dev #38

Merged
lopar merged 22 commits from dev into master 2021-02-03 08:56:49 +00:00
3 changed files with 24 additions and 21 deletions
Showing only changes of commit 06963ce428 - Show all commits

View File

@ -4,10 +4,7 @@
* Author: Igor Barkov <lopar.4ever@gmail.com>
* Project name: Battles-Game
*/
if (empty($_SESSION['uid']) && $_SERVER['REQUEST_URI'] != "/enter.php") {
header("Location: index.php");
exit;
}
ini_set('display_errors', 'On');
error_reporting(E_ALL);
define("GAMEDOMAIN", "battles.lan");
@ -16,7 +13,6 @@ define("GAMEDOMAIN", "battles.lan");
*/
header("Cache-Control: no-store, no-cache, must-revalidate, max-age=0");
header("Cache-Control: post-check=0, pre-check=0", false);
header("Pragma: no-cache");
/**
* Классы для работы с базой данных.

View File

@ -1,5 +1,6 @@
<?php
use Battles\Database\DBPDO;
use Battles\GameLogs;
use Battles\Template;
@ -9,6 +10,7 @@ define('ERROR_NO_SUCH_USER', 'Такого пользователя не сущ
define('ERROR_USER_IS_BLOCKED', 'Пользователь заблокирован!');
define('ERROR_WRONG_PASSWORD', 'Неверный пароль!');
define('ERROR_EMPTY_CREDENTIALS', 'Вы не ввели логин или пароль!');
$db = new DBPDO();
foreach ($_POST as $key => $val) { //Проверка всех значений массива POST одним махом.
$_POST[$key] = iconv(mb_detect_encoding($_POST[$key], 'auto'), 'utf-8', $val);
}
@ -19,34 +21,34 @@ $battle = $_COOKIE['battle'] ?? '';
$error = "";
if ($username && $password) {
$user_query = db::c()->query('SELECT `id`, `login` ,`pass`, `room`, `block` FROM `users` WHERE `login` = "?s"', $username)->fetch_assoc();
$user_query = $db->ofetch('SELECT id, login, pass, room, block FROM users WHERE login = ?', $username);
if (!$user_query['id']) {
if (!$user_query->id) {
$error = ERROR_NO_SUCH_USER;
} elseif ($user_query['block'] == 1) {
} elseif ($user_query->block) {
$error = ERROR_USER_IS_BLOCKED;
} elseif (password_verify($password, $user_query['pass'])) {
} elseif (password_verify($password, $user_query->pass)) {
if (!$error) {
# Проверка на мультоводство по используемому кукису.
if ($battle != null && $user_query['id'] != $battle) {
GameLogs::addUserLog($user_query['id'],'Разные ID на входе. Возможно используются несколько аккаунтов.', 'multiaccounts');
if ($battle != null && $user_query->id != $battle) {
GameLogs::addUserLog($user_query->id,'Разные ID на входе. Возможно используются несколько аккаунтов.', 'multiaccounts');
}
setcookie("battle", $user_query['id']);
$_SESSION['uid'] = $user_query['id'];
setcookie("uid", $user_query['id'], time() + 43200, "/", GAMEDOMAIN);
setcookie("hashcode", md5($user_query['id'] . $user_query["pass"] . $user_query["login"]), time() + 43200, "/", GAMEDOMAIN);
setcookie("battle", $user_query->id);
$_SESSION['uid'] = $user_query->id;
setcookie("uid", $user_query->id, time() + 43200, "/", GAMEDOMAIN);
setcookie("hashcode", md5($user_query->id . $user_query->pass . $username), time() + 43200, "/", GAMEDOMAIN);
$_SESSION['sid'] = session_id();
$onl = db::c()->query('SELECT user_id FROM online WHERE user_id = "?s"', $user_query['id'])->fetch_assoc();
if (isset($onl['user_id'])) {
db::c()->query('UPDATE online SET date = ?i WHERE user_id = "?s"', time(), $user_query['id']);
$onl = $db->ofetch('SELECT user_id FROM online WHERE user_id = ?', $user_query->id);
if (isset($onl->user_id)) {
$db->execute('UPDATE online SET date = ? WHERE user_id = ?', [time(), $user_query->id]);
} else {
db::c()->query('INSERT INTO online (user_id, date, room, real_time) VALUES (?i, ?i, ?i, ?i)', $user_query['id'], time(), $user_query['room'], time());
$db->execute('INSERT INTO online (user_id, date, room, real_time) VALUES (?,?,?,?)', [$user_query->id, time(), $user_query->room, time()]);
}
db::c()->query('UPDATE `users` SET `session_id` = "?s", `enter_game` = ?i WHERE `id` = ?i', session_id(), 1, $user_query['id']);
$db->execute('UPDATE users SET session_id = ?, enter_game = 1 WHERE id = ?', [session_id(), $user_query->id]);
header("Location: fight.php");
}
} else {

View File

@ -9,8 +9,13 @@ use Battles\Travel;
use Battles\User;
require_once 'config.php';
if (empty($_SESSION['uid'])) {
header("Location: index.php");
exit;
} else {
$user = new User($_SESSION['uid']);
}
$user = new User($_SESSION['uid']);
if ($user->id && $user->block) {
exit('user blocked!');
}