Merge pull request #267 from own3mall/master

Tons of New Features (Deny Users from making changes to certain server params and custom fields, new ArkSE control, adjustments to default home path setting, and more)

includes/database.php

@@ -86,6 +86,8 @@ abstract class OGPDatabase {
 
     abstract public function getUsersGroups($user_id);
     
+    abstract public function getGameServersWithSamePath($remote_id, $home_path);
+    
     abstract public function getUserGroupList($user_id);
 
     /// \return array of users. Array is empty if there is no users available.
@@ -288,4 +290,4 @@ abstract class OGPDatabase {
     abstract public function getHomeAffinity($home_id);
 }
 
-?>
+?>

includes/database_mysql.php

@@ -2308,7 +2308,7 @@ class OGPDatabaseMySQL extends OGPDatabase
 	/// \brief Adds game home to database.
 	/// \return FALSE if failure
 	/// \return id of the home in case of success.
-	public function addGameHome($rserver_id,$user_id_main,$home_cfg_id,$game_path,$server_name,$control_password,$ftp_password){
+	public function addGameHome($rserver_id,$user_id_main,$home_cfg_id,$game_path,$server_name,$control_password,$ftp_password,$skipId = false){
 		$query = sprintf("INSERT INTO `%sserver_homes`
 			( `home_id`, `remote_server_id`, `user_id_main`, `home_cfg_id`, `home_path`, `home_name`,`control_password`,`ftp_password`)
 			VALUES(NULL, '%d', '%d', '%d', '%s', '%s', '%s', '%s')",
@@ -2325,7 +2325,8 @@ class OGPDatabaseMySQL extends OGPDatabase
 		if ( mysql_affected_rows($this->link) != 1 )
 			return FALSE;
 		$homeid = mysql_insert_id($this->link);
-		$this->changeHomePath($homeid,$game_path.$homeid);
+		if(!$skipId)
+			$this->changeHomePath($homeid,$game_path.$homeid);
 		return $homeid;
 	}
 
@@ -2371,6 +2372,28 @@ class OGPDatabaseMySQL extends OGPDatabase
 		return $game_home;
 	}
 	
+	public function getGameServersWithSamePath($remote_id, $home_path){
+		$query = sprintf('SELECT * FROM `%1$sserver_homes` 
+			WHERE `home_path` LIKE \'%%%2$s%%\' AND remote_server_id = \'%3$d\';',
+			$this->table_prefix,
+			mysql_real_escape_string($home_path, $this->link),
+			mysql_real_escape_string($remote_id, $this->link));
+		++$this->queries_;
+		$result = mysql_query($query,$this->link);
+		if ( mysql_num_rows($result) > 0 ){
+			while ($row = mysql_fetch_assoc($result))
+			{
+				$servers[] = $row;
+			}
+		}
+
+		if(isset($servers) && is_array($servers)){
+			return $servers;
+		}
+	
+		return false;
+	}
+	
 	public function getGameHomeWithoutMods($home_id) {
 		$query = sprintf('SELECT *
 			FROM `%1$sremote_servers` 

includes/database_mysqli.php

@@ -2307,7 +2307,7 @@ class OGPDatabaseMySQL extends OGPDatabase
 	/// \brief Adds game home to database.
 	/// \return FALSE if failure
 	/// \return id of the home in case of success.
-	public function addGameHome($rserver_id,$user_id_main,$home_cfg_id,$game_path,$server_name,$control_password,$ftp_password){
+	public function addGameHome($rserver_id,$user_id_main,$home_cfg_id,$game_path,$server_name,$control_password,$ftp_password,$skipId = false){
 		$query = sprintf("INSERT INTO `%sserver_homes`
 			( `home_id`, `remote_server_id`, `user_id_main`, `home_cfg_id`, `home_path`, `home_name`,`control_password`,`ftp_password`)
 			VALUES(NULL, '%d', '%d', '%d', '%s', '%s', '%s', '%s')",
@@ -2324,7 +2324,8 @@ class OGPDatabaseMySQL extends OGPDatabase
 		if ( mysqli_affected_rows($this->link) != 1 )
 			return FALSE;
 		$homeid = mysqli_insert_id($this->link);
-		$this->changeHomePath($homeid,$game_path.$homeid);
+		if(!$skipId)
+			$this->changeHomePath($homeid,$game_path.$homeid);
 		return $homeid;
 	}
 
@@ -2374,6 +2375,28 @@ class OGPDatabaseMySQL extends OGPDatabase
 		return $game_home;
 	}
 	
+	public function getGameServersWithSamePath($remote_id, $home_path){
+		$query = sprintf('SELECT * FROM `%1$sserver_homes` 
+			WHERE `home_path` LIKE \'%%%2$s%%\' AND remote_server_id = \'%3$d\';',
+			$this->table_prefix,
+			mysqli_real_escape_string($this->link,$home_path),
+			mysqli_real_escape_string($this->link,$remote_id));
+		++$this->queries_;
+		$result = mysqli_query($this->link,$query);
+		if ( mysqli_num_rows($result) > 0 ){
+			while ($row = mysqli_fetch_assoc($result))
+			{
+				$servers[] = $row;
+			}
+		}
+
+		if(isset($servers) && is_array($servers)){
+			return $servers;
+		}
+	
+		return false;
+	}
+	
 	public function getGameHomeWithoutMods($home_id) {
 		$query = sprintf('SELECT *
 			FROM `%1$sremote_servers` 

includes/functions.php

@@ -778,4 +778,15 @@ function preg_replace_nth($pattern, $replacement, $subject, $nth=1) {
                 return reset($found);
         }, $subject,$nth);
 }
+
+// https://stackoverflow.com/questions/12559878/multidimensional-array-find-item-and-move-to-the-top
+function customShift($array, $keyToMoveOn, $valueToMoveOn){
+    foreach($array as $key => $val){
+        if($val[$keyToMoveOn] == $valueToMoveOn){
+            unset($array[$key]); 
+            array_unshift($array, $val); 
+            return $array;               
+        }
+    }
+}
 ?>

includes/html_functions.php

@@ -22,9 +22,9 @@
  *
  */
 
-function print_failure($text)
+function print_failure($text, $class="failure")
 {
-    echo '<p class="failure">'.$text.'</p>';
+    echo '<p class="' . $class . '">'.$text.'</p>';
 }
 
 function print_success($text)
@@ -155,4 +155,4 @@ function check_theme_image($base_image_path)
 						'themes/'.$settings['theme'] . "/" . $base_image_path :
 						$base_image_path;
 }
-?>
+?>

js/modules/user_games.js

@@ -162,6 +162,13 @@ $(document).ready(function() {
 					}
 				}
 				$("#result").html('<p class="'+data.result+'">'+data.info+'</p>');
+				if(data.result == "success"){
+					$("p.warning").remove();
+				}
+				
+				if(data.hasOwnProperty("warning_info") && data.warning_info){
+					$("#result").html($("#result").html() + '<p class="warning">'+data.warning_info+'</p>');
+				}
 			}, "json");
 		}
 	});

lang/English/modules/settings.php

@@ -131,5 +131,5 @@ define('bg_wrapper_info', "The wrappers background image. <b style='font-size:10
 define('show_server_id_game_monitor', "Show Server IDs on Game Monitor page");
 define('show_server_id_game_monitor_info', "Show the game server ID column on the Game Monitor for matching up files created by the Agent to the actual game server.");
 define('default_game_server_home_path_prefix', "Default game server home directory prefix");
-define('default_game_server_home_path_prefix_info', "Enter a path prefix for where you want game server homes to be created by default. You can use \"{USERNAME}\" in the path which will be replaced with the OGP username the game server is being assigned to.  Example: /ogp/games/{USERNAME} will become /ogp/games/username/1 where 1 is the game servers ID.  Example 2:  /ogp/games will become /ogp/games/1 where 1 is the game servers ID.");
+define('default_game_server_home_path_prefix_info', "Enter a path prefix for where you want game server homes to be created by default. You can use \"{USERNAME}\" in the path which will be replaced with the OGP username the game server is being assigned to.  You can use \"{GAMEKEY}\" in the path which will be replaced with a friendly lowercase name.  You can use \"{SKIPID}\" anywhere in the path to skip appending the home ID to the path.  Example: /ogp/games/{USERNAME}/{GAMEKEY}{SKIPID} will become /ogp/games/username/arkse/.  Example 2:  /ogp/games will become /ogp/games/1 where 1 is the game servers ID.");
 ?>

lang/English/modules/user_games.php

@@ -219,4 +219,5 @@ define('expiration_date_could_not_be_changed', "Expiration date for selected hom
 define('search', "Search");
 define('ftp_account_username_too_long', "FTP username is too long. Try a shorter username no longer than 20 characters.");
 define('ftp_account_password_too_long', "FTP password is too long. Try a shorter password no longer than 20 characters.");
+define('other_servers_exist_with_path_please_change', "Other homes exist with the same path. It is recommended (but not required) that you change this path to something unique. You may have problems if you do NOT.");
 ?>

modules/config_games/schema_server_config.xml

@@ -144,6 +144,7 @@
       <xs:element name="caption" type="xs:string" maxOccurs="1" />
       <xs:element name="desc" type="xs:string" maxOccurs="1" />
       <xs:element name="options" type="xs:string" />
+      <xs:element name="access" type="xs:string" minOccurs="0" maxOccurs="1" />
     </xs:choice>
     <xs:attribute name="id" type="xs:string" />
     <xs:attribute name="key" type="xs:string" />
@@ -203,6 +204,7 @@
       <xs:element name="filepath" type="xs:string" />
       <xs:element name="options" type="xs:string" />
       <xs:element name="occurrence" type="xs:string" minOccurs="0" />
+      <xs:element name="access" type="xs:string" minOccurs="0" maxOccurs="1" />
       <xs:element name="desc" type="xs:string" maxOccurs="1" />
     </xs:choice>
     <xs:attribute name="id" type="xs:string" />

modules/gamemanager/mini_start.php

@@ -26,6 +26,51 @@ $param_access_enabled = preg_match("/p/",$server_home['access_rights']) > 0 ? TR
 $extra_param_access_enabled = preg_match("/e/",$server_home['access_rights']) > 0 ? TRUE:FALSE;
 $last_param = json_decode($server_home['last_param'], True);
 
+$isAdmin = $db->isAdmin($_SESSION['user_id']);
+
+if (!function_exists('processParamValue')) {
+	function processParamValue($paramKey, $paramValue, &$save_param, &$start_cmd){
+		// Set globals
+		global $param, $server_xml;
+		
+		if (0 == strlen($paramValue))
+			return false;
+		
+		if ($paramKey == $paramValue) // it's a checkbox
+		{
+			$new_param = $paramKey;
+			$save_param[$paramKey] = True;
+		}
+		elseif($param->option == "ns" or $param->options == "ns")
+		{
+			$new_param = $paramKey.clean_server_param_value($paramValue, $server_xml->cli_allow_chars);
+			$save_param[$paramKey] = $paramValue;
+		}
+		elseif($param->option == "q" or $param->options == "q"){
+			$new_param = $paramKey . '"' . clean_server_param_value($paramValue, $server_xml->cli_allow_chars) . '"';
+			$save_param[$paramKey] = $paramValue;
+		}
+		elseif($param->option == "s" or $param->options == "s"){
+			$new_param = $paramKey . ' ' . clean_server_param_value($paramValue, $server_xml->cli_allow_chars);
+			$save_param[$paramKey] = $paramValue;
+		}
+		else
+		{
+			$new_param = $paramKey.' "'.clean_server_param_value($paramValue, $server_xml->cli_allow_chars).'"';
+			$save_param[$paramKey] = $paramValue;
+		}
+						  
+		if ($param['id'] == NULL || $param['id'] == "")
+		{
+			$start_cmd .= ' '.$new_param;
+		}
+		else
+		{
+			$start_cmd = preg_replace( "/%".$param['id']."%/", $new_param, $start_cmd );
+		}
+	}
+}
+
 if( !isset( $_POST['start_server'] ) )
 {
 	$server_exec = clean_path($server_home['home_path']."/".$server_xml->exe_location."/".$server_xml->server_exec_name);
@@ -403,9 +448,18 @@ elseif($server_home['home_id'] == $_POST['home_id'])
 		if ( $param_access_enabled && isset($_REQUEST['params']) )
 		{
 			foreach($server_xml->server_params->param as $param)
-			{		
+			{
+				// Get the last saved value of this param or its default value
+				if (array_key_exists((string)$param['key'], $last_param)){
+					$origValue = (string)$last_param[(string)$param['key']];
+				}else{
+					$origValue = "";
+				}
+				
+				// Loop through each posted param and process them
+				$found = 0;
 				foreach ( $_REQUEST['params'] as $paramKey => $paramValue )
-				{	
+				{						
 					// Dependency fields...				
 					if(stripos($paramKey, "{DEPENDS") !== false){
 						$dependsSection = strrpos($paramKey, "{DEPENDS");
@@ -414,52 +468,43 @@ elseif($server_home['home_id'] == $_POST['home_id'])
 						$dependsKey = str_replace("{DEPENDS:", "", $dependsSection);
 						$dependsKey = str_replace("}", "", $dependsKey);
 						if(hasValue($_REQUEST['params'][$dependsKey])){
-							$paramValue .= $_REQUEST['params'][$dependsKey];
+							$additionalValue = $_REQUEST['params'][$dependsKey];
+							
+							// Remove leading slashes if there are any for additional game path
+							if($dependsKey == "other_game_server_path_additional"){
+								$additionalValue = ltrim($additionalValue,'/');
+							}
+							
+							$paramValue .= $additionalValue;
 						}
 						$paramKey = $realKey;
 					}
 					
 					if ($param['key'] == $paramKey)
 					{
-						if (0 == strlen($paramValue))
-							continue;
-						if ($paramKey == $paramValue) // it's a checkbox
-						{
-							$new_param = $paramKey;
-							$save_param[$paramKey] = True;
-						}
-						elseif($param->option == "ns" or $param->options == "ns")
+						// If locked by an admin, ignore the value posted by the user
+						$lockedByAdmin = false;
+						if(property_exists($param, 'access') && $param->access == "admin")
 						{
-							$new_param = $paramKey.clean_server_param_value($paramValue, $server_xml->cli_allow_chars);
-							$save_param[$paramKey] = $paramValue;
-						}
-						elseif($param->option == "q" or $param->options == "q"){
-							$new_param = $paramKey . '"' . clean_server_param_value($paramValue, $server_xml->cli_allow_chars) . '"';
-							$save_param[$paramKey] = $paramValue;
-						}
-						elseif($param->option == "s" or $param->options == "s"){
-							$new_param = $paramKey . ' ' . clean_server_param_value($paramValue, $server_xml->cli_allow_chars);
-							$save_param[$paramKey] = $paramValue;
-						}
-						else
-						{
-							$new_param = $paramKey.' "'.clean_server_param_value($paramValue, $server_xml->cli_allow_chars).'"';
-							$save_param[$paramKey] = $paramValue;
-						}
-					  
-						if ($param['id'] == NULL || $param['id'] == "")
-						{
-							$start_cmd .= ' '.$new_param;
-						}
-						else
-						{
-							$start_cmd = preg_replace( "/%".$param['id']."%/", $new_param, $start_cmd );
+							$lockedByAdmin = true;
+							if(!$isAdmin){
+								$paramValue = $origValue; // Set it to the old saved value (which was last set by an admin) or set it to its default value
+							}														
 						}
 						
+						// Process the param value for the start command and for the save params
+						processParamValue($paramKey, $paramValue, $save_param, $start_cmd);
+						
+						$found++;
 						break; // More efficient
 					}			  
 				}
 				
+				// If the parameter wasn't posted (because it may have been disabled due to access param) or a sneaky user deleted it to circumvent security
+				if($found == 0 && !empty($origValue)){
+					processParamValue((string)$param['key'], $origValue, $save_param, $start_cmd);
+				}
+				
 				if ($param['id'] != NULL && $param['id'] != ""){
 					$start_cmd = preg_replace( "/%".$param['id']."%/", '', $start_cmd );
 				}

modules/gamemanager/module.php

@@ -24,8 +24,8 @@
 
 // Module general information
 $module_title = "Game manager";
-$module_version = "1.31";
-$db_version = 6;
+$module_version = "1.32";
+$db_version = 7;
 $module_required = TRUE;
 $module_menus = array( array( 'subpage' => 'game_monitor', 'name'=>'Game Monitor', 'group'=>'user' ) );
 
@@ -102,4 +102,8 @@ $install_queries[5] = array(
 	
 $install_queries[6] = array(
 	"ALTER TABLE `".OGP_DB_PREFIX."server_homes` ADD `server_expiration_date` VARCHAR(21) NOT NULL default 'X';");
+
+$install_queries[7] = array(
+	"ALTER TABLE `".OGP_DB_PREFIX."server_homes` drop index `remote_server_id`;"
+	);
 ?>

modules/gamemanager/server_monitor.php

@@ -32,11 +32,12 @@ require_once('includes/lib_remote.php');
 function renderParam($param, $last_param, $param_access_enabled, $home_id)
 {
 	global $db;
+	$isAdmin = $db->isAdmin($_SESSION['user_id']);
 	$attributesString = "";
 	foreach ($param->attribute as $attribute)
 		$attributesString .= $attribute['key']. "='$attribute' ";
 
-	$disabledString = ($param_access_enabled) ? "" : "disabled ";
+	$disabledString = ((($param_access_enabled) && (!property_exists($param, 'access') || $param->access != "admin")) || $isAdmin) ? "" : "disabled ";
 	
 	if (array_key_exists((string)$param['key'], $last_param))
 		$paramValue = (string)$last_param[(string)$param['key']];
@@ -58,20 +59,35 @@ function renderParam($param, $last_param, $param_access_enabled, $home_id)
 		}
 		$inputElementString .="</select>";
 	}else if($paramType == "other_game_server_path" || $paramType == "other_game_server_path_additional"){
-		$homes = $db->getHomesFor('user_and_group', $_SESSION['user_id']);
+		if($isAdmin){
+			$dbTypeHomesStr = "admin";
+		}else{
+			$dbTypeHomesStr = "user_and_group";
+		}
+		
+		// Get homes
+		$homes = $db->getHomesFor($dbTypeHomesStr, $_SESSION['user_id']);
+		
+		// Move current home_id home_path to the front of the array so that it is selected by default if no other option has been selected.
+		$homes = customShift($homes, "home_id", $home_id);
+		
 		$inputElementString = "<select $idString name='params[" . $param['key'] . "{DEPENDS:other_game_server_path_additional}]'" . $disabledString . ">";
 		foreach($homes as $home){
-			if(stripos($paramValue, $home["home_path"] . "/") !== false){
+			if($home["home_path"][strlen($home["home_path"])-1] != "/"){
+				$home["home_path"] = $home["home_path"] . "/";
+			}
+			
+			if(stripos($paramValue, $home["home_path"]) !== false){
 				$selectedString = "selected='selected'";
-				$selectedHome = $home["home_path"] . "/";
+				$selectedHome = $home["home_path"];
 			}else{
 				$selectedString = "";
 			}
-			$inputElementString .= '<option value="' . $home["home_path"] . '/" ' . $selectedString . '>' . $home["home_path"] . '/</option>';
+			$inputElementString .= '<option value="' . $home["home_path"] . '" ' . $selectedString . '>' . $home["home_path"] . '</option>';
 		}
 		$inputElementString .="</select>";
 		if($paramType == "other_game_server_path_additional"){
-			$inputElementString .="<input type='text' value='" . (stripos($paramValue, $selectedHome) !== false ? substr($paramValue, strlen($selectedHome)) : "") . "' name='params[other_game_server_path_additional]'>";
+			$inputElementString .="<input type='text' value='" . (stripos($paramValue, $selectedHome) !== false ? substr($paramValue, strlen($selectedHome)) : (hasValue((string)$param->default) ? (string)$param->default : "")) . "' name='params[other_game_server_path_additional]' " . $disabledString .">";
 		}
 	}else{
 			if ($paramType == "checkbox_key_value") {

modules/user_games/add_home.php

@@ -93,7 +93,12 @@ function exec_ogp_module()
 		{
 			foreach ( $game_cfgs as $row )
 			{
-				if($row['home_cfg_id'] == $home_cfg_id) $server_name = $row['game_name'];
+				if($row['home_cfg_id'] == $home_cfg_id){
+					 $server_name = $row['game_name'];
+					 $game_key = $row['game_key'];
+					 $readable_game_key = substr($game_key, 0, stripos($game_key, "_"));
+					 $readable_game_key = strtolower($readable_game_key);
+				}
 			}
 			foreach ( $remote_servers as $server )
 			{
@@ -108,9 +113,16 @@ function exec_ogp_module()
 			// Game path logic
 			$game_path = "/home/".$ogp_user."/OGP_User_Files/"; // Default
 	
+			$skipId = false;
 			if(hasValue($default_home_dir)){
+				// Replace some user supported variables with actual value.
 				$game_path = $default_home_dir;			
-				$game_path = str_replace("{USERNAME}", $web_user,  $game_path); // Replace some user supported variables with actual value.
+				$game_path = str_replace("{USERNAME}", $web_user,  $game_path); 
+				if(stripos($game_path, "{SKIPID}") !== false){
+					$skipId = true;
+				}
+				$game_path = str_replace("{SKIPID}", "",  $game_path); 
+				$game_path = str_replace("{GAMEKEY}", $readable_game_key, $game_path);
 			}
 			
 			if($game_path[strlen($game_path)-1] != "/"){ // Make sure the path ends with forward slash
@@ -121,7 +133,7 @@ function exec_ogp_module()
 			// End game path logic
 			
 			if ( ( $new_home_id = $db->addGameHome($rserver_id,$web_user_id,$home_cfg_id,
-				clean_path($game_path),$server_name,$control_password,$ftppassword) )!== FALSE )
+				clean_path($game_path),$server_name,$control_password,$ftppassword,$skipId) )!== FALSE )
 			{				
 				$success = $db->assignHomeTo("user",$web_user_id,$new_home_id,$access_rights);
 				if($success){
@@ -130,7 +142,7 @@ function exec_ogp_module()
 					$remote = new OGPRemoteLibrary($home_info['agent_ip'],$home_info['agent_port'],$home_info['encryption_key'],$home_info['timeout']);
 					
 					// Create new home directory if it doesn't already exist
-					$remote->exec("mkdir -p " . clean_path($game_path) . $new_home_id);
+					$remote->exec("mkdir -p " . clean_path($game_path) . (!$skipId ? $new_home_id : ""));
 					
 					if($ftp)
 					{

modules/user_games/clone_home.php

@@ -30,6 +30,10 @@ function exec_ogp_module()
 	$default_home_dir = $settings["default_game_server_home_path_prefix"];
 
 	$server_row = $db->getGameHomeWithoutMods($home_id);
+	$game_key = $server_row["game_key"];
+	$readable_game_key = substr($game_key, 0, stripos($game_key, "_"));
+	$readable_game_key = strtolower($readable_game_key);
+	
 	if ( empty($server_row) )
 	{
 		print_failure(get_lang('invalid_home_id'));
@@ -52,9 +56,15 @@ function exec_ogp_module()
 		// Game path logic
 		$game_path = "/home/".$server_row['ogp_user']."/OGP_User_Files/"; // Default
 	
+		$skipId = false;
 		if(hasValue($default_home_dir)){
 			$game_path = $default_home_dir;			
 			$game_path = str_replace("{USERNAME}", $web_user,  $game_path); // Replace some user supported variables with actual value.
+			if(stripos($game_path, "{SKIPID}") !== false){
+				$skipId = true;
+			}
+			$game_path = str_replace("{SKIPID}", "",  $game_path); 
+			$game_path = str_replace("{GAMEKEY}", $readable_game_key, $game_path);
 		}
 			
 		if($game_path[strlen($game_path)-1] != "/"){ // Make sure the path ends with forward slash
@@ -65,12 +75,16 @@ function exec_ogp_module()
 		// End game path logic
 
 		$clone_home_id = $db->addGameHome($server_row['remote_server_id'], $server_row['user_id_main'],
-			$server_row['home_cfg_id'], $game_path, $server_name, '', genRandomString(8));
+			$server_row['home_cfg_id'], $game_path, $server_name, '', genRandomString(8), $skipId);
+		
+		$server_path = $game_path;
+		
+		if(!$skipId)
+			$server_path .= $clone_home_id;
 		
-		$server_path = $game_path.$clone_home_id;
+		// Create new home directory if it doesn't already exist		
+		$remote->exec("mkdir -p " . clean_path($server_path));
 		
-		// Create new home directory if it doesn't already exist
-		$remote->exec("mkdir -p " . $server_path);
 		
 		if ( $clone_home_id === FALSE )
 		{

modules/user_games/custom_fields.php

@@ -25,15 +25,17 @@
 require_once("modules/config_games/server_config_parser.php");
 require_once('includes/form_table_class.php');
 
+$custom_fields = array();
+$isAdmin = false;
 function renderCustomFields($field, $home_id)
 {
-	global $db;
+	global $db, $custom_fields, $isAdmin;
 	$attributesString = "";
+	$disabledString = ((!property_exists($field, 'access') || $field->access != "admin") || $isAdmin) ? "" : "disabled ";
+	
 	foreach ($field->attribute as $attribute)
 		$attributesString .= $attribute['key']. "='$attribute' ";
 
-	//get used custom value or get default
-	$custom_fields = json_decode($db->getCustomFields($home_id), True);
 	if (is_array($custom_fields) and array_key_exists((string)$field['key'], $custom_fields))
 		$fieldValue = (string)$custom_fields[(string)$field['key']];
 	else
@@ -44,7 +46,7 @@ function renderCustomFields($field, $home_id)
 	$fieldType = $field['type'];
 	if ($fieldType == "select")
 	{
-		$inputElementString = "<select $idString $nameString>";
+		$inputElementString = "<select $idString $nameString $disabledString>";
 		foreach ($field->option as $option)
 		{
 			$optionValue = (string)($option['value']);
@@ -67,7 +69,7 @@ function renderCustomFields($field, $home_id)
 					$attributesString .= "checked='checked' ";
 			}
 			$inputElementString = "<input $idString $nameString ".
-				"type='$fieldType' value=\"".str_replace('"', "&quot;", strip_real_escape_string($fieldValue))."\" $attributesString/>";
+				"type='$fieldType' value=\"".str_replace('"', "&quot;", strip_real_escape_string($fieldValue))."\" $attributesString $disabledString/>";
 		}
 
 	echo "<tr><td class='right'><label for='".clean_id_string($field['key'])."'>".$field['key'].
@@ -83,7 +85,7 @@ function renderCustomFields($field, $home_id)
 
 function exec_ogp_module()
 {
-    global $db,$view;
+    global $db,$view,$custom_fields,$isAdmin;
 		
 	$home_id = $_GET['home_id'];
 	
@@ -102,6 +104,9 @@ function exec_ogp_module()
 	if( !$home_info OR !$custom_fileds_access_enabled )
 		return;
 		
+	//get used custom value or get default
+	$custom_fields = json_decode($db->getCustomFields($home_id), True);
+		
 	$server_xml = read_server_config(SERVER_CONFIG_LOCATION.$home_info['home_cfg_file']);
 	
 	include('includes/lib_remote.php');
@@ -123,7 +128,50 @@ function exec_ogp_module()
 	if(isset($_POST['update_settings']))
 	{
 		$save_field = $_POST['fields'];
-		$db->changeCustomFields($home_info['home_id'],json_encode($save_field));
+		$updatedSettings = array();
+		foreach($server_xml->custom_fields->field as $field)
+		{
+			if (array_key_exists((string)$field['key'], $custom_fields)){
+				$origValue = (string)$custom_fields[(string)$field['key']];
+			}else{
+				$origValue = "";
+			}
+			
+			$found = 0;
+			foreach ($save_field as $key => $value )
+			{
+				if($key == (string)$field['key']){
+					$found++;
+					
+					// If locked by an admin, ignore the value posted by the user
+					$lockedByAdmin = false;
+					if(property_exists($field, 'access') && $field->access == "admin")
+					{
+						$lockedByAdmin = true;
+						if(!$isAdmin){
+							$value = $origValue; // Set it to the old saved value (which was last set by an admin) or set it to its default value
+						}														
+					}
+					
+					if(!empty($value)){
+						$updatedSettings[$key] = $value;
+					}
+					
+					break;
+				}
+			}
+			
+			if($found == 0 && !empty($origValue)){
+				$updatedSettings[(string)$field['key']] = $origValue;
+			}
+		}
+		
+		if(is_array($updatedSettings) && count($updatedSettings) > 0){
+			$db->changeCustomFields($home_info['home_id'],json_encode($updatedSettings));
+		}else{
+			$db->changeCustomFields($home_info['home_id'],"");
+		}
+			
 		print_success(get_lang('settings_updated'));
 		$view->refresh("?m=user_games&p=custom_fields&home_id=".$home_id);
 	}

modules/user_games/edit_home.php

@@ -41,6 +41,9 @@ function exec_ogp_module()
 	$submit = isset($_REQUEST['submit']) ? $_REQUEST['submit'] : "";
 
 	$home_info = $db->getGameHomeWithoutMods($home_id);
+	$servers_with_same_path = $db->getGameServersWithSamePath($home_info['remote_server_id'], $home_info['home_path']); 
+	$servers_with_same_path = (is_array($servers_with_same_path) ? count($servers_with_same_path) : 0);
+	
 	$home_id = $home_info['home_id'];
 	$enabled_mods = $db->getHomeMods($home_id);
 
@@ -57,7 +60,8 @@ function exec_ogp_module()
 		$new_home_cfg_id = $_POST['home_cfg_id'];
 		if($db->updateHomeCfgId($home_id, $new_home_cfg_id))
 		{
-			echo json_encode(array('result' => 'success', 'info' => successfully_changed_game_server));
+			$json_message = array('result' => 'success', 'info' => successfully_changed_game_server);
+			echo json_encode($json_message);			
 			$db->logger( successfully_changed_game_server ." HOME ID:$home_id - ". change_game_type .":old home_cfg_id:$home_cfg_id, new home_cfg_id:$new_home_cfg_id");
 		}
 		else
@@ -443,6 +447,16 @@ function exec_ogp_module()
 			{
 				if ( $db->changeHomePath($home_id,clean_path($home_path)) === TRUE )
 				{
+					$home_info = $db->getGameHomeWithoutMods($home_id);
+					$servers_with_same_path = $db->getGameServersWithSamePath($home_info['remote_server_id'], $home_info['home_path']); 
+					$servers_with_same_path = (is_array($servers_with_same_path) ? count($servers_with_same_path) : 0);
+					
+					$success_json = array('result' => 'success', 'info' => successfully_changed_game_server);
+					
+					if($servers_with_same_path > 1){
+						$success_json["warning_info"] = get_lang('other_servers_exist_with_path_please_change');
+					}
+					
 					// Create new home directory if it doesn't already exist
 					$remote->exec("mkdir -p " . clean_path($home_path));
 					
@@ -459,7 +473,7 @@ function exec_ogp_module()
 							
 							if (isset($create_new_ftp_account) and $create_new_ftp_account !== 0)
 							{
-								echo json_encode(array('result' => 'success', 'info' => successfully_changed_game_server));
+								echo json_encode($success_json);
 								$db->logger( successfully_changed_game_server ." HOME ID:$home_id - ". home_path .":$home_path");
 							}
 							else
@@ -470,13 +484,13 @@ function exec_ogp_module()
 						}
 						else
 						{
-							echo json_encode(array('result' => 'success', 'info' => successfully_changed_game_server));
+							echo json_encode($success_json);
 							$db->logger( successfully_changed_game_server ." HOME ID:$home_id - ". home_path .":$home_path");
 						}
 					}
 					else
 					{
-						echo json_encode(array('result' => 'success', 'info' => successfully_changed_game_server));
+						echo json_encode($success_json);
 						$db->logger( successfully_changed_game_server ." HOME ID:$home_id - ". home_path .":$home_path");
 					}
 				}
@@ -667,7 +681,11 @@ function exec_ogp_module()
 			 "<input type='text' size='30' name='home_path' value=\"".str_replace('"', "&quot;", $home_info['home_path'])."\" />".
 			 "<input type='submit' name='change_home' value='". change_home ."' id='change_home_path' />".
 			 "</form><button data-path=\"".str_replace('"', "&quot;", $home_info['home_path'])."\" data-home-id='".$home_id."' id='browse'>".
-			  browse ."</button></td></tr>".
+			  browse ."</button>";
+			  if($servers_with_same_path > 1){
+				print_failure(get_lang('other_servers_exist_with_path_please_change'), "warning");
+			  }
+		echo "</td></tr>".
 			 "<tr><td colspan='2' class='info'>". change_home_info ."</td></tr>";
 		
 		//Jquery path browser dialog

themes/Modern/styles.css

@@ -234,6 +234,10 @@ body {
 	color: red;
 }
 
+.warning {
+	color: purple;
+}
+
 .success {
 	color: green;
 }

themes/Revolution/style.css

@@ -581,6 +581,11 @@ table.tablesorter tfoot td {
 	text-align:center;
 }
 
+.warning {
+	color: purple;
+	text-align:center;
+}
+
 .success {
 	color: green;
 	text-align:center;