chown -R www-data:www-data '.$cfg['logs_path'].'
', 'chmod 0740 '.$cfg['logs_path'].'ranksystem.log
', ''.$cfg['logs_path'].'ranksystem.log
');
$err_lvl = 3; $dis_login = 0;
}
if(!is_writable($cfg['logs_path'])) {
$err_msg = sprintf($lang['chkfileperm'], 'chown -R www-data:www-data '.$cfg['logs_path'].'
', 'chmod 0740 '.$cfg['logs_path'].'
', ''.$cfg['logs_path'].'
');
$err_lvl = 3; $dis_login = 0;
}
if(!function_exists('exec')) {
unset($err_msg); $err_msg = sprintf($lang['insterr3'],'exec','//php.net/manual/en/book.exec.php',get_cfg_var('cfg_file_path')); $err_lvl = 3; $dis_login = 1;
} else {
exec("$phpcommand -v", $phpversioncheck);
$output = '';
foreach($phpversioncheck as $line) $output .= print_r($line, true).'
';
if(empty($phpversioncheck) || strtoupper(substr($phpversioncheck[0], 0, 3)) != "PHP") {
$err_msg = sprintf($lang['chkphpcmd'], "\"other/phpcommand.php\"", "\"other/phpcommand.php\"", ''.$phpcommand.'
', ''.$output.'
', 'php -v
');
$err_lvl = 3; $dis_login = 1;
} else {
$exploded = explode(' ',$phpversioncheck[0]);
if($exploded[1] != phpversion()) {
$err_msg = sprintf($lang['chkphpmulti'], phpversion(), "\"other/phpcommand.php\"", $exploded[1], "\"other/phpcommand.php\"", "\"other/phpcommand.php\"", ''.$phpcommand.'
');
if(getenv('PATH')!='') {
$err_msg .= "
".sprintf($lang['chkphpmulti2'], '
'.getenv('PATH'));
}
$err_lvl = 2;
}
}
}
if(!isset($err_msg) && version_compare(PHP_VERSION, '7.2.0', '<')) {
$err_msg = "Your PHP Version: (".PHP_VERSION.") is outdated and no longer supported. Please update it!";
$err_lvl = 2;
}
if(($cfg['webinterface_access_last'] + 1) >= time()) {
$waittime = $cfg['webinterface_access_last'] + 2 - time();
$err_msg = sprintf($lang['errlogin2'],$waittime);
$err_lvl = 3;
} elseif ($cfg['webinterface_access_count'] >= 10) {
enter_logfile($cfg,3,sprintf($lang['brute'], getclientip()));
$err_msg = $lang['errlogin3'];
$err_lvl = 3;
$bantime = time() + 299;
if($mysqlcon->exec("INSERT INTO `$dbname`.`cfg_params` (`param`,`value`) VALUES ('webinterface_access_last','{$bantime}'),('webinterface_access_count','0') ON DUPLICATE KEY UPDATE `value`=VALUES(`value`)") === false) { }
} elseif (isset($_POST['username']) && $_POST['username'] == $cfg['webinterface_user'] && password_verify($_POST['password'], $cfg['webinterface_pass'])) {
$_SESSION[$rspathhex.'username'] = $cfg['webinterface_user'];
$_SESSION[$rspathhex.'password'] = $cfg['webinterface_pass'];
$_SESSION[$rspathhex.'clientip'] = getclientip();
$_SESSION[$rspathhex.'newversion'] = $cfg['version_latest_available'];
enter_logfile($cfg,6,sprintf($lang['brute2'], getclientip()));
if($mysqlcon->exec("INSERT INTO `$dbname`.`cfg_params` (`param`,`value`) VALUES ('webinterface_access_count','0') ON DUPLICATE KEY UPDATE `value`=VALUES(`value`)") === false) { }
header("Location: $prot://".$_SERVER['HTTP_HOST'].rtrim(dirname($_SERVER['PHP_SELF']), '/\\')."/bot.php");
exit;
} elseif(isset($_POST['username'])) {
$nowtime = time();
enter_logfile($cfg,5,sprintf($lang['brute1'], getclientip(), htmlspecialchars($_POST['username'])));
$cfg['webinterface_access_count']++;
if($mysqlcon->exec("INSERT INTO `$dbname`.`cfg_params` (`param`,`value`) VALUES ('webinterface_access_last','{$nowtime}'),('webinterface_access_count','{$cfg['webinterface_access_count']}') ON DUPLICATE KEY UPDATE `value`=VALUES(`value`)") === false) { }
$err_msg = $lang['errlogin'];
$err_lvl = 3;
}
if(isset($_SESSION[$rspathhex.'username']) && $_SESSION[$rspathhex.'username'] == $cfg['webinterface_user'] && $_SESSION[$rspathhex.'password'] == $cfg['webinterface_pass']) {
header("Location: $prot://".$_SERVER['HTTP_HOST'].rtrim(dirname($_SERVER['PHP_SELF']), '/\\')."/bot.php");
exit;
}
require_once('_nav.php');
?>