PageRenderTime 46ms CodeModel.GetById 26ms RepoModel.GetById 0ms app.codeStats 0ms

/mcsrv/joinserver.php

https://bitbucket.org/mhell/mhmcr
PHP | 44 lines | 44 code | 0 blank | 0 comment | 13 complexity | 6afffdb342af138e323f7438e2dad115 MD5 | raw file
  1. <?php
  2. require_once('../system.php');
  3. if (!empty($_GET['sessionId']) and !empty($_GET['user']) and !empty($_GET['serverId'])) {
  4. $sessionid = mysql_real_escape_string($_GET['sessionId']);
  5. $login = mysql_real_escape_string($_GET['user']);
  6. $serverid = mysql_real_escape_string($_GET['serverId']);
  7. if (!preg_match("/^[a-zA-Z0-9_-]+$/", $login)) {
  8. $str = "Join Server [Bad symbols Login] ";
  9. echo "Bad login";
  10. } elseif (!preg_match("/^[0-9]+$/", $sessionid)) {
  11. $str = "Join Server [Bad symbols SessionId] ";
  12. echo "Bad login";
  13. } elseif (!preg_match("/^[a-z0-9_-]+$/", $serverid)) {
  14. $str = "Join Server [Bad symbols ServerId] ";
  15. echo "Bad login";
  16. } else {
  17. $str = "Join Server [Info] Session [$sessionid] | User [$login] | Server [$serverid]\r\n";
  18. $result = mysql_query("SELECT ".$db['users']['username']." FROM ".$db['tables']['users']." WHERE ".$db['users']['session']."='$sessionid' AND ".$db['users']['username']."='$login' AND ".$db['users']['server']."='$serverid'");
  19. if (mysql_num_rows($result) == 1) {
  20. $str .= "Join Server [Result] Relogin OK";
  21. echo "OK";
  22. } else {
  23. $result = mysql_query("UPDATE ".$db['tables']['users']." SET ".$db['users']['server']."='$serverid' WHERE ".$db['users']['session']."='$sessionid' AND ".$db['users']['username']."='$login' LIMIT 1;");
  24. if (mysql_affected_rows() == 1) {
  25. $str .= "Join Server [Result] Login OK";
  26. echo "OK";
  27. } else {
  28. $str .= "Join Server [Result] Bad Login NO";
  29. echo "Bad login";
  30. }
  31. }
  32. }
  33. } else {
  34. $str = "Join Server [Result] GET parameter empty ";
  35. if (empty($_GET['user']))
  36. $str .= "LOGIN parameter is empty | ";
  37. if (empty($_GET['sessionId']))
  38. $str .= "SESSIONID parameter is empty";
  39. if (empty($_GET['serverId']))
  40. $str .= "SERVERID parameter is empty";
  41. echo "Bad login";
  42. }
  43. vtxtlog($str);
  44. ?>