function sec_login_change_state(&$result) { global $user_impersonator, $config, $sys_stop_log_hit, $is_watching; $user = $result[F_LOGIN_USER]; if (!empty($user['id']) && intval($user['id']) && !$user_impersonator) { sn_db_transaction_start(); $proxy_safe = db_escape($user['user_proxy']); $ip_address = ip2longu($user['user_lastip']); doquery("INSERT IGNORE INTO {{security_player_entry}} (`player_id`, `device_id`, `browser_id`, `user_ip`, `user_proxy`)\n VALUES ({$user['id']},{$result[F_DEVICE_ID]},{$result[F_BROWSER_ID]},{$ip_address}, '{$proxy_safe}');"); if (!$sys_stop_log_hit && $config->game_counter) { $is_watching = true; sec_login_set_fields($result, $_SERVER['PHP_SELF'], F_PAGE, F_PAGE_ID, 'url_id', 'security_url', 'url_string'); sec_login_set_fields($result, $_SERVER['REQUEST_URI'], F_URL, F_URL_ID, 'url_id', 'security_url', 'url_string'); doquery("INSERT INTO {{counter}}\n (`visit_time`, `user_id`, `device_id`, `browser_id`, `user_ip`, `user_proxy`, `page_url_id`, `plain_url_id`)\n VALUES\n ('" . SN_TIME_SQL . "', {$user['id']}, {$result[F_DEVICE_ID]},{$result[F_BROWSER_ID]},\n {$ip_address},'{$proxy_safe}', {$result[F_PAGE_ID]}, {$result[F_URL_ID]});"); $is_watching = false; } sn_db_transaction_commit(); db_user_set_by_id($user['id'], "`onlinetime` = " . SN_TIME_NOW . ", `banaday` = {$user['banaday']}, `vacation` = {$user['vacation']},\n `user_lastip` = '{$user['user_lastip']}', `user_last_proxy` = '{$proxy_safe}', `user_last_browser_id` = {$result[F_BROWSER_ID]}"); if ($extra = $config->security_ban_extra) { $extra = explode(',', $extra); array_walk($extra, 'trim'); in_array($result[F_DEVICE_ID], $extra) and die; } } // Не должно никуда уходить unset($result[F_DEVICE_ID]); unset($result[F_DEVICE_CYPHER]); }
case ACTION_USE: // Impersonate sn_sys_impersonate($user_selected); break; } } else { // Restricted try to delete user higher or equal level AdminMessage($lang['adm_err_denied']); } } $template = gettemplate('admin/userlist', true); $multi_ip = array(); $ip_query = db_user_list_admin_multiaccounts(); while ($ip = db_fetch($ip_query)) { $multi_ip[$ip['user_lastip']] = $ip['ip_count']; } $geoip = geoip_status(); $query = db_user_list_admin_sorted($sort_fields[$sort]); while ($user_row = db_fetch($query)) { if ($user_row['banaday']) { $ban_details = doquery("SELECT * FROM {{banned}} WHERE `ban_user_id` = {$user_row['id']} ORDER BY ban_id DESC LIMIT 1", true); } $geoip_info = $geoip ? geoip_ip_info(ip2longu($user_row['user_lastip'])) : array(); foreach ($geoip_info as $key => $value) { $geoip_info[strtoupper($key)] = $value; unset($geoip_info[$key]); } $template->assign_block_vars('user', array('ID' => $user_row['id'], 'NAME' => $user_row['username'], 'NAME_HTML' => htmlentities($user_row['username'], ENT_QUOTES, 'UTF-8'), 'IP' => $user_row['user_lastip'], 'IP_MULTI' => intval($multi_ip[$user_row['user_lastip']]), 'TIME_REGISTERED' => date(FMT_DATE_TIME_SQL, $user_row['register_time']), 'TIME_PLAYED' => date(FMT_DATE_TIME_SQL, $user_row['onlinetime']), 'ACTIVITY' => pretty_time(SN_TIME_NOW - $user_row['onlinetime']), 'REFERRAL_COUNT' => $user_row['referral_count'], 'REFERRAL_DM' => pretty_number($user_row['referral_dm'], true), 'BANNED' => $user_row['banaday'] ? date(FMT_DATE_TIME_SQL, $user_row['banaday']) : 0, 'BAN_DATE' => date(FMT_DATE_TIME_SQL, $ban_details['ban_time']), 'BAN_ISSUER' => $ban_details['ban_issuer_name'], 'BAN_REASON' => $ban_details['ban_reason'], 'METAMATTER' => pretty_number($user_row['metamatter_total'], true), 'ACTION' => $user_row['authlevel'] < $user['authlevel'], 'RESTRICTED' => $user['authlevel'] < 3) + $geoip_info); } $template->assign_vars(array('USER_COUNT' => db_num_rows($query), 'SORT' => $sort, 'GEOIP' => $geoip, 'METAMATTER' => isset($sn_module['unit_res_metamatter']))); display($template, $lang['adm_ul_title'], false, '', true);
public function __construct() { $this->write_full_url = !classSupernova::$config->security_write_full_url_disabled; // Инфа об устройстве и браузере - общая для всех sn_db_transaction_start(); $this->device_cypher = $_COOKIE[SN_COOKIE_D]; if ($this->device_cypher) { $cypher_safe = db_escape($this->device_cypher); $device_id = doquery("SELECT `device_id` FROM {{security_device}} WHERE `device_cypher` = '{$cypher_safe}' LIMIT 1 FOR UPDATE", true); if (!empty($device_id['device_id'])) { $this->device_id = $device_id['device_id']; } } if ($this->device_id <= 0) { do { $cypher_safe = db_escape($this->device_cypher = sys_random_string()); $row = doquery("SELECT `device_id` FROM {{security_device}} WHERE `device_cypher` = '{$cypher_safe}' LIMIT 1 FOR UPDATE", true); } while (!empty($row)); doquery("INSERT INTO {{security_device}} (`device_cypher`) VALUES ('{$cypher_safe}');"); $this->device_id = db_insert_id(); sn_setcookie(SN_COOKIE_D, $this->device_cypher, PERIOD_FOREVER, SN_ROOT_RELATIVE); } sn_db_transaction_commit(); sn_db_transaction_start(); $this->user_agent = $_SERVER['HTTP_USER_AGENT']; $this->browser_id = db_get_set_unique_id_value($_SERVER['HTTP_USER_AGENT'], 'browser_id', 'security_browser', 'browser_user_agent'); sn_db_transaction_commit(); sn_db_transaction_start(); $this->page_address = substr($_SERVER['PHP_SELF'], strlen(SN_ROOT_RELATIVE)); $this->page_address_id = db_get_set_unique_id_value($this->page_address, 'url_id', 'security_url', 'url_string'); sn_db_transaction_commit(); if ($this->write_full_url) { sn_db_transaction_start(); $this->page_url = substr($_SERVER['REQUEST_URI'], strlen(SN_ROOT_RELATIVE)); if (strpos($_SERVER['REQUEST_URI'], '/simulator.php') === 0) { $this->page_url = '/simulator.php'; } $this->page_url_id = db_get_set_unique_id_value($this->page_url, 'url_id', 'security_url', 'url_string'); sn_db_transaction_commit(); } $ip = sec_player_ip(); $this->ip_v4_string = $ip['ip']; $this->ip_v4_int = ip2longu($this->ip_v4_string); $this->ip_v4_proxy_chain = $ip['proxy_chain']; }