/** * method run_validations * param * return Run validations before insert data into the configuration file, if some data is not correctly validated it's not inserted. */ private function run_validations() { /* * SERVER SETTINGS */ // NAME if (isset($_POST['game_logo']) && $_POST['game_logo'] != '') { $this->_game_config['game_logo'] = $_POST['game_logo']; } // LOGO if (isset($_POST['game_name']) && $_POST['game_name'] != '') { $this->_game_config['game_name'] = $_POST['game_name']; } // LANGUAGE if (isset($_POST['language'])) { $this->_game_config['lang'] = $_POST['language']; } else { $this->_game_config['lang']; } // GENERAL RATE if (isset($_POST['game_speed']) && is_numeric($_POST['game_speed'])) { $this->_game_config['game_speed'] = 2500 * $_POST['game_speed']; } // SPEED OF FLEET if (isset($_POST['fleet_speed']) && is_numeric($_POST['fleet_speed'])) { $this->_game_config['fleet_speed'] = 2500 * $_POST['fleet_speed']; } // SPEED OF PRODUCTION if (isset($_POST['resource_multiplier']) && is_numeric($_POST['resource_multiplier'])) { $this->_game_config['resource_multiplier'] = $_POST['resource_multiplier']; } // ADMIN EMAIL CONTACT if (isset($_POST['admin_email']) && $_POST['admin_email'] != '' && FunctionsLib::valid_email($_POST['admin_email'])) { $this->_game_config['admin_email'] = $_POST['admin_email']; } // FORUM LINK if (isset($_POST['forum_url']) && $_POST['forum_url'] != '') { $this->_game_config['forum_url'] = FunctionsLib::prep_url($_POST['forum_url']); } // ACTIVATE SERVER if (isset($_POST['closed']) && $_POST['closed'] == 'on') { $this->_game_config['game_enable'] = 1; } else { $this->_game_config['game_enable'] = 0; } // OFF-LINE MESSAGE if (isset($_POST['close_reason']) && $_POST['close_reason'] != '') { $this->_game_config['close_reason'] = addslashes($_POST['close_reason']); } // SSL ENABLED if (isset($_POST['ssl_enabled']) && $_POST['ssl_enabled'] == 'on') { $this->_game_config['ssl_enabled'] = 1; } else { $this->_game_config['ssl_enabled'] = 0; } /* * DATE AND TIME PARAMETERS */ // SHORT DATE if (isset($_POST['date_time_zone']) && $_POST['date_time_zone'] != '') { $this->_game_config['date_time_zone'] = $_POST['date_time_zone']; } if (isset($_POST['date_format']) && $_POST['date_format'] != '') { $this->_game_config['date_format'] = $_POST['date_format']; } // EXTENDED DATE if (isset($_POST['date_format_extended']) && $_POST['date_format_extended'] != '') { $this->_game_config['date_format_extended'] = $_POST['date_format_extended']; } /* * SEVERAL PARAMETERS */ // PROTECTION if (isset($_POST['adm_attack']) && $_POST['adm_attack'] == 'on') { $this->_game_config['adm_attack'] = 1; } else { $this->_game_config['adm_attack'] = 0; } // DEBUG MODE if (isset($_POST['debug']) && $_POST['debug'] == 'on') { $this->_game_config['debug'] = 1; } else { $this->_game_config['debug'] = 0; } // SHIPS TO DEBRIS if (isset($_POST['Fleet_Cdr']) && is_numeric($_POST['Fleet_Cdr'])) { if ($_POST['Fleet_Cdr'] < 0) { $this->_game_config['fleet_cdr'] = 0; $Number2 = 0; } else { $this->_game_config['fleet_cdr'] = $_POST['Fleet_Cdr']; $Number2 = $_POST['Fleet_Cdr']; } } // DEFENSES TO DEBRIS if (isset($_POST['Defs_Cdr']) && is_numeric($_POST['Defs_Cdr'])) { if ($_POST['Defs_Cdr'] < 0) { $this->_game_config['defs_cdr'] = 0; $Number = 0; } else { $this->_game_config['defs_cdr'] = $_POST['Defs_Cdr']; $Number = $_POST['Defs_Cdr']; } } // PROTECTION FOR NOVICES if (isset($_POST['noobprotection']) && $_POST['noobprotection'] == 'on') { $this->_game_config['noobprotection'] = 1; } else { $this->_game_config['noobprotection'] = 0; } // PROTECTION N. POINTS if (isset($_POST['noobprotectiontime']) && is_numeric($_POST['noobprotectiontime'])) { $this->_game_config['noobprotectiontime'] = $_POST['noobprotectiontime']; } // PROTECCION N. LIMIT POINTS if (isset($_POST['noobprotectionmulti']) && is_numeric($_POST['noobprotectionmulti'])) { $this->_game_config['noobprotectionmulti'] = $_POST['noobprotectionmulti']; } }
/** * run_validations() * param * return run validations and return bool result **/ private function run_validations() { $errors = 0; if (!FunctionsLib::valid_email($_POST['email'])) { $errors++; } if (!$_POST['character']) { $errors++; } if (strlen($_POST['password']) < 8) { $errors++; } if (preg_match("/[^A-z0-9_\\-]/", $_POST['character']) == 1) { $errors++; } if ($_POST['agb'] != 'on') { $errors++; } if ($this->check_user()) { $errors++; } if ($this->check_email()) { $errors++; } if ($errors > 0) { return FALSE; } else { return TRUE; } }
/** * @method createAccount * @return negative value if an error ocurred, or 0 if admin account was successfully created * -1: Some field is empty * -2: Admin email is invalid */ private function createAccount() { // validations if (empty($_POST['adm_user']) || empty($_POST['adm_pass']) || empty($_POST['adm_email'])) { return -1; } if (!FunctionsLib::valid_email($_POST['adm_email'])) { return -2; } // some default values $adm_name = parent::$db->escapeValue($_POST['adm_user']); $adm_email = parent::$db->escapeValue($_POST['adm_email']); $adm_pass = sha1($_POST['adm_pass']); // a bunch of of queries :/ parent::$db->query("INSERT INTO " . USERS . " SET\n `user_id` = '1',\n `user_name` = '" . $adm_name . "',\n `user_email` = '" . $adm_email . "',\n `user_email_permanent` = '" . $adm_email . "',\n `user_ip_at_reg` = '" . $_SERVER['REMOTE_ADDR'] . "',\n `user_agent` = '',\n `user_authlevel` = '3',\n `user_home_planet_id` = '1',\n `user_galaxy` = '1',\n `user_system` = '1',\n `user_planet` = '1',\n `user_current_planet` = '1',\n `user_register_time` = '" . time() . "',\n `user_password` = '" . $adm_pass . "';"); $this->_planet->createPlanetWithOptions(array('planet_user_id' => 1, 'planet_name' => $adm_name, 'planet_galaxy' => 1, 'planet_system' => 1, 'planet_planet' => 1, 'planet_last_update' => time(), 'planet_metal' => 500, 'planet_crystal' => 500, 'planet_deuterium' => 0)); parent::$db->query("INSERT INTO " . RESEARCH . " SET `research_user_id` = '1';"); parent::$db->query("INSERT INTO " . USERS_STATISTICS . " SET `user_statistic_user_id` = '1';"); parent::$db->query("INSERT INTO " . PREMIUM . " SET `premium_user_id` = '1';"); parent::$db->query("INSERT INTO " . SETTINGS . " SET `setting_user_id` = '1';"); parent::$db->query("INSERT INTO " . BUILDINGS . " SET `building_planet_id` = '1';"); parent::$db->query("INSERT INTO " . DEFENSES . " SET `defense_planet_id` = '1';"); parent::$db->query("INSERT INTO " . SHIPS . " SET `ship_planet_id` = '1';"); // write the new admin email for support and debugging FunctionsLib::update_config('admin_email', $adm_email); return true; }
/** * method make_user * param * return a created user */ private function make_user() { $parse = $this->_lang; $parse['level_combo'] = $this->build_level_combo(); if (isset($_POST['add_user']) && $_POST['add_user']) { $name = (string) $_POST['name']; $pass = (string) $_POST['password']; $email = (string) $_POST['email']; $galaxy = (int) $_POST['galaxy']; $system = (int) $_POST['system']; $planet = (int) $_POST['planet']; $auth = (int) $_POST['authlevel']; $time = time(); $i = 0; $error = ''; $check_user = parent::$db->queryFetch("SELECT `user_name`\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tFROM " . USERS . "\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tWHERE `user_name` = '" . parent::$db->escapeValue($_POST['name']) . "'\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tLIMIT 1"); $check_email = parent::$db->queryFetch("SELECT `user_email`\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tFROM " . USERS . "\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tWHERE `user_email` = '" . parent::$db->escapeValue($_POST['email']) . "'\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tLIMIT 1"); $check_planet = parent::$db->queryFetch("SELECT COUNT(planet_id) AS count\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tFROM " . PLANETS . "\n\t\t\t\t\t\t\t\t\t\t\t\t\t\tWHERE `planet_galaxy` = '" . $galaxy . "' AND\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t`planet_system` = '" . $system . "' AND\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t`planet_planet` = '" . $planet . "' LIMIT 1"); if (!is_numeric($galaxy) && !is_numeric($system) && !is_numeric($planet)) { $error = $this->_lang['mk_user_only_numbers']; $i++; } elseif ($galaxy > MAX_GALAXY_IN_WORLD or $system > MAX_SYSTEM_IN_GALAXY || $planet > MAX_PLANET_IN_SYSTEM || $galaxy < 1 || $system < 1 || $planet < 1) { $error = $this->_lang['mk_user_wrong_coords']; $i++; } if (!$name or !$email or !$galaxy or !$system or !$planet) { $error .= $this->_lang['mk_user_complete_all']; $i++; } if (!FunctionsLib::valid_email(strip_tags($email))) { $error .= $this->_lang['mk_user_invalid_email']; $i++; } if ($check_user) { $error .= $this->_lang['mk_user_existing_name']; $i++; } if ($check_email) { $error .= $this->_lang['mk_user_existing_email']; $i++; } if ($check_planet['count'] != 0) { $error .= $this->_lang['mk_user_existing_planet']; $i++; } if (isset($_POST['password_check']) && $_POST['password_check']) { $pass = $this->generate_password(); } else { if (strlen($pass) < 4) { $error .= $this->_lang['mk_user_invalid_password']; $i++; } } if ($i == 0) { parent::$db->query("INSERT INTO " . USERS . " SET\n\t\t\t\t\t\t\t\t\t\t`user_name` = '" . parent::$db->escapeValue(strip_tags($name)) . "',\n\t\t\t\t\t\t\t\t\t\t`user_email` = '" . parent::$db->escapeValue($email) . "',\n\t\t\t\t\t\t\t\t\t\t`user_email_permanent` = '" . parent::$db->escapeValue($email) . "',\n\t\t\t\t\t\t\t\t\t\t`user_ip_at_reg` = '" . $_SERVER['REMOTE_ADDR'] . "',\n\t\t\t\t\t\t\t\t\t\t`user_home_planet_id` = '0',\n\t\t\t\t\t\t\t\t\t\t`user_register_time` = '" . $time . "',\n\t\t\t\t\t\t\t\t\t\t`user_onlinetime` = '" . $time . "',\n\t\t\t\t\t\t\t\t\t\t`user_authlevel` = '" . $auth . "',\n\t\t\t\t\t\t\t\t\t\t`user_password`='" . sha1($pass) . "';"); $last_user_id = parent::$db->insertId(); $this->_creator->create_planet($galaxy, $system, $planet, $last_user_id, '', TRUE); $last_planet_id = parent::$db->insertId(); parent::$db->query("UPDATE " . USERS . " SET\n\t\t\t\t\t\t\t\t\t\t`user_home_planet_id` = '" . $last_planet_id . "',\n\t\t\t\t\t\t\t\t\t\t`user_current_planet` = '" . $last_planet_id . "',\n\t\t\t\t\t\t\t\t\t\t`user_galaxy` = '" . $galaxy . "',\n\t\t\t\t\t\t\t\t\t\t`user_system` = '" . $system . "',\n\t\t\t\t\t\t\t\t\t\t`user_planet` = '" . $planet . "'\n\t\t\t\t\t\t\t\t\t\tWHERE `user_id` = '" . $last_user_id . "'\n\t\t\t\t\t\t\t\t\t\tLIMIT 1;"); parent::$db->query("INSERT INTO " . RESEARCH . " SET\n\t\t\t\t\t\t\t\t\t\t`research_user_id` = '" . $last_user_id . "';"); parent::$db->query("INSERT INTO " . USERS_STATISTICS . " SET\n\t\t\t\t\t\t\t\t\t\t`user_statistic_user_id` = '" . $last_user_id . "';"); parent::$db->query("INSERT INTO " . PREMIUM . " SET\n\t\t\t\t\t\t\t\t\t\t`premium_user_id` = '" . $last_user_id . "';"); parent::$db->query("INSERT INTO " . SETTINGS . " SET\n\t\t\t\t\t\t\t\t\t\t`setting_user_id` = '" . $last_user_id . "';"); $this->_alert = AdministrationLib::save_message('ok', str_replace('%s', $pass, $this->_lang['mk_user_added'])); } else { $this->_alert = AdministrationLib::save_message('warning', '<br/>' . $error); } } return parent::$page->parse_template(parent::$page->get_template('adm/maker_user_view'), $parse); }