private function register() { $error = 0; $errors = array(); //Check username $result = $this->db->fetchRow('SELECT COUNT(`id`) AS `count` FROM `<ezrpg>players` WHERE `username`=?', array($_POST['username'])); if (empty($_POST['username'])) { $errors[] = 'You didn\'t enter your username!'; $error = 1; } else { if (!isUsername($_POST['username'])) { //If username is too short... $errors[] = 'Your username must be longer than 3 characters and may only contain alphanumerical characters!'; //Add to error message $error = 1; //Set error check } else { if ($result->count > 0) { $errors[] = 'That username has already been used. Please create only one account!'; $error = 1; //Set error check } } } //Check password if (empty($_POST['password'])) { $errors[] = 'You didn\'t enter a password!'; $error = 1; } else { if (!isPassword($_POST['password'])) { //If password is too short... $errors[] = 'Your password must be longer than 3 characters!'; //Add to error message $error = 1; //Set error check } } if ($_POST['password2'] != $_POST['password']) { $errors[] = 'You didn\'t verify your password correctly!'; $error = 1; } //Check email $result = $this->db->fetchRow('SELECT COUNT(`id`) AS `count` FROM `<ezrpg>players` WHERE `email`=?', array($_POST['email'])); if (empty($_POST['email'])) { $errors[] = 'You didn\'t enter your email!'; $error = 1; } else { if (!isEmail($_POST['email'])) { $errors[] = 'Your email format is wrong!'; //Add to error message $error = 1; //Set error check } else { if ($result->count > 0) { $errors[] = 'That email has already been used. Please create only one account, creating more than one account will get all your accounts deleted!'; $error = 1; //Set error check } } } if ($_POST['email2'] != $_POST['email']) { $errors[] = 'You didn\'t verify your email correctly!'; $error = 1; } //Check verification code if (empty($_POST['reg_verify'])) { $errors[] = 'You didn\'t enter the verification code!'; $error = 1; } else { if ($_SESSION['verify_code'] != sha1(strtoupper($_POST['reg_verify']) . SECRET_KEY)) { $errors[] = 'You didn\'t enter the correct verification code!'; $error = 1; } } //verify_code must NOT be used again. session_unset(); session_destroy(); if ($error == 0) { unset($insert); $insert = array(); //Add new user to database $insert['username'] = $_POST['username']; $insert['email'] = $_POST['email']; $insert['secret_key'] = createKey(16); $insert['password'] = sha1($insert['secret_key'] . $_POST['password'] . SECRET_KEY); $insert['registered'] = time(); global $hooks; //Run register hook $insert = $hooks->run_hooks('register', $insert); $new_player = $this->db->insert('<ezrpg>players', $insert); //Use $new_player to find their new ID number. $hooks->run_hooks('register_after', $new_player); $msg = 'Congratulations, you have registered! Please login now to play!'; header('Location: index.php?msg=' . urlencode($msg)); exit; } else { $msg = 'Sorry, there were some mistakes in your registration:<br />'; $msg .= '<ul>'; foreach ($errors as $errmsg) { $msg .= '<li>' . $errmsg . '</li>'; } $msg .= '</ul>'; $url = 'index.php?mod=Register&msg=' . urlencode($msg) . '&username='******'username']) . '&email=' . urlencode($_POST['email']) . '&email2=' . urlencode($_POST['email2']); header('Location: ' . $url); exit; } }
function wsOnMessage($clientID, $message, $messageLength, $binary) { // check if message length is 0 if ($messageLength == 0) { wsClose($clientID); return; } // split the message by spaces into an array, and fetch the command $message = explode(' ', $message); $command = array_shift($message); // check which command was received if ($command == 'TEXT') { // a client has sent chat text to the server if (!isUser($clientID)) { // the client has not yet sent a JOIN with a valid username, and is trying to send a TEXT wsClose($clientID); return; } // put the message back into a string $text = implode(' ', $message); if ($text == '') { // the text is blank wsSend($clientID, 'SERVER Message was blank.'); return; } // fetch the client's username, and send the chat text to all clients // the text is actually also sent back to the client which sent the text, which sort of acts as a confirmation that the text worked $username = getUsername($clientID); sendChat($username, $text); } elseif ($command == 'JOIN') { // a client is joining the chat if (isUser($clientID)) { // the client has already sent a JOIN with a valid username wsClose($clientID); return; } // fetch username, and trim any whitespace before and after the username $username = trim($message[0]); if ($username == '') { // the username is blank wsClose($clientID); return; } if (strlen($username) > CB_MAX_USERNAME_LENGTH) { // username length is more than CB_MAX_USERNAME_LENGTH wsSend($clientID, 'SERVER Username length cannot be more than ' . CB_MAX_USERNAME_LENGTH . '.'); wsClose($clientID); return; } if (isUsername($username)) { // username is already being used by another client wsSend($clientID, 'SERVER Username already taken.'); wsClose($clientID); return; } // add the user addUser($clientID, $username); } elseif ($command == 'QUIT') { // a client is leaving the chat if (!isUser($clientID)) { // the client has not yet sent a JOIN with a valid username, and is trying to send a QUIT wsClose($clientID); return; } // remove the user removeUser($clientID); } else { // unknown command received, close connection wsClose($clientID); } }
private function editBot() { if (!isset($_GET['id'])) { header('Location: index.php?mod=BotBattle'); exit; } $bot = $this->db->fetchRow('SELECT `id`, `name`, `level`, `health`, `damage`, `exp`, `money` FROM `<ezrpg>bots` WHERE `id`=?', array(intval($_GET['id']))); if ($bot == false) { header('Location: index.php?mod=BotBattle'); exit; } if (!isset($_POST['edit'])) { $this->tpl->assign('bot', $bot); $this->tpl->display('admin/botbattle_edit.tpl'); exit; } $msg = ''; $errors = 0; $bot->name = $_POST['name']; if (!isUsername($bot->name)) { $errors = 1; $msg .= 'You forgot to enter a name for this bot.<br />'; } $bot->level = intval($_POST['level']); $bot->health = intval($_POST['health']); $bot->damage = intval($_POST['damage']); $bot->exp = intval($_POST['exp']); $bot->money = intval($_POST['money']); if ($bot->level < 0 || $bot->health < 0 || $bot->damage < 0 || $bot->exp < 0 || $bot->money < 0) { $errors = 1; $msg .= 'All values must be zero or higher!<br />'; } if ($errors == 1) { $this->tpl->assign('bot', $bot); $this->tpl->assign('GET_MSG', $msg); $this->tpl->display('admin/botbattle_edit.tpl'); exit; } else { $query = $this->db->execute('UPDATE `<ezrpg>bots` SET `name`=?, `level`=?, `health`=?, `damage`=?, `exp`=?, `money`=? WHERE `id`=?', array($bot->name, $bot->level, $bot->health, $bot->damage, $bot->exp, $bot->money, intval($bot->id))); $msg = 'You have updated <strong>' . $bot->name . '</strong>'; header('Location: index.php?mod=BotBattle&msg=' . urlencode($msg)); exit; } }
private function editItem() { if (!isset($_GET['id'])) { header('Location: index.php?mod=Items'); exit; } $items = $this->db->fetchRow('SELECT `id`, `player`, `class`, `name`, `value1`, `value2`, `value3`, `value4`, `value5` FROM `<ezrpg>items` WHERE `id`=?', array(intval($_GET['id']))); if ($items == false) { header('Location: index.php?mod=Items'); exit; } if (!isset($_POST['edit'])) { $this->tpl->assign('items', $items); $this->tpl->display('admin/items/items_edit.tpl'); exit; } $msg = ''; $errors = 0; $items->name = $_POST['name']; if (!isUsername($items->name)) { $errors = 1; $msg .= 'You forgot to enter a name for this items.<br />'; } $items->value1 = intval($_POST['value1']); $items->value2 = intval($_POST['value2']); $items->value3 = intval($_POST['value3']); $items->value4 = intval($_POST['value4']); $items->value5 = intval($_POST['value5']); if ($items->value1 < 0 || $items->value2 < 0 || $items->value3 < 0 || $items->value4 < 0 || $items->value5 < 0) { $errors = 1; $msg .= 'All values must be zero or higher!<br />'; } if ($errors == 1) { $this->tpl->assign('items', $items); $this->tpl->assign('GET_MSG', $msg); $this->tpl->display('admin/items/items_edit.tpl'); exit; } else { $query = $this->db->execute('UPDATE `<ezrpg>items` SET `name`=?, `value1`=?, `value2`=?, `value3`=?, `value4`=?, `value5`=? WHERE `id`=?', array($items->name, $items->value1, $items->value2, $items->value3, $items->value4, $items->value5, intval($items->id))); $msg = 'You have updated <strong>' . $items->name . '</strong>'; header('Location: index.php?mod=Items&msg=' . urlencode($msg)); exit; } }