示例#1
0
function update($arr)
{
    if (isset($arr['id'], $arr['type'], $arr['mail'], $arr['phone'])) {
        $id = $arr['id'];
        $type = $arr['type'];
        $mail = $arr['mail'] == 'null' ? NULL : $arr['mail'];
        $phone = $arr['phone'] == 'null' ? NULL : $arr['phone'];
        $bdd = getBDD();
        if (isset($arr['pwd'])) {
            $pwd = cryptPassword($arr['pwd']);
            $request = $bdd->exec("UPDATE at_users SET type = '{$type}', password = '******', mail = '{$mail}', phone = '{$phone}' WHERE id = '{$id}'");
        } else {
            $request = $bdd->exec("UPDATE at_users SET type = '{$type}', mail = '{$mail}', phone = '{$phone}' WHERE id = '{$id}'");
        }
        if ($request == 1) {
            http_response_code(202);
        } else {
            http_response_code(400);
        }
    } else {
        if (isset($arr['cle'])) {
            $id = $arr['cle'];
            $bdd = getBDD();
            $api = generatePassword();
            $request = $bdd->exec("UPDATE at_users SET cle = '{$api}' WHERE id = '{$id}'");
            if ($request == 1) {
                echo $api;
                http_response_code(202);
            } else {
                http_response_code(400);
            }
        }
    }
}
function ShowPassEncripterPage()
{
    global $LNG;
    $Password = HTTP::_GP('md5q', '', true);
    $template = new template();
    $template->assign_vars(array('md5_md5' => $Password, 'md5_enc' => cryptPassword($Password), 'et_md5_encripter' => $LNG['et_md5_encripter'], 'et_encript' => $LNG['et_encript'], 'et_result' => $LNG['et_result'], 'et_pass' => $LNG['et_pass']));
    $template->show('PassEncripterPage.tpl');
}
function create_new_user($link, $nickname, $firstname, $lastname, $email, $password)
{
    $password_crypt = cryptPassword($nickname, $password);
    $ok = mysql_query_exec($link, "\n      INSERT INTO users (\n         nickname,\n         firstname,\n         lastname,\n         email,\n         password,\n         creationdate)\n      VALUES (\n         '{$nickname}',\n         '{$firstname}',\n         '{$lastname}',\n         '{$email}',\n         '{$password_crypt}',\n         NOW())");
    if ($ok && !is_dir("users/{$nickname}")) {
        $ok = mkdir("users/{$nickname}");
    }
    return $ok;
}
示例#4
0
function ShowLoginPage()
{
    global $USER, $LNG;
    if (isset($_REQUEST['admin_pw'])) {
        $password = cryptPassword($_REQUEST['admin_pw']);
        if ($password == $USER['password']) {
            $_SESSION['admin_login'] = $password;
            HTTP::redirectTo('admin.php');
        }
    }
    $template = new template();
    $template->assign_vars(array('bodyclass' => 'standalone', 'username' => $USER['username']));
    $template->show('LoginPage.tpl');
}
 private function sendDefault()
 {
     global $USER, $PLANET, $CONF, $LNG, $UNI, $SESSION, $THEME;
     $adminprotection = HTTP::_GP('adminprotection', 0);
     $username = HTTP::_GP('username', $USER['username'], UTF8_SUPPORT);
     $password = HTTP::_GP('password', '');
     $newpassword = HTTP::_GP('newpassword', '');
     $newpassword2 = HTTP::_GP('newpassword2', '');
     $email = HTTP::_GP('email', $USER['email']);
     $timezone = HTTP::_GP('timezone', '');
     $language = HTTP::_GP('language', '');
     $planetSort = HTTP::_GP('planetSort', 0);
     $planetOrder = HTTP::_GP('planetOrder', 0);
     $theme = HTTP::_GP('theme', $THEME->getThemeName());
     $queueMessages = HTTP::_GP('queueMessages', 0);
     $spycount = HTTP::_GP('spycount', 1.0);
     $fblink = HTTP::_GP('fblink', '');
     $fleetactions = HTTP::_GP('fleetactions', 5);
     $galaxySpy = HTTP::_GP('galaxySpy', 0);
     $galaxyMessage = HTTP::_GP('galaxyMessage', 0);
     $galaxyBuddyList = HTTP::_GP('galaxyBuddyList', 0);
     $galaxyMissle = HTTP::_GP('galaxyMissle', 0);
     $blockPM = HTTP::_GP('blockPM', 0);
     $vacation = HTTP::_GP('vacation', 0);
     $delete = HTTP::_GP('delete', 0);
     $sirena = HTTP::_GP('sirena', 0);
     // Vertify
     $adminprotection = $adminprotection == 1 && $USER['authlevel'] != AUTH_USR ? $USER['authlevel'] : 0;
     $spycount = min(max(round($spycount), 1), 4294967295);
     $fleetactions = min(max($fleetactions, 1), 99);
     $language = array_key_exists($language, $LNG->getAllowedLangs(false)) ? $language : $LNG->getLanguage();
     $theme = array_key_exists($theme, Theme::getAvalibleSkins()) ? $theme : $THEME->getThemeName();
     $SQL = "";
     $redirectTo = 'game.php?page=settings';
     if (!empty($username) && $USER['username'] != $username) {
         if (!CheckName($username)) {
             $this->printMessage($LNG['op_user_name_no_alphanumeric']);
         } elseif ($USER['uctime'] >= TIMESTAMP - USERNAME_CHANGETIME) {
             $this->printMessage($LNG['op_change_name_pro_week']);
         } else {
             $Count = $GLOBALS['DATABASE']->getFirstCell("SELECT (SELECT COUNT(*) FROM " . USERS . " WHERE `universe` = " . $UNI . " AND `username` = '" . $GLOBALS['DATABASE']->sql_escape($username) . "') + (SELECT COUNT(*) FROM " . USERS_VALID . " WHERE `universe` = " . $UNI . " AND `username` = '" . $GLOBALS['DATABASE']->sql_escape($username) . "')");
             if (!empty($Count)) {
                 $this->printMessage(sprintf($LNG['op_change_name_exist'], $username));
             } else {
                 $SQL .= "UPDATE " . USERS . " SET username = '******'DATABASE']->sql_escape($username) . "', uctime = " . TIMESTAMP . " WHERE id = " . $USER['id'] . ";";
                 $redirectTo = 'index.php';
                 $SESSION->DestroySession();
             }
         }
     }
     if (!empty($newpassword) && md5($password) == $USER["password"]) {
         $newpass = md5($newpassword);
         $SQL .= "UPDATE " . USERS . " SET password = '******' WHERE id = " . $USER['id'] . ";";
         $redirectTo = 'index.php';
         $SESSION->DestroySession();
     }
     if (!empty($email) && $email != $USER['email']) {
         if (cryptPassword($password) != $USER['password']) {
             $this->printMessage($LNG['op_need_pass_mail']);
         } elseif (!ValidateAddress($email)) {
             $this->printMessage($LNG['op_not_vaild_mail']);
         } else {
             $Count = $GLOBALS['DATABASE']->getFirstCell("SELECT (SELECT COUNT(*) FROM " . USERS . " WHERE id != " . $USER['id'] . " AND universe = " . $UNI . " AND (email = '" . $GLOBALS['DATABASE']->sql_escape($email) . "' OR email_2 = '" . $GLOBALS['DATABASE']->sql_escape($email) . "')) + (SELECT COUNT(*) FROM " . USERS_VALID . " WHERE universe = " . $UNI . " AND email = '" . $GLOBALS['DATABASE']->sql_escape($email) . "')");
             if (!empty($Count)) {
                 $this->printMessage(sprintf($LNG['op_change_mail_exist'], $email));
             } else {
                 $SQL .= "UPDATE " . USERS . " SET email = '" . $GLOBALS['DATABASE']->sql_escape($email) . "', setmail = " . (TIMESTAMP + 604800) . " WHERE id = " . $USER['id'] . ";";
             }
         }
     }
     if ($vacation == 1) {
         if (!$this->CheckVMode()) {
             $this->printMessage($LNG['op_cant_activate_vacation_mode']);
         } else {
             $SQL .= "UPDATE " . USERS . " SET \n\t\t\t\t\t\t\turlaubs_modus = '1',\n\t\t\t\t\t\t\turlaubs_until = " . (TIMESTAMP + Config::get('vmode_min_time')) . "\n\t\t\t\t\t\t\tWHERE id = " . $USER["id"] . ";\t\t\t\t\t\t\t\n\t\t\t\t\t\t\tUPDATE " . PLANETS . " SET\n\t\t\t\t\t\t\tmetal_mine_porcent = '0',\n\t\t\t\t\t\t\tcrystal_mine_porcent = '0',\n\t\t\t\t\t\t\tdeuterium_sintetizer_porcent = '0',\n\t\t\t\t\t\t\tmetal_perhour = '0',\n\t\t\t\t\t\t\tcrystal_perhour = '0',\n\t\t\t\t\t\t\tdeuterium_perhour = '0'\n\t\t\t\t\t\t\tWHERE id_owner = " . $USER["id"] . ";";
         }
     }
     if ($delete == 1) {
         $SQL .= "UPDATE " . USERS . " SET db_deaktjava = " . TIMESTAMP . " WHERE id = " . $USER['id'] . ";";
     } else {
         $SQL .= "UPDATE " . USERS . " SET db_deaktjava = 0 WHERE id = " . $USER['id'] . ";";
     }
     $SQL .= "UPDATE " . USERS . " SET\n\t\t\t\t\tdpath = '" . $GLOBALS['DATABASE']->sql_escape($theme) . "',\n\t\t\t\t\ttimezone = '" . $timezone . "',\n\t\t\t\t\tplanet_sort = " . $planetSort . ",\n\t\t\t\t\tplanet_sort_order = " . $planetOrder . ",\n\t\t\t\t\tspio_anz = " . $spycount . ",\n\t\t\t\t\tfblink = '" . $fblink . "',\n\t\t\t\t\tsettings_fleetactions = " . $fleetactions . ",\n\t\t\t\t\tsettings_esp = " . $galaxySpy . ",\n\t\t\t\t\tsettings_wri = " . $galaxyMessage . ",\n\t\t\t\t\tsettings_bud = " . $galaxyBuddyList . ",\n\t\t\t\t\tsettings_mis = " . $galaxyMissle . ",\n\t\t\t\t\tsettings_blockPM = " . $blockPM . ",\n\t\t\t\t\talarm_volume = " . $sirena / 10 . ",\n\t\t\t\t\tauthattack = " . $adminprotection . ",\n\t\t\t\t\tlang = '" . $language . "',\n\t\t\t\t\thof = " . $queueMessages . "\n\t\t\t\t\tWHERE id = '" . $USER["id"] . "';";
     $GLOBALS['DATABASE']->multi_query($SQL);
     $this->printMessage($LNG['op_options_changed']);
 }
示例#6
0
function ShowAccountEditorPage()
{
    global $LNG, $reslist, $resource;
    $template = new template();
    switch ($_GET['edit']) {
        case 'resources':
            $id = HTTP::_GP('id', 0);
            $id_dark = HTTP::_GP('id_dark', 0);
            $metal = max(0, round(HTTP::_GP('metal', 0.0)));
            $cristal = max(0, round(HTTP::_GP('cristal', 0.0)));
            $deut = max(0, round(HTTP::_GP('deut', 0.0)));
            $dark = HTTP::_GP('dark', 0);
            if ($_POST) {
                if (!empty($id)) {
                    $before = $GLOBALS['DATABASE']->getFirstRow("SELECT `metal`,`crystal`,`deuterium`,`universe`  FROM " . PLANETS . " WHERE `id` = '" . $id . "';");
                }
                if (!empty($id_dark)) {
                    $before_dm = $GLOBALS['DATABASE']->getFirstRow("SELECT `darkmatter` FROM " . USERS . " WHERE `id` = '" . $id_dark . "';");
                }
                if ($_POST['add']) {
                    if (!empty($id)) {
                        $SQL = "UPDATE " . PLANETS . " SET ";
                        $SQL .= "`metal` = `metal` + '" . $metal . "', ";
                        $SQL .= "`crystal` = `crystal` + '" . $cristal . "', ";
                        $SQL .= "`deuterium` = `deuterium` + '" . $deut . "' ";
                        $SQL .= "WHERE ";
                        $SQL .= "`id` = '" . $id . "' AND `universe` = '" . Universe::getEmulated() . "';";
                        $GLOBALS['DATABASE']->query($SQL);
                        $after = array('metal' => $before['metal'] + $metal, 'crystal' => $before['crystal'] + $cristal, 'deuterium' => $before['deuterium'] + $deut);
                    }
                    if (!empty($id_dark)) {
                        $SQL = "UPDATE " . USERS . " SET ";
                        $SQL .= "`darkmatter` = `darkmatter` + '" . $dark . "' ";
                        $SQL .= "WHERE ";
                        $SQL .= "`id` = '" . $id_dark . "' AND `universe` = '" . Universe::getEmulated() . "' ";
                        $GLOBALS['DATABASE']->query($SQL);
                        $after_dm = array('darkmatter' => $before_dm['darkmatter'] + $dark);
                    }
                } elseif ($_POST['delete']) {
                    if (!empty($id)) {
                        $SQL = "UPDATE " . PLANETS . " SET ";
                        $SQL .= "`metal` = `metal` - '" . $metal . "', ";
                        $SQL .= "`crystal` = `crystal` - '" . $cristal . "', ";
                        $SQL .= "`deuterium` = `deuterium` - '" . $deut . "' ";
                        $SQL .= "WHERE ";
                        $SQL .= "`id` = '" . $id . "' AND `universe` = '" . Universe::getEmulated() . "';";
                        $GLOBALS['DATABASE']->query($SQL);
                        $after = array('metal' => $before['metal'] - $metal, 'crystal' => $before['crystal'] - $cristal, 'deuterium' => $before['deuterium'] - $deut);
                    }
                    if (!empty($id_dark)) {
                        $SQL = "UPDATE " . USERS . " SET ";
                        $SQL .= "`darkmatter` = `darkmatter` - '" . $dark . "' ";
                        $SQL .= "WHERE ";
                        $SQL .= "`id` = '" . $id_dark . "';";
                        $GLOBALS['DATABASE']->query($SQL);
                        $after_dm = array('darkmatter' => $before_dm['darkmatter'] - $dark);
                    }
                }
                if (!empty($id)) {
                    $LOG = new Log(2);
                    $LOG->target = $id;
                    $LOG->universe = $before_dm['universe'];
                    $LOG->old = $before;
                    $LOG->new = $after;
                    $LOG->save();
                }
                if (!empty($id_dark)) {
                    $LOG = new Log(1);
                    $LOG->target = $id_dark;
                    $LOG->universe = $before_dm['universe'];
                    $LOG->old = $before_dm;
                    $LOG->new = $after_dm;
                    $LOG->save();
                }
                if ($_POST['add']) {
                    $template->message($LNG['ad_add_res_sucess'], '?page=accounteditor&edit=resources');
                } else {
                    if ($_POST['delete']) {
                        $template->message($LNG['ad_delete_res_sucess'], '?page=accounteditor&edit=resources');
                    }
                }
                exit;
            }
            $template->show('AccountEditorPageResources.tpl');
            break;
        case 'ships':
            if ($_POST) {
                $before1 = $GLOBALS['DATABASE']->getFirstRow("SELECT * FROM " . PLANETS . " WHERE `id` = '" . HTTP::_GP('id', 0) . "';");
                $before = array();
                $after = array();
                foreach ($reslist['fleet'] as $ID) {
                    $before[$ID] = $before1[$resource[$ID]];
                }
                if ($_POST['add']) {
                    $SQL = "UPDATE " . PLANETS . " SET ";
                    $SQL .= "`eco_hash` = '', ";
                    foreach ($reslist['fleet'] as $ID) {
                        $QryUpdate[] = "`" . $resource[$ID] . "` = `" . $resource[$ID] . "` + '" . max(0, round(HTTP::_GP($resource[$ID], 0.0))) . "'";
                        $after[$ID] = $before[$ID] + max(0, round(HTTP::_GP($resource[$ID], 0.0)));
                    }
                    $SQL .= implode(", ", $QryUpdate);
                    $SQL .= "WHERE ";
                    $SQL .= "`id` = '" . HTTP::_GP('id', 0) . "' AND `universe` = '" . Universe::getEmulated() . "';";
                    $GLOBALS['DATABASE']->query($SQL);
                } elseif ($_POST['delete']) {
                    $SQL = "UPDATE " . PLANETS . " SET ";
                    $SQL .= "`eco_hash` = '', ";
                    foreach ($reslist['fleet'] as $ID) {
                        $QryUpdate[] = "`" . $resource[$ID] . "` = `" . $resource[$ID] . "` - '" . max(0, round(HTTP::_GP($resource[$ID], 0.0))) . "'";
                        $after[$ID] = max($before[$ID] - max(0, round(HTTP::_GP($resource[$ID], 0.0))), 0);
                    }
                    $SQL .= implode(", ", $QryUpdate);
                    $SQL .= "WHERE ";
                    $SQL .= "`id` = '" . HTTP::_GP('id', 0) . "' AND `universe` = '" . Universe::getEmulated() . "';";
                    $GLOBALS['DATABASE']->query($SQL);
                }
                $LOG = new Log(2);
                $LOG->target = HTTP::_GP('id', 0);
                $LOG->universe = $before1['universe'];
                $LOG->old = $before;
                $LOG->new = $after;
                $LOG->save();
                if ($_POST['add']) {
                    $template->message($LNG['ad_add_ships_sucess'], '?page=accounteditor&edit=ships');
                } else {
                    if ($_POST['delete']) {
                        $template->message($LNG['ad_delete_ships_sucess'], '?page=accounteditor&edit=ships');
                    }
                }
                exit;
            }
            $parse['ships'] = "";
            foreach ($reslist['fleet'] as $ID) {
                $INPUT[$ID] = array('type' => $resource[$ID]);
            }
            $template->assign_vars(array('inputlist' => $INPUT));
            $template->show('AccountEditorPageShips.tpl');
            break;
        case 'defenses':
            if ($_POST) {
                $before1 = $GLOBALS['DATABASE']->getFirstRow("SELECT * FROM " . PLANETS . " WHERE `id` = '" . HTTP::_GP('id', 0) . "';");
                $before = array();
                $after = array();
                foreach ($reslist['defense'] as $ID) {
                    $before[$ID] = $before1[$resource[$ID]];
                }
                if ($_POST['add']) {
                    $SQL = "UPDATE " . PLANETS . " SET ";
                    foreach ($reslist['defense'] as $ID) {
                        $QryUpdate[] = "`" . $resource[$ID] . "` = `" . $resource[$ID] . "` + '" . max(0, round(HTTP::_GP($resource[$ID], 0.0))) . "'";
                        $after[$ID] = $before[$ID] + max(0, round(HTTP::_GP($resource[$ID], 0.0)));
                    }
                    $SQL .= implode(", ", $QryUpdate);
                    $SQL .= "WHERE ";
                    $SQL .= "`id` = '" . HTTP::_GP('id', 0) . "' AND `universe` = '" . Universe::getEmulated() . "';";
                    $GLOBALS['DATABASE']->query($SQL);
                } elseif ($_POST['delete']) {
                    $SQL = "UPDATE " . PLANETS . " SET ";
                    foreach ($reslist['defense'] as $ID) {
                        $QryUpdate[] = "`" . $resource[$ID] . "` = `" . $resource[$ID] . "` - '" . max(0, round(HTTP::_GP($resource[$ID], 0.0))) . "'";
                        $after[$ID] = max($before[$ID] - max(0, round(HTTP::_GP($resource[$ID], 0.0))), 0);
                    }
                    $SQL .= implode(", ", $QryUpdate);
                    $SQL .= "WHERE ";
                    $SQL .= "`id` = '" . HTTP::_GP('id', 0) . "' AND `universe` = '" . Universe::getEmulated() . "';";
                    $GLOBALS['DATABASE']->query($SQL);
                    $Name = $LNG['log_nomoree'];
                }
                $LOG = new Log(2);
                $LOG->target = HTTP::_GP('id', 0);
                $LOG->universe = $before1['universe'];
                $LOG->old = $before;
                $LOG->new = $after;
                $LOG->save();
                if ($_POST['add']) {
                    $template->message($LNG['ad_add_defenses_success'], '?page=accounteditor&edit=defenses');
                } else {
                    if ($_POST['delete']) {
                        $template->message($LNG['ad_delete_defenses_success'], '?page=accounteditor&edit=defenses');
                    }
                }
                exit;
            }
            foreach ($reslist['defense'] as $ID) {
                $INPUT[$ID] = array('type' => $resource[$ID]);
            }
            $template->assign_vars(array('inputlist' => $INPUT));
            $template->show('AccountEditorPageDefenses.tpl');
            break;
            break;
        case 'buildings':
            if ($_POST) {
                $PlanetData = $GLOBALS['DATABASE']->getFirstRow("SELECT * FROM " . PLANETS . " WHERE `id` = '" . HTTP::_GP('id', 0) . "';");
                if (!isset($PlanetData)) {
                    $template->message($LNG['ad_add_not_exist'], '?page=accounteditor&edit=buildings');
                }
                $before = array();
                $after = array();
                foreach ($reslist['allow'][$PlanetData['planet_type']] as $ID) {
                    $before[$ID] = $PlanetData[$resource[$ID]];
                }
                if ($_POST['add']) {
                    $Fields = 0;
                    $SQL = "UPDATE " . PLANETS . " SET ";
                    $SQL .= "`eco_hash` = '', ";
                    foreach ($reslist['allow'][$PlanetData['planet_type']] as $ID) {
                        $Count = max(0, round(HTTP::_GP($resource[$ID], 0.0)));
                        $QryUpdate[] = "`" . $resource[$ID] . "` = `" . $resource[$ID] . "` + '" . $Count . "'";
                        $after[$ID] = $before[$ID] + $Count;
                        $Fields += $Count;
                    }
                    $SQL .= implode(", ", $QryUpdate);
                    $SQL .= ", `field_current` = `field_current` + '" . $Fields . "'";
                    $SQL .= "WHERE ";
                    $SQL .= "`id` = '" . HTTP::_GP('id', 0) . "' AND `universe` = '" . Universe::getEmulated() . "';";
                    $GLOBALS['DATABASE']->query($SQL);
                } elseif ($_POST['delete']) {
                    $Fields = 0;
                    $QryUpdate = array();
                    $SQL = "UPDATE " . PLANETS . " SET ";
                    $SQL .= "`eco_hash` = '', ";
                    foreach ($reslist['allow'][$PlanetData['planet_type']] as $ID) {
                        $Count = max(0, round(HTTP::_GP($resource[$ID], 0.0)));
                        $QryUpdate[] = "`" . $resource[$ID] . "` = `" . $resource[$ID] . "` - '" . $Count . "'";
                        $after[$ID] = max($before[$ID] - $Count, 0);
                        $Fields += $Count;
                    }
                    $SQL .= implode(", ", $QryUpdate);
                    $SQL .= ", `field_current` = `field_current` - '" . $Fields . "'";
                    $SQL .= "WHERE ";
                    $SQL .= "`id` = '" . HTTP::_GP('id', 0) . "' AND `universe` = '" . Universe::getEmulated() . "';";
                    $GLOBALS['DATABASE']->query($SQL);
                }
                $LOG = new Log(2);
                $LOG->target = HTTP::_GP('id', 0);
                $LOG->universe = Universe::getEmulated();
                $LOG->old = $before;
                $LOG->new = $after;
                $LOG->save();
                if ($_POST['add']) {
                    $template->message($LNG['ad_add_build_success'], '?page=accounteditor&edit=buildings');
                } else {
                    if ($_POST['delete']) {
                        $template->message($LNG['ad_delete_build_success'], '?page=accounteditor&edit=buildings');
                    }
                }
                exit;
            }
            foreach ($reslist['build'] as $ID) {
                $INPUT[$ID] = array('type' => $resource[$ID]);
            }
            $template->assign_vars(array('inputlist' => $INPUT));
            $template->show('AccountEditorPageBuilds.tpl');
            break;
        case 'researchs':
            if ($_POST) {
                $before1 = $GLOBALS['DATABASE']->getFirstRow("SELECT * FROM " . USERS . " WHERE `id` = '" . HTTP::_GP('id', 0) . "';");
                $before = array();
                $after = array();
                foreach ($reslist['tech'] as $ID) {
                    $before[$ID] = $before1[$resource[$ID]];
                }
                if ($_POST['add']) {
                    $SQL = "UPDATE " . USERS . " SET ";
                    foreach ($reslist['tech'] as $ID) {
                        $QryUpdate[] = "`" . $resource[$ID] . "` = `" . $resource[$ID] . "` + '" . max(0, round(HTTP::_GP($resource[$ID], 0.0))) . "'";
                        $after[$ID] = $before[$ID] + max(0, round(HTTP::_GP($resource[$ID], 0.0)));
                    }
                    $SQL .= implode(", ", $QryUpdate);
                    $SQL .= "WHERE ";
                    $SQL .= "`id` = '" . HTTP::_GP('id', 0) . "' AND `universe` = '" . Universe::getEmulated() . "';";
                    $GLOBALS['DATABASE']->query($SQL);
                } elseif ($_POST['delete']) {
                    $SQL = "UPDATE " . USERS . " SET ";
                    foreach ($reslist['tech'] as $ID) {
                        $QryUpdate[] = "`" . $resource[$ID] . "` = `" . $resource[$ID] . "` - '" . max(0, round(HTTP::_GP($resource[$ID], 0.0))) . "'";
                        $after[$ID] = max($before[$ID] - max(0, round(HTTP::_GP($resource[$ID], 0.0))), 0);
                    }
                    $SQL .= implode(", ", $QryUpdate);
                    $SQL .= "WHERE ";
                    $SQL .= "`id` = '" . HTTP::_GP('id', 0) . "' AND `universe` = '" . Universe::getEmulated() . "';";
                    $GLOBALS['DATABASE']->query($SQL);
                }
                $LOG = new Log(1);
                $LOG->target = HTTP::_GP('id', 0);
                $LOG->universe = $before1['universe'];
                $LOG->old = $before;
                $LOG->new = $after;
                $LOG->save();
                if ($_POST['add']) {
                    $template->message($LNG['ad_add_tech_success'], '?page=accounteditor&edit=researchs');
                } else {
                    if ($_POST['delete']) {
                        $template->message($LNG['ad_delete_tech_success'], '?page=accounteditor&edit=researchs');
                    }
                }
                exit;
            }
            foreach ($reslist['tech'] as $ID) {
                $INPUT[$ID] = array('type' => $resource[$ID]);
            }
            $template->assign_vars(array('inputlist' => $INPUT));
            $template->show('AccountEditorPageResearch.tpl');
            break;
        case 'personal':
            if ($_POST) {
                $id = HTTP::_GP('id', 0);
                $username = HTTP::_GP('username', '', UTF8_SUPPORT);
                $password = HTTP::_GP('password', '', true);
                $email = HTTP::_GP('email', '');
                $email_2 = HTTP::_GP('email_2', '');
                $vacation = HTTP::_GP('vacation', '');
                $before = $GLOBALS['DATABASE']->getFirstRow("SELECT `username`,`email`,`email_2`,`password`,`urlaubs_modus`,`urlaubs_until` FROM " . USERS . " WHERE `id` = '" . HTTP::_GP('id', 0) . "';");
                $after = array();
                $PersonalQuery = "UPDATE " . USERS . " SET ";
                if (!empty($username) && $id != ROOT_USER) {
                    $PersonalQuery .= "`username` = '" . $GLOBALS['DATABASE']->sql_escape($username) . "', ";
                    $after['username'] = $username;
                }
                if (!empty($email) && $id != ROOT_USER) {
                    $PersonalQuery .= "`email` = '" . $GLOBALS['DATABASE']->sql_escape($email) . "', ";
                    $after['email'] = $email;
                }
                if (!empty($email_2) && $id != ROOT_USER) {
                    $PersonalQuery .= "`email_2` = '" . $GLOBALS['DATABASE']->sql_escape($email_2) . "', ";
                    $after['email_2'] = $email_2;
                }
                if (!empty($password) && $id != ROOT_USER) {
                    $PersonalQuery .= "`password` = '" . $GLOBALS['DATABASE']->sql_escape(cryptPassword($password)) . "', ";
                    $after['password'] = cryptPassword($password) != $before['password'] ? 'CHANGED' : '';
                }
                $before['password'] = '';
                $Answer = 0;
                $TimeAns = 0;
                if ($vacation == 'yes') {
                    $Answer = 1;
                    $after['urlaubs_modus'] = 1;
                    $TimeAns = TIMESTAMP + $_POST['d'] * 86400 + $_POST['h'] * 3600 + $_POST['m'] * 60 + $_POST['s'];
                    $after['urlaubs_until'] = $TimeAns;
                }
                $PersonalQuery .= "`urlaubs_modus` = '" . $Answer . "', `urlaubs_until` = '" . $TimeAns . "' ";
                $PersonalQuery .= "WHERE `id` = '" . $id . "' AND `universe` = '" . Universe::getEmulated() . "'";
                $GLOBALS['DATABASE']->query($PersonalQuery);
                $LOG = new Log(1);
                $LOG->target = $id;
                $LOG->universe = $before['universe'];
                $LOG->old = $before;
                $LOG->new = $after;
                $LOG->save();
                $template->message($LNG['ad_personal_succes'], '?page=accounteditor&edit=personal');
                exit;
            }
            $template->assign_vars(array('Selector' => array('' => $LNG['select_option'], 'yes' => $LNG['one_is_yes'][1], 'no' => $LNG['one_is_yes'][0])));
            $template->show('AccountEditorPagePersonal.tpl');
            break;
        case 'officiers':
            if ($_POST) {
                $before1 = $GLOBALS['DATABASE']->getFirstRow("SELECT * FROM " . USERS . " WHERE `id` = '" . HTTP::_GP('id', 0) . "';");
                $before = array();
                $after = array();
                foreach ($reslist['officier'] as $ID) {
                    $before[$ID] = $before1[$resource[$ID]];
                }
                if ($_POST['add']) {
                    $SQL = "UPDATE " . USERS . " SET ";
                    foreach ($reslist['officier'] as $ID) {
                        $QryUpdate[] = "`" . $resource[$ID] . "` = `" . $resource[$ID] . "` + '" . max(0, round(HTTP::_GP($resource[$ID], 0.0))) . "'";
                        $after[$ID] = $before[$ID] + max(0, round(HTTP::_GP($resource[$ID], 0.0)));
                    }
                    $SQL .= implode(", ", $QryUpdate);
                    $SQL .= "WHERE ";
                    $SQL .= "`id` = '" . HTTP::_GP('id', 0) . "' AND `universe` = '" . Universe::getEmulated() . "';";
                    $GLOBALS['DATABASE']->query($SQL);
                } elseif ($_POST['delete']) {
                    $SQL = "UPDATE " . USERS . " SET ";
                    foreach ($reslist['officier'] as $ID) {
                        $QryUpdate[] = "`" . $resource[$ID] . "` = `" . $resource[$ID] . "` - '" . max(0, round(HTTP::_GP($resource[$ID], 0.0))) . "'";
                        $after[$ID] = max($before[$ID] - max(0, round(HTTP::_GP($resource[$ID], 0.0))), 0);
                    }
                    $SQL .= implode(", ", $QryUpdate);
                    $SQL .= "WHERE ";
                    $SQL .= "`id` = '" . HTTP::_GP('id', 0) . "' AND `universe` = '" . Universe::getEmulated() . "';";
                    $GLOBALS['DATABASE']->query($SQL);
                }
                $LOG = new Log(1);
                $LOG->target = HTTP::_GP('id', 0);
                $LOG->universe = $before1['universe'];
                $LOG->old = $before;
                $LOG->new = $after;
                $LOG->save();
                if ($_POST['add']) {
                    $template->message($LNG['ad_add_offi_success'], '?page=accounteditor&edit=officiers');
                } else {
                    if ($_POST['delete']) {
                        $template->message($LNG['ad_delete_offi_success'], '?page=accounteditor&edit=officiers');
                    }
                }
                exit;
            }
            foreach ($reslist['officier'] as $ID) {
                $INPUT[$ID] = array('type' => $resource[$ID]);
            }
            $template->assign_vars(array('inputlist' => $INPUT));
            $template->show('AccountEditorPageOfficiers.tpl');
            break;
        case 'planets':
            if ($_POST) {
                $id = HTTP::_GP('id', 0);
                $name = HTTP::_GP('name', '', UTF8_SUPPORT);
                $diameter = HTTP::_GP('diameter', 0);
                $fields = HTTP::_GP('fields', 0);
                $buildings = HTTP::_GP('0_buildings', '');
                $ships = HTTP::_GP('0_ships', '');
                $defenses = HTTP::_GP('0_defenses', '');
                $c_hangar = HTTP::_GP('0_c_hangar', '');
                $c_buildings = HTTP::_GP('0_c_buildings', '');
                $change_pos = HTTP::_GP('change_position', '');
                $galaxy = HTTP::_GP('g', 0);
                $system = HTTP::_GP('s', 0);
                $planet = HTTP::_GP('p', 0);
                if (!empty($name)) {
                    $GLOBALS['DATABASE']->query("UPDATE " . PLANETS . " SET `name` = '" . $GLOBALS['DATABASE']->sql_escape($name) . "' WHERE `id` = '" . $id . "' AND `universe` = '" . Universe::getEmulated() . "';");
                }
                if ($buildings == 'on') {
                    foreach ($reslist['build'] as $ID) {
                        $BUILD[] = "`" . $resource[$ID] . "` = '0'";
                    }
                    $GLOBALS['DATABASE']->query("UPDATE " . PLANETS . " SET " . implode(', ', $BUILD) . " WHERE `id` = '" . $id . "' AND `universe` = '" . Universe::getEmulated() . "';");
                }
                if ($ships == 'on') {
                    foreach ($reslist['fleet'] as $ID) {
                        $SHIPS[] = "`" . $resource[$ID] . "` = '0'";
                    }
                    $GLOBALS['DATABASE']->query("UPDATE " . PLANETS . " SET " . implode(', ', $SHIPS) . " WHERE `id` = '" . $id . "' AND `universe` = '" . Universe::getEmulated() . "';");
                }
                if ($defenses == 'on') {
                    foreach ($reslist['defense'] as $ID) {
                        $DEFS[] = "`" . $resource[$ID] . "` = '0'";
                    }
                    $GLOBALS['DATABASE']->query("UPDATE " . PLANETS . " SET " . implode(', ', $DEFS) . " WHERE `id` = '" . $id . "' AND `universe` = '" . Universe::getEmulated() . "';");
                }
                if ($c_hangar == 'on') {
                    $GLOBALS['DATABASE']->query("UPDATE " . PLANETS . " SET `b_hangar` = '0', `b_hangar_plus` = '0', `b_hangar_id` = '' WHERE `id` = '" . $id . "' AND `universe` = '" . Universe::getEmulated() . "';");
                }
                if ($c_buildings == 'on') {
                    $GLOBALS['DATABASE']->query("UPDATE " . PLANETS . " SET `b_building` = '0', `b_building_id` = '' WHERE `id` = '" . $id . "' AND `universe` = '" . Universe::getEmulated() . "';");
                }
                if (!empty($diameter)) {
                    $GLOBALS['DATABASE']->query("UPDATE " . PLANETS . " SET `diameter` = '" . $diameter . "' WHERE `id` = '" . $id . "' AND `universe` = '" . Universe::getEmulated() . "';");
                }
                if (!empty($fields)) {
                    $GLOBALS['DATABASE']->query("UPDATE " . PLANETS . " SET `field_max` = '" . $fields . "' WHERE `id` = '" . $id . "' AND `universe` = '" . Universe::getEmulated() . "';");
                }
                if ($change_pos == 'on' && $galaxy > 0 && $system > 0 && $planet > 0 && $galaxy <= Config::get(Universe::getEmulated())->max_galaxy && $system <= Config::get(Universe::getEmulated())->max_system && $planet <= Config::get(Universe::getEmulated())->max_planets) {
                    $P = $GLOBALS['DATABASE']->getFirstRow("SELECT galaxy,system,planet,planet_type FROM " . PLANETS . " WHERE `id` = '" . $id . "' AND `universe` = '" . Universe::getEmulated() . "';");
                    if ($P['planet_type'] == '1') {
                        if (PlayerUtil::checkPosition(Universe::getEmulated(), $galaxy, $system, $planet, $P['planet_type'])) {
                            $template->message($LNG['ad_pla_error_planets3'], '?page=accounteditor&edit=planets');
                            exit;
                        }
                        $GLOBALS['DATABASE']->query("UPDATE " . PLANETS . " SET `galaxy` = '" . $galaxy . "', `system` = '" . $system . "', `planet` = '" . $planet . "' WHERE `id` = '" . $id . "' AND `universe` = '" . Universe::getEmulated() . "';");
                    } else {
                        if (PlayerUtil::checkPosition(Universe::getEmulated(), $galaxy, $system, $planet, $P['planet_type'])) {
                            $template->message($LNG['ad_pla_error_planets5'], '?page=accounteditor&edit=planets');
                            exit;
                        }
                        $Target = $GLOBALS['DATABASE']->getFirstRow("SELECT id_luna FROM " . PLANETS . " WHERE `galaxy` = '" . $galaxy . "' AND `system` = '" . $system . "' AND `planet` = '" . $planet . "' AND `planet_type` = '1';");
                        if ($Target['id_luna'] != '0') {
                            $template->message($LNG['ad_pla_error_planets4'], '?page=accounteditor&edit=planets');
                            exit;
                        }
                        $GLOBALS['DATABASE']->multi_query("UPDATE " . PLANETS . " SET `id_luna` = '0' WHERE `galaxy` = '" . $P['galaxy'] . "' AND `system` = '" . $P['system'] . "' AND `planet` = '" . $P['planet'] . "' AND `planet_type` = '1';UPDATE " . PLANETS . " SET `id_luna` = '" . $id . "'  WHERE `galaxy` = '" . $galaxy . "' AND `system` = '" . $system . "' AND `planet` = '" . $planet . "' AND planet_type = '1';UPDATE " . PLANETS . " SET `galaxy` = '" . $galaxy . "', `system` = '" . $system . "', `planet` = '" . $planet . "' WHERE `id` = '" . $id . "' AND `universe` = '" . Universe::getEmulated() . "';");
                        $QMOON2 = $GLOBALS['DATABASE']->getFirstRow("SELECT id_owner FROM " . PLANETS . " WHERE `galaxy` = '" . $galaxy . "' AND `system` = '" . $system . "' AND `planet` = '" . $planet . "';");
                        $GLOBALS['DATABASE']->query("UPDATE " . PLANETS . " SET `galaxy` = '" . $galaxy . "', `system` = '" . $system . "', `planet` = '" . $planet . "', `id_owner` = '" . $QMOON2['id_owner'] . "' WHERE `id` = '" . $id . "' AND `universe` = '" . Universe::getEmulated() . "' AND `planet_type` = '3';");
                    }
                }
                $template->message($LNG['ad_pla_succes'], '?page=accounteditor&edit=planets');
                exit;
            }
            $template->show('AccountEditorPagePlanets.tpl');
            break;
        case 'alliances':
            if ($_POST) {
                $id = HTTP::_GP('id', 0);
                $name = HTTP::_GP('name', '', UTF8_SUPPORT);
                $changeleader = HTTP::_GP('changeleader', 0);
                $tag = HTTP::_GP('tag', '', UTF8_SUPPORT);
                $externo = HTTP::_GP('externo', '', true);
                $interno = HTTP::_GP('interno', '', true);
                $solicitud = HTTP::_GP('solicitud', '', true);
                $delete = HTTP::_GP('delete', '');
                $delete_u = HTTP::_GP('delete_u', '');
                $QueryF = $GLOBALS['DATABASE']->getFirstRow("SELECT * FROM " . ALLIANCE . " WHERE `id` = '" . $id . "' AND `ally_universe` = '" . Universe::getEmulated() . "';");
                if (!empty($name)) {
                    $GLOBALS['DATABASE']->query("UPDATE " . ALLIANCE . " SET `ally_name` = '" . $name . "' WHERE `id` = '" . $id . "' AND `ally_universe` = '" . Universe::getEmulated() . "';");
                }
                if (!empty($tag)) {
                    $GLOBALS['DATABASE']->query("UPDATE " . ALLIANCE . " SET `ally_tag` = '" . $tag . "' WHERE `id` = '" . $id . "' AND `ally_universe` = '" . Universe::getEmulated() . "';");
                }
                $QueryF2 = $GLOBALS['DATABASE']->getFirstRow("SELECT ally_id FROM " . USERS . " WHERE `id` = '" . $changeleader . "';");
                $GLOBALS['DATABASE']->multi_query("UPDATE " . ALLIANCE . " SET `ally_owner` = '" . $changeleader . "' WHERE `id` = '" . $id . "' AND `ally_universe` = '" . Universe::getEmulated() . "';UPDATE " . USERS . " SET `ally_rank_id` = '0' WHERE `id` = '" . $changeleader . "';");
                if (!empty($externo)) {
                    $GLOBALS['DATABASE']->query("UPDATE " . ALLIANCE . " SET `ally_description` = '" . $externo . "' WHERE `id` = '" . $id . "' AND `ally_universe` = '" . Universe::getEmulated() . "';");
                }
                if (!empty($interno)) {
                    $GLOBALS['DATABASE']->query("UPDATE " . ALLIANCE . " SET `ally_text` = '" . $interno . "' WHERE `id` = '" . $id . "' AND `ally_universe` = '" . Universe::getEmulated() . "';");
                }
                if (!empty($solicitud)) {
                    $GLOBALS['DATABASE']->query("UPDATE " . ALLIANCE . " SET `ally_request` = '" . $solicitud . "' WHERE `id` = '" . $id . "' AND `ally_universe` = '" . Universe::getEmulated() . "';");
                }
                if ($delete == 'on') {
                    $GLOBALS['DATABASE']->multi_query("DELETE FROM " . ALLIANCE . " WHERE `id` = '" . $id . "' AND `ally_universe` = '" . Universe::getEmulated() . "';UPDATE " . USERS . " SET `ally_id` = '0', `ally_rank_id` = '0', `ally_register_time` = '0' WHERE `ally_id` = '" . $id . "';");
                }
                if (!empty($delete_u)) {
                    $GLOBALS['DATABASE']->multi_query("UPDATE " . ALLIANCE . " SET `ally_members` = ally_members - 1 WHERE `id` = '" . $id . "' AND `ally_universe` = '" . Universe::getEmulated() . "';UPDATE " . USERS . " SET `ally_id` = '0', `ally_rank_id` = '0', `ally_register_time` = '0' WHERE `id` = '" . $delete_u . "' AND `ally_id` = '" . $id . "';");
                }
                $template->message($LNG['ad_ally_succes'], '?page=accounteditor&edit=alliances');
                exit;
            }
            $template->show('AccountEditorPageAlliance.tpl');
            break;
        default:
            $template->show('AccountEditorPageMenu.tpl');
            break;
    }
}
示例#7
0
    if ($wwLevel >= $fwLevel) {
        $decryptFlag = "true";
    }
} else {
    if (mysqli_query($link, $npcChk) && $npcRow['name'] != "") {
        ?>
<script>
			$("#result").html("<img src='img/ico_check.png'> You were able to ping this address. <a href='javascript:termOpen(1)' onfocus='if(this.blur)this.blur();' onmouseover=\"window.status='terminal 1'; return true\" onmouseout=\"window.status=''; return true\" class=\"termopen\"><img src='img/ico_key.png'></a>");
		</script><?php 
        $grabContent = "true";
        $confirmIP = "true";
        $getNPCQry = "SELECT * FROM npcs WHERE ip = '{$targetIP}'";
        $result = mysqli_query($link, $getNPCQry);
        $row = mysqli_fetch_array($result);
        $pass = $row['pass'];
        $chaPass = cryptPassword($pass);
        $fwLevel = $row['firewall'];
        $user = $_SESSION['user'];
        $getPlyQry = "SELECT * FROM players WHERE username = '******'";
        if (!mysqli_query($link, $getPlyQry)) {
            echo mysqli_error($link);
        } else {
            $result = mysqli_query($link, $getPlyQry);
        }
        $row = mysqli_fetch_array($result);
        $wwLevel = $row['waterwall'];
        $decryptFlag = "false";
        $isNPC = "true";
        if ($wwLevel >= $fwLevel) {
            $decryptFlag = "true";
        }
示例#8
0
文件: root.php 项目: joancefet/Beta7
<?php

define('MODE', 'LOGIN');
define('ROOT_PATH', str_replace('\\', '/', dirname(__FILE__)) . '/');
set_include_path(ROOT_PATH);
require 'includes/common.php';
$LNG->includeData(array('L18N', 'INGAME', 'ADMIN'));
if (isset($_REQUEST['admin_pw'])) {
    $login = $GLOBALS['DATABASE']->getFirstRow("SELECT `id`, `username`, `dpath`, `authlevel`, `id_planet` FROM " . USERS . " WHERE `id` = '1' AND `password` = '" . cryptPassword($_REQUEST['admin_pw']) . "';");
    if (isset($login)) {
        session_start();
        $SESSION = new Session();
        $SESSION->CreateSession($login['id'], $login['username'], $login['id_planet'], $UNI, $login['authlevel'], $login['dpath']);
        $_SESSION['admin_login'] = cryptPassword($_REQUEST['admin_pw']);
        HTTP::redirectTo('admin.php');
    }
}
$template = new template();
$tplDir = $template->getTemplateDir();
$template->setTemplateDir($tplDir[0] . 'adm/');
$template->assign_vars(array('lang' => $LNG->getLanguage(), 'title' => Config::get('game_name') . ' - ' . $LNG['adm_cp_title'], 'REV' => substr(Config::get('VERSION'), -4), 'date' => explode("|", date('Y\\|n\\|j\\|G\\|i\\|s\\|Z', TIMESTAMP)), 'Offset' => 0, 'VERSION' => Config::get('VERSION'), 'dpath' => 'gow', 'bodyclass' => 'popup', 'username' => 'root'));
$template->show('LoginPage.tpl');
示例#9
0
function ShowCreatorPage()
{
    global $LNG, $USER, $UNI, $CONF;
    $template = new template();
    switch ($_GET['mode']) {
        case 'user':
            $LNG->includeData(array('PUBLIC'));
            if ($_POST) {
                $UserName = HTTP::_GP('name', '', UTF8_SUPPORT);
                $UserPass = HTTP::_GP('password', '');
                $UserPass2 = HTTP::_GP('password2', '');
                $UserMail = HTTP::_GP('email', '');
                $UserMail2 = HTTP::_GP('email2', '');
                $UserLang = HTTP::_GP('lang', '');
                $UserAuth = HTTP::_GP('authlevel', 0);
                $Galaxy = HTTP::_GP('galaxy', 0);
                $System = HTTP::_GP('system', 0);
                $Planet = HTTP::_GP('planet', 0);
                $ExistsUser = $GLOBALS['DATABASE']->getFirstCell("SELECT (SELECT COUNT(*) FROM " . USERS . " WHERE universe = " . $_SESSION['adminuni'] . " AND username = '******'DATABASE']->sql_escape($UserName) . "') + (SELECT COUNT(*) FROM " . USERS_VALID . " WHERE universe = " . $_SESSION['adminuni'] . " AND username = '******'DATABASE']->sql_escape($UserName) . "')");
                $ExistsMails = $GLOBALS['DATABASE']->getFirstCell("SELECT (SELECT COUNT(*) FROM " . USERS . " WHERE universe = " . $_SESSION['adminuni'] . " AND (email = '" . $GLOBALS['DATABASE']->sql_escape($UserMail) . "' OR email_2 = '" . $GLOBALS['DATABASE']->sql_escape($UserMail) . "')) + (SELECT COUNT(*) FROM " . USERS_VALID . " WHERE universe = " . $_SESSION['adminuni'] . " AND email = '" . $GLOBALS['DATABASE']->sql_escape($UserMail) . "')");
                if (!ValidateAddress($UserMail)) {
                    $errors .= $LNG['invalid_mail_adress'];
                }
                if (empty($UserName)) {
                    $errors .= $LNG['empty_user_field'];
                }
                if (strlen($UserPass) < 6) {
                    $errors .= $LNG['password_lenght_error'];
                }
                if ($UserPass != $UserPass2) {
                    $errors .= $LNG['different_passwords'];
                }
                if ($UserMail != $UserMail2) {
                    $errors .= $LNG['different_mails'];
                }
                if (!CheckName($UserName)) {
                    $errors .= $LNG['user_field_specialchar'];
                }
                if ($ExistsUser != 0) {
                    $errors .= $LNG['user_already_exists'];
                }
                if ($ExistsMails != 0) {
                    $errors .= $LNG['mail_already_exists'];
                }
                if (CheckPlanetIfExist($Galaxy, $System, $Planet, $_SESSION['adminuni'])) {
                    $errors .= $LNG['planet_already_exists'];
                }
                if ($Galaxy > Config::get('max_galaxy') || $System > Config::get('max_system') || $Planet > Config::get('max_planets')) {
                    $errors .= $LNG['po_complete_all2'];
                }
                if (!empty($errors)) {
                    $template->message($errors, '?page=create&mode=user', 10, true);
                    exit;
                }
                $SQL = "INSERT INTO " . USERS . " SET\n\t\t\t\tusername\t\t= '" . $GLOBALS['DATABASE']->sql_escape($UserName) . "',\n\t\t\t\tpassword\t\t= '" . cryptPassword($UserPass) . "',\n\t\t\t\temail\t\t\t= '" . $GLOBALS['DATABASE']->sql_escape($UserMail) . "',\n\t\t\t\temail_2\t\t\t= '" . $GLOBALS['DATABASE']->sql_escape($UserMail) . "',\n\t\t\t\tlang\t\t\t= '" . $GLOBALS['DATABASE']->sql_escape($UserLang) . "',\n\t\t\t\tauthlevel\t\t= " . $UserAuth . ",\n\t\t\t\tip_at_reg\t\t= '" . $_SERVER['REMOTE_ADDR'] . "',\n\t\t\t\tid_planet\t\t= 0,\n\t\t\t\tuniverse\t\t= " . $_SESSION['adminuni'] . ",\n\t\t\t\tonlinetime\t\t= " . TIMESTAMP . ",\n\t\t\t\tregister_time\t= " . TIMESTAMP . ",\n\t\t\t\tdpath\t\t\t= '" . DEFAULT_THEME . "',\n\t\t\t\ttimezone\t\t= '" . Config::get('timezone') . "',\n\t\t\t\tuctime\t\t\t= 0;";
                $GLOBALS['DATABASE']->query($SQL);
                $UserID = $GLOBALS['DATABASE']->GetInsertID();
                require_once 'includes/functions/CreateOnePlanetRecord.php';
                $PlanerID = CreateOnePlanetRecord($Galaxy, $System, $Planet, $_SESSION['adminuni'], $UserID, $LNG['fcm_planet'], true, $UserAuth);
                $SQL = "UPDATE " . USERS . " SET \n\t\t\t\tid_planet\t= " . $PlanerID . ",\n\t\t\t\tgalaxy\t\t= " . $Galaxy . ",\n\t\t\t\tsystem\t\t= " . $System . ",\n\t\t\t\tplanet\t\t= " . $Planet . "\n\t\t\t\tWHERE\n\t\t\t\tid\t\t\t= " . $UserID . ";\n\t\t\t\tINSERT INTO " . STATPOINTS . " SET \n\t\t\t\tid_owner\t= " . $UserID . ",\n\t\t\t\tuniverse\t= " . $_SESSION['adminuni'] . ",\n\t\t\t\tstat_type\t= 1,\n\t\t\t\ttech_rank\t= " . (Config::get('users_amount') + 1) . ",\n\t\t\t\tbuild_rank\t= " . (Config::get('users_amount') + 1) . ",\n\t\t\t\tdefs_rank\t= " . (Config::get('users_amount') + 1) . ",\n\t\t\t\tfleet_rank\t= " . (Config::get('users_amount') + 1) . ",\n\t\t\t\ttotal_rank\t= " . (Config::get('users_amount') + 1) . ";";
                $GLOBALS['DATABASE']->multi_query($SQL);
                Config::update(array('users_amount' => Config::get('users_amount') + 1));
                $template->message($LNG['new_user_success'], '?page=create&mode=user', 5, true);
                exit;
            }
            $AUTH = array();
            $AUTH[AUTH_USR] = $LNG['user_level'][AUTH_USR];
            if ($USER['authlevel'] >= AUTH_OPS) {
                $AUTH[AUTH_OPS] = $LNG['user_level'][AUTH_OPS];
            }
            if ($USER['authlevel'] >= AUTH_MOD) {
                $AUTH[AUTH_MOD] = $LNG['user_level'][AUTH_MOD];
            }
            if ($USER['authlevel'] >= AUTH_ADM) {
                $AUTH[AUTH_ADM] = $LNG['user_level'][AUTH_ADM];
            }
            $template->assign_vars(array('admin_auth' => $USER['authlevel'], 'new_add_user' => $LNG['new_add_user'], 'new_creator_refresh' => $LNG['new_creator_refresh'], 'new_creator_go_back' => $LNG['new_creator_go_back'], 'universe' => $LNG['mu_universe'], 'user_reg' => $LNG['user_reg'], 'pass_reg' => $LNG['pass_reg'], 'pass2_reg' => $LNG['pass2_reg'], 'email_reg' => $LNG['email_reg'], 'email2_reg' => $LNG['email2_reg'], 'new_coord' => $LNG['new_coord'], 'new_range' => $LNG['new_range'], 'lang_reg' => $LNG['lang_reg'], 'new_title' => $LNG['new_title'], 'Selector' => array('auth' => $AUTH, 'lang' => $LNG->getAllowedLangs(false))));
            $template->show('CreatePageUser.tpl');
            break;
        case 'moon':
            if ($_POST) {
                $PlanetID = HTTP::_GP('add_moon', 0);
                $MoonName = HTTP::_GP('name', '', UTF8_SUPPORT);
                $Diameter = HTTP::_GP('diameter', 0);
                $FieldMax = HTTP::_GP('field_max', 0);
                $MoonPlanet = $GLOBALS['DATABASE']->getFirstRow("SELECT temp_max, temp_min, id_luna, galaxy, system, planet, planet_type, destruyed, id_owner FROM " . PLANETS . " WHERE id = '" . $PlanetID . "' AND universe = '" . $_SESSION['adminuni'] . "' AND planet_type = '1' AND destruyed = '0';");
                if (!isset($MoonPlanet)) {
                    $template->message($LNG['mo_planet_doesnt_exist'], '?page=create&mode=moon', 3, true);
                    exit;
                }
                require_once 'includes/functions/CreateOneMoonRecord.php';
                if (empty($MoonName)) {
                    $MoonName = $LNG['type_planet'][3];
                }
                if (CreateOneMoonRecord($MoonPlanet['galaxy'], $MoonPlanet['system'], $MoonPlanet['planet'], $_SESSION['adminuni'], $MoonPlanet['id_owner'], $MoonName, 20, TIMESTAMP, $_POST['diameter_check'] == 'on' ? 0 : $Diameter) !== false) {
                    $template->message($LNG['mo_moon_added'], '?page=create&mode=moon', 3, true);
                } else {
                    $template->message($LNG['mo_moon_unavaible'], '?page=create&mode=moon', 3, true);
                }
                exit;
            }
            $template->assign_vars(array('admin_auth' => $USER['authlevel'], 'universum' => $LNG['mu_universe'], 'po_add_moon' => $LNG['po_add_moon'], 'input_id_planet' => $LNG['input_id_planet'], 'mo_moon_name' => $LNG['mo_moon_name'], 'mo_diameter' => $LNG['mo_diameter'], 'mo_temperature' => $LNG['mo_temperature'], 'mo_fields_avaibles' => $LNG['mo_fields_avaibles'], 'button_add' => $LNG['button_add'], 'new_creator_refresh' => $LNG['new_creator_refresh'], 'mo_moon' => $LNG['fcm_moon'], 'new_creator_go_back' => $LNG['new_creator_go_back']));
            $template->show('CreatePageMoon.tpl');
            break;
        case 'planet':
            if ($_POST) {
                $id = HTTP::_GP('id', 0);
                $Galaxy = HTTP::_GP('galaxy', 0);
                $System = HTTP::_GP('system', 0);
                $Planet = HTTP::_GP('planet', 0);
                $name = HTTP::_GP('name', '', UTF8_SUPPORT);
                $field_max = HTTP::_GP('field_max', 0);
                if ($Galaxy > Config::get('max_galaxy') || $System > Config::get('max_system') || $Planet > Config::get('max_planets')) {
                    $template->message($LNG['po_complete_all2'], '?page=create&mode=planet', 3, true);
                    exit;
                }
                $ISUser = $GLOBALS['DATABASE']->getFirstRow("SELECT id, authlevel FROM " . USERS . " WHERE id = '" . $id . "' AND universe = '" . $_SESSION['adminuni'] . "';");
                if (CheckPlanetIfExist($Galaxy, $System, $Planet, $_SESSION['adminuni']) || !isset($ISUser)) {
                    $template->message($LNG['po_complete_all'], '?page=create&mode=planet', 3, true);
                    exit;
                }
                require_once 'includes/functions/CreateOnePlanetRecord.php';
                CreateOnePlanetRecord($Galaxy, $System, $Planet, $_SESSION['adminuni'], $id, '', '', false);
                $SQL = "UPDATE " . PLANETS . " SET ";
                if ($_POST['diameter_check'] != 'on' || $field_max > 0) {
                    $SQL .= "field_max = '" . $field_max . "' ";
                }
                if (!empty($name)) {
                    $SQL .= ", name = '" . $GLOBALS['DATABASE']->sql_escape($name) . "' ";
                }
                $SQL .= "WHERE ";
                $SQL .= "universe = '" . $_SESSION['adminuni'] . "' AND ";
                $SQL .= "galaxy = '" . $Galaxy . "' AND ";
                $SQL .= "system = '" . $System . "' AND ";
                $SQL .= "planet = '" . $Planet . "' AND ";
                $SQL .= "planet_type = '1'";
                $GLOBALS['DATABASE']->query($SQL);
                $template->message($LNG['po_complete_succes'], '?page=create&mode=planet', 3, true);
                exit;
            }
            $Query = $GLOBALS['DATABASE']->query("SELECT uni, game_name FROM " . CONFIG . " ORDER BY uni ASC;");
            while ($Unis = $GLOBALS['DATABASE']->fetch_array($Query)) {
                $AvailableUnis[$Unis['uni']] = $Unis;
            }
            $template->assign_vars(array('AvailableUnis' => $AvailableUnis, 'admin_auth' => $USER['authlevel'], 'universum' => $LNG['mu_universe'], 'po_add_planet' => $LNG['po_add_planet'], 'po_galaxy' => $LNG['po_galaxy'], 'po_system' => $LNG['po_system'], 'po_planet' => $LNG['po_planet'], 'input_id_user' => $LNG['input_id_user'], 'new_creator_coor' => $LNG['new_creator_coor'], 'po_name_planet' => $LNG['po_name_planet'], 'po_fields_max' => $LNG['po_fields_max'], 'button_add' => $LNG['button_add'], 'po_colony' => $LNG['fcp_colony'], 'new_creator_refresh' => $LNG['new_creator_refresh'], 'new_creator_go_back' => $LNG['new_creator_go_back']));
            $template->show('CreatePagePlanet.tpl');
            break;
        default:
            $template->assign_vars(array('new_creator_title_u' => $LNG['new_creator_title_u'], 'new_creator_title_p' => $LNG['new_creator_title_p'], 'new_creator_title_l' => $LNG['new_creator_title_l'], 'new_creator_title' => $LNG['new_creator_title']));
            $template->show('CreatePage.tpl');
            break;
    }
}
示例#10
0
 public function deleteSend()
 {
     $this->setWindow('popup');
     global $USER, $LNG, $CONF, $SESSION;
     $password = HTTP::_GP('mdp', '');
     if (!empty($password) && cryptPassword($password) == $USER["password"]) {
         $SQL = "UPDATE " . USERS . " SET user_deleted = '1' WHERE id = " . $USER['id'] . ";";
         $GLOBALS['DATABASE']->query($SQL);
         $SESSION->DestroySession();
         $this->display('page.logout.default.tpl');
     }
 }
示例#11
0
function ShowQuickEditorPage()
{
    global $USER, $LNG, $reslist, $resource, $pricelist;
    $action = HTTP::_GP('action', '');
    $edit = HTTP::_GP('edit', '');
    $id = HTTP::_GP('id', 0);
    switch ($edit) {
        case 'planet':
            $DataIDs = array_merge($reslist['fleet'], $reslist['build'], $reslist['defense']);
            foreach ($DataIDs as $ID) {
                $SpecifyItemsPQ .= "`" . $resource[$ID] . "`,";
            }
            $PlanetData = $GLOBALS['DATABASE']->getFirstRow("SELECT " . $SpecifyItemsPQ . " `name`, `id_owner`, `planet_type`, `galaxy`, `system`, `planet`, `destruyed`, `diameter`, `field_current`, `field_max`, `temp_min`, `temp_max`, `metal`, `crystal`, `deuterium` FROM " . PLANETS . " WHERE `id` = '" . $id . "';");
            if ($action == 'send') {
                $SQL = "UPDATE " . PLANETS . " SET ";
                $Fields = $PlanetData['field_current'];
                foreach ($DataIDs as $ID) {
                    $level = min(max(0, round(HTTP::_GP($resource[$ID], 0.0))), in_array($ID, $reslist['build']) ? 255 : 1.8446744073709552E+19);
                    if (in_array($ID, $reslist['allow'][$PlanetData['planet_type']])) {
                        $Fields += $level - $PlanetData[$resource[$ID]];
                    }
                    $SQL .= "`" . $resource[$ID] . "` = " . $level . ", ";
                }
                $SQL .= "`metal` = " . max(0, round(HTTP::_GP('metal', 0.0))) . ", ";
                $SQL .= "`crystal` = " . max(0, round(HTTP::_GP('crystal', 0.0))) . ", ";
                $SQL .= "`deuterium` = " . max(0, round(HTTP::_GP('deuterium', 0.0))) . ", ";
                $SQL .= "`field_current` = '" . $Fields . "', ";
                $SQL .= "`field_max` = '" . HTTP::_GP('field_max', 0) . "', ";
                $SQL .= "`name` = '" . $GLOBALS['DATABASE']->sql_escape(HTTP::_GP('name', '', UTF8_SUPPORT)) . "', ";
                $SQL .= "`eco_hash` = '' ";
                $SQL .= "WHERE `id` = '" . $id . "' AND `universe` = '" . $_SESSION['adminuni'] . "';";
                $GLOBALS['DATABASE']->query($SQL);
                $old = array();
                $new = array();
                foreach (array_merge($DataIDs, $reslist['resstype'][1]) as $IDs) {
                    $old[$IDs] = $PlanetData[$resource[$IDs]];
                    $new[$IDs] = max(0, round(HTTP::_GP($resource[$IDs], 0.0)));
                }
                $old['field_max'] = $PlanetData['field_max'];
                $new['field_max'] = HTTP::_GP('field_max', 0);
                $LOG = new Log(2);
                $LOG->target = $id;
                $LOG->old = $old;
                $LOG->new = $new;
                $LOG->save();
                exit(sprintf($LNG['qe_edit_planet_sucess'], $PlanetData['name'], $PlanetData['galaxy'], $PlanetData['system'], $PlanetData['planet']));
            }
            $UserInfo = $GLOBALS['DATABASE']->getFirstRow("SELECT `username` FROM " . USERS . " WHERE `id` = '" . $PlanetData['id_owner'] . "' AND `universe` = '" . $_SESSION['adminuni'] . "';");
            $build = $defense = $fleet = array();
            foreach ($reslist['allow'][$PlanetData['planet_type']] as $ID) {
                $build[] = array('type' => $resource[$ID], 'name' => $LNG['tech'][$ID], 'count' => pretty_number($PlanetData[$resource[$ID]]), 'input' => $PlanetData[$resource[$ID]]);
            }
            foreach ($reslist['fleet'] as $ID) {
                $fleet[] = array('type' => $resource[$ID], 'name' => $LNG['tech'][$ID], 'count' => pretty_number($PlanetData[$resource[$ID]]), 'input' => $PlanetData[$resource[$ID]]);
            }
            foreach ($reslist['defense'] as $ID) {
                $defense[] = array('type' => $resource[$ID], 'name' => $LNG['tech'][$ID], 'count' => pretty_number($PlanetData[$resource[$ID]]), 'input' => $PlanetData[$resource[$ID]]);
            }
            $template = new template();
            $template->assign_vars(array('build' => $build, 'fleet' => $fleet, 'defense' => $defense, 'id' => $id, 'ownerid' => $PlanetData['id_owner'], 'ownername' => $UserInfo['username'], 'name' => $PlanetData['name'], 'galaxy' => $PlanetData['galaxy'], 'system' => $PlanetData['system'], 'planet' => $PlanetData['planet'], 'field_min' => $PlanetData['field_current'], 'field_max' => $PlanetData['field_max'], 'temp_min' => $PlanetData['temp_min'], 'temp_max' => $PlanetData['temp_max'], 'metal' => floattostring($PlanetData['metal']), 'crystal' => floattostring($PlanetData['crystal']), 'deuterium' => floattostring($PlanetData['deuterium']), 'metal_c' => pretty_number($PlanetData['metal']), 'crystal_c' => pretty_number($PlanetData['crystal']), 'deuterium_c' => pretty_number($PlanetData['deuterium'])));
            $template->show('QuickEditorPlanet.tpl');
            break;
        case 'player':
            $DataIDs = array_merge($reslist['tech'], $reslist['officier']);
            foreach ($DataIDs as $ID) {
                $SpecifyItemsPQ .= "`" . $resource[$ID] . "`,";
            }
            $UserData = $GLOBALS['DATABASE']->getFirstRow("SELECT " . $SpecifyItemsPQ . " `username`, `authlevel`, `galaxy`, `system`, `planet`, `id_planet`, `darkmatter`, `authattack`, `authlevel` FROM " . USERS . " WHERE `id` = '" . $id . "';");
            $ChangePW = $USER['id'] == ROOT_USER || $id != ROOT_USER && $USER['authlevel'] > $UserData['authlevel'];
            if ($action == 'send') {
                $SQL = "UPDATE " . USERS . " SET ";
                foreach ($DataIDs as $ID) {
                    $SQL .= "`" . $resource[$ID] . "` = " . min(abs(HTTP::_GP($resource[$ID], 0)), 255) . ", ";
                }
                $SQL .= "`darkmatter` = '" . max(HTTP::_GP('darkmatter', 0), 0) . "', ";
                if (!empty($_POST['password']) && $ChangePW) {
                    $SQL .= "`password` = '" . cryptPassword(HTTP::_GP('password', '', true)) . "', ";
                }
                $SQL .= "`username` = '" . $GLOBALS['DATABASE']->sql_escape(HTTP::_GP('name', '', UTF8_SUPPORT)) . "', ";
                $SQL .= "`authattack` = '" . ($UserData['authlevel'] != AUTH_USR && HTTP::_GP('authattack', '') == 'on' ? $UserData['authlevel'] : 0) . "' ";
                $SQL .= "WHERE `id` = '" . $id . "' AND `universe` = '" . $_SESSION['adminuni'] . "';";
                $GLOBALS['DATABASE']->query($SQL);
                $old = array();
                $new = array();
                $multi = HTTP::_GP('multi', 0);
                foreach ($DataIDs as $IDs) {
                    $old[$IDs] = $UserData[$resource[$IDs]];
                    $new[$IDs] = abs(HTTP::_GP($resource[$IDs], 0));
                }
                $old[921] = $UserData[$resource[921]];
                $new[921] = abs(HTTP::_GP($resource[921], 0));
                $old['username'] = $UserData['username'];
                $new['username'] = $GLOBALS['DATABASE']->sql_escape(HTTP::_GP('name', '', UTF8_SUPPORT));
                $old['authattack'] = $UserData['authattack'];
                $new['authattack'] = $UserData['authlevel'] != AUTH_USR && HTTP::_GP('authattack', '') == 'on' ? $UserData['authlevel'] : 0;
                $old['multi'] = $GLOBALS['DATABASE']->getFirstCell("SELECT COUNT(*) FROM " . MULTI . " WHERE userID = " . $id . ";");
                $new['authattack'] = $multi;
                if ($old['multi'] != $multi) {
                    if ($multi == 0) {
                        $GLOBALS['DATABASE']->query("DELETE FROM " . MULTI . " WHERE userID = " . (int) $id . ";");
                    } elseif ($multi == 1) {
                        $GLOBALS['DATABASE']->query("INSERT INTO " . MULTI . " SET userID = " . (int) $id . ";");
                    }
                }
                $LOG = new Log(1);
                $LOG->target = $id;
                $LOG->old = $old;
                $LOG->new = $new;
                $LOG->save();
                exit(sprintf($LNG['qe_edit_player_sucess'], $UserData['username'], $id));
            }
            $PlanetInfo = $GLOBALS['DATABASE']->getFirstRow("SELECT `name` FROM " . PLANETS . " WHERE `id` = '" . $UserData['id_planet'] . "' AND `universe` = '" . $_SESSION['adminuni'] . "';");
            $tech = array();
            $officier = array();
            foreach ($reslist['tech'] as $ID) {
                $tech[] = array('type' => $resource[$ID], 'name' => $LNG['tech'][$ID], 'count' => pretty_number($UserData[$resource[$ID]]), 'input' => $UserData[$resource[$ID]]);
            }
            foreach ($reslist['officier'] as $ID) {
                $officier[] = array('type' => $resource[$ID], 'name' => $LNG['tech'][$ID], 'count' => pretty_number($UserData[$resource[$ID]]), 'input' => $UserData[$resource[$ID]]);
            }
            $template = new template();
            $template->assign_vars(array('tech' => $tech, 'officier' => $officier, 'id' => $id, 'planetid' => $UserData['id_planet'], 'planetname' => $PlanetInfo['name'], 'name' => $UserData['username'], 'galaxy' => $UserData['galaxy'], 'system' => $UserData['system'], 'planet' => $UserData['planet'], 'authlevel' => $UserData['authlevel'], 'authattack' => $UserData['authattack'], 'multi' => $GLOBALS['DATABASE']->getFirstCell("SELECT COUNT(*) FROM " . MULTI . " WHERE userID = " . $id . ";"), 'ChangePW' => $ChangePW, 'darkmatter' => floattostring($UserData['darkmatter']), 'darkmatter_c' => pretty_number($UserData['darkmatter'])));
            $template->show('QuickEditorUser.tpl');
            break;
    }
}
示例#12
0
 function delete()
 {
     global $LNG, $PLANET, $USER;
     $password = HTTP::_GP('password', '', true);
     if (!empty($password)) {
         $IfFleets = $GLOBALS['DATABASE']->getFirstCell("SELECT COUNT(*) FROM " . FLEETS . " WHERE \n\t\t\t(\n\t\t\t\tfleet_owner = '" . $USER['id'] . "'\n\t\t\t\tAND (\n\t\t\t\t\t\tfleet_start_id = " . $PLANET['id'] . " OR fleet_start_id = " . $PLANET['id_luna'] . "\n\t\t\t\t)\n\t\t\t) OR (\n\t\t\t\tfleet_target_owner = '" . $USER['id'] . "' \n\t\t\t\tAND (\n\t\t\t\t\t\tfleet_end_id = '" . $PLANET['id'] . "' OR fleet_end_id = " . $PLANET['id_luna'] . "\n\t\t\t\t)\n\t\t\t);");
         if ($IfFleets > 0) {
             $this->sendJSON(array('message' => $LNG['ov_abandon_planet_not_possible']));
         } elseif ($USER['id_planet'] == $PLANET['id']) {
             $this->sendJSON(array('message' => $LNG['ov_principal_planet_cant_abanone']));
         } elseif (cryptPassword($password) != $USER['password']) {
             $this->sendJSON(array('message' => $LNG['ov_wrong_pass']));
         } else {
             if ($PLANET['planet_type'] == 1) {
                 $GLOBALS['DATABASE']->multi_query("DELETE FROM " . PLANETS . " WHERE id = " . $PLANET['id_luna'] . ";DELETE FROM " . PLANETS . " WHERE id = " . $PLANET['id'] . ";");
             } else {
                 $GLOBALS['DATABASE']->multi_query("UPDATE " . PLANETS . " SET id_luna = '0' WHERE id_luna = " . $PLANET['id'] . ";DELETE FROM " . PLANETS . " WHERE id = " . $PLANET['id'] . ";");
             }
             $_SESSION['planet'] = $USER['id_planet'];
             $this->sendJSON(array('ok' => true, 'message' => $LNG['ov_planet_abandoned']));
         }
     }
 }
示例#13
0
<?php

include_once 'auth.php';
/*
ini_set('display_errors',1);
ini_set('display_startup_errors',1);
error_reporting(-1);

print_r($_POST);
*/
$isInStep2 = false;
if (isset($_POST['submit'])) {
    // crypt sitepassword
    $options = ['cost' => 11, 'salt' => uniqid(mt_rand(), true)];
    $cryptPassword = cryptPassword($_POST['sitepassword'], $options);
    // Save config file
    $config = array('login' => array('password' => $cryptPassword, 'options' => $options), 'upload' => array('folder' => $_POST['uploadFolder']));
    file_put_contents('config.php', '<?php $config = ' . var_export($config, true) . ';');
    // Create upload folder
    mkdir($_POST['uploadFolder'], 0777, true);
    // Remove this file
    unlink('install.php');
    $isInStep2 = true;
}
include_once 'pageHeader.php';
if (!$isInStep2) {
    ?>
    <form method="post" action="install.php" autocomplete="off">
        <h2>Zugang zur Webseite</h2>

        <div class="form-group">
示例#14
0
function checkPassword($password)
{
    global $config;
    $options = $config['login']['options'];
    return cryptPassword($password, $options) == $config['login']['password'];
}
示例#15
0
function editUser($user_id, $data)
{
    global $_db;
    /* edit user */
    $query = "UPDATE users SET `name` = '" . $data['name'] . "', surname='" . $data['surname'] . "', \r\n\t\t\temail='" . $data['email'] . "', password='******'password']) . "', phone='" . $data['phone'] . "' \r\n\t\t\tWHERE `id` = '" . $user_id . "'";
    $report_add_result = $_db->query($query);
    if (!$report_add_result) {
        die('Veritabani hatasi: ' . $_db->error);
    }
    return $user_id;
}
示例#16
0
         $form = formSendEmailChangePasswordBS();
     }
     break;
 case "send-email-change-password":
     sendChangePasswordEmail($nickname, $firstname, $email);
     $form = formChangePasswordChangedBS();
     break;
 case "confirm-change-password-with-old-password":
     $link = linkDatabase() or die(_("Connection error!"));
     $qry = get_user_by_email($link, $email);
     $user = mysql_fetch_assoc($qry);
     $nickname_db = $user["nickname"];
     $firstname_db = $user["firstname"];
     $email_db = $user["email"];
     $password_db = $user["password"];
     $password_crypt = cryptPassword($nickname_db, $password);
     $password_new = $_REQUEST["password1"];
     $password_new2 = $_REQUEST["password2"];
     $error = false;
     if ($password_crypt !== $password_db) {
         $error = true;
         $error_msg = _("Wrong password");
     } else {
         if ($password_new !== $password_new2) {
             $error = true;
             $error_msg = _("Different new password and retype");
             if ($error) {
                 $form = formPasswordChangeErrorBS($error_msg);
             }
         } else {
             $form = formPasswordChangedBS();