From 312a61a960f782f007d06fc9b4fd607decdf7993 Mon Sep 17 00:00:00 2001 From: SilicaPi Date: Fri, 29 Jan 2021 19:33:13 +1300 Subject: [PATCH] Add /admin/ page to game-site --- .github/workflows/dotnet.yml | 0 .../Properties/PublishProfiles/Linux64.pubxml | 0 .../PublishProfiles/LinuxARM.pubxml | 0 .../PublishProfiles/LinuxARM64.pubxml | 0 .../Properties/PublishProfiles/Win32.pubxml | 0 WebInterface/game-site/admin/administrate.php | 194 ++++++++++++++++++ WebInterface/game-site/admin/index.php | 140 +++++++++++++ WebInterface/game-site/admin/login.php | 153 ++++++++++++++ WebInterface/game-site/config.php | 12 +- WebInterface/game-site/horseisle.php | 2 +- WebInterface/master-site/index.php | 4 +- WebInterface/master-site/web/newuser.php | 11 +- 12 files changed, 508 insertions(+), 8 deletions(-) mode change 100644 => 100755 .github/workflows/dotnet.yml mode change 100644 => 100755 Horse Isle Server/HorseIsleServer/Properties/PublishProfiles/Linux64.pubxml mode change 100644 => 100755 Horse Isle Server/HorseIsleServer/Properties/PublishProfiles/LinuxARM.pubxml mode change 100644 => 100755 Horse Isle Server/HorseIsleServer/Properties/PublishProfiles/LinuxARM64.pubxml mode change 100644 => 100755 Horse Isle Server/HorseIsleServer/Properties/PublishProfiles/Win32.pubxml create mode 100755 WebInterface/game-site/admin/administrate.php create mode 100755 WebInterface/game-site/admin/index.php create mode 100755 WebInterface/game-site/admin/login.php diff --git a/.github/workflows/dotnet.yml b/.github/workflows/dotnet.yml old mode 100644 new mode 100755 diff --git a/Horse Isle Server/HorseIsleServer/Properties/PublishProfiles/Linux64.pubxml b/Horse Isle Server/HorseIsleServer/Properties/PublishProfiles/Linux64.pubxml old mode 100644 new mode 100755 diff --git a/Horse Isle Server/HorseIsleServer/Properties/PublishProfiles/LinuxARM.pubxml b/Horse Isle Server/HorseIsleServer/Properties/PublishProfiles/LinuxARM.pubxml old mode 100644 new mode 100755 diff --git a/Horse Isle Server/HorseIsleServer/Properties/PublishProfiles/LinuxARM64.pubxml b/Horse Isle Server/HorseIsleServer/Properties/PublishProfiles/LinuxARM64.pubxml old mode 100644 new mode 100755 diff --git a/Horse Isle Server/HorseIsleServer/Properties/PublishProfiles/Win32.pubxml b/Horse Isle Server/HorseIsleServer/Properties/PublishProfiles/Win32.pubxml old mode 100644 new mode 100755 diff --git a/WebInterface/game-site/admin/administrate.php b/WebInterface/game-site/admin/administrate.php new file mode 100755 index 0000000..b27f3a3 --- /dev/null +++ b/WebInterface/game-site/admin/administrate.php @@ -0,0 +1,194 @@ + 86400]); +?> + + + + + + + + + + + + + + + +
Welcome to Horse Isle 
+ + + + + + + +
USER:
PASS:
(Forgot?)
+ +
 
+
+ +
+ +prepare("SELECT id FROM Users WHERE username=?"); + $stmt->bind_param("s", $_POST["USERNAME"]); + $stmt->execute(); + $result = $stmt->get_result(); + $user_id = intval($result->fetch_row()[0]); + + if(isset($_POST["ADMIN"])) + { + $stmt = $connect->prepare("UPDATE Users SET Admin=\"YES\" WHERE Id=?"); + $stmt->bind_param("i", $user_id); + $stmt->execute(); + } + else + { + $stmt = $connect->prepare("UPDATE Users SET Admin=\"NO\" WHERE Id=?"); + $stmt->bind_param("i", $user_id); + $stmt->execute(); + } + if(isset($_POST["MOD"])) + { + $stmt = $connect->prepare("UPDATE Users SET Moderator=\"YES\" WHERE Id=?"); + $stmt->bind_param("i", $user_id); + $stmt->execute(); + } + else + { + $stmt = $connect->prepare("UPDATE Users SET Moderator=\"NO\" WHERE Id=?"); + $stmt->bind_param("i", $user_id); + $stmt->execute(); + } + echo("
Permissions updated successfully.
"); + echo("Go back"); + exit(); + } + } +?> +
HISP - Admin Portal
+
Player Operations
+
+ Username: + +
+ Administrator + Moderator + + +
+
+
+ Logout from admin portal
+
+ + + + + + + +
+
+[ Rules ] +[ Terms and Conditions ] +[ Privacy Policy ]
+[ Expected Behavior ] +[ Contact Us ] +[ Credits ]
+Copyright © 2020 Horse Isle + + + + + diff --git a/WebInterface/game-site/admin/index.php b/WebInterface/game-site/admin/index.php new file mode 100755 index 0000000..ff6149d --- /dev/null +++ b/WebInterface/game-site/admin/index.php @@ -0,0 +1,140 @@ + 86400]); +$_SESSION["logged_in"] = false; +?> + + + + + + + + + + + + + + + +
Welcome to Horse Isle 
+ + + + + + + +
USER:
PASS:
(Forgot?)
+ +
 
+
+ +
+ +
HISP - Admin Portal
+
This page requires a password, please enter it below:
+
+ + +
+
+
No idea? check config.php of game-site/
+ + + + + + + +
+
+[ Rules ] +[ Terms and Conditions ] +[ Privacy Policy ]
+[ Expected Behavior ] +[ Contact Us ] +[ Credits ]
+Copyright © 2020 Horse Isle + + + + + diff --git a/WebInterface/game-site/admin/login.php b/WebInterface/game-site/admin/login.php new file mode 100755 index 0000000..e0e5487 --- /dev/null +++ b/WebInterface/game-site/admin/login.php @@ -0,0 +1,153 @@ + 86400]); +?> + + + + + + + + + + + + + + + +
Welcome to Horse Isle 
+ + + + + + + +
USER:
PASS:
(Forgot?)
+ +
 
+
+ +
+ +
HISP - Super Admin Login
+ The password you entered was NOT correct.
"); + echo("Try Again..."); + } + } + else + { + echo("
You didnt enter a password.
"); + echo("Try Again..."); + } +?> + + + + + + + +
+
+[ Rules ] +[ Terms and Conditions ] +[ Privacy Policy ]
+[ Expected Behavior ] +[ Contact Us ] +[ Credits ]
+Copyright © 2020 Horse Isle + + + + + diff --git a/WebInterface/game-site/config.php b/WebInterface/game-site/config.php index 03afba6..2d71612 100755 --- a/WebInterface/game-site/config.php +++ b/WebInterface/game-site/config.php @@ -1,4 +1,14 @@ \ No newline at end of file + +$dbname = 'beta'; +$dbuser = 'root'; +$dbpass = 'test123'; +$dbhost = '127.0.0.1'; + +# CHANGE THESE CREDENTIALS, +# ANYONE CAN BECOME AN ADMIN ON YOUR SERVER +# IF THEY HAVE THIS PASSWORD!!! +$admin_portal_password = "test123"; +?> diff --git a/WebInterface/game-site/horseisle.php b/WebInterface/game-site/horseisle.php index efffe97..f0014df 100755 --- a/WebInterface/game-site/horseisle.php +++ b/WebInterface/game-site/horseisle.php @@ -1,5 +1,5 @@ diff --git a/WebInterface/master-site/index.php b/WebInterface/master-site/index.php index e25af6a..54ac5d7 100755 --- a/WebInterface/master-site/index.php +++ b/WebInterface/master-site/index.php @@ -6,7 +6,7 @@ $connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to c $onlineUsers = mysqli_query($connect, "SELECT COUNT(1) FROM OnlineUsers"); $onlineSubscribers = mysqli_query($connect, "SELECT COUNT(1) FROM OnlineUsers WHERE Subscribed = 'YES'"); $onlineModerators = mysqli_query($connect, "SELECT COUNT(1) FROM OnlineUsers WHERE Moderator = 'YES'"); -$activeAccounts = mysqli_query($connect, "SELECT COUNT(1) FROM users"); +$activeAccounts = mysqli_query($connect, "SELECT COUNT(1) FROM Users"); $fmt = numfmt_create( 'en_US', NumberFormatter::DECIMAL ); @@ -303,4 +303,4 @@ $fmt = numfmt_create( 'en_US', NumberFormatter::DECIMAL ); \ No newline at end of file + diff --git a/WebInterface/master-site/web/newuser.php b/WebInterface/master-site/web/newuser.php index 4788187..38ff986 100755 --- a/WebInterface/master-site/web/newuser.php +++ b/WebInterface/master-site/web/newuser.php @@ -214,15 +214,18 @@ $country = $_POST['country']; $gender = $_POST['sex']; $connect = mysqli_connect($dbhost, $dbuser, $dbpass,$dbname) or die("Unable to connect to '$dbhost'"); -$result = mysqli_query($connect, "SELECT COUNT(1) FROM users"); +$result = mysqli_query($connect, "SELECT MAX(Id) FROM Users"); $user_id = $result->fetch_row()[0] + 1; +if($user_id == NULL) + $user_id = 0; + $salt = random_bytes ( 64 ); $answer_hash = hash_salt($reset_answer,$salt); $password_hash = hash_salt($password,$salt); $hex_salt = bin2hex($salt); -$stmt = $connect->prepare("SELECT COUNT(1) FROM users WHERE Username=?"); +$stmt = $connect->prepare("SELECT COUNT(1) FROM Users WHERE Username=?"); $stmt->bind_param("s", $username); $stmt->execute(); $result = $stmt->get_result(); @@ -230,9 +233,9 @@ $count = intval($result->fetch_row()[0]); if($count !== 0) die("Username is allready in use."); -$stmt = $connect->prepare("INSERT INTO users VALUES(?,?,?,?,?,?,?,?,?,?,'NO','NO')"); +$stmt = $connect->prepare("INSERT INTO Users VALUES(?,?,?,?,?,?,?,?,?,?,'NO','NO')"); $stmt->bind_param("isssssisss", $user_id, $username, $email, $country, $reset_question, $answer_hash, $age, $password_hash, $hex_salt, $gender); $stmt->execute(); echo('Account Created!'); } -?> \ No newline at end of file +?>