Monopd-Gator

Aus Hochschule Darmstadt - Fachschaft Informatik Wiki
Wechseln zu: Navigation, Suche

Seit März 2009 hostet die Fachschaft Informatik den weltweiten Master-Server für das Spiel Atlantik. Vor einigen Jahren ist dieser essentieller Master-Server ausgefallen und musste aus dem Source-Code der Clients (Atlanktik und Monopd) aufbauend neu geschrieben werden.

Den aktuellen Sourcecode-Stand findet sich hier:

<?php
echo("<?xml version='1.0'?>\n");
 
 
// Database-Connection
$link = mysql_connect([..]) or die(mysql_error());
mysql_select_db([..]) or die(mysql_error());
 
 
 
// Query to delete all old registrations (old = older than 300 sek)
$query = "delete from registrations where regdate < SUBDATE(now(), INTERVAL 300 SECOND)";
mysql_query($query) or die(mysql_error());
 
 
$query = "SELECT ip, host, port, version, users from registrations";
$result = mysql_query($query) or die(mysql_error());
 
// Contact-Info
echo "<!-- Contact-Info: Jens Weibler <weibler@fbihome.de> -->\n";
 
// Build XML with String-Operations ;)
 
echo "<monopigator>\n";
while($row = mysql_fetch_assoc($result))
{
    echo "<server ip=\"".$row['ip']."\" host=\"".$row['host']."\" port=\"".$row['port']."\" version=\"".$row['version']."\" users=\"".$row['users']."\" />\n";
}
 
echo "</monopigator>";
mysql_free_result($result);
mysql_close($link);
 
exit();
?>


<?php                                                             
 
// We get the following fields from a Monopd-Server:
$ip = $_REQUEST["ip"];                              
$host = $_REQUEST["host"];                          
$port = $_REQUEST["port"];                          
$version = $_REQUEST["version"];                    
$users = $_REQUEST["users"];                        
 
// Database-Connection
$link = mysql_connect([..]) or die(mysql_error());
mysql_select_db([..]) or die(mysql_error());                                         
 
 
// Check the input - all inputs-Vars are evil by default ;)
if(!isset($port) || !is_numeric($port))                    
{                                                          
    die("Port should be a number!");                       
}                                                          
 
// The host shouldn't have special chars - but just to be safe
if (get_magic_quotes_gpc())                                   
{                                                             
    $host = stripslashes($host);                              
}                                                             
$host = mysql_real_escape_string($host);                      
 
if( !isset($version) )
{                     
    die("No version given!");
}                            
if (get_magic_quotes_gpc())  
{                            
    $version = stripslashes($version);
}                                     
if( !preg_match("/^(\d|\.)+$/", $version) === TRUE )
{                                                   
    die("Version has wrong format");                
}                                                   
$version = mysql_real_escape_string($version);      
 
if(!isset($users) || !is_numeric($users))
{                                        
    die("Users should be a number!");    
}                                        
// End Check-Input                       
 
// monopoly.roffles.com tries to cheat about the usercount
if( $users == 666 )
{
    die("Don't try to submit a false usercount");
}
 
 
// Now we check whether the host is resolvable
$hostIP = gethostbyname($host);
if( $hostIP == FALSE )
{
    die("Your Host \"$host\" is not resolvable!");
}
 
// Check if gethostbyname has failed
if( $hostIP == $host )
{
    die("Sorry, resolving \"$host\" has failed!");
}
 
// Check if IP was sent
if( !isset($ip) )
{
    // ok, no IP given - take resolved IP
    $ip = $hostIP;
}
else
{
    if (get_magic_quotes_gpc())
    {
        $ip = stripslashes($ip);
    }
    // just to be safe - not written a regexp for an ip yet ;)
    $ip = mysql_real_escape_string($ip);
}
 
// Check if host&port is already in the database
$query = "SELECT regdate from registrations where host='$host' AND port='$port'";
$result = mysql_query($query) or die(mysql_error());
$num_rows = mysql_num_rows($result);
mysql_free_result($result);
 
if( $num_rows > 0 )
{
    // update an old entry
    $query = "UPDATE registrations set regdate = now(), version='$version', users='$users', ip='$ip' where host='$host' AND port='$port'";
}
else
{
    // everything seems fine - store the entry with current timestamp
    $query = "INSERT INTO registrations(ip, host, port, version, users, regdate) VALUES ('$hostIP', '$host', '$port', '$version','$users', now())";
}
mysql_query($query) or die(mysql_error());
 
mysql_close($link);
 
exit();
 
?>
Meine Werkzeuge