halo-battle/game
1
0
Fork 1
Code Issues Pull Requests Projects Releases Activity
d028822d0b
game/htdocs/index.php

440 lines
16 KiB
PHP
Raw Blame History

<?php
define("INDEX", 1);
$chrono_start = microtime();
$onyx = @file_get_contents('./.onyx') or die("Configuration introuvable.");
define("_FCORE",trim($onyx));
require_once(_FCORE."common.php");
//Pistage Guillaume
if ($_SERVER["REMOTE_ADDR"] == "82.245.190.225" || $_SERVER["REMOTE_ADDR"] == "84.101.175.59" || $_SERVER["REMOTE_ADDR"] == "86.214.198.131" || (isset($sess->values['id']) && ($sess->values['id'] == "172" || $sess->values['id'] == "66"))) {
file_log(var_export($_REQUEST,TRUE));
}
//On vérifie si le client est connecté sur le site
if (isset($sess) && isset($sess->values['connected']) && $sess->values['connected'] && !empty($sess->values['id']) && isset($sess->values['auth_level']) && !empty($sess->values['idPlan'])) {
$HB_login = gpc('l');
if (!empty($HB_login) && strtolower($HB_login) != strtolower(trouvNom($sess->values['id']))) {
include(_FCORE."../game/jeu/logout.php");
}
elseif (!empty($HB_login)) {
header('Location: ./'.$config['first_page']);
exit;
}
//Inclusion des formules
require_once(_FCORE."../game/vars.php");
//On inclus les différentes classes
include_once(_FCORE."../game/Class/class.user.php");
include_once(_FCORE."../game/Class/class.planete.php");
//Récupération d'informations au sujet de l'utilisateur
$id_user = $sess->values['id'];
$template->assign('auth_level', $sess->values['auth_level']);
$ip = $_SERVER["REMOTE_ADDR"];
$bdd->connexion();
$multi = $bdd->query("SELECT U.pseudo, R.id_util FROM $table_registre_identification R INNER JOIN $table_user U ON U.id = R.id_util WHERE R.ip = '$ip' GROUP BY R.ip, R.id_util HAVING R.id_util != $id_user;");
$queryUser = $bdd->unique_query("SELECT * FROM $table_user WHERE id = $id_user;");
//On vérifie que le joueur ne soit pas en mode vacances forcé
if ($queryUser['mv'] > 0 || !$queryUser) {
$sess->close();
header('Location: '.$config['first_page'].'?mvf');
exit;
}
$race = $queryUser['race'];
$template->assign('race', $queryUser['race']);
$template->assign('multi', $multi);
$template->assign('user', $queryUser);
$tpsdejeu = time() - $queryUser['last_visite'];
$heur = floor($tpsdejeu/3600);
$min = floor(($tpsdejeu - $heur*3600)/60);
if ($heur > 0) $min = $heur.' h '.$min;
$template->assign('tpsdejeu', $min.' min');
if (isset($_POST['Cplanete'])) {
$idPlanTest = $_POST['Cplanete'];
$bdd->escape($idPlanTest);
if ($bdd->unique_query("SELECT * FROM $table_planete WHERE id_user = '$id_user' AND id = '$idPlanTest';")) {
$sess->values['idPlan'] = $idPlanTest;
$sess->put();
$template->assign('contenu', '<meta http-equiv="refresh" content="0"/>');
$template->assign('page','vp');
$template->display('game/vp.tpl');
exit;
}
}
$idPlan = $sess->values['idPlan'];
$queryMail = $bdd->unique_query("SELECT COUNT(id) AS nombre FROM $table_mail WHERE destinataire = $id_user AND vu = '1';");
$queryPlanetes = $bdd->query("SELECT * FROM $table_planete WHERE id_user = '$id_user' ORDER BY id ASC;");
$bdd->deconnexion();
$planete = new Planete($idPlan);
///$queryPlanete = $bdd->unique_query("SELECT * FROM $table_planete WHERE id = '$idPlan'");
///require_once(_FCORE."../game/ressources.php");
///require_once(_FCORE."../game/constructions.php");
require(_FCORE."../game/noms.php");
//> require_once(_FCORE."../game/flottes.php");
$template->assign('alertMail', $queryMail['nombre']);
$template->assign('planete', $planete);
$template->assign('planetes', $queryPlanetes);
$template->assign('nomsressources', $ressourc);
$p = gpc('p');
//Isolement de la planète
if ($planete->isolement && $p != 'rename' && $p != 'accueil' && $p != 'arbre' && $p != 'prochainement' && $p != 'options' && $p != 'messagerie' && $p != 'envoyer' && $p != 'classement' && $p != 'bugs' && $p != 'deconnexion') {
$template->assign('titre','Planète isolée');
$isolement = explode(' ', $planete->isolement);
//TODO Si la planète est en isolement total, faire un autre message
erreur('Impossible de rentrer en contact avec cette planète.<br /> Réessayez vers '.date('H:i', $isolement[1]));
}
switch($p){
case 'prochainement':
$page = 'prochainement';
$titre = 'Prochainement';
break;
case 'version':
include(_FCORE."../game/jeu/version.php");
break;
case 'rename':
include(_FCORE."../game/jeu/rename.php");
break;
case 'description':
include(_FCORE."../game/jeu/description.php");
break;
case 'batiments':
include(_FCORE."../game/jeu/batiments.php");
break;
case 'caserne':
include(_FCORE."../game/jeu/caserne.php");
break;
case 'chantierspatial':
include(_FCORE."../game/jeu/chantierspatial.php");
break;
case 'chantierterrestre':
include(_FCORE."../game/jeu/chantierterrestre.php");
break;
case 'defenses':
include(_FCORE."../game/jeu/defenses.php");
break;
case 'laboratoire':
include(_FCORE."../game/jeu/laboratoire.php");
break;
case 'arbre':
include(_FCORE."../game/jeu/arbre.php");
break;
case 'gestion':
include(_FCORE."../game/jeu/gestion.php");
break;
case 'ressources':
include(_FCORE."../game/jeu/ressources.php");
break;
case 'flotte':
include(_FCORE."../game/jeu/flotte.php");
break;
case 'destinationsrapides':
include(_FCORE."../game/jeu/destinrapid.php");
break;
case 'amis':
include(_FCORE."../game/jeu/amis.php");
break;
case 'carte':
include(_FCORE."../game/jeu/carte.php");
break;
case 'bourse':
include(_FCORE."../game/jeu/bourse.php");
break;
case 'options':
include(_FCORE."../game/jeu/options.php");
break;
case 'changeopt':
include(_FCORE."../game/jeu/options_change.php");
break;
case 'messagerie':
include(_FCORE."../game/jeu/messagerie.php");
break;
case 'envoyer':
include(_FCORE."../game/jeu/envoyer.php");
break;
case 'alliances':
include(_FCORE."../game/jeu/alliances.php");
break;
case 'classement':
include(_FCORE."../game/jeu/classement.php");
break;
case 'bugs':
include(_FCORE."../game/jeu/bugs.php");
break;
case 'chat':
$page = 'chat'; $titre = 'Chat';
break;
case 'faq':
include(_FCORE."../game/jeu/aide.php");
break;
case 'simulateur':
include(_FCORE."../game/jeu/simulateur.php");
break;
case 'deconnexion':
include(_FCORE."../game/jeu/logout.php");
break;
case 'operateur':
include(_FCORE."../game/jeu/operateur.php");
break;
case "demarrage":
include(_FCORE."../game/jeu/demarrage.php");
break;
case "avertmulti":
include(_FCORE."../game/jeu/avertmulti.php");
break;
case "pilori":
include(_FCORE."../game/jeu/pilori.php");
break;
case "conditions":
include(_FCORE."../game/jeu/conditions.php");
break;
case "regles":
include(_FCORE."../game/jeu/regles.php");
break;
default:
include(_FCORE."../game/jeu/accueil.php");
}
$template->assign('page', $page);
$template->assign('titre', $titre);
$template->display('game/'.$page.'.tpl');
}
//Si le joueur n'est pas connecté au site
else {
//On traite la demande de loggin de l'utilisateur
if ((isset($_GET['l']) && isset($_GET['p'])) || (isset($_POST['HB_login']) && isset($_POST['HB_password']))) {
//Récupération des données POST ou GET
if (isset($_POST['HB_login']) && isset($_POST['HB_password']) && gpc('p') == 'connexion') {
$HB_login = gpc('HB_login', 'post');
$HB_password = gpc('HB_password', 'post');
$HB_auth = hash("sha512", $HB_login.'Ņ♂↨'.$HB_password.'☻♫☼'.date('W!Y¨D@j'));
}
else {
$HB_login = gpc('l');
$HB_password = gpc('p');
$HB_auth = gpc('a');
}
if (empty($HB_login) || empty($HB_password)) {
$template->assign('message','Nom d\'utilisateur ou mot de passe incorrect.<br /><br />');
$template->assign('couleur','red');
$template->display('cms/erreur.tpl');
exit;
}
elseif (hash("sha512", $HB_login.'Ņ♂↨'.$HB_password.'☻♫☼'.date('W!Y¨D@j')) != $HB_auth && hash("sha512", $HB_login.'Ņ♂↨'.$HB_password.'☻♫☼'.date('W!Y¨D@j', time()-300)) != $HB_auth) {
$template->assign('message','Impossible d\'authentifier la connexion !<br /><br />Si le problème perciste, contactez un administrateur.');
$template->assign('couleur','red');
$template->display('cms/erreur.tpl');
exit;
}
else {
$ipe = $_SERVER['REMOTE_ADDR'];
$bdd->connexion();
$bruteforce = $bdd->unique_query("SELECT nombre FROM securite_identification WHERE ip = '$ipe';");
if ($bruteforce['nombre'] >= 15) {
$fichier = fopen(_FCORE."ban.xlist",'a+');
fwrite($fichier, $_SERVER['REMOTE_ADDR']."\n\r");
fclose($fichier);
}
$bdd->escape($HB_login);
if (!$var = $bdd->unique_query("SELECT mdp_var, mdp FROM $table_user WHERE pseudo = '$HB_login';")) {
if (isset($bruteforce['nombre'])) $bdd->query("UPDATE securite_identification SET nombre = nombre + 1 WHERE ip = '$ipe';");
else $bdd->query("INSERT INTO securite_identification VALUES ('$ipe', '1', '".time()."');");
$bdd->deconnexion();
$template->assign('message','Nom d\'utilisateur ou mot de passe incorrect.');
$template->assign('couleur','red');
$template->assign('script','<script type="text/javascript">setTimeout(\'document.location.href="http://www.halo-battle.s-fr.com/";\', 2500);</script>');
$template->display('cms/erreur.tpl');
exit;
}
$bdd->deconnexion();
/*if (empty($var['mdp_var'])) {
$gen = rand(-2147483648, 2147483647);
if ($gen == 0) $gen = rand(1000000000, 2147483647);
$HB_passwordAnc = sha1(strtoupper($HB_login).':'.$HB_password);
$HB_passwordNew = hash_var(strtoupper($HB_login).':'.$HB_password.'♂♪'.$gen);
$bdd->connexion();
$bdd->escape($HB_passwordAnc);
$bdd->escape($HB_passwordNew);
if ($bdd->unique_query("SELECT id FROM $table_user WHERE pseudo = '$HB_login' AND mdp = '$HB_passwordAnc';")) {
$bdd->query("UPDATE $table_user SET mdp_var = $gen, mdp = '$HB_passwordNew' WHERE pseudo = '$HB_login';");
$bdd->deconnexion();
$var['mdp_var'] = $gen;
}
else {
$bdd->deconnexion();
$template->assign('message','Nom d\'utilisateur ou mot de passe incorrect.');
$template->assign('couleur','red');
$template->assign('script','<script type="text/javascript">setTimeout(\'document.location.href="http://www.halo-battle.s-fr.com/";\', 2500);</script>');
$template->display('cms/erreur.tpl');
exit;
}
}*/
$HB_password = mdp($HB_login, $HB_password, $var['mdp_var']);
//print 'mdp : '.$HB_password.' contre BDD : '.$var['mdp'];
$time = time();
$ip = $_SERVER["REMOTE_ADDR"];
$bdd->connexion();
$bdd->escape($HB_password);
//Limiter le nombre de personnes en ligne simutanément
if ($enligne['enligne'] > 1500) {
$template->assign('message','Il y a actuellement trop de monde connecté sur Halo-Battle. Pour permettre aux joueurs une navigation convenable, nous vous remercions de revenir plus tard.');
$template->assign('couleur','red');
$template->display('cms/erreur.tpl');
exit;
}
$resultat = $bdd->unique_query("SELECT id, mv, last_visite, auth_level, raisonmv FROM $table_user WHERE pseudo = '$HB_login' AND mdp = '$HB_password';");
if ($resultat) {
$id = $resultat['id'];
$reqPlan = $bdd->query("SELECT id, file_bat, file_tech, file_cas, file_vais, file_ter FROM $table_planete WHERE id_user = '$id' ORDER BY id ASC;");
$resultatP = $reqPlan[0];
if (!$reqPlan) {
$bdd->deconnexion();
$template->assign('message','Impossible de trouver votre planète !');
$template->assign('couleur','red');
$template->display('cms/erreur.tpl');
exit;
}
if ($resultat['mv'] > 0) {
if ($resultat['last_visite']+259200 > time() && $resultat['auth_level'] < 2) {
if ($resultat['mv'] == 3) $template->assign('message','Vous êtes définitivement banni de cette galaxie pour '.$resultat['raisonmv'].'. Vous ne pouvez plus vous reconnecter sur votre compte');
elseif ($resultat['mv'] == 2) $template->assign('message','Un opérateur a placé votre compte en mode vacances pour '.$resultat['raisonmv'].'. Vous ne pouvez pas vous reconnecter sur votre compte avant le<br />'.strftime("%A %d %B à %H:%M", $resultat['last_visite']+259200));
else $template->assign('message','Vous ne pouvez pas sortir du mode vacances avant le<br />'.strftime("%A %d %B à %H:%M", $resultat['last_visite']+259200));
$template->assign('couleur','red');
$template->display('game/erreur.tpl');
exit;
}
$bdd->query("UPDATE $table_user SET mv = '0' WHERE id = '$id';");
$bdd->query("UPDATE $table_planete SET timestamp = '".time()."' WHERE id_user = '$id';");
//On fait repartir à 0 les files d'attente
include_once(_FCORE."../game/Class/class.gerefile.php");
$cntplan = count($reqPlan);
for ($i = 0; $i < $cntplan; $i++) {
if (!empty($reqPlan[$i]['file_bat'])) {
$file = unserialize($reqPlan[$i]['file_bat']);
$file->timestamp = time();
$fileBat = serialize($file);
$bdd->escape($fileBat);
}
else $fileBat = '';
if (!empty($reqPlan[$i]['file_tech'])) {
$file = unserialize($reqPlan[$i]['file_tech']);
$file->timestamp = time();
$fileTech = serialize($file);
$bdd->escape($fileTech);
}
else $fileTech = '';
if (!empty($reqPlan[$i]['file_cas'])) {
$file = unserialize($reqPlan[$i]['file_cas']);
$file->timestamp = time();
$fileCas = serialize($file);
$bdd->escape($fileCas);
}
else $fileCas = '';
if (!empty($reqPlan[$i]['file_vais'])) {
$file = unserialize($reqPlan[$i]['file_vais']);
$file->timestamp = time();
$fileVais = serialize($file);
$bdd->escape($fileCas);
}
else $fileVais = '';
if (!empty($reqPlan[$i]['file_ter'])) {
$file = unserialize($reqPlan[$i]['file_ter']);
$file->timestamp = time();
$fileTer = serialize($file);
$bdd->escape($fileTer);
}
else $fileTer = '';
$idPlan = $reqPlan[$i]['id'];
$bdd->query("UPDATE $table_planete SET file_bat = '$fileBat', file_tech = '$fileTech', file_cas = '$fileCas', file_vais = '$fileVais', file_ter = '$fileTer' WHERE id = '$idPlan';");
}
}
$bdd->query("UPDATE $table_user SET last_visite = '$time', last_ip = '$ip' WHERE id = '$id';");
$bdd->query("INSERT INTO $table_registre_identification (id_util, ip) VALUES (".$id.",'".$ip."');");
$multi = $bdd->unique_query("SELECT COUNT(*) FROM $table_registre_identification WHERE ip = '$ip' GROUP BY ip, id_util");
$message = $bdd->unique_query("SELECT time FROM $table_messages_demarrage ORDER BY time DESC LIMIT 1;");
$bdd->deconnexion();
$sess->values['connected'] = TRUE;
$sess->values['id'] = $resultat['id'];
$sess->values['idPlan'] = $resultatP['id'];
//Si on détecte le multi-compte, on interdit l'accès au panneau d'admin
if (empty($multi)) $sess->values['auth_level'] = 0;
else $sess->values['auth_level'] = $resultat['auth_level'];
$sess->put();
if ($message['time'] > $resultat['last_visite']) header('Location: ./'.$config['first_page'].'?p=demarrage');
elseif (empty($multi)) header('Location: ./'.$config['first_page'].'?p=avertmulti');
else header('Location: ./'.$config['first_page'].'?p=accueil');
exit;
}
else {
$bdd->deconnexion();
$template->assign('message','Nom d\'utilisateur ou mot de passe incorrect.');
$template->assign('couleur','red');
$template->assign('script','<script type="text/javascript">setTimeout(\'document.location.href="http://www.halo-battle.s-fr.com/";\', 2500);</script>');
$template->display('cms/erreur.tpl');
exit;
}
}
}
$p = gpc('p');
switch($p){
//Serveur principal
/* case "validation":
include('game/validation.php');
break;
case "inscription":
include('game/inscription.php');
break;
case "oubliemdp":
header('Location: http://halo-battle.fr/');
break;*/
//Serveur de jeu
case "njoueur":
include(_FCORE."../game/jeu/njoueur.php");
break;
case "inscription":
header('Location: http://halo-battle.s-fr.com/?p=inscription');
exit;
break;
case "oubliemdp":
include(_FCORE."../game/jeu/oubliemdp.php");
break;
//Tous serveurs
case "conditions":
include(_FCORE."../game/jeu/conditions.php");
break;
case "regles":
include(_FCORE."../game/jeu/regles.php");
break;
default:
$page = 'mini';
//header('Location: http://halo-battle.s-fr.com/?p=connexion');
//exit;
}
$template->display('cms/'.$page.'.tpl');
}
echo("\n<!--Page générée en : ".round((array_sum(explode(' ', microtime()))) - (array_sum(explode(' ', $chrono_start))), 4)." secondes.-->");
?>
Reference in New Issue View Git Blame Copy Permalink