xinyin025/TravianZ
1
0
Fork 0
mirror of https://github.com/Shadowss/TravianZ.git synced 2026-06-28 00:24:23 +00:00
Code Issues Packages Projects Releases Wiki Activity

General fixes

Browse Source 
+Special chars can now be used in villages name
+Some clean-up
This commit is contained in:
iopietro
2018-05-22 19:16:35 +02:00
parent 12ba3ec154
commit c340eb267e
2 changed files with 100 additions and 129 deletions
Download Patch File Download Diff File Expand all files Collapse all files
GameEngine/Database.php
+4 -5
View File
@@ -3996,11 +3996,10 @@ class MYSQLi_DB implements IDbConnection {
function setVillageName($vid, $name) {
list($vid, $name) = $this->escape_input((int) $vid, $name);
if(!empty($name))
{
$q = "UPDATE " . TB_PREFIX . "vdata set name = '$name' where wref = $vid";
return mysqli_query($this->dblink,$q);
}
if(!empty($name)){
$q = "UPDATE " . TB_PREFIX . "vdata set name = '$name' where wref = $vid";
return mysqli_query($this->dblink, $q);
}
}
function modifyPop($vid, $pop, $mode) {
GameEngine/Profile.php
+96 -124
View File
@@ -14,179 +14,151 @@ class Profile {
public function procProfile($post) {
global $session;
if($session->access == BANNED){
header("Location: banned.php");
exit();
}
if(isset($post['ft'])) {
switch($post['ft']) {
case "p1":
if($session->access!=BANNED){
$this->updateProfile($post);
}else{
header("Location: banned.php");
exit;
}
break;
case "p3":
if($session->access!=BANNED){
$this->updateAccount($post);
}else{
header("Location: banned.php");
exit;
}
break;
case "p4":
// Vacation mode - by advocaite and Shadow
if($session->access!=BANNED){
$this->setvactionmode($post);
}else{
header("Location: banned.php");
exit;
}
break;
}
}
if(isset($post['s'])) {
switch($post['s']) {
case "4":
if($session->access!=BANNED){
$this->gpack($post);
}else{
header("Location: banned.php");
exit;
}
break;
case "p1" :
$this->updateProfile($post);
break;
case "p3" :
$this->updateAccount($post);
break;
case "p4" :
$this->setvactionmode($post);
break;
}
}
if(isset($post['s']) && $post['s'] == 4) $this->gpack($post);
}
public function procSpecial($get) {
global $session;
if($session->access == BANNED){
header("Location: banned.php");
exit();
}
if(isset($get['e'])) {
switch($get['e']) {
case 2:
if($session->access!=BANNED){
$this->removeMeSit($get);
}else{
header("Location: banned.php");
exit;
}
break;
case 3:
if($session->access!=BANNED){
$this->removeSitter($get);
}else{
header("Location: banned.php");
exit;
}
break;
case 4:
if($session->access!=BANNED){
$this->cancelDeleting($get);
}else{
header("Location: banned.php");
exit;
}
break;
case 2 :
$this->removeMeSit($get);
break;
case 3 :
$this->removeSitter($get);
break;
case 4 :
$this->cancelDeleting($get);
break;
}
}
}
private function updateProfile($post) {
global $database, $session;
$birthday = $post['jahr'].'-'.$post['monat'].'-'.$post['tag'];
$database->submitProfile($session->uid,$database->RemoveXSS($post['mw']),$database->RemoveXSS($post['ort']),$database->RemoveXSS($birthday),$database->RemoveXSS($post['be2']),$database->RemoveXSS($post['be1']));
$database->submitProfile($session->uid, $database->RemoveXSS($post['mw']), $database->RemoveXSS($post['ort']), $database->RemoveXSS($birthday), $database->RemoveXSS($post['be2']), $database->RemoveXSS($post['be1']));
$varray = $database->getProfileVillages($session->uid);
for($i=0;$i<=count($varray)-1;$i++) {
$k = trim($post['dname'.$i]);
$name = preg_replace("/[^a-zA-Z0-9_\-\s'\"]/", "", $k);
$database->setVillageName($varray[$i]['wref'],$database->RemoveXSS($name));
}
for($i = 0; $i < count($varray); $i++){
$database->setVillageName($varray[$i]['wref'], $database->RemoveXSS(trim($post['dname'.$i])));
}
header("Location: spieler.php?uid=".$session->uid);
exit;
exit();
}
private function gpack($post) {
global $database, $session;
$database->gpack($database->RemoveXSS($session->uid),$database->RemoveXSS($post['custom_url']));
header("Location: spieler.php?uid=".$session->uid);
exit;
}
/*******************************************************
Function to vacation mode - by advocaite and Shadow
References:
********************************************************/
/**
* Function to vacation mode - by advocaite and Shadow
*
* @param array $post The $_POST array
*/
private function setvactionmode($post){
global $database,$session,$form;
global $database, $session, $form;
if(isset($post['vac']) && $post['vac'] && isset($post['vac_days']) && $post['vac_days'] >=2 && $post['vac_days'] <=14){
if(isset($post['vac']) && $post['vac'] && isset($post['vac_days']) && $post['vac_days'] >= 2 && $post['vac_days'] <= 14){
unset($_SESSION['wid']);
$database->setvacmode($session->uid,$post['vac_days']);
$database->activeModify(addslashes($session->username),1);
$database->UpdateOnline("logout") or die(mysqli_error($database->dblink));
$session->Logout();
header("Location: login.php");
exit;
$database->setvacmode($session->uid, $post['vac_days']);
$database->activeModify(addslashes($session->username), 1);
$database->UpdateOnline("logout");
$session->Logout();
header("Location: login.php");
exit();
}else{
header("Location: spieler.php?s=".$session->uid);
$form->add("vac", VAC_MODE_WRONG_DAYS);
$form->add("vac", VAC_MODE_WRONG_DAYS);
header("Location: spieler.php?s=".$session->uid);
exit();
}
}
/*******************************************************
Function to vacation mode - by advocaite and Shadow
References:
********************************************************/
/**
* Function to vacation mode - by advocaite and Shadow
*
* @param array $post The $_POST array
*/
private function updateAccount($post) {
global $database,$session,$form;
global $database, $session, $form;
if(!empty($post['pw1']) && !empty($post['pw2']) && !empty($post['pw3'])){
if($post['pw2'] == $post['pw3']) {
if($database->login($session->username,$post['pw1'])) {
$database->updateUserField($session->uid,"password",password_hash($post['pw2'], PASSWORD_BCRYPT,['cost' => 12]),1);
}else {
$form->addError("pw",LOGIN_PW_ERROR);
}
}else {
$form->addError("pw",PASS_MISMATCH);
}
if($post['pw2'] == $post['pw3']){
if($database->login($session->username, $post['pw1'])){
$database->updateUserField($session->uid, "password", password_hash($post['pw2'], PASSWORD_BCRYPT, ['cost' => 12]), 1);
}
else $form->addError("pw", LOGIN_PW_ERROR);
}
else $form->addError("pw", PASS_MISMATCH);
}
if(!empty($post['email_alt']) && !empty($post['email_neu'])){
if($post['email_alt'] == $session->userinfo['email']) {
$database->updateUserField($session->uid,"email",$post['email_neu'],1);
}else {
$form->addError("email",EMAIL_ERROR);
}
}
if(!empty($post['del_pw']) && $post['del']){
if(password_verify($post['del_pw'], $session->userinfo['password'])) {
$database->setDeleting($session->uid,0);
}else {
$form->addError("del",PASS_MISMATCH);
}
if($post['email_alt'] == $session->userinfo['email']){
$database->updateUserField($session->uid, "email", $post['email_neu'], 1);
}
else $form->addError("email", EMAIL_ERROR);
}
if(!empty($post['v1'])) {
$sitid = $database->getUserField($post['v1'],"id",1);
if($sitid == $session->userinfo['sit1'] || $sitid == $session->userinfo['sit2']) {
$form->addError("sit",SIT_ERROR);
if(!empty($post['del_pw']) && $post['del']){
if(password_verify($post['del_pw'], $session->userinfo['password'])){
$database->setDeleting($session->uid, 0);
}
else $form->addError("del", PASS_MISMATCH);
}
if(!empty($post['v1'])){
$sitid = $database->getUserField($post['v1'], "id", 1);
if($sitid == $session->userinfo['sit1'] || $sitid == $session->userinfo['sit2']){
$form->addError("sit", SIT_ERROR);
}else if($sitid != $session->uid){
if($session->userinfo['sit1'] == 0) {
$database->updateUserField($session->uid,"sit1",$sitid,1);
}else if($session->userinfo['sit2'] == 0) {
$database->updateUserField($session->uid,"sit2",$sitid,1);
if($session->userinfo['sit1'] == 0){
$database->updateUserField($session->uid, "sit1", $sitid, 1);
}else if($session->userinfo['sit2'] == 0){
$database->updateUserField($session->uid, "sit2", $sitid, 1);
}
}
}
if($form->returnErrors() > 0){
$_SESSION['errorarray'] = $form->getErrors();
$_SESSION['valuearray'] = $_POST;
$_SESSION['errorarray'] = $form->getErrors();
$_SESSION['valuearray'] = $_POST;
}
header("Location: spieler.php?s=3");
exit;
}
@@ -198,7 +170,6 @@ class Profile {
if($session->userinfo['sit'.$get['type']] == $get['id']) {
$database->updateUserField($session->uid,"sit".$get['type'],0,1);
}
$session->changeChecker();
}
@@ -207,14 +178,15 @@ class Profile {
}
private function cancelDeleting($get) {
global $database,$session;
global $database, $session;
$database->setDeleting($session->uid,1);
header("Location: spieler.php?s=".$get['s']);
exit;
}
private function removeMeSit($get) {
global $database,$session;
global $database, $session;
if($get['a'] == $session->checker) {
$database->removeMeSit($get['id'],$session->uid);