function sn_options_model()
{
global $user, $user_option_list, $lang, $template_result, $config;
$FMT_DATE = preg_replace(array('/d/', '/m/', '/Y/'), array('DD', 'MM', 'YYYY'), FMT_DATE);
if (sys_get_param_str('mode') == 'change') {
if ($user['authlevel'] > 0) {
$planet_protection = sys_get_param_int('adm_pl_prot') ? $user['authlevel'] : 0;
db_planet_set_by_owner($user['id'], "`id_level` = '{$planet_protection}'");
db_user_set_by_id($user['id'], "`admin_protection` = '{$planet_protection}'");
$user['admin_protection'] = $planet_protection;
}
if (sys_get_param_int('vacation') && !$config->user_vacation_disable) {
sn_db_transaction_start();
if ($user['authlevel'] < 3) {
if ($user['vacation_next'] > SN_TIME_NOW) {
message($lang['opt_vacation_err_timeout'], $lang['Error'], 'index.php?page=options', 5);
die;
}
$is_building = doquery("SELECT * FROM `{{fleets}}` WHERE `fleet_owner` = '{$user['id']}' LIMIT 1;", true);
if ($is_building) {
message($lang['opt_vacation_err_your_fleet'], $lang['Error'], 'index.php?page=options', 5);
die;
}
$que = que_get($user['id'], false);
if (!empty($que)) {
message($lang['opt_vacation_err_que'], $lang['Error'], 'index.php?page=options', 5);
die;
}
$query = classSupernova::db_get_record_list(LOC_PLANET, "`id_owner` = {$user['id']}");
foreach ($query as $planet) {
// $planet = sys_o_get_updated($user, $planet, SN_TIME_NOW);
// $planet = $planet['planet'];
db_planet_set_by_id($planet['id'], "last_update = " . SN_TIME_NOW . ", energy_used = '0', energy_max = '0',\n metal_perhour = '{$config->metal_basic_income}', crystal_perhour = '{$config->crystal_basic_income}', deuterium_perhour = '{$config->deuterium_basic_income}',\n metal_mine_porcent = '0', crystal_mine_porcent = '0', deuterium_sintetizer_porcent = '0', solar_plant_porcent = '0',\n fusion_plant_porcent = '0', solar_satelit_porcent = '0', ship_sattelite_sloth_porcent = 0");
}
$user['vacation'] = SN_TIME_NOW + $config->player_vacation_time;
} else {
$user['vacation'] = SN_TIME_NOW;
}
sn_db_transaction_commit();
}
foreach ($user_option_list as $option_group_id => $option_group) {
foreach ($option_group as $option_name => $option_value) {
if ($user[$option_name] !== null) {
$user[$option_name] = sys_get_param_str($option_name);
} else {
$user[$option_name] = $option_value;
}
}
}
$options = sys_user_options_pack($user);
$player_options = sys_get_param('options');
if (!empty($player_options)) {
array_walk($player_options, function (&$value) {
// TODO - Когда будет больше параметров - сделать больше проверок
$value = intval($value);
});
player_save_option_array($user, $player_options);
if ($player_options[PLAYER_OPTION_MENU_HIDE_SHOW_BUTTON] == PLAYER_OPTION_MENU_HIDE_SHOW_BUTTON_HIDDEN) {
sn_setcookie(SN_COOKIE . '_menu_hidden', '0', time() - PERIOD_WEEK, SN_ROOT_RELATIVE);
}
}
$username = substr(sys_get_param_str_unsafe('username'), 0, 32);
$username_safe = db_escape($username);
if ($username && $user['username'] != $username && $config->game_user_changename != SERVER_PLAYER_NAME_CHANGE_NONE && sys_get_param_int('username_confirm')) {
// проверка на корректность
sn_db_transaction_start();
$name_check = doquery("SELECT * FROM {{player_name_history}} WHERE `player_name` LIKE \"{$username_safe}\" LIMIT 1 FOR UPDATE;", true);
if (!$name_check || $name_check['player_id'] == $user['id']) {
$user = db_user_by_id($user['id'], true);
switch ($config->game_user_changename) {
case SERVER_PLAYER_NAME_CHANGE_PAY:
if (mrc_get_level($user, $planetrow, RES_DARK_MATTER) < $config->game_user_changename_cost) {
$template_result['.']['result'][] = array('STATUS' => ERR_ERROR, 'MESSAGE' => $lang['opt_msg_name_change_err_no_dm']);
break;
}
rpg_points_change($user['id'], RPG_NAME_CHANGE, -$config->game_user_changename_cost, sprintf('Пользователь ID %d сменил имя с "%s" на "%s"', $user['id'], $user['username'], $username));
case SERVER_PLAYER_NAME_CHANGE_FREE:
db_user_set_by_id($user['id'], "`username` = '{$username_safe}'");
doquery("REPLACE INTO {{player_name_history}} SET `player_id` = {$user['id']}, `player_name` = \"{$username_safe}\"");
// TODO: Change cookie to not force user relogin
sn_setcookie(SN_COOKIE, '', time() - PERIOD_WEEK, SN_ROOT_RELATIVE);
$template_result['.']['result'][] = array('STATUS' => ERR_NONE, 'MESSAGE' => $lang['opt_msg_name_changed']);
$user['username'] = $username;
break;
}
} else {
$template_result['.']['result'][] = array('STATUS' => ERR_ERROR, 'MESSAGE' => $lang['opt_msg_name_change_err_used_name']);
}
sn_db_transaction_commit();
}
$new_password = sys_get_param('newpass1');
if ($new_password) {
try {
if ($new_password != sys_get_param('newpass2')) {
throw new Exception($lang['opt_err_pass_unmatched'], ERR_WARNING);
}
//if(sec_password_encode(sys_get_param('db_password'), $user['salt']) != $user['password']) {
if (!sec_password_change($user, $new_password, sys_get_param('db_password'), 1)) {
// OK
throw new Exception($lang['opt_err_pass_wrong'], ERR_WARNING);
}
//sec_set_cookie_by_user($user, 1);
// Не нужно - мы просто перечитаем запись
//$aUser = db_user_by_id($user['id']);
//$user['password'] = $aUser['password'];
//$user['salt'] = $aUser['salt'];
// if(!sec_password_check($user, sys_get_param('db_password'))) {
// throw new Exception($lang['opt_err_pass_wrong'], ERR_WARNING);
// }
//
// $user['salt'] = sec_password_salt_generate();
// $user['password'] = sec_password_encode($new_password, $user['salt']);
// Changed cookie to not force user relogin
// sn_setcookie(SN_COOKIE, '', time() - PERIOD_WEEK, SN_ROOT_RELATIVE);
// sn_cookie_set_user($user, 1);
// sec_set_cookie_by_fields($user['id'], $user['username'], $user['password'], 1);
throw new Exception($lang['opt_msg_pass_changed'], ERR_NONE);
} catch (Exception $e) {
$template_result['.']['result'][] = array('STATUS' => in_array($e->getCode(), array(ERR_NONE, ERR_WARNING, ERR_ERROR)) ? $e->getCode() : ERR_ERROR, 'MESSAGE' => $e->getMessage());
}
}
$user['email'] = sys_get_param_str('db_email');
if (!$user['email_2']) {
$user['email_2'] = sys_get_param_str('db_email2');
}
$user['dpath'] = sys_get_param_str('dpath');
$user['lang'] = sys_get_param_str('langer', $user['lang']);
if ($lang->lng_switch($user['lang'])) {
lng_include('options');
lng_include('messages');
}
$user['design'] = sys_get_param_int('design');
$user['noipcheck'] = sys_get_param_int('noipcheck');
$user['spio_anz'] = sys_get_param_int('spio_anz');
$user['settings_tooltiptime'] = sys_get_param_int('settings_tooltiptime');
$user['settings_fleetactions'] = sys_get_param_int('settings_fleetactions', 1);
$user['settings_esp'] = sys_get_param_int('settings_esp');
$user['settings_wri'] = sys_get_param_int('settings_wri');
$user['settings_bud'] = sys_get_param_int('settings_bud');
$user['settings_mis'] = sys_get_param_int('settings_mis');
$user['settings_statistics'] = sys_get_param_int('settings_statistics');
$user['settings_info'] = sys_get_param_int('settings_info');
$user['settings_rep'] = sys_get_param_int('settings_rep');
$user['planet_sort'] = sys_get_param_int('settings_sort');
$user['planet_sort_order'] = sys_get_param_int('settings_order');
$user['deltime'] = !sys_get_param_int('deltime') ? 0 : ($user['deltime'] ? $user['deltime'] : SN_TIME_NOW + $config->player_delete_time);
$gender = sys_get_param_int('gender', $user['gender']);
!isset($lang['sys_gender_list'][$gender]) ? $gender = $user['gender'] : false;
$user['gender'] = $user['gender'] == GENDER_UNKNOWN ? $gender : $user['gender'];
try {
if ($user['birthday']) {
throw new exception();
}
$user_birthday = sys_get_param_str_unsafe('user_birthday');
if (!$user_birthday || $user_birthday == $FMT_DATE) {
throw new exception();
}
// Some black magic to parse any valid date format - those that contains all three "d", "m" and "Y" and any of the delimeters "\", "/", ".", "-"
$pos['d'] = strpos(FMT_DATE, 'd');
$pos['m'] = strpos(FMT_DATE, 'm');
$pos['Y'] = strpos(FMT_DATE, 'Y');
asort($pos);
$i = 0;
foreach ($pos as &$position) {
$position = ++$i;
}
$regexp = "/" . preg_replace(array('/\\\\/', '/\\//', '/\\./', '/\\-/', '/d/', '/m/', '/Y/'), array('\\\\\\', '\\/', '\\.', '\\-', '(\\d?\\d)', '(\\d?\\d)', '(\\d{4})'), FMT_DATE) . "/";
if (!preg_match($regexp, $user_birthday, $match)) {
throw new exception();
}
if (!checkdate($match[$pos['m']], $match[$pos['d']], $match[$pos['Y']])) {
throw new exception();
}
$user['user_birthday'] = db_escape("{$match[$pos['Y']]}-{$match[$pos['m']]}-{$match[$pos['d']]}");
// EOF black magic! Now we have valid SQL date in $user['user_birthday'] - independent of date format
$year = date('Y', SN_TIME_NOW);
if (mktime(0, 0, 0, $match[$pos['m']], $match[$pos['d']], $year) > SN_TIME_NOW) {
$year--;
}
$user['user_birthday_celebrated'] = db_escape("{$year}-{$match[$pos['m']]}-{$match[$pos['d']]}");
$user_birthday = ", `user_birthday` = '{$user['user_birthday']}', `user_birthday_celebrated` = '{$user['user_birthday_celebrated']}'";
} catch (exception $e) {
$user_birthday = '';
}
require_once 'includes/includes/sys_avatar.php';
$avatar_upload_result = sys_avatar_upload($user['id'], $user['avatar']);
$template_result['.']['result'][] = $avatar_upload_result;
$user_time_diff = user_time_diff_get();
if (sys_get_param_int('user_time_diff_forced')) {
user_time_diff_set(array(PLAYER_OPTION_TIME_DIFF => sys_get_param_int('user_time_diff'), PLAYER_OPTION_TIME_DIFF_UTC_OFFSET => 0, PLAYER_OPTION_TIME_DIFF_FORCED => 1, PLAYER_OPTION_TIME_DIFF_MEASURE_TIME => SN_TIME_SQL));
} elseif (sys_get_param_int('opt_time_diff_clear') || $user_time_diff[PLAYER_OPTION_TIME_DIFF_FORCED]) {
user_time_diff_set(array(PLAYER_OPTION_TIME_DIFF => '', PLAYER_OPTION_TIME_DIFF_UTC_OFFSET => 0, PLAYER_OPTION_TIME_DIFF_FORCED => 0, PLAYER_OPTION_TIME_DIFF_MEASURE_TIME => SN_TIME_SQL));
}
$user_options_safe = db_escape($user['options']);
// `username` = '{$username_safe}',
// `password` = '{$user['password']}', `salt` = '{$user['salt']}',
db_user_set_by_id($user['id'], "`email` = '{$user['email']}', `email_2` = '{$user['email_2']}', `lang` = '{$user['lang']}', `avatar` = '{$user['avatar']}',\n `dpath` = '{$user['dpath']}', `design` = '{$user['design']}', `noipcheck` = '{$user['noipcheck']}',\n `planet_sort` = '{$user['planet_sort']}', `planet_sort_order` = '{$user['planet_sort_order']}', `spio_anz` = '{$user['spio_anz']}',\n `settings_tooltiptime` = '{$user['settings_tooltiptime']}', `settings_fleetactions` = '{$user['settings_fleetactions']}', `settings_esp` = '{$user['settings_esp']}',\n `settings_wri` = '{$user['settings_wri']}', `settings_bud` = '{$user['settings_bud']}', `settings_statistics` = '{$user['settings_statistics']}',\n `settings_info` = '{$user['settings_info']}', `settings_mis` = '{$user['settings_mis']}', `settings_rep` = '{$user['settings_rep']}',\n `deltime` = '{$user['deltime']}', `vacation` = '{$user['vacation']}', `options` = '{$user_options_safe}', `gender` = {$user['gender']}\n {$user_birthday}");
$template_result['.']['result'][] = array('STATUS' => ERR_NONE, 'MESSAGE' => $lang['opt_msg_saved']);
} elseif (sys_get_param_str('result') == 'ok') {
$template_result['.']['result'][] = array('STATUS' => ERR_NONE, 'MESSAGE' => $lang['opt_msg_saved']);
}
$user = db_user_by_id($user['id']);
$options = sys_user_options_unpack(&$user);
}
function player_create($username_unsafe, $password_raw, $email_unsafe, $options)
{
global $config, $lang;
static $player_options_string = 'opt_mnl_spy^1|opt_email_mnl_spy^0|opt_email_mnl_joueur^0|opt_email_mnl_alliance^0|opt_mnl_attaque^1|opt_email_mnl_attaque^0|opt_mnl_exploit^1|opt_email_mnl_exploit^0|opt_mnl_transport^1|opt_email_mnl_transport^0|opt_email_msg_admin^1|opt_mnl_expedition^1|opt_email_mnl_expedition^0|opt_mnl_buildlist^1|opt_email_mnl_buildlist^0|opt_int_navbar_resource_force^1|';
empty($options['planet_options']) ? $options['planet_options'] = array() : false;
$field_set = array('server_name' => SN_ROOT_VIRTUAL, 'register_time' => SN_TIME_NOW, 'user_bot' => $options['user_bot'] = empty($options['user_bot']) ? USER_BOT_PLAYER : $options['total_points'], 'username' => $username_unsafe, 'email' => $email_unsafe, 'email_2' => $email_unsafe, 'lang' => $options['language_iso'] ? $options['language_iso'] : DEFAULT_LANG, 'dpath' => DEFAULT_SKINPATH, 'total_points' => $options['total_points'] = empty($options['total_points']) ? 0 : $options['total_points'], 'options' => (empty($options['options']) ? $player_options_string : $options['options']) . (empty($options['options_extra']) ? '' : $options['options_extra']), 'galaxy' => $options['galaxy'] = intval($options['galaxy'] ? $options['galaxy'] : 0), 'system' => $options['system'] = intval($options['system'] ? $options['system'] : 0), 'planet' => $options['planet'] = intval($options['planet'] ? $options['planet'] : 0));
$user_new = classSupernova::db_ins_field_set(LOC_USER, $field_set);
sec_password_change($user_new, $password_raw, false, $options['remember_me'] = intval(!empty($options['remember_me'])));
$username_safe = db_escape($username_unsafe);
// $options['language_iso'] = db_escape($options['language_iso'] ? $options['language_iso'] : DEFAULT_LANG);
// $options['remember_me'] = intval(!empty($options['remember_me']));
//
// $skin_safe = db_escape(DEFAULT_SKINPATH);
// $email_safe = db_escape($email_unsafe);
//
// // sn_db_field_set_make_safe($field_set, $serialize = false)
//
// $user_new = classSupernova::db_ins_record(LOC_USER, "`username` = '{$username_safe}', `email` = '{$email_safe}', `email_2` = '{$email_safe}', `dpath` = '{$skin_safe}',
// `lang` = '{$options['language_iso']}', `register_time` = " . SN_TIME_NOW . ", `server_name` = '" . db_escape(SN_ROOT_VIRTUAL) . "',
// `options` = 'opt_mnl_spy^1|opt_email_mnl_spy^0|opt_email_mnl_joueur^0|opt_email_mnl_alliance^0|opt_mnl_attaque^1|opt_email_mnl_attaque^0|opt_mnl_exploit^1|opt_email_mnl_exploit^0|opt_mnl_transport^1|opt_email_mnl_transport^0|opt_email_msg_admin^1|opt_mnl_expedition^1|opt_email_mnl_expedition^0|opt_mnl_buildlist^1|opt_email_mnl_buildlist^0|opt_int_navbar_resource_force^1|';");
doquery("REPLACE INTO {{player_name_history}} SET `player_id` = {$user_new['id']}, `player_name` = '{$username_safe}'");
if (!empty($options['partner_id']) && ($referral_row = db_user_by_id($options['partner_id'], true))) {
doquery("INSERT INTO {{referrals}} SET `id` = {$user_new['id']}, `id_partner` = {$options['partner_id']}");
}
if (!($options['galaxy'] && $options['system'] && $options['planet'])) {
$options['galaxy'] = $config->LastSettedGalaxyPos;
$options['system'] = $config->LastSettedSystemPos;
$segment_size = floor($config->game_maxPlanet / 3);
$segment = floor($config->LastSettedPlanetPos / $segment_size);
$segment++;
$options['planet'] = mt_rand(1 + $segment * $segment_size, ($segment + 1) * $segment_size);
// $new_planet_id = 0;
while (true) {
if ($options['planet'] > $config->game_maxPlanet) {
$options['planet'] = mt_rand(0, $segment_size - 1) + 1;
$options['system']++;
}
if ($options['system'] > $config->game_maxSystem) {
$options['system'] = 1;
$options['galaxy']++;
}
$options['galaxy'] > $config->game_maxGalaxy ? $options['galaxy'] = 1 : false;
$galaxy_row = db_planet_by_gspt($options['galaxy'], $options['system'], $options['planet'], PT_PLANET, true, 'id');
if (!$galaxy_row['id']) {
$config->db_saveItem(array('LastSettedGalaxyPos' => $options['galaxy'], 'LastSettedSystemPos' => $options['system'], 'LastSettedPlanetPos' => $options['planet']));
// $new_planet_id = uni_create_planet($options['galaxy'], $options['system'], $options['planet'], $user_new['id'], $username_unsafe . ' ' . $lang['sys_capital'], true, $options['planet_options']);
break;
}
$options['planet'] += 3;
}
}
$new_planet_id = uni_create_planet($options['galaxy'], $options['system'], $options['planet'], $user_new['id'], $username_unsafe . ' ' . $lang['sys_capital'], true, $options['planet_options']);
sys_player_new_adjust($user_new['id'], $new_planet_id);
db_user_set_by_id($user_new['id'], "`id_planet` = '{$new_planet_id}', `current_planet` = '{$new_planet_id}', `galaxy` = '{$options['galaxy']}', `system` = '{$options['$system']}', `planet` = '{$options['$planet']}'");
$config->db_saveItem('users_amount', $config->users_amount + 1);
return db_user_by_id($user_new['id']);
}
function sec_restore_password_confirm($confirm_safe, &$result)
{
global $lang, $config;
try {
$last_confirm = doquery("SELECT *, UNIX_TIMESTAMP(`create_time`) as `unix_time` FROM {{confirmations}} WHERE `code` = '{$confirm_safe}' AND `type` = " . CONFIRM_PASSWORD_RESET . " LIMIT 1;", true);
if (!isset($last_confirm['id'])) {
throw new exception(PASSWORD_RESTORE_ERROR_CODE_WRONG);
}
if (SN_TIME_NOW - $last_confirm['unix_time'] > PERIOD_DAY) {
throw new exception(PASSWORD_RESTORE_ERROR_CODE_TOO_OLD);
}
$new_password = sys_random_string(8, SN_SYS_SEC_CHARS_CONFIRMATION);
// $salt_unsafe = sec_password_salt_generate();
// $md5 = sec_password_encode($new_password, $salt_unsafe);
// $salt_safe = db_escape($salt_unsafe);
//if(!db_user_set_by_id($last_confirm['id_user'], "`password` = '{$md5}', `salt` = '{$salt_safe}'")) {
if (!sec_password_change($last_confirm['id_user'], $new_password, false, 1)) {
// OK
throw new exception(PASSWORD_RESTORE_ERROR_CHANGE);
}
$message = sprintf($lang['log_lost_email_pass'], $config->game_name, $new_password);
@($operation_result = mymail($last_confirm['email'], sprintf($lang['log_lost_email_title'], $config->game_name), htmlspecialchars($message)));
$message = sys_bbcodeParse($message) . '<br><br>';
$result[F_PASSWORD_NEW] = $new_password;
$result[F_LOGIN_STATUS] = $operation_result ? PASSWORD_RESTORE_SUCCESS_PASSWORD_SENT : PASSWORD_RESTORE_SUCCESS_PASSWORD_SEND_ERROR;
$result[F_LOGIN_MESSAGE] = $message . ($operation_result ? $lang['log_lost_sent_pass'] : $lang['log_lost_err_sending']);
doquery("DELETE FROM {{confirmations}} WHERE `id` = '{$last_confirm['id']}' AND `type` = " . CONFIRM_PASSWORD_RESET . " LIMIT 1;");
// sys_redirect('login.php');
} catch (exception $e) {
$result[F_LOGIN_STATUS] = $e->getMessage();
}
}
