2026-04-14 17:41:39 +02:00

766 lines
24 KiB
JavaScript

const freezedPlayersCache = [];
async function reviveOrKillPlayer(type, playerId, res) {
if (type === "revive") {
emit("mAdmin:server:revivePlayer", playerId);
res.json({ code: 200, message: "Revived." });
} else if (type === "kill") {
emitNet("mAdmin:killPlayer", playerId);
res.json({ code: 200, message: "Killed." });
}
}
/**
* @param {string} key
* @param {string} uid
* @returns {string}
*/
app.use("/reviveOrHealPlayer.lvorex", express.json());
app.post("/reviveOrHealPlayer.lvorex", async (req, res) => {
const postBody = req.body;
const { keyFound, userKey } = await controlKey(req, postBody.key);
if (keyFound === false)
return res.json({ code: 404, message: "Not authorized." });
const PermissionCheck = await checkPermission(userKey.rank, "Players", 7);
if (!PermissionCheck)
return res.json({ code: 401, message: "Your rank is not enough." });
const NeededPlayer = await checkPlayerIsOnline(postBody.uid, res);
if (!NeededPlayer) return;
reviveOrKillPlayer("revive", NeededPlayer.playerId, res);
});
/**
* @param {string} key
* @param {string} uid
* @returns {string}
*/
app.use("/killPlayer.lvorex", express.json());
app.post("/killPlayer.lvorex", async (req, res) => {
const postBody = req.body;
const { keyFound, userKey } = await controlKey(req, postBody.key);
if (keyFound === false)
return res.json({ code: 404, message: "Not authorized." });
const PermissionCheck = await checkPermission(userKey.rank, "Players", 7);
if (!PermissionCheck)
return res.json({ code: 401, message: "Your rank is not enough." });
const NeededPlayer = await checkPlayerIsOnline(postBody.uid, res);
if (!NeededPlayer) return;
reviveOrKillPlayer("kill", NeededPlayer.playerId, res);
});
/**
* @param {string} key
* @param {string} uid
* @returns {string}
*/
app.use("/openPedMenu.lvorex", express.json());
app.post("/openPedMenu.lvorex", async (req, res) => {
const postBody = req.body;
const { keyFound, userKey } = await controlKey(req, postBody.key);
if (keyFound === false)
return res.json({ code: 404, message: "Not authorized." });
const PermissionCheck = await checkPermission(userKey.rank, "Players", 7);
if (!PermissionCheck)
return res.json({ code: 401, message: "Your rank is not enough." });
const NeededPlayer = await checkPlayerIsOnline(postBody.uid, res);
if (!NeededPlayer) return;
emit("madmin:server:openPedMenu", NeededPlayer.playerId);
res.json({ code: 200, message: "Opened." });
});
/**
* @param {string} key
* @param {string} uid
* @returns {string}
*/
app.use("/freezePlayer.lvorex", express.json());
app.post("/freezePlayer.lvorex", async (req, res) => {
const postBody = req.body;
const { keyFound, userKey } = await controlKey(req, postBody.key);
if (keyFound === false)
return res.json({ code: 404, message: "Not authorized." });
const PermissionCheck = await checkPermission(userKey.rank, "Players", 7);
if (!PermissionCheck)
return res.json({ code: 401, message: "Your rank is not enough." });
const NeededPlayer = await checkPlayerIsOnline(postBody.uid, res);
if (!NeededPlayer) return;
const playerPed = GetPlayerPed(NeededPlayer.playerId);
const freezedIndex = freezedPlayersCache.findIndex((w) => w === postBody.uid);
if (freezedIndex !== -1) {
FreezeEntityPosition(playerPed, false);
freezedPlayersCache.splice(freezedIndex, 1);
} else {
FreezeEntityPosition(playerPed, true);
freezedPlayersCache.push(postBody.uid);
}
res.json({ code: 200, message: "Toggled." });
});
/**
* @param {string} key
* @param {string} uid
* @param {string} message
* @returns {string}
*/
app.use("/sendPMToPlayer.lvorex", express.json());
app.post("/sendPMToPlayer.lvorex", async (req, res) => {
const postBody = req.body;
const { keyFound, userKey } = await controlKey(req, postBody.key);
if (keyFound === false)
return res.json({ code: 404, message: "Not authorized." });
const PermissionCheck = await checkPermission(userKey.rank, "Players", 7);
if (!PermissionCheck)
return res.json({ code: 401, message: "Your rank is not enough." });
const NeededPlayer = await checkPlayerIsOnline(postBody.uid, res);
if (!NeededPlayer) return;
emit(
"mAdmin:SendPMToPlayer",
Number(NeededPlayer.playerId),
`${userKey.rank} ${userKey.userName}`,
postBody.message
);
res.json({ code: 200, message: "Sent." });
});
/**
* @param {string} key
* @param {string} uid
* @param {string} staff
* @param {string} message
* @returns {string}
*/
app.use("/warnPlayerAction.lvorex", express.json());
app.post("/warnPlayerAction.lvorex", async (req, res) => {
const postBody = req.body;
const { keyFound, userKey } = await controlKey(req, postBody.key);
if (keyFound === false)
return res.json({ code: 404, message: "Not authorized." });
const PermissionCheck = await checkPermission(userKey.rank, "Players", 7);
if (!PermissionCheck)
return res.json({ code: 401, message: "Your rank is not enough." });
const NeededPlayer = await checkPlayerIsOnline(postBody.uid, res);
if (!NeededPlayer) return;
let result = await query(`
INSERT INTO \`madmin_logs\` (
\`type\`,
\`author\`,
\`message\`,
\`date\`,
\`player_uid\`
) VALUES (
'warn',
'${postBody.staff}',
'${postBody.message.replaceAll("'", "\\'")}',
'${moment(Date.now()).format("DD.MM.YYYY HH:mm:ss")}',
'${postBody.uid}'
)
`);
if (result === false)
return res.json({ code: 404, message: "SQL Error Appeared." });
emit(
"mAdmin:SendWarningToPlayer",
Number(NeededPlayer.playerId),
`${userKey.rank} ${userKey.userName}`,
postBody.message
);
res.json({ code: 200, message: "Sent." });
});
/**
* @param {string} key
* @param {string} uid
* @param {string} staff
* @param {string} message
* @returns {string}
*/
app.use("/kickPlayerAction.lvorex", express.json());
app.post("/kickPlayerAction.lvorex", async (req, res) => {
const postBody = req.body;
const { keyFound, userKey } = await controlKey(req, postBody.key);
if (keyFound === false)
return res.json({ code: 404, message: "Not authorized." });
const PermissionCheck = await checkPermission(userKey.rank, "Players", 7);
if (!PermissionCheck)
return res.json({ code: 401, message: "Your rank is not enough." });
const NeededPlayer = await checkPlayerIsOnline(postBody.uid, res);
if (!NeededPlayer) return;
let result = await query(`
INSERT INTO \`madmin_logs\` (
\`type\`,
\`author\`,
\`message\`,
\`date\`,
\`player_uid\`
) VALUES (
'kick',
'${postBody.staff}',
'${postBody.message.replaceAll("'", "\\'")}',
'${moment(Date.now()).format("DD.MM.YYYY HH:mm:ss")}',
'${postBody.uid}'
)
`);
if (result === false)
return res.json({ code: 404, message: "SQL Error Appeared." });
DropPlayer(NeededPlayer.playerId, postBody.message);
res.json({ code: 200, message: "Player kicked." });
});
/**
* @param {string} key
* @param {string} uid
* @param {string} staff
* @param {string} reason
* @param {number} jailTime
* @returns {string}
*/
app.use("/jailPlayerAction.lvorex", express.json());
app.post("/jailPlayerAction.lvorex", async (req, res) => {
const postBody = req.body;
const { keyFound, userKey } = await controlKey(req, postBody.key);
if (keyFound === false)
return res.json({ code: 404, message: "Not authorized." });
const PermissionCheck = await checkPermission(userKey.rank, "Players", 7);
if (!PermissionCheck)
return res.json({ code: 401, message: "Your rank is not enough." });
const NeededPlayer = await checkPlayerIsOnline(postBody.uid, res);
if (!NeededPlayer) return;
let result = await query(`
INSERT INTO \`madmin_logs\` (
\`type\`,
\`author\`,
\`message\`,
\`date\`,
\`player_uid\`,
\`count\`
) VALUES (
'adminjail',
'${postBody.staff}',
'${postBody.reason.replace("'", "\\'")}',
'${moment(Date.now()).format("DD.MM.YYYY HH:mm:ss")}',
'${postBody.uid}',
${Number(postBody.jailTime) * 60 * 1000}
)
`);
if (result === false)
return res.json({ code: 404, message: "SQL Error Appeared." });
emit(
"mAdmin:SendPlayerToJail",
Number(NeededPlayer.playerId),
postBody.jailTime,
postBody.reason,
postBody.key
);
res.json({ code: 200, message: "Player sent to jail." });
});
/**
* @param {string} key
* @param {string} uid
* ---
* @param {string} bannedBy
* @param {string} message
* @param {number} banTime
* @param {string} type
* ---
* @param {string} license
* @param {string} name
* @param {string} discord
* @param {string} steam
* ---
* @returns {string}
*/
app.use("/banPlayerAction.lvorex", express.json());
app.post("/banPlayerAction.lvorex", async (req, res) => {
const postBody = req.body;
const { keyFound, userKey } = await controlKey(req, postBody.key);
if (keyFound === false)
return res.json({ code: 404, message: "Not authorized." });
const PermissionCheck = await checkPermission(userKey.rank, "Players", 7);
if (!PermissionCheck)
return res.json({ code: 401, message: "Your rank is not enough." });
const NeededPlayer = await checkPlayerIsOnline(postBody.uid, res, true);
if (!postBody.banTime && postBody.type !== "perma")
return res.json({ code: 404, message: "Please select/type ban time." });
if (!postBody.message) postBody.message = "No reason provided.";
let playerSource = undefined;
let playerIdentifiers = {};
let playerLicense = "";
let playerName = "";
if (NeededPlayer) {
playerSource = NeededPlayer.playerId;
for (let i = 0; i < GetNumPlayerIdentifiers(playerSource); i++) {
const identifier = GetPlayerIdentifier(playerSource, i);
if (identifier.includes("license:")) {
playerLicense = identifier;
continue;
}
playerIdentifiers[identifier.split(":")[0]] = identifier;
}
playerName = GetPlayerName(playerSource);
} else {
playerLicense = postBody.license;
playerName = postBody.name;
playerIdentifiers.discord =
postBody.discord === "undefined" ? undefined : postBody.discord;
playerIdentifiers.steam =
postBody.steam === "undefined" ? undefined : postBody.steam;
}
console.log(
`[mAdmin DEBUG] Starting ban process for player: ${playerName} (License: ${playerLicense})`
);
console.log(
`[mAdmin DEBUG] Ban details - Type: ${postBody.type}, Time: ${postBody.banTime}, Reason: ${postBody.message}`
);
console.log(`[mAdmin DEBUG] Player identifiers:`, playerIdentifiers);
let result = await query(
`SELECT * FROM \`madmin_bans\` WHERE \`license\` = '${playerLicense}'`
);
console.log(`[mAdmin DEBUG] Existing ban check result:`, result);
if (result === false)
return res.json({ code: 404, message: "SQL Error Appeared." });
if (result.length > 0) {
console.log(
`[mAdmin DEBUG] Found existing ban, removing before adding new one`
);
result = await query(
`DELETE FROM \`madmin_bans\` WHERE \`id\` = '${result[0].id}'`
);
if (result === false)
return res.json({ code: 404, message: "SQL Error Appeared." });
console.log(`[mAdmin DEBUG] Existing ban removed successfully`);
}
const fixedMessage = postBody.message.replaceAll("'", "\\'");
const banInsertQuery = `INSERT INTO \`madmin_bans\` (\`name\`, \`steam\`, \`discord\`, \`license\`, \`reason\`, \`endTime\`, \`bannedAt\`, \`bannedBy\`) VALUES ('${playerName}', '${
playerIdentifiers.steam ? playerIdentifiers.steam : "Not Detected."
}', '${
playerIdentifiers.discord ? playerIdentifiers.discord : "Not Detected"
}', '${playerLicense}', '${fixedMessage}', ${
postBody.type === "temp" ? Date.now() + Number(postBody.banTime) : 0
}, '${Date.now()}', '${postBody.bannedBy}')`;
console.log(`[mAdmin DEBUG] Inserting ban into database: ${banInsertQuery}`);
result = await query(banInsertQuery);
if (result === false) {
console.error(
`[mAdmin ERROR] Failed to insert ban into database for player ${playerName}`
);
return res.json({ code: 404, message: "SQL Error Appeared." });
}
console.log(
`[mAdmin DEBUG] Ban successfully inserted into database for player ${playerName}`
);
result = await query(`
INSERT INTO \`madmin_logs\` (
\`type\`,
\`author\`,
\`message\`,
\`date\`,
\`player_uid\`,
\`count\`
) VALUES (
'ban',
'${postBody.bannedBy}',
'${fixedMessage}',
'${moment(Date.now()).format("DD.MM.YYYY HH:mm:ss")}',
'${postBody.uid}',
${Number(postBody.banTime)}
)
`);
if (result === false) {
console.error(
`[mAdmin ERROR] Failed to insert ban log for player ${playerName}`
);
return res.json({ code: 404, message: "SQL Error Appeared." });
}
console.log(
`[mAdmin DEBUG] Ban log successfully inserted for player ${playerName}`
);
if (NeededPlayer) {
console.log(
`[mAdmin DEBUG] Player ${playerName} is online (ID: ${NeededPlayer.playerId}), dropping player with reason: ${postBody.message}`
);
DropPlayer(NeededPlayer.playerId, postBody.message);
console.log(
`[mAdmin DEBUG] Player ${playerName} has been dropped from server`
);
} else {
console.log(
`[mAdmin DEBUG] Player ${playerName} is not currently online, ban will take effect on next connection attempt`
);
}
res.json({ code: 200, message: "Player banned." });
});
/**
* @param {string} key
* @param {string} license
* @param {string} logIdentifier
* @returns {string}
*/
app.use("/unbanPlayerAction.lvorex", express.json());
app.post("/unbanPlayerAction.lvorex", async (req, res) => {
const postBody = req.body;
const { keyFound, userKey } = await controlKey(req, postBody.key);
if (keyFound === false)
return res.json({ code: 404, message: "Not authorized." });
const PermissionCheck = await checkPermission(userKey.rank, "Players", 19);
if (!PermissionCheck)
return res.json({ code: 401, message: "Your rank is not enough." });
let result = await query(`
DELETE FROM \`madmin_bans\`
WHERE \`license\` LIKE '%${postBody.license.split(":")[1]}'
`);
if (result === false)
return res.json({ code: 404, message: "SQL Error Appeared." });
if (postBody.temp) {
result = await query(`
UPDATE \`madmin_logs\`
SET \`cancelled\` = 1
WHERE \`id\` = ${postBody.logIdentifier}
`);
if (result === false)
return res.json({ code: 404, message: "SQL Error Appeared." });
}
res.json({ code: 200, message: "Unbanned player." });
});
/**
* @param {string} key
* @param {string} uid
* @param {string} logIdentifier
* @returns {string}
*/
app.use("/unjailPlayerAction.lvorex", express.json());
app.post("/unjailPlayerAction.lvorex", async (req, res) => {
const postBody = req.body;
const { keyFound, userKey } = await controlKey(req, postBody.key);
if (keyFound === false)
return res.json({ code: 404, message: "Not authorized." });
const PermissionCheck = await checkPermission(userKey.rank, "Players", 7);
if (!PermissionCheck)
return res.json({ code: 401, message: "Your rank is not enough." });
const NeededPlayer = await checkPlayerIsOnline(postBody.uid, res);
if (!NeededPlayer) return;
let result = await query(`
UPDATE \`madmin_logs\`
SET \`cancelled\` = 1
WHERE \`id\` = ${postBody.logIdentifier}
`);
if (result === false)
return res.json({ code: 404, message: "SQL Error Appeared." });
emit("mAdmin:UnjailPlayer", NeededPlayer.playerId, postBody.key);
res.json({ code: 200, message: "Unjailed." });
});
/**
* @param {string} key
* @param {string} uid
* @param {boolean} vip
* @returns {string}
*/
app.use("/deleteCharAction.lvorex", express.json());
app.post("/deleteCharAction.lvorex", async (req, res) => {
const postBody = req.body;
const { keyFound, userKey } = await controlKey(req, postBody.key);
if (keyFound === false)
return res.json({ code: 404, message: "Not authorized." });
const PermissionCheck = await checkPermission(userKey.rank, "Players", 2);
if (!PermissionCheck)
return res.json({ code: 401, message: "Your rank is not enough." });
const NeededPlayer = await checkPlayerIsOnline(postBody.uid, res, true);
let result = await query(
`SELECT * FROM \`${
config.Framework.includes("qb") ? "players" : "users"
}\` WHERE \`${
config.Framework.includes("qb") ? "citizenid" : "identifier"
}\` = '${postBody.uid}'`
);
if (result === false)
return res.json({ code: 404, message: "SQL Error Appeared." });
if (result.length === 0)
return res.json({ code: 404, message: "Player not found in database." });
result = await query(`
INSERT INTO \`madmin_deletedchars\`
SELECT * FROM \`${
config.Framework.includes("qb") ? "players" : "users"
}\`
WHERE \`${
config.Framework.includes("qb") ? "citizenid" : "identifier"
}\` = '${postBody.uid}'
`);
if (result === false)
return res.json({ code: 404, message: "SQL Error Appeared." });
if (postBody.vip === true) {
result = await query(
`DELETE FROM \`madmin_vips\` WHERE \`uid\` = '${postBody.uid}'`
);
if (result === false)
return res.json({ code: 404, message: "SQL Error Appeared." });
}
const uidType = config.Framework.includes("qb") ? "citizenid" : "identifier";
const CacheIndex = CharactersCache.findIndex(
(c) => c[uidType] === postBody.uid
);
if (CacheIndex) {
CharactersCache.splice(CacheIndex, 1);
}
if (NeededPlayer) {
DropPlayer(NeededPlayer.playerId, "Your character has been deleted.");
}
setTimeout(async () => {
result = await query(
`DELETE FROM \`${
config.Framework.includes("qb") ? "players" : "users"
}\` WHERE \`${
config.Framework.includes("qb") ? "citizenid" : "identifier"
}\` = '${postBody.uid}'`
);
if (result === false)
return res.json({ code: 404, message: "SQL Error Appeared." });
res.json({ code: 200, message: "Character deleted." });
}, 1000);
});
/**
* @param {string} key
* @param {string} uid
* @returns {string}
*/
app.use("/activateDeletedCharacter.lvorex", express.json());
app.post("/activateDeletedCharacter.lvorex", async (req, res) => {
const postBody = req.body;
const { keyFound, userKey } = await controlKey(req, postBody.key);
if (keyFound === false)
return res.json({ code: 404, message: "Not authorized." });
const PermissionCheck = await checkPermission(userKey.rank, "Players", 3);
if (!PermissionCheck)
return res.json({ code: 401, message: "Your rank is not enough." });
if (config.Framework.includes("qb")) {
let result = await query(`
select * from \`madmin_deletedchars\`
where \`citizenid\` = '${postBody.uid}'
`);
if (result === false)
return res.json({ code: 404, message: "SQL Error Appeared." });
const DeletedChar = result[0];
result = await query(`
select * from \`players\`
where \`license\` = '${DeletedChar.license}'
`);
if (result === false)
return res.json({ code: 404, message: "SQL Error Appeared." });
if (result.length > 0) {
let CurrentCid = DeletedChar.cid;
result.forEach((p) => {
if (Number(p.cid) > Number(CurrentCid) || p.cid === CurrentCid) {
CurrentCid = Number(p.cid) + 1;
}
});
result = await query(`
update \`madmin_deletedchars\`
set \`cid\` = ${CurrentCid}
where \`citizenid\` = '${postBody.uid}'
`);
if (result === false)
return res.json({ code: 404, message: "SQL Error Appeared." });
}
}
result = await query(`
INSERT INTO \`${
config.Framework.includes("qb") ? "players" : "users"
}\`
SELECT * FROM \`madmin_deletedchars\`
WHERE \`${
config.Framework.includes("qb") ? "citizenid" : "identifier"
}\` = '${postBody.uid}';
`);
if (result === false)
return res.json({ code: 404, message: "SQL Error Appeared." });
result = await query(`
DELETE FROM \`madmin_deletedchars\`
WHERE \`${
config.Framework.includes("qb") ? "citizenid" : "identifier"
}\` = '${postBody.uid}';
`);
if (result === false)
return res.json({ code: 404, message: "SQL Error Appeared." });
const response = await SetSpecificCharacter(postBody.uid);
if (response === false)
return res.json({ code: 404, message: "Can't set character." });
res.json({ code: 200, message: "Activated." });
});
/**
* @param {string} key
* @param {string} license
* @param {string} name
* @returns {string}
*/
app.use("/blacklistAccount.lvorex", express.json());
app.post("/blacklistAccount.lvorex", async (req, res) => {
const postBody = req.body;
const { keyFound, userKey } = await controlKey(req, postBody.key);
if (keyFound === false)
return res.json({ code: 404, message: "Not authorized." });
const PermissionCheck = await checkPermission(userKey.rank, "Accounts", 2);
if (!PermissionCheck)
return res.json({ code: 401, message: "Your rank is not enough." });
if (!postBody.license.includes(":"))
return res.json({ code: 404, message: "Please enter valid license id." });
console.log(
`[mAdmin DEBUG] Starting blacklist process for: ${postBody.name} (License: ${postBody.license})`
);
let result = await query(`
SELECT * FROM \`madmin_blacklist\`
WHERE \`license\` LIKE '%${postBody.license.split(":")[1]}'
`);
console.log(`[mAdmin DEBUG] Existing blacklist check result:`, result);
if (result === false)
return res.json({ code: 404, message: "SQL Error Appeared." });
if (result.length !== 0)
return res.json({ code: 404, message: "User already in blacklist." });
const blacklistInsertQuery = `
INSERT INTO \`madmin_blacklist\` (
\`name\`,
\`license\`
) VALUES (
'${postBody.name.replaceAll("'", "\\'")}',
'${postBody.license}'
)
`;
console.log(
`[mAdmin DEBUG] Inserting into blacklist: ${blacklistInsertQuery.trim()}`
);
result = await query(blacklistInsertQuery);
if (result === false) {
console.error(
`[mAdmin ERROR] Failed to insert blacklist for ${postBody.name}`
);
return res.json({ code: 404, message: "SQL Error Appeared." });
}
console.log(`[mAdmin DEBUG] Successfully blacklisted ${postBody.name}`);
// Check if player is currently online and kick them
const NeededPlayer = await checkPlayerIsOnline(postBody.license, res, true);
if (NeededPlayer) {
console.log(
`[mAdmin DEBUG] Blacklisted player ${postBody.name} is currently online (ID: ${NeededPlayer.playerId}), kicking them`
);
DropPlayer(
NeededPlayer.playerId,
"You have been blacklisted from this server."
);
console.log(
`[mAdmin DEBUG] Blacklisted player ${postBody.name} has been kicked from server`
);
} else {
console.log(
`[mAdmin DEBUG] Blacklisted player ${postBody.name} is not currently online`
);
}
res.json({ code: 200, message: "Blacklisted." });
});
/**
* @param {string} key
* @param {string} license
* @returns {string}
*/
app.use("/unblacklistAccount.lvorex", express.json());
app.post("/unblacklistAccount.lvorex", async (req, res) => {
const postBody = req.body;
const { keyFound, userKey } = await controlKey(req, postBody.key);
if (keyFound === false)
return res.json({ code: 404, message: "Not authorized." });
const PermissionCheck = await checkPermission(userKey.rank, "Accounts", 2);
if (!PermissionCheck)
return res.json({ code: 401, message: "Your rank is not enough." });
let result = await query(`
DELETE FROM \`madmin_blacklist\`
WHERE \`license\` LIKE '%${postBody.license.split(":")[1]}'
`);
if (result === false)
return res.json({ code: 404, message: "SQL Error Appeared." });
res.json({ code: 200, message: "Unblacklisted." });
});