Вход в игру снова работает.

This commit is contained in:
Igor Barkov (iwork) 2021-01-29 17:21:14 +02:00
parent 92c3ea79c0
commit 06963ce428
3 changed files with 24 additions and 21 deletions

View File

@ -4,10 +4,7 @@
* Author: Igor Barkov <lopar.4ever@gmail.com> * Author: Igor Barkov <lopar.4ever@gmail.com>
* Project name: Battles-Game * Project name: Battles-Game
*/ */
if (empty($_SESSION['uid']) && $_SERVER['REQUEST_URI'] != "/enter.php") {
header("Location: index.php");
exit;
}
ini_set('display_errors', 'On'); ini_set('display_errors', 'On');
error_reporting(E_ALL); error_reporting(E_ALL);
define("GAMEDOMAIN", "battles.lan"); define("GAMEDOMAIN", "battles.lan");
@ -16,7 +13,6 @@ define("GAMEDOMAIN", "battles.lan");
*/ */
header("Cache-Control: no-store, no-cache, must-revalidate, max-age=0"); header("Cache-Control: no-store, no-cache, must-revalidate, max-age=0");
header("Cache-Control: post-check=0, pre-check=0", false); header("Cache-Control: post-check=0, pre-check=0", false);
header("Pragma: no-cache");
/** /**
* Классы для работы с базой данных. * Классы для работы с базой данных.

View File

@ -1,5 +1,6 @@
<?php <?php
use Battles\Database\DBPDO;
use Battles\GameLogs; use Battles\GameLogs;
use Battles\Template; use Battles\Template;
@ -9,6 +10,7 @@ define('ERROR_NO_SUCH_USER', 'Такого пользователя не сущ
define('ERROR_USER_IS_BLOCKED', 'Пользователь заблокирован!'); define('ERROR_USER_IS_BLOCKED', 'Пользователь заблокирован!');
define('ERROR_WRONG_PASSWORD', 'Неверный пароль!'); define('ERROR_WRONG_PASSWORD', 'Неверный пароль!');
define('ERROR_EMPTY_CREDENTIALS', 'Вы не ввели логин или пароль!'); define('ERROR_EMPTY_CREDENTIALS', 'Вы не ввели логин или пароль!');
$db = new DBPDO();
foreach ($_POST as $key => $val) { //Проверка всех значений массива POST одним махом. foreach ($_POST as $key => $val) { //Проверка всех значений массива POST одним махом.
$_POST[$key] = iconv(mb_detect_encoding($_POST[$key], 'auto'), 'utf-8', $val); $_POST[$key] = iconv(mb_detect_encoding($_POST[$key], 'auto'), 'utf-8', $val);
} }
@ -19,34 +21,34 @@ $battle = $_COOKIE['battle'] ?? '';
$error = ""; $error = "";
if ($username && $password) { if ($username && $password) {
$user_query = db::c()->query('SELECT `id`, `login` ,`pass`, `room`, `block` FROM `users` WHERE `login` = "?s"', $username)->fetch_assoc(); $user_query = $db->ofetch('SELECT id, login, pass, room, block FROM users WHERE login = ?', $username);
if (!$user_query['id']) { if (!$user_query->id) {
$error = ERROR_NO_SUCH_USER; $error = ERROR_NO_SUCH_USER;
} elseif ($user_query['block'] == 1) { } elseif ($user_query->block) {
$error = ERROR_USER_IS_BLOCKED; $error = ERROR_USER_IS_BLOCKED;
} elseif (password_verify($password, $user_query['pass'])) { } elseif (password_verify($password, $user_query->pass)) {
if (!$error) { if (!$error) {
# Проверка на мультоводство по используемому кукису. # Проверка на мультоводство по используемому кукису.
if ($battle != null && $user_query['id'] != $battle) { if ($battle != null && $user_query->id != $battle) {
GameLogs::addUserLog($user_query['id'],'Разные ID на входе. Возможно используются несколько аккаунтов.', 'multiaccounts'); GameLogs::addUserLog($user_query->id,'Разные ID на входе. Возможно используются несколько аккаунтов.', 'multiaccounts');
} }
setcookie("battle", $user_query['id']); setcookie("battle", $user_query->id);
$_SESSION['uid'] = $user_query['id']; $_SESSION['uid'] = $user_query->id;
setcookie("uid", $user_query['id'], time() + 43200, "/", GAMEDOMAIN); setcookie("uid", $user_query->id, time() + 43200, "/", GAMEDOMAIN);
setcookie("hashcode", md5($user_query['id'] . $user_query["pass"] . $user_query["login"]), time() + 43200, "/", GAMEDOMAIN); setcookie("hashcode", md5($user_query->id . $user_query->pass . $username), time() + 43200, "/", GAMEDOMAIN);
$_SESSION['sid'] = session_id(); $_SESSION['sid'] = session_id();
$onl = db::c()->query('SELECT user_id FROM online WHERE user_id = "?s"', $user_query['id'])->fetch_assoc(); $onl = $db->ofetch('SELECT user_id FROM online WHERE user_id = ?', $user_query->id);
if (isset($onl['user_id'])) { if (isset($onl->user_id)) {
db::c()->query('UPDATE online SET date = ?i WHERE user_id = "?s"', time(), $user_query['id']); $db->execute('UPDATE online SET date = ? WHERE user_id = ?', [time(), $user_query->id]);
} else { } else {
db::c()->query('INSERT INTO online (user_id, date, room, real_time) VALUES (?i, ?i, ?i, ?i)', $user_query['id'], time(), $user_query['room'], time()); $db->execute('INSERT INTO online (user_id, date, room, real_time) VALUES (?,?,?,?)', [$user_query->id, time(), $user_query->room, time()]);
} }
db::c()->query('UPDATE `users` SET `session_id` = "?s", `enter_game` = ?i WHERE `id` = ?i', session_id(), 1, $user_query['id']); $db->execute('UPDATE users SET session_id = ?, enter_game = 1 WHERE id = ?', [session_id(), $user_query->id]);
header("Location: fight.php"); header("Location: fight.php");
} }
} else { } else {

View File

@ -9,8 +9,13 @@ use Battles\Travel;
use Battles\User; use Battles\User;
require_once 'config.php'; require_once 'config.php';
if (empty($_SESSION['uid'])) {
header("Location: index.php");
exit;
} else {
$user = new User($_SESSION['uid']); $user = new User($_SESSION['uid']);
}
if ($user->id && $user->block) { if ($user->id && $user->block) {
exit('user blocked!'); exit('user blocked!');
} }