break; case 'Moi': $where .= ' AND `UTILISATEUR`=\'' . mb_strtolower($_SESSION['_login'], 'utf8') . '\' '; break; case 'Status': case 'Type': if ($value == -1) { break; } $where .= 'AND ' . sprintf($fieldtable[$key], $value); break; default: if (isset($fieldtable[$key])) { switch ($key) { case 'Troop': $value = DataEngine::strip_number($value); if ($value == 0) { break; } default: $where .= 'AND ' . sprintf($fieldtable[$key], $value); } } } } } // SEARCH //--- Listing ----------------------------------------------------------------- //------------------------------------------------------------------------------ //--- partie html -------------------------------------------------------------- include_once TEMPLATE_PATH . 'cartographie.tpl.php';
foreach ($_POST as $k => $v) { $_POST[$k] = gpc_esc($v); } $_POST['Commerce'] = intval($_POST['Commerce']); $_POST['Recherche'] = intval($_POST['Recherche']); $_POST['Combat'] = intval($_POST['Combat']); $_POST['Construction'] = intval($_POST['Construction']); $_POST['Economie'] = intval($_POST['Economie']); $_POST['Navigation'] = intval($_POST['Navigation']); $_POST['Points'] = DataEngine::strip_number($_POST['Points']); $_POST['pts_architecte'] = DataEngine::strip_number($_POST['pts_architecte']); $_POST['pts_mineur'] = DataEngine::strip_number($_POST['pts_mineur']); $_POST['pts_science'] = DataEngine::strip_number($_POST['pts_science']); $_POST['pts_commercant'] = DataEngine::strip_number($_POST['pts_commercant']); $_POST['pts_amiral'] = DataEngine::strip_number($_POST['pts_amiral']); $_POST['pts_guerrier'] = DataEngine::strip_number($_POST['pts_guerrier']); foreach ($_POST as $k => $v) { $_POST[$k] = sqlesc($v); } $query = <<<q UPDATE `SQL_PREFIX_Membres` SET `POINTS`=%d, `ship`='%s', `Economie`=%d, `Commerce`=%d, `Recherche`=%d, `Combat`=%d, `Construction`='%s', `Navigation`=%d, `pts_architecte`=%d, `pts_mineur`=%d, `pts_science`=%d, `pts_commercant`=%d, `pts_amiral`=%d, `pts_guerrier`=%d WHERE `Joueur`='%s' q; DataEngine::sql(sprintf($query, $_POST['Points'], $_POST['ship'], $_POST['Economie'], $_POST['Commerce'], $_POST['Recherche'], $_POST['Combat'], $_POST['Construction'], $_POST['Navigation'], $_POST['pts_architecte'], $_POST['pts_mineur'], $_POST['pts_science'], $_POST['pts_commercant'], $_POST['pts_amiral'], $_POST['pts_guerrier'], $_SESSION['_login'])); } if (isset($_POST['pwd']) && !($_SESSION['_login'] == 'test' && DE_DEMO)) { $query = 'UPDATE `SQL_PREFIX_Users` SET `Password`=md5(\'' . sqlesc($_POST['pwd'], false) . '\') WHERE `Login`=\'' . $_SESSION['_login'] . '\'';
function AddPillage_log($mode, $idate, $msg) { // check si existant $sql = sprintf('SELECT `pid` FROM SQL_PREFIX_troops_pillage WHERE Player=\'%s\' AND date=%d', sqlesc($_SESSION['_login']), $idate); $result = DataEngine::sql($sql); if (mysql_numrows($result) > 0) { return $this->lng['log_allreadyexists']; } // Type du log/bataille // Puis recherche de la bataille (coords+participation) if ($mode == 'defender') { preg_match($this->lng['defender_regex'], $msg, $info); $ident = $this->lng['defender_ident']; if (!($planets = ownuniverse::getinstance()->get_coordswithname())) { return $this->lng['battle_error_ownuniverse']; } foreach ($planets as $v) { if ($v['Name'] == $info[$this->lng[$mode . '_regex_planetid']]) { cartographie::getinstance()->FormatId($v['Coord'], $idsys, $iddet, 'troops::AddPillage_log(def,1)'); break; } } $sql = sprintf('SELECT `ID` FROM `SQL_PREFIX_troops_attack` WHERE `type`=\'%s\' AND ' . '`coords_ss`=\'%s\' AND `coords_3p`=\'%s\' AND `when`<=%d AND `when`>=%d' . ' AND `players_defender` LIKE \'%%"%s"%%\' AND `players_attack` LIKE \'%%"%s"%%\'' . 'ORDER BY `when` DESC LIMIT 1', sqlesc($mode), $idsys, $iddet, $idate, $idate - 604800, sqlesc($_SESSION['_login']), sqlesc($info[$this->lng[$mode . '_regex_userid']])); $result = DataEngine::sql($sql); if (mysql_numrows($result) < 1) { return $this->lng['log_battlenofound']; } $line = mysql_fetch_assoc($result); $mid = $line['ID']; } else { preg_match($this->lng['attacker_regex'], $msg, $info); $ident = $this->lng['attacker_ident']; $sql = <<<sql SELECT `POSIN`, `COORDET` FROM `SQL_PREFIX_Coordonnee` LEFT JOIN `SQL_PREFIX_Coordonnee_Joueurs` on `ID`=`jID` WHERE `TYPE` in (0,3,5) AND `USER`='%s' AND `INFOS`='%s' sql; $sql = sprintf($sql, $info[$this->lng[$mode . '_regex_userid']], $info[$this->lng[$mode . '_regex_planetid']]); $result = DataEngine::sql($sql); if (mysql_numrows($result) < 1) { return $this->lng['log_coordsnotfound']; } if (mysql_numrows($result) > 1) { return $this->lng['log_multiplecoords']; } $line = mysql_fetch_assoc($result); $idsys = $line['POSIN']; $iddet = $line['COORDET']; $sql = sprintf('SELECT `ID` FROM `SQL_PREFIX_troops_attack` WHERE `type`=\'%s\' AND ' . '`coords_ss`=\'%s\' AND `coords_3p`=\'%s\' AND `when`<%d AND `when`>%d AND ' . '`players_attack` LIKE \'%%"%s"%%\' AND `players_defender` LIKE \'%%"%s"%%\'', sqlesc($mode), $idsys, $iddet, $idate, $idate - 604800, sqlesc($_SESSION['_login']), sqlesc($info[$this->lng[$mode . '_regex_userid']])); $result = DataEngine::sql($sql); if (mysql_numrows($result) < 1) { return $this->lng['log_battlenofound']; } if (mysql_numrows($result) > 1) { return 'Error battle result > 1 (omfg)'; } $line = mysql_fetch_assoc($result); $mid = $line['ID']; } // Info à ajouter $amsg = explode("\n", trim(p_substr($msg, p_stripos($msg, $ident, 0) + p_strlen($ident), -1))); $ares = DataEngine::a_ressources(); $fields = array(); $sets = array(); $fields[] = 'date'; $sets[] = $idate; $fields[] = 'mid'; $sets[] = $mid; $fields[] = 'Player'; $sets[] = '\'' . sqlesc($_SESSION['_login']) . '\''; foreach ($ares as $k => $v) { foreach ($amsg as $line) { list($key, $value) = explode(':', $line); if ($v['Nom'] == trim($key)) { $fields[] = 'ress' . $k; $sets[] = DataEngine::strip_number($value); break; } } } $fields = implode(',', $fields); $sets = implode(',', $sets); $sql = 'INSERT INTO `SQL_PREFIX_troops_pillage` (' . $fields . ') VALUES (' . $sets . ')'; $result = DataEngine::sql($sql); return $this->lng['log_added']; }
DataEngine::conf_update('MapColors', $_POST['cls']); } // -- Modification 'couleurs' -------------------------------------------------- // ----------------------------------------------------------------------------- // -- Modification 'Permissions' ----------------------------------------------- if (isset($_POST['cxx'])) { DataEngine::conf_update('perms', $_POST['cxx']); } // -- Modification 'Permissions' ----------------------------------------------- // ----------------------------------------------------------------------------- // -- Changement dans la configuration ----------------------------------------- if (isset($_POST['configuration']) && $_POST['configuration']) { $data = array_map('gpc_esc', $_POST['data']); $data['DefaultGrade'] = DataEngine::strip_number($data['DefaultGrade']); $data['Parcours_Max_Time'] = DataEngine::strip_number($data['Parcours_Max_Time']); $data['Parcours_Nearest'] = DataEngine::strip_number($data['Parcours_Nearest']); DataEngine::conf_update('config', $data); output::Messager($lng['config_done']); } // -- Changement dans la configuration ----------------------------------------- // ----------------------------------------------------------------------------- // exécution du spooleur sql... DataEngine::sql_do_spool(); ///----------------------------------------------------------------------------- include_once TEMPLATE_PATH . 'eadmin.tpl.php'; $tpl = tpl_eadmin::getinstance(); $tpl->page_title = $lng['page_title']; $version[0] = @mysql_get_server_info(); $version[1] = PHP_VERSION; $version[2] = @gd_info(); $version[2] = $version[2]['GD Version'];
/** * @param string Données brute... * @param array Quelles donnée récupérer ?... (option) * @return array Données dans un tableau **/ public function parse_ownuniverse($data, $return = array(1, 2, 3, 4, 5, 6)) { if ($this->readonly) { return false; } if (DataEngine::$browser->getBrowser() != Browser::BROWSER_IE) { define('DATA_SEP', "\t\t"); } else { define('DATA_SEP', ' '); } // Planètes présente... $tmp = $this->parser->GetInner($data, $this->lng['block_planet_0'], $this->lng['block_planet_1']); $tmp = $this->parser->cleaning_array(explode(DATA_SEP, $tmp)); $nbplanets = count($tmp); $cleandata = array_fill(0, $nbplanets, array()); foreach ($tmp as $k => $v) { $cleandata[$k]['Name'] = $v; } // leurs coordonnées... $tmp = $this->parser->GetInner($data, $this->lng['block_coords_0'], $this->lng['block_coords_1']); $tmp = $this->parser->cleaning_array(explode(DATA_SEP, $tmp)); foreach ($tmp as $k => $v) { $cleandata[$k]['Coord'] = $v; } // Batiments... $tmp = $this->parser->GetInner($data, $this->lng['block_batiments_0'], $this->lng['block_batiments_1']); $tmp = explode("\n", $tmp); $i = 0; foreach ($this->BatimentsName as $k => $v) { $tmp[$i] = trim(preg_replace('/([^\\d\\.\\s\\t])/', '', $tmp[$i])); $tmp[$i] = $this->parser->cleaning_array(explode(DATA_SEP, $tmp[$i])); foreach ($tmp[$i] as $p => $n) { if ($p == $nbplanets) { break; } $cleandata[$p][$k] = $n; } $i++; } // ressources sur planètes $tmp = $this->parser->GetInner($data, $this->lng['block_ress_0'], $this->lng['block_ress_1']); $tmp = explode("\n", $tmp); $i = 0; foreach ($this->ressourcesnames as $k => $v) { $tmp[$i] = trim(preg_replace('/([^\\d\\.\\s\\t])/', '', $tmp[$i])); $tmp[$i] = $this->parser->cleaning_array(explode(DATA_SEP, $tmp[$i])); foreach ($tmp[$i] as $p => $n) { if ($p == $nbplanets) { break; } if (is_numeric($k)) { $cleandata[$p]['current_' . $v] = DataEngine::strip_number($n); } else { $cleandata[$p]['current_' . $k] = DataEngine::strip_number($n); } } $i++; } // Production par heure $tmp = $this->parser->GetInner($data, $this->lng['block_prod_0'], $this->lng['block_prod_1']); $tmp = explode("\n", $tmp); $i = 0; foreach ($this->ressourcesnames as $k => $v) { $tmp[$i] = trim(preg_replace('/([^\\d\\.\\s\\t])/', '', $tmp[$i])); $tmp[$i] = $this->parser->cleaning_array(explode(DATA_SEP, $tmp[$i])); foreach ($tmp[$i] as $p => $n) { if ($p == $nbplanets) { break; } if (is_numeric($k)) { $cleandata[$p]['' . $v] = DataEngine::strip_number($n); } else { $cleandata[$p]['' . $k] = DataEngine::strip_number($n); } } $i++; } // Ressources dans le bunker $tmp = $this->parser->GetInner($data, $this->lng['block_bunker_0'], $this->lng['block_bunker_1']); $tmp = explode("\n", $tmp); $i = 0; foreach ($this->ressourcesnames as $k => $v) { $tmp[$i] = trim(preg_replace('/([^\\d\\.\\s\\t])/', '', $tmp[$i])); $tmp[$i] = $this->parser->cleaning_array(explode(DATA_SEP, $tmp[$i])); foreach ($tmp[$i] as $p => $n) { if ($p == $nbplanets) { break; } if (is_numeric($k)) { $cleandata[$p]['bunker_' . $v] = DataEngine::strip_number($n); } else { $cleandata[$p]['bunker_' . $k] = DataEngine::strip_number($n); } } $i++; } // Ventes par jours $tmp = $this->parser->GetInner($data, $this->lng['block_sell_0'], $this->lng['block_sell_1']); $tmp = explode("\n", $tmp); $i = 0; foreach ($this->ressourcesnames as $k => $v) { $tmp[$i] = trim(preg_replace('/([^\\d\\.\\s\\t])/', '', $tmp[$i])); $tmp[$i] = $this->parser->cleaning_array(explode(DATA_SEP, $tmp[$i])); foreach ($tmp[$i] as $p => $n) { if ($p == $nbplanets) { break; } if (is_numeric($k)) { $cleandata[$p]['sell_' . $v] = DataEngine::strip_number($n); } else { $cleandata[$p]['sell_' . $k] = DataEngine::strip_number($n); } } $i++; } $this->universe_data = $cleandata; return $this->get_universe(false); }
if (!Members::CheckPerms('CARTOGRAPHIE_PNJ')) { $carto->AddErreur($lng['err_noaxx']); break; } $_POST['fleetname'] = gpc_esc($_POST['fleetname']); $ok = $carto->add_PNJ($_POST['coords'], gpc_esc($_POST['owner']), $_POST['fleetname']) ? $lng['npc_msg1'] : $lng['npc_msg2']; $xml['log'] = sprintf($ok, $_POST['fleetname']); break; case 'player': // -------------------------------------------------------- if (!Members::CheckPerms('CARTOGRAPHIE_PLAYERS')) { $carto->AddErreur($lng['err_noaxx']); break; } $water = $_POST['WATER'] != '' && is_numeric($_POST['WATER']) ? DataEngine::strip_number($_POST['WATER']) : ''; $batiments = $_POST['BUILDINGS'] != "" && is_numeric($_POST['BUILDINGS']) ? DataEngine::strip_number($_POST['BUILDINGS']) : ''; if (!$carto->FormatId(trim($_POST['COORIN']), $uni, $sys, '')) { $xml['log'] = sprintf($lng['player_err_coords'], $_POST['COORIN']); $carto->AddWarn($xml['log']); } else { $carto->Edit_Entry($_POST['COORIN'], array('water' => $water, 'batiments' => $batiments), $lng['player_edit_msg']); $xml['log'] = sprintf($lng['player_edit_log'], $sys); } break; case 'empire': // -------------------------------------------------------- if (!Members::CheckPerms('EMPIRE_GREASE')) { $carto->AddErreur('Permissions manquante'); break; } $empire_name = gpc_esc(html_entity_decode($_POST['empire']));