finish hero_full.php

2026-06-28 00:24:23 +00:00 · 2013-06-16 10:38:34 +03:00
commit 98e94af807
2800 changed files with 115529 additions and 0 deletions
@@ -0,0 +1,168 @@
+<?php
+
+#################################################################################
+##              -= YOU MAY NOT REMOVE OR CHANGE THIS NOTICE =-                 ##
+## --------------------------------------------------------------------------- ##
+##  Filename       Profile.php                                                 ##
+##  License:       TravianX Project                                            ##
+##  Copyright:     TravianX (c) 2010-2011. All rights reserved.                ##
+##                                                                             ##
+#################################################################################
+
+
+class Profile {
+
+	public function procProfile($post) {
+		global $session;
+		if(isset($post['ft'])) {
+			switch($post['ft']) {
+				case "p1":
+				if($session->access!=BANNED){
+				$this->updateProfile($post);
+				}else{
+				header("Location: banned.php");
+				}
+				break;
+				case "p3":
+				if($session->access!=BANNED){
+				$this->updateAccount($post);
+				}else{
+				header("Location: banned.php");
+				}
+				break;
+			}
+		}
+		if(isset($post['s'])) {
+			switch($post['s']) {
+			case "4":
+			if($session->access!=BANNED){
+				$this->gpack($post);
+			}else{
+			header("Location: banned.php");
+			}
+			break;
+			}
+		}
+	}
+
+	public function procSpecial($get) {
+		global $session;
+		if(isset($get['e'])) {
+			switch($get['e']) {
+				case 2:
+				if($session->access!=BANNED){
+				$this->removeMeSit($get);
+				}else{
+				header("Location: banned.php");
+				}
+				break;
+				case 3:
+				if($session->access!=BANNED){
+				$this->removeSitter($get);
+				}else{
+				header("Location: banned.php");
+				}
+				break;
+				case 4:
+				if($session->access!=BANNED){
+				$this->cancelDeleting($get);
+				}else{
+				header("Location: banned.php");
+				}
+				break;
+			}
+		}
+	}
+
+	private function updateProfile($post) {
+		global $database;
+		$birthday = $post['jahr'].'-'.$post['monat'].'-'.$post['tag'];
+		$database->submitProfile($database->RemoveXSS($post['uid']),$database->RemoveXSS($post['mw']),$database->RemoveXSS($post['ort']),$database->RemoveXSS($birthday),$database->RemoveXSS($post['be2']),$database->RemoveXSS($post['be1']));
+		$varray = $database->getProfileVillages($post['uid']);
+		for($i=0;$i<=count($varray)-1;$i++) {
+			$database->setVillageName($database->RemoveXSS($varray[$i]['wref']),$post['dname'.$i]);
+		}
+		header("Location: spieler.php?uid=".$post['uid']);
+	}
+
+	private function gpack($post) {
+		global $database, $session;
+		$database->gpack($database->RemoveXSS($session->uid),$database->RemoveXSS($post['custom_url']));
+		header("Location: spieler.php?uid=".$session->uid);
+	}
+
+	private function updateAccount($post) {
+		global $database,$session,$form;
+		if($post['pw2'] == $post['pw3']) {
+			if($database->login($session->username,$post['pw1'])) {
+				if ($_POST['uid'] != $session->uid){
+                      			die("Hacking Attempr");
+                		} else {
+				$database->updateUserField($post['uid'],"password",md5($post['pw2']),1);
+			}
+			}
+			else {
+				$form->addError("pw",LOGIN_PW_ERROR);
+			}
+		}
+		else {
+			$form->addError("pw",PASS_MISMATCH);
+		}
+		if($post['email_alt'] == $session->userinfo['email']) {
+			$database->updateUserField($post['uid'],"email",$post['email_neu'],1);
+		}
+		else {
+			$form->addError("email",EMAIL_ERROR);
+		}
+		if($post['del'] && md5($post['del_pw']) == $session->userinfo['password']) {
+				$database->setDeleting($post['uid'],0);
+		}
+		else {
+			$form->addError("del",PASS_MISMATCH);
+		}
+		if($post['v1'] != "") {
+			$sitid = $database->getUserField($post['v1'],"id",1);
+			if($sitid == $session->userinfo['sit1'] || $sitid == $session->userinfo['sit2']) {
+				$form->addError("sit",SIT_ERROR);
+			}
+			else if($sitid != $session->uid){
+				if($session->userinfo['sit1'] == 0) {
+					$database->updateUserField($post['uid'],"sit1",$sitid,1);
+				}
+				else if($session->userinfo['sit2'] == 0) {
+					$database->updateUserField($post['uid'],"sit2",$sitid,1);
+				}
+			}
+		}
+		$_SESSION['errorarray'] = $form->getErrors();
+		header("Location: spieler.php?s=3");
+	}
+
+	private function removeSitter($get) {
+		global $database,$session;
+		if($get['a'] == $session->checker) {
+			if($session->userinfo['sit'.$get['type']] == $get['id']) {
+				$database->updateUserField($session->uid,"sit".$get['type'],0,1);
+			}
+			$session->changeChecker();
+		}
+		header("Location: spieler.php?s=".$get['s']);
+	}
+
+	private function cancelDeleting($get) {
+		global $database,$session;
+		$database->setDeleting($get['id'],1);
+		header("Location: spieler.php?s=".$get['s']);
+	}
+
+	private function removeMeSit($get) {
+		global $database,$session;
+		if($get['a'] == $session->checker) {
+			$database->removeMeSit($get['id'],$session->uid);
+			$session->changeChecker();
+		}
+		header("Location: spieler.php?s=".$get['s']);
+	}
+};
+$profile = new Profile;
+?>