Exemple #1
0
function sn_options_model()
{
    global $user, $user_option_list, $lang, $template_result, $config;
    $FMT_DATE = preg_replace(array('/d/', '/m/', '/Y/'), array('DD', 'MM', 'YYYY'), FMT_DATE);
    if (sys_get_param_str('mode') == 'change') {
        if ($user['authlevel'] > 0) {
            $planet_protection = sys_get_param_int('adm_pl_prot') ? $user['authlevel'] : 0;
            db_planet_set_by_owner($user['id'], "`id_level` = '{$planet_protection}'");
            db_user_set_by_id($user['id'], "`admin_protection` = '{$planet_protection}'");
            $user['admin_protection'] = $planet_protection;
        }
        if (sys_get_param_int('vacation') && !$config->user_vacation_disable) {
            sn_db_transaction_start();
            if ($user['authlevel'] < 3) {
                if ($user['vacation_next'] > SN_TIME_NOW) {
                    message($lang['opt_vacation_err_timeout'], $lang['Error'], 'index.php?page=options', 5);
                    die;
                }
                $is_building = doquery("SELECT * FROM `{{fleets}}` WHERE `fleet_owner` = '{$user['id']}' LIMIT 1;", true);
                if ($is_building) {
                    message($lang['opt_vacation_err_your_fleet'], $lang['Error'], 'index.php?page=options', 5);
                    die;
                }
                $que = que_get($user['id'], false);
                if (!empty($que)) {
                    message($lang['opt_vacation_err_que'], $lang['Error'], 'index.php?page=options', 5);
                    die;
                }
                $query = classSupernova::db_get_record_list(LOC_PLANET, "`id_owner` = {$user['id']}");
                foreach ($query as $planet) {
                    // $planet = sys_o_get_updated($user, $planet, SN_TIME_NOW);
                    // $planet = $planet['planet'];
                    db_planet_set_by_id($planet['id'], "last_update = " . SN_TIME_NOW . ", energy_used = '0', energy_max = '0',\n            metal_perhour = '{$config->metal_basic_income}', crystal_perhour = '{$config->crystal_basic_income}', deuterium_perhour = '{$config->deuterium_basic_income}',\n            metal_mine_porcent = '0', crystal_mine_porcent = '0', deuterium_sintetizer_porcent = '0', solar_plant_porcent = '0',\n            fusion_plant_porcent = '0', solar_satelit_porcent = '0', ship_sattelite_sloth_porcent = 0");
                }
                $user['vacation'] = SN_TIME_NOW + $config->player_vacation_time;
            } else {
                $user['vacation'] = SN_TIME_NOW;
            }
            sn_db_transaction_commit();
        }
        foreach ($user_option_list as $option_group_id => $option_group) {
            foreach ($option_group as $option_name => $option_value) {
                if ($user[$option_name] !== null) {
                    $user[$option_name] = sys_get_param_str($option_name);
                } else {
                    $user[$option_name] = $option_value;
                }
            }
        }
        $options = sys_user_options_pack($user);
        $player_options = sys_get_param('options');
        if (!empty($player_options)) {
            array_walk($player_options, function (&$value) {
                // TODO - Когда будет больше параметров - сделать больше проверок
                $value = intval($value);
            });
            player_save_option_array($user, $player_options);
            if ($player_options[PLAYER_OPTION_MENU_HIDE_SHOW_BUTTON] == PLAYER_OPTION_MENU_HIDE_SHOW_BUTTON_HIDDEN) {
                sn_setcookie(SN_COOKIE . '_menu_hidden', '0', time() - PERIOD_WEEK, SN_ROOT_RELATIVE);
            }
        }
        $username = substr(sys_get_param_str_unsafe('username'), 0, 32);
        $username_safe = db_escape($username);
        if ($username && $user['username'] != $username && $config->game_user_changename != SERVER_PLAYER_NAME_CHANGE_NONE && sys_get_param_int('username_confirm')) {
            // проверка на корректность
            sn_db_transaction_start();
            $name_check = doquery("SELECT * FROM {{player_name_history}} WHERE `player_name` LIKE \"{$username_safe}\" LIMIT 1 FOR UPDATE;", true);
            if (!$name_check || $name_check['player_id'] == $user['id']) {
                $user = db_user_by_id($user['id'], true);
                switch ($config->game_user_changename) {
                    case SERVER_PLAYER_NAME_CHANGE_PAY:
                        if (mrc_get_level($user, $planetrow, RES_DARK_MATTER) < $config->game_user_changename_cost) {
                            $template_result['.']['result'][] = array('STATUS' => ERR_ERROR, 'MESSAGE' => $lang['opt_msg_name_change_err_no_dm']);
                            break;
                        }
                        rpg_points_change($user['id'], RPG_NAME_CHANGE, -$config->game_user_changename_cost, sprintf('Пользователь ID %d сменил имя с "%s" на "%s"', $user['id'], $user['username'], $username));
                    case SERVER_PLAYER_NAME_CHANGE_FREE:
                        db_user_set_by_id($user['id'], "`username` = '{$username_safe}'");
                        doquery("REPLACE INTO {{player_name_history}} SET `player_id` = {$user['id']}, `player_name` = \"{$username_safe}\"");
                        // TODO: Change cookie to not force user relogin
                        sn_setcookie(SN_COOKIE, '', time() - PERIOD_WEEK, SN_ROOT_RELATIVE);
                        $template_result['.']['result'][] = array('STATUS' => ERR_NONE, 'MESSAGE' => $lang['opt_msg_name_changed']);
                        $user['username'] = $username;
                        break;
                }
            } else {
                $template_result['.']['result'][] = array('STATUS' => ERR_ERROR, 'MESSAGE' => $lang['opt_msg_name_change_err_used_name']);
            }
            sn_db_transaction_commit();
        }
        $new_password = sys_get_param('newpass1');
        if ($new_password) {
            try {
                if ($new_password != sys_get_param('newpass2')) {
                    throw new Exception($lang['opt_err_pass_unmatched'], ERR_WARNING);
                }
                //if(sec_password_encode(sys_get_param('db_password'), $user['salt']) != $user['password']) {
                if (!sec_password_change($user, $new_password, sys_get_param('db_password'), 1)) {
                    // OK
                    throw new Exception($lang['opt_err_pass_wrong'], ERR_WARNING);
                }
                //sec_set_cookie_by_user($user, 1);
                // Не нужно - мы просто перечитаем запись
                //$aUser = db_user_by_id($user['id']);
                //$user['password'] = $aUser['password'];
                //$user['salt'] = $aUser['salt'];
                //        if(!sec_password_check($user, sys_get_param('db_password'))) {
                //          throw new Exception($lang['opt_err_pass_wrong'], ERR_WARNING);
                //        }
                //
                //        $user['salt'] = sec_password_salt_generate();
                //        $user['password'] = sec_password_encode($new_password, $user['salt']);
                // Changed cookie to not force user relogin
                // sn_setcookie(SN_COOKIE, '', time() - PERIOD_WEEK, SN_ROOT_RELATIVE);
                // sn_cookie_set_user($user, 1);
                // sec_set_cookie_by_fields($user['id'], $user['username'], $user['password'], 1);
                throw new Exception($lang['opt_msg_pass_changed'], ERR_NONE);
            } catch (Exception $e) {
                $template_result['.']['result'][] = array('STATUS' => in_array($e->getCode(), array(ERR_NONE, ERR_WARNING, ERR_ERROR)) ? $e->getCode() : ERR_ERROR, 'MESSAGE' => $e->getMessage());
            }
        }
        $user['email'] = sys_get_param_str('db_email');
        if (!$user['email_2']) {
            $user['email_2'] = sys_get_param_str('db_email2');
        }
        $user['dpath'] = sys_get_param_str('dpath');
        $user['lang'] = sys_get_param_str('langer', $user['lang']);
        if ($lang->lng_switch($user['lang'])) {
            lng_include('options');
            lng_include('messages');
        }
        $user['design'] = sys_get_param_int('design');
        $user['noipcheck'] = sys_get_param_int('noipcheck');
        $user['spio_anz'] = sys_get_param_int('spio_anz');
        $user['settings_tooltiptime'] = sys_get_param_int('settings_tooltiptime');
        $user['settings_fleetactions'] = sys_get_param_int('settings_fleetactions', 1);
        $user['settings_esp'] = sys_get_param_int('settings_esp');
        $user['settings_wri'] = sys_get_param_int('settings_wri');
        $user['settings_bud'] = sys_get_param_int('settings_bud');
        $user['settings_mis'] = sys_get_param_int('settings_mis');
        $user['settings_statistics'] = sys_get_param_int('settings_statistics');
        $user['settings_info'] = sys_get_param_int('settings_info');
        $user['settings_rep'] = sys_get_param_int('settings_rep');
        $user['planet_sort'] = sys_get_param_int('settings_sort');
        $user['planet_sort_order'] = sys_get_param_int('settings_order');
        $user['deltime'] = !sys_get_param_int('deltime') ? 0 : ($user['deltime'] ? $user['deltime'] : SN_TIME_NOW + $config->player_delete_time);
        $gender = sys_get_param_int('gender', $user['gender']);
        !isset($lang['sys_gender_list'][$gender]) ? $gender = $user['gender'] : false;
        $user['gender'] = $user['gender'] == GENDER_UNKNOWN ? $gender : $user['gender'];
        try {
            if ($user['birthday']) {
                throw new exception();
            }
            $user_birthday = sys_get_param_str_unsafe('user_birthday');
            if (!$user_birthday || $user_birthday == $FMT_DATE) {
                throw new exception();
            }
            // Some black magic to parse any valid date format - those that contains all three "d", "m" and "Y" and any of the delimeters "\", "/", ".", "-"
            $pos['d'] = strpos(FMT_DATE, 'd');
            $pos['m'] = strpos(FMT_DATE, 'm');
            $pos['Y'] = strpos(FMT_DATE, 'Y');
            asort($pos);
            $i = 0;
            foreach ($pos as &$position) {
                $position = ++$i;
            }
            $regexp = "/" . preg_replace(array('/\\\\/', '/\\//', '/\\./', '/\\-/', '/d/', '/m/', '/Y/'), array('\\\\\\', '\\/', '\\.', '\\-', '(\\d?\\d)', '(\\d?\\d)', '(\\d{4})'), FMT_DATE) . "/";
            if (!preg_match($regexp, $user_birthday, $match)) {
                throw new exception();
            }
            if (!checkdate($match[$pos['m']], $match[$pos['d']], $match[$pos['Y']])) {
                throw new exception();
            }
            $user['user_birthday'] = db_escape("{$match[$pos['Y']]}-{$match[$pos['m']]}-{$match[$pos['d']]}");
            // EOF black magic! Now we have valid SQL date in $user['user_birthday'] - independent of date format
            $year = date('Y', SN_TIME_NOW);
            if (mktime(0, 0, 0, $match[$pos['m']], $match[$pos['d']], $year) > SN_TIME_NOW) {
                $year--;
            }
            $user['user_birthday_celebrated'] = db_escape("{$year}-{$match[$pos['m']]}-{$match[$pos['d']]}");
            $user_birthday = ", `user_birthday` = '{$user['user_birthday']}', `user_birthday_celebrated` = '{$user['user_birthday_celebrated']}'";
        } catch (exception $e) {
            $user_birthday = '';
        }
        require_once 'includes/includes/sys_avatar.php';
        $avatar_upload_result = sys_avatar_upload($user['id'], $user['avatar']);
        $template_result['.']['result'][] = $avatar_upload_result;
        $user_time_diff = user_time_diff_get();
        if (sys_get_param_int('user_time_diff_forced')) {
            user_time_diff_set(array(PLAYER_OPTION_TIME_DIFF => sys_get_param_int('user_time_diff'), PLAYER_OPTION_TIME_DIFF_UTC_OFFSET => 0, PLAYER_OPTION_TIME_DIFF_FORCED => 1, PLAYER_OPTION_TIME_DIFF_MEASURE_TIME => SN_TIME_SQL));
        } elseif (sys_get_param_int('opt_time_diff_clear') || $user_time_diff[PLAYER_OPTION_TIME_DIFF_FORCED]) {
            user_time_diff_set(array(PLAYER_OPTION_TIME_DIFF => '', PLAYER_OPTION_TIME_DIFF_UTC_OFFSET => 0, PLAYER_OPTION_TIME_DIFF_FORCED => 0, PLAYER_OPTION_TIME_DIFF_MEASURE_TIME => SN_TIME_SQL));
        }
        $user_options_safe = db_escape($user['options']);
        //      `username` = '{$username_safe}',
        // `password` = '{$user['password']}', `salt` = '{$user['salt']}',
        db_user_set_by_id($user['id'], "`email` = '{$user['email']}', `email_2` = '{$user['email_2']}', `lang` = '{$user['lang']}', `avatar` = '{$user['avatar']}',\n      `dpath` = '{$user['dpath']}', `design` = '{$user['design']}', `noipcheck` = '{$user['noipcheck']}',\n      `planet_sort` = '{$user['planet_sort']}', `planet_sort_order` = '{$user['planet_sort_order']}', `spio_anz` = '{$user['spio_anz']}',\n      `settings_tooltiptime` = '{$user['settings_tooltiptime']}', `settings_fleetactions` = '{$user['settings_fleetactions']}', `settings_esp` = '{$user['settings_esp']}',\n      `settings_wri` = '{$user['settings_wri']}', `settings_bud` = '{$user['settings_bud']}', `settings_statistics` = '{$user['settings_statistics']}',\n      `settings_info` = '{$user['settings_info']}', `settings_mis` = '{$user['settings_mis']}', `settings_rep` = '{$user['settings_rep']}',\n      `deltime` = '{$user['deltime']}', `vacation` = '{$user['vacation']}', `options` = '{$user_options_safe}', `gender` = {$user['gender']}\n      {$user_birthday}");
        $template_result['.']['result'][] = array('STATUS' => ERR_NONE, 'MESSAGE' => $lang['opt_msg_saved']);
    } elseif (sys_get_param_str('result') == 'ok') {
        $template_result['.']['result'][] = array('STATUS' => ERR_NONE, 'MESSAGE' => $lang['opt_msg_saved']);
    }
    $user = db_user_by_id($user['id']);
    $options = sys_user_options_unpack(&$user);
}
function player_save_option(&$user, $option_id, $option_value)
{
    player_save_option_array($user, array($option_id => $option_value));
}