/** * Key check and set new password. * * @param integer $userid * @param string $key Key, transmitted by email * @param string $newpw New password * * @return Bengine_Game_Account_Password_Changer */ public function __construct($userid, $key, $newpw) { Hook::event("ChangePassword", array($userid, $key)); if (empty($key) || Str::length($newpw) < Core::getOptions()->get("MIN_PASSWORD_LENGTH") || Str::length($newpw) > Core::getOptions()->get("MAX_PASSWORD_LENGTH")) { $this->printIt("PASSWORD_INVALID"); } $where = Core::getDB()->quoteInto("userid = ? AND ", $userid); $where .= Core::getDB()->quoteInto("activation = ?", $key); $result = Core::getQuery()->select("user", "userid", "", $where); if ($result->rowCount()) { $result->closeCursor(); $encryption = Core::getOptions("USE_PASSWORD_SALT") ? "md5_salt" : "md5"; $newpw = Str::encode($newpw, $encryption); Core::getQuery()->update("password", array("password" => $newpw, "time" => TIME), "userid = ?", array($userid)); Core::getQuery()->update("user", array("activation" => ""), "userid = ?", array($userid)); $this->printIt("PASSWORD_CHANGED", false); } $result->closeCursor(); $this->printIt("ERROR_PASSWORD_CHANGED"); return; }
/** * Updates the moderator form. * * @param string $username * @param string $usertitle * @param string $email * @param int $delete * @param int $umode * @param string $activation * @param string $ipcheck * @param int $usergroupid * @param int $points * @param int $fpoints * @param int $dpoints * @param int $rpoints * @param string $password * @param int $languageid * @param string $templatepackage * @param string $theme * @param string $js_interface * @return Bengine_Game_Controller_Moderator */ protected function updateUser($username, $usertitle, $email, $delete, $umode, $activation, $ipcheck, $usergroupid, $points, $fpoints, $dpoints, $rpoints, $password, $languageid, $templatepackage, $theme, $js_interface) { $select = array("userid", "username", "email"); $result = Core::getQuery()->select("user", $select, "", Core::getDB()->quoteInto("userid = ?", $this->userid)); if ($row = $result->fetchRow()) { $result->closeCursor(); Hook::event("SaveUserModeration", array(&$row)); $delete = $delete == 1 ? 1 : 0; $umode = $umode == 1 ? 1 : 0; $activation = $activation == 1 ? "" : "1"; $ipcheck = $ipcheck == 1 ? 1 : 0; $username = trim($username); $usertitle = trim($usertitle); $js_interface = trim($js_interface); if (Core::getUser()->ifPermissions("CAN_EDIT_USER")) { Core::getQuery()->delete("user2group", "userid = ?", null, null, array($this->userid)); Core::getQuery()->insert("user2group", array("usergroupid" => $usergroupid, "userid" => $this->userid)); Core::getQuery()->update("user", array("points" => floatval($points), "fpoints" => (int) $fpoints, "dpoints" => (int) $dpoints, "rpoints" => (int) $rpoints), "userid = ?", array($this->userid)); } if ($umode) { setProdOfUser($this->userid, 0); } if (!Str::compare($username, $row["username"])) { $num = Core::getQuery()->select("user", "userid", "", Core::getDB()->quoteInto("username = ?", $username))->rowCount(); if ($num > 0) { $username = $row["username"]; } } if (!Str::compare($email, $row["email"])) { $num = Core::getQuery()->select("user", "userid", "", Core::getDB()->quoteInto("email = ?", $email))->rowCount(); if ($num > 0) { $email = $row["email"]; } } if (Str::length($password) > Core::getOptions()->get("MIN_PASSWORD_LENGTH")) { $encryption = Core::getOptions("USE_PASSWORD_SALT") ? "md5_salt" : "md5"; $password = Str::encode($password, $encryption); Core::getQuery()->update("password", array("password" => $password, "time" => TIME), "userid = ?", array($this->userid)); } $spec = array("username" => $username, "usertitle" => $usertitle, "email" => $email, "delete" => $delete, "umode" => $umode, "activation" => $activation, "languageid" => $languageid, "ipcheck" => $ipcheck, "templatepackage" => $templatepackage, "theme" => $theme, "js_interface" => $js_interface); Core::getQuery()->update("user", $spec, "userid = ?", array($this->userid)); } return $this; }
/** * Shows form for planet options. * * @param string $planetname * @param boolean $abandon * @param string $password * * @return Bengine_Game_Controller_Index */ protected function changePlanetOptions($planetname, $abandon, $password) { $planetname = trim($planetname); Hook::event("SAVE_PLANET_OPTIONS", array(&$planetname, &$abandon)); if ($abandon == 1) { $ok = true; if (Game::getEH()->getPlanetFleetEvents()) { Logger::addMessage("CANNOT_DELETE_PLANET"); $ok = false; } if (Core::getUser()->get("hp") == Core::getUser()->get("curplanet")) { Logger::addMessage("CANNOT_DELETE_HOMEPLANET"); $ok = false; } $result = Core::getQuery()->select("password", "password", "", Core::getDB()->quoteInto("userid = ?", Core::getUser()->get("userid"))); $row = $result->fetchRow(); $result->closeCursor(); $encryption = Core::getOptions("USE_PASSWORD_SALT") ? "md5_salt" : "md5"; $password = Str::encode($password, $encryption); if (!Str::compare($row["password"], $password)) { Logger::addMessage("WRONG_PASSWORD"); $ok = false; } if ($ok) { deletePlanet(Game::getPlanet()->getPlanetId(), Core::getUser()->get("userid"), Game::getPlanet()->getData("ismoon")); Core::getQuery()->update("user", array("curplanet" => Core::getUser()->get("hp")), "userid = ?", array(Core::getUser()->get("userid"))); Core::getUser()->rebuild(); $this->redirect("game/" . SID . "/Index"); } } else { if (checkCharacters($planetname)) { Core::getQuery()->update("planet", array("planetname" => $planetname), "planetid = ?", array(Core::getUser()->get("curplanet"))); $this->redirect("game/" . SID . "/Index"); } else { Logger::addMessage("INVALID_PLANET_NAME"); } } return $this; }
/** * Setter-method for password. * * @param string * * @return Login */ public function setPassword($password) { $this->rawPassword = $password; $this->pw = Str::encode($password, $this->encryption); return $this; }
/** * @param integer $userid * @param string $username * @param string $email * @param integer $languageid * @param string $templatepackage * @param integer $ipcheck * @param string $password * @return Bengine_Admin_Controller_User */ protected function saveUser($userid, $username, $email, $languageid, $templatepackage, $ipcheck, $password) { $spec = array("username" => $username, "email" => $email, "languageid" => $languageid, "templatepackage" => $templatepackage, "ipcheck" => $ipcheck); Core::getQuery()->update("user", $spec, "userid = ?", array($userid)); if ($password != "") { $password = Str::encode($password, Core::getConfig()->get("USE_PASSWORD_SALT") ? "md5_salt" : "md5"); Core::getQuery()->update("password", array("password" => $password, "time" => TIME), "userid = ?", array($userid)); } return $this; }
/** * Returns the password. * * @param boolean $encrypted Encrypt password * * @return string */ public function getPassword($encrypted = false) { if ($encrypted) { $encryption = Core::getOptions("USE_PASSWORD_SALT") ? "md5_salt" : "md5"; return Str::encode($this->password, $encryption); } return $this->password; }
/** * Saves the entered preferences. * * @param string $username * @param string $usertitle * @param string $email * @param string $pw * @param string $theme * @param integer $language * @param string $templatepackage * @param integer $umode * @param integer $delete * @param integer $ipcheck * @param integer $esps * @param integer $generate_key * @param string $js_interface * @throws Recipe_Exception_Generic * @return Bengine_Game_Controller_Preferences */ protected function updateUserData($username, $usertitle, $email, $pw, $theme, $language, $templatepackage, $umode, $delete, $ipcheck, $esps, $generate_key, $js_interface) { if (Core::getUser()->get("umode")) { throw new Recipe_Exception_Generic("Vacation mode is still enabled."); } Core::getLanguage()->load("Registration"); Hook::event("SaveUserDataFirst"); $username = trim(str_replace(" ", " ", $username)); $usertitle = trim($usertitle); $js_interface = trim($js_interface); $language = (int) (empty($language) ? Core::getConfig()->get("defaultlanguage") : $language); if (!empty($theme) && !filter_var($theme, FILTER_VALIDATE_URL, FILTER_FLAG_PATH_REQUIRED)) { $theme = ""; Logger::addMessage("THEME_INVALID"); } if (!empty($templatepackage) && !is_dir(APP_ROOT_DIR . "app/templates/" . $templatepackage)) { $templatepackage = Core::getUser()->get("templatepackage"); } $activation = ""; // Check language if (Core::getUser()->get("languageid") != $language) { $result = Core::getQuery()->select("languages", "languageid", "", Core::getDB()->quoteInto("languageid = ?", $language)); if ($result->rowCount() <= 0) { $language = Core::getUser()->get("languageid"); } $result->closeCursor(); } // Check username if (!Str::compare($username, Core::getUser()->get("username"))) { $result = Core::getQuery()->select("user", "userid", "", Core::getDB()->quoteInto("username = ?", $username)); if ($result->rowCount() == 0) { $result->closeCursor(); if (!checkCharacters($username)) { $username = Core::getUser()->get("username"); Logger::addMessage("USERNAME_INVALID"); } else { Logger::addMessage("USERNAME_CHANGED", "success"); } } else { $result->closeCursor(); $username = Core::getUser()->get("username"); Logger::addMessage("USERNAME_EXISTS"); } } // Check user title if (!Str::compare($usertitle, Core::getUser()->get("usertitle"))) { $length = Str::length($usertitle); if ($length < Core::getOptions()->get("MIN_USER_CHARS") || $length > Core::getOptions()->get("MAX_USER_CHARS")) { $usertitle = Core::getUser()->get("usertitle"); } } // Check email if (!Str::compare($email, Core::getUser()->get("email"))) { $result = Core::getQuery()->select("user", "userid", "", Core::getDB()->quoteInto("email = ?", $email)); if ($result->rowCount() == 0) { $result->closeCursor(); if (!checkEmail($email)) { $email = Core::getUser()->get("email"); Logger::addMessage("EMAIL_INVALID"); } else { $successMsg = "EMAIL_CHANGED"; if (Core::getConfig()->get("EMAIL_ACTIVATION_CHANGED_EMAIL")) { $activation = randString(8); $url = BASE_URL . Core::getLang()->getOpt("langcode") . "/signup/activation/key:" . $activation; Core::getLang()->assign("username", $username); Core::getTemplate()->assign("activationUrl", $url); $template = new Recipe_Email_Template("email_changed"); $mail = new Email($email, Core::getLanguage()->getItem("EMAIL_ACTIVATION")); $template->send($mail); $successMsg .= "_REVALIDATE"; } Logger::addMessage($successMsg, "success"); } } else { $result->closeCursor(); Logger::addMessage("EMAIL_EXISTS"); $email = Core::getUser()->get("email"); } } // Check password $pwLength = Str::length($pw); if ($pwLength > 0) { if ($pwLength >= Core::getOptions()->get("MIN_PASSWORD_LENGTH") && $pwLength <= Core::getOptions()->get("MAX_PASSWORD_LENGTH")) { $successMsg = "PASSWORD_CHANGED"; if ($activation == "" && Core::getConfig()->get("EMAIL_ACTIVATION_CHANGED_PASSWORD")) { $activation = randString(8); $url = BASE_URL . Core::getLang()->getOpt("langcode") . "/signup/activation/key:" . $activation; Core::getLang()->assign("username", $username); Core::getTemplate()->assign("activationUrl", $url); Core::getTemplate()->assign("newPassword", $pw); $template = new Recipe_Email_Template("password_changed"); $mail = new Email($email, Core::getLanguage()->getItem("PASSWORD_ACTIVATION")); $template->send($mail); $successMsg .= "_REVALIDATE"; } $encryption = Core::getOptions("USE_PASSWORD_SALT") ? "md5_salt" : "md5"; $pw = Str::encode($pw, $encryption); Core::getQuery()->update("password", array("password" => $pw, "time" => TIME), "userid = ?", array(Core::getUser()->get("userid"))); Logger::addMessage($successMsg, "success"); } else { Logger::addMessage("PASSWORD_INVALID"); } } // Umode if ($umode == 1) { // Check if umode can be activated /* @var Bengine_Game_Model_Collection_Event $events */ $events = Game::getCollection("game/event"); $events->addVacationModeFilter(Core::getUser()->get("userid")); $eventCount = $events->getCalculatedSize(); if ($eventCount > 0) { Logger::dieMessage("CANNOT_ACTIVATE_UMODE"); } $umodemin = TIME + Core::getConfig()->get("MIN_VACATION_MODE"); setProdOfUser(Core::getUser()->get("userid"), 0); } else { $umodemin = 0; $umode = 0; } // Deletition $delete = !$delete ? 0 : TIME + self::DELETE_PROTECTION_TIME; // Other prefs $ipcheck = (int) $ipcheck; if (!Core::getConfig()->get("USER_EDIT_IP_CHECK")) { $ipcheck = Core::getUser()->get("ipcheck"); } else { if ($ipcheck > 0) { $ipcheck = 1; } } if ($esps > 99) { $esps = 99; } else { if ($esps <= 0) { $esps = 1; } } Hook::event("SaveUserDataLast", array(&$username, &$usertitle, &$email, &$templatepackage, &$theme, &$umode, &$umodemin, &$delete, $ipcheck, $esps, &$js_interface)); // Save it $spec = array("username" => $username, "usertitle" => $usertitle, "email" => $email, "temp_email" => $email, "activation" => $activation, "languageid" => $language, "templatepackage" => $templatepackage, "theme" => $theme, "ipcheck" => $ipcheck, "umode" => $umode, "umodemin" => $umodemin, "delete" => $delete, "esps" => $esps, "js_interface" => $js_interface); // Feeds if ($generate_key) { $new_key = randString(16); $result = Core::getQuery()->select("feed_keys", array("feed_key"), "", Core::getDB()->quoteInto("user_id = ?", Core::getUser()->get("userid"))); if ($result->rowCount() > 0) { // User has a feed key Core::getQuery()->update("feed_keys", array("feed_key" => $new_key), "user_id = ?", array(Core::getUser()->get("userid"))); } else { Core::getQuery()->insert("feed_keys", array("user_id" => Core::getUser()->get("userid"), "feed_key" => $new_key)); } } Core::getQuery()->update("user", $spec, "userid = ?", array(Core::getUser()->get("userid"))); Core::getUser()->rebuild(); return $this; }