mirror of
https://github.com/Shadowss/TravianZ.git
synced 2026-07-17 10:06:09 +00:00
Add MultiAccount Detection, Add Push Protection Detection, Add register Default Gold
Add MultiAccount Detection, Add Push Protection Detection, Add register Default Gold
This commit is contained in:
@@ -73,12 +73,13 @@ $fh = fopen($myFile, 'w') or die("<br/><br/><br/>Can't open file: GameEngine\con
|
||||
$NEW_FUNCTIONS_MEDAL_10YEAR = (NEW_FUNCTIONS_MEDAL_10YEAR == false ? 'false' : 'true');
|
||||
$NEW_FUNCTIONS_SPECIAL_MEDALS_SYSTEM = (NEW_FUNCTIONS_SPECIAL_MEDALS_SYSTEM == false ? 'false' : 'true');
|
||||
$NEW_FUNCTIONS_MILESTONES = (NEW_FUNCTIONS_MILESTONES == false ? 'false' : 'true');
|
||||
$NEW_FUNCTIONS_HERO_T4 = (defined('NEW_FUNCTIONS_HERO_T4') && NEW_FUNCTIONS_HERO_T4 ? 'true' : 'false'); // fix: lipsea (bug preexistent)
|
||||
$NEW_FUNCTIONS_HERO_T4 = (defined('NEW_FUNCTIONS_HERO_T4') && NEW_FUNCTIONS_HERO_T4 ? 'true' : 'false');
|
||||
$NEW_FUNCTION_TRIBE_HUNS = (defined('NEW_FUNCTION_TRIBE_HUNS') && NEW_FUNCTION_TRIBE_HUNS ? 'true' : 'false');
|
||||
$NEW_FUNCTION_TRIBE_EGIPTEANS = (defined('NEW_FUNCTION_TRIBE_EGIPTEANS') && NEW_FUNCTION_TRIBE_EGIPTEANS ? 'true' : 'false');
|
||||
$NEW_FUNCTION_TRIBE_SPARTANS = (defined('NEW_FUNCTION_TRIBE_SPARTANS') && NEW_FUNCTION_TRIBE_SPARTANS ? 'true' : 'false');
|
||||
$NEW_FUNCTION_TRIBE_VIKINGS = (defined('NEW_FUNCTION_TRIBE_VIKINGS') && NEW_FUNCTION_TRIBE_VIKINGS ? 'true' : 'false');
|
||||
$NEW_FUNCTIONS_MEDAL_RESET = (NEW_FUNCTIONS_MEDAL_RESET == false ? 'false' : 'true');
|
||||
|
||||
|
||||
$text = admin_config_template_contents();
|
||||
$text = preg_replace("'%ERRORREPORT%'", $ERRORREPORT, $text);
|
||||
@@ -171,12 +172,15 @@ $fh = fopen($myFile, 'w') or die("<br/><br/><br/>Can't open file: GameEngine\con
|
||||
$text = preg_replace("'%NEW_FUNCTIONS_MEDAL_10YEAR%'", $NEW_FUNCTIONS_MEDAL_10YEAR, $text);
|
||||
$text = preg_replace("'%NEW_FUNCTIONS_SPECIAL_MEDALS_SYSTEM%'", $NEW_FUNCTIONS_SPECIAL_MEDALS_SYSTEM, $text);
|
||||
$text = preg_replace("'%NEW_FUNCTIONS_MILESTONES%'", $NEW_FUNCTIONS_MILESTONES, $text);
|
||||
$text = preg_replace("'%NEW_FUNCTIONS_HERO_T4%'", $NEW_FUNCTIONS_HERO_T4, $text); // fix: lipsea
|
||||
$text = preg_replace("'%NEW_FUNCTIONS_HERO_T4%'", $NEW_FUNCTIONS_HERO_T4, $text);
|
||||
$text = preg_replace("'%NEW_FUNCTION_TRIBE_HUNS%'", $NEW_FUNCTION_TRIBE_HUNS, $text);
|
||||
$text = preg_replace("'%NEW_FUNCTION_TRIBE_EGIPTEANS%'", $NEW_FUNCTION_TRIBE_EGIPTEANS, $text);
|
||||
$text = preg_replace("'%NEW_FUNCTION_TRIBE_SPARTANS%'", $NEW_FUNCTION_TRIBE_SPARTANS, $text);
|
||||
$text = preg_replace("'%NEW_FUNCTION_TRIBE_VIKINGS%'", $NEW_FUNCTION_TRIBE_VIKINGS, $text);
|
||||
$text = preg_replace("'%NEW_FUNCTIONS_MEDAL_RESET%'", $NEW_FUNCTIONS_MEDAL_RESET, $text);
|
||||
// Preserve registration-bonus-gold settings (owned by editNewFunctions.php).
|
||||
$text = preg_replace("'%NEW_FUNCTION_REGISTRATION_GOLD%'", (defined('NEW_FUNCTION_REGISTRATION_GOLD') && NEW_FUNCTION_REGISTRATION_GOLD ? 'true' : 'false'), $text);
|
||||
$text = preg_replace("'%NEW_FUNCTION_REGISTRATION_GOLD_VALUE%'", (string) (defined('NEW_FUNCTION_REGISTRATION_GOLD_VALUE') ? (int) NEW_FUNCTION_REGISTRATION_GOLD_VALUE : 200), $text);
|
||||
|
||||
// PLUS settings need to be kept intact
|
||||
$text = preg_replace("'%PLUS_TIME%'", PLUS_TIME, $text);
|
||||
|
||||
@@ -174,6 +174,9 @@ $fh = fopen($myFile, 'w') or die("<br/><br/><br/>Can't open file: GameEngine\con
|
||||
$text = preg_replace("'%NEW_FUNCTION_TRIBE_EGIPTEANS%'", $NEW_FUNCTION_TRIBE_EGIPTEANS, $text);
|
||||
$text = preg_replace("'%NEW_FUNCTION_TRIBE_SPARTANS%'", $NEW_FUNCTION_TRIBE_SPARTANS, $text);
|
||||
$text = preg_replace("'%NEW_FUNCTION_TRIBE_VIKINGS%'", $NEW_FUNCTION_TRIBE_VIKINGS, $text);
|
||||
// Preserve registration-bonus-gold settings (owned by editNewFunctions.php).
|
||||
$text = preg_replace("'%NEW_FUNCTION_REGISTRATION_GOLD%'", (defined('NEW_FUNCTION_REGISTRATION_GOLD') && NEW_FUNCTION_REGISTRATION_GOLD ? 'true' : 'false'), $text);
|
||||
$text = preg_replace("'%NEW_FUNCTION_REGISTRATION_GOLD_VALUE%'", (string) (defined('NEW_FUNCTION_REGISTRATION_GOLD_VALUE') ? (int) NEW_FUNCTION_REGISTRATION_GOLD_VALUE : 200), $text);
|
||||
|
||||
// PLUS settings need to be kept intact
|
||||
$text = preg_replace("'%PLUS_TIME%'", PLUS_TIME, $text);
|
||||
|
||||
@@ -174,6 +174,9 @@ $fh = fopen($myFile, 'w') or die("<br/><br/><br/>Can't open file: GameEngine\con
|
||||
$text = preg_replace("'%NEW_FUNCTION_TRIBE_EGIPTEANS%'", $NEW_FUNCTION_TRIBE_EGIPTEANS, $text);
|
||||
$text = preg_replace("'%NEW_FUNCTION_TRIBE_SPARTANS%'", $NEW_FUNCTION_TRIBE_SPARTANS, $text);
|
||||
$text = preg_replace("'%NEW_FUNCTION_TRIBE_VIKINGS%'", $NEW_FUNCTION_TRIBE_VIKINGS, $text);
|
||||
// Preserve registration-bonus-gold settings (owned by editNewFunctions.php).
|
||||
$text = preg_replace("'%NEW_FUNCTION_REGISTRATION_GOLD%'", (defined('NEW_FUNCTION_REGISTRATION_GOLD') && NEW_FUNCTION_REGISTRATION_GOLD ? 'true' : 'false'), $text);
|
||||
$text = preg_replace("'%NEW_FUNCTION_REGISTRATION_GOLD_VALUE%'", (string) (defined('NEW_FUNCTION_REGISTRATION_GOLD_VALUE') ? (int) NEW_FUNCTION_REGISTRATION_GOLD_VALUE : 200), $text);
|
||||
|
||||
// PLUS settings need to be kept intact
|
||||
$text = preg_replace("'%PLUS_TIME%'", PLUS_TIME, $text);
|
||||
|
||||
@@ -136,6 +136,12 @@ $fh = fopen($myFile, 'w') or die("<br/><br/><br/>Can't open file: GameEngine\con
|
||||
$text = preg_replace("'%NEW_FUNCTION_TRIBE_EGIPTEANS%'", $_POST['new_function_tribe_egipteans'], $text);
|
||||
$text = preg_replace("'%NEW_FUNCTION_TRIBE_SPARTANS%'", $_POST['new_function_tribe_spartans'], $text);
|
||||
$text = preg_replace("'%NEW_FUNCTION_TRIBE_VIKINGS%'", $_POST['new_function_tribe_vikings'], $text);
|
||||
// Registration bonus gold: owned by THIS Mod (edited from the New Functions form).
|
||||
$__reg_gold_on = (isset($_POST['new_function_registration_gold']) && strtolower((string)$_POST['new_function_registration_gold']) === 'true') ? 'true' : 'false';
|
||||
$__reg_gold_val = (int) ($_POST['new_function_registration_gold_value'] ?? 200);
|
||||
if ($__reg_gold_val < 0) { $__reg_gold_val = 0; }
|
||||
$text = preg_replace("'%NEW_FUNCTION_REGISTRATION_GOLD%'", $__reg_gold_on, $text);
|
||||
$text = preg_replace("'%NEW_FUNCTION_REGISTRATION_GOLD_VALUE%'", (string) $__reg_gold_val, $text);
|
||||
|
||||
// PLUS settings need to be kept intact
|
||||
$text = preg_replace("'%PLUS_TIME%'", PLUS_TIME, $text);
|
||||
|
||||
@@ -180,6 +180,9 @@ $fh = fopen($myFile, 'w') or die("<br/><br/><br/>Can't open file: GameEngine\con
|
||||
$text = preg_replace("'%NEW_FUNCTION_TRIBE_EGIPTEANS%'", $NEW_FUNCTION_TRIBE_EGIPTEANS, $text);
|
||||
$text = preg_replace("'%NEW_FUNCTION_TRIBE_SPARTANS%'", $NEW_FUNCTION_TRIBE_SPARTANS, $text);
|
||||
$text = preg_replace("'%NEW_FUNCTION_TRIBE_VIKINGS%'", $NEW_FUNCTION_TRIBE_VIKINGS, $text);
|
||||
// Preserve registration-bonus-gold settings (owned by editNewFunctions.php).
|
||||
$text = preg_replace("'%NEW_FUNCTION_REGISTRATION_GOLD%'", (defined('NEW_FUNCTION_REGISTRATION_GOLD') && NEW_FUNCTION_REGISTRATION_GOLD ? 'true' : 'false'), $text);
|
||||
$text = preg_replace("'%NEW_FUNCTION_REGISTRATION_GOLD_VALUE%'", (string) (defined('NEW_FUNCTION_REGISTRATION_GOLD_VALUE') ? (int) NEW_FUNCTION_REGISTRATION_GOLD_VALUE : 200), $text);
|
||||
|
||||
// PLUS settings need to be kept intact
|
||||
$text = preg_replace("'%PLUS_TIME%'", PLUS_TIME, $text);
|
||||
|
||||
@@ -158,6 +158,9 @@ $fh = fopen($myFile, 'w') or die("<br/><br/><br/>Can't open file: GameEngine\con
|
||||
$text = preg_replace("'%NEW_FUNCTION_TRIBE_EGIPTEANS%'", $NEW_FUNCTION_TRIBE_EGIPTEANS, $text);
|
||||
$text = preg_replace("'%NEW_FUNCTION_TRIBE_SPARTANS%'", $NEW_FUNCTION_TRIBE_SPARTANS, $text);
|
||||
$text = preg_replace("'%NEW_FUNCTION_TRIBE_VIKINGS%'", $NEW_FUNCTION_TRIBE_VIKINGS, $text);
|
||||
// Preserve registration-bonus-gold settings (owned by editNewFunctions.php).
|
||||
$text = preg_replace("'%NEW_FUNCTION_REGISTRATION_GOLD%'", (defined('NEW_FUNCTION_REGISTRATION_GOLD') && NEW_FUNCTION_REGISTRATION_GOLD ? 'true' : 'false'), $text);
|
||||
$text = preg_replace("'%NEW_FUNCTION_REGISTRATION_GOLD_VALUE%'", (string) (defined('NEW_FUNCTION_REGISTRATION_GOLD_VALUE') ? (int) NEW_FUNCTION_REGISTRATION_GOLD_VALUE : 200), $text);
|
||||
|
||||
// PLUS SETTINGS
|
||||
$text = preg_replace("'%PLUS_TIME%'", $_POST['plus_time'], $text);
|
||||
|
||||
@@ -169,6 +169,9 @@ $fh = fopen($myFile, 'w') or die("<br/><br/><br/>Can't open file: GameEngine\con
|
||||
$text = preg_replace("'%NEW_FUNCTION_TRIBE_EGIPTEANS%'", $NEW_FUNCTION_TRIBE_EGIPTEANS, $text);
|
||||
$text = preg_replace("'%NEW_FUNCTION_TRIBE_SPARTANS%'", $NEW_FUNCTION_TRIBE_SPARTANS, $text);
|
||||
$text = preg_replace("'%NEW_FUNCTION_TRIBE_VIKINGS%'", $NEW_FUNCTION_TRIBE_VIKINGS, $text);
|
||||
// Preserve registration-bonus-gold settings (owned by editNewFunctions.php).
|
||||
$text = preg_replace("'%NEW_FUNCTION_REGISTRATION_GOLD%'", (defined('NEW_FUNCTION_REGISTRATION_GOLD') && NEW_FUNCTION_REGISTRATION_GOLD ? 'true' : 'false'), $text);
|
||||
$text = preg_replace("'%NEW_FUNCTION_REGISTRATION_GOLD_VALUE%'", (string) (defined('NEW_FUNCTION_REGISTRATION_GOLD_VALUE') ? (int) NEW_FUNCTION_REGISTRATION_GOLD_VALUE : 200), $text);
|
||||
|
||||
// PLUS settings need to be kept intact
|
||||
$text = preg_replace("'%PLUS_TIME%'", PLUS_TIME, $text);
|
||||
|
||||
@@ -0,0 +1,73 @@
|
||||
<?php
|
||||
#################################################################################
|
||||
## -= YOU MAY NOT REMOVE OR CHANGE THIS NOTICE =- ##
|
||||
## --------------------------------------------------------------------------- ##
|
||||
## Filename pushOverride.php ##
|
||||
## Type BACKEND (Push Protection override) ##
|
||||
## Developed by: Shadow ##
|
||||
## License: TravianZ Project ##
|
||||
## Copyright: TravianZ (c) 2010-2026. All rights reserved. ##
|
||||
#################################################################################
|
||||
|
||||
// #299 style: load CSRF helpers + admin_deny() before the access check.
|
||||
require_once(__DIR__ . '/../csrf.php');
|
||||
if (!isset($_SESSION)) session_start();
|
||||
if ($_SESSION['access'] < MULTIHUNTER) {
|
||||
admin_deny('You must be signed in as an administrator or multihunter to do this. '
|
||||
. 'Your session may have expired — please return to the admin panel and sign in again.');
|
||||
}
|
||||
|
||||
// This Mod is POSTed to directly, so verify the CSRF token itself.
|
||||
csrf_verify();
|
||||
|
||||
include_once("../../config.php");
|
||||
|
||||
// autoloader (find it walking up, like the other Mods)
|
||||
$autoprefix = '';
|
||||
for ($i = 0; $i < 5; $i++) {
|
||||
$autoprefix = str_repeat('../', $i);
|
||||
if (file_exists($autoprefix . 'autoloader.php')) break;
|
||||
}
|
||||
include_once($autoprefix . "GameEngine/Database.php");
|
||||
include_once($autoprefix . "GameEngine/PushProtection.php");
|
||||
|
||||
$admid = (int)($_SESSION['id'] ?? 0);
|
||||
$uid = (int)($_POST['uid'] ?? 0);
|
||||
$mode = (int)($_POST['mode'] ?? 0);
|
||||
$limit = (int)($_POST['custom_limit'] ?? 0);
|
||||
$note = trim((string)($_POST['note'] ?? ''));
|
||||
|
||||
// Verify the acting user really is admin/MH in the DB (defence in depth).
|
||||
$check = mysqli_query($GLOBALS['link'],
|
||||
"SELECT access, username FROM " . TB_PREFIX . "users WHERE id = " . $admid);
|
||||
$acc = $check ? mysqli_fetch_assoc($check) : null;
|
||||
if (!$acc || (int)$acc['access'] < MULTIHUNTER) {
|
||||
admin_deny('Your session may have expired — please sign in again.');
|
||||
}
|
||||
|
||||
if ($uid > 3) {
|
||||
// Normalise mode to the allowed set.
|
||||
if (!in_array($mode, [
|
||||
PushProtection::OV_NONE,
|
||||
PushProtection::OV_UNLIMITED,
|
||||
PushProtection::OV_CUSTOM,
|
||||
], true)) {
|
||||
$mode = PushProtection::OV_NONE;
|
||||
}
|
||||
if ($limit < 0) {
|
||||
$limit = 0;
|
||||
}
|
||||
|
||||
PushProtection::setOverride($uid, $mode, $limit, $note, $admid);
|
||||
|
||||
$modeLabel = $mode === PushProtection::OV_UNLIMITED ? 'exempt'
|
||||
: ($mode === PushProtection::OV_CUSTOM ? ('custom cap ' . $limit) : 'cleared');
|
||||
$logMsg = 'Push protection override for uid ' . $uid . ' set to <b>' . $modeLabel . '</b>';
|
||||
$logMsg = mysqli_real_escape_string($GLOBALS['link'], $logMsg);
|
||||
mysqli_query($GLOBALS['link'],
|
||||
"INSERT INTO " . TB_PREFIX . "admin_log VALUES (0, " . $admid . ", '" . $logMsg . "', " . time() . ")");
|
||||
}
|
||||
|
||||
header("Location: ../../../Admin/admin.php?p=pushprot");
|
||||
exit;
|
||||
?>
|
||||
Reference in New Issue
Block a user