public function Enter()
{
global $Template, $Database, $BaseURL;
$Arguments = func_get_args();
if (count($Arguments) > 1) {
MessageHandler::HandleUserError("Argument not specified.");
return;
}
$WorldID = intval($Arguments[0]);
$WorldQuery = "SELECT * FROM worlds WHERE WorldID = '{$WorldID}'";
$WorldQuery = $Database->Query($WorldQuery);
if (mysql_num_rows($WorldQuery) < 1) {
MessageHandler::HandleUserError("The world you requested to enter does not exist!");
return;
}
if ($World = mysql_fetch_array($WorldQuery)) {
if ($World['MinLevel'] > $_SESSION['CharacterInfo']['Level']) {
MessageHandler::HandleUserError("Your level is not suitable for this world. Dangerous monsters lie there.");
return;
}
$_SESSION['CurrentWorld'] = $World['WorldID'];
header("Location: {$BaseURL}/index.php/Worlds/View/{$World['WorldID']}");
return;
}
}
public function _do()
{
global $Database, $Template;
$Template->set_filenames(array('register' => 'templates/register.html', 'register_successfull' => 'templates/regsuccess.html'));
$Username = mysql_real_escape_string($_POST['username']);
$Password = md5($_POST['password']);
$Mail = mysql_real_escape_string($_POST['email']);
$IP = $_SERVER['REMOTE_ADDR'];
if (mysql_num_rows($Database->Query("SELECT username FROM users WHERE username='******'")) > 0) {
MessageHandler::HandleUserError("Sorry, but it appears that your username is already in use! " . $Database->LastQueryString);
$Template->assign_block_vars('predef', array('username' => $Username, 'password' => $_POST['password'], 'email' => $Mail));
$this->Handle = "register";
return;
}
if ($Mail != filter_var($Mail, FILTER_VALIDATE_EMAIL)) {
MessageHandler::HandleUserError("I couldn't recognize your email. Perhaps you made a typo?");
$this->Handle = "register";
return;
}
$Database->Query("INSERT INTO users(username,password,email,ip,registered,rank) VALUES('{$Username}','{$Password}','{$Mail}','{$IP}',CURRENT_TIMESTAMP,1)");
$Template->assign_var("username", $Username);
$this->Handle = 'register_successfull';
}
public function _do()
{
global $Database, $Template;
if (empty($_POST['username']) || empty($_POST['password'])) {
MessageHandler::HandleUserError("Hmmm, mind checking if you filled all fields?");
$this->Handle = 'login';
return;
}
$Username = mysql_real_escape_string($_POST['username']);
$Password = mysql_real_escape_string($_POST['password']);
$Query = $Database->Query("SELECT * FROM users WHERE username = '******'");
if (mysql_num_rows($Query) > 0 && ($Row = mysql_fetch_array($Query))) {
if ($Row['username'] == $Username && md5($Password) == $Row['password']) {
$_SESSION['USERINFO'] = $Row;
header("Location: " . BaseURL . "index.php");
return;
} else {
MessageHandler::HandleUserError("Sorry, but it appears that the password is incorrect");
}
} else {
MessageHandler::HandleUserError("I was unable to find a user named like that. Mind checking it?");
}
$this->Handle = 'login';
}
public function Enter()
{
global $Database, $Template, $Character;
LoggedInOnlyFeature();
if (func_num_args() < 1) {
trigger_error("Invalid URL");
return;
}
$CharacterID = intval(func_get_arg(0));
if ($CharacterID == 0) {
trigger_error("Invalid URL");
$this->Render();
return;
}
$CharacterQuery = $Database->Query("SELECT * FROM characters WHERE CharacterID='{$CharacterID}'");
if (mysql_num_rows($CharacterQuery) < 1) {
MessageHandler::HandleUserError('Character does not exist');
$this->Render();
return;
}
if ($Row = mysql_fetch_array($CharacterQuery)) {
$_SESSION['CharacterInfo'] = $Row;
header("Location: " . BaseURL);
} else {
trigger_error("WTF");
}
}
