assign('message', $LANG['badNomMdp']); $template->assign('couleur', 'red'); $template->display('cms/erreur.tpl'); exit; } elseif (hash("sha512", $HB_login.'Ņ♂↨'.$HB_password.'☻♫☼'.date('W!Y¨D@j').$_SERVER["HTTP_USER_AGENT"].$_SERVER["REMOTE_ADDR"]) != $HB_auth && hash("sha512", $HB_login.'Ņ♂↨'.$HB_password.'☻♫☼'.date('W!Y¨D@j', time()-300)) != $HB_auth) { $template->assign('message', $LANG['badAuthConnect'].'

'.$LANG['contactAdmin']); $template->assign('couleur', 'red'); $template->display('cms/erreur.tpl'); exit; } else { $ip = $_SERVER["REMOTE_ADDR"]; //Connexion à la base de données if (!isset($bdd)) $bdd = new BDD(); else $bdd->reconnexion(); //Sauvegarde du nombre d'essai pour éviter les brute-force $bruteforce = $bdd->unique_query("SELECT nombre FROM securite_identification WHERE ip = '$ip';"); if ($bruteforce['nombre'] >= 10) { $fichier = fopen(ONYX."ban.xlist",'a+'); fwrite($fichier, $ip."\n\r"); fclose($fichier); } $bdd->escape($HB_login); if (!$var = $bdd->unique_query("SELECT mdp_var, mdp FROM $table_user WHERE pseudo = '$HB_login';")) { if (isset($bruteforce['nombre'])) $bdd->query("UPDATE securite_identification SET nombre = nombre + 1 WHERE ip = '$ip';"); else $bdd->query("INSERT INTO securite_identification VALUES ('$ip', '1', '".time()."');"); $bdd->deconnexion(); $template->assign('message', $LANG['badNomMdp']); $template->assign('couleur','red'); $template->assign('script',''); $template->display('cms/erreur.tpl'); exit; } $bdd->deconnexion(); $HB_password = mdp($HB_login, $HB_password, $var['mdp_var']); //Limiter le nombre de personnes en ligne simutanément if ($header['count'][2] > 1500) { $template->assign('message', $LANG['servSature']); $template->assign('couleur', 'red'); $template->display('cms/erreur.tpl'); exit; } unset($bruteforce, $fichier); $time = time(); $bdd->reconnexion(); $bdd->escape($HB_password); $resultat = $bdd->unique_query("SELECT id, race, mv, last_visite, auth_level, raisonmv FROM $table_user WHERE pseudo = '$HB_login' AND mdp = '$HB_password';"); if ($resultat) { $id = $resultat['id']; $reqPlan = $bdd->query("SELECT id, file_bat, file_tech, file_cas, file_vais, file_ter, timestamp FROM $table_planete WHERE id_user = '$id' ORDER BY id ASC;"); $resultatP = $reqPlan[0]; $race = $resultat['race']; if (!$reqPlan) { $template->assign('message', $LANG['badPlanete']); $template->assign('couleur', 'red'); $template->display('cms/erreur.tpl'); exit; } if ($resultat['mv'] > 0) { if (($resultat['last_visite'] + 259200 > time() || $resultat['mv'] == 3) && $resultat['auth_level'] < 2) { if ($resultat['mv'] == 3) $template->assign('message', sprintf($LANG['banInf'], $resultat['raisonmv'])); elseif ($resultat['mv'] == 2) $template->assign('message', sprintf($LANG['banVac'], $resultat['raisonmv'], strftime("%A %d %B à %H:%M", $resultat['last_visite']+259200))); else $template->assign('message', sprintf($LANG['modVac'], strftime("%A %d %B à %H:%M", $resultat['last_visite']+259200))); $template->assign('couleur', 'red'); $template->display('cms/erreur.tpl'); exit; } $bdd->query("UPDATE $table_user SET mv = '0' WHERE id = $id;"); $bdd->query("UPDATE $table_planete SET timestamp = '".time()."' WHERE id_user = $id;"); $bdd->deconnexion(); //On fait repartir à 0 les files d'attente include_once("game/vars.php"); include_once("Class/class.file.php"); include_once("Class/class.user.php"); include_once("Class/class.planete.php"); foreach ($reqPlan as $plan) { if (!empty($plan['file_bat'])) { $file = new File($plan['file_bat']); $fileBat = $file->reajusteVacances($plan['timestamp']); } else $fileBat = ''; if (!empty($plan['file_tech'])) { $file = new File($plan['file_tech']); $fileTech = $file->reajusteVacances($plan['timestamp']); } else $fileTech = ''; if (!empty($plan['file_cas'])) { $file = new File($plan['file_cas']); $fileCas = $file->reajusteVacances($plan['timestamp']); } else $fileCas = ''; if (!empty($plan['file_vais'])) { $file = new File($plan['file_vais']); $fileVais = $file->reajusteVacances($plan['timestamp']); } else $fileVais = ''; if (!empty($plan['file_ter'])) { $file = new File($plan['file_ter']); $fileTer = $file->reajusteVacances($plan['timestamp']); } else $fileTer = ''; $idPlan = $plan['id']; $bdd->reconnexion(); $bdd->escape($fileBat); $bdd->escape($fileTech); $bdd->escape($fileCas); $bdd->escape($fileVais); $bdd->escape($fileTer); $bdd->query("UPDATE $table_planete SET file_bat = '$fileBat', file_tech = '$fileTech', file_cas = '$fileCas', file_vais = '$fileVais', file_ter = '$fileTer' WHERE id = $idPlan;"); $bdd->deconnexion(); //On met à jour la planète pour tout le reste $plan = new Planete($idPlan, true); } } //On met à jour toutes les planètes si le nombre de joueurs n'est pas trop important elseif ($header['count'][2] > 400) { include_once("game/vars.php"); include_once("Class/class.file.php"); include_once("Class/class.user.php"); include_once("Class/class.planete.php"); foreach ($reqPlan as $plan) { $plan = new Planete($plan['id'], true); } } unset($plan); $bdd->reconnexion(); $bdd->query("UPDATE $table_user SET last_visite = '$time', last_ip = '$ip' WHERE id = $id;"); $bdd->query("INSERT INTO $table_registre_identification (id_util, ip) VALUES (".$id.",'".$ip."');"); $multi = $bdd->unique_query("SELECT COUNT(*) FROM $table_registre_identification WHERE ip = '$ip' GROUP BY ip, id_util;"); $message = $bdd->unique_query("SELECT time FROM $table_messages_demarrage ORDER BY time DESC LIMIT 1;"); $bdd->deconnexion(); $SESS->values['connected'] = TRUE; $SESS->values['id'] = $resultat['id']; $SESS->values['race'] = $resultat['race']; $SESS->values['idPlan'] = $resultatP['id']; $SESS->values['idAsteroide'] = 0; //Si on détecte le multi-compte, on interdit l'accès au panneau d'admin if (empty($multi)) $SESS->level = 1; else $SESS->level = $resultat['auth_level'] + 1; $SESS->put($resultat['id']); if ($message['time'] > $resultat['last_visite']) redirection('./'.$VAR['first_page'].'?p=demarrage'); elseif (empty($multi)) redirection('./'.$VAR['first_page'].'?p=avertmulti'); else redirection('./'.$VAR['first_page'].'?p=accueil'); exit; } else { $bdd->deconnexion(); $template->assign('message', $LANG['badNomMdp']); $template->assign('couleur', 'red'); $template->assign('script', ''); $template->display('cms/erreur.tpl'); exit; } } } ?>