Хороним $_COOKIE['pass'], отказываемся от md5('pass'). Это не регистрация, а чёрная дыра!

This commit is contained in:
Ivor Barhansky 2023-01-06 16:57:25 +02:00
parent e9ec7eb2f2
commit 9e45f170c7
50 changed files with 1470 additions and 2242 deletions

View File

@ -818,7 +818,7 @@ class Battle
`u`.`zag`,`u`.`id`,`u`.`login`,`u`.`login2`,`u`.`online`,`u`.`admin`,`u`.`city`,`u`.`cityreg`,`u`.`align`,`u`.`align_lvl`,`u`.`align_exp`,`u`.`clan`,
`u`.`level`,`u`.`money`,`u`.`money3`,`u`.`money2`,`u`.`money4`,`u`.`battle`,`u`.`sex`,`u`.`obraz`,`u`.`win`,`u`.`win_t`,
`u`.`lose`,`u`.`lose_t`,`u`.`nich`,`u`.`timeMain`,`u`.`invis`,`u`.`bot_id`,`u`.`animal`,`u`.`type_pers`,
`u`.`notrhod`,`u`.`bot_room`,`u`.`inUser`,`u`.`inTurnir`,`u`.`inTurnirnew`,`u`.`activ`,`u`.`stopexp`,`u`.`real`,
`u`.`notrhod`,`u`.`bot_room`,`u`.`inUser`,`u`.`inTurnir`,`u`.`inTurnirnew`,`u`.`stopexp`,`u`.`real`,
`st`.*
@ -9813,7 +9813,7 @@ class Battle
`u`.`id`,`u`.`login`,`u`.`login2`,`u`.`online`,`u`.`admin`,`u`.`city`,`u`.`cityreg`,`u`.`align`,`u`.`align_lvl`,`u`.`align_exp`,`u`.`clan`,
`u`.`level`,`u`.`money`,`u`.`money3`,`u`.`money2`,`u`.`money4`,`u`.`battle`,`u`.`sex`,`u`.`obraz`,`u`.`win`,`u`.`win_t`,
`u`.`lose`,`u`.`lose_t`,`u`.`nich`,`u`.`timeMain`,`u`.`invis`,`u`.`bot_id`,`u`.`animal`,`u`.`type_pers`,
`u`.`notrhod`,`u`.`bot_room`,`u`.`inUser`,`u`.`inTurnir`,`u`.`inTurnirnew`,`u`.`activ`,`u`.`stopexp`,`u`.`real`,
`u`.`notrhod`,`u`.`bot_room`,`u`.`inUser`,`u`.`inTurnir`,`u`.`inTurnirnew`,`u`.`stopexp`,`u`.`real`,
`st`.*

View File

@ -865,9 +865,9 @@ class BotLogic
$se = 1;
}
$r = ['name' => '_', 'city_real' => '', 'deviz' => '', 'chatColor' => 'Black'];
$r = ['name' => '_', 'chatColor' => 'Black'];
$ins = mysql_query("INSERT INTO `users` (`fnq`,`host_reg`,`room`,`login`,`pass`,`ipreg`,`ip`,`city`,`cityreg`,`name`,`sex`,`city_real`,`deviz`,`chatColor`,`timereg`) VALUES (
$ins = mysql_query("INSERT INTO `users` (`fnq`,`host_reg`,`room`,`login`,`pass`,`ipreg`,`ip`,`city`,`cityreg`,`name`,`sex`,`chatColor`,`timereg`) VALUES (
'0',
'real_bot_user',
'0',
@ -879,8 +879,6 @@ class BotLogic
'capitalcity',
'" . $r['name'] . "',
'" . mysql_real_escape_string($sex) . "',
'" . $r['city_real'] . "',
'" . $r['deviz'] . "',
'" . $r['chatColor'] . "',
'" . time() . "')");
if ($ins) {

View File

@ -29,6 +29,7 @@ class Config
$c['title3'] = $c['name'];
$c['keys'] = $c['name'] . ', combats.com, ' . $c['name'] . ' игра, ' . $c['name'] . ' играть, игра ' . $c['name'] . ', старый ' . $c['name'] . ', ' . $c['name'] . ' онлайн игра, ' . $c['name'] . ' браузерная игра, играть в ' . $c['name'] . ', игра бк, бк игра, старый бк, играть в бк, бк онлайн игра, новый бк, Легендарный ' . $c['name'] . ', легендарный бк, combats, комбатс, combats ru, combats com, OldBK, oldbk ru, oldbk com, олдбк, old bk, олд бк, mycombats, rebk, recombats, oldcombats, obk2'; //Ключевые слова META
$c['desc'] = '«' . $c['name'] . это бесплатная увлекательная браузерная онлайн игра 2004-2009г, в которой сконцентрировано все самое лучшее от современных онлайн игр. В этой браузерной игре заложены самые интересные традиции всем известной онлайн игры под названием «' . $c['name'] . ' 2004-2009», которая, кстати, стала первооткрывателем всех браузерных игр.'; //Описание META
$c['footer'] = $c['name'] . ' © 2013-' . date('Y');
//Сервера
$c['host'] = 'new-combats.com';
@ -39,6 +40,8 @@ class Config
$c['abandonedplain'] = $c['host'];
$c['https'] = 'https://' . $c['host'] . DIRECTORY_SEPARATOR;
$c['exit'] = '<script>top.location="' . $c['https'] . '";</script>';
$c['support'] = 'support@' . $c['host'];
//Валюта
$c['curency_name'] = 'RUB';

View File

@ -106,7 +106,7 @@ class FightRequest
);
while ($ur = mysql_fetch_array($usp)) {
mysql_query(
'INSERT INTO `users` (`login`,`room`,`name`,`sex`,`level`,`inTurnirnew`,`bithday`,`activ`) VALUES ("' . $ur['login'] . '","318","' . $ur['name'] . '","' . $ur['sex'] . '","' . $t['level'] . '","' . $pl['id'] . '","01.01.2001","0")'
'INSERT INTO `users` (`login`,`room`,`name`,`sex`,`level`,`inTurnirnew`,`bithday`) VALUES ("' . $ur['login'] . '","318","' . $ur['name'] . '","' . $ur['sex'] . '","' . $t['level'] . '","' . $pl['id'] . '","01.01.2001")'
);
$uri = mysql_insert_id();
mysql_query(
@ -241,7 +241,7 @@ class FightRequest
);
while ($ur = mysql_fetch_array($usp)) {
mysql_query(
'INSERT INTO `users` (`login`,`room`,`name`,`sex`,`level`,`inTurnirnew`,`bithday`,`activ`) VALUES ("' . $ur['login'] . '","318","' . $ur['name'] . '","' . $ur['sex'] . '","' . $t['level'] . '","' . $pl['id'] . '","01.01.2001","0")'
'INSERT INTO `users` (`login`,`room`,`name`,`sex`,`level`,`inTurnirnew`,`bithday`) VALUES ("' . $ur['login'] . '","318","' . $ur['name'] . '","' . $ur['sex'] . '","' . $t['level'] . '","' . $pl['id'] . '","01.01.2001")'
);
$uri = mysql_insert_id();
mysql_query(
@ -356,7 +356,6 @@ class FightRequest
'cityreg' => $botInfo['city'],
'name' => $botInfo['login'],
'sex' => $botInfo['sex'],
'deviz' => '',
'hobby' => '',
'time_reg' => time(),
'obraz' => $botInfo['obraz'],
@ -2910,8 +2909,8 @@ function MM_jumpMenu(targ,selObj,restore){ //v3.0
//============================================================================================= Ïðèçîâûå
Db::sql(
'insert into users (name, align, `real`, login, host_reg, pass, ip, ipreg, city, cityreg, room, timereg, mail, bithday, sex, fnq, battle, design, molch2, level)
values (?,?,1,?,0,?,?,?,?,?,422,unix_timestamp(),?,?,?,0,0,1,unix_timestamp() + 86400,8)',
'insert into users (name, align, `real`, login, host_reg, pass, ip, ipreg, city, cityreg, room, timereg, mail, bithday, sex, fnq, battle, molch2, level)
values (?,?,1,?,0,?,?,?,?,?,422,unix_timestamp(),?,?,?,0,0,unix_timestamp() + 86400,8)',
[
$this->u->info['name'],
$this->u->info['align'],

View File

@ -1338,7 +1338,6 @@ class Magic
'cityreg' => $u->info['cityreg'],
'name' => $u->info['name'],
'sex' => $u->info['sex'],
'deviz' => $u->info['deviz'],
'hobby' => $u->info['hobby'],
'time_reg' => $u->info['time_reg'],
'obraz' => $u->info['obraz'],

View File

@ -14,4 +14,9 @@ class PassGen
$length
);
}
public static function intCode($length = 8): int
{
return mt_rand(10 ** ($length - 1), 10 ** $length - 1);
}
}

View File

@ -1426,7 +1426,7 @@ class Priems
`u`.`id`,`u`.`login`,`u`.`login2`,`u`.`online`,`u`.`admin`,`u`.`city`,`u`.`cityreg`,`u`.`align`,`u`.`clan`,
`u`.`level`,`u`.`money`,`u`.`money3`,`u`.`money4`,`u`.`battle`,`u`.`sex`,`u`.`obraz`,`u`.`win`,`u`.`win_t`,
`u`.`lose`,`u`.`lose_t`,`u`.`nich`,`u`.`timeMain`,`u`.`invis`,`u`.`bot_id`,`u`.`animal`,`u`.`type_pers`,
`u`.`notrhod`,`u`.`bot_room`,`u`.`inUser`,`u`.`inTurnir`,`u`.`inTurnirnew`,`u`.`activ`,`u`.`stopexp`,`u`.`real`,
`u`.`notrhod`,`u`.`bot_room`,`u`.`inUser`,`u`.`inTurnir`,`u`.`inTurnirnew`,`u`.`stopexp`,`u`.`real`,
`st`.*
@ -1455,7 +1455,7 @@ class Priems
`u`.`id`,`u`.`login`,`u`.`login2`,`u`.`online`,`u`.`admin`,`u`.`city`,`u`.`cityreg`,`u`.`align`,`u`.`clan`,
`u`.`level`,`u`.`money`,`u`.`money3`,`u`.`money4`,`u`.`battle`,`u`.`sex`,`u`.`obraz`,`u`.`win`,`u`.`win_t`,
`u`.`lose`,`u`.`lose_t`,`u`.`nich`,`u`.`timeMain`,`u`.`invis`,`u`.`bot_id`,`u`.`animal`,`u`.`type_pers`,
`u`.`notrhod`,`u`.`bot_room`,`u`.`inUser`,`u`.`inTurnir`,`u`.`inTurnirnew`,`u`.`activ`,`u`.`stopexp`,`u`.`real`,
`u`.`notrhod`,`u`.`bot_room`,`u`.`inUser`,`u`.`inTurnir`,`u`.`inTurnirnew`,`u`.`stopexp`,`u`.`real`,
`st`.*

View File

@ -1214,7 +1214,7 @@ FROM `items_users` AS `iu` LEFT JOIN `items_main` AS `im` ON (`im`.`id` = `iu`.`
`u`.`level`,
`u`.`city`,
`u`.`online`,
`u`.`sex`,`u`.`design`,`u`.`autospell`,`u`.`noplaw`,
`u`.`sex`,`u`.`autospell`,`u`.`noplaw`,
`u`.`cityreg`,
`u`.`palpro`,
`u`.`invis`,
@ -1355,7 +1355,6 @@ FROM `items_users` AS `iu` LEFT JOIN `items_main` AS `im` ON (`im`.`id` = `iu`.`
$this->info['admin'],
$this->info['nadmin'],
$this->info['banned'],
$this->info['activ'],
$this->info['align'],
$this->info['id'],
$this->info['level']
@ -1384,7 +1383,7 @@ FROM `items_users` AS `iu` LEFT JOIN `items_main` AS `im` ON (`im`.`id` = `iu`.`
if ($this->info['banned'] < $md[5]) {
$this->info['banned'] = $md[5];
}
$this->info['activ'] = $md[6];
$this->info['noreal'] = 1;
$this->info['align_real'] = $md[7];
$this->info['__id'] = $md[8];
@ -1581,7 +1580,7 @@ FROM `items_users` AS `iu` LEFT JOIN `items_main` AS `im` ON (`im`.`id` = `iu`.`
} else {
$t = mysql_fetch_array(
mysql_query(
'SELECT `id`,`login`,`login2`,`pass`,`pass2`,`emailconfirmation`,`securetime`,`sys`,`online`,`ip`,`ipreg`,`joinIP`,`admin`,`city`,`room`,`banned`,`auth`,`align`,`mod_zvanie`,`clan`,`nextMsg`,`molch1`,`molch2`,`molch3`,`level`,`money`,`battle`,`cityreg`,`invBlock`,`invBlockCode`,`zag`,`a1`,`q1`,`mail`,`name`,`bithday`,`sex`,`city_real`,`icq`,`icq_hide`,`homepage`,`deviz`,`hobby`,`chatColor`,`timereg`,`add_smiles`,`obraz`,`win`,`lose`,`nich`,`cityreg2`,`host`,`info_delete`,`dateEnter`,`afk`,`dnd`,`timeMain`,`clan_prava`,`addpr`,`marry`,`city2`,`invis`,`bot_id`,`haos`,`host_reg`,`inUser`,`jail`,`animal`,`vip`,`catch`,`frg`,`no_ip`,`type_pers`,`bot_room` FROM `users` WHERE `login` = "' . mysql_real_escape_string(
'SELECT `id`,`login`,`login2`,`pass`,`pass2`,`emailconfirmation`,`securetime`,`sys`,`online`,`ip`,`ipreg`,`joinIP`,`admin`,`city`,`room`,`banned`,`auth`,`align`,`mod_zvanie`,`clan`,`nextMsg`,`molch1`,`molch2`,`molch3`,`level`,`money`,`battle`,`cityreg`,`invBlock`,`invBlockCode`,`zag`,`a1`,`q1`,`mail`,`name`,`bithday`,`sex`,`hobby`,`chatColor`,`timereg`,`add_smiles`,`obraz`,`win`,`lose`,`nich`,`cityreg2`,`host`,`info_delete`,`dateEnter`,`afk`,`dnd`,`timeMain`,`clan_prava`,`addpr`,`marry`,`city2`,`invis`,`bot_id`,`haos`,`host_reg`,`inUser`,`jail`,`animal`,`vip`,`catch`,`frg`,`no_ip`,`type_pers`,`bot_room` FROM `users` WHERE `login` = "' . mysql_real_escape_string(
$_POST['trnLogin']
) . '" AND `city` = "' . $this->info['city'] . '" LIMIT 1'
)
@ -2078,7 +2077,7 @@ FROM `items_users` AS `iu` LEFT JOIN `items_main` AS `im` ON (`im`.`id` = `iu`.`
return mysql_fetch_array(
mysql_query(
'SELECT
`u`.`id`,`u`.`login`,`u`.`login2`,`u`.`pass`,`u`.`pass2`,`u`.`repass`,`u`.`notrhod`,`u`.`emailconfirmation`,`u`.`securetime`,`u`.`sys`,`u`.`palpro`,`u`.`online`,`u`.`ip`,`u`.`ipreg`,`u`.`joinIP`,`u`.`admin`,`u`.`city`,`u`.`room`,`u`.`banned`,`u`.`auth`,`u`.`align`,`u`.`align2`,`u`.`align_lvl`,`u`.`align_exp`,`u`.`mod_zvanie`,`u`.`clan`,`u`.`nextMsg`,`u`.`molch1`,`u`.`molch2`,`u`.`molch3`,`u`.`level`,`u`.`money`,`u`.`money2`,`u`.`money4`,`u`.`money3`,`u`.`battle`,`u`.`cityreg`,`u`.`invBlock`,`u`.`allLock`,`u`.`invBlockCode`,`u`.`zag`,`u`.`a1`,`u`.`q1`,`u`.`mail`,`u`.`name`,`u`.`bithday`,`u`.`sex`,`u`.`design`,`u`.`autospell`,`u`.`noplaw`,`u`.`city_real`,`u`.`icq`,`u`.`icq_hide`,`u`.`homepage`,`u`.`deviz`,`u`.`hobby`,`u`.`chatColor`,`u`.`timereg`,`u`.`add_smiles`,`u`.`obraz`,`u`.`win`,`u`.`win_bs`,`u`.`lose`,`u`.`nich`,`u`.`cityreg2`,`u`.`host`,`u`.`info_delete`,`u`.`dateEnter`,`u`.`afk`,`u`.`dnd`,`u`.`timeMain`,`u`.`clan_prava`,`u`.`addpr`,`u`.`marry`,`u`.`city2`,`u`.`invis`,`u`.`bot_id`,`u`.`haos`,`u`.`host_reg`,`u`.`inUser`,`u`.`inTurnir`,`u`.`inTurnirnew`,`u`.`jail`,`u`.`animal`,`u`.`vip`,`u`.`catch`,`u`.`frg`,`u`.`no_ip`,`u`.`type_pers`,`u`.`bot_room`,`u`.`clan_delay`,`u`.`bukmeker`,
`u`.`id`,`u`.`login`,`u`.`login2`,`u`.`pass`,`u`.`pass2`,`u`.`repass`,`u`.`notrhod`,`u`.`emailconfirmation`,`u`.`securetime`,`u`.`sys`,`u`.`palpro`,`u`.`online`,`u`.`ip`,`u`.`ipreg`,`u`.`joinIP`,`u`.`admin`,`u`.`city`,`u`.`room`,`u`.`banned`,`u`.`auth`,`u`.`align`,`u`.`align2`,`u`.`align_lvl`,`u`.`align_exp`,`u`.`mod_zvanie`,`u`.`clan`,`u`.`nextMsg`,`u`.`molch1`,`u`.`molch2`,`u`.`molch3`,`u`.`level`,`u`.`money`,`u`.`money2`,`u`.`money4`,`u`.`money3`,`u`.`battle`,`u`.`cityreg`,`u`.`invBlock`,`u`.`allLock`,`u`.`invBlockCode`,`u`.`zag`,`u`.`a1`,`u`.`q1`,`u`.`mail`,`u`.`name`,`u`.`bithday`,`u`.`sex`,`u`.`autospell`,`u`.`noplaw`,`u`.`hobby`,`u`.`chatColor`,`u`.`timereg`,`u`.`add_smiles`,`u`.`obraz`,`u`.`win`,`u`.`win_bs`,`u`.`lose`,`u`.`nich`,`u`.`cityreg2`,`u`.`host`,`u`.`info_delete`,`u`.`dateEnter`,`u`.`afk`,`u`.`dnd`,`u`.`timeMain`,`u`.`clan_prava`,`u`.`addpr`,`u`.`marry`,`u`.`city2`,`u`.`invis`,`u`.`bot_id`,`u`.`haos`,`u`.`host_reg`,`u`.`inUser`,`u`.`inTurnir`,`u`.`inTurnirnew`,`u`.`jail`,`u`.`animal`,`u`.`vip`,`u`.`catch`,`u`.`frg`,`u`.`no_ip`,`u`.`type_pers`,`u`.`bot_room`,`u`.`clan_delay`,`u`.`bukmeker`,
`st`.`id`,`st`.`lider`,`st`.`btl_cof`,`st`.`last_hp`,`st`.`last_pr`,`st`.`smena`,`st`.`stats`,`st`.`hpAll`,`st`.`mpAll`,`st`.`hpNow`,`st`.`mpNow`,`st`.`enNow`,`st`.`transfers`,`st`.`regHP`,`st`.`regMP`,`st`.`showmenu`,`st`.`prmenu`,`st`.`ability`,`st`.`skills`,`st`.`sskills`,`st`.`nskills`,`st`.`exp`,`st`.`minHP`,`st`.`minMP`,`st`.`zv`,`st`.`dn`,`st`.`dnow`,`st`.`team`,`st`.`battle_yron`,`st`.`battle_exp`,`st`.`enemy`,`st`.`last_a`,`st`.`last_b`,`st`.`battle_text`,`st`.`upLevel`,`st`.`wipe`,`st`.`bagStats`,`st`.`timeGo`,`st`.`timeGoL`,`st`.`nextAct`,`st`.`active`,`st`.`bot`,`st`.`lastAlign`,`st`.`tactic1`,`st`.`tactic2`,`st`.`tactic3`,`st`.`tactic4`,`st`.`tactic5`,`st`.`tactic6`,`st`.`tactic7`,`st`.`x`,`st`.`y`,`st`.`s`,`st`.`battleEnd`,`st`.`priemslot`,`st`.`priems`,`st`.`priems_z`,`st`.`bet`,`st`.`clone`,`st`.`atack`,`st`.`bbexp`,`st`.`ref_data`,`st`.`res_x`,`st`.`res_y`,`st`.`res_s`,`st`.`bn_capitalcity`,`st`.`bn_demonscity`
FROM `users` AS `u` LEFT JOIN `stats` AS `st` ON (`u`.`id` = `st`.`id`) WHERE ' . $whr . ' LIMIT 1'
)
@ -2107,7 +2106,6 @@ FROM `items_users` AS `iu` LEFT JOIN `items_main` AS `im` ON (`im`.`id` = `iu`.`
`cityreg`,
`name`,
`sex`,
`deviz`,
`hobby`,
`timereg`,
`obraz`,
@ -2123,7 +2121,6 @@ FROM `items_users` AS `iu` LEFT JOIN `items_main` AS `im` ON (`im`.`id` = `iu`.`
"' . $clon['login'] . '",
"' . $clon['sex'] . '",
"",
"",
"' . $clon['time_reg'] . '",
"' . $clon['obraz'] . '",
"' . mysql_real_escape_string($id) . '",
@ -2201,7 +2198,7 @@ FROM `items_users` AS `iu` LEFT JOIN `items_main` AS `im` ON (`im`.`id` = `iu`.`
if ($botDate == null) {
$bot = mysql_fetch_array(
mysql_query(
'SELECT `id`,`login`,`stats`,`obraz`,`level`,`sex`,`name`,`deviz`,`hobby`,`type`,`itemsUse`,`priemUse`,`align`,`clan`,`align_zvanie`,`bonus`,`clan_zvanie`,`time_reg`,`city_reg`,`upLevel`,`active`,`expB`,`p_items`,`agressor`,`priems`,`priems_z`,`award` FROM `test_bot` WHERE `id` = "' . $id . '" LIMIT 1'
'SELECT `id`,`login`,`stats`,`obraz`,`level`,`sex`,`name`,`hobby`,`type`,`itemsUse`,`priemUse`,`align`,`clan`,`align_zvanie`,`bonus`,`clan_zvanie`,`time_reg`,`city_reg`,`upLevel`,`active`,`expB`,`p_items`,`agressor`,`priems`,`priems_z`,`award` FROM `test_bot` WHERE `id` = "' . $id . '" LIMIT 1'
)
);
} else {
@ -2232,7 +2229,6 @@ FROM `items_users` AS `iu` LEFT JOIN `items_main` AS `im` ON (`im`.`id` = `iu`.`
`cityreg`,
`name`,
`sex`,
`deviz`,
`hobby`,
`timereg`,
`obraz`,
@ -2246,7 +2242,6 @@ FROM `items_users` AS `iu` LEFT JOIN `items_main` AS `im` ON (`im`.`id` = `iu`.`
"' . $bot['city_reg'] . '",
"' . $bot['name'] . '",
"' . $bot['sex'] . '",
"' . $bot['deviz'] . '",
"' . $bot['hobby'] . '",
"' . $bot['time_reg'] . '",
"' . $bot['obraz'] . '",
@ -7913,7 +7908,7 @@ LIMIT 1'
if ($uid != $this->info['id']) {
$u = mysql_fetch_array(
mysql_query(
'SELECT `u`.`align`,`u`.`align2`,`u`.`battle`,`u`.`clan`,`u`.`animal`,`u`.`id`,`u`.`level`,`u`.`login`,`u`.`sex`,`u`.`design`,`u`.`autospell`,`u`.`noplaw`,`u`.`obraz`,
'SELECT `u`.`align`,`u`.`align2`,`u`.`battle`,`u`.`clan`,`u`.`animal`,`u`.`id`,`u`.`level`,`u`.`login`,`u`.`sex`,`u`.`autospell`,`u`.`noplaw`,`u`.`obraz`,
`st`.`id`,`st`.`lider`,`st`.`btl_cof`,`st`.`last_hp`,`st`.`last_pr`,`st`.`smena`,`st`.`stats`,`st`.`hpAll`,`st`.`mpAll`,`st`.`hpNow`,`st`.`mpNow`,`st`.`enNow`,`st`.`transfers`,`st`.`regHP`,`st`.`regMP`,`st`.`showmenu`,`st`.`prmenu`,`st`.`ability`,`st`.`skills`,`st`.`sskills`,`st`.`nskills`,`st`.`exp`,`st`.`minHP`,`st`.`minMP`,`st`.`zv`,`st`.`dn`,`st`.`dnow`,`st`.`team`,`st`.`battle_yron`,`st`.`battle_exp`,`st`.`enemy`,`st`.`last_a`,`st`.`last_b`,`st`.`battle_text`,`st`.`upLevel`,`st`.`wipe`,`st`.`bagStats`,`st`.`timeGo`,`st`.`timeGoL`,`st`.`nextAct`,`st`.`active`,`st`.`bot`,`st`.`lastAlign`,`st`.`tactic1`,`st`.`tactic2`,`st`.`tactic3`,`st`.`tactic4`,`st`.`tactic5`,`st`.`tactic6`,`st`.`tactic7`,`st`.`x`,`st`.`y`,`st`.`s`,`st`.`battleEnd`,`st`.`priemslot`,`st`.`priems`,`st`.`priems_z`,`st`.`bet`,`st`.`clone`,`st`.`atack`,`st`.`bbexp`,`st`.`ref_data`,`st`.`res_x`,`st`.`res_y`,`st`.`res_s`,`st`.`bn_capitalcity`,`st`.`bn_demonscity`
FROM `users` AS `u` LEFT JOIN `stats` AS `st` ON (`u`.`id` = `st`.`id`) WHERE `u`.`id`="' . mysql_real_escape_string(
$uid
@ -8346,7 +8341,7 @@ LIMIT 1'
if ($uid != $this->info['id']) {
$u = mysql_fetch_array(
mysql_query(
'SELECT `u`.`inTurnir`,`u`.`allLock`,`u`.`battle`,`u`.`zag`,`u`.`banned`,`u`.`align`,`u`.`align2`,`u`.`clan`,`u`.`animal`,`u`.`id`,`u`.`level`,`u`.`login`,`u`.`sex`,`u`.`design`,`u`.`autospell`,`u`.`noplaw`,`u`.`obraz`,`u`.`vip`,
'SELECT `u`.`inTurnir`,`u`.`allLock`,`u`.`battle`,`u`.`zag`,`u`.`banned`,`u`.`align`,`u`.`align2`,`u`.`clan`,`u`.`animal`,`u`.`id`,`u`.`level`,`u`.`login`,`u`.`sex`,`u`.`autospell`,`u`.`noplaw`,`u`.`obraz`,`u`.`vip`,
`st`.`id`,`st`.`lider`,`st`.`btl_cof`,`st`.`last_hp`,`st`.`last_pr`,`st`.`smena`,`st`.`stats`,`st`.`hpAll`,`st`.`mpAll`,`st`.`hpNow`,`st`.`mpNow`,`st`.`enNow`,`st`.`transfers`,`st`.`regHP`,`st`.`regMP`,`st`.`showmenu`,`st`.`prmenu`,`st`.`ability`,`st`.`skills`,`st`.`sskills`,`st`.`nskills`,`st`.`exp`,`st`.`minHP`,`st`.`minMP`,`st`.`zv`,`st`.`dn`,`st`.`dnow`,`st`.`team`,`st`.`battle_yron`,`st`.`battle_exp`,`st`.`enemy`,`st`.`last_a`,`st`.`last_b`,`st`.`battle_text`,`st`.`upLevel`,`st`.`wipe`,`st`.`bagStats`,`st`.`timeGo`,`st`.`timeGoL`,`st`.`nextAct`,`st`.`active`,`st`.`bot`,`st`.`lastAlign`,`st`.`tactic1`,`st`.`tactic2`,`st`.`tactic3`,`st`.`tactic4`,`st`.`tactic5`,`st`.`tactic6`,`st`.`tactic7`,`st`.`x`,`st`.`y`,`st`.`s`,`st`.`battleEnd`,`st`.`priemslot`,`st`.`priems`,`st`.`priems_z`,`st`.`bet`,`st`.`clone`,`st`.`atack`,`st`.`bbexp`,`st`.`ref_data`,`st`.`res_x`,`st`.`res_y`,`st`.`res_s`,`st`.`bn_capitalcity`,`st`.`bn_demonscity`
FROM `users` AS `u` LEFT JOIN `stats` AS `st` ON (`u`.`id` = `st`.`id`) WHERE `u`.`id`="' . mysql_real_escape_string(
$uid
@ -11451,7 +11446,7 @@ LIMIT 1'
}
}
if (($rtg || !isset($mtest['id'])) && isset($rlog['id']) && $this->info['activ'] == 0) {
if (($rtg || !isset($mtest['id'])) && isset($rlog['id'])) {
$rfs['data'] = explode('|', $rlogs['ref_data']);
$ekr = '0.00';
$bn = mysql_fetch_array(

View File

@ -0,0 +1,120 @@
<?php
namespace User;
use Core\Config;
use Core\Db;
use Core\Mail;
use UserIp;
class Confirmation
{
/**
* Äëÿ îäíîòèïíûõ ïèñåì ñ ïîäòâåðæäåíèåì.
* @param array $userinfo Äàííûå èç (User)->info.
* @param mixed $value Íîâîå çíà÷åíèå
* @param ?int $code Ïðîâåðî÷íûé êîä
* @param string $type Òèï ìåíÿåìîãî çíà÷åíèÿ. Ñ ìàëåíüêîé áóêâû, èìåíèòåëüíûé ïàäåæ.
* @return void
*/
public static function byEmail(array $userinfo, string $type, $value, ?int $code = null)
{
if ($type === 'pass2' && is_null($code)) {
self::pass2ByEmailCustom($userinfo, $value);
return;
}
$ip = UserIp::get();
$date = date('d.m.y H:i');
$https = Config::get('https');
$support = Config::get('support');
$activationLink = 'https://' . $userinfo['city'] . Config::get('host') .
"/confirm.php?id={$userinfo['id']}&code=$code";
$fulllogin = $userinfo['login'] . "[{$userinfo['level']}]";
Mail::send(
$userinfo['mail'],
<<<HTML
<html lang="ru">
<head><title>Ñìåíèòü $type</title></head>
<body>
$date<br>
Êòî-òî ñ IP: $ip ïûòàåòñÿ ñìåíèòü $type ê ïåðñîíàæó $fulllogin.<br>
Ò.ê. â àíêåòå ó ýòîãî ïåðñîíàæà óêàçàí email: {$userinfo['mail']}, òî âû è ïîëó÷èëè ýòî ïèñüìî.<br>
login: {$userinfo['login']}<br>
Íîâûé $type: <span style="background-color: wheat; font-family: Consolas, monospace;">$value</span><br><br>
Äëÿ òîãî ÷òîáû ñìåíèòü $type, ïåðåéäèòå ïî ññûëêå:<br>
$activationLink<br>
<br>--<br>
Áîéöîâñêèé Êëóá $https<br>
Àäìèíèñòðàöèÿ Áîéöîâñêîãî Êëóáà: $support<br>
P.S. Äàííîå ïèñüìî ñãåíåðèðîâàíî àâòîìàòè÷åñêè, îòâå÷àòü íà íåãî íå íóæíî.
</body>
</html>
HTML,
"Ñìåíà $type ó ïåðñîíàæà $fulllogin"
);
}
private static function pass2ByEmailCustom(array $userinfo, string $pass2)
{
$ip = UserIp::get();
$fulllogin = $userinfo['login'] . "[{$userinfo['level']}]";
Mail::send(
$userinfo['mail'],
<<<HTML
<html lang="ru">
<head><title>Âòîðîé ïàðîëü îò ïåðñîíàæà $fulllogin.</title></head>
<body>
Âàìè, ñ IP àäðåñà - $ip, áûë óñòàíîâëåí âòîðîé ïàðîëü â èãðå Áîéöîâñêèé Êëóá.<br>
Åñëè ýòî áûëè íå Âû, ñâÿæèòåñü ñ àäìèíèñòðàöèåé ñàéòà.<br><br>
------------------------------------------------------------------<br>
Âàø ëîãèí | {$userinfo['login']}<br>
Âòîðîé ïàðîëü | ' . $pass2 . '<br>
------------------------------------------------------------------<br>
<br><br>Æåëàåì Âàì ïðèÿòíîé èãðû.<br><br><i>Àäìèíèñòðàöèÿ</i>
</body>
HTML,
"Âòîðîé ïàðîëü îò ïåðñîíàæà $fulllogin"
);
}
public static function byCode(int $uid, int $code): string
{
$status = '';
if ($uid <= 0 || $code <= 0) {
return $status;
}
$codes = Db::getRow(
'select * from emailconfirmation where id = ? and code = ? and (active = 1 or pass = 1 or email = 1)',
[$uid, $code]
);
if (!$codes['id']) {
$status = 'Ññûëêà óñòàðåëà!';
} elseif ($codes['active'] === 1) {
Db::sql(
'update users set emailconfirmation = 1, securetime = unix_timestamp() + 259200 where id = ?',
[$codes['id']]
);
$status = "Ïîäòâåðæäåíèå ñìåíû ïàðîëÿ/email ÷åðåç ïî÷òó âêëþ÷åíî";
} elseif ($codes['pass'] === 1) {
Db::sql(
'update users as u inner join emailconfirmation as e on u.id = e.id set u.pass = e.pa_em, u.securetime = unix_timestamp() + 259200 where u.id = ?',
[$codes['id']]
);
$status = "Óäà÷íî ñìåíèëè ïàðîëü<";
} elseif ($codes['email'] === 1) {
Db::sql(
'update users as u inner join emailconfirmation as e on u.id = e.id set u.mail = e.pa_em, u.securetime = unix_timestamp() + 259200 where u.id = ?',
[$codes['id']]
);
$status = "Óäà÷íî ñìåíèëè email";
}
Db::sql('delete from emailconfirmation where id = ? and code = ?', [$_GET['id'], $_GET['code']]);
if ($status) {
$status = "<h3>$status</h3>";
}
return $status;
}
}

View File

@ -0,0 +1,42 @@
<?php
namespace User;
use Core\Db;
use PassGen;
use User;
class Email
{
private array $info = [];
public function __construct(array $userinfo)
{
$this->info = $userinfo ?? User::start()->info;
}
public function change(string $old, string $new): string
{
if ($old === $new) {
return $this->info['mail'];
}
if ($this->info['emailconfirmation'] === 1) {
$query = 'insert into emailconfirmation (id, code, pa_em, pass) values (?,?,?,1)';
$args = [
$this->info['id'],
PassGen::intCode(10),
$new
];
Confirmation::byEmail($this->info, 'email', $new, $args[1]);
} else {
$query = 'update users set mail = ?, securetime = unix_timestamp() + 259200 where id = ?';
$args = [
$new,
$this->info['id']
];
}
Db::sql($query, $args);
return $new;
}
}

View File

@ -0,0 +1,67 @@
<?php
namespace User;
use Core\Db;
use PassGen;
use User;
class Password
{
private array $info = [];
public function __construct(array $userinfo)
{
$this->info = $userinfo ?? User::start()->info;
}
public function changeFirst(string $old, string $new): string
{
if ($old === $new && password_verify($old, $this->info['pass'])) {
if ($this->info['emailconfirmation'] === 1) {
$query = 'insert into emailconfirmation (id, code, pa_em, pass) values (?,?,?,1)';
$args = [
$this->info['id'],
PassGen::intCode(10),
password_hash($new, PASSWORD_DEFAULT)
];
Confirmation::byEmail($this->info, 'ïàðîëü', $new, $args[1]);
$hashedPass = $args[2];
} else {
$query = 'update users set pass = ?, repass = 0, securetime = unix_timestamp() + 259200 where id = ?';
$args = [
password_hash($new, PASSWORD_DEFAULT),
$this->info['id']
];
$hashedPass = $args[0];
}
Db::sql($query, $args);
return $hashedPass;
}
return $this->info['pass'];
}
public function changeSecond(?int $passLength): array
{
if (in_array($passLength, [4,6,8])) {
$query = 'update users set pass2 = ? where id = ?';
$pass2 = PassGen::intCode($passLength);
$args = [
password_hash($pass2, PASSWORD_DEFAULT),
$this->info['id']
];
Confirmation::byEmail($this->info, 'pass2', $pass2);
$hash = $args[0];
} else {
$query = 'update users set pass2 = default where id = ?';
$args = [$this->info['id']];
}
Db::sql($query, $args);
return [
'pass2' => $pass2 ?? '',
'hash' => $hash ?? null,
];
}
}

View File

@ -97,17 +97,21 @@ class UserRegister
public static function new(string $login, string $password, string $email, $ref, $birthday, $sex): string
{
$password = password_hash($password, PASSWORD_DEFAULT);
$ref = (int)$ref;
$ip = UserIp::get();
$sex = (int)$sex - 10; //Íà âõîäå 10\11, à ïåðåäàòü íàäî 0\1.
Db::sql(
'insert into users (users.real,login,host_reg,pass,ip,ipreg,room,timereg,activ,mail,bithday,sex,fnq,design,molch2,level,hobby,clan_zv) values (1,?,?,?,?,?,9,unix_timestamp(),0,?,?,?,0,1,unix_timestamp() + 86400,8,\'\',0)',
'insert into users (users.real,login,host_reg,pass,ip,ipreg,room,timereg,mail,bithday,sex,fnq,molch2,level,hobby,clan_zv) values (1,?,?,?,?,?,9,unix_timestamp(),?,?,?,0,unix_timestamp() + 86400,8,\'\',0)',
[
$login,
(int)$ref,
md5($password),
UserIp::get(),
UserIp::get(),
$ref,
$password,
$ip,
$ip,
$email,
date('d.m.Y', strtotime($birthday)),
$sex - 10,
$sex,
]
);

View File

@ -7,11 +7,7 @@ if( $u->info['twink'] != 0 )
{
$u->error = 'Невозможно использовать &quot;'.$itm['name'].'&quot;. Зайдите на основного персонажа!';
}
elseif( $u->info['activ'] != 0 )
{
$u->error = 'Невозможно использовать &quot;'.$itm['name'].'&quot;. Активируйте персонажа через E-mail!';
}
elseif( $itm['id'] > 0 && $itm['item_id']==10006 )
elseif( $itm['id'] > 0 && $itm['item_id']==10006 )
{
$repc='repcapitalcity';
if ($u->rep[$repc]<25000)

View File

@ -6,8 +6,6 @@ if(!defined('GAME'))
if( $u->info['twink'] != 0 ) {
$u->error = 'Невозможно использовать &quot;'.$itm['name'].'&quot;. Зайдите на основного персонажа!';
}elseif( $u->info['activ'] != 0 ) {
$u->error = 'Невозможно использовать &quot;'.$itm['name'].'&quot;. Активируйте персонажа через E-mail!';
}elseif( $itm['id'] > 0 ) {
if ($u->info['exp']<469999999)
{

View File

@ -540,7 +540,6 @@ if ($this->users[$this->uids[$uid1]]['hpNow'] > 0){
'cityreg' => $this->users[$this->uids[$uid2]]['cityreg'],
'name' => $this->users[$this->uids[$uid2]]['name'],
'sex' => $this->users[$this->uids[$uid2]]['sex'],
'deviz' => $this->users[$this->uids[$uid2]]['deviz'],
'hobby' => $this->users[$this->uids[$uid2]]['hobby'],
'time_reg' => $this->users[$this->uids[$uid2]]['time_reg'],
'obraz' => $this->users[$this->uids[$uid2]]['obraz'],

View File

@ -144,7 +144,7 @@ function botAddBattle($bot, $logins_bot)
$add_bot = mysql_fetch_array(
mysql_query(
'SELECT
`id`, `login`, `stats`, `obraz`, `level`, `sex`, `name`, `deviz`, `hobby`, `type`, `itemsUse`, `priemUse`, `align`, `clan`, `align_zvanie`, `bonus`, `clan_zvanie`, `time_reg`, `city_reg`, `upLevel`, `active`, `expB`, `p_items`, `agressor`, `priems`, `priems_z`, `award`
`id`, `login`, `stats`, `obraz`, `level`, `sex`, `name`, `hobby`, `type`, `itemsUse`, `priemUse`, `align`, `clan`, `align_zvanie`, `bonus`, `clan_zvanie`, `time_reg`, `city_reg`, `upLevel`, `active`, `expB`, `p_items`, `agressor`, `priems`, `priems_z`, `award`
FROM `test_bot`
WHERE `id` = "' . $bot['id_bot'] . '"
LIMIT 1'
@ -175,7 +175,6 @@ function botAddBattle($bot, $logins_bot)
`cityreg`,
`name`,
`sex`,
`deviz`,
`hobby`,
`timereg`,
`obraz`,
@ -189,7 +188,6 @@ function botAddBattle($bot, $logins_bot)
"' . $add_bot['city_reg'] . '",
"' . $add_bot['name'] . '",
"' . $add_bot['sex'] . '",
"' . $add_bot['deviz'] . '",
"' . $add_bot['hobby'] . '",
"' . $add_bot['time_reg'] . '",
"' . $add_bot['obraz'] . '",

View File

@ -386,9 +386,9 @@ function add_arhiv($pl, $user)
{
$return = 0;
mysql_query(
'INSERT INTO `users` (`login`,`pass`,`level`,`inTurnir`,`sex`,`obraz`,`name`,`online`,`city`,`room`,`align`,`clan`,`cityreg`,`bithday`,`activ`) VALUES (
'INSERT INTO `users` (`login`,`pass`,`level`,`inTurnir`,`sex`,`obraz`,`name`,`online`,`city`,`room`,`align`,`clan`,`cityreg`,`bithday`) VALUES (
"' . $user['login'] . '","bstowerbot","' . $user['level'] . '","' . $pl['id'] . '","' . $user['sex'] . '","' . $user['obraz'] . '","' . $user['login'] . '","' . (time(
) + 60 * 60 * 24) . '","' . $user['city'] . '","' . $user['room'] . '","' . $user['align'] . '","' . $user['clan'] . '","capitalcity","01.02.2003","0"
) + 60 * 60 * 24) . '","' . $user['city'] . '","' . $user['room'] . '","' . $user['align'] . '","' . $user['clan'] . '","capitalcity","01.02.2003",
)'
);
$return = mysql_insert_id();
@ -926,8 +926,8 @@ while ($pl = mysql_fetch_array($sp)) {
$bus['align'] = 0;
}
mysql_query(
'INSERT INTO `users` (`chatColor`,`align`,`inTurnir`,`molch1`,`molch2`,`activ`,`login`,`room`,`name`,`sex`,`level`,`bithday`) VALUES (
"' . $bus['chatColor'] . '","' . $bus['align'] . '","' . $pl['id'] . '","' . $bus['molch1'] . '","' . $bus['molch2'] . '","0","' . $bus['login'] . '","362","' . $bus['name'] . '","' . $bus['sex'] . '","' . $pl['level'] . '","' . date(
'INSERT INTO `users` (`chatColor`,`align`,`inTurnir`,`molch1`,`molch2`,`login`,`room`,`name`,`sex`,`level`,`bithday`) VALUES (
"' . $bus['chatColor'] . '","' . $bus['align'] . '","' . $pl['id'] . '","' . $bus['molch1'] . '","' . $bus['molch2'] . '","' . $bus['login'] . '","362","' . $bus['name'] . '","' . $bus['sex'] . '","' . $pl['level'] . '","' . date(
'd.m.Y'
) . '")'
);

View File

@ -1,44 +0,0 @@
<?php
/*
Îáíîâëåíèå äàííûõ î êóðñå âíóòðåíåé âàëþòû
ûûûû
*/
die();
define('GAME',true);
setlocale(LC_CTYPE ,"ru_RU.CP1251");
require_once('_incl_data/__config.php');
require_once('_incl_data/class/__db_connect.php');
function error($e)
{
global $c;
die('');
}
$u = mysql_fetch_array(mysql_query('SELECT * FROM `users` WHERE `login`="'.mysql_real_escape_string($_COOKIE['login']).'" AND `pass`="'.mysql_real_escape_string($_COOKIE['pass']).'"'));
if(isset($u['id'])) {
if($u['send'] == '0') {
error('Íåîáõîäèìî ââåñòè <b>e-mail</b> äëÿ àêòèâàöèè ïåðñîíàæà.<br>Îòêðîéòå ýòó ññûëêó â áðàóçåðå, â êîòîðîì Âû àâòîðèçèðîâàííû ñî ñâîåãî ïåðñîíàæà.');
}elseif($u['activ'] == 0) {
error('Ïåðñîíàæ &quot;'.$u['login'].'&quot; áûë àêòèâèðîâàí ðàíåå.');
}else{
if($_GET['code'] == md5($u['login'].'&[new-combats.com]') || $_GET['code'] == 'ILIKECOMBATS') {
mysql_query('UPDATE `users` SET `activ` = "0" WHERE `id` = "'.$u['id'].'" LIMIT 1');
error('Âû óñïåøíî àêòèâèðîâàëè ïåðñîíàæà, óñïåõîâ â íàøåì ìèðå!');
}else{
error('Íå âåðíûé êîä àêòèâàöèè.');
}
}
}else{
error('<form method="post" action="enter.php">'.
'Ââåäèòå ëîãèí è ïàðîëü îò ïåðñîíàæà:<br>'.
'Ëîãèí: &nbsp;<input name="login" type="text" style="width:200px;"><br />'.
'Ïàðîëü: <input name="pass" type="password" style="width:200px;">'.
'<input name="active_code_key" type="hidden" value="'.htmlspecialchars($_GET['code'],NULL,'cp1251').'" /><br />'.
'<input value="Àêòèâèðîâàòü ïåðñîíàæà" type="submit" />'.
'</form>');
}
?>

View File

@ -1,140 +0,0 @@
<?php
function zmgo($v) {
if($v > 1000) {
$v = 1000;
}
$r = 0;
$r = (1-( pow(0.5, ($v/250) ) ))*100;
//$r = round($v/800*100);
//$r = round($r/80*100);
return $r;
}
$i = 1;
while( $i <= 100 ) {
echo (1010-$i*10).' = '.round(zmgo(1010-$i*10),2).'%<br>';
$i++;
}
die();
$refUrl = mysql_fetch_array(mysql_query('SELECT * FROM `referal_url` WHERE `uid` = "'.$u->info['id'].'" LIMIT 1'));
if(!isset($refUrl['id'])) {
mysql_query('INSERT INTO `referal_url` (`uid`,`url`) VALUES (
"'.$u->info['id'].'","new-combats.com/r'.$u->info['id'].'"
)');
$refUrl = mysql_fetch_array(mysql_query('SELECT * FROM `referal_url` WHERE `uid` = "'.$u->info['id'].'" LIMIT 1'));
}
function ref_url($r) {
$r = str_replace('0','A',$r);
$r = str_replace('1','b',$r);
$r = str_replace('2','C',$r);
$r = str_replace('3','d',$r);
$r = str_replace('4','E',$r);
$r = str_replace('5','f',$r);
$r = str_replace('6','D',$r);
$r = str_replace('7','g',$r);
$r = str_replace('8','H',$r);
$r = str_replace('9','s',$r);
return $r;
}
//$refUrl['url'] = ref_url($refUrl['url']);
$pf = 0;
$html_ref = '';
$i_ref = 0;
$sp = mysql_query('SELECT `id`,`online`,`activ`,`cityreg` FROM `users` WHERE `host_reg` = "'.$u->info['id'].'"');
while( $pl = mysql_fetch_array($sp) ) {
$sp2 = mysql_fetch_array(mysql_query('SELECT COUNT(`id`) FROM `users` WHERE `host_reg` = "'.$pl['id'].'" LIMIT 1'));
$sp2 = 0+$sp2[0];
$html_ref .= ($i_ref + 1).'. '.$u->microLogin($pl['id'],1).'';
if($sp2==0) {
$html_ref .= ' <font color=grey>['.$sp2.'/1] Ïåðñîíàæ äîëæåí ïðèãëàñèòü îäíîãî ðåôåðàëà</font>';
}else{
$html_ref .= ' <font color=green>[1/1] Çàâåðøåíî!</font>';
$pf += 10;
}
$pf += 23;
$html_ref .= '<br>';
$i_ref++;
}
if( $pf >= 99 ) {
$pf = 100;
}
if($html_ref == '') {
$html_ref = '<center>Ïî Âàøåé ññûëêå åùå íèêòî íå çàðåãèñòðèðîâàëñÿ</center>';
}
if(isset($_GET['activated'])) {
if($pf == 100) {
$er = 'Âû áóäåòå îïîâåùåíû ïî E-mail î íà÷àëå áåòà òåñòèíãà, â íàñòîÿùèé ìîìåíò íåëüçÿ àêòèâèðîâàòü ïåðñîíàæà!';
}else{
$er = 'Çàäàíèå âûïîëíåíî íà <small>'.$pf.'</small>/100%! Âûïîëíèòå çàäàíèå ïîëíîñòüþ!';
}
}
?>
<!DOCTYPE html>
<html xmlns="https://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1251" />
<title>Áîéöîâñêèé Êëóá v2.1</title>
<link href="https://img.new-combats.com/css/main.css" rel="stylesheet" type="text/css">
</head>
<body style="height:100%; background-color:#E2E0E0;">
<div align="center" style="font-size:18px;">
<div style="position:relative"><b><img src="https://img.new-combats.com/i/align/align1.gif" width="12" height="15"> Àêòèâàöèÿ Ïåðñîíàæà <img src="https://img.new-combats.com/i/align/align3.gif" width="12" height="15"></b></div>
<div><img src="https://img.new-combats.com/img/banner.png" width="568" height="74"></div>
</div>
<table width="800" border="0" align="center" cellpadding="0" cellspacing="0">
<tr>
<td align="center">
<b style="color:#550000">
Äëÿ àêòèâàöèè ïåðñîíàæà íåîáõîäèìî ïðèãëàñèòü 3 èãðîêîâ<br>
<small>(Êàæäûé ðåôåðàë äîëæåí ïðèãëàñèòü õîòÿ áû îäíîãî èãðîêà)</small>
</b><br>
<div id=hint5 style='visibility: hidden'></div>
</td>
</tr>
<tr>
<td>
<?
if(isset($er) && $er != '') {
echo '<hr style="border-color:#CCC;"><center><font color="#CC0000"><b>'.$er.'</b></font></center>';
}
?>
<hr style="border-color:#CCC;">
<div style="padding:10px;">
Ïðèãëàñèòåëüíàÿ ññûëêà: <input name="urlref" style="font-size:12px;width:200px;text-align:center;" type="text" value="<?=$refUrl['url']?>" ><br>
<small>Ðåôåðàëû ñ îäíîãî êîìïüþòåðà èëè ip íå ó÷èòûâàþòñÿ, â ïåðâóþ î÷åðåäü äàííîå òðåáîâàíèå ââîäèòñÿ äëÿ ïîâûøåíèÿ îáùåãî îíëàéíà, êàæäûé èãðîê âíîñèò âêëàä â ðàçâèòèå ïðîåêòà.</small>
<br><br>
<div><?=$html_ref?></div>
</div>
<br>
<div style="border:1px solid #CCC;position:relative;">
<div style="position:absolute;left:10px;top:1px;">Çàäàíèå âûïîëíåíî íà <?=$pf?>%</div>
<img src="https://img.new-combats.com/1x1.gif" style="background-color:#DEE;height:20px;width:<?=$pf?>%;display:inline-block;vertical-align:bottom;">
</div>
<br>
<center><? if( $pf == 100 ) { ?>
<input onClick="location.href='/bk?activated'" type="submit" class="btnnew3" value="Àêòèâèðîâàòü ïåðñîíàæà!"><? }else{ ?>
<input onClick="alert('Âû äîëæíû ïðèãëàñèòü òðåõ ðåôåðàëîâ è êàæäûé èç íèõ äîëæåí ïðèãëàñèòü õîòÿ áû ïî îäíîìó ðåôåðàëó!');" type="submit" class="btnnew3" value="Àêòèâèðîâàòü ïåðñîíàæà!"><? } ?>
</center>
</td>
</tr>
<tr>
<td align="center"><hr style="border-color:#CCC;">Áîéöîâñêèé Êëóá v2.1 &copy; <?=date('Y')?>, «www.new-combats.com»™ &nbsp; &nbsp; </font></td>
</tr>
</table>
</body>
</html>

View File

@ -314,7 +314,7 @@ while ($i < 100) {
$dv = '';
$da = '';
$dv .= '<select style="font-size:12px;" name="botadminatack2"><option value="0">------ Âûáåðèòå êëîíà èç ñïèñêà ------</option>';
$sp_m = mysql_query('SELECT * FROM `users` WHERE `icq` = "17768719" ORDER BY `id` ASC');
//$sp_m = mysql_query('SELECT * FROM `users` WHERE `icq` = "17768719" ORDER BY `id` ASC'); //icq deprecaded and removed
while ($pl_m = mysql_fetch_array($sp_m)) {
$dv .= '<option value="' . $pl_m['id'] . '">' . $pl_m['id'] . ' [ ' . $pl_m['align'] . ' ] - ' . $pl_m['login'] . ' [' . $pl_m['level'] . ']</option>';
$da .= '<option value="' . $pl_m['id'] . '">' . $pl_m['id'] . ' [ ' . $pl_m['align'] . ' ] - ' . $pl_m['login'] . ' [' . $pl_m['level'] . ']</option>';

View File

@ -43,11 +43,6 @@ if ($u->info['online'] < time() - 60) {
$u->stats = $u->getStats($u->info['id'], 0);
if ($u->info['activ'] > 0) {
include('activnew.php');
die();
}
?>
<!DOCTYPE html>
<html lang="ru-RU">
@ -67,7 +62,7 @@ if ($u->info['activ'] > 0) {
<script src="https://html5shiv.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
<script>
var des = <?=(0 + $u->info['design'])?>;
var des = 1;
var c = {
noEr: 0,
noErTmr: 0,

View File

@ -1,42 +1,35 @@
<?
require_once('_incl_data/__config.php');
?>
<HTML><HEAD>
<link rel=stylesheet type="text/css" href="https://img.new-combats.com/css/main.css">
<meta content="text/html; charset=windows-1251" http-equiv=Content-type>
<META Http-Equiv=Cache-Control Content=no-cache>
<meta http-equiv=PRAGMA content=NO-CACHE>
<META Http-Equiv=Expires Content=0>
<TITLE>Áîéöîâñêèé Ìèð. Ïîäòâåðæäåíèå îïåðàöèè ÷åðåç e-mail.</TITLE>
</HEAD>
<body leftmargin=10 topmargin=20 marginwidth=0 bgcolor=e2e0e0>
<?
if ($_GET['id']!='' && $_GET['code']!='') {
define('GAME',true);
include ("_incl_data/class/__db_connect.php");
$confirm = mysql_query("SELECT * FROM `emailconfirmation` WHERE `id` = '".mysql_real_escape_string($_GET['id'])."' AND `code` = '".mysql_real_escape_string($_GET['code'])."' AND (`active` = '1' OR `pass` = '1' OR `email` = '1' OR `qu_an` = '1')");
if (mysql_num_rows($confirm) == 0 or mysql_num_rows($confirm) == '') die("<br><br><br><h3>Ññûëêà óñòàðåëà!</h3>");
$confirm = mysql_fetch_array($confirm,MYSQL_ASSOC) or die("Îøèáêà îáðàáîòêè çàïðîñà!!");
if($confirm['active'] == 1) {
mysql_query("UPDATE `users` SET `emailconfirmation` = '1', `securetime` = '".(time()+259200)."' WHERE `id` = '".mysql_real_escape_string($confirm['id'])."'");
echo "<br><br><br><h3>Ïîäòâåðæäåíèå ñìåíû ïàðîëÿ/email ÷åðåç ïî÷òó âêëþ÷åíî</h3>";
}elseif($confirm['pass'] == 1) {
mysql_query("UPDATE `users` SET `pass` = '".mysql_real_escape_string($confirm['pa_em'])."', `securetime` = '".(time()+259200)."' WHERE `id` = '".mysql_real_escape_string($confirm['id'])."'");
echo "<br><br><br><h3>Óäà÷íî ñìåíèëè ïàðîëü</h3>";
}elseif($confirm['email'] == 1) {
mysql_query("UPDATE `users` SET `email` = '".mysql_real_escape_string($confirm['pa_em'])."', `securetime` = '".(time()+259200)."' WHERE `id` = '".mysql_real_escape_string($confirm['id'])."'");
echo "<br><br><br><h3>Óäà÷íî ñìåíèëè email</h3>";
}elseif($confirm['qu_an'] == 1) {
mysql_query("UPDATE `users` SET `a1` = '".mysql_real_escape_string($confirm['question'])."',`q1` = '".mysql_real_escape_string($confirm['answer'])."', `securetime` = '".(time()+259200)."' WHERE `id` = '".mysql_real_escape_string($confirm['id'])."'");
echo "<br><br><br><h3>Óäà÷íî ñìåíèëè ñåêðåòíûé âîïðîñ / îòâåò</h3>";
}
mysql_query("DELETE FROM `emailconfirmation` WHERE `id` = '".mysql_real_escape_string($_GET['id'])."' AND `code` = '".mysql_real_escape_string($_GET['code'])."'");
}else{?>
<FORM>
<h4>Ïîäòâåðæäåíèå îïåðàöèè ÷åðåç e-mail</h4>
Ââåäèòå êîä: <INPUT type=text name='entcode' value='' size=40><INPUT type=submit value="Ãîòîâî">
</FORM>
<?}?>
<?php
</BODY>
</HTML>
use Core\Config;
use User\Confirmation;
require_once __DIR__ . DIRECTORY_SEPARATOR . '_incl_data/autoload.php';
Config::init();
if (!empty($_GET['id']) && !empty($_GET['code'])) {
$status = Confirmation::byCode((int)$_GET['id'], (int)$_GET['code']);
}
?>
<!DOCTYPE html>
<html lang="ru">
<head>
<meta content="text/html; charset=windows-1251" http-equiv=Content-type>
<TITLE><?= Config::get('https') ?> Ïîäòâåðæäåíèå îïåðàöèè ÷åðåç e-mail.</TITLE>
<style>
body {
margin-left: 10px;
margin-top: 20px;
background-color: #e2e0e0;
}
h3 {
margin-top: 50px;
}
</style>
</head>
<body>
<?= $status ?? '' ?>
</body>
</html>

View File

@ -143,7 +143,7 @@ function botAddBattle($bot, $logins_bot)
$add_bot = mysql_fetch_array(
mysql_query(
'SELECT
`id`, `login`, `stats`, `obraz`, `level`, `sex`, `name`, `deviz`, `hobby`, `type`, `itemsUse`, `priemUse`, `align`, `clan`, `align_zvanie`, `bonus`, `clan_zvanie`, `time_reg`, `city_reg`, `upLevel`, `active`, `expB`, `p_items`, `agressor`, `priems`, `priems_z`, `award`
`id`, `login`, `stats`, `obraz`, `level`, `sex`, `name`, `hobby`, `type`, `itemsUse`, `priemUse`, `align`, `clan`, `align_zvanie`, `bonus`, `clan_zvanie`, `time_reg`, `city_reg`, `upLevel`, `active`, `expB`, `p_items`, `agressor`, `priems`, `priems_z`, `award`
FROM `test_bot`
WHERE `id` = "' . $bot['id_bot'] . '"
LIMIT 1'
@ -174,7 +174,6 @@ function botAddBattle($bot, $logins_bot)
`cityreg`,
`name`,
`sex`,
`deviz`,
`hobby`,
`timereg`,
`obraz`,
@ -188,7 +187,6 @@ function botAddBattle($bot, $logins_bot)
"' . $add_bot['city_reg'] . '",
"' . $add_bot['name'] . '",
"' . $add_bot['sex'] . '",
"' . $add_bot['deviz'] . '",
"' . $add_bot['hobby'] . '",
"' . $add_bot['time_reg'] . '",
"' . $add_bot['obraz'] . '",

236
enter.php
View File

@ -39,9 +39,10 @@ if (isset($_GET['cookie_login']) && $_GET['cookie_login'] != '') {
function error($e)
{
die('
<link rel="stylesheet" href="error.css">
<div class="text-wrapper">
die(
'
<link rel="stylesheet" href="error.css">
<div class="text-wrapper">
<div class="title" data-content="Îøèáêà">
Îøèáêà!!
</div>
@ -51,42 +52,30 @@ function error($e)
</div>
<div class="buttons">
<a class="button" href="https://new-combats.com">Âåðíóòüñÿ íàçàä</a>
<a class="button" href="' . Config::get('https') . '">Âåðíóòüñÿ íàçàä</a>
</div>
</div>
');
'
);
}
function md5m($src)
function checkPassword(string $password, string $passwordHash, string $login): bool
{
$tar = [16];
$res = [16];
$src = utf8_encode($src);
for ($i = 0; $i < strlen($src) || $i < 16; $i++) {
$res[$i] = ord($src[$i]) ^ $i * 4;
}
for ($i = 0; $i < 4; $i++) {
for ($j = 0; $j < 4; $j++) {
$tar[$i * 4 + $j] = ($res[$j * 4 + $i] + 256) % 256;
if (password_verify($password, $passwordHash)) { // check password
return true;
} else {
if (
md5($password) === $passwordHash || // convert old md5() password
password_needs_rehash($passwordHash, PASSWORD_DEFAULT) //rehash if PASSWORD_DEFAULT changed
) {
$hash = password_hash($password, PASSWORD_DEFAULT);
Db::sql('update users set pass = ? where login = ?', [$hash, $login]);
return true;
}
return false;
}
return ($tar);
}
function array2HStr($src): string
{
$hex = ["0", "1", "2", "3", "4", "5", "6", "7", "8", "9", "A", "B", "C", "D", "E", "F"];
$res = "";
for ($i = 0; $i < 16; $i++) {
$res = $res . ($hex[$src[$i] >> 4] . $hex[$src[$i] % 16]);
}
return ($res);
}
$socauth = false;
//ReCapthca
require_once "./recaptchalib.php";
// âàø ñåêðåòíûé êëþ÷
@ -99,49 +88,75 @@ $response = null;
$reCaptcha = new ReCaptcha($secret);
if ($_POST["g-recaptcha-response"]) {
$response = $reCaptcha->verifyResponse(
$response = $reCaptcha->verifyResponse(
$_SERVER["REMOTE_ADDR"],
$_POST["g-recaptcha-response"]
);
}
//ReCapthca
$u = Db::getRow('select id, login, auth, pass, pass2, city, ip, ipreg, admin, online, banned, host_reg, timereg, securetime from users where login = ?', [$_POST['login']]);
$u = Db::getRow(
'select
users.id,
users.login,
auth,
pass,
pass2,
users.city,
users.ip,
ipreg,
admin,
online,
banned,
host_reg,
timereg,
securetime,
users_delo.text as block_reason
from users
left join users_delo on users.id = users_delo.uid
where users.login = ?',
[$_POST['login']]
);
$auth = Db::getValue('select id from logs_auth where uid = ? and ip = ?', [$u['id'], IP]);
if (
Config::get('securetime') > 0 &&
IP != $u['ip'] &&
IP != $u['ipreg'] &&
!isset($auth) &&
$u['securetime'] < Config::get('securetime') &&
$u['timereg'] < Config::get('securetime')
Config::get('securetime') > 0 &&
IP != $u['ip'] &&
IP != $u['ipreg'] &&
!isset($auth) &&
$u['securetime'] < Config::get('securetime') &&
$u['timereg'] < Config::get('securetime')
) {
error('Âû íå ìîæåòå âîéòè íà ïåðñîíàæà "' . $_POST['login'] . '".<br>Ñêîðåå âñåãî âû äàâíî íå ìåíÿëè ïàðîëü. Äëÿ ñìåíû ïåðåéäèòå ïî ññûëêå: <a href="/repass.php?login=' . htmlspecialchars($_POST['login'], null, 'cp1251') . '">ÑÌÅÍÀ ÏÀÐÎËß</a><br><br>Âàì íåîáõîäèìî ñìåíèòü ïàðîëü äëÿ áåçîïàñíîñòè ïåðñîíàæà, íà ïî÷òó ïî êîòîðîé çàðåãèñòðèðîâàí ïåðñîíàæ ïðèäåò íîâûé ñëó÷àéíî ñãåíåðèðîâàííûé ïàðîëü.<br>Åñëè ó âàñ íåò äîñòóïà ê E-mail: Çàðåãèñòðèðóéòå íîâîãî ïåðñîíàæà è îáðàòèòåñü ê Àäìèíèñòðàöèè, ëèáî ìîäåðàòîðàì.');
}
if (md5(md5($_POST['pass'])) == $u['pass']) {
$_POST['pass'] = md5($_POST['pass']);
error(
'Âû íå ìîæåòå âîéòè íà ïåðñîíàæà "' . $_POST['login'] . '".<br>
Ñêîðåå âñåãî âû äàâíî íå ìåíÿëè ïàðîëü.
Äëÿ ñìåíû ïåðåéäèòå ïî ññûëêå: <a href="/repass.php?login=' . $u['login'] . '">ÑÌÅÍÀ ÏÀÐÎËß</a><br><br>
Âàì íåîáõîäèìî ñìåíèòü ïàðîëü äëÿ áåçîïàñíîñòè ïåðñîíàæà,
íà ïî÷òó ïî êîòîðîé çàðåãèñòðèðîâàí ïåðñîíàæ ïðèäåò íîâûé ñëó÷àéíî ñãåíåðèðîâàííûé ïàðîëü.'
);
}
if (!isset($u['id'])) {
error('Ëîãèí "' . $_POST['login'] . '" íå íàéäåí â áàçå.');
} elseif ($u['pass'] != md5($_POST['pass']) && !$socauth) {
error('Íåâåðíûé ïàðîëü ê ïåðñîíàæó "' . $_POST['login'] . '".');
Db::sql('insert into logs_auth (uid, ip, browser, type, time, depass) values (?,?,?,3,unix_timestamp(),?)', [$u['id'], IP, $_SERVER['HTTP_USER_AGENT'], $_POST['pass']]);
} elseif ($u['banned'] > 0) {
$fm = Db::getValue('select text from users_delo where uid = ? and hb != 0 order by id desc limit 1', [$u['id']]) ?? '';
error('Ïåðñîíàæ <b>' . $_POST['login'] . '</b> çàáëîêèðîâàí.' . '<br>' . $fm . '<br>' . '<br><b>Âíèìàíèå!</b> Åñëè Âû óâåðåíû, ÷òî ïðîèçîøëà îøèáêà è Âû íè÷åãî íå íàðóøàëè, ïåðåðåãèñòðèðóéòåñü, îáüÿñíèòå ñèòóàöèþ àäìèíèñòðàöèè è îæèäàéòå îòâåòà!</a>' . '<br>Ïåðåä òåì êàê ïèñàòü, <b>ÂÍÈÌÀÒÅËÜÍÎ</b> îçíàêîìèòåñü ñ <a target="_blank" href="https://new-combats.com/lib/zakon/">äåéñòâóþùèìè çàêîíàìè.' . '<br><br>Åñëè Âû çàáëîêèðîâàíû ïðàâîìåðíî, òî ó Âàñ íåò øàíñîâ íà ðàçáëîêèðîâêó âàøåãî èãðîâîãî ïåðñîíàæà.');
$blockstr = "Ïåðñîíàæ <b>{$u['login']}</b> çàáëîêèðîâàí.";
$blockstr .= $u['block_reason'] ? "Ïðè÷èíà áëîêèðîâêè: {$u['block_reason']}<br><br>" : '<br><br>';
error($blockstr);
} elseif (!checkPassword($_POST['pass'], $u['pass'], $u['login'])) {
error("Íåâåðíûé ïàðîëü ê ïåðñîíàæó {$u['login']}.");
Db::sql(
'insert into logs_auth (uid, ip, browser, type, time, depass) values (?,?,?,3,unix_timestamp(),?)',
[$u['id'], IP, $_SERVER['HTTP_USER_AGENT'], $_POST['pass']]
);
} else {
//Âòîðîé ïàðîëü
if ($u['pass2'] != '' && $u['pass2'] != '0') {
if (!empty($u['pass2'])) {
$_SESSION['login'] = $_POST['login'];
$_SESSION['pass'] = $_POST['pass'];
$good2 = false;
$koko = '';
if (md5(array2HStr(md5m($_POST['code']))) == $u['pass2']) {
if (password_verify($_POST['code'], $u['pass2'])) {
$good2 = true;
unset($_SESSION['login'], $_SESSION['pass']);
} else {
@ -150,11 +165,9 @@ if (!isset($u['id'])) {
}
setcookie('login', '', time() - 60 * 60 * 24, '', Config::get('host'));
setcookie('pass', '', time() - 60 * 60 * 24, '', Config::get('host'));
setcookie('login', '', time() - 60 * 60 * 24);
setcookie('pass', '', time() - 60 * 60 * 24);
}
if ($koko != '') {
if ($koko) {
$koko = '<b style="color: red">' . $koko . '</b>';
}
if (!$good2) {
@ -272,25 +285,32 @@ if (!isset($u['id'])) {
}
}
$st = mysql_fetch_array(mysql_query('SELECT * FROM `stats` WHERE `id`="' . $u['id'] . '" LIMIT 1'));
if (!isset($st['id'])) {
mysql_query("INSERT INTO `stats` (`id`,`stats`) VALUES ('" . $u['id'] . "','s1=3|s2=3|s3=3|s4=3|rinv=40|m9=5|m6=10')");
if (!Db::getValue('select count(*) from stats where id = ?', [$u['id']])) {
Db::sql('insert into stats (id, stats) values (?,?)', [$u['id'], 's1=3|s2=3|s3=3|s4=3|rinv=40|m9=5|m6=10']);
}
$on = mysql_fetch_array(mysql_query('SELECT * FROM `online` WHERE `uid`="' . $u['id'] . '" LIMIT 1'));
if (!isset($on['id'])) {
mysql_query("INSERT INTO `online` (`uid`,`timeStart`) VALUES ('" . $u['id'] . "','" . time() . "')");
if (!Db::getValue('select count(*) from online where uid = ?', [$u['id']])) {
Db::sql('insert into online (uid, timeStart) values (?,unix_timestamp())', [$u['id']]);
}
if (isset($_COOKIE['login']) || isset($_COOKIE['pass'])) {
if (isset($_COOKIE['login'])) {
setcookie('login', '', time() - 60 * 60 * 24, '', Config::get('host'));
setcookie('pass', '', time() - 60 * 60 * 24, '', Config::get('host'));
}
//ìóëüòû
if ($u['admin'] === 0) {
$ipm1 = Db::getValue('select ip from logs_auth where uid = ? and ip != ? order by id limit 1', [$u['id'], $u['ip']]);
$ppl = Db::getRows('select * from logs_auth where ip != ? and (ip = ? or ip = ? or ip = ? or ip = ? or ip = ?)', ['', $u['ip'], $ipm1, $u['ipreg'], IP, $_COOKIE['ip']]);
$ipm1 = Db::getValue(
'select ip from logs_auth where uid = ? and ip != ? order by id limit 1',
[$u['id'], $u['ip']]
);
$ppl = Db::getRows(
'select * from logs_auth where ip != ? and (ip = ? or ip = ? or ip = ? or ip = ? or ip = ?)',
['', $u['ip'], $ipm1, $u['ipreg'], IP, $_COOKIE['ip']]
);
foreach ($ppl as $item) {
$ml = Db::getValue('select id from mults where (uid = ? and uid2 = ?) or (uid = ? and uid2 = ?) limit 1', [$item['uid'], $u['id'], $u['id'], $item['uid']]);
$ml = Db::getValue(
'select id from mults where (uid = ? and uid2 = ?) or (uid = ? and uid2 = ?) limit 1',
[$item['uid'], $u['id'], $u['id'], $item['uid']]
);
if (!$ml && $item['ip'] !== '' && $item['ip'] !== '127.0.0.1') {
Db::sql('insert into mults (uid, uid2, ip) VALUES (?,?,?)', [$u['id'], $item['uid'], $item['ip']]);
}
@ -301,52 +321,69 @@ if (!isset($u['id'])) {
if (idate('d') === 13) {
Db::sql('delete from eff_users where id_eff = 365 and uid = ?', [$u['id']]);
Db::sql(
'insert into eff_users (id_eff, uid, name, data, overType, timeUse, no_Ace) values (365,?,?,?,47,unix_timestamp(),1)',
[
$u['id'],
'Äåíü Ðîæäåíèÿ Êëóáà',
'add_speedhp=500|add_speedmp=500|add_speed_dungeon=50|add_repair_discount=1|',
]
'insert into eff_users (id_eff, uid, name, data, overType, timeUse, no_Ace) values (365,?,?,?,47,unix_timestamp(),1)',
[
$u['id'],
'Äåíü Ðîæäåíèÿ Êëóáà',
'add_speedhp=500|add_speedmp=500|add_speed_dungeon=50|add_repair_discount=1|',
]
);
$chat->send('', $u['room'], $u['city'], '', $u['login'], ' ÷åñòü äíÿ ðîæäåíèÿ ïðîåêòà âû ïîëó÷àåòå ýôôåêò &quot;Äåíü Ðîæäåíèÿ Êëóáà&quot;!(Ýôôåêò îáíîâëÿåòñÿ êàæäûé ðàç êîãäà âû çàõîäèòå íà ïåðñîíàæà)', time(), 6, 0, 0, 0, 1);
$chat->send(
'', $u['room'], $u['city'], '', $u['login'],
' ÷åñòü äíÿ ðîæäåíèÿ ïðîåêòà âû ïîëó÷àåòå ýôôåêò &quot;Äåíü Ðîæäåíèÿ Êëóáà&quot;!(Ýôôåêò îáíîâëÿåòñÿ êàæäûé ðàç êîãäà âû çàõîäèòå íà ïåðñîíàæà)',
time(), 6, 0, 0, 0, 1
);
}
if (isset($_COOKIE['ip']) && $_COOKIE['ip'] != IP) {
Db::sql('insert into logs_auth (uid, ip, browser, type, time, depass) VALUES (?,?,?,1,unix_timestamp(),?)', [$u['id'], $_COOKIE['ip'], $_SERVER['HTTP_USER_AGENT'], md5($_POST['pass'])]);
Db::sql(
'insert into logs_auth (uid, ip, browser, type, time, depass) VALUES (?,?,?,1,unix_timestamp(),?)',
[$u['id'], $_COOKIE['ip'], $_SERVER['HTTP_USER_AGENT'], md5($_POST['pass'])]
);
}
setcookie('login', $_POST['login'], time() + 60 * 60 * 24 * 7, '', Config::get('host'));
setcookie('pass', $u['pass'], time() + 60 * 60 * 24 * 7, '', Config::get('host'));
setcookie('login', $_POST['login'], time() + 60 * 60 * 24 * 7);
setcookie('pass', md5($_POST['pass']), time() + 60 * 60 * 24 * 7);
setcookie('ip', IP, time() + 60 * 60 * 24 * 150, '');
if ($u['online'] < time() - 520) {
$sp = mysql_query('SELECT `user` FROM `friends` WHERE `friend` = ' . $u['id']);
while ($pl = mysql_fetch_array($sp)) {
$usr = mysql_fetch_array(mysql_query('SELECT `id`,`online`,`login`,`city`,`room` FROM `users` WHERE `id` = ' . $pl['user']));
if (isset($usr['id']) && $usr['online'] > time() - 600) {
$chat->send('', $usr['room'], $usr['city'], '', $usr['login'], 'Âàñ ïðèâåòñòâóåò: <b>' . $u['login'] . '</b>.', time(), 6, 0, 0, 0, 1);
}
$sp = Db::getRows('select room, city, login from users where online > unix_timestamp() - 600 and id in (select user from friends where friend = ?)', [$u['id']]);
foreach ($sp as $usr) {
$chat->send(
'', $usr['room'], $usr['city'], '', $usr['login'], 'Âàñ ïðèâåòñòâóåò: <b>' . $u['login'] . '</b>.',
time(), 6, 0, 0, 0, 1
);
}
}
$apu = '';
mysql_query('UPDATE `dump` SET `ver` = 1,`upd` = 2 WHERE `uid` = ' . $u['id']);
Db::sql('update dump set ver = 1, upd = 2 where uid = ?', [$u['id']]);
if (
$u['auth'] != md5($u['login'] . 'AUTH' . IP) ||
$_COOKIE['auth'] != md5($u['login'] . 'AUTH' . IP) ||
$u['auth'] == '' || $u['auth'] == '0'
$u['auth'] != md5($u['login'] . 'AUTH' . IP) ||
$_COOKIE['auth'] != md5($u['login'] . 'AUTH' . IP) ||
$u['auth'] == '' || $u['auth'] == '0'
) {
if (
$u['auth'] != '' &&
$u['auth'] != '0' &&
$u['ip'] != IP
$u['auth'] != '' &&
$u['auth'] != '0' &&
$u['ip'] != IP
) {
mysql_query("INSERT INTO `chat` (`new`,`city`,`room`,`login`,`to`,`text`,`time`,`type`,`toChat`) VALUES ('1','capitalcity','0','','" . $u['login'] . "','Â ïðåäûäóùèé ðàç ýòèì ïåðñîíàæåì çàõîäèëè ñ äðóãîãî êîìïüþòåðà " . date('d.m.Y H:i', $u['online']) . ". (Ïðåäûäóùèé ip: %" . $u['ip'] . ")','-1','6','0')");
mysql_query(
"INSERT INTO `chat` (`new`,`city`,`room`,`login`,`to`,`text`,`time`,`type`,`toChat`) VALUES
('1',
'capitalcity',
'0',
'',
'" . $u['login'] . "',
'Â ïðåäûäóùèé ðàç ýòèì ïåðñîíàæåì çàõîäèëè ñ äðóãîãî êîìïüþòåðà " .
date('d.m.Y H:i', $u['online']) . ". (Ïðåäûäóùèé ip: %" . $u['ip'] . ")',
'-1',
'6',
'0'
)"
);
}
$apu = "`auth` = '" . md5($u['login'] . 'AUTH' . IP) . "',";
setcookie('auth', md5($u['login'] . 'AUTH' . IP), time() + 60 * 60 * 24 * 365, '', 'new-combats.com');
@ -359,13 +396,18 @@ if (!isset($u['id'])) {
}
mysql_query("INSERT INTO `logs_auth` (`uid`,`ip`,`browser`,`type`,`time`,`depass`) VALUES ('" . $u['id'] . "','" . IP . "','" . mysql_real_escape_string($_SERVER['HTTP_USER_AGENT']) . "','0','" . time() . "','" . mysql_real_escape_string(md5($_POST['pass'])) . "')");
mysql_query(
"INSERT INTO `logs_auth` (`uid`,`ip`,`browser`,`type`,`time`,`depass`) VALUES ('" . $u['id'] . "','" . IP . "','" .
$_SERVER['HTTP_USER_AGENT'] . "','0','" . time() . "','" . mysql_real_escape_string(md5($_POST['pass'])) . "')"
);
mysql_query("UPDATE `users` SET " . $apu . "`ip`='" . $ipnew . "',`dateEnter`='" . mysql_real_escape_string($_SERVER['HTTP_USER_AGENT']) . "',`online`='" . time() . "' WHERE `login` = '" . mysql_real_escape_string($_POST['login']) . "' AND `pass` = '" . mysql_real_escape_string(md5($_POST['pass'])) . "' LIMIT 1");
mysql_query(
"UPDATE `users` SET " . $apu . "`ip`='" . $ipnew . "',`dateEnter`='" . $_SERVER['HTTP_USER_AGENT'] .
"',`online`='" . time() . "' WHERE `login` = '" . mysql_real_escape_string($_POST['login']) .
"' AND `pass` = '" . mysql_real_escape_string(md5($_POST['pass'])) . "' LIMIT 1"
);
header('location: /bk');
if (isset($_POST['active_code_key'])) {
header('location: /active.php?code=' . htmlspecialchars($_POST['active_code_key'], null, 'cp1251'));
} else {
header('location: /bk');
}
}

View File

@ -11,7 +11,7 @@ require_once('../_incl_data/class/__db_connect.php');
mysql_query('SET NAMES utf8');
if($_SERVER['HTTP_X_REQUESTED_WITH'] == 'XMLHttpRequest') {
$user = mysql_fetch_array(mysql_query('SELECT `id`,`battle` FROM `users` WHERE `login` = "'.mysql_real_escape_string($_COOKIE['login']).'" AND `pass` = "'.mysql_real_escape_string($_COOKIE['pass']).'" LIMIT 1'));
$user = mysql_fetch_array(mysql_query('SELECT `id`,`battle` FROM `users` WHERE `login` = "'.mysql_real_escape_string($_COOKIE['login']).'"'));
if( isset($user['id']) && $user['battle'] > 0 ) {
//
function json_fix_cyr($json_str) {

View File

@ -135,7 +135,7 @@ class forum
public function startForum()
{
//Âûäåëÿåì ïîëüçîâàòåëÿ
$ufr = mysql_fetch_array(mysql_query('SELECT * FROM `users` WHERE `login` = "' . mysql_real_escape_string($_COOKIE['login']) . '" AND `pass` = "' . mysql_real_escape_string($_COOKIE['pass']) . '" AND `banned` = "0" LIMIT 1'));
$ufr = mysql_fetch_array(mysql_query('SELECT * FROM `users` WHERE `login` = "' . mysql_real_escape_string($_COOKIE['login']) . '" AND `banned` = 0'));
if (!isset($ufr['id']) || $ufr['banned'] > 0) {
unset($u);
} else {

View File

@ -56,8 +56,7 @@
mysql_query("UPDATE `users` SET `referals` = `referals` + 1 WHERE `id` = '".mysql_real_escape_string((int)$_GET['ref'])."' LIMIT 1");
}
$pass = md5($pass);
mysql_query('INSERT INTO `users` (`activ`,`real`,`online`,`align`,`clan`,`clan_prava`,`win`,`lose`,`nich`,`sex`,`bithday`,`host_reg`,`pass`,`ip`,`ipreg`,`city`,`cityreg`,`room`,`timereg`) VALUES (
"0",
mysql_query('INSERT INTO `users` (`real`,`online`,`align`,`clan`,`clan_prava`,`win`,`lose`,`nich`,`sex`,`bithday`,`host_reg`,`pass`,`ip`,`ipreg`,`city`,`cityreg`,`room`,`timereg`) VALUES (
"1",
"'.time().'",
"'.mysql_real_escape_string($_GET['align']).'",

View File

@ -10,7 +10,7 @@ class battleNew {
}
$user = mysql_fetch_array(mysql_query('SELECT `id`,`battle` FROM `users` WHERE `login` = "'.mysql_real_escape_string($_COOKIE['login']).'" AND `pass` = "'.mysql_real_escape_string($_COOKIE['pass']).'" lIMIT 1'));
$user = mysql_fetch_array(mysql_query('SELECT `id`,`battle` FROM `users` WHERE `login` = "'.mysql_real_escape_string($_COOKIE['login']).'"'));
if(isset($user['id']) && $user['battle'] > 0) {
$stats = mysql_fetch_array(mysql_query('SELECT

View File

@ -7,9 +7,7 @@ if( $url[2] == 'upload' && $u->info['admin'] > 0 ) {
$html = '';
if( $u->info['activ'] == 1 ) {
$html = 'Чтобы начать публиковать изображения - Активируйте Вашего персонажа.';
}elseif( $u->info['molch1'] > time() ) {
if( $u->info['molch1'] > time() ) {
$html = 'Персонажи с молчанкой не могут публиковать изображения.';
}elseif( $u->info['banned'] > 0 ) {
$html = 'Заблокированные персонажи не могут публиковать изображения.';
@ -145,9 +143,7 @@ if(isset($_POST['save']) && isset($u->info['id'])) {
$_POST['lib_title'] = htmlspecialchars($_POST['lib_title'],NULL,'cp1251');
$mbpage_last = mysql_fetch_array(mysql_query('SELECT `time` FROM `library_content` WHERE `uid` = "'.$u->info['id'].'" ORDER BY `id` DESC LIMIT 1'));
if( $u->info['activ'] == 1 ) {
echo 'Чтобы начать публиковать статьи - Активируйте Вашего персонажа.';
}elseif( $u->info['molch1'] > time() ) {
if( $u->info['molch1'] > time() ) {
echo 'Персонажи с молчанкой не могут публиковать статьи.';
}elseif( $u->info['banned'] > 0 ) {
echo 'Заблокированные персонажи не могут публиковать статьи.';

View File

@ -1,38 +1,540 @@
@charset "windows-1251";
BODY{FONT-SIZE:10pt;FONT-FAMILY:Verdana,Arial,Helvetica,Tahoma,sans-serif}TD{FONT-SIZE:10pt;FONT-FAMILY:Verdana,Arial,Helvetica,Tahoma,sans-serif}OL{FONT-SIZE:10pt;FONT-FAMILY:Verdana,Arial,Helvetica,Tahoma,sans-serif}UL{FONT-SIZE:10pt;FONT-FAMILY:Verdana,Arial,Helvetica,Tahoma,sans-serif}LI{FONT-SIZE:10pt;FONT-FAMILY:Verdana,Arial,Helvetica,Tahoma,sans-serif}P{FONT-SIZE:10pt;FONT-FAMILY:Verdana,Arial,Helvetica,Tahoma,sans-serif}
.text{FONT-WEIGHT:normal;FONT-SIZE:10pt;COLOR:#000000;FONT-FAMILY:Verdana,Arial,Helvetica,Tahoma,sans-serif}H3{FONT-WEIGHT:bold;FONT-SIZE:12pt;COLOR:#8f0000;FONT-FAMILY:Arial;TEXT-ALIGN:center}H4{FONT-WEIGHT:bold;FONT-SIZE:11pt;MARGIN-BOTTOM:5px;COLOR:#8f0000;FONT-FAMILY:Arial}H5{MARGIN-TOP:0px;FONT-WEIGHT:bold;FONT-SIZE:11pt;MARGIN-BOTTOM:0px;COLOR:#4f0000;FONT-FAMILY:Arial}H6{FONT-WEIGHT:bold;FONT-SIZE:10pt;MARGIN-BOTTOM:0px;COLOR:black;FONT-FAMILY:Verdana}H2{FONT-WEIGHT:bold;FONT-SIZE:10pt;MARGIN-BOTTOM:0px;COLOR:#8f0000;FONT-FAMILY:Verdana}A{font-weight:bold;COLOR:#003388;TEXT-DECORATION:none;}A:visited{font-weight:bold;COLOR:#003388;TEXT-DECORATION:none;}A:active{COLOR:#6f0000}A:hover{COLOR:#0066ff}
.date{FONT-WEIGHT:normal;FONT-SIZE:8pt;COLOR:#007000;FONT-FAMILY:Courier;TEXT-DECORATION:none}
.date2{FONT-WEIGHT:normal;FONT-SIZE:8pt;COLOR:#007000;FONT-FAMILY:Courier;BACKGROUND-COLOR:#00ffaa;TEXT-DECORATION:none}
.sysdate{FONT-WEIGHT:normal;FONT-SIZE:8pt;COLOR:#b00000;FONT-FAMILY:Courier;TEXT-DECORATION:none}
.private{FONT-WEIGHT:bold;COLOR:red;BACKGROUND-COLOR:#fae0e0}A.private{FONT-WEIGHT:bold;COLOR:red;BACKGROUND-COLOR:#fae0e0}A.private:hover{FONT-WEIGHT:bold;COLOR:red;BACKGROUND-COLOR:#fae0e0}A.private:visited{FONT-WEIGHT:bold;COLOR:red;BACKGROUND-COLOR:#fae0e0}A.private:active{FONT-WEIGHT:bold;COLOR:red;BACKGROUND-COLOR:#fae0e0}
.privateklan{FONT-WEIGHT:bold;COLOR:#006600;BACKGROUND-COLOR:#DCFFDB;}A.privateklan{FONT-WEIGHT:bold;COLOR:#006600;BACKGROUND-COLOR:#DCFFDB;}A.privateklan:hover{FONT-WEIGHT:bold;COLOR:#006600;BACKGROUND-COLOR:#DCFFDB;}A.privateklan:visited{FONT-WEIGHT:bold;COLOR:#006600;BACKGROUND-COLOR:#DCFFDB;}A.privateklan:active{FONT-WEIGHT:bold;COLOR:#006600;BACKGROUND-COLOR:#DCFFDB;}
.number{FONT-WEIGHT:bold;FONT-SIZE:11pt;COLOR:#6f0000}
.dsc{FONT-WEIGHT:normal;COLOR:#606060}SELECT{BORDER:#b0b0b0 1pt solid;MARGIN-TOP:1px;FONT-SIZE:10px;MARGIN-BOTTOM:2px;BORDER-LEFT:#b0b0b0 1pt solid;COLOR:#191970;FONT-FAMILY:MS Sans Serif;border-radius:5px;height:20px;min-width:50px;}TEXTAREA{BORDER-RIGHT:#b0b0b0 1pt solid;BORDER-TOP:#b0b0b0 1pt solid;MARGIN-TOP:1px;FONT-SIZE:10px;MARGIN-BOTTOM:2px;BORDER-LEFT:#b0b0b0 1pt solid;COLOR:#191970;BORDER-BOTTOM:#b0b0b0 1pt solid;FONT-FAMILY:MS Sans Serif}INPUT{BORDER-RIGHT:#b0b0b0 1pt solid;BORDER-TOP:#b0b0b0 1pt solid;MARGIN-TOP:1px;FONT-SIZE:16px;MARGIN-BOTTOM:2px;BORDER-LEFT:#b0b0b0 1pt solid;COLOR:#191970;BORDER-BOTTOM:#b0b0b0 1pt solid;FONT-FAMILY:MS Sans Serif;border-radius:5px;}
.ahint{FONT-SIZE:8px;COLOR:#000080;FONT-FAMILY:MS Sans Serif;TEXT-DECORATION:none}#hint2{VISIBILITY:hidden;WIDTH:140px;POSITION:absolute;BACKGROUND-COLOR:#fff6dd;layer-background-color:#FFF6DD}#hint3{VISIBILITY:hidden;WIDTH:240px;POSITION:absolute;BACKGROUND-COLOR:#fff6dd;layer-background-color:#FFF6DD}
.B1{FONT-WEIGHT:bold;COLOR:#6666cc}
.B2{FONT-WEIGHT:bold;COLOR:#b06a00}
.B{FONT-WEIGHT:bold;}IMG{BORDER-RIGHT:0px;BORDER-TOP:0px;BORDER-LEFT:0px;BORDER-BOTTOM:0px}TABLE{BORDER-RIGHT:0px;BORDER-TOP:0px;BORDER-LEFT:0px;BORDER-BOTTOM:0px}
.btn_white{display:inline-block;font-size:10px;font-weight:normal;background:#fff;padding:0 11px;height:16px;border:1px solid #B0B0B0;border-radius:2px;}*+html .btn_white{zoom:1;display:inline;}input.btn_white{padding:0 10px 2px;height:20px;cursor:pointer;line-height:18px;font-size:10px;}
.btn{height:26px;display:inline-block;padding:2px 12px;margin-bottom:0;*margin-left:.3em;font-size:14px;font-family:Arial;line-height:20px;color:#333333;text-align:center;text-shadow:0 1px 1px rgba(255,255,255,0.75);vertical-align:middle;cursor:pointer;background-color:#f5f5f5;*background-color:#e6e6e6;background-image:-moz-linear-gradient(top,#ffffff,#e6e6e6);background-image:-webkit-gradient(linear,0 0,0 100%,from(#ffffff),to(#e6e6e6));background-image:-webkit-linear-gradient(top,#ffffff,#e6e6e6);background-image:-o-linear-gradient(top,#ffffff,#e6e6e6);background-image:linear-gradient(to bottom,#ffffff,#e6e6e6);background-repeat:repeat-x;border:1px solid #cccccc;*border:0;border-color:#e6e6e6 #e6e6e6 #bfbfbf;border-color:rgba(0,0,0,0.1) rgba(0,0,0,0.1) rgba(0,0,0,0.25);border-bottom-color:#b3b3b3;-webkit-border-radius:4px;-moz-border-radius:4px;border-radius:4px;filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#ffffffff',endColorstr='#ffe6e6e6',GradientType=0);filter:progid:DXImageTransform.Microsoft.gradient(enabled=false);*zoom:1;-webkit-box-shadow:inset 0 1px 0 rgba(255,255,255,0.2),0 1px 2px rgba(0,0,0,0.05);-moz-box-shadow:inset 0 1px 0 rgba(255,255,255,0.2),0 1px 2px rgba(0,0,0,0.05);box-shadow:inset 0 1px 0 rgba(255,255,255,0.2),0 1px 2px rgba(0,0,0,0.05);font-weight:normal;}
.btn:hover,.btn:focus,.btn:active,.btn.active,.btn.disabled,.btn[disabled]{color:#333333;background-color:#e6e6e6;*background-color:#d9d9d9;}
.btn:active,.btn.active{background-color:#cccccc \9;}
.btn:first-child{*margin-left:0;}
.btn:hover,.btn:focus{color:#333333;text-decoration:none;background-position:0 -15px;-webkit-transition:background-position 0.1s linear;-moz-transition:background-position 0.1s linear;-o-transition:background-position 0.1s linear;transition:background-position 0.1s linear;}
.btn:focus{outline:thin dotted #333;outline:5px auto -webkit-focus-ring-color;outline-offset:-2px;}
.btn.active,.btn:active{background-image:none;outline:0;-webkit-box-shadow:inset 0 2px 4px rgba(0,0,0,0.15),0 1px 2px rgba(0,0,0,0.05);-moz-box-shadow:inset 0 2px 4px rgba(0,0,0,0.15),0 1px 2px rgba(0,0,0,0.05);box-shadow:inset 0 2px 4px rgba(0,0,0,0.15),0 1px 2px rgba(0,0,0,0.05);}
.btn.disabled,.btn[disabled]{cursor:default;background-image:none;opacity:0.65;filter:alpha(opacity=65);-webkit-box-shadow:none;-moz-box-shadow:none;box-shadow:none;}
.ahint{font-family:MS Sans Serif;font-size:8px;text-decoration:none;color:#000080;z-index:99;}#hint2{position:absolute;width:140;background-color:#FFF6DD;layer-background-color:#FFF6DD;visibility:hidden}#hint3{position:absolute;width:240;background-color:#FFF6DD;layer-background-color:#FFF6DD;visibility:hidden}#hint4{position:absolute;width:240;visibility:hidden}
.btn-primary.active,.btn-warning.active,.btn-danger.active,.btn-success.active,.btn-info.active,.btn-inverse.active{color:rgba(255,255,255,0.75);}
.btn-danger{color:#ffffff;text-shadow:0 -1px 0 rgba(0,0,0,0.25);background-color:#da4f49;*background-color:#bd362f;background-image:-moz-linear-gradient(top,#ee5f5b,#bd362f);background-image:-webkit-gradient(linear,0 0,0 100%,from(#ee5f5b),to(#bd362f));background-image:-webkit-linear-gradient(top,#ee5f5b,#bd362f);background-image:-o-linear-gradient(top,#ee5f5b,#bd362f);background-image:linear-gradient(to bottom,#ee5f5b,#bd362f);background-repeat:repeat-x;border-color:#bd362f #bd362f #802420;border-color:rgba(0,0,0,0.1) rgba(0,0,0,0.1) rgba(0,0,0,0.25);filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#ffee5f5b',endColorstr='#ffbd362f',GradientType=0);filter:progid:DXImageTransform.Microsoft.gradient(enabled=false);}
.btn-danger:hover,.btn-danger:focus,.btn-danger:active,.btn-danger.active,.btn-danger.disabled,.btn-danger[disabled]{color:#ffffff;background-color:#bd362f;*background-color:#a9302a;}
.btn-danger:active,.btn-danger.active{background-color:#942a25 \9;}
.btn-success{color:#ffffff;text-shadow:0 -1px 0 rgba(0,0,0,0.25);background-color:#5bb75b;*background-color:#51a351;background-image:-moz-linear-gradient(top,#62c462,#51a351);background-image:-webkit-gradient(linear,0 0,0 100%,from(#62c462),to(#51a351));background-image:-webkit-linear-gradient(top,#62c462,#51a351);background-image:-o-linear-gradient(top,#62c462,#51a351);background-image:linear-gradient(to bottom,#62c462,#51a351);background-repeat:repeat-x;border-color:#51a351 #51a351 #387038;border-color:rgba(0,0,0,0.1) rgba(0,0,0,0.1) rgba(0,0,0,0.25);filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#ff62c462',endColorstr='#ff51a351',GradientType=0);filter:progid:DXImageTransform.Microsoft.gradient(enabled=false);}
.btn-success:hover,.btn-success:focus,.btn-success:active,.btn-success.active,.btn-success.disabled,.btn-success[disabled]{color:#ffffff;background-color:#51a351;*background-color:#499249;}
.btn-success:active,.btn-success.active{background-color:#408140 \9;}
.btn-primary.active,.btn-warning.active,.btn-danger.active,.btn-success.active,.btn-info.active,.btn-inverse.active{color:rgba(255,255,255,0.75);}
.btn-primary{color:#ffffff;text-shadow:0 -1px 0 rgba(0,0,0,0.25);background-color:#006dcc;*background-color:#0044cc;background-image:-moz-linear-gradient(top,#0088cc,#0044cc);background-image:-webkit-gradient(linear,0 0,0 100%,from(#0088cc),to(#0044cc));background-image:-webkit-linear-gradient(top,#0088cc,#0044cc);background-image:-o-linear-gradient(top,#0088cc,#0044cc);background-image:linear-gradient(to bottom,#0088cc,#0044cc);background-repeat:repeat-x;border-color:#0044cc #0044cc #002a80;border-color:rgba(0,0,0,0.1) rgba(0,0,0,0.1) rgba(0,0,0,0.25);filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#ff0088cc',endColorstr='#ff0044cc',GradientType=0);filter:progid:DXImageTransform.Microsoft.gradient(enabled=false);}
.btn-primary:hover,.btn-primary:focus,.btn-primary:active,.btn-primary.active,.btn-primary.disabled,.btn-primary[disabled]{color:#ffffff;background-color:#0044cc;*background-color:#003bb3;}
.btn-primary:active,.btn-primary.active{background-color:#003399 \9;}
.btn-inverse{color:#ffffff;text-shadow:0 -1px 0 rgba(0,0,0,0.25);background-color:#363636;*background-color:#222222;background-image:-moz-linear-gradient(top,#444444,#222222);background-image:-webkit-gradient(linear,0 0,0 100%,from(#444444),to(#222222));background-image:-webkit-linear-gradient(top,#444444,#222222);background-image:-o-linear-gradient(top,#444444,#222222);background-image:linear-gradient(to bottom,#444444,#222222);background-repeat:repeat-x;border-color:#222222 #222222 #000000;border-color:rgba(0,0,0,0.1) rgba(0,0,0,0.1) rgba(0,0,0,0.25);filter:progid:DXImageTransform.Microsoft.gradient(startColorstr='#ff444444',endColorstr='#ff222222',GradientType=0);filter:progid:DXImageTransform.Microsoft.gradient(enabled=false);}
.btn-inverse:hover,.btn-inverse:focus,.btn-inverse:active,.btn-inverse.active,.btn-inverse.disabled,.btn-inverse[disabled]{color:#ffffff;background-color:#222222;*background-color:#151515;}
.btn-inverse:active,.btn-inverse.active{background-color:#080808 \9;}
BODY {
FONT-SIZE: 10pt;
FONT-FAMILY: Verdana, Arial, Helvetica, Tahoma, sans-serif
}
TD {
FONT-SIZE: 10pt;
FONT-FAMILY: Verdana, Arial, Helvetica, Tahoma, sans-serif
}
OL {
FONT-SIZE: 10pt;
FONT-FAMILY: Verdana, Arial, Helvetica, Tahoma, sans-serif
}
UL {
FONT-SIZE: 10pt;
FONT-FAMILY: Verdana, Arial, Helvetica, Tahoma, sans-serif
}
LI {
FONT-SIZE: 10pt;
FONT-FAMILY: Verdana, Arial, Helvetica, Tahoma, sans-serif
}
P {
FONT-SIZE: 10pt;
FONT-FAMILY: Verdana, Arial, Helvetica, Tahoma, sans-serif
}
.text {
FONT-WEIGHT: normal;
FONT-SIZE: 10pt;
COLOR: #000000;
FONT-FAMILY: Verdana, Arial, Helvetica, Tahoma, sans-serif
}
H3 {
FONT-WEIGHT: bold;
FONT-SIZE: 12pt;
COLOR: #8f0000;
FONT-FAMILY: Arial;
TEXT-ALIGN: center
}
H4 {
FONT-WEIGHT: bold;
FONT-SIZE: 11pt;
MARGIN-BOTTOM: 5px;
COLOR: #8f0000;
FONT-FAMILY: Arial
}
H5 {
MARGIN-TOP: 0px;
FONT-WEIGHT: bold;
FONT-SIZE: 11pt;
MARGIN-BOTTOM: 0px;
COLOR: #4f0000;
FONT-FAMILY: Arial
}
H6 {
FONT-WEIGHT: bold;
FONT-SIZE: 10pt;
MARGIN-BOTTOM: 0px;
COLOR: black;
FONT-FAMILY: Verdana
}
H2 {
FONT-WEIGHT: bold;
FONT-SIZE: 10pt;
MARGIN-BOTTOM: 0px;
COLOR: #8f0000;
FONT-FAMILY: Verdana
}
A {
font-weight: bold;
COLOR: #003388;
TEXT-DECORATION: none;
}
A:visited {
font-weight: bold;
COLOR: #003388;
TEXT-DECORATION: none;
}
A:active {
COLOR: #6f0000
}
A:hover {
COLOR: #0066ff
}
.date {
FONT-WEIGHT: normal;
FONT-SIZE: 8pt;
COLOR: #007000;
FONT-FAMILY: Courier;
TEXT-DECORATION: none
}
.date2 {
FONT-WEIGHT: normal;
FONT-SIZE: 8pt;
COLOR: #007000;
FONT-FAMILY: Courier;
BACKGROUND-COLOR: #00ffaa;
TEXT-DECORATION: none
}
.sysdate {
FONT-WEIGHT: normal;
FONT-SIZE: 8pt;
COLOR: #b00000;
FONT-FAMILY: Courier;
TEXT-DECORATION: none
}
.private {
FONT-WEIGHT: bold;
COLOR: red;
BACKGROUND-COLOR: #fae0e0
}
A.private {
FONT-WEIGHT: bold;
COLOR: red;
BACKGROUND-COLOR: #fae0e0
}
A.private:hover {
FONT-WEIGHT: bold;
COLOR: red;
BACKGROUND-COLOR: #fae0e0
}
A.private:visited {
FONT-WEIGHT: bold;
COLOR: red;
BACKGROUND-COLOR: #fae0e0
}
A.private:active {
FONT-WEIGHT: bold;
COLOR: red;
BACKGROUND-COLOR: #fae0e0
}
.privateklan {
FONT-WEIGHT: bold;
COLOR: #006600;
BACKGROUND-COLOR: #DCFFDB;
}
A.privateklan {
FONT-WEIGHT: bold;
COLOR: #006600;
BACKGROUND-COLOR: #DCFFDB;
}
A.privateklan:hover {
FONT-WEIGHT: bold;
COLOR: #006600;
BACKGROUND-COLOR: #DCFFDB;
}
A.privateklan:visited {
FONT-WEIGHT: bold;
COLOR: #006600;
BACKGROUND-COLOR: #DCFFDB;
}
A.privateklan:active {
FONT-WEIGHT: bold;
COLOR: #006600;
BACKGROUND-COLOR: #DCFFDB;
}
.number {
FONT-WEIGHT: bold;
FONT-SIZE: 11pt;
COLOR: #6f0000
}
.dsc {
FONT-WEIGHT: normal;
COLOR: #606060
}
SELECT {
BORDER: #b0b0b0 1pt solid;
MARGIN-TOP: 1px;
FONT-SIZE: 10px;
MARGIN-BOTTOM: 2px;
BORDER-LEFT: #b0b0b0 1pt solid;
COLOR: #191970;
FONT-FAMILY: MS Sans Serif;
border-radius: 5px;
height: 20px;
min-width: 50px;
}
TEXTAREA {
BORDER-RIGHT: #b0b0b0 1pt solid;
BORDER-TOP: #b0b0b0 1pt solid;
MARGIN-TOP: 1px;
FONT-SIZE: 10px;
MARGIN-BOTTOM: 2px;
BORDER-LEFT: #b0b0b0 1pt solid;
COLOR: #191970;
BORDER-BOTTOM: #b0b0b0 1pt solid;
FONT-FAMILY: MS Sans Serif
}
INPUT {
BORDER-RIGHT: #b0b0b0 1pt solid;
BORDER-TOP: #b0b0b0 1pt solid;
MARGIN-TOP: 1px;
FONT-SIZE: 16px;
MARGIN-BOTTOM: 2px;
BORDER-LEFT: #b0b0b0 1pt solid;
COLOR: #191970;
BORDER-BOTTOM: #b0b0b0 1pt solid;
FONT-FAMILY: MS Sans Serif;
border-radius: 5px;
}
.ahint {
FONT-SIZE: 8px;
COLOR: #000080;
FONT-FAMILY: MS Sans Serif;
TEXT-DECORATION: none
}
#hint2 {
VISIBILITY: hidden;
WIDTH: 140px;
POSITION: absolute;
BACKGROUND-COLOR: #fff6dd;
layer-background-color: #FFF6DD
}
#hint3 {
VISIBILITY: hidden;
WIDTH: 240px;
POSITION: absolute;
BACKGROUND-COLOR: #fff6dd;
layer-background-color: #FFF6DD
}
.B1 {
FONT-WEIGHT: bold;
COLOR: #6666cc
}
.B2 {
FONT-WEIGHT: bold;
COLOR: #b06a00
}
.B {
FONT-WEIGHT: bold;
}
IMG {
BORDER-RIGHT: 0px;
BORDER-TOP: 0px;
BORDER-LEFT: 0px;
BORDER-BOTTOM: 0px
}
TABLE {
BORDER-RIGHT: 0px;
BORDER-TOP: 0px;
BORDER-LEFT: 0px;
BORDER-BOTTOM: 0px
}
.btn_white {
display: inline-block;
font-size: 10px;
font-weight: normal;
background: #fff;
padding: 0 11px;
height: 16px;
border: 1px solid #B0B0B0;
border-radius: 2px;
}
* + html .btn_white {
zoom: 1;
display: inline;
}
input.btn_white {
padding: 0 10px 2px;
height: 20px;
cursor: pointer;
line-height: 18px;
font-size: 10px;
}
.btn {
height: 26px;
display: inline-block;
padding: 2px 12px;
margin-bottom: 0;
*margin-left: .3em;
font-size: 14px;
font-family: Arial;
line-height: 20px;
color: #333333;
text-align: center;
text-shadow: 0 1px 1px rgba(255, 255, 255, 0.75);
vertical-align: middle;
cursor: pointer;
background-color: #f5f5f5;
*background-color: #e6e6e6;
background-image: -moz-linear-gradient(top, #ffffff, #e6e6e6);
background-image: -webkit-gradient(linear, 0 0, 0 100%, from(#ffffff), to(#e6e6e6));
background-image: -webkit-linear-gradient(top, #ffffff, #e6e6e6);
background-image: -o-linear-gradient(top, #ffffff, #e6e6e6);
background-image: linear-gradient(to bottom, #ffffff, #e6e6e6);
background-repeat: repeat-x;
border: 1px solid #cccccc;
*border: 0;
border-color: #e6e6e6 #e6e6e6 #bfbfbf;
border-color: rgba(0, 0, 0, 0.1) rgba(0, 0, 0, 0.1) rgba(0, 0, 0, 0.25);
border-bottom-color: #b3b3b3;
-webkit-border-radius: 4px;
-moz-border-radius: 4px;
border-radius: 4px;
filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ffffffff', endColorstr='#ffe6e6e6', GradientType=0);
filter: progid:DXImageTransform.Microsoft.gradient(enabled=false);
*zoom: 1;
-webkit-box-shadow: inset 0 1px 0 rgba(255, 255, 255, 0.2), 0 1px 2px rgba(0, 0, 0, 0.05);
-moz-box-shadow: inset 0 1px 0 rgba(255, 255, 255, 0.2), 0 1px 2px rgba(0, 0, 0, 0.05);
box-shadow: inset 0 1px 0 rgba(255, 255, 255, 0.2), 0 1px 2px rgba(0, 0, 0, 0.05);
font-weight: normal;
}
.btn:hover, .btn:focus, .btn:active, .btn.active, .btn.disabled, .btn[disabled] {
color: #333333;
background-color: #e6e6e6;
*background-color: #d9d9d9;
}
.btn:active, .btn.active {
background-color: #cccccc \9;
}
.btn:first-child {
*margin-left: 0;
}
.btn:hover, .btn:focus {
color: #333333;
text-decoration: none;
background-position: 0 -15px;
-webkit-transition: background-position 0.1s linear;
-moz-transition: background-position 0.1s linear;
-o-transition: background-position 0.1s linear;
transition: background-position 0.1s linear;
}
.btn:focus {
outline: thin dotted #333;
outline: 5px auto -webkit-focus-ring-color;
outline-offset: -2px;
}
.btn.active, .btn:active {
background-image: none;
outline: 0;
-webkit-box-shadow: inset 0 2px 4px rgba(0, 0, 0, 0.15), 0 1px 2px rgba(0, 0, 0, 0.05);
-moz-box-shadow: inset 0 2px 4px rgba(0, 0, 0, 0.15), 0 1px 2px rgba(0, 0, 0, 0.05);
box-shadow: inset 0 2px 4px rgba(0, 0, 0, 0.15), 0 1px 2px rgba(0, 0, 0, 0.05);
}
.btn.disabled, .btn[disabled] {
cursor: default;
background-image: none;
opacity: 0.65;
filter: alpha(opacity=65);
-webkit-box-shadow: none;
-moz-box-shadow: none;
box-shadow: none;
}
.ahint {
font-family: MS Sans Serif;
font-size: 8px;
text-decoration: none;
color: #000080;
z-index: 99;
}
#hint2 {
position: absolute;
width: 140;
background-color: #FFF6DD;
layer-background-color: #FFF6DD;
visibility: hidden
}
#hint3 {
position: absolute;
width: 240;
background-color: #FFF6DD;
layer-background-color: #FFF6DD;
visibility: hidden
}
#hint4 {
position: absolute;
width: 240;
visibility: hidden
}
.btn-primary.active, .btn-warning.active, .btn-danger.active, .btn-success.active, .btn-info.active, .btn-inverse.active {
color: rgba(255, 255, 255, 0.75);
}
.btn-danger {
color: #ffffff;
text-shadow: 0 -1px 0 rgba(0, 0, 0, 0.25);
background-color: #da4f49;
*background-color: #bd362f;
background-image: -moz-linear-gradient(top, #ee5f5b, #bd362f);
background-image: -webkit-gradient(linear, 0 0, 0 100%, from(#ee5f5b), to(#bd362f));
background-image: -webkit-linear-gradient(top, #ee5f5b, #bd362f);
background-image: -o-linear-gradient(top, #ee5f5b, #bd362f);
background-image: linear-gradient(to bottom, #ee5f5b, #bd362f);
background-repeat: repeat-x;
border-color: #bd362f #bd362f #802420;
border-color: rgba(0, 0, 0, 0.1) rgba(0, 0, 0, 0.1) rgba(0, 0, 0, 0.25);
filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ffee5f5b', endColorstr='#ffbd362f', GradientType=0);
filter: progid:DXImageTransform.Microsoft.gradient(enabled=false);
}
.btn-danger:hover, .btn-danger:focus, .btn-danger:active, .btn-danger.active, .btn-danger.disabled, .btn-danger[disabled] {
color: #ffffff;
background-color: #bd362f;
*background-color: #a9302a;
}
.btn-danger:active, .btn-danger.active {
background-color: #942a25 \9;
}
.btn-success {
color: #ffffff;
text-shadow: 0 -1px 0 rgba(0, 0, 0, 0.25);
background-color: #5bb75b;
*background-color: #51a351;
background-image: -moz-linear-gradient(top, #62c462, #51a351);
background-image: -webkit-gradient(linear, 0 0, 0 100%, from(#62c462), to(#51a351));
background-image: -webkit-linear-gradient(top, #62c462, #51a351);
background-image: -o-linear-gradient(top, #62c462, #51a351);
background-image: linear-gradient(to bottom, #62c462, #51a351);
background-repeat: repeat-x;
border-color: #51a351 #51a351 #387038;
border-color: rgba(0, 0, 0, 0.1) rgba(0, 0, 0, 0.1) rgba(0, 0, 0, 0.25);
filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ff62c462', endColorstr='#ff51a351', GradientType=0);
filter: progid:DXImageTransform.Microsoft.gradient(enabled=false);
}
.btn-success:hover, .btn-success:focus, .btn-success:active, .btn-success.active, .btn-success.disabled, .btn-success[disabled] {
color: #ffffff;
background-color: #51a351;
*background-color: #499249;
}
.btn-success:active, .btn-success.active {
background-color: #408140 \9;
}
.btn-primary.active, .btn-warning.active, .btn-danger.active, .btn-success.active, .btn-info.active, .btn-inverse.active {
color: rgba(255, 255, 255, 0.75);
}
.btn-primary {
color: #ffffff;
text-shadow: 0 -1px 0 rgba(0, 0, 0, 0.25);
background-color: #006dcc;
*background-color: #0044cc;
background-image: -moz-linear-gradient(top, #0088cc, #0044cc);
background-image: -webkit-gradient(linear, 0 0, 0 100%, from(#0088cc), to(#0044cc));
background-image: -webkit-linear-gradient(top, #0088cc, #0044cc);
background-image: -o-linear-gradient(top, #0088cc, #0044cc);
background-image: linear-gradient(to bottom, #0088cc, #0044cc);
background-repeat: repeat-x;
border-color: #0044cc #0044cc #002a80;
border-color: rgba(0, 0, 0, 0.1) rgba(0, 0, 0, 0.1) rgba(0, 0, 0, 0.25);
filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ff0088cc', endColorstr='#ff0044cc', GradientType=0);
filter: progid:DXImageTransform.Microsoft.gradient(enabled=false);
}
.btn-primary:hover, .btn-primary:focus, .btn-primary:active, .btn-primary.active, .btn-primary.disabled, .btn-primary[disabled] {
color: #ffffff;
background-color: #0044cc;
*background-color: #003bb3;
}
.btn-primary:active, .btn-primary.active {
background-color: #003399 \9;
}
.btn-inverse {
color: #ffffff;
text-shadow: 0 -1px 0 rgba(0, 0, 0, 0.25);
background-color: #363636;
*background-color: #222222;
background-image: -moz-linear-gradient(top, #444444, #222222);
background-image: -webkit-gradient(linear, 0 0, 0 100%, from(#444444), to(#222222));
background-image: -webkit-linear-gradient(top, #444444, #222222);
background-image: -o-linear-gradient(top, #444444, #222222);
background-image: linear-gradient(to bottom, #444444, #222222);
background-repeat: repeat-x;
border-color: #222222 #222222 #000000;
border-color: rgba(0, 0, 0, 0.1) rgba(0, 0, 0, 0.1) rgba(0, 0, 0, 0.25);
filter: progid:DXImageTransform.Microsoft.gradient(startColorstr='#ff444444', endColorstr='#ff222222', GradientType=0);
filter: progid:DXImageTransform.Microsoft.gradient(enabled=false);
}
.btn-inverse:hover, .btn-inverse:focus, .btn-inverse:active, .btn-inverse.active, .btn-inverse.disabled, .btn-inverse[disabled] {
color: #ffffff;
background-color: #222222;
*background-color: #151515;
}
.btn-inverse:active, .btn-inverse.active {
background-color: #080808 \9;
}

97
inf.php
View File

@ -2367,9 +2367,7 @@ if (isset($uer)) {
}
if ($u->info['admin'] > 0) {
if ($inf['activ'] == 0) {
echo '<font color=green><b>';
}
echo '<font color=green><b>';
$mls = mysql_fetch_array(
mysql_query(
@ -2381,20 +2379,13 @@ if (isset($uer)) {
if (isset($mls['name'])) {
echo '<u>E-mail: ' . $inf['mail'] . '</u> (ÐÀÑÑÛËÊÀ)';
} else {
echo 'E-mail: ' . $inf['mail'] . '';
}
if ($inf['activ'] == 0) {
echo ' &nbsp; & &nbsp; ' . $inf['send'] . '<br />';
echo '</b></font>';
} else {
echo '<br />';
echo 'E-mail: ' . $inf['mail'];
}
echo ' &nbsp; & &nbsp; ' . $inf['send'] . '<br />';
echo '</b></font>';
} else {
if ($inf['activ'] == 0) {
echo '<font color=green><b>Ïåðñîíàæ àêòèâèðîâàí</b></font>';
} else {
echo '<font color=red><b>Ïåðñîíàæ íå àêòèâèðîâàí</b></font>';
}
echo '<br>';
}
if ($inf['no_ip'] != 0) {
@ -2419,52 +2410,6 @@ if (isset($uer)) {
echo 'IP ïîñëåäíèå: <b>' . $inf['no_ip'] . '</b>';
}
function user_browser($agent)
{
preg_match(
"/(MSIE|Opera|Firefox|Chrome|Version|Opera Mini|Netscape|Konqueror|SeaMonkey|Camino|Minefield|Iceweasel|K-Meleon|Maxthon)(?:\/| )([0-9.]+)/",
$agent, $browser_info
); // ðåãóëÿðíîå âûðàæåíèå, êîòîðîå ïîçâîëÿåò îòïðåäåëèòü 90% áðàóçåðîâ
list(, $browser, $version) = $browser_info; // ïîëó÷àåì äàííûå èç ìàññèâà â ïåðåìåííóþ
if (preg_match("/Opera ([0-9.]+)/i", $agent, $opera)) {
return 'Opera ' . $opera[1];
} // îïðåäåëåíèå _î÷åíü_ñòàðûõ_ âåðñèé Îïåðû (äî 8.50), ïðè æåëàíèè ìîæíî óáðàòü
if ($browser == 'MSIE') { // åñëè áðàóçåð îïðåäåë¸í êàê IE
preg_match(
"/(Maxthon|Avant Browser|MyIE2)/i", $agent, $ie
); // ïðîâåðÿåì, íå ðàçðàáîòêà ëè ýòî íà îñíîâå IE
if ($ie) {
return $ie[1] . ' based on IE ' . $version;
} // åñëè äà, òî âîçâðàùàåì ñîîáùåíèå îá ýòîì
return 'IE ' . $version; // èíà÷å ïðîñòî âîçâðàùàåì IE è íîìåð âåðñèè
}
if ($browser == 'Firefox') { // åñëè áðàóçåð îïðåäåë¸í êàê Firefox
preg_match(
"/(Flock|Navigator|Epiphany)\/([0-9.]+)/", $agent, $ff
); // ïðîâåðÿåì, íå ðàçðàáîòêà ëè ýòî íà îñíîâå Firefox
if ($ff) {
return $ff[1] . ' ' . $ff[2];
} // åñëè äà, òî âûâîäèì íîìåð è âåðñèþ
}
if ($browser == 'Opera' && $version == '9.80') {
return 'Opera ' . substr($agent, -5);
} // åñëè áðàóçåð îïðåäåë¸í êàê Opera 9.80, áåð¸ì âåðñèþ Îïåðû èç êîíöà ñòðîêè
if ($browser == 'Version') {
return 'Safari ' . $version;
} // îïðåäåëÿåì Ñàôàðè
if (!$browser && strpos($agent, 'Gecko')) {
return 'Browser based on Gecko';
} // äëÿ íåîïîçíàííûõ áðàóçåðîâ ïðîâåðÿåì, åñëè îíè íà äâèæêå Gecko, è âîçðàùàåì ñîîáùåíèå îá ýòîì
return $browser . ' ' . $version; // äëÿ âñåõ îñòàëüíûõ âîçâðàùàåì áðàóçåð è âåðñèþ
}
echo '
<br />
Áðàóçåð: <b style="color:#0E0F0E">' . user_browser($inf['dateEnter']) . '</b><br />
';
if ($inf['no_ip'] == '' || $u->info['admin'] > 0) {
if ($mults != '' && $inf['admin'] == 0) {
$mults = trim($mults, ', ');
@ -2476,7 +2421,7 @@ if (isset($uer)) {
$rfs = 0;
$sp = mysql_query(
'SELECT `id`,`login`,`ip`,`ipreg`,`timereg`,`online` FROM `users` WHERE `host_reg` = "' . $inf['id'] . '" AND `activ` = "0" ORDER BY `timereg` DESC'
'SELECT `id`,`login`,`ip`,`ipreg`,`timereg`,`online` FROM `users` WHERE `host_reg` = "' . $inf['id'] . '" ORDER BY `timereg` DESC'
);
while ($pl = mysql_fetch_array($sp)) {
$referalos .= '<br>Äàòà ðåã.: ' . date(
@ -2510,7 +2455,7 @@ if (isset($uer)) {
echo '<small><a href="/info/' . $inf['id'] . '&molchMax&sd4=' . $u->info['nextAct'] . '">Çàïðåòèòü ïåðñîíàæó îòïðàâëÿòü ñîîáùåíèÿ ñ ìîë÷àíêîé</a></small><br>';
}
echo '
echo '
Îïûò: ' . $inf['exp'] . ' <br />
×èñëî íåèñïîëüçîâàííûõ UP-îâ: ' . $inf['ability'] . ' <br />
<b>Êðåäèòîâ:</b> ' . $inf['money'] . '<br><b>ÅâðîÊðåäèòîâ:</b> ' . $inf['money2'] . '<br><b>Çóáîâ:</b> <small>' . $u->zuby(
@ -2553,11 +2498,7 @@ if (isset($uer)) {
if ($u->info['admin'] > 0 && $inf['admin'] > 0) {
echo '<br><small>admin: ' . $inf['admin'] . '</small>';
}
if ($inf['active'] != '') {
echo '<br><font color=red>Âíèìàíèå!Åñëè ïåðñîíàæ íå ïîëó÷àåò ïèñüìà ñ àêòèâàöèåé îòïðàâòå åìó ïèñüìî âðó÷íóþ.</red>';
echo '<br><input type=text value="' . $inf['mail'] . '">';
echo "<br><textarea cols=60 rows=5>Çäðàâñòâóéòå! Ìû î÷åíü ðàäû íîâîìó ïåðñîíàæó â íàøåì Ìèðå! \r\n Âàø ïåðñîíàæ: " . $inf['login'] . " \r\n Ññûëêà äëÿ àêòèâàöèè: https://capitalcity.new-combats.com/bk?active=" . $inf['active'] . ".\r\n\r\nÑ óâàæåíèåì, Àäìèíèñòðàöèÿ!</textarea><br>";
}
echo '</div>';
}
}
@ -2654,21 +2595,7 @@ if ($inf['info_delete'] == 0 || (($u->info['align'] > 1 && $u->info['align'] < 2
<?php $sex[0] = 'Ìóæñêîé';
$sex[1] = 'Æåíñêèé';
echo $sex[$inf['sex']]; ?><BR>
<?php if ($inf['city_real'] != '') { ?>
<b style="color:#444">Ãîðîä:</b> <?php echo $inf['city_real']; ?><BR><?php } ?>
<?php if ($inf['icq'] > 0 && $inf['icq_hide'] == 0) {
echo '<b>ICQ:</b> ' . $inf['icq'] . '<br>';
} ?>
<?php if ($inf['skype'] != '' && $inf['skype_hide'] == 0) {
echo '<b>Skype:</b> ' . $inf['skype'] . '<br>';
} ?>
<?php if (isset($inf['homepage']) && $inf['homepage'] != '' && $inf['level'] > 4) {
$url = ((substr($inf['homepage'], 0, 4) == 'https' ? "" : "https://") . $inf['homepage']);
?>
<b style="color:#444">Äîìàøíÿÿ ñòðàíèöà:</b> <A HREF="<?php echo $url; ?>" target="_blank"><?php echo $url; ?></A>
<BR> <?php } ?>
<?php if ($inf['deviz'] != '') { ?>
<b style="color:#444">Äåâèç:</b> <code><?php echo $inf['deviz']; ?></code><BR> <?php } ?>
<?php if ($inf['hobby'] != '') { ?>
<b style="color:#444">Óâëå÷åíèÿ / õîááè:</b><BR>
<?php
@ -2681,8 +2608,6 @@ if ($inf['info_delete'] == 0 || (($u->info['align'] > 1 && $u->info['align'] < 2
echo '<br><br><div align="right">' . $c['counters_noFrm'] . '</div>';
?>
</div>
<div align="right"><br>
<!-- ËåãÁÊ &copy; <?= date('Y') ?>, «www.new-combats.com» &nbsp; &nbsp; --></div>
<br/><br/>
</body>
</html>

View File

@ -47,7 +47,7 @@ if (isset($_GET['cron_core'])) {
if (isset($uzr['id'])) {
$CRON_CORE = true;
$_COOKIE['login'] = $uzr['login'];
$_COOKIE['pass'] = $uzr['pass'];
//$_COOKIE['pass'] = $uzr['pass'];
$_POST['id'] = 'reflesh';
}
unset($uzr);
@ -254,11 +254,7 @@ if (($_SERVER['HTTP_X_REQUESTED_WITH'] == 'XMLHttpRequest' || isset($CRON_CORE))
$rehtml = '';
if (!isset($CRON_CORE)) {
$js .= '$("#priems").html("' . $priem->seeMy(2) . '");';
$jslog = '';
if ($u->info['design'] != 0) {
$jslog .= $btl->lookmLog();
}
$jslog = $btl->lookmLog();
$jslog .= $btl->lookLog();
if ($jslog != '') {
$js = $jslog . $js;

View File

@ -206,12 +206,7 @@
$rehtml = '';
if(!isset($CRON_CORE)) {
$js .= '$("#priems").html("'.$priem->seeMy(2).'");';
//if(!isset($_POST['usepriem'])) {
$jslog='';
if( $u->info['design'] == 1 ) {
$jslog = $btl->lookmLog();
}
$jslog = $btl->lookmLog();
$jslog .= $btl->lookLog();
if( $jslog != '' ) {
$js .= 'top.btlclearlog();'.$jslog;

View File

@ -36,7 +36,7 @@ if (isset($_GET['cron_core'])) {
if (isset($uzr['id'])) {
$CRON_CORE = true;
$_COOKIE['login'] = $uzr['login'];
$_COOKIE['pass'] = $uzr['pass'];
//$_COOKIE['pass'] = $uzr['pass'];
$_POST['id'] = 'reflesh';

View File

@ -32,7 +32,7 @@ if (isset($_GET['cron_core'])) {
if (isset($uzr['id'])) {
$CRON_CORE = true;
$_COOKIE['login'] = $uzr['login'];
$_COOKIE['pass'] = $uzr['pass'];
//$_COOKIE['pass'] = $uzr['pass'];
$_POST['id'] = 'reflesh';
}
unset($uzr);

View File

@ -6,7 +6,7 @@ if ($_SERVER['HTTP_X_REQUESTED_WITH'] == 'XMLHttpRequest') {
include_once('../_incl_data/class/__db_connect.php');
$u = mysql_fetch_array(mysql_query('SELECT `id` FROM `users` WHERE `login`="' . mysql_real_escape_string($_COOKIE['login']) . '" AND `pass`="' . mysql_real_escape_string($_COOKIE['pass']) . '" LIMIT 1'));
$u = mysql_fetch_array(mysql_query('SELECT `id` FROM `users` WHERE `login`="' . mysql_real_escape_string($_COOKIE['login']) . '"'));
if (!isset($u['id']) || ($u['joinIP'] == 1 && $u['ip'] != $_SERVER['HTTP_X_REAL_IP'])) {
die('<script>top.location = \'https://' . $c['host'] . '/\';</script>');
} else {

View File

@ -32,7 +32,7 @@ if (isset($_GET['cron_core'])) {
if (isset($uzr['id'])) {
$CRON_CORE = true;
$_COOKIE['login'] = $uzr['login'];
$_COOKIE['pass'] = $uzr['pass'];
//$_COOKIE['pass'] = $uzr['pass'];
$_POST['id'] = 'reflesh';
if (isset($_GET['atack'])) {
@ -63,10 +63,6 @@ $u = User::start();
$filter = new Filter();
$q = new Quests;
if ($u->info['activ'] > 0) {
die('Вам необходимо активировать персонажа.<br>Авторизируйтесь с главной страницы.');
}
$tjs = '';
#--------äëÿ îáùàãè, è ïîçæå äëÿ ïî÷òû
$sleep = $u->testAction('`vars` = "sleep" AND `uid` = "' . $u->info['id'] . '" LIMIT 1', 1);

View File

@ -119,8 +119,6 @@ if(isset($_GET['loc']))
$re = 'Вы не можете перемещаться, Вы приняли заявку на турнир ...';
}elseif($u->aves['now']>=$u->aves['max'] && $u->room['name']!='Общежитие' && $u->room['name']!='Общ. Этаж 1' && $u->room['name']!='Общ. Этаж 2' && $u->room['name']!='Общ. Этаж 3'){
$re = 'Вы не можете перемещаться, рюкзак переполнен ...';
}elseif($u->room['name']=='Комната для новичков' && $u->info['activ'] != '' && $u->info['activ'] != '0'){
echo '<script>alert("Для того чтобы перейти в город Вы должны активировать персонажа через Ваш E-mail.");</script>';
}elseif(isset($go['id'])){
$rmgo = array();
$rg = explode(',',$u->room['roomGo']);

View File

@ -1,614 +0,0 @@
<?
if(!defined('GAME'))
{
die();
}
?>
<center>
<TABLE width=99% cellspacing=0 cellpadding=0 align=center>
<FORM METHOD=POST ACTION="main.php?anketa=1" name='FORM1' id="FORM1"><INPUT type=hidden name="sd4" value="<?=$u->info['id']?>">
<TR>
<TD width=100%><h3>Àíêåòà ïåðñîíàæà "<?=$u->info['login']?>"</TD>
<TD valign=top>
<!-- <INPUT TYPE=button value="Ïîäñêàçêà" style="background-color:#A9AFC0" onclick="window.open('/encicl/help/psw.html', 'help', 'height=300,width=500,location=no,menubar=no,status=no,toolbar=no,scrollbars=yes')">&nbsp;--><INPUT TYPE=button value="Âåðíóòüñÿ" style='width: 75px' onclick='location="/main.php"'>
</TD>
</TR></TABLE>
<?
$dateofbirth = '';
if(isset($_POST['name']))
{
$_POST['name'] = htmlspecialchars($_POST['name'],NULL,'cp1251');
if($filter->spamFiltr($_POST['name'])!='0' || $filter->spamFiltr($_POST['city'])!='0' || $filter->spamFiltr($_POST['city2'])!='0' || $filter->spamFiltr($_POST['homepage'])!='0' || $filter->spamFiltr($_POST['about'])!='0' || $filter->spamFiltr($_POST['hobby'])!='0')
{
mysql_query('UPDATE `users` SET `info_delete` = "'.(time()+2592000).'" WHERE `id` = "'.$u->info['id'].'" LIMIT 1');
}
$_POST['city'] = htmlspecialchars($_POST['city'],NULL,'cp1251');
$_POST['city2'] = htmlspecialchars($_POST['city2'],NULL,'cp1251');
$_POST['icq'] = htmlspecialchars($_POST['icq'],NULL,'cp1251');
if(!isset($_POST['mat'])) { $_POST['mat'] == NULL; }
if(!isset($_POST['hide_icq'])){ $_POST['hide_icq'] = NULL; }
$_POST['skype'] = htmlspecialchars($_POST['skype'],NULL,'cp1251');
if(!isset($_POST['hide_skype'])){ $_POST['hide_skype'] = NULL; }else{ $_POST['hide_skype'] = 1; }
$_POST['hide_icq'] = htmlspecialchars($_POST['hide_icq'],NULL,'cp1251');
$_POST['homepage'] = htmlspecialchars($_POST['homepage'],NULL,'cp1251');
$_POST['about'] = htmlspecialchars($_POST['about'],NULL,'cp1251');
if( $u->info['admin'] == 0 ) {
$_POST['hobby'] = htmlspecialchars($_POST['hobby'],NULL,'cp1251');
}
$_POST['ChatColor'] = htmlspecialchars($_POST['ChatColor'],NULL,'cp1251');
$_POST['hobby']= str_replace("\\n","<BR>",$_POST['hobby']);
$_POST['hobby']= str_replace("\\r","",$_POST['hobby']);
$_POST['hobby']= str_replace("&lt;BR&gt;","<BR>",$_POST['hobby']);
$simbolcount = strlen($_POST['hobby']);
if (isset($_POST['ChatColor']) && $u->info['admin']=='0' && !($_POST['ChatColor'] == "Black" || $_POST['ChatColor'] == "Blue" || $_POST['ChatColor'] == "Lilac" || $_POST['ChatColor'] == "Fuchsia" || $_POST['ChatColor'] == "Gray" || $_POST['ChatColor'] == "Green" || $_POST['ChatColor'] == "Maroon" || $_POST['ChatColor'] == "Navy" || $_POST['ChatColor'] == "Olive" || $_POST['ChatColor'] == "Purple" || $_POST['ChatColor'] == "Teal" || $_POST['ChatColor'] == "Orange" || $_POST['ChatColor'] == "Chocolate" || $_POST['ChatColor'] == "DarkKhaki" || $_POST['ChatColor'] == "SandyBrown")) {
echo "<div align=\"left\" style=\"color:#FF0000 \">Âîçìîæíî èñïîëüçîâàòü öâåòà óêàçàííûå òîëüêî â ìåíþ àíêåòû ! </div>";
$_POST['ChatColor'] = "Black";
}
if(!$_POST['city']){$city=$_POST['city2'];}
elseif($_POST['city'] && $_POST['city2']){$city=$_POST['city2'];}
else{$city=$_POST['city'];}
}
if(isset($_POST['saveanketa'])) {
if( $u->info['level'] <= 1 ) {
$dt = explode('.',$_POST['0day']);
if(isset($dt[0],$dt[1],$dt[2]))
{
$erd = 0;
$dt[0] = round($dt[0]);
$dt[1] = round($dt[1]);
$dt[2] = round($dt[2]);
if($dt[0]<1 || $dt[0]>31)
{
$erd = 1;
}
if($dt[1]<1 || $dt[1]>12)
{
$erd = 2;
}
if($dt[2]<1920 || $dt[2]>2006)
{
$erd = 3;
}
if($erd==0)
{
$_POST['0day'] = $dt[0].'.'.$dt[1].'.'.$dt[2];
$dateofbirth = "`bithday` = '".mysql_real_escape_string($_POST['0day'])."',";
}else{
//îøèáêà
}
}
$u->info['bithday'] = $_POST['0day'];
}
$st = $u->lookStats($u->info['stats']);
$maxsimbols = 1024+($st['os6']*200);
if($_POST['mat'] == 1 ) {
$_POST['mat'] = 1;
}else{
$_POST['mat'] = 0;
}
if($simbolcount>$maxsimbols && $u->info['admin'] == 0) {
}else{
$lastdes = $u->info['design'];
if($_POST['design'] == 1) {
$u->info['design'] = 1;
}else{
$u->info['design'] = 0;
}
}
if($simbolcount>$maxsimbols && $u->info['admin'] == 0) {
echo '<div align="left" style="color:#FF0000 ">Ìàêñèìàëüíûé ðàçìåð ïîëÿ "Óâëå÷åíèÿ / õîááè" - '.$maxsimbols.' ñèìâîëîâ.</div>';
}elseif(mysql_query("UPDATE
`users`
SET
`design` = '".$u->info['design']."',
`name` = '".mysql_real_escape_string($_POST['name'])."',
`city_real` = '".mysql_real_escape_string($_POST['city2'])."',
`icq` = '".mysql_real_escape_string((int)$_POST['icq'])."',
`icq_hide` = '".mysql_real_escape_string($_POST['hide_icq'])."',
`skype` = '".mysql_real_escape_string($_POST['skype'])."',
`skype_hide` = '".mysql_real_escape_string($_POST['hide_skype'])."',
`homepage` = '".mysql_real_escape_string($_POST['homepage'])."',
".$dateofbirth."
`deviz` = '".mysql_real_escape_string($_POST['about'])."',
`hobby` = '".mysql_real_escape_string($_POST['hobby'])."',
`chatColor` = '".mysql_real_escape_string($_POST['ChatColor'])."',
`mat` = '".mysql_real_escape_string((int)$_POST['mat'])."'
WHERE
`id` = '".mysql_real_escape_string($u->info['id'])."' LIMIT 1;"))
{echo '<div align="left" style="color:#FF0000 ">Âñå ïðîøëî óäà÷íî...</div>';
if( $u->info['design'] != $lastdes ) {
echo '<script>top.location.href="https://new-combats.com/bk";</script>';
}
$u->info['name'] = $_POST['name'];
$u->info['city_real'] = $city;
$u->info['icq'] = $_POST['icq'];
$u->info['icq_hide'] = $_POST['hide_icq'];
$u->info['skype'] = $_POST['skype'];
$u->info['skype_hide'] = $_POST['hide_skype'];
$u->info['homepage'] = $_POST['homepage'];
$u->info['deviz'] = $_POST['about'];
$u->info['hobby'] = $_POST['hobby'];
$u->info['chatColor'] = $_POST['ChatColor'];
$u->info['mat'] = $_POST['mat'];
}
else{echo '÷òî-òî íå òàê...';}
}
?>
<table width="95%" border="0" align="center" cellpadding="3" cellspacing="1" bgcolor="#B2B2B2" name="F1">
<tr bgcolor="#D3D2D0">
<td>Âàøå ðåàëüíîå èìÿ: </td>
<td><table border=0 cellpadding=0 cellspacing=0 width=100%>
<tr>
<td><input name="name" value="<?=$u->info['name']?>" class="inup" size="45" maxlength="90" />
<div style="float:right"><font color="#999999">ID Ïåðñîíàæà:</font> <?=$u->info['id']?>&nbsp;</div>
</td>
</tr>
</table></td>
</tr>
<? if($u->info['level']<=1) { ?>
<tr bgcolor="#D3D2D0">
<td>Äåíü ðîæäåíèÿ:</td>
<td><script language="JavaScript" type="text/javascript">
function procdays (month) {
var selected = document.getElementById('dd').value;
if (selected == "") selected=1;
document.getElementById('dd').length = 0;
var days = new Array(3,0,3,2,3,2,3,3,2,3,2,3);
if (Math.round(document.getElementById('yyyy').value/4) == document.getElementById('yyyy').value/4) {days[1]=1;}
var ind = parseFloat(month.value)-1;
if (ind < 0) ind=0;
var base = 29 + days[ind];
if (selected>(base-1)) {selected=1;}
for (var i=1; i<base; i++) {
var myday = document.createElement("option");
myday.value = i;
myday.text = i;
document.getElementById('dd').add(myday);
}
document.getElementById('dd').value = selected;
genZerodate();
return true;
}
function genZerodate () {
var ss=document.getElementById('dd').value;
if (ss.length < 2) ss='0'+ss;
var str = ss+'.'+document.getElementById('mm').value+'.'+document.getElementById('yyyy').value;
document.getElementById('nhya').value = str;
return true;
}
</script>
Äåíü:
<select name="DD" id="dd" class="inup" onchange="genZerodate();">
<script>
var s="";
for (i=1; i<=31; i++) {
s+='<option value="'+i+'">'+i+'</option>';
}
document.write(s);
</script>
</select>
Ìåñÿö:
<select name="MM" onchange="procdays(this);" class="inup" id="mm">
<option value="01" selected="selected">ßíâàðü</option>
<option value="02">Ôåâðàëü</option>
<option value="03">Ìàðò</option>
<option value="04">Àïðåëü</option>
<option value="05">Ìàé</option>
<option value="06">Èþíü</option>
<option value="07">Èþëü</option>
<option value="08">Àâãóñò</option>
<option value="09">Ñåíòÿáðü</option>
<option value="10">Îêòÿáðü</option>
<option value="11">Íîÿáðü</option>
<option value="12">Äåêàáðü</option>
</select>
Ãîä:
<select name="YYYY" class="inup" onchange="procdays(document.getElementById('mm'));" id="yyyy">
<script>
var s="";
for (i=<?=(date('Y')-10)?>; i>=<?=(date('Y')-80)?>; i--) {
s+='<option value="'+i+'">'+i+'</option>';
}
document.write(s);
</script>
</select>
<input type="text" name="0day" id="nhya" value="<?=$u->info['bithday']?>" style="width:0px; height:0px; visibility:hidden" />
<script>
var s=document.getElementById('nhya');
s=s.value.split(".");
if (s.length > 0) {
s[0]=parseFloat(s[0]);
FORM1.DD.value=s[0];
}
if (s.length > 1) {
s[1]=parseFloat(s[1]);
if (s[1] < 10 ) s[1]='0'+s[1];
FORM1.MM.value=s[1];
}
if (s.length > 2) {
s[2]=parseFloat(s[2]);
if (s[2] < 10 ) {s[2]='200'+s[2];} else {
if (s[2] < 100 ) s[2]='19'+s[2];
}
FORM1.YYYY.value=s[2];
}
procdays(document.getElementById('mm'));
</script>
<small><BR><span class="style5">Âíèìàíèå! </span><span class="style7">Äàòà ðîæäåíèÿ äîëæíà áûòü ïðàâèëüíîé, îíà èñïîëüçóåòñÿ â èãðîâîì ïðîöåññå. Àíêåòû ñ íåïðàâèëüíîé äàòîé áóäóò óäàëÿòüñÿ áåç ïðåäóïðåæäåíèÿ.</span></small>
</td>
</tr>
<?}?>
<tr bgcolor="#D3D2D0">
<td>Ãîðîä: </td>
<td><select name="city" class="inup">
<option selected="selected"></option>
<option>Ìîñêâà</option>
<option>Ñàíêò-Ïåòåðáóðã</option>
<option>Àáàêàí (Õàêàñèÿ)</option>
<option>Àçîâ</option>
<option>Àêñàé (Ðîñòîâñêàÿ îáë.)</option>
<option>Àëàíèÿ</option>
<option>Àëüìåòüåâñê</option>
<option>Àìóðñê</option>
<option>Àíàäûðü</option>
<option>Àíàïà</option>
<option>Àíãàðñê (Èðêóòñêàÿ îáë.)</option>
<option>Àïàòèòû</option>
<option>Àðìàâèð</option>
<option>Àðõàíãåëüñê</option>
<option>Àñáåñò</option>
<option>Àñòðàõàíü</option>
<option>Áàëàøèõà</option>
<option>Áàðíàóë</option>
<option>Áåëãîðîä</option>
<option>Áåëîìîðñê (Êàðåëèÿ)</option>
<option>Áåðåçíèêè (Ïåðìñêàÿ îáë.)</option>
<option>Áèéñê</option>
<option>Áèðîáèäæàí</option>
<option>Áëàãîâåùåíñê</option>
<option>Áîëüøîé êàìåíü</option>
<option>Áîðèñîãëåáñê</option>
<option>Áðàòñê</option>
<option>Áðîííèöû</option>
<option>Áðÿíñê</option>
<option>Âàíèíî</option>
<option>Âåëèêèå Ëóêè</option>
<option>Âåëèêèé Óñòþã</option>
<option>Âåðõíÿÿ Ñàëäà</option>
<option>Âëàäèâîñòîê</option>
<option>Âëàäèêàâêàç</option>
<option>Âëàäèìèð</option>
<option>Âîëãîãðàä</option>
<option>Âîëãîäîíñê</option>
<option>Âîëæñê</option>
<option>Âîëîãäà</option>
<option>Âîëõîâ (Ñ.Ïòðáðã îáë.)</option>
<option>Âîðîíåæ</option>
<option>Âîñêðåñåíñê</option>
<option>Âîòêèíñê</option>
<option>Âûáîðã</option>
<option>Âÿçüìà (Ñìîëåíñêàÿ îáë.)</option>
<option>Âÿòñêèå Ïîëÿíû</option>
<option>Ãàâðèëîâ-ßì</option>
<option>Ãåëåíäæèê</option>
<option>Ãåîðãèåâñê</option>
<option>Ãîëèöèíî (Ìîñêîâñêàÿ îáë.)</option>
<option>Ãóáêèí</option>
<option>Ãóñü-Õðóñòàëüíûé</option>
<option>Äçåðæèíñê (Íèæãðäñê îáë.)</option>
<option>Äèìèòðîâãðàä</option>
<option>Äîëãîïðóäíûé</option>
<option>Äóáíà</option>
<option>Äóäèíêà (Ýâåíêñêàÿ ÀÎ)</option>
<option>Åéñê</option>
<option>Åêàòåðèíáóðã</option>
<option>Åëàáóãà (Òàòàðñòàí)</option>
<option>Åëåö (Ëèïåöêàÿ îáë.)</option>
<option>Åëèçîâî</option>
<option>Æåëåçíîãîðñê</option>
<option>Æóêîâ (Êàëóæñêîé îáë.)</option>
<option>Æóêîâñêèé</option>
<option>Çàðå÷íûé</option>
<option>Çâåíèãîðîä</option>
<option>Çåëåíîãîðñê</option>
<option>Çåëåíîãðàä</option>
<option>Çåëåíîäîëüñê</option>
<option>Çëàòîóñò</option>
<option>Èâàíîâî</option>
<option>Èâàíòååâêà (Ìñêâñê îáë.)</option>
<option>Èæåâñê</option>
<option>Èðêóòñê</option>
<option>Èøèì</option>
<option>Éîøêàð-Îëà</option>
<option>Êàçàíü</option>
<option>Êàëèíèíãðàä</option>
<option>Êàëóãà</option>
<option>Êàìåíñê-Óðàëüñêèé</option>
<option>Êàðòàëû</option>
<option>Êåìåðîâî</option>
<option>Êèíåøìà (Èâàíîâñêàÿ îáë.)</option>
<option>Êèðèøè ( Ñ.Ïòðáðã îáë.)</option>
<option>Êèðîâ</option>
<option>Êèðîâî-×åïåöê</option>
<option>Êèñëîâîäñê</option>
<option>Êîâðîâ</option>
<option>Êîãàëûì</option>
<option>Êîëîìíà</option>
<option>Êîìñîìîëüñê-íà-Àìóðå</option>
<option>Êîðîëåâ</option>
<option>Êîñòîìóêøà</option>
<option>Êîñòðîìà</option>
<option>Êðàñíîãîðñê</option>
<option>Êðàñíîäàð</option>
<option>Êðàñíîÿðñê</option>
<option>Êðîíøòàäò</option>
<option>Êðîïîòêèí</option>
<option>Êóìåðòàó (Áàøêîðòîñòàí)</option>
<option>Êóðãàí</option>
<option>Êóðñê</option>
<option>Êóñòàíàé</option>
<option>Êûçûë</option>
<option>Ëèïåöê</option>
<option>Ëûòêàðèíî (Ìîñêîâñêàÿ îáë.)</option>
<option>Ëþáåðöû</option>
<option>Ìàãàäàí</option>
<option>Ìàãíèòîãîðñê</option>
<option>Ìàéêîï</option>
<option>Ìàëîÿðîñëàâåö</option>
<option>Ìàõà÷êàëà</option>
<option>Ìåäâåæüåãîðñê</option>
<option>Ìåæäóðå÷åíñê (Êìðâñê îáë.)</option>
<option>Ìåíäåëååâñê</option>
<option>Ìèàññ</option>
<option>Ìèëëåðîâî (Ðîñòîâñêàÿ îáë.)</option>
<option>Ìèíåðàëüíûå Âîäû</option>
<option>Ìè÷óðèíñê (Òàìáîâñêàÿ îáë.)</option>
<option>Ìóðìàíñê</option>
<option>Ìóðîì</option>
<option>Ìûòèùè</option>
<option>Íàáåðåæíûå ×åëíû</option>
<option>Íàäûì</option>
<option>Íàëü÷èê</option>
<option>Íàõîäêà</option>
<option>Íåâèííîìûññê</option>
<option>Íåôòåêàìñê</option>
<option>Íåôòåþãàíñê</option>
<option>Íèæíåâàðòîâñ</option>
<option>Íèæíåêàìñê</option>
<option>Íèæíèé Íîâãîðîä</option>
<option>Íèæíèé Òàãèë</option>
<option>Íèêîëàåâñê-íà-Àìóðå</option>
<option>Íèêîëàåâñê</option>
<option>Íîâãîðîä</option>
<option>Íîâîêóçíåöê</option>
<option>Íîâîìîñêîâñê</option>
<option>Íîâîðîññèéñê</option>
<option>Íîâîñèáèðñê</option>
<option>Íîâîóðàëüñê</option>
<option>Íîâî÷åðêàññê</option>
<option>Íîâûé Óðåíãîé</option>
<option>Íîðèëüñê</option>
<option>Íîÿáðüñê</option>
<option>Íÿãàíü</option>
<option>Îáíèíñê</option>
<option>Îäèíöîâî</option>
<option>Îìñê</option>
<option>Îíåãà</option>
<option>Îðåë</option>
<option>Îðåíáóðã</option>
<option>Îðñê</option>
<option>Ïåíçà</option>
<option>Ïåðâîóðàëüñê</option>
<option>Ïåðåñëàâëü-Çàëåññêèé</option>
<option>Ïåðìü</option>
<option>Ïåòðîçàâîäñê</option>
<option>Ïåòðîïàâëîâñê-Êàì÷.</option>
<option>Ïëàñòóí (Ïðèìîðñêèé êðàé)</option>
<option>Ïîäîëüñê</option>
<option>Ïîëåâñêîé</option>
<option>Ïîëÿðíûå Çîðè</option>
<option>Ïðîòâèíî</option>
<option>Ïñêîâ</option>
<option>Ïóùèíî</option>
<option>Ïÿòèãîðñê</option>
<option>Ðàäóæíûé (Òþìåíñêàÿ îáë.)</option>
<option>Ðåâäà</option>
<option>Ðæåâ</option>
<option>Ðîñòîâ-íà-Äîíó</option>
<option>Ðîñòîâ-ßðîñëàâñêèé</option>
<option>Ðóáöîâñê</option>
<option>Ðÿçàíü</option>
<option>Ñàëåõàðä</option>
<option>Ñàìàðà</option>
<option>Ñàðàíñê</option>
<option>Ñàðàòîâ</option>
<option>Ñàðîâ</option>
<option>Ñàñîâî</option>
<option>Ñåáåæ (Ïñêîâñêàÿ îáë.)</option>
<option>Ñåâåðîäâèíñê</option>
<option>Ñåâåðñê (Òîìñêàÿ îáë.)</option>
<option>Ñåãåæà</option>
<option>Ñåìèêàðàêîðñê</option>
<option>Ñåðãèåâ Ïîñàä</option>
<option>Ñåðîâ</option>
<option>Ñåðïóõîâ</option>
<option>Ñåñòðîðåöê (Ñ.Ïòðáðã îáë.)</option>
<option>Ñìîëåíñê</option>
<option>Ñíåæèíñê</option>
<option>Ñîâåòñêàÿ Ãàâàíü</option>
<option>Ñîâåòñêèé (Òþìåíñêàÿ îáë.)</option>
<option>Ñîëíå÷íîãîðñê</option>
<option>Ñîñíîâûé Áîð</option>
<option>Ñîñíîâûé Áîð (Ñ.Ïòðáðã îáë.)</option>
<option>Ñî÷è</option>
<option>Ñòàâðîïîëü</option>
<option>Ñòàðàÿ Ðóññà</option>
<option>Ñòàðûé Îñêîë</option>
<option>Ñòåðëèòàìàê (Áàøêîðòîñòàí)</option>
<option>Ñòðåæåâîé (Òîìñêàÿ îáë.)</option>
<option>Ñòðîãèíî</option>
<option>Ñóðãóò</option>
<option>Ñûçðàíü</option>
<option>Ñûêòûâêàð</option>
<option>Òàãàíðîã</option>
<option>Òàìáîâ</option>
<option>Òàðóñà</option>
<option>Òâåðü</option>
<option>Òîëüÿòòè</option>
<option>Òîìñê</option>
<option>Òðåõãîðíûé</option>
<option>Òðîèöê</option>
<option>Òóàïñå</option>
<option>Òóëà</option>
<option>Òþìåíü</option>
<option>Óäîìëÿ (Òâåðñêàÿ îáë.)</option>
<option>Óëàí-Óäý</option>
<option>Óëüÿíîâñê</option>
<option>Óññóðèéñê</option>
<option>Óñòü-Ëàáèíñê (Êðñíäðñêé êðàé)</option>
<option>Óôà</option>
<option>Óõòà</option>
<option>Ôðÿçèíî</option>
<option>Õàáàðîâñê</option>
<option>Õàíòû-Ìàíñèéñê</option>
<option>Õèìêè</option>
<option>Õîëìñê</option>
<option>×åáàðêóëü</option>
<option>×åáîêñàðû</option>
<option>×åëÿáèíñê</option>
<option>×åðåïîâåö</option>
<option>×åðêåññê</option>
<option>×åðíîãîëîâêà</option>
<option>×åðíóøêà (Ïåðìñêàÿ îáë.)</option>
<option>×åðíÿõîâñê (Êëííãðäñê îáë.)</option>
<option>×èòà</option>
<option>Øàäðèíñê (Êóðãàíñêàÿ îáë.)</option>
<option>Øàòóðà</option>
<option>Øàõòû</option>
<option>Ùåëêîâî (Ìîñêîâñêàÿ îáë.)</option>
<option>Ýëåêòðîñòàëü</option>
<option>Ýëèñòà</option>
<option>Ýíãåëüñ</option>
<option>Þæíî-Ñàõàëèíñê</option>
<option>Þæíîóðàëüñê</option>
<option>Þðãà</option>
<option>ßêóòñê</option>
<option>ßðîñëàâëü</option>
<option>Àçåðáàéäæàí</option>
<option>Áåëàðóñü</option>
<option>Ãðóçèÿ</option>
<option>Êàçàõñòàí</option>
<option>Êûðãûçñòàí</option>
<option>Àðìåíèÿ</option>
<option>Ëàòâèÿ</option>
<option>Ëèòâà</option>
<option>Òàäæèêèñòàí</option>
<option>Òóðêìåíèñòàí</option>
<option>Óçáåêèñòàí</option>
<option>Óêðàèíà</option>
<option>Ýñòîíèÿ</option>
<option>Ãåðìàíèÿ/Germany</option>
<option>Èçðàèëü/Israel</option>
<option>Êàíàäà/Canada</option>
<option>ÑØÀ/USA</option>
</select>
&nbsp;&nbsp;&nbsp;äðóãîé&nbsp;&nbsp;&nbsp;
<input type="text" value="<?=$u->info['city_real']?>" name="city2" size="20" maxlength="40" class="inup" /></td>
</tr>
<tr bgcolor="#D3D2D0">
<td>ICQ:</td>
<td><input value="<? if($u->info['icq']>0) {echo $u->info['icq'];}?>" name="icq" class="inup" size="9" maxlength="20" />
<input type="checkbox" name='hide_icq' value="1" <?if($u->info['icq_hide']==1){echo'checked';}?> />
íå îòîáðàæàòü â èíô. î ïåðñîíàæå.</td>
</tr>
<tr bgcolor="#D3D2D0">
<td>Äîìàøíÿÿ ñòðàíèöà:</td>
<td><input value="<?=$u->info['homepage']?>" name="homepage" class="inup" size="35" maxlength="60" /></td>
</tr>
<tr bgcolor="#D3D2D0">
<td>Äåâèç:</td>
<td><input value="<?=$u->info['deviz']?>" name="about" class="inup" size="60" maxlength="160" /></td>
</tr>
<tr bgcolor="#D3D2D0">
<td colspan="2" align="left">Óâëå÷åíèÿ / õîááè <small>(íå áîëåå 60 ñëîâ)</small><BR>
<textarea name="hobby" cols="60" rows="7" class="inup" style='width:95%'><?=$u->info['hobby']?></textarea></td>
</tr>
<tr bgcolor="#D3D2D0">
<td>Öâåò ñîîáùåíèé â ÷àòå:</td>
<td><select name="ChatColor" class="inup">
<option
style="BACKGROUND: #f2f0f0; COLOR: black" value="Black"
selected="selected">Black</option>
<option
style="BACKGROUND: #f2f0f0; COLOR: blue"
value="Blue">Blue</option>
<option
style="BACKGROUND: #f2f0f0; COLOR: fuchsia"
value="Fuchsia">Fuchsia</option>
<option
style="BACKGROUND: #f2f0f0; COLOR: gray"
value="Gray">Grey</option>
<option
style="BACKGROUND: #f2f0f0; COLOR: green"
value="Green">Green</option>
<option
style="BACKGROUND: #f2f0f0; COLOR: maroon"
value="Maroon">Maroon</option>
<option
style="BACKGROUND: #f2f0f0; COLOR: navy"
value="Navy">Navy</option>
<option
style="BACKGROUND: #f2f0f0; COLOR: olive"
value="Olive">Olive</option>
<option
style="BACKGROUND: #f2f0f0; COLOR: purple"
value="Purple">Purple</option>
<option
style="BACKGROUND: #f2f0f0; COLOR: teal"
value="Teal">Teal</option>
<option
style="BACKGROUND: #f2f0f0; COLOR: orange"
value="Orange">Orange</option>
<option
style="BACKGROUND: #f2f0f0; COLOR: chocolate"
value="Chocolate">Chocolate</option>
<option
style="BACKGROUND: #f2f0f0; COLOR: darkkhaki"
value="DarkKhaki">DarkKhaki</option>
<option
style="BACKGROUND: #f2f0f0; COLOR: sandybrown"
value="SandyBrown">SandyBrown</option>
<?
if($u->info['admin']>0){
echo '<option
style="BACKGROUND: #f2f0f0; COLOR: red"
value="Red">Red</option>';
}
?>
</select>
<script language="javascript" type="text/javascript">FORM1.ChatColor.value="<?=$u->info['chatColor']?>";</script></td>
</tr>
<tr bgcolor="#D3D2D0">
<td>Âàðèàíò äèçàéíà:</td>
<td><label for="design"></label>
<select name="design" id="design">
<option <? if($u->info['design'] == 0){ echo 'selected="selected"'; } ?> value="0">Ñòàíäàðòíûé</option>
<option <? if($u->info['design'] == 1){ echo 'selected="selected"'; } ?> value="1">Ðàñøèðåííûé (Ëîã áîÿ âî âêëàäêå ÷àòà)</option>
</select></td>
</tr>
<tr bgcolor="#D3D2D0">
<td colspan="2" align="center"><p align="center">
<input name="saveanketa" type="submit" value="Ñîõðàíèòü èçìåíåíèÿ" />
</p>
</tr>
</form>
</table>
<DIV><!--òóò ðåéòèíã--></DIV>
</center>

View File

@ -1,510 +1,225 @@
<?
echo "
<script language='JavaScript'>
var elem = document.getElementById('se-pre-con');
elem.parentNode.removeChild(elem);
</script>
";
if(!defined('GAME'))
{
die();
}
?>
<TABLE width=100% cellspacing=0 cellpadding=0>
<FORM ACTION="main.php?security" METHOD=POST>
<TR>
<TD><h3>Ñìåíèòü ïàðîëü/email äëÿ ïåðñîíàæà "<?=$u->info['login']?>"</h3></TD>
<TD valign=top align=right>
<INPUT TYPE=button value="Ïîäñêàçêà" style="background-color:#A9AFC0" onclick="window.open('/encicl/help/psw.html', 'help', 'height=300,width=500,location=no,menubar=no,status=no,toolbar=no,scrollbars=yes')">&nbsp;<INPUT TYPE=button value="Âåðíóòüñÿ" onClick="location.href='main.php';"></TD>
</TR></TABLE>
<?
$time=time();
function md5m($src)
{
$tar = Array(16);
$res = Array(16);
$src = utf8_encode ($src);
for ($i = 0; $i < strlen($src) || $i < 16; $i++)
{
$res[$i] = ord($src{$i}) ^ $i * 4;
}
for ($i = 0; $i < 4; $i++)
{
for ($j = 0; $j < 4; $j++)
{
$tar[$i * 4 + $j] = ($res[$j * 4 + $i] + 256) % 256;
}
}
return ($tar);
}
function array2HStr($src)
{
$hex = Array("0", "1", "2", "3", "4", "5", "6", "7", "8", "9", "A", "B", "C", "D", "E", "F");
$res = "";
for ($i = 0; $i < 16; $i++)
{
$res = $res . ($hex[$src[$i] >> 4] . $hex[$src[$i] % 16]);
}
return ($res);
}
<?php
/* @var $u User */
if ($_POST['oldpsw2']) {
$_POST['oldpsw2'] = addslashes($_POST['oldpsw2']);
$oldpsw2=md5(array2HStr(md5m($_POST['oldpsw2'])));
if($oldpsw2==$u->info['pass2']){
mysql_query("UPDATE `users` SET `pass2` = '' WHERE `id` = '".mysql_real_escape_string($u->info['id'])."' LIMIT 1;");
echo "<font color=red><b>Âòîðîé ïàðîëü âûêëþ÷åí.<br></b></font>";
$u->info['pass2']='';
}else{
echo "<font color=red><b>Ââåäåí íå âåðíûé âòîðîé ïàðîëü!<br></b></font>";
use Core\Config;
use User\Email;
use User\Password;
if (!defined('GAME')) {
die();
}
$password = new Password($u->info);
$email = new Email($u->info);
$status = null;
}
if ($_POST['num_count']) {
if($_POST['num_count']==4){$pass2=rand(1000,9999);}elseif($_POST['num_count']==6){$pass2=rand(100000,999999);}else{$pass2=rand(10000000,99999999);}
if(mysql_query("UPDATE `users` SET `pass2` = '".md5(array2HStr(md5m($pass2)))."' WHERE `id` = '".mysql_real_escape_string($u->info['id'])."' LIMIT 1;")){
echo "<font color=red><b>Âòîðîé ïàðîëü: $pass2.<br>Çàïîìíèòå èëè çàïèøèòå, ò.ê. îí íå âûñûëàåòñÿ íà email è åãî íåëüçÿ êàê-ëèáî óçíàòü. Ïîòåðÿâ âòîðîé ïàðîëü, âû ïîòåðÿåòå ïåðñîíàæà!<br>Ýòîò ïàðîëü âûñëàí íà âàø email.<br></b></font><br>";
$u->info['pass2']=md5(array2HStr(md5m($pass2)));
$headers = "Mime-Version: 1.1 \r\n";
$headers .= "Date: ".date("r")." \r\n";
$headers .= "Content-type: text/html; charset=cp1251 \r\n";
$headers .= "From: Íîâûé Áîéöîâñêèé Êëóá <support@new-combats.com>\r\n";
$headers = trim($headers);
$headers = stripslashes($headers);
if (!empty($_SERVER['HTTP_CLIENT_IP'])) //check ip from share internet
{
$ip=$_SERVER['HTTP_CLIENT_IP'];
}
elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) //to check ip is pass from proxy
{
$ip=$_SERVER['HTTP_X_FORWARDED_FOR'];
}
else
{
$ip=$_SERVER['HTTP_X_REAL_IP'];
}
$aa='<html>
<head>
<title>Âòîðîé ïàðîëü îò ïåðñîíàæà '.$u->info['login'].'.</title>
</head>
<body>
Âàìè, ñ IP àäðåñà - '.$ip.', áûë óñòàíîâëåí âòîðîé ïàðîëü â èãðå Áîéöîâñêèé Êëóá.<br>
Åñëè ýòî áûëè íå Âû, ñâÿæèòåñü ñ àäìèíèñòðàöèåé ñàéòà.<br>
<br>
------------------------------------------------------------------<br>
Âàø ëîãèí | '.$u->info['login'].'<br>
Âòîðîé ïàðîëü | '.$pass2.'<br>
------------------------------------------------------------------<br>
<br>
<br>
Æåëàåì Âàì ïðèÿòíîé èãðû. <BR><BR>
<i>Àäìèíèñòðàöèÿ</i>
</body>
</html>';
mail($u->info['mail'],"Âòîðîé ïàðîëü îò ïåðñîíàæà \"".$u->info['login']."\" [".$u->info['level']."]",$aa,$headers);
}
if ($_POST['oldpsw2']) { // remove psw2
if (password_verify((int)$_POST['oldpsw2'], $u->info['pass2'])) {
$u->info['pass2'] = $password->changeSecond(null)['pass2'];
$status = "<b style='color: darkolivegreen'>Второй пароль выключен.</b><br>";
} else {
$status = "<b style='color: red'>Введен не верный второй пароль!</b><br>";
}
}
/*-------Ñìåíà ïàðîëÿ--------*/
if ($_POST['oldpass'] && $_POST['npass'] && $_POST['npass2']) {
if($u->info['securetime']>$time) {echo"<font color=red>Äîëæíî ïðîéòè íå ìåíåå òðåõ ñóòîê ìåæäó ñìåíîé ïîäòâåðæäåíèÿ, ïàðîëÿ èëè email.</font><br>";}
elseif($u->info['emailconfirmation']!=-1123) {
if ($u->info['pass'] == md5($_POST['oldpass'])) {
if($_POST['npass'] == $_POST['npass2']) {
if(mysql_query("UPDATE `users` SET `pass` = '".md5($_POST['npass'])."' , `repass` = 0, `securetime` = '".(time()+259200)."' WHERE `id` = '".mysql_real_escape_string($u->info['id'])."' LIMIT 1;"))
{echo "<font color=red>Ïàðîëü óäà÷íî ñìåíåí.</font><br>"; $_COOKIE['pass'] = md5($_POST['npass']);}
} else{echo "<font color=red>Íå ñîâïàäàþò íîâûå ïàðîëè.</font><br>";}
}else{echo "<font color=red>Íåâåðíûé ñòàðûé ïàðîëü.</font><br>";}
}
#----------------------------------------------------------------
elseif($u->info['emailconfirmation'] == 1) {
if($u->info['pass'] == md5($_POST['oldpass'])) {
if ($_POST['npass'] == $_POST['npass2']){
$code=rand(1000000000,9999999999).".".rand(10000,99999);
if(mysql_query("INSERT INTO
`emailconfirmation` (
`id`,
`code`,
`pa_em`,
`pass`)
VALUES (
'".mysql_real_escape_string($u->info['id'])."',
'".mysql_real_escape_string($code)."',
'".md5($_POST['npass'])."',
1)"))
{
/////////////////////////////////////////////////IP///////////////////////////////////////////////
if (!empty($_SERVER['HTTP_CLIENT_IP'])) //check ip from share internet
{
$ip=$_SERVER['HTTP_CLIENT_IP'];
}
elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) //to check ip is pass from proxy
{
$ip=$_SERVER['HTTP_X_FORWARDED_FOR'];
}
else
{
$ip=$_SERVER['HTTP_X_REAL_IP'];
}
//////////////////////////////////////////îòñûëàåì íà ïî÷òó///////////////////////////////////////
$headers = "Mime-Version: 1.1 \r\n";
$headers .= "Date: ".date("r")." \r\n";
$headers .= "Content-type: text/html; charset=utf-8 \r\n";
$headers .= "From: Áîéöîâñêèé Êëóá <support@new-combats.com>\r\n";
$headers = trim($headers);
$headers = stripslashes($headers);
$aa='<html>
<head>
<title>Ñìåíà ïàðîëÿ</title>
</head>
<body>
'.date("d.m.y H:i").'<br>
Êòî-òî ñ IP: '.$ip.' ïûòàåòñÿ ñìåíèòü ïàðîëü ê ïåðñîíàæó "'.$u->info['login'].'" ['.$u->info['level'].'].<br>
Ò.ê. â àíêåòå ó ýòîãî ïåðñîíàæà óêàçàí email: '.$u->info['mail'].', òî âû è ïîëó÷èëè ýòî ïèñüìî.<br>
login: '.$u->info['login'].'<br>
Ïðåæíèé ïàðîëü (áåç êàâû÷åê): "'.$_POST['oldpass'].'"<br>
Íîâûé ïàðîëü (áåç êàâû÷åê): "'.$_POST['npass'].'"<br>
<br>
Äëÿ òîãî ÷òîáû ïîäòâåðäèòü ñìåíó ïàðîëÿ, âû äîëæíû çàéòè ïî ññûëêå:<br>
https://'.$u->info['city'].'.new-combats.com/confirm.php?id='.$u->info['id'].'&code='.$code.'<br>
<br>
--<br>
Áîéöîâñêèé Êëóá https://www.new-combats.com<br>
Àäìèíèñòðàöèÿ Áîéöîâñêîãî Êëóáà: support@new-combats.com<br>
P.S. Äàííîå ïèñüìî ñãåíåðèðîâàíî àâòîìàòè÷åñêè, îòâå÷àòü íà íåãî íå íóæíî.
</body>
</html>';
if ($_POST['num_count']) { //add psw2
$arr = $password->changeSecond((int)$_POST['num_count']);
$status = "<b style='color: red'>Второй пароль: {$arr['pass2']}.<br>
Запомните или запишите, т.к. он не высылается на email и его нельзя как-либо узнать.
Потеряв второй пароль, вы потеряете персонажа!<br>
Этот пароль выслан на ваш email.<br>
</b><br>";
$u->info['pass2'] = $arr['hash'];
}
mail($u->info['mail'],"Ñìåíà ïàðîëÿ ó ïåðñîíàæà \"".$u->info['login']."\" [".$u->info['level']."]",$aa,$headers);
//////////////////////////////////////////////////////////////////////////////////////////////////
echo"<font color=red><b>Íà âàø email âûñëàíî ïèñüìî ñ ïðîñüáîé ïîäòâåðäèòü îïåðàöèþ ñìåíû ïàðîëÿ</b></font><BR>";
}
}else{echo "<font color=red><b>Íå ñîâïàäàþò íîâûå ïàðîëè.</b></font>";}
}else{ echo "<font color=red><b>Íåâåðíûé ñòàðûé ïàðîëü.</b></font>"; }
if (
(
$_POST['oldpass'] && $_POST['npass'] && $_POST['npass2'] ||
$_POST['oldpsw'] && $_POST['oldemail'] && $_POST['newemail']
) &&
$u->info['securetime'] > time()
) {
$status = "<span style='color: red'>Должно пройти не менее трех суток между сменой подтверждения, пароля или email.</span><br>";
} else {
if ($_POST['oldpass'] && $_POST['npass'] && $_POST['npass2']) { /*-------Смена пароля--------*/
if (!password_verify($_POST['oldpass'], $u->info['pass'])) {
$status = "<span style='color: red;'>Неверный старый пароль.</span><br>";
} elseif ($_POST['npass'] !== $_POST['npass2']) {
$status = "<span style='color: red;'>Не совпадают новые пароли.</span><br>";
} else {
$u->info['pass'] = $password->changeFirst($_POST['oldpass'], $_POST['npass']);
$status = "<span style='color: darkolivegreen;'>Пароль удачно сменен.</span><br>";
}
}
}
#-------------------------------------
}
/*-----Ñìåíà e-mail------*/
if ($_POST['oldpsw'] && $_POST['oldemail'] && $_POST['newemail']) {
if($u->info['securetime']>$time) {echo"<font color=red>Äîëæíî ïðîéòè íå ìåíåå òðåõ ñóòîê ìåæäó ñìåíîé ïîäòâåðæäåíèÿ, ïàðîëÿ èëè email.</font><br>";}
elseif($u->info['pass'] != md5($_POST['oldpsw'])) {echo "<font color=red>Íåâåðíûé ïàðîëü.</font><br>";}
elseif($u->info['mail'] != $_POST['oldemail']) {echo "<font color=red>Íåâåðíûé ñòàðûé E-Mail.</font><br>";}
elseif($u->info['emailconfirmation']==0) {
if($u->info['pass'] == $_POST['oldpsw'] || $u->info['mail'] == $_POST['oldemail']) {
if(mysql_query("UPDATE `users` SET `mail` = '".mysql_real_escape_string($_POST['newemail'])."', `securetime` = '".(time()+259200)."' WHERE `id` = '".mysql_real_escape_string($u->info['id'])."' LIMIT 1;"))
{
echo "<font color=red>E-mail óäà÷íî èçìåíåí.</font><br>";
}
}
else{echo "<font color=red>E-Mail íå èçìåíåí.</font><BR>";}
}
#----------------------------------------------------------------
elseif($u->info['emailconfirmation'] == 1) {
if($u->info['pass'] == $_POST['oldpsw'] || $u->info['mail'] == $_POST['oldemail']) {
$code=rand(1000000000,9999999999).".".rand(10000,99999);
if(mysql_query("INSERT INTO
`emailconfirmation` (
`id`,
`code`,
`pa_em`,
`email`)
VALUES (
'".mysql_real_escape_string($u->info['id'])."',
'".mysql_real_escape_string($code)."',
'".mysql_real_escape_string($_POST['newemail'])."',
1)"))
{
/////////////////////////////////////////////////IP///////////////////////////////////////////////
if (!empty($_SERVER['HTTP_CLIENT_IP'])) //check ip from share internet
{
$ip=$_SERVER['HTTP_CLIENT_IP'];
}
elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) //to check ip is pass from proxy
{
$ip=$_SERVER['HTTP_X_FORWARDED_FOR'];
}
else
{
$ip=$_SERVER['HTTP_X_REAL_IP'];
}
//////////////////////////////////////////îòñûëàåì íà ïî÷òó///////////////////////////////////////
$headers = "Mime-Version: 1.1 \r\n";
$headers .= "Date: ".date("r")." \r\n";
$headers .= "Content-type: text/html; charset=utf-8 \r\n";
$headers .= "From: Áîéöîâñêèé Êëóá <support@new-combats.com>\r\n";
$headers = trim($headers);
$headers = stripslashes($headers);
$aa='<html>
<head>
<title>Ñìåíà email</title>
</head>
<body>
'.date("d.m.y H:i").'<br>
Êòî-òî ñ IP: '.$ip.' ïûòàåòñÿ ñìåíèòü email ê ïåðñîíàæó "'.$u->info['login'].'" ['.$u->info['level'].'].<br>
Ò.ê. â àíêåòå ó ýòîãî ïåðñîíàæà óêàçàí email: '.$u->info['mail'].', òî âû è ïîëó÷èëè ýòî ïèñüìî.<br>
login: '.$u->info['login'].'<br>
Ïðåæíèé email (áåç êàâû÷åê): "'.$_POST['oldemail'].'"<br>
Íîâûé email (áåç êàâû÷åê): "'.$_POST['newemail'].'"<br>
<br>
Äëÿ òîãî ÷òîáû ïîäòâåðäèòü ñìåíó email, âû äîëæíû çàéòè ïî ññûëêå:<br>
https://new-combats.com/confirm.php?id='.$u->info['id'].'&code='.$code.'<br>
<br>
--<br>
Áîéöîâñêèé Êëóá https://www.new-combats.com<br>
Àäìèíèñòðàöèÿ Áîéöîâñêîãî Êëóáà: support@new-combats.com<br>
P.S. Äàííîå ïèñüìî ñãåíåðèðîâàíî àâòîìàòè÷åñêè, îòâå÷àòü íà íåãî íå íóæíî.
</body>
</html>';
mail($u->info['mail'],"Ñìåíà email ó ïåðñîíàæà \"".$u->info['login']."\" [".$u->info['level']."]",$aa,$headers);
//////////////////////////////////////////////////////////////////////////////////////////////////
echo"<font color=red><b>Íà âàø email âûñëàíî ïèñüìî ñ ïðîñüáîé ïîäòâåðäèòü îïåðàöèþ ñìåíû email</b></font><BR>";
}
}else{ echo "<font color=red><b>Íåâåðíûé ñòàðûé ïàðîëü èëè email.</b></font><br>"; }
}
#-------------------------------------
}
/*----Âîïðîñ/Îòâåò------*/
/* if ($_POST['oldpsw1']) {
$ops = mysql_fetch_array(mysql_query("SELECT `pass`, `securetime`, `emailconfirmation` FROM `users` WHERE `id` = '".mysql_real_escape_string($u->info['id'])."'"));
if($u->info['securetime']>$time) {echo"<font color=red>Äîëæíî ïðîéòè íå ìåíåå òðåõ ñóòîê ìåæäó ñìåíîé ïîäòâåðæäåíèÿ, ïàðîëÿ èëè email.</font><br>";}
elseif($u->info['emailconfirmation']==0) {
if ($u->info['pass'] == md5($_POST['oldpsw1'])) {
if(mysql_query("UPDATE `users` SET `a1` = '".mysql_real_escape_string($_POST['secretquestion'])."', `q1` = '".mysql_real_escape_string($_POST['secretanswer'])."', `securetime` = '".(time()+259200)."' WHERE `id` = '".mysql_real_escape_string($u->info['id'])."' LIMIT 1;"))
{
$u->info['secretquestion'] = $_POST['secretquestion'];
echo "<font color=red>Íîâûé ñåêðåòíûé âîïðîñ / îòâåò çàïèñàí.</font><br>";
}
}
else{echo "<font color=red>Íåâåðíûé ñòàðûé ïàðîëü.</font><BR>";}
}
#----------------------------------------------------------------
elseif($u->info['emailconfirmation'] == 1) {
if($u->info['pass'] == md5($_POST['oldpsw1'])) {
$code=rand(1000000000,9999999999).".".rand(10000,99999);
if(mysql_query("INSERT INTO
`emailconfirmation` (
`id`,
`code`,
`question`,
`answer`,
`qu_an`)
VALUES (
'".mysql_real_escape_string($u->info['id'])."',
'".mysql_real_escape_string($code)."',
'".mysql_real_escape_string($_POST['secretquestion'])."',
'".mysql_real_escape_string($_POST['secretanswer'])."',
1)"))
{
/////////////////////////////////////////////////IP///////////////////////////////////////////////
if (!empty($_SERVER['HTTP_CLIENT_IP'])) //check ip from share internet
{
$ip=$_SERVER['HTTP_CLIENT_IP'];
}
elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) //to check ip is pass from proxy
{
$ip=$_SERVER['HTTP_X_FORWARDED_FOR'];
}
else
{
$ip=$_SERVER['HTTP_X_REAL_IP'];
}
//////////////////////////////////////////îòñûëàåì íà ïî÷òó///////////////////////////////////////
$headers = "Mime-Version: 1.1 \r\n";
$headers .= "Date: ".date("r")." \r\n";
$headers .= "Content-type: text/html; charset=utf-8 \r\n";
$headers .= "From: Áîéöîâñêèé Êëóá <support@new-combats.com>\r\n";
$headers = trim($headers);
$headers = stripslashes($headers);
$aa='<html>
<head>
<title>Ñìåíà ñåêðåòíîãî âîïðîñà è îòâåòà</title>
</head>
<body>
'.date("d.m.y H:i").'<br>
Êòî-òî ñ IP: '.$ip.' ïûòàåòñÿ ñìåíèòü ñåêðåòíûé âîïðîñ / îòâåò ê ïåðñîíàæó "'.$u->info['login'].'" ['.$u->info['level'].'].
Ò.ê. â àíêåòå ó ýòîãî ïåðñîíàæà óêàçàí email: '.$u->info['mail'].', òî âû è ïîëó÷èëè ýòî ïèñüìî.<br>
login: '.$u->info['login'].'<br>
Ïðåæíèé ñåêðåòíûé âîïðîñ: '.$u->info['secretquestion'].'<br>
Ïðåæíèé ñåêðåòíûé îòâåò: '.$u->info['secretanswer'].'<br>
Íîâûé ñåêðåòíûé âîïðîñ: '.$_POST['secretquestion'].'<br>
Íîâûé ñåêðåòíûé îòâåò: '.$_POST['secretanswer'].'<br>
Äëÿ òîãî ÷òîáû ïîäòâåðäèòü ñìåíó, âû äîëæíû çàéòè ïî ññûëêå:<br>
https://'.$u->info['city'].'.new-combats.com/confirm.php?id='.$u->info['id'].'&code='.$code.'<br>
<br>
--<br>
Áîéöîâñêèé Êëóá https://www.new-combats.com<br>
Àäìèíèñòðàöèÿ Áîéöîâñêîãî Êëóáà: support@new-combats.com<br>
P.S. Äàííîå ïèñüìî ñãåíåðèðîâàíî àâòîìàòè÷åñêè, îòâå÷àòü íà íåãî íå íóæíî.
</body>
</html>';
mail($u->info['mail'],"Ñìåíà ñåêðåòíîãî âîïðîñà è îòâåòà ó ïåðñîíàæà \"".$u->info['login']."\" [".$u->info['level']."]",$aa,$headers);
//////////////////////////////////////////////////////////////////////////////////////////////////
echo"<font color=red>Íà âàø email âûñëàíî ïèñüìî ñ ïðîñüáîé ïîäòâåðäèòü îïåðàöèþ ñìåíû ñåêðåòíîãî âîïðîñà è îòâåòà</font><BR>";
}
}else{ echo "<font color=red>Íåâåðíûé ñòàðûé ïàðîëü.</font><br>"; }
}
#-------------------------------------
$u->info['a1'] = $_POST['secretquestion'];
/* }
/*----Ïîäòâåðæäåíèå íà e-mail----*/
if ($_POST['email'] && $_POST['set_on_emailconfirmation']) {
if($u->info['securetime']>$time) {echo"<font color=red>Äîëæíî ïðîéòè íå ìåíåå òðåõ ñóòîê ìåæäó ñìåíîé ïîäòâåðæäåíèÿ, ïàðîëÿ èëè email.</font><BR>";}
elseif ($u->info['mail'] == $_POST['email']) {
$code=rand(1000000000,9999999999).".".rand(10000,99999);
if(mysql_query("INSERT INTO
`emailconfirmation` (
`id`,
`code`,
`active`)
VALUES (
'".mysql_real_escape_string($u->info['id'])."',
'".mysql_real_escape_string($code)."',
1)"))
{
/////////////////////////////////////////////////IP///////////////////////////////////////////////
if (!empty($_SERVER['HTTP_CLIENT_IP'])) //check ip from share internet
{
$ip=$_SERVER['HTTP_CLIENT_IP'];
}
elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) //to check ip is pass from proxy
{
$ip=$_SERVER['HTTP_X_FORWARDED_FOR'];
}
else
{
$ip=$_SERVER['HTTP_X_REAL_IP'];
}
//////////////////////////////////////////îòñûëàåì íà ïî÷òó///////////////////////////////////////
$headers = "Mime-Version: 1.1 \r\n";
$headers .= "Date: ".date("r")." \r\n";
$headers .= "Content-type: text/html; charset=utf-8 \r\n";
$headers .= "From: Áîéöîâñêèé Êëóá <support@new-combats.com>\r\n";
$headers = trim($headers);
$headers = stripslashes($headers);
$aa='<html>
<head>
<title>Âîñòàíîâëåíèå ïàðîëÿ</title>
</head>
<body>
'.date("d.m.y H:i").'<br>
Çàïðîñ ïîñòóïèë ñ IP: '.$ip.'<br>
Ò.ê. â àíêåòå ó ýòîãî ïåðñîíàæà óêàçàí email: '.$u->info['mail'].', òî âû è ïîëó÷èëè ýòî ïèñüìî.<br>
Äëÿ òîãî ÷òîáû âêëþ÷èòü ôóíêöèþ ïîäòâåðæäåíèÿ ñìåíû ïàðîëÿ è email ÷åðåç ïî÷òó, âû äîëæíû çàéòè ïî ññûëêå:<br>
https://'.$u->info['city'].'.new-combats.com/confirm.php?id='.$u->info['id'].'&code='.$code.'<br>
<br>
--<br>
Áîéöîâñêèé Êëóá https://www.new-combats.com<br>
Àäìèíèñòðàöèÿ Áîéöîâñêîãî Êëóáà: support@new-combats.com<br>
P.S. Äàííîå ïèñüìî ñãåíåðèðîâàíî àâòîìàòè÷åñêè, îòâå÷àòü íà íåãî íå íóæíî.
</body>
</html>';
mail($u->info['mail'],"Ñìåíà ïîäòâåðæäåíèÿ ó ïåðñîíàæà \"".$u->info['login']."\" [".$u->info['level']."]",$aa,$headers);
//////////////////////////////////////////////////////////////////////////////////////////////////
echo "<font color=red>Íà âàø email âûñëàíî ïèñüìî ñ ïðîñüáîé ïîäòâåðäèòü îïåðàöèþ.</font><BR>";
}
}
else{echo "<font color=red>email óêàçàí íåâåðíî.</font><BR>";}
}
if ($_POST['email'] && $_POST['set_off_emailconfirmation']) { //Îòêëþ÷åíèå ïîäòâåðæäåíèÿ íà email
if($u->info['securetime']>$time) {echo"<font color=red>Äîëæíî ïðîéòè íå ìåíåå òðåõ ñóòîê ìåæäó ñìåíîé ïîäòâåðæäåíèÿ, ïàðîëÿ èëè email.</font><BR>";}
/*ÍÅÄÎÄÅËÀÍÎ */
}
?>
×åì âûøå óðîâåíü âàøåãî ïåðñîíàæà, òåì áîëüøå ê íåìó âíèìàíèÿ ñî ñòîðîíû çëîóìûøëåííèêîâ. ×òîáû âàø ïåðñîíàæ íåáûë ïîäâåðæåí âçëîìó, íåîáõîäèìî ñîáëþäàòü ýëåìåíòàðíûå ìåðû ïðåäîñòîðîæíîñòè. À èìåííî:<br>
1. Íèêîãäà, íè ïîä êàêèì ïðåäëîãîì, íèêîìó íå ãîâîðèòå ñâîé ïàðîëü. Íè ïàëàäèíàì, íè àäìèíèñòðàöèè íå íóæíî çíàòü âàø ïàðîëü.<br>
2. Ââîäèòå ëîãèí è ïàðîëü òîëüêî íà òèòóëüíîé ñòðàíèöå <a href=https://new-combats.com target="_blank">https://new-combats.com</a> Íè íà êàêèõ äðóãèõ ñàéòàõ, êîòîðûå áóäóò êàê äâå êàïëè ïîõîæèå íà íàø, è êóäà âàñ çàçûâàþò îáåùàÿ íà õàëÿâó ïðåäìåòû èëè åâðîêðåäèòû, íå ââîäèòå ñâîé ïàðîëü! Èíà÷å Âàø ïåðñîíàæ ñ âåðîÿòíîñòüþ 95% áóäåò âçëîìàí.<br>
Íàñòîÿòåëüíî ðåêîìåíäóåì ïðî÷åñòü çàìåòêó <A HREF="https://new-combats.com/forum/?r=48&rnd=1" target=_blank>Êàê îáåçîïàñèòü ñâîåãî ïåðñîíàæà?</A>.<BR>
<BR>Åñëè âû èãðàåòå èç èíòåðíåò êàôå èëè êîìïüþòåðíîãî êëóáà, ãäå øàíñ áûòü âçëîìàííûì î÷åíü âûñîêèé, ðåêîìåíäóåì âêëþ÷èòü âòîðîé óðîâåíü çàùèòû (ñì. íèæå)<br><br>
<fieldset>
<legend><b>Ñìåíà ïàðîëÿ</b></legend>
<table>
<tr><td align=right>Ñòàðûé ïàðîëü:</td><td><input type=password name="oldpass"></td></tr>
<tr><td align=right>Íîâûé ïàðîëü:</td><td><input type=password name="npass"></td></tr>
<tr><td align=right>Íîâûé ïàðîëü (åùå ðàç):</td><td><input type=password name="npass2"></td></tr>
<tr><td align=right><input type=submit value="Ñìåíèòü ïàðîëü" name="changepsw"></td><td></td></tr>
</table>
</fieldset>
</FORM>
<FORM ACTION="main.php?security" METHOD=POST>
<FIELDSET><LEGEND><B> Ñìåíà email </B> </LEGEND>
<TABLE>
<TR><TD align=right>Âàø èãðîâîé ïàðîëü:</TD><TD><INPUT TYPE=password NAME=oldpsw size=15 maxlength=31></TD></TR>
<TR><TD align=right>Ïðåæíèé email:</TD><TD><INPUT TYPE=text NAME=oldemail size=20 maxlength=50></TD></TR>
<TR><TD align=right>Íîâûé email:</TD><TD><INPUT TYPE=text NAME=newemail size=20 maxlength=50></TD></TR>
<TR><TD align=center colspan=2><INPUT TYPE=submit value="Ñìåíèòü email" name=changeemail></TD></TR>
</TABLE>
</FIELDSET>
</FORM>
<!--<FORM ACTION="main.php?security" METHOD=POST>
<FIELDSET><LEGEND><B> Âòîðîé óðîâåíü çàùèòû </B> </LEGEND>
<?
echo"Åñëè âû óâåðåíû â ñâîåì email, åãî íå âçëîìàþò (ó÷òèòå, õàëÿâíàÿ ïî÷òà íà ñåðâåðàõ òèïà mail.ru hotmail.com è ò.ï. ëåãêî âçëàìûâàåòñÿ), âû åãî íå \"çàáóäåòå\", îí íå ïðîïàäåò ïðè ñìåíå ïðîâàéäåðà è ò.ï., òîãäà âû ìîæåòå îáåçîïàñèòü ñâîåãî ïåðñîíàæà, âêëþ÷èâ ðåæèì ïîäòâåðæäåíèÿ ñìåíû ïàðîëÿ/email ÷åðåç ïî÷òó. Ïðè ïîïûòêå ñìåíèòü ïàðîëü, email èëè âûêëþ÷èòü ýòîò ðåæèì, íà âàø email âûñûëàåòñÿ ïèñüìî ñ ïðîñüáîé ïîäòâåðäèòü ýòó îïåðàöèþ. Òàêèì îáðàçîì, åñëè õàêåð, êàê-òî óçíàë âàø ïàðîëü, îí íå ñìîæåò ñìåíèòü åãî, è âû âñåãäà ñìîæåòå âîéòè ïîä ñâîèì ïåðñîíàæåì.<BR>";
if($u->info['emailconfirmation']==0) {?>
Âàø email <INPUT TYPE=text NAME=email size=20 maxlength=50><BR>
<INPUT TYPE=submit name=set_on_emailconfirmation value="Âêëþ÷èòü ðåæèì ïîäòâåðæäåíèÿ ñìåíû ïàðîëÿ èëè email ÷åðåç ïî÷òó">
<?}elseif($u->info['emailconfirmation']==1){?>
<BR><B>Ðåæèì ïîäòâåðæäåíèÿ ÷åðåç email âêëþ÷åí.</B><BR><BR>
Âàø email <INPUT TYPE=text NAME=email size=20 maxlength=50> <INPUT TYPE=submit name=set_off_emailconfirmation value="Âûêëþ÷èòü ðåæèì ïîäòâåðæäåíèÿ ÷åðåç email"><BR>
<small>Åñëè âàø email áîëüøå íå ðàáîòàåò, âû ìîæåòå îòêëþ÷èòü åãî çäåñü áåç ïîäòâåðæäåíèÿ, â òå÷åíèå <b>÷àñà</b> ïîñëå ïîëó÷åíèÿ ïðîâåðêè íà ÷èñòîòó ó ïàëàäèíîâ.</small>
<?}?>
</FIELDSET>
</FORM>-->
<FORM METHOD=POST ACTION="main.php?security">
<FIELDSET><LEGEND><B> Âòîðîé óðîâåíü çàùèòû </B> </LEGEND>
Íàñòîÿòåëüíî ðåêîìåíäóåì âêëþ÷èòü âòîðîé óðîâåíü çàùèòû.<BR>
Íà êîìïüþòåðå ìîæåò áûòü óñòàíîâëåí êëàâèàòóðíûé øïèîí, êîòîðûé çàïèñûâàåò âñå íàæàòèÿ êëàâèø, òàêèì îáðàçîì, ìîãóò óçíàòü âàø ïàðîëü.<BR>
Âîçìîæíî, â ñåòè êîìïüþòåðîâ óñòàíîâëåí "ñåòåâîé ñíèôåð", ïåðåõâàòûâàþùèé âñå èíòåðíåò ïàêåòû, êîòîðûé ëåãêî ïîêàæåò âñå ïàðîëè. ×òîáû îáåçîïàñèòü ñåáÿ, âû ìîæåòå óñòàíîâèòü ñâîåìó ïåðñîíàæó âòîðîé ïàðîëü, êîòîðûé ìîæíî ââîäèòü ïðè ïîìîùè ìûøêè (êëàâèàòóðíûì øïèîíîì íå ïåðåõâàòèòü) è êîòîðûé ïåðåäàåòñÿ íà èãðîâîé ñåðâåð â çàøèôðîâàííîì âèäå, íå ïîääàþùèìñÿ ðàñøèôðîâêå ("ñåòåâîé ñíèôåð" íå ñìîæåò ïåðåõâàòèòü åãî).<BR>
Âàø áðàóçåð äîëæåí íîðìàëüíî îòîáðàæàòü Flash 6! (<I>åñëè íàøè ÷àñèêè â íèæíåé ñòðîêå íîðìàëüíî òèêàþò, çíà÷èò ó âàñ âñå â ïîðÿäêå :</I>)<BR>
<U>Áóäüòå âíèìàòåëüíû!</U> Âòîðîé ïàðîëü îòïðàâëÿåòñÿ íà email îäèí ðàç,ïðè óñòàíîâêå âòîðîãî óðîâíÿ çàùèòû!<BR>
<?
if(!empty($u->info['pass2'])){echo"<BR><B>Âòîðîé ïàðîëü óñòàíîâëåí.</B><BR><BR>Ââåäèòå âòîðîé ïàðîëü <INPUT TYPE=password NAME=oldpsw2 size=10 maxlength=8> <INPUT TYPE=submit name=changepsw value=\"Âûêëþ÷èòü âòîðîé ïàðîëü\" onclick=\"return confirm('Âûêëþ÷èòü çàïðîñ âòîðîãî ïàðîëÿ ïðè âõîäå â Áîéöîâñêèé Êëóá?')\">";}else{
?>
Äëèíà ïàðîëÿ:<BR>
<INPUT TYPE=radio NAME="num_count" value=4> 4 çíàêà<BR>
<INPUT TYPE=radio NAME="num_count" checked value=6> 6 çíàêîâ<BR>
<INPUT TYPE=radio NAME="num_count" value=8> 8 çíàêîâ<BR>
<INPUT TYPE=submit name=changepsw value="Óñòàíîâèòü âòîðîé ïàðîëü" onclick="return confirm('Ñèñòåìà ñàìà ïðèäóìàåò âàì âòîðîé ïàðîëü, îí áóäåò ïîêàçàí íà ýòîé ñòðàíèöå, ïîñëå òîãî, êàê âû íàæìåòå OK è ïðîäóáëèðîâàí íà email, óêàçàííûé ïðè ðåãèñòðàöèè. Áóäüòå âíèìàòåëüíû.\nÓñòàíîâèòü âòîðîé ïàðîëü?')"><BR>
<?
if ($_POST['oldpsw'] && $_POST['oldemail'] && $_POST['newemail']) { /*-----Смена e-mail------*/
if (password_verify($_POST['oldpsw'], $u->info['pass'])) {
$status = "<span style='color: red'>Неверный пароль.</span><br>";
} elseif ($u->info['mail'] !== $_POST['oldemail']) {
$status = "<span style='color: red'>Неверный старый E-Mail.</span><br>";
} else {
$u->info['mail'] = $email->change($_POST['oldemail'], $_POST['newemail']);
$status = "<span style='color: darkolivegreen;'>Email удачно сменен.</span><br>";
}
}
}
?>
</FIELDSET>
</FORM>
<form action="main.php?security" method="post" id="security"></form>
<div>
<h3>Настройки безопасности</h3>
<div style="text-align: right">
<input type="button" value="Вернуться" onClick="location.href='main.php';">
</div>
<div><?= $status ?></div>
<div>
Чем выше уровень вашего персонажа, тем больше к нему внимания со стороны злоумышленников.
Чтобы ваш персонаж небыл подвержен взлому, необходимо соблюдать элементарные меры предосторожности.
<br> А именно:
<ol>
<li>
Никогда, ни под каким предлогом, никому не говорите свой пароль.
Ни паладинам, ни администрации не нужно знать ваш пароль.
</li>
<li>
Вводите логин и пароль только на титульной странице
<a href="<?= Config::get('https') ?>" target="_blank"><?= Config::get('https') ?></a>
Ни на каких других сайтах, которые будут как две капли похожие на наш,
и куда вас зазывают обещая на халяву предметы или еврокредиты, не вводите свой пароль!
Иначе Ваш персонаж с вероятностью 95% будет взломан.
</li>
</ol>
Настоятельно рекомендуем прочесть заметку
<a href="<?= Config::get('https') ?>forum/?r=48&rnd=1" target=_blank>Как обезопасить своего персонажа?</a>.
<br><br>
Если вы играете из интернет кафе или компьютерного клуба, где шанс быть взломанным очень высокий,
рекомендуем включить второй уровень защиты (см. ниже)
<br><br>
<fieldset>
<legend><b>Смена пароля</b></legend>
<table>
<tr>
<td style="text-align: right">
Старый пароль:
</td>
<td>
<label>
<input form="security" type=password name="oldpass">
</label>
</td>
</tr>
<tr>
<td style="text-align: right">
Новый пароль:
</td>
<td>
<label>
<input form="security" type=password name="npass">
</label>
</td>
</tr>
<tr>
<td style="text-align: right">
Новый пароль (еще раз):
</td>
<td>
<label>
<input form="security" type=password name="npass2">
</label>
</td>
</tr>
<tr>
<td colspan="2" style="text-align: right">
<input form="security" type=submit value="Сменить пароль" name="changepsw">
</td>
<td></td>
</tr>
</table>
</fieldset>
<FIELDSET>
<LEGEND><B> Смена email </B></LEGEND>
<TABLE>
<TR>
<TD style="text-align: right">
Ваш игровой пароль:
</TD>
<TD>
<label>
<INPUT form="security" TYPE=password NAME=oldpsw size=15 maxlength=31>
</label>
</TD>
</TR>
<TR>
<TD style="text-align: right">
Прежний email:
</TD>
<TD>
<label>
<INPUT form="security" TYPE=text NAME=oldemail size=20 maxlength=50>
</label>
</TD>
</TR>
<TR>
<TD style="text-align: right">
Новый email:
</TD>
<TD>
<label>
<INPUT form="security" TYPE=text NAME=newemail size=20 maxlength=50>
</label>
</TD>
</TR>
<TR>
<TD style="text-align: center" colspan=2>
<INPUT form="security" TYPE=submit value="Сменить email" name=changeemail>
</TD>
</TR>
</TABLE>
</FIELDSET>
<FIELDSET>
<LEGEND><B> Второй уровень защиты </B></LEGEND>
Настоятельно рекомендуем включить второй уровень защиты.<BR>
На компьютере может быть установлен клавиатурный шпион, который записывает все нажатия клавиш, таким
образом,
могут узнать ваш пароль.<BR>
Возможно, в сети компьютеров установлен "сетевой снифер", перехватывающий все интернет пакеты, который легко
покажет все пароли. Чтобы обезопасить себя, вы можете установить своему персонажу второй пароль, который
можно
вводить при помощи мышки (клавиатурным шпионом не перехватить) и который передается на игровой сервер в
зашифрованном виде, не поддающимся расшифровке ("сетевой снифер" не сможет перехватить его).<BR>
<U>Будьте внимательны!</U> Второй пароль отправляется на email один раз,при установке второго уровня защиты!<BR>
<?php
if (!empty($u->info['pass2'])) {
echo "<BR><B>Второй пароль установлен.</B><BR><BR>
Введите второй пароль <INPUT TYPE=password NAME=oldpsw2 size=10 maxlength=8>
<INPUT form='security' TYPE=submit name=changepsw value=\"Выключить второй пароль\" onclick=\"return confirm('Выключить запрос второго пароля при входе в Бойцовский Клуб?')\">";
} else {
?>
Длина пароля:<BR>
<label>
<INPUT form="security" TYPE=radio NAME="num_count" value=4> 4 знака<BR>
</label>
<label>
<INPUT form="security" TYPE=radio NAME="num_count" checked value=6> 6 знаков<BR>
</label>
<label>
<INPUT form="security" TYPE=radio NAME="num_count" value=8> 8 знаков<BR>
</label>
<INPUT form="security" TYPE=submit name=changepsw value="Установить второй пароль"
onclick="return confirm('Система сама придумает вам второй пароль, он будет показан на этой странице, после того, как вы нажмете OK и продублирован на email, указанный при регистрации. Будьте внимательны.\nУстановить второй пароль?')">
<BR>
<?php
}
?>
</FIELDSET>
</div>
</div>
<script>
let elem = document.getElementById('se-pre-con');
elem.parentNode.removeChild(elem);
</script>

View File

@ -190,10 +190,7 @@ if(isset($_GET['loc']))
}elseif( ($kos1['good'] == 0 && $kos2['good'] == 0) && ((!isset($zadej) || $zadej == 0) && $u->aves['now']>=$u->aves['max'] && $u->room['name']!='Îáùåæèòèå' && $u->room['name']!='Îáù. Ýòàæ 1' && $u->room['name']!='Îáù. Ýòàæ 2' && $u->room['name']!='Îáù. Ýòàæ 3'))
{
$re = 'Âû íå ìîæåòå ïåðåìåùàòüñÿ, ðþêçàê ïåðåïîëíåí ...';
}elseif($u->room['name']=='Комната для новичков' && $u->info['activ'] != '' && $u->info['activ'] != '0')
{
echo '<script>alert("Для того чтобы перейти в город Вы должны активировать персонажа через Ваш E-mail.");</script>';
}elseif(isset($go['id']))
elseif(isset($go['id']))
{
$rmgo = array();
$rg = explode(',',$u->room['roomGo']);

View File

@ -27,14 +27,11 @@ if(isset($_POST['r_bank']) || isset($_POST['r_type']))
}
}
$rfs['see'] = '';
$sp = mysql_query('SELECT `s`.`active`,`u`.`activ`,`u`.`online`,`u`.`id`,`u`.`level`,`u`.`login` FROM `users` AS `u` LEFT JOIN `stats` AS `s` ON `u`.`id` = `s`.`id` WHERE `u`.`host_reg` = "'.$u->info['id'].'" AND `u`.`mail` != "No E-Mail" ORDER BY `u`.`level` DESC LIMIT '.$rfs['count']);
$sp = mysql_query('SELECT `s`.`active`,`u`.`online`,`u`.`id`,`u`.`level`,`u`.`login` FROM `users` AS `u` LEFT JOIN `stats` AS `s` ON `u`.`id` = `s`.`id` WHERE `u`.`host_reg` = "'.$u->info['id'].'" AND `u`.`mail` != "No E-Mail" ORDER BY `u`.`level` DESC LIMIT '.$rfs['count']);
while($pl = mysql_fetch_array($sp))
{
$rfs['c2'] = '&nbsp;<img onclick="top.chat.addto(\''.$pl['login'].'\',\'private\')" style="display:inline-block;cursor:pointer;" src="https://img.new-combats.com/i/lock.gif" width="20" height="15"> &nbsp; '.$u->microLogin($pl['id'],1).'';
if($pl['activ'] != 0)
{
$rfs['c2'] = '<font color="grey">'.$rfs['c2'].' &nbsp; <small>íå àêòèâèðîâàí</small></font>';
}elseif($pl['level']>7)
if($pl['level']>7)
{
$rfs['c2'] = '<font color="green">'.$rfs['c2'].'</font>';
}

View File

@ -93,8 +93,8 @@ if($tcount >= 6 ) {
$obraz = 'ih60.gif';
}
//
mysql_query('INSERT INTO `users` (`obraz`,`chatColor`,`align`,`inTurnir`,`molch1`,`molch2`,`activ`,`login`,`room`,`name`,`sex`,`level`,`bithday`) VALUES (
"'.$obraz.'","'.$bus['chatColor'].'","'.$bus['align'].'","'.$pl['id'].'","'.$bus['molch1'].'","'.$bus['molch2'].'","0","'.$bus['login'].'","411","'.$bus['name'].'","'.$bus['sex'].'","4","'.date('d.m.Y').'")');
mysql_query('INSERT INTO `users` (`obraz`,`chatColor`,`align`,`inTurnir`,`molch1`,`molch2`,`login`,`room`,`name`,`sex`,`level`,`bithday`) VALUES (
"'.$obraz.'","'.$bus['chatColor'].'","'.$bus['align'].'","'.$pl['id'].'","'.$bus['molch1'].'","'.$bus['molch2'].'","'.$bus['login'].'","411","'.$bus['name'].'","'.$bus['sex'].'","4","'.date('d.m.Y').'")');
//
$inbot = mysql_insert_id(); //àéäè áîòà
if( $inbot > 0 ) {

View File

@ -136,8 +136,8 @@ if($u->room['file']=='ruine_enter') {
//Ñîçäàåì áîòà
$text_user[$team] .= $u->microLogin($bus['id'],1).', ';
//
mysql_query('INSERT INTO `users` (`obraz`,`chatColor`,`align`,`inTurnir`,`molch1`,`molch2`,`activ`,`login`,`room`,`name`,`sex`,`level`,`bithday`) VALUES (
"'.$bus['obraz'].'","'.$bus['chatColor'].'","'.$bus['align'].'","'.$rid.'","'.$bus['molch1'].'","'.$bus['molch2'].'","0","'.$bus['login'].'","413","'.$bus['name'].'","'.$bus['sex'].'","10","'.date('d.m.Y').'")');
mysql_query('INSERT INTO `users` (`obraz`,`chatColor`,`align`,`inTurnir`,`molch1`,`molch2`,`login`,`room`,`name`,`sex`,`level`,`bithday`) VALUES (
"'.$bus['obraz'].'","'.$bus['chatColor'].'","'.$bus['align'].'","'.$rid.'","'.$bus['molch1'].'","'.$bus['molch2'].'","'.$bus['login'].'","413","'.$bus['name'].'","'.$bus['sex'].'","10","'.date('d.m.Y').'")');
//
$inbot = mysql_insert_id(); //àéäè áîòà
if( $inbot > 0 ) {

View File

@ -13,9 +13,7 @@ Database::init();
$u = mysql_fetch_array(
mysql_query(
'SELECT `id`,`login`,`banned`,`admin`,`clan`,`align`,`level`,`molch1`,`molch2` FROM `users` WHERE `login` = "' . mysql_real_escape_string(
$_COOKIE['login']
) . '" AND `pass` = "' . mysql_real_escape_string($_COOKIE['pass']) . '"'
)
$_COOKIE['login']) . '"')
);
if ($url[2] > 0) {
@ -808,4 +806,4 @@ if ($u['admin'] > 0) {
?>
<!-- #page -->
</body>
</html>
</html>

View File

@ -526,11 +526,6 @@ if (isset($_POST['msg']) && str_replace(' ', '', $_POST['msg']) != '') {
$i++;
}
$activ = 0;
if ($u->info['activ'] > 0) {
$activ = 1;
}
$msg['nosee'] = 0;
if ($u->info['level'] < 1) {
@ -543,9 +538,8 @@ if (isset($_POST['msg']) && str_replace(' ', '', $_POST['msg']) != '') {
}
mysql_query(
'INSERT INTO `chat` (`nosee`,`active`,`invis`,`da`,`delete`,`molch`,`new`,`login`,`to`,`city`,`room`,`time`,`type`,`spam`,`text`,`toChat`,`color`,`typeTime`,`sound`,`global`) VALUES (
'INSERT INTO `chat` (`nosee`,`invis`,`da`,`delete`,`molch`,`new`,`login`,`to`,`city`,`room`,`time`,`type`,`spam`,`text`,`toChat`,`color`,`typeTime`,`sound`,`global`) VALUES (
"' . $msg['nosee'] . '",
"' . $activ . '",
"' . $u->info['invis'] . '",
"' . $msg['da'] . '",
"' . $msg['delete'] . '",

View File

@ -49,9 +49,7 @@ if( !isset($url[2]) || $url[2] == '' ) {
$html = '';
if( $u->info['activ'] == 1 ) {
$html = 'Чтобы начать публиковать изображения - Активируйте Вашего персонажа.';
}elseif( $u->info['molch1'] > time() ) {
if( $u->info['molch1'] > time() ) {
$html = 'Персонажи с молчанкой не могут публиковать изображения.';
}elseif( $u->info['banned'] > 0 ) {
$html = 'Заблокированные персонажи не могут публиковать изображения.';
@ -188,9 +186,7 @@ if( !isset($url[2]) || $url[2] == '' ) {
$_POST['lib_title'] = htmlspecialchars($_POST['lib_title'],NULL,'cp1251');
$mbpage_last = mysql_fetch_array(mysql_query('SELECT `time` FROM `library_content` WHERE `uid` = "'.$u->info['id'].'" ORDER BY `id` DESC LIMIT 1'));
if( $u->info['activ'] == 1 ) {
echo 'Чтобы начать публиковать статьи - Активируйте Вашего персонажа.';
}elseif( $u->info['molch1'] > time() ) {
if( $u->info['molch1'] > time() ) {
echo 'Персонажи с молчанкой не могут публиковать статьи.';
}elseif( $u->info['banned'] > 0 ) {
echo 'Заблокированные персонажи не могут публиковать статьи.';

View File

@ -64,7 +64,7 @@ if (isset($_POST['relogin'])) {
if ($mail === 1) {
Db::sql(
'update users set securetime = unix_timestamp(), allLock = unix_timestamp(), pass = ? where id = ?',
[md5($newPassword), $usr['id']]
[password_hash($newPassword, PASSWORD_DEFAULT), $usr['id']]
);
Db::sql(
'insert into repass (uid, time, ip, type) values (?,unix_timestamp(),?,1)',
@ -88,7 +88,7 @@ if (isset($_POST['relogin'])) {
<!DOCTYPE html>
<html lang="ru-RU">
<head>
<title>Âîññòàíîâëåíèå ïàðîëÿ îò ïåðñîíàæà Áîéöîâñêèé Êëóá</title>
<title><?= Config::get('name') ?>: Âîññòàíîâëåíèå ïàðîëÿ îò ïåðñîíàæà</title>
<meta name="keywords" content="<?= Config::get('keys') ?>">
<meta name="description" content="<?= Config::get('desc') ?>"/>
<meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no"/>
@ -97,11 +97,20 @@ if (isset($_POST['relogin'])) {
input[type=text], input[type=date] {
padding: 3px;
}
div.content, div.after {
display: flex;
justify-content: center;
}
div.content {
align-items: center;
flex-direction: column;
height: 50%;
}
</style>
</head>
<body>
<form method="post" id="repass"></form>
<div style="display: flex; justify-content: center; align-items: center; flex-direction: column; height: 50%">
<div class="content">
<h1>Âîññòàíîâëåíèå ïàðîëÿ</h1>
<?= $error ? '<b style="color: red">' . $error . '</b>' : '' ?>
<?php if ($step === 1): ?>
@ -120,11 +129,11 @@ if (isset($_POST['relogin'])) {
<input form="repass" type="submit" class="btn" value="Âûñëàòü ïàðîëü íà E-mail">
<?php endif; ?>
</div>
<div style="display: flex; justify-content: center;">
<a href="https://<?= Config::get('host') ?>/">Âåðíóòñÿ íà ãëàâíóþ ñòðàíèöó</a>
<div class="after">
<a href="<?= Config::get('https') ?>">Âåðíóòñÿ íà ãëàâíóþ ñòðàíèöó</a>
</div>
<div style="display: flex; justify-content: center;">
<span class="testro">&laquo;Ñòàðûé Áîéöîâñêèé Êëóá&raquo; &nbsp; &nbsp; 2018-<?= date('Y') ?> &copy; Áðàóçåðíàÿ îíëàéí èãðà</span>
<div class="after">
<span class="testro"><?= Config::get('footer') ?></span>
</div>
</body>
</html>

View File

@ -20,10 +20,6 @@ if ($u->info['bithday'] == '01.01.1800' && $u->info['inTurnirnew'] == 0) {
unset($_GET, $_POST);
}
if ($u->info['activ'] > 0) {
die('Вам необходимо активировать персонажа.<br>Авторизируйтесь с главной страницы.');
}
if (isset($_POST['set_name'])) {
$_POST['set_name'] = htmlspecialchars($_POST['set_name']);
$set_x = mysql_fetch_array(

View File

@ -1,30 +1,63 @@
<?php
include('_incl_data/__config.php');
const GAME = true;
include('_incl_data/class/__db_connect.php');
use Core\Config;
use Core\Database;
use Core\Db;
if (!defined('GAME_VERSION')) {
require_once '_incl_data/autoload.php';
}
Config::init();
Database::init();
$u = User::start();
$filter = new Filter();
$allowedTextColors = ['Black', 'Blue', 'Fuchsia', 'Gray', 'Green', 'Maroon', 'Navy', 'Olive', 'Purple', 'Teal', 'Orange', 'Chocolate', 'DarkKhaki', 'SandyBrown'];
if ($u->info['admin']) {
$allowedTextColors[] = 'Red';
}
$simbolcount = strlen($u->info['hobby']);
$maxsimbols = 2000;
if (isset($_POST['name'], $_POST['hobby'], $_POST['ChatColor'], $_POST['saveanketa'])) {
if (!in_array($_POST['ChatColor'], $allowedTextColors)) {
$_POST['ChatColor'] = "Black";
}
if (!empty($filter->spamFiltr($_POST['name'])) || !empty($filter->spamFiltr($_POST['hobby']))) { // WTF ?!
Db::sql('update users set info_delete = unix_timestamp() + 86400 where id = ?', [$u->info['id']]);
}
if ($simbolcount > $maxsimbols && $u->info['admin'] == 0) {
$error = '<div style="color:#FF0000; position: absolute; left: 900px; top: 100px; ">
Ìàêñèìàëüíûé ðàçìåð ïîëÿ "Óâëå÷åíèÿ / õîááè" - ' . $maxsimbols . ' ñèìâîëîâ.</div>';
} else {
Db::sql(
'update users set name = ?, chatColor = ?, hobby = ? where id = ?',
[
$_POST['name'], $_POST['chatColor'], $_POST['hobby'],
]
);
$u->info['name'] = $_POST['name'];
$u->info['hobby'] = $_POST['hobby'];
$u->info['chatColor'] = $_POST['ChatColor'];
}
}
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"https://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="https://www.w3.org/1999/xhtml">
<!DOCTYPE html>
<html lang="ru">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=windows-1251"/>
<title>Áîéöîâñêèé Êëóá - Íàñòðîéêè</title>
<link href="https://new-combats.com/i/move/design3.css" rel="stylesheet" type="text/css">
<link rel=stylesheet type="text/css" href="https://new-combats.com/i/main.css">
<META Http-Equiv=Cache-Control Content="no-cache, max-age=0, must-revalidate, no-store">
<meta http-equiv=PRAGMA content=NO-CACHE>
<META Http-Equiv=Expires Content=0>
<link rel="stylesheet" href="i/move/design3.css">
<link rel="stylesheet" href="i/main.css">
<style type="text/css">
.left {
float: left;
padding-right: 30px;
}
<!--
<style>
@import url(https://fonts.googleapis.com/css?family=Philosopher&subset=latin,cyrillic);
body, td {
font-family: Tahoma, Verdana, Arial, Helvetica, sans-serif;
font-size: 12pt;
@ -60,323 +93,59 @@ $filter = new Filter();
color: #000000;
}
.nicname {
color: #bfa178;
font-size: 9pt;
font-weight: bold;
}
td.text {
background-position: right top;
background-repeat: no-repeat;
}
.place {
color: #cc8e43;
font-size: 8pt;
font-weight: bold;
}
.nomber {
color: #7c3e00;
font-size: 8pt;
font-weight: bold;
}
.green {
color: #526700;
font-size: 8pt;
font-weight: bold;
}
.about {
font-size: 9pt;
}
.levels {
color: #bfa178;
font-family: Tahoma, Arial, Helvetica, sans-serif;
font-size: 7pt;
}
TD.topbgl {
background-image: url(https://new-combats.com/new/register/topbgl.jpg);
td.topbgl {
background-image: url(new/register/topbgl.jpg);
background-position: right top
}
.style1 {
color: #4b2500;
font-weight: bold;
font-size: 9pt;
}
a.lnkstyle1, a.lnkstyle1:link, a.lnkstyle1:visited, a.lnkstyle1:hover, a.lnkstyle1:active {
color: #4b2500;
font-weight: bold;
font-size: 9pt;
}
a.lnkstyle2 {
font-size: 9pt;
font-weight: bold;
color: #4b2500;
}
a.lnkstyle2:link {
font-weight: bold;
color: #4b2500;
text-decoration: none
}
a.lnkstyle2:visited {
font-weight: bold;
color: #4b2500;
text-decoration: none
}
a.lnkstyle2:hover, a.lnkstyle2:active {
font-weight: bold;
color: #84643e;
text-decoration: none;
}
input {
font-size: 12px;
}
-->
div.footer {
text-align: center;
color: #EBD88B;
font-family: 'Philosopher', sans-serif;
font-size: 18px;
}
input, select {
background-color: transparent;
border-width: 0 0 1px;
border-radius: 0;
border-color: black;
}
option {
background-color: antiquewhite;
}
textarea {
background-color: antiquewhite;
border: 0;
border-radius: 0;
width: 95%;
height: 170px;
}
input:focus-visible, select:focus-visible, textarea:focus-visible {
outline: 0;
}
fieldset {
border: 1px solid black;
-webkit-border-radius: 10px;
-moz-border-radius: 10px;
border-radius: 10px;
clear: both;
}
fieldset > legend {
font-weight: bold;
}
</style>
<script src="https://new-combats.com/new/register/flash.js" type="text/javascript"></script>
<script type="text/javascript">
function MM_preloadImages() { //v3.0
var d = document;
if (d.images) {
if (!d.MM_p) d.MM_p = new Array();
var i, j = d.MM_p.length, a = MM_preloadImages.arguments;
for (i = 0; i < a.length; i++)
if (a[i].indexOf("#") != 0) {
d.MM_p[j] = new Image;
d.MM_p[j++].src = a[i];
}
}
}
function MM_swapImgRestore() { //v3.0
var i, x, a = document.MM_sr;
for (i = 0; a && i < a.length && (x = a[i]) && x.oSrc; i++) x.src = x.oSrc;
}
function MM_findObj(n, d) { //v4.01
var p, i, x;
if (!d) d = document;
if ((p = n.indexOf("?")) > 0 && parent.frames.length) {
d = parent.frames[n.substring(p + 1)].document;
n = n.substring(0, p);
}
if (!(x = d[n]) && d.all) x = d.all[n];
for (i = 0; !x && i < d.forms.length; i++) x = d.forms[i][n];
for (i = 0; !x && d.layers && i < d.layers.length; i++) x = MM_findObj(n, d.layers[i].document);
if (!x && d.getElementById) x = d.getElementById(n);
return x;
}
function MM_swapImage() { //v3.0
var i, j = 0, x, a = MM_swapImage.arguments;
document.MM_sr = new Array;
for (i = 0; i < (a < /dngth-2);i+=3)
if ((x = MM_findObj(a[i])) != null) {
document.MM_sr[j++] = x;
if (!x.oSrc) x.oSrc = x.src;
x.src = a[i + 2];
}
}
</script>
</head>
<?php
$dateofbirth = '';
if (isset($_POST['name'])) {
$_POST['name'] = htmlspecialchars($_POST['name'], null, 'cp1251');
if (
(
$filter->spamFiltr($_POST['name']) != '0' ||
$filter->spamFiltr($_POST['city']) != '0' ||
$filter->spamFiltr($_POST['city2']) != '0' ||
$filter->spamFiltr($_POST['homepage']) != '0' ||
$filter->spamFiltr($_POST['about']) != '0' ||
$filter->spamFiltr($_POST['hobby']) != '0'
) &&
$u->info['level'] < 9
) {
mysql_query(
'UPDATE `users` SET `info_delete` = "' . (time(
) + 86400) . '" WHERE `id` = "' . $u->info['id'] . '" LIMIT 1'
);
}
$_POST['city'] = htmlspecialchars($_POST['city'], null, 'cp1251');
$_POST['city2'] = htmlspecialchars($_POST['city2'], null, 'cp1251');
$_POST['icq'] = htmlspecialchars($_POST['icq'], null, 'cp1251');
if (!isset($_POST['mat'])) {
$_POST['mat'] = null;
}
if (!isset($_POST['hide_icq'])) {
$_POST['hide_icq'] = null;
}
$_POST['skype'] = htmlspecialchars($_POST['skype'], null, 'cp1251');
if (!isset($_POST['hide_skype'])) {
$_POST['hide_skype'] = null;
} else {
$_POST['hide_skype'] = 1;
}
$_POST['hide_icq'] = htmlspecialchars($_POST['hide_icq'], null, 'cp1251');
$_POST['homepage'] = htmlspecialchars($_POST['homepage'], null, 'cp1251');
$_POST['about'] = htmlspecialchars($_POST['about'], null, 'cp1251');
if ($u->info['admin'] == 0) {
$_POST['hobby'] = htmlspecialchars($_POST['hobby'], null, 'cp1251');
}
$_POST['ChatColor'] = htmlspecialchars($_POST['ChatColor'], null, 'cp1251');
$_POST['hobby'] = str_replace("\\n", "<BR>", $_POST['hobby']);
$_POST['hobby'] = str_replace("\\r", "", $_POST['hobby']);
$_POST['hobby'] = str_replace("&lt;BR&gt;", "<BR>", $_POST['hobby']);
$simbolcount = strlen($_POST['hobby']);
if (isset($_POST['ChatColor']) && $u->info['admin'] == '0' && !($_POST['ChatColor'] == "Black" || $_POST['ChatColor'] == "Blue" || $_POST['ChatColor'] == "Lilac" || $_POST['ChatColor'] == "Fuchsia" || $_POST['ChatColor'] == "Gray" || $_POST['ChatColor'] == "Green" || $_POST['ChatColor'] == "Maroon" || $_POST['ChatColor'] == "Navy" || $_POST['ChatColor'] == "Olive" || $_POST['ChatColor'] == "Purple" || $_POST['ChatColor'] == "Teal" || $_POST['ChatColor'] == "Orange" || $_POST['ChatColor'] == "Chocolate" || $_POST['ChatColor'] == "DarkKhaki" || $_POST['ChatColor'] == "SandyBrown")) {
echo "<div align=\"left\" style=\"color:#FF0000 \">Âîçìîæíî èñïîëüçîâàòü öâåòà óêàçàííûå òîëüêî â ìåíþ àíêåòû ! </div>";
$_POST['ChatColor'] = "Black";
}
if (!$_POST['city']) {
$city = $_POST['city2'];
} elseif ($_POST['city'] && $_POST['city2']) {
$city = $_POST['city2'];
} else {
$city = $_POST['city'];
}
}
if (isset($_POST['saveanketa'])) {
if ($u->info['level'] <= 1) {
$dt = explode('.', $_POST['0day']);
if (isset($dt[0], $dt[1], $dt[2])) {
$erd = 0;
$dt[0] = round($dt[0]);
$dt[1] = round($dt[1]);
$dt[2] = round($dt[2]);
if ($dt[0] < 1 || $dt[0] > 31) {
$erd = 1;
}
if ($dt[1] < 1 || $dt[1] > 12) {
$erd = 2;
}
if ($dt[2] < 1920 || $dt[2] > 2006) {
$erd = 3;
}
if ($erd == 0) {
$_POST['0day'] = $dt[0] . '.' . $dt[1] . '.' . $dt[2];
$dateofbirth = "`bithday` = '" . mysql_real_escape_string($_POST['0day']) . "',";
}
}
$u->info['bithday'] = $_POST['0day'];
}
$st = $u->lookStats($u->info['stats']);
$maxsimbols = 2000 + ($st['os6'] * 200);
if ($_POST['mat'] == 1) {
$_POST['mat'] = 1;
} else {
$_POST['mat'] = 0;
}
if ($simbolcount <= $maxsimbols || $u->info['admin'] != 0) {
$lastdes = $u->info['design'];
if ($_POST['design'] == 1) {
$u->info['design'] = 1;
} else {
$u->info['design'] = 0;
}
}
if ($simbolcount > $maxsimbols && $u->info['admin'] == 0) {
echo '<div align="left" style="color:#FF0000; position: absolute; left: 900px; top: 100px; ">Ìàêñèìàëüíûé ðàçìåð ïîëÿ "Óâëå÷åíèÿ / õîááè" - ' . $maxsimbols . ' ñèìâîëîâ.</div>';
} elseif (mysql_query(
"UPDATE
`users`
SET
`design` = '" . $u->info['design'] . "',
`name` = '" . mysql_real_escape_string($_POST['name']) . "',
`city_real` = '" . mysql_real_escape_string($_POST['city2']) . "',
`icq` = '" . mysql_real_escape_string((int)$_POST['icq']) . "',
`icq_hide` = '" . mysql_real_escape_string($_POST['hide_icq']) . "',
`skype` = '" . mysql_real_escape_string($_POST['skype']) . "',
`skype_hide` = '" . mysql_real_escape_string($_POST['hide_skype']) . "',
`homepage` = '" . mysql_real_escape_string($_POST['homepage']) . "',
" . $dateofbirth . "
`deviz` = '" . mysql_real_escape_string($_POST['about']) . "',
`hobby` = '" . mysql_real_escape_string($_POST['hobby']) . "',
`chatColor` = '" . mysql_real_escape_string($_POST['ChatColor']) . "',
`mat` = '" . mysql_real_escape_string((int)$_POST['mat']) . "'
WHERE
`id` = '" . mysql_real_escape_string($u->info['id']) . "' LIMIT 1;"
)) {
echo '<div style="position: absolute; left: 900px; top: 100px;"><big><font color=green><b>Ñîõðàíåíî</b></big></font></div>';
if ($u->info['design'] != $lastdes) {
echo '<script>window.opener.close();top.location.href="https://new-combats.com/bk";</script>';
}
$u->info['name'] = $_POST['name'];
$u->info['city_real'] = $city;
$u->info['icq'] = $_POST['icq'];
$u->info['icq_hide'] = $_POST['hide_icq'];
$u->info['skype'] = $_POST['skype'];
$u->info['skype_hide'] = $_POST['hide_skype'];
$u->info['homepage'] = $_POST['homepage'];
$u->info['deviz'] = $_POST['about'];
$u->info['hobby'] = $_POST['hobby'];
$u->info['chatColor'] = $_POST['ChatColor'];
$u->info['mat'] = $_POST['mat'];
} else {
echo '÷òî-òî íå òàê...';
}
}
?>
<style type="text/css">
div.settingsStatus {
position: absolute;
left: 900px;
top: 100px;
font-weight: bold;
font-size: larger;
}
div.redStatus {
color: red;
}
div.greenStatus {
color: green;
}
</style>
<?php
if (isset($_POST['pass_old'])) {
if (md5($_POST['pass_old']) == $u->info['pass']) {
if ($_POST['pass_new'] == $_POST['pass_new2']) {
$u->info['pass'] = md5($_POST['pass_new']);
mysql_query(
'UPDATE `users` SET `pass` = "' . $u->info['pass'] . '" WHERE `id` = "' . $u->info['id'] . '" LIMIT 1'
);
//
setcookie('login', $u->info['login'], time() + 86400 * 365, '', $c['host']);
setcookie('pass', $u->info['pass'], time() + 86400 * 365, '', $c['host']);
//
echo '<div class="settingsStatus greenStatus">Íîâûé ïàðîëü óñïåøíî çàïèñàí!</div>';
} else {
echo '<div class="settingsStatus redStatus">Íîâûé ïàðîëü íå ñïîâïàäàåò ñî âòîðûì ïîëåì!</div>';
}
} else {
echo '<div class="settingsStatus redStatus">Íåâåðíûé òåêóùèé ïàðîëü, ïîïðîáóéòå ñíîâà!</div>';
}
}
?>
<body>
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td width="39%" valign="top">
@ -387,20 +156,7 @@ if (isset($_POST['pass_old'])) {
</table>
</td>
<td width="1%" valign="top" background="https://new-combats.com/new/register/bgl.jpg">
<script type="text/javascript">
AC_FL_RunContent('codebase', 'https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=9,0,28,0', 'width', '67', 'height', '108', 'src', 'https://new-combats.com/new/register/lamp1', 'quality', 'high', 'pluginspage', 'https://www.adobe.com/shockwave/download/download.cgi?P1_Prod_Version=ShockwaveFlash', 'movie', 'https://new-combats.com/new/register/lamp1'); //end AC code
</script>
<noscript>
<object classid="clsid:D27CDB6E-AE6D-11cf-96B8-444553540000"
codebase="https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab#version=9,0,28,0"
width="67" height="108">
<param name="movie" value="https://new-combats.com/new/register/lamp1.swf"/>
<param name="quality" value="high"/>
<embed src="https://new-combats.com/new/register/lamp1.swf" quality="high"
pluginspage="https://www.adobe.com/shockwave/download/download.cgi?P1_Prod_Version=ShockwaveFlash"
type="application/x-shockwave-flash" width="67" height="108"></embed>
</object>
</noscript>
<div style="width: 67px; height: 108px;"><!-- òóò áûë ôëåø --></div>
<img src="https://new-combats.com/new/register/topl.jpg"/></td>
<td width="20%" valign="top">
<table width="850" border="0" cellspacing="0" cellpadding="0">
@ -408,8 +164,9 @@ if (isset($_POST['pass_old'])) {
<td><img src="https://new-combats.com/new/register/top.jpg" width="850" height="35"/></td>
</tr>
<tr>
<td height="1"><img src="https://new-combats.com/new/register/top1_nul.jpg" width="850"
height="65"/></td>
<td height="1">
<img src="https://new-combats.com/new/register/top1_nul.jpg" width="850" height="65"/>
</td>
</tr>
<tr>
<td height="593" align="left" valign="top">
@ -419,183 +176,89 @@ if (isset($_POST['pass_old'])) {
background="https://new-combats.com/new/register/vesch_leftbg.jpg"><img
src="https://new-combats.com/new/register/vesch_left.jpg" width="49"
height="416"/></td>
<td height="577" align="center" valign="top" bgcolor="#edd7ae">
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
<td height="540" align="left" valign="top">
<td height="577" valign="top" bgcolor="#edd7ae">
</HEAD>
<BODY aLink=#000000 bgColor=#666666 leftMargin=0 link=#000000
topMargin=0
vLink=#333333 marginheight="0" marginwidth="0" 0>
<TABLE border=0 cellPadding=0 cellSpacing=0 height="100%" width="100%">
<TBODY>
<TR>
<TD vAlign=top width="15%">
<div>
<?= $error ?? '' ?>
<!-- content -->
<div style="text-align: center; margin-bottom: 8px;">
<?= $u->microLogin($u->info['id'], 1) ?>
</div>
<BR><!-- Begin of text -->
<center><?= $u->microLogin($u->info['id'], 1) ?></center>
<form method="post" style=" ">
<fieldset
style="border: 1px solid black;-webkit-border-radius: 10px;-moz-border-radius: 10px;border-radius: 10px;">
<legend style="font-weight: bold;">Ñìåíà ïàðîëÿ
</legend>
Ñòàðûé ïàðîëü:<br/><input type="password"
name="pass_old"
style="width:250px;"/><br/>
Íîâûé ïàðîëü:<br/><input type="password"
name="pass_new"
style="width:250px;"/><br/>
Íîâûé ïàðîëü (åùå ðàç):<br/><input type="password"
name="pass_new2"
style="width:250px;"/><br/>
<input class="btn" type="submit" name="pass_change"
value="Ñìåíèòü ïàðîëü"/>
</fieldset>
</form>
<form method="post">
<fieldset>
<legend>Àíêåòà</legend>
<div>
<table>
<tr>
<td><label for="name">Âàøå ðåàëüíîå èìÿ:</label></td>
<td><input id="name" name="name"
value="<?= htmlspecialchars($u->info['name']) ?>"
size="45" maxlength="90"/>
</td>
</tr>
<tr>
<td><label for="bday">Äåíü ðîæäåíèÿ:</label></td>
<td><input id="bday" type="date" disabled
value="<?= date(
'Y-m-d', strtotime($u->info['bithday'])
) ?>">
</td>
</tr>
<tr>
<td><label for="chatcolor">Öâåò ñîîáùåíèé â ÷àòå:</label>
</td>
<td>
<select id="chatcolor" name="ChatColor"
style="width:250px;">
<?php foreach ($allowedTextColors as $color): ?>
<option style="background-color: <?= $color ?>"
value="<?= $color ?>">&nbsp;
</option>
<?php endforeach; ?>
</select>
</td>
</tr>
</table>
<div style="clear: both; height: 20px;"></div>
<script>FORM1.ChatColor.value = "<?=$u->info['chatColor']?>";</script>
</div>
<br>
<form method="post">
<fieldset
style="border: 1px solid black;-webkit-border-radius: 10px;-moz-border-radius: 10px;border-radius: 10px; clear: both;">
<legend style="font-weight: bold;">Àíêåòà</legend>
<div class="left">
Âàøå ðåàëüíîå èìÿ:<br/><input name="name"
value="<?= $u->info['name'] ?>"
class="inup"
size="45"
maxlength="90"/><br/>
Ãîðîä:<br>
<input type="text"
value="<?= $u->info['city_real'] ?>"
name="city2" size="20" maxlength="40"
class="inup"/><br/>
Öâåò ñîîáùåíèé â ÷àòå:<br/>
<select name="ChatColor" class="inup"
style="width:250px;">
<option selected
style="background: #f2f0f0; color: black"
value=Black>×åðíûé
</option>
<option style="background: #f2f0f0; color: blue"
value=Blue>Ñèíèé
</option>
<option style="background: #f2f0f0; color: fuchsia"
value=Fuchsia>Ðîçîâûé
</option>
<option style="background: #f2f0f0; color: gray"
value=Gray>Ñåðûé
</option>
<option style="background: #f2f0f0; color: green"
value=Green>Çåëåíûé
</option>
<option style="background: #f2f0f0; color: maroon"
value=Maroon>Òåìíîêðàñíûé
</option>
<option style="background: #f2f0f0; color: navy"
value=Navy>Òåìíîñèíèé
</option>
<option style="background: #f2f0f0; color: olive"
value=Olive>Îëèâêîâûé
</option>
<option style="background: #f2f0f0; color: purple"
value=Purple>Ôèîëåòîâûé
</option>
<option style="background: #f2f0f0; color: teal"
value=Teal>Ìîðñêîé âîëíû
</option>
<option style="background: #f2f0f0; color: orange"
value=Orange>Îðàíæåâûé
</option>
<option style="background: #f2f0f0; color: chocolate"
value=Chocolate>Øîêîëàäíûé
</option>
<option style="background: #f2f0f0; color: darkkhaki"
value=DarkKhaki>Òåìíûé õàêè
</option>
<option style="background: #f2f0f0; color: sandybrown"
value=SandyBrown>Òåìíîïåñî÷íûé
</option>
<option style="background: #f2f0f0; color: #8700e4"
value="#8700e4">Ñèðåíåâûé
</option>
<?
if ($u->info['admin'] > 0) {
echo '<option
style="BACKGROUND: #f2f0f0; COLOR: red"
value="Red">Red</option>';
}
?>
</select>
<script language="javascript"
type="text/javascript">FORM1.ChatColor.value = "<?=$u->info['chatColor']?>";</script>
</div>
<div class="right">
<?
if ($u->info['icq'] == 0) {
$u->info['icq'] = '';
}
?>
ICQ:<br/><input type="text" name="icq"
style="width:250px;"
value="<?= $u->info['icq'] ?>"/><br/>
Skype:<br/><input type="text" name="skype"
style="width:250px;"
value="<?= $u->info['skype'] ?>"/><br/>
Âàðèàíò äèçàéíà:<br>
<label for="design"></label>
<select name="design" id="design">
<!--<option <?
if ($u->info['design'] == 0) {
echo 'selected="selected"';
} ?> value="0">Ñòàíäàðòíûé</option>-->
<option <?
if ($u->info['design'] == 1) {
echo 'selected="selected"';
} ?> value="1">Ðàñøèðåííûé (Ëîã áîÿ âî
âêëàäêå ÷àòà)
</option>
</select>
</div>
<br><textarea name="hobby" cols="60" rows="7"
style="width: 95%; height: 170px;"
class="inup"
placeholder="Íàïèøèòå î ñåáå..."><?= $u->info['hobby'] ?></textarea>
<br/>
Óâëå÷åíèÿ / õîááè <i>(îãðàíè÷åíèå <?= $maxsimbols ?>
ñèìâîëîâ è 300 ñòðîê)</i>
<br/>
<input name="saveanketa" type="submit" class="btn"
value="Ñîõðàíèòü"/>
</fieldset>
</form>
<!-- End of text --></TD>
<!--td width=15% valign=top><img src="encicl/images/new_ico.gif" width=86 height=89 border=0></td-->
</TR>
</TBODY>
</TABLE>
</TD>
</TR>
</TBODY></TABLE>
<td width="1" valign="top" bgcolor="#edd7ae"><img
src="https://new-combats.com/new/register/vesch_right.jpg" width="26"
height="423"/></td>
<textarea id="hobby" name="hobby" cols="60" rows="7"
placeholder="Íàïèøèòå î ñåáå...">
<?= htmlspecialchars($u->info['hobby']) ?>
</textarea>
<br>
<label for="hobby">
Óâëå÷åíèÿ / õîááè <i>(îãðàíè÷åíèå <?= $maxsimbols ?>
ñèìâîëîâ è 300 ñòðîê)</i>
</label>
<br>
<input name="saveanketa" type="submit" class="btn" value="Ñîõðàíèòü"/>
</fieldset>
</form>
</div>
<td width="1" valign="top" bgcolor="#edd7ae">
<img src="https://new-combats.com/new/register/vesch_right.jpg" width="26"
height="423"/>
</td>
</tr>
<tr>
<td colspan="3" valign="top"><img
src="https://new-combats.com/new/register/vesch_bot2.jpg" width="850"
height="34"/></td>
<td colspan="3" valign="top">
<img src="https://new-combats.com/new/register/vesch_bot2.jpg" width="850"
height="34"/>
</td>
</tr>
</table>
</td>
</tr>
</table>
</td>
<td width="1%" valign="top" background="https://new-combats.com/new/register/bgr2.jpg"><img
src="https://new-combats.com/new/register/topr.jpg" width="83" height="593"/><br/>
<img src="https://new-combats.com/new/register/right2.jpg" width="83" height="114"/></td>
<td width="1%" valign="top" background="https://new-combats.com/new/register/bgr2.jpg">
<img src="https://new-combats.com/new/register/topr.jpg" width="83" height="593"/><br/>
<img src="https://new-combats.com/new/register/right2.jpg" width="83" height="114"/>
</td>
<td width="39%" valign="top">
<table width="100%" border="0" cellspacing="0" cellpadding="0">
<tr>
@ -606,56 +269,59 @@ value="Red">Red</option>';
</tr>
<tr>
<td valign="top">&nbsp;</td>
<td colspan="3" valign="top"><img src="https://new-combats.com/new/register/bottom.jpg" width="1000"
height="163"/></td>
<td valign="top">&nbsp;</td>
</tr>
<tr>
<td valign="top">&nbsp;</td>
<td colspan="3" align="left" valign="top">
<table width="970" border="0" cellspacing="0" cellpadding="0">
<tr>
<td width="225" align="left" valign="top">&nbsp;</td>
<td width="546" align="center" valign="top">
<style>
A.copi {
font-family: Tahoma, Verdana, Arial, Helvetica, sans-serif;
font-size: 7pt;
color: #005348;
font-weight: bold;
text-decoration: none;
}
a.copi:link {
color: #005348;
font-weight: bold;
text-decoration: none;
}
A.copi:visited {
color: #005348;
font-weight: bold;
text-decoration: none;
}
A.copi:hover, A.copi:active {
color: #329700;
font-weight: bold;
text-decoration: none;
}
</style>
<br><span style="color:#EBD88B; font-family:'Philosopher', sans-serif;font-size: 18px;">Áîéöîâñêèé Êëóá &copy; 2013-2016</span>
</td>
<td width="199" align="right" valign="top"><img src="https://new-combats.com/new/register/pix.gif"
width="10" height="30"/><br/>
&nbsp;
</td>
</tr>
</table>
<td colspan="3" valign="top">
<img src="https://new-combats.com/new/register/bottom.jpg" width="1000" height="163"/>
</td>
<td valign="top">&nbsp;</td>
</tr>
</table>
<div class="footer"><?= Config::get('name') ?> &copy; 2013-<?= date('Y') ?></div>
<div style="display:none;"></div>
</body>
</html>
<script type="text/javascript">
function MM_preloadImages() { //v3.0
let d = document;
if (d.images) {
if (!d.MM_p) d.MM_p = [];
let i, j = d.MM_p.length, a = MM_preloadImages.arguments;
for (i = 0; i < a.length; i++)
if (a[i].indexOf("#") !== 0) {
d.MM_p[j] = new Image;
d.MM_p[j++].src = a[i];
}
}
}
function MM_swapImgRestore() { //v3.0
let i, x, a = document.MM_sr;
for (i = 0; a && i < a.length && (x = a[i]) && x.oSrc; i++) x.src = x.oSrc;
}
function MM_findObj(n, d) { //v4.01
let p, i, x;
if (!d) d = document;
if ((p = n.indexOf("?")) > 0 && parent.frames.length) {
d = parent.frames[n.substring(p + 1)].document;
n = n.substring(0, p);
}
if (!(x = d[n]) && d.all) x = d.all[n];
for (i = 0; !x && i < d.forms.length; i++) x = d.forms[i][n];
for (i = 0; !x && d.layers && i < d.layers.length; i++) x = MM_findObj(n, d.layers[i].document);
if (!x && d.getElementById) x = d.getElementById(n);
return x;
}
function MM_swapImage() { //v3.0
let i, j = 0, x, a = MM_swapImage.arguments;
document.MM_sr = [];
for (i = 0; i < (a < /dngth-2);i+=3)
if ((x = MM_findObj(a[i])) != null) {
document.MM_sr[j++] = x;
if (!x.oSrc) x.oSrc = x.src;
x.src = a[i + 2];
}
}
</script>
</html>