function show() { if (empty($_POST)) { HTTP::redirectTo('index.php'); } $username = HTTP::_GP('username', '', UTF8_SUPPORT); $password = HTTP::_GP('password', '', true); $loginData = $GLOBALS['DATABASE']->getFirstRow("SELECT id, password, intro, username, user_deleted FROM " . USERS . " WHERE universe = " . $GLOBALS['UNI'] . " AND username = '******'DATABASE']->escape($username) . "';"); if (isset($loginData)) { $hashedPassword = PlayerUtil::cryptPassword($password); if ($loginData['password'] != $hashedPassword) { // Fallback pre 1.7 if ($loginData['password'] == md5($password)) { $GLOBALS['DATABASE']->query("UPDATE " . USERS . " SET password = '******' WHERE id = " . $loginData['id'] . ";"); } else { HTTP::redirectTo('index.php?code=1'); } } $ip = ""; if (!empty($_SERVER["HTTP_CLIENT_IP"])) { //check for ip from share internet $ip = $_SERVER["HTTP_CLIENT_IP"]; } elseif (!empty($_SERVER["HTTP_X_FORWARDED_FOR"])) { // Check for the Proxy User $ip = $_SERVER["HTTP_X_FORWARDED_FOR"]; } else { $ip = $_SERVER["REMOTE_ADDR"]; } $ua = $this->getBrowser(); $os = $this->GetOS(); //$ipCheck = $GLOBALS['DATABASE']->query("SELECT COUNT(logID) as id FROM uni1_iplog WHERE userID = ".$loginData['id']." AND ipaddress = '".$ip."';"); //$ipCheck = $GLOBALS['DATABASE']->fetch_array($ipCheck); //if($ipCheck['id'] == 0){ $GLOBALS['DATABASE']->query("INSERT INTO uni1_iplog VALUES ('" . $GLOBALS['DATABASE']->GetInsertID() . "','" . TIMESTAMP . "','" . $ip . "','" . $ua['name'] . "', '" . $os . "', " . $loginData['id'] . ");"); //} $ipCheck = $GLOBALS['DATABASE']->query("SELECT DISTINCT userID FROM uni1_iplog WHERE userID != " . $loginData['id'] . " AND ipaddress = '" . $ip . "';"); Session::create($loginData['id']); if ($loginData['intro'] == 0) { HTTP::redirectTo('game.php?page=intro'); } else { HTTP::redirectTo('game.php'); } } else { Session::redirectCode(1); } }
function show() { if (empty($_POST)) { HTTP::redirectTo('index.php'); } $username = HTTP::_GP('email', '', UTF8_SUPPORT); $password = HTTP::_GP('password', '', true); $loginData = $GLOBALS['DATABASE']->getFirstRow("SELECT id, password, username FROM " . USERS . " WHERE universe = " . $GLOBALS['UNI'] . " AND email = '" . $GLOBALS['DATABASE']->escape($username) . "';"); if (isset($loginData)) { $hashedPassword = md5($password); if ($loginData['password'] != $hashedPassword) { // Fallback pre 1.7 if ($loginData['password'] == md5($password)) { $GLOBALS['DATABASE']->query("UPDATE " . USERS . " SET password = '******' WHERE id = " . $loginData['id'] . ";"); } else { HTTP::redirectTo('index.php?code=1'); } } $GLOBALS['DATABASE']->query("UPDATE " . USERS . " SET peacefull_last_update = '" . TIMESTAMP . "' WHERE id = " . $loginData['id'] . ";"); $GLOBALS['DATABASE']->query("DELETE from uni1_fleets_alarm WHERE fleet_target_owner = " . $loginData['id'] . ";"); $buddyNotif = $GLOBALS['DATABASE']->query("SELECT sender, owner FROM uni1_buddy WHERE sender = " . $loginData['id'] . " or owner = " . $loginData['id'] . ";"); while ($UserData = $GLOBALS['DATABASE']->fetch_array($buddyNotif)) { if ($UserData['sender'] == $loginData['id']) { $xxData = $UserData['owner']; $GLOBALS['DATABASE']->query("INSERT INTO uni1_buddy_notif VALUES ('" . $xxData . "', '0', " . $loginData['id'] . ",'1');"); } } $buddyNotif = $GLOBALS['DATABASE']->query("SELECT sender, owner FROM uni1_buddy WHERE sender = " . $loginData['id'] . " or owner = " . $loginData['id'] . ";"); while ($UserData = $GLOBALS['DATABASE']->fetch_array($buddyNotif)) { if ($UserData['owner'] == $loginData['id']) { $xxData = $UserData['sender']; $GLOBALS['DATABASE']->query("INSERT INTO uni1_buddy_notif VALUES ('" . $xxData . "', '0', " . $loginData['id'] . ",'1');"); } } $ipCheck = $GLOBALS['DATABASE']->query("SELECT COUNT(checkID) as id FROM uni1_ipcheck WHERE id = " . $loginData['id'] . " AND ip = '" . $this->getUserIP() . "';"); $ipCheck = $GLOBALS['DATABASE']->fetch_array($ipCheck); if ($ipCheck['id'] == 0) { $GLOBALS['DATABASE']->query("INSERT INTO uni1_ipcheck VALUES ('" . $GLOBALS['DATABASE']->GetInsertID() . "','" . $loginData['id'] . "','" . $loginData['username'] . "','" . $this->getUserIP() . "', " . TIMESTAMP . ", '1');"); } $ipCheck = $GLOBALS['DATABASE']->query("SELECT COUNT(checkID) as id FROM uni1_ipcheck WHERE id != " . $loginData['id'] . " AND ip = '" . $this->getUserIP() . "';"); $ipCheck = $GLOBALS['DATABASE']->fetch_array($ipCheck); if ($ipCheck['id'] > 0 && $loginData['id'] != 1) { $GLOBALS['DATABASE']->query("UPDATE " . USERS . " SET multi_spotted = '1' WHERE id = " . $loginData['id'] . ";"); } $local_search = $GLOBALS['DATABASE']->query("SELECT * FROM `uni1_timebonus_log` where `userID` = " . $loginData['id'] . ";"); if (Config::get('timeRewardFrom') < TIMESTAMP && Config::get('timeRewardTo') > TIMESTAMP && $GLOBALS['DATABASE']->numRows($local_search) == 0) { $GLOBALS['DATABASE']->query("UPDATE " . USERS . " SET antimatter = antimatter + '" . Config::get('timeReward') . "' WHERE id = " . $loginData['id'] . ";"); $GLOBALS['DATABASE']->query("INSERT INTO uni1_timebonus_log VALUES ('" . $GLOBALS['DATABASE']->GetInsertID() . "','" . $loginData['id'] . "', " . TIMESTAMP . ");"); } Session::create($loginData['id']); HTTP::redirectTo('game.php?page=overview'); } else { Session::redirectCode(1); } }