function __construct($townID)
{
$this->db = @mysql_get("SELECT * FROM town WHERE `id` = '{$townID}';");
$this->id = $this->db['id'];
$this->name = $this->db['name'];
//Initialize size
$this->sizeX = $this->db['size'] >> 8;
$this->sizeY = $this->db['size'] & 255;
//Initialize quests and technologies
$this->questDone = array();
$this->questProg = array();
$this->techRes = array();
for ($i = 0; $i < 32; $i++) {
for ($j = 0; $j < 8; $j++) {
$this->questDone[$i * 8 + 7 - $j] = ord($this->db['questDone'][$i]) >> $j & 1;
$this->questProg[$i * 8 + 7 - $j] = ord($this->db['questProgress'][$i]) >> $j & 1;
$this->techRes[$i * 8 + 7 - $j] = ord($this->db['techRes'][$i]) >> $j & 1;
}
}
//Initialize the map
$arr = $this->db['map'];
$this->map = array();
$this->tleft = array();
for ($i = 0; $i < $this->sizeX * $this->sizeY; $i++) {
$this->map[$i] = (int) ord($arr[2 * $i]);
$this->tleft[$i] = (int) ord($arr[2 * $i + 1]);
}
$this->fact = array();
$this->numBld = array();
$this->bldLvl = array();
$this->lastUpdate = strtotime($this->db['lastUpdated']);
$this->scoreBase = 0;
$this->scorePol = 0;
$this->scoreUnemploy = 0;
$this->scoreWaste = 0;
$this->scoreGreen = 0;
$this->trashProd = 0;
$this->trashRecl = 0;
$this->fact['score'] = $this->db['score'];
$this->fact['budget'] = $this->db['budget'];
$this->fact['goods'] = $this->db['goods'];
$this->update();
}
function _generatePasswordResetCode($userNum, $dayModifier = 0)
{
$userNum = (int) $userNum;
// load user
$user = mysql_get(accountsTable(), $userNum);
if (!$user) {
die(__FUNCTION__ . ": User #{$userNum} not found!");
}
// create reset code
$yearAndDay = date('Y-z', strtotime("+{$dayModifier} day"));
// 2011-123
$resetCode = sha1($userNum . $user['password'] . $yearAndDay . $user['createdDate']);
// Note: We use unique values from the user record so the resetCode can't be guessed or calculated.
// ... createdDate is added since it's unlikely to be known and adds entrpoy in the event the password field is blank.
return $resetCode;
}
/**
Initialise the user from cookies or session
*/
function initUser()
{
if (!isset($_SESSION)) {
session_start();
}
if (isset($_COOKIE['userName']) && isset($_COOKIE['userPass'])) {
$usr_db = mysql_get("SELECT * FROM user WHERE `name` = '{$_COOKIE['userName']}' AND `pass` = '{$_COOKIE['userPass']}'");
$_SESSION['usr'] = new User($usr_db);
if ($usr_db && $_SESSION['usr']) {
return $_SESSION['usr'];
} else {
return false;
}
} else {
if (isset($_SESSION['usr'])) {
$usr_db = mysql_get("SELECT * FROM user WHERE `id` = '{$_SESSION['usr']}'");
return new User($usr_db);
} else {
return false;
}
}
}
/**
@file login.php
@author Licker Nandor
@brief Login handling
*/
include 'include/lang.php';
include 'include/config.php';
include 'include/usr.class.php';
include 'include/db.php';
@session_start();
if (!isset($_POST['user']) || !isset($_POST['pass']) || !isset($_POST['rem'])) {
echo "0";
exit;
}
$user = mysql_real_escape_string($_POST['user']);
$pass = mysql_real_escape_string($_POST['pass']);
$rem = mysql_real_escape_string($_POST['rem']);
//Check if the user exists and the right password was given
$usr_db = mysql_get("SELECT * FROM user WHERE `name` = '{$user}' AND `pass` = '{$pass}'");
if ($usr_db == FALSE) {
echo "1";
exit;
}
$_SESSION['usr'] = $usr_db['id'];
$usr = new User($usr_db);
//Set the cookies if necessary
if ($rem == "true") {
setCookie("userName", $usr->name, time() + 3600000);
setCookie("userPass", $usr->pass, time() + 3600000);
}
echo $usr->toJSON();
function cron_logErrorsOnDieOrExit()
{
if (!@$GLOBALS['CRON_JOB_LOG_NUM']) {
return;
}
$summary = t("Returned errors");
$output = ob_get_clean();
$runtime = sprintf("%0.2f", microtime(true) - $GLOBALS['CRON_JOB_START']);
// update job log entry
mysql_update('_cron_log', $GLOBALS['CRON_JOB_LOG_NUM'], null, array('summary' => $summary, 'output' => $output, 'runtime' => $runtime));
// send email
$secondsAgo = time() - $GLOBALS['SETTINGS']['bgtasks_lastEmail'];
if ($secondsAgo >= 60 * 60) {
// don't email more than once an hour
// get email placeholders
$cronLog = mysql_get('_cron_log', $GLOBALS['CRON_JOB_LOG_NUM']);
$placeholders = array('bgtask.date' => $cronLog['createdDate'], 'bgtask.activity' => $cronLog['activity'], 'bgtask.summary' => nl2br(htmlencode($cronLog['summary'])), 'bgtask.completed' => $cronLog['completed'], 'bgtask.function' => $cronLog['function'], 'bgtask.output' => nl2br(htmlencode($cronLog['output'])), 'bgtask.runtime' => $cronLog['runtime'], 'bgtask.function' => $cronLog['function'], 'bgtasks.logsUrl' => realUrl("?menu=_cron_log", $GLOBALS['SETTINGS']['adminUrl']), 'bgtasks.settingsUrl' => realUrl("?menu=admin&action=general#background-tasks", $GLOBALS['SETTINGS']['adminUrl']));
// send message
$errors = sendMessage(emailTemplate_loadFromDB(array('template_id' => 'CMS-BGTASK-ERROR', 'placeholders' => $placeholders)));
if ($errors) {
die("Mail Error: {$errors}");
}
// update last emailed time
$GLOBALS['SETTINGS']['bgtasks_lastEmail'] = time();
saveSettings();
}
}
function emailTemplate_loadFromDB($options)
{
// set defaults
if (!@$options['template_table']) {
$options['template_table'] = '_email_templates';
}
// v2.50
// error checking
if (!$options['template_id']) {
dieAsCaller(__FUNCTION__ . ": No 'template_id' set in options");
}
if (!$options['placeholders']) {
dieAsCaller(__FUNCTION__ . ": No 'placeholders' set in options");
}
// load template
$template = array();
if (!$template) {
// try and load custom translated TEMPLATE-ID with language suffix first, eg: MY-TEMPLATE-FR
$template = mysql_get($options['template_table'], null, array('template_id' => $options['template_id'] . '-' . strtoupper($GLOBALS['SETTINGS']['language'])));
}
if (!$template) {
// if not found, try loading default template next
$template = mysql_get($options['template_table'], null, array('template_id' => $options['template_id']));
}
if (!$template) {
// if not found, re-add default templates and try again unless template wasn't added or was removed
emailTemplate_addDefaults();
$template = mysql_get($options['template_table'], null, array('template_id' => $options['template_id']));
}
if (!$template) {
// otherwise, die with error
dieAsCaller(__FUNCTION__ . ": Couldn't find email template_id '" . htmlencode($options['template_id']) . "'");
}
// get email values
$emailHeaders = array();
$emailHeaders['from'] = coalesce(@$options['override-from'], $template['from']);
$emailHeaders['to'] = coalesce(@$options['override-to'], $template['to']);
if ($template['reply-to'] || @$options['override-reply-to']) {
$emailHeaders['headers']['Reply-To'] = coalesce(@$options['override-reply-to'], $template['reply-to']);
}
if ($template['cc'] || @$options['override-cc']) {
$emailHeaders['headers']['CC'] = coalesce(@$options['override-cc'], $template['cc']);
}
if ($template['bcc'] || @$options['override-bcc']) {
$emailHeaders['headers']['BCC'] = coalesce(@$options['override-bcc'], $template['bcc']);
}
$emailHeaders['subject'] = coalesce(@$options['override-subject'], $template['subject']);
$emailHeaders['disabled'] = coalesce(@$options['override-disabled'], @$template['disabled']);
$emailHeaders['html'] = coalesce(@$options['override-html'], $template['html']);
// v2.51
$passThruFields = array('attachments', 'headers', 'logging');
foreach ($passThruFields as $field) {
if (!array_key_exists($field, $options)) {
continue;
}
$emailHeaders[$field] = $options[$field];
}
// replace placeholders
list($emailHeaders, $textPlaceholderList) = emailTemplate_replacePlaceholders($emailHeaders, @$options['placeholders']);
// update template placeholder list
if ($template['placeholders'] != $textPlaceholderList) {
mysql_update($options['template_table'], $template['num'], null, array('placeholders' => $textPlaceholderList));
}
// error checking
if (!$emailHeaders['from']) {
die(__FUNCTION__ . ": No 'From' set by program or email template id '" . htmlencode($options['template_id']) . "'");
}
if (!$emailHeaders['to']) {
die(__FUNCTION__ . ": No 'To' set by program or email template id '" . htmlencode($options['template_id']) . "'");
}
if (!$emailHeaders['subject']) {
die(__FUNCTION__ . ": No 'Subject' set by program or email template id '" . htmlencode($options['template_id']) . "'");
}
if (!$emailHeaders['html']) {
die(__FUNCTION__ . ": No 'Message HTML' found by program or email template id '" . htmlencode($options['template_id']) . "'");
}
// add html header/footer
if (@$options['addHeaderAndFooter'] !== false) {
// added in 2.50
$htmlTitle = htmlencode($emailHeaders['subject']);
$header = <<<__HTML__
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>{$htmlTitle}</title>
</head>
<body>
<style type="text/css">
p { margin-bottom: 1em; }
</style>
__HTML__;
// ***NOTE*** style tag is for Yahoo Mail which otherwise drops paragraph spacing - http://www.email-standards.org/blog/entry/yahoo-drops-paragraph-spacing/
// ... having a defined <title></title> helps get by spam filters
$footer = <<<__HTML__
</body>
</html>
__HTML__;
$emailHeaders['html'] = $header . $emailHeaders['html'] . $footer;
}
//
return $emailHeaders;
}
<?php
include 'include/lang.php';
include 'include/config.php';
include 'include/db.php';
// Retrieve the number of existing towns
$db_res = mysql_get("SELECT COUNT(`id`) FROM `town`");
$numTowns = intval($db_res['COUNT(`id`)']);
?>
<div id = "ranking">
<script type = "text/javascript">
function loadFrom (page) {
newItemsPerPage = parseInt (($("#rank_body").height () - 50) / 22 - 1);
$.getJSON ("getrank.php?pos=" + (itemsPerPage * page) + "&cnt=" + newItemsPerPage, function (json)
{
$("#rank_table").html ('<tr><th style = "width: 60px;"><? echo __("Rank");?></th><th style = "width: 270px;"><? echo __("Name");?></th><th><? echo __("Score");?></th></tr>');
for (var i = 0; i < json.length; ++i) {
$("#rank_table").append ("<tr onclick = 'loadTown (" + json[i].id + ")'><td>" + (itemsPerPage * page + i + 1) + "</td><td>" + json[i].name + "</td><td tid = " + json[i].id + ">" + json[i].score + "</td></tr>");
}
});
page = parseInt (page * itemsPerPage / newItemsPerPage);
numPage = parseInt (numItems / newItemsPerPage) + 1;
$("#rank_control").html ("");
for (var i = 1; i <= min (3, numPage); ++i) {
$("#rank_control").append ("<span id = '" + (i - 1) + "'>" + i + "</span>");
}
if (page > 6)
break;
}
$percent = $_GET['perc'];
mysql_query("UPDATE `user` SET `car_percent` = {$percent} WHERE `id` = " . $usr->id . ";");
echo '1';
break;
case 'update':
echo $usr->towns[$_SESSION['town']]->getMapDataJSON();
break;
case 'sendmail':
if (!isset($_POST['to']) || !isset($_POST['title']) || !isset($_POST['txt'])) {
echo "Error";
exit(0);
}
$_POST['to'] = mysql_real_escape_string($_POST['to']);
$_POST['txt'] = strip_tags(mysql_real_escape_string($_POST['txt']));
$_POST['title'] = mysql_real_escape_string($_POST['title']);
$from = $usr->towns[$_SESSION['town']]->name;
$rcpt = mysql_get("SELECT id FROM town WHERE `name` = '{$_POST['to']}';");
if ($rcpt['id'] <= 0) {
echo "Invalid recipient!";
exit(0);
}
mysql_query("INSERT INTO mail(`from`, `to`, `title`, `text`) VALUES('{$from}', '{$rcpt['id']}', '{$_POST['title']}', '{$_POST['txt']}');");
echo "<span style = 'color:green'>" . __("Message sent!") . "</span>";
break;
default:
echo "0";
break;
}
mysql_close($dbconn);
foreach ($cronRecords as $record) {
?>
<tr class="listRow <?php
echo @++$cronTaskCounter % 2 ? 'listRowOdd' : 'listRowEven';
?>
">
<td><?php
echo htmlencode($record['function']);
?>
</td>
<td><?php
echo htmlencode($record['activity']);
?>
</td>
<td><?php
$latestLog = mysql_get('_cron_log', null, ' function = "' . mysql_escape($record['function']) . '" ORDER BY num DESC');
echo prettyDate($latestLog['createdDate']);
?>
</td>
<td><?php
echo htmlencode($record['expression']);
?>
</td>
</tr>
<?php
}
?>
<?php
} else {
?>
<tr>
if (!@$_REQUEST['num']) {
$preSaveTempId = uniqid('x');
}
### load record
$num = (int) @$_REQUEST['num'];
// error checking
if ($escapedTableName == '') {
die("no tablename specified!");
}
if ($num != (int) $num) {
die("record number value must be an integer!");
}
// load record
$GLOBALS['RECORD'] = array();
if ($num) {
$GLOBALS['RECORD'] = mysql_get($tableName, $num);
}
//
doAction('record_preedit', $tableName, @$_REQUEST['num']);
//
$previewUrl = coalesce(@$schema['_previewPage'], @$schema['_detailPage']);
if ($previewUrl) {
$previewUrl = PREFIX_URL . $previewUrl . '?' . urlencode(t('preview')) . '-9999999999';
}
// note that 9999999999 is a special number which getRecords() uses to know this is a preview request
$showPreviewButton = !@$schema['_disablePreview'] && $previewUrl;
//
showHeader();
?>
<script type="text/javascript" src="<?php