bank fixes

This commit is contained in:
lopar 2018-03-09 20:43:30 +02:00
parent 10e30c2392
commit 1bce446b16
8 changed files with 20 additions and 145 deletions

View File

@ -11,7 +11,7 @@ if ($user['battle'] != 0) { header('location: fbattle.php'); die(); }
if($_POST['enter'] && $_POST['pass']) { if($_POST['enter'] && $_POST['pass']) {
$data = mysql_query("SELECT * FROM `bank` WHERE `owner`='".$user['id']."' AND `id`='".$_POST['id']."' AND `pass`='".md5($_POST['pass'])."';"); $data = mysql_query("SELECT * FROM `bank` WHERE `id`='".$user['id']."' AND `pass`='".md5($_POST['pass'])."';");
$data = mysql_fetch_array($data); $data = mysql_fetch_array($data);
if($data) { if($data) {
$_SESSION['bankid'] = $_POST['id']; $_SESSION['bankid'] = $_POST['id'];
@ -130,7 +130,7 @@ if(!$_SESSION['bankid']) {
<fieldset style="width:200px; height:130px;"> <fieldset style="width:200px; height:130px;">
<legend>Войти в счет</legend><br> &nbsp; <legend>Войти в счет</legend><br> &nbsp;
<? <?
$banks = mysql_query("SELECT * FROM `bank` WHERE `owner` = ".$user['id'].";"); $banks = mysql_query("SELECT * FROM `bank` WHERE `id` = ".$user['id'].";");
echo "<select style='width:150px' name=id>"; echo "<select style='width:150px' name=id>";
while ($rah = mysql_fetch_array($banks)) { while ($rah = mysql_fetch_array($banks)) {
echo "<option>",$rah['id'],"</option>"; echo "<option>",$rah['id'],"</option>";

View File

@ -1,57 +0,0 @@
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<LINK href="http://old-dark.ru/i/main.css" type=text/css rel=stylesheet>
<META http-equiv=Content-type content="text/html; charset=utf-8">
</head>
<title>Востановление пароля</title>
<body bottomMargin=0 vLink=#333333 aLink=#000000 link=#000000 bgColor=#666666 leftMargin=0 topMargin=0 rightMargin=0 marginheight="0" marignwidth="0">
<div style='background-color:#636462; width:13%; float:left;'>&nbsp;</div>
<div style='float:left; text-align:justify; width:933px; FONT-SIZE: 10pt; FONT-FAMILY: Verdana, Arial, Helvetica, Tahoma, sans-serif; background-color:#F2E5B1; widh:100%;'>
<table style='font-size:12px; border:0px; margin:0px; padding:0px;' cellpadding=0 cellspacing=0 border=0>
<tr>
<td width=124px;><img src='http://old-dark.ru/encicl/images/pict_1.jpg' width=126 height=243 /><td width=100% valign=top>
<br>
<?php
//$browsers = get_browser();
//echo "--".$browsers->browser."--";
/*switch ($browsers->browser){
case 'Chrome' :
$_GET['login']=iconv('utf-8', 'cp1251', $_GET['login']);
break;
case 'Safari' :
$_GET['login']=iconv('utf-8', 'cp1251', $_GET['login']);
break;
case 'Default Browser' : //Opera10
$_GET['login']=iconv('utf-8', 'cp1251', $_GET['login']);
break;
case 'Firefox' :
$_GET['login']=$_GET['login'];
break;
}*/
$realtime=mktime(date(H), date(i), date(s), date("m") , date("d"), date("Y"));
$_GET['login']=strtolower($_GET['login']);
if ($_GET['newpass']!='' && $_GET['login']!='' && $_GET['timev']!='' && $realtime<=$_GET['timev']) {
include("config.php");
$sql=mysql_query("select * from confirmpasswd where login='bbb".$_GET['login']."bbb' and passwd='".$_GET['newpass']."' and date='".$_GET['timev']."' and active=1") or die("Ошибка обработки запроса.");
if (mysql_num_rows($sql)==0 or mysql_num_rows($sql)=='') die("<center><h3>Ссылка устарела!</h3></center>");
$sql=mysql_fetch_array($sql,MYSQL_ASSOC) or die("Ошибка обработки запроса!!");
mysql_query("update bank set pass='".md5($_GET['newpass'])."' where id='".$_GET['login']."'") or die("Ошибка обработки запроса!");
echo "<center>Пароль изменен. Не забывайте пароль.<br>Для входа в игру перейдите по сылке <a href='http://old-dark.ru/'>http://old-dark.ru/</a></center>";
@mysql_query("update confirmpasswd set active=0 where login='bbb".$_GET['login']."bbb' and passwd='".$_GET['newpass']."' and date='".$_GET['timev']."' and active=1");
}
else echo "<center><h3>Ссылка устарела.</h3></center>";
?>
</td>
<td width=107 align=right>
<img src='http://old-dark.ru/encicl/images/paper1.gif' width=39 height=292 />
</table>
<div style='float:left; margin-left:-87px;'></div>
</div>
<div style='clear:both'></div><br>
</table>
</body>
</html>

View File

@ -77,39 +77,6 @@ if (!isset($user)) {
// regenhp($user); // regenhp($user);
//} //}
$inder = filter_input(INPUT_COOKIE, 'inder');
if (!isset($banks['id'])) {
$banks = db::c()->query('SELECT `id`, `cr`, `ekr` FROM `bank` WHERE `id` = "?s" AND `owner` = "?s" LIMIT 1', $inder, $user['id'])->fetch_assoc();
}
function auth_bank($id, $pass, $us)
{
global $banks;
$bn = db::c()->query('SELECT `id`, `pass` FROM `bank` WHERE `id` = ?i AND `owner` = "?s"', $id, $us)->fetch_assoc();
if (isset($bn['id'])) {
if ($bn['pass'] == md5($pass)) {
setcookie('inder', $bn['id'], time() + 60 * 60 * 24 * 7, '/', GAMEDOMAIN, 0, true);
$banks['id'] = $bn['id'];
$msg = 'Успешная авторизация ...';
} else {
$msg = 'Неверный пароль ...';
}
} else {
$msg = 'Счёт не найден ...';
}
return $msg;
}
function exit_bank($link)
{
global $banks;
$r = 'Работа со счётом завершена ...';
setcookie('inder', '', time() + 60 * 60 * 24 * 7, '', GAMEDOMAIN);
$banks['id'] = null;
header('Location: ' . $link);
return $r;
}
function getNum($v) function getNum($v)
{ {
@ -127,24 +94,12 @@ function getNum($v)
function banks() function banks()
{ {
global $user, $banks; $id = $_SESSION['uid'];
$bank = db::c()->query('SELECT `id`, `cr`, `ekr` FROM `bank` WHERE `id` = "?s" AND `owner` = "?s" LIMIT 1', $banks['id'], $user['id'])->fetch_assoc(); $bank = db::c()->query('SELECT `id`, `ekr` FROM `bank` WHERE `id` = ?i ', $id)->fetch_assoc();
if (isset($bank['id'])) { if (isset($bank['id'])) {
echo '<fieldset style=\'width: 400px;\'><legend>Счёт</legend>Банковский счёт №' . $bank['id'] . '. <a href=\'?destruct=bank&id=' . $user['id'] . '\' title=\'Закончить работу со счётом\'>x</a><br />На счету <b>' . $bank['ekr'] . '</b> еврокредитов.</fieldset>'; echo '<fieldset style="width: 400px;"><legend>Счёт</legend>Банковский счёт № {$id} <br>На счету <b>' . $bank['ekr'] . '</b> еврокредитов.</fieldset>';
} else { } else {
$sp = db::c()->query('SELECT `id` FROM `bank` WHERE `owner` = "?s" ORDER BY `id` ASC', $user['id']); echo 'У вас нет счета в банке.';
if ($sp->getNumRows() > 0) {
$nums .= '<select name=\'bnid\'>';
$pl = $sp->fetch_assoc();
while ($pl) {
$nums .= '<option value=\'' . $pl['id'] . '\'>Счёт #' . $pl['id'] . '</option>';
}
$nums .= '</select> <input type=\'password\' name=\'passwords\' /> <input type=\'submit\' name=\'oauth\' value=\'Вход\' />';
} else {
$nums = 'У вас нет счетов';
}
$auth = $nums;
echo '<fieldset style=\'width: 400px;\'><legend>Авторизация</legend><form method=\'POST\'>' . $auth . '</form></fieldset>';
} }
} }
@ -947,7 +902,7 @@ function add_user_abil($ab, $cost)
$isset[$ab] += 1; $isset[$ab] += 1;
mysql_query('UPDATE `abils_user` SET `' . $ab . '` = "' . $isset[$ab] . '" WHERE `uid` = "' . $user['id'] . '" LIMIT 1'); mysql_query('UPDATE `abils_user` SET `' . $ab . '` = "' . $isset[$ab] . '" WHERE `uid` = "' . $user['id'] . '" LIMIT 1');
$banks['ekr'] -= $cost; $banks['ekr'] -= $cost;
mysql_query('UPDATE `bank` SET `ekr` = "' . $banks['ekr'] . '" WHERE `owner` = "' . $user['id'] . '" LIMIT 1'); mysql_query('UPDATE `bank` SET `ekr` = "' . $banks['ekr'] . '" WHERE `id` = "' . $user['id'] . '" LIMIT 1');
return true; return true;
} }
} }
@ -964,7 +919,7 @@ function add_klan_abil($ab, $cost)
$isset[$ab] += 1; $isset[$ab] += 1;
mysql_query('UPDATE `abils_klan` SET `' . $ab . '` = "' . $isset[$ab] . '" WHERE `klan` = "' . $user['klan'] . '" LIMIT 1'); mysql_query('UPDATE `abils_klan` SET `' . $ab . '` = "' . $isset[$ab] . '" WHERE `klan` = "' . $user['klan'] . '" LIMIT 1');
$banks['ekr'] -= $cost; $banks['ekr'] -= $cost;
mysql_query('UPDATE `bank` SET `ekr` = "' . $banks['ekr'] . '" WHERE `owner` = "' . $user['id'] . '" LIMIT 1'); mysql_query('UPDATE `bank` SET `ekr` = "' . $banks['ekr'] . '" WHERE `id` = "' . $user['id'] . '" LIMIT 1');
return true; return true;
} }
} }
@ -2616,7 +2571,7 @@ function showpersout($pas = 0)
Ничьих: <?=$user['nich']?><br> Ничьих: <?=$user['nich']?><br>
<? <?
$ekr_bank = db::c()->query('SELECT SUM(`ekr`) AS `bank_ekr`,SUM(`cr`) AS `bank_cr` FROM `bank` WHERE `owner`= ?i', $user['id'])->fetch_assoc(); $ekr_bank = db::c()->query('SELECT SUM(`ekr`) AS `bank_ekr`,SUM(`cr`) AS `bank_cr` FROM `bank` WHERE `id`= ?i', $user['id'])->fetch_assoc();
?> ?>
Деньги: <b><?=$user['money']?></b> кр.<br> Деньги: <b><?=$user['money']?></b> кр.<br>

View File

@ -197,7 +197,7 @@ if ($own['admin'] == 1) {
if (!empty($user['reputation'])) echo "Всего Репутации: " . $user['reputation'] . "<br>"; if (!empty($user['reputation'])) echo "Всего Репутации: " . $user['reputation'] . "<br>";
if (!empty($user['doblest'])) echo "Репутации: " . $user['doblest'] . "<br>"; if (!empty($user['doblest'])) echo "Репутации: " . $user['doblest'] . "<br>";
if ($user_bank = db::c()->query('SELECT `id`,`cr`,`ekr` FROM `bank` WHERE `owner` = ?i', $user['id'])) { if ($user_bank = db::c()->query('SELECT `id`,`cr`,`ekr` FROM `bank` WHERE `id` = ?i', $user['id'])) {
echo "<H4>Банк</H4>"; echo "<H4>Банк</H4>";
echo " echo "
<table class='adm'> <table class='adm'>

View File

@ -19,18 +19,6 @@ if ($user['battle'] != 0) {
// $shadow = mysql_fetch_array(mysql_query("SELECT `id`, `mshadow`, `wshadow` FROM `clans` WHERE `id` = '{$user['klan']}' LIMIT 1")); // $shadow = mysql_fetch_array(mysql_query("SELECT `id`, `mshadow`, `wshadow` FROM `clans` WHERE `id` = '{$user['klan']}' LIMIT 1"));
//} //}
if ($_POST['bankpsw']) {
echo "<b style='color: Red;'>" . auth_bank((int)$_POST['bank'], $_POST['bankpsw'], $user['id']) . "</b>";
}
if ($_GET['unset_bank'] == 1) {
exit_bank('?error=bank');
}
if ($_GET['error'] == 'bank') {
err('Работа со счётом завершена.');
}
function updstats() function updstats()
{ {
global $user; global $user;
@ -1706,40 +1694,30 @@ if ($_GET['edit']) {
Ничьих: <b><?= $user['nich'] ?></b><BR> Ничьих: <b><?= $user['nich'] ?></b><BR>
</span> </span>
<?
$ekr_bank = mysql_fetch_assoc(mysql_query("SELECT SUM(`ekr`) AS `bank_ekr`,SUM(`cr`) AS `bank_cr` FROM `bank` WHERE `owner`='" . $user['id'] . "'"));
?>
Деньги: <b><?= $user['money'] ?></b> кр.<BR> Деньги: <b><?= $user['money'] ?></b> кр.<BR>
Репутация: <b><?= $user['doblest'] ?></b> реп.<br/> Репутация: <b><?= $user['doblest'] ?></b> реп.<br/>
<? if (isset($banks['id'])) { ?>
Банк
<small><b>#<?= $banks['id']; ?></b>: (<b><?= $banks['cr']; ?></b> .кр,
<b><?= $banks['ekr']; ?></b> .екр) <a href="?unset_bank=1" title="Выход">X</a></small>
<br/>
<? } else { ?>
<a href="javascript:bank_info();">Авторизация в банке</a>
<? } ?>
<SCRIPT src="/js/main_096_ru2.js"></SCRIPT> <SCRIPT src="/js/main_096_ru2.js"></SCRIPT>
<? <?
if (@$_GET['is_open'] && !is_numeric(@$_GET['is_open'])) { if ($_GET['is_open'] && !is_numeric($_GET['is_open'])) {
unset($_GET['is_open']); unset($_GET['is_open']);
} }
if (@$_GET['bar'] == 'param') { if ($_GET['bar'] == 'param') {
$_SESSION['param'] = $_GET['is_open']; $_SESSION['param'] = $_GET['is_open'];
} }
if (@$_GET['bar'] == 'oryj') { if ($_GET['bar'] == 'oryj') {
$_SESSION['oryj'] = $_GET['is_open']; $_SESSION['oryj'] = $_GET['is_open'];
} }
if (@$_GET['bar'] == 'modif') { if ($_GET['bar'] == 'modif') {
$_SESSION['modif'] = $_GET['is_open']; $_SESSION['modif'] = $_GET['is_open'];
} }
if (@$_GET['bar'] == 'bron') { if ($_GET['bar'] == 'bron') {
$_SESSION['bron'] = $_GET['is_open']; $_SESSION['bron'] = $_GET['is_open'];
} }
if (@$_GET['bar'] == 'bonus') { if ($_GET['bar'] == 'bonus') {
$_SESSION['bonus'] = $_GET['is_open']; $_SESSION['bonus'] = $_GET['is_open'];
} }

View File

@ -160,7 +160,6 @@ echo"Вы уменьшили глубину сектора на ".$randhp." ед
else{ else{
mysql_query("update `pole` set `heals`='0',`type`='0' where `id`='".$id."'"); mysql_query("update `pole` set `heals`='0',`type`='0' where `id`='".$id."'");
mysql_query("update `users` set `pole_kopka_kol_now`=`pole_kopka_kol_now`-'1' where `id`='".$user['id']."'"); mysql_query("update `users` set `pole_kopka_kol_now`=`pole_kopka_kol_now`-'1' where `id`='".$user['id']."'");
mysql_query("update `bank` set `ekr`=`ekr`+'".$bon."' where `owner`='".$user['id']."' LIMIT 1;");
$user['pole_kopka_kol_now'] -= 1; $user['pole_kopka_kol_now'] -= 1;
echo"Вы выкопали ".$bon." екр! Ищите в Банке, если у Вас есть счет. Если счета нету, срочно откройте его. :)"; echo"Вы выкопали ".$bon." екр! Ищите в Банке, если у Вас есть счет. Если счета нету, срочно откройте его. :)";
mysql_query("INSERT INTO `delo` (`id` , `author` ,`pers`, `text`, `type`, `date`) VALUES ('','0','{$user['id']}','\"".$user['login']."\" выкопал на Поле Чудес ".$bon." екр',1,'".time()."');"); mysql_query("INSERT INTO `delo` (`id` , `author` ,`pers`, `text`, `type`, `date`) VALUES ('','0','{$user['id']}','\"".$user['login']."\" выкопал на Поле Чудес ".$bon." екр',1,'".time()."');");

View File

@ -8,7 +8,7 @@ include('config.php');
include('functions.php'); include('functions.php');
if ($_POST['oauth'] && $_POST['bnid']) { if ($_POST['oauth'] && $_POST['bnid']) {
$bn = mysql_fetch_array(mysql_query('SELECT `id`, `pass` FROM `bank` WHERE `id` = "' . (int)$_POST['bnid'] . '" AND `owner` = "' . $user['id'] . '" LIMIT 1')); $bn = mysql_fetch_array(mysql_query('SELECT `id` FROM `bank` WHERE `id` = "' . (int)$_POST['bnid'] . '" LIMIT 1'));
if (isset($bn['id'])) { if (isset($bn['id'])) {
if ($bn['pass'] == md5($_POST['passwords'])) { if ($bn['pass'] == md5($_POST['passwords'])) {
setcookie('inder', $bn['id'], time() + 60 * 60 * 24 * 7, '', GAMEDOMAIN); setcookie('inder', $bn['id'], time() + 60 * 60 * 24 * 7, '', GAMEDOMAIN);

View File

@ -28,7 +28,7 @@ mysql_query("update `inventory` set `upgrade`='".$cur_up['level_up']."',`nlevel`
} }
if($_POST['enter'] && $_POST['pass']) { if($_POST['enter'] && $_POST['pass']) {
$data = mysql_query("SELECT * FROM `bank` WHERE `owner`='".$user['id']."' AND `id`='".$_POST['id']."' AND `pass`='".md5($_POST['pass'])."';"); $data = mysql_query("SELECT * FROM `bank` WHERE `id`='".$_POST['id']."' AND `pass`='".md5($_POST['pass'])."';");
echo mysql_error(); echo mysql_error();
$data = mysql_fetch_array($data); $data = mysql_fetch_array($data);
if($data) { if($data) {
@ -148,7 +148,7 @@ if(!$_SESSION['bankid']) {
<fieldset style="width:200px; height:130px;"> <fieldset style="width:200px; height:130px;">
<legend>Войти в счет</legend><br> &nbsp; <legend>Войти в счет</legend><br> &nbsp;
<? <?
$banks = mysql_query("SELECT * FROM `bank` WHERE `owner` = ".$user['id'].";"); $banks = mysql_query("SELECT * FROM `bank` WHERE `id` = ".$user['id'].";");
echo "<select style='width:150px' name=id>"; echo "<select style='width:150px' name=id>";
while ($rah = mysql_fetch_array($banks)) { while ($rah = mysql_fetch_array($banks)) {
echo "<option>",$rah['id'],"</option>"; echo "<option>",$rah['id'],"</option>";