/mcsrv/joinserver.php
PHP | 44 lines | 44 code | 0 blank | 0 comment | 13 complexity | 6afffdb342af138e323f7438e2dad115 MD5 | raw file
- <?php
- require_once('../system.php');
- if (!empty($_GET['sessionId']) and !empty($_GET['user']) and !empty($_GET['serverId'])) {
- $sessionid = mysql_real_escape_string($_GET['sessionId']);
- $login = mysql_real_escape_string($_GET['user']);
- $serverid = mysql_real_escape_string($_GET['serverId']);
- if (!preg_match("/^[a-zA-Z0-9_-]+$/", $login)) {
- $str = "Join Server [Bad symbols Login] ";
- echo "Bad login";
- } elseif (!preg_match("/^[0-9]+$/", $sessionid)) {
- $str = "Join Server [Bad symbols SessionId] ";
- echo "Bad login";
- } elseif (!preg_match("/^[a-z0-9_-]+$/", $serverid)) {
- $str = "Join Server [Bad symbols ServerId] ";
- echo "Bad login";
- } else {
- $str = "Join Server [Info] Session [$sessionid] | User [$login] | Server [$serverid]\r\n";
- $result = mysql_query("SELECT ".$db['users']['username']." FROM ".$db['tables']['users']." WHERE ".$db['users']['session']."='$sessionid' AND ".$db['users']['username']."='$login' AND ".$db['users']['server']."='$serverid'");
- if (mysql_num_rows($result) == 1) {
- $str .= "Join Server [Result] Relogin OK";
- echo "OK";
- } else {
- $result = mysql_query("UPDATE ".$db['tables']['users']." SET ".$db['users']['server']."='$serverid' WHERE ".$db['users']['session']."='$sessionid' AND ".$db['users']['username']."='$login' LIMIT 1;");
- if (mysql_affected_rows() == 1) {
- $str .= "Join Server [Result] Login OK";
- echo "OK";
- } else {
- $str .= "Join Server [Result] Bad Login NO";
- echo "Bad login";
- }
- }
- }
- } else {
- $str = "Join Server [Result] GET parameter empty ";
- if (empty($_GET['user']))
- $str .= "LOGIN parameter is empty | ";
- if (empty($_GET['sessionId']))
- $str .= "SESSIONID parameter is empty";
- if (empty($_GET['serverId']))
- $str .= "SERVERID parameter is empty";
- echo "Bad login";
- }
- vtxtlog($str);
- ?>