public function update_user_credit($mobile, $credit) { //$mobile = '18782963909'; //$credit = 1; $db = new dbstuff(); $db->connect(UC_DBHOST, UC_DBUSER, UC_DBPW, UC_DBNAME, 0); $sql = "SELECT `uid` FROM " . DZ_DBTABLEPRE . "common_member WHERE `username`={$mobile}"; $result = $db->query($sql); if ($db->num_rows($result) == 0) { return false; } else { $row = $db->fetch_array($result); $uid = $row['uid']; $sql = "SELECT * FROM " . DZ_DBTABLEPRE . "common_member_count WHERE `uid`={$uid}"; $result = $db->query($sql); if ($db->num_rows($result) == 0) { return false; } else { $row = $db->fetch_array($result); if ($row['extcredits2'] < $credit) { return false; } else { //print_r($row);$row['extcredits2'] = 376; $new_credit = $row['extcredits2'] - $credit; $sql = 'UPDATE ' . DZ_DBTABLEPRE . "common_member_count SET extcredits2='{$new_credit}' WHERE uid='{$uid}'"; $re = $db->query($sql); if ($db->num_rows($re) == 0) { return false; } else { return true; } } } } }
function check_authority() { require GAME_ROOT . './include/modules/core/sys/config/server.config.php'; $_COOKIE = gstrfilter($_COOKIE); $cuser = $_COOKIE[$gtablepre . 'user']; $cpass = $_COOKIE[$gtablepre . 'pass']; require GAME_ROOT . './include/db_' . $database . '.class.php'; $db = new dbstuff(); $db->connect($dbhost, $dbuser, $dbpw, $dbname, $pconnect); unset($dbhost, $dbuser, $dbpw, $dbname, $pconnect); $result = $db->query("SELECT * FROM {$gtablepre}users WHERE username='******'"); if (!$db->num_rows($result)) { echo "<span><font color=\"red\">Cookie无效,请登录。</font></span><br>"; die; } $udata = $db->fetch_array($result); if ($udata['password'] != $cpass) { echo "<span><font color=\"red\">Cookie无效,请登录。</font></span><br>"; die; } elseif ($udata['groupid'] < 9 && $cuser !== $gamefounder) { echo "<span><font color=\"red\">要求至少9权限。</font></span><br>"; die; } unset($db); unset($cuser); unset($cpass); unset($udata); unset($result); }
public function UcenterReg($data) { $db = new dbstuff(); $db->connect(UC_DBHOST, UC_DBUSER, UC_DBPW, UC_DBNAME, 0); $uid = uc_user_register($data['username'], $data['password'], $data['email']); if ($uid <= 0) { return $uid; /* if($uid == -1) { return '用户名不合法'; } elseif($uid == -2) { return '包含要允许注册的词语'; } elseif($uid == -3) { return '用户名已经存在'; } elseif($uid == -4) { return 'Email 格式有误'; } elseif($uid == -5) { return 'Email 不允许注册'; } elseif($uid == -6) { return '该 Email 已经被注册'; } else { return '未定义'; }*/ } else { $username = $data['username']; $sql = "SELECT `username`,`password` FROM " . DZ_DBTABLEPRE . "common_member WHERE `uid`={$uid}"; $result = $db->query($sql); if ($db->num_rows($result) == 0) { $sql = "SELECT `username`,`password` FROM " . UC_DBTABLEPRE . "members WHERE `uid`={$uid}"; $result = $db->query($sql); $row = $db->fetch_array($result); //激活 $sql = "insert into " . DZ_DBTABLEPRE . "common_member set regdate='" . time() . "',uid='{$uid}',email='" . $data['email'] . "',username='******'username'] . "',password='******'password'] . "',timeoffset=9999"; $db->query($sql); $sql = "insert into " . DZ_DBTABLEPRE . "common_member_status set uid='{$uid}', regip='{$_SERVER['REMOTE_ADDR']}',lastip='{$_SERVER['REMOTE_ADDR']}',lastvisit=" . time() . ", lastactivity=" . time() . ',lastpost=0, lastsendmail=0'; $db->query($sql); $sql = "insert into " . DZ_DBTABLEPRE . "common_member_profile set uid='{$uid}'"; $db->query($sql); $sql = "insert into " . DZ_DBTABLEPRE . "common_member_field_forum set uid='{$uid}'"; $db->query($sql); $sql = "insert into " . DZ_DBTABLEPRE . "common_member_field_home set uid='{$uid}' "; $db->query($sql); $sql = "insert into " . DZ_DBTABLEPRE . "common_member_count set uid='{$uid}' "; $db->query($sql); $db->query('UPDATE ' . DZ_DBTABLEPRE . "common_setting SET svalue='{$data['username']}' WHERE skey='lastmember'"); //exit; } } unset($db); return $uid; }
stay_redirect(); } } elseif($step == '5') { if($start == 0) { validid('tid','threads'); } $query = "SELECT tid, subject FROM {$tablepre}threads WHERE tid >= $start AND tid <= $end"; $posts = $db->query($query); while ($threads = $db->fetch_array($posts)) { $query = $db->query("SELECT COUNT(*) FROM {$tablepre}posts WHERE tid='".$threads['tid']."' AND invisible='0'"); $replynum = $db->result($query, 0) - 1; if($replynum < 0) { $db->query("DELETE FROM {$tablepre}threads WHERE tid='".$threads['tid']."'"); } else { $query = $db->query("SELECT a.aid FROM {$tablepre}posts p, {$tablepre}attachments a WHERE a.tid='".$threads['tid']."' AND a.pid=p.pid AND p.invisible='0' LIMIT 1"); $attachment = $db->num_rows($query) ? 1 : 0;//修复附件 $query = $db->query("SELECT pid, subject, rate FROM {$tablepre}posts WHERE tid='".$threads['tid']."' AND invisible='0' ORDER BY dateline LIMIT 1"); $firstpost = $db->fetch_array($query); $firstpost['subject'] = trim($firstpost['subject']) ? $firstpost['subject'] : $threads['subject']; //针对某些转换过来的论坛的处理 $firstpost['subject'] = addslashes($firstpost['subject']); @$firstpost['rate'] = $firstpost['rate'] / abs($firstpost['rate']);//修复发帖 $query = $db->query("SELECT author, dateline FROM {$tablepre}posts WHERE tid='".$threads['tid']."' AND invisible='0' ORDER BY dateline DESC LIMIT 1"); $lastpost = $db->fetch_array($query);//修复最后发帖 $db->query("UPDATE {$tablepre}threads SET subject='".$firstpost['subject']."', replies='$replynum', lastpost='".$lastpost['dateline']."', lastposter='".addslashes($lastpost['author'])."', rate='".$firstpost['rate']."', attachment='$attachment' WHERE tid='".$threads['tid']."'", 'UNBUFFERED'); $db->query("UPDATE {$tablepre}posts SET first='1', subject='".$firstpost['subject']."' WHERE pid='".$firstpost['pid']."'", 'UNBUFFERED'); $db->query("UPDATE {$tablepre}posts SET first='0' WHERE tid='".$threads['tid']."' AND pid<>'".$firstpost['pid']."'", 'UNBUFFERED'); $convertedrows ++; } $converted = 1; $totalrows ++; }
} } } else { $forum = isset($_DCACHE['forums'][$rssfid]) && $_DCACHE['forums'][$rssfid]['type'] != 'group' ? $_DCACHE['forums'][$rssfid] : array(); if ($forum && rssforumperm($forum)) { $fidarray = array($rssfid); $forumname = dhtmlspecialchars($_DCACHE['forums'][$rssfid]['name']); } else { exit('Specified forum not found'); } } dheader("Content-type: application/xml"); echo "<?xml version=\"1.0\" encoding=\"" . $charset . "\"?>\n" . "<rss version=\"2.0\">\n" . " <channel>\n" . (count($fidarray) > 1 ? " <title>{$bbname}</title>\n" . " <link>{$boardurl}" . $_DCACHE[settings][indexname] . "</link>\n" . " <description>Latest {$num} threads of all forums</description>\n" : " <title>{$bbname} - {$forumname}</title>\n" . " <link>{$boardurl}forumdisplay.php?fid={$rssfid}</link>\n" . " <description>Latest {$num} threads of {$forumname}</description>\n") . " <copyright>Copyright(C) {$bbname}</copyright>\n" . " <generator>Discuz! Board by Comsenz Inc.</generator>\n" . " <lastBuildDate>" . gmdate('r', $timestamp) . "</lastBuildDate>\n" . " <ttl>{$ttl}</ttl>\n" . " <image>\n" . " <url>{$boardurl}images/logo.gif</url>\n" . " <title>{$bbname}</title>\n" . " <link>{$boardurl}</link>\n" . " </image>\n"; if ($fidarray) { $query = $db->query("SELECT * FROM {$tablepre}rsscaches WHERE fid IN (" . implode(',', $fidarray) . ") ORDER BY dateline DESC LIMIT {$num}"); if ($db->num_rows($query)) { while ($thread = $db->fetch_array($query)) { if ($timestamp - $thread['lastupdate'] > $ttl * 60) { updatersscache(); break; } else { echo " <item>\n" . " <title>" . dhtmlspecialchars($thread['subject']) . "</title>\n" . " <link>{$boardurl}viewthread.php?tid={$thread['tid']}</link>\n" . " <description><![CDATA[{$thread['description']}]]></description>\n" . " <category>" . dhtmlspecialchars($thread['forum']) . "</category>\n" . " <author>" . dhtmlspecialchars($thread['author']) . "</author>\n" . " <pubDate>" . gmdate('r', $thread['dateline']) . "</pubDate>\n" . " </item>\n"; } } } else { updatersscache(); } } echo " </channel>\n" . "</rss>"; function rssforumperm($forum) {
function init() { global $gtablepre, $tablepre, $wtablepre, $room_prefix, $moveut, $moveutmin; global ${$gtablepre . 'user'}, ${$gtablepre . 'pass'}, $___MOD_SRV; if (isset($_COOKIE)) { $_COOKIE = gstrfilter($_COOKIE); foreach ($_COOKIE as $key => $value) { if ($key == $gtablepre . 'user' || $key == $gtablepre . 'pass') { ${$key} = $value; } } } ob_clean(); ob_start(); global $db; if (!isset($db)) { global $dbhost, $dbuser, $dbpw, $dbname, $pconnect, $database; require GAME_ROOT . './include/db_' . $database . '.class.php'; $db = new \dbstuff(); $db->connect($dbhost, $dbuser, $dbpw, $dbname, $pconnect); //$db->select_db($dbname); unset($dbhost, $dbuser, $dbpw, $dbname, $pconnect); } global $___LOCAL_INPUT__VARS__INPUT_VAR_LIST; if (isset($___LOCAL_INPUT__VARS__INPUT_VAR_LIST[$gtablepre . 'user'])) { ${$gtablepre . 'user'} = $___LOCAL_INPUT__VARS__INPUT_VAR_LIST[$gtablepre . 'user']; } if (isset($___LOCAL_INPUT__VARS__INPUT_VAR_LIST[$gtablepre . 'pass'])) { ${$gtablepre . 'pass'} = $___LOCAL_INPUT__VARS__INPUT_VAR_LIST[$gtablepre . 'pass']; } if (isset($___LOCAL_INPUT__VARS__INPUT_VAR_LIST['___GAME_ROOMID'])) { $room_prefix = (string) $___LOCAL_INPUT__VARS__INPUT_VAR_LIST['___GAME_ROOMID']; } else { if (isset(${$gtablepre . 'user'})) { $result = $db->query("SELECT roomid FROM {$gtablepre}users where username='******'user'} . "'"); if ($db->num_rows($result)) { $zz = $db->fetch_array($result); $room_prefix = $zz['roomid']; } else { $room_prefix = ''; } } else { $room_prefix = ''; } } $room_status = 0; if ($room_prefix != '' && $room_prefix != 'n' && $room_prefix[0] != 's') { $room_prefix = ''; } else { if ($room_prefix != '' && $room_prefix[0] == 's') { $result = $db->query("SELECT status FROM {$gtablepre}rooms where roomid='" . substr($room_prefix, 1) . "'"); if ($db->num_rows($result)) { $zz = $db->fetch_array($result); $room_status = $zz['status']; if ($zz['status'] == 0) { $room_prefix = ''; } } else { $room_prefix = ''; } } } $tablepre = $gtablepre . $room_prefix; if ($room_prefix == '') { $wtablepre = $gtablepre; } else { $wtablepre = $gtablepre . $room_prefix[0]; } //自动初始化表 if ($room_prefix != '') { $result = $db->query("show tables like '{$wtablepre}winners';"); if (!$db->num_rows($result)) { //某个非主房间是第一次使用,则创建表并初始化 $db->query("create table if not exists {$wtablepre}winners like {$gtablepre}winners;"); } $result = $db->query("show tables like '{$tablepre}game';"); if (!$db->num_rows($result)) { //某个非主房间是第一次使用,则创建表并初始化 $db->query("create table if not exists {$tablepre}game like {$gtablepre}game;"); $result = $db->query("SELECT count(*) as cnt FROM {$tablepre}game"); if (!$db->num_rows($result)) { $cnt = 0; } else { $zz = $db->fetch_array($result); $cnt = $zz['cnt']; } if ($cnt == 0) { $db->query("insert into {$tablepre}game (gamenum) values (0);"); } $result = $db->query("SELECT count(*) as cnt FROM {$wtablepre}winners"); if (!$db->num_rows($result)) { $cnt = 0; } else { $zz = $db->fetch_array($result); $cnt = $zz['cnt']; } if ($cnt == 0) { $db->query("insert into {$wtablepre}winners (gid) values (0);"); } $sql = file_get_contents(GAME_ROOT . './gamedata/sql/reset.sql'); $sql = str_replace("\r", "\n", str_replace(' bra_', ' ' . $tablepre, $sql)); $db->queries($sql); $sql = file_get_contents(GAME_ROOT . './gamedata/sql/players.sql'); $sql = str_replace("\r", "\n", str_replace(' bra_', ' ' . $tablepre, $sql)); $db->queries($sql); } } //$errorinfo ? error_reporting(E_ALL) : error_reporting(0); date_default_timezone_set('Etc/GMT'); //$now = time() + $moveutmin*60; global $now; $now = time() + $moveut * 3600 + $moveutmin * 60; global $sec, $min, $hour, $day, $month, $year, $wday; list($sec, $min, $hour, $day, $month, $year, $wday) = explode(',', date("s,i,H,j,n,Y,w", $now)); //if($attackevasive) { // include_once GAME_ROOT.'./include/security.inc.php'; //} //COMBAT INFO INIT //已经一起做进数据库里了 //global $hdamage,$hplayer,$noisetime,$noisepls,$noiseid,$noiseid2,$noisemode; //include GAME_ROOT.'./gamedata/combatinfo.php'; //GAME INFO INIT global $now, $db, $tablepre; $result = $db->query("SELECT * FROM {$tablepre}game"); global $gameinfo; $gameinfo = $db->fetch_array($result); foreach ($gameinfo as $key => $value) { global ${$key}; ${$key} = $value; } if ($room_status == 2 && $gamestate == 0 && $room_prefix != '' && $room_prefix[0] == 's') { $db->query("UPDATE {$gtablepre}rooms SET status=1 WHERE roomid='" . substr($room_prefix, 1) . "'"); } $arealist = explode(',', $arealist); global $cuser, $cpass; $cuser = ${$gtablepre . 'user'}; $cpass = ${$gtablepre . 'pass'}; //这里实在没办法,一堆文件都直接引用mode和command这两个来自input的变量,但又不能让所有文件都依赖input…… 只能恶心一下了…… global $mode, $command, $___MOD_SRV; if ($___MOD_SRV) { global $___LOCAL_INPUT__VARS__mode, $___LOCAL_INPUT__VARS__command; global $___LOCAL_INPUT__VARS__INPUT_VAR_LIST; if (isset($___LOCAL_INPUT__VARS__INPUT_VAR_LIST['mode'])) { $mode = $___LOCAL_INPUT__VARS__INPUT_VAR_LIST['mode']; } else { $mode = $___LOCAL_INPUT__VARS__mode; } if (isset($___LOCAL_INPUT__VARS__INPUT_VAR_LIST['command'])) { $command = $___LOCAL_INPUT__VARS__INPUT_VAR_LIST['command']; } else { $command = $___LOCAL_INPUT__VARS__command; } } else { global $___LOCAL_INPUT__VARS__mode, $___LOCAL_INPUT__VARS__command; $mode = $___LOCAL_INPUT__VARS__mode; $command = $___LOCAL_INPUT__VARS__command; } }
define('GEXIT_RETURN_JSON', TRUE); define('NO_MOD_LOAD', TRUE); define('NO_SYS_UPDATE', TRUE); require './include/common.inc.php'; require GAME_ROOT . './include/socket.func.php'; require GAME_ROOT . './include/roommng.func.php'; require GAME_ROOT . './include/modules/core/sys/config/server.config.php'; $_COOKIE = gstrfilter($_COOKIE); $cuser = $_COOKIE[$gtablepre . 'user']; $cpass = $_COOKIE[$gtablepre . 'pass']; require GAME_ROOT . './include/db_' . $database . '.class.php'; $db = new dbstuff(); $db->connect($dbhost, $dbuser, $dbpw, $dbname, $pconnect); unset($dbhost, $dbuser, $dbpw, $dbname, $pconnect); $result = $db->query("SELECT * FROM {$gtablepre}users WHERE username='******'"); if (!$db->num_rows($result)) { gexit('Cookie无效。请重新登录。'); } $udata = $db->fetch_array($result); if ($udata['password'] != $cpass) { gexit('Cookie无效。请重新登录。'); } if ($udata['roomid'] == '' || $udata['roomid'][0] != 's') { gexit('你不在一个房间内。'); } $roomid = substr($udata['roomid'], 1); ignore_user_abort(1); $_POST = gstrfilter($_POST); if (!file_exists(GAME_ROOT . './gamedata/tmp/rooms/' . $roomid . '.txt')) { gexit('房间不存在。'); }