/** * Update the information of a viewing observer, or player. **/ function update_activity_info() { $sql = new DBAccess(); // ******************** Usage Information of the browser ********************* $remoteAddress = isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : NULL; $userAgent = isset($_SERVER['HTTP_USER_AGENT']) ? $_SERVER['HTTP_USER_AGENT'] : NULL; $referer = isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : NULL; // ************** Setting anonymous and player usage information if (!SESSION::is_set('online')) { // *** Completely new session, update latest activity log. if ($remoteAddress) { // *** Delete prior to trying to re-insert into the people online. $sql->query("DELETE FROM ppl_online WHERE ip_address='" . $_SERVER['REMOTE_ADDR'] . "'\n\t\t\t\t or session_id = '" . session_id() . "'"); } // Update viewer data. $sql->query("INSERT INTO ppl_online (session_id, activity, ip_address, refurl, user_agent) " . "VALUES ('" . session_id() . "', now(), '{$remoteAddress}', '{$referer}', '{$userAgent}')"); SESSION::set('online', true); } else { // An already existing session. if (is_logged_in()) { // A logged in player, update their activity time $sql->query("UPDATE ppl_online SET activity=now(), member='y' WHERE session_id='" . session_id() . "'"); } else { // Un-logged-in observer, as login has not yet occurred. $sql->query("UPDATE ppl_online SET activity=now() WHERE session_id='" . session_id() . "'"); } } }
function getHealth($who) { global $sql; $health = $sql->QueryItem("SELECT health FROM players WHERE uname = '{$who}'"); if ($who == SESSION::get('username')) { SESSION::set('health', $health); } return $health; }
/** * Actual login! Performs the login of a user using pre-vetted info! * Creates the cookie and session stuff for the login process. **/ function _login_user($p_username, $p_player_id, $p_account_id) { if (!$p_username || !$p_player_id || !$p_account_id) { throw new Exception('Request made to _login_user without all of username, player_id, and account_id being set.'); } SESSION::commence(); // Start a session on a successful login. $_COOKIE['username'] = $p_username; // May want to keep this for relogin easing purposes. SESSION::set('username', $p_username); // Actually char name SESSION::set('player_id', $p_player_id); // Actually char id. SESSION::set('account_id', $p_account_id); update_activity_log($p_player_id); update_last_logged_in($p_player_id); $up = "UPDATE players SET active = 1 WHERE player_id = :char_id"; query($up, array(':char_id' => array($p_player_id, PDO::PARAM_INT))); }
$quickstat = "player"; include SERVER_ROOT . "interface/header.php"; $recent_attack = null; $start_of_attack = microtime(true); $attack_spacing = 0.2; // fraction of a second if (SESSION::is_set('recent_attack')) { $recent_attack = SESSION::get('recent_attack'); } if ($recent_attack && $recent_attack > $start_of_attack - $attack_spacing) { echo "<p>Even the best of ninjas cannot attack that quickly.</p>"; echo "<a href='attack_player.php'>Return to combat</a>"; SESSION::set('recent_attack', $start_of_attack); die; } else { SESSION::set('recent_attack', $start_of_attack); } ?> <span class="brownHeading">Battle Status</span> <hr> <?php // TODO: Turn this page/system into an object to be run. // *** ********* GET VARS FROM POST - OR GET ************* *** $attacked = in('attacked'); // boolean for attacking again $target = $attackee = either(in('target'), in('attackee')); $username = get_username(); // Pulls from an internal source.
function put_player_info_in_session($player_stats) { assert(count($player_stats) > 0); foreach ($player_stats as $name => $val) { if (is_string($name)) { SESSION::set($name, $val); } else { if (DEBUG) { var_dump($player_stats); throw new Exception('player stat not a string'); } } } }
protected function restoreContext(&$cookie, &$session) { if ($session) { $_COOKIE = array(); foreach ($session as $k => &$v) { s::set($k, $v); } s::regenerateId(false, false); } $_COOKIE =& $cookie; }
$player = get_player_info(); $confirm_delete = false; $profile_changed = false; $profile_max_length = 500; // Should match the limit in limitStatChars.js $delete_attempts = SESSION::is_set('delete_attempts') ? SESSION::get('delete_attempts') : null; if ($deleteAccount) { $verify = false; $verify = is_authentic($username, $passW); if ($verify == true && !$delete_attempts) { // *** Username&password matched, on the first attempt. pauseAccount($username); // This may redirect and stuff? } else { if ($deleteAccount == 2) { SESSION::set('delete_attempts', 1); $error = 'Deleting of account failed, please email ' . SUPPORT_EMAIL; } else { $confirm_delete = true; } } } else { if ($changeprofile == 1) { // Limit the profile length. if ($newprofile != "") { $sql->Update("UPDATE players SET messages = '" . sql($newprofile) . "' WHERE uname = '" . sql($username) . "'"); $affected_rows = $sql->a_rows; $profile_changed = true; } else { $error = "Can not enter a blank profile."; }
} } } else { if ($victim == "thief") { // Check the counter to see whether they've attacked a thief multiple times in a row. if (SESSION::is_set('counter')) { $counter = SESSION::get('counter'); } else { $counter = 1; } $counter = $counter + 1; SESSION::set('counter', $counter); // Save the current state of the counter. if ($counter > 20 && rand(1, 3) == 3) { // Only after many attacks do you have the chance to be attacked back by the group of theives. SESSION::set('counter', 0); // Reset the counter to zero. echo "<img src='images/scenes/KunitsunaTrainingWithTengu.jpg' alt='' style='width:1000px'>"; echo "<p>A group of tengu thieves is waiting for you. They seem to be angered by your attacks on their brethren.</p>"; $group_attack = rand(50, 150); if (!subtractHealth($username, $group_attack)) { // If the den of theives killed the attacker. echo "<p>The group of theives does {$group_attack} damage to you!</p>"; echo "<p>The group of thieves have avenged their brotherhood and beaten you to a bloody pulp.</p>"; echo "<p>Go to the <a href=\"shrine.php\">shrine</a> to resurrect.</p>"; } else { // The den of thieves didn't accomplish their goal $group_gold = rand(100, 300); if ($group_attack > 120) { // Powerful attack gives an additional disadvantage echo "<p>You overpowered the swine, but the blow to the head they gave you before they ran made you lose some of your memories!</p>";
include "codeheader.php"; include $incdir . "db_verbinden.php"; include $incdir . "session.php"; $user = ''; $userlevel = 99; // keine Berechtigung $userfolder = ""; if (NULL === SESSION::get('user')) { if (isset($post_vars['user'])) { if (login($post_vars['user'], $post_vars['pass'], $userlevel, $userfolder, $plain)) { // Erfolgreich eingeloggt SESSION::set('user', $post_vars['user']); SESSION::set('userlevel', $userlevel); SESSION::set('userfolder', $userfolder); SESSION::set('plain', $plain); $gherdazu = 'adabei'; // 1x Umleitung, damit beim browser-back nicht die Meldung "bla erneut senden bla" kommt header("Location: {$php_selbst}"); } else { // gescheiterter Einloggversuch SESSION::un_set('user'); SESSION::un_set('userlevel'); SESSION::un_set('userpageid'); $gherdazu = 'tatigern'; } } else { // Noch nicht eingeloggt (erster Aufruf der Seite) $gherdazu = 'sonet'; } } else {
/** * Is Test * Whilst running unit tests, this will be true. * @return BOOL */ public static function isTest() { if (isset($_GET['isTest']) && Auth::isAuthenticated() && Auth::currentUser()->can("runTestingTools")) { SESSION::set("isTest", $_GET['isTest']); } return !static::isDev() && (SESSION::get("isTest") || TOUCHBASE_ENV == 'test' || in_array(@$_SERVER['HTTP_HOST'], static::config()->get("servers")->get("testing", []))); }
$hide_setting = !$searched && SESSION::is_set('hide_dead') ? SESSION::get('hide_dead') : 'dead'; // Defaults to hiding dead via session. $hide = $searched ? 'none' : in('hide', $hide_setting); // search override > get setting > session setting $alive_only = $hide == 'dead'; $page = in('page', 1); // Page will get changed down below. $alive_count = 0; $record_limit = 20; // *** The number of players that gets shown per page. $view_type = in('view_type'); $rank = get_rank($char_id); $dead_count = query_item("SELECT count(player_id) FROM rankings WHERE alive = false"); $page = in('page'); if (!$searched && $hide_setting != $hide) { SESSION::set('hide_dead', $hide); } // Save the toggled state for later. // Display the clear search and create the where clause for searching. // If a search was made, specify letter or word-based search. // If unless showing dead, check that health is > 0, or alive = true from the ranking. // Otherwise, no searching was done, so the score $where_clauses = array(); // Array to add where clauses to. // Select some players from the ranking. $queryParams = array(); if ($searched) { $view_type = 'searched'; if (strlen($searched) == 1) { $where_clauses[] = " (rankings.uname ilike :param" . count($queryParams) . " || '%') "; $queryParams[] = $searched;
public function login($login, $password) { $login = trim($login); $password = trim($password); if ($login != '' && $password != '') { if ($this->CheckLogin($login) && $this->CheckPassword($password)) { $DB = \DB::init(); if ($DB->connected()) { $sth = $DB->dbh->prepare("SELECT * FROM `n-users` WHERE LOWER(`usr-login`) = LOWER(?) LIMIT 1;"); \CORE::msg('debug', 'User login check'); $sth->bindParam(1, $login, \PDO::PARAM_STR); $sth->execute(); $DB->query_count(); if ($sth->rowCount() == 1) { $r = $sth->fetch(); $salt = $r['usr-salt']; $hashpass = md5(md5($password) . $salt); $sth = $DB->dbh->prepare("SELECT * FROM `n-users` WHERE LOWER(`usr-login`)=LOWER(:login) AND `usr-pwd`=:hashpass LIMIT 1;"); $sth->execute(array(':login' => $login, ':hashpass' => $hashpass)); $DB->query_count(); \CORE::msg('debug', 'User login and password check'); if ($sth->rowCount() == 1) { if ($r['usr-status'] > 0) { $r = $sth->fetch(); // here will be additional checking via profile data, if needed \SESSION::start(); // here may be some additional records, like when login, which ip, etc $uid = (int) $r['usr-uid']; $gid = (int) $r['usr-gid']; \SESSION::set('uid', $uid); \SESSION::set('gid', $gid); \SESSION::set('user', $login); if (isset($r['usr-pid'])) { $pid = (int) $r['usr-pid']; \SESSION::set('pid', $pid); } // setcookie(PREFX.'st',1,time()+3600); // 1 hour if (isset($_POST['cookie'])) { //// $time=86400; // 24 hours //// setcookie(PREFIX."ul", base64_encode($login), time()+$time, "/"); } $sth = $DB->dbh->prepare("UPDATE `n-users` SET `usr-lastlogin`=CURRENT_TIMESTAMP() WHERE `usr-uid`=?;"); $sth->execute(array($uid)); $DB->query_count(); \CORE::msg('debug', 'User is logged in'); header('Location: ./'); exit; } else { \CORE::msg('error', 'Account is currently locked'); } } else { \CORE::msg('error', 'Incorrect username or password'); } } else { \CORE::msg('error', 'Incorrect username or password'); } } else { \CORE::msg('debug', 'DB is not connected'); } // ?? move to db class } else { \CORE::msg('error', 'Username or password is not valid'); } } else { \CORE::msg('error', 'Empty username or password'); } }
/** * Update the information of a viewing observer, or player. **/ function update_activity_info() { // ******************** Usage Information of the browser ********************* Request::setTrustedProxies(Constants::$trusted_proxies); $request = Request::createFromGlobals(); $remoteAddress = $request->getClientIp(); $userAgent = isset($_SERVER['HTTP_USER_AGENT']) ? substr($_SERVER['HTTP_USER_AGENT'], 0, 250) : NULL; // Truncated at 250 char. $referer = isset($_SERVER['HTTP_REFERER']) ? substr($_SERVER['HTTP_REFERER'], 0, 250) : ''; // Truncated at 250 char. // ************** Setting anonymous and player usage information $dbconn = DatabaseConnection::getInstance(); if (!SESSION::is_set('online')) { // *** Completely new session, update latest activity log. *** if ($remoteAddress) { // *** Delete prior to trying to re-insert into the people online. *** $statement = DatabaseConnection::$pdo->prepare('DELETE FROM ppl_online WHERE ip_address = :ip OR session_id = :sessionID'); $statement->bindValue(':ip', $remoteAddress); $statement->bindValue(':sessionID', session_id()); $statement->execute(); } // *** Update viewer data. *** $statement = DatabaseConnection::$pdo->prepare('INSERT INTO ppl_online (session_id, activity, ip_address, refurl, user_agent) VALUES (:sessionID, now(), :ip, :referer, :userAgent)'); $statement->bindValue(':sessionID', session_id()); $statement->bindValue(':ip', $remoteAddress); $statement->bindValue(':referer', $referer); $statement->bindValue(':userAgent', $userAgent); $statement->execute(); SESSION::set('online', true); } else { // *** An already existing session. *** $statement = DatabaseConnection::$pdo->prepare('UPDATE ppl_online SET activity = now(), member = :member WHERE session_id = :sessionID'); $statement->bindValue(':sessionID', session_id()); $statement->bindValue(':member', is_logged_in(), PDO::PARAM_BOOL); $statement->execute(); } }