new-combats/game
3
0
Fork 0
Code Issues 23 Pull Requests Releases Wiki Activity

Merge remote-tracking branch 'origin/dev-chat' into dev

Browse Source 
# Conflicts:
#	online.php
This commit is contained in:
Ivor Barhansky
2023-02-13 21:13:01 +02:00
parent 395153f291 d9bf4b0bdc
commit b7003d0c63
6 changed files with 1556 additions and 1711 deletions
Download Patch File Download Diff File Expand all files Collapse all files
online.php
+80 -102
View File
@@ -17,6 +17,8 @@ $u = User::start();
$filter = new Filter();
$chat = new Chat();
$code = PassGen::intCode();
if (
!isset($u->info['id']) ||
$u->info['banned'] > 0 ||
@@ -69,10 +71,8 @@ $r = [
if ($u->info['battle'] > 0) {
$btl = mysql_fetch_array(
mysql_query('SELECT `id` FROM `battle` WHERE `id` = "' . $u->info['battle'] . '" AND `time_over` = 0 LIMIT 1')
);
if (!isset($btl['id'])) {
$btl = Db::getValue('select count(*) from battle where id = ? and time_over = 0', [$u->info['battle']]);
if (empty($btl)) {
$r['js'] .= 'top.frames["main"].location="main.php";';
}
}
@@ -92,103 +92,60 @@ if (isset($_POST['msg']) && str_replace(' ', '', $_POST['msg']) != '') {
if (strripos($x[$j], 'new-combats.com/info/')) {
$ulogin = explode('/info/', $x[$j]);
$ulogin = $ulogin[1];
$ulogin = mysql_fetch_array(
mysql_query(
'SELECT `login` FROM `users` WHERE `id` = "' . mysql_real_escape_string(
$ulogin
) . '" OR `login` = "' . mysql_real_escape_string($ulogin) . '" LIMIT 1'
)
);
if (isset($ulogin['login'])) {
$ulogin = htmlspecialchars($ulogin['login']);
$uname = '<font color=#831db7>&lt;Информация о &quot;' . $ulogin . '&quot;&gt;</font>';
$ulogin = Db::getValue('select login from users where id = ? or login = ?', [$ulogin, $ulogin]);
if (!empty($ulogin)) {
$uname = '<span style="color: #831db7; ">&lt;Информация о &quot;' . $ulogin . '&quot;&gt;</span>';
}
} elseif (strripos($x[$j], 'audio_1610649509.mp3')) { //ТУТ аудио
$uname = '<font color=#FF851B>&lt;Голосовое сообщение&gt;</font>';
$uname = '<span style="color: #FF851B; ">&lt;Голосовое сообщение&gt;</span>';
} elseif (strripos($x[$j], 'new-combats.com/item/')) {
$ulogin = explode('/item/', $x[$j]);
$ulogin = $ulogin[1];
$ulogin = mysql_fetch_array(
mysql_query(
'SELECT `name` FROM `items_main` WHERE `id` = "' . mysql_real_escape_string(
$ulogin
) . '" LIMIT 1'
)
);
if (isset($ulogin['name'])) {
$ulogin = htmlspecialchars($ulogin['name']);
$uname = '<font color=#5f9b00>&lt;Предмет &quot;' . $ulogin . '&quot;&gt;</font>';
$ulogin = Db::getValue('select name from items_main where id = ?', [$ulogin]);
if (isset($ulogin)) {
$uname = '<span style="color: #5f9b00; ">&lt;Предмет &quot;' . $ulogin . '&quot;&gt;</span>';
} else {
$uname = '<font color=#5f9b00>&lt;Библиотека предметов&gt;</font>';
$uname = '<span style="color: #5f9b00; ">&lt;Библиотека предметов&gt;</span>';
}
} elseif (strripos($x[$j], 'new-combats.com/news')) {
$ulogin = explode('/news', $x[$j]);
$ulogin = $ulogin[1];
$ulogin = ltrim($ulogin, '/');
$ulogin = mysql_fetch_array(
mysql_query(
'SELECT `title` FROM `events_news` WHERE `id` = "' . mysql_real_escape_string(
$ulogin
) . '" LIMIT 1'
)
);
if (isset($ulogin['title'])) {
$ulogin = htmlspecialchars($ulogin['title']);
$uname = '<font color=#b57300>&lt;Новость &quot;' . $ulogin . '&quot;&gt;</font>';
$ulogin = Db::getValue('select title from events_news where id = ?', [$ulogin]);
if (isset($ulogin)) {
$uname = '<span style="color: #b57300; ">&lt;Новость &quot;' . $ulogin . '&quot;&gt;</span>';
} else {
$uname = '<font color=#b57300>&lt;Новостная лента&gt;</font>';
$uname = '<span style="color: #b57300; ">&lt;Новостная лента&gt;</span>';
}
} elseif (strripos($x[$j], 'new-combats.com/lib')) {
$ulogin = explode('/lib', $x[$j]);
$ulogin = $ulogin[1];
$ulogin = ltrim($ulogin, '/');
$ulogin = rtrim($ulogin, '/');
$ulogin = mysql_fetch_array(
mysql_query(
'SELECT `title` FROM `library_content` WHERE `url_name` = "' . mysql_real_escape_string(
$ulogin
) . '" AND `moder` > 0 LIMIT 1'
)
);
if (isset($ulogin['title'])) {
$ulogin = htmlspecialchars($ulogin['title']);
$uname = '<font color=#4c6e00>&lt;Библиотека &quot;' . $ulogin . '&quot;&gt;</font>';
$ulogin = Db::getValue('select title from library_content where url_name = ? and moder > 0', [$ulogin]);
if (isset($ulogin)) {
$uname = '<span style="color: #4c6e00; ">&lt;Библиотека &quot;' . $ulogin . '&quot;&gt;</span>';
} else {
$uname = '<font color=#4c6e00>&lt;Библиотека&gt;</font>';
$uname = '<span style="color: #4c6e00; ">&lt;Библиотека&gt;</span>';
}
} elseif (strripos($x[$j], 'new-combats.com/forum')) {
$ulogin = explode('/forum?read=', $x[$j]);
$ulogin = $ulogin[1];
$ulogin = explode('&', $ulogin);
$ulogin = $ulogin[0];
//
$ulogin = mysql_fetch_array(
mysql_query(
'SELECT `title` FROM `forum_msg` WHERE `id` = "' . mysql_real_escape_string(
$ulogin
) . '" AND `delete` = 0 LIMIT 1'
)
);
if (isset($ulogin['title'])) {
$ulogin = htmlspecialchars($ulogin['title']);
$uname = '<font color=#0055b5>&lt;Форум &quot;' . $ulogin . '&quot;&gt;</font>';
$ulogin = Db::getValue('select title from forum_msg where id = ? and `delete` = 0', [$ulogin]);
if (isset($ulogin)) {
$uname = '<span style="color: #0055b5; ">&lt;Форум &quot;' . $ulogin . '&quot;&gt;</span>';
} else {
$ulogin = explode('/forum?r=', $x[$j]);
$ulogin = $ulogin[1];
$ulogin = explode('&', $ulogin);
$ulogin = $ulogin[0];
//
$ulogin = mysql_fetch_array(
mysql_query(
'SELECT `name` FROM `forum_menu` WHERE `id` = "' . mysql_real_escape_string(
$ulogin
) . '" LIMIT 1'
)
);
if (isset($ulogin['name'])) {
$uname = '<font color=#0055b5>&lt;Конференция форума &quot;' . $ulogin['name'] . '&quot;&gt;</font>';
$ulogin = Db::getValue('select name from forum_menu where id = ?', [$ulogin]);
if (isset($ulogin)) {
$uname = '<span style="color: #0055b5; ">&lt;Конференция форума &quot;' . $ulogin . '&quot;&gt;</span>';
} else {
$uname = '<font color=#0055b5>&lt;Форум проекта&gt;</font>';
$uname = '<span style="color: #0055b5; ">&lt;Форум проекта&gt;</span>';
}
}
}
@@ -197,10 +154,7 @@ if (isset($_POST['msg']) && str_replace(' ', '', $_POST['msg']) != '') {
"/(https:\\/\\/)?(new-combats+\\.com(([ \"'>\r\n\t])|(\\/([^ \"'>\r\n\t]*)?)))/",
$x[$j],
$ok
) ? str_replace(
$ok[2], "<small><a href=https://$ok[2] target=_blank ><i>" . $uname . "</i></a></small>",
str_replace("https://", "", $x[$j])
) . " " : $x[$j] . " ";
) ? str_replace($ok[2], "<small><a href=https://$ok[2] target=_blank ><i>" . $uname . "</i></a></small>", str_replace("https://", "", $x[$j])) . " " : $x[$j] . " ";
}
return $newbuf;
}
@@ -233,26 +187,15 @@ if (isset($_POST['msg']) && str_replace(' ', '', $_POST['msg']) != '') {
$_POST['msg'] = str_replace(' ', ' ', $_POST['msg']);
$smg = Db::getRow('select * from chat where login = ? and time > unix_timestamp() - 20 order by time desc limit 1', [$u->info['login']]);
$smg = mysql_fetch_array(
mysql_query(
'SELECT * FROM `chat` WHERE `login` = "' . $u->info['login'] . '" AND `time` > ' . (time(
) - 20) . ' ORDER BY `time` DESC LIMIT 1'
)
);
if ($u->info['exp'] < 499999999) {
$lmg = mysql_fetch_array(
mysql_query(
'SELECT COUNT(`id`) FROM `chat` WHERE `login` = "' . $u->info['login'] . '" AND `time` > ' . (time(
) - 5) . ' LIMIT 2'
)
);
$lmg = Db::getValue('select count(id) from chat where login = ? and time = unix_timestamp() - 5 limit 2', [$u->info['login']]);
} else {
$lmg[0] = 0;
$lmg = 0;
}
$testsmg = ' ' . $_POST['msg'] . ' ';
if ($testsmg == $smg['text'] && $u->info['exp'] > 100000) {
if ($u->info['molch1'] < time()) {
//Молчанка за флуд на 5 минут
@@ -260,13 +203,12 @@ if (isset($_POST['msg']) && str_replace(' ', '', $_POST['msg']) != '') {
$r['js'] .= 'chat.sendMsg(["new","' . time(
) . '","6","","' . $u->info['login'] . '","<small>Вы наказаны за спам на 20 минут </small>","Black","1","1","0"]);';
mysql_query(
'UPDATE `users` SET `molch1` = "' . $u->info['molch1'] . '" WHERE `id` = "' . $u->info['id'] . '" LIMIT 1'
);
mysql_query("UPDATE `chat` SET `delete` = 1 WHERE `login` = '" . $u->info['login'] . "' LIMIT 1000");
Db::sql('update users set molch1 = ? where id = ?', [$u->info['molch1'], $u->info['id']]);
Db::sql('update chat set `delete` = 1 where login = ?', [$u->info['login']]);
$_POST['msg'] = 'Я спамер ' . $u->info['login'] . ' и меня нужно заблокировать https://new-combats.com/info/' . $u->info['id'] . '';
$training_manager = TrainingManager::getInstance();
$training_manager->addPoint('chat_first_quest');
if(preg_match("/to\[(.*?)\]/", $_POST['msg'])) {
@@ -292,7 +234,7 @@ if (isset($_POST['msg']) && str_replace(' ', '', $_POST['msg']) != '') {
$cmsg->setColor('#000');
$chat->sendMsg($cmsg);
}
} elseif ($lmg[0] > 0) {
} elseif ($lmg > 0) {
$r['js'] .= 'chat.sendMsg(["new","' . time(
) . '","6","","' . $u->info['login'] . '","<small>Вы не можете отправлять так часто сообщения... </small>","Black","1","1","0"]);';
if ($u->info['molch1'] < time()) {
@@ -585,20 +527,56 @@ if (isset($_POST['msg']) && str_replace(' ', '', $_POST['msg']) != '') {
//Получаем список онлайн
if ($_GET['r1'] != 0) {
$sp = mysql_query(
'SELECT `u`.`pass`,`u`.`sex`,`s`.`dnow`,`u`.`timeMain`,`s`.`bot`,`s`.`atack`,`u`.`afk`,`u`.`dnd`,`u`.`banned`,`u`.`molch1`,`u`.`room`,`u`.`id`,`u`.`city`,`u`.`cityreg`,`u`.`online`,`u`.`align`,`u`.`clan`,`u`.`login`,`u`.`level`,`u`.`inTurnir`,`u`.`battle`,`u`.`invis`,`u`.`inUser`,`s`.`x`,`s`.`y` FROM `users` AS `u` LEFT JOIN `stats` AS `s` ON `s`.`id` = `u`.`id` WHERE ((`u`.`room` = "' . $u->info['room'] . '" AND "' . mysql_real_escape_string(
(int)$_GET['r3']
) . '" != "1") OR ("' . mysql_real_escape_string(
(int)$_GET['r3']
) . '" = "1" AND `pass` NOT LIKE "%saint%")) AND `mail`!="No E-mail" AND `room` != "303" ORDER BY `u`.`inUser` DESC,`u`.`online` DESC,`u`.`login` DESC LIMIT 1000'
);
// $_GET['r3'] передаётся из onlineList.js как переключатель "все пользователи\пользователи в комнате".
define('BOT_ROOM', 303);
$ar_id = 0;
$ar_lvl = 0;
$ar_all = '0';
$usl = [];
$cw = [];
$usid = [];
while ($pl = mysql_fetch_array($sp)) {
$onlineListQuery = 'select
users.id, pass, sex, dnow, timeMain, bot, atack, afk, dnd, banned, molch1,
room, city, cityreg, online, align, clan, login, level, inTurnir, battle, invis, inUser, x, y
from users left join stats on users.id = stats.id
where
(
(room = ? and ' . (int)$_GET['r3'] . ' != 1) or
(' . (int)$_GET['r3'] . ' = 1 and pass not like ?)
) and
mail != ? and
room != ?
order by inUser desc, online desc, login desc';
$sp = Db::getRows($onlineListQuery, [$u->info['room'], '%saint%', '', BOT_ROOM]);
foreach ($sp as $pl) {
// }
//
// $sp = mysql_query(
// 'SELECT
// `u`.`pass`,
// `u`.`sex`,
// `s`.`dnow`,
// `u`.`timeMain`,
// `s`.`bot`,`s`.`atack`,`u`.`afk`,`u`.`dnd`,`u`.`banned`,`u`.`molch1`,`u`.`room`,`u`.`id`,`u`.`city`,`u`.`cityreg`,`u`.`online`,`u`.`align`,
// `u`.`clan`,`u`.`login`,`u`.`level`,`u`.`inTurnir`,`u`.`battle`,`u`.`invis`,`u`.`inUser`,`s`.`x`,`s`.`y`
//FROM
//`users` AS `u`
// LEFT JOIN `stats` AS `s` ON `s`.`id` = `u`.`id`
//WHERE (
// (`u`.`room` = "' . $u->info['room'] . '" AND "' . mysql_real_escape_string((int)$_GET['r3']) . '" != "1") OR
// ("' . mysql_real_escape_string((int)$_GET['r3']) . '" = "1" AND `pass` NOT LIKE "%saint%")) AND
// `mail`!="No E-mail" AND
// `room` != "303"
// ORDER BY `u`.`inUser` DESC,`u`.`online` DESC,`u`.`login` DESC LIMIT 1000'
// );
// $ar_id = 0;
// $ar_lvl = 0;
// $ar_all = '0';
// $usl = [];
// $cw = [];
// $usid = [];
// while ($pl = mysql_fetch_array($sp)) {
$ysee = 1;
if ($pl['inUser'] > 0) {
if ($pl['inTurnir'] == 0) {