GSP/GSP-Agent-Linux
1
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity Actions

Initial Linux agent repository

Browse source
This commit is contained in:
Frank Harris 2026-06-08 10:48:00 -05:00
commit ff2cb0d399
235 changed files with 40477 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

129
EHCP/addAccount.php Normal file
View file

@ -0,0 +1,129 @@
<?php
// Adds users to the database
// Variables
$success = 0;
if (isset($_GET['username'])) {
$ftp_username = $_GET['username'];
}
if (isset($_GET['password'])) {
$ftp_pass = $_GET['password'];
}
if (isset($_GET['dir'])) {
$rDir = $_GET['dir'];
}
if (isset($errors)) {
unset($errors);
}
if (file_exists("config.php")) {
include 'config.php';
} else {
die("config.php must exist within the installation root folder!");
}
include_once 'db_functions.php';
// Did we properly receive the variables from the OGP agent?
if (isset($ftp_username) && isset($ftp_pass) && isset($rDir)) {
// We received all necessary variables. Process what we received.
$errorCount = 0;
$errorInstallInt = 0;
// OGP should be doing this validation... but it's not
// Custom directory validation
if (substr_count($rDir, '/') < 2) {
$errorCount++;
$errors[] = "In order to prevent security risks, users cannot be granted access to the main directories in the root file system of the server.&nbsp; You must go down two directory levels!&nbsp; Example: /games/user1!";
}
if (stripos($rDir, "/") === FALSE || stripos($rDir, "/") != 0) {
$errorCount++;
$errors[] = "You have not chosen a valid directory!";
}
if ($rDir === "/var/www/" || stripos($rDir, "/var/www/") !== FALSE) {
$errorCount++;
$errors[] = "You may not create ftp accounts into the protected EHCP directories using this program.&nbsp; Create these accounts using EHCP software.";
}
if (stripos($rDir, "\\")) {
$errorCount++;
$errors[] = "This is not a Windows machine... use the correct slash character for path...";
}
// If the last character in the path is a slash (/) - Remove it from the string
if (substr_count($rDir, '/') >= 2 && $rDir[strlen($rDir) - 1] == "/") {
$end = strlen($rDir) - 1;
$rDir = substr($rDir, 0, $end);
}
if ($errorCount == 0) {
// Security checks
$ftp_password_db = escapeSQLStr($ftp_pass, $connection);
$ftp_username_db = escapeSQLStr($ftp_username, $connection);
$rDir = escapeSQLStr($rDir, $connection);
$SQL = "SELECT id FROM ftpaccounts WHERE ftpusername = '$ftp_username_db'";
$Result = execSQL($SQL, $connection);
if ($Result !== FALSE) {
$count = countSQLResult($Result);
if ($count > 0) {
$errorCount++;
$errors[] = "The FTP username supplied already exists!&nbsp; Please enter another unique username!";
} else {
// Make sure data enter is unique for homedir
$SQL = "SELECT id FROM ftpaccounts WHERE homedir = '$rDir'";
$Result = execSQL($SQL, $connection);
if ($Result !== FALSE) {
$count = countSQLResult($Result);
// Insert the data into the
$SQL = "INSERT INTO ftpaccounts (ftpusername, password, homedir) VALUES ('$ftp_username_db', password('$ftp_password_db'), '$rDir')";
$Result = execSQL($SQL, $connection);
if ($Result !== FALSE) {
$success = 1;
} else {
$errorCount++;
$errors[] = getSQLError($connection);
}
} else {
$errorCount++;
$errors[] = getSQLError($connection);
}
if ($errorCount > 0 && $success == 0) {
unset($_POST['createFTP']);
include 'admin/ftpCreateForm.php';
}
}
} else {
$errorCount++;
$errors[] = getSQLError($connection);
}
}
}
// Log errors
if ($errorCount > 0) {
addToLog($errors);
}
// Return value:
echo $success;
?>