API tools faq
paste
Guest User

Untitled

a guest
Jul 15th, 2018
140
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.38 KB | None | 0 0
raw download clone embed print report
  1. <?php
  2.  
  3. $noredirect = true;
  4.  
  5. require 'init.inc.php';
  6.  
  7. require 'mssql.php';
  8.  
  9. require 'db_config.inc.php';
  10.  
  11. include 'header.inc.php';
  12.  
  13.  
  14. echo '<CENTER><h1>United Base Players RCon 2.6</h1></CENTER>';
  15.  
  16. if ($_GET['logoff'] == '1'){
  17. $_SESSION['rcon_rights'] = 0;
  18. session_destroy();
  19. }
  20.  
  21. $username = $_POST['user'];
  22. $password = $_POST['pass'];
  23.  
  24. if (!empty($username) && !empty($password)) {
  25. $_SESSION['rcon_rights'] = 0;
  26.  
  27. // does the user exist in the database?
  28. $username = trim($username);
  29.  
  30. // Update 10.11.2009 - Elwoodini (start)
  31. // Open database connection here
  32. $db_con = sql_db(DB_HOST, DB_USERNAME, DB_PASSWORD, DB_NAME);
  33.  
  34. $sql = sprintf('SELECT user_id FROM C240025_logbook.' . TABLE_USERS . ' WHERE username=' . $username);
  35. // Added Semicolon, 10.12.09 -Raven
  36. $user_id = "";
  37. $user_id = sql_query($sql);
  38.  
  39. // Check to see if the user name exists
  40. if ( ! $user_id = "" )
  41. {
  42. return false;
  43. }
  44. else
  45. {
  46. // Check to see if the user's password matches the one in the form
  47. $sql = sprintf( 'SELECT TOP 1 user_md5_pw FROM C240025_logbook.' . TABLE_USERS . ' WHERE user_id=' . $user_id );
  48. $md5_pw = sql_query($sql);
  49.  
  50. if ( ! $md5_pw = md5($password) )
  51. {
  52. return false;
  53. }
  54. else
  55. {
  56. // Checks to see if the user is a founder
  57. $sql = sprintf( 'SELECT COUNT(user_id) FROM C240025_logbook.' . TABLE_GROUPS . ' WHERE user_id=' . $username . ' AND group_id=' . GROUP_FO );
  58. $founder_flag = sql_query($sql);
  59.  
  60. // Checks to see if the user is a DL
  61. $sql = sprintf( 'SELECT COUNT(user_id) FROM C240025_logbook.' . TABLE_GROUPS . ' WHERE user_id=' . $username . ' AND group_id=' . GROUP_DL );
  62. $dl_flag = sql_query($sql);
  63.  
  64. // Checks to see if the user is an admin
  65. $sql = sprintf( 'SELECT COUNT(user_id) FROM C240025_logbook.' . TABLE_GROUPS . ' WHERE user_id=' . $username . ' AND group_id=' . GROUP_AD );
  66. $admin_flag = sql_query($sql);
  67.  
  68. if ( $founder_flag = 1 || $dl_flag = 1 )
  69. {
  70. $_SESSION['user'] = $username;
  71. $_SESSION['rcon_rights'] = 1;
  72. $_SESSION['lang'] = 'en';
  73. require 'language.inc.php';
  74. }
  75. else if ( $admin_flag = 1 )
  76. {
  77. $_SESSION['user'] = $username;
  78. $_SESSION['rcon_rights'] = 0;
  79. $_SESSION['lang'] = 'en';
  80. require 'language.inc.php';
  81. }
  82. else
  83. {
  84. return false;
  85. }
  86. }
  87. }
  88.  
  89. // $result = mysql_query($sql);
  90. // if ($row = mysql_fetch_assoc($result)) {
  91. // $db_password = $row['password'];
  92. // $db_salt = $row['salt'];
  93. // if ($db_password === md5($db_salt . $password)) {
  94. // $_SESSION['user'] = $username;
  95. // if (!empty($row['lang'])) $interface_language = $_SESSION['lang'] = $row['lang'];
  96. // $_SESSION['rcon_rights'] = $row['access_rights'];
  97. // $_SESSION['rcon_appdir'] = getcwd();
  98. // require 'language.inc.php';
  99. // }
  100. //}
  101.  
  102. // Close DB connection here, end of edits.
  103. // mysql_close($db_con);
  104. sql_close();
  105.  
  106. // Update 10.11.2009 - Elwoodini (end)
  107. }
  108.  
  109. if (isset($_SESSION['rcon_rights']) && $_SESSION['rcon_rights'] > 0) {
  110. function InsertLink($name, $link) {
  111. echo '<a href="'.$link.'">'.$name.'</a><br>';
  112. }
  113.  
  114. echo '<h2>'.$lang['login_logged_as'].': &nbsp; &nbsp; '.$_SESSION['sess_rcon_user']
  115. .(($userconfig_enable)?' &nbsp; | &nbsp; <a href="userconfig.php">['.$lang['login_userconfig'].']</a>':'')
  116. .' &nbsp; | &nbsp; <a href="'.$_SERVER['PHP_SELF'].'?logoff=1">['.$lang['login_logout'].']</a>'
  117. .'</h2><br>';
  118.  
  119. if (count($servers)>1)
  120. {
  121. foreach ($servers as $i=>$n)
  122. {
  123. $n = explode(' ',$n,3);
  124. InsertLink('PHP RCon: '.$n[2],'index.php?server='.$i);
  125. }
  126. }
  127. else {
  128. InsertLink('PHP RCon','index.php');
  129. }
  130. } else {
  131.  
  132. echo '<CENTER>
  133. <h2>'.$lang['login_please_enter'].'.</h2>
  134. <form action="'.$_SERVER['PHP_SELF'].'" method="POST">
  135. <table><tr>
  136. <td width="60">'.$lang['login_name'].':</td>
  137. <td><input class=query type="text" name="user" size="25"></td>
  138. <td width="40">&nbsp;</td>
  139. </tr><tr>
  140. <td>'.$lang['login_password'].':</td>
  141. <td><input class=query type="password" name="pass" size="25"></td>
  142. <td width="40">&nbsp;</td>
  143. </tr><tr>
  144. <td colspan="3" align="right"><input class="button" type="submit" value="'.$lang['confirm'].'"></td>
  145. </tr></table></form></CENTER>
  146. ';
  147. }
  148.  
  149.  
  150. include 'footer.inc.php';
  151. ?>
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!