function msg_send_simple_message($owners, $sender, $timestamp, $message_type, $from, $subject, $text, $escaped = false, $force = false)
{
global $config, $user, $sn_message_class_list;
if (!$owners) {
return;
}
$timestamp = $timestamp ? $timestamp : SN_TIME_NOW;
$sender = intval($sender);
if (!is_array($owners)) {
$owners = array($owners);
}
if (!$escaped) {
$from = db_escape($from);
$subject = db_escape($subject);
$text = db_escape($text);
}
$text_unescaped = stripslashes(str_replace(array('\\r\\n', "\r\n"), "<br />", $text));
$message_class = $sn_message_class_list[$message_type];
$message_class_email = $message_class['email'];
$message_class_switchable = $message_class['switchable'];
$message_class_name = $message_class['name'];
$message_class_name_total = $sn_message_class_list[MSG_TYPE_NEW]['name'];
if ($owners[0] == '*') {
if ($user['authlevel'] < 3) {
return false;
}
// TODO Добавить $timestamp - рассылка может быть и отсроченной
// TODO Добавить $sender - рассылка может быть и от кого-то
db_message_insert_all($message_type, $from, $subject, $text);
$owners = array();
} else {
$insert_values = array();
$insert_template = "('%u'," . str_replace('%', '%%', " '{$sender}', '{$timestamp}', '{$message_type}', '{$from}', '{$subject}', '{$text}')");
foreach ($owners as $owner) {
if ($user['id'] != $owner) {
$owner_row = db_user_by_id($owner);
} else {
$owner_row = $user;
}
sys_user_options_unpack($owner_row);
if ($force || !$message_class_switchable || $owner_row["opt_{$message_class_name}"]) {
$insert_values[] = sprintf($insert_template, $owner);
}
if ($message_class_email && $config->game_email_pm && $owner_row["opt_email_{$message_class_name}"]) {
@($result = mymail($owner_row['email'], $subject, $text_unescaped, '', true));
}
}
if (empty($insert_values)) {
return;
}
doquery($QryInsertMessage = 'INSERT INTO {{messages}} (`message_owner`, `message_sender`, `message_time`, `message_type`, `message_from`, `message_subject`, `message_text`) ' . 'VALUES ' . implode(',', $insert_values));
}
db_user_list_set_mass_mail($owners, "`{$message_class_name}` = `{$message_class_name}` + 1, `{$message_class_name_total}` = `{$message_class_name_total}` + 1");
if (in_array($user['id'], $owners) || $owners[0] == '*') {
$user[$message_class_name]++;
$user[$message_class_name_total]++;
}
}
function msg_send_simple_message($owners, $sender, $timestamp, $message_type, $from, $subject, $text, $escaped = false)
{
global $config, $user, $sn_message_class_list, $time_now;
$timestamp = $timestamp ? $timestamp : $time_now;
$sender = intval($sender);
if (!is_array($owners)) {
$owners = array($owners);
}
if (!$escaped) {
$from = mysql_real_escape_string($from);
$subject = mysql_real_escape_string($subject);
$text = mysql_real_escape_string($text);
}
$text_unescaped = stripslashes(str_replace(array('\\r\\n', "\r\n"), "<br />", $text));
$message_class = $sn_message_class_list[$message_type];
$message_class_email = $message_class['email'];
$message_class_switchable = $message_class['switchable'];
$message_class_name = $message_class['name'];
$message_class_name_total = $sn_message_class_list[MSG_TYPE_NEW]['name'];
$QryInsertMessage = 'INSERT INTO {{messages}} (`message_owner`, `message_sender`, `message_time`, `message_type`, `message_from`, `message_subject`, `message_text`) ';
$QryUpdateUser = "******";
if ($owners[0] == '*') {
if ($user['authlevel'] < 3) {
return false;
}
$QryInsertMessage .= "SELECT `id`, 0, unix_timestamp(now()), {$message_type}, '{$from}', '{$subject}', '{$text}' FROM {{users}}; ";
} else {
$insert_values = array();
$insert_template = "('%u'," . str_replace('%', '%%', " '{$sender}', '{$timestamp}', '{$message_type}', '{$from}', '{$subject}', '{$text}')");
foreach ($owners as $owner) {
if ($user['id'] != $owner) {
$owner_row = doquery("SELECT * FROM {{users}} WHERE id = {$owner} LIMIT 1;", '', true);
sys_user_options_unpack($owner_row);
} else {
$owner_row =& $user;
}
if (!$message_class_switchable || $owner_row["opt_{$message_class_name}"]) {
$insert_values[] = sprintf($insert_template, $owner);
}
if ($message_class_email && $config->game_email_pm && $owner_row["opt_email_{$message_class_name}"]) {
@($result = mymail($owner_row['email'], $subject, $text_unescaped, '', true));
}
}
if (empty($insert_values)) {
return;
}
$QryInsertMessage .= 'VALUES ' . implode(',', $insert_values) . ';';
$QryUpdateUser .= 'WHERE `id` IN (' . implode(',', $owners) . ');';
}
doquery($QryInsertMessage);
doquery($QryUpdateUser);
if (in_array($user['id'], $owners) || $owners[0] == '*') {
$user[$message_class_name]++;
$user[$message_class_name_total]++;
}
}
function sn_login($username, $password, $remember_me = '1')
{
global $lang;
$username = mysql_real_escape_string($username);
$login = doquery("SELECT * FROM {{users}} WHERE `username` = '{$username}' LIMIT 1;", '', true);
if (!$login) {
$status = LOGIN_ERROR_USERNAME;
$error_msg = $lang['Login_FailUser'];
$login = array();
} elseif ($login['password'] != md5($password)) {
$status = LOGIN_ERROR_PASSWORD;
$error_msg = $lang['Login_FailPassword'];
$login = array();
} else {
sys_user_options_unpack($login);
sn_set_cookie($login, $remember_me);
$status = LOGIN_SUCCESS;
$error_msg = '';
}
return array('status' => $status, 'error_msg' => $error_msg, 'user_row' => $login);
}
sn_ali_fill_user_ally($user);
if (!$user['ally']['player']['id']) {
sn_sys_logout(false, true);
$debug->error("User ID {$user['id']} has ally ID {$user['ally_id']} but no ally info", 'User record error', 502);
}
// TODO UNCOMMENT
que_process($user['ally']['player']);
db_user_set_by_id($user['ally']['player']['id'], '`onlinetime` = ' . SN_TIME_NOW);
sn_db_transaction_commit();
}
// TODO - в режиме эмуляции, на самом деле!
sn_db_transaction_start();
$global_data = sys_o_get_updated($user['id'], $planet_id, SN_TIME_NOW);
sn_db_transaction_commit();
$planetrow = $global_data['planet'];
if (!($planetrow && isset($planetrow['id']) && $planetrow['id'])) {
sn_sys_logout(false, true);
$debug->error("User ID {$user['id']} has no current planet and no homeworld", 'User record error', 502);
}
$que = $global_data['que'];
}
require_once 'includes/vars_menu.php';
if ($sn_mvc['model']['']) {
foreach ($sn_mvc['model'][''] as $hook) {
if (is_callable($hook_call = is_string($hook) ? $hook : (is_array($hook) ? $hook['callable'] : $hook->callable))) {
call_user_func($hook_call);
}
}
}
sys_user_options_unpack($user);
function sn_options_model()
{
global $user, $user_option_list, $lang, $template_result, $config;
$language_new = sys_get_param_str('langer', $user['lang']);
if ($language_new != $user['lang']) {
$lang->lng_switch($language_new);
}
lng_include('options');
lng_include('messages');
$FMT_DATE = preg_replace(array('/d/', '/m/', '/Y/'), array('DD', 'MM', 'YYYY'), FMT_DATE);
if (sys_get_param_str('mode') == 'change') {
if ($user['authlevel'] > 0) {
$planet_protection = sys_get_param_int('adm_pl_prot') ? $user['authlevel'] : 0;
db_planet_set_by_owner($user['id'], "`id_level` = '{$planet_protection}'");
db_user_set_by_id($user['id'], "`admin_protection` = '{$planet_protection}'");
$user['admin_protection'] = $planet_protection;
}
if (sys_get_param_int('vacation') && !$config->user_vacation_disable) {
sn_db_transaction_start();
if ($user['authlevel'] < 3) {
if ($user['vacation_next'] > SN_TIME_NOW) {
message($lang['opt_vacation_err_timeout'], $lang['Error'], 'index.php?page=options', 5);
die;
}
$is_building = doquery("SELECT * FROM `{{fleets}}` WHERE `fleet_owner` = '{$user['id']}' LIMIT 1;", true);
if ($is_building) {
message($lang['opt_vacation_err_your_fleet'], $lang['Error'], 'index.php?page=options', 5);
die;
}
$que = que_get($user['id'], false);
if (!empty($que)) {
message($lang['opt_vacation_err_que'], $lang['Error'], 'index.php?page=options', 5);
die;
}
$query = classSupernova::db_get_record_list(LOC_PLANET, "`id_owner` = {$user['id']}");
foreach ($query as $planet) {
// $planet = sys_o_get_updated($user, $planet, SN_TIME_NOW);
// $planet = $planet['planet'];
db_planet_set_by_id($planet['id'], "last_update = " . SN_TIME_NOW . ", energy_used = '0', energy_max = '0',\n metal_perhour = '{$config->metal_basic_income}', crystal_perhour = '{$config->crystal_basic_income}', deuterium_perhour = '{$config->deuterium_basic_income}',\n metal_mine_porcent = '0', crystal_mine_porcent = '0', deuterium_sintetizer_porcent = '0', solar_plant_porcent = '0',\n fusion_plant_porcent = '0', solar_satelit_porcent = '0', ship_sattelite_sloth_porcent = 0");
}
$user['vacation'] = SN_TIME_NOW + $config->player_vacation_time;
} else {
$user['vacation'] = SN_TIME_NOW;
}
sn_db_transaction_commit();
}
foreach ($user_option_list as $option_group_id => $option_group) {
foreach ($option_group as $option_name => $option_value) {
if ($user[$option_name] !== null) {
$user[$option_name] = sys_get_param_str($option_name);
} else {
$user[$option_name] = $option_value;
}
}
}
$options = sys_user_options_pack($user);
$player_options = sys_get_param('options');
if (!empty($player_options)) {
array_walk($player_options, function (&$value) {
// TODO - Когда будет больше параметров - сделать больше проверок
$value = intval($value);
});
classSupernova::$user_options->offsetSet($player_options);
// pdump($player_options);die();
// player_save_option_array($user, $player_options);
}
$username = substr(sys_get_param_str_unsafe('username'), 0, 32);
$username_safe = db_escape($username);
if ($username && $user['username'] != $username && $config->game_user_changename != SERVER_PLAYER_NAME_CHANGE_NONE && sys_get_param_int('username_confirm') && !strpbrk($username, LOGIN_REGISTER_CHARACTERS_PROHIBITED)) {
// проверка на корректность
sn_db_transaction_start();
$name_check = doquery("SELECT * FROM {{player_name_history}} WHERE `player_name` LIKE \"{$username_safe}\" LIMIT 1 FOR UPDATE;", true);
if (!$name_check || $name_check['player_id'] == $user['id']) {
$user = db_user_by_id($user['id'], true);
switch ($config->game_user_changename) {
case SERVER_PLAYER_NAME_CHANGE_PAY:
if (mrc_get_level($user, $planetrow, RES_DARK_MATTER) < $config->game_user_changename_cost) {
$template_result['.']['result'][] = array('STATUS' => ERR_ERROR, 'MESSAGE' => $lang['opt_msg_name_change_err_no_dm']);
break;
}
rpg_points_change($user['id'], RPG_NAME_CHANGE, -$config->game_user_changename_cost, sprintf('Пользователь ID %d сменил имя с "%s" на "%s"', $user['id'], $user['username'], $username));
case SERVER_PLAYER_NAME_CHANGE_FREE:
db_user_set_by_id($user['id'], "`username` = '{$username_safe}'");
doquery("REPLACE INTO {{player_name_history}} SET `player_id` = {$user['id']}, `player_name` = '{$username_safe}'");
// TODO: Change cookie to not force user relogin
// sn_setcookie(SN_COOKIE, '', time() - PERIOD_WEEK, SN_ROOT_RELATIVE);
$template_result['.']['result'][] = array('STATUS' => ERR_NONE, 'MESSAGE' => $lang['opt_msg_name_changed']);
$user['username'] = $username;
break;
}
} else {
$template_result['.']['result'][] = array('STATUS' => ERR_ERROR, 'MESSAGE' => $lang['opt_msg_name_change_err_used_name']);
}
sn_db_transaction_commit();
}
if ($new_password = sys_get_param('newpass1')) {
try {
if ($new_password != sys_get_param('newpass2')) {
throw new Exception($lang['opt_err_pass_unmatched'], ERR_WARNING);
}
if (!classSupernova::$auth->password_change(sys_get_param('db_password'), $new_password)) {
throw new Exception($lang['opt_err_pass_wrong'], ERR_WARNING);
}
throw new Exception($lang['opt_msg_pass_changed'], ERR_NONE);
} catch (Exception $e) {
$template_result['.']['result'][] = array('STATUS' => in_array($e->getCode(), array(ERR_NONE, ERR_WARNING, ERR_ERROR)) ? $e->getCode() : ERR_ERROR, 'MESSAGE' => $e->getMessage());
}
}
$user['email'] = sys_get_param_str('db_email');
// if(!$template_result[F_ACCOUNT]['account_email'] && ($email_2 = sys_get_param_str('db_email2'))) {
// core_auth::email_set($email_2);
// }
$user['dpath'] = sys_get_param_str('dpath');
$user['lang'] = sys_get_param_str('langer', $user['lang']);
// if($lang->lng_switch($user['lang'])) {
// lng_include('options');
// lng_include('messages');
// }
$user['design'] = sys_get_param_int('design');
$user['noipcheck'] = sys_get_param_int('noipcheck');
// $user['spio_anz'] = sys_get_param_int('spio_anz');
// $user['settings_fleetactions'] = sys_get_param_int('settings_fleetactions', 1);
// $user['settings_tooltiptime'] = sys_get_param_int('settings_tooltiptime');
// $user['settings_esp'] = sys_get_param_int('settings_esp');
// $user['settings_wri'] = sys_get_param_int('settings_wri');
// $user['settings_bud'] = sys_get_param_int('settings_bud');
// $user['settings_mis'] = sys_get_param_int('settings_mis');
// $user['settings_statistics'] = sys_get_param_int('settings_statistics');
// $user['settings_info'] = sys_get_param_int('settings_info');
// $user['settings_rep'] = sys_get_param_int('settings_rep');
// $user['planet_sort'] = sys_get_param_int('settings_sort');
// $user['planet_sort_order'] = sys_get_param_int('settings_order');
$user['deltime'] = !sys_get_param_int('deltime') ? 0 : ($user['deltime'] ? $user['deltime'] : SN_TIME_NOW + $config->player_delete_time);
$gender = sys_get_param_int('gender', $user['gender']);
!isset($lang['sys_gender_list'][$gender]) ? $gender = $user['gender'] : false;
$user['gender'] = $user['gender'] == GENDER_UNKNOWN ? $gender : $user['gender'];
try {
if ($user['birthday']) {
throw new exception();
}
$user_birthday = sys_get_param_str_unsafe('user_birthday');
if (!$user_birthday || $user_birthday == $FMT_DATE) {
throw new exception();
}
// Some black magic to parse any valid date format - those that contains all three "d", "m" and "Y" and any of the delimeters "\", "/", ".", "-"
$pos['d'] = strpos(FMT_DATE, 'd');
$pos['m'] = strpos(FMT_DATE, 'm');
$pos['Y'] = strpos(FMT_DATE, 'Y');
asort($pos);
$i = 0;
foreach ($pos as &$position) {
$position = ++$i;
}
$regexp = "/" . preg_replace(array('/\\\\/', '/\\//', '/\\./', '/\\-/', '/d/', '/m/', '/Y/'), array('\\\\\\', '\\/', '\\.', '\\-', '(\\d?\\d)', '(\\d?\\d)', '(\\d{4})'), FMT_DATE) . "/";
if (!preg_match($regexp, $user_birthday, $match)) {
throw new exception();
}
if (!checkdate($match[$pos['m']], $match[$pos['d']], $match[$pos['Y']])) {
throw new exception();
}
$user['user_birthday'] = db_escape("{$match[$pos['Y']]}-{$match[$pos['m']]}-{$match[$pos['d']]}");
// EOF black magic! Now we have valid SQL date in $user['user_birthday'] - independent of date format
$year = date('Y', SN_TIME_NOW);
if (mktime(0, 0, 0, $match[$pos['m']], $match[$pos['d']], $year) > SN_TIME_NOW) {
$year--;
}
$user['user_birthday_celebrated'] = db_escape("{$year}-{$match[$pos['m']]}-{$match[$pos['d']]}");
$user_birthday = ", `user_birthday` = '{$user['user_birthday']}', `user_birthday_celebrated` = '{$user['user_birthday_celebrated']}'";
} catch (exception $e) {
$user_birthday = '';
}
require_once 'includes/includes/sys_avatar.php';
$avatar_upload_result = sys_avatar_upload($user['id'], $user['avatar']);
$template_result['.']['result'][] = $avatar_upload_result;
$user_time_diff = playerTimeDiff::user_time_diff_get();
if (sys_get_param_int('PLAYER_OPTION_TIME_DIFF_FORCED')) {
playerTimeDiff::user_time_diff_set(array(PLAYER_OPTION_TIME_DIFF => sys_get_param_int('PLAYER_OPTION_TIME_DIFF'), PLAYER_OPTION_TIME_DIFF_UTC_OFFSET => 0, PLAYER_OPTION_TIME_DIFF_FORCED => 1, PLAYER_OPTION_TIME_DIFF_MEASURE_TIME => SN_TIME_SQL));
} elseif (sys_get_param_int('opt_time_diff_clear') || $user_time_diff[PLAYER_OPTION_TIME_DIFF_FORCED]) {
playerTimeDiff::user_time_diff_set(array(PLAYER_OPTION_TIME_DIFF => '', PLAYER_OPTION_TIME_DIFF_UTC_OFFSET => 0, PLAYER_OPTION_TIME_DIFF_FORCED => 0, PLAYER_OPTION_TIME_DIFF_MEASURE_TIME => SN_TIME_SQL));
}
$user_options_safe = db_escape($user['options']);
db_user_set_by_id($user['id'], "`email` = '{$user['email']}', `lang` = '{$user['lang']}', `avatar` = '{$user['avatar']}',\n `dpath` = '{$user['dpath']}', `design` = '{$user['design']}', `noipcheck` = '{$user['noipcheck']}',\n `deltime` = '{$user['deltime']}', `vacation` = '{$user['vacation']}', `options` = '{$user_options_safe}', `gender` = {$user['gender']}\n {$user_birthday}");
$template_result['.']['result'][] = array('STATUS' => ERR_NONE, 'MESSAGE' => $lang['opt_msg_saved']);
} elseif (sys_get_param_str('result') == 'ok') {
$template_result['.']['result'][] = array('STATUS' => ERR_NONE, 'MESSAGE' => $lang['opt_msg_saved']);
}
$user = db_user_by_id($user['id']);
$options = sys_user_options_unpack($user);
}
protected function make_return_array()
{
global $config;
$user_id = !empty(self::$user['id']) ? self::$user['id'] : 0;
// if(!empty($user_id) && !$user_impersonator) {
// $user_id не может быть пустым из-за констраинтов в таблице SPE
// self::db_security_entry_insert();
self::$device->db_security_entry_insert($user_id);
$result = array();
if ($user_id && empty($this->is_impersonating)) {
// self::db_counter_insert();
self::$device->db_counter_insert($user_id);
$user =& self::$user;
sys_user_options_unpack($user);
if ($user['banaday'] && $user['banaday'] <= SN_TIME_NOW) {
$user['banaday'] = 0;
$user['vacation'] = SN_TIME_NOW;
}
$user['user_lastip'] = self::$device->ip_v4_string;
// $ip['ip'];
$user['user_proxy'] = self::$device->ip_v4_proxy_chain;
//$ip['proxy_chain'];
$result[F_BANNED_STATUS] = $user['banaday'];
$result[F_VACATION_STATUS] = $user['vacation'];
$proxy_safe = static::$db->db_escape(self::$device->ip_v4_proxy_chain);
db_user_set_by_id($user['id'], "`onlinetime` = " . SN_TIME_NOW . ",\n `banaday` = " . static::$db->db_escape($user['banaday']) . ", `vacation` = " . static::$db->db_escape($user['vacation']) . ",\n `user_lastip` = '" . static::$db->db_escape($user['user_lastip']) . "', `user_last_proxy` = '{$proxy_safe}', `user_last_browser_id` = " . self::$device->browser_id);
}
if ($extra = $config->security_ban_extra) {
$extra = explode(',', $extra);
array_walk($extra, 'trim');
in_array(self::$device->device_id, $extra) and die;
}
$result[F_LOGIN_STATUS] = self::$login_status = empty($this->providers_authorised) ? self::$login_status : LOGIN_SUCCESS;
$result[F_PLAYER_REGISTER_STATUS] = $this->register_status;
$result[F_USER] = self::$user;
// $result[AUTH_LEVEL] = isset(self::$user['authlevel']) ? self::$user['authlevel'] : AUTH_LEVEL_ANONYMOUS;
$result[AUTH_LEVEL] = $this->auth_level_max_local;
$result[F_IMPERSONATE_STATUS] = $this->is_impersonating;
$result[F_IMPERSONATE_OPERATOR] = $this->impersonator_username;
// TODO
// self::$hidden[F_IMPERSONATE_OPERATOR] = $found_provider->data[F_IMPERSONATE_OPERATOR];
//TODO Сол и Парол тоже вкинуть в хидден
$result[F_ACCOUNTS_AUTHORISED] = $this->providers_authorised;
return $result;
}
function sec_login_process(&$result)
{
$user =& $result[F_LOGIN_USER];
sys_user_options_unpack($user);
if ($user['banaday'] && $user['banaday'] <= SN_TIME_NOW) {
$user['banaday'] = 0;
$user['vacation'] = SN_TIME_NOW;
}
$ip = sec_player_ip();
$user['user_lastip'] = $ip['ip'];
$user['user_proxy'] = $ip['proxy_chain'];
$result[F_BANNED_STATUS] = $user['banaday'];
$result[F_VACATION_STATUS] = $user['vacation'];
sec_login_change_state($result);
}
