mhmcr /mcsrv/joinserver.php

Language PHP Lines 44
MD5 Hash 6afffdb342af138e323f7438e2dad115 Estimated Cost $968 (why?)
Repository https://bitbucket.org/mhell/mhmcr.git View Raw File View Project SPDX
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
<?php
	require_once('../system.php');
	if (!empty($_GET['sessionId']) and !empty($_GET['user']) and !empty($_GET['serverId'])) {
		$sessionid = mysql_real_escape_string($_GET['sessionId']);
		$login     = mysql_real_escape_string($_GET['user']);
		$serverid  = mysql_real_escape_string($_GET['serverId']);
		if (!preg_match("/^[a-zA-Z0-9_-]+$/", $login)) {
			$str = "Join Server [Bad symbols Login] ";
			echo "Bad login";
		} elseif (!preg_match("/^[0-9]+$/", $sessionid)) {
			$str = "Join Server [Bad symbols SessionId] ";
			echo "Bad login";
		} elseif (!preg_match("/^[a-z0-9_-]+$/", $serverid)) {
			$str = "Join Server [Bad symbols ServerId] ";
			echo "Bad login";
		} else {
			$str    = "Join Server [Info] Session [$sessionid] | User [$login] | Server [$serverid]\r\n";
			$result = mysql_query("SELECT ".$db['users']['username']." FROM ".$db['tables']['users']." WHERE ".$db['users']['session']."='$sessionid' AND ".$db['users']['username']."='$login' AND ".$db['users']['server']."='$serverid'");
			if (mysql_num_rows($result) == 1) {
				$str .= "Join Server [Result] Relogin OK";
				echo "OK";
			} else {
				$result = mysql_query("UPDATE ".$db['tables']['users']." SET ".$db['users']['server']."='$serverid' WHERE ".$db['users']['session']."='$sessionid' AND ".$db['users']['username']."='$login' LIMIT 1;");
				if (mysql_affected_rows() == 1) {
					$str .= "Join Server [Result] Login OK";
					echo "OK";
				} else {
					$str .= "Join Server [Result] Bad Login NO";
					echo "Bad login";
				}
			}
		}
	} else {
		$str = "Join Server [Result] GET parameter empty ";
		if (empty($_GET['user']))
			$str .= "LOGIN parameter is empty | ";
		if (empty($_GET['sessionId']))
			$str .= "SESSIONID parameter is empty";
		if (empty($_GET['serverId']))
			$str .= "SERVERID parameter is empty";
		echo "Bad login";
	}
	vtxtlog($str);
?>
Back to Top