function msg_send_simple_message($owners, $sender, $timestamp, $message_type, $from, $subject, $text, $escaped = false, $force = false)
{
    global $config, $user, $sn_message_class_list;
    if (!$owners) {
        return;
    }
    $timestamp = $timestamp ? $timestamp : SN_TIME_NOW;
    $sender = intval($sender);
    if (!is_array($owners)) {
        $owners = array($owners);
    }
    if (!$escaped) {
        $from = db_escape($from);
        $subject = db_escape($subject);
        $text = db_escape($text);
    }
    $text_unescaped = stripslashes(str_replace(array('\\r\\n', "\r\n"), "<br />", $text));
    $message_class = $sn_message_class_list[$message_type];
    $message_class_email = $message_class['email'];
    $message_class_switchable = $message_class['switchable'];
    $message_class_name = $message_class['name'];
    $message_class_name_total = $sn_message_class_list[MSG_TYPE_NEW]['name'];
    if ($owners[0] == '*') {
        if ($user['authlevel'] < 3) {
            return false;
        }
        // TODO Добавить $timestamp - рассылка может быть и отсроченной
        // TODO Добавить $sender - рассылка может быть и от кого-то
        db_message_insert_all($message_type, $from, $subject, $text);
        $owners = array();
    } else {
        $insert_values = array();
        $insert_template = "('%u'," . str_replace('%', '%%', " '{$sender}', '{$timestamp}', '{$message_type}', '{$from}', '{$subject}', '{$text}')");
        foreach ($owners as $owner) {
            if ($user['id'] != $owner) {
                $owner_row = db_user_by_id($owner);
            } else {
                $owner_row = $user;
            }
            sys_user_options_unpack($owner_row);
            if ($force || !$message_class_switchable || $owner_row["opt_{$message_class_name}"]) {
                $insert_values[] = sprintf($insert_template, $owner);
            }
            if ($message_class_email && $config->game_email_pm && $owner_row["opt_email_{$message_class_name}"]) {
                @($result = mymail($owner_row['email'], $subject, $text_unescaped, '', true));
            }
        }
        if (empty($insert_values)) {
            return;
        }
        doquery($QryInsertMessage = 'INSERT INTO {{messages}} (`message_owner`, `message_sender`, `message_time`, `message_type`, `message_from`, `message_subject`, `message_text`) ' . 'VALUES ' . implode(',', $insert_values));
    }
    db_user_list_set_mass_mail($owners, "`{$message_class_name}` = `{$message_class_name}` + 1, `{$message_class_name_total}` = `{$message_class_name_total}` + 1");
    if (in_array($user['id'], $owners) || $owners[0] == '*') {
        $user[$message_class_name]++;
        $user[$message_class_name_total]++;
    }
}
Exemplo n.º 2
0
function msg_send_simple_message($owners, $sender, $timestamp, $message_type, $from, $subject, $text, $escaped = false)
{
    global $config, $user, $sn_message_class_list, $time_now;
    $timestamp = $timestamp ? $timestamp : $time_now;
    $sender = intval($sender);
    if (!is_array($owners)) {
        $owners = array($owners);
    }
    if (!$escaped) {
        $from = mysql_real_escape_string($from);
        $subject = mysql_real_escape_string($subject);
        $text = mysql_real_escape_string($text);
    }
    $text_unescaped = stripslashes(str_replace(array('\\r\\n', "\r\n"), "<br />", $text));
    $message_class = $sn_message_class_list[$message_type];
    $message_class_email = $message_class['email'];
    $message_class_switchable = $message_class['switchable'];
    $message_class_name = $message_class['name'];
    $message_class_name_total = $sn_message_class_list[MSG_TYPE_NEW]['name'];
    $QryInsertMessage = 'INSERT INTO {{messages}} (`message_owner`, `message_sender`, `message_time`, `message_type`, `message_from`, `message_subject`, `message_text`) ';
    $QryUpdateUser = "******";
    if ($owners[0] == '*') {
        if ($user['authlevel'] < 3) {
            return false;
        }
        $QryInsertMessage .= "SELECT `id`, 0, unix_timestamp(now()), {$message_type}, '{$from}', '{$subject}', '{$text}' FROM {{users}}; ";
    } else {
        $insert_values = array();
        $insert_template = "('%u'," . str_replace('%', '%%', " '{$sender}', '{$timestamp}', '{$message_type}', '{$from}', '{$subject}', '{$text}')");
        foreach ($owners as $owner) {
            if ($user['id'] != $owner) {
                $owner_row = doquery("SELECT * FROM {{users}} WHERE id = {$owner} LIMIT 1;", '', true);
                sys_user_options_unpack($owner_row);
            } else {
                $owner_row =& $user;
            }
            if (!$message_class_switchable || $owner_row["opt_{$message_class_name}"]) {
                $insert_values[] = sprintf($insert_template, $owner);
            }
            if ($message_class_email && $config->game_email_pm && $owner_row["opt_email_{$message_class_name}"]) {
                @($result = mymail($owner_row['email'], $subject, $text_unescaped, '', true));
            }
        }
        if (empty($insert_values)) {
            return;
        }
        $QryInsertMessage .= 'VALUES ' . implode(',', $insert_values) . ';';
        $QryUpdateUser .= 'WHERE `id` IN (' . implode(',', $owners) . ');';
    }
    doquery($QryInsertMessage);
    doquery($QryUpdateUser);
    if (in_array($user['id'], $owners) || $owners[0] == '*') {
        $user[$message_class_name]++;
        $user[$message_class_name_total]++;
    }
}
Exemplo n.º 3
0
function sn_login($username, $password, $remember_me = '1')
{
    global $lang;
    $username = mysql_real_escape_string($username);
    $login = doquery("SELECT * FROM {{users}} WHERE `username` = '{$username}' LIMIT 1;", '', true);
    if (!$login) {
        $status = LOGIN_ERROR_USERNAME;
        $error_msg = $lang['Login_FailUser'];
        $login = array();
    } elseif ($login['password'] != md5($password)) {
        $status = LOGIN_ERROR_PASSWORD;
        $error_msg = $lang['Login_FailPassword'];
        $login = array();
    } else {
        sys_user_options_unpack($login);
        sn_set_cookie($login, $remember_me);
        $status = LOGIN_SUCCESS;
        $error_msg = '';
    }
    return array('status' => $status, 'error_msg' => $error_msg, 'user_row' => $login);
}
Exemplo n.º 4
0
        sn_ali_fill_user_ally($user);
        if (!$user['ally']['player']['id']) {
            sn_sys_logout(false, true);
            $debug->error("User ID {$user['id']} has ally ID {$user['ally_id']} but no ally info", 'User record error', 502);
        }
        // TODO UNCOMMENT
        que_process($user['ally']['player']);
        db_user_set_by_id($user['ally']['player']['id'], '`onlinetime` = ' . SN_TIME_NOW);
        sn_db_transaction_commit();
    }
    // TODO - в режиме эмуляции, на самом деле!
    sn_db_transaction_start();
    $global_data = sys_o_get_updated($user['id'], $planet_id, SN_TIME_NOW);
    sn_db_transaction_commit();
    $planetrow = $global_data['planet'];
    if (!($planetrow && isset($planetrow['id']) && $planetrow['id'])) {
        sn_sys_logout(false, true);
        $debug->error("User ID {$user['id']} has no current planet and no homeworld", 'User record error', 502);
    }
    $que = $global_data['que'];
}
require_once 'includes/vars_menu.php';
if ($sn_mvc['model']['']) {
    foreach ($sn_mvc['model'][''] as $hook) {
        if (is_callable($hook_call = is_string($hook) ? $hook : (is_array($hook) ? $hook['callable'] : $hook->callable))) {
            call_user_func($hook_call);
        }
    }
}
sys_user_options_unpack($user);
Exemplo n.º 5
0
function sn_options_model()
{
    global $user, $user_option_list, $lang, $template_result, $config;
    $language_new = sys_get_param_str('langer', $user['lang']);
    if ($language_new != $user['lang']) {
        $lang->lng_switch($language_new);
    }
    lng_include('options');
    lng_include('messages');
    $FMT_DATE = preg_replace(array('/d/', '/m/', '/Y/'), array('DD', 'MM', 'YYYY'), FMT_DATE);
    if (sys_get_param_str('mode') == 'change') {
        if ($user['authlevel'] > 0) {
            $planet_protection = sys_get_param_int('adm_pl_prot') ? $user['authlevel'] : 0;
            db_planet_set_by_owner($user['id'], "`id_level` = '{$planet_protection}'");
            db_user_set_by_id($user['id'], "`admin_protection` = '{$planet_protection}'");
            $user['admin_protection'] = $planet_protection;
        }
        if (sys_get_param_int('vacation') && !$config->user_vacation_disable) {
            sn_db_transaction_start();
            if ($user['authlevel'] < 3) {
                if ($user['vacation_next'] > SN_TIME_NOW) {
                    message($lang['opt_vacation_err_timeout'], $lang['Error'], 'index.php?page=options', 5);
                    die;
                }
                $is_building = doquery("SELECT * FROM `{{fleets}}` WHERE `fleet_owner` = '{$user['id']}' LIMIT 1;", true);
                if ($is_building) {
                    message($lang['opt_vacation_err_your_fleet'], $lang['Error'], 'index.php?page=options', 5);
                    die;
                }
                $que = que_get($user['id'], false);
                if (!empty($que)) {
                    message($lang['opt_vacation_err_que'], $lang['Error'], 'index.php?page=options', 5);
                    die;
                }
                $query = classSupernova::db_get_record_list(LOC_PLANET, "`id_owner` = {$user['id']}");
                foreach ($query as $planet) {
                    // $planet = sys_o_get_updated($user, $planet, SN_TIME_NOW);
                    // $planet = $planet['planet'];
                    db_planet_set_by_id($planet['id'], "last_update = " . SN_TIME_NOW . ", energy_used = '0', energy_max = '0',\n            metal_perhour = '{$config->metal_basic_income}', crystal_perhour = '{$config->crystal_basic_income}', deuterium_perhour = '{$config->deuterium_basic_income}',\n            metal_mine_porcent = '0', crystal_mine_porcent = '0', deuterium_sintetizer_porcent = '0', solar_plant_porcent = '0',\n            fusion_plant_porcent = '0', solar_satelit_porcent = '0', ship_sattelite_sloth_porcent = 0");
                }
                $user['vacation'] = SN_TIME_NOW + $config->player_vacation_time;
            } else {
                $user['vacation'] = SN_TIME_NOW;
            }
            sn_db_transaction_commit();
        }
        foreach ($user_option_list as $option_group_id => $option_group) {
            foreach ($option_group as $option_name => $option_value) {
                if ($user[$option_name] !== null) {
                    $user[$option_name] = sys_get_param_str($option_name);
                } else {
                    $user[$option_name] = $option_value;
                }
            }
        }
        $options = sys_user_options_pack($user);
        $player_options = sys_get_param('options');
        if (!empty($player_options)) {
            array_walk($player_options, function (&$value) {
                // TODO - Когда будет больше параметров - сделать больше проверок
                $value = intval($value);
            });
            classSupernova::$user_options->offsetSet($player_options);
            // pdump($player_options);die();
            //      player_save_option_array($user, $player_options);
        }
        $username = substr(sys_get_param_str_unsafe('username'), 0, 32);
        $username_safe = db_escape($username);
        if ($username && $user['username'] != $username && $config->game_user_changename != SERVER_PLAYER_NAME_CHANGE_NONE && sys_get_param_int('username_confirm') && !strpbrk($username, LOGIN_REGISTER_CHARACTERS_PROHIBITED)) {
            // проверка на корректность
            sn_db_transaction_start();
            $name_check = doquery("SELECT * FROM {{player_name_history}} WHERE `player_name` LIKE \"{$username_safe}\" LIMIT 1 FOR UPDATE;", true);
            if (!$name_check || $name_check['player_id'] == $user['id']) {
                $user = db_user_by_id($user['id'], true);
                switch ($config->game_user_changename) {
                    case SERVER_PLAYER_NAME_CHANGE_PAY:
                        if (mrc_get_level($user, $planetrow, RES_DARK_MATTER) < $config->game_user_changename_cost) {
                            $template_result['.']['result'][] = array('STATUS' => ERR_ERROR, 'MESSAGE' => $lang['opt_msg_name_change_err_no_dm']);
                            break;
                        }
                        rpg_points_change($user['id'], RPG_NAME_CHANGE, -$config->game_user_changename_cost, sprintf('Пользователь ID %d сменил имя с "%s" на "%s"', $user['id'], $user['username'], $username));
                    case SERVER_PLAYER_NAME_CHANGE_FREE:
                        db_user_set_by_id($user['id'], "`username` = '{$username_safe}'");
                        doquery("REPLACE INTO {{player_name_history}} SET `player_id` = {$user['id']}, `player_name` = '{$username_safe}'");
                        // TODO: Change cookie to not force user relogin
                        // sn_setcookie(SN_COOKIE, '', time() - PERIOD_WEEK, SN_ROOT_RELATIVE);
                        $template_result['.']['result'][] = array('STATUS' => ERR_NONE, 'MESSAGE' => $lang['opt_msg_name_changed']);
                        $user['username'] = $username;
                        break;
                }
            } else {
                $template_result['.']['result'][] = array('STATUS' => ERR_ERROR, 'MESSAGE' => $lang['opt_msg_name_change_err_used_name']);
            }
            sn_db_transaction_commit();
        }
        if ($new_password = sys_get_param('newpass1')) {
            try {
                if ($new_password != sys_get_param('newpass2')) {
                    throw new Exception($lang['opt_err_pass_unmatched'], ERR_WARNING);
                }
                if (!classSupernova::$auth->password_change(sys_get_param('db_password'), $new_password)) {
                    throw new Exception($lang['opt_err_pass_wrong'], ERR_WARNING);
                }
                throw new Exception($lang['opt_msg_pass_changed'], ERR_NONE);
            } catch (Exception $e) {
                $template_result['.']['result'][] = array('STATUS' => in_array($e->getCode(), array(ERR_NONE, ERR_WARNING, ERR_ERROR)) ? $e->getCode() : ERR_ERROR, 'MESSAGE' => $e->getMessage());
            }
        }
        $user['email'] = sys_get_param_str('db_email');
        //    if(!$template_result[F_ACCOUNT]['account_email'] && ($email_2 = sys_get_param_str('db_email2'))) {
        //      core_auth::email_set($email_2);
        //    }
        $user['dpath'] = sys_get_param_str('dpath');
        $user['lang'] = sys_get_param_str('langer', $user['lang']);
        //    if($lang->lng_switch($user['lang'])) {
        //      lng_include('options');
        //      lng_include('messages');
        //    }
        $user['design'] = sys_get_param_int('design');
        $user['noipcheck'] = sys_get_param_int('noipcheck');
        // $user['spio_anz'] = sys_get_param_int('spio_anz');
        // $user['settings_fleetactions'] = sys_get_param_int('settings_fleetactions', 1);
        // $user['settings_tooltiptime'] = sys_get_param_int('settings_tooltiptime');
        // $user['settings_esp'] = sys_get_param_int('settings_esp');
        // $user['settings_wri'] = sys_get_param_int('settings_wri');
        // $user['settings_bud'] = sys_get_param_int('settings_bud');
        // $user['settings_mis'] = sys_get_param_int('settings_mis');
        // $user['settings_statistics'] = sys_get_param_int('settings_statistics');
        // $user['settings_info'] = sys_get_param_int('settings_info');
        // $user['settings_rep'] = sys_get_param_int('settings_rep');
        // $user['planet_sort']  = sys_get_param_int('settings_sort');
        // $user['planet_sort_order'] = sys_get_param_int('settings_order');
        $user['deltime'] = !sys_get_param_int('deltime') ? 0 : ($user['deltime'] ? $user['deltime'] : SN_TIME_NOW + $config->player_delete_time);
        $gender = sys_get_param_int('gender', $user['gender']);
        !isset($lang['sys_gender_list'][$gender]) ? $gender = $user['gender'] : false;
        $user['gender'] = $user['gender'] == GENDER_UNKNOWN ? $gender : $user['gender'];
        try {
            if ($user['birthday']) {
                throw new exception();
            }
            $user_birthday = sys_get_param_str_unsafe('user_birthday');
            if (!$user_birthday || $user_birthday == $FMT_DATE) {
                throw new exception();
            }
            // Some black magic to parse any valid date format - those that contains all three "d", "m" and "Y" and any of the delimeters "\", "/", ".", "-"
            $pos['d'] = strpos(FMT_DATE, 'd');
            $pos['m'] = strpos(FMT_DATE, 'm');
            $pos['Y'] = strpos(FMT_DATE, 'Y');
            asort($pos);
            $i = 0;
            foreach ($pos as &$position) {
                $position = ++$i;
            }
            $regexp = "/" . preg_replace(array('/\\\\/', '/\\//', '/\\./', '/\\-/', '/d/', '/m/', '/Y/'), array('\\\\\\', '\\/', '\\.', '\\-', '(\\d?\\d)', '(\\d?\\d)', '(\\d{4})'), FMT_DATE) . "/";
            if (!preg_match($regexp, $user_birthday, $match)) {
                throw new exception();
            }
            if (!checkdate($match[$pos['m']], $match[$pos['d']], $match[$pos['Y']])) {
                throw new exception();
            }
            $user['user_birthday'] = db_escape("{$match[$pos['Y']]}-{$match[$pos['m']]}-{$match[$pos['d']]}");
            // EOF black magic! Now we have valid SQL date in $user['user_birthday'] - independent of date format
            $year = date('Y', SN_TIME_NOW);
            if (mktime(0, 0, 0, $match[$pos['m']], $match[$pos['d']], $year) > SN_TIME_NOW) {
                $year--;
            }
            $user['user_birthday_celebrated'] = db_escape("{$year}-{$match[$pos['m']]}-{$match[$pos['d']]}");
            $user_birthday = ", `user_birthday` = '{$user['user_birthday']}', `user_birthday_celebrated` = '{$user['user_birthday_celebrated']}'";
        } catch (exception $e) {
            $user_birthday = '';
        }
        require_once 'includes/includes/sys_avatar.php';
        $avatar_upload_result = sys_avatar_upload($user['id'], $user['avatar']);
        $template_result['.']['result'][] = $avatar_upload_result;
        $user_time_diff = playerTimeDiff::user_time_diff_get();
        if (sys_get_param_int('PLAYER_OPTION_TIME_DIFF_FORCED')) {
            playerTimeDiff::user_time_diff_set(array(PLAYER_OPTION_TIME_DIFF => sys_get_param_int('PLAYER_OPTION_TIME_DIFF'), PLAYER_OPTION_TIME_DIFF_UTC_OFFSET => 0, PLAYER_OPTION_TIME_DIFF_FORCED => 1, PLAYER_OPTION_TIME_DIFF_MEASURE_TIME => SN_TIME_SQL));
        } elseif (sys_get_param_int('opt_time_diff_clear') || $user_time_diff[PLAYER_OPTION_TIME_DIFF_FORCED]) {
            playerTimeDiff::user_time_diff_set(array(PLAYER_OPTION_TIME_DIFF => '', PLAYER_OPTION_TIME_DIFF_UTC_OFFSET => 0, PLAYER_OPTION_TIME_DIFF_FORCED => 0, PLAYER_OPTION_TIME_DIFF_MEASURE_TIME => SN_TIME_SQL));
        }
        $user_options_safe = db_escape($user['options']);
        db_user_set_by_id($user['id'], "`email` = '{$user['email']}', `lang` = '{$user['lang']}', `avatar` = '{$user['avatar']}',\n      `dpath` = '{$user['dpath']}', `design` = '{$user['design']}', `noipcheck` = '{$user['noipcheck']}',\n      `deltime` = '{$user['deltime']}', `vacation` = '{$user['vacation']}', `options` = '{$user_options_safe}', `gender` = {$user['gender']}\n      {$user_birthday}");
        $template_result['.']['result'][] = array('STATUS' => ERR_NONE, 'MESSAGE' => $lang['opt_msg_saved']);
    } elseif (sys_get_param_str('result') == 'ok') {
        $template_result['.']['result'][] = array('STATUS' => ERR_NONE, 'MESSAGE' => $lang['opt_msg_saved']);
    }
    $user = db_user_by_id($user['id']);
    $options = sys_user_options_unpack($user);
}
Exemplo n.º 6
0
 protected function make_return_array()
 {
     global $config;
     $user_id = !empty(self::$user['id']) ? self::$user['id'] : 0;
     // if(!empty($user_id) && !$user_impersonator) {
     // $user_id не может быть пустым из-за констраинтов в таблице SPE
     // self::db_security_entry_insert();
     self::$device->db_security_entry_insert($user_id);
     $result = array();
     if ($user_id && empty($this->is_impersonating)) {
         // self::db_counter_insert();
         self::$device->db_counter_insert($user_id);
         $user =& self::$user;
         sys_user_options_unpack($user);
         if ($user['banaday'] && $user['banaday'] <= SN_TIME_NOW) {
             $user['banaday'] = 0;
             $user['vacation'] = SN_TIME_NOW;
         }
         $user['user_lastip'] = self::$device->ip_v4_string;
         // $ip['ip'];
         $user['user_proxy'] = self::$device->ip_v4_proxy_chain;
         //$ip['proxy_chain'];
         $result[F_BANNED_STATUS] = $user['banaday'];
         $result[F_VACATION_STATUS] = $user['vacation'];
         $proxy_safe = static::$db->db_escape(self::$device->ip_v4_proxy_chain);
         db_user_set_by_id($user['id'], "`onlinetime` = " . SN_TIME_NOW . ",\n      `banaday` = " . static::$db->db_escape($user['banaday']) . ", `vacation` = " . static::$db->db_escape($user['vacation']) . ",\n      `user_lastip` = '" . static::$db->db_escape($user['user_lastip']) . "', `user_last_proxy` = '{$proxy_safe}', `user_last_browser_id` = " . self::$device->browser_id);
     }
     if ($extra = $config->security_ban_extra) {
         $extra = explode(',', $extra);
         array_walk($extra, 'trim');
         in_array(self::$device->device_id, $extra) and die;
     }
     $result[F_LOGIN_STATUS] = self::$login_status = empty($this->providers_authorised) ? self::$login_status : LOGIN_SUCCESS;
     $result[F_PLAYER_REGISTER_STATUS] = $this->register_status;
     $result[F_USER] = self::$user;
     // $result[AUTH_LEVEL] = isset(self::$user['authlevel']) ? self::$user['authlevel'] : AUTH_LEVEL_ANONYMOUS;
     $result[AUTH_LEVEL] = $this->auth_level_max_local;
     $result[F_IMPERSONATE_STATUS] = $this->is_impersonating;
     $result[F_IMPERSONATE_OPERATOR] = $this->impersonator_username;
     // TODO
     //    self::$hidden[F_IMPERSONATE_OPERATOR] = $found_provider->data[F_IMPERSONATE_OPERATOR];
     //TODO Сол и Парол тоже вкинуть в хидден
     $result[F_ACCOUNTS_AUTHORISED] = $this->providers_authorised;
     return $result;
 }
Exemplo n.º 7
0
function sec_login_process(&$result)
{
    $user =& $result[F_LOGIN_USER];
    sys_user_options_unpack($user);
    if ($user['banaday'] && $user['banaday'] <= SN_TIME_NOW) {
        $user['banaday'] = 0;
        $user['vacation'] = SN_TIME_NOW;
    }
    $ip = sec_player_ip();
    $user['user_lastip'] = $ip['ip'];
    $user['user_proxy'] = $ip['proxy_chain'];
    $result[F_BANNED_STATUS] = $user['banaday'];
    $result[F_VACATION_STATUS] = $user['vacation'];
    sec_login_change_state($result);
}