function sendMessage($from, $to, $msg, $filter = false)
{
// Filter argument is deprecated now.
$from_id = (int) get_char_id($from);
$to_id = get_char_id($to);
send_event($from_id, $to_id, $msg);
}
/**
* Check whether the player has the skill.
**/
public function hasSkill($skill, $username = null)
{
if (!$username) {
$charId = self_char_id();
} else {
$charId = get_char_id($username);
}
$player = new Player($charId);
$skills = $this->skills($player);
$skill = strtolower($skill);
$levelReq = isset($skills[$skill]['level']) ? $skills[$skill]['level'] : 1;
return isset($skills[$skill]['available']) && $player->level >= $levelReq;
}
/**
* Check whether the player has the skill.
**/
public function hasSkill($skill, $username = null)
{
$skill = strtolower($skill);
if (!$username) {
$char_id = self_char_id();
} else {
$char_id = get_char_id($username);
}
$player_info = char_info($char_id);
$player_level = $player_info['level'];
$skills = $this->skills($char_id);
$level_req = isset($skills[$skill]['level']) ? $skills[$skill]['level'] : 1;
return isset($skills[$skill]['available']) && $player_level >= $level_req;
}
/**
* Command for the current user to offer their money as bounty on another player
*
* @param target String The username of the player to offer a bounty on
* @param amount int The amount of gold to spend on offering the bounty
* @return Array
*
* @TODO simplify the conditional branching
*/
public function offerBounty()
{
$target = in('target');
$target_id = get_char_id($target);
// Will be the enemy to put the bounty on.
$amount = intval(in('amount'));
$amount_in = $amount;
$error = 0;
$quickstat = false;
$success = false;
if (!$target_id) {
$error = 1;
} else {
// Target existed.
$target_bounty = getBounty($target_id);
if ($target_bounty < 5000) {
if ($amount > 0) {
if ($target_bounty + $amount > 5000) {
$amount = 5000 - $target_bounty;
}
if (get_gold($this->sessionData['char_id']) >= $amount) {
addBounty($target_id, $amount);
// Add the bounty to the person being bountied upon. How the hell did this break?
subtract_gold($this->sessionData['char_id'], $amount);
send_event($this->sessionData['char_id'], get_char_id($target), $this->sessionData['username'] . " has offered {$amount} gold in reward for your head!");
$success = true;
$quickstat = 'player';
} else {
$error = 2;
}
} else {
$error = 3;
}
} else {
$error = 4;
}
}
return $this->render(['error' => $error, 'success' => $success, 'quickstat' => $quickstat, 'amount_in' => $amount_in, 'amount' => $amount, 'command' => 'offer', 'location' => 0, 'target' => $target]);
}
/**
* Display the main admin area
*
* Includes player viewing, account duplicates checking, npc balacing
*
* @return ViewSpec|RedirectResponse
*/
public function index()
{
$result = $this->requireAdmin($this->self);
if ($result instanceof RedirectResponse) {
return $result;
}
$viewChar = null;
// View a target non-self character
$charName = in('char_name');
if (is_string($charName) && trim($charName)) {
$viewChar = get_char_id($charName);
}
// If a request is made to view a character's info, show it.
$viewChar = first_value($viewChar, in('view'));
$dupes = AdminViews::duped_ips();
$stats = AdminViews::high_rollers();
$npcs = NpcFactory::allNonTrivialNpcs();
$trivialNpcs = NpcFactory::allTrivialNpcs();
$charInfos = null;
$charInventory = null;
$firstMessage = null;
$firstChar = null;
$firstAccount = null;
$firstDescription = null;
if ($viewChar) {
$ids = explode(',', $viewChar);
$firstChar = new Player(reset($ids));
$firstAccount = AccountFactory::findByChar($firstChar);
$charInfos = AdminViews::split_char_infos($viewChar);
$charInventory = AdminViews::char_inventory($viewChar);
$firstMessage = $firstChar->message();
$firstDescription = $firstChar->description();
}
$parts = ['stats' => $stats, 'first_char' => $firstChar, 'first_description' => $firstDescription, 'first_message' => $firstMessage, 'first_account' => $firstAccount, 'char_infos' => $charInfos, 'dupes' => $dupes, 'char_inventory' => $charInventory, 'char_name' => $charName, 'npcs' => $npcs, 'trivial_npcs' => $trivialNpcs];
return ['title' => 'Admin Actions', 'template' => 'ninjamaster.tpl', 'parts' => $parts, 'options' => null];
}
/**
* DEPRECATED: Old named wrapper for get_char_id
*
* @return int
*/
function get_user_id($p_name = false)
{
if (defined('DEBUG') && DEBUG && $p_name === false) {
nw_error('Improper call to get_user_id() with no argument. For clarity reasons, this is now deprecated, use self_char_id() instead.');
}
return get_char_id($p_name);
}
/**
* Add an item using the old display name
*/
private function addItem($who, $item, $quantity = 1)
{
$item_identity = $this->itemIdentityFromDisplayName($item);
if ((int) $quantity > 0 && !empty($item) && $item_identity) {
add_item(get_char_id($who), $item_identity, $quantity);
} else {
throw new \Exception('Improper deprecated item addition request made.');
}
}
function create_ninja($send_name, $params = array())
{
DatabaseConnection::getInstance();
$send_email = $params['send_email'];
$send_pass = $params['send_pass'];
$class_identity = $params['send_class'];
$preconfirm = (int) $params['preconfirm'];
$confirm = (int) $params['confirm'];
$referred_by = $params['referred_by'];
$ip = isset($params['ip']) ? $params['ip'] : null;
// Create the initial player row.
$playerCreationQuery = "INSERT INTO players\n\t\t (uname, health, strength, speed, stamina, gold, messages, kills, turns, verification_number, active,\n\t\t _class_id, level, status, member, days, ip, bounty, created_date)\n\t\t VALUES\n\t\t (:username, '150', '5', '5', '5', '100', '', '0', '180', :verification_number, :active,\n\t\t (SELECT class_id FROM class WHERE identity = :class_identity), '1', '1', '0', '0', :ip, '0', now())";
// *** Inserts the choices and defaults into the player table. Status defaults to stealthed. ***
$statement = DatabaseConnection::$pdo->prepare($playerCreationQuery);
$statement->bindValue(':username', $send_name);
$statement->bindValue(':verification_number', $confirm);
$statement->bindValue(':active', $preconfirm);
$statement->bindValue(':class_identity', $class_identity);
$statement->bindValue(':ip', $ip);
$statement->execute();
return get_char_id($send_name);
}
<?php
require_once LIB_ROOT . 'control/lib_inventory.php';
$private = false;
$alive = false;
if ($error = init($private, $alive)) {
display_error($error);
} else {
require_once LIB_ROOT . "control/Skill.php";
require_once DB_ROOT . "SkillDAO.class.php";
require_once LIB_ROOT . "control/lib_clan.php";
require_once LIB_ROOT . "control/lib_player.php";
$target = $player = first_value(in('ninja'), in('player'), in('find'), in('target'));
$target_id = first_value(in('target_id'), in('player_id'), get_char_id($target));
// Find target_id if possible.
$target_player_obj = new Player($target_id);
$viewed_name_for_title = null;
if ($target_player_obj && $target_player_obj->name()) {
$viewed_name_for_title = $target_player_obj->name();
}
$combat_toggles = get_setting('combat_toggles');
// Pull the attack options toggled on and off.
$last_item_used = get_setting("last_item_used");
// Pull the last item id used, if any.
$char_info = self_info();
if (!$target_player_obj || !$target_player_obj->id() || !$target_player_obj->isActive()) {
$template = 'no-player.tpl';
$parts = array();
} else {
$player_info = $target_player_obj->as_array();
// Pull the info out of the object.
/**
* Now only a wrapper for the send_event function
*
* @param String $from
* @param String $to
* @param String $msg
* @return void
*/
function sendMessage($from, $to, $msg)
{
$from_id = (int) get_char_id($from);
$to_id = get_char_id($to);
send_event($from_id, $to_id, $msg);
}
public static function create_alternate_testing_account($confirm = false)
{
$ip = isset($_SERVER['REMOTE_ADDR']) && $_SERVER['REMOTE_ADDR'] ? $_SERVER['REMOTE_ADDR'] : '127.0.0.1';
if ((bool) get_char_id(TestAccountCreateAndDestroy::$alt_test_ninja_name)) {
throw new Exception('Test user found [' . $found . '] with name [' . TestAccountCreateAndDestroy::$alt_test_ninja_name . '] already exists');
}
// Create test user, unconfirmed, whatever the default is for activity.
$preconfirm = true;
$confirm = rand(1000, 9999);
//generate confirmation code
// Use the function from lib_player
$player_params = array('send_email' => TestAccountCreateAndDestroy::$alt_test_email, 'send_pass' => TestAccountCreateAndDestroy::$test_password, 'send_class' => 'dragon', 'preconfirm' => true, 'confirm' => $confirm, 'referred_by' => 'ninjawars.net', 'ip' => $ip);
ob_start();
// Skip extra output
$error = create_account_and_ninja(TestAccountCreateAndDestroy::$alt_test_ninja_name, $player_params);
ob_end_clean();
if ($confirm) {
$confirmed = confirm_player(TestAccountCreateAndDestroy::$alt_test_ninja_name, false, true);
// name, no confirm #, just autoconfirm.
}
$char_id = get_char_id(TestAccountCreateAndDestroy::$alt_test_ninja_name);
return $char_id;
}
// Redirect for any non-admins.
$char_id = self_char_id();
$self = null;
if (positive_int($char_id)) {
$self = new Player($char_id);
}
if ($self instanceof Player && $self->isAdmin()) {
// Admin possibilities start here.
$view_char = null;
$dupes = AdminViews::duped_ips();
$stats = AdminViews::high_rollers();
$npcs = NpcFactory::allNonTrivialNpcs();
$trivial_npcs = NpcFactory::allTrivialNpcs();
$char_name = in('char_name');
if (is_string($char_name) && trim($char_name)) {
$view_char = get_char_id($char_name);
}
// If a request is made to view a character's info, show it.
$view_char = $view_char ? $view_char : in('view');
$char_infos = $char_inventory = $message = null;
if ($view_char) {
$char_infos = AdminViews::split_char_infos($view_char);
$char_inventory = AdminViews::char_inventory($view_char);
$message = $char_infos[0]['messages'];
// Split the message out as a separate var for space reasons
unset($char_infos[0]['messages']);
}
display_page('ninjamaster.tpl', 'Admin Actions', ['stats' => $stats, 'char_infos' => $char_infos, 'dupes' => $dupes, 'char_inventory' => $char_inventory, 'char_name' => $char_name, 'npcs' => $npcs, 'trivial_npcs' => $trivial_npcs, 'message' => $message]);
} else {
// Redirect to the root site.
redirect('/');
function create_ninja($send_name, $params = array())
{
DatabaseConnection::getInstance();
$class_identity = $params['send_class'];
$preconfirm = (int) $params['preconfirm'];
$confirm = (int) $params['confirm'];
$initial_hp = Player::maxHealthByLevel(1);
$initial_strength = Player::baseStrengthByLevel(1);
$initial_speed = Player::baseSpeedByLevel(1);
$initial_stamina = Player::baseStaminaByLevel(1);
// Create the initial player row.
$playerCreationQuery = "INSERT INTO players\n\t\t (uname, health, strength, speed, stamina, gold, messages, kills, turns, verification_number, active,\n\t\t _class_id, level, status, member, days, bounty, created_date)\n\t\t VALUES\n\t\t (:username, :initial_hp, :initial_strength, :initial_speed, :initial_stamina, '100', '', '0', '180', :verification_number, :active,\n\t\t (SELECT class_id FROM class WHERE identity = :class_identity), '1', '1', '0', '0', '0', now())";
// *** Inserts the choices and defaults into the player table. Status defaults to stealthed. ***
$statement = DatabaseConnection::$pdo->prepare($playerCreationQuery);
$statement->bindValue(':username', $send_name);
$statement->bindValue(':verification_number', $confirm);
$statement->bindValue(':active', $preconfirm);
$statement->bindValue(':class_identity', $class_identity);
$statement->bindValue(':initial_hp', $initial_hp);
$statement->bindValue(':initial_strength', $initial_strength);
$statement->bindValue(':initial_speed', $initial_speed);
$statement->bindValue(':initial_stamina', $initial_stamina);
$statement->execute();
return get_char_id($send_name);
}
$attacking_player->death();
if (!$simultaneousKill) {
$loot = floor($gold_mod * $attacking_player->gold());
//Loot for defender if he lives.
}
$target_msg = "You have killed {$attacker} in combat and taken {$loot} gold.";
$attacker_msg = "DEATH: You've been killed by {$target} and lost {$loot} gold!";
sendMessage($attacker, $target, $target_msg);
sendMessage($target, $attacker, $attacker_msg);
}
}
// *** END MAIN ATTACK AND DUELING SECTION ***
}
if ($loot) {
add_gold(get_char_id($victor), $loot);
subtract_gold(get_char_id($loser), $loot);
}
/**
* HACK(ajv) Because the player obj is modified throughout the above code
* we can't really keep track of what happened to safely use the
* ActiveRecord pattern. Therefore, we pull another copy of the player
* from the data layer, modify it, and save it down here, then transfer
* the updated data to the existing object to keep everything in sync
*/
if ($rounds > 4) {
// Evenly matched battle! Reward some ki to the attacker, even if they die
$rewarded_ki = 1;
$hack_player = Player::find($attacking_player->id());
$hack_player->set_ki($hack_player->ki() + $rewarded_ki);
$hack_player->save();
$attacking_player->ki = $hack_player->ki;
function addItem($who, $item, $quantity = 1)
{
$item_identity = item_identity_from_display_name($item);
if ((int) $quantity > 0 && !empty($item) && $item_identity) {
add_item(get_char_id($who), $item_identity, $quantity);
} else {
throw new Exception('Improper deprecated item addition request made.');
}
}
sendMessage("SysMsg", $player->name(), $failure_msg);
$generic_skill_result_message = "Cold Steal has backfired! You are frozen until {$unfreeze_time}!";
}
} else {
$turn_cost = 0;
$generic_skill_result_message = '__TARGET__ is already iced.';
}
} else {
if ($command == 'Clone Kill') {
// Obliterates the turns and the health of similar accounts that get clone killed.
$reuse = false;
// Don't give a reuse link.
$clone1 = in('clone1');
$clone2 = in('clone2');
$clone_1_id = get_char_id($clone1);
$clone_2_id = get_char_id($clone2);
$clones = false;
if (!$clone_1_id || !$clone_2_id) {
$not_a_ninja = $clone1;
if (!$clone_2_id) {
$not_a_ninja = $clone2;
}
$generic_skill_result_message = "There is no such ninja as {$not_a_ninja}.";
} elseif ($clone_1_id == $clone_2_id) {
$generic_skill_result_message = '__TARGET__ is just the same ninja, so not the same thing as a clone at all.';
} elseif ($clone_1_id == $char_id || $clone_2_id == $char_id) {
$generic_skill_result_message = 'You cannot clone kill yourself.';
} else {
// The two potential clones will be obliterated immediately if the criteria are met in CloneKill.
$kill_or_fail = CloneKill::kill($player, new Player($clone_1_id), new Player($clone_2_id));
if ($kill_or_fail !== false) {
/**
* group accountconf
**/
function testPauseAccountAndLoginShouldFail()
{
$confirm_worked = confirm_player($this->test_ninja_name, false, true);
// name, no confirm #, just autoconfirm.
$this->assertTrue((bool) $confirm_worked);
$char_id = get_char_id($this->test_ninja_name);
$paused = @pauseAccount($char_id);
// Fully pause the account, make the operational bit = false
$this->assertTrue((bool) $paused);
$account_operational = query_item('select operational from accounts
join account_players on account_id = _account_id where _player_id = :char_id', array(':char_id' => $char_id));
$this->assertFalse($account_operational);
$res = @login_user($this->test_email, $this->test_password);
$this->assertFalse($res['success'], 'Login should not be successful when account is paused');
$this->assertTrue(is_string($res['login_error']));
$this->assertTrue((bool) $res['login_error']);
}
public function index()
{
$target = $player = first_value(in('ninja'), in('player'), in('find'), in('target'));
$target_id = first_value(in('target_id'), in('player_id'), get_char_id($target));
// Find target_id if possible.
$target_player_obj = Player::find($target_id);
$viewed_name_for_title = null;
if ($target_player_obj !== null) {
$viewed_name_for_title = $target_player_obj->name();
}
if ($target_player_obj === null) {
$template = 'no-player.tpl';
$parts = array();
} else {
$player_info = $target_player_obj->as_array();
// Pull the info out of the object.
if (!$player_info) {
$template = 'no-player.tpl';
$parts = array();
} else {
$viewing_player_obj = Player::find(self_char_id());
$self = self_char_id() && self_char_id() == $player_info['player_id'];
// Record whether this is a self-viewing.
if ($viewing_player_obj !== null) {
$char_info = $viewing_player_obj->dataWithClan();
$char_id = $viewing_player_obj->id();
$username = $viewing_player_obj->name();
} else {
$char_info = [];
}
$player = $target = $player_info['uname'];
// reset the target and target_id vars.
$target_id = $player_info['player_id'];
// Get the player's kills for this date.
$kills_today = query_item('select sum(killpoints) from levelling_log where _player_id = :player_id and killsdate = CURRENT_DATE and killpoints > 0', array(':player_id' => $target_id));
$viewers_clan = $viewing_player_obj !== null ? ClanFactory::clanOfMember($viewing_player_obj) : null;
// Attack Legal section
$params = array('required_turns' => 0, 'ignores_stealth' => true);
// 0 for unstealth.
$attack_error = 'You must become a ninja first.';
$attack_allowed = false;
if (null !== $viewing_player_obj) {
$AttackLegal = new AttackLegal($viewing_player_obj, $target_player_obj, $params);
$attack_allowed = $AttackLegal->check(false);
$attack_error = $AttackLegal->getError();
}
$sel_rank_spot = "SELECT rank_id FROM rankings WHERE player_id = :char_id limit 1";
$rank_spot = query_item($sel_rank_spot, array(':char_id' => $player_info['player_id']));
// Display the player info.
$status_list = get_status_list($player);
$gurl = $gravatar_url = $target_player_obj->avatarUrl();
if ($viewing_player_obj !== null && !$attack_error && !$self) {
// They're not dead or otherwise unattackable.
// Attack or Duel
$skillDAO = new SkillDAO();
$is_admin = false;
if ($viewing_player_obj) {
$is_admin = $viewing_player_obj->isAdmin();
}
if (!$is_admin) {
$combat_skills = $skillDAO->getSkillsByTypeAndClass($viewing_player_obj->_class_id, 'combat', $viewing_player_obj->level);
$targeted_skills = $skillDAO->getSkillsByTypeAndClass($viewing_player_obj->_class_id, 'targeted', $viewing_player_obj->level);
} else {
$combat_skills = $skillDAO->all('combat');
$targeted_skills = $skillDAO->all('targeted');
}
// Pull the items and some necessary data about them.
$items = inventory_counts($char_id);
$valid_items = rco($items);
// row count
}
// End of the there-was-no-attack-error section
$set_bounty_section = '';
$communication_section = '';
$player_clan_section = '';
$clan = ClanFactory::clanOfMember($player_info['player_id']);
$same_clan = false;
// Player clan and clan members
if ($clan) {
$viewer_clan = $viewing_player_obj ? ClanFactory::clanOfMember($viewing_player_obj) : null;
$clan_id = $clan->getID();
$clan_name = $clan->getName();
if ($viewer_clan) {
$same_clan = $clan->getID() == $viewer_clan->getID();
$display_clan_options = $viewing_player_obj && !$self && $same_clan && $viewing_player_obj->isClanLeader();
} else {
$same_clan = $display_clan_options = false;
}
}
// Send the info to the template.
$template = 'player.tpl';
$parts = get_certain_vars(get_defined_vars(), array('char_info', 'viewing_player_obj', 'target_player_obj', 'combat_skills', 'targeted_skills', 'player_info', 'self', 'rank_spot', 'kills_today', 'gravatar_url', 'status_list', 'clan', 'items'));
}
}
return ['template' => $template, 'title' => 'Ninja' . ($viewed_name_for_title ? ": {$viewed_name_for_title}" : ' Profile'), 'parts' => $parts, 'options' => ['quickstat' => 'player']];
}
$alive = true;
if ($error = init($private, $alive)) {
display_error($error);
die;
} else {
$link_back = in('link_back');
$selfTarget = in('selfTarget');
$item_in = in('item');
// Item identifier, either it's id or internal name
$give = in('give');
$target_id = in('target_id');
$in_target = in('target');
///TODO clean up this travesty
$target_id = $target_id ? (int) $target_id : self_char_id();
$target = first_value($target_id, $in_target);
$target_id = whichever($target_id, get_char_id($target));
$give = in_array($give, array('on', 'Give'));
$user_id = self_char_id();
$player = new Player($user_id);
$victim_alive = true;
$using_item = true;
$item_used = true;
$stealthLost = false;
$error = false;
$suicide = false;
$kill = false;
$repeat = false;
$ending_turns = null;
$turns_change = null;
$turns_to_take = null;
$gold_mod = NULL;
function getClass($who)
{
$char_id = get_char_id($who);
return char_class_identity($char_id);
// Note that classes now have identity/name(for display)/theme, so this function should be deprecated.
}
/**
* group accountconf
*/
function testPauseAccountAndLoginShouldFail()
{
$accountController = new AccountController();
$confirm_worked = confirm_player($this->test_ninja_name, false, true);
// name, no confirm #, just autoconfirm.
$this->assertTrue((bool) $confirm_worked);
$char_id = get_char_id($this->test_ninja_name);
$paused = $accountController->pauseAccount($char_id);
// Fully pause the account, make the operational bit = false
$this->assertTrue((bool) $paused);
$account_operational = query_item('SELECT operational FROM accounts JOIN account_players ON account_id = _account_id WHERE _player_id = :char_id', [':char_id' => $char_id]);
$this->assertFalse($account_operational);
$res = login_user($this->test_email, $this->test_password);
$this->assertFalse($res['success'], 'Login should not be successful when account is paused');
$this->assertTrue(is_string($res['login_error']));
$this->assertTrue((bool) $res['login_error']);
}
