/**
* \brief Crear la cookie.
* \details Crear la cookie en cliente para especificar que el cliente está autenticado.
*/
function setAuthCookie($username, $password)
{
if (validUser($username, $password)) {
setcookie("token", getToken($username, md5($password)), time() + ONE_YEAR, "/", "", 0, true);
setcookie("user", $username, time() + ONE_YEAR, "/", "", 0, true);
}
}
function setAuthCookie($username, $password)
{
if (validUser($username, $password)) {
setcookie("token", getToken($username, $password), time() + ONE_YEAR);
setcookie("user", $username, time() + ONE_YEAR);
}
}
function safePage()
{
if (!isset($_SESSION['userID']) or !isset($_SESSION['userName'])) {
userOut();
} else {
if (!validUser($_SESSION['userName'], $_SESSION['userPassw'])) {
userOut();
}
}
}
public function index()
{
$config = C('TMPL_PARSE_STRING');
$root = $config['__ROOT__'];
$suff = 'login';
if (validUser("admin")) {
$suff = 'manage_notice';
}
header("Location: {$root}/Admin/{$suff}");
}
function msgQueryUser($aRequest)
{
$Out = Out::getInstance();
if (registeredUser()) {
$CurrentUser = UserProxy::getInstance();
$CharacterIds = array();
$CharacterGames = array();
$CharacterNames = array();
$CharacterClasses = array();
$CharacterRoles1 = array();
$CharacterRoles2 = array();
$Settings = array();
foreach ($CurrentUser->Characters as $Character) {
array_push($CharacterIds, $Character->CharacterId);
array_push($CharacterGames, $Character->Game);
array_push($CharacterNames, $Character->Name);
array_push($CharacterClasses, explode(':', $Character->ClassName));
array_push($CharacterRoles1, $Character->Role1);
array_push($CharacterRoles2, $Character->Role2);
}
$Out->pushValue('registeredUser', true);
$Out->pushValue('id', $CurrentUser->UserId);
$Out->pushValue('name', $CurrentUser->UserName);
$Out->pushValue('characterIds', $CharacterIds);
$Out->pushValue('characterGames', $CharacterGames);
$Out->pushValue('characterNames', $CharacterNames);
$Out->pushValue('characterClass', $CharacterClasses);
$Out->pushValue('role1', $CharacterRoles1);
$Out->pushValue('role2', $CharacterRoles2);
$Out->pushValue('validUser', validUser());
$Out->pushValue('isRaidlead', validRaidlead());
$Out->pushValue('isAdmin', validAdmin());
$Out->pushValue('settings', $CurrentUser->Settings);
$Session = Session::get();
if (isset($Session['Calendar'])) {
$Out->pushValue('calendar', $Session['Calendar']);
} else {
$Out->pushValue('calendar', null);
}
} else {
$Out->pushValue('registeredUser', false);
}
}
function msgQueryCalendar($aRequest)
{
if (validUser()) {
global $gGame;
loadGameSettings();
$Out = Out::getInstance();
$Connector = Connector::getInstance();
$ListRaidQuery = $Connector->prepare('Select ' . RP_TABLE_PREFIX . 'Raid.*, ' . RP_TABLE_PREFIX . 'Location.*, ' . RP_TABLE_PREFIX . 'Attendance.CharacterId, ' . RP_TABLE_PREFIX . 'Attendance.UserId, ' . RP_TABLE_PREFIX . 'Attendance.Status, ' . RP_TABLE_PREFIX . 'Attendance.Class, ' . RP_TABLE_PREFIX . 'Attendance.Role, ' . RP_TABLE_PREFIX . 'Attendance.Comment, ' . 'UNIX_TIMESTAMP(' . RP_TABLE_PREFIX . 'Raid.Start) AS StartUTC, ' . 'UNIX_TIMESTAMP(' . RP_TABLE_PREFIX . 'Raid.End) AS EndUTC ' . 'FROM `' . RP_TABLE_PREFIX . 'Raid` ' . 'LEFT JOIN `' . RP_TABLE_PREFIX . 'Location` USING(LocationId) ' . 'LEFT JOIN `' . RP_TABLE_PREFIX . 'Attendance` USING (RaidId) ' . 'LEFT JOIN `' . RP_TABLE_PREFIX . 'Character` USING (CharacterId) ' . 'WHERE ' . RP_TABLE_PREFIX . 'Raid.Start >= FROM_UNIXTIME(:Start) AND ' . RP_TABLE_PREFIX . 'Raid.Start <= FROM_UNIXTIME(:End) ' . 'AND ' . RP_TABLE_PREFIX . 'Location.Game = :Game ' . 'ORDER BY ' . RP_TABLE_PREFIX . 'Raid.Start, ' . RP_TABLE_PREFIX . 'Raid.RaidId');
// Calculate the correct start end end times
$StartDay = getCalStartDay();
$StartUTC = mktime(0, 0, 0, $aRequest['Month'], 1, $aRequest['Year']);
$StartDate = getdate($StartUTC);
if ($StartDate['wday'] != $StartDay) {
// Calculate the first day displayed in the calendar
$Offset = $StartDate['wday'] < $StartDay ? 7 - ($StartDay - $StartDate['wday']) : $StartDate['wday'] - $StartDay;
$StartUTC -= 60 * 60 * 24 * $Offset;
$StartDate = getdate($StartUTC);
}
// Calculate the last day displayed in the calendar
$EndUTC = $StartUTC + 60 * 60 * 24 * 7 * 6;
// + 6 weeks
// Query and return
$ListRaidQuery->bindValue(':Start', $StartUTC, PDO::PARAM_INT);
$ListRaidQuery->bindValue(':End', intval($EndUTC), PDO::PARAM_INT);
$ListRaidQuery->bindValue(':Game', $gGame['GameId'], PDO::PARAM_STR);
$Session = Session::get();
$Session['Calendar'] = array('month' => intval($aRequest['Month']), 'year' => intval($aRequest['Year']));
$Out->pushValue('startDay', $StartDate['mday']);
$Out->pushValue('startMonth', $StartDate['mon']);
$Out->pushValue('startYear', $StartDate['year']);
$Out->pushValue('startOfWeek', $StartDay);
$Out->pushValue('displayMonth', $aRequest['Month']);
$Out->pushValue('displayYear', $aRequest['Year']);
parseRaidQuery($aRequest, $ListRaidQuery, 0);
} else {
$Out = Out::getInstance();
$Out->pushError(L('AccessDenied'));
}
}
function msgCommentupdate($aRequest)
{
if (validUser()) {
$Connector = Connector::getInstance();
$RaidId = intval($aRequest['raidId']);
$UserId = UserProxy::getInstance()->UserId;
$CheckQuery = $Connector->prepare('SELECT UserId FROM `' . RP_TABLE_PREFIX . 'Attendance` WHERE UserId = :UserId AND RaidId = :RaidId LIMIT 1');
$CheckQuery->bindValue(':UserId', $UserId, PDO::PARAM_INT);
$CheckQuery->bindValue(':RaidId', $RaidId, PDO::PARAM_INT);
if ($CheckQuery->execute()) {
$UpdateQuery = null;
if ($CheckQuery->getAffectedRows() > 0) {
$UpdateQuery = $Connector->prepare('UPDATE `' . RP_TABLE_PREFIX . 'Attendance` ' . 'SET comment = :Comment, LastUpdate = FROM_UNIXTIME(:Timestamp) ' . 'WHERE RaidId = :RaidId AND UserId = :UserId LIMIT 1');
$UpdateQuery->bindValue(':Timestamp', time(), PDO::PARAM_INT);
} else {
$UpdateQuery = $Connector->prepare('INSERT INTO `' . RP_TABLE_PREFIX . 'Attendance` ( CharacterId, UserId, RaidId, Status, Role, Comment ) ' . 'VALUES ( :CharacterId, :UserId, :RaidId, :Status, :Role, :Comment )');
$UpdateQuery->bindValue(':CharacterId', 0, PDO::PARAM_INT);
$UpdateQuery->bindValue(':Role', '', PDO::PARAM_STR);
$UpdateQuery->bindValue(':Status', 'undecided', PDO::PARAM_STR);
}
$UpdateQuery->bindValue(':RaidId', $RaidId, PDO::PARAM_INT);
$UpdateQuery->bindValue(':UserId', $UserId, PDO::PARAM_INT);
$UpdateQuery->bindValue(':Comment', requestToXML($aRequest['comment'], ENT_COMPAT, 'UTF-8'), PDO::PARAM_STR);
$UpdateQuery->execute();
}
// reload calendar
$RaidQuery = $Connector->prepare('SELECT Start FROM `' . RP_TABLE_PREFIX . 'Raid` WHERE RaidId = :RaidId LIMIT 1');
$RaidQuery->bindValue(':RaidId', $RaidId, PDO::PARAM_INT);
$RaidData = $RaidQuery->fetchFirst();
$Session = Session::get();
$ShowMonth = isset($Session['Calendar']) && isset($Session['Calendar']['month']) ? $Session['Calendar']['month'] : intval(substr($RaidData['Start'], 5, 2));
$ShowYear = isset($Session['Calendar']) && isset($Session['Calendar']['year']) ? $Session['Calendar']['year'] : intval(substr($RaidData['Start'], 0, 4));
msgQueryCalendar(prepareCalRequest($ShowMonth, $ShowYear));
} else {
$Out = Out::getInstance();
$Out->pushError(L('AccessDenied'));
}
}
$query = "INSERT INTO users (username,password) values ('$user','$password')";
$res = mysql_query($query, $link);
if(mysql_affected_rows() > 0){
return True;
}
return False;
}
if(array_key_exists("username", $_REQUEST) and array_key_exists("password", $_REQUEST)) {
$link = mysql_connect('localhost', 'natas27', '<censored>');
mysql_select_db('natas27', $link);
if(validUser($link,$_REQUEST["username"])) {
//user exists, check creds
if(checkCredentials($link,$_REQUEST["username"],$_REQUEST["password"])){
echo "Welcome " . htmlentities($_REQUEST["username"]) . "!<br>";
echo "Here is your data:<br>";
$data=dumpData($link,$_REQUEST["username"]);
print htmlentities($data);
}
else{
echo "Wrong password for user: "******"username"]) . "<br>";
}
}
else {
//user doesn't exist
if(createUser($link,$_REQUEST["username"],$_REQUEST["password"])){
echo "User " . htmlentities($_REQUEST["username"]) . " was created!";
<?php
require_once 'include/function.inc.php';
require_once 'core.php';
$valid = false;
if (!isset($_SERVER['PHP_AUTH_USER'])) {
authUser();
} else {
if (validUser($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW'])) {
$valid = true;
}
}
if ($valid == false) {
authUser();
}
/**
* Llamado de xajax
*/
require './include/xajax_0.5_standard/xajax_core/xajax.inc.php';
$xajax = new xajax();
//$xajax->configure('debug', true);
$xajax->configure('javascript URI', './include/xajax_0.5_standard/');
$xajax->registerFunction('insertActuacion');
$xajax->registerFunction('EditFieldActuacion');
$xajax->registerFunction('editActuacion');
$xajax->registerFunction('returnValueActuacion');
$xajax->registerFunction('deleteActuacion');
$xajax->registerFunction('confirmDeleteActuacion');
$xajax->processRequest();
/**
* Fin xajax
$avatar = $_FILES['avatar']['type'];
$allowed = array('image/gif', 'image/png', 'image/jpg', 'image/jpeg');
if (!in_array($avatar, $allowed)) {
$url = "register.php";
$_SESSION['errors'] = ['message' => "Avatar images must be JPG, PNG or GIF"];
header('Location: ' . $url);
}
}
if ($password != $password2 || !validPass($password)) {
$url = "register.php";
$_SESSION['errors'] = ['message' => "Passwords should be at least 8 characters long and consist of at least one lowercase letter, one uppercase letter, a number (0-9) and a special character."];
header('Location: ' . $url);
}
if (!validUser($username)) {
$url = "register.php";
$_SESSION['errors'] = ['message' => "Usernames can only consist of a-Z and _ (underscore) OR a user already exists with that name"];
header('Location: ' . $url);
}
if ($password == $password2 && validUser($username) && validPass($password)) {
Insert($username, $password);
LogIn($username, $password);
$url = "frontPage.php";
$_SESSION['errors'] = ['message' => 'Success! Thank you for registering.'];
header('Location: ' . $url);
}
echo 'Noooo';
} else {
$url = "register.php";
$_SESSION['errors'] = ['message' => "Something went wrong, please try again."];
header('Location: ' . $url);
}
*/
G::Loadinclude('ajax');
$function = get_ajax_value('function');
$searchText = get_ajax_value('text');
$userName = get_ajax_value('userName');
$authSource = get_ajax_value('authSource');
$dn = get_ajax_value('dn');
$fullname = get_ajax_value('fullname');
$email = get_ajax_value('email');
$roles = get_ajax_value('roles');
switch ($function) {
case 'searchText':
searchText($searchText);
break;
case 'validUser':
validUser($searchText);
break;
case 'createUser':
createUser($userName, $authSource, $dn, $fullname, $email, $roles);
break;
}
function createUser($userName, $authSource, $dn, $fullname, $email, $roles)
{
global $DB_MODULE;
// :(
G::LoadClassRBAC('user');
$dbc = new DBConnection(DB_HOST, DB_RBAC_USER, DB_RBAC_PASS, DB_RBAC_NAME);
$obj = new RBAC_User();
$obj->SetTo($dbc);
//is ProcessMaker?
$isPM = false;
function msgRaidAttend($aRequest)
{
if (validUser()) {
global $gGame;
loadGameSettings();
$Connector = Connector::getInstance();
$AttendanceId = intval($aRequest['attendanceId']);
$AttendanceSubId = intval($aRequest['attendanceSubId']);
$RaidId = intval($aRequest['raidId']);
$UserId = intval(UserProxy::getInstance()->UserId);
// check user/character match
$ChangeAllowed = true;
$RaidInfo = array();
$Role = '';
$Class = '';
// Check if locked
$LockCheckQuery = $Connector->prepare('SELECT Stage, Mode, SlotRoles, SlotCount FROM `' . RP_TABLE_PREFIX . 'Raid` WHERE RaidId = :RaidId LIMIT 1');
$LockCheckQuery->bindValue(':RaidId', $RaidId, PDO::PARAM_INT);
$RaidInfo = $LockCheckQuery->fetchFirst();
if ($RaidInfo == null) {
return;
}
// ### return, locked ###
$ChangeAllowed = $RaidInfo['Stage'] == 'open';
if ($ChangeAllowed) {
// Check if character matches user
if ($AttendanceId > 0) {
$CheckQuery = $Connector->prepare('SELECT UserId, Class, Role1, Role2 FROM `' . RP_TABLE_PREFIX . 'Character` WHERE CharacterId = :CharacterId AND Game = :Game LIMIT 1');
$CheckQuery->bindValue(':CharacterId', $AttendanceId, PDO::PARAM_INT);
$CheckQuery->bindValue(':Game', $gGame['GameId'], PDO::PARAM_INT);
$CharacterInfo = $CheckQuery->fetchFirst();
if ($CharacterInfo != null) {
$ChangeAllowed &= $CharacterInfo['UserId'] == $UserId;
if ($gGame['ClassMode'] == 'multi') {
$Classes = explode(':', $CharacterInfo['Class']);
$Class = $AttendanceSubId < 0 ? $Classes[0] : $Classes[$AttendanceSubId];
$Role = $gGame['Classes'][$Class]['roles'][0];
} else {
$Class = $CharacterInfo['Class'];
$Role = $AttendanceSubId < 0 ? $CharacterInfo['Role1'] : ($AttendanceSubId == 0 ? $CharacterInfo['Role1'] : $CharacterInfo['Role2']);
}
} else {
$ChangeAllowed = false;
}
}
// update/insert new attendance data
if ($ChangeAllowed) {
$CheckQuery = $Connector->prepare('SELECT UserId FROM `' . RP_TABLE_PREFIX . 'Attendance` WHERE UserId = :UserId AND RaidId = :RaidId LIMIT 1');
$CheckQuery->bindValue(':UserId', $UserId, PDO::PARAM_INT);
$CheckQuery->bindValue(':RaidId', $RaidId, PDO::PARAM_INT);
$CheckQuery->execute();
$AttendQuery = null;
$ChangeComment = isset($aRequest['comment']) && $aRequest['comment'] != '';
if ($CheckQuery->getAffectedRows() > 0) {
if ($ChangeComment) {
$AttendQuery = $Connector->prepare('UPDATE `' . RP_TABLE_PREFIX . 'Attendance` SET ' . 'CharacterId = :CharacterId, Status = :Status, Class = :Class, Role = :Role, Comment = :Comment, LastUpdate = FROM_UNIXTIME(:Timestamp) ' . 'WHERE RaidId = :RaidId AND UserId = :UserId LIMIT 1');
} else {
$AttendQuery = $Connector->prepare('UPDATE `' . RP_TABLE_PREFIX . 'Attendance` SET ' . 'CharacterId = :CharacterId, Status = :Status, Class = :Class, Role = :Role, LastUpdate = FROM_UNIXTIME(:Timestamp) ' . 'WHERE RaidId = :RaidId AND UserId = :UserId LIMIT 1');
}
} else {
if ($ChangeComment) {
$AttendQuery = $Connector->prepare('INSERT INTO `' . RP_TABLE_PREFIX . 'Attendance` ( CharacterId, UserId, RaidId, Status, Class, Role, Comment, LastUpdate ) ' . 'VALUES ( :CharacterId, :UserId, :RaidId, :Status, :Class, :Role, :Comment, FROM_UNIXTIME(:Timestamp) )');
} else {
$AttendQuery = $Connector->prepare('INSERT INTO `' . RP_TABLE_PREFIX . 'Attendance` ( CharacterId, UserId, RaidId, Status, Class, Role, Comment, LastUpdate) ' . 'VALUES ( :CharacterId, :UserId, :RaidId, :Status, :Class, :Role, "", FROM_UNIXTIME(:Timestamp) )');
}
}
// Define the status and id to set
if ($AttendanceId == -1) {
$Status = 'unavailable';
$CharacterId = intval($aRequest['fallback']);
} else {
$CharacterId = $AttendanceId;
switch ($RaidInfo['Mode']) {
case 'all':
case 'attend':
$Status = 'ok';
break;
default:
case 'manual':
case 'overbook':
$Status = 'available';
break;
}
}
// Add comment when setting absent status
if ($ChangeComment) {
$Comment = requestToXML($aRequest['comment'], ENT_COMPAT, 'UTF-8');
$AttendQuery->bindValue(':Comment', $Comment, PDO::PARAM_STR);
}
$AttendQuery->bindValue(':CharacterId', $CharacterId, PDO::PARAM_INT);
$AttendQuery->bindValue(':RaidId', intval($RaidId), PDO::PARAM_INT);
$AttendQuery->bindValue(':UserId', intval($UserId), PDO::PARAM_INT);
$AttendQuery->bindValue(':Status', $Status, PDO::PARAM_STR);
$AttendQuery->bindValue(':Role', $Role, PDO::PARAM_STR);
$AttendQuery->bindValue(':Class', $Class, PDO::PARAM_STR);
$AttendQuery->bindValue(':Timestamp', time(), PDO::PARAM_INT);
if ($AttendQuery->execute() && $Role != '' && $RaidInfo['Mode'] == 'attend' && $Status == 'ok') {
removeOverbooked($RaidId, $RaidInfo['SlotRoles'], $RaidInfo['SlotCount']);
}
} else {
$Out = Out::getInstance();
$Out->pushError(L('AccessDenied'));
}
} else {
$Out = Out::getInstance();
$Out->pushError(L('RaidLocked'));
}
// reload calendar
$RaidQuery = $Connector->prepare('SELECT Start FROM `' . RP_TABLE_PREFIX . 'Raid` WHERE RaidId = :RaidId LIMIT 1');
$RaidQuery->bindValue(':RaidId', $RaidId, PDO::PARAM_INT);
$RaidData = $RaidQuery->fetchFirst();
$Session = Session::get();
$ShowMonth = isset($Session['Calendar']) && isset($Session['Calendar']['month']) ? $Session['Calendar']['month'] : intval(substr($RaidData['Start'], 5, 2));
$ShowYear = isset($Session['Calendar']) && isset($Session['Calendar']['year']) ? $Session['Calendar']['year'] : intval(substr($RaidData['Start'], 0, 4));
msgQueryCalendar(prepareCalRequest($ShowMonth, $ShowYear));
} else {
$Out = Out::getInstance();
$Out->pushError(L('AccessDenied'));
}
}
// along with PHPDaft; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
// Visa var filerna finns
ini_set("include_path", "/home/daft/konferens/");
// Inkludera filer
require "Functions/function_errorHandler.php";
require "Functions/function_validUser.php";
require "Classes/class_Configuration.php";
require "Classes/class_ExternalStorage.php";
require "Classes/class_Logger.php";
require "Classes/class_User.php";
require "Classes/class_UserPresentation.php";
require "Classes/yapter.php";
// Definiera felhanterare
// set_error_handler("errorHandler");
// Session
session_start();
// Kolla om vi är inloggade
if (!($bInlogged = validUser())) {
// Det är vi inte, fixa variabler och stäng sessionen igen
session_destroy();
trigger_error("43", E_USER_ERROR);
die;
}
// Fixa template
//$oTemplate = new Template("/home/daft/Templates/Logout.tpl");
//$oTemplate->setParseMode(TRUE);
//$oTemplate->setWarningLevel(E_YAPTER_ERROR);
//$oTemplate->parse();
//$oTemplate->spit();
echo "Inte implementerat än!";
<?php
session_start();
include_once "../includes/user_functions.php";
if (isset($_SESSION['user']) && isset($_SESSION['pass']) && validUser($_SESSION['user'], $_SESSION['pass'], true)) {
header("Location: https://profiles.ac3-servers.eu/api/");
}
function confirmURL($response)
{
$url = "https://www.google.com/recaptcha/api/siteverify?secret=" . getCaptchaPrivateKey() . "&response=" . $response . "&remoteip=" . $_SERVER['REMOTE_ADDR'];
$ch = curl_init();
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
$result = curl_exec($ch);
http_response_code(curl_getinfo($ch, CURLINFO_HTTP_CODE));
curl_close($ch);
$res = json_decode($result, true);
return $res['success'];
}
$error = "";
if (isset($_POST['register']) && strtoupper($_POST['register']) == strtoupper("go")) {
//Register button pressed.
$emailRegex = "^[a-zA-Z0-9_.+-]+@[a-zA-Z0-9-]+\\.[a-zA-Z0-9-.]+\$^";
if (!confirmURL($_POST['g-recaptcha-response'])) {
$error = "The captcha was incorrect!";
} else {
if (!isset($_POST['username']) || !isset($_POST['password']) || !isset($_POST['confirm']) || !isset($_POST['Email'])) {
$error = "You're missing a field?";
} else {
if (empty($_POST['username']) || empty($_POST['password']) || empty($_POST['confirm']) || empty($_POST['Email'])) {
<?php
include 'security.php';
if (empty($_POST['username']) || empty($_POST['password'])) {
echo "Incorrect Username or Password.";
} else {
$user = $_POST['username'];
$passw = $_POST['password'];
if (validUser($user, $passw) == true) {
header("Location: home.php");
} else {
}
}
function validUser($userLimit, $user, $user_email)
{
if ($userLimit) {
return in_array($user, $valid_users);
} else {
return isset($user) && isset($user_email);
}
}
$data = json_decode($_POST['payload'], true);
$pusher = $data['pusher']['name'];
$pusher_email = $data['pusher']['email'];
$branch_changed = $data['ref'];
if (validBranch($limit_branch, $branch_changed, $valid_branches)) {
echo "Valid Branch - " . $branch_changed;
if ($enabled) {
if (validUser($limit_users, $pusher, $pusher_email)) {
echo "Valid User - " . $pusher;
$repo = $data['repository']['name'];
$repo_url = $data['repository']['url'];
if ($git_update) {
`git pull`;
echo "git pull";
}
$body = "Site: " . $site_name . "\n Pusher: " . $pusher . "\n Pusher Email: " . $pusher_email . "\n Repo: " . $repo . "\n Repo URL: " . $repo_url . "\n Branch: " . $branch_changed . "\n";
$subject = "Deployment - " . $site_name;
$headers = "From: " . $from_email . "\n";
} else {
echo "Not a valid User - Aborting Deployment";
$body = "Site: " . $site_name . "\n IP: " . $_SERVER['REMOTE_ADDR'] . "\n\n\n" . serialize($_REQUEST) . "\n\n\n";
$subject = "Deployment Failure - " . $site_name;
$headers = "From: " . $from_email . "\n";
}
}
} else {
echo formRegist();
}
echo '</div>';
} else {
echo '<div id="login">';
if (isset($_POST['secionIniciada'])) {
if (empty($_POST['email']) || empty($_POST['pass'])) {
$_SESSION['msg'] = "Nombre de usuario y contraseña son requeridos...";
header('Location: ' . $_SERVER['REQUEST_URI']);
} else {
$email = $_POST['email'];
$pass = $_POST['pass'];
$est = validUser($email, $pass);
if (is_array($est)) {
$_SESSION['id_user'] = $est['ID'];
$_SESSION['nombre_user'] = $est['NAME'];
$_SESSION['autentificador'] = $est['AUTENT'];
header('Location: ' . $_SERVER['REQUEST_URI']);
} else {
$_SESSION['msg'] = "Correo y contraseña no coinciden...";
header('Location: ' . $_SERVER['REQUEST_URI']);
}
}
} else {
echo formLogin();
}
echo '</div>';
}
function msgProfileupdate($aRequest)
{
if (validUser()) {
global $gGame;
loadGameSettings();
$UserId = UserProxy::getInstance()->UserId;
if (validAdmin() && isset($aRequest['userId']) && $aRequest['userId'] != 0) {
$UserId = intval($aRequest['userId']);
}
$Connector = Connector::getInstance();
do {
$Connector->beginTransaction();
// Update password
if (isset($aRequest['newPass']) && $aRequest['oldPass'] != '') {
if (UserProxy::getInstance()->validateCredentials($aRequest['oldPass'])) {
// User authenticated with valid password
// change the password of the given id. ChangePassword does a check
// for validity (e.g. only admin may change other user's passwords)
$Salt = UserProxy::generateKey32();
$HashedPassword = NativeBinding::nativeHash($aRequest['newPass'], $Salt, 'none');
if (!UserProxy::changePassword($UserId, $HashedPassword, $Salt)) {
$Out = Out::getInstance();
$Out->pushError(L('PasswordLocked'));
}
} else {
$Out = Out::getInstance();
$Out->pushError(L('WrongPassword'));
}
}
// Update always log in
if ($aRequest['autoAttend'] == 'true') {
$ExistsRequest = $Connector->prepare('SELECT UserSettingId FROM `' . RP_TABLE_PREFIX . 'UserSetting` ' . 'WHERE UserId=:UserId and Name="AutoAttend" LIMIT 1');
$ExistsRequest->bindValue(':UserId', $UserId, PDO::PARAM_INT);
if ($ExistsRequest->fetchFirst() == null) {
$AttendRequest = $Connector->prepare('INSERT INTO `' . RP_TABLE_PREFIX . 'UserSetting` (UserId, Name) VALUES (:UserId, "AutoAttend")');
$AttendRequest->bindValue(':UserId', $UserId, PDO::PARAM_INT);
$AttendRequest->execute();
}
} else {
$RemoveQuery = $Connector->prepare('DELETE FROM `' . RP_TABLE_PREFIX . 'UserSetting` WHERE ' . 'UserId = :UserId AND (Name = "AutoAttend") LIMIT 1');
$RemoveQuery->bindValue(':UserId', $UserId, PDO::PARAM_INT);
$RemoveQuery->execute();
}
// Update vacation settings
$Ranges = getVacationData($aRequest);
$VacationMessage = $aRequest['vacationMessage'] == null ? '' : requestToXML($aRequest['vacationMessage'], ENT_COMPAT, 'UTF-8');
// Revoke ranges that have been removed
foreach ($Ranges['revoke'] as $RevokeRange) {
$RevokeQuery = $Connector->prepare('UPDATE `' . RP_TABLE_PREFIX . 'Raid` LEFT JOIN `' . RP_TABLE_PREFIX . 'Attendance` USING (RaidId) ' . 'SET `' . RP_TABLE_PREFIX . 'Attendance`.Status = "undecided", Comment = "" ' . 'WHERE Start >= FROM_UNIXTIME(:Start) AND Start <= FROM_UNIXTIME(:End) ' . 'AND `' . RP_TABLE_PREFIX . 'Attendance`.Status = "unavailable" AND `' . RP_TABLE_PREFIX . 'Attendance`.UserId = :UserId');
$RevokeQuery->bindValue(':Start', max($RevokeRange[0], time()), PDO::PARAM_INT);
$RevokeQuery->bindValue(':End', max($RevokeRange[1], time()), PDO::PARAM_INT);
$RevokeQuery->bindValue(':UserId', $UserId, PDO::PARAM_INT);
$RevokeQuery->execute();
}
// Update already affected ranges
foreach ($Ranges['update'] as $UpdateRange) {
$UpdateQuery = $Connector->prepare('UPDATE `' . RP_TABLE_PREFIX . 'Raid` LEFT JOIN `' . RP_TABLE_PREFIX . 'Attendance` USING(RaidId) ' . 'SET Comment = :Message ' . 'WHERE Start >= FROM_UNIXTIME(:Start) AND Start <= FROM_UNIXTIME(:End) ' . 'AND UserId = :UserId AND Status = "unavailable"');
$UpdateQuery->bindValue(':Start', $UpdateRange[0], PDO::PARAM_INT);
$UpdateQuery->bindValue(':End', $UpdateRange[1], PDO::PARAM_INT);
$UpdateQuery->bindValue(':UserId', $UserId, PDO::PARAM_INT);
$UpdateQuery->bindValue(':Message', $VacationMessage, PDO::PARAM_STR);
$UpdateQuery->execute();
}
// Update/Insert new ranges
foreach ($Ranges['new'] as $NewRange) {
// Update all raids that already have an attendance record
$UpdateQuery = $Connector->prepare('UPDATE `' . RP_TABLE_PREFIX . 'Raid` LEFT JOIN `' . RP_TABLE_PREFIX . 'Attendance` USING(RaidId) ' . 'SET Status = "unavailable", Comment = :Message ' . 'WHERE Start >= FROM_UNIXTIME(:Start) AND Start <= FROM_UNIXTIME(:End) ' . 'AND UserId = :UserId');
$UpdateQuery->bindValue(':Start', $NewRange[0], PDO::PARAM_INT);
$UpdateQuery->bindValue(':End', $NewRange[1], PDO::PARAM_INT);
$UpdateQuery->bindValue(':UserId', intval($UserId), PDO::PARAM_INT);
$UpdateQuery->bindValue(':Message', $VacationMessage, PDO::PARAM_STR);
$UpdateQuery->execute();
// Find all reaids the do not have an attendance record
$AffectedQuery = $Connector->prepare('SELECT `' . RP_TABLE_PREFIX . 'Raid`.RaidId FROM `' . RP_TABLE_PREFIX . 'Raid` ' . 'LEFT JOIN `' . RP_TABLE_PREFIX . 'Attendance` ON (`' . RP_TABLE_PREFIX . 'Raid`.RaidId = `' . RP_TABLE_PREFIX . 'Attendance`.RaidId ' . 'AND (`' . RP_TABLE_PREFIX . 'Attendance`.UserId = :UserId OR `' . RP_TABLE_PREFIX . 'Attendance`.UserId IS NULL)) ' . 'WHERE Start >= FROM_UNIXTIME(:Start) AND Start <= FROM_UNIXTIME(:End) ' . 'AND UserId IS NULL ' . 'GROUP BY RaidId');
$AffectedQuery->bindValue(':Start', $NewRange[0], PDO::PARAM_INT);
$AffectedQuery->bindValue(':End', $NewRange[1], PDO::PARAM_INT);
$AffectedQuery->bindValue(':UserId', intval($UserId), PDO::PARAM_INT);
$AffectedQuery->loop(function ($aRaid) use(&$Connector, $UserId, $VacationMessage) {
// Set user to unavailable
$InsertQuery = $Connector->prepare('INSERT INTO `' . RP_TABLE_PREFIX . 'Attendance` ' . '(UserId, RaidId, Status, Comment) ' . 'VALUES (:UserId, :RaidId, "unavailable", :Message)');
$InsertQuery->bindValue(':UserId', intval($UserId), PDO::PARAM_INT);
$InsertQuery->bindValue(':RaidId', $aRaid['RaidId'], PDO::PARAM_INT);
$InsertQuery->bindValue(':Message', $VacationMessage, PDO::PARAM_STR);
$InsertQuery->execute();
});
}
// Update user settings
if (count($Ranges['new']) == 0 && count($Ranges['update']) == 0) {
if (count($Ranges['revoke']) > 0) {
$RemoveQuery = $Connector->prepare('DELETE FROM `' . RP_TABLE_PREFIX . 'UserSetting` WHERE ' . 'UserId = :UserId AND (Name = "VacationStart" OR Name = "VacationEnd" OR Name = "VacationMessage") LIMIT 3');
$RemoveQuery->bindValue(':UserId', $UserId, PDO::PARAM_INT);
$RemoveQuery->execute();
}
} else {
if ($Ranges['SettingsFound']) {
$UpdateQuery = $Connector->prepare('UPDATE `' . RP_TABLE_PREFIX . 'UserSetting` SET IntValue = :Start WHERE UserId = :UserId AND Name = "VacationStart" LIMIT 1;' . 'UPDATE `' . RP_TABLE_PREFIX . 'UserSetting` SET IntValue = :End WHERE UserId = :UserId AND Name = "VacationEnd" LIMIT 1;' . 'UPDATE `' . RP_TABLE_PREFIX . 'UserSetting` SET TextValue = :Message WHERE UserId = :UserId AND Name = "VacationMessage" LIMIT 1;');
$UpdateQuery->bindValue(':UserId', $UserId, PDO::PARAM_INT);
$UpdateQuery->bindValue(':Start', $aRequest['vacationStart'], PDO::PARAM_INT);
$UpdateQuery->bindValue(':End', $aRequest['vacationEnd'], PDO::PARAM_INT);
$UpdateQuery->bindValue(':Message', $VacationMessage, PDO::PARAM_STR);
$UpdateQuery->execute();
} else {
$InsertQuery = $Connector->prepare('INSERT INTO `' . RP_TABLE_PREFIX . 'UserSetting` (IntValue, UserId, Name) VALUES (:Start, :UserId, "VacationStart");' . 'INSERT INTO `' . RP_TABLE_PREFIX . 'UserSetting` (IntValue, UserId, Name) VALUES (:End, :UserId, "VacationEnd");' . 'INSERT INTO `' . RP_TABLE_PREFIX . 'UserSetting` (TextValue, UserId, Name) VALUES (:Message, :UserId, "VacationMessage");');
$InsertQuery->bindValue(':UserId', $UserId, PDO::PARAM_INT);
$InsertQuery->bindValue(':Start', $aRequest['vacationStart'], PDO::PARAM_INT);
$InsertQuery->bindValue(':End', $aRequest['vacationEnd'], PDO::PARAM_INT);
$InsertQuery->bindValue(':Message', $VacationMessage, PDO::PARAM_STR);
$InsertQuery->execute();
}
}
// Update characters
$CharacterQuery = $Connector->prepare('SELECT * FROM `' . RP_TABLE_PREFIX . 'Character` WHERE UserId = :UserId AND Game = :Game ORDER BY Name');
$CharacterQuery->bindValue(':UserId', $UserId, PDO::PARAM_INT);
$CharacterQuery->bindValue(':Game', $gGame['GameId'], PDO::PARAM_STR);
$ValidCharacterIds = array();
$UpdatedCharacteIds = array();
$CharacterQuery->loop(function ($Data) use(&$ValidCharacterIds) {
array_push($ValidCharacterIds, $Data['CharacterId']);
});
$NumCharacters = isset($aRequest['charId']) && is_array($aRequest['charId']) ? count($aRequest['charId']) : 0;
// Sanity check mainchar
$FoundMainChar = false;
for ($CharIndex = 0; $CharIndex < $NumCharacters; ++$CharIndex) {
if ($aRequest['mainChar'][$CharIndex] == 'true') {
if ($FoundMainChar) {
$aRequest['mainChar'][$CharIndex] = 'false';
} else {
$FoundMainChar = true;
}
}
}
if (!$FoundMainChar && $NumCharacters > 0) {
$aRequest['mainChar'][0] = 'true';
}
// Update/insert chars
for ($CharIndex = 0; $CharIndex < $NumCharacters; ++$CharIndex) {
$CharId = $aRequest['charId'][$CharIndex];
$ClassArray = $aRequest['charClass'][$CharIndex];
$Classes = count($ClassArray) == 1 ? $ClassArray[0] : implode(':', $ClassArray);
if ($CharId == 0) {
// Insert new character
$InsertChar = $Connector->prepare('INSERT INTO `' . RP_TABLE_PREFIX . 'Character` ' . '( UserId, Name, Game, Class, Mainchar, Role1, Role2 ) ' . 'VALUES ( :UserId, :Name, :Game, :Class, :Mainchar, :Role1, :Role2 )');
$InsertChar->bindValue(':UserId', $UserId, PDO::PARAM_INT);
$InsertChar->bindValue(':Name', requestToXML($aRequest['name'][$CharIndex], ENT_COMPAT, 'UTF-8'), PDO::PARAM_STR);
$InsertChar->bindValue(':Game', $gGame['GameId'], PDO::PARAM_STR);
$InsertChar->bindValue(':Class', $Classes, PDO::PARAM_STR);
$InsertChar->bindValue(':Mainchar', $aRequest['mainChar'][$CharIndex], PDO::PARAM_STR);
$InsertChar->bindValue(':Role1', $aRequest['role1'][$CharIndex], PDO::PARAM_STR);
$InsertChar->bindValue(':Role2', $aRequest['role2'][$CharIndex], PDO::PARAM_STR);
if (!$InsertChar->execute()) {
$Connector->rollBack();
return;
}
} else {
if (in_array($CharId, $ValidCharacterIds)) {
// Update character
array_push($UpdatedCharacteIds, $CharId);
$UpdateChar = $Connector->prepare('UPDATE `' . RP_TABLE_PREFIX . 'Character` ' . 'SET Class = :Class, Mainchar = :Mainchar, Role1 = :Role1, Role2 = :Role2 ' . 'WHERE CharacterId = :CharacterId AND UserId = :UserId');
$UpdateChar->bindValue(':UserId', $UserId, PDO::PARAM_INT);
$UpdateChar->bindValue(':CharacterId', $CharId, PDO::PARAM_INT);
$UpdateChar->bindValue(':Class', $Classes, PDO::PARAM_STR);
$UpdateChar->bindValue(':Mainchar', $aRequest['mainChar'][$CharIndex], PDO::PARAM_STR);
$UpdateChar->bindValue(':Role1', $aRequest['role1'][$CharIndex], PDO::PARAM_STR);
$UpdateChar->bindValue(':Role2', $aRequest['role2'][$CharIndex], PDO::PARAM_STR);
if (!$UpdateChar->execute()) {
$Connector->rollBack();
return;
}
}
}
}
$IdsToRemove = array_diff($ValidCharacterIds, $UpdatedCharacteIds);
foreach ($IdsToRemove as $CharId) {
// Remove character
$DropChar = $Connector->prepare('DELETE FROM `' . RP_TABLE_PREFIX . 'Character` ' . 'WHERE CharacterId = :CharacterId AND UserId = :UserId');
$DropAttendance = $Connector->prepare('DELETE FROM `' . RP_TABLE_PREFIX . 'Attendance` ' . 'WHERE CharacterId = :CharacterId AND UserId = :UserId');
$DropChar->bindValue(':UserId', $UserId, PDO::PARAM_INT);
$DropChar->bindValue(':CharacterId', $CharId, PDO::PARAM_INT);
$DropAttendance->bindValue(':UserId', $UserId, PDO::PARAM_INT);
$DropAttendance->bindValue(':CharacterId', $CharId, PDO::PARAM_INT);
if (!$DropChar->execute()) {
$Connector->rollBack();
return;
}
if (!$DropAttendance->execute()) {
$Connector->rollBack();
return;
}
}
} while (!$Connector->commit());
UserProxy::getInstance()->updateCharacters();
msgQueryProfile($aRequest);
} else {
$Out = Out::getInstance();
$Out->pushError(L('AccessDenied'));
}
}
return;
}
if (isset($_POST['login']) && strtoupper($_POST['login']) == strtoupper("go")) {
//Login button pressed.
if (!isset($_POST['user']) || !isset($_POST['password'])) {
$error = "You're missing a field?";
}
if (empty($_POST['user']) || empty($_POST['password'])) {
$error = "You're missing a field?";
}
//User and pass to var.
$user = $_POST['user'];
$pass = $_POST['password'];
//Hash password and start session if valid.
$hashedPass = hashPass($user, $pass);
if (!($userArr = validUser($user, $hashedPass, true))) {
$error = "Your password was incorrect!";
} else {
if (!is_array($userArr)) {
$error = $userArr;
} else {
$_SESSION['user'] = $userArr['user'];
$_SESSION['pass'] = $userArr['hashedPass'];
$_SESSION['UUID'] = $userArr['UUID'];
$_SESSION['key'] = $userArr['key'];
$_SESSION['permissions'] = $userArr['perm'];
$_SESSION['email'] = $userArr['email'];
header("Location: https://profiles.ac3-servers.eu/api/");
return;
}
}
include_once "auth.php";
$user = "";
$pass = "";
if (isset($_REQUEST["user"])) {
$user = htmlspecialchars($_REQUEST["user"]);
$pass = htmlspecialchars($_REQUEST["pass"]);
}
//Comprueba que se haya introducido nombre y contraseña con longitud apropiada o si no se han pasado como parámetros
if (strlen($user) < 5) {
error("shortUser");
}
if (strlen($pass) < 5) {
error("shortPass");
}
try {
//Comprueba que hay un usuario con ese nombre y contraseña
$loginRes = validUser($user, $pass);
if ($loginRes) {
setAuthCookie($user, $pass);
header('Location: agoraus.freeoda.com/welcome.php');
} else {
error("wrongPass");
}
} catch (PDOException $e) {
error("connectionFailed");
}
function error($name)
{
header('Location: ./index.php?error=' . $name . '&logout=1');
die("Está siendo redirigido...");
}
function lockOldRaids($aSeconds)
{
if (validUser()) {
$Connector = Connector::getInstance();
$UpdateRaidQuery = $Connector->prepare('UPDATE `' . RP_TABLE_PREFIX . 'Raid` SET ' . 'Stage = "locked"' . 'WHERE Start < FROM_UNIXTIME(:Time) AND Stage = "open"');
$UpdateRaidQuery->bindValue(':Time', time() + $aSeconds, PDO::PARAM_INT);
$UpdateRaidQuery->execute();
}
}
function msgQueryProfile($aRequest)
{
if (validUser()) {
global $gGame;
loadGameSettings();
$Out = Out::getInstance();
$UserId = UserProxy::getInstance()->UserId;
if (validAdmin() && isset($aRequest['userId']) && $aRequest['userId'] != 0) {
$UserId = intval($aRequest['userId']);
}
$Connector = Connector::getInstance();
$Out->pushValue('show', $aRequest['showPanel']);
// Admintool relevant data
$Users = $Connector->prepare('SELECT Login, UNIX_TIMESTAMP(Created) AS CreatedUTC, ExternalBinding, BindingActive FROM `' . RP_TABLE_PREFIX . 'User` WHERE UserId = :UserId LIMIT 1');
$Users->bindValue(':UserId', $UserId, PDO::PARAM_INT);
$Data = $Users->fetchFirst();
if ($Data != null) {
$Out->pushValue('userid', $UserId);
$Out->pushValue('name', $Data['Login']);
$Out->pushValue('bindingActive', $Data['BindingActive'] == 'true');
$Out->pushValue('binding', $Data['ExternalBinding']);
$CreatedUTC = $Data['CreatedUTC'];
}
// Load settings
$SettingsQuery = $Connector->prepare('SELECT * FROM `' . RP_TABLE_PREFIX . 'UserSetting` WHERE UserId = :UserId');
$SettingsQuery->bindValue(':UserId', $UserId, PDO::PARAM_INT);
$UserSettings = array();
$SettingsQuery->loop(function ($Data) use(&$UserSettings) {
$UserSettings[$Data['Name']] = array('number' => $Data['IntValue'], 'text' => $Data['TextValue']);
});
$Out->pushValue('settings', $UserSettings);
// Load characters
$Characters = array();
if ($UserId == UserProxy::getInstance()->UserId) {
foreach (UserProxy::getInstance()->Characters as $Data) {
if ($Data->Game == $gGame['GameId']) {
$Character = array('id' => $Data->CharacterId, 'name' => $Data->Name, 'classname' => explode(':', $Data->ClassName), 'mainchar' => $Data->IsMainChar, 'role1' => $Data->Role1, 'role2' => $Data->Role2);
array_push($Characters, $Character);
}
}
} else {
$CharacterQuery = $Connector->prepare('SELECT * FROM `' . RP_TABLE_PREFIX . 'Character` ' . 'WHERE UserId = :UserId AND Game = :Game ' . 'ORDER BY Mainchar, Name');
$CharacterQuery->bindValue(':UserId', $UserId, PDO::PARAM_INT);
$CharacterQuery->bindValue(':Game', $gGame['GameId'], PDO::PARAM_STR);
$CharacterQuery->loop(function ($Row) use(&$Characters) {
$Character = array('id' => $Row['CharacterId'], 'name' => $Row['Name'], 'classname' => explode(':', $Row['Class']), 'mainchar' => $Row['Mainchar'] == 'true', 'role1' => $Row['Role1'], 'role2' => $Row['Role2']);
array_push($Characters, $Character);
});
}
$Out->pushValue('character', $Characters);
// Total raid count
$NumRaids = 0;
$RaidsQuery = $Connector->prepare('SELECT COUNT(RaidId) AS `NumberOfRaids` FROM `' . RP_TABLE_PREFIX . 'Raid` ' . 'LEFT JOIN `' . RP_TABLE_PREFIX . 'Location` USING(LocationId) ' . 'WHERE Start > FROM_UNIXTIME(:Created) AND Start < FROM_UNIXTIME(:Now) AND Game = :Game');
$RaidsQuery->bindValue(':Now', time(), PDO::PARAM_INT);
$RaidsQuery->bindValue(':Created', $CreatedUTC, PDO::PARAM_STR);
$RaidsQuery->bindValue(':Game', $gGame['GameId'], PDO::PARAM_STR);
$Data = $RaidsQuery->fetchFirst();
if ($Data != null) {
$NumRaids = $Data['NumberOfRaids'];
}
// Load attendance
$AttendanceQuery = $Connector->prepare('Select `Status`, `Role`, COUNT(RaidId) AS `Count` ' . 'FROM `' . RP_TABLE_PREFIX . 'Attendance` ' . 'LEFT JOIN `' . RP_TABLE_PREFIX . 'Raid` USING(RaidId) ' . 'LEFT JOIN `' . RP_TABLE_PREFIX . 'Location` USING(LocationId) ' . 'WHERE UserId = :UserId AND Start > FROM_UNIXTIME(:Created) AND Start < FROM_UNIXTIME(:Now) AND Game = :Game ' . 'GROUP BY `Status`, `Role` ORDER BY Status');
$AttendanceQuery->bindValue(':UserId', $UserId, PDO::PARAM_INT);
$AttendanceQuery->bindValue(':Created', $CreatedUTC, PDO::PARAM_INT);
$AttendanceQuery->bindValue(':Now', time(), PDO::PARAM_INT);
$AttendanceQuery->bindValue(':Game', $gGame['GameId'], PDO::PARAM_STR);
$AttendanceData = array('raids' => $NumRaids, 'available' => 0, 'unavailable' => 0, 'ok' => 0, 'roles' => array());
// Pull data
$AttendanceQuery->loop(function ($Data) use(&$AttendanceData) {
if ($Data['Status'] != 'undecided') {
$AttendanceData[$Data['Status']] += $Data['Count'];
}
if ($Data['Status'] == 'ok') {
$RoleId = $Data['Role'];
if (isset($AttendanceData['roles'][$RoleId])) {
$AttendanceData['roles'][$RoleId] += $Data['Count'];
} else {
$AttendanceData['roles'][$RoleId] = $Data['Count'];
}
}
});
$Out->pushValue('attendance', $AttendanceData);
} else {
$Out = Out::getInstance();
$Out->pushError(L('AccessDenied'));
}
}
if (!isset($_POST['password']) || !preg_match('/^[a-zA-Z.-_*^!:;,&]{6,25}$/', $_POST['password'])) {
return "Mot de passe invalide, il doit être composé de 6 à 25 caractères.";
}
if (!isset($_POST['password2']) || $_POST['password'] != $_POST['password2']) {
return "Les deux mot de passe doivent être identique.";
}
return "NoError";
}
if (isset($_POST['send'])) {
$error = checkDataUser($Model);
if ($error == "NoError") {
addUser($_POST['pseudo'], $_POST['nom'], $_POST['prenom'], $_POST['sexe'], $_POST['email'], $_POST['password']);
$_SESSION['msg'][0] = 'success';
$_SESSION['msg'][1] = "Vous devez validez votre compte via l'email qui vous à était envoyé !";
header('Location: index.php?page=login');
} else {
echo "<div class='error' >" . $error . "</div>";
}
}
if (isset($_GET['pseudo']) & isset($_GET['tok'])) {
if (checkToken($_GET['pseudo'], $_GET['tok'])) {
validUser($_GET['pseudo']);
$_SESSION['msg'][0] = 'success';
$_SESSION['msg'][1] = "Vous êtes maintenant inscrit !";
header('Location : index.php?page=login');
} else {
echo "<div class='error' >Validation du compte impossible...</div>";
}
}
require_once Config::$path['views'] . 'HTML.class.php';
require_once Config::$path['views'] . 'inscription.php';
require "Functions/function_errorHandler.php";
require "Classes/class_UserPresentation.php";
require "Classes/class_Configuration.php";
require "Classes/yapter.php";
require "Functions/function_randStr.php";
require "Functions/function_validUser.php";
$oConfiguration = Configuration::createInstance();
// Definiera felhanterare
// set_error_handler("errorHandler");
// Kolla så att allt vi fått är OK
if (!$_POST['Age']) {
$_POST['Age'] = 0;
}
// Kolla om vi redirectats fr?n login-sidan
session_start();
if (validUser()) {
// Jepp det har vi, skicka till n?t kul st?lle
header("Location: " . $oConfiguration->getCustomValue("GoWhereAfterLogin"));
} else {
// N? det har vi inte
session_destroy();
}
if (strlen($_POST['Name']) < $oConfiguration->getCustomValue("NameMin") or strlen($_POST['Name']) > $oConfiguration->getCustomValue("NameMax") or strlen($_POST['RealName']) < $oConfiguration->getCustomValue("RealNameMin") or strlen($_POST['RealName']) > $oConfiguration->getCustomValue("RealNameMax") or strlen($_POST['Email']) < $oConfiguration->getCustomValue("EmailMin") or strlen($_POST['Email']) > $oConfiguration->getCustomValue("EmailMax") or strlen($_POST['Signature']) < $oConfiguration->getCustomValue("SignatureMin") or strlen($_POST['Signature']) > $oConfiguration->getCustomValue("SignatureMax") or $_POST['Age'] and !is_numeric($_POST['Age']) or $_POST['Age'] < $oConfiguration->getCustomValue("AgeMin") or $_POST['Age'] > $oConfiguration->getCustomValue("AgeMax") or strlen($_POST['HomePage']) < $oConfiguration->getCustomValue("HomepageMin") or strlen($_POST['HomePage']) > $oConfiguration->getCustomValue("HomepageMax") or strlen($_POST['Other']) < $oConfiguration->getCustomValue("OtherMin") or strlen($_POST['Other']) > $oConfiguration->getCustomValue("OtherMax")) {
trigger_error("36", E_USER_ERROR);
}
// Annars, skapa användaren
$oUser = new User(0, $_POST['Name']);
$oUP = new UserPresentation($oUser, TRUE);
if ($sErrorMsg = $oUP->getErrorMsg()) {
trigger_error("37: " . $sErrorMsg, E_USER_ERROR);
die;
function msgRaidDetail($aRequest)
{
if (validUser()) {
global $gGame;
loadGameSettings();
$Out = Out::getInstance();
$Connector = Connector::getInstance();
$Out->pushValue('show', $aRequest['showPanel']);
$ListRaidQuery = $Connector->prepare('SELECT ' . RP_TABLE_PREFIX . 'Raid.*, ' . RP_TABLE_PREFIX . 'Location.Name AS LocationName, ' . RP_TABLE_PREFIX . 'Location.Image AS LocationImage, ' . RP_TABLE_PREFIX . 'Attendance.AttendanceId, ' . RP_TABLE_PREFIX . 'Attendance.UserId, ' . RP_TABLE_PREFIX . 'Attendance.CharacterId, ' . RP_TABLE_PREFIX . 'Attendance.Status, ' . RP_TABLE_PREFIX . 'Attendance.Role, ' . RP_TABLE_PREFIX . 'Attendance.Class AS ActiveClass, ' . RP_TABLE_PREFIX . 'Attendance.Comment, ' . 'UNIX_TIMESTAMP(' . RP_TABLE_PREFIX . 'Attendance.LastUpdate) AS LastUpdate, ' . RP_TABLE_PREFIX . 'Character.Name, ' . RP_TABLE_PREFIX . 'Character.Class, ' . RP_TABLE_PREFIX . 'Character.Mainchar, ' . RP_TABLE_PREFIX . 'Character.Role1, ' . RP_TABLE_PREFIX . 'Character.Role2, ' . 'UNIX_TIMESTAMP(' . RP_TABLE_PREFIX . 'Raid.Start) AS StartUTC, ' . 'UNIX_TIMESTAMP(' . RP_TABLE_PREFIX . 'Raid.End) AS EndUTC ' . 'FROM `' . RP_TABLE_PREFIX . 'Raid` ' . 'LEFT JOIN `' . RP_TABLE_PREFIX . 'Location` USING(LocationId) ' . 'LEFT JOIN `' . RP_TABLE_PREFIX . 'Attendance` USING(RaidId) ' . 'LEFT JOIN `' . RP_TABLE_PREFIX . 'Character` USING(CharacterId) ' . 'WHERE RaidId = :RaidId ORDER BY `' . RP_TABLE_PREFIX . 'Attendance`.AttendanceId');
$ListRaidQuery->bindValue(':RaidId', $aRequest['id'], PDO::PARAM_INT);
$Data = $ListRaidQuery->fetchFirstOfLoop();
if ($Data != null) {
$Participants = array();
$StartDate = getdate($Data['StartUTC']);
$EndDate = getdate($Data['EndUTC']);
$EndTimestamp = $Data['EndUTC'];
$Slots = array_combine(explode(':', $Data['SlotRoles']), explode(':', $Data['SlotCount']));
$Out->pushValue('raidId', $Data['RaidId']);
$Out->pushValue('locationid', $Data['LocationId']);
$Out->pushValue('locationname', $Data['LocationName']);
$Out->pushValue('stage', $Data['Stage']);
$Out->pushValue('mode', $Data['Mode']);
$Out->pushValue('image', $Data['LocationImage']);
$Out->pushValue('size', $Data['Size']);
$Out->pushValue('startDate', intval($StartDate['year']) . '-' . leadingZero10($StartDate['mon']) . '-' . leadingZero10($StartDate['mday']));
$Out->pushValue('start', leadingZero10($StartDate['hours']) . ':' . leadingZero10($StartDate['minutes']));
$Out->pushValue('endDate', intval($EndDate['year']) . '-' . leadingZero10($EndDate['mon']) . '-' . leadingZero10($EndDate['mday']));
$Out->pushValue('end', leadingZero10($EndDate['hours']) . ':' . leadingZero10($EndDate['minutes']));
$Out->pushValue('description', $Data['Description']);
$Out->pushValue('slots', $Slots);
$Attendees = array();
$MaxAttendanceId = 1;
$NumAttended = 0;
if ($Data['UserId'] != NULL) {
$ListRaidQuery->loop(function ($Data) use(&$gGame, &$Connector, &$MaxAttendanceId, &$Participants, &$Attendees, &$NumAttended) {
// Track max attendance id to give undecided players (without a comment) a distinct one.
$MaxAttendanceId = Max($MaxAttendanceId, $Data['AttendanceId']);
if ($Data['UserId'] != 0) {
array_push($Participants, intval($Data['UserId']));
}
if ($Data['CharacterId'] == 0) {
// CharacterId is 0 on random players or players that are absent
if ($Data['UserId'] != 0) {
// Fetch the mainchar of the registered player and display this
// character as 'absent'
$CharQuery = $Connector->prepare('SELECT ' . RP_TABLE_PREFIX . 'Character.*, ' . RP_TABLE_PREFIX . 'User.Login AS UserName ' . 'FROM `' . RP_TABLE_PREFIX . 'Character` LEFT JOIN `' . RP_TABLE_PREFIX . 'User` USING(UserId) ' . 'WHERE UserId = :UserId AND Game = :Game ' . 'ORDER BY Mainchar, CharacterId ASC');
$CharQuery->bindValue(':UserId', $Data['UserId'], PDO::PARAM_INT);
$CharQuery->bindValue(':Game', $gGame['GameId'], PDO::PARAM_STR);
$CharData = $CharQuery->fetchFirstOfLoop();
if ($CharData != null && $CharData['CharacterId'] != null) {
$Classes = explode(':', $CharData['Class']);
$AttendeeData = array('id' => $Data['AttendanceId'], 'hasId' => true, 'userId' => $Data['UserId'], 'timestamp' => $Data['LastUpdate'], 'charid' => $CharData['CharacterId'], 'name' => $CharData['Name'], 'mainchar' => $CharData['Mainchar'], 'classname' => $Classes, 'activeclass' => $Classes[0], 'role' => $CharData['Role1'], 'role1' => $CharData['Role1'], 'role2' => $CharData['Role2'], 'status' => $Data['Status'], 'comment' => $Data['Comment'], 'character' => array());
$CharQuery->loop(function ($CharData) use(&$AttendeeData) {
$Character = array('id' => $CharData['CharacterId'], 'name' => $CharData['Name'], 'mainchar' => $CharData['Mainchar'], 'classname' => explode(':', $CharData['Class']), 'role1' => $CharData['Role1'], 'role2' => $CharData['Role2']);
array_push($AttendeeData['character'], $Character);
});
array_push($Attendees, $AttendeeData);
}
} else {
// CharacterId and UserId set to 0 means 'random player'
$AttendeeData = array('id' => $Data['AttendanceId'], 'hasId' => true, 'userId' => 0, 'timestamp' => $Data['LastUpdate'], 'charid' => 0, 'name' => $Data['Comment'], 'mainchar' => false, 'classname' => array('___'), 'activeclass' => '___', 'role' => $Data['Role'], 'role1' => $Data['Role'], 'role2' => $Data['Role'], 'status' => $Data['Status'], 'comment' => '', 'character' => array());
array_push($Attendees, $AttendeeData);
++$NumAttended;
}
} else {
// CharacterId is set
$AttendeeData = array('id' => $Data['AttendanceId'], 'hasId' => true, 'userId' => $Data['UserId'], 'timestamp' => $Data['LastUpdate'], 'charid' => $Data['CharacterId'], 'name' => $Data['Name'], 'mainchar' => $Data['Mainchar'], 'classname' => explode(':', $Data['Class']), 'activeclass' => $Data['ActiveClass'], 'role' => $Data['Role'], 'role1' => $Data['Role1'], 'role2' => $Data['Role2'], 'status' => $Data['Status'], 'comment' => $Data['Comment'], 'character' => array());
$CharQuery = $Connector->prepare('SELECT ' . RP_TABLE_PREFIX . 'Character.*, ' . RP_TABLE_PREFIX . 'User.Login AS UserName ' . 'FROM `' . RP_TABLE_PREFIX . 'User` LEFT JOIN `' . RP_TABLE_PREFIX . 'Character` USING(UserId) ' . 'WHERE UserId = :UserId AND Game = :Game ' . 'ORDER BY Mainchar, CharacterId ASC');
$CharQuery->bindValue(':UserId', $Data['UserId'], PDO::PARAM_INT);
$CharQuery->bindValue(':Game', $gGame['GameId'], PDO::PARAM_STR);
$CharQuery->loop(function ($CharData) use(&$AttendeeData) {
$Character = array('id' => $CharData['CharacterId'], 'name' => $CharData['Name'], 'mainchar' => $CharData['Mainchar'], 'classname' => explode(':', $CharData['Class']), 'role1' => $CharData['Role1'], 'role2' => $CharData['Role2']);
array_push($AttendeeData['character'], $Character);
});
if ($Data['Status'] == 'ok' || $Data['Status'] == 'available') {
++$NumAttended;
}
array_push($Attendees, $AttendeeData);
}
});
}
// Fetch all registered and unblocked users
$AllUsersQuery = $Connector->prepare('SELECT ' . RP_TABLE_PREFIX . 'User.UserId ' . 'FROM `' . RP_TABLE_PREFIX . 'User` ' . 'WHERE `Group` != "none"');
$AllUsersQuery->loop(function ($User) use(&$gGame, &$Connector, &$MaxAttendanceId, &$EndTimestamp, &$Participants, &$Attendees) {
if (!in_array(intval($User['UserId']), $Participants)) {
// Users that are not registered for this raid are undecided
// Fetch their character data, maincharacter first
$CharQuery = $Connector->prepare('SELECT ' . RP_TABLE_PREFIX . 'Character.*, ' . RP_TABLE_PREFIX . 'User.Login AS UserName ' . 'FROM `' . RP_TABLE_PREFIX . 'Character` LEFT JOIN `' . RP_TABLE_PREFIX . 'User` USING(UserId) ' . 'WHERE UserId = :UserId AND Created < FROM_UNIXTIME(:RaidEnd) AND Game = :Game ' . 'ORDER BY Mainchar, CharacterId ASC');
$CharQuery->bindValue(':UserId', $User['UserId'], PDO::PARAM_INT);
$CharQuery->bindValue(':RaidEnd', $EndTimestamp, PDO::PARAM_INT);
$CharQuery->bindValue(':Game', $gGame['GameId'], PDO::PARAM_STR);
$UserData = $CharQuery->fetchFirstOfLoop();
if ($UserData != null) {
// Absent user have no attendance Id, so we need to generate one
// that is not in use (for this raid).
++$MaxAttendanceId;
$Classes = explode(':', $UserData['Class']);
$AttendeeData = array('id' => $MaxAttendanceId, 'hasId' => false, 'userId' => $UserData['UserId'], 'timestamp' => time(), 'charid' => $UserData['CharacterId'], 'name' => $UserData['Name'], 'mainchar' => $UserData['Mainchar'], 'classname' => $Classes, 'activeclass' => $Classes[0], 'role' => $UserData['Role1'], 'role1' => $UserData['Role1'], 'role2' => $UserData['Role2'], 'status' => 'undecided', 'comment' => '', 'character' => array());
$CharQuery->loop(function ($UserData) use(&$AttendeeData) {
$Character = array('id' => $UserData['CharacterId'], 'name' => $UserData['Name'], 'mainchar' => $UserData['Mainchar'], 'classname' => explode(':', $UserData['Class']), 'role1' => $UserData['Role1'], 'role2' => $UserData['Role2']);
array_push($AttendeeData['character'], $Character);
});
array_push($Attendees, $AttendeeData);
}
}
});
$Out->pushValue('attendee', $Attendees);
$Out->pushValue('attended', $NumAttended);
$ExportParameter = Api::normalizeArgsRaid(array('raid' => intval($aRequest['id']), 'attends' => true));
$Out->pushValue('token', Api::getPublicToken($ExportParameter));
}
if (validRaidlead()) {
msgQueryLocations($aRequest);
}
} else {
$Out = Out::getInstance();
$Out->pushError(L('AccessDenied'));
}
}
include_once "../includes/util.php";
$error = "";
function calcTime($diff)
{
if (1 > $diff) {
return "now";
} else {
$w = $diff / 86400 / 7;
$d = $diff / 86400 % 7;
$h = $diff / 3600 % 24;
$m = $diff / 60 % 60;
$s = $diff % 60;
return "{$h} hours, {$m} mins, and {$s} seconds";
}
}
if (!isset($_SESSION['user']) || !isset($_SESSION['pass']) || !validUser($_SESSION['user'], $_SESSION['pass'], true)) {
header("Location: https://profiles.ac3-servers.eu/login/");
}
$cache = phpFastCache();
$reset = $cache->get("reset_" . $_SESSION['user']);
$enabled = true;
if (!isset($reset) || empty($reset) || $reset == null) {
$enabled = true;
} else {
if ($reset - time() < 1) {
$enabled = true;
} else {
$enabled = false;
}
}
if (isset($_POST['reset'])) {
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// You should have received a copy of the GNU General Public License
// along with PHPDaft; if not, write to the Free Software
// Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
// Visa var filerna finns
ini_set("include_path", "/home/daft/konferens/");
// Inkludera filer
require "Functions/function_validUser.php";
require "Classes/class_Configuration.php";
require "Classes/class_User.php";
require "Classes/class_UserPresentation.php";
require "Classes/yapter.php";
$oConfiguration =& Configuration::createInstance();
// Kolla om inloggad
session_start();
if (!validUser()) {
trigger_error("43", E_USER_ERROR);
}
// Template
$oTemplate = new Template("/home/daft/Templates/NewThread.tpl");
$oTemplate->setParseMode(TRUE);
$oTemplate->setWarningLevel(E_YAPTER_ERROR);
$oTemplate->set("Title", $oConfiguration->getCustomValue("Title"));
$oTemplate->set("User_ID", $_SESSION['oUser']->getID());
$oTemplate->set("User_Name", htmlspecialchars($_SESSION['oUser']->getName()));
$oTemplate->replace("Login_Outside", "Login_Inside");
$oTemplate->set("Signature", "\n\n\n" . $_SESSION['oUser']->getSignature());
// Tryck ut
$oTemplate->parse();
$oTemplate->spit();
function msgRaidList($aRequest)
{
if (validUser()) {
global $gGame;
loadGameSettings();
$Out = Out::getInstance();
$Connector = Connector::getInstance();
// Get next 6 raids
$NextRaidQuery = $Connector->prepare('Select ' . RP_TABLE_PREFIX . 'Raid.*, ' . RP_TABLE_PREFIX . 'Location.*, ' . RP_TABLE_PREFIX . 'Attendance.CharacterId, ' . RP_TABLE_PREFIX . 'Attendance.UserId, ' . RP_TABLE_PREFIX . 'Attendance.Status, ' . RP_TABLE_PREFIX . 'Attendance.Class, ' . RP_TABLE_PREFIX . 'Attendance.Role, ' . RP_TABLE_PREFIX . 'Attendance.Comment, ' . 'UNIX_TIMESTAMP(' . RP_TABLE_PREFIX . 'Raid.Start) AS StartUTC, ' . 'UNIX_TIMESTAMP(' . RP_TABLE_PREFIX . 'Raid.End) AS EndUTC ' . 'FROM `' . RP_TABLE_PREFIX . 'Raid` ' . 'LEFT JOIN `' . RP_TABLE_PREFIX . 'Location` USING(LocationId) ' . 'LEFT JOIN `' . RP_TABLE_PREFIX . 'Attendance` USING(RaidId) ' . 'LEFT JOIN `' . RP_TABLE_PREFIX . 'Character` USING (CharacterId) ' . 'WHERE ' . RP_TABLE_PREFIX . 'Raid.Start >= FROM_UNIXTIME(:Start) ' . 'AND ' . RP_TABLE_PREFIX . 'Location.Game = :Game ' . 'ORDER BY ' . RP_TABLE_PREFIX . 'Raid.Start, ' . RP_TABLE_PREFIX . 'Raid.RaidId');
$NextRaidQuery->bindValue(':Start', mktime(0, 0, 0), PDO::PARAM_INT);
$NextRaidQuery->bindValue(':Game', $gGame['GameId'], PDO::PARAM_STR);
parseRaidQuery($aRequest, $NextRaidQuery, 6);
// Load raid history
$RaidHistoryQuery = $Connector->prepare('Select ' . RP_TABLE_PREFIX . 'Raid.*, ' . RP_TABLE_PREFIX . 'Location.*, ' . 'UNIX_TIMESTAMP(' . RP_TABLE_PREFIX . 'Raid.Start) AS StartUTC, ' . 'UNIX_TIMESTAMP(' . RP_TABLE_PREFIX . 'Raid.End) AS EndUTC ' . 'FROM `' . RP_TABLE_PREFIX . 'Raid` ' . 'LEFT JOIN `' . RP_TABLE_PREFIX . 'Location` USING(LocationId) ' . 'WHERE ' . RP_TABLE_PREFIX . 'Raid.Start < FROM_UNIXTIME(:Start) ' . 'AND ' . RP_TABLE_PREFIX . 'Location.Game = :Game ' . 'ORDER BY Start DESC LIMIT ' . intval($aRequest['offset']) . ', ' . intval($aRequest['count']));
$RaidHistoryQuery->bindValue(':Start', mktime(0, 0, 0), PDO::PARAM_INT);
$RaidHistoryQuery->bindValue(':Game', $gGame['GameId'], PDO::PARAM_STR);
$RaidList = array();
$RaidHistoryQuery->loop(function ($Data) use(&$RaidList) {
$StartDate = getdate($Data['StartUTC']);
$EndDate = getdate($Data['EndUTC']);
$Raid = array('id' => $Data['RaidId'], 'location' => $Data['Name'], 'stage' => $Data['Stage'], 'image' => $Data['Image'], 'size' => $Data['Size'], 'startDate' => $StartDate['year'] . '-' . leadingZero10($StartDate['mon']) . '-' . leadingZero10($StartDate['mday']), 'start' => leadingZero10($StartDate['hours']) . ':' . leadingZero10($StartDate['minutes']), 'endDate' => $EndDate['year'] . '-' . leadingZero10($EndDate['mon']) . '-' . leadingZero10($EndDate['mday']), 'end' => leadingZero10($EndDate['hours']) . ':' . leadingZero10($EndDate['minutes']));
array_push($RaidList, $Raid);
});
$Out->pushValue('history', $RaidList);
} else {
$Out = Out::getInstance();
$Out->pushError(L('AccessDenied'));
}
}
