/** * \brief Crear la cookie. * \details Crear la cookie en cliente para especificar que el cliente está autenticado. */ function setAuthCookie($username, $password) { if (validUser($username, $password)) { setcookie("token", getToken($username, md5($password)), time() + ONE_YEAR, "/", "", 0, true); setcookie("user", $username, time() + ONE_YEAR, "/", "", 0, true); } }
function setAuthCookie($username, $password) { if (validUser($username, $password)) { setcookie("token", getToken($username, $password), time() + ONE_YEAR); setcookie("user", $username, time() + ONE_YEAR); } }
function safePage() { if (!isset($_SESSION['userID']) or !isset($_SESSION['userName'])) { userOut(); } else { if (!validUser($_SESSION['userName'], $_SESSION['userPassw'])) { userOut(); } } }
public function index() { $config = C('TMPL_PARSE_STRING'); $root = $config['__ROOT__']; $suff = 'login'; if (validUser("admin")) { $suff = 'manage_notice'; } header("Location: {$root}/Admin/{$suff}"); }
function msgQueryUser($aRequest) { $Out = Out::getInstance(); if (registeredUser()) { $CurrentUser = UserProxy::getInstance(); $CharacterIds = array(); $CharacterGames = array(); $CharacterNames = array(); $CharacterClasses = array(); $CharacterRoles1 = array(); $CharacterRoles2 = array(); $Settings = array(); foreach ($CurrentUser->Characters as $Character) { array_push($CharacterIds, $Character->CharacterId); array_push($CharacterGames, $Character->Game); array_push($CharacterNames, $Character->Name); array_push($CharacterClasses, explode(':', $Character->ClassName)); array_push($CharacterRoles1, $Character->Role1); array_push($CharacterRoles2, $Character->Role2); } $Out->pushValue('registeredUser', true); $Out->pushValue('id', $CurrentUser->UserId); $Out->pushValue('name', $CurrentUser->UserName); $Out->pushValue('characterIds', $CharacterIds); $Out->pushValue('characterGames', $CharacterGames); $Out->pushValue('characterNames', $CharacterNames); $Out->pushValue('characterClass', $CharacterClasses); $Out->pushValue('role1', $CharacterRoles1); $Out->pushValue('role2', $CharacterRoles2); $Out->pushValue('validUser', validUser()); $Out->pushValue('isRaidlead', validRaidlead()); $Out->pushValue('isAdmin', validAdmin()); $Out->pushValue('settings', $CurrentUser->Settings); $Session = Session::get(); if (isset($Session['Calendar'])) { $Out->pushValue('calendar', $Session['Calendar']); } else { $Out->pushValue('calendar', null); } } else { $Out->pushValue('registeredUser', false); } }
function msgQueryCalendar($aRequest) { if (validUser()) { global $gGame; loadGameSettings(); $Out = Out::getInstance(); $Connector = Connector::getInstance(); $ListRaidQuery = $Connector->prepare('Select ' . RP_TABLE_PREFIX . 'Raid.*, ' . RP_TABLE_PREFIX . 'Location.*, ' . RP_TABLE_PREFIX . 'Attendance.CharacterId, ' . RP_TABLE_PREFIX . 'Attendance.UserId, ' . RP_TABLE_PREFIX . 'Attendance.Status, ' . RP_TABLE_PREFIX . 'Attendance.Class, ' . RP_TABLE_PREFIX . 'Attendance.Role, ' . RP_TABLE_PREFIX . 'Attendance.Comment, ' . 'UNIX_TIMESTAMP(' . RP_TABLE_PREFIX . 'Raid.Start) AS StartUTC, ' . 'UNIX_TIMESTAMP(' . RP_TABLE_PREFIX . 'Raid.End) AS EndUTC ' . 'FROM `' . RP_TABLE_PREFIX . 'Raid` ' . 'LEFT JOIN `' . RP_TABLE_PREFIX . 'Location` USING(LocationId) ' . 'LEFT JOIN `' . RP_TABLE_PREFIX . 'Attendance` USING (RaidId) ' . 'LEFT JOIN `' . RP_TABLE_PREFIX . 'Character` USING (CharacterId) ' . 'WHERE ' . RP_TABLE_PREFIX . 'Raid.Start >= FROM_UNIXTIME(:Start) AND ' . RP_TABLE_PREFIX . 'Raid.Start <= FROM_UNIXTIME(:End) ' . 'AND ' . RP_TABLE_PREFIX . 'Location.Game = :Game ' . 'ORDER BY ' . RP_TABLE_PREFIX . 'Raid.Start, ' . RP_TABLE_PREFIX . 'Raid.RaidId'); // Calculate the correct start end end times $StartDay = getCalStartDay(); $StartUTC = mktime(0, 0, 0, $aRequest['Month'], 1, $aRequest['Year']); $StartDate = getdate($StartUTC); if ($StartDate['wday'] != $StartDay) { // Calculate the first day displayed in the calendar $Offset = $StartDate['wday'] < $StartDay ? 7 - ($StartDay - $StartDate['wday']) : $StartDate['wday'] - $StartDay; $StartUTC -= 60 * 60 * 24 * $Offset; $StartDate = getdate($StartUTC); } // Calculate the last day displayed in the calendar $EndUTC = $StartUTC + 60 * 60 * 24 * 7 * 6; // + 6 weeks // Query and return $ListRaidQuery->bindValue(':Start', $StartUTC, PDO::PARAM_INT); $ListRaidQuery->bindValue(':End', intval($EndUTC), PDO::PARAM_INT); $ListRaidQuery->bindValue(':Game', $gGame['GameId'], PDO::PARAM_STR); $Session = Session::get(); $Session['Calendar'] = array('month' => intval($aRequest['Month']), 'year' => intval($aRequest['Year'])); $Out->pushValue('startDay', $StartDate['mday']); $Out->pushValue('startMonth', $StartDate['mon']); $Out->pushValue('startYear', $StartDate['year']); $Out->pushValue('startOfWeek', $StartDay); $Out->pushValue('displayMonth', $aRequest['Month']); $Out->pushValue('displayYear', $aRequest['Year']); parseRaidQuery($aRequest, $ListRaidQuery, 0); } else { $Out = Out::getInstance(); $Out->pushError(L('AccessDenied')); } }
function msgCommentupdate($aRequest) { if (validUser()) { $Connector = Connector::getInstance(); $RaidId = intval($aRequest['raidId']); $UserId = UserProxy::getInstance()->UserId; $CheckQuery = $Connector->prepare('SELECT UserId FROM `' . RP_TABLE_PREFIX . 'Attendance` WHERE UserId = :UserId AND RaidId = :RaidId LIMIT 1'); $CheckQuery->bindValue(':UserId', $UserId, PDO::PARAM_INT); $CheckQuery->bindValue(':RaidId', $RaidId, PDO::PARAM_INT); if ($CheckQuery->execute()) { $UpdateQuery = null; if ($CheckQuery->getAffectedRows() > 0) { $UpdateQuery = $Connector->prepare('UPDATE `' . RP_TABLE_PREFIX . 'Attendance` ' . 'SET comment = :Comment, LastUpdate = FROM_UNIXTIME(:Timestamp) ' . 'WHERE RaidId = :RaidId AND UserId = :UserId LIMIT 1'); $UpdateQuery->bindValue(':Timestamp', time(), PDO::PARAM_INT); } else { $UpdateQuery = $Connector->prepare('INSERT INTO `' . RP_TABLE_PREFIX . 'Attendance` ( CharacterId, UserId, RaidId, Status, Role, Comment ) ' . 'VALUES ( :CharacterId, :UserId, :RaidId, :Status, :Role, :Comment )'); $UpdateQuery->bindValue(':CharacterId', 0, PDO::PARAM_INT); $UpdateQuery->bindValue(':Role', '', PDO::PARAM_STR); $UpdateQuery->bindValue(':Status', 'undecided', PDO::PARAM_STR); } $UpdateQuery->bindValue(':RaidId', $RaidId, PDO::PARAM_INT); $UpdateQuery->bindValue(':UserId', $UserId, PDO::PARAM_INT); $UpdateQuery->bindValue(':Comment', requestToXML($aRequest['comment'], ENT_COMPAT, 'UTF-8'), PDO::PARAM_STR); $UpdateQuery->execute(); } // reload calendar $RaidQuery = $Connector->prepare('SELECT Start FROM `' . RP_TABLE_PREFIX . 'Raid` WHERE RaidId = :RaidId LIMIT 1'); $RaidQuery->bindValue(':RaidId', $RaidId, PDO::PARAM_INT); $RaidData = $RaidQuery->fetchFirst(); $Session = Session::get(); $ShowMonth = isset($Session['Calendar']) && isset($Session['Calendar']['month']) ? $Session['Calendar']['month'] : intval(substr($RaidData['Start'], 5, 2)); $ShowYear = isset($Session['Calendar']) && isset($Session['Calendar']['year']) ? $Session['Calendar']['year'] : intval(substr($RaidData['Start'], 0, 4)); msgQueryCalendar(prepareCalRequest($ShowMonth, $ShowYear)); } else { $Out = Out::getInstance(); $Out->pushError(L('AccessDenied')); } }
$query = "INSERT INTO users (username,password) values ('$user','$password')"; $res = mysql_query($query, $link); if(mysql_affected_rows() > 0){ return True; } return False; } if(array_key_exists("username", $_REQUEST) and array_key_exists("password", $_REQUEST)) { $link = mysql_connect('localhost', 'natas27', '<censored>'); mysql_select_db('natas27', $link); if(validUser($link,$_REQUEST["username"])) { //user exists, check creds if(checkCredentials($link,$_REQUEST["username"],$_REQUEST["password"])){ echo "Welcome " . htmlentities($_REQUEST["username"]) . "!<br>"; echo "Here is your data:<br>"; $data=dumpData($link,$_REQUEST["username"]); print htmlentities($data); } else{ echo "Wrong password for user: "******"username"]) . "<br>"; } } else { //user doesn't exist if(createUser($link,$_REQUEST["username"],$_REQUEST["password"])){ echo "User " . htmlentities($_REQUEST["username"]) . " was created!";
<?php require_once 'include/function.inc.php'; require_once 'core.php'; $valid = false; if (!isset($_SERVER['PHP_AUTH_USER'])) { authUser(); } else { if (validUser($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW'])) { $valid = true; } } if ($valid == false) { authUser(); } /** * Llamado de xajax */ require './include/xajax_0.5_standard/xajax_core/xajax.inc.php'; $xajax = new xajax(); //$xajax->configure('debug', true); $xajax->configure('javascript URI', './include/xajax_0.5_standard/'); $xajax->registerFunction('insertActuacion'); $xajax->registerFunction('EditFieldActuacion'); $xajax->registerFunction('editActuacion'); $xajax->registerFunction('returnValueActuacion'); $xajax->registerFunction('deleteActuacion'); $xajax->registerFunction('confirmDeleteActuacion'); $xajax->processRequest(); /** * Fin xajax
$avatar = $_FILES['avatar']['type']; $allowed = array('image/gif', 'image/png', 'image/jpg', 'image/jpeg'); if (!in_array($avatar, $allowed)) { $url = "register.php"; $_SESSION['errors'] = ['message' => "Avatar images must be JPG, PNG or GIF"]; header('Location: ' . $url); } } if ($password != $password2 || !validPass($password)) { $url = "register.php"; $_SESSION['errors'] = ['message' => "Passwords should be at least 8 characters long and consist of at least one lowercase letter, one uppercase letter, a number (0-9) and a special character."]; header('Location: ' . $url); } if (!validUser($username)) { $url = "register.php"; $_SESSION['errors'] = ['message' => "Usernames can only consist of a-Z and _ (underscore) OR a user already exists with that name"]; header('Location: ' . $url); } if ($password == $password2 && validUser($username) && validPass($password)) { Insert($username, $password); LogIn($username, $password); $url = "frontPage.php"; $_SESSION['errors'] = ['message' => 'Success! Thank you for registering.']; header('Location: ' . $url); } echo 'Noooo'; } else { $url = "register.php"; $_SESSION['errors'] = ['message' => "Something went wrong, please try again."]; header('Location: ' . $url); }
*/ G::Loadinclude('ajax'); $function = get_ajax_value('function'); $searchText = get_ajax_value('text'); $userName = get_ajax_value('userName'); $authSource = get_ajax_value('authSource'); $dn = get_ajax_value('dn'); $fullname = get_ajax_value('fullname'); $email = get_ajax_value('email'); $roles = get_ajax_value('roles'); switch ($function) { case 'searchText': searchText($searchText); break; case 'validUser': validUser($searchText); break; case 'createUser': createUser($userName, $authSource, $dn, $fullname, $email, $roles); break; } function createUser($userName, $authSource, $dn, $fullname, $email, $roles) { global $DB_MODULE; // :( G::LoadClassRBAC('user'); $dbc = new DBConnection(DB_HOST, DB_RBAC_USER, DB_RBAC_PASS, DB_RBAC_NAME); $obj = new RBAC_User(); $obj->SetTo($dbc); //is ProcessMaker? $isPM = false;
function msgRaidAttend($aRequest) { if (validUser()) { global $gGame; loadGameSettings(); $Connector = Connector::getInstance(); $AttendanceId = intval($aRequest['attendanceId']); $AttendanceSubId = intval($aRequest['attendanceSubId']); $RaidId = intval($aRequest['raidId']); $UserId = intval(UserProxy::getInstance()->UserId); // check user/character match $ChangeAllowed = true; $RaidInfo = array(); $Role = ''; $Class = ''; // Check if locked $LockCheckQuery = $Connector->prepare('SELECT Stage, Mode, SlotRoles, SlotCount FROM `' . RP_TABLE_PREFIX . 'Raid` WHERE RaidId = :RaidId LIMIT 1'); $LockCheckQuery->bindValue(':RaidId', $RaidId, PDO::PARAM_INT); $RaidInfo = $LockCheckQuery->fetchFirst(); if ($RaidInfo == null) { return; } // ### return, locked ### $ChangeAllowed = $RaidInfo['Stage'] == 'open'; if ($ChangeAllowed) { // Check if character matches user if ($AttendanceId > 0) { $CheckQuery = $Connector->prepare('SELECT UserId, Class, Role1, Role2 FROM `' . RP_TABLE_PREFIX . 'Character` WHERE CharacterId = :CharacterId AND Game = :Game LIMIT 1'); $CheckQuery->bindValue(':CharacterId', $AttendanceId, PDO::PARAM_INT); $CheckQuery->bindValue(':Game', $gGame['GameId'], PDO::PARAM_INT); $CharacterInfo = $CheckQuery->fetchFirst(); if ($CharacterInfo != null) { $ChangeAllowed &= $CharacterInfo['UserId'] == $UserId; if ($gGame['ClassMode'] == 'multi') { $Classes = explode(':', $CharacterInfo['Class']); $Class = $AttendanceSubId < 0 ? $Classes[0] : $Classes[$AttendanceSubId]; $Role = $gGame['Classes'][$Class]['roles'][0]; } else { $Class = $CharacterInfo['Class']; $Role = $AttendanceSubId < 0 ? $CharacterInfo['Role1'] : ($AttendanceSubId == 0 ? $CharacterInfo['Role1'] : $CharacterInfo['Role2']); } } else { $ChangeAllowed = false; } } // update/insert new attendance data if ($ChangeAllowed) { $CheckQuery = $Connector->prepare('SELECT UserId FROM `' . RP_TABLE_PREFIX . 'Attendance` WHERE UserId = :UserId AND RaidId = :RaidId LIMIT 1'); $CheckQuery->bindValue(':UserId', $UserId, PDO::PARAM_INT); $CheckQuery->bindValue(':RaidId', $RaidId, PDO::PARAM_INT); $CheckQuery->execute(); $AttendQuery = null; $ChangeComment = isset($aRequest['comment']) && $aRequest['comment'] != ''; if ($CheckQuery->getAffectedRows() > 0) { if ($ChangeComment) { $AttendQuery = $Connector->prepare('UPDATE `' . RP_TABLE_PREFIX . 'Attendance` SET ' . 'CharacterId = :CharacterId, Status = :Status, Class = :Class, Role = :Role, Comment = :Comment, LastUpdate = FROM_UNIXTIME(:Timestamp) ' . 'WHERE RaidId = :RaidId AND UserId = :UserId LIMIT 1'); } else { $AttendQuery = $Connector->prepare('UPDATE `' . RP_TABLE_PREFIX . 'Attendance` SET ' . 'CharacterId = :CharacterId, Status = :Status, Class = :Class, Role = :Role, LastUpdate = FROM_UNIXTIME(:Timestamp) ' . 'WHERE RaidId = :RaidId AND UserId = :UserId LIMIT 1'); } } else { if ($ChangeComment) { $AttendQuery = $Connector->prepare('INSERT INTO `' . RP_TABLE_PREFIX . 'Attendance` ( CharacterId, UserId, RaidId, Status, Class, Role, Comment, LastUpdate ) ' . 'VALUES ( :CharacterId, :UserId, :RaidId, :Status, :Class, :Role, :Comment, FROM_UNIXTIME(:Timestamp) )'); } else { $AttendQuery = $Connector->prepare('INSERT INTO `' . RP_TABLE_PREFIX . 'Attendance` ( CharacterId, UserId, RaidId, Status, Class, Role, Comment, LastUpdate) ' . 'VALUES ( :CharacterId, :UserId, :RaidId, :Status, :Class, :Role, "", FROM_UNIXTIME(:Timestamp) )'); } } // Define the status and id to set if ($AttendanceId == -1) { $Status = 'unavailable'; $CharacterId = intval($aRequest['fallback']); } else { $CharacterId = $AttendanceId; switch ($RaidInfo['Mode']) { case 'all': case 'attend': $Status = 'ok'; break; default: case 'manual': case 'overbook': $Status = 'available'; break; } } // Add comment when setting absent status if ($ChangeComment) { $Comment = requestToXML($aRequest['comment'], ENT_COMPAT, 'UTF-8'); $AttendQuery->bindValue(':Comment', $Comment, PDO::PARAM_STR); } $AttendQuery->bindValue(':CharacterId', $CharacterId, PDO::PARAM_INT); $AttendQuery->bindValue(':RaidId', intval($RaidId), PDO::PARAM_INT); $AttendQuery->bindValue(':UserId', intval($UserId), PDO::PARAM_INT); $AttendQuery->bindValue(':Status', $Status, PDO::PARAM_STR); $AttendQuery->bindValue(':Role', $Role, PDO::PARAM_STR); $AttendQuery->bindValue(':Class', $Class, PDO::PARAM_STR); $AttendQuery->bindValue(':Timestamp', time(), PDO::PARAM_INT); if ($AttendQuery->execute() && $Role != '' && $RaidInfo['Mode'] == 'attend' && $Status == 'ok') { removeOverbooked($RaidId, $RaidInfo['SlotRoles'], $RaidInfo['SlotCount']); } } else { $Out = Out::getInstance(); $Out->pushError(L('AccessDenied')); } } else { $Out = Out::getInstance(); $Out->pushError(L('RaidLocked')); } // reload calendar $RaidQuery = $Connector->prepare('SELECT Start FROM `' . RP_TABLE_PREFIX . 'Raid` WHERE RaidId = :RaidId LIMIT 1'); $RaidQuery->bindValue(':RaidId', $RaidId, PDO::PARAM_INT); $RaidData = $RaidQuery->fetchFirst(); $Session = Session::get(); $ShowMonth = isset($Session['Calendar']) && isset($Session['Calendar']['month']) ? $Session['Calendar']['month'] : intval(substr($RaidData['Start'], 5, 2)); $ShowYear = isset($Session['Calendar']) && isset($Session['Calendar']['year']) ? $Session['Calendar']['year'] : intval(substr($RaidData['Start'], 0, 4)); msgQueryCalendar(prepareCalRequest($ShowMonth, $ShowYear)); } else { $Out = Out::getInstance(); $Out->pushError(L('AccessDenied')); } }
// along with PHPDaft; if not, write to the Free Software // Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA // Visa var filerna finns ini_set("include_path", "/home/daft/konferens/"); // Inkludera filer require "Functions/function_errorHandler.php"; require "Functions/function_validUser.php"; require "Classes/class_Configuration.php"; require "Classes/class_ExternalStorage.php"; require "Classes/class_Logger.php"; require "Classes/class_User.php"; require "Classes/class_UserPresentation.php"; require "Classes/yapter.php"; // Definiera felhanterare // set_error_handler("errorHandler"); // Session session_start(); // Kolla om vi är inloggade if (!($bInlogged = validUser())) { // Det är vi inte, fixa variabler och stäng sessionen igen session_destroy(); trigger_error("43", E_USER_ERROR); die; } // Fixa template //$oTemplate = new Template("/home/daft/Templates/Logout.tpl"); //$oTemplate->setParseMode(TRUE); //$oTemplate->setWarningLevel(E_YAPTER_ERROR); //$oTemplate->parse(); //$oTemplate->spit(); echo "Inte implementerat än!";
<?php session_start(); include_once "../includes/user_functions.php"; if (isset($_SESSION['user']) && isset($_SESSION['pass']) && validUser($_SESSION['user'], $_SESSION['pass'], true)) { header("Location: https://profiles.ac3-servers.eu/api/"); } function confirmURL($response) { $url = "https://www.google.com/recaptcha/api/siteverify?secret=" . getCaptchaPrivateKey() . "&response=" . $response . "&remoteip=" . $_SERVER['REMOTE_ADDR']; $ch = curl_init(); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, true); $result = curl_exec($ch); http_response_code(curl_getinfo($ch, CURLINFO_HTTP_CODE)); curl_close($ch); $res = json_decode($result, true); return $res['success']; } $error = ""; if (isset($_POST['register']) && strtoupper($_POST['register']) == strtoupper("go")) { //Register button pressed. $emailRegex = "^[a-zA-Z0-9_.+-]+@[a-zA-Z0-9-]+\\.[a-zA-Z0-9-.]+\$^"; if (!confirmURL($_POST['g-recaptcha-response'])) { $error = "The captcha was incorrect!"; } else { if (!isset($_POST['username']) || !isset($_POST['password']) || !isset($_POST['confirm']) || !isset($_POST['Email'])) { $error = "You're missing a field?"; } else { if (empty($_POST['username']) || empty($_POST['password']) || empty($_POST['confirm']) || empty($_POST['Email'])) {
<?php include 'security.php'; if (empty($_POST['username']) || empty($_POST['password'])) { echo "Incorrect Username or Password."; } else { $user = $_POST['username']; $passw = $_POST['password']; if (validUser($user, $passw) == true) { header("Location: home.php"); } else { } }
function validUser($userLimit, $user, $user_email) { if ($userLimit) { return in_array($user, $valid_users); } else { return isset($user) && isset($user_email); } } $data = json_decode($_POST['payload'], true); $pusher = $data['pusher']['name']; $pusher_email = $data['pusher']['email']; $branch_changed = $data['ref']; if (validBranch($limit_branch, $branch_changed, $valid_branches)) { echo "Valid Branch - " . $branch_changed; if ($enabled) { if (validUser($limit_users, $pusher, $pusher_email)) { echo "Valid User - " . $pusher; $repo = $data['repository']['name']; $repo_url = $data['repository']['url']; if ($git_update) { `git pull`; echo "git pull"; } $body = "Site: " . $site_name . "\n Pusher: " . $pusher . "\n Pusher Email: " . $pusher_email . "\n Repo: " . $repo . "\n Repo URL: " . $repo_url . "\n Branch: " . $branch_changed . "\n"; $subject = "Deployment - " . $site_name; $headers = "From: " . $from_email . "\n"; } else { echo "Not a valid User - Aborting Deployment"; $body = "Site: " . $site_name . "\n IP: " . $_SERVER['REMOTE_ADDR'] . "\n\n\n" . serialize($_REQUEST) . "\n\n\n"; $subject = "Deployment Failure - " . $site_name; $headers = "From: " . $from_email . "\n";
} } } else { echo formRegist(); } echo '</div>'; } else { echo '<div id="login">'; if (isset($_POST['secionIniciada'])) { if (empty($_POST['email']) || empty($_POST['pass'])) { $_SESSION['msg'] = "Nombre de usuario y contraseña son requeridos..."; header('Location: ' . $_SERVER['REQUEST_URI']); } else { $email = $_POST['email']; $pass = $_POST['pass']; $est = validUser($email, $pass); if (is_array($est)) { $_SESSION['id_user'] = $est['ID']; $_SESSION['nombre_user'] = $est['NAME']; $_SESSION['autentificador'] = $est['AUTENT']; header('Location: ' . $_SERVER['REQUEST_URI']); } else { $_SESSION['msg'] = "Correo y contraseña no coinciden..."; header('Location: ' . $_SERVER['REQUEST_URI']); } } } else { echo formLogin(); } echo '</div>'; }
function msgProfileupdate($aRequest) { if (validUser()) { global $gGame; loadGameSettings(); $UserId = UserProxy::getInstance()->UserId; if (validAdmin() && isset($aRequest['userId']) && $aRequest['userId'] != 0) { $UserId = intval($aRequest['userId']); } $Connector = Connector::getInstance(); do { $Connector->beginTransaction(); // Update password if (isset($aRequest['newPass']) && $aRequest['oldPass'] != '') { if (UserProxy::getInstance()->validateCredentials($aRequest['oldPass'])) { // User authenticated with valid password // change the password of the given id. ChangePassword does a check // for validity (e.g. only admin may change other user's passwords) $Salt = UserProxy::generateKey32(); $HashedPassword = NativeBinding::nativeHash($aRequest['newPass'], $Salt, 'none'); if (!UserProxy::changePassword($UserId, $HashedPassword, $Salt)) { $Out = Out::getInstance(); $Out->pushError(L('PasswordLocked')); } } else { $Out = Out::getInstance(); $Out->pushError(L('WrongPassword')); } } // Update always log in if ($aRequest['autoAttend'] == 'true') { $ExistsRequest = $Connector->prepare('SELECT UserSettingId FROM `' . RP_TABLE_PREFIX . 'UserSetting` ' . 'WHERE UserId=:UserId and Name="AutoAttend" LIMIT 1'); $ExistsRequest->bindValue(':UserId', $UserId, PDO::PARAM_INT); if ($ExistsRequest->fetchFirst() == null) { $AttendRequest = $Connector->prepare('INSERT INTO `' . RP_TABLE_PREFIX . 'UserSetting` (UserId, Name) VALUES (:UserId, "AutoAttend")'); $AttendRequest->bindValue(':UserId', $UserId, PDO::PARAM_INT); $AttendRequest->execute(); } } else { $RemoveQuery = $Connector->prepare('DELETE FROM `' . RP_TABLE_PREFIX . 'UserSetting` WHERE ' . 'UserId = :UserId AND (Name = "AutoAttend") LIMIT 1'); $RemoveQuery->bindValue(':UserId', $UserId, PDO::PARAM_INT); $RemoveQuery->execute(); } // Update vacation settings $Ranges = getVacationData($aRequest); $VacationMessage = $aRequest['vacationMessage'] == null ? '' : requestToXML($aRequest['vacationMessage'], ENT_COMPAT, 'UTF-8'); // Revoke ranges that have been removed foreach ($Ranges['revoke'] as $RevokeRange) { $RevokeQuery = $Connector->prepare('UPDATE `' . RP_TABLE_PREFIX . 'Raid` LEFT JOIN `' . RP_TABLE_PREFIX . 'Attendance` USING (RaidId) ' . 'SET `' . RP_TABLE_PREFIX . 'Attendance`.Status = "undecided", Comment = "" ' . 'WHERE Start >= FROM_UNIXTIME(:Start) AND Start <= FROM_UNIXTIME(:End) ' . 'AND `' . RP_TABLE_PREFIX . 'Attendance`.Status = "unavailable" AND `' . RP_TABLE_PREFIX . 'Attendance`.UserId = :UserId'); $RevokeQuery->bindValue(':Start', max($RevokeRange[0], time()), PDO::PARAM_INT); $RevokeQuery->bindValue(':End', max($RevokeRange[1], time()), PDO::PARAM_INT); $RevokeQuery->bindValue(':UserId', $UserId, PDO::PARAM_INT); $RevokeQuery->execute(); } // Update already affected ranges foreach ($Ranges['update'] as $UpdateRange) { $UpdateQuery = $Connector->prepare('UPDATE `' . RP_TABLE_PREFIX . 'Raid` LEFT JOIN `' . RP_TABLE_PREFIX . 'Attendance` USING(RaidId) ' . 'SET Comment = :Message ' . 'WHERE Start >= FROM_UNIXTIME(:Start) AND Start <= FROM_UNIXTIME(:End) ' . 'AND UserId = :UserId AND Status = "unavailable"'); $UpdateQuery->bindValue(':Start', $UpdateRange[0], PDO::PARAM_INT); $UpdateQuery->bindValue(':End', $UpdateRange[1], PDO::PARAM_INT); $UpdateQuery->bindValue(':UserId', $UserId, PDO::PARAM_INT); $UpdateQuery->bindValue(':Message', $VacationMessage, PDO::PARAM_STR); $UpdateQuery->execute(); } // Update/Insert new ranges foreach ($Ranges['new'] as $NewRange) { // Update all raids that already have an attendance record $UpdateQuery = $Connector->prepare('UPDATE `' . RP_TABLE_PREFIX . 'Raid` LEFT JOIN `' . RP_TABLE_PREFIX . 'Attendance` USING(RaidId) ' . 'SET Status = "unavailable", Comment = :Message ' . 'WHERE Start >= FROM_UNIXTIME(:Start) AND Start <= FROM_UNIXTIME(:End) ' . 'AND UserId = :UserId'); $UpdateQuery->bindValue(':Start', $NewRange[0], PDO::PARAM_INT); $UpdateQuery->bindValue(':End', $NewRange[1], PDO::PARAM_INT); $UpdateQuery->bindValue(':UserId', intval($UserId), PDO::PARAM_INT); $UpdateQuery->bindValue(':Message', $VacationMessage, PDO::PARAM_STR); $UpdateQuery->execute(); // Find all reaids the do not have an attendance record $AffectedQuery = $Connector->prepare('SELECT `' . RP_TABLE_PREFIX . 'Raid`.RaidId FROM `' . RP_TABLE_PREFIX . 'Raid` ' . 'LEFT JOIN `' . RP_TABLE_PREFIX . 'Attendance` ON (`' . RP_TABLE_PREFIX . 'Raid`.RaidId = `' . RP_TABLE_PREFIX . 'Attendance`.RaidId ' . 'AND (`' . RP_TABLE_PREFIX . 'Attendance`.UserId = :UserId OR `' . RP_TABLE_PREFIX . 'Attendance`.UserId IS NULL)) ' . 'WHERE Start >= FROM_UNIXTIME(:Start) AND Start <= FROM_UNIXTIME(:End) ' . 'AND UserId IS NULL ' . 'GROUP BY RaidId'); $AffectedQuery->bindValue(':Start', $NewRange[0], PDO::PARAM_INT); $AffectedQuery->bindValue(':End', $NewRange[1], PDO::PARAM_INT); $AffectedQuery->bindValue(':UserId', intval($UserId), PDO::PARAM_INT); $AffectedQuery->loop(function ($aRaid) use(&$Connector, $UserId, $VacationMessage) { // Set user to unavailable $InsertQuery = $Connector->prepare('INSERT INTO `' . RP_TABLE_PREFIX . 'Attendance` ' . '(UserId, RaidId, Status, Comment) ' . 'VALUES (:UserId, :RaidId, "unavailable", :Message)'); $InsertQuery->bindValue(':UserId', intval($UserId), PDO::PARAM_INT); $InsertQuery->bindValue(':RaidId', $aRaid['RaidId'], PDO::PARAM_INT); $InsertQuery->bindValue(':Message', $VacationMessage, PDO::PARAM_STR); $InsertQuery->execute(); }); } // Update user settings if (count($Ranges['new']) == 0 && count($Ranges['update']) == 0) { if (count($Ranges['revoke']) > 0) { $RemoveQuery = $Connector->prepare('DELETE FROM `' . RP_TABLE_PREFIX . 'UserSetting` WHERE ' . 'UserId = :UserId AND (Name = "VacationStart" OR Name = "VacationEnd" OR Name = "VacationMessage") LIMIT 3'); $RemoveQuery->bindValue(':UserId', $UserId, PDO::PARAM_INT); $RemoveQuery->execute(); } } else { if ($Ranges['SettingsFound']) { $UpdateQuery = $Connector->prepare('UPDATE `' . RP_TABLE_PREFIX . 'UserSetting` SET IntValue = :Start WHERE UserId = :UserId AND Name = "VacationStart" LIMIT 1;' . 'UPDATE `' . RP_TABLE_PREFIX . 'UserSetting` SET IntValue = :End WHERE UserId = :UserId AND Name = "VacationEnd" LIMIT 1;' . 'UPDATE `' . RP_TABLE_PREFIX . 'UserSetting` SET TextValue = :Message WHERE UserId = :UserId AND Name = "VacationMessage" LIMIT 1;'); $UpdateQuery->bindValue(':UserId', $UserId, PDO::PARAM_INT); $UpdateQuery->bindValue(':Start', $aRequest['vacationStart'], PDO::PARAM_INT); $UpdateQuery->bindValue(':End', $aRequest['vacationEnd'], PDO::PARAM_INT); $UpdateQuery->bindValue(':Message', $VacationMessage, PDO::PARAM_STR); $UpdateQuery->execute(); } else { $InsertQuery = $Connector->prepare('INSERT INTO `' . RP_TABLE_PREFIX . 'UserSetting` (IntValue, UserId, Name) VALUES (:Start, :UserId, "VacationStart");' . 'INSERT INTO `' . RP_TABLE_PREFIX . 'UserSetting` (IntValue, UserId, Name) VALUES (:End, :UserId, "VacationEnd");' . 'INSERT INTO `' . RP_TABLE_PREFIX . 'UserSetting` (TextValue, UserId, Name) VALUES (:Message, :UserId, "VacationMessage");'); $InsertQuery->bindValue(':UserId', $UserId, PDO::PARAM_INT); $InsertQuery->bindValue(':Start', $aRequest['vacationStart'], PDO::PARAM_INT); $InsertQuery->bindValue(':End', $aRequest['vacationEnd'], PDO::PARAM_INT); $InsertQuery->bindValue(':Message', $VacationMessage, PDO::PARAM_STR); $InsertQuery->execute(); } } // Update characters $CharacterQuery = $Connector->prepare('SELECT * FROM `' . RP_TABLE_PREFIX . 'Character` WHERE UserId = :UserId AND Game = :Game ORDER BY Name'); $CharacterQuery->bindValue(':UserId', $UserId, PDO::PARAM_INT); $CharacterQuery->bindValue(':Game', $gGame['GameId'], PDO::PARAM_STR); $ValidCharacterIds = array(); $UpdatedCharacteIds = array(); $CharacterQuery->loop(function ($Data) use(&$ValidCharacterIds) { array_push($ValidCharacterIds, $Data['CharacterId']); }); $NumCharacters = isset($aRequest['charId']) && is_array($aRequest['charId']) ? count($aRequest['charId']) : 0; // Sanity check mainchar $FoundMainChar = false; for ($CharIndex = 0; $CharIndex < $NumCharacters; ++$CharIndex) { if ($aRequest['mainChar'][$CharIndex] == 'true') { if ($FoundMainChar) { $aRequest['mainChar'][$CharIndex] = 'false'; } else { $FoundMainChar = true; } } } if (!$FoundMainChar && $NumCharacters > 0) { $aRequest['mainChar'][0] = 'true'; } // Update/insert chars for ($CharIndex = 0; $CharIndex < $NumCharacters; ++$CharIndex) { $CharId = $aRequest['charId'][$CharIndex]; $ClassArray = $aRequest['charClass'][$CharIndex]; $Classes = count($ClassArray) == 1 ? $ClassArray[0] : implode(':', $ClassArray); if ($CharId == 0) { // Insert new character $InsertChar = $Connector->prepare('INSERT INTO `' . RP_TABLE_PREFIX . 'Character` ' . '( UserId, Name, Game, Class, Mainchar, Role1, Role2 ) ' . 'VALUES ( :UserId, :Name, :Game, :Class, :Mainchar, :Role1, :Role2 )'); $InsertChar->bindValue(':UserId', $UserId, PDO::PARAM_INT); $InsertChar->bindValue(':Name', requestToXML($aRequest['name'][$CharIndex], ENT_COMPAT, 'UTF-8'), PDO::PARAM_STR); $InsertChar->bindValue(':Game', $gGame['GameId'], PDO::PARAM_STR); $InsertChar->bindValue(':Class', $Classes, PDO::PARAM_STR); $InsertChar->bindValue(':Mainchar', $aRequest['mainChar'][$CharIndex], PDO::PARAM_STR); $InsertChar->bindValue(':Role1', $aRequest['role1'][$CharIndex], PDO::PARAM_STR); $InsertChar->bindValue(':Role2', $aRequest['role2'][$CharIndex], PDO::PARAM_STR); if (!$InsertChar->execute()) { $Connector->rollBack(); return; } } else { if (in_array($CharId, $ValidCharacterIds)) { // Update character array_push($UpdatedCharacteIds, $CharId); $UpdateChar = $Connector->prepare('UPDATE `' . RP_TABLE_PREFIX . 'Character` ' . 'SET Class = :Class, Mainchar = :Mainchar, Role1 = :Role1, Role2 = :Role2 ' . 'WHERE CharacterId = :CharacterId AND UserId = :UserId'); $UpdateChar->bindValue(':UserId', $UserId, PDO::PARAM_INT); $UpdateChar->bindValue(':CharacterId', $CharId, PDO::PARAM_INT); $UpdateChar->bindValue(':Class', $Classes, PDO::PARAM_STR); $UpdateChar->bindValue(':Mainchar', $aRequest['mainChar'][$CharIndex], PDO::PARAM_STR); $UpdateChar->bindValue(':Role1', $aRequest['role1'][$CharIndex], PDO::PARAM_STR); $UpdateChar->bindValue(':Role2', $aRequest['role2'][$CharIndex], PDO::PARAM_STR); if (!$UpdateChar->execute()) { $Connector->rollBack(); return; } } } } $IdsToRemove = array_diff($ValidCharacterIds, $UpdatedCharacteIds); foreach ($IdsToRemove as $CharId) { // Remove character $DropChar = $Connector->prepare('DELETE FROM `' . RP_TABLE_PREFIX . 'Character` ' . 'WHERE CharacterId = :CharacterId AND UserId = :UserId'); $DropAttendance = $Connector->prepare('DELETE FROM `' . RP_TABLE_PREFIX . 'Attendance` ' . 'WHERE CharacterId = :CharacterId AND UserId = :UserId'); $DropChar->bindValue(':UserId', $UserId, PDO::PARAM_INT); $DropChar->bindValue(':CharacterId', $CharId, PDO::PARAM_INT); $DropAttendance->bindValue(':UserId', $UserId, PDO::PARAM_INT); $DropAttendance->bindValue(':CharacterId', $CharId, PDO::PARAM_INT); if (!$DropChar->execute()) { $Connector->rollBack(); return; } if (!$DropAttendance->execute()) { $Connector->rollBack(); return; } } } while (!$Connector->commit()); UserProxy::getInstance()->updateCharacters(); msgQueryProfile($aRequest); } else { $Out = Out::getInstance(); $Out->pushError(L('AccessDenied')); } }
return; } if (isset($_POST['login']) && strtoupper($_POST['login']) == strtoupper("go")) { //Login button pressed. if (!isset($_POST['user']) || !isset($_POST['password'])) { $error = "You're missing a field?"; } if (empty($_POST['user']) || empty($_POST['password'])) { $error = "You're missing a field?"; } //User and pass to var. $user = $_POST['user']; $pass = $_POST['password']; //Hash password and start session if valid. $hashedPass = hashPass($user, $pass); if (!($userArr = validUser($user, $hashedPass, true))) { $error = "Your password was incorrect!"; } else { if (!is_array($userArr)) { $error = $userArr; } else { $_SESSION['user'] = $userArr['user']; $_SESSION['pass'] = $userArr['hashedPass']; $_SESSION['UUID'] = $userArr['UUID']; $_SESSION['key'] = $userArr['key']; $_SESSION['permissions'] = $userArr['perm']; $_SESSION['email'] = $userArr['email']; header("Location: https://profiles.ac3-servers.eu/api/"); return; } }
include_once "auth.php"; $user = ""; $pass = ""; if (isset($_REQUEST["user"])) { $user = htmlspecialchars($_REQUEST["user"]); $pass = htmlspecialchars($_REQUEST["pass"]); } //Comprueba que se haya introducido nombre y contraseña con longitud apropiada o si no se han pasado como parámetros if (strlen($user) < 5) { error("shortUser"); } if (strlen($pass) < 5) { error("shortPass"); } try { //Comprueba que hay un usuario con ese nombre y contraseña $loginRes = validUser($user, $pass); if ($loginRes) { setAuthCookie($user, $pass); header('Location: agoraus.freeoda.com/welcome.php'); } else { error("wrongPass"); } } catch (PDOException $e) { error("connectionFailed"); } function error($name) { header('Location: ./index.php?error=' . $name . '&logout=1'); die("Está siendo redirigido..."); }
function lockOldRaids($aSeconds) { if (validUser()) { $Connector = Connector::getInstance(); $UpdateRaidQuery = $Connector->prepare('UPDATE `' . RP_TABLE_PREFIX . 'Raid` SET ' . 'Stage = "locked"' . 'WHERE Start < FROM_UNIXTIME(:Time) AND Stage = "open"'); $UpdateRaidQuery->bindValue(':Time', time() + $aSeconds, PDO::PARAM_INT); $UpdateRaidQuery->execute(); } }
function msgQueryProfile($aRequest) { if (validUser()) { global $gGame; loadGameSettings(); $Out = Out::getInstance(); $UserId = UserProxy::getInstance()->UserId; if (validAdmin() && isset($aRequest['userId']) && $aRequest['userId'] != 0) { $UserId = intval($aRequest['userId']); } $Connector = Connector::getInstance(); $Out->pushValue('show', $aRequest['showPanel']); // Admintool relevant data $Users = $Connector->prepare('SELECT Login, UNIX_TIMESTAMP(Created) AS CreatedUTC, ExternalBinding, BindingActive FROM `' . RP_TABLE_PREFIX . 'User` WHERE UserId = :UserId LIMIT 1'); $Users->bindValue(':UserId', $UserId, PDO::PARAM_INT); $Data = $Users->fetchFirst(); if ($Data != null) { $Out->pushValue('userid', $UserId); $Out->pushValue('name', $Data['Login']); $Out->pushValue('bindingActive', $Data['BindingActive'] == 'true'); $Out->pushValue('binding', $Data['ExternalBinding']); $CreatedUTC = $Data['CreatedUTC']; } // Load settings $SettingsQuery = $Connector->prepare('SELECT * FROM `' . RP_TABLE_PREFIX . 'UserSetting` WHERE UserId = :UserId'); $SettingsQuery->bindValue(':UserId', $UserId, PDO::PARAM_INT); $UserSettings = array(); $SettingsQuery->loop(function ($Data) use(&$UserSettings) { $UserSettings[$Data['Name']] = array('number' => $Data['IntValue'], 'text' => $Data['TextValue']); }); $Out->pushValue('settings', $UserSettings); // Load characters $Characters = array(); if ($UserId == UserProxy::getInstance()->UserId) { foreach (UserProxy::getInstance()->Characters as $Data) { if ($Data->Game == $gGame['GameId']) { $Character = array('id' => $Data->CharacterId, 'name' => $Data->Name, 'classname' => explode(':', $Data->ClassName), 'mainchar' => $Data->IsMainChar, 'role1' => $Data->Role1, 'role2' => $Data->Role2); array_push($Characters, $Character); } } } else { $CharacterQuery = $Connector->prepare('SELECT * FROM `' . RP_TABLE_PREFIX . 'Character` ' . 'WHERE UserId = :UserId AND Game = :Game ' . 'ORDER BY Mainchar, Name'); $CharacterQuery->bindValue(':UserId', $UserId, PDO::PARAM_INT); $CharacterQuery->bindValue(':Game', $gGame['GameId'], PDO::PARAM_STR); $CharacterQuery->loop(function ($Row) use(&$Characters) { $Character = array('id' => $Row['CharacterId'], 'name' => $Row['Name'], 'classname' => explode(':', $Row['Class']), 'mainchar' => $Row['Mainchar'] == 'true', 'role1' => $Row['Role1'], 'role2' => $Row['Role2']); array_push($Characters, $Character); }); } $Out->pushValue('character', $Characters); // Total raid count $NumRaids = 0; $RaidsQuery = $Connector->prepare('SELECT COUNT(RaidId) AS `NumberOfRaids` FROM `' . RP_TABLE_PREFIX . 'Raid` ' . 'LEFT JOIN `' . RP_TABLE_PREFIX . 'Location` USING(LocationId) ' . 'WHERE Start > FROM_UNIXTIME(:Created) AND Start < FROM_UNIXTIME(:Now) AND Game = :Game'); $RaidsQuery->bindValue(':Now', time(), PDO::PARAM_INT); $RaidsQuery->bindValue(':Created', $CreatedUTC, PDO::PARAM_STR); $RaidsQuery->bindValue(':Game', $gGame['GameId'], PDO::PARAM_STR); $Data = $RaidsQuery->fetchFirst(); if ($Data != null) { $NumRaids = $Data['NumberOfRaids']; } // Load attendance $AttendanceQuery = $Connector->prepare('Select `Status`, `Role`, COUNT(RaidId) AS `Count` ' . 'FROM `' . RP_TABLE_PREFIX . 'Attendance` ' . 'LEFT JOIN `' . RP_TABLE_PREFIX . 'Raid` USING(RaidId) ' . 'LEFT JOIN `' . RP_TABLE_PREFIX . 'Location` USING(LocationId) ' . 'WHERE UserId = :UserId AND Start > FROM_UNIXTIME(:Created) AND Start < FROM_UNIXTIME(:Now) AND Game = :Game ' . 'GROUP BY `Status`, `Role` ORDER BY Status'); $AttendanceQuery->bindValue(':UserId', $UserId, PDO::PARAM_INT); $AttendanceQuery->bindValue(':Created', $CreatedUTC, PDO::PARAM_INT); $AttendanceQuery->bindValue(':Now', time(), PDO::PARAM_INT); $AttendanceQuery->bindValue(':Game', $gGame['GameId'], PDO::PARAM_STR); $AttendanceData = array('raids' => $NumRaids, 'available' => 0, 'unavailable' => 0, 'ok' => 0, 'roles' => array()); // Pull data $AttendanceQuery->loop(function ($Data) use(&$AttendanceData) { if ($Data['Status'] != 'undecided') { $AttendanceData[$Data['Status']] += $Data['Count']; } if ($Data['Status'] == 'ok') { $RoleId = $Data['Role']; if (isset($AttendanceData['roles'][$RoleId])) { $AttendanceData['roles'][$RoleId] += $Data['Count']; } else { $AttendanceData['roles'][$RoleId] = $Data['Count']; } } }); $Out->pushValue('attendance', $AttendanceData); } else { $Out = Out::getInstance(); $Out->pushError(L('AccessDenied')); } }
if (!isset($_POST['password']) || !preg_match('/^[a-zA-Z.-_*^!:;,&]{6,25}$/', $_POST['password'])) { return "Mot de passe invalide, il doit être composé de 6 à 25 caractères."; } if (!isset($_POST['password2']) || $_POST['password'] != $_POST['password2']) { return "Les deux mot de passe doivent être identique."; } return "NoError"; } if (isset($_POST['send'])) { $error = checkDataUser($Model); if ($error == "NoError") { addUser($_POST['pseudo'], $_POST['nom'], $_POST['prenom'], $_POST['sexe'], $_POST['email'], $_POST['password']); $_SESSION['msg'][0] = 'success'; $_SESSION['msg'][1] = "Vous devez validez votre compte via l'email qui vous à était envoyé !"; header('Location: index.php?page=login'); } else { echo "<div class='error' >" . $error . "</div>"; } } if (isset($_GET['pseudo']) & isset($_GET['tok'])) { if (checkToken($_GET['pseudo'], $_GET['tok'])) { validUser($_GET['pseudo']); $_SESSION['msg'][0] = 'success'; $_SESSION['msg'][1] = "Vous êtes maintenant inscrit !"; header('Location : index.php?page=login'); } else { echo "<div class='error' >Validation du compte impossible...</div>"; } } require_once Config::$path['views'] . 'HTML.class.php'; require_once Config::$path['views'] . 'inscription.php';
require "Functions/function_errorHandler.php"; require "Classes/class_UserPresentation.php"; require "Classes/class_Configuration.php"; require "Classes/yapter.php"; require "Functions/function_randStr.php"; require "Functions/function_validUser.php"; $oConfiguration = Configuration::createInstance(); // Definiera felhanterare // set_error_handler("errorHandler"); // Kolla så att allt vi fått är OK if (!$_POST['Age']) { $_POST['Age'] = 0; } // Kolla om vi redirectats fr?n login-sidan session_start(); if (validUser()) { // Jepp det har vi, skicka till n?t kul st?lle header("Location: " . $oConfiguration->getCustomValue("GoWhereAfterLogin")); } else { // N? det har vi inte session_destroy(); } if (strlen($_POST['Name']) < $oConfiguration->getCustomValue("NameMin") or strlen($_POST['Name']) > $oConfiguration->getCustomValue("NameMax") or strlen($_POST['RealName']) < $oConfiguration->getCustomValue("RealNameMin") or strlen($_POST['RealName']) > $oConfiguration->getCustomValue("RealNameMax") or strlen($_POST['Email']) < $oConfiguration->getCustomValue("EmailMin") or strlen($_POST['Email']) > $oConfiguration->getCustomValue("EmailMax") or strlen($_POST['Signature']) < $oConfiguration->getCustomValue("SignatureMin") or strlen($_POST['Signature']) > $oConfiguration->getCustomValue("SignatureMax") or $_POST['Age'] and !is_numeric($_POST['Age']) or $_POST['Age'] < $oConfiguration->getCustomValue("AgeMin") or $_POST['Age'] > $oConfiguration->getCustomValue("AgeMax") or strlen($_POST['HomePage']) < $oConfiguration->getCustomValue("HomepageMin") or strlen($_POST['HomePage']) > $oConfiguration->getCustomValue("HomepageMax") or strlen($_POST['Other']) < $oConfiguration->getCustomValue("OtherMin") or strlen($_POST['Other']) > $oConfiguration->getCustomValue("OtherMax")) { trigger_error("36", E_USER_ERROR); } // Annars, skapa användaren $oUser = new User(0, $_POST['Name']); $oUP = new UserPresentation($oUser, TRUE); if ($sErrorMsg = $oUP->getErrorMsg()) { trigger_error("37: " . $sErrorMsg, E_USER_ERROR); die;
function msgRaidDetail($aRequest) { if (validUser()) { global $gGame; loadGameSettings(); $Out = Out::getInstance(); $Connector = Connector::getInstance(); $Out->pushValue('show', $aRequest['showPanel']); $ListRaidQuery = $Connector->prepare('SELECT ' . RP_TABLE_PREFIX . 'Raid.*, ' . RP_TABLE_PREFIX . 'Location.Name AS LocationName, ' . RP_TABLE_PREFIX . 'Location.Image AS LocationImage, ' . RP_TABLE_PREFIX . 'Attendance.AttendanceId, ' . RP_TABLE_PREFIX . 'Attendance.UserId, ' . RP_TABLE_PREFIX . 'Attendance.CharacterId, ' . RP_TABLE_PREFIX . 'Attendance.Status, ' . RP_TABLE_PREFIX . 'Attendance.Role, ' . RP_TABLE_PREFIX . 'Attendance.Class AS ActiveClass, ' . RP_TABLE_PREFIX . 'Attendance.Comment, ' . 'UNIX_TIMESTAMP(' . RP_TABLE_PREFIX . 'Attendance.LastUpdate) AS LastUpdate, ' . RP_TABLE_PREFIX . 'Character.Name, ' . RP_TABLE_PREFIX . 'Character.Class, ' . RP_TABLE_PREFIX . 'Character.Mainchar, ' . RP_TABLE_PREFIX . 'Character.Role1, ' . RP_TABLE_PREFIX . 'Character.Role2, ' . 'UNIX_TIMESTAMP(' . RP_TABLE_PREFIX . 'Raid.Start) AS StartUTC, ' . 'UNIX_TIMESTAMP(' . RP_TABLE_PREFIX . 'Raid.End) AS EndUTC ' . 'FROM `' . RP_TABLE_PREFIX . 'Raid` ' . 'LEFT JOIN `' . RP_TABLE_PREFIX . 'Location` USING(LocationId) ' . 'LEFT JOIN `' . RP_TABLE_PREFIX . 'Attendance` USING(RaidId) ' . 'LEFT JOIN `' . RP_TABLE_PREFIX . 'Character` USING(CharacterId) ' . 'WHERE RaidId = :RaidId ORDER BY `' . RP_TABLE_PREFIX . 'Attendance`.AttendanceId'); $ListRaidQuery->bindValue(':RaidId', $aRequest['id'], PDO::PARAM_INT); $Data = $ListRaidQuery->fetchFirstOfLoop(); if ($Data != null) { $Participants = array(); $StartDate = getdate($Data['StartUTC']); $EndDate = getdate($Data['EndUTC']); $EndTimestamp = $Data['EndUTC']; $Slots = array_combine(explode(':', $Data['SlotRoles']), explode(':', $Data['SlotCount'])); $Out->pushValue('raidId', $Data['RaidId']); $Out->pushValue('locationid', $Data['LocationId']); $Out->pushValue('locationname', $Data['LocationName']); $Out->pushValue('stage', $Data['Stage']); $Out->pushValue('mode', $Data['Mode']); $Out->pushValue('image', $Data['LocationImage']); $Out->pushValue('size', $Data['Size']); $Out->pushValue('startDate', intval($StartDate['year']) . '-' . leadingZero10($StartDate['mon']) . '-' . leadingZero10($StartDate['mday'])); $Out->pushValue('start', leadingZero10($StartDate['hours']) . ':' . leadingZero10($StartDate['minutes'])); $Out->pushValue('endDate', intval($EndDate['year']) . '-' . leadingZero10($EndDate['mon']) . '-' . leadingZero10($EndDate['mday'])); $Out->pushValue('end', leadingZero10($EndDate['hours']) . ':' . leadingZero10($EndDate['minutes'])); $Out->pushValue('description', $Data['Description']); $Out->pushValue('slots', $Slots); $Attendees = array(); $MaxAttendanceId = 1; $NumAttended = 0; if ($Data['UserId'] != NULL) { $ListRaidQuery->loop(function ($Data) use(&$gGame, &$Connector, &$MaxAttendanceId, &$Participants, &$Attendees, &$NumAttended) { // Track max attendance id to give undecided players (without a comment) a distinct one. $MaxAttendanceId = Max($MaxAttendanceId, $Data['AttendanceId']); if ($Data['UserId'] != 0) { array_push($Participants, intval($Data['UserId'])); } if ($Data['CharacterId'] == 0) { // CharacterId is 0 on random players or players that are absent if ($Data['UserId'] != 0) { // Fetch the mainchar of the registered player and display this // character as 'absent' $CharQuery = $Connector->prepare('SELECT ' . RP_TABLE_PREFIX . 'Character.*, ' . RP_TABLE_PREFIX . 'User.Login AS UserName ' . 'FROM `' . RP_TABLE_PREFIX . 'Character` LEFT JOIN `' . RP_TABLE_PREFIX . 'User` USING(UserId) ' . 'WHERE UserId = :UserId AND Game = :Game ' . 'ORDER BY Mainchar, CharacterId ASC'); $CharQuery->bindValue(':UserId', $Data['UserId'], PDO::PARAM_INT); $CharQuery->bindValue(':Game', $gGame['GameId'], PDO::PARAM_STR); $CharData = $CharQuery->fetchFirstOfLoop(); if ($CharData != null && $CharData['CharacterId'] != null) { $Classes = explode(':', $CharData['Class']); $AttendeeData = array('id' => $Data['AttendanceId'], 'hasId' => true, 'userId' => $Data['UserId'], 'timestamp' => $Data['LastUpdate'], 'charid' => $CharData['CharacterId'], 'name' => $CharData['Name'], 'mainchar' => $CharData['Mainchar'], 'classname' => $Classes, 'activeclass' => $Classes[0], 'role' => $CharData['Role1'], 'role1' => $CharData['Role1'], 'role2' => $CharData['Role2'], 'status' => $Data['Status'], 'comment' => $Data['Comment'], 'character' => array()); $CharQuery->loop(function ($CharData) use(&$AttendeeData) { $Character = array('id' => $CharData['CharacterId'], 'name' => $CharData['Name'], 'mainchar' => $CharData['Mainchar'], 'classname' => explode(':', $CharData['Class']), 'role1' => $CharData['Role1'], 'role2' => $CharData['Role2']); array_push($AttendeeData['character'], $Character); }); array_push($Attendees, $AttendeeData); } } else { // CharacterId and UserId set to 0 means 'random player' $AttendeeData = array('id' => $Data['AttendanceId'], 'hasId' => true, 'userId' => 0, 'timestamp' => $Data['LastUpdate'], 'charid' => 0, 'name' => $Data['Comment'], 'mainchar' => false, 'classname' => array('___'), 'activeclass' => '___', 'role' => $Data['Role'], 'role1' => $Data['Role'], 'role2' => $Data['Role'], 'status' => $Data['Status'], 'comment' => '', 'character' => array()); array_push($Attendees, $AttendeeData); ++$NumAttended; } } else { // CharacterId is set $AttendeeData = array('id' => $Data['AttendanceId'], 'hasId' => true, 'userId' => $Data['UserId'], 'timestamp' => $Data['LastUpdate'], 'charid' => $Data['CharacterId'], 'name' => $Data['Name'], 'mainchar' => $Data['Mainchar'], 'classname' => explode(':', $Data['Class']), 'activeclass' => $Data['ActiveClass'], 'role' => $Data['Role'], 'role1' => $Data['Role1'], 'role2' => $Data['Role2'], 'status' => $Data['Status'], 'comment' => $Data['Comment'], 'character' => array()); $CharQuery = $Connector->prepare('SELECT ' . RP_TABLE_PREFIX . 'Character.*, ' . RP_TABLE_PREFIX . 'User.Login AS UserName ' . 'FROM `' . RP_TABLE_PREFIX . 'User` LEFT JOIN `' . RP_TABLE_PREFIX . 'Character` USING(UserId) ' . 'WHERE UserId = :UserId AND Game = :Game ' . 'ORDER BY Mainchar, CharacterId ASC'); $CharQuery->bindValue(':UserId', $Data['UserId'], PDO::PARAM_INT); $CharQuery->bindValue(':Game', $gGame['GameId'], PDO::PARAM_STR); $CharQuery->loop(function ($CharData) use(&$AttendeeData) { $Character = array('id' => $CharData['CharacterId'], 'name' => $CharData['Name'], 'mainchar' => $CharData['Mainchar'], 'classname' => explode(':', $CharData['Class']), 'role1' => $CharData['Role1'], 'role2' => $CharData['Role2']); array_push($AttendeeData['character'], $Character); }); if ($Data['Status'] == 'ok' || $Data['Status'] == 'available') { ++$NumAttended; } array_push($Attendees, $AttendeeData); } }); } // Fetch all registered and unblocked users $AllUsersQuery = $Connector->prepare('SELECT ' . RP_TABLE_PREFIX . 'User.UserId ' . 'FROM `' . RP_TABLE_PREFIX . 'User` ' . 'WHERE `Group` != "none"'); $AllUsersQuery->loop(function ($User) use(&$gGame, &$Connector, &$MaxAttendanceId, &$EndTimestamp, &$Participants, &$Attendees) { if (!in_array(intval($User['UserId']), $Participants)) { // Users that are not registered for this raid are undecided // Fetch their character data, maincharacter first $CharQuery = $Connector->prepare('SELECT ' . RP_TABLE_PREFIX . 'Character.*, ' . RP_TABLE_PREFIX . 'User.Login AS UserName ' . 'FROM `' . RP_TABLE_PREFIX . 'Character` LEFT JOIN `' . RP_TABLE_PREFIX . 'User` USING(UserId) ' . 'WHERE UserId = :UserId AND Created < FROM_UNIXTIME(:RaidEnd) AND Game = :Game ' . 'ORDER BY Mainchar, CharacterId ASC'); $CharQuery->bindValue(':UserId', $User['UserId'], PDO::PARAM_INT); $CharQuery->bindValue(':RaidEnd', $EndTimestamp, PDO::PARAM_INT); $CharQuery->bindValue(':Game', $gGame['GameId'], PDO::PARAM_STR); $UserData = $CharQuery->fetchFirstOfLoop(); if ($UserData != null) { // Absent user have no attendance Id, so we need to generate one // that is not in use (for this raid). ++$MaxAttendanceId; $Classes = explode(':', $UserData['Class']); $AttendeeData = array('id' => $MaxAttendanceId, 'hasId' => false, 'userId' => $UserData['UserId'], 'timestamp' => time(), 'charid' => $UserData['CharacterId'], 'name' => $UserData['Name'], 'mainchar' => $UserData['Mainchar'], 'classname' => $Classes, 'activeclass' => $Classes[0], 'role' => $UserData['Role1'], 'role1' => $UserData['Role1'], 'role2' => $UserData['Role2'], 'status' => 'undecided', 'comment' => '', 'character' => array()); $CharQuery->loop(function ($UserData) use(&$AttendeeData) { $Character = array('id' => $UserData['CharacterId'], 'name' => $UserData['Name'], 'mainchar' => $UserData['Mainchar'], 'classname' => explode(':', $UserData['Class']), 'role1' => $UserData['Role1'], 'role2' => $UserData['Role2']); array_push($AttendeeData['character'], $Character); }); array_push($Attendees, $AttendeeData); } } }); $Out->pushValue('attendee', $Attendees); $Out->pushValue('attended', $NumAttended); $ExportParameter = Api::normalizeArgsRaid(array('raid' => intval($aRequest['id']), 'attends' => true)); $Out->pushValue('token', Api::getPublicToken($ExportParameter)); } if (validRaidlead()) { msgQueryLocations($aRequest); } } else { $Out = Out::getInstance(); $Out->pushError(L('AccessDenied')); } }
include_once "../includes/util.php"; $error = ""; function calcTime($diff) { if (1 > $diff) { return "now"; } else { $w = $diff / 86400 / 7; $d = $diff / 86400 % 7; $h = $diff / 3600 % 24; $m = $diff / 60 % 60; $s = $diff % 60; return "{$h} hours, {$m} mins, and {$s} seconds"; } } if (!isset($_SESSION['user']) || !isset($_SESSION['pass']) || !validUser($_SESSION['user'], $_SESSION['pass'], true)) { header("Location: https://profiles.ac3-servers.eu/login/"); } $cache = phpFastCache(); $reset = $cache->get("reset_" . $_SESSION['user']); $enabled = true; if (!isset($reset) || empty($reset) || $reset == null) { $enabled = true; } else { if ($reset - time() < 1) { $enabled = true; } else { $enabled = false; } } if (isset($_POST['reset'])) {
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. // You should have received a copy of the GNU General Public License // along with PHPDaft; if not, write to the Free Software // Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA // Visa var filerna finns ini_set("include_path", "/home/daft/konferens/"); // Inkludera filer require "Functions/function_validUser.php"; require "Classes/class_Configuration.php"; require "Classes/class_User.php"; require "Classes/class_UserPresentation.php"; require "Classes/yapter.php"; $oConfiguration =& Configuration::createInstance(); // Kolla om inloggad session_start(); if (!validUser()) { trigger_error("43", E_USER_ERROR); } // Template $oTemplate = new Template("/home/daft/Templates/NewThread.tpl"); $oTemplate->setParseMode(TRUE); $oTemplate->setWarningLevel(E_YAPTER_ERROR); $oTemplate->set("Title", $oConfiguration->getCustomValue("Title")); $oTemplate->set("User_ID", $_SESSION['oUser']->getID()); $oTemplate->set("User_Name", htmlspecialchars($_SESSION['oUser']->getName())); $oTemplate->replace("Login_Outside", "Login_Inside"); $oTemplate->set("Signature", "\n\n\n" . $_SESSION['oUser']->getSignature()); // Tryck ut $oTemplate->parse(); $oTemplate->spit();
function msgRaidList($aRequest) { if (validUser()) { global $gGame; loadGameSettings(); $Out = Out::getInstance(); $Connector = Connector::getInstance(); // Get next 6 raids $NextRaidQuery = $Connector->prepare('Select ' . RP_TABLE_PREFIX . 'Raid.*, ' . RP_TABLE_PREFIX . 'Location.*, ' . RP_TABLE_PREFIX . 'Attendance.CharacterId, ' . RP_TABLE_PREFIX . 'Attendance.UserId, ' . RP_TABLE_PREFIX . 'Attendance.Status, ' . RP_TABLE_PREFIX . 'Attendance.Class, ' . RP_TABLE_PREFIX . 'Attendance.Role, ' . RP_TABLE_PREFIX . 'Attendance.Comment, ' . 'UNIX_TIMESTAMP(' . RP_TABLE_PREFIX . 'Raid.Start) AS StartUTC, ' . 'UNIX_TIMESTAMP(' . RP_TABLE_PREFIX . 'Raid.End) AS EndUTC ' . 'FROM `' . RP_TABLE_PREFIX . 'Raid` ' . 'LEFT JOIN `' . RP_TABLE_PREFIX . 'Location` USING(LocationId) ' . 'LEFT JOIN `' . RP_TABLE_PREFIX . 'Attendance` USING(RaidId) ' . 'LEFT JOIN `' . RP_TABLE_PREFIX . 'Character` USING (CharacterId) ' . 'WHERE ' . RP_TABLE_PREFIX . 'Raid.Start >= FROM_UNIXTIME(:Start) ' . 'AND ' . RP_TABLE_PREFIX . 'Location.Game = :Game ' . 'ORDER BY ' . RP_TABLE_PREFIX . 'Raid.Start, ' . RP_TABLE_PREFIX . 'Raid.RaidId'); $NextRaidQuery->bindValue(':Start', mktime(0, 0, 0), PDO::PARAM_INT); $NextRaidQuery->bindValue(':Game', $gGame['GameId'], PDO::PARAM_STR); parseRaidQuery($aRequest, $NextRaidQuery, 6); // Load raid history $RaidHistoryQuery = $Connector->prepare('Select ' . RP_TABLE_PREFIX . 'Raid.*, ' . RP_TABLE_PREFIX . 'Location.*, ' . 'UNIX_TIMESTAMP(' . RP_TABLE_PREFIX . 'Raid.Start) AS StartUTC, ' . 'UNIX_TIMESTAMP(' . RP_TABLE_PREFIX . 'Raid.End) AS EndUTC ' . 'FROM `' . RP_TABLE_PREFIX . 'Raid` ' . 'LEFT JOIN `' . RP_TABLE_PREFIX . 'Location` USING(LocationId) ' . 'WHERE ' . RP_TABLE_PREFIX . 'Raid.Start < FROM_UNIXTIME(:Start) ' . 'AND ' . RP_TABLE_PREFIX . 'Location.Game = :Game ' . 'ORDER BY Start DESC LIMIT ' . intval($aRequest['offset']) . ', ' . intval($aRequest['count'])); $RaidHistoryQuery->bindValue(':Start', mktime(0, 0, 0), PDO::PARAM_INT); $RaidHistoryQuery->bindValue(':Game', $gGame['GameId'], PDO::PARAM_STR); $RaidList = array(); $RaidHistoryQuery->loop(function ($Data) use(&$RaidList) { $StartDate = getdate($Data['StartUTC']); $EndDate = getdate($Data['EndUTC']); $Raid = array('id' => $Data['RaidId'], 'location' => $Data['Name'], 'stage' => $Data['Stage'], 'image' => $Data['Image'], 'size' => $Data['Size'], 'startDate' => $StartDate['year'] . '-' . leadingZero10($StartDate['mon']) . '-' . leadingZero10($StartDate['mday']), 'start' => leadingZero10($StartDate['hours']) . ':' . leadingZero10($StartDate['minutes']), 'endDate' => $EndDate['year'] . '-' . leadingZero10($EndDate['mon']) . '-' . leadingZero10($EndDate['mday']), 'end' => leadingZero10($EndDate['hours']) . ':' . leadingZero10($EndDate['minutes'])); array_push($RaidList, $Raid); }); $Out->pushValue('history', $RaidList); } else { $Out = Out::getInstance(); $Out->pushError(L('AccessDenied')); } }