[Tool] AdminServ 2.1.0

[undef.de]

This will patch the most problems for using the file disclosure, I'm not sure if it helps for all attacks but will keep the easy one's away!

I use http://phpids.org/ in several projects, works nice.

[Kev717]

Hi,
No problem for continue the development of my tool
But maybe, you should create a new post for edit the first page.

Kev'

[Xymph]

I use https://phpids.org/ in several projects, works nice.

Firefox warns: "This Connection is Untrusted". They should use a valid, CA-signed certificate, or stick to plain http.

[undef.de]

I use https://phpids.org/ in several projects, works nice.

Firefox warns: "This Connection is Untrusted". They should use a valid, CA-signed certificate, or stick to plain http.

True (using a outdated cert ), changed my link from https to http which is served too.

[Xymph]

I use https://phpids.org/ in several projects, works nice.

Firefox warns: "This Connection is Untrusted". They should use a valid, CA-signed certificate, or stick to plain http.

True (using a outdated cert ), changed my link from https to http which is served too.

Any menu link is hardcoded to https (or redirects to use that), so the same problem persists when browsing much of the site.

[Chris92]

Thanks for sharing chris!
It's such a user friendly tool. Maybe a good idea to open up a github or something for it? (or maybe there is already?)


Toffe

Aye, there is: http://github.com/Chris92de/AdminServ
Feel free to send pull requests =)
EDIT: Let's move on to the new thread as I do intend to keep this thread intact as is http://forum.maniaplanet.com/viewtopic. ... 09&start=0

[niarfman]

I have updated my own adminserv for displaying Karma from ManiaControl Database for each map in "Map List".
You can set a database per server (Maniacontrol is also able to manage several servers within a single database).

This version is not connecting to MX servers.

The modification looks like :


The only things to change are :

a Server entry example in config/servers.cfg

Code: Select all

		'Lvx_EliteLobby' => array(
			'address'       => 'localhost',
			'port'          => 5000,
			'mapsbasepath'  => 'MyTeam/MyServer',
			'matchsettings' => 'MatchSettings/MyServer.txt',
			'adminlevel'    => array('SuperAdmin' => 'all', 'Admin' => 'all', 'User' => 'all'),
			'ManiaControl_mysql_host'	=> 'localhost',
			'ManiaControl_mysql_user'	=> 'dbuser',
			'ManiaControl_mysql_pass'	=> 'dbpass',
			'ManiaControl_mysql_db'	=> 'dbname'
		),

in resources/js/adminserv_funct.js (function getCurrentServerInfo):

Code: Select all

/**
* Récupère les informations du serveur actuel (map, serveur, stats, joueurs)
*/
function getCurrentServerInfo(mode, sort){
	var path_ressources = getResourcesPath();
	if(!mode){
		mode = getMode();
	}
	if(sort){
		setCurrentSort(sort);
	}
	var isTeamGameMode = $('#isTeamGameMode').val();
	
	$.getJSON(getResourcesPath()+'ajax/get_current_serverinfo.php', {mode: mode, sort: sort}, function(data){
		if(data != null){
			// Map
			if(data.map != null){
				$('#map_name').html(data.map.name);
				$('#map_author').html(data.map.author);
				$('#map_karma').html(data.map.karma);
				$('#map_enviro').html(data.map.enviro+'<img src="'+path_ressources+'images/env/'+data.map.enviro.toLowerCase()+'.png" alt="" />');
				$('#map_uid').html(data.map.uid);
				if(data.srv.gameModeScriptName){
					var gameModeName = data.srv.gameModeScriptName+' <span class="scriptName">('+data.srv.gameModeName+')</span>';
				}else{
					var gameModeName = data.srv.gameModeName;
				}
				$('#map_gamemode').html(gameModeName).attr('class', '').addClass('value '+data.srv.gameModeName.toLowerCase() );
				if(data.map.thumb){
					$('#map_thumbnail').html('<img src="data:image/jpeg;base64,'+data.map.thumb+'" alt="'+$('#map_thumbnail').data('text-thumbnail')+'" />');
				}
				if(data.map.scores){
					$('#ScoreTeamBlue').val(data.map.scores.blue);
					$('#ScoreTeamRed').val(data.map.scores.red);
				}
			}
			
			// Server
			if(data.srv != null){
				$('#server_name').html(data.srv.name);
				$('#server_status').html(data.srv.status);
			}
			
			// Stats
			if(data.net != null){
				$('#network_uptime').html(data.net.uptime);
				$('#network_nbrconnection').html(data.net.nbrconnection);
				$('#network_meanconnectiontime').html(data.net.meanconnectiontime);
				$('#network_meannbrplayer').html(data.net.meannbrplayer);
				$('#network_recvnetrate').html(data.net.recvnetrate);
				$('#network_sendnetrate').html(data.net.sendnetrate);
				$('#network_totalreceivingsize').html(data.net.totalreceivingsize);
				$('#network_totalsendingsize').html(data.net.totalsendingsize);
			}
			
			// Players
			if(data.ply != null && !$('#playerlist').isChecked() ){
				var out = '';
				
				// Création du tableau
				out += '<tr class="table-separation"><td colspan="'; if(isTeamGameMode){ out += '6'; }else{ out += '5'; } out += '"></td></tr>';
				if( typeof(data.ply) == 'object' ){
					$.each(data.ply, function(i, player){
						out += '<tr class="'; if(i%2){ out += 'even'; }else{ out += 'odd'; } out += '">';
							if(isTeamGameMode && mode == 'detail'){
								out += '<td class="detailModeTd imgleft"><span class="team_'+player.TeamId+'" title="'+player.TeamName+'">&nbsp;</span>'+player.TeamName+'</td>';
							}
							out += '<td class="imgleft"><img src="'+path_ressources+'images/16/solo.png" alt="" />'+player.NickName+'</td>';
							if( !isTeamGameMode && mode == "detail" ){
								out += '<td class="imgleft"><img src="'+path_ressources+'images/16/leagueladder.png" alt="" />'+player.LadderRanking+'</td>';
							}
							out += '<td>'+player.Login+'</td>'
							+'<td>'+player.PlayerStatus+'</td>'
							+'<td class="checkbox"><input type="checkbox" name="player[]" value="'+player.Login+'" /></td>'
						+'</tr>';
					});
					
					if( $('#checkAll').attr('disabled') ){
						$('#checkAll').prop('disabled', false);
					}
				}
				else{
					if( !$('#checkAll').attr('disabled') ){
						$('#checkAll').prop('disabled', true);
					}
					out += '<tr class="no-line"><td class="center" colspan="'; if(isTeamGameMode){ out += '6'; }else{ out += '5'; } out += '">'+data.ply+'</td></tr>';
				}
				
				// HTML
				$('#playerlist table tbody').html(out);
				$('.cadre.right .options .nb-line').html(data.nbp);
				if( $('#playerlist').hasClass('loading') ){
					$('#playerlist').removeClass('loading');
				}
			}
		}
	});
}

in resources/js/adminserv_funct.js (function getMapList):

Code: Select all

/**
* Récupère la liste des maps du serveur
*/
function getMapList(mode, sort){
	var path_ressources = getResourcesPath();
	if(!mode){
		mode = getMode();
	}
	if(sort){
		setCurrentSort(sort);
	}
	
	$.getJSON(getResourcesPath()+'ajax/get_maplist.php', {mode: mode, sort: sort}, function(data){
		if(data != null){
			if(data.lst != null && !$('#maplist').isChecked() ){
				var out = '';
				
				// Création du tableau
				out += '<tr class="table-separation"><td colspan="6"></td></tr>';
				if( typeof(data.lst) == 'object' ){
					$.each(data.lst, function(i, map){
						out += '<tr'; if(data.cid == i){ out += ' id="currentMap"'; } out += ' class="'; if(i%2){ out += 'even'; }else{ out += 'odd'; } if(data.cid == i){ out += ' current'; } out += '">'
							+'<td class="imgleft"><img src="'+path_ressources+'images/16/map.png" alt="" />'
								+'<span title="'+map.FileName+'">'+map.Name+'</span>'
								if(mode == 'detail'){
									out += '<span class="detailModeTd">'+map.UId+'</span>';
								}
							out += '</td>'
							+'<td>'+map.karma+'</td>'
							+'<td class="imgcenter"><img src="'+path_ressources+'images/env/'+map.Environment.toLowerCase()+'.png" alt="" />'+map.Environment+'</td>'
							+'<td>'+map.Author+'</td>';
							if(mode == 'detail'){
								out += '<td>'+map.GoldTime+'</td>'
								+'<td>'+map.CopperPrice+'</td>';
							}
							out += '<td class="checkbox">'; if(data.cid != i){ out += '<input type="checkbox" name="map[]" value="'+map.FileName+'" />'; } out += '</td>'
						+'</tr>';
					});
					
					if( $('#checkAll').attr('disabled') ){
						$('#checkAll').prop('disabled', false);
					}
				}
				else{
					if( !$('#checkAll').attr('disabled') ){
						$('#checkAll').prop('disabled', true);
					}
					out += '<tr class="no-line"><td class="center" colspan="6">'+data.lst+'</td></tr>';
				}
				
				// HTML
				$('#maplist table tbody').html(out);
				$('.cadre.right .options .nb-line').html(data.nbm.count+' '+data.nbm.title);
				if( $('#maplist').hasClass('loading') ){
					$('#maplist').removeClass('loading');
				}
			}
		}
	});
}

in resources/templates/maps-list.tpl.php:

Code: Select all

<?php
	// GAME
	if(SERVER_VERSION_NAME == 'TmForever'){
		$queries = array(
			'removeMap' => 'RemoveChallengeList',
			'chooseNextMap' => 'ChooseNextChallengeList'
		);
	}
	else{
		$queries = array(
			'removeMap' => 'RemoveMapList',
			'chooseNextMap' => 'ChooseNextMapList'
		);
	}
	$redirect=false;
	
	// ACTIONS
	if( isset($_POST['removeMap']) && isset($_POST['map']) && count($_POST['map']) > 0 ){
		if( !$client->query($queries['removeMap'], $_POST['map']) ){
			AdminServ::error();
		}
		else{
			AdminServLogs::add('action', 'Remove map ('.count($_POST['map']).')');
			$redirect=true;
		}
	}
	else if( isset($_POST['chooseNextMap']) && isset($_POST['map']) && count($_POST['map']) > 0 ){
		if( !$client->query($queries['chooseNextMap'], $_POST['map']) ){
			AdminServ::error();
		}
		else{
			AdminServLogs::add('action', 'Choose next map ('.count($_POST['map']).')');
			$redirect=true;
		}
	}

	if ($redirect){
		Utils::redirection(false, '?p='.USER_PAGE);
	}
	
	// MAPLIST
	$data['maps'] = AdminServ::getMapList();
?>

resources/ajax/get_maplist.php :

Code: Select all

<?php
	// INCLUDES
	session_start();
	if( !isset($_SESSION['adminserv']['sid']) ){ exit; }
	$configPath = '../../'.$_SESSION['adminserv']['path'].'config/';
	require_once $configPath.'adminlevel.cfg.php';
	require_once $configPath.'adminserv.cfg.php';
	require_once $configPath.'extension.cfg.php';
	require_once $configPath.'servers.cfg.php';
	require_once '../core/adminserv.php';
	AdminServConfig::$PATH_RESOURCES = '../';
	AdminServ::getClass();
	AdminServUI::lang();
	
	// ISSET
	if( isset($_GET['mode']) ){ $mode = addslashes($_GET['mode']); }else{ $mode = null; }
	if( isset($_GET['sort']) ){ $sort = addslashes($_GET['sort']); }else{ $sort = null; }
	if($mode){
		$_SESSION['adminserv']['mode']['maps'] = $mode;
	}
	
	// DATA
	if( AdminServ::initialize() ){
		$out = AdminServ::getMapList($sort);
	}

	//Niarfman Karma research
	$db = new mysqli(SERVER_MANIACONTROL_MYSQL_HOST, SERVER_MANIACONTROL_MYSQL_USER, SERVER_MANIACONTROL_MYSQL_PASS, SERVER_MANIACONTROL_MYSQL_DB);

	if($db->connect_errno > 0){
		die('Unable to connect to database [' . $db->connect_error . ']');
	}
	
	
	foreach ($out['lst'] as $key => $map)
	{
		//print_r($map);
		$sql = 'SELECT name, AVG(vote) AS avg_vote, COUNT(name) AS nb_votes FROM `mc_karma` INNER JOIN `mc_maps`  ON `mc_maps`.`index` = `mc_karma`.`mapIndex` GROUP BY `mc_maps`.`uid` HAVING `mc_maps`.`uid`="'.$map[UId].'"';
		
		//echo $sql.'<hr />';
		if(!$result = $db->query($sql)){
			die('There was an error running the query [' . $db->error . ']');
		}
		
		$row = $result->fetch_assoc();
		if($row <> NULL)
		{
			
			$out['lst'][$key]['karma']=round($row['avg_vote']*100,2) . '% - ' .$row['nb_votes'] .' vote(s)';
		}
		else
		{
			$out['lst'][$key]['karma']="No Vote";
		}
		$result->free();
	}
		
	$db->close();
	
	// OUT
	$client->Terminate();
	echo json_encode($out);
?>

in resources/core/adminserv.php (function getMapList):

Code: Select all

	/**
	* Récupère la liste des maps sur le serveur
	*
	* @global resource $client -> Le client doit être initialisé
	* @param  string   $sortBy -> Le tri à faire sur la liste
	* @return array
	*/
	public static function getMapList($sortBy = null){
		global $client;
		$out = array();
		
		// Méthodes
		if(SERVER_VERSION_NAME == 'TmForever'){
			$queryName = array(
				'mapList' => 'GetChallengeList',
				'mapIndex' => 'GetCurrentChallengeIndex'
			);
		}
		else{
			$queryName = array(
				'mapList' => 'GetMapList',
				'mapIndex' => 'GetCurrentMapIndex'
			);
		}
		
		// MAPSLIST
		if( !$client->query($queryName['mapList'], AdminServConfig::LIMIT_MAPS_LIST, 0) ){
			$out['error'] = Utils::t('Client not initialized');
		}
		else{
			$mapList = $client->getResponse();
			$countMapList = count($mapList);
			$client->query($queryName['mapIndex']);
			$out['cid'] = $client->getResponse();
			
			if( $countMapList > 0 ){
				$i = 0;
				
				//Niarfman Karma research - DB Connection
				$db = new mysqli(SERVER_MANIACONTROL_MYSQL_HOST, SERVER_MANIACONTROL_MYSQL_USER, SERVER_MANIACONTROL_MYSQL_PASS, SERVER_MANIACONTROL_MYSQL_DB);
				
				$IsDBConnect=false;
				if($db->connect_errno == 0){
					$IsDBConnect=true;
				}					
				
				foreach($mapList as $map){
					// Name
					$name = htmlspecialchars($map['Name'], ENT_QUOTES, 'UTF-8');
					$out['lst'][$i]['Name'] = TmNick::toHtml($name, 10, true);
					
					// Environnement
					$env = $map['Environnement'];
					if($env == 'Speed'){ $env = 'Desert'; }else if($env == 'Alpine'){ $env = 'Snow'; }
					$out['lst'][$i]['Environment'] = $env;
					
					//Niarfman Karma research

					//print_r($map);
					$sql = 'SELECT name, AVG(vote) AS avg_vote, COUNT(name) AS nb_votes FROM `mc_karma` INNER JOIN `mc_maps`  ON `mc_maps`.`index` = `mc_karma`.`mapIndex` GROUP BY `mc_maps`.`uid` HAVING `mc_maps`.`uid`="'.$map[UId].'"';

					//echo $sql.'<hr />';
					if($IsDBConnect){
						if(!$result = $db->query($sql)){
							die('There was an error running the query [' . $db->error . ']');
						}
						
						$row = $result->fetch_assoc();
						if($row <> NULL)
							{
								$karma=round($row['avg_vote']*100,2) . '% - ' .$row['nb_votes'] .' vote(s)';
							}
							else
							{
								$karma="No Vote";
							}
							$result->free();
					}
					else{
						$karma="No Database Set";
					}
					
					
					// Autres
					$out['lst'][$i]['UId'] = $map['UId'];
					$out['lst'][$i]['FileName'] = $map['FileName'];
					$out['lst'][$i]['Author'] = $map['Author'];
					$out['lst'][$i]['GoldTime'] = TimeDate::format($map['GoldTime']);
					$out['lst'][$i]['CopperPrice'] = $map['CopperPrice'];
					$out['lst'][$i]['karma']=$karma;
					if(SERVER_VERSION_NAME == 'ManiaPlanet'){
						$out['lst'][$i]['Type']['Name'] = self::formatScriptName($map['MapType']);
						$out['lst'][$i]['Type']['FullName'] = $map['MapType'];
						$out['lst'][$i]['Style']['Name'] = self::formatScriptName($map['MapStyle']);
						$out['lst'][$i]['Style']['FullName'] = $map['MapStyle'];
					}
					$i++;
				}
				$db->close();				
			}
			
			// Nombre de maps
			$out += self::getNbMaps($out);
			if($out['nbm']['count'] == 0){
				$out['lst'] = Utils::t('No map');
			}
			
			
			// TRI
			if($sortBy != null){
				if( is_array($out['lst']) && count($out['lst']) > 0 ){
					switch($sortBy){
						case 'name':
							uasort($out['lst'], 'AdminServSort::sortByName');
							break;
						case 'env':
							uasort($out['lst'], 'AdminServSort::sortByEnviro');
							break;
						case 'author':
							uasort($out['lst'], 'AdminServSort::sortByAuthor');
							break;
						case 'goldtime':
							uasort($out['lst'], 'AdminServSort::sortByGoldTime');
							break;
						case 'cost':
							uasort($out['lst'], 'AdminServSort::sortByPrice');
							break;
					}
				}
				$out['lst'] = array_values($out['lst']);
			}
		}
		
		return $out;
	}

[Chris92]

Hello niarf,
I think it would be better writing this into a plugin that connects to MX directly via their API, so people are not required to run ManiaControl for this
I'd be happy to ship this with AdminServ 2.1.2 then Else I'm gonna see if I can get it implemented myself.

[oliverde8]

maybe do something generic if you have time, so that user can switch between Aseco ManiaControl for example? If it is generic I wouldn't mind making a pull request to add eXpansion support?

[undef.de]

No problem for continue the development of my tool
But maybe, you should create a new post for edit the first page.

maybe do something generic if you have time, so that user can switch between Aseco ManiaControl for example? If it is generic I wouldn't mind making a pull request to add eXpansion support?

Would it not be better to post such things/extension to the version which is under development?