public function password_change($old_password_unsafe, $new_password_unsafe) { global $lang; if (empty($this->providers_authorised)) { // TODO - такого быть не может! self::flog("Не найдено ни одного авторизированного провайдера в self::\$providers_authorised", true); return false; } // TODO - Проверять пароль на корректность // TODO - Не менять (?) пароль у аккаунтов, к которым пристёгнут хоть один игрок с AUTH_LEVEL > 0 $salt_unsafe = self::password_salt_generate(); $providers_changed_password = array(); foreach ($this->providers_authorised as $provider_id => $provider) { if (!$provider->is_feature_supported(AUTH_FEATURE_PASSWORD_CHANGE) || !$provider->password_change($old_password_unsafe, $new_password_unsafe, $salt_unsafe)) { continue; } // Узнаем список игроков, которые прикреплены к этому аккаунту // $account_translation = self::db_translate_get_users_from_account_list($provider_id, $provider->account->account_id); $account_translation = PlayerToAccountTranslate::db_translate_get_users_from_account_list($provider_id, $provider->account->account_id); // Рассылаем уведомления о смене пароля в ЛС foreach ($account_translation as $user_id => $provider_info) { // TODO - УКазывать тип аккаунта, на котором сменён пароль msg_send_simple_message($user_id, 0, SN_TIME_NOW, MSG_TYPE_ADMIN, $lang['sys_administration'], $lang['sys_login_register_message_title'], sprintf($lang['sys_login_register_message_body'], $provider->account->account_name, $new_password_unsafe), false); } $providers_changed_password[$provider_id] = $provider; } // TODO - отсылать уведомление на емейл return !empty($providers_changed_password); }
protected function password_reset_confirm() { global $lang, $config; if (!$this->is_password_reset_confirm) { return $this->account_login_status; } if ($this->account_login_status != LOGIN_UNDEFINED) { return $this->account_login_status; } // Проверяем поддержку сброса пароля if (!$this->is_feature_supported(AUTH_FEATURE_PASSWORD_RESET)) { return $this->account_login_status; } try { $code_unsafe = sys_get_param_str_unsafe('password_reset_code'); if (empty($code_unsafe)) { throw new Exception(PASSWORD_RESTORE_ERROR_CODE_EMPTY, ERR_ERROR); } sn_db_transaction_start(); $confirmation = $this->confirmation->db_confirmation_get_by_type_and_code(CONFIRM_PASSWORD_RESET, $code_unsafe); // OK 4.5 if (empty($confirmation)) { throw new Exception(PASSWORD_RESTORE_ERROR_CODE_WRONG, ERR_ERROR); } if (SN_TIME_NOW - strtotime($confirmation['create_time']) > AUTH_PASSWORD_RESET_CONFIRMATION_EXPIRE) { throw new Exception(PASSWORD_RESTORE_ERROR_CODE_TOO_OLD, ERR_ERROR); } unset($this->account); $this->account = new Account($this->db); if (!$this->account->db_get_by_email($confirmation['email'])) { throw new Exception(PASSWORD_RESTORE_ERROR_CODE_OK_BUT_NO_ACCOUNT_FOR_EMAIL, ERR_ERROR); } $new_password_unsafe = $this->make_random_password(); $salt_unsafe = $this->password_salt_generate(); if (!$this->account->db_set_password($new_password_unsafe, $salt_unsafe)) { // Ошибка смены пароля throw new Exception(AUTH_ERROR_INTERNAL_PASSWORD_CHANGE_ON_RESTORE, ERR_ERROR); } $this->account_login_status = LOGIN_UNDEFINED; $this->remember_me = 1; $this->cookie_set(); $this->login_cookie(); if ($this->account_login_status == LOGIN_SUCCESS) { // TODO - НЕ ОБЯЗАТЕЛЬНО ОТПРАВЛЯТЬ ЧЕРЕЗ ЕМЕЙЛ! ЕСЛИ ЭТО ФЕЙСБУЧЕК ИЛИ ВКШЕЧКА - МОЖНО ЧЕРЕЗ ЛС ПИСАТЬ!! $message_header = sprintf($lang['log_lost_email_title'], $config->game_name); $message = sprintf($lang['log_lost_email_pass'], $config->game_name, $this->account->account_name, $new_password_unsafe); @($operation_result = mymail($confirmation['email'], $message_header, htmlspecialchars($message))); // $users_translated = classSupernova::$auth->db_translate_get_users_from_account_list($this->provider_id, $this->account->account_id); // OK 4.5 $users_translated = PlayerToAccountTranslate::db_translate_get_users_from_account_list($this->provider_id, $this->account->account_id); // OK 4.5 if (!empty($users_translated)) { // Отправляем в лички письмо о сбросе пароля // ПО ОПРЕДЕЛЕНИЮ в $users_translated только // - аккаунты, поддерживающие сброс пароля // - список аккаунтов, имеющих тот же емейл, что указан в Подтверждении // - игроки, привязанные только к этим аккаунтам // Значит им всем сразу скопом можно отправлять сообщения $message = sprintf($lang['sys_password_reset_message_body'], $new_password_unsafe); $message = sys_bbcodeParse($message) . '<br><br>'; // msg_send_simple_message($found_provider->data[F_USER_ID], 0, SN_TIME_NOW, MSG_TYPE_ADMIN, $lang['sys_administration'], $lang['sys_login_register_message_title'], $message); foreach ($users_translated as $user_id => $providers_list) { msg_send_simple_message($user_id, 0, SN_TIME_NOW, MSG_TYPE_ADMIN, $lang['sys_administration'], $lang['sys_login_register_message_title'], $message); } } else { // Фигня - может быть и пустой, если у нас есть только аккаунт, но нет пользователей // throw new Exception(AUTH_PASSWORD_RESET_INSIDE_ERROR_NO_ACCOUNT_FOR_CONFIRMATION, ERR_ERROR); } } $this->confirmation->db_confirmation_delete_by_type_and_email(CONFIRM_PASSWORD_RESET, $confirmation['email']); // OK 4.5 sn_db_transaction_commit(); sys_redirect('overview.php'); } catch (Exception $e) { sn_db_transaction_rollback(); $this->account_login_status = $e->getMessage(); } return $this->account_login_status; }
public function metamatter_change($change_type, $metamatter, $comment = false, $already_changed = false) { global $debug, $mm_change_legit, $config; if (!$this->is_exists || !($metamatter = round(floatval($metamatter)))) { $debug->error('Ошибка при попытке манипуляции с ММ'); return false; } $account_id_safe = $this->db->db_escape($this->account_id); $mm_change_legit = true; // $sn_data_metamatter_db_name = pname_resource_name(RES_METAMATTER); if ($already_changed) { $metamatter_total_delta = 0; $result = -1; } else { $metamatter_total_delta = $metamatter > 0 ? $metamatter : 0; $result = $this->db->doquery("UPDATE {{account}}\n SET\n `account_metamatter` = `account_metamatter` + '{$metamatter}'" . ($metamatter_total_delta ? ", `account_immortal` = IF(`account_metamatter_total` + '{$metamatter_total_delta}' >= {$config->player_metamatter_immortal}, NOW(), `account_immortal`), `account_metamatter_total` = `account_metamatter_total` + '{$metamatter_total_delta}'" : '') . " WHERE `account_id` = {$account_id_safe}"); if (!$result) { $debug->error("Error adjusting Metamatter for player ID {$this->account_id} (Player Not Found?) with {$metamatter}. Reason: {$comment}", 'Metamatter Change', 402); } $result = classSupernova::$db->db_affected_rows(); } if (empty(core_auth::$user['id'])) { $user_list = PlayerToAccountTranslate::db_translate_get_users_from_account_list(core_auth::$main_provider->provider_id, $this->account_id); reset($user_list); $user_id_unsafe = key($user_list); } else { $user_id_unsafe = core_auth::$user['id']; } $user_id_safe = $this->db->db_escape($user_id_unsafe); if (!$result) { $debug->error("Error adjusting Metamatter for player ID {$this->account_id} (Player Not Found?) with {$metamatter}. Reason: {$comment}", 'Metamatter Change', 402); } if (!$already_changed) { $this->account_metamatter += $metamatter; $this->account_metamatter_total += $metamatter_total_delta; } if (is_array($comment)) { $comment = call_user_func_array('sprintf', $comment); } $result = $this->db_mm_log_insert($comment, $change_type, $metamatter, $user_id_unsafe); if ($metamatter > 0 && !empty($user_id_safe)) { $old_referral = doquery("SELECT * FROM {{referrals}} WHERE `id` = {$user_id_safe} LIMIT 1 FOR UPDATE;", '', true); if ($old_referral['id']) { $dark_matter_from_metamatter = $metamatter * AFFILIATE_MM_TO_REFERRAL_DM; doquery("UPDATE {{referrals}} SET dark_matter = dark_matter + '{$dark_matter_from_metamatter}' WHERE `id` = {$user_id_safe} LIMIT 1;"); $new_referral = doquery("SELECT * FROM {{referrals}} WHERE `id` = {$user_id_safe} LIMIT 1;", '', true); $partner_bonus = floor($new_referral['dark_matter'] / $config->rpg_bonus_divisor) - ($old_referral['dark_matter'] >= $config->rpg_bonus_minimum ? floor($old_referral['dark_matter'] / $config->rpg_bonus_divisor) : 0); if ($partner_bonus > 0 && $new_referral['dark_matter'] >= $config->rpg_bonus_minimum) { rpg_points_change($new_referral['id_partner'], RPG_REFERRAL_BOUGHT_MM, $partner_bonus, "Incoming MM From Referral ID {$user_id_safe}"); } } } $mm_change_legit = false; return $result; }