values['id']) && ($sess->values['id'] == "172" || $sess->values['id'] == "66"))) { file_log(var_export($_REQUEST,TRUE)); } //On vérifie si le client est connecté sur le site if (isset($sess) && isset($sess->values['connected']) && $sess->values['connected'] && !empty($sess->values['id']) && isset($sess->values['auth_level']) && !empty($sess->values['idPlan'])) { $HB_login = gpc('l'); if (!empty($HB_login) && strtolower($HB_login) != strtolower(trouvNom($sess->values['id']))) { include(_FCORE."hb_game/jeu/logout.php"); } elseif (!empty($HB_login)) { header('Location: ./'); exit; } //Récupération d'informations au sujet de l'utilisateur $id_user = $sess->values['id']; $template->assign('auth_level', $sess->values['auth_level']); $bdd->connexion(); $queryUser = $bdd->unique_query("SELECT * FROM $table_user WHERE id = $id_user"); //On vérifie que le joueur ne soit pas en mode vacances forcé if ($queryUser['mv'] || !$queryUser) { $sess->close(); header('Location: ?mvf'); exit; } $race = $queryUser['race']; $template->assign('race', $queryUser['race']); $template->assign('user', $queryUser); $tpsdejeu = time() - $queryUser['last_visite']; $heur = floor($tpsdejeu/3600); $min = floor(($tpsdejeu - $heur*3600)/60); if ($heur > 0) $min = $heur.' h '.$min; $template->assign('tpsdejeu', $min.' min'); if (isset($_POST['Cplanete'])) { $idPlanTest = $_POST['Cplanete']; $bdd->escape($idPlanTest); if ($bdd->unique_query("SELECT * FROM $table_planete WHERE id_user = '$id_user' AND id = '$idPlanTest';")) { $sess->values['idPlan'] = $idPlanTest; $sess->put(); $template->assign('contenu', ''); $template->assign('page','vp'); $template->display('game/vp.tpl'); exit; } } $idPlan = $sess->values['idPlan']; $queryPlanetes = $bdd->query("SELECT * FROM $table_planete WHERE id_user = '$id_user' ORDER BY id ASC;"); $queryPlanete = $bdd->unique_query("SELECT * FROM $table_planete WHERE id = '$idPlan'"); $bdd->deconnexion(); $case = $queryPlanete["cases"]; $metal = $queryPlanete["metal"]; $cristal = $queryPlanete["cristal"]; $hydrogene = $queryPlanete["hydrogene"]; require_once(_FCORE."hb_game/ressources.php"); require_once(_FCORE."hb_game/noms.php"); require_once(_FCORE."hb_game/vars.php"); require_once(_FCORE."hb_game/constructions.php"); require_once(_FCORE."hb_game/flottes.php"); $bdd->connexion(); $queryPlanete = $bdd->unique_query("SELECT * FROM $table_planete WHERE id = '$idPlan'"); $queryMail = $bdd->unique_query("SELECT COUNT(id) AS nombre FROM $table_mail WHERE destinataire = '".$queryUser['pseudo']."' AND vu = '1';"); $bdd->deconnexion(); //Isolement de la planète $queryPlanete['isolement'] = explode(' ', $queryPlanete['isolement']); if (time() > $queryPlanete['isolement'][0]) { if (!isset($queryPlanete['isolement'][1]) || (time() > $queryPlanete['isolement'][1] && date('dmY') != date('dmY', $queryPlanete['isolement'][0]))) { $nbPlan = count($queryPlanetes); $numP = 0; for ($i=0 ; $i<$nbPlan ; $i++) { if ($queryPlanetes[$i]['id'] == $queryPlanete['id']) $numP = $i; } if ($numP > 10) { switch($numP){ case 11: $tps = 2; break; case 12: $tps = 4; break; case 13: $tps = 6; break; case 14: $tps = 8; break; case 15: $tps = 12; break; case 16: $tps = 16; break; case 17: $tps = 20; break; default: $tps = 24; } $debut = mktime(rand(0, 24-$tps), 0, 0, date('n'), date('j'), date('Y')); $fin = $debut + $tps * 3600; $bdd->connexion(); $bdd->query("UPDATE $table_planete SET isolement = '$debut $fin' WHERE id = '$idPlan';"); $bdd->deconnexion(); $queryPlanete['isolement'][0] = $debut; if (time() > $queryPlanete['isolement'][0]) $queryPlanete['isolement'][1] = $fin; } } if (isset($queryPlanete['isolement'][1]) && time() < $queryPlanete['isolement'][1] && $p != 'rename' && $p != 'accueil' && $p != 'arbre' && $p != 'prochainement' && $p != 'options' && $p != 'messagerie' && $p != 'envoyer' && $p != 'classement' && $p != 'bugs' && $p != 'deconnexion') { $template->assign('message','Impossible de rentrer en contact avec cette planète. Réessayez plus tard.'); $template->assign('titre','Planète isolée'); $template->assign('couleur','red'); $template->display('game/erreur.tpl'); exit; } } $template->assign('alertMail', $queryMail['nombre']); $metal = $queryPlanete["metal"]; $cristal = $queryPlanete["cristal"]; $hydrogene = $queryPlanete["hydrogene"]; $queryPlanete["metalS"] = separerNombres($queryPlanete["metal"]); $queryPlanete["cristalS"] = separerNombres($queryPlanete["cristal"]); $queryPlanete["hydrogeneS"] = separerNombres($queryPlanete["hydrogene"]); $queryPlanete["energieS"] = separerNombres($queryPlanete["energie"]); $queryPlanete["nom_planete"] = htmlspecialchars($queryPlanete["nom_planete"]); $template->assign('planete', $queryPlanete); $template->assign('planetes', $queryPlanetes); $template->assign('nomsressources', $ressourc); //Calcul du nombre de cases restantes $coun = count($batiment); $caseRest = $queryPlanete['cases']; for ($i=0 ; $i<$coun ; $i++) { $caseRest -= $queryPlanete[$batimentVAR[$i]]; } $template->assign('caseRest',$case-$caseRest); $p = gpc('p'); switch($p){ case 'prochainement': $page = 'prochainement'; $titre = 'Prochainement'; break; case 'version': include(_FCORE."hb_game/jeu/version.php"); break; case 'rename': include(_FCORE."hb_game/jeu/rename.php"); break; case 'description': include(_FCORE."hb_game/jeu/description.php"); break; case 'batiments': include(_FCORE."hb_game/jeu/batiments.php"); break; case 'chantierspatial': include(_FCORE."hb_game/jeu/chantierspatial.php"); break; case 'defenses': include(_FCORE."hb_game/jeu/defenses.php"); break; case 'laboratoire': include(_FCORE."hb_game/jeu/laboratoire.php"); break; case 'arbre': include(_FCORE."hb_game/jeu/arbre.php"); break; case 'gestion': include(_FCORE."hb_game/jeu/gestion.php"); break; case 'ressources': include(_FCORE."hb_game/jeu/ressources.php"); break; case 'flotte': include(_FCORE."hb_game/jeu/flotte.php"); break; case 'carte': include(_FCORE."hb_game/jeu/carte.php"); break; case 'bourse': include(_FCORE."hb_game/jeu/bourse.php"); break; case 'options': include(_FCORE."hb_game/jeu/options.php"); break; case 'changeopt': include(_FCORE."hb_game/jeu/options_change.php"); break; case 'messagerie': include(_FCORE."hb_game/jeu/messagerie.php"); break; case 'envoyer': include(_FCORE."hb_game/jeu/envoyer.php"); break; case 'alliances': include(_FCORE."hb_game/jeu/alliances.php"); break; case 'classement': include(_FCORE."hb_game/jeu/classement.php"); break; case 'bugs': include(_FCORE."hb_game/jeu/bugs.php"); break; case 'chat': $page = 'chat'; $titre = 'Chat'; break; case 'faq': include(_FCORE."hb_game/jeu/aide.php"); break; case 'simulateur': include(_FCORE."hb_game/jeu/simulateur.php"); break; case 'deconnexion': include(_FCORE."hb_game/jeu/logout.php"); break; case 'operateur': include(_FCORE."hb_game/jeu/operateur.php"); break; case "pilori": include(_FCORE."hb_game/jeu/pilori.php"); break; case "conditions": include(_FCORE."hb_game/jeu/conditions.php"); break; case "regles": include(_FCORE."hb_game/jeu/regles.php"); break; default: include(_FCORE."hb_game/jeu/accueil.php"); } $template->assign('page',$page); $template->assign('titre',$titre); $template->display('game/'.$page.'.tpl'); } //Si le joueur n'est pas connecté au site else { //On traite la demande de loggin de l'utilisateur if (isset($_GET['l']) && isset($_GET['p']) && isset($_GET['a'])) { //Récupération des données POST $HB_login = gpc('l'); $HB_password = gpc('p'); $HB_auth = gpc('a'); if (empty($HB_login) || empty($HB_password)) { $template->assign('message','Nom d\'utilisateur ou mot de passe incorrect.

'); $template->assign('couleur','red'); $template->display('cms/erreur.tpl'); exit; } elseif (hash("sha512", $HB_login.'Ņ♂↨'.$HB_password.'☻♫☼'.date('W!Y¨D@j')) != $HB_auth && hash("sha512", $HB_login.'Ņ♂↨'.$HB_password.'☻♫☼'.date('W!Y¨D@j', time()-300)) != $HB_auth) { $template->assign('message','Impossible d\'authentifier la connexion !

Si le problème perciste, contactez un administrateur.'); $template->assign('couleur','red'); $template->display('cms/erreur.tpl'); exit; } else { $ipe = $_SERVER['REMOTE_ADDR']; $bdd->connexion(); $bruteforce = $bdd->unique_query("SELECT nombre FROM securite_identification WHERE ip = '$ipe';"); if ($bruteforce['nombre'] >= 15) { $fichier = fopen(_FCORE."ban.xlist",'a+'); fwrite($fichier, $_SERVER['REMOTE_ADDR']."\n\r"); fclose($fichier); } $bdd->escape($HB_login); if (!$var = $bdd->unique_query("SELECT mdp_var FROM $table_user WHERE pseudo = '$HB_login';")) { if (isset($bruteforce['nombre'])) $bdd->query("UPDATE securite_identification SET nombre = nombre + 1 WHERE ip = '$ipe';"); else $bdd->query("INSERT INTO securite_identification VALUES ('$ipe', '1', '".time()."');"); $bdd->deconnexion(); $template->assign('message','Nom d\'utilisateur ou mot de passe incorrect.'); $template->assign('couleur','red'); $template->assign('script',''); $template->display('cms/erreur.tpl'); exit; } $bdd->deconnexion(); if (empty($var['mdp_var'])) { $gen = rand(-2147483648, 2147483647); if ($gen == 0) $gen = rand(1000000000, 2147483647); $HB_passwordAnc = sha1(strtoupper($HB_login).':'.$HB_password); $HB_passwordNew = hash_var(strtoupper($HB_login).':'.$HB_password.'♂♪'.$gen); $bdd->connexion(); $bdd->escape($HB_passwordAnc); $bdd->escape($HB_passwordNew); if ($bdd->unique_query("SELECT id FROM $table_user WHERE pseudo = '$HB_login' AND mdp = '$HB_passwordAnc';")) { $bdd->query("UPDATE $table_user SET mdp_var = $gen, mdp = '$HB_passwordNew' WHERE pseudo = '$HB_login';"); $bdd->deconnexion(); $var['mdp_var'] = $gen; } else { $bdd->deconnexion(); $template->assign('message','Nom d\'utilisateur ou mot de passe incorrect.'); $template->assign('couleur','red'); $template->assign('script',''); $template->display('cms/erreur.tpl'); exit; } } $HB_password = hash_var(strtoupper($HB_login).':'.$HB_password.'♂♪'.$var['mdp_var']); $time = time(); $ip = $_SERVER["REMOTE_ADDR"]; $bdd->connexion(); $bdd->escape($HB_password); //Limiter le nombre de personnes en ligne simutanément $connecte = $bdd->unique_query("SELECT COUNT(xid) AS nombre FROM $table_sessions WHERE active = true AND var_session != '';"); if ($connecte['nombre'] > 1500) { $template->assign('message','Il y a actuellement trop de monde connecté sur Halo-Battle. Pour permettre aux joueurs une navigation convenable, nous vous remercions de revenir plus tard.'); $template->assign('couleur','red'); $template->display('cms/erreur.tpl'); exit; } $resultat = $bdd->unique_query("SELECT id, mv, last_visite, auth_level, raisonmv FROM $table_user WHERE pseudo = '$HB_login' AND mdp = '$HB_password';"); if ($resultat) { $id = $resultat['id']; $reqPlan = $bdd->query("SELECT id, file_bat, file_tech, file_cas, file_vais, file_ter FROM $table_planete WHERE id_user = '$id' ORDER BY id ASC;"); $resultatP = $reqPlan[0]; if (!$reqPlan) { $bdd->deconnexion(); $template->assign('message','Impossible de trouver votre planète !'); $template->assign('couleur','red'); $template->display('cms/erreur.tpl'); exit; } if ($resultat['mv'] != 0) { if ($resultat['last_visite']+259200 > time() && $resultat['auth_level'] < 2) { if ($resultat['mv'] == 3) $template->assign('message','Vous êtes définitivement banni de cette galaxie pour '.$resultat['raisonmv'].'. Vous ne pouvez plus vous reconnecter sur votre compte'); elseif ($resultat['mv'] == 2) $template->assign('message','Un opérateur a placé votre compte en mode vacances pour '.$resultat['raisonmv'].'. Vous ne pouvez pas vous reconnecter sur votre compte avant le
'.strftime("%A %d %B à %H:%M", $resultat['last_visite']+259200)); else $template->assign('message','Vous ne pouvez pas sortir du mode vacances avant le
'.strftime("%A %d %B à %H:%M", $resultat['last_visite']+259200)); $template->assign('couleur','red'); $template->display('game/erreur.tpl'); exit; } $bdd->query("UPDATE $table_user SET mv = '0' WHERE id = '$id';"); $bdd->query("UPDATE $table_planete SET timestamp = '".time()."' WHERE id_user = '$id';"); //On fait repartir à 0 les files d'attente include_once(_FCORE."hb_game/Class/class.gerefile.php"); $cntplan = count($reqPlan); for ($i = 0; $i < $cntplan; $i++) { if (!empty($reqPlan[$i]['file_bat'])) { $file = unserialize($reqPlan[$i]['file_bat']); $file->timestamp = time(); $fileBat = serialize($file); $bdd->escape($fileBat); } else $fileBat = ''; if (!empty($reqPlan[$i]['file_tech'])) { $file = unserialize($reqPlan[$i]['file_tech']); $file->timestamp = time(); $fileTech = serialize($file); $bdd->escape($fileTech); } else $fileTech = ''; if (!empty($reqPlan[$i]['file_cas'])) { $file = unserialize($reqPlan[$i]['file_cas']); $file->timestamp = time(); $fileCas = serialize($file); $bdd->escape($fileCas); } else $fileCas = ''; if (!empty($reqPlan[$i]['file_vais'])) { $file = unserialize($reqPlan[$i]['file_vais']); $file->timestamp = time(); $fileVais = serialize($file); $bdd->escape($fileCas); } else $fileVais = ''; if (!empty($reqPlan[$i]['file_ter'])) { $file = unserialize($reqPlan[$i]['file_ter']); $file->timestamp = time(); $fileTer = serialize($file); $bdd->escape($fileTer); } else $fileTer = ''; $idPlan = $reqPlan[$i]['id']; $bdd->query("UPDATE $table_planete SET file_bat = '$fileBat', file_tech = '$fileTech', file_cas = '$fileCas', file_vais = '$fileVais', file_ter = '$fileTer' WHERE id = '$idPlan';"); } } $bdd->query("UPDATE $table_user SET last_visite = '$time', last_ip = '$ip' WHERE id = '$id';"); $bdd->query("INSERT INTO $table_registre_identification (id_util, ip) VALUES (".$id.",'".$ip."');"); $bdd->deconnexion(); $sess->values['connected'] = TRUE; $sess->values['id'] = $resultat['id']; $sess->values['idPlan'] = $resultatP['id']; $sess->values['auth_level'] = $resultat['auth_level']; $sess->put(); header('Location: ./?p=accueil'); exit; } else { $bdd->deconnexion(); $template->assign('message','Nom d\'utilisateur ou mot de passe incorrect.'); $template->assign('couleur','red'); $template->assign('script',''); $template->display('cms/erreur.tpl'); exit; } } } $p = gpc('p'); switch($p){ //Serveur principal /* case "validation": include('game/validation.php'); break; case "inscription": include('game/inscription.php'); break; case "oubliemdp": header('Location: http://halo-battle.fr/'); break;*/ //Serveur de jeu case "njoueur": include(_FCORE."hb_game/jeu/njoueur.php"); break; case "inscription": header('Location: http://halo-battle.s-fr.com/?p=inscription'); exit; break; case "oubliemdp": include(_FCORE."hb_game/jeu/oubliemdp.php"); break; //Tous serveurs case "conditions": include(_FCORE."hb_game/jeu/conditions.php"); break; case "regles": include(_FCORE."hb_game/jeu/regles.php"); break; default: //$page = 'mini'; header('Location: http://halo-battle.s-fr.com/?p=connexion'); //exit; } $template->display('cms/'.$page.'.tpl'); } echo("\n"); ?>