/** * Compares two strings. * * @param mixed String to compare with * @param boolean Case sensitive comparision [optional] * * @return boolean True, if strings are equal, false, if not */ public function compareTo($string, $strict = false) { try { $compareTo = $this->getFromArgument($string); } catch (Exception $e) { $e->printError(); } return Str::compare($this->string, $compareTo->get(), $strict); }
/** * Check input data. * * @return Bengine_Game_Login */ public function checkData() { $this->dataChecked = true; $select = array("u.userid", "u.username", "p.password", "u.activation", "b.banid", "b.reason", "u.umode"); $joins = "LEFT JOIN " . PREFIX . "password p ON (u.userid = p.userid)"; $joins .= "LEFT JOIN " . PREFIX . "ban_u b ON (b.userid = u.userid AND b.to > '" . TIME . "')"; $result = Core::getQuery()->select("user u", $select, $joins, Core::getDB()->quoteInto("u.username = ?", $this->usr), "b.to DESC"); if ($row = $result->fetchRow()) { $result->closeCursor(); if (Str::compare($row["username"], $this->usr) && Str::compare($row["password"], $this->pw) && Str::length($row["activation"]) == 0 && !$row["banid"]) { $this->userid = $row["userid"]; Core::getQuery()->delete("loginattempts", "ip = ? OR username = ?", null, null, array(IPADDRESS, $this->usr)); Core::getQuery()->update("sessions", array("logged" => "0"), "userid = ?", array($this->userid)); if ($row["umode"]) { Core::getQuery()->update("planet", array("last" => TIME), "userid = ?", array($row["userid"])); } $this->canLogin = true; } else { $this->canLogin = false; if (!Str::compare($row["username"], $this->usr)) { $this->loginFailed("USERNAME_DOES_NOT_EXIST"); } if (Str::length($row["activation"]) > 0) { $this->loginFailed("NO_ACTIVATION"); } if ($row["banid"]) { Core::getLanguage()->load(array("Prefs")); Core::getLanguage()->assign("banReason", empty($row["reason"]) ? Core::getLanguage()->get("NO_BAN_REASON") : $row["reason"]); Core::getLanguage()->assign("pilloryLink", Link::get(Core::getLanguage()->getOpt("langcode") . "/pillory", Core::getLanguage()->get("PILLORY"))); $this->loginFailed("ACCOUNT_BANNED"); } $this->loginFailed("PASSWORD_INVALID"); } } else { $result->closeCursor(); $this->canLogin = false; $this->loginFailed("USERNAME_DOES_NOT_EXIST"); } return $this; }
/** * Handles lost password requests. * * @param string $username Entered username * @param string $email Entered email address * * @return Bengine_Game_Account_Password_Lost */ public function __construct($username, $email) { $this->username = $username; $this->email = $email; $mode = 1; if (!$this->getUsername()) { $mode = 0; } if (!checkEmail($this->getEmail())) { $this->printIt("EMAIL_INVALID"); } $result = Core::getQuery()->select("user", array("userid", "username"), "", Core::getDB()->quoteInto("email = ?", $this->getEmail())); if ($result->rowCount() <= 0) { $this->printIt("EMAIL_NOT_FOUND"); } $row = $result->fetchRow(); $result->closeCursor(); Core::getLanguage()->assign("username", $row["username"]); Core::getLanguage()->assign("ipaddress", IPADDRESS); Hook::event("LostPassword", array($this, &$row)); if ($mode == 0) { $this->message = new Recipe_Email_Template("lost_password_username"); } else { if (Str::compare($this->getUsername(), $row["username"])) { $reactivate = BASE_URL . Core::getLang()->getOpt("langcode") . "/signup/activation/key:" . $this->getSecurityKey(); $url = BASE_URL . Core::getLang()->getOpt("langcode") . "/password/set/key:" . $this->getSecurityKey() . "/user:"******"userid"]; Core::getTemplate()->assign("newPasswordUrl", $url); Core::getTemplate()->assign("reactivationUrl", $reactivate); $this->message = new Recipe_Email_Template("lost_password_password"); $this->setNewPw(); } else { $this->printIt("USERNAME_DOES_NOT_EXIST"); } } $this->sendMail($mode); return; }
/** * Updates the moderator form. * * @param string $username * @param string $usertitle * @param string $email * @param int $delete * @param int $umode * @param string $activation * @param string $ipcheck * @param int $usergroupid * @param int $points * @param int $fpoints * @param int $dpoints * @param int $rpoints * @param string $password * @param int $languageid * @param string $templatepackage * @param string $theme * @param string $js_interface * @return Bengine_Game_Controller_Moderator */ protected function updateUser($username, $usertitle, $email, $delete, $umode, $activation, $ipcheck, $usergroupid, $points, $fpoints, $dpoints, $rpoints, $password, $languageid, $templatepackage, $theme, $js_interface) { $select = array("userid", "username", "email"); $result = Core::getQuery()->select("user", $select, "", Core::getDB()->quoteInto("userid = ?", $this->userid)); if ($row = $result->fetchRow()) { $result->closeCursor(); Hook::event("SaveUserModeration", array(&$row)); $delete = $delete == 1 ? 1 : 0; $umode = $umode == 1 ? 1 : 0; $activation = $activation == 1 ? "" : "1"; $ipcheck = $ipcheck == 1 ? 1 : 0; $username = trim($username); $usertitle = trim($usertitle); $js_interface = trim($js_interface); if (Core::getUser()->ifPermissions("CAN_EDIT_USER")) { Core::getQuery()->delete("user2group", "userid = ?", null, null, array($this->userid)); Core::getQuery()->insert("user2group", array("usergroupid" => $usergroupid, "userid" => $this->userid)); Core::getQuery()->update("user", array("points" => floatval($points), "fpoints" => (int) $fpoints, "dpoints" => (int) $dpoints, "rpoints" => (int) $rpoints), "userid = ?", array($this->userid)); } if ($umode) { setProdOfUser($this->userid, 0); } if (!Str::compare($username, $row["username"])) { $num = Core::getQuery()->select("user", "userid", "", Core::getDB()->quoteInto("username = ?", $username))->rowCount(); if ($num > 0) { $username = $row["username"]; } } if (!Str::compare($email, $row["email"])) { $num = Core::getQuery()->select("user", "userid", "", Core::getDB()->quoteInto("email = ?", $email))->rowCount(); if ($num > 0) { $email = $row["email"]; } } if (Str::length($password) > Core::getOptions()->get("MIN_PASSWORD_LENGTH")) { $encryption = Core::getOptions("USE_PASSWORD_SALT") ? "md5_salt" : "md5"; $password = Str::encode($password, $encryption); Core::getQuery()->update("password", array("password" => $password, "time" => TIME), "userid = ?", array($this->userid)); } $spec = array("username" => $username, "usertitle" => $usertitle, "email" => $email, "delete" => $delete, "umode" => $umode, "activation" => $activation, "languageid" => $languageid, "ipcheck" => $ipcheck, "templatepackage" => $templatepackage, "theme" => $theme, "js_interface" => $js_interface); Core::getQuery()->update("user", $spec, "userid = ?", array($this->userid)); } return $this; }
/** * Shows form for planet options. * * @param string $planetname * @param boolean $abandon * @param string $password * * @return Bengine_Game_Controller_Index */ protected function changePlanetOptions($planetname, $abandon, $password) { $planetname = trim($planetname); Hook::event("SAVE_PLANET_OPTIONS", array(&$planetname, &$abandon)); if ($abandon == 1) { $ok = true; if (Game::getEH()->getPlanetFleetEvents()) { Logger::addMessage("CANNOT_DELETE_PLANET"); $ok = false; } if (Core::getUser()->get("hp") == Core::getUser()->get("curplanet")) { Logger::addMessage("CANNOT_DELETE_HOMEPLANET"); $ok = false; } $result = Core::getQuery()->select("password", "password", "", Core::getDB()->quoteInto("userid = ?", Core::getUser()->get("userid"))); $row = $result->fetchRow(); $result->closeCursor(); $encryption = Core::getOptions("USE_PASSWORD_SALT") ? "md5_salt" : "md5"; $password = Str::encode($password, $encryption); if (!Str::compare($row["password"], $password)) { Logger::addMessage("WRONG_PASSWORD"); $ok = false; } if ($ok) { deletePlanet(Game::getPlanet()->getPlanetId(), Core::getUser()->get("userid"), Game::getPlanet()->getData("ismoon")); Core::getQuery()->update("user", array("curplanet" => Core::getUser()->get("hp")), "userid = ?", array(Core::getUser()->get("userid"))); Core::getUser()->rebuild(); $this->redirect("game/" . SID . "/Index"); } } else { if (checkCharacters($planetname)) { Core::getQuery()->update("planet", array("planetname" => $planetname), "planetid = ?", array(Core::getUser()->get("curplanet"))); $this->redirect("game/" . SID . "/Index"); } else { Logger::addMessage("INVALID_PLANET_NAME"); } } return $this; }
/** * Sets a session value. * * @param string $var * @param mixed $value * @param bool $update * @throws Recipe_Exception_Generic * @return Recipe_User */ public function set($var, $value, $update = true) { if (Str::compare($var, "userid")) { throw new Recipe_Exception_Generic("The primary key of a data record cannot be changed."); } if ($update) { Core::getQuery()->update("user", array($var => $value), "userid = ?", array($this->get("userid"))); $this->rebuild(); } $this->item[$var] = $value; return $this; }
/** * Normalize the URL into readable string for the Rewrite-Engine. * * @param string $url URL to normalize * * @return string Normalized URL */ public static function normalizeURL($url) { if (strpos($url, "?") > 0) { $url = preg_replace("/\\?(.*?)=/i", "/\$1:", $url); // Replace ?arg= with /arg: $url = preg_replace("/\\&(.*?)=/i", "/\$1:", $url); // Replace &arg= with /arg: $url = preg_replace("/\\&(.*?)=/i", "/\$1:", $url); // Replace &arg= with /arg: // Now remove useless arg names. $parsedURL = parse_url($url); $path = Str::substring(Str::replace($_SERVER["SCRIPT_NAME"], "", $parsedURL["path"]), 1); $splitted = explode("/", $path); $size = count($splitted); for ($i = 0; $i < $size; $i++) { if (strpos($splitted[$i], ":")) { $splitted[$i] = explode(":", $splitted[$i]); $levelNames = explode(",", REQUEST_LEVEL_NAMES); if (Str::compare($splitted[$i][0], $levelNames[$i], true)) { $url = Str::replace($splitted[$i][0] . ":", "", $url); } } } } return BASE_URL . $url; }
/** * Check input data. * * @return Login */ public function checkData() { $this->dataChecked = true; $select = array("u.userid", "u.username", "p.password"); $joins = "LEFT JOIN " . PREFIX . "password p ON (u.userid = p.userid)"; $result = Core::getQuery()->select("user u", $select, $joins, Core::getDB()->quoteInto("u.username = ?", $this->usr)); if ($row = $result->fetchRow()) { $result->closeCursor(); if (Str::compare($row["username"], $this->usr) && Str::compare($row["password"], $this->pw)) { $this->userid = $row["userid"]; Core::getQuery()->delete("loginattempts", "ip = ? OR username = ?", null, null, array(IPADDRESS, $this->usr)); Core::getQuery()->update("sessions", array("logged" => "0"), "userid = ?", array($this->userid)); $this->canLogin = true; } else { $this->canLogin = false; if (!Str::compare($row["username"], $this->usr)) { $this->loginFailed("USERNAME_DOES_NOT_EXIST"); } $this->loginFailed("PASSWORD_INVALID"); } } else { $result->closeCursor(); $this->canLogin = false; $this->loginFailed("USERNAME_DOES_NOT_EXIST"); } return $this; }
/** * Checks and saves a new alliance name. * * @param string $name * @param string $oname * * @return string New name */ protected function updateAllyName($name, $oname) { $name = trim($name); $minCharsName = Core::getOptions()->get("MIN_CHARS_ALLY_NAME"); $maxCharsName = Core::getOptions()->get("MAX_CHARS_ALLY_NAME"); if (!Str::compare($name, $oname)) { $result = Core::getQuery()->select("alliance", "name", "", Core::getDB()->quoteInto("name = ?", $name)); if ($result->rowCount() > 0) { $name = $oname; Logger::addMessage("ALLIANCE_ALREADY_EXISTS"); } $result->closeCursor(); if (Str::length($name) < $minCharsName || Str::length($name) > $maxCharsName || !preg_match($this->namePattern, $name)) { $name = $oname; Logger::addMessage("ALLIANCE_NAME_INVALID"); } } Hook::event("UpdateAllianceName", array(&$name, $oname)); Core::getQuery()->update("alliance", array("name" => $name), "aid = ?", array($this->aid)); return $name; }
/** * Generates the page Url. * * @param integer $page Page number * * @return string */ protected function getPageUrl($page) { $op = "="; $sp = "&"; $in = "?"; $param = "page"; $requestVars = Core::getRequest()->getGET(); $queryStr = array(); $containsPage = false; foreach ($requestVars as $key => $value) { if (Str::compare($key, $param)) { $value = $page; $containsPage = true; } $queryStr[] = $key . $op . $value; } if (!$containsPage) { $queryStr[] = $param . $op . $page; } $queryStr = $in . implode($sp, $queryStr); return $queryStr; }
/** * Checks the entered data for validation. * * @return Bengine_Game_Account_Creator */ protected function checkIt() { Hook::event("UserRegistrationCheckInput", array($this)); $error = array(); if (Core::getConfig()->get("REGISTRATION_DISABLED")) { $error[] = "REGISTRATION_CLOSED"; } if (Core::getConfig()->get("MAX_ALLOWED_USER") > 0 && Core::getConfig()->get("MAX_ALLOWED_USER") <= $this->getTotalUser()) { $error[] = "MAX_USER_REACHED"; } $checkTime = TIME - Core::getOptions()->get("WATING_TIME_REGISTRATION") * 60; $result = Core::getQuery()->select("registration", array("time"), "", Core::getDB()->quoteInto("ipaddress = '" . IPADDRESS . "' AND time >= ?", $checkTime)); if ($row = $result->fetchRow()) { $minutes = ceil(($row["time"] - $checkTime) / 60); Core::getLang()->assign("minutes", $minutes); $error[] = "REGISTRATION_BANNED_FOR_IP"; } $result->closeCursor(); if (!checkCharacters($this->getUsername())) { $error[] = "USERNAME_INVALID"; } if (!checkEmail($this->getEmail())) { $error[] = "EMAIL_INVALID"; } if (Str::length($this->getPassword()) < Core::getOptions()->get("MIN_PASSWORD_LENGTH") || Str::length($this->getPassword()) > Core::getOptions()->get("MAX_PASSWORD_LENGTH")) { $error[] = "PASSWORD_INVALID"; } $where = Core::getDB()->quoteInto("username = ?", $this->getUsername()); $where .= Core::getDB()->quoteInto(" OR email = ?", $this->getEmail()); $result = Core::getQuery()->select("user", array("username", "email"), "", $where); if ($row = $result->fetchRow()) { if (Str::compare($this->getUsername(), $row["username"])) { $error[] = "USERNAME_EXISTS"; } if (Str::compare($this->getEmail(), $row["email"])) { $error[] = "EMAIL_EXISTS"; } } $result->closeCursor(); $result = Core::getQuery()->select("languages", array("languageid"), "", Core::getDB()->quoteInto("languageid = ?", $this->getLanguage())); if ($result->rowCount() <= 0) { $error[] = "UNKOWN_LANGUAGE"; } $result->closeCursor(); if (count($error) > 0) { $this->printIt($error); } return $this; }
/** * Saves the entered preferences. * * @param string $username * @param string $usertitle * @param string $email * @param string $pw * @param string $theme * @param integer $language * @param string $templatepackage * @param integer $umode * @param integer $delete * @param integer $ipcheck * @param integer $esps * @param integer $generate_key * @param string $js_interface * @throws Recipe_Exception_Generic * @return Bengine_Game_Controller_Preferences */ protected function updateUserData($username, $usertitle, $email, $pw, $theme, $language, $templatepackage, $umode, $delete, $ipcheck, $esps, $generate_key, $js_interface) { if (Core::getUser()->get("umode")) { throw new Recipe_Exception_Generic("Vacation mode is still enabled."); } Core::getLanguage()->load("Registration"); Hook::event("SaveUserDataFirst"); $username = trim(str_replace(" ", " ", $username)); $usertitle = trim($usertitle); $js_interface = trim($js_interface); $language = (int) (empty($language) ? Core::getConfig()->get("defaultlanguage") : $language); if (!empty($theme) && !filter_var($theme, FILTER_VALIDATE_URL, FILTER_FLAG_PATH_REQUIRED)) { $theme = ""; Logger::addMessage("THEME_INVALID"); } if (!empty($templatepackage) && !is_dir(APP_ROOT_DIR . "app/templates/" . $templatepackage)) { $templatepackage = Core::getUser()->get("templatepackage"); } $activation = ""; // Check language if (Core::getUser()->get("languageid") != $language) { $result = Core::getQuery()->select("languages", "languageid", "", Core::getDB()->quoteInto("languageid = ?", $language)); if ($result->rowCount() <= 0) { $language = Core::getUser()->get("languageid"); } $result->closeCursor(); } // Check username if (!Str::compare($username, Core::getUser()->get("username"))) { $result = Core::getQuery()->select("user", "userid", "", Core::getDB()->quoteInto("username = ?", $username)); if ($result->rowCount() == 0) { $result->closeCursor(); if (!checkCharacters($username)) { $username = Core::getUser()->get("username"); Logger::addMessage("USERNAME_INVALID"); } else { Logger::addMessage("USERNAME_CHANGED", "success"); } } else { $result->closeCursor(); $username = Core::getUser()->get("username"); Logger::addMessage("USERNAME_EXISTS"); } } // Check user title if (!Str::compare($usertitle, Core::getUser()->get("usertitle"))) { $length = Str::length($usertitle); if ($length < Core::getOptions()->get("MIN_USER_CHARS") || $length > Core::getOptions()->get("MAX_USER_CHARS")) { $usertitle = Core::getUser()->get("usertitle"); } } // Check email if (!Str::compare($email, Core::getUser()->get("email"))) { $result = Core::getQuery()->select("user", "userid", "", Core::getDB()->quoteInto("email = ?", $email)); if ($result->rowCount() == 0) { $result->closeCursor(); if (!checkEmail($email)) { $email = Core::getUser()->get("email"); Logger::addMessage("EMAIL_INVALID"); } else { $successMsg = "EMAIL_CHANGED"; if (Core::getConfig()->get("EMAIL_ACTIVATION_CHANGED_EMAIL")) { $activation = randString(8); $url = BASE_URL . Core::getLang()->getOpt("langcode") . "/signup/activation/key:" . $activation; Core::getLang()->assign("username", $username); Core::getTemplate()->assign("activationUrl", $url); $template = new Recipe_Email_Template("email_changed"); $mail = new Email($email, Core::getLanguage()->getItem("EMAIL_ACTIVATION")); $template->send($mail); $successMsg .= "_REVALIDATE"; } Logger::addMessage($successMsg, "success"); } } else { $result->closeCursor(); Logger::addMessage("EMAIL_EXISTS"); $email = Core::getUser()->get("email"); } } // Check password $pwLength = Str::length($pw); if ($pwLength > 0) { if ($pwLength >= Core::getOptions()->get("MIN_PASSWORD_LENGTH") && $pwLength <= Core::getOptions()->get("MAX_PASSWORD_LENGTH")) { $successMsg = "PASSWORD_CHANGED"; if ($activation == "" && Core::getConfig()->get("EMAIL_ACTIVATION_CHANGED_PASSWORD")) { $activation = randString(8); $url = BASE_URL . Core::getLang()->getOpt("langcode") . "/signup/activation/key:" . $activation; Core::getLang()->assign("username", $username); Core::getTemplate()->assign("activationUrl", $url); Core::getTemplate()->assign("newPassword", $pw); $template = new Recipe_Email_Template("password_changed"); $mail = new Email($email, Core::getLanguage()->getItem("PASSWORD_ACTIVATION")); $template->send($mail); $successMsg .= "_REVALIDATE"; } $encryption = Core::getOptions("USE_PASSWORD_SALT") ? "md5_salt" : "md5"; $pw = Str::encode($pw, $encryption); Core::getQuery()->update("password", array("password" => $pw, "time" => TIME), "userid = ?", array(Core::getUser()->get("userid"))); Logger::addMessage($successMsg, "success"); } else { Logger::addMessage("PASSWORD_INVALID"); } } // Umode if ($umode == 1) { // Check if umode can be activated /* @var Bengine_Game_Model_Collection_Event $events */ $events = Game::getCollection("game/event"); $events->addVacationModeFilter(Core::getUser()->get("userid")); $eventCount = $events->getCalculatedSize(); if ($eventCount > 0) { Logger::dieMessage("CANNOT_ACTIVATE_UMODE"); } $umodemin = TIME + Core::getConfig()->get("MIN_VACATION_MODE"); setProdOfUser(Core::getUser()->get("userid"), 0); } else { $umodemin = 0; $umode = 0; } // Deletition $delete = !$delete ? 0 : TIME + self::DELETE_PROTECTION_TIME; // Other prefs $ipcheck = (int) $ipcheck; if (!Core::getConfig()->get("USER_EDIT_IP_CHECK")) { $ipcheck = Core::getUser()->get("ipcheck"); } else { if ($ipcheck > 0) { $ipcheck = 1; } } if ($esps > 99) { $esps = 99; } else { if ($esps <= 0) { $esps = 1; } } Hook::event("SaveUserDataLast", array(&$username, &$usertitle, &$email, &$templatepackage, &$theme, &$umode, &$umodemin, &$delete, $ipcheck, $esps, &$js_interface)); // Save it $spec = array("username" => $username, "usertitle" => $usertitle, "email" => $email, "temp_email" => $email, "activation" => $activation, "languageid" => $language, "templatepackage" => $templatepackage, "theme" => $theme, "ipcheck" => $ipcheck, "umode" => $umode, "umodemin" => $umodemin, "delete" => $delete, "esps" => $esps, "js_interface" => $js_interface); // Feeds if ($generate_key) { $new_key = randString(16); $result = Core::getQuery()->select("feed_keys", array("feed_key"), "", Core::getDB()->quoteInto("user_id = ?", Core::getUser()->get("userid"))); if ($result->rowCount() > 0) { // User has a feed key Core::getQuery()->update("feed_keys", array("feed_key" => $new_key), "user_id = ?", array(Core::getUser()->get("userid"))); } else { Core::getQuery()->insert("feed_keys", array("user_id" => Core::getUser()->get("userid"), "feed_key" => $new_key)); } } Core::getQuery()->update("user", $spec, "userid = ?", array(Core::getUser()->get("userid"))); Core::getUser()->rebuild(); return $this; }