示例#1
0
文件: admin.php 项目: thekabal/tki
            if ($langvars[$option_title] !== null) {
                // The language translated title for option
                $filename[$i]['option_title'] = $langvars[$option_title];
            } else {
                // The placeholder text for a not translated module
                $filename[$i]['option_title'] = $langvars['l_admin_new_module'] . $filename[$i]['file'];
            }
            if ($menu !== null) {
                if ($menu == $filename[$i]['file']) {
                    $button_main = true;
                    $module_name = mb_substr($filename[$i]['file'], 0, -4);
                    include_once './admin/' . $filename[$i]['file'];
                }
            }
        }
    }
}
$variables['body_class'] = 'admin';
$variables['lang'] = $lang;
$variables['swordfish'] = $swordfish;
$variables['linkback'] = array('fulltext' => $langvars['l_global_mmenu'], 'link' => 'main.php');
$variables['menu'] = $menu;
$variables['filename'] = $filename;
$variables['menu_location'] = $menu_location;
$variables['button_main'] = $button_main;
$langvars = Tki\Translate::load($pdo_db, $lang, array('admin', 'common', 'global_includes', 'global_funcs', 'combat', 'footer', 'news', 'report', 'main', 'zoneedit', 'planet'));
Tki\Header::display($pdo_db, $lang, $template, $variables['title'], $variables['body_class']);
$template->addVariables('langvars', $langvars);
$template->addVariables('variables', $variables);
$template->display('admin.tpl');
Tki\Footer::display($pdo_db, $lang, $tkireg, $template);
示例#2
0
文件: main.php 项目: thekabal/tki
//  published by the Free Software Foundation, either version 3 of the
//  License, or (at your option) any later version.
//
//  This program is distributed in the hope that it will be useful,
//  but WITHOUT ANY WARRANTY; without even the implied warranty of
//  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
//  GNU Affero General Public License for more details.
//
//  You should have received a copy of the GNU Affero General Public License
//  along with this program.  If not, see <http://www.gnu.org/licenses/>.
//
// File: main.php
require_once './common.php';
Tki\Login::checkLogin($pdo_db, $lang, $tkireg, $template);
// Database driven language entries
$langvars = Tki\Translate::load($pdo_db, $lang, array('combat', 'common', 'main', 'modify_defenses', 'admin', 'footer', 'global_includes', 'regional'));
$title = $langvars['l_main_title'];
Tki\Header::display($pdo_db, $lang, $template, $title);
$stylefontsize = "12pt";
$picsperrow = 7;
// Get playerinfo from database
$sql = "SELECT * FROM ::prefix::ships WHERE email=:email LIMIT 1";
$stmt = $pdo_db->prepare($sql);
$sql_test = Tki\Db::LogDbErrors($pdo_db, $sql, __LINE__, __FILE__);
if ($sql_test === true) {
    $stmt->bindParam(':email', $_SESSION['username']);
    $stmt->execute();
    $playerinfo = $stmt->fetch(PDO::FETCH_ASSOC);
}
if (!array_key_exists('command', $_GET)) {
    $_GET['command'] = null;
示例#3
0
//
//  This program is distributed in the hope that it will be useful,
//  but WITHOUT ANY WARRANTY; without even the implied warranty of
//  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
//  GNU Affero General Public License for more details.
//
//  You should have received a copy of the GNU Affero General Public License
//  along with this program.  If not, see <http://www.gnu.org/licenses/>.
//
// File: xenobe_control.php
// FUTURE: Change the table creation for Xenobes to use the new XML schema files
require_once './common.php';
$title = $langvars['l_ai_control'];
Tki\Header::display($pdo_db, $lang, $template, $title);
// Database driven language entries
$langvars = Tki\Translate::load($pdo_db, $lang, array('xenobe_control', 'common', 'global_includes', 'global_funcs', 'footer', 'news'));
echo "<h1>" . $title . "</h1>\n";
// Detect if this variable exists, and filter it. Returns false if anything wasn't right.
$menu = null;
$menu = filter_input(INPUT_POST, 'menu', FILTER_SANITIZE_EMAIL);
if (mb_strlen(trim($menu)) === 0) {
    $menu = false;
}
if ($menu !== null && $menu !== false) {
    $module = $menu;
}
// Detect if this variable exists, and filter it. Returns false if anything wasn't right.
$swordfish = null;
$swordfish = filter_input(INPUT_POST, 'swordfish', FILTER_SANITIZE_EMAIL);
if (mb_strlen(trim($swordfish)) === 0) {
    $swordfish = false;
示例#4
0
//  published by the Free Software Foundation, either version 3 of the
//  License, or (at your option) any later version.
//
//  This program is distributed in the hope that it will be useful,
//  but WITHOUT ANY WARRANTY; without even the implied warranty of
//  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
//  GNU Affero General Public License for more details.
//
//  You should have received a copy of the GNU Affero General Public License
//  along with this program.  If not, see <http://www.gnu.org/licenses/>.
//
// File: defense_report.php
require_once './common.php';
Tki\Login::checkLogin($pdo_db, $lang, $tkireg, $template);
// Database driven language entries
$langvars = Tki\Translate::load($pdo_db, $lang, array('defense_report', 'planet_report', 'main', 'device', 'port', 'modify_defenses', 'common', 'global_includes', 'global_funcs', 'combat', 'footer', 'news', 'regional'));
$title = $langvars['l_sdf_title'];
Tki\Header::display($pdo_db, $lang, $template, $title);
echo "<h1>" . $title . "</h1>\n";
// Get playerinfo from database
$sql = "SELECT * FROM ::prefix::ships WHERE email=:email LIMIT 1";
$stmt = $pdo_db->prepare($sql);
$stmt->bindParam(':email', $_SESSION['username']);
$stmt->execute();
$playerinfo = $stmt->fetch(PDO::FETCH_ASSOC);
$query = "SELECT * FROM {$db->prefix}sector_defense WHERE ship_id = ?";
if ($sort !== null) {
    $query .= " ORDER BY";
    if ($sort == "quantity") {
        $query .= " quantity ASC";
    } elseif ($sort == "mode") {
示例#5
0
文件: pwreset2.php 项目: thekabal/tki
//
//  This program is distributed in the hope that it will be useful,
//  but WITHOUT ANY WARRANTY; without even the implied warranty of
//  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
//  GNU Affero General Public License for more details.
//
//  You should have received a copy of the GNU Affero General Public License
//  along with this program.  If not, see <http://www.gnu.org/licenses/>.
//
// File: pwreset2.php
require_once './common.php';
$title = $langvars['l_pwr_title'];
$body_class = 'options';
Tki\Header::display($pdo_db, $lang, $template, $title, $body_class);
// Database driven language entries
$langvars = Tki\Translate::load($pdo_db, $lang, array('mail', 'common', 'global_funcs', 'global_includes', 'global_funcs', 'combat', 'footer', 'news', 'options', 'pwreset', 'option2'));
echo "<h1>" . $title . "</h1>\n";
$reset_code = filter_input(INPUT_POST, 'code', FILTER_SANITIZE_STRING);
$newpass1 = filter_input(INPUT_POST, 'newpass1', FILTER_SANITIZE_STRING);
$newpass2 = filter_input(INPUT_POST, 'newpass2', FILTER_SANITIZE_STRING);
// It is important to note that SQL (both MySQL and PostgreSQL) index differently (one longer)
// than php does, which is why the substr (6/8 instead of 5/8) has a start index one "larger" here than in the php calls
// Also, we start at the 5th digit (plus one for SQL) because the first four characterts (before md5) are always going to be $2a$, from phpass/blowfish
// In most cases, even after hashing, the 5th character and beyond are unique.
// We chose 8 characters of uniqueness because its reasonable if you have to type it in, and
// because 8 characters is 4,294,967,296 combinations, and that should be sufficiently secure
$result = $db->SelectLimit("SELECT ship_id, email, recovery_time FROM {$db->prefix}ships WHERE substr(MD5(password),6,8) = ?", 1, -1, array('password' => $reset_code));
Tki\Db::LogDbErrors($pdo_db, $result, __LINE__, __FILE__);
if (!$result->EOF && $result !== false) {
    $playerinfo = $result->fields;
    $recovery_time = $result->fields['recovery_time'];
示例#6
0
文件: mines.php 项目: thekabal/tki
//  published by the Free Software Foundation, either version 3 of the
//  License, or (at your option) any later version.
//
//  This program is distributed in the hope that it will be useful,
//  but WITHOUT ANY WARRANTY; without even the implied warranty of
//  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
//  GNU Affero General Public License for more details.
//
//  You should have received a copy of the GNU Affero General Public License
//  along with this program.  If not, see <http://www.gnu.org/licenses/>.
//
// File: mines.php
require_once './common.php';
Tki\Login::checkLogin($pdo_db, $lang, $tkireg, $template);
// Database driven language entries
$langvars = Tki\Translate::load($pdo_db, $lang, array('mines', 'common', 'global_includes', 'global_funcs', 'combat', 'footer', 'news', 'regional'));
$title = $langvars['l_mines_title'];
Tki\Header::display($pdo_db, $lang, $template, $title);
$op = null;
if (array_key_exists('op', $_GET) === true) {
    $op = $_GET['op'];
} elseif (array_key_exists('op', $_POST) === true) {
    $op = $_POST['op'];
}
// Get playerinfo from database
$sql = "SELECT * FROM ::prefix::ships WHERE email=:email LIMIT 1";
$stmt = $pdo_db->prepare($sql);
$stmt->bindParam(':email', $_SESSION['username']);
$stmt->execute();
$playerinfo = $stmt->fetch(PDO::FETCH_ASSOC);
$sql = "SELECT * FROM ::prefix::universe WHERE sector_id=:sector_id LIMIT 1";
示例#7
0
文件: feedback.php 项目: thekabal/tki
//  published by the Free Software Foundation, either version 3 of the
//  License, or (at your option) any later version.
//
//  This program is distributed in the hope that it will be useful,
//  but WITHOUT ANY WARRANTY; without even the implied warranty of
//  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
//  GNU Affero General Public License for more details.
//
//  You should have received a copy of the GNU Affero General Public License
//  along with this program.  If not, see <http://www.gnu.org/licenses/>.
//
// File: feedback.php
require_once './common.php';
Tki\Login::checkLogin($pdo_db, $lang, $tkireg, $template);
// Database driven language entries
$langvars = Tki\Translate::load($pdo_db, $lang, array('feedback', 'galaxy', 'common', 'global_includes', 'global_funcs', 'footer'));
$title = $langvars['l_feedback_title'];
Tki\Header::display($pdo_db, $lang, $template, $title);
echo "<h1>" . $title . "</h1>\n";
// Get playerinfo from database
$sql = "SELECT * FROM ::prefix::ships WHERE email=:email LIMIT 1";
$stmt = $pdo_db->prepare($sql);
$stmt->bindParam(':email', $_SESSION['username']);
$stmt->execute();
$playerinfo = $stmt->fetch(PDO::FETCH_ASSOC);
// Detect if this variable exists, and filter it. Returns false if anything wasn't right.
$content = null;
$content = filter_input(INPUT_POST, 'content', FILTER_SANITIZE_STRING);
// URL doesn't allow spaces, string does.
if (mb_strlen(trim($content)) === 0) {
    $content = false;
示例#8
0
//  If you are including files in your trigger file, it is important
//  to use include_once instead of include, as your file might
//  be called multiple times in a single execution. If you need to
//  define functions, you can put them in your own
//  include file, with an include statement. THEY CANNOT BE
//  DEFINED IN YOUR MAIN FILE BODY. This would cause PHP to issue a
//  multiple function declaration error.
//
//  End of scheduler explanation
$index_page = true;
// Ensure that we do not set sessions
require_once './common.php';
$title = $langvars['l_sys_update'];
Tki\Header::display($pdo_db, $lang, $template, $title);
// Database driven language entries
$langvars = Tki\Translate::load($pdo_db, $lang, array('admin', 'common', 'global_includes', 'global_funcs', 'footer', 'news', 'scheduler'));
echo "<h1>" . $title . "</h1>\n";
// FUTURE: Add filtering to swordfish
if (array_key_exists('swordfish', $_GET)) {
    $swordfish = $_GET['swordfish'];
} else {
    if (array_key_exists('swordfish', $_POST)) {
        $swordfish = $_POST['swordfish'];
    } else {
        $swordfish = null;
    }
}
if ($swordfish != \Tki\SecureConfig::ADMIN_PASS) {
    echo "<form accept-charset='utf-8' action='scheduler.php' method='post'>";
    echo "Password: <input type='password' name='swordfish' size='20' maxlength='20'><br><br>";
    echo "<input type='submit' value='Submit'><input type='reset' value='Reset'>";
示例#9
0
// Tell CDN's or proxies to keep a separate version of the page in various encodings - compressed or not, in english or french for example.
header('Keep-Alive: timeout=15, max=100');
// Ask for persistent HTTP connections (15sec), which give better per-client performance, but can be worse (for a server) for many.
// Set cookies for cookie test
setcookie('TestCookie', '', 0);
setcookie('TestCookie', 'Shuzbutt', time() + 3600, Tki\SetPaths::setGamepath(), $request->server->get('HTTP_HOST'));
// Database configuration.
$db_host = \Tki\SecureConfig::DB_HOST;
$db_port = \Tki\SecureConfig::DB_PORT;
$db_user = \Tki\SecureConfig::DB_USER;
$db_pwd = \Tki\SecureConfig::DB_PASS;
$db_type = \Tki\SecureConfig::DB_TYPE;
$db_name = \Tki\SecureConfig::DB_NAME;
$db_prefix = \Tki\SecureConfig::DB_TABLE_PREFIX;
// Database driven language entries
$langvars = Tki\Translate::load($pdo_db, $lang, array('new', 'login', 'common', 'global_includes', 'global_funcs', 'footer', 'news', 'index', 'options', 'setup_info'));
$variables = null;
$variables['lang'] = $lang;
$variables['link'] = 'https://kabal-invasion.com/forums/';
$variables['admin_mail'] = $tkireg->admin_mail;
$variables['body_class'] = 'tki';
$variables['template'] = $tkireg->default_template;
// Temporarily set the template to the default template until we have a user option
// Get the webserver version.
$sapi = php_sapi_name();
$serverType = '';
$serverVersion = '';
if ($sapi === 'apache') {
    $serverType = $sapi;
    $serverVersion = apache_get_version();
} else {
示例#10
0
文件: index.php 项目: thekabal/tki
//  GNU Affero General Public License for more details.
//
//  You should have received a copy of the GNU Affero General Public License
//  along with this program.  If not, see <http://www.gnu.org/licenses/>.
//
// File: index.php
$index_page = true;
require_once './common.php';
$link = null;
if (!Tki\Db::isActive($pdo_db)) {
    // If DB is not active, redirect to create universe to run install
    header('Location: create_universe.php');
    die;
}
// Database driven language entries
$langvars = Tki\Translate::load($pdo_db, $lang, array('regional', 'admin', 'attack', 'beacon', 'bounty', 'check_fighters', 'check_mines', 'combat', 'common', 'team', 'create_universe', 'defense_report', 'device', 'dump', 'emerwarp', 'error', 'faq', 'feedback', 'footer', 'galaxy', 'genesis', 'ibank', 'index', 'log', 'login', 'logout', 'lrscan', 'mail', 'mailto', 'main', 'mines', 'modify_defenses', 'move', 'navcomp', 'new', 'new_player_guide', 'news', 'option2', 'options', 'planet', 'planet_report', 'port', 'presets', 'pwreset', 'ranking', 'readmail', 'report', 'rsmove', 'scan', 'scheduler', 'sector_fighters', 'self_destruct', 'settings', 'setup_info', 'ship', 'team_planets', 'teams', 'traderoutes', 'warpedit', 'xenobe_control', 'zoneedit', 'zoneinfo', 'global_includes'));
$variables = null;
$variables['lang'] = $lang;
$variables['link'] = $link;
$variables['title'] = $langvars['l_welcome_tki'];
$variables['link_forums'] = $tkireg->link_forums;
$variables['admin_mail'] = $tkireg->admin_mail;
$variables['body_class'] = 'index';
// Get list of available languages
$variables['list_of_langs'] = Tki\Languages::listAvailable($pdo_db, $lang);
// Temporarily set the template to the default template until we have a user option
$variables['template'] = $tkireg->default_template;
Tki\Header::display($pdo_db, $lang, $template, $variables['title'], $variables['body_class']);
$template->addVariables('langvars', $langvars);
$template->addVariables('variables', $variables);
$template->display('index.tpl');
示例#11
0
//  This program is free software: you can redistribute it and/or modify
//  it under the terms of the GNU Affero General Public License as
//  published by the Free Software Foundation, either version 3 of the
//  License, or (at your option) any later version.
//
//  This program is distributed in the hope that it will be useful,
//  but WITHOUT ANY WARRANTY; without even the implied warranty of
//  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
//  GNU Affero General Public License for more details.
//
//  You should have received a copy of the GNU Affero General Public License
//  along with this program.  If not, see <http://www.gnu.org/licenses/>.
//
// File: sector_fighters.php
// Database driven language entries
$langvars = Tki\Translate::load($pdo_db, $lang, array('sector_fighters', 'common', 'global_includes', 'global_funcs', 'footer', 'news'));
echo $langvars['l_sf_attacking'] . "<br>";
$targetfighters = $total_sector_fighters;
$playerbeams = Tki\CalcLevels::beams($playerinfo['beams'], $tkireg);
if ($calledfrom == 'rsmove.php') {
    $playerinfo['ship_energy'] += $energyscooped;
}
if ($playerbeams > $playerinfo['ship_energy']) {
    $playerbeams = $playerinfo['ship_energy'];
}
$playerinfo['ship_energy'] = $playerinfo['ship_energy'] - $playerbeams;
$playershields = Tki\CalcLevels::shields($playerinfo['shields'], $tkireg);
if ($playershields > $playerinfo['ship_energy']) {
    $playershields = $playerinfo['ship_energy'];
}
$playertorpnum = round(pow($tkireg->level_factor, $playerinfo['torp_launchers'])) * 2;
示例#12
0
文件: ship.php 项目: thekabal/tki
//
//  This program is distributed in the hope that it will be useful,
//  but WITHOUT ANY WARRANTY; without even the implied warranty of
//  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
//  GNU Affero General Public License for more details.
//
//  You should have received a copy of the GNU Affero General Public License
//  along with this program.  If not, see <http://www.gnu.org/licenses/>.
//
// File: ship.php
require_once './common.php';
Tki\Login::checkLogin($pdo_db, $lang, $tkireg, $template);
$title = $langvars['l_ship_title'];
Tki\Header::display($pdo_db, $lang, $template, $title);
// Database driven language entries
$langvars = Tki\Translate::load($pdo_db, $lang, array('ship', 'planet', 'main', 'common', 'global_includes', 'global_funcs', 'footer', 'news'));
echo "<h1>" . $title . "</h1>\n";
// PHP7 Null coalescing operator - if it is set, great, if not, set to null
$ship_id = $ship_id ?? null;
// Get playerinfo from database
$sql = "SELECT team, ship_name, character_name, sector FROM ::prefix::ships WHERE email=:email LIMIT 1";
$stmt = $pdo_db->prepare($sql);
$stmt->bindParam(':email', $_SESSION['username']);
$stmt->execute();
$playerinfo = $stmt->fetch(PDO::FETCH_ASSOC);
$sql = "SELECT team, ship_name, character_name, sector FROM ::prefix::ships WHERE ship_id=:ship_id";
$stmt = $pdo_db->prepare($sql);
$stmt->bindParam(':ship_id', $ship_id);
$stmt->execute();
$othership = $stmt->fetch(PDO::FETCH_ASSOC);
if ($othership['sector'] != $playerinfo['sector']) {
示例#13
0
//  published by the Free Software Foundation, either version 3 of the
//  License, or (at your option) any later version.
//
//  This program is distributed in the hope that it will be useful,
//  but WITHOUT ANY WARRANTY; without even the implied warranty of
//  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
//  GNU Affero General Public License for more details.
//
//  You should have received a copy of the GNU Affero General Public License
//  along with this program.  If not, see <http://www.gnu.org/licenses/>.
//
// File: traderoute.php
require_once './common.php';
Tki\Login::checkLogin($pdo_db, $lang, $tkireg, $template);
// Database driven language entries
$langvars = Tki\Translate::load($pdo_db, $lang, array('traderoutes', 'common', 'global_includes', 'global_funcs', 'footer', 'bounty', 'regional'));
$title = $langvars['l_tdr_title'];
Tki\Header::display($pdo_db, $lang, $template, $title);
echo "<h1>" . $title . "</h1>\n";
$portfull = null;
// This fixes an error of undefined variables on 1518
// Get playerinfo from database
$sql = "SELECT * FROM ::prefix::ships WHERE email=:email LIMIT 1";
$stmt = $pdo_db->prepare($sql);
$stmt->bindParam(':email', $_SESSION['username']);
$stmt->execute();
$playerinfo = $stmt->fetch(PDO::FETCH_ASSOC);
$result = $db->Execute("SELECT * FROM {$db->prefix}traderoutes WHERE owner = ?;", array($playerinfo['ship_id']));
Tki\Db::LogDbErrors($pdo_db, $result, __LINE__, __FILE__);
$num_traderoutes = $result->RecordCount();
if ($traderoutes !== null) {
示例#14
0
//
//  This program is distributed in the hope that it will be useful,
//  but WITHOUT ANY WARRANTY; without even the implied warranty of
//  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
//  GNU Affero General Public License for more details.
//
//  You should have received a copy of the GNU Affero General Public License
//  along with this program.  If not, see <http://www.gnu.org/licenses/>.
//
// File: planet_report_ce.php
require_once './common.php';
Tki\Login::checkLogin($pdo_db, $lang, $tkireg, $template);
$title = $langvars['l_pr_title'];
Tki\Header::display($pdo_db, $lang, $template, $title);
// Database driven language entries
$langvars = Tki\Translate::load($pdo_db, $lang, array('planet_report', 'rsmove', 'common', 'global_includes', 'global_funcs', 'footer', 'news', 'regional'));
echo '<h1>' . $title . '</h1>';
echo '<br>';
echo str_replace('[here]', "<a href='planet_report.php'>" . $langvars['l_here'] . '</a>', $langvars['l_pr_click_return']);
echo '<br>';
// Detect if this variable exists, and filter it. Returns false if anything wasn't right.
$tpcreds = null;
$tpcreds = $_POST['tpcreds'];
// FUTURE: tp creds is an array. Filtering will be tricky.
if (mb_strlen(trim($tpcreds)) === 0) {
    $tpcreds = false;
}
if ($tpcreds !== null && $tpcreds !== false) {
    Tki\PlanetReportCE::collectCredits($pdo_db, $db, $langvars, $tpcreds, $tkireg);
} elseif ($buildp !== null && $builds !== null) {
    Tki\Bases::buildBase($pdo_db, $langvars, $buildp, $builds, $tkireg);
示例#15
0
文件: mailto.php 项目: thekabal/tki
//
//  This program is distributed in the hope that it will be useful,
//  but WITHOUT ANY WARRANTY; without even the implied warranty of
//  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
//  GNU Affero General Public License for more details.
//
//  You should have received a copy of the GNU Affero General Public License
//  along with this program.  If not, see <http://www.gnu.org/licenses/>.
//
// File: mailto.php
require_once './common.php';
Tki\Login::checkLogin($pdo_db, $lang, $tkireg, $template);
$body_class = 'tki';
$include_ckeditor = true;
// Database driven language entries
$langvars = Tki\Translate::load($pdo_db, $lang, array('mailto', 'common', 'global_includes', 'global_funcs', 'footer', 'planet_report'));
$title = $langvars['l_sendm_title'];
Tki\Header::display($pdo_db, $lang, $template, $title, $body_class, $include_ckeditor);
// Filter to the FILTER_SANITIZE_STRING ruleset, because we need to allow spaces for names & subject (FILTER_SANITIZE_URL doesn't allow spaces)
// $name, $to, and $subject are all sent both via post and get, so we have to do a filter input for each
// filter_input doesn't support INPUT_REQUEST, and also doesn't support the format INPUT_POST | INPUT_GET - I tried.
$name = null;
if (array_key_exists('name', $_POST)) {
    $name = filter_input(INPUT_POST, 'name', FILTER_SANITIZE_STRING);
} elseif (array_key_exists('name', $_GET)) {
    $name = filter_input(INPUT_GET, 'name', FILTER_SANITIZE_STRING);
}
$to = null;
if (array_key_exists('to', $_POST)) {
    $to = filter_input(INPUT_POST, 'to', FILTER_SANITIZE_STRING);
} elseif (array_key_exists('to', $_GET)) {
示例#16
0
文件: faq.php 项目: thekabal/tki
//  License, or (at your option) any later version.
//
//  This program is distributed in the hope that it will be useful,
//  but WITHOUT ANY WARRANTY; without even the implied warranty of
//  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
//  GNU Affero General Public License for more details.
//
//  You should have received a copy of the GNU Affero General Public License
//  along with this program.  If not, see <http://www.gnu.org/licenses/>.
//
// File: faq.php
require_once './common.php';
$lang = $tkireg->default_lang;
$link = null;
// Database driven language entries
$langvars = Tki\Translate::load($pdo_db, $lang, array('common', 'faq', 'global_funcs'));
$variables = null;
$variables['lang'] = $lang;
$variables['link'] = $link;
$variables['body_class'] = 'faq';
$variables['title'] = $langvars['l_faq_title'];
if (empty($_SESSION['username'])) {
    $variables['linkback'] = array("fulltext" => $langvars['l_global_mlogin'], "link" => "index.php");
} else {
    $variables['linkback'] = array("fulltext" => $langvars['l_global_mmenu'], "link" => "index.php");
}
Tki\Header::display($pdo_db, $lang, $template, $variables['title'], $variables['body_class']);
$template->addVariables('langvars', $langvars);
$template->addVariables('variables', $variables);
$template->display('faq.tpl');
Tki\Footer::display($pdo_db, $lang, $tkireg, $template);
示例#17
0
文件: footer_t.php 项目: thekabal/tki
    $seconds_left = (int) 0;
    $display_update_ticker = false;
}
// End update counter
if ($tkireg->footer_show_debug === true) {
    $sf_logo_type = '14';
    $sf_logo_width = "150";
    $sf_logo_height = "40";
} else {
    $sf_logo_type = '11';
    $sf_logo_width = "120";
    $sf_logo_height = "30";
}
if ($news_ticker_active === true) {
    // Database driven language entries
    $langvars_temp = Tki\Translate::load($pdo_db, $lang, array('news', 'common', 'footer', 'global_includes', 'logout'));
    // Use array merge so that we do not clobber the langvars array, and only add to it the items needed for footer
    $langvars = array_merge($langvars, $langvars_temp);
    // Use array unique so that we don't end up with duplicate lang array entries
    // This is resulting in an array with blank values for specific keys, so array_unique isn't entirely what we want
    // $langvars = array_unique ($langvars);
    // SQL call that selects all of the news items between the start date beginning of day, and the end of day.
    $news_gateway = new \Tki\News\NewsGateway($pdo_db);
    // Build a scheduler gateway object to handle the SQL calls
    $row = $news_gateway->selectNewsByDay(date('Y-m-d'));
    $news_ticker = array();
    if (count($row) == 0) {
        array_push($news_ticker, array('url' => null, 'text' => $langvars['l_news_none'], 'type' => null, 'delay' => 5));
    } else {
        foreach ($row as $item) {
            array_push($news_ticker, array('url' => "news.php", 'text' => $item['headline'], 'type' => $item['news_type'], 'delay' => 5));
示例#18
0
//  License, or (at your option) any later version.
//
//  This program is distributed in the hope that it will be useful,
//  but WITHOUT ANY WARRANTY; without even the implied warranty of
//  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
//  GNU Affero General Public License for more details.
//
//  You should have received a copy of the GNU Affero General Public License
//  along with this program.  If not, see <http://www.gnu.org/licenses/>.
//
// File: copyright.php
$index_page = true;
require_once './common.php';
$link = null;
// Database driven language entries
$langvars = Tki\Translate::load($pdo_db, $lang, array('main', 'login', 'logout', 'index', 'common', 'regional', 'footer', 'global_includes'));
$variables = null;
$variables['lang'] = $lang;
$variables['link'] = $link;
$variables['title'] = $langvars['l_welcome_tki'];
$variables['link_forums'] = $tkireg->link_forums;
$variables['admin_mail'] = $tkireg->admin_mail;
$variables['body_class'] = 'index';
// Get list of available languages
$variables['list_of_langs'] = Tki\Languages::listAvailable($pdo_db, $lang);
// Temporarily set the template to the default template until we have a user option
$variables['template'] = $tkireg->default_template;
Tki\Header::display($pdo_db, $lang, $template, $variables['title'], $variables['body_class']);
$template->addVariables('langvars', $langvars);
$template->addVariables('variables', $variables);
$template->display('copyright.tpl');
示例#19
0
//  This program is free software: you can redistribute it and/or modify
//  it under the terms of the GNU Affero General Public License as
//  published by the Free Software Foundation, either version 3 of the
//  License, or (at your option) any later version.
//
//  This program is distributed in the hope that it will be useful,
//  but WITHOUT ANY WARRANTY; without even the implied warranty of
//  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
//  GNU Affero General Public License for more details.
//
//  You should have received a copy of the GNU Affero General Public License
//  along with this program.  If not, see <http://www.gnu.org/licenses/>.
//
// File: newplayerguide.php
require_once './common.php';
// Database driven language entries
$langvars = Tki\Translate::load($pdo_db, $lang, array('global_funcs', 'new_player_guide'));
if (array_key_exists('username', $_SESSION)) {
    $variables['session_username'] = $_SESSION['username'];
} else {
    $variables['session_username'] = null;
}
$variables['body_class'] = 'faq';
$variables['lang'] = $lang;
$variables['linkback'] = array("fulltext" => $langvars['l_global_mlogin'], "link" => "index.php");
$variables['title'] = $langvars['l_npg_title'];
Tki\Header::display($pdo_db, $lang, $template, $variables['title'], $variables['body_class']);
$template->addVariables('langvars', $langvars);
$template->addVariables('variables', $variables);
$template->display('newplayerguide.tpl');
Tki\Footer::display($pdo_db, $lang, $tkireg, $template);
示例#20
0
//
//  This program is distributed in the hope that it will be useful,
//  but WITHOUT ANY WARRANTY; without even the implied warranty of
//  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
//  GNU Affero General Public License for more details.
//
//  You should have received a copy of the GNU Affero General Public License
//  along with this program.  If not, see <http://www.gnu.org/licenses/>.
//
// File: sched_xenobe.php
//
// FUTURE: SQL bind varibles
// Xenobe turn updates
echo "<br><strong>Xenobe TURNS</strong><br><br>";
// Database driven language entries
$langvars = Tki\Translate::load($pdo_db, $lang, array('sched_xenobe', 'common', 'global_includes', 'combat', 'footer', 'news'));
// Make Xenobe selection
$furcount = 0;
$furcount0 = 0;
$furcount0a = 0;
$furcount1 = 0;
$furcount1a = 0;
$furcount2 = 0;
$furcount2a = 0;
$furcount3 = 0;
$furcount3a = 0;
$furcount3h = 0;
/*
//Tki\Db::LogDbErrors($pdo_db, $res, __LINE__, __FILE__);
$res = $db->Execute("SELECT * FROM {$db->prefix}ships JOIN {$db->prefix}xenobe WHERE email=xenobe_id and active='Y' and ship_destroyed='N' ORDER BY ship_id");
while (($res instanceof ADORecordSet) && ($res != false))
示例#21
0
文件: zoneinfo.php 项目: thekabal/tki
//  published by the Free Software Foundation, either version 3 of the
//  License, or (at your option) any later version.
//
//  This program is distributed in the hope that it will be useful,
//  but WITHOUT ANY WARRANTY; without even the implied warranty of
//  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
//  GNU Affero General Public License for more details.
//
//  You should have received a copy of the GNU Affero General Public License
//  along with this program.  If not, see <http://www.gnu.org/licenses/>.
//
// File: zoneinfo.php
require_once './common.php';
Tki\Login::checkLogin($pdo_db, $lang, $tkireg, $template);
// Database driven language entries
$langvars = Tki\Translate::load($pdo_db, $lang, array('port', 'main', 'attack', 'zoneinfo', 'report', 'common', 'global_includes', 'global_funcs', 'footer', 'modify_defenses'));
$title = $langvars['l_zi_title'];
$body_class = 'zoneinfo';
Tki\Header::display($pdo_db, $lang, $template, $title, $body_class);
echo "<h1>" . $title . "</h1>\n";
echo "<body class=" . $body_class . ">";
$zone = (int) filter_input(INPUT_GET, 'zone', FILTER_SANITIZE_NUMBER_INT);
// Get playerinfo from database
$sql = "SELECT * FROM ::prefix::ships WHERE email=:email LIMIT 1";
$stmt = $pdo_db->prepare($sql);
$stmt->bindParam(':email', $_SESSION['username']);
$stmt->execute();
$playerinfo = $stmt->fetch(PDO::FETCH_ASSOC);
$sql = "SELECT * FROM ::prefix::zones WHERE zone_id=:zone_id LIMIT 1";
$stmt = $pdo_db->prepare($sql);
$stmt->bindParam(':zone_id', $zone);
示例#22
0
文件: 40.php 项目: thekabal/tki
$variables['fedsecs'] = filter_input(INPUT_POST, 'fedsecs', FILTER_SANITIZE_NUMBER_INT);
$variables['loops'] = filter_input(INPUT_POST, 'loops', FILTER_SANITIZE_NUMBER_INT);
$variables['swordfish'] = filter_input(INPUT_POST, 'swordfish', FILTER_SANITIZE_URL);
$variables['create_seq_results'] = Tki\Schema::createSequences($pdo_db, \Tki\SecureConfig::DB_TABLE_PREFIX, \Tki\SecureConfig::DB_TYPE);
// Create all tables in the database
$variables['create_seq_count'] = count($variables['create_seq_results']) - 1;
$variables['create_tables_results'] = Tki\Schema::createTables($pdo_db, \Tki\SecureConfig::DB_TABLE_PREFIX, \Tki\SecureConfig::DB_TYPE);
// Create all tables in the database
$variables['create_tables_count'] = count($variables['create_tables_results']) - 1;
$variables['autorun'] = filter_input(INPUT_POST, 'autorun', FILTER_VALIDATE_BOOLEAN, FILTER_NULL_ON_FAILURE);
$create_array_size = count($variables['create_seq_results']);
for ($i = 0; $i < $create_array_size; $i++) {
    if ($variables['create_seq_results'][$i]['result'] !== true) {
        $variables['autorun'] = false;
        // We disable autorun if any errors occur in processing
    }
}
$create_array_size = count($variables['create_tables_results']);
for ($i = 0; $i < $create_array_size; $i++) {
    if ($variables['create_tables_results'][$i]['result'] !== true) {
        $variables['autorun'] = false;
        // We disable autorun if any errors occur in processing
    }
}
// Database driven language entries
$langvars = Tki\Translate::load($pdo_db, $lang, array('common', 'regional', 'footer', 'global_includes', 'create_universe', 'news'));
Tki\Header::display($pdo_db, $lang, $template, $variables['title'], $variables['body_class']);
$template->addVariables('langvars', $langvars);
$template->addVariables('variables', $variables);
$template->display('templates/classic/create_universe/40.tpl');
Tki\Footer::display($pdo_db, $lang, $tkireg, $template);
示例#23
0
文件: warpedit.php 项目: thekabal/tki
//
//  This program is distributed in the hope that it will be useful,
//  but WITHOUT ANY WARRANTY; without even the implied warranty of
//  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
//  GNU Affero General Public License for more details.
//
//  You should have received a copy of the GNU Affero General Public License
//  along with this program.  If not, see <http://www.gnu.org/licenses/>.
//
// File: warpedit.php
require_once './common.php';
Tki\Login::checkLogin($pdo_db, $lang, $tkireg, $template);
$title = $langvars['l_warp_title'];
Tki\Header::display($pdo_db, $lang, $template, $title);
// Database driven language entries
$langvars = Tki\Translate::load($pdo_db, $lang, array('warpedit', 'common', 'global_includes', 'global_funcs', 'footer', 'news'));
echo "<h1>" . $title . "</h1>\n";
// Get playerinfo from database
$sql = "SELECT * FROM ::prefix::ships WHERE email=:email LIMIT 1";
$stmt = $pdo_db->prepare($sql);
$stmt->bindParam(':email', $_SESSION['username']);
$stmt->execute();
$playerinfo = $stmt->fetch(PDO::FETCH_ASSOC);
// Get sectorinfo from database
$sql = "SELECT * FROM ::prefix::universe WHERE sector_id=:sector_id LIMIT 1";
$stmt = $pdo_db->prepare($sql);
$stmt->bindParam(':sector_id', $playerinfo['sector']);
$stmt->execute();
$sectorinfo = $stmt->fetch(PDO::FETCH_ASSOC);
if ($playerinfo['turns'] < 1) {
    echo $langvars['l_warp_turn'] . "<br><br>";
示例#24
0
文件: teams.php 项目: thekabal/tki
//
//  This program is distributed in the hope that it will be useful,
//  but WITHOUT ANY WARRANTY; without even the implied warranty of
//  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
//  GNU Affero General Public License for more details.
//
//  You should have received a copy of the GNU Affero General Public License
//  along with this program.  If not, see <http://www.gnu.org/licenses/>.
//
// File: teams.php
// Added a quick fix for creating a new team with the same name
// This file needs to be completely recoded from scratch :(
require_once './common.php';
Tki\Login::checkLogin($pdo_db, $lang, $tkireg, $template);
// Database driven language entries
$langvars = Tki\Translate::load($pdo_db, $lang, array('teams', 'common', 'global_includes', 'global_funcs', 'main', 'footer'));
$title = $langvars['l_team_title'];
Tki\Header::display($pdo_db, $lang, $template, $title);
echo "<h1>" . $title . "</h1>\n";
$testing = false;
// set to false to get rid of password when creating new team
// Typecast into ints (this also removes all non numbers)
$whichteam = null;
if (array_key_exists('whichteam', $_REQUEST) === true) {
    $whichteam = (int) $_REQUEST['whichteam'];
}
$teamwhat = null;
if (array_key_exists('teamwhat', $_REQUEST) === true) {
    $teamwhat = (int) $_REQUEST['teamwhat'];
}
$confirmleave = null;
示例#25
0
文件: planet.php 项目: thekabal/tki
//
//  This program is distributed in the hope that it will be useful,
//  but WITHOUT ANY WARRANTY; without even the implied warranty of
//  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
//  GNU Affero General Public License for more details.
//
//  You should have received a copy of the GNU Affero General Public License
//  along with this program.  If not, see <http://www.gnu.org/licenses/>.
//
// File: planet.php
require_once './common.php';
Tki\Login::checkLogin($pdo_db, $lang, $tkireg, $template);
$title = $langvars['l_planet_title'];
Tki\Header::display($pdo_db, $lang, $template, $title);
// Database driven language entries
$langvars = Tki\Translate::load($pdo_db, $lang, array('bounty', 'port', 'ibank', 'main', 'planet', 'report', 'common', 'global_includes', 'global_funcs', 'footer', 'news', 'combat', 'regional'));
// Detect if this variable exists, and filter it. Returns false if anything wasn't right.
$destroy = null;
$destroy = (int) filter_input(INPUT_GET, 'destroy', FILTER_SANITIZE_NUMBER_INT);
if (mb_strlen(trim($destroy)) === 0) {
    $destroy = false;
}
// Detect if this variable exists, and filter it. Returns false if anything wasn't right.
$command = null;
$command = filter_input(INPUT_GET, 'command', FILTER_SANITIZE_STRING);
if (mb_strlen(trim($command)) === 0) {
    $command = false;
}
// Detect if this variable exists, and filter it. Returns false if anything wasn't right.
$planet_id = null;
$planet_id = (int) filter_input(INPUT_GET, 'planet_id', FILTER_SANITIZE_NUMBER_INT);
示例#26
0
//  published by the Free Software Foundation, either version 3 of the
//  License, or (at your option) any later version.
//
//  This program is distributed in the hope that it will be useful,
//  but WITHOUT ANY WARRANTY; without even the implied warranty of
//  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
//  GNU Affero General Public License for more details.
//
//  You should have received a copy of the GNU Affero General Public License
//  along with this program.  If not, see <http://www.gnu.org/licenses/>.
//
// File: self_destruct.php
require_once './common.php';
Tki\Login::checkLogin($pdo_db, $lang, $tkireg, $template);
// Database driven language entries
$langvars = Tki\Translate::load($pdo_db, $lang, array('self_destruct', 'ranking', 'common', 'global_includes', 'global_funcs', 'news', 'footer'));
$title = $langvars['l_die_title'];
Tki\Header::display($pdo_db, $lang, $template, $title);
echo "<h1>" . $title . "</h1>\n";
// Get playerinfo from database
$sql = "SELECT * FROM ::prefix::ships WHERE email=:email LIMIT 1";
$stmt = $pdo_db->prepare($sql);
$stmt->bindParam(':email', $_SESSION['username']);
$stmt->execute();
$playerinfo = $stmt->fetch(PDO::FETCH_ASSOC);
if (array_key_exists('sure', $_GET)) {
    $sure = $_GET['sure'];
}
if (!isset($sure)) {
    echo "<font color=red><strong>" . $langvars['l_die_rusure'] . "</strong></font><br><br>";
    echo "Please Note: You will loose all your Planets if you Self-Destruct!.<br>\n";
示例#27
0
文件: report.php 项目: thekabal/tki
$variables['holds_used'] = $holds_used;
$variables['holds_max'] = $holds_max;
$variables['playerinfo_ship_ore'] = $playerinfo['ship_ore'];
$variables['playerinfo_ship_organics'] = $playerinfo['ship_organics'];
$variables['playerinfo_ship_goods'] = $playerinfo['ship_goods'];
$variables['playerinfo_ship_energy'] = $playerinfo['ship_energy'];
$variables['playerinfo_ship_colonists'] = $playerinfo['ship_colonists'];
$variables['playerinfo_ship_fighters'] = $playerinfo['ship_fighters'];
$variables['playerinfo_armor_pts'] = $playerinfo['armor_pts'];
$variables['playerinfo_torps'] = $playerinfo['torps'];
$variables['torps_max'] = $torps_max;
$variables['energy_max'] = $energy_max;
$variables['armor_pts_max'] = $armor_pts_max;
$variables['ship_fighters_max'] = $ship_fighters_max;
$variables['playerinfo_dev_beacon'] = $playerinfo['dev_beacon'];
$variables['playerinfo_dev_warpedit'] = $playerinfo['dev_warpedit'];
$variables['playerinfo_dev_genesis'] = $playerinfo['dev_genesis'];
$variables['playerinfo_dev_minedeflector'] = $playerinfo['dev_minedeflector'];
$variables['playerinfo_dev_emerwarp'] = $playerinfo['dev_emerwarp'];
$variables['escape_pod'] = $escape_pod;
$variables['fuel_scoop'] = $fuel_scoop;
$variables['lssd'] = $lssd;
$variables['ship_img'] = $template->getVariables('template_dir') . "/images/" . $shiptypes[$shiplevel];
$variables['linkback'] = array("fulltext" => $langvars['l_global_mmenu'], "link" => "main.php");
$variables['title'] = $langvars['l_report_title'];
$langvars = Tki\Translate::load($pdo_db, $lang, array('main', 'report', 'device', 'common', 'global_includes', 'global_funcs', 'footer', 'regional', 'news'));
Tki\Header::display($pdo_db, $lang, $template, $variables['title'], $variables['body_class']);
$template->addVariables('langvars', $langvars);
$template->addVariables('variables', $variables);
$template->display('report.tpl');
Tki\Footer::display($pdo_db, $lang, $tkireg, $template);
示例#28
0
文件: bounty.php 项目: thekabal/tki
//  published by the Free Software Foundation, either version 3 of the
//  License, or (at your option) any later version.
//
//  This program is distributed in the hope that it will be useful,
//  but WITHOUT ANY WARRANTY; without even the implied warranty of
//  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
//  GNU Affero General Public License for more details.
//
//  You should have received a copy of the GNU Affero General Public License
//  along with this program.  If not, see <http://www.gnu.org/licenses/>.
//
// File: bounty.php
require_once './common.php';
Tki\Login::checkLogin($pdo_db, $lang, $tkireg, $template);
// Database driven language entries
$langvars = Tki\Translate::load($pdo_db, $lang, array('bounty', 'port', 'common', 'global_includes', 'global_funcs', 'combat', 'footer', 'news'));
$title = $langvars['l_by_title'];
Tki\Header::display($pdo_db, $lang, $template, $title);
// Detect if this variable exists, and filter it. Returns false if anything wasn't right
$response = null;
$response = filter_input(INPUT_POST, 'response', FILTER_SANITIZE_STRING);
if (mb_strlen(trim($response)) === 0) {
    $response = false;
}
if (array_key_exists('response', $_GET)) {
    $response = filter_input(INPUT_GET, 'response', FILTER_SANITIZE_STRING);
}
// Detect if this variable exists, and filter it. Returns false if anything wasn't right
$bounty_on = null;
$bounty_on = (int) filter_input(INPUT_POST, 'bounty_on', FILTER_SANITIZE_NUMBER_INT);
if (mb_strlen(trim($bounty_on)) === 0) {
示例#29
0
//
//  This program is distributed in the hope that it will be useful,
//  but WITHOUT ANY WARRANTY; without even the implied warranty of
//  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
//  GNU Affero General Public License for more details.
//
//  You should have received a copy of the GNU Affero General Public License
//  along with this program.  If not, see <http://www.gnu.org/licenses/>.
//
// File: modify_defenses.php
require_once './common.php';
Tki\Login::checkLogin($pdo_db, $lang, $tkireg, $template);
$title = $langvars['l_md_title'];
Tki\Header::display($pdo_db, $lang, $template, $title);
// Database driven language entries
$langvars = Tki\Translate::load($pdo_db, $lang, array('modify_defenses', 'common', 'global_includes', 'global_funcs', 'footer', 'news'));
if (!isset($defense_id)) {
    echo $langvars['l_md_invalid'] . "<br><br>";
    Tki\Text::gotomain($pdo_db, $lang);
    Tki\Footer::display($pdo_db, $lang, $tkireg, $template);
    die;
}
// Detect if this variable exists, and filter it. Returns false if anything wasn't right.
$response = null;
$response = filter_input(INPUT_POST, 'response', FILTER_SANITIZE_STRING);
if (mb_strlen(trim($response)) === 0) {
    $response = false;
}
// Get playerinfo from database
$sql = "SELECT * FROM ::prefix::ships WHERE email=:email LIMIT 1";
$stmt = $pdo_db->prepare($sql);