function init()
{
$INPUT_VAR_LIST = array();
global $___MOD_SRV;
if (isset($_COOKIE)) {
$_COOKIE = gstrfilter($_COOKIE);
foreach ($_COOKIE as $key => $value) {
$key = (string) $key;
if ($key != '' && ('a' <= $key[0] && $key[0] <= 'z' || 'A' <= $key[0] && $key[0] <= 'Z' || $key[0] == '_') && check_alnumudline($key)) {
global ${$key};
${$key} = $value;
}
}
}
if (isset($_POST)) {
$_POST = gstrfilter($_POST);
foreach ($_POST as $key => $value) {
$key = (string) $key;
if ($key != '' && ('a' <= $key[0] && $key[0] <= 'z' || 'A' <= $key[0] && $key[0] <= 'Z' || $key[0] == '_') && check_alnumudline($key)) {
global ${$key};
${$key} = $value;
}
}
}
if (isset($_REQUEST)) {
$_REQUEST = gstrfilter($_REQUEST);
foreach ($_REQUEST as $key => $value) {
$key = (string) $key;
if ($key != '' && ('a' <= $key[0] && $key[0] <= 'z' || 'A' <= $key[0] && $key[0] <= 'Z' || $key[0] == '_') && check_alnumudline($key)) {
global ${$key};
${$key} = $value;
}
}
}
}
function check_authority()
{
require GAME_ROOT . './include/modules/core/sys/config/server.config.php';
$_COOKIE = gstrfilter($_COOKIE);
$cuser = $_COOKIE[$gtablepre . 'user'];
$cpass = $_COOKIE[$gtablepre . 'pass'];
require GAME_ROOT . './include/db_' . $database . '.class.php';
$db = new dbstuff();
$db->connect($dbhost, $dbuser, $dbpw, $dbname, $pconnect);
unset($dbhost, $dbuser, $dbpw, $dbname, $pconnect);
$result = $db->query("SELECT * FROM {$gtablepre}users WHERE username='******'");
if (!$db->num_rows($result)) {
echo "<span><font color=\"red\">Cookie无效,请登录。</font></span><br>";
die;
}
$udata = $db->fetch_array($result);
if ($udata['password'] != $cpass) {
echo "<span><font color=\"red\">Cookie无效,请登录。</font></span><br>";
die;
} elseif ($udata['groupid'] < 9 && $cuser !== $gamefounder) {
echo "<span><font color=\"red\">要求至少9权限。</font></span><br>";
die;
}
unset($db);
unset($cuser);
unset($cpass);
unset($udata);
unset($result);
}
function gstrfilter($str)
{
if (is_array($str)) {
foreach ($str as $key => $val) {
$str[$key] = gstrfilter($val);
}
} else {
if ($GLOBALS['magic_quotes_gpc']) {
$str = stripslashes($str);
}
$str = str_replace("'", "", $str);
//屏蔽单引号'
$str = str_replace("\\", "", $str);
//屏蔽反斜杠/
$str = htmlspecialchars($str, ENT_COMPAT);
//转义html特殊字符,即"<>&
}
return $str;
}
<?php
define('CURSCRIPT', 'user_profile');
require './include/common.inc.php';
if ($server_addr != $cache_server_addr && $is_cache_server) {
header("Location: {$server_addr}user_profile.php");
exit;
}
require './include/user.func.php';
$_REQUEST = gstrfilter($_REQUEST);
if ($_REQUEST["playerID"] == "") {
if (!$cuser || !$cpass) {
gexit($_ERROR['no_login'], __FILE__, __LINE__);
}
$result = $db->query("SELECT * FROM {$gtablepre}users WHERE username='******'");
if (!$db->num_rows($result)) {
gexit($_ERROR['login_check'], __FILE__, __LINE__);
}
$udata = $db->fetch_array($result);
if ($udata['password'] != $cpass) {
gexit($_ERROR['wrong_pw'], __FILE__, __LINE__);
}
if ($udata['groupid'] <= 0) {
gexit($_ERROR['user_ban'], __FILE__, __LINE__);
}
extract($udata);
$curuser = true;
} else {
$uname = urldecode($_REQUEST["playerID"]);
$result = $db->query("SELECT * FROM {$gtablepre}users WHERE username='******'");
if (!$db->num_rows($result)) {
define('IN_GAME', TRUE);
define('GAME_ROOT', substr(dirname(__FILE__), 0, -7));
define('GAMENAME', 'bra');
if (PHP_VERSION < '4.3.0') {
exit('PHP version must >= 4.3.0!');
}
require GAME_ROOT . './include/global.func.php';
error_reporting(E_ALL);
set_error_handler('gameerrorhandler');
$magic_quotes_gpc = get_magic_quotes_gpc();
extract(gstrfilter($_COOKIE));
extract(gstrfilter($_POST));
extract(gstrfilter($_GET));
//$_GET = gstrfilter($_GET);
$_REQUEST = gstrfilter($_REQUEST);
$_FILES = gstrfilter($_FILES);
require GAME_ROOT . './config.inc.php';
//$errorinfo ? error_reporting(E_ALL) : error_reporting(0);
date_default_timezone_set('Etc/GMT');
//$now = time() + $moveutmin*60;
$now = time() + $moveut * 3600 + $moveutmin * 60;
list($sec, $min, $hour, $day, $month, $year, $wday) = explode(',', date("s,i,H,j,n,Y,w", $now));
//if($attackevasive) {
// include_once GAME_ROOT.'./include/security.inc.php';
//}
require GAME_ROOT . './include/db_' . $database . '.class.php';
$db = new dbstuff();
$db->connect($dbhost, $dbuser, $dbpw, $dbname, $pconnect);
//$db->select_db($dbname);
unset($dbhost, $dbuser, $dbpw, $dbname, $pconnect);
require GAME_ROOT . './gamedata/system.php';
function init()
{
global $gtablepre, $tablepre, $wtablepre, $room_prefix, $moveut, $moveutmin;
global ${$gtablepre . 'user'}, ${$gtablepre . 'pass'}, $___MOD_SRV;
if (isset($_COOKIE)) {
$_COOKIE = gstrfilter($_COOKIE);
foreach ($_COOKIE as $key => $value) {
if ($key == $gtablepre . 'user' || $key == $gtablepre . 'pass') {
${$key} = $value;
}
}
}
ob_clean();
ob_start();
global $db;
if (!isset($db)) {
global $dbhost, $dbuser, $dbpw, $dbname, $pconnect, $database;
require GAME_ROOT . './include/db_' . $database . '.class.php';
$db = new \dbstuff();
$db->connect($dbhost, $dbuser, $dbpw, $dbname, $pconnect);
//$db->select_db($dbname);
unset($dbhost, $dbuser, $dbpw, $dbname, $pconnect);
}
global $___LOCAL_INPUT__VARS__INPUT_VAR_LIST;
if (isset($___LOCAL_INPUT__VARS__INPUT_VAR_LIST[$gtablepre . 'user'])) {
${$gtablepre . 'user'} = $___LOCAL_INPUT__VARS__INPUT_VAR_LIST[$gtablepre . 'user'];
}
if (isset($___LOCAL_INPUT__VARS__INPUT_VAR_LIST[$gtablepre . 'pass'])) {
${$gtablepre . 'pass'} = $___LOCAL_INPUT__VARS__INPUT_VAR_LIST[$gtablepre . 'pass'];
}
if (isset($___LOCAL_INPUT__VARS__INPUT_VAR_LIST['___GAME_ROOMID'])) {
$room_prefix = (string) $___LOCAL_INPUT__VARS__INPUT_VAR_LIST['___GAME_ROOMID'];
} else {
if (isset(${$gtablepre . 'user'})) {
$result = $db->query("SELECT roomid FROM {$gtablepre}users where username='******'user'} . "'");
if ($db->num_rows($result)) {
$zz = $db->fetch_array($result);
$room_prefix = $zz['roomid'];
} else {
$room_prefix = '';
}
} else {
$room_prefix = '';
}
}
$room_status = 0;
if ($room_prefix != '' && $room_prefix != 'n' && $room_prefix[0] != 's') {
$room_prefix = '';
} else {
if ($room_prefix != '' && $room_prefix[0] == 's') {
$result = $db->query("SELECT status FROM {$gtablepre}rooms where roomid='" . substr($room_prefix, 1) . "'");
if ($db->num_rows($result)) {
$zz = $db->fetch_array($result);
$room_status = $zz['status'];
if ($zz['status'] == 0) {
$room_prefix = '';
}
} else {
$room_prefix = '';
}
}
}
$tablepre = $gtablepre . $room_prefix;
if ($room_prefix == '') {
$wtablepre = $gtablepre;
} else {
$wtablepre = $gtablepre . $room_prefix[0];
}
//自动初始化表
if ($room_prefix != '') {
$result = $db->query("show tables like '{$wtablepre}winners';");
if (!$db->num_rows($result)) {
//某个非主房间是第一次使用,则创建表并初始化
$db->query("create table if not exists {$wtablepre}winners like {$gtablepre}winners;");
}
$result = $db->query("show tables like '{$tablepre}game';");
if (!$db->num_rows($result)) {
//某个非主房间是第一次使用,则创建表并初始化
$db->query("create table if not exists {$tablepre}game like {$gtablepre}game;");
$result = $db->query("SELECT count(*) as cnt FROM {$tablepre}game");
if (!$db->num_rows($result)) {
$cnt = 0;
} else {
$zz = $db->fetch_array($result);
$cnt = $zz['cnt'];
}
if ($cnt == 0) {
$db->query("insert into {$tablepre}game (gamenum) values (0);");
}
$result = $db->query("SELECT count(*) as cnt FROM {$wtablepre}winners");
if (!$db->num_rows($result)) {
$cnt = 0;
} else {
$zz = $db->fetch_array($result);
$cnt = $zz['cnt'];
}
if ($cnt == 0) {
$db->query("insert into {$wtablepre}winners (gid) values (0);");
}
$sql = file_get_contents(GAME_ROOT . './gamedata/sql/reset.sql');
$sql = str_replace("\r", "\n", str_replace(' bra_', ' ' . $tablepre, $sql));
$db->queries($sql);
$sql = file_get_contents(GAME_ROOT . './gamedata/sql/players.sql');
$sql = str_replace("\r", "\n", str_replace(' bra_', ' ' . $tablepre, $sql));
$db->queries($sql);
}
}
//$errorinfo ? error_reporting(E_ALL) : error_reporting(0);
date_default_timezone_set('Etc/GMT');
//$now = time() + $moveutmin*60;
global $now;
$now = time() + $moveut * 3600 + $moveutmin * 60;
global $sec, $min, $hour, $day, $month, $year, $wday;
list($sec, $min, $hour, $day, $month, $year, $wday) = explode(',', date("s,i,H,j,n,Y,w", $now));
//if($attackevasive) {
// include_once GAME_ROOT.'./include/security.inc.php';
//}
//COMBAT INFO INIT
//已经一起做进数据库里了
//global $hdamage,$hplayer,$noisetime,$noisepls,$noiseid,$noiseid2,$noisemode;
//include GAME_ROOT.'./gamedata/combatinfo.php';
//GAME INFO INIT
global $now, $db, $tablepre;
$result = $db->query("SELECT * FROM {$tablepre}game");
global $gameinfo;
$gameinfo = $db->fetch_array($result);
foreach ($gameinfo as $key => $value) {
global ${$key};
${$key} = $value;
}
if ($room_status == 2 && $gamestate == 0 && $room_prefix != '' && $room_prefix[0] == 's') {
$db->query("UPDATE {$gtablepre}rooms SET status=1 WHERE roomid='" . substr($room_prefix, 1) . "'");
}
$arealist = explode(',', $arealist);
global $cuser, $cpass;
$cuser = ${$gtablepre . 'user'};
$cpass = ${$gtablepre . 'pass'};
//这里实在没办法,一堆文件都直接引用mode和command这两个来自input的变量,但又不能让所有文件都依赖input…… 只能恶心一下了……
global $mode, $command, $___MOD_SRV;
if ($___MOD_SRV) {
global $___LOCAL_INPUT__VARS__mode, $___LOCAL_INPUT__VARS__command;
global $___LOCAL_INPUT__VARS__INPUT_VAR_LIST;
if (isset($___LOCAL_INPUT__VARS__INPUT_VAR_LIST['mode'])) {
$mode = $___LOCAL_INPUT__VARS__INPUT_VAR_LIST['mode'];
} else {
$mode = $___LOCAL_INPUT__VARS__mode;
}
if (isset($___LOCAL_INPUT__VARS__INPUT_VAR_LIST['command'])) {
$command = $___LOCAL_INPUT__VARS__INPUT_VAR_LIST['command'];
} else {
$command = $___LOCAL_INPUT__VARS__command;
}
} else {
global $___LOCAL_INPUT__VARS__mode, $___LOCAL_INPUT__VARS__command;
$mode = $___LOCAL_INPUT__VARS__mode;
$command = $___LOCAL_INPUT__VARS__command;
}
}
$db->connect($dbhost, $dbuser, $dbpw, $dbname, $pconnect);
unset($dbhost, $dbuser, $dbpw, $dbname, $pconnect);
$result = $db->query("SELECT * FROM {$gtablepre}users WHERE username='******'");
if (!$db->num_rows($result)) {
gexit('Cookie无效。请重新登录。');
}
$udata = $db->fetch_array($result);
if ($udata['password'] != $cpass) {
gexit('Cookie无效。请重新登录。');
}
if ($udata['roomid'] == '' || $udata['roomid'][0] != 's') {
gexit('你不在一个房间内。');
}
$roomid = substr($udata['roomid'], 1);
ignore_user_abort(1);
$_POST = gstrfilter($_POST);
if (!file_exists(GAME_ROOT . './gamedata/tmp/rooms/' . $roomid . '.txt')) {
gexit('房间不存在。');
}
$result = $db->query("SELECT * FROM {$gtablepre}rooms WHERE roomid='{$roomid}'");
if (!$db->num_rows($result)) {
gexit('房间不存在。');
}
$zz = $db->fetch_array($result);
if ($zz['status'] == 0) {
gexit('房间不存在。');
}
if ($zz['status'] == 2) {
ob_clean();
$gamedata['url'] = 'game.php';
echo base64_encode(gzencode(compatible_json_encode($gamedata)));
function __SOCKET_SEND_TO_SERVER__()
{
global $___MOD_CONN_W_DB;
global $___TEMP_tablepre, $___TEMP_db;
//准备用户输入数据
$___TEMP_data = array();
$_COOKIE = gstrfilter($_COOKIE);
foreach ($_COOKIE as $key => $value) {
$___TEMP_data[$key] = $value;
}
$_POST = gstrfilter($_POST);
foreach ($_POST as $key => $value) {
$___TEMP_data[$key] = $value;
}
global $cli_pagestartime;
$___TEMP_data['___PAGE_STARTTIME_VALUE'] = $cli_pagestartime;
if (isset($___TEMP_data['game_roomid'])) {
$game_roomid = $___TEMP_data['game_roomid'];
} else {
$game_roomid = '';
}
$___TEMP_data['___GAME_ROOMID'] = $game_roomid;
//防止注入,去掉不合法变量名,去掉可能的global名称
$___TEMP_data_keys = array_keys($___TEMP_data);
foreach ($___TEMP_data_keys as $keyc) {
if (!($keyc != '' && ('a' <= $keyc[0] && $keyc[0] <= 'z' || 'A' <= $keyc[0] && $keyc[0] <= 'Z' || $keyc[0] == '_') && check_alnumudline($keyc))) {
unset($___TEMP_data[$keyc]);
}
}
if (isset($___TEMP_data['_COOKIE'])) {
unset($___TEMP_data['_COOKIE']);
}
if (isset($___TEMP_data['_POST'])) {
unset($___TEMP_data['_POST']);
}
if (isset($___TEMP_data['_REQUEST'])) {
unset($___TEMP_data['_REQUEST']);
}
if (isset($___TEMP_data['_GLOBALS'])) {
unset($___TEMP_data['_GLOBALS']);
}
if (isset($___TEMP_data['GLOBALS'])) {
unset($___TEMP_data['GLOBALS']);
}
//存储用户输入数据
$___TEMP_uid = uniqid('', true);
//获取唯一ID
ob_clean();
var_export($___TEMP_data);
$___TEMP_data = ob_get_contents();
ob_clean();
if ($___MOD_CONN_W_DB) {
$___TEMP_db->query("INSERT INTO {$___TEMP_tablepre}temp (sid,value) VALUES ('{$___TEMP_uid}','" . base64_encode($___TEMP_data) . "')");
} else {
global $___MOD_TMP_FILE_DIRECTORY;
if (!file_exists($___MOD_TMP_FILE_DIRECTORY . $game_roomid . '_')) {
create_dir($___MOD_TMP_FILE_DIRECTORY . $game_roomid . '_');
} else {
if (!is_dir($___MOD_TMP_FILE_DIRECTORY . $game_roomid . '_')) {
unlink($___MOD_TMP_FILE_DIRECTORY . $game_roomid . '_');
create_dir($___MOD_TMP_FILE_DIRECTORY . $game_roomid . '_');
}
}
writeover($___MOD_TMP_FILE_DIRECTORY . $game_roomid . '_/' . $___TEMP_uid, $___TEMP_data);
}
//连接server
global $___TEMP_CONN_PORT;
$___TEMP_socket = socket_create(AF_INET, SOCK_STREAM, SOL_TCP);
if ($___TEMP_socket === false) {
__SOCKET_ERRORLOG__("socket_create失败。");
}
$___TEMP_connected = socket_connect($___TEMP_socket, '127.0.0.1', $___TEMP_CONN_PORT);
if (!$___TEMP_connected) {
__SOCKET_ERRORLOG__("socket_connect失败。");
}
/*
//允许3秒等待
if (!__SOCKET_CHECK_WITH_TIMEOUT__($___TEMP_socket, 'w', 3, 0)) __SOCKET_ERRORLOG__("socket_write等待时间过长。");
*/
//发送消息给server
global $___MOD_CONN_PASSWD;
if (!socket_write($___TEMP_socket, $___MOD_CONN_PASSWD . $game_roomid . '_/' . $___TEMP_uid . "\n")) {
__SOCKET_ERRORLOG__("socket_write失败");
}
__SOCKET_DEBUGLOG__("消息已发送,等待回应。");
/*
//允许3秒等待
if (!__SOCKET_CHECK_WITH_TIMEOUT__($___TEMP_socket, 'r', 3, 0)) __SOCKET_ERRORLOG__("socket_read等待时间过长。");
*/
$___TEMP_ret = socket_read($___TEMP_socket, 1024, PHP_NORMAL_READ);
if ($___TEMP_ret === false) {
socket_shutdown($___TEMP_socket);
__SOCKET_ERRORLOG__("socket_read失败。关闭连接。");
} else {
__SOCKET_DEBUGLOG__("回应已读取,关闭连接。");
socket_shutdown($___TEMP_socket);
}
$___TEMP_ret = substr($___TEMP_ret, 0, -1);
//去掉换行
if ($___TEMP_ret != $___MOD_CONN_PASSWD . '_ok') {
__SOCKET_ERRORLOG__("未知返回信息 " . $___TEMP_ret . ' 。');
}
if ($___MOD_CONN_W_DB) {
$result = $___TEMP_db->query("SELECT value FROM {$___TEMP_tablepre}temp WHERE sid='{$___TEMP_uid}'");
if (!$___TEMP_db->num_rows($result)) {
__SOCKET_ERRORLOG__("数据库中没有记录名为 {$___TEMP_uid} 的记录。");
}
$___TEMP_res = $___TEMP_db->fetch_array($result);
$___TEMP_res = $___TEMP_res['value'];
$___TEMP_res = base64_decode($___TEMP_res);
$___TEMP_db->query("DELETE FROM {$___TEMP_tablepre}temp WHERE sid='{$___TEMP_uid}'");
} else {
global $___MOD_TMP_FILE_DIRECTORY;
$___TEMP_res = file_get_contents($___MOD_TMP_FILE_DIRECTORY . $game_roomid . '_/' . $___TEMP_uid);
if (!defined('MOD_REPLAY')) {
//如果录像模式开启,最后删缓存的工作由录像模块进行
unlink($___MOD_TMP_FILE_DIRECTORY . $room_prefix . '_/' . $___TEMP_uid);
}
}
__SOCKET_DEBUGLOG__("已载入回应文件。");
global $cli_pagestartime;
$timecost = get_script_runtime($cli_pagestartime);
if ($timecost > 0.15) {
__SOCKET_WARNLOG__("警告:本次操作耗时较长,耗时为 " . $timecost . " 秒。");
}
/*
$___TEMP_res = str_replace('_____PAGE_RUNNING_TIME_____',(string)$timecost,$___TEMP_res);
*/
ob_clean();
echo $___TEMP_res;
ob_end_flush();
}
