Merge branch 'develop'

Author: JVMerkle

Dockerfile

@@ -8,9 +8,17 @@ RUN apt-get update && \
     docker-php-ext-enable zip && \
     rm -rf /var/lib/apt/lists/*
 
+# Accept X-Forwarded-For as real client ip from a TRUSTED PROXY.
+# Set the "Server" header to production (e.g. to "Apache") and
+# remove apache version information. Build the ETAG from
+# last modified and size only.
 RUN a2enmod remoteip && \
     ( \
         echo "RemoteIPHeader X-Forwarded-For" && \
+        echo "ServerTokens Prod" && \
+        echo "ServerSignature Off" && \
+        echo "TraceEnable off" && \
+        echo "FileETag MTime Size" && \
         echo "ErrorLog /dev/null" && \
         echo "CustomLog /dev/null combined" \
     ) >>/etc/apache2/apache2.conf

README.md

@@ -5,9 +5,9 @@
 
 System that automatically grants ranks in the form of server groups for online time or online activity to users, using the given server groups of the TS3 server.
 
-This is a modified fork of the TSN-Ranksystem which is updated irregularly to a stable version. It is intended to be fully compatible to TSN-Ranksystem at all times. The changeset on branch `develop` is always rebased onto TSN-Ranksystem and later on merged into `master`.
+This is a modified fork of the TSN-Ranksystem which is updated irregularly to a stable version (currently **1.3.17**) . It is intended to be fully compatible to TSN-Ranksystem at all times. The changeset on branch `develop` is always rebased onto TSN-Ranksystem and later on merged into `master`.
 
-Please make sure that your TSN-Ranksystem database version is not above the database version of this fork (downgrade).
+Please make sure that your TSN-Ranksystem (database) version is not above the (database) version of this fork (downgrade).
 
 ## Docker
 You can find the docker images on [docker hub](https://hub.docker.com/r/jvmerkle/ts3-ranksystem).
@@ -19,8 +19,8 @@ Enable the `INSTALL_MODE=1` in the file `docker-compose.yml` by uncommenting the
 ```sh
 docker-compose up
 ```
-Navigate to [http://localhost:8080/install.php](http://localhost:8080/install.php) and set up the rank system. 
-After performing the first time setup re-edit the `docker-compose.yml` by commenting or removing the `INSTALL_MODE`. 
+Navigate to [http://localhost:8080/install.php](http://localhost:8080/install.php) and set up the rank system.
+After performing the first time setup re-edit the `docker-compose.yml` by commenting or removing the `INSTALL_MODE`.
 Then start the docker containers in daemon mode:
 ```sh
 docker-compose up -d

api/index.php

@@ -170,8 +170,18 @@
 	}
 	if(isset($_GET['groupid'])) {
 		$groupid = htmlspecialchars_decode($_GET['groupid']);
+		$explode_groupid = explode(',', $groupid);
 		if($filter != ' WHERE') $filter .= " AND";
-		$filter .= " (`cldgroup` = :groupid OR `cldgroup` LIKE (:groupid0) OR `cldgroup` LIKE (:groupid1) OR `cldgroup` LIKE (:groupid2))";
+		$filter .= " (";
+		$cnt = 0;
+		foreach($explode_groupid as $groupid) {
+			if($cnt > 0) $filter .= " OR ";
+			$filter .= "`cldgroup` = :groupid".$cnt; $cnt++;
+			$filter .= " OR `cldgroup` LIKE (:groupid".$cnt.")"; $cnt++;
+			$filter .= " OR `cldgroup` LIKE (:groupid".$cnt.")"; $cnt++;
+			$filter .= " OR `cldgroup` LIKE (:groupid".$cnt.")"; $cnt++;
+		}
+		$filter .= ")";
 	}
 	if(isset($_GET['name'])) {
 		$name = htmlspecialchars_decode($_GET['name']);
@@ -208,8 +218,17 @@
 				),
 				"groupid" => array(
 					"desc" => "Get only user, which are in the given servergroup database ID",
-					"usage" => "Use \$_GET parameter 'groupid' and add as value a database ID of a servergroup",
-					"example" => "/api/?user&groupid=6"
+					"usage" => "Use \$_GET parameter 'groupid' and add as value a database ID of a servergroup. Multiple servergroups can be specified comma-separated.",
+					"example" => array(
+						"1" => array(
+							"desc" => "Filter by a single servergroup database ID",
+							"url" => "/api/?userstats&groupid=6"
+						),
+						"2" => array(
+							"desc" => "Filter by multiple servergroup database IDs. Only one of the specified groups must apply to get the concerned user.",
+							"url" => "/api/?userstats&groupid=6,9,48"
+						)
+					)
 				),
 				"limit" => array(
 					"desc" => "Define a number that limits the number of results. Maximum value is 1000. Default is 100.",
@@ -273,10 +292,17 @@
 	} else {
 		$dbdata = $mysqlcon->prepare("SELECT * FROM `$dbname`.`user` {$filter} ORDER BY {$sort} {$order} LIMIT :start, :limit");
 		if(isset($_GET['cldbid'])) $dbdata->bindValue(':cldbid', (int) $cldbid, PDO::PARAM_INT);
-		if(isset($_GET['groupid'])) $dbdata->bindValue(':groupid', $groupid, PDO::PARAM_STR);
-		if(isset($_GET['groupid'])) $dbdata->bindValue(':groupid0', $groupid.'%', PDO::PARAM_STR);
-		if(isset($_GET['groupid'])) $dbdata->bindValue(':groupid1', '%'.$groupid.'%', PDO::PARAM_STR);
-		if(isset($_GET['groupid'])) $dbdata->bindValue(':groupid2', '%'.$groupid, PDO::PARAM_STR);
+		if(isset($_GET['groupid'])) {
+			$groupid = htmlspecialchars_decode($_GET['groupid']);
+			$explode_groupid = explode(',', $groupid);
+			$cnt = 0;
+			foreach($explode_groupid as $groupid) {
+				$dbdata->bindValue(':groupid'.$cnt, $groupid, PDO::PARAM_STR); $cnt++;
+				$dbdata->bindValue(':groupid'.$cnt, $groupid.',%', PDO::PARAM_STR); $cnt++;
+				$dbdata->bindValue(':groupid'.$cnt, '%,'.$groupid.',%', PDO::PARAM_STR); $cnt++;
+				$dbdata->bindValue(':groupid'.$cnt, '%,'.$groupid, PDO::PARAM_STR); $cnt++;
+			}
+		}
 		if(isset($_GET['name'])) $dbdata->bindValue(':name', '%'.$name.'%', PDO::PARAM_STR);
 		if(isset($_GET['uuid'])) $dbdata->bindValue(':uuid', '%'.$uuid.'%', PDO::PARAM_STR);
 
@@ -294,8 +320,18 @@
 	}
 	if(isset($_GET['groupid'])) {
 		$groupid = htmlspecialchars_decode($_GET['groupid']);
+		$explode_groupid = explode(',', $groupid);
 		if($filter != ' WHERE') $filter .= " AND";
-		$filter .= " (`user`.`cldgroup` = :groupid OR `user`.`cldgroup` LIKE (:groupid0) OR `user`.`cldgroup` LIKE (:groupid1) OR `user`.`cldgroup` LIKE (:groupid2))";
+		$filter .= " (";
+		$cnt = 0;
+		foreach($explode_groupid as $groupid) {
+			if($cnt > 0) $filter .= " OR ";
+			$filter .= "`user`.`cldgroup` = :groupid".$cnt; $cnt++;
+			$filter .= " OR `user`.`cldgroup` LIKE (:groupid".$cnt.")"; $cnt++;
+			$filter .= " OR `user`.`cldgroup` LIKE (:groupid".$cnt.")"; $cnt++;
+			$filter .= " OR `user`.`cldgroup` LIKE (:groupid".$cnt.")"; $cnt++;
+		}
+		$filter .= ")";
 	}
 	if(isset($_GET['name'])) {
 		$name = htmlspecialchars_decode($_GET['name']);
@@ -332,8 +368,17 @@
 				),
 				"groupid" => array(
 					"desc" => "Get only user, which are in the given servergroup database ID",
-					"usage" => "Use \$_GET parameter 'groupid' and add as value a database ID of a servergroup",
-					"example" => "/api/?userstats&groupid=6"
+					"usage" => "Use \$_GET parameter 'groupid' and add as value a database ID of a servergroup. Multiple servergroups can be specified comma-separated.",
+					"example" => array(
+						"1" => array(
+							"desc" => "Filter by a single servergroup database ID",
+							"url" => "/api/?userstats&groupid=6"
+						),
+						"2" => array(
+							"desc" => "Filter by multiple servergroup database IDs. Only one of the specified groups must apply to get the concerned user.",
+							"url" => "/api/?userstats&groupid=6,9,48"
+						)
+					)
 				),
 				"limit" => array(
 					"desc" => "Define a number that limits the number of results. Maximum value is 1000. Default is 100.",
@@ -397,10 +442,17 @@
 	} else {
 		$dbdata = $mysqlcon->prepare("SELECT * FROM `$dbname`.`stats_user` INNER JOIN `$dbname`.`user` ON `user`.`uuid` = `stats_user`.`uuid` {$filter} ORDER BY {$sort} {$order} LIMIT :start, :limit");
 		if(isset($_GET['cldbid'])) $dbdata->bindValue(':cldbid', (int) $cldbid, PDO::PARAM_INT);
-		if(isset($_GET['groupid'])) $dbdata->bindValue(':groupid', $groupid, PDO::PARAM_STR);
-		if(isset($_GET['groupid'])) $dbdata->bindValue(':groupid0', $groupid.'%', PDO::PARAM_STR);
-		if(isset($_GET['groupid'])) $dbdata->bindValue(':groupid1', '%'.$groupid.'%', PDO::PARAM_STR);
-		if(isset($_GET['groupid'])) $dbdata->bindValue(':groupid2', '%'.$groupid, PDO::PARAM_STR);
+		if(isset($_GET['groupid'])) {
+			$groupid = htmlspecialchars_decode($_GET['groupid']);
+			$explode_groupid = explode(',', $groupid);
+			$cnt = 0;
+			foreach($explode_groupid as $groupid) {
+				$dbdata->bindValue(':groupid'.$cnt, $groupid, PDO::PARAM_STR); $cnt++;
+				$dbdata->bindValue(':groupid'.$cnt, $groupid.',%', PDO::PARAM_STR); $cnt++;
+				$dbdata->bindValue(':groupid'.$cnt, '%,'.$groupid.',%', PDO::PARAM_STR); $cnt++;
+				$dbdata->bindValue(':groupid'.$cnt, '%,'.$groupid, PDO::PARAM_STR); $cnt++;
+			}
+		}
 		if(isset($_GET['name'])) $dbdata->bindValue(':name', '%'.$name.'%', PDO::PARAM_STR);
 		if(isset($_GET['uuid'])) $dbdata->bindValue(':uuid', '%'.$uuid.'%', PDO::PARAM_STR);
 

install.php

@@ -1,5 +1,5 @@
 <?PHP
-$rsversion = '1.3.15';
+$rsversion = '1.3.17';
 
 require_once('other/_functions.php');
 require_once('other/config.php');
@@ -168,7 +168,7 @@ function install($type, $host, $user, $pass, $dbname, $lang, $mysqlcon, &$err_ms
 			$count++;
 		}
 
-		if($mysqlcon->exec("INSERT INTO `$dbname`.`job_check` (`job_name`) VALUES ('calc_user_limit'),('calc_user_lastscan'),('check_update'),('database_export'),('get_version'),('clean_db'),('clean_clients'),('calc_donut_chars'),('calc_server_stats'),('get_avatars'),('last_snapshot_id'),('last_snapshot_time'),('last_update'),('reload_trigger'),('reset_user_time'),('reset_user_delete'),('reset_group_withdraw'),('reset_webspace_cache'),('reset_usage_graph'),('reset_stop_after'),('runtime_check'),('update_groups')") === false) {
+		if($mysqlcon->exec("INSERT INTO `$dbname`.`job_check` (`job_name`) VALUES ('calc_user_limit'),('calc_user_lastscan'),('calc_user_removed'),('check_update'),('database_export'),('get_version'),('clean_db'),('clean_clients'),('calc_donut_chars'),('calc_server_stats'),('get_avatars'),('last_snapshot_id'),('last_snapshot_time'),('last_update'),('reload_trigger'),('reset_user_time'),('reset_user_delete'),('reset_group_withdraw'),('reset_webspace_cache'),('reset_usage_graph'),('reset_stop_after'),('runtime_check'),('update_groups')") === false) {
 			$err_msg .= $lang['isntwidbmsg'].$mysqlcon->errorCode()." ".print_r($mysqlcon->errorInfo(), true).'<br>'; $err_lvl = 2;
 			$count++;
 		}

jobs/bot.php

@@ -17,6 +17,7 @@
 ini_set("log_errors", 1);
 
 require_once(substr(__DIR__,0,-4).'other/_functions.php');
+$persistent = 1;
 require_once(substr(__DIR__,0,-4).'other/config.php');
 $lang = set_language(get_language($cfg));
 
@@ -71,6 +72,17 @@
 }
 enter_logfile($cfg,9,"Database Version: ".$mysqlcon->getAttribute(PDO::ATTR_SERVER_VERSION));
 
+// enter_logfile($cfg,9,"Starting connection test to the Ranksystem update-server (may need a few seconds)...");
+// $update_server = fsockopen('193.70.102.252', 443, $errno, $errstr, 10);
+// if(!$update_server) {
+// 	enter_logfile($cfg,2,"  Connection to Ranksystem update-server failed: $errstr ($errno)");
+// 	enter_logfile($cfg,3,"    This connection is neccessary to receive updates for the Ranksystem!");
+// 	enter_logfile($cfg,3,"    Please whitelist the IP 193.70.102.252 (TCP port 443) on your network (firewall)");
+// } else {
+// 	enter_logfile($cfg,9,"  Connection test successful");
+// }
+// enter_logfile($cfg,9,"Starting connection test to the Ranksystem update-server [done]");
+
 check_db($mysqlcon,$lang,$cfg,$dbname);
 $cfg['temp_db_version'] = $mysqlcon->getAttribute(PDO::ATTR_SERVER_VERSION);
 $cfg['temp_last_botstart'] = time();

jobs/calc_user.php

@@ -33,38 +33,53 @@ function calc_user($ts3,$mysqlcon,$lang,$cfg,$dbname,$allclients,$phpcommand,&$d
 						$temp_cldbid = $client['client_database_id'];
 					}
 				}
-				$db_cache['all_user'][$uuid]['count'] += $value['timecount'];
-				if($db_cache['all_user'][$uuid]['count'] < 0) {
-					$db_cache['all_user'][$uuid]['count'] = $db_cache['all_user'][$uuid]['idle'] = 0;
-				} elseif ($db_cache['all_user'][$uuid]['idle'] > $db_cache['all_user'][$uuid]['count']) {
-					$db_cache['all_user'][$uuid]['idle'] = $db_cache['all_user'][$uuid]['count'];
-				}
-				if($isonline != 1) {
-					if(($user = $mysqlcon->query("SELECT `uuid`,`cldbid` FROM `$dbname`.`user` WHERE `uuid`='{$uuid}'")->fetchAll(PDO::FETCH_ASSOC|PDO::FETCH_UNIQUE)) === false) {
-						enter_logfile($cfg,2,"Database error on selecting user (admin function remove/add time): ".print_r($mysqlcon->errorInfo(), true));
+				if($value['timecount'] == 0 && $value['timestamp'] == 4273093200) {
+					//remove user
+					if(($user = $mysqlcon->query("SELECT `uuid`,`cldbid`,`name` FROM `$dbname`.`user` WHERE `uuid`='{$uuid}'")->fetchAll(PDO::FETCH_ASSOC|PDO::FETCH_UNIQUE)) === false) {
+						enter_logfile($cfg,2,"Database error on selecting user (admin function remove user): ".print_r($mysqlcon->errorInfo(), true));
 					} else {
 						$temp_cldbid = $user[$uuid]['cldbid'];
-						$sqlexec .= "UPDATE `$dbname`.`user` SET `count`='{$db_cache['all_user'][$uuid]['count']}', `idle`='{$db_cache['all_user'][$uuid]['idle']}' WHERE `uuid`='{$uuid}';\n";
+						$sqlexec .= "DELETE FROM `$dbname`.`addon_assign_groups` WHERE `uuid`='{$uuid}';\nDELETE FROM `$dbname`.`admin_addtime` WHERE `uuid`='{$uuid}';\nDELETE FROM `$dbname`.`stats_user` WHERE `uuid`='{$uuid}';\nDELETE FROM `$dbname`.`user` WHERE `uuid`='{$uuid}';\nDELETE FROM `$dbname`.`user_iphash` WHERE `uuid`='{$uuid}';\nDELETE FROM `$dbname`.`user_snapshot` WHERE `cldbid`='{$temp_cldbid}';\n";
+						enter_logfile($cfg,4,sprintf($lang['wihladm45'],$user[$uuid]['name'],$uuid,$temp_cldbid).' ('.$lang['wihladm46'].')');
+						if(isset($db_cache['all_user'][$uuid])) unset($db_cache['all_user'][$uuid]);
+						if(isset($db_cache['admin_addtime'][$uuid])) unset($db_cache['admin_addtime'][$uuid]);
+						if(isset($db_cache['addon_assign_groups'][$uuid])) unset($db_cache['addon_assign_groups'][$uuid]);
 					}
-				}
-				if($mysqlcon->exec("DELETE FROM `$dbname`.`admin_addtime` WHERE `timestamp`=".$value['timestamp']." AND `uuid`='$uuid';") === false) {
-					enter_logfile($cfg,2,"Database error on updating user (admin function remove/add time): ".print_r($mysqlcon->errorInfo(), true));
-				}
-				if(($usersnap = $mysqlcon->query("SELECT `id`,`cldbid`,`count`,`idle` FROM `$dbname`.`user_snapshot` WHERE `cldbid`={$temp_cldbid}")->fetchAll(PDO::FETCH_ASSOC|PDO::FETCH_UNIQUE)) === false) {
-					enter_logfile($cfg,2,"Database error on selecting user (admin function remove/add time): ".print_r($mysqlcon->errorInfo(), true));
+					unset($user);
 				} else {
-					foreach($usersnap as $id => $valuesnap) {
-						$valuesnap['count'] += $value['timecount'];
-						if($valuesnap['count'] < 0) {
-							$valuesnap['count'] = $valuesnap['idle'] = 0;
-						} elseif ($valuesnap['idle'] > $valuesnap['count']) {
-							$valuesnap['idle'] = $valuesnap['count'];
+					$db_cache['all_user'][$uuid]['count'] += $value['timecount'];
+					if($db_cache['all_user'][$uuid]['count'] < 0) {
+						$db_cache['all_user'][$uuid]['count'] = $db_cache['all_user'][$uuid]['idle'] = 0;
+					} elseif ($db_cache['all_user'][$uuid]['idle'] > $db_cache['all_user'][$uuid]['count']) {
+						$db_cache['all_user'][$uuid]['idle'] = $db_cache['all_user'][$uuid]['count'];
+					}
+					if($isonline != 1) {
+						if(($user = $mysqlcon->query("SELECT `uuid`,`cldbid` FROM `$dbname`.`user` WHERE `uuid`='{$uuid}'")->fetchAll(PDO::FETCH_ASSOC|PDO::FETCH_UNIQUE)) === false) {
+							enter_logfile($cfg,2,"Database error on selecting user (admin function remove/add time): ".print_r($mysqlcon->errorInfo(), true));
+						} else {
+							$temp_cldbid = $user[$uuid]['cldbid'];
+							$sqlexec .= "UPDATE `$dbname`.`user` SET `count`='{$db_cache['all_user'][$uuid]['count']}', `idle`='{$db_cache['all_user'][$uuid]['idle']}' WHERE `uuid`='{$uuid}';\n";
+						}
+					}
+					if($mysqlcon->exec("DELETE FROM `$dbname`.`admin_addtime` WHERE `timestamp`=".$value['timestamp']." AND `uuid`='$uuid';") === false) {
+						enter_logfile($cfg,2,"Database error on updating user (admin function remove/add time): ".print_r($mysqlcon->errorInfo(), true));
+					}
+					if(($usersnap = $mysqlcon->query("SELECT `id`,`cldbid`,`count`,`idle` FROM `$dbname`.`user_snapshot` WHERE `cldbid`={$temp_cldbid}")->fetchAll(PDO::FETCH_ASSOC|PDO::FETCH_UNIQUE)) === false) {
+						enter_logfile($cfg,2,"Database error on selecting user (admin function remove/add time): ".print_r($mysqlcon->errorInfo(), true));
+					} else {
+						foreach($usersnap as $id => $valuesnap) {
+							$valuesnap['count'] += $value['timecount'];
+							if($valuesnap['count'] < 0) {
+								$valuesnap['count'] = $valuesnap['idle'] = 0;
+							} elseif ($valuesnap['idle'] > $valuesnap['count']) {
+								$valuesnap['idle'] = $valuesnap['count'];
+							}
+							$sqlexec .= "UPDATE `$dbname`.`user_snapshot` SET `count`='{$valuesnap['count']}', `idle`='{$valuesnap['idle']}' WHERE `cldbid`='{$temp_cldbid}' AND `id`='{$id}';\n";
 						}
-						$sqlexec .= "UPDATE `$dbname`.`user_snapshot` SET `count`='{$valuesnap['count']}', `idle`='{$valuesnap['idle']}' WHERE `cldbid`='{$temp_cldbid}' AND `id`='{$id}';\n";
 					}
+					enter_logfile($cfg,4,sprintf($lang['sccupcount2'],$value['timecount'],$uuid).' ('.$lang['wihladm46'].')');
+					unset($user, $usersnap);
 				}
-				enter_logfile($cfg,4,sprintf($lang['sccupcount2'],$value['timecount'],$uuid));
-				unset($user, $usersnap);
 			}
 		}
 		unset($db_cache['admin_addtime']);

jobs/calc_userstats.php

@@ -134,6 +134,12 @@ function calc_userstats($ts3,$mysqlcon,$cfg,$dbname,&$db_cache) {
 			$sqlexec .= "UPDATE `$dbname`.`job_check` SET `timestamp`=$job_end WHERE `job_name`='calc_user_limit';\n";
 		}
 	}
+	
+	if ($db_cache['job_check']['calc_user_removed']['timestamp'] < ($nowtime - 1800)) {
+		$db_cache['job_check']['calc_user_removed']['timestamp'] = $nowtime;
+		$atime = $nowtime - 3600;
+		$sqlexec .= "UPDATE `$dbname`.`stats_user` AS `s` INNER JOIN `$dbname`.`user` AS `u` ON `s`.`uuid`=`u`.`uuid` SET `s`.`removed`='0' WHERE `s`.`removed`='1' AND `u`.`lastseen`>{$atime};\nUPDATE `$dbname`.`job_check` SET `timestamp`='{$nowtime}' WHERE `job_name`='calc_user_removed';\n";
+	}
 
 	enter_logfile($cfg,6,"calc_userstats needs: ".(number_format(round((microtime(true) - $starttime), 5),5)));
 	return($sqlexec);