[Nucleo]

Aegis CP v2.1 (Released Feb 23, 2004)
This is my latest release of the Aegis Control Panel. It is a lot less buggy, and a lot easier to setup and configure (Installation Documents and be found in the distribution package)

Features:

• User Specific Privledges defined in the `flagged_accounts` table
  
• Logging of all administrative actions
  
• Updated GUI
  
• Account clean up scripts with consists of the following
  • Wiping of all offline level 1 novices
    
  • Wiping of all accounts with no characters
    
  • Wiping inactive accounts (not been logged in over a month)
    
  • All characters that do not have an existing account attached to them
    
  • Resetting PvP Scores for the Ladder Board
  
  
• Entire account listing, searching, and editing, and deleting
  
• Entire character listing, searching, editing, viewing items, and deleting
  
• Full featured Guild Ladder board, shows Guild Castles owned by which guilds, level of guilds, members in each guild, and some information about each player
  
• Full featured User Ladder TOP200 listing, users are ranked by Base Lvl -> Job Lvl -> Zeny
  
• Integrated control panel for the players to modify their passwords, change their hairstyle, and transfer zeny from one character to another
  
• Authorized users can post annoucements for logged in users to see
  
• Monster listing, searching by item/map/mob, can view drops of each monster and stats
  
• Viewing online players
  
• Administrating validating users (users that have not confirmed their email yet)
  
• Nice user registration page, where users are required to validate their email before they can use their account. This registration also has a spam filter on it where users may only user the registration twice per day (24 hours).
  
• Users may recover lost passwords via the 'Lost Password?' button at login. PHP Will send an email to the users with their account information.

Anyone who uses my control panel, I demand that you leave the about page and credit to me, it's not that much to ask.

I love it when I recieve feedback, so please, do so!

Download Here (If people can mirror this please do!)
http://evilro.net/cp/AegisCPv2.1.zip

IMPORTANT BUG NOTICE!! FIX IT OR RISK BEING EXPLOITED!
As quoted by azndragon, to ensure that this exploit doesn't happen to you, do the following:

Quote

Small fix for SQL Injection:

gd_ladder.php

Before this line:
$result = mssql_query("select * from GuildInfoDB where GDID=$GET_guild",$char_db);

Add:

if (strlen($GET_guild) > 4) {
redir("index.php", "You cannot perform this action!");
exit();
}

I would suggest that you upgrade this IMMEDIATELY.

This post has been edited by maldiablo: 27 June 2004 - 12:27 AM

[gugclo]

ok first bug, you have a missing function named, file_get_contents()

edit: damn its not your fualt, its my verson of php, what verson has this function?

[Zezicla]

seems like file is damaged ?

[Panthers]

Confirmed, it's damaged and WinRar's repair didn't work either :unsure:

[Nucleo]

oops im so sorry,i'll fix it

#edit#
fixed

This post has been edited by Nucleo: 24 February 2004 - 07:02 AM

[FuZioN]

I'm using EasyPHP 1.6..seems to work for me?

[skyiing]

PHP Script Interpreter has encountered a problem and needs to close. We are sorry for the inconvenience.

CGI Error
The specified CGI application misbehaved by not returning a complete set of HTTP headers. The headers it did return are:

[Rentus]

it's working fine.
But I would have deleted those Validating users (everyone can see their pwd!), that announcement from lambie, the GM-pictures, the logfiles and so on ^^.

oh, by teh way, the cp_config.php is missing.

[newbe5]

I haven't tried this yet, but I'm planning on it.

However, is there a way of turning OFF the registration part? My server is invite only, so I create all of the accounts myself. I don't want people making their own.

newbe5

[Rentus]

you can deactivate it in the conf.def

Quote

$_SESSION['cfg_user_registration'] = 'disabled';

This post has been edited by Rentus: 24 February 2004 - 10:24 AM

[sfacrew]

this is my error

Fatal error: Call to undefined function: mssql_connect() in c:\appserv\www\aegis\memory.php on line 58

plz how to connect to mssql

[Rentus]

you have to activate the mssql_connect() by deleting the ";" in front of "extension=php_mssql.dll" in the php.ini

[MokuJin]

so helpfull :(

This post has been edited by MokuJin: 16 March 2004 - 05:34 AM

[gugclo]

Mirrored
http://www.izlude.co...AegisCPv2.1.zip

[Nucleo]

Rentus, on Feb 24 2004, 01:46 AM, said:

it's working fine.
But I would have deleted those Validating users (everyone can see their pwd!), that announcement from lambie, the GM-pictures, the logfiles and so on ^^.

oh, by teh way, the cp_config.php is missing.

cp_config is no longer used by the aegis cp, you can remove that line if you wish from the footer.inc :)

only those authorized will be able to view passwords, which is flagged in the 'flagged_accounts' table. This is an 'as is' directly off of my ragnarok server, so yes, feel free to delete logs, gm pictures, annoucements etc.

#Edit#
Post count 100 , yay

This post has been edited by Nucleo: 25 February 2004 - 05:19 PM

[andz]

great work, :P

i tried to use it.. but it gives me errors..

Notice: Undefined index: login in d:\program\easyphp1-7\www\register\memory.php on line 50

Notice: Undefined index: password in d:\program\easyphp1-7\www\register\memory.php on line 51

Notice: Undefined index: login in d:\program\easyphp1-7\www\register\memory.php on line 22

Line 50-52
if ($_COOKIE['login'] == $result_array['ID'] &&
$_COOKIE['password'] == $result_array['passwd'])

Line 22
return $_COOKIE['login'];

Confuse, B)

[Rentus]

Nucleo, on Feb 25 2004, 12:53 AM, said:

only those authorized will be able to view passwords, which is flagged in the 'flagged_accounts' table.

I just meant that now everybody who downloads your controlpannel can see the pwd's from your not authorised players.
So I would recommend that they change their pwd.

[Nucleo]

no its fine, i wipe those all the time, i guess that 99% of the players in the auth table wont ever be used because most people authorize their account right away

[Nucleo]

k0rN, on Feb 25 2004, 01:31 AM, said:

great work, ;)

i tried to use it.. but it gives me errors..

Notice: Undefined index: login in d:\program\easyphp1-7\www\register\memory.php on line 50

Notice: Undefined index: password in d:\program\easyphp1-7\www\register\memory.php on line 51

Notice: Undefined index: login in d:\program\easyphp1-7\www\register\memory.php on line 22

Line 50-52
if ($_COOKIE['login'] == $result_array['ID'] &&
$_COOKIE['password'] == $result_array['passwd'])

Line 22
return $_COOKIE['login'];

Confuse,  :(

It cant find the indexes 'login' and 'password' in the cookie array, maybe its easyPHP or something, I install apache and PHP by hand, makes it a lot simplar IMO

Try putting an @ infront of the $_COOKIE, so change it to this

Line 50-52
if (@$_COOKIE['login'] == $result_array['ID'] &&
@$_COOKIE['password'] == $result_array['passwd'])

Line 22
return @$_COOKIE['login'];

I don't know of that will work, but when it can't find those indexes, it means ur not logged in, on my apache setup it just ignores the fact that they are missing.

[andz]

I Use Latest EasyPHP 1.7 + Apache

Hmm.. It Worked.. When i added @ but when i opened it Auto Login as .
Then i Log out..

Gave Me New Errors..

Notice: Undefined variable: POST_action in d:\program\easyphp1-7\www\register\login.php on line 16

Notice: Undefined variable: GET_action in d:\program\easyphp1-7\www\register\login.php on line 16

Notice: Undefined index: p in d:\program\easyphp1-7\www\register\login.php on line 20

Notice: Undefined variable: PHP_SELF in d:\program\easyphp1-7\www\register\login.php on line 30

Line 16
if (!$POST_action && !$GET_action)

Line 20
$p = $_GET['p'];

Line 30
echo "<form action=\"$PHP_SELF\" method=\"post\">";