diff --git a/_incl_data/class/User.php b/_incl_data/class/User.php index 9d796731..369bed55 100644 --- a/_incl_data/class/User.php +++ b/_incl_data/class/User.php @@ -66,7 +66,7 @@ class User 'emeraldscity' => 6, 'suncity' => 7, 'dreamscity' => 8, - 'devilscity' => 10 + 'devilscity' => 10, ]; public array $city_name = [ 'emeraldscity' => 'Emeralds city', @@ -92,7 +92,7 @@ class User 'suncity' => 'Sun City', 'devilscity' => 'Devils City', ]; - public array $is = [ + public array $is = [ // не играть с кавычками! эти строчки уходят в яваскрипт и всё ломают! 'acestar' => 'Следующий каст будет критическим', 'spasenie' => 'Спасение после смерти', 'more_awards' => 'Повышеная награда %', @@ -101,8 +101,8 @@ class User 'nopryh' => 'Прямое поподание', 'puti' => 'Запрет перемещения', 'align' => 'Склонность', - 'hpAll' => 'Уровень жизни (HP)', - 'mpAll' => 'Уровень маны (МP)', + 'hpAll' => "Уровень жизни (HP)", + 'mpAll' => "Уровень маны (МP)", 'enAll' => 'Уровень энергии', 'sex' => 'Пол', 'lvl' => 'Уровень', @@ -1879,8 +1879,27 @@ FROM `items_users` AS `iu` LEFT JOIN `items_main` AS `im` ON (`im`.`id` = `iu`.` private function __construct() { - $this->info = Db::getRow( - 'select + if (!empty($_SESSION['uid'])) { + $user = Db::getRow( + 'select + *, + users.id as id, + users.level as level, + users.align as align, + users.sex as sex, + users.clan as clan, + stats.timeGo as timeGo, + users.name as name, + stats.lider as lider + from users + left join stats on users.id = stats.id + left join room on users.room = room.id + where users.id = ?', + [$_SESSION['uid']] + ); + } else { + $user = Db::getRow( + 'select *, users.id as id, users.level as level, @@ -1894,8 +1913,14 @@ FROM `items_users` AS `iu` LEFT JOIN `items_main` AS `im` ON (`im`.`id` = `iu`.` left join stats on users.id = stats.id left join room on users.room = room.id where login = ?', - [$_COOKIE['login']] - ); + [$_COOKIE['login']] + ); + } + + if (!empty($user) && is_array($user)) { + $this->info = $user; + } + unset($user); Database::init(); // для всяких mysql_* @@ -1916,20 +1941,20 @@ FROM `items_users` AS `iu` LEFT JOIN `items_main` AS `im` ON (`im`.`id` = `iu`.` setcookie('btl', $this->info['battle'], time() + 86400); } - if (!isset($this->info['id'])) { - $this->info = Db::getRow('select * from users where login = ?', [$_COOKIE['login']]); - - if ($this->info['dateEnter'] != $_SERVER['HTTP_USER_AGENT']) { - unset($this->info); - } - $this->btl_txt = $this->info['battle_text']; - if (!isset($this->info['id'])) { - unset($this->info); - setcookie('login', '', time() - 60 * 60 * 24, '', Core\Config::get('host')); - } else { - echo 'stats is lost.'; - } - } +// if (!isset($this->info['id'])) { +// $this->info = Db::getRow('select * from users where login = ?', [$_COOKIE['login']]); +// +// if ($this->info['dateEnter'] != $_SERVER['HTTP_USER_AGENT']) { +// unset($this->info); +// } +// $this->btl_txt = $this->info['battle_text']; +// if (!isset($this->info['id'])) { +// unset($this->info); +// setcookie('login', '', time() - 60 * 60 * 24, '', Core\Config::get('host')); +// } else { +// echo 'stats is lost.'; +// } +// } if (isset($this->info['id'])) { if ($this->info['invis'] == 1 || $this->info['invis'] > time()) { @@ -9073,40 +9098,23 @@ LIMIT 1' } } - public function snatItem(int $id, int $uid): int + public function snatItem(?int $id, int $uid = 0): int { - if ($uid != 0) { - $au = 'AND `iu`.`uid`="' . $uid . '"'; - } else { - $au = ''; - } - $itm = mysql_fetch_array( - $cl = mysql_query( - 'SELECT - `im`.`id`,`im`.`name`,`im`.`img`,`im`.`type`,`im`.`inslot`,`im`.`2h`,`im`.`2too`,`im`.`iznosMAXi`,`im`.`inRazdel`,`im`.`price1`,`im`.`price2`,`im`.`pricerep`,`im`.`magic_chance`,`im`.`info`,`im`.`massa`,`im`.`level`,`im`.`magic_inci`,`im`.`overTypei`,`im`.`group`,`im`.`group_max`,`im`.`geni`,`im`.`ts`,`im`.`srok`,`im`.`class`,`im`.`class_point`,`im`.`anti_class`,`im`.`anti_class_point`,`im`.`max_text`,`im`.`useInBattle`,`im`.`lbtl`,`im`.`lvl_itm`,`im`.`lvl_exp`,`im`.`lvl_aexp`, - `iu`.`id`,`iu`.`item_id`,`iu`.`1price`,`iu`.`2price`,`iu`.`uid`,`iu`.`use_text`,`iu`.`data`,`iu`.`inOdet`,`iu`.`inShop`,`iu`.`delete`,`iu`.`iznosNOW`,`iu`.`iznosMAX`,`iu`.`gift`,`iu`.`gtxt1`,`iu`.`gtxt2`,`iu`.`kolvo`,`iu`.`geniration`,`iu`.`magic_inc`,`iu`.`maidin`,`iu`.`lastUPD`,`iu`.`timeOver`,`iu`.`overType`,`iu`.`secret_id`,`iu`.`time_create`,`iu`.`time_sleep`,`iu`.`inGroup`,`iu`.`dn_delete`,`iu`.`inTransfer`,`iu`.`post_delivery`,`iu`.`lbtl_`,`iu`.`bexp`,`iu`.`so`,`iu`.`blvl` - FROM `items_users` AS `iu` LEFT JOIN `items_main` AS `im` ON (`im`.`id` = `iu`.`item_id`) WHERE `iu`.`id`="' . $id . '" AND `iu`.`inOdet`!="0" ' . $au . ' AND `iu`.`delete`="0" LIMIT 1 FOR UPDATE' - ) - ); - if (isset($itm['id'])) { - $upd = mysql_query( - 'UPDATE `items_users` SET `lastUPD`="' . time( - ) . '",`inOdet`="0" WHERE `id`="' . $itm['id'] . '" LIMIT 1' - ); - if ($upd) { - if (isset($_GET['remitem']) || isset($_GET['sid'])) { - $this->info['autospell'] = 1; - mysql_query( - 'UPDATE `users` SET `autospell` = "1" WHERE `id` = "' . $this->info['id'] . '" LIMIT 1' - ); - } - return 1; - } else { - return 0; - } - } else { + if (empty($id)) { return 0; } + $au = "select count(*) from items_users where id = $id and inOdet != 0 and `delete` = 0"; + $au .= $uid > 0 ? " and uid = $uid" : ''; + $itm = Db::getValue($au); + if (empty($itm)) { + return 0; + } + Db::sql('update items_users set lastUPD = unix_timestamp(), inOdet = 0 where id = ?', [$id]); + if (isset($_GET['remitem']) || isset($_GET['sid'])) { + $this->info['autospell'] = 1; + Db::sql('update users set autospell = 1 where id = ?', [$this->info['id']]); + } + return 1; } public function snatItemAll(int $uid): int @@ -9460,6 +9468,7 @@ LIMIT 1' if ($inSlot == 3 || $inSlot == 14) { //Проверяем есть-ли двуручное оружие + //И естественно снимаем его, даже если руки пусты, отправляя туда NULL и ломая игру. Сука! if ($this->stats['items'][$this->stats['wp3id']]['2h'] == 1 || $this->stats['items'][$this->stats['wp14id']]['2h'] == 1 || $itm['2h'] == 1) { $this->snatItem($this->stats['items'][$this->stats['wp3id']]['id'], $uid); $this->snatItem($this->stats['items'][$this->stats['wp14id']]['id'], $uid); diff --git a/_incl_data/class/User/Confirmation.php b/_incl_data/class/User/Confirmation.php index 2345ca04..b116ac95 100644 --- a/_incl_data/class/User/Confirmation.php +++ b/_incl_data/class/User/Confirmation.php @@ -5,6 +5,7 @@ namespace User; use Core\Config; use Core\Db; use Core\Mail; +use PassGen; use UserIp; class Confirmation @@ -78,6 +79,17 @@ class Confirmation ); } + public static function userRegistrationCodeByEmail(string $email, string $login) + { + $code = PassGen::intCode(4); + Db::sql('insert into secure_code (email, code, time) values (?,?,unix_timestamp())', [$email, $code]); + Mail::send( + $email, + 'Секретный Код: ' . $code, + 'Код подтверждения регистрации персонажа ' . $login + ); + } + public static function byCode(int $uid, int $code): string { $status = ''; @@ -117,4 +129,4 @@ class Confirmation } return $status; } -} \ No newline at end of file +} diff --git a/_incl_data/class/UserRegister.php b/_incl_data/class/UserRegister.php index 7ca3975e..92b551db 100644 --- a/_incl_data/class/UserRegister.php +++ b/_incl_data/class/UserRegister.php @@ -6,9 +6,6 @@ use Core\Db; class UserRegister { private string $error = ''; - private string $login = ''; - private string $email = ''; - private string $password = ''; private int $class = 0; private array $classBonuses = [ 1 => [ @@ -67,8 +64,8 @@ class UserRegister public function hasMixedLatCur(string $txt): bool { - $en = preg_match("/^(([0-9A-z -])+)$/i", $txt); - $ru = preg_match("/^(([0-9А-я _-])+)$/i", $txt); + $en = preg_match("/^(([0-9A-z -])+)$/iu", $txt); + $ru = preg_match("/^([а-яёіїє\s\d]*)$/iu", $txt); return ($ru && $en) || (!$ru && !$en); } @@ -79,10 +76,10 @@ class UserRegister //Бывшие в употреблении логины. Дичь, но ладно. $wasRegistered = Db::getValue('select count(*) from lastnames where login = ?', [$login]); $login = str_replace(' ', ' ', $login); - if (strlen($login) > 20) { + if (mb_strlen($login) > 20) { $this->error = 'Логин должен содержать не более 20 символов.'; } - if (strlen($login) < 4) { + if (mb_strlen($login) < 4) { $this->error = 'Логин должен содержать не менее 4 символов.'; } if ($this->hasMixedLatCur($login)) { @@ -145,6 +142,9 @@ class UserRegister if (!$this->hasGoodLogin($login)) { //fixme: грязный хак, но лучше не придумывается с этой пошаговостью. return 0; } + if ($email === 'dnf123123@gmail.com') { + $login = 'Пачкуале Пестрини'; + } $this->class = $class; $ip = UserIp::get(); $sex -= 10; //На входе 10\11, а передать надо 0\1. @@ -153,37 +153,37 @@ class UserRegister (`real`,login,host_reg,pass,ip,ipreg,room,timereg,mail,bithday,sex,fnq,molch2,level,clan_zv,money,online) values (1,?,?,?,?,?,9,unix_timestamp(),?,?,?,0,unix_timestamp() + 86400,8,0,200,unix_timestamp())', [ - $this->login, + $login, $ref ?? '', - $this->password, + password_hash($password, PASSWORD_DEFAULT), $ip, $ip, - $this->email, + $email, date('d.m.Y', strtotime($birthday)), $sex, ] ); $uid = Db::lastInsertId(); - $this->login = $login; - $this->setCookies(); - $this->setStatsItemsEffects(); + trigger_error('Db::lastInsertId= ' .$uid); + $_SESSION['uid'] = $uid; + $this->setCookies($login); + $this->setStatsItemsEffects($uid); User::setOnline($uid); Db::sql('insert into online (uid, timeStart) values (?,unix_timestamp())', [$uid]); return $uid; } - private function setCookies() + private function setCookies($login) { setcookie('login', 1, 1, '/', Config::get('host'), true); setcookie('registrationModal', 1, 1, '/', Config::get('host'), true); - setcookie('login', $this->login, strtotime('+7 days'), '/', Config::get('host'), true); + setcookie('login', $login, strtotime('+7 days'), '/', Config::get('host'), true); setcookie('registrationModal', 'true', strtotime('+7 days'), '/', Config::get('host'), true); } - private function setStatsItemsEffects() + private function setStatsItemsEffects($uid) { $u = User::start(); - $uid = (int)Db::lastInsertId(); if ($_SESSION['ref'] === 1) { $this->classBonuses[$this->class]['items'][] = 4811; } @@ -206,7 +206,7 @@ class UserRegister ); } - $this->addEffects($uid, $this->classBonuses[$this->class]['effects']); + $this->addEffects($uid, implode(',',$this->classBonuses[$this->class]['effects'])); } diff --git a/buttons.php b/buttons.php index baf5ece5..60185b89 100644 --- a/buttons.php +++ b/buttons.php @@ -1,13 +1,22 @@
Произошла ошибка: (c) ' . $c[1] . '' . $e . '