function Register($pXml)
{
$aParams = php_xmlrpc_decode($pXml);
$aParams = $aParams[0];
$bpUserID = $aParams['bpUserID'];
db("select * from user_accounts where bp_user_id={$bpUserID} and login_name != ''");
$data = dbr();
if (!dbc()) {
insert_history($login_id, "Inscription via API BP {$bpUserID}");
db("select * from user_accounts where bp_user_id={$bpUserID}");
if (!dbc()) {
dbn("insert into user_accounts (bp_user_id, affiliate_id, signed_up) values (" . $aParams['bpUserID'] . ", " . $aParams['affiliateID'] . ", " . time() . ")");
$login_id = mysql_insert_id();
insert_history($login_id, "Ajout du compte BP {$bpUserID}");
} else {
$data2 = dbr();
$login_id = $data2['login_id'];
insert_history($login_id, "Compte BP {$bpUserID} déjà existant mais sans pseudo");
}
$url = URL_PREFIX . "/inscription.php?lidbp={$login_id}";
} else {
require_once 'includes/session_funcs.inc.php';
$session = login_to_server($data['login_name'], '', $data['bp_user_id'], true);
$url = URL_PREFIX . "/game_listing.php?sid={$session}";
$login_id = $data['login_id'];
insert_history($login_id, "Compte BP {$bpUserID} existant");
}
$aOutput = array('result' => new xmlrpcval('OK', 'string'), 'userID' => new xmlrpcval($login_id, 'int'), 'redirectURL' => new xmlrpcval($url, 'string'));
return new xmlrpcresp(php_xmlrpc_encode($aOutput));
}
/**
* 会员中心欢迎页
*/
public function index()
{
// 用户等级
if ($rank = model('ClipsBase')->get_rank_info()) {
$this->assign('rank_name', sprintf(L('your_level'), $rank['rank_name']));
}
// 收藏
$goods_list = model('ClipsBase')->get_collection_goods($this->user_id, 5, 0);
// 评论
$comment_list = model('ClipsBase')->get_comment_list($this->user_id, 5, 0);
// 浏览记录
$history = insert_history();
// 信息中心是否有新回复
$sql = 'SELECT msg_id FROM ' . $this->model->pre . 'feedback WHERE parent_id IN (SELECT f.msg_id FROM ' . $this->model->pre . 'feedback f LEFT JOIN ' . $this->model->pre . 'touch_feedback t ON f.msg_id = t.msg_id WHERE f.parent_id = 0 and f.user_id = ' . $this->user_id . ' and t.msg_read = 0 ORDER BY msg_time DESC) ORDER BY msg_time DESC';
$rs = $this->model->query($sql);
if ($rs) {
$this->assign('new_msg', 1);
}
$this->assign('user_notice', C('user_notice'));
$this->assign('goods_list', $goods_list);
$this->assign('comment_list', $comment_list);
$this->assign('history', $history);
$this->assign('title', L('user_center'));
$this->display('user.dwt');
}
/**
* 会员中心欢迎页
*/
public function index()
{
/*liugu-ec添加导航*/
// 自定义导航栏
$navigator = model('Common')->get_navigator();
$this->assign('navigator', $navigator['middle']);
// end--liugu
// 用户等级
if ($rank = model('ClipsBase')->get_rank_info()) {
$this->assign('rank_name', sprintf(L('your_level'), $rank['rank_name']));
}
// 收藏
$goods_list = model('ClipsBase')->get_collection_goods($this->user_id, 5, 0);
// 评论
$comment_list = model('ClipsBase')->get_comment_list($this->user_id, 5, 0);
// 浏览记录
$history = insert_history();
// 信息中心是否有新回复
$sql = 'SELECT msg_id FROM ' . $this->model->pre . 'feedback WHERE parent_id IN (SELECT f.msg_id FROM ' . $this->model->pre . 'feedback f LEFT JOIN ' . $this->model->pre . 'touch_feedback t ON f.msg_id = t.msg_id WHERE f.parent_id = 0 and f.user_id = ' . $this->user_id . ' and t.msg_read = 0 ORDER BY msg_time DESC) ORDER BY msg_time DESC';
$rs = $this->model->query($sql);
if ($rs) {
$this->assign('new_msg', 1);
}
$this->assign('user_notice', C('user_notice'));
$this->assign('goods_list', $goods_list);
$this->assign('comment_list', $comment_list);
$this->assign('history', $history);
$this->assign('title', L('user_center'));
/*添加订单信息*/
$pay = 1;
$count = $this->model->table('order_info')->where('user_id = ' . $this->user_id)->count();
$filter['page'] = '{page}';
$offset = $this->pageLimit(url('order_list', $filter), 5);
$offset_page = explode(',', $offset);
$orders = model('Users')->get_user_orders($this->user_id, $pay, $offset_page[1], $offset_page[0]);
$this->assign('pay', $pay);
$this->assign('title', L('order_list_lnk'));
$this->assign('pager', $this->pageShow($count));
$this->assign('orders', $orders);
/*添加订单信息*/
$this->display('user.dwt');
}
$out .= "\n<input type='hidden' name='admin_choose' value='1' />";
$out .= make_table(array("<b class='b1'>Ship Name</b>", "Available"));
db("select s.type_id,s.name,a.{$db_name}_ship_status as status from se_ship_types s, se_admin_ships a where s.type_id > 2 && a.ship_type_id = s.type_id && s.auction = 0");
while ($list_ships = dbr(1)) {
if ($list_ships['status'] == 1) {
$out .= "\n" . quick_row("{$list_ships['name']}", "<input type='checkbox' name='add_ship[{$list_ships['type_id']}]' value='{$list_ships['type_id']}' checked='checked' />");
} else {
$out .= "\n" . quick_row("{$list_ships['name']}", "<input type='checkbox' name='add_ship[{$list_ships['type_id']}]' value='{$list_ships['type_id']}' />");
}
}
$out .= "\n</table>";
$out .= "\n<br /><a href='javascript:TickAll(\"select_ships\")'>Invert Ship Selection</a>";
$out .= "\n<p /><input type='submit' value='Submit' /></form>";
}
print_page("Ship Types", $out);
insert_history($user['login_id'], "Ships available in game changed.");
}
#list all admin options
db("select paused from se_games where db_name = '{$db_name}'");
$paused = dbr(1);
$out .= "Game Functions:<br />";
if (!$paused['paused']) {
$out .= "<a href='{$_SERVER['PHP_SELF']}?pause=1'>Pause Game</a><br />";
} else {
$out .= "<a href='{$_SERVER['PHP_SELF']}?pause=2'>Un-Pause Game</a><br />";
}
$out .= "<a href='{$_SERVER['PHP_SELF']}?reset=1'>Reset Game</a><br />";
$out .= "<a href='{$_SERVER['PHP_SELF']}?reset_signup=1'>Reset Signup Times</a><br />";
$out .= "<a href='{$_SERVER['PHP_SELF']}?admin_choose=1'>Edit Ship Types</a><br />";
$out .= "<a href='{$_SERVER['PHP_SELF']}?difficulty=1'>Change Stated Difficulty</a><p />";
$out .= "Godlike Abilities:<br />";
if ($this_ship['is_warship'] == 1) {
$target_ship_count['warships']++;
} else {
$target_ship_count['other_ships']++;
}
$transfer_counter++;
}
}
$text .= sprintf($st[747], $transfer_counter, $num_ships) . "<p />" . $loop_txt;
if ($transfer_counter > 0) {
$total_cost = $cost_per_transfer * $transfer_counter;
$text .= "<p />{$st['7480']} {$total_cost} " . $cw['credits'];
take_cash($total_cost);
post_news("<b class='b1'>" . sprintf($st[748], $user[login_name], $transfer_counter, $target[login_name]), "ship");
send_message($target['login_id'], sprintf($st[749], $transfer_counter, $user[login_name]));
insert_history($user['login_id'], sprintf($st[750], $transfer_counter, $target[login_name]));
}
}
print_page($cw['transfer_ship'], $text);
}
$text .= sprintf($st[751], $target[login_name]) . "<br /><br />";
$text .= "<b class='b1'>" . $st[752] . "<br />";
$text .= "<form action=send_ship.php method=POST name=transfer_ships><table>";
db("select ship_name, class_name, location, fighters, max_fighters, shields, max_shields, armour, max_armour, config, ship_id from {$db_name}_ships where login_id = '{$user['login_id']}' && ship_id != '{$user['ship_id']}' order by class_name");
$ships = dbr(1);
if (!isset($ships)) {
#ensure there are some ships to display
$text .= $st[753];
} else {
$text .= make_table(array("Nom du vaisseau", "Type de vaisseau", "Emplacement", "Chasseurs", "Boucliers", "Coques", "Configuration"));
while ($ships) {
$temp_str = "<p /><a href='javascript:history.back()'>" . $cw['back_pass-change_form'] . "</a>";
} elseif ($user['login_name'] == $_POST['newpass']) {
//using login name as pass
$temp_str = $st[954];
$temp_str .= "<p /><a href='javascript:history.back()'>" . $cw['back_pass-change_form'] . "</a>";
} elseif ($enc_oldpass == $p_user['passwd']) {
if ($user['login_id'] == 1) {
dbn("update se_games set admin_pw='" . mysql_escape_string($_POST['newpass']) . "' where db_name = '{$db_name}'");
$temp_str .= $st[955];
$p_user['passwd'] = '$newpass';
} else {
dbn("update user_accounts set passwd='{$enc_newpass}' where login_id='{$user['login_id']}'");
$p_user['passwd'] = $enc_newpass;
}
$temp_str = $st[956];
insert_history($user['login_id'], $st[957]);
} else {
$temp_str = $st[958] . "!<br /><br />";
$temp_str .= "<a href='javascript:back()'>" . $cw['go_back'] . "</a><br />";
}
} else {
$temp_str = $st[959] . "!<br />";
$temp_str .= "<a href='javascript:back()'>" . $cw['go_back'] . "</a><br />";
}
print_page($st[950], $temp_str);
}
}
//
// change colour scheme
if (isset($_GET['scheme'])) {
$error_str .= $st[960];
function check_auth()
{
global $session_id, $login_id, $db_name, $p_user, $game_info;
//get all details for the user with that sessionid/login_id combo
//if the admin, don't use the session_id as a key
db("select * from user_accounts where (login_id = '{$login_id}' && session_id = '{$_COOKIE['session_id']}') || (login_id = 1 && '{$login_id}' = 1)");
$p_user = dbr(1);
//admin session id/ session_exp
if ($login_id == 1) {
db("select * from se_games where session_id = '{$session_id}'");
$game_info = dbr(1);
$p_user['session_id'] = $game_info['session_id'];
$p_user['session_exp'] = $game_info['session_exp'];
$p_user['user_agent'] = $game_info['user_agent'];
$db_name = $game_info['db_name'];
}
//echo $p_user['session_exp']."<br />".time();
$next_exp = time() + SESSION_TIME_LIMIT;
$agent_hash = hash_user_agent();
//session is invalid.
if ($session_id == '' || $login_id == 0 || $session_id != $p_user['session_id'] || $p_user['session_exp'] < time() || $agent_hash != $p_user['user_agent']) {
//session expired or invalid
SetCookie("p_pass", "", 0);
SetCookie("session_id", 0, 0);
SetCookie("login_id", 0, 0);
flush();
if (!empty($login_id)) {
insert_history((int) $login_id, $st[1147]);
}
echo "<script>self.location='" . URL_PREFIX . "/';</script>";
exit;
} elseif ($login_id != 1) {
//session o.k.
//if the user isn't in a game, and is pretending to be, throw them back to gamelisting.
//if game is not set
//and player is not looking at game_listing (which doesn't require db_name)
//and player is not using logout.php for logout_game_listing
//then send user to game-listing
//var_dump(strstr($_SERVER['PHP_SELF'], 'logout.php'));
setAutoLoginCookie($p_user['login_id'], $p_user['login_name'], $p_user['mdp']);
// set the auto login cookie
if ($p_user['in_game'] == "" && strstr($_SERVER['PHP_SELF'], 'game_listing.php') === false && strstr($_SERVER['PHP_SELF'], 'ajax.php') === false && strstr($_SERVER['PHP_SELF'], 'user_extra.php') === false && (strstr($_SERVER['PHP_SELF'], 'logout.php') !== false && (!isset($_GET['logout_game_listing']) || isset($_GET['comp_logout']) || isset($_GET['logout_single_game'])) || strstr($_SERVER['PHP_SELF'], 'logout.php') === false)) {
echo "<script>self.location='game_listing.php';</script>";
exit;
}
dbn("update user_accounts set session_exp = '{$next_exp}', page_views = page_views + 1 where login_id = '{$login_id}'");
$p_user['page_views']++;
$p_user['session_exp'] = $next_exp;
$db_name = $p_user['in_game'];
} elseif ($login_id == 1) {
//update admin session time
setAutoLoginCookie($p_user['login_id'], $p_user['login_name'], $p_user['mdp']);
// set the auto login cookie
dbn("update se_games set session_exp = '{$next_exp}' where db_name = '{$db_name}'");
$p_user['session_exp'] = $next_exp;
}
}
echo $st[807];
$rs = "<br /><br /><a href='javascript:history.back()'>" . $st[808] . "</a>";
print_footer();
}
$show_sigs = 1;
$ship_id = give_first_ship($p_user['login_id'], 0, $_POST['ship_name']);
//create user account within game
dbn("insert into {$db_name}_users (login_id, login_name, joined_game, turns, cash, explored_sys, ship_id, location, tech) VALUES ('{$p_user['login_id']}', '{$in_game_name}', '" . time() . "', '{$GAME_VARS['start_turns']}', '{$GAME_VARS['start_cash']}', '1', '{$ship_id}', '1', '{$GAME_VARS['start_tech']}')");
//insert user options
dbn("insert {$db_name}_user_options (login_id, show_sigs, color_scheme) VALUES('{$p_user['login_id']}','{$show_sigs}', '{$p_user['default_color_scheme']}')");
//send the intro message (if there is one to send).
if (!empty($game_info['intro_message'])) {
$game_info['intro_message'] = nl2br($game_name['intro_message']);
dbn("insert into {$db_name}_messages (sender_id,sender_name,text,login_id,timestamp) values ('1','Admin','{$game_name['intro_message']}','{$p_user['login_id']}','" . time() . "')");
}
insert_history($login_id, $cw['joined_game']);
post_news("<b class='b1'>{$in_game_name}</b> " . $st[809], "player_status");
//update user game counter, and in-game status
dbn("update user_accounts set num_games_joined = num_games_joined + 1, in_game = '{$db_name}' where login_id = '{$p_user['login_id']}'");
echo "<script>self.location='location.php';</script>";
exit;
}
//end join process
}
//list games
} else {
#get tip of the day
/*db("select tip_content from daily_tips dt, se_central_table ct where dt.tip_id = ct.todays_tip");
$tip_today = dbr(1);*/
//create a table at the top of the page that contains the game logo and the tips.
/*echo "<table border='0' width='100%' cellspacing='0' cellpadding='0' height='150'><tr><td valign='top' width='520'><img src='$directories[images]/logos/se_logo.jpg' border='0' /></td>";
$aim_show = 0;
}
//if user has entered icq number they will quite probably want to see icq users. Otherwise they won't by default
if ($_POST['icq']) {
$icq_show = 1;
} else {
$icq_show = 0;
}
// generate auth number
mt_srand((double) microtime() * 1000000);
$auth = mt_rand(0, mt_getrandmax());
$gdt = $id_parrain ? 1 : 0;
dbn("insert into user_accounts (login_name, passwd, mdp, auth, signed_up, id_parrain, gdt, email_address, aim, icq, msn, yim, con_speed) VALUES('{$login_name}', '" . md5($_POST['mdp']) . "', '" . $_POST['mdp'] . "', '{$auth}', '" . time() . "', {$id_parrain}, {$gdt}, '{$email_address}', '" . mysql_escape_string($_POST['aim']) . "', '" . (int) $_POST['icq'] . "', '" . mysql_escape_string($_POST['msn']) . "', '" . mysql_escape_string($_POST['yim']) . "', '" . (int) $_POST['con_speed'] . "')");
$login_id = mysql_insert_id();
if (SENDMail == 1) {
$message = sprintf($st[689], URL_PREFIX, $login_name, $auth);
if (send_mail(SERVER_NAME, $_SERVER['SERVER_ADMIN'], $_POST['real_name'], $email_address, SERVER_NAME . " Authorisation Code", $message)) {
echo $st[690] . "<p />";
echo $st[691] . "<p />";
} else {
echo $st[692] . "<p />";
echo $st[693] . "<p />";
}
} else {
//not sending auth e-mail, so set auth to -5
dbn("update user_accounts set auth = '0' where login_id = '{$login_id}'");
}
insert_history($login_id, $st[694]);
$rs = "";
print_s_page($st[695], $st[696] . " <br /><a href='" . URL_PREFIX . "/'>" . $cw['click_here'] . "</a>" . $st[697], 'inscription_ok');
}
$symbol = addslashes($symbol);
$passwd = addslashes($passwd);
$q_string = "insert into {$db_name}_clans (";
$q_string = $q_string . "clan_name,leader_id,passwd,symbol,sym_color";
$q_string = $q_string . ") values(";
$q_string = $q_string . "'{$name}','{$user['login_id']}','{$passwd}','{$symbol}','{$sym_color}')";
db($q_string);
$clan_id = mysql_insert_id();
dbn("update {$db_name}_planets set clan_id = {$clan_id} where login_id = {$user['login_id']}");
dbn("update {$db_name}_ships set clan_id = {$clan_id} where login_id = {$user['login_id']}");
dbn("update {$db_name}_users set clan_id = {$clan_id}, clan_sym = '{$symbol}', clan_sym_color = '{$sym_color}', cash=cash-10000 where login_id = {$user['login_id']}");
$user['clan_id'] = $clan_id;
$user['clan_sym'] = $symbol;
$user['clan_sym_color'] = $sym_color;
post_news("<b class='b1'>{$user['login_name']}</b> " . $cw['created_the'] . " <b class='b1'>{$name}(<font color={$sym_color}>{$symbol}</font>)</b>", "clan, player_status");
insert_history($user['login_id'], sprintf($st[538], $name));
}
}
} elseif (isset($lead_change)) {
// Assign new leader
db("select leader_id from {$db_name}_clans where clan_id = {$user['clan_id']}");
$clan = dbr(1);
if ($user['clan_id'] < 1) {
$error_str .= $st[539];
} elseif ($clan['leader_id'] != $user['login_id'] && $user['login_id'] != 1) {
$error_str .= $st[540];
} elseif (!$leader_id) {
db2("select login_id,login_name from {$db_name}_users where clan_id = '{$user['clan_id']}' && login_id != '1' && login_id != '{$clan['leader_id']}'");
$member_name = dbr2(1);
if ($member_name) {
$ostr .= "<form action={$filename} method=POST>";
//logout FROM GAME. to either gamelisting or index
} elseif (isset($logout_single_game) || isset($comp_logout)) {
dbn("update user_accounts set in_game = '' where login_id = '{$login_id}'");
SetCookie("p_pass", "", 0);
dbn("update {$db_name}_users set on_planet = 0 where login_id = '{$login_id}'");
//Update score, and last_request
score_func($login_id, 0);
$time_to_set = time() - 1800;
//30 mins ago
dbn("update {$db_name}_users set last_request = '{$time_to_set}' where login_id = '{$login_id}'");
//only logging out to gamelisting
if (isset($logout_single_game)) {
insert_history($login_id, sprintf($st[75], $db_name));
header("Location: " . URL_PREFIX . "/game_listing.php");
// echo "<script>self.location='".URL_PREFIX."/game_listing.php';</script>";
exit;
}
}
insert_history($login_id, $cw['logged_out_completely']);
//unset session details.
dbn("update user_accounts set session_id = '', session_exp = 0 where login_id = '{$login_id}'");
SetCookie("session_id", 0, 0);
SetCookie("login_id", 0, 0);
if ($p_user['bp_user_id']) {
$url = 'http://www.bigpoint.com/';
} else {
$url = URL_PREFIX . "/index.php";
}
header("Location: {$url}");
//echo "<script>self.location='".URL_PREFIX."/';</script>";
exit;
$special_show = 1;
if ($user['login_id'] == 1 && $target == 1) {
$full = 1;
} else {
$full = 0;
}
} elseif ($target == $user['login_id'] || $target == 1 || $user['clan_id'] == $player['clan_id'] && $user['clan_id'] > 0 || $user['login_id'] == 1 || $user['login_id'] == OWNER_ID) {
#admin can see all, but not aliens/pirates
$full = 1;
} else {
#if none of the above are true, then a more limited view is given.
$full = 0;
}
//keep track of who admin is looking at.
if ($user['login_id'] == 1) {
insert_history($user['login_id'], $st[1511] . " {$player['login_name']}");
}
$text .= "<a href='message.php?target_id={$target}'>" . $cw['send_message_to'] . " {$player['login_name']}</a><br /><br />";
$text .= make_table(array("", ""));
$text .= quick_row($cw['game_name'], print_name($player));
if ($full == 1 || isset($special_show)) {
$text .= quick_row($cw['login_name'], $player['generic_l_name']);
if (isset($special_show)) {
$text .= quick_row($st[875], $player['real_name']);
$text .= quick_row($cw['purpose'], "{$player['email_address']}");
} else {
$text .= quick_row($cw['real_name'], $player['real_name']);
$text .= quick_row($cw['email_address'], "<a href='mailto:{$player['email_address']}'>{$player['email_address']}</a>");
}
if ($user['login_id'] == OWNER_ID && OWNER_ID != 0) {
$text .= quick_row(" ", "");
dbn("delete from {$db_name}_clans where clan_id = {$clan['clan_id']}");
dbn("delete from {$db_name}_messages where clan_id = {$clan['clan_id']}");
post_news(sprintf($st[125], $clan[clan_name], $clan[sym_color], $clan[symbol]), "clan, player_status");
} elseif ($what_to_do == 2 && !$leader_id) {
$new_page = $st[126];
$new_page .= "<form action=retire.php method=POST name=retiring2>";
#$new_page .= "<input type=hidden name=what_to_do value='$what_to_do' />";
db2("select login_id,login_name from {$db_name}_users where clan_id = '{$clan['clan_id']}' && login_id != '{$clan['login_id']}'");
$new_page .= "<select name=leader_id>";
while ($member_name = dbr2(1)) {
$new_page .= "<option value={$member_name['login_id']}>{$member_name['login_name']}</option>";
}
$new_page .= "</select>";
while (list($var, $value) = each($HTTP_POST_VARS)) {
$new_page .= "<input type=hidden name={$var} value='{$value}' />";
}
$new_page .= "<p /><input type='submit' value='" . $cw['submit'] . "' /></form>";
print_page($st[127], $new_page);
} else {
dbn("update {$db_name}_clans set leader_id = {$leader_id} where clan_id = {$clan['clan_id']}");
}
}
}
if (empty($reason)) {
$reason = $cw['no_reason'];
}
retire_user($target);
post_news(sprintf($st[128], $target_info[login_name], $reason), "player_status");
insert_history($user['login_id'], sprintf($st[129], $target_info[login_name]));
insert_history($target_info['login_id'], $st[130]);
print_page($cw['retired'], sprintf($st[131], $target_info[login_name]));
function login_to_server($pseudo = '', $mdp = '', $bpUserId = 0, $returnSession = false, $fbUserId = 0)
{
global $p_user, $db_name, $directories, $st, $cw;
$login_name = mysql_escape_string($pseudo ? $pseudo : (string) $_POST['pseudo']);
$agent_hash = hash_user_agent();
/********************** Admin Login *******************/
if ($login_name == "Admin") {
$password = mysql_escape_string((string) $_POST['mdp']);
db("select * from se_games where admin_pw = '{$password}'");
$games_info = dbr(1);
if (empty($games_info)) {
//invalid admin login
insert_history(1, "Bad login Attempt");
sleep(3);
//so as to minimise trouble caused by people trying to guess the pass, and who don't know about the back button. :)
exit("Login Failed. Do no pass go, do not collect your new Harvestor Mammoth.");
} else {
//Admin successfully logged into game
$db_name = $games_info['db_name'];
$session = create_rand_string(32);
SetCookie("login_id", 1, 0);
SetCookie("login_name", "Admin", time() + 2592000);
SetCookie("session_id", $session, 0);
flush();
//send cookies immediatly
$expire = time() + SESSION_TIME_LIMIT;
insert_history(1, "Successfully logged into {$db_name}");
dbn("update {$db_name}_users set game_login_count = game_login_count + 1 where login_id = '1'");
dbn("update se_games set session_id = '{$session}', session_exp = '{$expire}', user_agent = '{$agent_hash}' where db_name = '{$db_name}'");
echo "<script>self.location='location.php';</script> <noscript>You cannot login without JavaScript. Please enable Javascript, or use a browser that supports it.</noscript>";
exit;
}
} elseif (preg_match("/^admin\$/i", $login_name)) {
//other spelling of admin.
sleep(5);
exit("Sod off - you can't even spell 'admin' properly can you?");
}
/*************************User Login************************/
db("select * from user_accounts where login_name = '{$login_name}'");
$p_user = dbr(1);
if (!isset($_POST['enc_pass']) || $mdp) {
//user entered pass on login form
$enc_pass = md5($mdp ? $mdp : $_POST['mdp']);
$pre_enc_pass = 0;
} else {
//pass coming from being hidden in auth. so set pre_enc to ensure auth is checked.
$enc_pass = $_POST['enc_pass'];
$pre_enc_pass = 1;
}
if (empty($p_user)) {
//incorrect username
print_header($cw['login_problem']);
echo "<blockquote>" . sprintf($st[1816], $login_name) . "<br />\r\n\t\t" . $st[1817] . "<p />\r\n\t\t<p /> <a href='inscription.php'>\r\n\t\t" . $cw['sign_up2'] . "</a> <p /> <a href=\"" . URL_PREFIX . "/index.php\">" . $st[1818] . "</a></b></blockquote>";
print_footer();
} elseif ($enc_pass != $p_user['passwd'] && !$bpUserId && !$fbUserId) {
//incorrect password
print_header($cw['bad_passwd']);
echo "<blockquote><b>" . $st[1819] . "<br />" . $st[1820] . "\r\n\t\t<p /><a href=\"javascript:history.back()\">" . $st[1818] . "</a></b><p />" . $st[789] . " ? <a href=change_pass.php?stage_one=1>" . $cw['click_here'] . "</a></blockquote><p />";
insert_history($p_user['login_id'], $cw['bad_login']);
print_footer();
} elseif ($p_user['bp_user_id'] && !$bpUserId) {
// joueur BP connexion classique
print_header("Problème de connexion");
echo "<blockquote><b>Erreur</b><br /><br />Il semble que vous vous soyez inscrit via notre partenaire <a href='http://www.bigpoint.com/' target='_blank'>BigPoint</a>, veuillez utiliser <a href='http://fr.bigpoint.com/games/astravires/' target='_blank'>la fiche jeu Astra Vires</a> sur son portail pour vous connecter.</blockquote><p />";
insert_history($p_user['login_id'], 'Joueur BP connexion classique');
print_footer();
//valid username/pass combination.
//But MUST enter a auth code to continue, as pre_enc_pass was set.
//or no auth code yet entered, and sendmail is set
} elseif ($pre_enc_pass == 1 || $p_user['auth'] != 0 || $bpUserId) {
//get user to enter auth code.
if ((empty($_POST['auth_code']) || $_POST['auth_code'] != $p_user['auth'] && $p_user['auth'] != 0) && !$bpUserId) {
print_header("Authorisation Code Required");
$rs = "";
if (empty($_POST['auth_code'])) {
echo "Please enter the Authorisation Code that was sent to your email address:<br /><br />";
} else {
echo "Authorisation Code did not match.<br />";
}
echo "<form name=get_var_form action={$_SERVER['PHP_SELF']} method=POST>";
echo "<input type=hidden name=l_name value='{$login_name}'><input type=hidden name=enc_pass value='{$enc_pass}'>";
echo "<input type=text name=auth_code value='' size=20> - ";
echo "<input type=submit value=Submit></form>";
print_footer();
} elseif ($_POST['auth_code'] == $p_user['auth'] || $bpUserId) {
dbn("update user_accounts set auth = '0' where login_id = '{$p_user['login_id']}'");
} else {
print_page("hmm", "Something Broke");
}
}
/*****************User successfully logged in***********************/
if ($p_user['mdp']) {
setAutoLoginCookie($p_user['login_id'], $p_user['login_name'], $p_user['mdp']);
}
$session = create_rand_string(32);
SetCookie("login_id", $p_user['login_id'], time() + 2592000);
SetCookie("login_name", $p_user['login_name'], time() + 2592000);
SetCookie("session_id", $session, 0);
$expire = time() + SESSION_TIME_LIMIT;
if (!$returnSession) {
dbn("update user_accounts set last_login = "******", session_id = '{$session}', session_exp = '{$expire}', last_ip = '" . $_SERVER['REMOTE_ADDR'] . "', login_count = login_count + 1, user_agent = '{$agent_hash}' where login_id = '{$p_user['login_id']}'");
insert_history($p_user['login_id'], "Logged Into GameList");
} else {
dbn("update user_accounts set session_id = '{$session}', session_exp = '{$expire}' where login_id = '{$p_user['login_id']}'");
}
// update the password in clear to delete the encrypted one in the future
dbn("update user_accounts set mdp = '" . $_POST['mdp'] . "' where login_id = '" . $p_user[login_id] . "'");
if ($p_user['last_login'] == 0 && !$returnSession) {
//first login. show them the story.
print_header("Histoire");
//load story
$results = load_xml("{$directories['includes']}/stories.xml");
$story = $results['story']['Histoire'];
echo "<a href='game_listing.php'>Continuer</a><br /><br />";
echo "\n<a name=top><center><b>{$story['title']}</b></center></a><br>{$story['content']} <p />Ecrit par <b class=b1>{$story['author']}</b>";
echo "<br /><br /><a href='game_listing.php'>Continuer</a>";
$rs = '';
print_footer();
}
if ($returnSession) {
return $session;
}
}
function retire_ood_users()
{
global $db_name, $final_str, $cw, $st;
//select users who have been inactive in a game for a while.
$time = time() - 14 * 86400;
db("select clan_id, login_id, login_name from {$db_name}_users where login_id > 5 && joined_game < '{$time}' && last_request < '{$time}' && (banned_time < " . time() . " || banned_time = 0)");
while ($users = dbr(1)) {
if ($users['clan_id'] > 0) {
//user in a clan
db2("select leader_id from {$db_name}_clans where clan_id = '{$users['clan_id']}'");
$clan = dbr2(1);
#if player is in clan, remove the clan.
if ($clan['leader_id'] == $users['login_id']) {
dbn("update {$db_name}_users set clan_id = 0 where clan_id = '{$users['clan_id']}'");
dbn("update {$db_name}_planets set clan_id = -1 where clan_id = '{$users['clan_id']}'");
dbn("delete from {$db_name}_clans where clan_id = '{$users['clan_id']}'");
} else {
dbn("update {$db_name}_planets set clan_id = -1 where login_id = '{$users['login_id']}'");
}
}
dbn("delete from {$db_name}_ships where login_id = '{$users['login_id']}'");
dbn("delete from {$db_name}_diary where login_id = '{$users['login_id']}'");
insert_history($users['login_id'], "Was removed from {$db_name} after 14 days of in-activity.");
dbn("delete from {$db_name}_user_options where login_id = '{$users['login_id']}'");
dbn("delete from {$db_name}_users where login_id = '{$users['login_id']}'");
$final_str .= "\n<br />{$users['login_name']} Removed";
post_news("<b class=b1>{$users['login_name']}</b> " . $st[1831], "player_status");
}
}
}
if ($clan_id == 0) {
print_page("Clan Forum", $out);
}
} else {
//update last lookup time for player looking at clan forum
dbn("update {$db_name}_users set last_access_clan_forum='" . time() . "' where login_id = '{$user['login_id']}'");
}
if ($forum_id == -5 && $clan_id != 0) {
//welcome message to forum.
db("select clan_name,sym_color from {$db_name}_clans where clan_id = '{$clan_id}'");
$clan_name = dbr(1);
$out .= "Welcome to the <font color='{$clan_name['sym_color']}'>{$clan_name['clan_name']}</font> Clan Forum.";
//keep track of who admin is looking at.
if ($user['login_id'] == 1 && $_POST['look_at']) {
insert_history($user['login_id'], "Viewed info for clan {$clan_name['clan_name']}");
}
}
/*******************
* Admin Forum Precursers
*******************/
} elseif ($target_id == -99 && $admin_powers == 1) {
$header = "Admin Forum";
$forum_id = -99;
$col_arr = array(0 => '#332222', 1 => '#44334F', 2 => '');
if ($user['login_id'] == 1) {
//admin update of link
dbn("update se_games set last_access_admin_forum = '" . time() . "' where db_name = '{$db_name}'");
$game_info['last_access_admin_forum'] = time();
} else {
//server admin update - uses icq num.
function wipe_player($unfortunate_id, $clan_id)
{
global $db_name, $GAME_VARS, $cw, $st;
//erase all ships (though in all likelyhood the player won't have any at this point).
dbn("delete from {$db_name}_ships where login_id = '{$unfortunate_id}'");
//reset bilkos items that the player has bid on but not won
dbn("update {$db_name}_bilkos set bidder_id = 0 where bidder_id = '{$unfortunate_id}' && active = 1");
//delete bilko's items that the player won
dbn("delete from {$db_name}_bilkos where bidder_id = '{$unfortunate_id}' && active = 0");
//set planets to unowned.
dbn("update {$db_name}_planets set login_name = 'Un-Owned', login_id = 4, pass='', clan_id = 0 where login_id = '{$unfortunate_id}'");
//game is not in SD, so can restart
if ($GAME_VARS['sudden_death'] != 1) {
send_message($unfortunate_id, $st[167]);
$new_ship = give_first_ship($unfortunate_id, $clan_id);
} else {
//game in SD, so in a ship destroyed.
$new_ship = 1;
}
//resest some of the account details
dbn("update {$db_name}_users set cash = '{$GAME_VARS['start_cash']}', tech = '{$GAME_VARS['start_tech']}', turns = '{$GAME_VARS['start_turns']}', ship_id = '{$new_ship}', location = 1, genesis = 0, terra_imploder = 0, alpha=0, gamma = 0, delta = 0, turns_run = 0 where login_id = '{$unfortunate_id}'");
insert_history($unfortunate_id, $cw['account wiped']);
}
$new_page .= "<select name='leader_id'>";
while ($member_name = dbr2(1)) {
$new_page .= "<option value='{$member_name['login_id']}'>{$member_name['login_name']}</option>";
}
$new_page .= "</select>";
foreach ($_POST as $var => $value) {
$new_page .= "<input type='hidden' name='{$var}' value='{$value}' />";
}
$new_page .= "<p /><input type='submit' value='Submit' /></form>";
echo $new_page;
}
}
retire_user($user['login_id']);
$rs = "<p /><a href='game_listing.php'>" . $st[944] . "</a>";
print_header($cw['account_removed']);
insert_history($user['login_id'], $cw['retired_from_game']);
echo $st[945];
print_footer();
}
}
if ($user['login_id'] != 1) {
//$error_str .= "<p /><a href='options.php?retire=1'>".$st[982]."</a>"; //Quitter la galaxie à enlever
}
?>
</div>
<div class="spacer"></div>
</div>
