<?
/*
# fragzzPanel v2.0
# Author: Chris Adams

The Contents of this file are subject to the VTDN General License, which can be found at:
http://www.vtdn.com/index.php?page=general_license
You may NOT use this file EXCEPT in compliance with the License.

The Contents of this file are Copyright ©2002 Vision Tech Design. All rights reserved.
Developers: Chris Adams

You MAY make changes to this file, but doing so will make any support offered for this file
VOID. This file may not be distributed to ANYONE.

*/
?>
<?
header ("Expires: Mon, 26 Jul 1997 05:00:00 GMT");
header ("Last-Modified: " . gmdate("D, d M Y H:i:s") . " GMT");

include('header.php');
?>
<!-- START OF HEADER -->
<!--
.:fragzz.com:.
NOTICE
This document is ©2003 Fragzz Network,
and may not be reproduced under any circumstances,
without expressed authorisation from C Adams.

Stealing is bad, don't do it. Website owners are more likely to let you use something if you ask first,
than let you use it when you don't ask. We will bring you down into hell with us if you nick summit!
Okay?
-->
<?

class fragzzPanel {

    // Set $self to the URL which fragzzPanel should use when linking to itself
    var $self = './?a=1';

    // Change #333333 to another colour to change the default 'not-selected' tab colour
    var $bg = array('home' => '#333333','control' => '#333333','config' => '#333333','logs' => '#333333','support' => '#333333');

    // Change #666666 to another colour to change the default 'selected' tab colour
    var $high_bg = '#666666';

    // Leave these alone
    var $server_id;
    var $tab_output = '';
    var $output = '';
    var $error = array();
    var $control_message = '';
    var $password_message = '';
    var $advconfig_message = '';

    var $s_gametype;
    var $s_username;
    var $s_password;
    var $s_ip;
    var $s_port;

    var $current_status;
    var $disk_used;

    var $server_cfg;
    var $server_log;

    var $status = 'loggedout';
    var $password;
    var $referer;

    function init () {
        global $cfgs;
        global $DB;

        extract($GLOBALS);

        if($GLOBALS['logout'] == true) {
            $this->wipe_login();
        }

        if($this->status == 'loggedin') {

            if($GLOBALS['control_action'] == 'Update Password') {
                $this->update_password();
            }

            $serverSQL = $DB->query("SELECT S.gametype, I.username, I.password, S.ip, S.port, I.current_config, I.player_slots, I.branding, I.public, I.current_box FROM s_db AS S LEFT JOIN s_internal_db AS I ON S.server_id = I.server_id WHERE S.server_id = '$this->server_id'") or die($DB->error());
            list($this->s_gametype,$this->s_username,$this->s_password,$this->s_ip,$this->s_port,$this->s_current_config,$this->s_player_slots,$this->s_branding, $this->s_public, $this->s_current_box) = mysql_fetch_row($serverSQL);

            session_unregister('last_username');
            session_register('last_username');
            $_SESSION["last_username"] == $this->s_username;

            $this->current_status = `/usr/bin/fragzzPanel_status /servers/$this->s_username`;
            $this->disk_used = `du -hs /servers/$this->s_username`;

            $this->current_status = str_replace('Incorrectly built binary which accesses errno, h_errno or _res directly. Needs to be fixed.','',$this->current_status);

            if($GLOBALS['control_action'] == 'Restart') {
                if($this->s_username == 'demo') {
                    $this->error[microtime()] = 'Disabled for demo!!';
                    $this->end();
                }
                $this->restart();
            }

            if($GLOBALS['control_action'] == 'Start') {
                if($this->s_username == 'demo') {
                    $this->error[microtime()] = 'Disabled for demo!!';
                    $this->end();
                }
                $this->start();
            }

            if($GLOBALS['control_action'] == 'Stop') {
                if($this->s_username == 'demo') {
                    $this->error[microtime()] = 'Disabled for demo!!';
                    $this->end();
                }

                $this->stop();
            }

            if($GLOBALS['config_action'] == 'apply new config') {
                $this->stop();
                $infos = '/usr/bin/fragzzPanel_apply '.$this->s_username.' '.$_POST["server_config_id"];
                $info = `$infos`;
                $this->start();
                $this->config_applynew_message = '<b>[i] New config file applied and server restarted!</b><br>
                <br>
                <b>The following IP and port have been used</b>:<br>'.nl2br($info);
            }
            
            if($GLOBALS['control_action'] == 'remove_port') {
                if($this->s_username == 'demo') {
                    $this->error[microtime()] = 'Disabled for demo!';
                    $this->end();
                }
                
                $DB->query("DELETE FROM s_reserved_db WHERE server_id = '".$this->server_id."' && port = '".$_GET["port"]."' && ip = '".$_GET["ip"]."';");
                $this->control_ports_message = '<b>[i] Port deleted</b>';
            }

            if($GLOBALS['support_action'] == 'create ticket') {
                if(!empty($GLOBALS['support_text'])) {

                    $DB->query("INSERT INTO s_ticket_db VALUES ('','".$this->server_id."','".$_POST['support_subject']."','".$_POST['support_priority']."','open','".time()."');") or die(mysql_error());
                    $ticket_id = $DB->insert_id();

                    $DB->query("INSERT INTO s_ticket_post_db VALUES ('','".$ticket_id."','".time()."','c','".$_POST['support_email']."','".$_POST['support_text']."');");

                    $this->support_message = '<b>[i] Ticket created. You should recieve a staff reply soon.</b>';

                    mail('chris@fragzzhost.com','Fragzzhost Support Ticket',"A new support ticket has been posted:\n\nUser: ".$this->s_username."\nSubject: ".$_POST['support_subject']."\nPriority: ".$_POST["support_priority"]."\nEmail: ".$_POST["support_email"]."\nMessage: ".$_POST['support_text']."\n\nTo reply, please go here:\nhttp://www.fragzzhost.com/index.php?page=tickets&support_action=view&ticket_id=".$ticket_id."\n\n");

                    mail('patrick@fragzzhost.com','Fragzzhost Support Ticket',"A new support ticket has been posted:\n\nUser: ".$this->s_username."\nSubject: ".$_POST['support_subject']."\nPriority: ".$_POST["support_priority"]."\nEmail: ".$_POST["support_email"]."\nMessage: ".$_POST['support_text']."\n\nTo reply, please go here:\nhttp://www.fragzzhost.com/index.php?page=tickets&support_action=view&ticket_id=".$ticket_id."\n\n");
                }
                else {
                    $this->error[microtime()] = 'Your message was empty!';
                    $this->end();
                }
            }

            if($GLOBALS['support_action'] == 'post reply') {
                if(!empty($GLOBALS['support_text'])) {

                    $DB->query("INSERT INTO s_ticket_post_db VALUES ('','".$_GET["ticket_id"]."','".time()."','c','".$_POST['support_email']."','".$_POST['support_text']."');");

                    $DB->query("UPDATE s_ticket_db SET lastreply = '".time()."' WHERE server_ticket_id = '".$_GET['ticket_id']."';");

                    $this->support_message = '<b>[i] Reply made. You should recieve a staff reply soon.</b>';

                    $em = $DB->query("SELECT support_email FROM s_ticket_post_db WHERE server_ticket_id = '".$_GET['ticket_id']."' && support_email != '".$_POST['support_email']."' GROUP BY support_email");
                    while($emails = $DB->fetch_array($em)) {
                        mail($emails[0],'FragzzPanel Support Ticket '.$_GET['ticket_id'],"Dear Sir/Madam,\nThis mail is just to let you know that a new reply has been posted for a support ticket in which you have been participating for the server account '".$this->s_username."'.\n\nTo see the new post, please log into FragzzPanel, and select the ticket '".$DB->get_data('s_ticket_db','subject','server_ticket_id',$_GET['ticket_id'])."'.\n\nMany Thanks\n\nFragzz Network Staff");
                    }
                }
                else {
                    $this->error[microtime()] = 'Your message was empty!';
                    $this->end();
                }
            }

            if($GLOBALS['support_modifier'] == 'close') {
                $DB->query("UPDATE s_ticket_db SET status = 'closed' WHERE server_ticket_id = '".$_GET['ticket_id']."';");

                $this->support_message = '<b>[i] Ticket closed.</b>';
            }

            $this->server_log = `tai64nlocal < /servers/$this->s_username/logs/current`;
            $this->server_log = str_replace('Incorrectly built binary which accesses errno, h_errno or _res directly. Needs to be fixed.','',$this->server_log);
        }
    }

    function end () {
        print "<span style='font-size: 36pt; font-color: #ff0000; font-weight: bold'>fragzzPanel Error</span><br>";
        foreach($this->error AS $value) {
            print "[!] ".$value."<br>";
        }
        exit;
    }

    function restart () {
        if($this->s_username == 'demo') {
            $this->error[microtime()] = 'Disabled for demo!!';
            $this->end();
        }
        $out = `/usr/bin/fragzzPanel_restart /servers/$this->s_username`;
        $this->control_message = '<b>[i] Server Restarted</b>'.nl2br($out);
        return $out;
    }

    function start () {
        if($this->s_username == 'demo') {
            $this->error[microtime()] = 'Disabled for demo!!';
            $this->end();
        }
        $out = `/usr/bin/fragzzPanel_start /servers/$this->s_username`;
        $this->control_message = '<b>[i] Server Started</b>';
    }

    function stop () {
        if($this->s_username == 'demo') {
            $this->error[microtime()] = 'Disabled for demo!!';
            $this->end();
        }
        $out = `/usr/bin/fragzzPanel_stop /servers/$this->s_username`;
        $this->control_message = '<b>[i] Server Stopped</b>';
    }

    function update_password() {
        global $u_password;
        global $DB;

        if($this->s_username == 'demo') {
            $this->error[microtime()] = 'Disabled for demo!!';
            $this->end();
        }
        if($DB->query("UPDATE s_internal_db SET password = '$u_password' WHERE server_id = '$this->server_id'")) {
            $this->password_message .= '<b>[i] Password Updated</b>';
            return true;
        }
        else {
            $this->error[microtime()] = 'Password could not be updated: '.$DB->error();
            $this->end();
        }
    }

    function tab ($tab = 'home') {
        global $game_types;
        global $DB;

        $this->bg[$tab] = $this->high_bg;

        switch ($tab) {
            case "home":
                $this->tab_output .= '
                <table width=100% cellpadding=0 cellspacing=10 border=0>
                <tr><td width=50%>
                    <table width=100% cellpadding=3 cellspacing=0 border=0>
                    <tr>
                    <tr><td width=100% background=http://imgs.fragzz.com/blue/bar_500.jpg>
                    <b>[-] login details</b>
                    </td>
                    <tr><td class=border_abt bgcolor=#000000>
                    <b>User name</b>: '.$this->s_username.'<br>
                    <b>Password</b>: '.$this->s_password.'
                    </td>
                    </tr>
                    </table>
                    <br><br>
                    <table width=100% cellpadding=3 cellspacing=0 border=0>
                    <tr>
                    <tr><td width=100% background=http://imgs.fragzz.com/blue/bar_500.jpg>
                    <b>[-] ftp details</b>
                    </td>
                    <tr><td class=border_abt bgcolor=#000000>
                    <b>Host name</b>: '.$DB->get_data('s_box_db','hostname','server_box_id',$this->s_current_box).'.fragzzhost.com<br>
                    <b>User name</b>: '.$this->s_username.'<br>
                    <b>Password</b>: '.$this->s_password.'<br><br>
                    <b>Disk space used</b>:<br>
                    '.$this->disk_used.'
                    </td>
                    </tr>
                    </table><br><br>
                                        <table width=100% cellpadding=3 cellspacing=0 border=0>
                                        <tr>
                                        <tr><td width=100% background=http://imgs.fragzz.com/blue/bar_500.jpg>
                                        <b>[-] latest updates</b>
                                        </td>
                                        <tr><td class=border_abt bgcolor=#000000>';
                                ob_end_flush();
                                ob_start();
                                include("/domains/include/server_updates.php");                                                                         
                                $updates = ob_get_contents();
                                ob_end_clean();
                                ob_start();


     $current_cfg = $this->get('current_config');                                                                                    

     $sql1 = $DB->query("SELECT G.name, C.caption, C.server_config_id FROM s_config_db AS C JOIN s_gametype_db AS G ON C.gametype = G.server_gametype_id WHERE C.server_config_id = '".$current_cfg."'") or trigger_error($DB->error(),E_USER_ERROR);                                          
     while($configs = $DB->fetch_array($sql1)) {                                                                                     
             $current_config_text = $configs[0].' [-] '.$configs[1];                                                                 
     }
     if($DB->num_rows($sql1) == 0) {                                                                                                 
             $current_config_text = 'Unknown';                                                                                       
     }

                                $this->tab_output .= $updates.'</td>                                                                                            
                                        </tr>
                                        </table>
                </td>
                <td width=50%>
                    <table width=100% cellpadding=3 cellspacing=0 border=0>
                    <tr>
                    <tr><td width=100% background=http://imgs.fragzz.com/blue/bar_500.jpg>
                    <b>[-] server details</b>
                    </td>
                    <tr><td class=border_abt bgcolor=#000000>
                    <b>Game Type</b>: '.$DB->get_data('s_gametype_db','shortname','server_gametype_id',$this->s_gametype).'<br>
                    <b>IP</b>: '.$this->s_ip.'<br>
                    <b>Port</b>: '.$this->s_port.'<br>
                    <br>
                    <b>Player Slots</b>: '.$this->s_player_slots.'<br>
                    <b>Branding</b>: '.$this->s_branding.'<br>
                    <b>Public</b>: '.$this->s_public.'<br>
                    </td>
                    </tr>
                    </table>
                    <br><br>
                    <table width=100% cellpadding=3 cellspacing=0 border=0>
                    <tr>
                    <tr><td width=100% background=http://imgs.fragzz.com/blue/bar_500.jpg>
                    <b>[-] server status</b>
                    </td>
                    <tr><td class=border_abt bgcolor=#000000>
                    <b>Current Status</b>:<br>'.$this->current_status.'<br><br>
                    <b>Current Config</b>:<br>'.$current_config_text.'
                    </td>
                    </tr>
                    </table>
                    <br><br>
                                        <table width=100% cellpadding=3 cellspacing=0 border=0>
                                        <tr>
                                        <tr><td width=100% background=http://imgs.fragzz.com/blue/bar_500.jpg>
                                        <b>[-] latest news</b>
                                        </td>
                                        <tr><td class=border_abt bgcolor=#000000>';
                ob_end_flush();
                ob_start();
$get = mysql_query("select news_id, timestamp, title, text, user_id, image from news_db where site_id = '5' order by timestamp desc limit 1") or die($DB->error());
        if (mysql_num_rows($get) != 0) {

                while ($n_data = $DB->fetch_array($get)) {                                                                                                      
                        $commentsnum = $DB->result($DB->query("SELECT COUNT(*) FROM comments_db WHERE sys_db = 'news_db' && sys_id = '$n_data[0]'"),0);                         
                        $thetext = smileyprocess(substr($n_data[3], 0, 1500));                                                                                  
                        if (substr($n_data[3], 0, 1500) != $n_data[3]) {                                                                                        
                                $thetext = $thetext.".........<a href='index.php?page=news&action=view&news_id=$n_data[0]'><b><i>continued</i></b></a>";        
                        }

                        $n_data[8] = '';
                        eval("?>".get_content("news_item_small"));                                                                                              
                }
        }
        else {
                print "<center>There is no news</center>";                                                                                                      
        }

$news = ob_get_contents();
ob_end_clean();
ob_start();
                $this->tab_output .= $news.'
                    </td></tr></table>
                </td>
                </tr>
                </table>';

                break;

            case "control":
                $sql1 = $DB->query("SELECT G.name, R.ip, R.port FROM s_reserved_db AS R JOIN s_gametype_db AS G ON R.gametype = G.server_gametype_id WHERE R.server_id = '".$this->server_id."' ORDER BY G.name ASC") or die(mysql_error());
                if($DB->num_rows($sql1) == 0) {
                    $port_html = '<b>No ports assigned</b>';
                }
                while($pdet = $DB->fetch_array($sql1)) {
                    $port_html .= '<p><b>'.$pdet[0].'</b><br>'.$pdet[1].':'.$pdet[2].'<br><a href='.$this->self.'&action=control&control_action=remove_port&ip='.$pdet[1].'&port='.$pdet[2].'>remove</a></p>';
                }
                $this->tab_output .= '
                <table width=100% cellpadding=0 cellspacing=10 border=0>
                <tr><td width=50%>
                    <table width=100% cellpadding=3 cellspacing=0 border=0>
                    <tr>
                    <tr><td width=100% background=http://imgs.fragzz.com/blue/bar_500.jpg>
                    <b>[-] server status</b>
                    </td>
                    <tr><td class=border_abt bgcolor=#000000>
                    <b>Current Status</b>:<br>'.$this->current_status.'
                    </td>
                    </tr>
                    </table>
                    <br><br>
                    <table width=100% cellpadding=3 cellspacing=0 border=0>
                    <tr>
                    <tr><td width=100% background=http://imgs.fragzz.com/blue/bar_500.jpg>
                    <b>[-] server control</b>
                    </td>
                    <tr><td class=border_abt bgcolor=#000000 align=center>
                    <form action='.$this->self.'&action=control method=post>
                    '.$this->control_message.'<br><br>
                    <input type=submit value=Restart name=control_action><br><br>
                    <input type=submit value=Start name=control_action><br><br>
                    <input type=submit value=Stop name=control_action><br><br>
                    </form>
                    </td>
                    </tr>
                    </table>
                    <br><br>
                </td>
                <td width=50%>
                    <table width=100% cellpadding=3 cellspacing=0 border=0>
                    <tr>
                    <tr><td width=100% background=http://imgs.fragzz.com/blue/bar_500.jpg>
                    <b>[-] login details</b>
                    </td>
                    <tr><td class=border_abt bgcolor=#000000>
                    '.$this->password_message.'<br>
                    <form action='.$this->self.'&action=control method=post>
                        <table width=100% cellpadding=0 cellspacing=3>
                        <tr>
                        <td>
                        User Name
                        </td>
                        <td>
                        :
                        </td>
                        <td>
                        '.$this->s_username.'
                        </td>
                        </tr>
                        <tr>
                        <td>
                        Password
                        </td>
                        <td>
                        :
                        </td>
                        <td>
                        <input type=password length=15 name=u_password value="'.$this->s_password.'">
                        </td>
                        </tr>
                        </table><br>
                    <input type=submit value="Update Password" name=control_action>
                    </form>
                    </td>
                    </tr>
                    </table>
                    <br><br>
                                        <table width=100% cellpadding=3 cellspacing=0 border=0>
                                        <tr>
                                        <tr><td width=100% background=http://imgs.fragzz.com/blue/bar_500.jpg>
                                        <b>[-] port assignments</b>
                                        </td>
                                        <tr><td class=border_abt bgcolor=#000000>
                                        '.$this->control_port_message.'<br>
                    '.$port_html.'
                                        </td>
                                        </tr>
                                        </table>
                                        <br><br>
                </td>
                </tr>
                </table>';
                break;

            case "config":
                $sql1 = $DB->query("SELECT G.shortname, C.caption, C.server_config_id FROM s_config_db AS C LEFT JOIN s_gametype_db AS G ON C.gametype = G.server_gametype_id WHERE C.server_id = '$this->server_id' ORDER BY gametype ASC") or trigger_error($DB->error(),E_USER_ERROR);
                while($configs = $DB->fetch_array($sql1)) {
                    $config_list .= '<option value='.$configs[2].'>'.$configs[0].' [-] '.$configs[1].'</option>';
                }

                $sql2 = $DB->query("SELECT name, server_gametype_id FROM s_gametype_db ORDER BY name ASC") or trigger_error($DB->error(),E_USER_ERROR);
                while($gametypes = $DB->fetch_array($sql2)) {
                    $gametype_list .= '<option value='.$gametypes[1].'>'.$gametypes[0].'</option>';
                }

                $current_cfg = $this->get('current_config');

                $sql1 = $DB->query("SELECT G.name, C.caption, C.server_config_id FROM s_config_db AS C JOIN s_gametype_db AS G ON C.gametype = G.server_gametype_id WHERE C.server_config_id = '".$current_cfg."'") or trigger_error($DB->error(),E_USER_ERROR);
                while($configs = $DB->fetch_array($sql1)) {
                    $current_config_text = $configs[0].' [-] '.$configs[1];
                }
                if($DB->num_rows($sql1) == 0) {
                    $current_config_text = 'Unknown';
                }