mirror of
https://github.com/Shadowss/TravianZ.git
synced 2026-07-16 17:46:09 +00:00
c7ba50036f
Add (Admin Panel) : Multi-account detection, Push protection, Heatmap, Gold Shop (redem codes), Blacklist user names and Quest Editor + fix some php notice Fix quest_core for mission 33,36, train 2 units, etc (NEW TRIBE) There are some temporary bugs that will be fixed in next commit (pagination for new heatmap, quest reward)
226 lines
6.6 KiB
PHP
226 lines
6.6 KiB
PHP
<?php
|
|
include_once("GameEngine/Generator.php");
|
|
$start_timer = $generator->pageLoadTimeStart();
|
|
|
|
#################################################################################
|
|
## -= YOU MAY NOT REMOVE OR CHANGE THIS NOTICE =- ##
|
|
## --------------------------------------------------------------------------- ##
|
|
## Filename : plus.php ##
|
|
## Type : In Game Plus Page ##
|
|
## --------------------------------------------------------------------------- ##
|
|
## Developed by : Dzoki ##
|
|
## Refactored by : Shadow ##
|
|
## Redesign by : Shadow ##
|
|
## --------------------------------------------------------------------------- ##
|
|
## Contact : cata7007@gmail.com ##
|
|
## Project : TravianZ ##
|
|
## URLs: : https://travianz.org ##
|
|
## GitHub : https://github.com/Shadowss/TravianZ ##
|
|
## --------------------------------------------------------------------------- ##
|
|
## License : TravianZ Project ##
|
|
## Copyright : TravianZ (c) 2010-2026. All rights reserved. ##
|
|
## --------------------------------------------------------------------------- ##
|
|
#################################################################################
|
|
|
|
|
|
use App\Utils\AccessLogger;
|
|
|
|
include_once("GameEngine/Village.php");
|
|
AccessLogger::logRequest();
|
|
|
|
if(isset($_GET['newdid'])) {
|
|
$_SESSION['wid'] = $_GET['newdid'];
|
|
header("Location: ".$_SERVER['PHP_SELF']);
|
|
exit;
|
|
}
|
|
else $building->procBuild($_GET);
|
|
|
|
// Gold shop: promo-code redemption (player-side). Best-effort; the engine
|
|
// self-creates its tables and validates the code (active / expiry / uses /
|
|
// once-per-player) before granting gold.
|
|
$promoMsg = '';
|
|
$promoOk = false;
|
|
if (isset($_POST['redeem_code']) && class_exists('GoldShop')) {
|
|
$__uid = isset($session) && isset($session->uid) ? (int)$session->uid : 0;
|
|
$rr = GoldShop::redeem($__uid, $_POST['redeem_code']);
|
|
$promoOk = $rr[0];
|
|
$promoMsg = $rr[1];
|
|
}
|
|
|
|
?>
|
|
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
|
|
<html>
|
|
<head>
|
|
<title><?php
|
|
echo SERVER_NAME . ' » » » PLUS ';
|
|
|
|
if (!empty($_GET['id'])) {
|
|
switch ($_GET['id']) {
|
|
case '2':
|
|
echo 'Advantages';
|
|
break;
|
|
|
|
case '3':
|
|
echo 'Gold';
|
|
break;
|
|
|
|
case '4':
|
|
echo 'FAQ';
|
|
break;
|
|
|
|
case '5':
|
|
echo 'Earn Gold';
|
|
break;
|
|
}
|
|
} else {
|
|
echo 'Tariffs';
|
|
}
|
|
?></title>
|
|
<link rel="shortcut icon" href="favicon.ico"/>
|
|
<meta http-equiv="cache-control" content="max-age=0" />
|
|
<meta http-equiv="pragma" content="no-cache" />
|
|
<meta http-equiv="expires" content="0" />
|
|
<meta http-equiv="imagetoolbar" content="no" />
|
|
<meta http-equiv="content-type" content="text/html; charset=UTF-8" />
|
|
<script src="mt-full.js?0faab" type="text/javascript"></script>
|
|
<script src="unx.js?f4b7h" type="text/javascript"></script>
|
|
<script src="new.js?0faab" type="text/javascript"></script>
|
|
<link href="<?php echo GP_LOCATE; ?>lang/en/lang.css?f4b7d" rel="stylesheet" type="text/css" />
|
|
<link href="<?php echo GP_LOCATE; ?>lang/en/compact.css?f4b7i" rel="stylesheet" type="text/css" />
|
|
<?php
|
|
if($session->gpack == null || GP_ENABLE == false) {
|
|
echo "
|
|
<link href='".GP_LOCATE."travian.css?e21d2' rel='stylesheet' type='text/css' />
|
|
<link href='".GP_LOCATE."lang/en/lang.css?e21d2' rel='stylesheet' type='text/css' />";
|
|
} else {
|
|
echo "
|
|
<link href='".$session->gpack."travian.css?e21d2' rel='stylesheet' type='text/css' />
|
|
<link href='".$session->gpack."lang/en/lang.css?e21d2' rel='stylesheet' type='text/css' />";
|
|
}
|
|
?>
|
|
<script type="text/javascript">
|
|
|
|
window.addEvent('domready', start);
|
|
</script>
|
|
</head>
|
|
|
|
|
|
<body class="v35 ie ie8">
|
|
<div class="wrapper">
|
|
<img style="filter:chroma();" src="img/x.gif" id="msfilter" alt="" />
|
|
<div id="dynamic_header">
|
|
</div>
|
|
<?php include("Templates/header.tpl"); ?>
|
|
<div id="mid">
|
|
<?php include("Templates/menu.tpl"); ?>
|
|
<?php
|
|
if(isset($_GET['id'])){
|
|
$id = preg_replace("/[^a-zA-Z0-9_-]/", "", $_GET['id']);
|
|
}
|
|
else $id = "";
|
|
|
|
if(empty($id)) include ("Templates/Plus/1.tpl");
|
|
|
|
if($id == 1){
|
|
include ("Templates/Plus/3.tpl");
|
|
}
|
|
if($id == 2){
|
|
include ("Templates/Plus/2.tpl");
|
|
}
|
|
if($id == 3){
|
|
include ("Templates/Plus/3.tpl");
|
|
}
|
|
if($id == 4){
|
|
include ("Templates/Plus/4.tpl");
|
|
}
|
|
if(isset($_GET['mail']) && $id == 5){
|
|
include ("Templates/Plus/invite.tpl");
|
|
}else if($id == 5){
|
|
include ("Templates/Plus/5.tpl");
|
|
}
|
|
if($id == 7){
|
|
include ("Templates/Plus/7.tpl");
|
|
}
|
|
if($id == 8){
|
|
include ("Templates/Plus/8.tpl");
|
|
}
|
|
if($id == 9){
|
|
include ("Templates/Plus/9.tpl");
|
|
}
|
|
if($id == 10){
|
|
include ("Templates/Plus/10.tpl");
|
|
}
|
|
if($id == 11){
|
|
include ("Templates/Plus/11.tpl");
|
|
}
|
|
if($id == 12){
|
|
include ("Templates/Plus/12.tpl");
|
|
}
|
|
if($id == 13){
|
|
include ("Templates/Plus/13.tpl");
|
|
}
|
|
if($id == 14){
|
|
include ("Templates/Plus/14.tpl");
|
|
}
|
|
if($id == 15){
|
|
include ("Templates/Plus/15.tpl");
|
|
}
|
|
if($id > 15){
|
|
include ("Templates/Plus/3.tpl");
|
|
}
|
|
if (isset($_POST['mail'])) {
|
|
|
|
$email = trim($_POST['mail']);
|
|
$text = isset($_POST['text']) ? trim($_POST['text']) : '';
|
|
|
|
// Blocăm CRLF injection și validăm adresa
|
|
if (
|
|
strpos($email, "\r") === false &&
|
|
strpos($email, "\n") === false &&
|
|
filter_var($email, FILTER_VALIDATE_EMAIL)
|
|
) {
|
|
// Limităm dimensiunea și eliminăm caracterele de control
|
|
$text = substr($text, 0, 2000);
|
|
$text = preg_replace('/[\x00-\x08\x0B\x0C\x0E-\x1F\x7F]/', '', $text);
|
|
|
|
$mailer->sendInvite($email, $session->uid, $text);
|
|
}
|
|
}
|
|
?>
|
|
|
|
<br /><br /><br /><br /><div id="side_info">
|
|
<?php
|
|
include("Templates/multivillage.tpl");
|
|
include("Templates/quest.tpl");
|
|
include("Templates/news.tpl");
|
|
if(!NEW_FUNCTIONS_DISPLAY_LINKS) {
|
|
echo "<br><br><br><br>";
|
|
include("Templates/links.tpl");
|
|
}
|
|
?>
|
|
</div>
|
|
<div class="clear"></div>
|
|
</div>
|
|
<div class="footer-stopper"></div>
|
|
<div class="clear"></div>
|
|
|
|
<?php
|
|
include("Templates/footer.tpl");
|
|
include("Templates/res.tpl");
|
|
?>
|
|
<div id="stime">
|
|
<div id="ltime">
|
|
<div id="ltimeWrap">
|
|
<?php echo CALCULATED_IN;?> <b><?php
|
|
echo round(($generator->pageLoadTimeEnd()-$start_timer)*1000);
|
|
?></b> ms
|
|
|
|
<br /><?php echo SERVER_TIME;?> <span id="tp1" class="b"><?php echo date('H:i:s'); ?></span>
|
|
</div>
|
|
</div>
|
|
</div>
|
|
|
|
<div id="ce"></div>
|
|
</body>
|
|
</html>
|