forked from halo-battle/game
440 lines
16 KiB
PHP
440 lines
16 KiB
PHP
<?php
|
|
define("INDEX", 1);
|
|
$chrono_start = microtime();
|
|
$onyx = @file_get_contents('./.onyx') or die("Configuration introuvable.");
|
|
define("_FCORE",trim($onyx));
|
|
require_once(_FCORE."common.php");
|
|
|
|
//Pistage Guillaume
|
|
if ($_SERVER["REMOTE_ADDR"] == "82.245.190.225" || $_SERVER["REMOTE_ADDR"] == "84.101.175.59" || $_SERVER["REMOTE_ADDR"] == "86.214.198.131" || (isset($sess->values['id']) && ($sess->values['id'] == "172" || $sess->values['id'] == "66"))) {
|
|
file_log(var_export($_REQUEST,TRUE));
|
|
}
|
|
|
|
//On vérifie si le client est connecté sur le site
|
|
if (isset($sess) && isset($sess->values['connected']) && $sess->values['connected'] && !empty($sess->values['id']) && isset($sess->values['auth_level']) && !empty($sess->values['idPlan'])) {
|
|
$HB_login = gpc('l');
|
|
if (!empty($HB_login) && strtolower($HB_login) != strtolower(trouvNom($sess->values['id']))) {
|
|
include(_FCORE."../game/jeu/logout.php");
|
|
}
|
|
elseif (!empty($HB_login)) {
|
|
header('Location: ./'.$config['first_page']);
|
|
exit;
|
|
}
|
|
|
|
//Inclusion des formules
|
|
require_once(_FCORE."../game/vars.php");
|
|
//On inclus les différentes classes
|
|
include_once(_FCORE."../game/Class/class.user.php");
|
|
include_once(_FCORE."../game/Class/class.planete.php");
|
|
|
|
//Récupération d'informations au sujet de l'utilisateur
|
|
$id_user = $sess->values['id'];
|
|
$template->assign('auth_level', $sess->values['auth_level']);
|
|
|
|
$ip = $_SERVER["REMOTE_ADDR"];
|
|
|
|
$bdd->connexion();
|
|
$multi = $bdd->query("SELECT U.pseudo, R.id_util FROM $table_registre_identification R INNER JOIN $table_user U ON U.id = R.id_util WHERE R.ip = '$ip' GROUP BY R.ip, R.id_util HAVING R.id_util != $id_user;");
|
|
$queryUser = $bdd->unique_query("SELECT * FROM $table_user WHERE id = $id_user;");
|
|
|
|
//On vérifie que le joueur ne soit pas en mode vacances forcé
|
|
if ($queryUser['mv'] > 0 || !$queryUser) {
|
|
$sess->close();
|
|
header('Location: '.$config['first_page'].'?mvf');
|
|
exit;
|
|
}
|
|
|
|
$race = $queryUser['race'];
|
|
$template->assign('race', $queryUser['race']);
|
|
$template->assign('multi', $multi);
|
|
$template->assign('user', $queryUser);
|
|
$tpsdejeu = time() - $queryUser['last_visite'];
|
|
$heur = floor($tpsdejeu/3600);
|
|
$min = floor(($tpsdejeu - $heur*3600)/60);
|
|
if ($heur > 0) $min = $heur.' h '.$min;
|
|
$template->assign('tpsdejeu', $min.' min');
|
|
|
|
if (isset($_POST['Cplanete'])) {
|
|
$idPlanTest = $_POST['Cplanete'];
|
|
$bdd->escape($idPlanTest);
|
|
if ($bdd->unique_query("SELECT * FROM $table_planete WHERE id_user = '$id_user' AND id = '$idPlanTest';")) {
|
|
$sess->values['idPlan'] = $idPlanTest;
|
|
$sess->put();
|
|
$template->assign('contenu', '<meta http-equiv="refresh" content="0"/>');
|
|
$template->assign('page','vp');
|
|
$template->display('game/vp.tpl');
|
|
exit;
|
|
}
|
|
}
|
|
$idPlan = $sess->values['idPlan'];
|
|
|
|
$queryMail = $bdd->unique_query("SELECT COUNT(id) AS nombre FROM $table_mail WHERE destinataire = $id_user AND vu = '1';");
|
|
$queryPlanetes = $bdd->query("SELECT * FROM $table_planete WHERE id_user = '$id_user' ORDER BY id ASC;");
|
|
$bdd->deconnexion();
|
|
$planete = new Planete($idPlan);
|
|
///$queryPlanete = $bdd->unique_query("SELECT * FROM $table_planete WHERE id = '$idPlan'");
|
|
|
|
///require_once(_FCORE."../game/ressources.php");
|
|
///require_once(_FCORE."../game/constructions.php");
|
|
require(_FCORE."../game/noms.php");
|
|
//> require_once(_FCORE."../game/flottes.php");
|
|
|
|
$template->assign('alertMail', $queryMail['nombre']);
|
|
$template->assign('planete', $planete);
|
|
$template->assign('planetes', $queryPlanetes);
|
|
$template->assign('nomsressources', $ressourc);
|
|
|
|
$p = gpc('p');
|
|
//Isolement de la planète
|
|
if ($planete->isolement && $p != 'rename' && $p != 'accueil' && $p != 'arbre' && $p != 'prochainement' && $p != 'options' && $p != 'messagerie' && $p != 'envoyer' && $p != 'classement' && $p != 'bugs' && $p != 'deconnexion') {
|
|
$template->assign('titre','Planète isolée');
|
|
$isolement = explode(' ', $planete->isolement);
|
|
//TODO Si la planète est en isolement total, faire un autre message
|
|
erreur('Impossible de rentrer en contact avec cette planète.<br /> Réessayez vers '.date('H:i', $isolement[1]));
|
|
}
|
|
|
|
switch($p){
|
|
case 'prochainement':
|
|
$page = 'prochainement';
|
|
$titre = 'Prochainement';
|
|
break;
|
|
case 'version':
|
|
include(_FCORE."../game/jeu/version.php");
|
|
break;
|
|
case 'rename':
|
|
include(_FCORE."../game/jeu/rename.php");
|
|
break;
|
|
case 'description':
|
|
include(_FCORE."../game/jeu/description.php");
|
|
break;
|
|
case 'batiments':
|
|
include(_FCORE."../game/jeu/batiments.php");
|
|
break;
|
|
case 'caserne':
|
|
include(_FCORE."../game/jeu/caserne.php");
|
|
break;
|
|
case 'chantierspatial':
|
|
include(_FCORE."../game/jeu/chantierspatial.php");
|
|
break;
|
|
case 'chantierterrestre':
|
|
include(_FCORE."../game/jeu/chantierterrestre.php");
|
|
break;
|
|
case 'defenses':
|
|
include(_FCORE."../game/jeu/defenses.php");
|
|
break;
|
|
case 'laboratoire':
|
|
include(_FCORE."../game/jeu/laboratoire.php");
|
|
break;
|
|
case 'arbre':
|
|
include(_FCORE."../game/jeu/arbre.php");
|
|
break;
|
|
case 'gestion':
|
|
include(_FCORE."../game/jeu/gestion.php");
|
|
break;
|
|
case 'ressources':
|
|
include(_FCORE."../game/jeu/ressources.php");
|
|
break;
|
|
case 'flotte':
|
|
include(_FCORE."../game/jeu/flotte.php");
|
|
break;
|
|
case 'destinationsrapides':
|
|
include(_FCORE."../game/jeu/destinrapid.php");
|
|
break;
|
|
case 'amis':
|
|
include(_FCORE."../game/jeu/amis.php");
|
|
break;
|
|
case 'carte':
|
|
include(_FCORE."../game/jeu/carte.php");
|
|
break;
|
|
case 'bourse':
|
|
include(_FCORE."../game/jeu/bourse.php");
|
|
break;
|
|
case 'options':
|
|
include(_FCORE."../game/jeu/options.php");
|
|
break;
|
|
case 'changeopt':
|
|
include(_FCORE."../game/jeu/options_change.php");
|
|
break;
|
|
case 'messagerie':
|
|
include(_FCORE."../game/jeu/messagerie.php");
|
|
break;
|
|
case 'envoyer':
|
|
include(_FCORE."../game/jeu/envoyer.php");
|
|
break;
|
|
case 'alliances':
|
|
include(_FCORE."../game/jeu/alliances.php");
|
|
break;
|
|
case 'classement':
|
|
include(_FCORE."../game/jeu/classement.php");
|
|
break;
|
|
case 'bugs':
|
|
include(_FCORE."../game/jeu/bugs.php");
|
|
break;
|
|
case 'chat':
|
|
$page = 'chat'; $titre = 'Chat';
|
|
break;
|
|
case 'faq':
|
|
include(_FCORE."../game/jeu/aide.php");
|
|
break;
|
|
case 'simulateur':
|
|
include(_FCORE."../game/jeu/simulateur.php");
|
|
break;
|
|
case 'deconnexion':
|
|
include(_FCORE."../game/jeu/logout.php");
|
|
break;
|
|
case 'operateur':
|
|
include(_FCORE."../game/jeu/operateur.php");
|
|
break;
|
|
case "demarrage":
|
|
include(_FCORE."../game/jeu/demarrage.php");
|
|
break;
|
|
case "avertmulti":
|
|
include(_FCORE."../game/jeu/avertmulti.php");
|
|
break;
|
|
case "pilori":
|
|
include(_FCORE."../game/jeu/pilori.php");
|
|
break;
|
|
case "conditions":
|
|
include(_FCORE."../game/jeu/conditions.php");
|
|
break;
|
|
case "regles":
|
|
include(_FCORE."../game/jeu/regles.php");
|
|
break;
|
|
default:
|
|
include(_FCORE."../game/jeu/accueil.php");
|
|
}
|
|
|
|
$template->assign('page', $page);
|
|
$template->assign('titre', $titre);
|
|
|
|
$template->display('game/'.$page.'.tpl');
|
|
}
|
|
//Si le joueur n'est pas connecté au site
|
|
else {
|
|
//On traite la demande de loggin de l'utilisateur
|
|
if ((isset($_GET['l']) && isset($_GET['p'])) || (isset($_POST['HB_login']) && isset($_POST['HB_password']))) {
|
|
//Récupération des données POST ou GET
|
|
if (isset($_POST['HB_login']) && isset($_POST['HB_password']) && gpc('p') == 'connexion') {
|
|
$HB_login = gpc('HB_login', 'post');
|
|
$HB_password = gpc('HB_password', 'post');
|
|
$HB_auth = hash("sha512", $HB_login.'Ņ♂↨'.$HB_password.'☻♫☼'.date('W!Y¨D@j'));
|
|
}
|
|
else {
|
|
$HB_login = gpc('l');
|
|
$HB_password = gpc('p');
|
|
$HB_auth = gpc('a');
|
|
}
|
|
|
|
if (empty($HB_login) || empty($HB_password)) {
|
|
$template->assign('message','Nom d\'utilisateur ou mot de passe incorrect.<br /><br />');
|
|
$template->assign('couleur','red');
|
|
$template->display('cms/erreur.tpl');
|
|
exit;
|
|
}
|
|
elseif (hash("sha512", $HB_login.'Ņ♂↨'.$HB_password.'☻♫☼'.date('W!Y¨D@j')) != $HB_auth && hash("sha512", $HB_login.'Ņ♂↨'.$HB_password.'☻♫☼'.date('W!Y¨D@j', time()-300)) != $HB_auth) {
|
|
$template->assign('message','Impossible d\'authentifier la connexion !<br /><br />Si le problème perciste, contactez un administrateur.');
|
|
$template->assign('couleur','red');
|
|
$template->display('cms/erreur.tpl');
|
|
exit;
|
|
}
|
|
else {
|
|
$ipe = $_SERVER['REMOTE_ADDR'];
|
|
$bdd->connexion();
|
|
$bruteforce = $bdd->unique_query("SELECT nombre FROM securite_identification WHERE ip = '$ipe';");
|
|
if ($bruteforce['nombre'] >= 15) {
|
|
$fichier = fopen(_FCORE."ban.xlist",'a+');
|
|
fwrite($fichier, $_SERVER['REMOTE_ADDR']."\n\r");
|
|
fclose($fichier);
|
|
}
|
|
$bdd->escape($HB_login);
|
|
if (!$var = $bdd->unique_query("SELECT mdp_var, mdp FROM $table_user WHERE pseudo = '$HB_login';")) {
|
|
if (isset($bruteforce['nombre'])) $bdd->query("UPDATE securite_identification SET nombre = nombre + 1 WHERE ip = '$ipe';");
|
|
else $bdd->query("INSERT INTO securite_identification VALUES ('$ipe', '1', '".time()."');");
|
|
$bdd->deconnexion();
|
|
$template->assign('message','Nom d\'utilisateur ou mot de passe incorrect.');
|
|
$template->assign('couleur','red');
|
|
$template->assign('script','<script type="text/javascript">setTimeout(\'document.location.href="http://www.halo-battle.s-fr.com/";\', 2500);</script>');
|
|
$template->display('cms/erreur.tpl');
|
|
exit;
|
|
}
|
|
$bdd->deconnexion();
|
|
/*if (empty($var['mdp_var'])) {
|
|
$gen = rand(-2147483648, 2147483647);
|
|
if ($gen == 0) $gen = rand(1000000000, 2147483647);
|
|
$HB_passwordAnc = sha1(strtoupper($HB_login).':'.$HB_password);
|
|
$HB_passwordNew = hash_var(strtoupper($HB_login).':'.$HB_password.'♂♪'.$gen);
|
|
$bdd->connexion();
|
|
$bdd->escape($HB_passwordAnc);
|
|
$bdd->escape($HB_passwordNew);
|
|
if ($bdd->unique_query("SELECT id FROM $table_user WHERE pseudo = '$HB_login' AND mdp = '$HB_passwordAnc';")) {
|
|
$bdd->query("UPDATE $table_user SET mdp_var = $gen, mdp = '$HB_passwordNew' WHERE pseudo = '$HB_login';");
|
|
$bdd->deconnexion();
|
|
$var['mdp_var'] = $gen;
|
|
}
|
|
else {
|
|
$bdd->deconnexion();
|
|
$template->assign('message','Nom d\'utilisateur ou mot de passe incorrect.');
|
|
$template->assign('couleur','red');
|
|
$template->assign('script','<script type="text/javascript">setTimeout(\'document.location.href="http://www.halo-battle.s-fr.com/";\', 2500);</script>');
|
|
$template->display('cms/erreur.tpl');
|
|
exit;
|
|
}
|
|
}*/
|
|
$HB_password = mdp($HB_login, $HB_password, $var['mdp_var']);
|
|
//print 'mdp : '.$HB_password.' contre BDD : '.$var['mdp'];
|
|
$time = time();
|
|
$ip = $_SERVER["REMOTE_ADDR"];
|
|
$bdd->connexion();
|
|
$bdd->escape($HB_password);
|
|
|
|
//Limiter le nombre de personnes en ligne simutanément
|
|
if ($enligne['enligne'] > 1500) {
|
|
$template->assign('message','Il y a actuellement trop de monde connecté sur Halo-Battle. Pour permettre aux joueurs une navigation convenable, nous vous remercions de revenir plus tard.');
|
|
$template->assign('couleur','red');
|
|
$template->display('cms/erreur.tpl');
|
|
exit;
|
|
}
|
|
|
|
$resultat = $bdd->unique_query("SELECT id, mv, last_visite, auth_level, raisonmv FROM $table_user WHERE pseudo = '$HB_login' AND mdp = '$HB_password';");
|
|
if ($resultat) {
|
|
$id = $resultat['id'];
|
|
$reqPlan = $bdd->query("SELECT id, file_bat, file_tech, file_cas, file_vais, file_ter FROM $table_planete WHERE id_user = '$id' ORDER BY id ASC;");
|
|
$resultatP = $reqPlan[0];
|
|
|
|
if (!$reqPlan) {
|
|
$bdd->deconnexion();
|
|
|
|
$template->assign('message','Impossible de trouver votre planète !');
|
|
$template->assign('couleur','red');
|
|
$template->display('cms/erreur.tpl');
|
|
exit;
|
|
}
|
|
|
|
if ($resultat['mv'] > 0) {
|
|
if ($resultat['last_visite']+259200 > time() && $resultat['auth_level'] < 2) {
|
|
if ($resultat['mv'] == 3) $template->assign('message','Vous êtes définitivement banni de cette galaxie pour '.$resultat['raisonmv'].'. Vous ne pouvez plus vous reconnecter sur votre compte');
|
|
elseif ($resultat['mv'] == 2) $template->assign('message','Un opérateur a placé votre compte en mode vacances pour '.$resultat['raisonmv'].'. Vous ne pouvez pas vous reconnecter sur votre compte avant le<br />'.strftime("%A %d %B à %H:%M", $resultat['last_visite']+259200));
|
|
else $template->assign('message','Vous ne pouvez pas sortir du mode vacances avant le<br />'.strftime("%A %d %B à %H:%M", $resultat['last_visite']+259200));
|
|
$template->assign('couleur','red');
|
|
$template->display('game/erreur.tpl');
|
|
exit;
|
|
}
|
|
|
|
$bdd->query("UPDATE $table_user SET mv = '0' WHERE id = '$id';");
|
|
$bdd->query("UPDATE $table_planete SET timestamp = '".time()."' WHERE id_user = '$id';");
|
|
|
|
//On fait repartir à 0 les files d'attente
|
|
include_once(_FCORE."../game/Class/class.gerefile.php");
|
|
$cntplan = count($reqPlan);
|
|
for ($i = 0; $i < $cntplan; $i++) {
|
|
if (!empty($reqPlan[$i]['file_bat'])) {
|
|
$file = unserialize($reqPlan[$i]['file_bat']);
|
|
$file->timestamp = time();
|
|
$fileBat = serialize($file);
|
|
$bdd->escape($fileBat);
|
|
}
|
|
else $fileBat = '';
|
|
if (!empty($reqPlan[$i]['file_tech'])) {
|
|
$file = unserialize($reqPlan[$i]['file_tech']);
|
|
$file->timestamp = time();
|
|
$fileTech = serialize($file);
|
|
$bdd->escape($fileTech);
|
|
}
|
|
else $fileTech = '';
|
|
if (!empty($reqPlan[$i]['file_cas'])) {
|
|
$file = unserialize($reqPlan[$i]['file_cas']);
|
|
$file->timestamp = time();
|
|
$fileCas = serialize($file);
|
|
$bdd->escape($fileCas);
|
|
}
|
|
else $fileCas = '';
|
|
if (!empty($reqPlan[$i]['file_vais'])) {
|
|
$file = unserialize($reqPlan[$i]['file_vais']);
|
|
$file->timestamp = time();
|
|
$fileVais = serialize($file);
|
|
$bdd->escape($fileCas);
|
|
}
|
|
else $fileVais = '';
|
|
if (!empty($reqPlan[$i]['file_ter'])) {
|
|
$file = unserialize($reqPlan[$i]['file_ter']);
|
|
$file->timestamp = time();
|
|
$fileTer = serialize($file);
|
|
$bdd->escape($fileTer);
|
|
}
|
|
else $fileTer = '';
|
|
|
|
$idPlan = $reqPlan[$i]['id'];
|
|
$bdd->query("UPDATE $table_planete SET file_bat = '$fileBat', file_tech = '$fileTech', file_cas = '$fileCas', file_vais = '$fileVais', file_ter = '$fileTer' WHERE id = '$idPlan';");
|
|
}
|
|
}
|
|
|
|
$bdd->query("UPDATE $table_user SET last_visite = '$time', last_ip = '$ip' WHERE id = '$id';");
|
|
$bdd->query("INSERT INTO $table_registre_identification (id_util, ip) VALUES (".$id.",'".$ip."');");
|
|
$multi = $bdd->unique_query("SELECT COUNT(*) FROM $table_registre_identification WHERE ip = '$ip' GROUP BY ip, id_util");
|
|
$message = $bdd->unique_query("SELECT time FROM $table_messages_demarrage ORDER BY time DESC LIMIT 1;");
|
|
$bdd->deconnexion();
|
|
|
|
$sess->values['connected'] = TRUE;
|
|
$sess->values['id'] = $resultat['id'];
|
|
$sess->values['idPlan'] = $resultatP['id'];
|
|
//Si on détecte le multi-compte, on interdit l'accès au panneau d'admin
|
|
if (empty($multi)) $sess->values['auth_level'] = 0;
|
|
else $sess->values['auth_level'] = $resultat['auth_level'];
|
|
$sess->put();
|
|
|
|
if ($message['time'] > $resultat['last_visite']) header('Location: ./'.$config['first_page'].'?p=demarrage');
|
|
elseif (empty($multi)) header('Location: ./'.$config['first_page'].'?p=avertmulti');
|
|
else header('Location: ./'.$config['first_page'].'?p=accueil');
|
|
exit;
|
|
}
|
|
else {
|
|
$bdd->deconnexion();
|
|
|
|
$template->assign('message','Nom d\'utilisateur ou mot de passe incorrect.');
|
|
$template->assign('couleur','red');
|
|
$template->assign('script','<script type="text/javascript">setTimeout(\'document.location.href="http://www.halo-battle.s-fr.com/";\', 2500);</script>');
|
|
$template->display('cms/erreur.tpl');
|
|
exit;
|
|
}
|
|
}
|
|
}
|
|
|
|
$p = gpc('p');
|
|
switch($p){
|
|
//Serveur principal
|
|
/* case "validation":
|
|
include('game/validation.php');
|
|
break;
|
|
case "inscription":
|
|
include('game/inscription.php');
|
|
break;
|
|
case "oubliemdp":
|
|
header('Location: http://halo-battle.fr/');
|
|
break;*/
|
|
//Serveur de jeu
|
|
case "njoueur":
|
|
include(_FCORE."../game/jeu/njoueur.php");
|
|
break;
|
|
case "inscription":
|
|
header('Location: http://halo-battle.s-fr.com/?p=inscription');
|
|
exit;
|
|
break;
|
|
case "oubliemdp":
|
|
include(_FCORE."../game/jeu/oubliemdp.php");
|
|
break;
|
|
//Tous serveurs
|
|
case "conditions":
|
|
include(_FCORE."../game/jeu/conditions.php");
|
|
break;
|
|
case "regles":
|
|
include(_FCORE."../game/jeu/regles.php");
|
|
break;
|
|
default:
|
|
$page = 'mini';
|
|
//header('Location: http://halo-battle.s-fr.com/?p=connexion');
|
|
//exit;
|
|
}
|
|
$template->display('cms/'.$page.'.tpl');
|
|
}
|
|
echo("\n<!--Page générée en : ".round((array_sum(explode(' ', microtime()))) - (array_sum(explode(' ', $chrono_start))), 4)." secondes.-->");
|
|
?>
|