コード例 #1
0
    AdminMessage($lang['adm_err_denied']);
}
$template = gettemplate('admin/planet_compensate', true);
$galaxy_src = sys_get_param_int('galaxy_src');
$system_src = sys_get_param_int('system_src');
$planet_src = sys_get_param_int('planet_src');
$galaxy_dst = sys_get_param_int('galaxy_dst');
$system_dst = sys_get_param_int('system_dst');
$planet_dst = sys_get_param_int('planet_dst');
$bonus = sys_get_param_float('bonus', 1);
$username_unsafe = sys_get_param_str_unsafe('username');
$username = sys_get_param_escaped('username');
if ($galaxy_src) {
    sn_db_transaction_start();
    $errors = array();
    $owner = db_user_by_username($username_unsafe, false, '*', true, true);
    $planet = sys_o_get_updated($owner, array('galaxy' => $galaxy_src, 'system' => $system_src, 'planet' => $planet_src, 'planet_type' => 1), SN_TIME_NOW);
    $que = $planet['que'];
    $planet = $planet['planet'];
    if (!$planet) {
        $errors[] = $lang['adm_pl_comp_err_0'];
    }
    if ($planet['destruyed']) {
        $errors[] = $lang['adm_pl_comp_err_1'];
    }
    if ($planet['id_owner'] != $owner['id'] || !$username) {
        $errors[] = $lang['adm_pl_comp_err_4'];
    }
    $destination = sys_o_get_updated($owner, array('galaxy' => $galaxy_dst, 'system' => $system_dst, 'planet' => $planet_dst, 'planet_type' => 1), SN_TIME_NOW);
    $destination = $destination['planet'];
    if (!$destination) {
コード例 #2
0
ファイル: banned.php プロジェクト: divyinfo/SuperNova
 * @version 1.1  - (c) Copyright by Gorlum for http://supernova.ws
 * @version 1.0  - copyright 2008 by Chlorel for XNova
 *
 */
define('INSIDE', true);
define('INSTALL', false);
define('IN_ADMIN', true);
require '../common.' . substr(strrchr(__FILE__, '.'), 1);
if ($user['authlevel'] < 1) {
    AdminMessage($lang['adm_err_denied']);
}
$mode = sys_get_param_str('mode', 'banit');
$name_unsafe = sys_get_param_str_unsafe('name');
$name_output = sys_safe_output($name_unsafe);
$action = sys_get_param_str('action');
$player_banned_row = db_user_by_username($name_unsafe);
if ($mode == 'banit' && $action) {
    if ($player_banned_row) {
        $reas = $_POST['why'];
        $days = $_POST['days'];
        $hour = $_POST['hour'];
        $mins = $_POST['mins'];
        $secs = $_POST['secs'];
        //    $isVacation = $_POST['isVacation'];
        $BanTime = $days * 86400;
        $BanTime += $hour * 3600;
        $BanTime += $mins * 60;
        $BanTime += $secs;
        //    $BannedUntil = SN_TIME_NOW + $BanTime;
        sys_admin_player_ban($user, $player_banned_row, $BanTime, $is_vacation = sys_get_param_int('isVacation'), sys_get_param_str('why'));
        $DoneMessage = "{$lang['adm_bn_thpl']} {$name_output} {$lang['adm_bn_isbn']}";
コード例 #3
0
ファイル: paneladmina.php プロジェクト: divyinfo/SuperNova
     $parse['adm_sub_form3'] .= "<tr><td colspan=\"4\" class=\"c\">".$lang['adm_technos']."</td></tr>";
     foreach(sn_get_groups('tech') as $Item)
     {
       $parse['adm_sub_form3'] .= "<tr><th>".$lang['tech'][$Item]."</th>";
       $parse['adm_sub_form3'] .= "<th>".$SelUser[get_unit_param($Item, P_NAME)]."</th></tr>";
     }
     $parse['adm_sub_form3'] .= "</tbody></table>";
     */
     break;
 case 'usr_level':
     # only for admins
     if ($user['authlevel'] < 3 || $NewLevel >= $user['authlevel']) {
         message($lang['sys_noalloaw'], $lang['sys_noaccess']);
         die;
     }
     $selected_user = db_user_by_username($Pattern, false, 'id');
     $QryUpdate = db_user_set_by_id($selected_user['id'], "`authlevel` = '{$NewLvl}'");
     $Message = $lang['adm_mess_lvl1'] . " " . $Pattern . " " . $lang['adm_mess_lvl2'];
     $Message .= "<font color=\"red\">" . $lang['adm_usr_level'][$NewLvl] . "</font>!";
     AdminMessage($Message, $lang['adm_mod_level']);
     break;
 case 'ip_search':
     $bloc = $lang;
     $bloc['adm_this_ip'] = $ip;
     $SelUser = db_user_list("`user_lastip` = '{$ip}'");
     //while ( $Usr = db_fetch($SelUser) ) {
     foreach ($SelUser as $Usr) {
         $UsrMain = db_planet_by_id($Usr['id_planet'], false, 'name');
         $bloc['adm_plyer_lst'] .= "<tr><th>" . $Usr['username'] . "</th><th>[" . $Usr['galaxy'] . ":" . $Usr['system'] . ":" . $Usr['planet'] . "] " . $UsrMain['name'] . "</th></tr>";
     }
     $SubPanelTPL = gettemplate('admin/admin_panel_asw2');
コード例 #4
0
ファイル: buddy.php プロジェクト: divyinfo/SuperNova
                 throw new exception('buddy_err_delete_own', ERR_NONE);
             } elseif ($buddy_row['BUDDY_STATUS'] == BUDDY_REQUEST_WAITING) {
                 msg_send_simple_message($buddy_row['BUDDY_SENDER_ID'], $user['id'], SN_TIME_NOW, MSG_TYPE_PLAYER, $user['username'], $lang['buddy_msg_deny_title'], sprintf($lang['buddy_msg_deny_text'], $user['username']));
                 doquery("UPDATE {{buddy}} SET `BUDDY_STATUS` = " . BUDDY_REQUEST_DENIED . " WHERE `BUDDY_ID` = {$buddy_id} LIMIT 1;");
                 sn_db_transaction_commit();
                 throw new exception('buddy_err_deny_none', ERR_NONE);
             }
             break;
     }
 }
 // New request?
 // Checking for user ID - in case if it was request from outside buddy system
 if ($new_friend_id = sys_get_param_id('request_user_id')) {
     $new_friend_row = db_user_by_id($new_friend_id, true, '`id`, `username`');
 } elseif ($new_friend_name = sys_get_param_str_unsafe('request_user_name')) {
     $new_friend_row = db_user_by_username($new_friend_name, true, '`id`, `username`');
     $new_friend_name = db_escape($new_friend_name);
 }
 if ($new_friend_row['id'] == $user['id']) {
     unset($new_friend_row);
     throw new exception('buddy_err_adding_self', ERR_ERROR);
 }
 // Checking for user name & request text - in case if it was request to adding new request
 if (isset($new_friend_row['id']) && ($new_request_text = sys_get_param_str('request_text'))) {
     $check_relation = doquery("SELECT `BUDDY_ID` FROM {{buddy}} WHERE\n      (`BUDDY_SENDER_ID` = {$user['id']} AND `BUDDY_OWNER_ID` = {$new_friend_row['id']})\n      OR\n      (`BUDDY_SENDER_ID` = {$new_friend_row['id']} AND `BUDDY_OWNER_ID` = {$user['id']})\n      LIMIT 1 FOR UPDATE;", true);
     if (isset($check_relation['BUDDY_ID'])) {
         throw new exception('buddy_err_adding_exists', ERR_WARNING);
     }
     msg_send_simple_message($new_friend_row['id'], $user['id'], SN_TIME_NOW, MSG_TYPE_PLAYER, $user['username'], $lang['buddy_msg_adding_title'], sprintf($lang['buddy_msg_adding_text'], $user['username']));
     doquery($q = "INSERT INTO {{buddy}} SET `BUDDY_SENDER_ID` = {$user['id']}, `BUDDY_OWNER_ID` = {$new_friend_row['id']}, `BUDDY_REQUEST` = '{$new_request_text}';");
     sn_db_transaction_commit();
コード例 #5
0
ファイル: messages.php プロジェクト: divyinfo/SuperNova
 */
include 'common.' . substr(strrchr(__FILE__, '.'), 1);
lng_include('messages');
$mode = sys_get_param_str('msg_delete') ? 'delete' : sys_get_param_str('mode');
$current_class = sys_get_param_int('message_class');
if (!isset($sn_message_class_list[$current_class])) {
    $current_class = 0;
    $mode = '';
}
switch ($mode) {
    case 'write':
        $error_list = array();
        $template = gettemplate('msg_message_compose', true);
        $recipient_name = sys_get_param_str_unsafe('recipient_name');
        if ($recipient_name) {
            $recipient_row = db_user_by_username($recipient_name);
        }
        if (!$recipient_row) {
            $recipient_id = sys_get_param_id('id');
            $recipient_row = db_user_by_id($recipient_id);
            if (!$recipient_row) {
                $recipient_id = 0;
            }
        }
        if ($recipient_row) {
            $recipient_id = $recipient_row['id'];
            $recipient_name = $recipient_row['username'];
        }
        if ($recipient_id == $user['id']) {
            $error_list[] = array('MESSAGE' => $lang['msg_err_self_send'], 'STATUS' => ERR_ERROR);
        }
コード例 #6
0
require '../common.' . substr(strrchr(__FILE__, '.'), 1);
if (!sn_module_get_active_count('payment')) {
    sys_redirect(SN_ROOT_VIRTUAL . 'admin/overview.php');
}
if ($user['authlevel'] < 3) {
    AdminMessage($lang['adm_err_denied']);
}
$template = gettemplate("admin/adm_metamatter", true);
$message = '';
$message_status = ERR_ERROR;
if ($points = sys_get_param_float('points')) {
    // If points not empty...
    if ($username = sys_get_param_str_unsafe('id_user')) {
        $row = db_user_by_id($username, false, 'id, username', true, true);
        if (!isset($row['id'])) {
            $row = db_user_by_username($username, false, 'id, username', true, true);
        }
        if (is_array($row) && isset($row['id'])) {
            // Does anything post to DB?
            if (mm_points_change($row['id'], RPG_ADMIN, $points, sprintf($lang['adm_matter_change_log_record'], $row['id'], db_escape($row['username']), $user['id'], db_escape($user['username']), db_escape(sys_get_param_str('reason'))))) {
                $message = sprintf($lang['adm_mm_user_added'], $row['username'], $row['id'], $points);
                $isNoError = true;
                $message_status = ERR_NONE;
            } else {
                // No? We will say it to user...
                $message = $lang['adm_mm_add_err'];
            }
        }
    } else {
        // Points not empty but destination is not set - this means error
        $message = $lang['adm_mm_no_dest'];
コード例 #7
0
function sn_db_user_by_username_security($username_unsafe, &$result)
{
    return $result = db_user_by_username($username_unsafe);
}