+ *
+ ***************************************************************************/
+
+if (!defined('IN_SB')) {echo("You should not be here. Only follow links!");die();}
+
+class CDonate {
+ private $hooks = array();
+
+ /**
+ * Add tariff
+ *
+ * @return int
+ */
+ public function AddTariff($name, $price, $expired, $desc, $webflags, $serverflags, $immunity, $servers) {
+ $query = sprintf("INSERT INTO `%s_billing_admintariffs` (`name`, `price`, `expired`, `desc`, `webflags`, `serverflags`, `immunity`, `servers`) VALUES (%s, %d, %d, %s, %s, %s, %d, %s)", DB_PREFIX, $GLOBALS['db']->qstr($name), $price, $expired, $GLOBALS['db']->qstr($desc), $GLOBALS['db']->qstr($webflags), $GLOBALS['db']->qstr($serverflags), $immunity, $GLOBALS['db']->qstr($servers));
+ $GLOBALS['db']->Execute($query);
+ return $GLOBALS['db']->Insert_ID();
+ }
+
+ /**
+ * Add admin request payment
+ *
+ * @return int
+ */
+ public function AddPayment_Admin($name, $authid, $tariff, $vk = '', $skype = '') {
+ if (!$this->IsTariffExists($tariff))
+ return -1;
+
+ $query = sprintf("INSERT INTO `%s_billing_adminpayments` (`name`, `authid`, `tariff`, `vk`, `skype`) VALUES (%s, %s, %d, %s, %s);", DB_PREFIX, $GLOBALS['db']->qstr($name), $GLOBALS['db']->qstr($authid), (int) $tariff, $GLOBALS['db']->qstr($vk), $GLOBALS['db']->qstr($skype));
+ $GLOBALS['db']->Execute($query);
+ return $GLOBALS['db']->Insert_ID();
+ }
+
+ /**
+ * Add unban request payment
+ *
+ * @return int
+ */
+ public function AddPayment_Unban($banid) {
+ // IN DEVELOPING
+ }
+
+ // HELPERS //
+ /**
+ * Get client IP
+ *
+ * @return string ClientIP
+ */
+ public static function getIP() {
+ return $_SERVER[isset($_SERVER['HTTP_X_REAL_IP'])?'HTTP_X_REAL_IP':'REMOTE_ADDR'];
+ }
+
+ /**
+ * Checks tariff on exists.
+ *
+ * @return bool
+ */
+ public static function IsTariffExists($id) {
+ return $GLOBALS['db']->GetOne(sprintf("SELECT COUNT(*) FROM `%s_billing_admintariffs` WHERE `id` = %d;", DB_PREFIX, (int) $id)) == 1;
+ }
+
+ /**
+ * Register event hook.
+ *
+ * @noreturn
+ */
+ public function registerEvent($event_name, $func) {
+ $this->hooks[$event_name][] = $func;
+ }
+
+ /**
+ * Fires a event for donate submodules
+ *
+ * @noreturn
+ */
+ public function fireEvent($event_name, $data) {
+ if (!isset($this->hooks[$event_name]))
+ return;
+
+ foreach ($this->hooks[$event_name] as $event_handler) {
+ call_user_func_array($event_handler, $data);
+ }
+ }
+}
+
+// This is skeleton for custom user payment services. DO NOT EDIT THIS.
+class CPaymentService {
+ /**
+ * Returns the name of this SourceBans Payment Service.
+ *
+ * @return string Service name
+ */
+ public function getName() {}
+
+ /**
+ * Returns the author name. Allowed HTML chars.
+ *
+ * @return string Author Name
+ */
+ public function getAuthor() {}
+
+ /**
+ * Returns the version.
+ *
+ * @return string Version
+ */
+ public function getVersion() {}
+
+ /**
+ * Returns the provider WebSite.
+ *
+ * @return string Provider site
+ */
+ public function getUrl() {}
+
+ /**
+ * Generate client sign.
+ *
+ * @return string ClientSign
+ */
+ public function getClientSign() {}
+
+ /**
+ * Generate notification sign.
+ *
+ * @return string NotifySign
+ */
+ public function getNotifySign() {}
+
+ /**
+ * Generate URL for client redirect.
+ *
+ * @return string URL.
+ */
+ public function generatePaymentUrl() {}
+}
diff --git a/web_upload/includes/SessionManager.php b/web_upload/includes/SessionManager.php
new file mode 100644
index 00000000..b9fe0c0e
--- /dev/null
+++ b/web_upload/includes/SessionManager.php
@@ -0,0 +1,116 @@
+ hash('sha256', $_SERVER['HTTP_USER_AGENT']),
+ 'expires' => time() + $expires
+ ];
+ } else if ((rand(1, 100) <= 10) && !isset($_POST['xajax'])) {
+ self::regenerateSession();
+ }
+ }
+ }
+
+ public static function checkSession() {
+ if (!isset($_SESSION['user_agent']))
+ return false;
+
+ if (!self::validateSession() || !self::preventHijacking()) {
+ session_destroy();
+ session_start();
+
+ return false;
+ }
+
+ return true;
+ }
+
+ public static function closeWrite() {
+ @session_write_close();
+ }
+
+ protected static function preventHijacking() {
+ if (!isset($_SESSION['user_agent']))
+ return false;
+
+ if ($_SESSION['user_agent'] !== hash('sha256', $_SERVER['HTTP_USER_AGENT']))
+ return false;
+
+ return true;
+ }
+
+ protected static function regenerateSession() {
+ $_SESSION['expires'] = time() + 10;
+
+ session_regenerate_id(false);
+ $newSession = session_id();
+
+ self::closeWrite();
+ session_id($newSession);
+ session_start();
+ unset($_SESSION['expires']);
+ }
+
+ protected static function validateSession() {
+ return (
+ !isset($_SESSION['expires']) ||
+ $_SESSION['expires'] >= time()
+ );
+ }
+
+ /**
+ * @section CSRF
+ */
+ public static function initCsrf() {
+ if (isset($_SESSION['csrf']))
+ return;
+
+ $_SESSION['csrf'] = md5($_SESSION['user_agent']);
+ $_SESSION['csrf_valid'] = time() + 45;
+ }
+
+ public static function getCsrfToken() {
+ if (!isset($_SESSION['csrf']))
+ self::initCsrf();
+ return $_SESSION['csrf'];
+ }
+
+ public static function checkCsrf($where = INPUT_POST) {
+ if (!isset($_SESSION['csrf']))
+ return false;
+ if ($_SESSION['csrf_valid'] <= time())
+ return false;
+
+ $valid = (self::getCsrfToken() == filter_input($where, '__sb_csrf', FILTER_SANITIZE_STRING));
+
+ if ($valid)
+ $_SESSION['csrf_valid'] = time() + 45;
+ return $valud;
+ }
+
+ /**
+ * @section Session Name
+ */
+ public static function getSessionName() {
+ if (defined('SB_SESSION')) {
+ $session = constant('SB_SESSION');
+ if (!empty($session))
+ return $session;
+ }
+
+ return substr(md5($_SERVER['SERVER_NAME']), 0, 8);
+ }
+}
\ No newline at end of file
diff --git a/web_upload/includes/__loader.php b/web_upload/includes/__loader.php
new file mode 100644
index 00000000..a7d39d6e
--- /dev/null
+++ b/web_upload/includes/__loader.php
@@ -0,0 +1,13 @@
+Statement = new \DatabaseResult($this->PDO->prepare($query));
}
- public function GetStatement($cleanup = true) {
- if ($this->Statement === NULL)
- throw new \LogicException('No one query has been prepared');
-
- $Stmt = $this->Statement;
- if ($cleanup)
- $this->Statement = null;
-
- return $Stmt;
- }
-
public function BindData($name, $value, $type = NULL) {
if ($this->Statement === NULL)
throw new \LogicException('No one query has been prepared');
diff --git a/web_upload/includes/system-functions.php b/web_upload/includes/system-functions.php
index ea368652..6e7ca5d9 100644
--- a/web_upload/includes/system-functions.php
+++ b/web_upload/includes/system-functions.php
@@ -1041,12 +1041,34 @@ function renderSteam2($accountId, $universe)
return "STEAM_" . $universe . ":" . ($accountId & 1) . ":" . ($accountId >> 1);
}
-function SBDate($format, $timestamp = -1) {
- TimeZone::setFormat($format);
- if ($timestamp == -1)
- $timestamp = time();
-
- return TimeZone::FormatTime($timestamp);
+function SBDate($format, $timestamp="")
+{
+ if(version_compare(PHP_VERSION, "5") != -1)
+ {
+ if($GLOBALS['config']['config.summertime'] == "1")
+ {
+ $str = date("r", $timestamp);
+ $date = new DateTime($str);
+ $date->modify("+1 hour");
+ return $date->format($format);
+ }
+ else if(empty($timestamp))
+ return date($format);
+ }
+ else
+ {
+ if($GLOBALS['config']['config.summertime'] == "1") {
+ $summertime = 3600;
+ } else {
+ $summertime = 0;
+ }
+ if(empty($timestamp)) {
+ $timestamp = time() + SB_TIMEZONE*3600 + $summertime;
+ } else {
+ $timestamp = $timestamp + SB_TIMEZONE*3600 + $summertime;
+ }
+ }
+ return date($format, $timestamp);
}
/**
diff --git a/web_upload/init.php b/web_upload/init.php
index 04819eb6..b5836621 100644
--- a/web_upload/init.php
+++ b/web_upload/init.php
@@ -280,9 +280,9 @@
$dateformat = !empty($GLOBALS['config']['config.dateformat'])?$GLOBALS['config']['config.dateformat']:"m-d-y H:i";
if(empty($GLOBALS['config']['config.timezone'])) {
- TimeZone::setTimeZone('Europe/London');
+ define('SB_TIMEZONE', 0);
} else {
- TimeZone::setTimeZone($GLOBALS['config']['config.timezone']);
+ define('SB_TIMEZONE', $GLOBALS['config']['config.timezone']);
}
// ---------------------------------------------------
diff --git a/web_upload/pages/admin.bans.php b/web_upload/pages/admin.bans.php
index 6b402694..88561602 100644
--- a/web_upload/pages/admin.bans.php
+++ b/web_upload/pages/admin.bans.php
@@ -158,7 +158,7 @@
$protest_list = array();
foreach($protests as $prot)
{
- $prot['reason'] = wordwrap(htmlspecialchars($prot['reason']), 55, "
\n", true);
+ //$prot['reason'] = wordwrap(htmlspecialchars($prot['reason']), 55, "
\n", true);
$protestb = $GLOBALS['db']->GetRow("SELECT bid, ba.ip, ba.authid, ba.name, created, ends, length, reason, ba.aid, ba.sid, email,ad.user, CONCAT(se.ip,':',se.port), se.sid
FROM ".DB_PREFIX."_bans AS ba
LEFT JOIN ".DB_PREFIX."_admins AS ad ON ba.aid = ad.aid
@@ -317,7 +317,7 @@
$protest_list_archiv = array();
foreach($protestsarchiv as $prot)
{
- $prot['reason'] = wordwrap(htmlspecialchars($prot['reason']), 55, "
\n", true);
+ //$prot['reason'] = wordwrap(htmlspecialchars($prot['reason']), 55, "
\n", true);
if($prot['archiv'] != "2") {
$protestb = $GLOBALS['db']->GetRow("SELECT bid, ba.ip, ba.authid, ba.name, created, ends, length, reason, ba.aid, ba.sid, email,ad.user, CONCAT(se.ip,':',se.port), se.sid
diff --git a/web_upload/pages/admin.blockit.php b/web_upload/pages/admin.blockit.php
index 28ef95cf..e5d9ef58 100644
--- a/web_upload/pages/admin.blockit.php
+++ b/web_upload/pages/admin.blockit.php
@@ -115,7 +115,7 @@ function BlockPlayer($check, $sid, $num, $type, $length) {
}
}
} else
- $gothim = (strpos($r->SendCommand("ma_wb_mute {$type} {$length} {$check}"), "ok") !== FALSE);
+ $gothim = (strpos($r->SendCommand("ma_wb_block ".$type." ".$length." ".$check), "ok") !== FALSE);
if ($gothim) {
$GLOBALS['db']->Execute("UPDATE `".DB_PREFIX."_comms` SET sid = '".$sid."' WHERE authid = '".$check."' AND RemovedBy IS NULL;");
diff --git a/web_upload/pages/admin.settings.php b/web_upload/pages/admin.settings.php
index f086d211..ad751939 100644
--- a/web_upload/pages/admin.settings.php
+++ b/web_upload/pages/admin.settings.php
@@ -207,6 +207,8 @@
$debugmode = (isset($_POST['config_debug']) && $_POST['config_debug'] == "on" ? 1 : 0);
+ $summertime = (isset($_POST['config_summertime']) && $_POST['config_summertime'] == "on" ? 1 : 0);
+
$hideadmname = (isset($_POST['banlist_hideadmname']) && $_POST['banlist_hideadmname'] == "on" ? 1 : 0);
$hideplayerips = (isset($_POST['banlist_hideplayerips']) && $_POST['banlist_hideplayerips'] == "on" ? 1 : 0);
@@ -251,12 +253,13 @@
(" . (int)$submit . ", 'config.enablesubmit'),
(" . (int)$onlyinvolved . ", 'protest.emailonlyinvolved'),
(?, 'config.timezone'),
+ (?, 'config.summertime'),
(?, 'bans.customreasons'),
(" . (int)$_POST['default_page'] . ", 'config.defaultpage'),
(" . (int)$_POST['block_home'] . ", 'config.home.comms'),
(".(int)$admin_list_en.", 'page.adminlist'),
('".(int)$gendata."', 'page.footer.allow_show_data'),
- (".(int)$vay4_en.", 'page.vay4er')", array($_POST['template_title'], $_POST['template_logo'], $_POST['config_dateformat'], $_POST['config_dateformat2'], $_POST['dash_intro_text'], $tz_string, $cureason));
+ (".(int)$vay4_en.", 'page.vay4er')", array($_POST['template_title'], $_POST['template_logo'], $_POST['config_dateformat'], $_POST['config_dateformat2'], $_POST['dash_intro_text'], $tz_string, $summertime, $cureason));
/* SMTP */
$GLOBALS['db']->Execute(sprintf("REPLACE INTO `%s_settings` (`value`, `setting`) VALUES
@@ -355,10 +358,7 @@
// GC
$theme->assign('gc_enabled', $GLOBALS['config']['gamecache.enabled']);
- $theme->assign('gc_entrylf', $GLOBALS['config']['gamecache.entry_lifetime']);
-
- // TZ
- $theme->assign('timezones', TimeZone::getDataSet());
+ $theme->assign('gc_entrylf', $GLOBALS['config']['gamecache.entry_lifetime']);
$theme->display('page_admin_settings_settings.tpl');
echo '';
@@ -436,6 +436,7 @@
$('home_stats').checked = ;
$('config_debug').checked = ;
+$('config_summertime').checked = ;
$('enable_submit').checked = ;
$('enable_protest').checked = ;
$('enable_kickit').checked = ;
diff --git a/web_upload/theme/img/profile-pics/rabb1t.jpg b/web_upload/theme/img/profile-pics/rabb1t.jpg
new file mode 100644
index 00000000..cc6f7b96
Binary files /dev/null and b/web_upload/theme/img/profile-pics/rabb1t.jpg differ
diff --git a/web_upload/theme/js/functions.js b/web_upload/theme/js/functions.js
index 59de3da9..e1ce06d5 100644
--- a/web_upload/theme/js/functions.js
+++ b/web_upload/theme/js/functions.js
@@ -51,6 +51,11 @@ jQuery(document).ready(function(){
});
})();
+
+
+
+
+
/* --------------------------------------------------------
Scrollbar
-----------------------------------------------------------*/
@@ -896,4 +901,6 @@ jQuery(document).ready(function(){
});
+
+
});
\ No newline at end of file
diff --git a/web_upload/theme/page_admin_bans_protests.tpl b/web_upload/theme/page_admin_bans_protests.tpl
index a9afc820..be4b994c 100644
--- a/web_upload/theme/page_admin_bans_protests.tpl
+++ b/web_upload/theme/page_admin_bans_protests.tpl
@@ -7,15 +7,22 @@
{$protest_nav}
+
+
- | Ник |
+ Ник |
+ Собщение |
Steam ID |
Действие |
{foreach from="$protest_list" item="protest"}
+
- | {$protest.name} |
+ {$protest.name} |
+
+ {$protest.reason} |
+
{if $protest.authid!=""}{$protest.authid}{else}{$protest.ip}{/if} |
{if $permission_editban}
@@ -28,3 +35,9 @@
|
{/if}
+
+
+
+
+
+
diff --git a/web_upload/theme/page_admin_bans_protests_archiv.tpl b/web_upload/theme/page_admin_bans_protests_archiv.tpl
index fcefb451..b77624d7 100644
--- a/web_upload/theme/page_admin_bans_protests_archiv.tpl
+++ b/web_upload/theme/page_admin_bans_protests_archiv.tpl
@@ -1,31 +1,34 @@
{if NOT $permission_protests}
- Доступ запрещен!
+Доступ запрещен!
{else}
- {$aprotest_nav}
+ {$aprotest_nav}
-
-
- | Ник |
- Steam ID |
- Действие |
-
- {foreach from="$protest_list_archiv" item="protest"}
-
- | {if $protest.archiv!=2}{$protest.name}{else}бан удалён{/if} |
- {if $protest.authid!=""}{$protest.authid}{else}{$protest.ip}{/if} |
-
- {if $permission_editban}
- Восстановить -
- Удалить -
- {/if}
- Контакты
- |
-
- {/foreach}
-
+
+
+ | Ник |
+ Steam ID |
+ Сообщение |
+ Действие |
+
+ {foreach from="$protest_list_archiv" item="protest"}
+
+ | {if $protest.archiv!=2}{$protest.name}{else}бан удалён{/if} |
+ {if $protest.authid!=""}{$protest.authid}{else}{$protest.ip}{/if} |
+
+ {$protest.reason} |
+
+ {if $permission_editban}
+ Восстановить -
+ Удалить -
+ {/if}
+ Контакты
+ |
+
+ {/foreach}
+
{/if}
diff --git a/web_upload/theme/page_admin_settings_settings.tpl b/web_upload/theme/page_admin_settings_settings.tpl
index c6c91c54..1914db75 100644
--- a/web_upload/theme/page_admin_settings_settings.tpl
+++ b/web_upload/theme/page_admin_settings_settings.tpl
@@ -56,12 +56,62 @@
+
+
+
+
+
+{* *}