try {
switch ($_POST['action']) {
case 'read':
$Message->set_message_read($_POST['ids']);
break;
case 'unread':
$Message->set_message_unread($_POST['ids']);
break;
case 'delete':
$Message->delete_message($_POST['ids']);
break;
default:
break;
}
} catch (MyException $e) {
Flash::store('Message Action FAILED !', true);
}
}
$meta['title'] = 'Message Center';
$meta['head_data'] = '
<script type="text/javascript" src="scripts/messages.js"></script>
';
$contents = '
<form method="post" action="' . $_SERVER['REQUEST_URI'] . '"><div>
<input type="button" name="send" id="send" value="Send Message" />
</div></form>';
// INBOX
$messages = $Message->get_inbox_list();
$table_format = array(array('SPECIAL_CLASS', 'my_empty(\'[[[view_date]]]\')', 'highlight'), array('SPECIAL_HTML', 'true', 'id="msg[[[message_id]]]"'), array('Id', 'message_id'), array('Subject', '###@htmlentities(strmaxlen(html_entity_decode(\'[[[subject]]]\', ENT_QUOTES), 25), ENT_QUOTES, \'ISO-8859-1\', false)'), array('From', '###\'[[[sender]]]\'.(([[[global]]]) ? \' <span class="highlight">(<abbr title="GLOBAL">G</abbr>)</span>\' : \'\')'), array('Date Sent', '###@ifdateor(Settings::read(\'long_date\'), strtotime(\'[[[send_date]]]\'), strtotime(\'[[[create_date]]]\'))'), array('Date Read', '###@ifdateor(Settings::read(\'long_date\'), strtotime(\'[[[view_date]]]\'), \'Never\')'), array('Date Expires', '###@ifdateor(Settings::read(\'long_date\'), strtotime(\'[[[expire_date]]]\'), \'Never\')'), array('<input type="checkbox" id="in_all" />', '<input type="checkbox" name="ids[]" value="[[[message_id]]]" class="in_box" />', 'false', 'class="edit"'));
$table_meta = array('sortable' => true, 'no_data' => '<p>There are no messages in your inbox.</p><!-- NO_INBOX -->', 'caption' => 'Inbox');
$table = get_table($table_format, $messages, $table_meta);
$message['message'] = str_replace("\t", ' ', $message['message']);
$message['message'] = str_replace(' ', ' ', $message['message']);
$message['message'] = htmlentities($message['message'], ENT_QUOTES, 'ISO-8859-1', false);
$message['message'] = nl2br($message['message']);
$message['subject'] = htmlentities($message['subject'], ENT_QUOTES, 'ISO-8859-1', false);
// find out if we're reading an inbox message, or an outbox message
if ($message['inbox']) {
$list = $Message->get_outbox_list();
} elseif ($message['allowed']) {
$list = $Message->get_inbox_list();
} else {
$list = $Message->get_admin_list();
}
} catch (MyException $e) {
if (!defined('DEBUG') || !DEBUG) {
Flash::store('Error Finding Message !', 'messages.php');
} else {
call('ERROR FINDING MESSAGE');
}
exit;
}
// grab data for our prev | next links
$prev = false;
$next = false;
$current = false;
$prev_item = false;
foreach ($list as $item) {
if ($current) {
$current = false;
$next = $item['message_id'];
}
// times on other pages where it would be run more often
GamePlayer::delete_inactive(Settings::read('expire_users'));
Game::delete_inactive(Settings::read('expire_games'));
Game::delete_finished(Settings::read('expire_finished_games'));
if (isset($_POST['invite'])) {
call($_POST);
// make sure this user is not full
if ($GLOBALS['Player']->max_games && $GLOBALS['Player']->max_games <= $GLOBALS['Player']->current_games) {
Flash::store('You have reached your maximum allowed games !', false);
}
test_token();
try {
Game::invite();
Flash::store('Invitation Sent Successfully', true);
} catch (MyException $e) {
Flash::store('Invitation FAILED !', false);
}
}
// grab the full list of players
$players_full = GamePlayer::get_list(true);
$invite_players = array_shrink($players_full, 'player_id');
$invite_players = ife($invite_players, array(), false);
// grab the players who's max game count has been reached
$players_maxed = GamePlayer::get_maxed();
$players_maxed[] = $_SESSION['player_id'];
// remove the maxed players from the invite list
$players = array_diff($invite_players, $players_maxed);
$opponent_selection = '';
$opponent_selection .= '<option value="">-- Open --</option>';
foreach ($players_full as $player) {
if ($_SESSION['player_id'] == $player['player_id']) {
if (isset($_POST['register'])) {
test_token();
// die spammers
if ('' != $_POST['website']) {
header('Location: http://www.searchbliss.com/spambot/spambot-stopper.asp');
exit;
}
try {
$GLOBALS['Player'] = new GamePlayer();
$GLOBALS['Player']->register();
$Message = new Message($GLOBALS['Player']->id, $GLOBALS['Player']->is_admin);
$Message->grab_global_messages();
Flash::store('Registration Successful !', 'login.php');
} catch (MyException $e) {
if (!defined('DEBUG') || !DEBUG) {
Flash::store('Registration Failed !\\n\\n' . $e->outputMessage(), true);
} else {
call('REGISTRATION ATTEMPT REDIRECTED TO REGISTER AND QUIT');
call($e->getMessage());
}
}
exit;
}
$meta['title'] = 'Registration';
$meta['head_data'] = '
<script type="text/javascript">//<![CDATA[
var profile = 0;
//]]></script>
<script type="text/javascript" src="scripts/register.js"></script>
';
$meta['show_menu'] = false;
Flash::store('Admin Update FAILED !', true);
// redirect kills form resubmission
}
}
if (isset($_POST['submit'])) {
test_token();
try {
// clear the submit and token fields
$POST = $_POST;
unset($POST['submit']);
unset($POST['token']);
Settings::write_all($POST);
Flash::store('Admin Update Successfull', true);
// redirect kills form resubmission
} catch (MyException $e) {
Flash::store('Admin Update FAILED !', true);
// redirect kills form resubmission
}
}
$meta['title'] = GAME_NAME . ' Administration';
$meta['head_data'] = '
<script type="text/javascript" src="scripts/admin.js"></script>
';
$hints = array('Here you can administrate your ' . GAME_NAME . ' installation.', 'Click anywhere on a row to mark that row for action.');
$contents = '';
// grab the lists
$player_list = GamePlayer::get_list();
$game_list = Game::get_list();
// go through the player list and remove the root admin and ourselves
foreach ($player_list as $key => $player) {
if ($GLOBALS['_ROOT_ADMIN'] == $player['username']) {
require_once 'includes/inc.global.php';
if (isset($_POST['submit'])) {
test_token();
try {
$_POST['allow_email'] = isset($_POST['allow_email']) ? $_POST['allow_email'] : false;
$GLOBALS['Player']->allow_email = is_checked($_POST['allow_email']);
$GLOBALS['Player']->max_games = (int) $_POST['max_games'];
// color selections may be removed
if (isset($_POST['color'])) {
$GLOBALS['Player']->color = $_POST['color'];
}
$GLOBALS['Player']->save();
Flash::store('Preferences Updated', false);
} catch (MyException $e) {
Flash::store('Preferences Update FAILED !', false);
}
}
$meta['title'] = 'Update Preferences';
$hints = array('Here you can update your ' . GAME_NAME . ' preferences.', 'Setting a max concurrent games value will block people from sending you invites to new games after the max games value has been reached. Set to 0 to disable.');
$allow_email_cb = '<input type="checkbox" id="allow_email" name="allow_email" ' . get_selected(true, $GLOBALS['Player']->allow_email, false) . '/>';
if (is_array($GLOBALS['_COLORS']) && 0 != count($GLOBALS['_COLORS'])) {
$color_select = '<div><label for="color">Theme Color</label><select id="color" name="color"><option value="">Use Default</option>';
foreach ($GLOBALS['_COLORS'] as $color) {
$color_select .= '<option value="' . $color . '"' . get_selected($GLOBALS['Player']->color, $color) . '>' . ucwords(str_replace('_', ' ', $color)) . '</option>';
}
$color_select .= '</select></div>';
} else {
$color_select = '';
}
$contents = <<<EOF
<?php
require_once 'includes/inc.global.php';
if (isset($_POST['submit'])) {
test_token();
try {
$GLOBALS['Player']->update();
Flash::store('Profile Updated Successfully !', false);
} catch (MyException $e) {
Flash::store('Profile Update FAILED !', false);
}
}
$meta['title'] = 'Update Profile';
$meta['head_data'] = '
<script type="text/javascript">//<![CDATA[
var profile = 1;
//]]></script>
<script type="text/javascript" src="scripts/register.js"></script>
';
$hints = array('<span class="notice">GLOBAL SETTINGS</span><br />These setting affect ALL iohelix games that also display the GLOBAL SETTINGS text.', 'Here you can update your name, email address, and password.');
$contents = <<<EOF
\t<form method="post" action="{$_SERVER['REQUEST_URI']}"><div class="formdiv">
\t\t<input type="hidden" name="token" value="{$_SESSION['token']}" />
\t\t<input type="hidden" name="errors" id="errors" />
\t\t<ul>
\t\t\t<li><label>Username</label><span class="input">{$GLOBALS['Player']->username}</span></li>
\t\t\t<li><label for="first_name">First Name</label><input type="text" id="first_name" name="first_name" maxlength="20" value="{$GLOBALS['Player']->firstname}" tabindex="1" /></li>
\t\t\t<li><label for="last_name">Last Name</label><input type="text" id="last_name" name="last_name" maxlength="20" value="{$GLOBALS['Player']->lastname}" tabindex="2" /></li>
\t\t\t<li><label for="email" class="req">Email</label><input type="text" id="email" name="email" maxlength="100" value="{$GLOBALS['Player']->email}" tabindex="3" /><span id="email_check" class="test"></span></li>
break;
case 'delete':
if (isset($_POST['id'])) {
test_token();
// make sure this user can delete this setup
$Setup = new Setup((int) $_POST['id']);
if (!$GLOBALS['Player']->is_admin && (!$Setup->creator || (string) $_SESSION['player_id'] !== (string) $Setup->creator)) {
Flash::store('You are not allowed to perform this action', 'setups.php');
}
Setup::delete($Setup->id);
Flash::store('Setup deleted successfully', 'setups.php');
} elseif (isset($_GET['id'])) {
// make sure this user can edit / delete this setup
$Setup = new Setup((int) $_GET['id']);
if (!$GLOBALS['Player']->is_admin && (!$Setup->creator || (string) $_SESSION['player_id'] !== (string) $Setup->creator)) {
Flash::store('You are not allowed to perform this action', 'setups.php');
}
// we need to confirm the delete request via a safer method (no XSRF here)
$meta['title'] = 'Delete Game Setup';
$meta['head_data'] = '
<link rel="stylesheet" type="text/css" media="screen" href="css/board.css" />
<script type="text/javascript">
var invert = false;
var board = "' . expandFEN($Setup->board) . '";
</script>
<script type="text/javascript" src="scripts/board.js"></script>
<script type="text/javascript" src="scripts/setups.js"></script>
';
$hints = array('Delete your game setup by clicking the button.', 'If you do not wish to delete your setup, simply go to another section of the site. Or click here to return to the <a href="setups.php">Setup Page</a>');
} else {
call('NO GAME ID GIVEN');
}
exit;
}
// ALL GAME FORM SUBMISSIONS ARE AJAXED THROUGH /scripts/game.js
// load the game
// always refresh the game data, there may be more than one person online
try {
$Game = new Game((int) $_SESSION['game_id']);
if (!empty($_GET['accept'])) {
$Game->accept($_SESSION['player_id']);
}
} catch (MyException $e) {
if (!defined('DEBUG') || !DEBUG) {
Flash::store('Error Accessing Game !');
} else {
call('ERROR ACCESSING GAME :' . $e->outputMessage());
}
exit;
}
$players = $Game->get_players();
$Chat = new Chat($_SESSION['player_id'], $_SESSION['game_id']);
$chat_data = $Chat->get_box_list();
$chat_html = '
<div id="chatbox">
<form action="' . $_SERVER['REQUEST_URI'] . '" method="post"><div>
<input id="chat" type="text" name="chat" />
<label for="private" class="inline"><input type="checkbox" name="private" id="private" value="yes" /> Private</label>
</div></form>';
if (is_array($chat_data)) {
/** public function attack_path
* Runs the attack function for multiple territories along the given path
* using attack till dead on each and fortifying the maximum amount each time
* until the path is complete or the attacker has no more attackable armies left
*
* @param int player id
* @param int number of armies to attack with
* @param int attack from land id
* @param array if int attack to (defend) land ids
* @return bool defeated
*/
public function attack_path($player_id, $num_armies, $attack_land_id, $defend_land_ids)
{
call(__METHOD__);
$defend_land_ids = array_trim($defend_land_ids, 'int');
if ($this->paused) {
throw new MyException(__METHOD__ . ': Trying to perform an action on a paused game');
}
try {
foreach ($defend_land_ids as $defend_land_id) {
$defeated = $this->attack_till_dead($player_id, $num_armies, $attack_land_id, $defend_land_id);
if ('Finished' == $this->state) {
Flash::store('You have won the game !', false);
break;
}
if ($defeated) {
$this->occupy($player_id, 999999);
$attack_land_id = $defend_land_id;
} else {
break;
}
}
} catch (MyException $e) {
throw $e;
}
return $defeated;
}
$message = $Message->get_message_reply((int) $_GET['id']);
$reply_flag = true;
}
} catch (MyException $e) {
Flash::store('Error Retrieving Message !', 'messages.php');
}
}
$meta['title'] = 'Message Writer';
$meta['show_menu'] = false;
$meta['head_data'] = '
<style type="text/css">@import url(css/ui.datepicker.css);</style>
<script type="text/javascript" src="scripts/ui.datepicker.js"></script>
<script type="text/javascript" src="scripts/messages.js"></script>
';
if (isset($sent)) {
Flash::store('Message Sent Successfully !', false);
}
// grab a list of the players
$list = GamePlayer::get_list(true);
$recipient_options = '';
if (is_array($list)) {
// send global messages if we can
if ($GLOBALS['Player']->is_admin) {
$recipient_options .= '<option value="0">GLOBAL</option>';
}
$recipient_id = isset($message['recipients'][0]['from_id']) && !empty($reply_flag) ? $message['recipients'][0]['from_id'] : 0;
foreach ($list as $player) {
// remove ourselves from the list
if ($player['player_id'] == $_SESSION['player_id']) {
continue;
}
}
if (!$invalid) {
create_config_file();
// now use the new config file and create the tables and admin
require_once INCLUDE_DIR . 'config.php';
debug($GLOBALS);
if (Mysql::test()) {
debug('TEST PASSED');
create_tables();
create_admin();
} else {
debug('TEST FAILED');
// delete the file and display an error
unlink(INCLUDE_DIR . 'config.php');
if (class_exists('Flash')) {
Flash::store('MySQL Error: ' . Mysql::get_instance()->error);
} else {
die('MySQL Error: ' . Mysql::get_instance()->error);
}
exit;
}
// create the lock file
file_put_contents('install.lock', 'locked');
session_write_close();
header('Location: ' . $GLOBALS['_ROOT_URI']);
exit;
}
}
if (!isset($_POST['create']) || $invalid) {
require_once INCLUDE_DIR . 'config.php.sample';
$fields = array('db_hostname' => $GLOBALS['_DEFAULT_DATABASE']['hostname'], 'db_username' => $GLOBALS['_DEFAULT_DATABASE']['username'], 'db_password' => $GLOBALS['_DEFAULT_DATABASE']['password'], 'db_database' => $GLOBALS['_DEFAULT_DATABASE']['database'], 'master_prefix' => $master_prefix, 'game_prefix' => $game_prefix, 'root_uri' => 'http://' . $_SERVER['HTTP_HOST'] . str_replace('install.php', '', $_SERVER['REQUEST_URI']), 'use_email' => $GLOBALS['_USEEMAIL'] ? 'yes' : 'no', 'first_name' => '', 'last_name' => '', 'username' => '', 'email' => '', 'password' => '', 'passworda' => '');
/** protected function _session_board_test_fortify
* Check to see if we can fortify at all
*
* @param int $player_id
*
* @action tests and updates player data
*
* @return bool player can fortify
* @throws MyException
*/
protected function _session_board_test_fortify($player_id)
{
call(__METHOD__);
$player_id = (int) $player_id;
if (!$player_id) {
throw new MyException(__METHOD__ . ': Missing required player id');
}
$land = array();
foreach ($_SESSION['board'] as $land_id => $data) {
if ($data['player_id'] == $player_id) {
$land[$land_id] = $data['armies'];
}
}
// check for fortifiable sized armies
$has_armies = false;
$can_fortify = false;
foreach ($land as $land_id => $armies) {
if (1 < $armies) {
$has_armies = true;
// test the adjacent territories for our lands
foreach (self::$TERRITORIES[$land_id][ADJACENT] as $adjacent) {
if ($player_id == $_SESSION['board'][$adjacent]['player_id']) {
$can_fortify = true;
break 2;
}
}
}
}
if (!$can_fortify) {
$this->set_player_state('Waiting', $player_id);
if (!$this->halt_redirect) {
Flash::store('You can no longer fortify', true);
}
}
return $can_fortify;
}
// times on other pages where it would be ran more often
GamePlayer::delete_inactive(Settings::read('expire_users'));
Game::delete_inactive(Settings::read('expire_games'));
Game::delete_finished(Settings::read('expire_finished_games'));
$Game = new Game();
if (isset($_POST['create'])) {
// make sure this user is not full
if ($GLOBALS['Player']->max_games && $GLOBALS['Player']->max_games <= $GLOBALS['Player']->current_games) {
Flash::store('You have reached your maximum allowed games !');
}
test_token();
try {
$game_id = $Game->create();
Flash::store('Game Created Successfully');
} catch (MyException $e) {
Flash::store('Game Creation FAILED !', false);
}
}
$color_selection = '';
foreach ($Game->get_avail_colors() as $color) {
$color_selection .= '<option class="' . strtolower(substr($color, 0, 3)) . '">' . ucfirst($color) . '</option>';
}
$meta['title'] = 'Create Game';
$meta['head_data'] = '
<script type="text/javascript" src="scripts/create.js"></script>
';
$hints = array('Create a game by filling out your desired game options.', '<span class="highlight">WARNING!</span><br />Games will be deleted after ' . Settings::read('expire_games') . ' days of inactivity.');
// make sure this user is not full
$submit_button = '<div><input type="submit" name="create" value="Create Game" /></div>';
$warning = '';
if ($GLOBALS['Player']->max_games && $GLOBALS['Player']->max_games <= $GLOBALS['Player']->current_games) {
/** public function log_out
* Logs the player out of the system
* and deletes all the data, such as session vars,
* cookies, objects, etc.
*
* @param bool optional login attempt flag
* @param bool optional coming from login page flag
* @action logs the player out, redirects, and exits
* @return void
*/
public function log_out($login_attempt = false, $login_page = false)
{
call(__METHOD__);
$this->is_logged = false;
$this->_delete_cookie();
// clear player session data, but...
// keep the items that we need
$kill = array('player_id', 'PID', 'admin_id');
foreach (array_keys($_SESSION) as $key) {
if (in_array($key, $kill)) {
$_SESSION[$key] = false;
$_SESSION[$key] = null;
unset($_SESSION[$key]);
}
}
if ($login_attempt) {
Flash::store('Login FAILED !', false);
}
if (!$login_page) {
if (!$this->_DEBUG) {
session_write_close();
header('Location: ' . self::LOGIN_PAGE . $GLOBALS['_?_DEBUG_QUERY']);
} else {
call('PLAYER CLASS REDIRECTED TO LOGIN AND QUIT');
}
exit;
}
}
// send the messages
$message = 'You have been invited to join the game "' . htmlentities($Game->name, ENT_QUOTES, 'UTF-8', false) . '".' . "\n\n" . 'If you wish to play in this game, please join it from the home page.';
$message .= "\n\n==== Message ===========================================\n\n" . htmlentities($_POST['extra_text'], ENT_QUOTES, 'UTF-8', false);
$Message->send_message('Invitation to "' . htmlentities($Game->name, ENT_QUOTES, 'UTF-8', false) . '"', $message, $player_ids, false, ldate('m/d/Y', strtotime('1 week')));
Flash::store('Game Invitations Sent Successfully');
} catch (MyException $e) {
Flash::store('Game Invite FAILED !');
}
}
if (isset($_POST['start'])) {
test_token();
try {
$Game->start((int) $_POST['player_id']);
Flash::store('Game Started Successfully', 'game.php?id=' . $_POST['game_id']);
} catch (MyException $e) {
Flash::store('Game Start FAILED !', true);
}
}
// test if we are already in this game or not
$joined = $Game->is_player($_SESSION['player_id']);
$color_selection = '';
foreach ($Game->get_avail_colors() as $color) {
$color_selection .= '<option class="' . strtolower(substr($color, 0, 3)) . '">' . ucfirst($color) . '</option>';
}
$password_box = '';
if ('' != $Game->passhash) {
$password_box = '<li><label for="password">Password</label><input type="password" id="password" name="password" /></li>';
}
$meta['title'] = 'Join Game';
$meta['head_data'] = '
<script type="text/javascript">//<