<?php
/*
* Author: Vo!ces
* Xfire: voices95
*/
// SET DEFAULT CVS
$mod->setDefaultCV("shelly_ban", "enabled", 0);
$mod->setDefaultCV("shelly_ban", "banreason", "Global Banned on our Servers");
$mod->setDefaultCV("shelly_ban", "hostname", "localhost");
$mod->setDefaultCV("shelly_ban", "user", "banlist");
$mod->setDefaultCV("shelly_ban", "password", "securepassword");
$mod->setDefaultCV("shelly_ban", "database", "banlist");
$mod->setDefaultCV("shelly_ban", "table", "logKickBan");
// REGISTER EVENTS
$mod->registerEvent("playerJoined", "joined_hacker");
function joined_hacker($guid) {
global $mod;
global $players;
$db = mysql_connect($mod->getCV("shelly_ban", "hostname"),$mod->getCV("shelly_ban", "user"),$mod->getCV("shelly_ban", "password"))or die("Fehler");
mysql_select_db($mod->getCV("shelly_ban", "database"));
echo mysql_error();
$result = mysql_query("SELECT guid FROM ". $mod->getCV("shelly_ban", "table")." WHERE guid='". $guid ."' AND type ='ban'");
$rowguid = mysql_num_rows($result);
if($rowguid != "0") {
$players[$guid]->ban($mod->getCV("shelly_ban", "banreason"));
}
mysql_close($db);
}
?>
So ergibt es mehr sinn allerdings brauchst du dafür eine spalte type in der mysqldb wo ban drin steht.
Das komplettpaket sehe dann so aus:
<?php
// SET DEFAULT CVS
$mod->setDefaultCV("banlist", "enabled", 0);
$mod->setDefaultCV("banlist", "banreason", "Global Banned on our Servers");
$mod->setDefaultCV("banlist", "hostname", "localhost");
$mod->setDefaultCV("banlist", "user", "banlist");
$mod->setDefaultCV("banlist", "password", "securepassword");
$mod->setDefaultCV("banlist", "database", "banlist");
$mod->setDefaultCV("banlist", "table", "bans");
try {
$banlist = new banlist();
}
catch (Exception $e) {
$logging->write(MOD_ERROR, "Banlist: " . $e->getMessage());
}
// REGISTER EVENTS
$mod->registerEvent("playerJoined", "banlist_joined", $banlist);
$mod->registerEvent("playerBanned", "banlist_ban", $banlist);
class banlist {
protected $mod;
protected $players;
protected $logging;
public function __construct()
{
$this->mod = &$GLOBALS['mod'];
$this->players = &$GLOBALS['players'];
$this->logging = &$GLOBALS['logging'];
$this->checkExtension();
$this->checkTables();
}
private function checkExtension() {
if (!$this->mod->getCV("banlist", "enabled")) {
return;
}
if (!extension_loaded('mysql')) {
if (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') {
@dl("php_mysql.dll");
}else {
@dl("mysql.so");
}
}
if (!function_exists("mysql_connect")) {
throw new Exception("MySQL extension for PHP is not installed! Please install the MySQL extension to use this feature");
}
}
private function checkTables() {
if (!$this->mod->getCV("banlist", "enabled")) {
return;
}
$db = mysql_connect($this->mod->getCV("banlist", "hostname"),$this->mod->getCV("banlist", "user"),$this->mod->getCV("banlist", "password"))or die("Fehler");
mysql_select_db($this->mod->getCV("banlist", "database"));
mysql_query("CREATE TABLE IF NOT EXISTS `" . $this->mod->getCV("banlist", "table") . "` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`player` text NOT NULL,
`playerguid` varchar(32) NOT NULL,
`reason` text NOT NULL,
`kicker` text NOT NULL,
`kickerguid` varchar(32) NOT NULL,
`date` text NOT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1 AUTO_INCREMENT=1 ;");
$this->logging->write(MOD_NOTICE, "Banlist: Checking if the Database (" . $this->mod->getCV("banlist", "table") . ") is valid and exists.");
mysql_close($db);
}
public function banlist_joined($guid) {
if (!$this->mod->getCV("banlist", "enabled")) {
return;
}
$db = mysql_connect($this->mod->getCV("banlist", "hostname"),$this->mod->getCV("banlist", "user"),$this->mod->getCV("banlist", "password"))or die("Fehler");
mysql_select_db($this->mod->getCV("banlist", "database"));
$result = mysql_query("SELECT playerguid,reason FROM " . $this->mod->getCV("banlist", "table") . " WHERE playerguid='". $guid ."'");
$rowguid = mysql_num_rows($result);
$row = mysql_fetch_array($result);
if($rowguid != "0") {
$this->players[$guid]->ban($row['reason']);
$this->logging->write(MOD_NOTICE, "Banlist: Autobanned " . $this->players[$guid]->getName() . " for Reason: " . $row['reason']);
}
mysql_close($db);
}
public function banlist_ban($params) {
if (!$this->mod->getCV("banlist", "enabled")) {
return;
}
list($player, $reason, $kicker) = $params;
$db = mysql_connect($this->mod->getCV("banlist", "hostname"),$this->mod->getCV("banlist", "user"),$this->mod->getCV("banlist", "password"))or die("Fehler");
mysql_select_db($this->mod->getCV("banlist", "database"));
mysql_query("INSERT INTO " . $this->mod->getCV("banlist", "table") . " (player, playerguid, reason, kicker, kickerguid ,date) VALUES ('" . $this->mod->removecolor($players[$player]->getName()) . "','" . $players[$player] . "','" . $reason . "','" . $this->mod->removecolor($players[$kicker]->getName()) . "','" . $players[$kicker] . "','" . date("d.m.y H:i:s") . "')");
mysql_close($db);
}
}
?>sehe ich das richtig, oder kann ich über die Guid eine Mysql Injection durchführen?
EDIT: @Voices kannst ja die neue DB Klasse dafür verwenden 