<?php header('Content-Type: text/html; charset=utf-8'); $mode = isset($_GET['action']) ? $_GET['action'] : $_POST['action']; include 'cfu.php'; postHead(''); AuthUser(); if ($CFU_Time >= $_SESSION['timeauth'] + $TIME_OUT_TIME || $_SESSION['timeauth'] <= $CFU_Time - $TIME_OUT_TIME) { echo "驗證機制!<br>請重新登入!"; exit; } GetUsrDetails("{$_SESSION['username']}", 'Gen', 'Game'); //Tactics Learning center GUI if ($mode == 'main') { unset($CancelFlag, $TactMessage); echo "<br>戰術學院<hr>"; if ($actionb == 'proclearn') { $Tactics = GetTactics($learndesired); if ($Tactics['price'] > $Gen['cash']) { $TactMessage = '金錢不足!'; $CancelFlag = '1'; } if ($Tactics['needlv'] > $Game['level']) { $TactMessage .= '等級不足!'; $CancelFlag = '1'; } if (ereg("({$Tactics['id']})+", $Game['tactics'])) { $TactMessage .= "你早就學會了 {$Tactics['name']} 。"; $CancelFlag = '1'; } if (!$CancelFlag) {
<?php $mode = isset($_GET['action']) ? $_GET['action'] : $_POST['action']; include 'cfu.php'; if (empty($PriTarget)) { $PriTarget = 'Alpha'; } if (empty($SecTarget)) { $SecTarget = 'Beta'; } postHead(''); AuthUser("{$Pl_Value['USERNAME']}", "{$Pl_Value['PASSWORD']}"); if ($CFU_Time >= $TIMEAUTH + $TIME_OUT_TIME || $TIMEAUTH <= $CFU_Time - $TIME_OUT_TIME) { echo "連線逾時!<br>請重新登入!"; exit; } include 'includes/sfo.class.php'; $Pl = new player_stats(); $Pl->SetUser($Pl_Value['USERNAME']); $Pl->FetchPlayer(); $t_now = time(); if ($t_now - $Pl->Player['btltime'] <= 1) { echo "動作過快。"; postFooter(); mysql_query("UPDATE `" . $GLOBALS['DBPrefix'] . "phpeb_user_general_info` SET `btltime` = " . intval($t_now + 10) . " WHERE `username` = '" . $Pl->Player['name'] . "' LIMIT 1;"); exit; } if ($Pl->Player['organization'] != 0) { $sql = "SELECT `occupied`, `tickets` FROM `" . $GLOBALS['DBPrefix'] . "phpeb_user_map` WHERE map_id = '" . $Pl->Player['coordinates'] . "';"; $query = mysql_query($sql); $localArea = mysql_fetch_row($query);
// Checking if session id is invalid if (preg_match("/[^A-Za-z0-9]/", $SESSIONID) or strlen($SESSIONID) < 40) { respond('BADSESSIONID', ''); } // Checking if action is invalid if (preg_match("/[^a-z]/", $ACTION) or strlen($ACTION) != 3) { respond('BADACTION', ''); } // CONNECT TO THE DATABASE $mysqli = new mysqli('cge', 'cgeclient', 'www', 'cge'); // CHECK CONNECTION if (mysqli_connect_errno()) { respond("Connect failed: " . mysqli_connect_error() . "\n", ''); } // Authorize Usage of Database AuthUser($mysqli, $USERNAME, $SESSIONID); if ($ACTION == 'dat') { // GET DATA FROM DATABASE $DATA = GetData($mysqli); // CHECK IF ANY DATA WAS FOUND if (count($DATA) > 0) { respond('ACCEPTED', $DATA); } else { respond('NODATA', ''); } } elseif ($ACTION == 'del') { } elseif ($ACTION == 'upd') { } else { respond('UNKNOWNACTION', ''); } //$stmt = $mysqli->prepare("SELECT i.id iid, i.name name,
//Grants raw materials for a given tact include '../../cfu.php'; postHead('', '../../phpeb_session_dir'); $mode = isset($_POST['action']) ? $_POST['action'] : ''; if (!$mode) { echo "<form action=grantTactRaw.php method=post name=main>"; echo "<input type=hidden value='login' name=action>"; echo "Username: <input type=text value='' name=Pl_Value[USERNAME]>"; echo "Password: <input type=password value='' name=Pl_Value[PASSWORD]>"; echo "<input type=hidden name=\"TIMEAUTH\" value=\"{$CFU_Time}\">"; echo "<input type=submit value='Login'>"; echo "</form>"; exit; } AuthUser($Pl_Value['USERNAME'], $Pl_Value['PASSWORD']); GetUsrDetails("{$Pl_Value['USERNAME']}", 'Gen', 'Game'); if ($Gen['acc_status'] >= 0) { echo "沒有權限存取。<br>如您是管理員, 請先設定管理員身份。<BR>"; postFooter(); exit; } if ($mode == 'process') { $sql = "SELECT `m1`, `m2`, `m3`, `m4`, `m5`, `m6`, `m7`, `m8`, `m9`, `m10`, `m11`, `m12`, `m13`, `m14`, `m15`, `m16`, `m17`, `m18`, `m19`, `m20` "; $sql .= " FROM `" . $GLOBALS['DBPrefix'] . "phpeb_sys_tactfactory` "; $sql .= " WHERE `tact_id` = '{$t_tid}';"; $query = mysql_query($sql); echo "SQL: {$sql}<br>"; if (mysql_num_rows($query) > 0) { $tact = mysql_fetch_array($query); $sql = "UPDATE `" . $GLOBALS['DBPrefix'] . "phpeb_user_tactfactory` SET ";
?action=Resend"><?php echo $text_resend; ?> </a></td> <td class="boxborder list-menu" width="10%"><a href="javascript:popwindow('help.php#userpage','top=150,left=300,width=400,height=400,buttons=no,scrollbars=YES,location=no,menubar=no,resizable=no,status=no,directories=no,toolbar=no')"><?php echo $text_help; ?> </a></td> </tr> </table> <?php // CREATE LOGIN AREA if ($_GET['action'] == 'Login') { if (isset($_GET['sub'])) { if (AuthUser($_REQUEST['username'], $_REQUEST['password']) || isset($_COOKIE['demomode']) && $demomode == 'ON' && $_POST['username'] == 'demo' && $_POST['password'] == 'demo') { $_SESSION['stu_username'] = $_POST['username']; $_SESSION['stu_password'] = $_POST['password']; // LOG THE LOGIN TIMES ONLY DO THIS WHEN NOT IN DEMO MODE if (!isset($_COOKIE['demomode']) || $demomode != 'ON') { // SELECT THE LAST LOGGED IN FIELD $query = "\n\t\t\t\t\t\t\tSELECT tickets_users_newlogin\n\t\t\t\t\t\t\tFROM tickets_users\n\t\t\t\t\t\t\tWHERE tickets_users_username = '******'stu_username'] . "'"; $result = mysql_query($query); $row = mysql_fetch_array($result); // UPDATE THE NEW LOGGED IN FIELD IN THE USER ACCOUNT $query = "\tUPDATE tickets_users\n\t\t\t\t\tSET\n\t\t\t\t\ttickets_users_newlogin\t = '" . mktime() . "',\n\t\t\t\t\ttickets_users_lastlogin\t = '" . $row['0'] . "'\n\t\t\t\t\tWHERE tickets_users_username = '******'stu_username'] . "'"; $result = mysql_query($query); } ?> <meta http-equiv="refresh" content="0;url=<?php echo $_SERVER['PHP_SELF'];
<?php require "../includes/Db.class.php"; require "../classes/User.php"; require "../classes/PregDetails.php"; require "../classes/Validation.php"; $mode = $_REQUEST['mode']; $givenInputArr = $_POST; $inputArr = Validation::validateUserInput($givenInputArr); switch ($mode) { case "save": $arr = saveUserInfo($inputArr); break; default: $arr = AuthUser($mobile, $password); } header('Content-type: application/json'); echo json_encode($arr, true); exit; function saveUserInfo($inputArr) { try { global $db; foreach ($inputArr as $key => $key_value) { $keyArr[$key] = $key_value; } $userObj = new User($db); $r_user = $userObj->getUserDetails($keyArr['mobile_num']); if (is_array($r_user) && sizeof($r_user) > 0) { $user_id = $r_user[0]['user_id']; } else {
<?php //ini_set('display_errors','1'); require "../includes/Db.class.php"; require "../classes/Doctor.php"; $mode = $_REQUEST['mode']; $inputArr = (array) $_REQUEST; switch ($mode) { case "login": $arr = AuthUser($inputArr); break; case "register": $arr = RegisterUser($inputArr); break; default: $arr = AuthUser($inputArr); } echo json_encode($arr); exit; function RegisterUser($inputArr) { try { global $db; foreach ($inputArr as $key => $key_value) { $keyArr[$key] = $key_value; } //print_r($keyArr); $docObj = new Doctor($db); $r_user = $docObj->getDocDetails($keyArr['mobile_num']); //print_r($r_user); if (is_array($r_user) && sizeof($r_user) > 0) {