Merge pull request 'dev-cookie-to-id' (#37) from dev-cookie-to-id into dev

Reviewed-on: new-combats.com/game#37
This commit is contained in:
Ivor Barhansky 2023-01-12 03:41:11 +00:00
commit d9ec810f7f
12 changed files with 196 additions and 240 deletions

View File

@ -66,7 +66,7 @@ class User
'emeraldscity' => 6,
'suncity' => 7,
'dreamscity' => 8,
'devilscity' => 10
'devilscity' => 10,
];
public array $city_name = [
'emeraldscity' => 'Emeralds city',
@ -92,7 +92,7 @@ class User
'suncity' => 'Sun City',
'devilscity' => 'Devils City',
];
public array $is = [
public array $is = [ // не играть с кавычками! эти строчки уходят в яваскрипт и всё ломают!
'acestar' => 'Следующий каст будет критическим',
'spasenie' => 'Спасение после смерти',
'more_awards' => 'Повышеная награда %',
@ -101,8 +101,8 @@ class User
'nopryh' => 'Прямое поподание',
'puti' => 'Запрет перемещения',
'align' => 'Склонность',
'hpAll' => '<strong style="color: darkgreen">Уровень жизни (HP)</strong>',
'mpAll' => '<strong style="color: blue">Уровень маны (МP)</strong>',
'hpAll' => "Уровень жизни (HP)",
'mpAll' => "Уровень маны (МP)",
'enAll' => 'Уровень энергии',
'sex' => 'Пол',
'lvl' => 'Уровень',
@ -1879,8 +1879,27 @@ FROM `items_users` AS `iu` LEFT JOIN `items_main` AS `im` ON (`im`.`id` = `iu`.`
private function __construct()
{
$this->info = Db::getRow(
'select
if (!empty($_SESSION['uid'])) {
$user = Db::getRow(
'select
*,
users.id as id,
users.level as level,
users.align as align,
users.sex as sex,
users.clan as clan,
stats.timeGo as timeGo,
users.name as name,
stats.lider as lider
from users
left join stats on users.id = stats.id
left join room on users.room = room.id
where users.id = ?',
[$_SESSION['uid']]
);
} else {
$user = Db::getRow(
'select
*,
users.id as id,
users.level as level,
@ -1894,8 +1913,14 @@ FROM `items_users` AS `iu` LEFT JOIN `items_main` AS `im` ON (`im`.`id` = `iu`.`
left join stats on users.id = stats.id
left join room on users.room = room.id
where login = ?',
[$_COOKIE['login']]
);
[$_COOKIE['login']]
);
}
if (!empty($user) && is_array($user)) {
$this->info = $user;
}
unset($user);
Database::init(); // для всяких mysql_*
@ -1916,20 +1941,20 @@ FROM `items_users` AS `iu` LEFT JOIN `items_main` AS `im` ON (`im`.`id` = `iu`.`
setcookie('btl', $this->info['battle'], time() + 86400);
}
if (!isset($this->info['id'])) {
$this->info = Db::getRow('select * from users where login = ?', [$_COOKIE['login']]);
if ($this->info['dateEnter'] != $_SERVER['HTTP_USER_AGENT']) {
unset($this->info);
}
$this->btl_txt = $this->info['battle_text'];
if (!isset($this->info['id'])) {
unset($this->info);
setcookie('login', '', time() - 60 * 60 * 24, '', Core\Config::get('host'));
} else {
echo 'stats is lost.';
}
}
// if (!isset($this->info['id'])) {
// $this->info = Db::getRow('select * from users where login = ?', [$_COOKIE['login']]);
//
// if ($this->info['dateEnter'] != $_SERVER['HTTP_USER_AGENT']) {
// unset($this->info);
// }
// $this->btl_txt = $this->info['battle_text'];
// if (!isset($this->info['id'])) {
// unset($this->info);
// setcookie('login', '', time() - 60 * 60 * 24, '', Core\Config::get('host'));
// } else {
// echo 'stats is lost.';
// }
// }
if (isset($this->info['id'])) {
if ($this->info['invis'] == 1 || $this->info['invis'] > time()) {
@ -9073,40 +9098,23 @@ LIMIT 1'
}
}
public function snatItem(int $id, int $uid): int
public function snatItem(?int $id, int $uid = 0): int
{
if ($uid != 0) {
$au = 'AND `iu`.`uid`="' . $uid . '"';
} else {
$au = '';
}
$itm = mysql_fetch_array(
$cl = mysql_query(
'SELECT
`im`.`id`,`im`.`name`,`im`.`img`,`im`.`type`,`im`.`inslot`,`im`.`2h`,`im`.`2too`,`im`.`iznosMAXi`,`im`.`inRazdel`,`im`.`price1`,`im`.`price2`,`im`.`pricerep`,`im`.`magic_chance`,`im`.`info`,`im`.`massa`,`im`.`level`,`im`.`magic_inci`,`im`.`overTypei`,`im`.`group`,`im`.`group_max`,`im`.`geni`,`im`.`ts`,`im`.`srok`,`im`.`class`,`im`.`class_point`,`im`.`anti_class`,`im`.`anti_class_point`,`im`.`max_text`,`im`.`useInBattle`,`im`.`lbtl`,`im`.`lvl_itm`,`im`.`lvl_exp`,`im`.`lvl_aexp`,
`iu`.`id`,`iu`.`item_id`,`iu`.`1price`,`iu`.`2price`,`iu`.`uid`,`iu`.`use_text`,`iu`.`data`,`iu`.`inOdet`,`iu`.`inShop`,`iu`.`delete`,`iu`.`iznosNOW`,`iu`.`iznosMAX`,`iu`.`gift`,`iu`.`gtxt1`,`iu`.`gtxt2`,`iu`.`kolvo`,`iu`.`geniration`,`iu`.`magic_inc`,`iu`.`maidin`,`iu`.`lastUPD`,`iu`.`timeOver`,`iu`.`overType`,`iu`.`secret_id`,`iu`.`time_create`,`iu`.`time_sleep`,`iu`.`inGroup`,`iu`.`dn_delete`,`iu`.`inTransfer`,`iu`.`post_delivery`,`iu`.`lbtl_`,`iu`.`bexp`,`iu`.`so`,`iu`.`blvl`
FROM `items_users` AS `iu` LEFT JOIN `items_main` AS `im` ON (`im`.`id` = `iu`.`item_id`) WHERE `iu`.`id`="' . $id . '" AND `iu`.`inOdet`!="0" ' . $au . ' AND `iu`.`delete`="0" LIMIT 1 FOR UPDATE'
)
);
if (isset($itm['id'])) {
$upd = mysql_query(
'UPDATE `items_users` SET `lastUPD`="' . time(
) . '",`inOdet`="0" WHERE `id`="' . $itm['id'] . '" LIMIT 1'
);
if ($upd) {
if (isset($_GET['remitem']) || isset($_GET['sid'])) {
$this->info['autospell'] = 1;
mysql_query(
'UPDATE `users` SET `autospell` = "1" WHERE `id` = "' . $this->info['id'] . '" LIMIT 1'
);
}
return 1;
} else {
return 0;
}
} else {
if (empty($id)) {
return 0;
}
$au = "select count(*) from items_users where id = $id and inOdet != 0 and `delete` = 0";
$au .= $uid > 0 ? " and uid = $uid" : '';
$itm = Db::getValue($au);
if (empty($itm)) {
return 0;
}
Db::sql('update items_users set lastUPD = unix_timestamp(), inOdet = 0 where id = ?', [$id]);
if (isset($_GET['remitem']) || isset($_GET['sid'])) {
$this->info['autospell'] = 1;
Db::sql('update users set autospell = 1 where id = ?', [$this->info['id']]);
}
return 1;
}
public function snatItemAll(int $uid): int
@ -9460,6 +9468,7 @@ LIMIT 1'
if ($inSlot == 3 || $inSlot == 14) {
//Проверяем есть-ли двуручное оружие
//И естественно снимаем его, даже если руки пусты, отправляя туда NULL и ломая игру. Сука!
if ($this->stats['items'][$this->stats['wp3id']]['2h'] == 1 || $this->stats['items'][$this->stats['wp14id']]['2h'] == 1 || $itm['2h'] == 1) {
$this->snatItem($this->stats['items'][$this->stats['wp3id']]['id'], $uid);
$this->snatItem($this->stats['items'][$this->stats['wp14id']]['id'], $uid);

View File

@ -5,6 +5,7 @@ namespace User;
use Core\Config;
use Core\Db;
use Core\Mail;
use PassGen;
use UserIp;
class Confirmation
@ -78,6 +79,17 @@ class Confirmation
);
}
public static function userRegistrationCodeByEmail(string $email, string $login)
{
$code = PassGen::intCode(4);
Db::sql('insert into secure_code (email, code, time) values (?,?,unix_timestamp())', [$email, $code]);
Mail::send(
$email,
'Секретный Код: ' . $code,
'Код подтверждения регистрации персонажа ' . $login
);
}
public static function byCode(int $uid, int $code): string
{
$status = '';
@ -117,4 +129,4 @@ class Confirmation
}
return $status;
}
}
}

View File

@ -6,9 +6,6 @@ use Core\Db;
class UserRegister
{
private string $error = '';
private string $login = '';
private string $email = '';
private string $password = '';
private int $class = 0;
private array $classBonuses = [
1 => [
@ -67,8 +64,8 @@ class UserRegister
public function hasMixedLatCur(string $txt): bool
{
$en = preg_match("/^(([0-9A-z -])+)$/i", $txt);
$ru = preg_match("/^(([0-9А-я _-])+)$/i", $txt);
$en = preg_match("/^(([0-9A-z -])+)$/iu", $txt);
$ru = preg_match("/^([а-яёіїє\s\d]*)$/iu", $txt);
return ($ru && $en) || (!$ru && !$en);
}
@ -79,10 +76,10 @@ class UserRegister
//Бывшие в употреблении логины. Дичь, но ладно.
$wasRegistered = Db::getValue('select count(*) from lastnames where login = ?', [$login]);
$login = str_replace(' ', ' ', $login);
if (strlen($login) > 20) {
if (mb_strlen($login) > 20) {
$this->error = 'Логин должен содержать не более 20 символов.';
}
if (strlen($login) < 4) {
if (mb_strlen($login) < 4) {
$this->error = 'Логин должен содержать не менее 4 символов.';
}
if ($this->hasMixedLatCur($login)) {
@ -145,6 +142,9 @@ class UserRegister
if (!$this->hasGoodLogin($login)) { //fixme: грязный хак, но лучше не придумывается с этой пошаговостью.
return 0;
}
if ($email === 'dnf123123@gmail.com') {
$login = 'Пачкуале Пестрини';
}
$this->class = $class;
$ip = UserIp::get();
$sex -= 10; //На входе 10\11, а передать надо 0\1.
@ -153,37 +153,37 @@ class UserRegister
(`real`,login,host_reg,pass,ip,ipreg,room,timereg,mail,bithday,sex,fnq,molch2,level,clan_zv,money,online)
values (1,?,?,?,?,?,9,unix_timestamp(),?,?,?,0,unix_timestamp() + 86400,8,0,200,unix_timestamp())',
[
$this->login,
$login,
$ref ?? '',
$this->password,
password_hash($password, PASSWORD_DEFAULT),
$ip,
$ip,
$this->email,
$email,
date('d.m.Y', strtotime($birthday)),
$sex,
]
);
$uid = Db::lastInsertId();
$this->login = $login;
$this->setCookies();
$this->setStatsItemsEffects();
trigger_error('Db::lastInsertId= ' .$uid);
$_SESSION['uid'] = $uid;
$this->setCookies($login);
$this->setStatsItemsEffects($uid);
User::setOnline($uid);
Db::sql('insert into online (uid, timeStart) values (?,unix_timestamp())', [$uid]);
return $uid;
}
private function setCookies()
private function setCookies($login)
{
setcookie('login', 1, 1, '/', Config::get('host'), true);
setcookie('registrationModal', 1, 1, '/', Config::get('host'), true);
setcookie('login', $this->login, strtotime('+7 days'), '/', Config::get('host'), true);
setcookie('login', $login, strtotime('+7 days'), '/', Config::get('host'), true);
setcookie('registrationModal', 'true', strtotime('+7 days'), '/', Config::get('host'), true);
}
private function setStatsItemsEffects()
private function setStatsItemsEffects($uid)
{
$u = User::start();
$uid = (int)Db::lastInsertId();
if ($_SESSION['ref'] === 1) {
$this->classBonuses[$this->class]['items'][] = 4811;
}
@ -206,7 +206,7 @@ class UserRegister
);
}
$this->addEffects($uid, $this->classBonuses[$this->class]['effects']);
$this->addEffects($uid, implode(',',$this->classBonuses[$this->class]['effects']));
}

View File

@ -1,13 +1,22 @@
<?php
const GAME = true;
use Core\Config;
use Core\Database;
if (!defined('GAME_VERSION')) {
require_once '_incl_data/autoload.php';
}
function er($e)
{
global $c;
exit('<html><head><meta name="msapplication-config" content="browserconfig.xml"><meta http-equiv="Content-Language" content="ru"><TITLE>Произошла ошибка</TITLE></HEAD><BODY text="#FFFFFF"><p><font color=black>Произошла ошибка: <pre>' . $e . '</pre><b><p><a href="https://' . $c[0] . '/">Назад</b></a><HR><p align="right">(c) <a href="https://' . $c[0] . '/">' . $c[1] . '</a></p></body></html>');
}
include_once('_incl_data/__config.php');
include_once('_incl_data/class/__db_connect.php');
Config::init();
Database::init();
define('IP', UserIp::get());
$u = User::start();
$filter = new Filter();
@ -24,9 +33,7 @@ if ($u->info['joinIP'] == 1 && $u->info['ip'] != IP) {
er('#Пожалуйста авторизируйтесь с главной страницы');
} elseif (isset($_GET['exit'])) {
setcookie('login', '', time() - 60 * 60 * 24 * 30, '', $c['host']);
setcookie('pass', '', time() - 60 * 60 * 24 * 30, '', $c['host']);
setcookie('login', '', time() - 60 * 60 * 24 * 30);
setcookie('pass', '', time() - 60 * 60 * 24 * 30);
mysql_query('UPDATE `users` SET `online` = ' . (time() - 420) . ' WHERE `id` = ' . $u->info['id']); //520
die('<script>top.location = "https://' . $c['host'] . '/";</script>');
} elseif (!isset($u->info['id'])) {
@ -62,12 +69,12 @@ $u->stats = $u->getStats($u->info['id'], 0);
<script src="https://html5shiv.googlecode.com/svn/trunk/html5.js"></script>
<![endif]-->
<script>
var des = 1;
var c = {
let des = 1;
let c = {
noEr: 0,
noErTmr: 0,
url: '<?=$c['host']?>',
img: 'img.new-combats.com',
url: '<?= Config::get('host') ?>',
img: '<?= Config::get('img') ?>',
uid: <?=(0 + $u->info['id'])?>,
login: '<?=$u->info['login']?>',
city: '<?=$u->info['city']?>',
@ -84,14 +91,14 @@ $u->stats = $u->getStats($u->info['id'], 0);
}, sd4key = "<?=$u->info['nextAct']?>", lafstReg = {}, enterUse = 0;
function ctest(city) {
if (city != c['city']) {
if (city !== c['city']) {
top.location = '/bk';
}
}
function testKey(event) {
if (event.keyCode == 10 || event.keyCode == 13) {
if (top.enterUse == 0) {
if (event.keyCode === 10 || event.keyCode === 13) {
if (top.enterUse === 0) {
chat.subSend();
top.enterUse = 1;
setTimeout('top.enterUse = 0', 1000);
@ -107,10 +114,10 @@ $u->stats = $u->getStats($u->info['id'], 0);
$(window).error(function () {
return true;
});
var iusrno = {};
let iusrno = {};
function ignoreUser(u) {
if (iusrno[u] == undefined || iusrno[u] == 0) {
if (iusrno[u] === undefined || iusrno[u] === 0) {
$('#main').attr({'src': 'main.php?friends=1&ignore=' + u + ''});
} else {
$('#main').attr({'src': 'main.php?friends=1&ignore=' + u + ''});
@ -137,7 +144,7 @@ $u->stats = $u->getStats($u->info['id'], 0);
if (!isset($_COOKIE['d1c'])) {
$detect = new MobileDetect;
$deviceType = ($detect->isMobile() ? ($detect->isTablet() ? 'tablet' : 'phone') : 'computer');
$deviceType = $detect->isMobile() ? $detect->isTablet() ? 'tablet' : 'phone' : 'computer';
$_COOKIE['d1c'] = $deviceType;
setcookie('d1c', $deviceType, (time() + 86400));
} else {
@ -147,7 +154,7 @@ $u->stats = $u->getStats($u->info['id'], 0);
if ($deviceType == 'tablet' || $deviceType == 'phone') {
echo '<script type="text/javascript" src="js/jquery.nicescroll.js"></script>';
?>
<style type="text/css">
<style>
#touchmain {
padding: 0;
border: 0;
@ -167,7 +174,7 @@ $u->stats = $u->getStats($u->info['id'], 0);
<link href="./js/trainingModals/registration/trainingModalStyles.css" rel="stylesheet" type="text/css"/>
<style type="text/css">
<style>
/* Additional classes examples */
.woman a {
color: #C33;
@ -1305,4 +1312,4 @@ $u->stats = $u->getStats($u->info['id'], 0);
</body>
</html>
<?php
unset($db);
unset($db);

View File

@ -119,22 +119,6 @@ $u = Db::getRow(
);
$auth = Db::getValue('select id from logs_auth where uid = ? and ip = ?', [$u['id'], IP]);
if (
Config::get('securetime') > 0 &&
IP != $u['ip'] &&
IP != $u['ipreg'] &&
!isset($auth) &&
$u['securetime'] < Config::get('securetime') &&
$u['timereg'] < Config::get('securetime')
) {
error(
'Вы не можете войти на персонажа "' . $_POST['login'] . '".<br>
Скорее всего вы давно не меняли пароль.
Для смены перейдите по ссылке: <a href="/repass.php?login=' . $u['login'] . '">СМЕНА ПАРОЛЯ</a><br><br>
Вам необходимо сменить пароль для безопасности персонажа,
на почту по которой зарегистрирован персонаж придет новый случайно сгенерированный пароль.'
);
}
if (!isset($u['id'])) {
error('Логин "' . $_POST['login'] . '" не найден в базе.');
@ -145,8 +129,8 @@ if (!isset($u['id'])) {
} elseif (!checkPassword($_POST['pass'], $u['pass'], $u['login'])) {
error("Неверный пароль к персонажу {$u['login']}.");
Db::sql(
'insert into logs_auth (uid, ip, browser, type, time, depass) values (?,?,?,3,unix_timestamp(),?)',
[$u['id'], IP, $_SERVER['HTTP_USER_AGENT'], $_POST['pass']]
'insert into logs_auth (uid, ip, browser, type, time) values (?,?,?,3,unix_timestamp())',
[$u['id'], IP, $_SERVER['HTTP_USER_AGENT']]
);
} else {
@ -164,7 +148,6 @@ if (!isset($u['id'])) {
$koko = 'Неверный второй пароль<br>';
}
setcookie('login', '', time() - 60 * 60 * 24, '', Config::get('host'));
setcookie('pass', '', time() - 60 * 60 * 24, '', Config::get('host'));
}
if ($koko) {
@ -318,33 +301,15 @@ if (!isset($u['id'])) {
}
if (idate('d') === 13) {
Db::sql('delete from eff_users where id_eff = 365 and uid = ?', [$u['id']]);
Db::sql(
'insert into eff_users (id_eff, uid, name, data, overType, timeUse, no_Ace) values (365,?,?,?,47,unix_timestamp(),1)',
[
$u['id'],
'День Рождения Клуба',
'add_speedhp=500|add_speedmp=500|add_speed_dungeon=50|add_repair_discount=1|',
]
);
$chat->send(
'', $u['room'], $u['city'], '', $u['login'],
'В честь дня рождения проекта вы получаете эффект &quot;День Рождения Клуба&quot;!(Эффект обновляется каждый раз когда вы заходите на персонажа)',
time(), 6, 0, 0, 0, 1
);
}
if (isset($_COOKIE['ip']) && $_COOKIE['ip'] != IP) {
Db::sql(
'insert into logs_auth (uid, ip, browser, type, time, depass) VALUES (?,?,?,1,unix_timestamp(),?)',
[$u['id'], $_COOKIE['ip'], $_SERVER['HTTP_USER_AGENT'], md5($_POST['pass'])]
'insert into logs_auth (uid, ip, browser, type, time) VALUES (?,?,?,1,unix_timestamp())',
[$u['id'], $_COOKIE['ip'], $_SERVER['HTTP_USER_AGENT']]
);
}
setcookie('login', $_POST['login'], time() + 60 * 60 * 24 * 7, '', Config::get('host'));
setcookie('pass', $u['pass'], time() + 60 * 60 * 24 * 7, '', Config::get('host'));
setcookie('ip', IP, time() + 60 * 60 * 24 * 150, '');
if ($u['online'] < time() - 520) {
@ -396,18 +361,16 @@ if (!isset($u['id'])) {
}
mysql_query(
"INSERT INTO `logs_auth` (`uid`,`ip`,`browser`,`type`,`time`,`depass`) VALUES ('" . $u['id'] . "','" . IP . "','" .
$_SERVER['HTTP_USER_AGENT'] . "','0','" . time() . "','" . mysql_real_escape_string(md5($_POST['pass'])) . "')"
);
Db::sql('insert into logs_auth (uid, ip, browser, time) values (?,?,?,unix_timestamp())', [
$u['id'], IP, $_SERVER['HTTP_USER_AGENT']
]);
mysql_query(
"UPDATE `users` SET " . $apu . "`ip`='" . $ipnew . "',`dateEnter`='" . $_SERVER['HTTP_USER_AGENT'] .
"',`online`='" . time() . "' WHERE `login` = '" . mysql_real_escape_string($_POST['login']) .
"' AND `pass` = '" . mysql_real_escape_string(md5($_POST['pass'])) . "' LIMIT 1"
"',`online`='" . time() . "' WHERE `id` = " . $u['id']
);
$_SESSION['uid'] = $u['id'];
header('location: /bk');
}

View File

@ -1,5 +1,6 @@
<?php
use Core\Config;
use Core\Database;
use Core\Db;
@ -7,7 +8,7 @@ if (!defined('GAME_VERSION')) {
require_once '_incl_data/autoload.php';
}
Config::init();
Database::init();
if (isset($_COOKIE['login'])) {
@ -98,7 +99,9 @@ $rt = [
/* Предмет */
$itm = Db::getRow('select * from items_main where id = ?', [$_GET['id']]);
if (empty($itm)) {
$itm = [];
}
function timeOut($ttm)
{
@ -167,19 +170,12 @@ function lookStats($m)
return $ist;
}
if (!isset($itm['id'])) {
$itd = mysql_fetch_array(
mysql_query('SELECT * FROM `items_main_data` WHERE `items_id` = ' . mysql_real_escape_string($_GET['id']))
);
if (!isset($itd['id'])) {
$itd = [];
} else {
$itd = lookStats($itd['data']);
}
if (empty($itm['id']) && !empty($_GET['id'])) {
$data = Db::getValue('select data from items_main_data where items_id = ?', [$_GET['id']]);
} else {
$itd = mysql_fetch_array(mysql_query('SELECT * FROM `items_main_data` WHERE `items_id` = ' . $itm['id']));
$itd = lookStats($itd['data']) ?? '';
$data = Db::getValue('select data from items_main_data where items_id = ?', [$itm['id']]);
}
$itd = !empty($data) ? lookStats($data) : [];
$items = [
'tr' => ['lvl', 's1', 's2', 's3', 's4', 's5', 's6', 's7', 's8', 's9', 's10', 'a1', 'a2', 'a3', 'a4', 'a5', 'a6', 'a7', 'mg1', 'mg2', 'mg3', 'mg4', 'mg5', 'mg6', 'mg7', 'mall', 'm2all', 'aall'],

View File

@ -134,7 +134,7 @@ if (!isset($user) || $user['id'] != $u->info['id']) {
$inf = mysql_fetch_array(mysql_query('SELECT * FROM `items_main` WHERE `id` = "' . $idve . '" LIMIT 1'));
$titm = mysql_query(
'INSERT INTO `actions` (`uid`,`time`,`city`,`room`,`vars`,`ip`,`vals`) VALUES ("' . $user['id'] . '","' . time(
) . '","' . loto . '","' . $user['room'] . '","' . $idve . '","' . mysql_real_escape_string(
) . '","' . $user['city'] . '","' . $user['room'] . '","' . $idve . '","' . mysql_real_escape_string(
$_SERVER['HTTP_X_REAL_IP']
) . '","loto")'
);

View File

@ -264,47 +264,6 @@ if (isset($_GET['atak_user']) && $u->info['battle'] == 0 && $_GET['atak_user'] !
if ($ul == 1) {
$act = 1;
}
if ($u->info['repass'] > 0) {
define('IP', UserIp::get());
if (isset($_POST['renpass']) && $_POST['renpass'] == $_POST['renpass2'] && md5(
$_POST['renpass']
) != $u->info['pass']) {
if ($u->info['ip'] == IP) {
$u->info['pass'] = md5($_POST['renpass']);
setcookie('pass', $u->info['pass'], time() + 30 * 60 * 60 * 24, '', 'new-combats.com');
mysql_query(
'UPDATE `users` SET `pass` = "' . mysql_real_escape_string(
$u->info['pass']
) . '",`repass` = "0",`type_pers` = "0",`bot_room` = "0" WHERE `id` = "' . $u->info['id'] . '" LIMIT 1'
);
mysql_query('UPDATE `stats` SET `bot` = "0" WHERE `id` = "' . $u->info['id'] . '" LIMIT 1');
} else {
die('<font color="red"><b>Внимание!</b> Смена пароля привязана к ip %' . $u->info['ip'] . '.<br>Для восстановления контроля войдите с данного IP, либо обратитесь к Администрации проекта через нового персонажа. Приносим извинения за неудобства!</font>');
}
} else {
if (isset($_POST['renpass'])) {
if ($u->info['pass'] == md5($_POST['renpass'])) {
echo '<font color="red"><b>Внимание!</b>Ваш новый пароль должен различаться со старым.</font>';
} elseif ($_POST['renpass'] != $_POST['renpass2']) {
echo '<font color="red"><b>Внимание!</b>Пароли не совпадают.</font>';
}
}
die(
'<br><br><br><font color="red"><b>Смените пожалуйста пароль от персонажа!</b><br>Данная смена проходит, если пароль не менялся более 2 месяцев.</font><br><br><hr>
<form action="main.php" method="post">
<fieldset>
<legend><b>Сменить пароль</b></legend>
<table>
<tr><td align=right>Новый пароль:</td><td><input type=password name="renpass"></td></tr>
<tr><td align=right>Новый пароль (еще раз):</td><td><input type=password name="renpass2"></td></tr>
<tr><td align=right><input type=submit value="Сменить пароль" name="changepsw"></td><td></td></tr>
</table>
</fieldset>
</font>'
);
}
}
/*-----------------------*/
if ($u->info['battle'] == 0) {
@ -334,23 +293,23 @@ if (isset($btl_last['id']) && $u->info['battle'] == 0) {
if (!isset($u->tfer['id']) && $u->room['block_all'] == 0) {
//Одеть/снять предмет
if (isset($_GET['rstv']) && isset($_GET['inv'])) {
$act = $u->freeStatsMod($_GET['rstv'], $_GET['mf'], $u->info['id']);
$u->freeStatsMod($_GET['rstv'], $_GET['mf'], $u->info['id']);
} elseif (isset($_GET['ufs2']) && isset($_GET['inv'])) {
$act = $u->freeStats2Item($_GET['itmid'], $_GET['ufs2'], $u->info['id'], 1);
$u->freeStats2Item($_GET['itmid'], $_GET['ufs2'], $u->info['id'], 1);
} elseif (isset($_GET['ufs2mf']) && isset($_GET['inv'])) {
$act = $u->freeStats2Item($_GET['itmid'], $_GET['ufs2mf'], $u->info['id'], 2);
$u->freeStats2Item($_GET['itmid'], $_GET['ufs2mf'], $u->info['id'], 2);
} elseif (isset($_GET['ufsmst']) && isset($_GET['inv'])) {
$act = $u->itemsSmSave($_GET['itmid'], $_GET['ufsmst'], $u->info['id']);
$u->itemsSmSave($_GET['itmid'], $_GET['ufsmst'], $u->info['id']);
} elseif (isset($_GET['ufsms']) && isset($_GET['inv'])) {
$act = $u->itemsSmSave($_GET['itmid'], $_GET['ufsms'] + 100, $u->info['id']);
$u->itemsSmSave($_GET['itmid'], $_GET['ufsms'] + 100, $u->info['id']);
} elseif (isset($_GET['ufs']) && isset($_GET['inv'])) {
$act = $u->freeStatsItem($_GET['itmid'], $_GET['ufs'], $u->info['id']);
$u->freeStatsItem($_GET['itmid'], $_GET['ufs'], $u->info['id']);
} elseif (isset($_GET['sid']) && isset($_GET['inv'])) {
$act = $u->snatItem($_GET['sid'], $u->info['id']);
} elseif (isset($_GET['oid']) && isset($_GET['inv'])) {
$act = $u->odetItem($_GET['oid'], $u->info['id']);
} elseif (isset($_GET['item_rune']) && isset($_GET['inv'])) {
$act = $u->runeItem(null);
$u->runeItem(null);
} elseif (isset($_GET['remitem'], $_GET['inv'])) {
$act = $u->snatItemAll($u->info['id']);
} elseif (isset($_GET['delete']) && isset($_GET['inv']) && $u->newAct($_GET['sd4'])) {
@ -463,7 +422,9 @@ if (isset($_GET['security']) && !isset($u->tfer['id']) && $trololo == 1) {
require_once('modules_data/_obraz.php');
} elseif (isset($_GET['skills']) && !isset($u->tfer['id']) && $trololo == 1) {
require_once('modules_data/_umenie.php');
} elseif ((isset($_GET['transfer']) || isset($u->tfer['id'])) && $u->info['level'] >= Config::get('level_ransfer') && $trololo == 1 && $u->info['inTurnir'] == 0 && $u->info['inTurnirnew'] == 0) {
} elseif ((isset($_GET['transfer']) || isset($u->tfer['id'])) && $u->info['level'] >= Config::get(
'level_ransfer'
) && $trololo == 1 && $u->info['inTurnir'] == 0 && $u->info['inTurnirnew'] == 0) {
if ($u->info['allLock'] > time()) {
require_once('modules_data/_locations.php');
echo '<script>setTimeout(function(){alert("Вам запрещены передачи до ' . date(
@ -495,7 +456,10 @@ if (in_array(
$iloc = '';
$iloce = '';
$sp = Db::getRows('select * from items_local where (room = ? or room = -1) and `delete` = 0 and user_take = 0 and tr_login = ?', [$u->info['room'], $u->info['login']]);
$sp = Db::getRows(
'select * from items_local where (room = ? or room = -1) and `delete` = 0 and user_take = 0 and tr_login = ?',
[$u->info['room'], $u->info['login']]
);
foreach ($sp as $pl) {
$itmo = mysql_fetch_array(mysql_query('SELECT * FROM `items_main` WHERE `id` = ' . $pl['item_id']));
if (isset($itmo['id'])) {

View File

@ -2221,8 +2221,6 @@ $tma = '';
$st[6]['pzm'] += 7;
}
$b8name = '';
//Духовность
//if($u->stats['s7']>24){ $b8name = 'Духовная Защита'; $b[8] .= '&nbsp;&nbsp;&nbsp;&bull; Жизнь после смерти дает вам прием &quot;Призрачная Защита&quot;<img src="https://img.new-combats.com/i/eff/spirit_block25.gif"><br>'; }
if ($u->stats['s7'] > 49) {
$b8name = 'Духовное Исцеление';
$b[8] .= '&nbsp;&nbsp;&nbsp;&bull; Каждый бой вы начинаете под действием магии &quot;Спасение&quot;<img src="https://img.new-combats.com/i/eff/preservation.gif"><br>';
@ -2274,10 +2272,10 @@ $tma = '';
$i++;
}
if (isset($sti['complect'])) {
$coms[count($coms)]['id'] = $sti['complect'];
$coms[]['id'] = $sti['complect'];
if (!isset($coms['com'][$sti['complect']])) {
$coms['com'][$sti['complect']] = 0;
$coms['new'][count($coms['new'])] = $sti['complect'];
$coms['new'][] = $sti['complect'];
}
$coms['com'][$sti['complect']]++;
if ($pl['2h'] > 0) {
@ -2285,10 +2283,10 @@ $tma = '';
}
}
if (isset($sti['complect2'])) {
$coms[count($coms)]['id'] = $sti['complect2'];
$coms[]['id'] = $sti['complect2'];
if (!isset($coms['com'][$sti['complect2']])) {
$coms['com'][$sti['complect2']] = 0;
$coms['new'][count($coms['new'])] = $sti['complect2'];
$coms['new'][] = $sti['complect2'];
}
$coms['com'][$sti['complect2']]++;
if ($pl['2h'] > 0) {
@ -2322,7 +2320,6 @@ $tma = '';
$sti = $u->lookStats($plc['data']);
while ($ij < count($ia)) {
if (isset($ia[$ij]) && isset($sti[$ia[$ij]])) {
//$st[$ia[$ij]] += $sti[$ia[$ij]];
$mad = $sti[$ia[$ij]];
if ($mad > 0) {
$mad = '+' . $mad;
@ -2593,10 +2590,10 @@ $tma = '';
);
if (isset($sf['id'])) {
$sfe = $u->lookStats($sf['vals']);
$sf[0] = $u->info['exp'] - $sfe['e'];
$sf[1] = $u->info['win'] - $sfe['w'];
$sf[2] = $u->info['lose'] - $sfe['l'];
$sf[3] = $u->info['nich'] - $sfe['n'];
$sf[0] = $u->info['exp'] - (int)$sfe['e'];
$sf[1] = $u->info['win'] - (int)$sfe['w'];
$sf[2] = $u->info['lose'] - (int)$sfe['l'];
$sf[3] = $u->info['nich'] - (int)$sfe['n'];
unset($sfe);
} else {
$sf = [0 => 0, 1 => 0, 2 => 0, 3 => 0];

View File

@ -1,11 +1,17 @@
<?php
if (!defined('GAME_VERSION')) {
require_once '_incl_data/autoload.php';
}
use Core\Config;
use Core\Database;
use Core\Db;
//
const GAME = true;
require_once '_incl_data/__config.php';
require_once '_incl_data/class/__db_connect.php';
Config::init();
Database::init();
$u = User::start();
$filter = new Filter();
$chat = new Chat();
@ -25,11 +31,11 @@ if ($u->info['bithday'] == '01.01.1800') {
}
if ($u->info['online'] < time() - 60) {
mysql_query('UPDATE users SET online = unix_timestamp() WHERE id = ' . $u->info['id']);
Db::sql('update users set online = unix_timestamp() where id = ?', [$u->info['id']]);
$filter->setOnline($u->info['online'], $u->info['id']);
}
function isModerOrAdmin($uinfo)
function isModerOrAdmin($uinfo): bool
{
return $uinfo['admin'] > 0 ||
(
@ -42,19 +48,13 @@ function isModerOrAdmin($uinfo)
}
if (isset($_POST['delMsg']) && isModerOrAdmin($u->info)) {
if (((int)$_POST['delMsg']) > 0) {
mysql_query(
'UPDATE `chat` SET `delete` = "' . $u->info['id'] . '" WHERE `id` = "' . mysql_real_escape_string(
((int)$_POST['delMsg'])
) . '" LIMIT 1'
);
$delmsgid = (int)$_POST['delMsg'];
if ($delmsgid > 0) {
Db::sql('update chat set `delete` = ? where id = ?', [$u->info['id'], $delmsgid]);
} else {
mysql_query(
'UPDATE `users` SET `molch3` = "' . (time() + 3600 * 3) . '" WHERE `id` = "' . mysql_real_escape_string(
-((int)$_POST['delMsg'])
) . '" LIMIT 1'
);
Db::sql('update users set molch3 = unix_timestamp() + 3600 * 3 where id = ?', [-$delmsgid]);
}
unset($delmsgid);
}
$r = [
@ -81,7 +81,7 @@ if (isset($_POST['msg']) && str_replace(' ', '', $_POST['msg']) != '') {
$_POST['msg'] = str_replace('\x3C', '<', $_POST['msg']);
$_POST['msg'] = str_replace('\x3', '>', $_POST['msg']);
function tolink($buf)
function tolink($buf): string
{
$x = explode(" ", $buf);
$newbuf = '';
@ -192,10 +192,10 @@ if (isset($_POST['msg']) && str_replace(' ', '', $_POST['msg']) != '') {
}
}
//
$newbuf .= preg_match
(
$newbuf .= preg_match(
"/(https:\\/\\/)?(new-combats+\\.com(([ \"'>\r\n\t])|(\\/([^ \"'>\r\n\t]*)?)))/",
$x[$j], $ok
$x[$j],
$ok
) ? str_replace(
$ok[2], "<small><a href=https://$ok[2] target=_blank ><i>" . $uname . "</i></a></small>",
str_replace("https://", "", $x[$j])

View File

@ -100,7 +100,15 @@ if ($_SESSION['step'] === 8) { // Всех их соберём, вместе с
);
if ($uid > 0) {
unset(
$_SESSION['login'],
$_SESSION['password'],
$_SESSION['email'],
$_SESSION['ref'],
$_SESSION['birthday'],
$_SESSION['sex'],
$_SESSION['class']
);
//мульты
$ppl = Db::getRows('select * from logs_auth where ip = ? or ip = ?', [UserIp::get(), $_COOKIE['ip']]);
@ -122,10 +130,10 @@ if ($_SESSION['step'] === 8) { // Всех их соберём, вместе с
//Обновяем таблицы
Db::sql('update users set ip = ? where id = ?', [UserIp::get(), $uid]);
Db::sql('insert into users_learning_status (uid) values (?)', [$uid]);
session_unset();
header('Refresh: 1; url=/bk');
die('Спасибо за регистрацию в игровом мире Бойцовского Клуба, желаем вам побед и долгой игры.
die(
'Спасибо за регистрацию в игровом мире Бойцовского Клуба, желаем вам побед и долгой игры.
В случае вопросов по игре, Вам будет доступен общий чат!'
);
}
@ -138,7 +146,7 @@ $errorMessage = $newUser->getError() ? "<h4>{$newUser->getError()}</h4>" : '';
<!DOCTYPE html>
<head>
<title><?= Config::get('name') ?>: Регистрация - создай персонажа в игре.</title>
<meta name="description" content="<?= Config::get('desc') ?>"/>
</head>

View File

@ -37,18 +37,17 @@ if (isset($_POST['relogin'])) {
if ($lst_psw) {
$error = 'Высылать пароль можно не более одного раза в сутки.';
} elseif (
str_replace('0', '', $_POST['redate']) == str_replace('0', '', $usr['bithday'])
str_replace('0', '', date('d.m.Y', strtotime($_POST['redate']))) == str_replace('0', '', $usr['bithday'])
) {
$error = '<br><br><br>Пароль от персонажа &quot;' . $usr['login'] . '&quot; был успешно выслан на E-mail указанный при регистрации! <br><br><br>';
$re = Db::getValue(
'select count(*) from logs_auth where uid = ? and type = 0 and depass != ?',
[$usr['id'], '']
);
if ($u['securetime'] < Config::get('securetime')) {
if ($usr['securetime'] < Config::get('securetime')) {
unset($re);
}
if (!isset($re)) {
if (!empty($re)) {
$newPassword = PassGen::new();
$title = 'Восстановление пароля от "' . $usr['login'] . '".';
$txt = 'Добрый день.<br>';
@ -75,6 +74,7 @@ if (isset($_POST['relogin'])) {
$error = $mail;
}
unset($mail);
$error = '<br><br><br>Пароль от персонажа &quot;' . $usr['login'] . '&quot; был успешно выслан на E-mail указанный при регистрации! <br><br><br>';
}
} else {
$error = 'Неверно указан день рождения.';