dev #38
@ -4,10 +4,7 @@
|
||||
* Author: Igor Barkov <lopar.4ever@gmail.com>
|
||||
* Project name: Battles-Game
|
||||
*/
|
||||
if (empty($_SESSION['uid']) && $_SERVER['REQUEST_URI'] != "/enter.php") {
|
||||
header("Location: index.php");
|
||||
exit;
|
||||
}
|
||||
|
||||
ini_set('display_errors', 'On');
|
||||
error_reporting(E_ALL);
|
||||
define("GAMEDOMAIN", "battles.lan");
|
||||
@ -16,7 +13,6 @@ define("GAMEDOMAIN", "battles.lan");
|
||||
*/
|
||||
header("Cache-Control: no-store, no-cache, must-revalidate, max-age=0");
|
||||
header("Cache-Control: post-check=0, pre-check=0", false);
|
||||
header("Pragma: no-cache");
|
||||
|
||||
/**
|
||||
* Классы для работы с базой данных.
|
||||
|
||||
32
enter.php
32
enter.php
@ -1,5 +1,6 @@
|
||||
<?php
|
||||
|
||||
use Battles\Database\DBPDO;
|
||||
use Battles\GameLogs;
|
||||
use Battles\Template;
|
||||
|
||||
@ -9,6 +10,7 @@ define('ERROR_NO_SUCH_USER', 'Такого пользователя не сущ
|
||||
define('ERROR_USER_IS_BLOCKED', 'Пользователь заблокирован!');
|
||||
define('ERROR_WRONG_PASSWORD', 'Неверный пароль!');
|
||||
define('ERROR_EMPTY_CREDENTIALS', 'Вы не ввели логин или пароль!');
|
||||
$db = new DBPDO();
|
||||
foreach ($_POST as $key => $val) { //Проверка всех значений массива POST одним махом.
|
||||
$_POST[$key] = iconv(mb_detect_encoding($_POST[$key], 'auto'), 'utf-8', $val);
|
||||
}
|
||||
@ -19,34 +21,34 @@ $battle = $_COOKIE['battle'] ?? '';
|
||||
$error = "";
|
||||
|
||||
if ($username && $password) {
|
||||
$user_query = db::c()->query('SELECT `id`, `login` ,`pass`, `room`, `block` FROM `users` WHERE `login` = "?s"', $username)->fetch_assoc();
|
||||
$user_query = $db->ofetch('SELECT id, login, pass, room, block FROM users WHERE login = ?', $username);
|
||||
|
||||
if (!$user_query['id']) {
|
||||
if (!$user_query->id) {
|
||||
$error = ERROR_NO_SUCH_USER;
|
||||
} elseif ($user_query['block'] == 1) {
|
||||
} elseif ($user_query->block) {
|
||||
$error = ERROR_USER_IS_BLOCKED;
|
||||
} elseif (password_verify($password, $user_query['pass'])) {
|
||||
} elseif (password_verify($password, $user_query->pass)) {
|
||||
|
||||
if (!$error) {
|
||||
# Проверка на мультоводство по используемому кукису.
|
||||
if ($battle != null && $user_query['id'] != $battle) {
|
||||
GameLogs::addUserLog($user_query['id'],'Разные ID на входе. Возможно используются несколько аккаунтов.', 'multiaccounts');
|
||||
if ($battle != null && $user_query->id != $battle) {
|
||||
GameLogs::addUserLog($user_query->id,'Разные ID на входе. Возможно используются несколько аккаунтов.', 'multiaccounts');
|
||||
}
|
||||
|
||||
setcookie("battle", $user_query['id']);
|
||||
$_SESSION['uid'] = $user_query['id'];
|
||||
setcookie("uid", $user_query['id'], time() + 43200, "/", GAMEDOMAIN);
|
||||
setcookie("hashcode", md5($user_query['id'] . $user_query["pass"] . $user_query["login"]), time() + 43200, "/", GAMEDOMAIN);
|
||||
setcookie("battle", $user_query->id);
|
||||
$_SESSION['uid'] = $user_query->id;
|
||||
setcookie("uid", $user_query->id, time() + 43200, "/", GAMEDOMAIN);
|
||||
setcookie("hashcode", md5($user_query->id . $user_query->pass . $username), time() + 43200, "/", GAMEDOMAIN);
|
||||
$_SESSION['sid'] = session_id();
|
||||
|
||||
$onl = db::c()->query('SELECT user_id FROM online WHERE user_id = "?s"', $user_query['id'])->fetch_assoc();
|
||||
if (isset($onl['user_id'])) {
|
||||
db::c()->query('UPDATE online SET date = ?i WHERE user_id = "?s"', time(), $user_query['id']);
|
||||
$onl = $db->ofetch('SELECT user_id FROM online WHERE user_id = ?', $user_query->id);
|
||||
if (isset($onl->user_id)) {
|
||||
$db->execute('UPDATE online SET date = ? WHERE user_id = ?', [time(), $user_query->id]);
|
||||
} else {
|
||||
db::c()->query('INSERT INTO online (user_id, date, room, real_time) VALUES (?i, ?i, ?i, ?i)', $user_query['id'], time(), $user_query['room'], time());
|
||||
$db->execute('INSERT INTO online (user_id, date, room, real_time) VALUES (?,?,?,?)', [$user_query->id, time(), $user_query->room, time()]);
|
||||
}
|
||||
|
||||
db::c()->query('UPDATE `users` SET `session_id` = "?s", `enter_game` = ?i WHERE `id` = ?i', session_id(), 1, $user_query['id']);
|
||||
$db->execute('UPDATE users SET session_id = ?, enter_game = 1 WHERE id = ?', [session_id(), $user_query->id]);
|
||||
header("Location: fight.php");
|
||||
}
|
||||
} else {
|
||||
|
||||
@ -9,8 +9,13 @@ use Battles\Travel;
|
||||
use Battles\User;
|
||||
|
||||
require_once 'config.php';
|
||||
if (empty($_SESSION['uid'])) {
|
||||
header("Location: index.php");
|
||||
exit;
|
||||
} else {
|
||||
$user = new User($_SESSION['uid']);
|
||||
}
|
||||
|
||||
$user = new User($_SESSION['uid']);
|
||||
if ($user->id && $user->block) {
|
||||
exit('user blocked!');
|
||||
}
|
||||
|
||||
Loading…
Reference in New Issue
Block a user