ошибки Undefined

This commit is contained in:
Ivor Barhansky 2023-08-16 01:48:29 +03:00
parent 0f30620f61
commit 80ef052c6e
13 changed files with 1900 additions and 2205 deletions

View File

@ -118,5 +118,10 @@ class Bonuses
$this->result[self::$names['zonb']] = 1; $this->result[self::$names['zonb']] = 1;
} }
} }
public static function getBonusSystemNames(): array
{
return array_keys(self::$names);
}
} }

File diff suppressed because it is too large Load Diff

View File

@ -155,4 +155,9 @@ class ItemsModel
{ {
return Db::getValue('select sum(2price) from items_users where inOdet > 0 and uid = ?', [$uid]); return Db::getValue('select sum(2price) from items_users where inOdet > 0 and uid = ?', [$uid]);
} }
public static function getWearedItems(int $userId): array
{
return Db::getRows('select * from items_users where inOdet > 0 and uid = ?', [$userId]);
}
} }

View File

@ -15,55 +15,6 @@ class Password
$this->info = $userinfo ?? User::start()->info; $this->info = $userinfo ?? User::start()->info;
} }
public function changeFirst(string $old, string $new): string
{
if ($old === $new && password_verify($old, $this->info['pass'])) {
if ($this->info['emailconfirmation'] === 1) {
$query = 'insert into emailconfirmation (id, code, pa_em, pass) values (?,?,?,1)';
$args = [
$this->info['id'],
PassGen::intCode(10),
password_hash($new, PASSWORD_DEFAULT)
];
Confirmation::byEmail($this->info, 'пароль', $new, $args[1]);
$hashedPass = $args[2];
} else {
$query = 'update users set pass = ?, repass = 0, securetime = unix_timestamp() + 259200 where id = ?';
$args = [
password_hash($new, PASSWORD_DEFAULT),
$this->info['id']
];
$hashedPass = $args[0];
}
Db::sql($query, $args);
return $hashedPass;
}
return $this->info['pass'];
}
public function changeSecond(?int $passLength): array
{
if (in_array($passLength, [4,6,8])) {
$query = 'update users set pass2 = ? where id = ?';
$pass2 = PassGen::intCode($passLength);
$args = [
password_hash($pass2, PASSWORD_DEFAULT),
$this->info['id']
];
Confirmation::byEmail($this->info, 'pass2', $pass2);
$hash = $args[0];
} else {
$query = 'update users set pass2 = default where id = ?';
$args = [$this->info['id']];
}
Db::sql($query, $args);
return [
'pass2' => $pass2 ?? '',
'hash' => $hash ?? null,
];
}
public static function isGood(string $password, string $passwordHash, string $login): bool public static function isGood(string $password, string $passwordHash, string $login): bool
{ {
if (password_verify($password, $passwordHash)) { // check password if (password_verify($password, $passwordHash)) { // check password
@ -80,5 +31,54 @@ class Password
return false; return false;
} }
} }
public function changeFirst(string $old, string $new): string
{
if ($old === $new && password_verify($old, $this->info['pass'])) {
if ($this->info['emailconfirmation'] === 1) {
$query = 'insert into emailconfirmation (id, code, pa_em, pass) values (?,?,?,1)';
$args = [
$this->info['id'],
PassGen::intCode(10),
password_hash($new, PASSWORD_DEFAULT),
];
Confirmation::byEmail($this->info, 'пароль', $new, $args[1]);
$hashedPass = $args[2];
} else {
$query = 'update users set pass = ?, securetime = unix_timestamp() + 259200 where id = ?';
$args = [
password_hash($new, PASSWORD_DEFAULT),
$this->info['id'],
];
$hashedPass = $args[0];
}
Db::sql($query, $args);
return $hashedPass;
}
return $this->info['pass'];
}
public function changeSecond(?int $passLength): array
{
if (in_array($passLength, [4, 6, 8])) {
$query = 'update users set pass2 = ? where id = ?';
$pass2 = PassGen::intCode($passLength);
$args = [
password_hash($pass2, PASSWORD_DEFAULT),
$this->info['id'],
];
Confirmation::byEmail($this->info, 'pass2', $pass2);
$hash = $args[0];
} else {
$query = 'update users set pass2 = default where id = ?';
$args = [$this->info['id']];
}
Db::sql($query, $args);
return [
'pass2' => $pass2 ?? '',
'hash' => $hash ?? null,
];
}
} }

File diff suppressed because it is too large Load Diff

View File

@ -963,7 +963,7 @@ if (!isset($_COOKIE['d1c'])) {
</td> </td>
<?php <?php
} }
if ($u->info['vip'] > time() || $u->stats['silvers'] > 0 || $u->stats['bronze'] > 0 || $u->stats['gold'] > 0) { ?> if ($u->info['vip'] > time()) { ?>
<!-- VIP --> <!-- VIP -->
<td style="width: 30px"> <td style="width: 30px">
<img onClick="top.getUrl('main','main.php?vip=1&rnd='+c.rnd);" class="db cp" <img onClick="top.getUrl('main','main.php?vip=1&rnd='+c.rnd);" class="db cp"

View File

@ -300,27 +300,19 @@ if (!isset($u['id'])) {
$cmsg->setType(6); $cmsg->setType(6);
$chat->sendMsg($cmsg); $chat->sendMsg($cmsg);
} }
$apu = "`auth` = '" . md5($u['login'] . 'AUTH' . IP) . "',"; $apu = "auth = '" . md5($u['login'] . 'AUTH' . IP) . "',";
setcookie('auth', md5($u['login'] . 'AUTH' . IP), time() + 60 * 60 * 24 * 365, '', Config::get('host')); setcookie('auth', md5($u['login'] . 'AUTH' . IP), time() + 60 * 60 * 24 * 365, '', Config::get('host'));
} }
if ($u['repass'] == 0) {
$ipnew = IP; $ipnew = IP;
} else {
$ipnew = $u['ip'];
}
Db::sql('insert into logs_auth (uid, ip, browser, time) values (?,?,?,unix_timestamp())', [ Db::sql('insert into logs_auth (uid, ip, browser, time) values (?,?,?,unix_timestamp())', [
$u['id'], IP, $_SERVER['HTTP_USER_AGENT'] $u['id'], IP, $_SERVER['HTTP_USER_AGENT'],
]); ]);
mysql_query( Db::sql("update users set $apu ip = ?, dateEnter = ?, online = unix_timestamp() where id = ?", [$ipnew, $_SERVER['HTTP_USER_AGENT'], $u['id']]);
"UPDATE `users` SET " . $apu . "`ip`='" . $ipnew . "',`dateEnter`='" . $_SERVER['HTTP_USER_AGENT'] .
"',`online`='" . time() . "' WHERE `id` = " . $u['id']
);
$_SESSION['uid'] = $u['id']; $_SESSION['uid'] = $u['id'];
header('location: /bk'); header('location: /bk');
exit();
} }

View File

@ -1194,13 +1194,6 @@ if (isset($uer)) {
'"', '&quot;', $inf['redirect'] '"', '&quot;', $inf['redirect']
) . '">' . htmlspecialchars($inf['redirect']) . '</a></small><br>'; ) . '">' . htmlspecialchars($inf['redirect']) . '</a></small><br>';
} }
if ($u->info['admin'] > 0) {
echo '<hr><small>';
echo 'Цена комплекта: ' . (int)$st['prckr'] . ' кр.<br>';
echo 'Цена комплекта: ' . (int)$st['preckr'] . ' eкр.<br>';
echo 'Уровень покупателя: ' . (int)$st['pbe'] . '<br>';
echo '</small>';
}
$twk = ''; $twk = '';
$sp = mysql_query('SELECT * FROM `users_twink` WHERE `uid` = "' . $inf['id'] . '"'); $sp = mysql_query('SELECT * FROM `users_twink` WHERE `uid` = "' . $inf['id'] . '"');

View File

@ -88,7 +88,7 @@ if ($u->info['bithday'] == '01.01.1800' && $u->info['inTurnirnew'] == 0) {
#--------для общаги, и позже для почты #--------для общаги, и позже для почты
$sleep = $u->testAction('`vars` = "sleep" AND `uid` = "' . $u->info['id'] . '" LIMIT 1', 1); $sleep = $u->testAction('`vars` = "sleep" AND `uid` = "' . $u->info['id'] . '" LIMIT 1', 1);
if ($u->room['file'] != "room_hostel" && $u->room['file'] != "an/room_hostel" && $sleep['id'] > 0) { if ($u->room['file'] != "room_hostel" && $u->room['file'] != "an/room_hostel" && !empty($sleep)) {
Db::sql('update actions set vars = ? where id = ?', ['unsleep', $sleep['id']]); Db::sql('update actions set vars = ? where id = ?', ['unsleep', $sleep['id']]);
} }
if ($u->room['file'] == "room_hostel" || $u->room['file'] == "post") { if ($u->room['file'] == "room_hostel" || $u->room['file'] == "post") {

View File

@ -2,6 +2,7 @@
# Получаем IP # Получаем IP
use Core\Db; use Core\Db;
use User\ItemsModel;
use User\UserIp; use User\UserIp;
const GAME = true; const GAME = true;
@ -153,7 +154,7 @@ if ($u->info['battle_text'] != '') {
$act = -2; $act = -2;
$act2 = 0; $act2 = 0;
$u->stats = $u->getStats($u->info['id'], 0); $u->stats = $u->getStats($u->info['id'], 0);
$u->aves = \User\ItemsModel::inventoryWeightAndItemQuantity(); $u->aves = ItemsModel::inventoryWeightAndItemQuantity();
if (!isset($u->stats['act'])) { if (!isset($u->stats['act'])) {
$u->stats['act'] = 0; $u->stats['act'] = 0;
} }
@ -166,68 +167,70 @@ $ul = $u->testLevel();
if ($ul == 1) { if ($ul == 1) {
$act = 1; $act = 1;
} }
if ($u->info['repass'] > 0 && $u->info['id'] != 5433446) {
/*-----------------------*/ //// Непонятно что это, потому что переменной 'repass' не существует и этот код никогда не выполняется. 15.08.2023, Инс.
if ($u->info['battle'] == 0) { //if ($u->info['repass'] > 0 && $u->info['id'] != 5433446) {
if ($act2 != -2 && $act == -2) { //
$act = $act2; // /*-----------------------*/
} // if ($u->info['battle'] == 0) {
// if ($act2 != -2 && $act == -2) {
if (!isset($u->tfer['id']) && $u->room['block_all'] == 0) { // $act = $act2;
//Одеть/снять предмет // }
if (isset($_GET['rstv']) && isset($_GET['inv'])) { //
$act = $u->freeStatsMod($_GET['rstv'], $_GET['mf'], $u->info['id']); // if (!isset($u->tfer['id']) && $u->room['block_all'] == 0) {
} elseif (isset($_GET['ufs2']) && isset($_GET['inv'])) { // //Одеть/снять предмет
$act = $u->freeStats2Item($_GET['itmid'], $_GET['ufs2'], $u->info['id'], 1); // if (isset($_GET['rstv']) && isset($_GET['inv'])) {
} elseif (isset($_GET['ufs2mf']) && isset($_GET['inv'])) { // $act = $u->freeStatsMod($_GET['rstv'], $_GET['mf'], $u->info['id']);
$act = $u->freeStats2Item($_GET['itmid'], $_GET['ufs2mf'], $u->info['id'], 2); // } elseif (isset($_GET['ufs2']) && isset($_GET['inv'])) {
} elseif (isset($_GET['ufsmst']) && isset($_GET['inv'])) { // $act = $u->freeStats2Item($_GET['itmid'], $_GET['ufs2'], $u->info['id'], 1);
$act = $u->itemsSmSave($_GET['itmid'], $_GET['ufsmst'], $u->info['id']); // } elseif (isset($_GET['ufs2mf']) && isset($_GET['inv'])) {
} elseif (isset($_GET['ufsms']) && isset($_GET['inv'])) { // $act = $u->freeStats2Item($_GET['itmid'], $_GET['ufs2mf'], $u->info['id'], 2);
$act = $u->itemsSmSave($_GET['itmid'], $_GET['ufsms'] + 100, $u->info['id']); // } elseif (isset($_GET['ufsmst']) && isset($_GET['inv'])) {
} elseif (isset($_GET['ufs']) && isset($_GET['inv'])) { // $act = $u->itemsSmSave($_GET['itmid'], $_GET['ufsmst'], $u->info['id']);
$act = $u->freeStatsItem($_GET['itmid'], $_GET['ufs'], $u->info['id']); // } elseif (isset($_GET['ufsms']) && isset($_GET['inv'])) {
} elseif (isset($_GET['sid']) && isset($_GET['inv'])) { // $act = $u->itemsSmSave($_GET['itmid'], $_GET['ufsms'] + 100, $u->info['id']);
$act = $u->snatItem($_GET['sid'], $u->info['id']); // } elseif (isset($_GET['ufs']) && isset($_GET['inv'])) {
} elseif (isset($_GET['oid']) && isset($_GET['inv'])) { // $act = $u->freeStatsItem($_GET['itmid'], $_GET['ufs'], $u->info['id']);
$act = $u->odetItem($_GET['oid'], $u->info['id']); // } elseif (isset($_GET['sid']) && isset($_GET['inv'])) {
} elseif (isset($_GET['item_rune']) && isset($_GET['inv'])) { // $act = $u->snatItem($_GET['sid'], $u->info['id']);
$act = $u->runeItem(null); // } elseif (isset($_GET['oid']) && isset($_GET['inv'])) {
} elseif (isset($_GET['remitem'], $_GET['inv'])) { // $act = $u->odetItem($_GET['oid'], $u->info['id']);
$act = $u->snatItemAll($u->info['id']); // } elseif (isset($_GET['item_rune']) && isset($_GET['inv'])) {
} elseif (isset($_GET['delete']) && isset($_GET['inv']) && $u->newAct($_GET['sd4'])) { // $act = $u->runeItem(null);
$u->deleteItem(intval($_GET['delete']), $u->info['id']); // } elseif (isset($_GET['remitem'], $_GET['inv'])) {
} elseif (isset($_GET['stack']) && isset($_GET['inv'])) { // $act = $u->snatItemAll($u->info['id']);
$u->stack($_GET['stack']); // } elseif (isset($_GET['delete']) && isset($_GET['inv']) && $u->newAct($_GET['sd4'])) {
} elseif (isset($_GET['unstack']) && isset($_GET['inv'])) { // $u->deleteItem(intval($_GET['delete']), $u->info['id']);
$u->unstack($_GET['unstack']); // } elseif (isset($_GET['stack']) && isset($_GET['inv'])) {
} elseif (isset($_GET['end_qst_now'])) { // $u->stack($_GET['stack']);
$q->endq((int)$_GET['end_qst_now'], 'end'); // } elseif (isset($_GET['unstack']) && isset($_GET['inv'])) {
} // $u->unstack($_GET['unstack']);
//Использовать эффект // } elseif (isset($_GET['end_qst_now'])) {
if (isset($_GET['use_pid'])) { // $q->endq((int)$_GET['end_qst_now'], 'end');
$magic->useItems((int)$_GET['use_pid']); // }
} // //Использовать эффект
} // if (isset($_GET['use_pid'])) {
// $magic->useItems((int)$_GET['use_pid']);
} elseif ($u->info['battle_text'] != '') { // }
Db::sql('update stats set battle_text = ?, last_b = 0 where id = ?', ['', $u->info['id']]); // }
} //
// } elseif ($u->info['battle_text'] != '') {
if ($magic->youuse > 0) { // Db::sql('update stats set battle_text = ?, last_b = 0 where id = ?', ['', $u->info['id']]);
$act = 1; // }
} //
//Получение статов // if ($magic->youuse > 0) {
if ($act != -2) { // $act = 1;
$u->stats = $u->getStats($u->info['id'], 0, 1); // }
$u->aves = \User\ItemsModel::inventoryWeightAndItemQuantity(); // //Получение статов
$act2 = $u->testItems($u->info['id'], $u->stats, 0); // if ($act != -2) {
if ($act2 != -2 && $act == -2) { // $u->stats = $u->getStats($u->info['id'], 0, 1);
$act = $act2; // $u->aves = \User\ItemsModel::inventoryWeightAndItemQuantity();
} // $act2 = $u->testItems($u->info['id'], $u->stats, 0);
} // if ($act2 != -2 && $act == -2) {
} // $act = $act2;
// }
// }
//}
if ( if (
(isset($_GET['zayvka']) && $u->info['battle'] == 0) || (isset($_GET['zayvka']) && $u->info['battle'] == 0) ||

View File

@ -7,6 +7,8 @@ if (!defined('GAME')) {
} }
$re = ''; $re = '';
$rowonmaxc = '';
if (isset($u->error2)) { if (isset($u->error2)) {
$re = '<b style="color: red;">' . $u->error . '</b>'; $re = '<b style="color: red;">' . $u->error . '</b>';
} }
@ -651,7 +653,6 @@ if (isset($u->room['id'])) {
if ((date('m') == 11 || date('m') == 12 || date('m') == 1 || date('m') == 2) && $rsnow[$u->room['id']] == 1) { if ((date('m') == 11 || date('m') == 12 || date('m') == 1 || date('m') == 2) && $rsnow[$u->room['id']] == 1) {
echo '<script>DrawWeather(31);WeatherBegin();</script>'; echo '<script>DrawWeather(31);WeatherBegin();</script>';
} }
echo '<div align="right">' . $c['counters'] . '</div>';
} }
} else { } else {
echo 'Location is lost.'; echo 'Location is lost.';

View File

@ -21,9 +21,8 @@ $code = PassGen::intCode();
if ( if (
!isset($u->info['id']) || !isset($u->info['id']) ||
$u->info['banned'] > 0 || $u->isBlocked() ||
!isset($_COOKIE['login']) || !isset($_COOKIE['login'])
$u->info['repass'] > 0
) { ) {
exit(json_encode(['js' => 'top.location="bk?exit=' . $code . '";'])); exit(json_encode(['js' => 'top.location="bk?exit=' . $code . '";']));
} }
@ -89,7 +88,7 @@ if (isset($_POST['msg']) && str_replace(' ', '', $_POST['msg']) != '') {
for ($j = 0; $j < count($x); $j++) { for ($j = 0; $j < count($x); $j++) {
$uname = '&lt;Внутренняя ссылка&gt;'; $uname = '&lt;Внутренняя ссылка&gt;';
// //
if (strripos($x[$j], 'new-combats.com/info/')) { if (strripos($x[$j], Config::get('host') . '/info')) {
$ulogin = explode('/info/', $x[$j]); $ulogin = explode('/info/', $x[$j]);
$ulogin = $ulogin[1]; $ulogin = $ulogin[1];
$ulogin = Db::getValue('select login from users where id = ? or login = ?', [$ulogin, $ulogin]); $ulogin = Db::getValue('select login from users where id = ? or login = ?', [$ulogin, $ulogin]);
@ -107,7 +106,7 @@ if (isset($_POST['msg']) && str_replace(' ', '', $_POST['msg']) != '') {
} else { } else {
$uname = '<span style="color: #5f9b00; ">&lt;Библиотека предметов&gt;</span>'; $uname = '<span style="color: #5f9b00; ">&lt;Библиотека предметов&gt;</span>';
} }
} elseif (strripos($x[$j], 'new-combats.com/news')) { } elseif (strripos($x[$j], Config::get('host') . '/news')) {
$ulogin = explode('/news', $x[$j]); $ulogin = explode('/news', $x[$j]);
$ulogin = $ulogin[1]; $ulogin = $ulogin[1];
$ulogin = ltrim($ulogin, '/'); $ulogin = ltrim($ulogin, '/');
@ -117,7 +116,7 @@ if (isset($_POST['msg']) && str_replace(' ', '', $_POST['msg']) != '') {
} else { } else {
$uname = '<span style="color: #b57300; ">&lt;Новостная лента&gt;</span>'; $uname = '<span style="color: #b57300; ">&lt;Новостная лента&gt;</span>';
} }
} elseif (strripos($x[$j], 'new-combats.com/lib')) { } elseif (strripos($x[$j], Config::get('host') . '/lib')) {
$ulogin = explode('/lib', $x[$j]); $ulogin = explode('/lib', $x[$j]);
$ulogin = $ulogin[1]; $ulogin = $ulogin[1];
$ulogin = ltrim($ulogin, '/'); $ulogin = ltrim($ulogin, '/');
@ -128,7 +127,7 @@ if (isset($_POST['msg']) && str_replace(' ', '', $_POST['msg']) != '') {
} else { } else {
$uname = '<span style="color: #4c6e00; ">&lt;Библиотека&gt;</span>'; $uname = '<span style="color: #4c6e00; ">&lt;Библиотека&gt;</span>';
} }
} elseif (strripos($x[$j], 'new-combats.com/forum')) { } elseif (strripos($x[$j], Config::get('host') . '/forum')) {
$ulogin = explode('/forum?read=', $x[$j]); $ulogin = explode('/forum?read=', $x[$j]);
$ulogin = $ulogin[1]; $ulogin = $ulogin[1];
$ulogin = explode('&', $ulogin); $ulogin = explode('&', $ulogin);
@ -151,7 +150,7 @@ if (isset($_POST['msg']) && str_replace(' ', '', $_POST['msg']) != '') {
} }
// //
$newbuf .= preg_match( $newbuf .= preg_match(
"/(https:\\/\\/)?(new-combats+\\.com(([ \"'>\r\n\t])|(\\/([^ \"'>\r\n\t]*)?)))/", "/(https:\\/\\/)?(new-combats+\\.tech(([ \"'>\r\n\t])|(\\/([^ \"'>\r\n\t]*)?)))/",
$x[$j], $x[$j],
$ok $ok
) ? str_replace($ok[2], "<small><a href=https://$ok[2] target=_blank ><i>" . $uname . "</i></a></small>", str_replace("https://", "", $x[$j])) . " " : $x[$j] . " "; ) ? str_replace($ok[2], "<small><a href=https://$ok[2] target=_blank ><i>" . $uname . "</i></a></small>", str_replace("https://", "", $x[$j])) . " " : $x[$j] . " ";
@ -244,13 +243,11 @@ if (isset($_POST['msg']) && str_replace(' ', '', $_POST['msg']) != '') {
} else { } else {
$u->info['molch1'] = -1; $u->info['molch1'] = -1;
} }
mysql_query( Db::sql('update users set molch1 = ? where id = ?', [$u->info['molch1'], $u->info['id']]);
'UPDATE `users` SET `molch1` = "' . $u->info['molch1'] . '" WHERE `id` = "' . $u->info['id'] . '" LIMIT 1'
);
} }
} elseif ((preg_match("/private\[(.*?)\]/", $_POST['msg'], $msg['to']) || preg_match( } elseif ((preg_match("/private\[(.*?)\]/", $_POST['msg'], $msg['to']) || preg_match(
"/private \[(.*?)\]/", $_POST['msg'], $msg['to'] "/private \[(.*?)\]/", $_POST['msg'], $msg['to']
)) && $u->info['exp'] < 150000) { )) && $u->info['exp'] < 150000 && !$u->isAdmin()) {
$r['js'] .= 'chat.sendMsg(["new","' . time() . '","6","","' . $u->info['login'] . '","<small>Вы не можете отправлять приват до достижения 150000 опыта.</small>","Black","1","1","0"]);'; $r['js'] .= 'chat.sendMsg(["new","' . time() . '","6","","' . $u->info['login'] . '","<small>Вы не можете отправлять приват до достижения 150000 опыта.</small>","Black","1","1","0"]);';
} else { } else {
@ -285,10 +282,10 @@ if (isset($_POST['msg']) && str_replace(' ', '', $_POST['msg']) != '') {
$_POST['msg'] = str_replace('to [' . $msg['to'] . ']', ' ', $_POST['msg']); $_POST['msg'] = str_replace('to [' . $msg['to'] . ']', ' ', $_POST['msg']);
} }
if ($u->info['admin'] == 0) { //ТУТ SPAM if ($u->info['admin'] == 0) { //ТУТ SPAM
if ($msg['to'] != '' && !isset($admq['id']) && $msg['type'] == 3) { if ($msg['to'] != '' && !isset($admq) && $msg['type'] == 3) {
$admq = Db::getRow('select id, admin from users where login = ? and admin > 0', [$msg['to']]); $admq = Db::getValue('select id from users where login = ? and admin > 0', [$msg['to']]);
} }
if (!isset($admq['id'])) { if (!isset($admq)) {
$msg['fspam'] = $filter->spamFiltr(str_replace('точка', '.', str_replace('ру', 'ru', $_POST['msg']))); $msg['fspam'] = $filter->spamFiltr(str_replace('точка', '.', str_replace('ру', 'ru', $_POST['msg'])));
if ($msg['fspam'] != '0') { if ($msg['fspam'] != '0') {
$msg['spam'] = 1; $msg['spam'] = 1;
@ -306,9 +303,7 @@ if (isset($_POST['msg']) && str_replace(' ', '', $_POST['msg']) != '') {
$u->addAction(time(), 'msg_bans', '1'); $u->addAction(time(), 'msg_bans', '1');
$mban['vals'] = 0; $mban['vals'] = 0;
} else { } else {
mysql_query( Db::sql('update actions set vals = vals + 1 where id = ?', [$mban['id']]);
'UPDATE `actions` SET `vals` = `vals` + 1 WHERE `id` = "' . $mban['id'] . '" LIMIT 1'
);
$msg['delete'] = time(); $msg['delete'] = time();
} }
@ -327,30 +322,19 @@ if (isset($_POST['msg']) && str_replace(' ', '', $_POST['msg']) != '') {
$chat->sendMsg($cmsg); $chat->sendMsg($cmsg);
$molchTime = time() + 60 * 60; $molchTime = time() + 60 * 60;
mysql_query( Db::sql('update users set molch1 = ?, molch2 = ?, info_delete = ? where id = ?', [$molchTime, $molchTime, $molchTime, $u->info['id']]);
'UPDATE `users` SET $rtxt = ' &quot;' . $u->info['login'] . '&quot; <small style="color: red;">Автоинформатор</small>: ' . $msg['text'] . ' [' . $msg['fspam'] . '].';
`molch1` = ' . $molchTime . ', Delo::add(0, $u->info['login'], $u->info['id'], $rtxt);
`molch2` = ' . $molchTime . ',
`info_delete` = ' . $molchTime . '
WHERE `id` = ' . $u->info['id']);
$rtxt = $rang . ' &quot;' . $u->info['login'] . '&quot; <small><font color=red>Автоинформатор</font></small>: ' . $msg['text'] . ' [' . $msg['fspam'] . '].';
mysql_query(
"INSERT INTO `users_delo` (`uid`,`ip`,`city`,`time`,`text`,`login`,`type`) VALUES ('" . $u->info['id'] . "','" . $_SERVER['REMOTE_ADDR'] . "','" . $u->info['city'] . "','" . time() . "','" . $rtxt . "','" . $u->info['login'] . "',0)"
);
} }
} }
} }
unset($admq); unset($admq);
} }
$qix = mysql_fetch_array(
mysql_query( $qix = Db::getValue('select id from friends where ignor > 0 and login_ignor = ? and (user_ignor = ? or user = ?)', [$pl['login'], $u->info['login'], $u->info['id']]);
'SELECT `id` FROM `friends` WHERE `ignor` > 0 AND `login_ignor` = "' . mysql_real_escape_string( if (isset($qix)) {
$pl['login']
) . '" AND (`user_ignor` = "' . $u->info['login'] . '" OR `user` = "' . $u->info['id'] . '") LIMIT 1'
)
);
if (isset($qix['id'])) {
$r['js'] .= 'chat.sendMsg(["new","' . time() . '","6","","' . $u->info['login'] . '","<b>Вас добавили в игнор</b>: Вы не можете отправлять сообщения персонажу &quot;' . htmlspecialchars( $r['js'] .= 'chat.sendMsg(["new","' . time() . '","6","","' . $u->info['login'] . '","<b>Вас добавили в игнор</b>: Вы не можете отправлять сообщения персонажу &quot;' . htmlspecialchars(
$msg['to'] $msg['to']
) . '&quot;.","Black","1","1","0"]);'; ) . '&quot;.","Black","1","1","0"]);';
@ -366,19 +350,10 @@ if (isset($_POST['msg']) && str_replace(' ', '', $_POST['msg']) != '') {
} }
} }
if ($u->info['molch1'] > time()) { if ($u->info['molch1'] > time()) {
if ($msg['to'] != '' && !isset($admq['id'])) { if ($msg['to'] != '' && !isset($admq) && $msg['type'] === 3) {
$admq = mysql_fetch_array( $admq = Db::getValue('select id from users where login = ? and admin > 0', [$msg['to']]);
mysql_query(
'SELECT `id`,`admin` FROM `users` WHERE `login` = "' . mysql_real_escape_string(
$msg['to']
) . '" AND `admin` > 0 LIMIT 1'
)
);
if ($msg['type'] != 3) {
unset($admq);
} }
} if (!isset($admq)) {
if (!isset($admq['id'])) {
$msg['molch'] = 1; $msg['molch'] = 1;
} }
} }
@ -435,7 +410,6 @@ if (isset($_POST['msg']) && str_replace(' ', '', $_POST['msg']) != '') {
$cmsg->setMolch($msg['molch']); $cmsg->setMolch($msg['molch']);
$cmsg->setLogin($u->info['login']); $cmsg->setLogin($u->info['login']);
$cmsg->setTo($msg['to']); $cmsg->setTo($msg['to']);
$cmsg->setCity($u->info['city']);
$cmsg->setRoom($u->info['room']); $cmsg->setRoom($u->info['room']);
$cmsg->setType($msg['type']); $cmsg->setType($msg['type']);
$cmsg->setSpam($msg['spam']); $cmsg->setSpam($msg['spam']);
@ -509,6 +483,7 @@ if ($_GET['r1'] != 0) {
$usl = []; $usl = [];
$cw = []; $cw = [];
$usid = []; $usid = [];
$onlineListQuery = 'select $onlineListQuery = 'select
users.id, pass, sex, dnow, timeMain, bot, atack, afk, dnd, banned, molch1, users.id, pass, sex, dnow, timeMain, bot, atack, afk, dnd, banned, molch1,
room, city, cityreg, online, align, clan, login, level, inTurnir, battle, invis, inUser, x, y room, city, cityreg, online, align, clan, login, level, inTurnir, battle, invis, inUser, x, y
@ -521,143 +496,120 @@ where
mail != ? and mail != ? and
room != ? room != ?
order by inUser desc, online desc, login desc'; order by inUser desc, online desc, login desc';
$sp = Db::getRows($onlineListQuery, [$u->info['room'], '%saint%', '', BOT_ROOM]);
foreach ($sp as $pl) {
// } $usersOnline = Db::getRows($onlineListQuery, [$u->info['room'], '%saint%', '', BOT_ROOM]);
//
// $sp = mysql_query( foreach ($usersOnline as $onlineUser) {
// 'SELECT
// `u`.`pass`,
// `u`.`sex`,
// `s`.`dnow`,
// `u`.`timeMain`,
// `s`.`bot`,`s`.`atack`,`u`.`afk`,`u`.`dnd`,`u`.`banned`,`u`.`molch1`,`u`.`room`,`u`.`id`,`u`.`city`,`u`.`cityreg`,`u`.`online`,`u`.`align`,
// `u`.`clan`,`u`.`login`,`u`.`level`,`u`.`inTurnir`,`u`.`battle`,`u`.`invis`,`u`.`inUser`,`s`.`x`,`s`.`y`
//FROM
//`users` AS `u`
// LEFT JOIN `stats` AS `s` ON `s`.`id` = `u`.`id`
//WHERE (
// (`u`.`room` = "' . $u->info['room'] . '" AND "' . mysql_real_escape_string((int)$_GET['r3']) . '" != "1") OR
// ("' . mysql_real_escape_string((int)$_GET['r3']) . '" = "1" AND `pass` NOT LIKE "%saint%")) AND
// `mail`!="No E-mail" AND
// `room` != "303"
// ORDER BY `u`.`inUser` DESC,`u`.`online` DESC,`u`.`login` DESC LIMIT 1000'
// );
// $ar_id = 0;
// $ar_lvl = 0;
// $ar_all = '0';
// $usl = [];
// $cw = [];
// $usid = [];
// while ($pl = mysql_fetch_array($sp)) {
$ysee = 1; $ysee = 1;
if ($pl['inUser'] > 0) { if ($onlineUser['inUser'] > 0) {
if ($pl['inTurnir'] == 0) { if ($onlineUser['inTurnir'] == 0) {
$ysee = 0; $ysee = 0;
} else { } else {
if ($pl['online'] < time() - 120) { if ($onlineUser['online'] < time() - 120) {
User::setOnline($pl['id']); User::setOnline($onlineUser['id']);
} }
} }
} else { } else {
if ($pl['inTurnir'] > 0) { if ($onlineUser['inTurnir'] > 0) {
$ysee = 0; $ysee = 0;
} }
} }
if (!isset($usl[$pl['login']])) { if (!isset($usl[$onlineUser['login']])) {
$ysee = 1; $ysee = 1;
} }
if ( if (
( (
(int)$_GET['r3'] != 1 && (int)$_GET['r3'] != 1 &&
$u->info['dnow'] != $pl['dnow'] $u->info['dnow'] != $onlineUser['dnow']
) || ) ||
( (
$pl['room'] >= 362 && $onlineUser['room'] >= 362 &&
$pl['room'] <= 366 && $onlineUser['room'] <= 366 &&
(int)$_GET['r3'] != 1 && (int)$_GET['r3'] != 1 &&
( (
$pl['x'] != $u->info['x'] || $onlineUser['x'] != $u->info['x'] ||
$pl['y'] != $u->info['y'] || $onlineUser['y'] != $u->info['y'] ||
$pl['room'] != $u->info['room'] $onlineUser['room'] != $u->info['room']
) )
) || ) ||
$usid[$pl['login']] !empty($usid[$onlineUser['login']])
) { ) {
$ysee = 0; $ysee = 0;
} }
$usl[$pl['login']] = $pl['id']; if (isset($onlineUser['login'])) {
$usl[$onlineUser['login']] = $onlineUser['id'];
}
if ( if (
( (
$pl['online'] > time() - 520 || $onlineUser['online'] > time() - 520 ||
$pl['inUser'] > 0 $onlineUser['inUser'] > 0
) && ) &&
( (
$pl['bot'] != 1 || $onlineUser['bot'] != 1 ||
$pl['pass'] == '212121q' $onlineUser['pass'] == '212121q'
) && ) &&
$pl['banned'] == 0 && $onlineUser['banned'] == 0 &&
$ysee == 1 $ysee == 1
) { ) {
$usid[$pl['login']] = true; $usid[$onlineUser['login']] = true;
if ($pl['invis'] != 1 && $pl['invis'] < time()) { if ($onlineUser['invis'] != 1 && $onlineUser['invis'] < time()) {
if ($pl['clan'] > 0) { if ($onlineUser['clan'] > 0) {
if ($u->info['clan'] > 0 && $pl['clan'] != $u->info['clan']) { if ($u->info['clan'] > 0 && $onlineUser['clan'] != $u->info['clan']) {
if (!isset($cw['war'][$pl['clan']][$u->info['clan']])) { if (!isset($cw['war'][$onlineUser['clan']][$u->info['clan']])) {
$pl['cwar'] = mysql_fetch_array( $onlineUser['cwar'] = mysql_fetch_array(
mysql_query( mysql_query(
'SELECT `id`,`type` FROM `clan_wars` WHERE 'SELECT `id`,`type` FROM `clan_wars` WHERE
((`clan1` = "' . $pl['clan'] . '" AND `clan2` = "' . $u->info['clan'] . '") OR (`clan2` = "' . $pl['clan'] . '" AND `clan1` = "' . $u->info['clan'] . '")) AND ((`clan1` = "' . $onlineUser['clan'] . '" AND `clan2` = "' . $u->info['clan'] . '") OR (`clan2` = "' . $onlineUser['clan'] . '" AND `clan1` = "' . $u->info['clan'] . '")) AND
`time_finish` > ' . time() . ' LIMIT 1' `time_finish` > ' . time() . ' LIMIT 1'
) )
); );
if (isset($pl['cwar']['id'])) { if (isset($onlineUser['cwar']['id'])) {
$cw['war'][$pl['clan']][$u->info['clan']] = $pl['cwar']['type']; $cw['war'][$onlineUser['clan']][$u->info['clan']] = $onlineUser['cwar']['type'];
} else { } else {
$cw['war'][$pl['clan']][$u->info['clan']] = 0; $cw['war'][$onlineUser['clan']][$u->info['clan']] = 0;
} }
} }
if ($cw['war'][$pl['clan']][$u->info['clan']] > 0) { if ($cw['war'][$onlineUser['clan']][$u->info['clan']] > 0) {
$pl['atack'] = $cw['war'][$pl['clan']][$u->info['clan']]; $onlineUser['atack'] = $cw['war'][$onlineUser['clan']][$u->info['clan']];
} }
} }
if (!isset($cw[$pl['clan']])) { if (!isset($cw[$onlineUser['clan']])) {
$pl['clan'] = mysql_fetch_array( $onlineUser['clan'] = mysql_fetch_array(
mysql_query('SELECT `name_mini` FROM `clan` WHERE `id` = "' . $pl['clan'] . '" LIMIT 1') mysql_query('SELECT `name_mini` FROM `clan` WHERE `id` = "' . $onlineUser['clan'] . '" LIMIT 1')
); );
} else { } else {
$pl['clan'] = $cw[$pl['clan']]; $onlineUser['clan'] = $cw[$onlineUser['clan']];
} }
$pl['clan'] = $pl['clan']['name_mini']; $onlineUser['clan'] = $onlineUser['clan']['name_mini'];
} }
if ($pl['atack'] > time() || $pl['atack'] == 1 || $pl['atack'] == 2) { if ($onlineUser['atack'] > time() || $onlineUser['atack'] == 1 || $onlineUser['atack'] == 2) {
if ($pl['atack'] != 2) { if ($onlineUser['atack'] != 2) {
$pl['atack'] = 1; $onlineUser['atack'] = 1;
} }
} else { } else {
$pl['atack'] = 0; $onlineUser['atack'] = 0;
} }
$trvm = mysql_fetch_array( $trvm = Db::getValue('select name from eff_users where uid = ? and id_eff in (4,6) order by id_eff limit 1', [$onlineUser['id']]);
mysql_query(
'SELECT `id`,`name` FROM `eff_users` WHERE `uid` = "' . $pl['id'] . '" AND (`id_eff` = "4" OR `id_eff` = "6") AND `delete` = "0" ORDER BY `id_eff` ASC LIMIT 6' $r['list'] .= '"' . $r['xu'] . '":["' . $onlineUser['id'] . '","' . $onlineUser['login'] . '","' . $onlineUser['level'] . '","' . $onlineUser['align'] .
) '","' . $onlineUser['clan'] . '","' . $onlineUser['cityreg'] . '","' . $onlineUser['city'] . '","' . $onlineUser['room'] .
); '","' . $onlineUser['afk'] . '","' . $onlineUser['dnd'] . '","' . $onlineUser['banned'] . '","' . $onlineUser['molch1'] . '","' .
$trvm = $trvm['name']; $onlineUser['battle'] . '","' . $onlineUser['atack'] . '","' . $trvm . '","' . ($onlineUser['sex'] * 0) . '"],';
$r['list'] .= '"' . $r['xu'] . '":["' . $pl['id'] . '","' . $pl['login'] . '","' . $pl['level'] . '","' . $pl['align'] . '","' . $pl['clan'] . '","' . $pl['cityreg'] . '","' . $pl['city'] . '","' . $pl['room'] . '","' . $pl['afk'] . '","' . $pl['dnd'] . '","' . $pl['banned'] . '","' . $pl['molch1'] . '","' . $pl['battle'] . '","' . $pl['atack'] . '","' . $trvm . '","' . ($pl['sex'] * 0) . '","' . $pl['align2'] . '"],';
$ar_id += $pl['id']; $ar_id += $onlineUser['id'];
$ar_lvl += $pl['level']; $ar_lvl += $onlineUser['level'];
$ar_all .= $pl['align'] . $pl['clan'] . $pl['molch1'] . $pl['banned'] . $pl['battle'] . 1; $ar_all .= $onlineUser['align'] . $onlineUser['clan'] . $onlineUser['molch1'] . $onlineUser['banned'] . $onlineUser['battle'] . 1;
} }
$r['xu']++; $r['xu']++;
} }
} }
unset($pl, $sp); unset($onlineUser, $sp);
$r['list'] = rtrim($r['list'], ','); $r['list'] = rtrim($r['list'], ',');
$r['list'] = '{' . $r['list'] . '}'; $r['list'] = '{' . $r['list'] . '}';
} }
@ -884,14 +836,8 @@ while ($pl = mysql_fetch_array($sp)) {
if ($see == 1 && $pl['delete'] == 0 && $pl['login'] != '') { if ($see == 1 && $pl['delete'] == 0 && $pl['login'] != '') {
$qix = mysql_fetch_array( $qix = Db::getValue('select id from friends where ignor > 0 and login_ignor = ? and (user_ignor = ? or user = ?)', [$pl['login'], $u->info['login'], $u->info['id']]);
mysql_query( if (isset($qix)) {
'SELECT `id` FROM `friends` WHERE `ignor` > 0 AND `login_ignor` = "' . mysql_real_escape_string(
$pl['login']
) . '" AND (`user_ignor` = "' . $u->info['login'] . '" OR `user` = "' . $u->info['id'] . '") LIMIT 1'
)
);
if (isset($qix['id'])) {
$see = 0; $see = 0;
} }
unset($qix); unset($qix);
@ -1008,7 +954,7 @@ $r['msg'] = '{"ld":"' . (0 + $l) . '","id":"' . $i . '"' . $r['msg'] . '}';
//Генерируем ключ //Генерируем ключ
$r['key'] = md5($u->room['name'] . '+' . $ar_id . '+' . $ar_lvl . '+' . $ar_all); $r['key'] = md5($u->room['name'] . '+' . $ar_id . '+' . $ar_lvl . '+' . $ar_all);
unset($ar_id, $ar_lvl); unset($ar_id, $ar_lvl);
if ($_COOKIE['chatCfg12'] == 0) { if (empty($_COOKIE['chatCfg12'])) {
$_GET['key'] = time(); $_GET['key'] = time();
} }
if ($r['key'] == $_GET['key']) { if ($r['key'] == $_GET['key']) {

View File

@ -14,10 +14,6 @@ if ($_SERVER['HTTP_X_REQUESTED_WITH'] == 'XMLHttpRequest') {
include('_incl_data/class/__db_connect.php'); include('_incl_data/class/__db_connect.php');
$u = User::start(); $u = User::start();
if ($u->info['repass'] > 0) {
die();
}
if (isset($u->tfer['id']) && $u->info['align'] != 2) { if (isset($u->tfer['id']) && $u->info['align'] != 2) {
if ($u->tfer['finish1'] == 0 && $u->tfer['finish2'] == 0) { if ($u->tfer['finish1'] == 0 && $u->tfer['finish2'] == 0) {
$js = ''; $js = '';