From a163206782a99323e1c4ec29afe58ac830255dc1 Mon Sep 17 00:00:00 2001 From: Martin Ambrus Date: Sun, 22 Oct 2017 19:16:43 +0200 Subject: [PATCH] feat: forum post notifications into mailbox --- GameEngine/Database.php | 41 ++++++++++++++++++++++++---- GameEngine/Message.php | 14 ++++++---- README | 3 +- Templates/Alliance/Forum/forum_7.tpl | 1 + Templates/Alliance/forum.tpl | 3 +- install/data/sql.sql | 5 ++-- sql_updates.txt | 5 ++++ todo.txt | 2 +- 8 files changed, 57 insertions(+), 17 deletions(-) diff --git a/GameEngine/Database.php b/GameEngine/Database.php index b64636e4..d0b29c4f 100755 --- a/GameEngine/Database.php +++ b/GameEngine/Database.php @@ -1471,13 +1471,40 @@ class MYSQLi_DB { FORUM SUREY *************************/ - function CreatPost($post, $tids, $owner, $alliance, $player, $coor, $report) { - list($post, $tids, $owner, $alliance, $player, $coor, $report) = $this->escape_input($post, $tids, $owner, (int) $alliance, (int) $player, (int) $coor, (int) $report); + function CreatPost($post, $tids, $owner, $alliance, $player, $coor, $report, $fid2 = 0) { + global $message, $session; + list($post, $tids, $owner, $alliance, $player, $coor, $report, $fid2) = $this->escape_input($post, (int) $tids, $owner, (int) $alliance, (int) $player, (int) $coor, (int) $report, (int) $fid2); $date = time(); - $q = "INSERT into " . TB_PREFIX . "forum_post values (0,'$post','$tids','$owner','$date',$alliance,$player,$coor,$report)"; + $q = "INSERT into " . TB_PREFIX . "forum_post values (0,'$post',$tids,'$owner','$date',$alliance,$player,$coor,$report)"; mysqli_query($this->dblink,$q); - return mysqli_insert_id($this->dblink); + $postID = mysqli_insert_id($this->dblink); + + // create a message notification for each person subscribed to this topic + // ... for now it's everyone who ever posted there, there is no real un/subscription yet + if ($fid2 !== 0) { + $q = "SELECT DISTINCT owner FROM ".TB_PREFIX . "forum_post WHERE topic = $tids"; + $result = mysqli_query($this->dblink, $q); + if ($result->num_rows) { + while ($row = mysqli_fetch_assoc($result)) { + if ($row['owner'] != $owner) { + $this->sendMessage( + (int) $row['owner'], + 2, + 'New Message in Alliance Forum', + "Hi!\n\n".$this->escape($session->username)." posted a new message into your common topic. Here\\'s a link that will get you there: forum link\n\nYours sincerely,\nServer Robot :)", + 0, + 0, + 0, + 0, + 0, + true); + } + } + } + } + + return $postID; } function UpdatePostDate($id) { @@ -2206,8 +2233,10 @@ class MYSQLi_DB { return mysqli_query($this->dblink,$q); } - function sendMessage($client, $owner, $topic, $message, $send, $alliance, $player, $coor, $report) { - list($client, $owner, $topic, $message, $send, $alliance, $player, $coor, $report) = $this->escape_input((int) $client, (int) $owner, $topic, $message, (int) $send, (int) $alliance, (int) $player, (int) $coor, (int) $report); + function sendMessage($client, $owner, $topic, $message, $send, $alliance, $player, $coor, $report, $skip_escaping = false) { + if (!$skip_escaping) { + list($client, $owner, $topic, $message, $send, $alliance, $player, $coor, $report) = $this->escape_input((int) $client, (int) $owner, $topic, $message, (int) $send, (int) $alliance, (int) $player, (int) $coor, (int) $report); + } $time = time(); $q = "INSERT INTO " . TB_PREFIX . "mdata values (0,$client,$owner,'$topic','$message',0,0,$send,$time,0,0,$alliance,$player,$coor,$report)"; diff --git a/GameEngine/Message.php b/GameEngine/Message.php index 7f5a2a46..24ec6969 100755 --- a/GameEngine/Message.php +++ b/GameEngine/Message.php @@ -418,17 +418,19 @@ class Message { } } - private function sendMessage($recieve, $topic, $text) { + private function sendMessage($recieve, $topic, $text, $security_check = true) { global $session, $database; $user = $database->getUserField($recieve, "id", 1); // Vulnerability closed by Shadow - $q = "SELECT * FROM ".TB_PREFIX."mdata WHERE owner='".$session->uid."' AND time > ".time()." - 60"; - $res = mysqli_query($GLOBALS['link'],$q) or die(mysqli_error($database->dblink). " query ".$q); - $flood = mysqli_num_rows($res); - if($flood > 5) - return; //flood + if ($security_check) { + $q = "SELECT * FROM ".TB_PREFIX."mdata WHERE owner='".$session->uid."' AND time > ".time()." - 60"; + $res = mysqli_query($GLOBALS['link'],$q) or die(mysqli_error($database->dblink). " query ".$q); + $flood = mysqli_num_rows($res); + if($flood > 5) + return; //flood + } // Vulnerability closed by Shadow diff --git a/README b/README index c9ab9155..c340fed8 100644 --- a/README +++ b/README @@ -51,7 +51,8 @@ martinambrus changes: 39. not allowing installation if old data are still in database to prevent multiple worlds generation and game misbehavior 40. fixed quest 1 to reload the page and allow for immediate completion of the woodcutter 41. NPC links added to units in Hero Mansion -42. fixed random attacks attacker tribe (Natars) when building Wonder of the World +42. fixed random attacks attacker tribe (Natars) when building Wonder of the World +43. players who post in an Alliance forum are now notified of each subsequent post in that topic via messages Shadowss changes: diff --git a/Templates/Alliance/Forum/forum_7.tpl b/Templates/Alliance/Forum/forum_7.tpl index 55004893..0133bc95 100644 --- a/Templates/Alliance/Forum/forum_7.tpl +++ b/Templates/Alliance/Forum/forum_7.tpl @@ -11,6 +11,7 @@ foreach($topics as $arr) { + diff --git a/Templates/Alliance/forum.tpl b/Templates/Alliance/forum.tpl index 1013aaea..d514058c 100644 --- a/Templates/Alliance/forum.tpl +++ b/Templates/Alliance/forum.tpl @@ -136,6 +136,7 @@ if(isset($_POST['newtopic'])){ if(isset($_POST['newpost'])){ $text = $_POST['text']; $tids = $_POST['tid']; + $fid2 = $_POST['fid2']; $owner = $session->uid; if($text != ""){ if(!preg_match('/\[message\]/',$text) && !preg_match('/\[\/message\]/',$text)){ @@ -194,7 +195,7 @@ if(isset($_POST['newpost'])){ } } $database->UpdatePostDate($tids); - $database->CreatPost($text,$tids,$owner,$alliance,$player,$coor,$report); + $database->CreatPost($text,$tids,$owner,$alliance,$player,$coor,$report,$fid2); } } } diff --git a/install/data/sql.sql b/install/data/sql.sql index 1100a9bd..6d02f420 100644 --- a/install/data/sql.sql +++ b/install/data/sql.sql @@ -743,14 +743,15 @@ CREATE TABLE IF NOT EXISTS `%PREFIX%forum_edit` ( CREATE TABLE IF NOT EXISTS `%PREFIX%forum_post` ( `id` int(11) NOT NULL AUTO_INCREMENT, `post` longtext NULL, - `topic` varchar(255) NULL, + `topic` int(11) DEFAULT NULL, `owner` varchar(255) NULL, `date` varchar(255) NULL, `alliance0` int(11) NULL, `player0` int(11) NULL, `coor0` int(11) NULL, `report0` int(11) NULL, - PRIMARY KEY (`id`) + PRIMARY KEY (`id`), + KEY `topic-owner` (`topic`,`owner`) ) ENGINE=InnoDB DEFAULT CHARSET=utf8 AUTO_INCREMENT=1 ; -- diff --git a/sql_updates.txt b/sql_updates.txt index 2e59f090..4c67ba91 100644 --- a/sql_updates.txt +++ b/sql_updates.txt @@ -1,2 +1,7 @@ +-- 22.10.2017 -> forum topics table and indexe changes +ALTER TABLE `s1_forum_post` CHANGE `topic` `topic` INT NULL DEFAULT NULL; +ALTER TABLE `s1_forum_post` CHANGE `owner` `owner` INT NULL DEFAULT NULL; +ALTER TABLE `travian`.`s1_forum_post` ADD INDEX `topic-owner` (`topic`, `owner`); + -- 20.10.2017 -> changing MD5 for bcrypt password hashing algo ALTER TABLE `s1_users` ADD `is_bcrypt` TINYINT(1) NOT NULL DEFAULT '0' AFTER `vactwoweeks`; \ No newline at end of file diff --git a/todo.txt b/todo.txt index 7a6460ee..4ea3e4a5 100644 --- a/todo.txt +++ b/todo.txt @@ -1,5 +1,5 @@ - normalize forum tables - varchar is used for numeric values and is joined with int field -- send forum replies in a forum where a user is active also to that user's mailbox - make an option for admin to be raidable (in profile?) - finish parts in Admin that are unfinished (mostly delete -X- buttons and Alliance settings) +- add batching logic to mehods which get called too frequently and multiple times (example - Message::sendMessage() now that is sends messages for each forum post) - add PayPal listener to verify gold transactions imediatelly \ No newline at end of file