attept 2 at site fix
This commit is contained in:
parent
60bcc67056
commit
cc7bbafb63
23 changed files with 360 additions and 75 deletions
|
|
@ -105,7 +105,7 @@ function website_start_session(): void
|
|||
$_SESSION['website_last_seen_at'] = $now;
|
||||
}
|
||||
|
||||
function website_config(?string $key = null, mixed $default = null): mixed
|
||||
function website_config(?string $key = null, $default = null)
|
||||
{
|
||||
global $websiteConfig;
|
||||
|
||||
|
|
@ -121,7 +121,53 @@ function website_log(string $message): void
|
|||
error_log('[website] ' . $message);
|
||||
}
|
||||
|
||||
function website_escape(mixed $value): string
|
||||
function website_error_reference(): string
|
||||
{
|
||||
try {
|
||||
return strtoupper(bin2hex(random_bytes(4)));
|
||||
} catch (Throwable $e) {
|
||||
return strtoupper(substr(md5((string)microtime(true)), 0, 8));
|
||||
}
|
||||
}
|
||||
|
||||
function website_render_fatal_error(string $reference): void
|
||||
{
|
||||
if (!headers_sent()) {
|
||||
http_response_code(500);
|
||||
header('Content-Type: text/html; charset=utf-8');
|
||||
}
|
||||
|
||||
echo '<!doctype html><html lang="en"><head><meta charset="utf-8">';
|
||||
echo '<meta name="viewport" content="width=device-width, initial-scale=1">';
|
||||
echo '<title>Website Error - Gameservers.World</title>';
|
||||
echo '<link rel="stylesheet" href="' . website_escape(website_asset('css/site.css')) . '">';
|
||||
echo '</head><body><main class="site-main"><section class="page-heading"><div class="container">';
|
||||
echo '<h1>Something went wrong</h1>';
|
||||
echo '<p>We could not load this page. Please try again or contact support with reference ';
|
||||
echo website_escape($reference) . '.</p>';
|
||||
echo '</div></section></main></body></html>';
|
||||
}
|
||||
|
||||
register_shutdown_function(static function (): void {
|
||||
$error = error_get_last();
|
||||
if (!is_array($error)) {
|
||||
return;
|
||||
}
|
||||
$fatalTypes = [E_ERROR, E_PARSE, E_CORE_ERROR, E_COMPILE_ERROR, E_USER_ERROR, E_RECOVERABLE_ERROR];
|
||||
if (!in_array((int)$error['type'], $fatalTypes, true)) {
|
||||
return;
|
||||
}
|
||||
$reference = website_error_reference();
|
||||
website_log('Fatal error [' . $reference . '] ' . ($error['message'] ?? 'unknown') . ' in ' . ($error['file'] ?? 'unknown') . ':' . (string)($error['line'] ?? '0'));
|
||||
if (!headers_sent()) {
|
||||
while (ob_get_level() > 0) {
|
||||
ob_end_clean();
|
||||
}
|
||||
website_render_fatal_error($reference);
|
||||
}
|
||||
});
|
||||
|
||||
function website_escape($value): string
|
||||
{
|
||||
return htmlspecialchars((string)$value, ENT_QUOTES, 'UTF-8');
|
||||
}
|
||||
|
|
@ -151,6 +197,11 @@ function website_request_scheme(): string
|
|||
return 'http';
|
||||
}
|
||||
|
||||
function website_request_method(): string
|
||||
{
|
||||
return strtoupper((string)($_SERVER['REQUEST_METHOD'] ?? 'GET'));
|
||||
}
|
||||
|
||||
function website_base_path(): string
|
||||
{
|
||||
static $basePath = null;
|
||||
|
|
@ -563,12 +614,12 @@ function website_log_activity(string $message, int $userId = 0, string $eventTyp
|
|||
|
||||
function website_safe_return_path(string $returnPath, string $default = 'index.php'): string
|
||||
{
|
||||
if ($returnPath === '' || preg_match('#^[a-z][a-z0-9+.-]*://#i', $returnPath) === 1 || str_starts_with($returnPath, '//')) {
|
||||
if ($returnPath === '' || preg_match('#^[a-z][a-z0-9+.-]*://#i', $returnPath) === 1 || strpos($returnPath, '//') === 0) {
|
||||
return $default;
|
||||
}
|
||||
|
||||
$returnPath = ltrim($returnPath, '/');
|
||||
if (str_contains($returnPath, "\0") || str_starts_with($returnPath, '../') || str_contains($returnPath, '/../')) {
|
||||
if (strpos($returnPath, "\0") !== false || strpos($returnPath, '../') === 0 || strpos($returnPath, '/../') !== false) {
|
||||
return $default;
|
||||
}
|
||||
|
||||
|
|
@ -589,7 +640,7 @@ function website_control_panel_url(string $returnPath = 'home.php?m=dashboard&p=
|
|||
return panel_url(website_safe_return_path($returnPath, 'home.php?m=dashboard&p=dashboard'));
|
||||
}
|
||||
|
||||
function website_order_url(int|string $serviceId): string
|
||||
function website_order_url($serviceId): string
|
||||
{
|
||||
return website_url('order.php?service_id=' . rawurlencode((string)$serviceId));
|
||||
}
|
||||
|
|
@ -627,14 +678,21 @@ function website_fetch_service_by_id(int $serviceId): ?array
|
|||
}
|
||||
|
||||
$safeServiceTable = $db->real_escape_string($serviceTable);
|
||||
$safeConfigTable = $db->real_escape_string($prefix . 'config_homes');
|
||||
$stmt = $db->prepare(
|
||||
"SELECT bs.*, ch.game_name AS cfg_game_name, ch.game_key AS cfg_game_key, ch.home_cfg_file AS cfg_file
|
||||
FROM `{$safeServiceTable}` bs
|
||||
LEFT JOIN `{$safeConfigTable}` ch ON ch.home_cfg_id = bs.home_cfg_id
|
||||
WHERE bs.service_id = ?
|
||||
LIMIT 1"
|
||||
);
|
||||
$configTable = $prefix . 'config_homes';
|
||||
if (website_table_exists($configTable) && website_column_exists($serviceTable, 'home_cfg_id')) {
|
||||
$safeConfigTable = $db->real_escape_string($configTable);
|
||||
$sql = "SELECT bs.*, ch.game_name AS cfg_game_name, ch.game_key AS cfg_game_key, ch.home_cfg_file AS cfg_file
|
||||
FROM `{$safeServiceTable}` bs
|
||||
LEFT JOIN `{$safeConfigTable}` ch ON ch.home_cfg_id = bs.home_cfg_id
|
||||
WHERE bs.service_id = ?
|
||||
LIMIT 1";
|
||||
} else {
|
||||
$sql = "SELECT bs.*, '' AS cfg_game_name, '' AS cfg_game_key, '' AS cfg_file
|
||||
FROM `{$safeServiceTable}` bs
|
||||
WHERE bs.service_id = ?
|
||||
LIMIT 1";
|
||||
}
|
||||
$stmt = $db->prepare($sql);
|
||||
if (!$stmt) {
|
||||
return null;
|
||||
}
|
||||
|
|
@ -822,16 +880,36 @@ function website_fetch_services(int $limit = 0, bool $includeDisabled = false):
|
|||
|
||||
$prefix = website_table_prefix();
|
||||
|
||||
$sql = "SELECT bs.*,
|
||||
ch.game_name AS cfg_game_name,
|
||||
ch.game_key AS cfg_game_key,
|
||||
ch.home_cfg_file AS cfg_file
|
||||
FROM `{$prefix}billing_services` bs
|
||||
LEFT JOIN `{$prefix}config_homes` ch ON ch.home_cfg_id = bs.home_cfg_id
|
||||
WHERE " . ($includeDisabled ? '1 = 1' : "bs.enabled = 1
|
||||
AND bs.remote_server_id <> ''
|
||||
AND bs.remote_server_id IS NOT NULL") . "
|
||||
ORDER BY bs.service_name ASC";
|
||||
$serviceTable = $prefix . 'billing_services';
|
||||
$configTable = $prefix . 'config_homes';
|
||||
if (!website_table_exists($serviceTable)) {
|
||||
return [];
|
||||
}
|
||||
$serviceColumns = website_table_columns($serviceTable);
|
||||
$hasEnabled = isset($serviceColumns['enabled']);
|
||||
$hasRemoteServerId = isset($serviceColumns['remote_server_id']);
|
||||
$where = $includeDisabled ? '1 = 1' : '1 = 1';
|
||||
if (!$includeDisabled && $hasEnabled) {
|
||||
$where .= ' AND bs.enabled = 1';
|
||||
}
|
||||
if (!$includeDisabled && $hasRemoteServerId) {
|
||||
$where .= " AND bs.remote_server_id <> '' AND bs.remote_server_id IS NOT NULL";
|
||||
}
|
||||
if (website_table_exists($configTable) && isset($serviceColumns['home_cfg_id'])) {
|
||||
$sql = "SELECT bs.*,
|
||||
ch.game_name AS cfg_game_name,
|
||||
ch.game_key AS cfg_game_key,
|
||||
ch.home_cfg_file AS cfg_file
|
||||
FROM `{$serviceTable}` bs
|
||||
LEFT JOIN `{$configTable}` ch ON ch.home_cfg_id = bs.home_cfg_id
|
||||
WHERE {$where}
|
||||
ORDER BY bs.service_name ASC";
|
||||
} else {
|
||||
$sql = "SELECT bs.*, '' AS cfg_game_name, '' AS cfg_game_key, '' AS cfg_file
|
||||
FROM `{$serviceTable}` bs
|
||||
WHERE {$where}
|
||||
ORDER BY bs.service_name ASC";
|
||||
}
|
||||
|
||||
if ($limit > 0) {
|
||||
$sql .= ' LIMIT ' . max(1, $limit);
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue