div class="col-sm-1 text-center">
<span class="d-inline-block" ata-toggle="tooltip" title="Add new line">
<button class="btn btn-primary" style="margin-top: 5px;" type="button"><i class="fas fa-plus"></i></button>
<button class="btn btn-primary" onclick="addrankupgroup()" style="margin-top: 5px;" type="button"><i class="fas fa-plus"></i></button>
</span>
</div>
<div class="col-sm-2"></div>
@@ -356,16 +313,16 @@ $(".rankuptime").TouchSpin({
verticalbuttons: true,
prefix: 'Sec.:'
});
$("#addrankupgroup").click(function(){
function addrankupgroup() {
var $clone = $("div[name='rankupgroup']").last().clone();
$clone.insertBefore("#addrankupgroup");
$clone.find('.bootstrap-select').replaceWith(function() { return $('select', this); });
$clone.find('select').selectpicker('val', '');
$clone.find('.bootstrap-touchspin').replaceWith(function() { return $('input', this); });;
$clone.find('input').TouchSpin({min: 0,max: 999999999,verticalbuttons: true,prefix: 'Sec.:'});
$clone.find('input').trigger("touchspin.uponce");
$("input[name='rankuptime[]']").last().TouchSpin({min: 0,max: 999999999,verticalbuttons: true,prefix: 'Sec.:'});
$("input[name='rankuptime[]']").last().trigger("touchspin.uponce");
$('.delete').removeClass("hidden");
});
};
$(document).on("click", ".delete", function(){
var $number = $('.delete').length;
if($number == 1) {