diff --git a/.gitignore b/.gitignore index cd2946ad..0e98a3e0 100644 --- a/.gitignore +++ b/.gitignore @@ -45,3 +45,10 @@ $RECYCLE.BIN/ Network Trash Folder Temporary Items .apdisk + +# ========================= +# SourceBans +# ========================= +web_upload/data/config.php +web_upload/data/theme_c/*.php +web_upload/data/theme/* diff --git a/web_upload/data/db.php b/web_upload/data/db.php index afd5ad9c..1a6c91d3 100644 --- a/web_upload/data/db.php +++ b/web_upload/data/db.php @@ -1,7 +1,6 @@ + * + * SourceBans++ распространяется под лицензией + * Creative Commons Attribution-NonCommercial-ShareAlike 3.0. + * + * Вы должны были получить копию лицензии вместе с этой работой. Если нет, + * см. . + * + * ПРОГРАММНОЕ ОБЕСПЕЧЕНИЕ ПРЕДОСТАВЛЯЕТСЯ «КАК ЕСТЬ», БЕЗ КАКИХ-ЛИБО + * ГАРАНТИЙ, ЯВНЫХ ИЛИ ПОДРАЗУМЕВАЕМЫХ, ВКЛЮЧАЯ, НО НЕ ОГРАНИЧИВАЯСЬ, + * ГАРАНТИИ ПРИГОДНОСТИ ДЛЯ КОНКРЕТНЫХ ЦЕЛЕЙ И НЕНАРУШЕНИЯ. НИ ПРИ КАКИХ + * ОБСТОЯТЕЛЬСТВАХ АВТОРЫ ИЛИ ПРАВООБЛАДАТЕЛИ НЕ НЕСУТ ОТВЕТСТВЕННОСТИ ЗА + * ЛЮБЫЕ ПРЕТЕНЗИИ, ИЛИ УБЫТКИ, НЕЗАВИСИМО ОТ ДЕЙСТВИЯ ДОГОВОРА, + * ГРАЖДАНСКОГО ПРАВОНАРУШЕНИЯ ИЛИ ИНАЧЕ, ВОЗНИКАЮЩИЕ ИЗ, ИЛИ В СВЯЗИ С + * ПРОГРАММНЫМ ОБЕСПЕЧЕНИЕМ ИЛИ ИСПОЛЬЗОВАНИЕМ ИЛИ ИНЫМИ ДЕЙСТВИЯМИ + * ПРОГРАММНОГО ОБЕСПЕЧЕНИЯ. + * + * Эта программа базируется на работе, охватываемой следующим авторским + * правом (ами): + * + * * SourceBans 1.4.11 + * Copyright © 2007-2014 SourceBans Team - Part of GameConnect + * Выпущено под лицензией CC BY-NC-SA 3.0 + * Страница: - + * + * * SourceBans TF2 Theme v1.0 + * Copyright © 2014 IceMan + * Страница: + * + ***************************************************************************/ + +if (!defined('IN_SB')) {echo("You should not be here. Only follow links!");die();} + +class CDonate { + private $hooks = array(); + + /** + * Add tariff + * + * @return int + */ + public function AddTariff($name, $price, $expired, $desc, $webflags, $serverflags, $immunity, $servers) { + $query = sprintf("INSERT INTO `%s_billing_admintariffs` (`name`, `price`, `expired`, `desc`, `webflags`, `serverflags`, `immunity`, `servers`) VALUES (%s, %d, %d, %s, %s, %s, %d, %s)", DB_PREFIX, $GLOBALS['db']->qstr($name), $price, $expired, $GLOBALS['db']->qstr($desc), $GLOBALS['db']->qstr($webflags), $GLOBALS['db']->qstr($serverflags), $immunity, $GLOBALS['db']->qstr($servers)); + $GLOBALS['db']->Execute($query); + return $GLOBALS['db']->Insert_ID(); + } + + /** + * Add admin request payment + * + * @return int + */ + public function AddPayment_Admin($name, $authid, $tariff, $vk = '', $skype = '') { + if (!$this->IsTariffExists($tariff)) + return -1; + + $query = sprintf("INSERT INTO `%s_billing_adminpayments` (`name`, `authid`, `tariff`, `vk`, `skype`) VALUES (%s, %s, %d, %s, %s);", DB_PREFIX, $GLOBALS['db']->qstr($name), $GLOBALS['db']->qstr($authid), (int) $tariff, $GLOBALS['db']->qstr($vk), $GLOBALS['db']->qstr($skype)); + $GLOBALS['db']->Execute($query); + return $GLOBALS['db']->Insert_ID(); + } + + /** + * Add unban request payment + * + * @return int + */ + public function AddPayment_Unban($banid) { + // IN DEVELOPING + } + + // HELPERS // + /** + * Get client IP + * + * @return string ClientIP + */ + public static function getIP() { + return $_SERVER[isset($_SERVER['HTTP_X_REAL_IP'])?'HTTP_X_REAL_IP':'REMOTE_ADDR']; + } + + /** + * Checks tariff on exists. + * + * @return bool + */ + public static function IsTariffExists($id) { + return $GLOBALS['db']->GetOne(sprintf("SELECT COUNT(*) FROM `%s_billing_admintariffs` WHERE `id` = %d;", DB_PREFIX, (int) $id)) == 1; + } + + /** + * Register event hook. + * + * @noreturn + */ + public function registerEvent($event_name, $func) { + $this->hooks[$event_name][] = $func; + } + + /** + * Fires a event for donate submodules + * + * @noreturn + */ + public function fireEvent($event_name, $data) { + if (!isset($this->hooks[$event_name])) + return; + + foreach ($this->hooks[$event_name] as $event_handler) { + call_user_func_array($event_handler, $data); + } + } +} + +// This is skeleton for custom user payment services. DO NOT EDIT THIS. +class CPaymentService { + /** + * Returns the name of this SourceBans Payment Service. + * + * @return string Service name + */ + public function getName() {} + + /** + * Returns the author name. Allowed HTML chars. + * + * @return string Author Name + */ + public function getAuthor() {} + + /** + * Returns the version. + * + * @return string Version + */ + public function getVersion() {} + + /** + * Returns the provider WebSite. + * + * @return string Provider site + */ + public function getUrl() {} + + /** + * Generate client sign. + * + * @return string ClientSign + */ + public function getClientSign() {} + + /** + * Generate notification sign. + * + * @return string NotifySign + */ + public function getNotifySign() {} + + /** + * Generate URL for client redirect. + * + * @return string URL. + */ + public function generatePaymentUrl() {} +} diff --git a/web_upload/includes/SessionManager.php b/web_upload/includes/SessionManager.php new file mode 100644 index 00000000..b9fe0c0e --- /dev/null +++ b/web_upload/includes/SessionManager.php @@ -0,0 +1,116 @@ + hash('sha256', $_SERVER['HTTP_USER_AGENT']), + 'expires' => time() + $expires + ]; + } else if ((rand(1, 100) <= 10) && !isset($_POST['xajax'])) { + self::regenerateSession(); + } + } + } + + public static function checkSession() { + if (!isset($_SESSION['user_agent'])) + return false; + + if (!self::validateSession() || !self::preventHijacking()) { + session_destroy(); + session_start(); + + return false; + } + + return true; + } + + public static function closeWrite() { + @session_write_close(); + } + + protected static function preventHijacking() { + if (!isset($_SESSION['user_agent'])) + return false; + + if ($_SESSION['user_agent'] !== hash('sha256', $_SERVER['HTTP_USER_AGENT'])) + return false; + + return true; + } + + protected static function regenerateSession() { + $_SESSION['expires'] = time() + 10; + + session_regenerate_id(false); + $newSession = session_id(); + + self::closeWrite(); + session_id($newSession); + session_start(); + unset($_SESSION['expires']); + } + + protected static function validateSession() { + return ( + !isset($_SESSION['expires']) || + $_SESSION['expires'] >= time() + ); + } + + /** + * @section CSRF + */ + public static function initCsrf() { + if (isset($_SESSION['csrf'])) + return; + + $_SESSION['csrf'] = md5($_SESSION['user_agent']); + $_SESSION['csrf_valid'] = time() + 45; + } + + public static function getCsrfToken() { + if (!isset($_SESSION['csrf'])) + self::initCsrf(); + return $_SESSION['csrf']; + } + + public static function checkCsrf($where = INPUT_POST) { + if (!isset($_SESSION['csrf'])) + return false; + if ($_SESSION['csrf_valid'] <= time()) + return false; + + $valid = (self::getCsrfToken() == filter_input($where, '__sb_csrf', FILTER_SANITIZE_STRING)); + + if ($valid) + $_SESSION['csrf_valid'] = time() + 45; + return $valud; + } + + /** + * @section Session Name + */ + public static function getSessionName() { + if (defined('SB_SESSION')) { + $session = constant('SB_SESSION'); + if (!empty($session)) + return $session; + } + + return substr(md5($_SERVER['SERVER_NAME']), 0, 8); + } +} \ No newline at end of file diff --git a/web_upload/includes/__loader.php b/web_upload/includes/__loader.php new file mode 100644 index 00000000..a7d39d6e --- /dev/null +++ b/web_upload/includes/__loader.php @@ -0,0 +1,13 @@ +Statement = new \DatabaseResult($this->PDO->prepare($query)); } - public function GetStatement($cleanup = true) { - if ($this->Statement === NULL) - throw new \LogicException('No one query has been prepared'); - - $Stmt = $this->Statement; - if ($cleanup) - $this->Statement = null; - - return $Stmt; - } - public function BindData($name, $value, $type = NULL) { if ($this->Statement === NULL) throw new \LogicException('No one query has been prepared'); diff --git a/web_upload/includes/system-functions.php b/web_upload/includes/system-functions.php index ea368652..6e7ca5d9 100644 --- a/web_upload/includes/system-functions.php +++ b/web_upload/includes/system-functions.php @@ -1041,12 +1041,34 @@ function renderSteam2($accountId, $universe) return "STEAM_" . $universe . ":" . ($accountId & 1) . ":" . ($accountId >> 1); } -function SBDate($format, $timestamp = -1) { - TimeZone::setFormat($format); - if ($timestamp == -1) - $timestamp = time(); - - return TimeZone::FormatTime($timestamp); +function SBDate($format, $timestamp="") +{ + if(version_compare(PHP_VERSION, "5") != -1) + { + if($GLOBALS['config']['config.summertime'] == "1") + { + $str = date("r", $timestamp); + $date = new DateTime($str); + $date->modify("+1 hour"); + return $date->format($format); + } + else if(empty($timestamp)) + return date($format); + } + else + { + if($GLOBALS['config']['config.summertime'] == "1") { + $summertime = 3600; + } else { + $summertime = 0; + } + if(empty($timestamp)) { + $timestamp = time() + SB_TIMEZONE*3600 + $summertime; + } else { + $timestamp = $timestamp + SB_TIMEZONE*3600 + $summertime; + } + } + return date($format, $timestamp); } /** diff --git a/web_upload/init.php b/web_upload/init.php index 04819eb6..b5836621 100644 --- a/web_upload/init.php +++ b/web_upload/init.php @@ -280,9 +280,9 @@ $dateformat = !empty($GLOBALS['config']['config.dateformat'])?$GLOBALS['config']['config.dateformat']:"m-d-y H:i"; if(empty($GLOBALS['config']['config.timezone'])) { - TimeZone::setTimeZone('Europe/London'); + define('SB_TIMEZONE', 0); } else { - TimeZone::setTimeZone($GLOBALS['config']['config.timezone']); + define('SB_TIMEZONE', $GLOBALS['config']['config.timezone']); } // --------------------------------------------------- diff --git a/web_upload/pages/admin.bans.php b/web_upload/pages/admin.bans.php index 6b402694..88561602 100644 --- a/web_upload/pages/admin.bans.php +++ b/web_upload/pages/admin.bans.php @@ -158,7 +158,7 @@ $protest_list = array(); foreach($protests as $prot) { - $prot['reason'] = wordwrap(htmlspecialchars($prot['reason']), 55, "
\n", true); + //$prot['reason'] = wordwrap(htmlspecialchars($prot['reason']), 55, "
\n", true); $protestb = $GLOBALS['db']->GetRow("SELECT bid, ba.ip, ba.authid, ba.name, created, ends, length, reason, ba.aid, ba.sid, email,ad.user, CONCAT(se.ip,':',se.port), se.sid FROM ".DB_PREFIX."_bans AS ba LEFT JOIN ".DB_PREFIX."_admins AS ad ON ba.aid = ad.aid @@ -317,7 +317,7 @@ $protest_list_archiv = array(); foreach($protestsarchiv as $prot) { - $prot['reason'] = wordwrap(htmlspecialchars($prot['reason']), 55, "
\n", true); + //$prot['reason'] = wordwrap(htmlspecialchars($prot['reason']), 55, "
\n", true); if($prot['archiv'] != "2") { $protestb = $GLOBALS['db']->GetRow("SELECT bid, ba.ip, ba.authid, ba.name, created, ends, length, reason, ba.aid, ba.sid, email,ad.user, CONCAT(se.ip,':',se.port), se.sid diff --git a/web_upload/pages/admin.blockit.php b/web_upload/pages/admin.blockit.php index 28ef95cf..e5d9ef58 100644 --- a/web_upload/pages/admin.blockit.php +++ b/web_upload/pages/admin.blockit.php @@ -115,7 +115,7 @@ function BlockPlayer($check, $sid, $num, $type, $length) { } } } else - $gothim = (strpos($r->SendCommand("ma_wb_mute {$type} {$length} {$check}"), "ok") !== FALSE); + $gothim = (strpos($r->SendCommand("ma_wb_block ".$type." ".$length." ".$check), "ok") !== FALSE); if ($gothim) { $GLOBALS['db']->Execute("UPDATE `".DB_PREFIX."_comms` SET sid = '".$sid."' WHERE authid = '".$check."' AND RemovedBy IS NULL;"); diff --git a/web_upload/pages/admin.settings.php b/web_upload/pages/admin.settings.php index f086d211..ad751939 100644 --- a/web_upload/pages/admin.settings.php +++ b/web_upload/pages/admin.settings.php @@ -207,6 +207,8 @@ $debugmode = (isset($_POST['config_debug']) && $_POST['config_debug'] == "on" ? 1 : 0); + $summertime = (isset($_POST['config_summertime']) && $_POST['config_summertime'] == "on" ? 1 : 0); + $hideadmname = (isset($_POST['banlist_hideadmname']) && $_POST['banlist_hideadmname'] == "on" ? 1 : 0); $hideplayerips = (isset($_POST['banlist_hideplayerips']) && $_POST['banlist_hideplayerips'] == "on" ? 1 : 0); @@ -251,12 +253,13 @@ (" . (int)$submit . ", 'config.enablesubmit'), (" . (int)$onlyinvolved . ", 'protest.emailonlyinvolved'), (?, 'config.timezone'), + (?, 'config.summertime'), (?, 'bans.customreasons'), (" . (int)$_POST['default_page'] . ", 'config.defaultpage'), (" . (int)$_POST['block_home'] . ", 'config.home.comms'), (".(int)$admin_list_en.", 'page.adminlist'), ('".(int)$gendata."', 'page.footer.allow_show_data'), - (".(int)$vay4_en.", 'page.vay4er')", array($_POST['template_title'], $_POST['template_logo'], $_POST['config_dateformat'], $_POST['config_dateformat2'], $_POST['dash_intro_text'], $tz_string, $cureason)); + (".(int)$vay4_en.", 'page.vay4er')", array($_POST['template_title'], $_POST['template_logo'], $_POST['config_dateformat'], $_POST['config_dateformat2'], $_POST['dash_intro_text'], $tz_string, $summertime, $cureason)); /* SMTP */ $GLOBALS['db']->Execute(sprintf("REPLACE INTO `%s_settings` (`value`, `setting`) VALUES @@ -355,10 +358,7 @@ // GC $theme->assign('gc_enabled', $GLOBALS['config']['gamecache.enabled']); - $theme->assign('gc_entrylf', $GLOBALS['config']['gamecache.entry_lifetime']); - - // TZ - $theme->assign('timezones', TimeZone::getDataSet()); + $theme->assign('gc_entrylf', $GLOBALS['config']['gamecache.entry_lifetime']); $theme->display('page_admin_settings_settings.tpl'); echo ''; @@ -436,6 +436,7 @@ $('home_stats').checked = ; $('config_debug').checked = ; +$('config_summertime').checked = ; $('enable_submit').checked = ; $('enable_protest').checked = ; $('enable_kickit').checked = ; diff --git a/web_upload/theme/img/profile-pics/rabb1t.jpg b/web_upload/theme/img/profile-pics/rabb1t.jpg new file mode 100644 index 00000000..cc6f7b96 Binary files /dev/null and b/web_upload/theme/img/profile-pics/rabb1t.jpg differ diff --git a/web_upload/theme/js/functions.js b/web_upload/theme/js/functions.js index 59de3da9..e1ce06d5 100644 --- a/web_upload/theme/js/functions.js +++ b/web_upload/theme/js/functions.js @@ -51,6 +51,11 @@ jQuery(document).ready(function(){ }); })(); + + + + + /* -------------------------------------------------------- Scrollbar -----------------------------------------------------------*/ @@ -896,4 +901,6 @@ jQuery(document).ready(function(){ }); + + }); \ No newline at end of file diff --git a/web_upload/theme/page_admin_bans_protests.tpl b/web_upload/theme/page_admin_bans_protests.tpl index a9afc820..be4b994c 100644 --- a/web_upload/theme/page_admin_bans_protests.tpl +++ b/web_upload/theme/page_admin_bans_protests.tpl @@ -7,15 +7,22 @@
{$protest_nav}
+ + - + + {foreach from="$protest_list" item="protest"} + - + + + +
НикНикСобщение Steam ID Действие
{$protest.name}{$protest.name}{$protest.reason}{if $protest.authid!=""}{$protest.authid}{else}{$protest.ip}{/if} {if $permission_editban} @@ -28,3 +35,9 @@
{/if} + + + + + + diff --git a/web_upload/theme/page_admin_bans_protests_archiv.tpl b/web_upload/theme/page_admin_bans_protests_archiv.tpl index fcefb451..b77624d7 100644 --- a/web_upload/theme/page_admin_bans_protests_archiv.tpl +++ b/web_upload/theme/page_admin_bans_protests_archiv.tpl @@ -1,31 +1,34 @@ {if NOT $permission_protests} - Доступ запрещен! +Доступ запрещен! {else}

Архив протестов банов ({$protest_count_archiv})Кликните на имя игрока для просмотра подробностей бана

- {$aprotest_nav} + {$aprotest_nav}
- - - - - - - {foreach from="$protest_list_archiv" item="protest"} - - - - - - {/foreach} -
НикSteam IDДействие
{if $protest.archiv!=2}{$protest.name}{else}бан удалён{/if}{if $protest.authid!=""}{$protest.authid}{else}{$protest.ip}{/if} - {if $permission_editban} - Восстановить - - Удалить - - {/if} - Контакты -
+ + + + + + + + {foreach from="$protest_list_archiv" item="protest"} + + + + + + + + {/foreach} +
НикSteam IDСообщениеДействие
{if $protest.archiv!=2}{$protest.name}{else}бан удалён{/if}{if $protest.authid!=""}{$protest.authid}{else}{$protest.ip}{/if}{$protest.reason} + {if $permission_editban} + Восстановить - + Удалить - + {/if} + Контакты +
{/if} diff --git a/web_upload/theme/page_admin_settings_settings.tpl b/web_upload/theme/page_admin_settings_settings.tpl index c6c91c54..1914db75 100644 --- a/web_upload/theme/page_admin_settings_settings.tpl +++ b/web_upload/theme/page_admin_settings_settings.tpl @@ -56,12 +56,62 @@
+
+
+ +
+
+{*
+ +
+
+ +
+
+
*}
diff --git a/web_upload/updater/store.php b/web_upload/updater/store.php index 0f985bbe..6908af9f 100644 --- a/web_upload/updater/store.php +++ b/web_upload/updater/store.php @@ -52,7 +52,5 @@ 520 => '520.php', 521 => '521.php', 522 => '522.php', - 523 => '523.php', - 524 => '524.php', // drop summertime support - 525 => '525.php', // reset default TZ + 523 => '523.php' ];