Пример #1
0
/*
============
Cmd_List_f
============
*/
static void Cmd_List_f( void ) {
	cmd_function_t  *cmd;
	int i;
	char            *match;

	if ( Cmd_Argc() > 1 ) {
		match = Cmd_Argv( 1 );
	} else {
		match = NULL;
	}

	i = 0;
	for ( cmd = cmd_functions ; cmd ; cmd = cmd->next ) {
		if ( (match && !Com_Filter( match, (char*)cmd->name, qfalse ))
		|| Cmd_GetInvokerPower() < cmd->minPower || ((cmd->minPower == 0) && Cmd_GetInvokerPower() != 100))
		{
			if(!Auth_CanPlayerUseCommand(Cmd_GetInvokerClnum(), (char*)cmd->name))
			{
				continue;
			}
		}
		Com_Printf( "%s\n", cmd->name );
		i++;
	}
	Com_Printf( "%i commands\n", i );
}
Пример #2
0
void Webadmin_ConsoleCommand(xml_t* xmlobj, const char* command, int uid)
{
	char sv_outputbuf[SV_OUTPUTBUF_LENGTH];
	char buffer[960];
	char cmd[48];
	int power, powercmd, oldpower, oldinvokeruid, oldinvokerclnum, i;
	
	
	if((power = Auth_GetClPowerByUID(uid)) < 100)
	{
		i = 0;
		/* Get the current user's power 1st */
		while ( command[i] != ' ' && command[i] != '\0' && command[i] != '\n' && i < 32 ){
			i++;
		}
		if(i > 29 || i < 3) return;
		
		Q_strncpyz(cmd,command,i+1);
		
		//Prevent buffer overflow as well as prevent the execution of priveleged commands by using seperator characters
		Q_strncpyz(buffer, command, sizeof(buffer));
		Q_strchrrepl(buffer,';','\0');
		Q_strchrrepl(buffer,'\n','\0');
		Q_strchrrepl(buffer,'\r','\0');
		// start redirecting all print outputs to the packet
		
		powercmd = Cmd_GetPower(cmd);
		if(powercmd > power)
		{
			XA(" Insufficient permissions! ");
				return;
		}
		
		xmlobjFlush = xmlobj;
		
		oldpower = Cmd_GetInvokerPower();
		oldinvokeruid = Cmd_GetInvokerUID();
		oldinvokerclnum = Cmd_GetInvokerClnum();
		Cmd_SetCurrentInvokerInfo(uid, power, -1);
		
		Com_BeginRedirect (sv_outputbuf, SV_OUTPUTBUF_LENGTH, Webadmin_FlushRedirect);
		Cmd_ExecuteSingleCommand(0,0, buffer);
		
		Cmd_SetCurrentInvokerInfo(oldinvokeruid, oldpower, oldinvokerclnum);
		
	}else{
		xmlobjFlush = xmlobj;
		Com_BeginRedirect (sv_outputbuf, SV_OUTPUTBUF_LENGTH, Webadmin_FlushRedirect);
		Cmd_ExecuteSingleCommand(0,0, command);
#ifdef PUNKBUSTER
		if(!Q_stricmpn(command, "pb_sv_", 6)) PbServerForceProcess();
#endif
	}

	Com_EndRedirect();

	xmlobjFlush = NULL;
}
void Webadmin_ConsoleCommand(xml_t* xmlobj, const char* command, uint64_t steamid)
{
	char sv_outputbuf[SV_OUTPUTBUF_LENGTH];
	char buffer[960];
	char cmd[48];
	int power, i, powercmd;

	power = Cmd_GetInvokerPower();

	if(power < 100)
	{
		i = 0;
		/* Get the current user's power 1st */
		while ( command[i] != ' ' && command[i] != '\0' && command[i] != '\n' && i < 32 ){
			i++;
		}
		if(i > 29 || i < 3) return;

		Q_strncpyz(cmd,command,i+1);

		//Prevent buffer overflow as well as prevent the execution of priveleged commands by using seperator characters
		Q_strncpyz(buffer, command, sizeof(buffer));
		Q_strchrrepl(buffer,';','\0');
		Q_strchrrepl(buffer,'\n','\0');
		Q_strchrrepl(buffer,'\r','\0');
		// start redirecting all print outputs to the packet

		powercmd = Cmd_GetPower(cmd);
		if(powercmd > power)
		{
			XA(" Insufficient permissions! ");
				return;
		}

		xmlobjFlush = xmlobj;
		Com_BeginRedirect (sv_outputbuf, SV_OUTPUTBUF_LENGTH, Webadmin_FlushRedirect);
		Cmd_ExecuteSingleCommand(0,0, buffer);
	}else{
		xmlobjFlush = xmlobj;
		Com_BeginRedirect (sv_outputbuf, SV_OUTPUTBUF_LENGTH, Webadmin_FlushRedirect);
		Cmd_ExecuteSingleCommand(0,0, command);
	}
	Com_EndRedirect();

	xmlobjFlush = NULL;
}
void Webadmin_BuildMessage(msg_t* msg, const char* username, qboolean invalidloginattempt, const char* banmsg, const char* url, httpPostVals_t* values)
{

	xml_t xmlbase;
	xml_t* xmlobj = &xmlbase;
	char actionval[64];
	char colorbuf[2048];
	const char *postval;
	char netadrstr[128];
	uint64_t steamid;
	int power, oldpower, oldinvokerclnum;
	uint64_t oldinvokersteamid;
	char oldinvokername[64];
	const char* name;

	XML_Init(xmlobj, (char*)msg->data, msg->maxsize, "ISO-8859-1");
	XO("html");
		XO("head");
			XO("title");
				XA("CoD4X Web Server");
			XC;
			XO2("link","href","/files/webadmin.css","rel","stylesheet");XC;
		XC;
		XO("body");
			XO1("div","class","container");
				XO1("div","class","page-header");
					XO("h1");
						XA("CoD4 X v1.8");
						XO("small");
							XA(" Web Server");
						XC;
					XC;
					XO("h3");
						XA(Webadmin_ConvertToHTMLColor(sv_hostname->string, colorbuf, sizeof(colorbuf)));
						XA(" ");
						XA(sv_mapname->string);
					XC;
				XC;

				if(!Q_strncmp(url, "/webadmin", 9))
				{

					if(username == NULL || username[0] == '\0')
					{
						Webadmin_BuildLoginForm(xmlobj, invalidloginattempt, banmsg);

					}else {
						steamid = Auth_GetSteamID(username);
						if(!Q_strncmp(url +9, "/listadmins", 11))
						{
							Webadmin_BuildAdminList(xmlobj, steamid);
						}else {
								XO1("div","class","loginusername");
									XO1("span","class","label label-primary");
										XA("Logged in as: ");XA(username);XA(". &nbsp;");
										XO2("a","href","/webadmin/?action=logout","style","color: #fff");
											XA("Log Out");
										XC;
									XC;
								XC;
							XO1("div", "class", "col-lg-6 right_line");
								XO("h3");XA("Server Status");XC;
								XO("hr");XC;
								Webadmin_BuildServerStatus(xmlobj, qtrue);
							XC;


							XO1("div", "class", "col-lg-6 left_line");
								XO("h3");XA("Command Console");XC;
								XO("hr");XC;
								if(Webadmin_GetUrlVal( url, "action", actionval, sizeof(actionval)))//nnjpls
								{
									if (strcmp(actionval, "logout") == 0) {
										Auth_WipeSessionId(username);

									}else{

										oldpower = Cmd_GetInvokerPower();
										oldinvokerclnum = Cmd_GetInvokerClnum();
										oldinvokersteamid = Cmd_GetInvokerSteamID();
										Cmd_GetInvokerName(oldinvokername, sizeof(oldinvokername));
										power = Auth_GetClPowerBySteamID(steamid);
										name = Auth_GetNameBySteamID(steamid);
										Cmd_SetCurrentInvokerInfo(power, -1, steamid, name);

										if(strcmp(actionval, "sendcmd") == 0){
											postval = HTTP_GetFormDataItem(values, "consolecommand");
											if(postval[0]){
												XO1("div","class","well");
													Webadmin_ConsoleCommand(xmlobj, postval, steamid);
												XC;
											}
										}else if(strcmp(actionval, "banclient") == 0){

											Webadmin_BanClient(xmlobj, values, steamid);
										}else if(strcmp(actionval, "kickclient") == 0){
											Webadmin_KickClient(xmlobj, values, steamid);

										}

										Cmd_SetCurrentInvokerInfo(oldpower, oldinvokerclnum, oldinvokersteamid, oldinvokername);

									}
								}

								XO5("form", "name", "input", "action", "webadmin?action=sendcmd", "method", "post", "class","form-control","id","con_form");
									XA("<label for=\"consolecommand\">Send Command</label> <input type=\"text\" name=\"consolecommand\" id=\"consolecommand\">");
									XA("<button class=\"givesomespace btn btn-primary btn-xs\" type=\"submit\">Send Command</button>");
								XC;
							XC;

						}
					}
				}else if(!Q_strncmp(url, "/status", 7)){
					XO("h3");XA("Server Status");XC;
					XO("hr");XC;
						Webadmin_BuildServerStatus(xmlobj,qfalse);
				}else {
					XO1("h3","align","center");
						XA("Where do you want to go?");
					XC;
					XO1("div","align","center");
						XA("<a href=\"/webadmin\" class=\"btn btn-primary givesomespace\">Web Admin</a>");
						XA("<a href=\"/status\" class=\"btn btn-primary givesomespace\">Server Status</a>");
					XC;
				}
			XO("p");
				XA("Net: ");
				XA(NET_GetHostAddress(netadrstr, sizeof(netadrstr)));
			XC;
			XC;
		XC;
	XC;

	msg->cursize = xmlobj->bufposition;

}
Пример #5
0
void QDECL SV_PrintAdministrativeLog( const char *fmt, ... ) {

	va_list		argptr;
	char		msg[MAXPRINTMSG];
	char		inputmsg[MAXPRINTMSG];
	struct tm 	*newtime;
	char*		ltime;
	time_t		realtime;

	va_start (argptr,fmt);
	Q_vsnprintf (inputmsg, sizeof(inputmsg), fmt, argptr);
	va_end (argptr);

	Com_UpdateRealtime();
	realtime = Com_GetRealtime();
	newtime = localtime( &realtime );
	ltime = asctime( newtime );
	ltime[strlen(ltime)-1] = 0;

	Com_sprintf(msg, sizeof(msg), "%s - Admin %i with %i power %s\n", ltime, Cmd_GetInvokerUID(), Cmd_GetInvokerPower(), inputmsg);

	Com_PrintAdministrativeLog( msg );

}
Пример #6
0
qboolean SV_ExecuteRemoteCmd(int clientnum, const char *msg){
	char sv_outputbuf[SV_OUTPUTBUF_LENGTH];
	char cmd[30];
	char buffer[256];
	char *printPtr;
	int i = 0;
	int j = 0;
	int powercmd;
	int power;
	client_t *cl;
	qboolean critcmd;

	if(clientnum < 0 || clientnum > 63) return qfalse;
	cl = &svs.clients[clientnum];
	redirectClient = cl;

	while ( msg[i] != ' ' && msg[i] != '\0' && msg[i] != '\n' && i < 32 ){
		i++;
	}
	
	if(i > 29 || i < 3) return qfalse;

	Q_strncpyz(cmd,msg,i+1);


	if(!Q_stricmpn(cmd, "auth", 4)){
		if(!Q_stricmp(cmd, "authChangePassword"))
		{
			Q_strncpyz(cmd, "changePassword", sizeof(cmd));
		}
		else if(!Q_stricmp(cmd, "authSetAdmin"))
		{
			Q_strncpyz(cmd, "AdminAddAdminWithPassword", sizeof(cmd));
		}
		else if(!Q_stricmp(cmd, "authUnsetAdmin"))
		{
			Q_strncpyz(cmd, "AdminRemoveAdmin", sizeof(cmd));
		}
		else if(!Q_stricmp(cmd, "authListAdmins"))
		{
			Q_strncpyz(cmd, "adminListAdmins", sizeof(cmd));
		}
	}else if(!Q_stricmp(cmd, "cmdpowerlist")){
		Q_strncpyz(cmd, "AdminListCommands", sizeof(cmd));
	}else if(!Q_stricmp(cmd, "setCmdMinPower")){
		Q_strncpyz(cmd, "AdminChangeCommandPower", sizeof(cmd));
	}

	//Prevent buffer overflow as well as prevent the execution of priveleged commands by using seperator characters
	Q_strncpyz(buffer,msg,256);
	Q_strchrrepl(buffer,';','\0');
	Q_strchrrepl(buffer,'\n','\0');
	Q_strchrrepl(buffer,'\r','\0');
	// start redirecting all print outputs to the packet

	power = Auth_GetClPower(cl);
	powercmd = Cmd_GetPower(cmd);

    if(strstr(cmd, "password"))
    {
            printPtr = "hiddencmd";
            critcmd = qtrue;
    }else{
	    printPtr = buffer;
            critcmd = qfalse;
    }

	if(powercmd == -1){
            SV_SendServerCommand(redirectClient, "e \"^5Command^2: %s\n^3Command execution failed - Invalid command invoked - Type ^2$cmdlist ^3to get a list of all available commands\"", printPtr);
            return qfalse;
	}
	if(powercmd > power){
            SV_SendServerCommand(redirectClient, "e \"^5Command^2: %s\n^3Command execution failed - Insufficient power to execute this command.\n^3You need at least ^6%i ^3powerpoints to invoke this command.\n^3Type ^2$cmdlist ^3to get a list of all available commands\"",
            printPtr, powercmd);
	    return qtrue;
	}
	Com_Printf( "Command execution: %s   Invoked by: %s   InvokerUID: %i Power: %i\n", printPtr, cl->name, cl->uid, power);

	Com_BeginRedirect(sv_outputbuf, SV_OUTPUTBUF_LENGTH, SV_ReliableSendRedirect);

	i = Cmd_GetInvokerUID();
	j = Cmd_GetInvokerPower();

	Cmd_SetCurrentInvokerInfo(cl->uid, power, clientnum);
	
	Cmd_ExecuteSingleCommand( 0, 0, buffer );
#ifdef PUNKBUSTER
	if(!Q_stricmpn(buffer, "pb_sv_", 6)) PbServerForceProcess();
#endif

	if(!critcmd)
	{
		SV_SendServerCommand(redirectClient, "e \"^5Command^2: %s\"", buffer);
	}
	Cmd_SetCurrentInvokerInfo(i, j, -1);

	Com_EndRedirect();
	return qtrue;
}