Tsar_Lyagushka/HB
1
0
Fork 0
forked from halo-battle/game
Code Issues Pull requests Projects Releases Wiki Activity

Version 1.10c

Browse source
This commit is contained in:
nemunaire 2008-11-19 12:00:00 +01:00
commit 2a066a7498
148 changed files with 2174 additions and 134960 deletions
Download patch file Download diff file Expand all files Collapse all files

123
htdocs/index.php
View file

@ -49,6 +49,7 @@ if (isset($sess) && isset($sess->values['connected']) && $sess->values['connecte
$sess->put();
$template->assign('contenu', '<meta http-equiv="refresh" content="0"/>');
$template->assign('page','vp');
$template->assign('race', $race);
$template->display('game/vp.tpl');
exit;
}
@ -229,21 +230,21 @@ else {
if (isset($_POST['HB_login']) && isset($_POST['HB_password']) && gpc('p') == 'connexion') {
$HB_login = gpc('HB_login', 'post');
$HB_password = gpc('HB_password', 'post');
$HB_auth = hash("sha512", $HB_login.'Ņ♂↨'.$HB_password.'☻♫☼'.date('W!Y¨D@j'));
$HB_auth = hash("sha512", $HB_login.'Ņ♂↨'.$HB_password.'☻♫☼'.date('W!Y¨D@j').$_SERVER["HTTP_USER_AGENT"].$_SERVER["REMOTE_ADDR"]);
}
else {
$HB_login = gpc('l');
$HB_password = cxor(hexstr(gpc('p')), date('WYDj'));
if (is_numeric('0x'.gpc('p'))) $HB_password = cxor(hexstr(gpc('p')), date('WYDj'));
$HB_auth = gpc('a');
}
if (empty($HB_login) || empty($HB_password)) {
$template->assign('message','Nom d\'utilisateur ou mot de passe incorrect. L\'un des deux est vide<br /><br />');
$template->assign('message','Nom d\'utilisateur ou mot de passe incorrect.<br /><br />');
$template->assign('couleur','red');
$template->display('cms/erreur.tpl');
exit;
}
elseif (hash("sha512", $HB_login.'Ņ♂↨'.$HB_password.'☻♫☼'.date('W!Y¨D@j')) != $HB_auth && hash("sha512", $HB_login.'Ņ♂↨'.$HB_password.'☻♫☼'.date('W!Y¨D@j', time()-300)) != $HB_auth) {
elseif (hash("sha512", $HB_login.'Ņ♂↨'.$HB_password.'☻♫☼'.date('W!Y¨D@j').$_SERVER["HTTP_USER_AGENT"].$_SERVER["REMOTE_ADDR"]) != $HB_auth && hash("sha512", $HB_login.'Ņ♂↨'.$HB_password.'☻♫☼'.date('W!Y¨D@j', time()-300)) != $HB_auth) {
$template->assign('message','Impossible d\'authentifier la connexion !<br /><br />Si le problème perciste, contactez un administrateur.');
$template->assign('couleur','red');
$template->display('cms/erreur.tpl');
@ -270,30 +271,9 @@ else {
exit;
}
$bdd->deconnexion();
/*if (empty($var['mdp_var'])) {
$gen = rand(-2147483648, 2147483647);
if ($gen == 0) $gen = rand(1000000000, 2147483647);
$HB_passwordAnc = sha1(strtoupper($HB_login).':'.$HB_password);
$HB_passwordNew = hash_var(strtoupper($HB_login).':'.$HB_password.'♂♪'.$gen);
$bdd->connexion();
$bdd->escape($HB_passwordAnc);
$bdd->escape($HB_passwordNew);
if ($bdd->unique_query("SELECT id FROM $table_user WHERE pseudo = '$HB_login' AND mdp = '$HB_passwordAnc';")) {
$bdd->query("UPDATE $table_user SET mdp_var = $gen, mdp = '$HB_passwordNew' WHERE pseudo = '$HB_login';");
$bdd->deconnexion();
$var['mdp_var'] = $gen;
}
else {
$bdd->deconnexion();
$template->assign('message','Nom d\'utilisateur ou mot de passe incorrect.');
$template->assign('couleur','red');
$template->assign('script','<script type="text/javascript">setTimeout(\'document.location.href="http://www.halo-battle.s-fr.com/";\', 2500);</script>');
$template->display('cms/erreur.tpl');
exit;
}
}*/
$HB_password = mdp($HB_login, $HB_password, $var['mdp_var']);
//print 'mdp : '.$HB_password.' contre BDD : '.$var['mdp'];
$time = time();
$ip = $_SERVER["REMOTE_ADDR"];
$bdd->connexion();
@ -310,8 +290,9 @@ else {
$resultat = $bdd->unique_query("SELECT id, race, mv, last_visite, auth_level, raisonmv FROM $table_user WHERE pseudo = '$HB_login' AND mdp = '$HB_password';");
if ($resultat) {
$id = $resultat['id'];
$reqPlan = $bdd->query("SELECT id, file_bat, file_tech, file_cas, file_vais, file_ter FROM $table_planete WHERE id_user = '$id' ORDER BY id ASC;");
$reqPlan = $bdd->query("SELECT id, file_bat, file_tech, file_cas, file_vais, file_ter, timestamp FROM $table_planete WHERE id_user = '$id' ORDER BY id ASC;");
$resultatP = $reqPlan[0];
$race = $resultat['race'];
if (!$reqPlan) {
$bdd->deconnexion();
@ -323,66 +304,83 @@ else {
}
if ($resultat['mv'] > 0) {
if ($resultat['last_visite']+259200 > time() && $resultat['auth_level'] < 2) {
if (($resultat['last_visite'] + 259200 > time() || $resultat['mv'] == 3) && $resultat['auth_level'] < 2) {
if ($resultat['mv'] == 3) $template->assign('message','Vous êtes définitivement banni de cette galaxie pour '.$resultat['raisonmv'].'. Vous ne pouvez plus vous reconnecter sur votre compte');
elseif ($resultat['mv'] == 2) $template->assign('message','Un opérateur a placé votre compte en mode vacances pour '.$resultat['raisonmv'].'. Vous ne pouvez pas vous reconnecter sur votre compte avant le<br />'.strftime("%A %d %B à %H:%M", $resultat['last_visite']+259200));
else $template->assign('message','Vous ne pouvez pas sortir du mode vacances avant le<br />'.strftime("%A %d %B à %H:%M", $resultat['last_visite']+259200));
$template->assign('couleur','red');
$template->display('game/erreur.tpl');
$template->display('cms/erreur.tpl');
exit;
}
$bdd->query("UPDATE $table_user SET mv = '0' WHERE id = '$id';");
$bdd->query("UPDATE $table_planete SET timestamp = '".time()."' WHERE id_user = '$id';");
$bdd->deconnexion();
//On fait repartir à 0 les files d'attente
include_once(_FCORE."../game/Class/class.gerefile.php");
$cntplan = count($reqPlan);
for ($i = 0; $i < $cntplan; $i++) {
if (!empty($reqPlan[$i]['file_bat'])) {
$file = unserialize($reqPlan[$i]['file_bat']);
$file->timestamp = time();
$fileBat = serialize($file);
$bdd->escape($fileBat);
include_once(_FCORE."../game/vars.php");
include_once(_FCORE."../game/Class/class.file.php");
include_once(_FCORE."../game/Class/class.user.php");
include_once(_FCORE."../game/Class/class.planete.php");
foreach ($reqPlan as $plan){
if (!empty($plan['file_bat'])) {
$file = new File($plan['file_bat']);
$fileBat = $file->reajusteVacances($plan['timestamp']);
}
else $fileBat = '';
if (!empty($reqPlan[$i]['file_tech'])) {
$file = unserialize($reqPlan[$i]['file_tech']);
$file->timestamp = time();
$fileTech = serialize($file);
$bdd->escape($fileTech);
if (!empty($plan['file_tech'])) {
$file = new File($plan['file_tech']);
$fileTech = $file->reajusteVacances($plan['timestamp']);
}
else $fileTech = '';
if (!empty($reqPlan[$i]['file_cas'])) {
$file = unserialize($reqPlan[$i]['file_cas']);
$file->timestamp = time();
$fileCas = serialize($file);
$bdd->escape($fileCas);
if (!empty($plan['file_cas'])) {
$file = new File($plan['file_cas']);
$fileCas = $file->reajusteVacances($plan['timestamp']);
}
else $fileCas = '';
if (!empty($reqPlan[$i]['file_vais'])) {
$file = unserialize($reqPlan[$i]['file_vais']);
$file->timestamp = time();
$fileVais = serialize($file);
$bdd->escape($fileCas);
if (!empty($plan['file_vais'])) {
$file = new File($plan['file_vais']);
$fileVais = $file->reajusteVacances($plan['timestamp']);
}
else $fileVais = '';
if (!empty($reqPlan[$i]['file_ter'])) {
$file = unserialize($reqPlan[$i]['file_ter']);
$file->timestamp = time();
$fileTer = serialize($file);
$bdd->escape($fileTer);
if (!empty($plan['file_ter'])) {
$file = new File($plan['file_ter']);
$fileTer = $file->reajusteVacances($plan['timestamp']);
}
else $fileTer = '';
$idPlan = $reqPlan[$i]['id'];
$bdd->query("UPDATE $table_planete SET file_bat = '$fileBat', file_tech = '$fileTech', file_cas = '$fileCas', file_vais = '$fileVais', file_ter = '$fileTer' WHERE id = '$idPlan';");
$idPlan = $plan['id'];
$bdd->connexion();
$bdd->escape($fileBat);
$bdd->escape($fileTech);
$bdd->escape($fileCas);
$bdd->escape($fileVais);
$bdd->escape($fileTer);
$bdd->query("UPDATE $table_planete SET file_bat = '$fileBat', file_tech = '$fileTech', file_cas = '$fileCas', file_vais = '$fileVais', file_ter = '$fileTer' WHERE id = $idPlan;");
$bdd->deconnexion();
//On met à jour la planète pour tout le reste
$plan = new Planete($plan['id'], true);
}
}
//On met à jour toutes les planètes si le nombre de joueurs n'est pas trop important
elseif ($enligne['enligne'] > 400) {
include_once(_FCORE."../game/vars.php");
include_once(_FCORE."../game/Class/class.file.php");
include_once(_FCORE."../game/Class/class.user.php");
include_once(_FCORE."../game/Class/class.planete.php");
foreach ($reqPlan as $plan){
$plan = new Planete($plan['id'], true);
}
}
$bdd->query("UPDATE $table_user SET last_visite = '$time', last_ip = '$ip' WHERE id = '$id';");
$plan = null;
$bdd->connexion();
$bdd->query("UPDATE $table_user SET last_visite = '$time', last_ip = '$ip' WHERE id = $id;");
$bdd->query("INSERT INTO $table_registre_identification (id_util, ip) VALUES (".$id.",'".$ip."');");
$multi = $bdd->unique_query("SELECT COUNT(*) FROM $table_registre_identification WHERE ip = '$ip' GROUP BY ip, id_util");
$multi = $bdd->unique_query("SELECT COUNT(*) FROM $table_registre_identification WHERE ip = '$ip' GROUP BY ip, id_util;");
$message = $bdd->unique_query("SELECT time FROM $table_messages_demarrage ORDER BY time DESC LIMIT 1;");
$bdd->deconnexion();
@ -390,6 +388,7 @@ else {
$sess->values['id'] = $resultat['id'];
$sess->values['race'] = $resultat['race'];
$sess->values['idPlan'] = $resultatP['id'];
//Si on détecte le multi-compte, on interdit l'accès au panneau d'admin
if (empty($multi)) $sess->level = 1;
else $sess->level = $resultat['auth_level'] + 1;