yosoyhendrix
/
Module-Util
spogulis no https://github.com/OpenGamePanel/Module-Util


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163
							<?php
/*
 *
 * OGP - Open Game Panel
 * Copyright (C) 2008 - 2018 The OGP Development Team
 *
 * http://www.opengamepanel.org/
 *
 * This program is free software; you can redistribute it and/or
 * modify it under the terms of the GNU General Public License
 * as published by the Free Software Foundation; either version 2
 * of the License, or any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program; if not, write to the Free Software
 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA  02111-1307, USA.
 *
 */
require 'includes/lib_remote.php';
function exec_ogp_module() 
{
	global $db;
	include 'modules/util/functions.php';
	include 'modules/util/util_config.php';
	$servers = getUserServers($db->getIpPortsForUser($_SESSION['user_id']), $subuserAdminManagement, $amx_supportedGames);
	
	// If it's a post request and the user is signed in - process it.
	// Otherwise, remove some sensitive info (such as encryption_key) from $servers - only keeping what the user needs to see and json_encode it for JS to process.
	if($_SERVER['REQUEST_METHOD'] === 'POST'){
		$serverInfo = array();
		$flags = '';
		$amx_modFlags = range('a', 'u');
		
		// Don't use isset here because they're always going to be set if the form is submitted - we only want to process the data if the following isn't empty.
		if(!empty($_POST['amx_gameserver_id']) && !empty($_POST['remote_server_id']) && !empty($_POST['gameserver_name'])
		&& !empty($_POST['gameserver_ip']) && !empty($_POST['gameserver_port']) && !empty($_POST['amx_mod_perms'])
		&& !empty($_POST['amx_login_type']) && (!empty($_POST['amx_Steamid']) || !empty($_POST['amx_Nickname']) && !empty($_POST['amx_Password']))){
				
			foreach($servers as $server){
				// Try to check if hidden form values have been manually edited. If not, process.
				if($server['remote_server_id'] == $_POST['remote_server_id'] && $server['home_id'] == $_POST['amx_gameserver_id']
				&& $server['game_name'] == $_POST['gameserver_name'] && $server['ip'] == $_POST['gameserver_ip'] && $server['port'] == $_POST['gameserver_port']){	
					$serverInfo = $server;
					break;
				}
			}
			
			if(!empty($serverInfo)){
				$remote = new OGPRemoteLibrary($serverInfo['agent_ip'], $serverInfo['agent_port'], $serverInfo['encryption_key'], $serverInfo['timeout']);
				
				if($remote->status_chk() === 1){
					if(($_POST['amx_login_type'] == 'amx_login_steamid' && preg_match('/^STEAM_[01]:[01]:\d+$/', $_POST['amx_Steamid']))
					|| ($_POST['amx_login_type'] == 'amx_login_nick_pass'
					&& preg_match('/^[^\s][A-zÀ-ÿ0-9 !@)(,}\/|\.:?;{#$%&*+=-]{1,28}[^\s]$/', $_POST['amx_Nickname'])
					&& preg_match('/^[^\s][A-zÀ-ÿ0-9 !@)(,}\/|\.:?;{#$%&*+=-]{1,28}[^\s]$/', $_POST['amx_Password']))){
						
						if($_POST['amx_mod_perms'] == 'root'){
							$flags = 'abcdefghijklmnopqrstu';
						}elseif($_POST['amx_mod_perms'] == 'custom'){
							if(!empty($_POST['amx_flags']) && is_array($_POST['amx_flags'])){
								$x = array_intersect(array_values($_POST['amx_flags']), $amx_modFlags);
								$flags = implode('', ($x));
							}
						}
						
						if(!empty($flags)){
							$adminFile = $serverInfo['home_path'].'/'.$serverInfo['mod_key'].'/'.$adminFiles['amx_mod'];
							// Build up what the new line will be.
							if($_POST['amx_login_type'] == 'amx_login_steamid')
							{
								$newLine = "\"{$_POST['amx_Steamid']}\" \"\" \"${flags}\" \"ce\"";
							}
							elseif($_POST['amx_login_type'] == 'amx_login_nick_pass')
							{
								$newLine = "\"{$_POST['amx_Nickname']}\" \"{$_POST['amx_Password']}\" \"${flags}\" \"a\"";
							}
														
							// Only process if the $adminFile exists;
							if($remote->rfile_exists($adminFile) === 1){
								$remote->remote_readfile($adminFile, $file_content);
								
								// Decide if it's replacing an existing line or is a new line.
								if($_POST['amx_login_type'] == 'amx_login_steamid')
								{
									if(preg_match('/'.preg_quote($_POST['amx_Steamid']).'/i', $file_content)){
										$file_content = preg_replace('/.*'.preg_quote($_POST['amx_Steamid']).'.*/i', $newLine, $file_content);
									}else{
										$file_content .= $newLine."\r\n";
									}
								}
								elseif($_POST['amx_login_type'] == 'amx_login_nick_pass')
								{
									if(preg_match('/'.preg_quote($_POST['amx_Nickname']).'/i', $file_content)){
										$file_content = preg_replace('/.*'.preg_quote($_POST['amx_Nickname']).'.*/i', $newLine, $file_content);
									}else{
										$file_content .= $newLine."\r\n";
									}
								}
								
								if($remote->remote_writefile($adminFile, $file_content) === 1){
									if(!empty($serverInfo['control_password'])){
										$reloadAdmins = $remote->remote_send_rcon_command($serverInfo['home_id'], $serverInfo['ip'], $serverInfo['port'], 'rcon', $serverInfo['control_password'], '', 'amx_reloadadmins', $return);
										
										if($reloadAdmins === -1){
											echo get_lang('rcon_reload_admins_failed');
										}elseif($reloadAdmins === 1){
											echo $return;
										}
									}else{
										// No rcon password stored - can't reload admins
										echo get_lang_f('add_success_no_rcon', $_POST['amx_Steamid']);
									}
								}else{
									// There was a problem writing to the admin file.
									echo get_lang_f('writefile_error', $adminFile);
								}
							}else{
								// The remote admin file doesn't exist.
								echo get_lang_f('remotefile_nonexistent', $adminFiles['amx_mod']);
							}
						}else{
							// There wasn't any flags specified.
							echo get_lang('empty_flag_list');
						}
					}else{
						// invalid steam_id format given.
						echo get_lang('invalid_steam_format');
					}
				}else{
					// Agent is offline. We can't add any admins here.
					echo get_lang('selected_server_offline');
				}
			}else{
				// the hidden input values don't exist in our servers array. however, they should exist.
				// if we're here: 1) the hidden variables have either been manually changed, or 2) the user was removed from accessing the selected server while still on the page.
				echo get_lang('malformed_form');
			}
		}else{
			// An empty form was submitted.
			echo get_lang('empty_form_data');
		}
	}else{
		$return = array();
		for($x = 0; $x < count($servers); ++$x){
			$return[] = array(
				'remote_server_id'		=>	$servers[$x]['remote_server_id'],
				'ip'					=>	$servers[$x]['ip'],
				'port'					=>	$servers[$x]['port'],
				'home_id'				=>	$servers[$x]['home_id'],
				'home_name'				=>	$servers[$x]['home_name'],
				'game_name'				=>	$servers[$x]['game_name'],
			);
		}
		
		echo json_encode($return);
	}
}
?>