-
Notifications
You must be signed in to change notification settings - Fork 0
/
addserver.php
103 lines (95 loc) · 3.69 KB
/
addserver.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
<?php
/* BanManagement © 2012, a web interface for the Bukkit plugin BanManager
by James Mortemore of http://www.frostcast.net
is licenced under a Creative Commons
Attribution-NonCommercial-ShareAlike 2.0 UK: England & Wales.
Permissions beyond the scope of this licence
may be available at http://creativecommons.org/licenses/by-nc-sa/2.0/uk/.
Additional licence terms at https://raw.github.com/confuser/Ban-Management/master/banmanagement/licence.txt
*/
if (!defined('INTERNAL'))
die("Don't call me directly!");
// Disable errors to prevent invalid JSON
error_reporting(0);
@ini_set('display_errors', 0); // Fallback incase error_reporting(0) fails
if(!isset($_SESSION['admin']) || (isset($_SESSION['admin']) && !$_SESSION['admin']))
die('Hacking attempt');
else if(!isset($_GET['authid']) || (isset($_GET['authid']) && $_GET['authid'] != sha1($settings['password'])))
die('Hacking attempt');
else if(!is_alphanumdash($_POST['banstable']))
die('Hacking attempt');
else if(!is_alphanumdash($_POST['recordtable']))
die('Hacking attempt');
else if(!is_alphanumdash($_POST['iptable']))
die('Hacking attempt');
else if(!is_alphanumdash($_POST['iprecordtable']))
die('Hacking attempt');
else if(!is_alphanumdash($_POST['mutestable']))
die('Hacking attempt');
else if(!is_alphanumdash($_POST['mutesrecordtable']))
die('Hacking attempt');
else if(!is_alphanumdash($_POST['kickstable']))
die('Hacking attempt');
else if(!is_alphanumdash($_POST['warningstable']))
die('Hacking attempt');
function tableExists($name) {
if(!@mysql_query("SELECT * FROM $name"))
return false;
return true;
}
// Test the mysql connection
if(!mysql_connect($_POST['host'], $_POST['username'], $_POST['password']))
$error = 'Unable to connect, check connection information is correct';
else if(!mysql_select_db($_POST['database']))
$error = 'Unable to select database';
else if(!tableExists($_POST['banstable']))
$error = 'Bans table not found';
else if(!tableExists($_POST['recordtable']))
$error = 'Bans record table not found';
else if(!tableExists($_POST['iptable']))
$error = 'IP table not found';
else if(!tableExists($_POST['iprecordtable']))
$error = 'IP record table not found';
else if(!tableExists($_POST['mutestable']))
$error = 'Mutes table not found';
else if(!tableExists($_POST['mutesrecordtable']))
$error = 'Mutes record table not found';
else if(!tableExists($_POST['kickstable']))
$error = 'Kicks table not found';
else if(!tableExists($_POST['warningstable']))
$error = 'Warnings table not found';
else {
// Success! Add it
$servers = $settings['servers'];
if (empty($servers))
$servers = array();
$servers[] = array(
'name' => $_POST['servername'],
'host' => $_POST['host'],
'database' => $_POST['database'],
'username' => $_POST['username'],
'password' => $_POST['password'],
'bansTable' => $_POST['banstable'],
'recordTable' => $_POST['recordtable'],
'ipTable' => $_POST['iptable'],
'ipRecordTable' => $_POST['iprecordtable'],
'mutesTable' => $_POST['mutestable'],
'mutesRecordTable' => $_POST['mutesrecordtable'],
'kicksTable' => $_POST['kickstable'],
'warningsTable' => $_POST['warningstable']
);
$settings['servers'] = $servers;
$servers = serialize($servers);
$servers = "['servers'] = '".$servers;
$contents = file_get_contents('settings.php');
$contents = preg_replace("/\['servers'\] = '(.*?)/", $servers, $contents);
file_put_contents('settings.php', $contents);
$array['success'] = 'true';
}
if(isset($error))
$array['error'] = $error;
else {
$array['success'] = array('id' => count($settings['servers']) - 1, 'serverName' => $_POST['servername']);
}
echo json_encode($array);
?>