Skip to content
Permalink
Browse files Browse the repository at this point in the history
protection against sql injections
  • Loading branch information
GGGGGGGG committed Dec 20, 2017
1 parent a2ed9d4 commit 3a4c7e6
Show file tree
Hide file tree
Showing 2 changed files with 42 additions and 37 deletions.
1 change: 0 additions & 1 deletion common/config.php
Expand Up @@ -6,7 +6,6 @@
$config['db']['database'] = "masterserver";
$config['db']['patchesdb'] = "patches";
$config['hash'] = "abcdefgh";
$config['isProxy'] = True;
$config['public_url'] = "s2.michaelk.ch.localhost";
$patchesdbcon = NULL;
$dbcon = NULL;
Expand Down
78 changes: 42 additions & 36 deletions public_html/irc_updater/svr_request_pub.php
Expand Up @@ -30,25 +30,26 @@ function handle_get_online()
/* Add a server */
function handle_set_online()
{
global $dbcon;

/* Sanitize input */
$ip = $_SERVER["REMOTE_ADDR"];
$port = intval(post_input("port"));
$num_conn = intval(post_input("num_conn"));
$max_conn = intval(post_input("num_max"));
$name = post_input("name");
$desc = post_input("desc");
$status = post_input("status");
$minkarma = post_input("minkarma");
$location = post_input("location");
$cgt = post_input("cgt");
$next_map = post_input("next_map");
$map = post_input("map");
$login = post_input("login");
$pass = post_input("pass");
$minlevel = intval(post_input("minlevel"));
$maxlevel = intval(post_input("maxlevel"));
$ip = mysqli_real_escape_string($dbcon, $_SERVER["REMOTE_ADDR"]);
$port = mysqli_real_escape_string($dbcon,intval(post_input("port")));
$num_conn = mysqli_real_escape_string($dbcon, intval(post_input("num_conn")));
$max_conn = mysqli_real_escape_string($dbcon, intval(post_input("num_max")));
$name = mysqli_real_escape_string($dbcon, post_input("name"));
$desc = mysqli_real_escape_string($dbcon, post_input("desc"));
$status = mysqli_real_escape_string($dbcon, post_input("status"));
$minkarma = mysqli_real_escape_string($dbcon, post_input("minkarma"));
$location = mysqli_real_escape_string($dbcon, post_input("location"));
$cgt = mysqli_real_escape_string($dbcon, post_input("cgt"));
$next_map = mysqli_real_escape_string($dbcon, post_input("next_map"));
$map = mysqli_real_escape_string($dbcon, post_input("map"));
$login = mysqli_real_escape_string($dbcon, post_input("login"));
$pass = mysqli_real_escape_string($dbcon, post_input("pass"));
$minlevel = mysqli_real_escape_string($dbcon, intval(post_input("minlevel")));
$maxlevel = mysqli_real_escape_string($dbcon, intval(post_input("maxlevel")));
/* authenticate server */
global $config;
$data = array();
$isOfficial = False;

Expand All @@ -75,7 +76,6 @@ function handle_set_online()
description = '$desc', minlevel = $minlevel,
maxlevel = $maxlevel, updated = NOW(), online = 1";

global $dbcon;
mysqli_query($dbcon, $query);


Expand All @@ -94,9 +94,10 @@ function handle_set_online()
/* Save accounts on a server */
function handle_set_online_ids()
{
global $dbcon;
/* Update number of connections */
$num_conn = intval(post_input("num_conn"));
$login = post_input("login");
$num_conn = mysqli_real_escape_string($dbcon, intval(post_input("num_conn")));
$login = mysqli_real_escape_string($dbcon, post_input("login"));
$query = "
UPDATE servers SET
num_conn = $num_conn,
Expand All @@ -114,7 +115,7 @@ function handle_shutdown()
global $dbcon;

/* Remove server from list */
$id = intval(post_input("server_id"));
$id = mysqli_real_escape_string($dbcon, intval(post_input("server_id")));
$query = "
UPDATE servers SET num_conn = 0, updated = NOW(), online = 0
WHERE
Expand All @@ -130,13 +131,13 @@ function handle_c_conn()
{
global $dbcon;

$account_id = intval(post_input("account_id"));
$server_id = intval(post_input("server_id"));
$c_conn['account_id'] = post_input("account_id");
$c_conn['server_id'] = post_input("server_id");
$c_conn['num_conn'] = post_input("num_conn");
$c_conn['cookie'] = post_input("cookie");
$c_conn['ip'] = post_input("ip");
$account_id = mysqli_real_escape_string($dbcon, intval(post_input("account_id")));
$server_id = mysqli_real_escape_string($dbcon, intval(post_input("server_id")));
$c_conn['account_id'] = mysqli_real_escape_string($dbcon, post_input("account_id"));
$c_conn['server_id'] = mysqli_real_escape_string($dbcon, post_input("server_id"));
$c_conn['num_conn'] = mysqli_real_escape_string($dbcon, post_input("num_conn"));
$c_conn['cookie'] = mysqli_real_escape_string($dbcon, post_input("cookie"));
$c_conn['ip'] = mysqli_real_escape_string($dbcon, post_input("ip"));

$cookie = $c_conn['cookie'];

Expand All @@ -161,6 +162,7 @@ function handle_c_conn()
server = {$server_id},
updated = NOW(),
online = 1";

db_query($query);

$query = "SELECT username from users where id = $account_id";
Expand All @@ -174,8 +176,10 @@ function handle_c_conn()
/* User disconnects a server */
function handle_c_disc()
{
$account_id = intval(post_input("account_id"));
$server_id = intval(post_input("server_id"));
global $dbcon;

$account_id = mysqli_real_escape_string($dbcon, intval(post_input("account_id")));
$server_id = mysqli_real_escape_string($dbcon, intval(post_input("server_id")));

$query = "
UPDATE
Expand All @@ -197,12 +201,14 @@ function handle_c_disc()
/* Server start game */
function handle_auth()
{
$a['login'] = post_input('login');
$a['pass'] = post_input('pass');
$a['type'] = post_input('type'); // = "reg"
$a['port'] = post_input('port');
$a['map'] = post_input('map');
$a['account_ids'] = $_POST['account_id'];
global $dbcon;

$a['login'] = mysqli_real_escape_string($dbcon, post_input('login'));
$a['pass'] = mysqli_real_escape_string($dbcon, post_input('pass'));
$a['type'] = mysqli_real_escape_string($dbcon, post_input('type')); // = "reg"
$a['port'] = mysqli_real_escape_string($dbcon,post_input('port'));
$a['map'] = mysqli_real_escape_string($dbcon, post_input('map'));
$a['account_ids'] = mysqli_real_escape_string($dbcon, $_POST['account_id']);


/* temporary default values for now */
Expand Down

0 comments on commit 3a4c7e6

Please sign in to comment.