function channel_msg_ship($fp, $rdata) { global $channel; if (preg_match('/^:(.*)!(.*)@(.*)\\sPRIVMSG\\s' . $channel . '\\s:!ship\\s(.*)\\s$/i', $rdata, $msg)) { echo_r($msg); $db = new SmrMySqlDatabase(); $db->query('SELECT * FROM ship_type WHERE ship_name LIKE ' . $db->escape_string('%' . $msg[4] . '%')); if ($db->nextRecord()) { $ship_name = $db->getField('ship_name'); $hardpoint = $db->getField('hardpoint'); $speed = $db->getField('speed'); $cost = $db->getField('cost'); $name_length = strlen($ship_name); $hp_length = strlen('Hardpoints'); $speed_length = strlen('Speed'); $cost_length = max(strlen('Costs'), strlen($cost)); fputs($fp, 'NOTICE ' . $msg[1] . ' :' . str_pad('Name', $name_length) . ' | ' . str_pad('Hardpoints', $hp_length) . ' | ' . str_pad('Speed', $speed_length) . ' | ' . str_pad('Costs', $cost_length) . EOL); fputs($fp, 'NOTICE ' . $msg[1] . ' :' . str_pad($ship_name, $name_length) . ' | ' . str_pad($hardpoint, $hp_length) . ' | ' . str_pad($speed, $speed_length) . ' | ' . str_pad($cost, $cost_length) . EOL); } else { fputs($fp, 'NOTICE ' . $msg[1] . ' :There is no ship called ' . $msg[4] . '!' . EOL); } return true; } return false; }
function notice_nickserv_registered_user($fp, $rdata) { // :NickServ!services@coldfront.net NOTICE Caretaker if (preg_match('/^:NickServ!services@coldfront.net NOTICE ' . IRC_BOT_NICK . ' :([^ ]+) is ([^.]+)\\s$/i', $rdata, $msg)) { $nick = $msg[1]; $registeredNick = $msg[2]; echo_r('[NOTICE_NICKSERV_REGISTERED_NICK] ' . $nick . ' is ' . $registeredNick); $db = new SmrMySqlDatabase(); $db2 = new SmrMySqlDatabase(); $db->query('SELECT * FROM irc_seen WHERE nick = ' . $db->escapeString($nick)); while ($db->nextRecord()) { $seen_id = $db->getField('seen_id'); $db2->query('UPDATE irc_seen SET registered_nick = ' . $db->escapeString($registeredNick) . ' WHERE seen_id = ' . $seen_id); } global $actions; foreach ($actions as $key => $action) { // is that a callback for our nick? if ($action[0] == 'NICKSERV_INFO' && $nick == $action[2]) { echo_r('Callback found: ' . $action[3]); unset($actions[$key]); eval($action[3]); } } return true; } return false; }
function channel_msg_rank($fp, $rdata) { global $channel, $nick; // did he gave us no parameter? if (preg_match('/^:(.*)!(.*)@(.*)\\sPRIVMSG\\s' . $channel . '\\s:!rank\\s$/i', $rdata, $msg) || preg_match('/^:(.*)!(.*)@(.*)\\sPRIVMSG\\s' . $nick . '\\s:rank\\s$/i', $rdata, $msg)) { echo_r($msg); fputs($fp, 'NOTICE ' . $msg[1] . ' :SYNTAX !rank <nick>' . EOL); return true; } // in channel we only accept !rank // in private msg we accept both if (preg_match('/^:(.*)!(.*)@(.*)\\sPRIVMSG\\s' . $channel . '\\s:!rank\\s(.*)\\s$/i', $rdata, $msg) || preg_match('/^:(.*)!(.*)@(.*)\\sPRIVMSG\\s' . $nick . '\\s:?rank\\s(.*)\\s$/i', $rdata, $msg)) { echo_r($msg); $db = new SmrMySqlDatabase(); $db2 = new SmrMySqlDatabase(); $db->query('SELECT * FROM player WHERE player_name = ' . $db->escape_string($msg[4], true)); if ($db->getNumRows()) { while ($db->nextRecord()) { $player_name = stripslashes($db->getField('player_name')); $experience = $db->getField('experience'); $game_id = $db->getField('game_id'); $db2->query('SELECT COUNT(*) as our_rank FROM player ' . 'WHERE game_id = ' . $game_id . ' AND ' . '(experience > ' . $experience . ' OR ' . '(experience = ' . $experience . ' AND ' . 'player_name <= ' . $db->escape_string($player_name, true) . ' ))'); if ($db2->nextRecord()) { $our_rank = $db2->getField('our_rank'); } // how many players are there? $db2->query('SELECT COUNT(*) as total_player FROM player WHERE game_id = ' . $game_id); if ($db2->nextRecord()) { $total_player = $db2->getField('total_player'); } $db2->query('SELECT game_name FROM game WHERE game_id = ' . $game_id); if ($db2->nextRecord()) { $game_name = $db2->getField('game_name'); } fputs($fp, 'NOTICE ' . $msg[1] . ' :' . $msg[1] . ' you are ranked ' . $our_rank . ' out of ' . $total_player . ' in ' . $game_name . '!' . EOL); } } else { fputs($fp, 'NOTICE ' . $msg[1] . ' :No Trader found that matches your query!' . EOL); } return true; } return false; }
function channel_msg_level($fp, $rdata) { global $channel, $nick; // in channel we only accept !rank // in private msg we accept both if (preg_match('/^:(.*)!(.*)@(.*)\\sPRIVMSG\\s' . $channel . '\\s:!level\\s(.*)\\s$/i', $rdata, $msg) || preg_match('/^:(.*)!(.*)@(.*)\\sPRIVMSG\\s' . $nick . '\\s:?level\\s(.*)\\s$/i', $rdata, $msg)) { echo_r($msg); $db = new SmrMySqlDatabase(); $db->query('SELECT * FROM level WHERE level_id = ' . $msg[4]); if ($db->nextRecord()) { $level_name = $db->getField('level_name'); $experience = $db->getField('requirement'); fputs($fp, 'NOTICE ' . $msg[1] . ' :For a ' . $level_name . ' you need to have ' . $experience . ' experience points!' . EOL); } else { fputs($fp, 'NOTICE ' . $msg[1] . ' :This Level doesn\'t exist!!' . EOL); } return true; } return false; }
/** * Someone changed his nick */ function user_nick($fp, $rdata) { if (preg_match('/^:(.*)!(.*)@(.*)\\sNICK\\s:(.*)\\s$/i', $rdata, $msg)) { $nick = $msg[1]; $user = $msg[2]; $host = $msg[3]; $new_nick = $msg[4]; echo_r('[NICK] ' . $nick . ' -> ' . $new_nick); // database object $db = new SmrMySqlDatabase(); $db2 = new SmrMySqlDatabase(); $channel_list = array(); // 'sign off' all active old_nicks (multiple channels) $db->query('SELECT * FROM irc_seen WHERE nick = ' . $db->escapeString($nick) . ' AND signed_off = 0'); while ($db->nextRecord()) { $seen_id = $db->getInt('seen_id'); // remember channels where this nick was active array_push($channel_list, $db->getField('channel')); $db2->query('UPDATE irc_seen SET signed_off = ' . time() . ' WHERE seen_id = ' . $seen_id); } // now sign in the new_nick in every channel foreach ($channel_list as $channel) { // 'sign in' the new nick $db->query('SELECT * FROM irc_seen WHERE nick = ' . $db->escapeString($new_nick) . ' AND channel = ' . $db->escapeString($channel)); if ($db->nextRecord()) { // exiting nick? $seen_id = $db->getField('seen_id'); $db->query('UPDATE irc_seen SET ' . 'signed_on = ' . time() . ', ' . 'signed_off = 0, ' . 'user = '******', ' . 'host = ' . $db->escapeString($host) . ', ' . 'registered = NULL ' . 'WHERE seen_id = ' . $seen_id); } else { // new nick? $db->query('INSERT INTO irc_seen (nick, user, host, channel, signed_on) VALUES(' . $db->escapeString($new_nick) . ', ' . $db->escapeString($user) . ', ' . $db->escapeString($host) . ', ' . $db->escapeString($channel) . ', ' . time() . ')'); } } unset($channel_list); return true; } return false; }
function check_sms_response($fp) { // get one dlr per time so we do not spam anyone $db = new SmrMySqlDatabase(); $db->query('SELECT * FROM account_sms_response LEFT JOIN account_sms_log USING (message_id) WHERE announce = 0'); if ($db->nextRecord()) { $response_id = $db->getField('response_id'); $message_id = $db->getField('message_id'); $message = $db->getField('message'); $orig_sender_id = $db->getField('account_id'); echo_r('Found new SMS response... ' . $message_id); $orig_sender =& SmrAccount::getAccount($orig_sender_id, true); fputs($fp, 'NOTICE ' . $orig_sender->getIrcNick() . ' :You have received a response to your text: ' . EOL); fputs($fp, 'NOTICE ' . $orig_sender->getIrcNick() . ' :' . $message . EOL); // update announce status $db->query('UPDATE account_sms_response SET announce = 1 WHERE response_id = ' . $response_id); } }
function channel_msg_seed($fp, $rdata, $account, $player) { if (preg_match('/^:(.*)!(.*)@(.*)\\sPRIVMSG\\s(.*)\\s:!seed\\s$/i', $rdata, $msg)) { $nick = $msg[1]; $user = $msg[2]; $host = $msg[3]; $channel = $msg[4]; echo_r('[SEED] by ' . $nick . ' in ' . $channel); // get the seedlist from db $db = new SmrMySqlDatabase(); $db->query('SELECT sector_id FROM alliance_has_seedlist WHERE alliance_id = ' . $player->getAllianceID() . ' AND game_id = ' . $player->getGameID() . ' AND sector_id NOT IN ( SELECT sector_id FROM sector_has_forces WHERE game_id = ' . $player->getGameID() . ' AND owner_id = ' . $account->getAccountID() . ' )'); $missing_seeds = array(); while ($db->nextRecord()) { array_push($missing_seeds, $db->getField('sector_id')); } if (count($missing_seeds) == 0) { fputs($fp, 'PRIVMSG ' . $channel . ' :' . $nick . ', you seeded all sectors.' . EOL); } else { $seed_list = ''; foreach ($missing_seeds as $sector) { $seed_list .= $sector . ', '; } fputs($fp, 'PRIVMSG ' . $channel . ' :' . $nick . ', you are missing the following seeds:' . EOL); fputs($fp, 'PRIVMSG ' . $channel . ' :' . substr_replace($seed_list, ' [' . count($missing_seeds) . ' missing seed(s)]', -2, 1) . EOL); } return true; } return false; }
function channel_part($fp, $rdata) { // :Azool!Azool@coldfront-F706F7E1.co.hfc.comcastbusiness.net PART #smr-irc : // :SomeGuy!mrspock@coldfront-DD847655.dip.t-dialin.net PART #smr-irc if (preg_match('/^:(.*)!(.*)@(.*)\\sPART\\s(.*?)\\s/i', $rdata, $msg)) { $nick = $msg[1]; $user = $msg[2]; $host = $msg[3]; $channel = $msg[4]; echo_r('[PART] ' . $nick . '!' . $user . '@' . $host . ' ' . $channel); // database object $db = new SmrMySqlDatabase(); $db->query('SELECT * FROM irc_seen WHERE nick = ' . $db->escapeString($nick) . ' AND channel = ' . $db->escapeString($channel)); // exiting nick? if ($db->nextRecord()) { $seen_id = $db->getField('seen_id'); $db->query('UPDATE irc_seen SET signed_off = ' . time() . ' WHERE seen_id = ' . $seen_id); } else { // we don't know this one, but who cares? he just left anyway... } return true; } return false; }
$file .= addbyte($level); } $db3->query('SELECT * FROM warp WHERE game_id = ' . $game_id . ' AND (sector_id_1 = ' . $sector_id . ' OR sector_id_2 = ' . $sector_id . ') LIMIT 1'); if ($db3->nextRecord()) { $CurrByte = 128; } else { $CurrByte = 0; } // locations $db2->query('SELECT * FROM location NATURAL JOIN location_type WHERE game_id = ' . $game_id . ' AND sector_id = ' . $sector_id . ' LIMIT 1'); $CurrByte += $db2->getNumRows(); $file .= addbyte($CurrByte); // warp $db3->query('SELECT * FROM warp WHERE game_id = ' . $game_id . ' AND (sector_id_1 = ' . $sector_id . ' OR sector_id_2 = ' . $sector_id . ') LIMIT 1'); if ($db3->nextRecord()) { $warp_id = $db3->getField('sector_id_1') == $sector_id ? $db3->getField('sector_id_2') : $db3->getField('sector_id_1'); $file .= add2bytes($warp_id); } while ($db2->nextRecord()) { $file .= add2bytes($db2->getField('mgu_id')); } } $size = strlen($file); header('Pragma: public'); header('Expires: 0'); header('Cache-Control: must-revalidate, post-check=0, pre-check=0'); header('Cache-Control: private', false); header('Content-Type: application/force-download'); header('Content-Disposition: attachment; filename="$game_name.cmf"'); header('Content-Transfer-Encoding: binary'); header('Content-Length: ' . $size);
$continue = '0'; continue; } if ($continue == 'next') { if (isset($match_sec) && $match_sec != '') { $isset = 'yes'; } else { $match_sec = $login_name; $isset = 'no'; } $db3->query('SELECT * FROM account_is_closed WHERE suspicion = ' . $db->escapeString($match_sec)); $db2->query('SELECT * FROM account WHERE login = '******'account_id')); $id = $curr_acc->getAccountID(); $match_sec = $curr_acc->getLogin(); if (!in_array($match_sec, $names)) { $continue = 'next'; $PHP_OUTPUT .= $login_name . ' is disabled matching ' . $match_sec . '<br />'; } elseif (in_array($match_sec, $next_arr)) { $stop = 'yes'; continue; } else { $next_arr[] = $match_sec; } } } elseif ($isset == 'yes' && !$db2->nextRecord()) { $PHP_OUTPUT .= 'Data Error 2: ' . $match_sec . ' does not exist!<br />'; $continue = '0';
<?php $action = $_REQUEST['action']; if ($action == 'Skip >>') { $container = create_container('skeleton.php', 'universe_create_ships.php'); $container['game_id'] = $var['game_id']; forward($container); } $planet = $_REQUEST['planet']; if (!isset($planet)) { create_error('Couldn\'t determine how many planets to add!'); } $db2 = new SmrMySqlDatabase(); $db2->query('SELECT * FROM game WHERE game_id = ' . $db->escapeNumber($var['game_id'])); $db2->nextRecord(); $date = $db2->getField('start_date'); list($year, $month, $day) = explode('-', $date); // adjust the time so it is game start time $time = mktime(0, 0, 0, $month, $day, $year); reset($planet); foreach ($planet as $galaxy_id => $amount) { $count = 0; // get a sector with none port $db->query('SELECT * FROM sector WHERE game_id = ' . $db->escapeNumber($var['game_id']) . ' AND galaxy_id = ' . $db->escapeNumber($galaxy_id) . ' ORDER BY rand()'); while ($count < $amount && $db->nextRecord()) { $sector_id = $db->getInt('sector_id'); // does this sector have a fed beacon?? $db2->query('SELECT * FROM location
function private_msg_weapon($fp, $rdata) { global $channel; $type = 0; if (preg_match('/^:(.*)!(.*)@(.*)\\sPRIVMSG\\s' . $channel . '\\s:!weapon\\sname\\s(.*)\\s$/i', $rdata, $msg_1)) { $name = $msg_1[1]; sleep(2); $type = 1; } elseif (preg_match('/^:(.*)!(.*)@(.*)\\sPRIVMSG\\s' . $channel . '\\s:!weapon\\slevel\\s(.*)\\s(.*)\\s$/i', $rdata, $msg_2)) { $name = $msg_2[1]; sleep(2); $type = 2; } elseif (preg_match('/^:(.*)!(.*)@(.*)\\sPRIVMSG\\s' . $channel . '\\s:!weapon\\srange\\s(.*)\\s(.*)\\s(.*)\\s(.*)\\s$/i', $rdata, $msg_3)) { $name = $msg_3[1]; sleep(2); $type = 3; } //first lets get our orders so we can make sure our query will work $a = array(); $a[] = 'cost'; $a[] = 'weapon_name'; $a[] = 'shield_damage'; $a[] = 'armour_damage'; $a[] = 'accuracy'; $a[] = 'race_id'; $a[] = 'buyer_restriction'; $a[] = 'power_level'; $db = new SmrMySqlDatabase(); if ($type == 1) { $db->query('SELECT * FROM weapon_type JOIN race USING(race_id) WHERE weapon_name LIKE ' . $db->escape_string('%' . $msg_1[4] . '%')); } elseif ($type == 2) { if (in_array($msg_2[5], $a)) { $db->query('SELECT * FROM weapon_type JOIN race USING(race_id) WHERE power_level = ' . $msg_2[4] . ' ORDER BY ' . $msg_2[5] . ' DESC'); } else { $db->query('SELECT * FROM weapon_type JOIN race USING(race_id) WHERE power_level = ' . $msg_2[4]); } } elseif ($type == 3) { //[4] = object //[5] = lower limit //[6] = upper limit //[7] = order //first make sure we arent flooding sleep(2); if (in_array($msg_3[4], $a) && in_array($msg_3[7], $a)) { $db->query('SELECT * FROM weapon_type JOIN race USING(race_id) WHERE ' . $msg_3[4] . ' > ' . $msg_3[5] . ' AND ' . $msg_3[4] . ' < ' . $msg_3[6] . ' ORDER BY ' . $msg_3[7] . ' DESC'); } elseif (in_array($msg_3[4], $a)) { $db->query('SELECT * FROM weapon_type JOIN race USING(race_id) WHERE ' . $msg_3[4] . ' > ' . $msg_3[5] . ' AND ' . $msg_3[4] . ' < ' . $msg_3[6]); } else { $rand = mt_rand(0, 7); $object = $a[$rand]; $db->query('SELECT * FROM weapon_type JOIN race USING(race_id) WHERE ' . $object . ' > ' . $msg_3[5] . ' AND ' . $object . ' < ' . $msg_3[6]); } } if ($db->getNumRows()) { fputs($fp, 'PRIVMSG ' . $name . ' :Name | Cost | Shield Damage | Armour Damage | Accuracy | Race | Restriction' . EOL); sleep(2); while ($db->nextRecord()) { $weapon_name = $db->getField('weapon_name'); $hardpoint = $db->getField('power_level'); $shield = $db->getField('shield_damage'); $armour = $db->getField('armour_damage'); $acc = $db->getField('accuracy'); $race = $db->getField('race_name'); $restrict = $db->getField('buyer_restriction'); $cost = $db->getField('cost'); $private_message = 'PRIVMSG ' . $name . ' :' . $weapon_name . ' | ' . $cost . ' | ' . $shield . ' | ' . $armour . ' | ' . $acc . ' | ' . $race . ' | '; if ($restrict == 1) { $private_message .= 'Good'; } elseif ($restrict == 2) { $private_message .= 'Evil'; } else { $private_message .= 'None'; } $private_message .= EOL; fputs($fp, $private_message); sleep(2); } } elseif ($type == 1) { fputs($fp, 'PRIVMSG ' . $name . ' :There is no weapon called ' . $msg_1[5] . '!' . EOL); } elseif ($type == 2) { fputs($fp, 'PRIVMSG ' . $name . ' :There is no weapon with ' . $msg_2[4] . ' power level!' . EOL); } elseif ($type == 3) { fputs($fp, 'PRIVMSG ' . $name . ' :There is no weapon in the cost range of ' . $msg_3[4] . ' - ' . $msg_3[5] . '!' . EOL); } if (isset($type)) { return true; } return false; }
$only = array(); // get all available hq's $db->query('SELECT location_name FROM location JOIN location_type USING(location_type_id) WHERE location_type_id > ' . $db->escapeNumber(UNDERGROUND) . ' AND location_type_id < ' . $db->escapeNumber(FED) . ' AND game_id = ' . $db->escapeNumber($var['game_id']) . ' ORDER BY location_type_id'); while ($db->nextRecord()) { // get the name for this race // HACK! cut ' HQ' from location name! $race_name = substr($db->getField('location_name'), 0, -3); // get race id for this race $db2->query('SELECT race_id FROM race WHERE race_name = ' . $db->escapeString($race_name) . ' LIMIT 1'); if ($db2->nextRecord()) { $race_id = $db2->getField('race_id'); } else { create_error('Couldn\'t find the ' . $race_name . ' in database!'); } if (in_array($race_id, $only)) { continue; } $only[] = $race_id; // hack for the user mrspock if ($player_name == 'MrSpock' && $race_name == 'Salvene') { $selected = ' selected="selected"'; } else { $selected = ''; } $PHP_OUTPUT .= '<option value="' . $race_id . '"' . $selected . '>' . $race_name . '</option>'; }
if ($res == 1) { $align = '+'; } elseif ($res == 2) { $align = '-'; } else { $align = '0'; } $speed = $db->getField('speed'); $cost = $db->getField('cost'); $hard = $db->getField('hardpoint'); //assuem 10 for now its not implemented $mr = 10; $db3->query('SELECT * FROM hardware_type ORDER BY hardware_type_id'); $props = array(); while ($db3->nextRecord()) { $hard_id = $db3->getField('hardware_type_id'); $db2->query('SELECT * FROM ship_type_support_hardware WHERE ship_type_id = ' . $id . ' ORDER BY hardware_type_id AND hardware_type_id = ' . $hard_id); while ($db2->nextRecord()) { $props[$hard_id] = $db2->getField('max_amount'); } } $shields = $props[HARDWARE_SHIELDS]; $armour = $props[HARDWARE_ARMOUR]; $cargo = $props[HARDWARE_CARGO]; $combat = $props[HARDWARE_COMBAT]; $scouts = $props[HARDWARE_SCOUT]; $mines = $props[HARDWARE_MINE]; $scanner = $props[HARDWARE_SCANNER]; $cloak = $props[HARDWARE_CLOAK]; $illus = $props[HARDWARE_ILLUSION]; $jump = $props[HARDWARE_JUMP];
$db2->query('SELECT 1 FROM message WHERE account_id = ' . $db2->escapeNumber($player->getAccountID()) . ' AND game_id = ' . $db2->escapeNumber($player->getGameID()) . ' AND message_type_id = ' . $db2->escapeNumber($message_type_id) . ' AND msg_read = ' . $db2->escapeBoolean(false) . ' AND receiver_delete = ' . $db2->escapeBoolean(false) . ' LIMIT 1'); $messageBox['HasUnread'] = $db2->getNumRows() != 0; $messageBox['MessageCount'] = 0; // get number of msges $db2->query('SELECT count(message_id) as message_count FROM message WHERE account_id = ' . $db2->escapeNumber($player->getAccountID()) . ' AND game_id = ' . $db2->escapeNumber($player->getGameID()) . ' AND message_type_id = ' . $db2->escapeNumber($message_type_id) . ' AND receiver_delete = ' . $db2->escapeBoolean(false)); if ($db2->nextRecord()) { $messageBox['MessageCount'] = $db2->getField('message_count'); } $container = create_container('skeleton.php', 'message_view.php'); $container['folder_id'] = $message_type_id; $messageBox['ViewHref'] = SmrSession::getNewHREF($container); $container = create_container('message_delete_processing.php'); $container['folder_id'] = $message_type_id; $messageBox['DeleteHref'] = SmrSession::getNewHREF($container); $messageBoxes[] = $messageBox; } $messageBox = array(); $messageBox['MessageCount'] = 0; $db->query('SELECT count(message_id) as count FROM message WHERE sender_id = ' . $db->escapeNumber($player->getAccountID()) . ' AND game_id = ' . $db->escapeNumber($player->getGameID()) . ' AND message_type_id = ' . $db->escapeNumber(MSG_PLAYER) . '
$mb_msgs = array(); while ($db->nextRecord()) { //search every message on webboards for each word first $id = $db->getField('id'); $word = $db->getField('keyword'); $db2->query('SELECT * FROM alliance_thread WHERE sender_id != 0 AND text LIKE ' . $db2->escapeString('%' . $word . '%') . ' ORDER BY time DESC'); while ($db2->nextRecord()) { //assume we arent skipping $skip = 'no'; $bad = $db2->getField('text'); $db3->query('SELECT * FROM mb_keywords WHERE assoc = ' . $db3->escapeNumber($id) . ' AND type = \'ignore\' AND `use` = 1'); while ($db3->nextRecord()) { $word2 = $db3->getField('keyword'); $db4->query('SELECT ' . $db->escapeString($bad) . ' LIKE ' . $db4->escapeString('%' . $word2 . '%')); $db4->nextRecord(); if ($db4->getField(0)) { $skip = 'yes'; } } if ($skip == 'yes') { continue; } //get info $game_id = $db2->getField('game_id'); $alliance_id = $db2->getField('alliance_id'); $thread_id = $db2->getField('thread_id'); $reply_id = $db2->getField('reply_id'); //put in an array $array_filler = $game_id . ',' . $alliance_id . ',' . $thread_id . ',' . $reply_id; //check if its already been done if (in_array($array_filler, $mb_msgs)) {
$loginType = $socialLogin->getLoginType(); $authKey = $socialLogin->getUserID(); $db->query('SELECT account_id,old_account_id FROM account JOIN account_auth USING(account_id) WHERE login_type = ' . $db->escapeString($loginType) . ' AND auth_key = ' . $db->escapeString($authKey) . ' LIMIT 1'); if ($db->nextRecord()) { // register session SmrSession::$account_id = $db->getInt('account_id'); SmrSession::$old_account_id = $db->getInt('old_account_id'); } else { if ($socialLogin->getEmail() != null) { $db->query('SELECT account_id,old_account_id FROM account ' . 'WHERE email = ' . $db->escapeString($socialLogin->getEmail()) . ' LIMIT 1'); } if ($socialLogin->getEmail() != null && $db->nextRecord()) { //Email already has an account so let's link. $account =& SmrAccount::getAccount($db->getField('account_id')); $account->addAuthMethod($socialLogin->getLoginType(), $socialLogin->getUserID()); $account->setValidated(true); SmrSession::$account_id = $db->getField('account_id'); SmrSession::$old_account_id = $db->getField('old_account_id'); } else { session_start(); //Pass the data in a standard session as we don't want to initialise a normal one. $_SESSION['socialLogin'] =& $socialLogin; $template->assignByRef('SocialLogin', $socialLogin); $template->display('socialRegister.inc'); exit; } } } else { $login = isset($_REQUEST['login']) ? $_REQUEST['login'] : (isset($var['login']) ? $var['login'] : '');
if (!empty($_SERVER['QUERY_STRING'])) { // query string should be a nick or some letters of a nick $query = urldecode($_SERVER['QUERY_STRING']); $db->query('SELECT account_id as album_id FROM album JOIN account USING(account_id) WHERE hof_name LIKE ' . $db->escapeString($query . '%') . ' AND approved = \'YES\' ORDER BY hof_name'); if ($db->getNumRows() > 1) { $db2->query('SELECT account_id as album_id FROM album JOIN account USING(account_id) WHERE hof_name = ' . $db->escapeString($query) . ' AND approved = \'YES\' ORDER BY hof_name'); if ($db2->nextRecord()) { album_entry($db2->getField('album_id')); } else { // get all id's and build array $album_ids = array(); while ($db->nextRecord()) { $album_ids[] = $db->getField('album_id'); } // double check if we have id's if (count($album_ids) > 0) { search_result($album_ids); } else { main_page(); } } } elseif ($db->getNumRows() == 1) { if ($db->nextRecord()) {
<?php // new db object $db = new SmrMySqlDatabase(); $loginNews = array(); $db->query('SELECT * FROM game_news ORDER BY time DESC LIMIT 2'); while ($db->nextRecord()) { $loginNews[] = array('Message' => $db->getField('message'), 'AdminName' => $db->getField('admin_name'), 'Time' => date(DEFAULT_DATE_DATE_SHORT, $db->getField('time')), 'Recent' => TIME - $db->getField('time') < 24 * 3600); } if (count($loginNews) > 0) { $template->assign('LoginNews', $loginNews); } $db->query('SELECT count(*) AS active_sessions FROM active_session WHERE account_id!=0 AND last_accessed > ' . $db->escapeNumber(TIME - SmrSession::TIME_BEFORE_EXPIRY)); $db->nextRecord(); $template->assign('ActiveSessions', $db->getField('active_sessions')); $gameNews = array(); $db->query('SELECT * FROM news ORDER BY time DESC LIMIT 4'); while ($db->nextRecord()) { $overrideGameID = $db->getInt('game_id'); $gameNews[] = array('Date' => date(DEFAULT_DATE_DATE_SHORT, $db->getField('time')), 'Time' => date(DEFAULT_DATE_TIME_SHORT, $db->getField('time')), 'Message' => bbifyMessage($db->getField('news_message'))); } unset($overrideGameID); if (count($gameNews) > 0) { $template->assign('GameNews', $gameNews); } include_once 'story.php'; $template->display('login_new.inc');
include realpath(dirname(__FILE__)) . '/../htdocs/config.inc'; include LIB . 'Default/SmrMySqlDatabase.class.inc'; // mailer require LIB . 'External/phpMailer/class.phpmailer.php'; // database objects $db = new SmrMySqlDatabase(); $db2 = new SmrMySqlDatabase(); $mail = new PHPMailer(); $mail->FromName = 'SMR Team'; $mail->Mailer = 'smtp'; $mail->SMTPKeepAlive = true; //$mail->ConfirmReadingTo = '*****@*****.**'; $mail->AddReplyTo('*****@*****.**', 'SMR Support'); $db->query('SELECT newsletter_id, newsletter FROM newsletter ORDER BY newsletter_id DESC LIMIT 1'); if ($db->nextRecord()) { $mail->Subject = 'Space Merchant Realms Newsletter #' . $db->getField('newsletter_id'); $mail->Body = $db->getField('newsletter'); // attach footer $mail->Body .= EOL . EOL . 'Thank you,' . EOL . ' SMR Support Team' . EOL . EOL . 'Note: You receive this e-mail because you are registered with Space Merchant Realms. If you prefer not to get any further notices please respond and we will disable your account.'; } $mail->WordWrap = 72; // counter $i = 1; $total = 0; $db->query('SELECT account_id, login, email, first_name, last_name FROM account WHERE account_id >= ' . $i . ' AND validated = \'TRUE\' ORDER BY account_id'); while ($db->nextRecord()) { //$db->query('SELECT account_id, login, email, first_name, last_name FROM account WHERE account_id >= '.$i.' AND validated = 'TRUE' AND account_id = 2'); //if ($db->nextRecord()) { // get account data $account_id = $db->getField('account_id'); $to_email = $db->getField('email');
//db object $db2 = new SmrMySqlDatabase(); //split the name $acc = $_REQUEST['anon_account']; $game = $_REQUEST['game_id']; //get account info $db->query('SELECT * FROM anon_bank_transactions WHERE anon_id = ' . $db->escapeNumber($acc) . ' AND game_id = ' . $db->escapeNumber($game) . ' ORDER BY transaction_id'); if ($db->getNumRows() > 0) { $template->assign('PageTopic', 'Anonymous Account ' . $acc); $PHP_OUTPUT .= create_table(); $PHP_OUTPUT .= '<tr><th align=center>Player Name</th><th align=center>Type</th><th align=center>Amount</th></tr>'; while ($db->nextRecord()) { $db2->query('SELECT * FROM player WHERE account_id = ' . $db2->escapeNumber($db->getInt('account_id'))); $db2->nextRecord(); $PHP_OUTPUT .= '<tr><td align=center>'; $PHP_OUTPUT .= $db2->getField('player_name'); $PHP_OUTPUT .= '</td><td align=center>'; $PHP_OUTPUT .= $db->getField('transaction'); $PHP_OUTPUT .= '</td><td align=center>'; $PHP_OUTPUT .= $db->getField('amount'); $PHP_OUTPUT .= '</td></tr>'; } $PHP_OUTPUT .= '</table>'; } else { $PHP_OUTPUT .= 'Account ' . $acc . ' in game ' . $game . ' does NOT exist!'; } }
if ($db->getNumRows() > 0) { $PHP_OUTPUT .= create_echo_form(create_container('skeleton.php', 'password_check.php')); $PHP_OUTPUT .= create_submit('Select All'); $PHP_OUTPUT .= '</form>'; $PHP_OUTPUT .= create_echo_form(create_container('password_check_processing.php', '')); $PHP_OUTPUT .= '<table>'; $PHP_OUTPUT .= '<tr>'; $PHP_OUTPUT .= '<th>ID</th>'; $PHP_OUTPUT .= '<th>Login</th>'; $PHP_OUTPUT .= '<th>eMail</th>'; $PHP_OUTPUT .= '<th>Action</th>'; $PHP_OUTPUT .= '</tr>'; while ($db->nextRecord()) { $db2->query('SELECT * FROM account WHERE password = '******'password'))); while ($db2->nextRecord()) { $curr_account_id = $db2->getField('account_id'); $db3->query('SELECT * FROM account_is_closed WHERE account_id = ' . $db->escapeNumber($curr_account_id) . ' LIMIT 1'); $isDisabled = $db3->getNumRows() > 0; $PHP_OUTPUT .= '<tr' . ($isDisabled ? ' class="red"' : '') . '>'; $PHP_OUTPUT .= '<td>' . $db2->getField('account_id') . '</td>'; $PHP_OUTPUT .= '<td>' . $db2->getField('login') . '</td>'; $PHP_OUTPUT .= '<td' . ($db2->getBoolean('validated') ? '' : ' style="text-decoration:line-through;"') . '>' . $db2->getField('email') . ' (' . ($db2->getBoolean('validated') ? 'Valid' : 'Invalid') . ')</td>'; $PHP_OUTPUT .= '<td align="center"><input type="checkbox" name="disable_account[]" value="' . $curr_account_id . '"'; // check if this guy is maybe already disabled $db3->query('SELECT * FROM account_is_closed WHERE account_id = ' . $db->escapeNumber($curr_account_id)); if ($isDisabled) { $PHP_OUTPUT .= ' checked'; } else { if ($action == 'Select All') { $PHP_OUTPUT .= ' checked'; }
$container = array(); $container['url'] = 'skeleton.php'; $container['body'] = 'message_blacklist.php'; if (!isset($_REQUEST['PlayerName']) && !isset($var['account_id'])) { $container['error'] = 1; forward($container); exit; } if (isset($var['account_id'])) { $blacklisted_id = $var['account_id']; } else { $player_name = mysql_real_escape_string($_REQUEST['PlayerName']); $db = new SmrMySqlDatabase(); $db->query('SELECT account_id FROM player WHERE player_name=' . $db->escapeString($player_name) . ' AND game_id=' . $db->escapeNumber($player->getGameID()) . ' LIMIT 1'); if (!$db->nextRecord()) { $container['error'] = 1; forward($container); exit; } $blacklisted_id = $db->getField('account_id'); } $db->query('SELECT account_id FROM message_blacklist WHERE account_id=' . $db->escapeNumber($player->getAccountID()) . ' AND blacklisted_id=' . $db->escapeNumber($blacklisted_id) . ' AND game_id=' . $db->escapeNumber($player->getGameID()) . ' LIMIT 1'); if ($db->nextRecord()) { $container['error'] = 2; forward($container); exit; } $db->query('INSERT INTO message_blacklist (game_id,account_id,blacklisted_id) VALUES (' . $db->escapeNumber($player->getGameID()) . ',' . $db->escapeNumber($player->getAccountID()) . ',' . $db->escapeNumber($blacklisted_id) . ')'); $container['error'] = 3; forward($container);
$last_acc = 0; } $db->query('SELECT * FROM account_has_ip ORDER BY ip, account_id'); $i = 1; while ($i <= $count) { //for ($i=1;$i <= $count;$i++) $db_ent = array_shift($ip_array); list($db_ip, $db_id) = preg_split('/[\\/]/', $db_ent); $account_id = $db_id; /*if ($last_acc == $account_id && $db_ip == $last_ip) { array_unshift($ip_array, $db_ip); continue; }*/ $db2->query('SELECT login, password FROM account WHERE account_id = ' . $db->escapeNumber($account_id)); $db2->nextRecord(); $login = $db2->getField('login'); if (sizeof($ip_array) > 0) { //get next $next_ent = array_shift($ip_array); list($next_ip, $next_id) = preg_split('/[\\/]/', $next_ent); //put it back array_unshift($ip_array, $next_ent); } else { $next_ip = 0; $next_id = 0; } $db2->query('SELECT * FROM account_is_closed JOIN closing_reason USING(reason_id) WHERE reason = \'Tagged for deletion\' AND account_id = ' . $db->escapeNumber($id)); if ($db2->nextRecord()) { continue; } $host = gethostbyaddr($db_ip);
<?php $template->assign('PageTopic', 'Log Console'); $loggedAccounts = array(); $db->query('SELECT account_id as account_id, login, count(*) as number_of_entries FROM account_has_logs JOIN account USING(account_id) GROUP BY account_id'); if ($db->getNumRows()) { $db2 = new SmrMySqlDatabase(); while ($db->nextRecord()) { $accountID = $db->getInt('account_id'); $loggedAccounts[$accountID] = array('AccountID' => $accountID, 'Login' => $db->getField('login'), 'TotalEntries' => $db->getInt('number_of_entries'), 'Checked' => is_array($var['account_ids']) && in_array($accountID, $var['account_ids']), 'Notes' => ''); $db2->query('SELECT notes FROM log_has_notes WHERE account_id = ' . $db2->escapeNumber($accountID)); if ($db2->nextRecord()) { $loggedAccounts[$accountID]['Notes'] = nl2br($db2->getField('notes')); } } // put hidden fields in for log type to have all fields selected on next page. $logTypes = array(); $db->query('SELECT log_type_id FROM log_type'); while ($db->nextRecord()) { $logTypes[] = $db->getInt('log_type_id'); } $template->assignByRef('LogTypes', $logTypes); $template->assign('LogConsoleFormHREF', SmrSession::getNewHREF(create_container('skeleton.php', 'log_console_detail.php'))); $template->assign('AnonAccessHRE', SmrSession::getNewHREF(create_container('skeleton.php', 'log_anonymous_account.php'))); } $template->assignByRef('LoggedAccounts', $loggedAccounts);
$container['account_id'] = $album_id; forward($container); exit; } $db = new SmrMySqlDatabase(); if (!isset($_GET['comment']) || empty($_GET['comment'])) { create_error_offline('Please enter a comment.'); } else { $comment = $_GET['comment']; } // get current time $curr_time = TIME; $comment = word_filter($comment); $account->sendMessageToBox(BOX_ALBUM_COMMENTS, $comment); // check if we have comments for this album already $db->lockTable('album_has_comments'); $db->query('SELECT MAX(comment_id) FROM album_has_comments WHERE album_id = ' . $db->escapeNumber($album_id)); if ($db->nextRecord()) { $comment_id = $db->getField('MAX(comment_id)') + 1; } else { $comment_id = 1; } $db->query('INSERT INTO album_has_comments (album_id, comment_id, time, post_id, msg) VALUES (' . $db->escapeNumber($album_id) . ', ' . $db->escapeNumber($comment_id) . ', ' . $db->escapeNumber($curr_time) . ', ' . $db->escapeNumber($account->getAccountID()) . ', ' . $db->escapeString($comment) . ')'); $db->unlock(); header('Location: ' . URL . '/album/?' . get_album_nick($album_id)); exit; } catch (Exception $e) { handleException($e); }
} else { $db2->query('SELECT kills FROM alliance_vs_alliance WHERE alliance_id_2 = ' . $db2->escapeNumber($curr_id) . ' AND alliance_id_1 = ' . $db2->escapeNumber($id) . ' AND game_id = ' . $db2->escapeNumber($player->getGameID())); if ($db2->nextRecord()) { $PHP_OUTPUT .= '<td'; if (($out || $out2) && ($id == $player->getAllianceID() || $curr_id == $player->getAllianceID())) { $PHP_OUTPUT .= ' class="bold red"'; } elseif ($out || $out2) { $PHP_OUTPUT .= ' class="red"'; } elseif ($id == $player->getAllianceID() || $curr_id == $player->getAllianceID()) { $PHP_OUTPUT .= ' class="bold"'; } $PHP_OUTPUT .= '>'; $PHP_OUTPUT .= $db2->getField('kills'); } else { $PHP_OUTPUT .= '<td'; if (($out || $out2) && ($id == $player->getAllianceID() || $curr_id == $player->getAllianceID())) { $PHP_OUTPUT .= ' class="bold red"'; } elseif ($out || $out2) { $PHP_OUTPUT .= ' class="red"'; } elseif ($id == $player->getAllianceID() || $curr_id == $player->getAllianceID()) { $PHP_OUTPUT .= ' class="bold"'; } $PHP_OUTPUT .= '>'; $PHP_OUTPUT .= '0'; } } $PHP_OUTPUT .= '</td>'; }
// mailer require LIB . 'External/phpMailer/class.phpmailer.php'; $mail = new PHPMailer(); $mail->From = '*****@*****.**'; $mail->FromName = 'SMR Team'; $mail->Maile = 'smtp'; $mail->SMTPKeepAlive = true; //$mail->ConfirmReadingTo = '*****@*****.**'; $mail->AddReplyTo('*****@*****.**', 'SMR Support'); $mail->Encoding = 'base64'; $mail->WordWrap = 72; $db = new SmrMySqlDatabase(); $db->query('SELECT newsletter_id, newsletter_html, newsletter_text FROM newsletter ORDER BY newsletter_id DESC LIMIT 1'); if ($db->nextRecord()) { $mail->Subject = 'Space Merchant Realms Newsletter #' . $db->getField('newsletter_id'); $newsletterHtml = $db->getField('newsletter_html'); $newsletterText = $db->getField('newsletter_text'); if (!empty($newsletterHtml)) { $mail->MsgHTML($newsletterHtml); if (!empty($newsletterText)) { $mail->AltBody = $newsletterText; } } else { $mail->Body = $newsletterText; } // attach footer // $mail->Body .= EOL.EOL.'Thank you,'.EOL.' SMR Support Team'.EOL.EOL.'Note: You receive this e-mail because you are registered with Space Merchant Realms. If you prefer not to get any further notices please respond and we will disable your account.'; } if ($_REQUEST['to_email'] == '*') { // counter
$container['body'] = 'galactic_post_view_article.php'; transfer('id'); $PHP_OUTPUT .= create_echo_form($container); $PHP_OUTPUT .= create_submit('No'); $PHP_OUTPUT .= '</form>'; } else { $db->query('SELECT * FROM galactic_post_paper WHERE game_id = ' . $db->escapeNumber($player->getGameID()) . ' AND paper_id = ' . $db->escapeNumber($var['id'])); $db->nextRecord(); $title = $db->getField('title'); $PHP_OUTPUT .= 'Are you sure you want to delete the paper titled ' . $title . ' and the following articles with it<br /><br />'; $db2->query('SELECT * FROM galactic_post_paper_content WHERE game_id = ' . $db->escapeNumber($player->getGameID()) . ' AND paper_id = ' . $db->escapeNumber($var['id'])); while ($db2->nextRecord()) { $article_id = $db2->getField('article_id'); $db3->query('SELECT * FROM galactic_post_article WHERE game_id = ' . $db->escapeNumber($player->getGameID()) . ' AND article_id = ' . $db->escapeNumber($article_id)); $db3->nextRecord(); $article_title = bbifyMessage($db3->getField('title')); $PHP_OUTPUT .= $article_title . '<br />'; } $PHP_OUTPUT .= '<br />'; $container = array(); $container['url'] = 'galactic_post_delete.php'; transfer('paper'); transfer('id'); $PHP_OUTPUT .= create_echo_form($container); $PHP_OUTPUT .= create_submit('Yes'); $PHP_OUTPUT .= '</form>'; $container = array(); $container['url'] = 'skeleton.php'; $container['body'] = 'galactic_post_view_article.php'; transfer('id'); $PHP_OUTPUT .= create_echo_form($container);
if ($race == 1) { $race = 9; } else { $race -= 1; } //3 bytes total... $db2->query('SELECT * FROM good ORDER BY good_id'); for ($i = 0; $i <= 2; $i++) { $CurrByte = 0; $CurrAdd = 128; for ($j = 0; $j <= 3; $j++) { $db2->nextRecord(); $good_id = $db2->getField('good_id'); $db3->query('SELECT * FROM port_has_goods WHERE game_id = ' . $game_id . ' AND sector_id = ' . $sector_id . ' AND good_id = ' . $good_id); if ($db3->nextRecord()) { if ($db3->getField('transaction') == 'Sell') { $CurrByte += $CurrAdd; } else { $CurrByte += $CurrAdd / 2; } } $CurrAdd /= 4; } $file .= addbyte($CurrByte); } } //add port race byte... $race = $race * 16; $db2->query('SELECT * FROM planet WHERE game_id = ' . $game_id . ' AND sector_id = ' . $sector_id); if ($db2->nextRecord()) { $db2->query('SELECT * FROM planet WHERE game_id = ' . $game_id . ' AND sector_id = ' . $sector_id . ' AND owner_id IN ' . $alliance);