function sn_ube_report_save(&$combat_data) { // Если уже есть ИД репорта - значит репорт был взят из таблицы. С таким мы не работаем if ($combat_data[UBE_REPORT_CYPHER]) { return false; } // Генерируем уникальный секретный ключ и проверяем наличие в базе do { $combat_data[UBE_REPORT_CYPHER] = sys_random_string(32); } while (doquery("SELECT ube_report_cypher FROM {{ube_report}} WHERE ube_report_cypher = '{$combat_data[UBE_REPORT_CYPHER]}' LIMIT 1 FOR UPDATE", true)); // Инициализация таблицы для пакетной вставки информации $sql_perform = array('ube_report_player' => array(array('`ube_report_id`', '`ube_report_player_player_id`', '`ube_report_player_name`', '`ube_report_player_attacker`', '`ube_report_player_bonus_attack`', '`ube_report_player_bonus_shield`', '`ube_report_player_bonus_armor`')), 'ube_report_fleet' => array(array('`ube_report_id`', '`ube_report_fleet_player_id`', '`ube_report_fleet_fleet_id`', '`ube_report_fleet_planet_id`', '`ube_report_fleet_planet_name`', '`ube_report_fleet_planet_galaxy`', '`ube_report_fleet_planet_system`', '`ube_report_fleet_planet_planet`', '`ube_report_fleet_planet_planet_type`', '`ube_report_fleet_resource_metal`', '`ube_report_fleet_resource_crystal`', '`ube_report_fleet_resource_deuterium`', '`ube_report_fleet_bonus_attack`', '`ube_report_fleet_bonus_shield`', '`ube_report_fleet_bonus_armor`')), 'ube_report_outcome_fleet' => array(array('`ube_report_id`', '`ube_report_outcome_fleet_fleet_id`', '`ube_report_outcome_fleet_resource_lost_metal`', '`ube_report_outcome_fleet_resource_lost_crystal`', '`ube_report_outcome_fleet_resource_lost_deuterium`', '`ube_report_outcome_fleet_resource_dropped_metal`', '`ube_report_outcome_fleet_resource_dropped_crystal`', '`ube_report_outcome_fleet_resource_dropped_deuterium`', '`ube_report_outcome_fleet_resource_loot_metal`', '`ube_report_outcome_fleet_resource_loot_crystal`', '`ube_report_outcome_fleet_resource_loot_deuterium`', '`ube_report_outcome_fleet_resource_lost_in_metal`')), 'ube_report_outcome_unit' => array(array('`ube_report_id`', '`ube_report_outcome_unit_fleet_id`', '`ube_report_outcome_unit_unit_id`', '`ube_report_outcome_unit_restored`', '`ube_report_outcome_unit_lost`', '`ube_report_outcome_unit_sort_order`')), 'ube_report_unit' => array(array('`ube_report_id`', '`ube_report_unit_player_id`', '`ube_report_unit_fleet_id`', '`ube_report_unit_round`', '`ube_report_unit_unit_id`', '`ube_report_unit_count`', '`ube_report_unit_boom`', '`ube_report_unit_attack`', '`ube_report_unit_shield`', '`ube_report_unit_armor`', '`ube_report_unit_attack_base`', '`ube_report_unit_shield_base`', '`ube_report_unit_armor_base`', '`ube_report_unit_sort_order`'))); // Сохраняем общую информацию о бое $outcome =& $combat_data[UBE_OUTCOME]; doquery("INSERT INTO `{{ube_report}}`\n SET\n `ube_report_cypher` = '{$combat_data[UBE_REPORT_CYPHER]}',\n `ube_report_time_combat` = '" . date(FMT_DATE_TIME_SQL, $combat_data[UBE_TIME]) . "',\n `ube_report_time_spent` = {$combat_data[UBE_TIME_SPENT]},\n\n `ube_report_combat_admin` = " . (int) $combat_data[UBE_OPTIONS][UBE_COMBAT_ADMIN] . ",\n `ube_report_mission_type` = {$combat_data[UBE_OPTIONS][UBE_MISSION_TYPE]},\n\n `ube_report_combat_result` = {$outcome[UBE_COMBAT_RESULT]},\n `ube_report_combat_sfr` = " . (int) $outcome[UBE_SFR] . ",\n\n `ube_report_debris_metal` = " . (double) $outcome[UBE_DEBRIS][RES_METAL] . ",\n `ube_report_debris_crystal` = " . (double) $outcome[UBE_DEBRIS][RES_CRYSTAL] . ",\n\n `ube_report_planet_id` = " . (int) $outcome[UBE_PLANET][PLANET_ID] . ",\n `ube_report_planet_name` = '" . db_escape($outcome[UBE_PLANET][PLANET_NAME]) . "',\n `ube_report_planet_size` = " . (int) $outcome[UBE_PLANET][PLANET_SIZE] . ",\n `ube_report_planet_galaxy` = " . (int) $outcome[UBE_PLANET][PLANET_GALAXY] . ",\n `ube_report_planet_system` = " . (int) $outcome[UBE_PLANET][PLANET_SYSTEM] . ",\n `ube_report_planet_planet` = " . (int) $outcome[UBE_PLANET][PLANET_PLANET] . ",\n `ube_report_planet_planet_type` = " . (int) $outcome[UBE_PLANET][PLANET_TYPE] . ",\n\n `ube_report_moon` = " . (int) $outcome[UBE_MOON] . ",\n `ube_report_moon_chance` = " . (int) $outcome[UBE_MOON_CHANCE] . ",\n `ube_report_moon_size` = " . (double) $outcome[UBE_MOON_SIZE] . ",\n\n `ube_report_moon_reapers` = " . (int) $outcome[UBE_MOON_REAPERS] . ",\n `ube_report_moon_destroy_chance` = " . (int) $outcome[UBE_MOON_DESTROY_CHANCE] . ",\n `ube_report_moon_reapers_die_chance` = " . (int) $outcome[UBE_MOON_REAPERS_DIE_CHANCE] . "\n "); $ube_report_id = $combat_data[UBE_REPORT_ID] = db_insert_id(); // Сохраняем общую информацию по игрокам foreach ($combat_data[UBE_PLAYERS] as $player_id => &$player_info) { $sql_perform['ube_report_player'][] = array($ube_report_id, $player_id, "'" . db_escape($player_info[UBE_NAME]) . "'", (int) $player_info[UBE_ATTACKER], (double) $player_info[UBE_BONUSES][UBE_ATTACK], (double) $player_info[UBE_BONUSES][UBE_SHIELD], (double) $player_info[UBE_BONUSES][UBE_ARMOR]); } // Всякая информация по флотам $unit_sort_order = 0; foreach ($combat_data[UBE_FLEETS] as $fleet_id => &$fleet_info) { // Сохраняем общую информацию по флотам $sql_perform['ube_report_fleet'][] = array($ube_report_id, $fleet_info[UBE_OWNER], $fleet_id, (double) $fleet_info[UBE_PLANET][PLANET_ID], "'" . db_escape($fleet_info[UBE_PLANET][PLANET_NAME]) . "'", (int) $fleet_info[UBE_PLANET][PLANET_GALAXY], (int) $fleet_info[UBE_PLANET][PLANET_SYSTEM], (int) $fleet_info[UBE_PLANET][PLANET_PLANET], (int) $fleet_info[UBE_PLANET][PLANET_TYPE], (double) $fleet_info[UBE_RESOURCES][RES_METAL], (double) $fleet_info[UBE_RESOURCES][RES_CRYSTAL], (double) $fleet_info[UBE_RESOURCES][RES_DEUTERIUM], (double) $fleet_info[UBE_BONUSES][UBE_ATTACK], (double) $fleet_info[UBE_BONUSES][UBE_SHIELD], (double) $fleet_info[UBE_BONUSES][UBE_ARMOR]); // Сохраняем итоговую информацию по ресурсам флота - потеряно, выброшено, увезено $fleet_outcome_data =& $outcome[UBE_FLEETS][$fleet_id]; $sql_perform['ube_report_outcome_fleet'][] = array($ube_report_id, $fleet_id, (double) $fleet_outcome_data[UBE_RESOURCES_LOST][RES_METAL], (double) $fleet_outcome_data[UBE_RESOURCES_LOST][RES_CRYSTAL], (double) $fleet_outcome_data[UBE_RESOURCES_LOST][RES_DEUTERIUM], (double) $fleet_outcome_data[UBE_CARGO_DROPPED][RES_METAL], (double) $fleet_outcome_data[UBE_CARGO_DROPPED][RES_CRYSTAL], (double) $fleet_outcome_data[UBE_CARGO_DROPPED][RES_DEUTERIUM], (double) $fleet_outcome_data[UBE_RESOURCES_LOOTED][RES_METAL], (double) $fleet_outcome_data[UBE_RESOURCES_LOOTED][RES_CRYSTAL], (double) $fleet_outcome_data[UBE_RESOURCES_LOOTED][RES_DEUTERIUM], (double) $fleet_outcome_data[UBE_RESOURCES_LOST_IN_METAL][RES_METAL]); // Сохраняем результаты по юнитам - потеряно и восстановлено foreach ($fleet_info[UBE_COUNT] as $unit_id => $unit_count) { if ($fleet_outcome_data[UBE_UNITS_LOST][$unit_id] || $fleet_outcome_data[UBE_DEFENCE_RESTORE][$unit_id]) { $unit_sort_order++; $sql_perform['ube_report_outcome_unit'][] = array($ube_report_id, $fleet_id, $unit_id, (double) $fleet_outcome_data[UBE_DEFENCE_RESTORE][$unit_id], (double) $fleet_outcome_data[UBE_UNITS_LOST][$unit_id], $unit_sort_order); } } } // Сохраняем информацию о раундах $unit_sort_order = 0; foreach ($combat_data[UBE_ROUNDS] as $round => &$round_data) { foreach ($round_data[UBE_FLEETS] as $fleet_id => &$fleet_data) { foreach ($fleet_data[UBE_COUNT] as $unit_id => $unit_count) { $unit_sort_order++; $sql_perform['ube_report_unit'][] = array($ube_report_id, $fleet_data[UBE_FLEET_INFO][UBE_OWNER], $fleet_id, $round, $unit_id, $unit_count, (int) $fleet_data[UBE_UNITS_BOOM][$unit_id], $fleet_data[UBE_ATTACK][$unit_id], $fleet_data[UBE_SHIELD][$unit_id], $fleet_data[UBE_ARMOR][$unit_id], $fleet_data[UBE_ATTACK_BASE][$unit_id], $fleet_data[UBE_SHIELD_BASE][$unit_id], $fleet_data[UBE_ARMOR_BASE][$unit_id], $unit_sort_order); } } } // Пакетная вставка данных foreach ($sql_perform as $table_name => $table_data) { if (count($table_data) < 2) { continue; } foreach ($table_data as &$record_data) { $record_data = '(' . implode(',', $record_data) . ')'; } $fields = $table_data[0]; unset($table_data[0]); doquery("INSERT INTO {{{$table_name}}} {$fields} VALUES " . implode(',', $table_data)); } return $combat_data[UBE_REPORT_CYPHER]; }
switch ($mode) { case ADM_TOOL_CONFIG_RELOAD: $config->db_loadAll(); sys_refresh_tablelist($config->db_prefix); $config->db_loadItem('game_watchlist'); if ($config->game_watchlist) { $config->game_watchlist_array = explode(';', $config->game_watchlist); } else { unset($config->game_watchlist_array); } break; case ADM_TOOL_MD5: $template = gettemplate("admin/md5enc", true); $password_seed = sys_get_param_str_unsafe('seed', SN_SYS_SEC_CHARS_ALLOWED); $password_length = sys_get_param_int('length', 16); $string = ($string = sys_get_param_str_unsafe('string')) ? $string : sys_random_string($password_length, $password_seed); $template->assign_vars(array('SEED' => $password_seed, 'LENGTH' => $password_length, 'STRING' => htmlentities($string), 'MD5' => md5($string))); display($template, $lang['adm_tools_md5_header'], false, '', true); break; case ADM_TOOL_FORCE_ALL: $config->db_saveItem('db_version', 0); require_once '../includes/update.php'; break; case ADM_TOOL_FORCE_LAST: $config->db_saveItem('db_version', floor($config->db_version - 1)); require_once '../includes/update.php'; break; case ADM_TOOL_INFO_PHP: phpinfo(); break; case ADM_TOOL_INFO_SQL:
message($message, $lang['log_lost_header']); } else { message($lang['log_lost_err_change'], $lang['sys_error']); } } else { message($lang['log_lost_err_code'], $lang['sys_error']); } } elseif ($email) { $user_id = doquery("SELECT `id` FROM {{users}} WHERE `email_2` = '{$email}' LIMIT 1;", '', true); if (!$user_id['id']) { message($lang['log_lost_err_email'], $lang['sys_error']); } else { $last_confirm = doquery("SELECT *, UNIX_TIMESTAMP(`create_time`) as `unix_time` FROM {{confirmations}} WHERE `id_user`= '{$user_id['id']}' AND `type` = '{$confirm_password_reset}' LIMIT 1;", '', true); if ($last_confirm['unix_time']) { doquery("DELETE FROM {{confirmations}} WHERE `id` = '{$last_confirm['id']}' LIMIT 1;"); } $confirm_code = sys_random_string(); @($result = mymail($email, $lang['log_lost_email_title'], sprintf($lang['log_lost_email_code'], SN_ROOT_VIRTUAL . $_SERVER['PHP_SELF'], $confirm_code, date(FMT_DATE_TIME, $time_now + 3 * 24 * 60 * 60)))); doquery("INSERT INTO {{confirmations}} SET `id_user`= '{$user_id['id']}', `type` = '{$confirm_password_reset}', `code` = '{$confirm_code}', `email` = '{$email}';"); if ($result) { message($lang['log_lost_sent_code'], $lang['log_lost_header']); } else { message($lang['log_lost_err_sending'], $lang['sys_error']); } } message('Le nouveau mot de passe a été envoyé avec succès !', 'OK'); } $template = gettemplate('lostpassword', true); $template->assign_vars(array('URL_RULES' => $config->url_rules, 'URL_FORUM' => $config->url_forum, 'URL_FAQ' => $config->url_faq)); tpl_login_lang($template, $id_ref); display(parsetemplate($template), $lang['system'], false, '', false, false);
pdump($system_count, '$system_count'); pdump($system_step, '$system_step'); $skin = DEFAULT_SKINPATH; $language = DEFAULT_LANG; $galaxy = 1; $system = $system_step; $planet = round($config->game_maxPlanet / 2); foreach ($imported_string as &$string_data) { $string_data = explode(',', $string_data); $username_safe = $string_data[0]; // $user_new = player_create($username_safe, $string_data[1], '', array( // 'galaxy' => $galaxy, // 'system' => $system, // 'planet' => $planet, // ), $create_result); $user_new = player_create($username_safe, sys_random_string(), array('password_encoded_unsafe' => core_auth::password_encode($string_data[1], ''), 'galaxy' => $galaxy, 'system' => $system, 'planet' => $planet)); // $user_new = &$create_result[F_LOGIN_USER]; $moon_row = uni_create_moon($galaxy, $system, $planet, $user_new['id'], 30, '', false); if (($system += $system_step) >= $config->game_maxSystem) { $galaxy++; $system = $system_step; } } doquery('UPDATE {{users}} SET dark_matter = 50000, dark_matter_total = 50000;'); $config->db_saveItem('users_amount', $config->users_amount + $new_players); // pdump($imported_string); // generated_string } elseif (sys_get_param_str('import_result') && ($blitz_result_string = sys_get_param_str('blitz_result_string'))) { $blitz_result = explode(';', $blitz_result_string); $blitz_last_update = $blitz_result[0]; // Пока не используется
protected function make_password_reset_code() { return sys_random_string(LOGIN_PASSWORD_RESET_CONFIRMATION_LENGTH, SN_SYS_SEC_CHARS_CONFIRMATION); }
sn_db_transaction_commit(); } $blitz_generated = array(); $blitz_result = array(); $blitz_prize_players_active = 0; $blitz_players = 0; $blitz_prize_dark_matter = 0; $blitz_prize_places = 0; if ($user['authlevel'] >= AUTH_LEVEL_DEVELOPER) { if (sys_get_param_str('generate')) { $next_id = 0; $query = doquery("SELECT `id` FROM {{blitz_registrations}} WHERE `round_number` = {$current_round} ORDER BY RAND();"); while ($row = db_fetch($query)) { $next_id++; $blitz_name = 'Игрок' . $next_id; $blitz_password = sys_random_string(8); doquery("UPDATE {{blitz_registrations}} SET blitz_name = '{$blitz_name}', blitz_password = '******' WHERE `id` = {$row['id']} AND `round_number` = {$current_round};"); } } elseif (sys_get_param_str('import_generated')) { // ЭТО НА БЛИЦЕ!!! doquery("DELETE FROM {{users}} WHERE username like 'Игрок%';"); doquery("DELETE FROM {{planets}} WHERE id_owner not in (SELECT `id` FROM {{users}});"); $imported_string = explode(';', sys_get_param_str('generated_string')); shuffle($imported_string); $new_players = count($imported_string); $system_count = ceil($new_players / $config->game_maxGalaxy); $system_step = floor($config->game_maxSystem / $system_count); pdump($system_count, '$system_count'); pdump($system_step, '$system_step'); $skin = DEFAULT_SKINPATH; $language = DEFAULT_LANG;
public static function make_random_password() { return sys_random_string(LOGIN_PASSWORD_RESET_CONFIRMATION_LENGTH, SN_SYS_SEC_CHARS_CONFIRMATION); }
function sec_restore_password_confirm($confirm_safe, &$result) { global $lang, $config; try { $last_confirm = doquery("SELECT *, UNIX_TIMESTAMP(`create_time`) as `unix_time` FROM {{confirmations}} WHERE `code` = '{$confirm_safe}' AND `type` = " . CONFIRM_PASSWORD_RESET . " LIMIT 1;", true); if (!isset($last_confirm['id'])) { throw new exception(PASSWORD_RESTORE_ERROR_CODE_WRONG); } if (SN_TIME_NOW - $last_confirm['unix_time'] > PERIOD_DAY) { throw new exception(PASSWORD_RESTORE_ERROR_CODE_TOO_OLD); } $new_password = sys_random_string(8, SN_SYS_SEC_CHARS_CONFIRMATION); // $salt_unsafe = sec_password_salt_generate(); // $md5 = sec_password_encode($new_password, $salt_unsafe); // $salt_safe = db_escape($salt_unsafe); //if(!db_user_set_by_id($last_confirm['id_user'], "`password` = '{$md5}', `salt` = '{$salt_safe}'")) { if (!sec_password_change($last_confirm['id_user'], $new_password, false, 1)) { // OK throw new exception(PASSWORD_RESTORE_ERROR_CHANGE); } $message = sprintf($lang['log_lost_email_pass'], $config->game_name, $new_password); @($operation_result = mymail($last_confirm['email'], sprintf($lang['log_lost_email_title'], $config->game_name), htmlspecialchars($message))); $message = sys_bbcodeParse($message) . '<br><br>'; $result[F_PASSWORD_NEW] = $new_password; $result[F_LOGIN_STATUS] = $operation_result ? PASSWORD_RESTORE_SUCCESS_PASSWORD_SENT : PASSWORD_RESTORE_SUCCESS_PASSWORD_SEND_ERROR; $result[F_LOGIN_MESSAGE] = $message . ($operation_result ? $lang['log_lost_sent_pass'] : $lang['log_lost_err_sending']); doquery("DELETE FROM {{confirmations}} WHERE `id` = '{$last_confirm['id']}' AND `type` = " . CONFIRM_PASSWORD_RESET . " LIMIT 1;"); // sys_redirect('login.php'); } catch (exception $e) { $result[F_LOGIN_STATUS] = $e->getMessage(); } }
public function __construct() { $this->write_full_url = !classSupernova::$config->security_write_full_url_disabled; // Инфа об устройстве и браузере - общая для всех sn_db_transaction_start(); $this->device_cypher = $_COOKIE[SN_COOKIE_D]; if ($this->device_cypher) { $cypher_safe = db_escape($this->device_cypher); $device_id = doquery("SELECT `device_id` FROM {{security_device}} WHERE `device_cypher` = '{$cypher_safe}' LIMIT 1 FOR UPDATE", true); if (!empty($device_id['device_id'])) { $this->device_id = $device_id['device_id']; } } if ($this->device_id <= 0) { do { $cypher_safe = db_escape($this->device_cypher = sys_random_string()); $row = doquery("SELECT `device_id` FROM {{security_device}} WHERE `device_cypher` = '{$cypher_safe}' LIMIT 1 FOR UPDATE", true); } while (!empty($row)); doquery("INSERT INTO {{security_device}} (`device_cypher`) VALUES ('{$cypher_safe}');"); $this->device_id = db_insert_id(); sn_setcookie(SN_COOKIE_D, $this->device_cypher, PERIOD_FOREVER, SN_ROOT_RELATIVE); } sn_db_transaction_commit(); sn_db_transaction_start(); $this->user_agent = $_SERVER['HTTP_USER_AGENT']; $this->browser_id = db_get_set_unique_id_value($_SERVER['HTTP_USER_AGENT'], 'browser_id', 'security_browser', 'browser_user_agent'); sn_db_transaction_commit(); sn_db_transaction_start(); $this->page_address = substr($_SERVER['PHP_SELF'], strlen(SN_ROOT_RELATIVE)); $this->page_address_id = db_get_set_unique_id_value($this->page_address, 'url_id', 'security_url', 'url_string'); sn_db_transaction_commit(); if ($this->write_full_url) { sn_db_transaction_start(); $this->page_url = substr($_SERVER['REQUEST_URI'], strlen(SN_ROOT_RELATIVE)); if (strpos($_SERVER['REQUEST_URI'], '/simulator.php') === 0) { $this->page_url = '/simulator.php'; } $this->page_url_id = db_get_set_unique_id_value($this->page_url, 'url_id', 'security_url', 'url_string'); sn_db_transaction_commit(); } $ip = sec_player_ip(); $this->ip_v4_string = $ip['ip']; $this->ip_v4_int = ip2longu($this->ip_v4_string); $this->ip_v4_proxy_chain = $ip['proxy_chain']; }