PageRenderTime 61ms CodeModel.GetById 25ms RepoModel.GetById 1ms app.codeStats 0ms

/includes/user.php

https://bitbucket.org/pitch314/ogspy
PHP | 2873 lines | 2297 code | 319 blank | 257 comment | 473 complexity | 31a053baeeccb42df8880924e9f71178 MD5 | raw file

Large files files are truncated, but you can click here to view the full file

  1. <?php
  2. /**
  3. * user.php Fonctions concernant les utilisateurs
  4. * @author Kyser
  5. * @package OGSpy
  6. * @subpackage user
  7. * @copyright Copyright &copy; 2007, http://ogsteam.fr/
  8. * @modified $Date: 2012-11-05 13:04:30 +0100 (Mon, 05 Nov 2012) $
  9. * @author Kyser
  10. * @link $HeadURL: http://svn.ogsteam.fr/trunk/ogspy/includes/user.php $
  11. * @version 3.04b ( $Rev: 7752 $ )
  12. * $Id: user.php 7752 2012-11-05 12:04:30Z darknoon $
  13. */
  14. if (!defined('IN_SPYOGAME')) {
  15. die("Hacking attempt");
  16. }
  17. /**
  18. * Verification des droits utilisateurs sur une action avec redirection le cas echeant
  19. * @param string $action Action verifie
  20. * @param int $user_id identificateur optionnel de l'utilisateur teste
  21. */
  22. function user_check_auth($action, $user_id = null)
  23. {
  24. global $user_data, $user_auth;
  25. switch ($action) {
  26. case "user_create":
  27. case "usergroup_manage":
  28. if ($user_data["user_admin"] != 1 && $user_data["user_coadmin"] != 1 && $user_data["management_user"] !=
  29. 1)
  30. redirection("index.php?action=message&id_message=forbidden&info");
  31. break;
  32. case "user_update":
  33. if ($user_data["user_admin"] != 1 && $user_data["user_coadmin"] != 1 && $user_data["management_user"] !=
  34. 1)
  35. redirection("index.php?action=message&id_message=forbidden&info");
  36. $info_user = user_get($user_id);
  37. if ($info_user === false)
  38. redirection("index.php?action=message&id_message=deleteuser_failed&info");
  39. if (($user_data["user_admin"] != 1 && $user_data["user_coadmin"] != 1 && $user_data["management_user"] !=
  40. 1) || ($info_user[0]["user_admin"] == 1) || (($user_data["user_coadmin"] == 1) &&
  41. ($info_user[0]["user_coadmin"] == 1)) || (($user_data["user_coadmin"] != 1 && $user_data["management_user"] ==
  42. 1) && ($info_user[0]["user_coadmin"] == 1 || $info_user[0]["management_user"] ==
  43. 1))) {
  44. redirection("index.php?action=message&id_message=forbidden&info");
  45. }
  46. break;
  47. default:
  48. redirection("index.php?action=message&id_message=errorfatal&info");
  49. }
  50. }
  51. /**
  52. * Login d'un utilisateur
  53. * @global string $pub_login
  54. * @global string $pub_password
  55. * @global string $pub_goto
  56. * @todo Query : "select user_id, user_active from " . TABLE_USER .
  57. " where user_name = '" . $db->sql_escape_string($pub_login) .
  58. "' and user_password = '" . md5(sha1($pub_password)) . "'";
  59. * @todo Query : "select user_lastvisit from " . TABLE_USER . " where user_id = " . $user_id;
  60. * @todo Query : "update " . TABLE_USER . " set user_lastvisit = " . time() ." where user_id = " . $user_id;
  61. * @todo Query : "update " . TABLE_STATISTIC ." set statistic_value = statistic_value + 1" " where statistic_name = 'connection_server'";
  62. * @todo Query : "insert ignore into " . TABLE_STATISTIC ." values ('connection_server', '1')";
  63. */
  64. function user_login()
  65. {
  66. global $db;
  67. global $pub_login, $pub_password, $pub_goto, $url_append;
  68. if (!check_var($pub_login, "Pseudo_Groupname") || !check_var($pub_password,
  69. "Password") || !check_var($pub_goto, "Special", "#^[\w=&%+]+$#")) {
  70. redirection("index.php?action=message&id_message=errordata&info");
  71. }
  72. if (!isset($pub_login) || !isset($pub_password)) {
  73. redirection("index.php?action=message&id_message=errorfatal&info");
  74. } else {
  75. $request = "select user_id, user_active from " . TABLE_USER .
  76. " where user_name = '" . $db->sql_escape_string($pub_login) .
  77. "' and user_password = '" . md5(sha1($pub_password)) . "'";
  78. $result = $db->sql_query($request);
  79. if (list($user_id, $user_active) = $db->sql_fetch_row($result)) {
  80. if ($user_active == 1) {
  81. $request = "select user_lastvisit from " . TABLE_USER . " where user_id = " . $user_id;
  82. $result = $db->sql_query($request);
  83. list($lastvisit) = $db->sql_fetch_row($result);
  84. $request = "update " . TABLE_USER . " set user_lastvisit = " . time() .
  85. " where user_id = " . $user_id;
  86. $db->sql_query($request);
  87. $request = "update " . TABLE_STATISTIC .
  88. " set statistic_value = statistic_value + 1";
  89. $request .= " where statistic_name = 'connection_server'";
  90. $db->sql_query($request);
  91. if ($db->sql_affectedrows() == 0) {
  92. $request = "insert ignore into " . TABLE_STATISTIC .
  93. " values ('connection_server', '1')";
  94. $db->sql_query($request);
  95. }
  96. session_set_user_id($user_id, $lastvisit);
  97. log_('login');
  98. if(!isset($url_append)){
  99. $url_append="";
  100. }
  101. redirection("index.php?action=" . $pub_goto . "" . $url_append);
  102. } else {
  103. redirection("index.php?action=message&id_message=account_lock&info");
  104. }
  105. } else {
  106. redirection("index.php?action=message&id_message=login_wrong&info");
  107. }
  108. }
  109. }
  110. /**
  111. * Login d'un utilisateur avec redirection
  112. * @global string $pub_login
  113. * @global string $pub_password
  114. * @global string $pub_goto
  115. */
  116. function user_login_redirection()
  117. {
  118. global $pub_login, $pub_password, $pub_goto, $url_append;
  119. if($pub_goto=='galaxy'){
  120. global $pub_galaxy, $pub_system;
  121. $url_append="&galaxy=" . $pub_galaxy . "&system=" . $pub_system;
  122. user_login();
  123. } else {
  124. user_login();
  125. }
  126. }
  127. /**
  128. * Deconnection utilisateur
  129. */
  130. function user_logout()
  131. {
  132. log_("logout");
  133. session_close();
  134. redirection("index.php");
  135. }
  136. /**
  137. * Verification de la validite des inputs utilisateurs
  138. * @param string $type Type de variable verifie (pseudo,groupname,password,galaxy,system)
  139. * @param string $string La chaine teste
  140. * @return false|string
  141. */
  142. function string_check($type, $string)
  143. {
  144. if ($type == "pseudo" || $type == "groupname") {
  145. $length_min = 3;
  146. $length_max = 15;
  147. } elseif ($type = "password") {
  148. $length_min = 6;
  149. $length_max = 15;
  150. } elseif ($type = "galaxy") {
  151. $length_min = 1;
  152. $length_max = 999;
  153. } elseif ($type = "system" || $type = "systems") {
  154. $length_min = 1;
  155. $length_max = 999;
  156. }
  157. $string = trim($string);
  158. if (strlen($string) < $length_min || strlen($string) > $length_max) {
  159. return false;
  160. }
  161. return $string;
  162. }
  163. /**
  164. * Modification des droits ogspy d'un utilisateur par l'admin
  165. */
  166. function admin_user_set()
  167. {
  168. global $user_data;
  169. global $pub_user_id, $pub_active, $pub_user_coadmin, $pub_management_user, $pub_management_ranking;
  170. if (!check_var($pub_user_id, "Num") || !check_var($pub_active, "Num") || !
  171. check_var($pub_user_coadmin, "Num") || !check_var($pub_management_user, "Num") ||
  172. !check_var($pub_management_ranking, "Num")) {
  173. redirection("index.php?action=message&id_message=errordata&info");
  174. }
  175. if (!isset($pub_user_id) || !isset($pub_active)) {
  176. redirection("index.php?action=message&id_message=admin_modifyuser_failed&info");
  177. }
  178. //Vérification des droits
  179. user_check_auth("user_update", $pub_user_id);
  180. if ($user_data["user_admin"] == 1) {
  181. if (!isset($pub_user_coadmin) || !isset($pub_management_user) || !isset($pub_management_ranking)) {
  182. redirection("index.php?action=message&id_message=admin_modifyuser_failed&info");
  183. }
  184. } elseif ($user_data["user_coadmin"] == 1) {
  185. $pub_user_coadmin = null;
  186. if (!isset($pub_management_user) || !isset($pub_management_ranking)) {
  187. redirection("index.php?action=message&id_message=admin_modifyuser_failed&info");
  188. }
  189. } else {
  190. $pub_user_coadmin = $pub_management_user = null;
  191. }
  192. if (user_get($pub_user_id) === false) {
  193. redirection("index.php?action=message&id_message=admin_modifyuser_failed&info");
  194. }
  195. user_set_grant($pub_user_id, null, $pub_active, $pub_user_coadmin, $pub_management_user,
  196. $pub_management_ranking);
  197. redirection("index.php?action=administration&subaction=member");
  198. }
  199. /**
  200. * Generation d'un mot de passe par l'admin pour un utilisateur
  201. */
  202. function admin_regeneratepwd()
  203. {
  204. global $user_data;
  205. global $pub_user_id; // $pub_new_pass;
  206. $pass_id = "pub_pass_" . $pub_user_id;
  207. global $$pass_id;
  208. $new_pass = $$pass_id;
  209. if (!check_var($pub_user_id, "Num")) {
  210. redirection("index.php?action=message&id_message=errordata&info");
  211. }
  212. if (!isset($pub_user_id)) {
  213. redirection("index.php?action=message&id_message=errorfatal&info");
  214. }
  215. user_check_auth("user_update", $pub_user_id);
  216. if (user_get($pub_user_id) === false) {
  217. redirection("index.php?action=message&id_message=regeneratepwd_failed&info");
  218. }
  219. if ($new_pass != "") {
  220. $password = $new_pass;
  221. } else {
  222. $password = password_generator();
  223. }
  224. user_set_general($pub_user_id, null, $password);
  225. $info = $pub_user_id . ":" . $password;
  226. log_("regeneratepwd", $pub_user_id);
  227. redirection("index.php?action=message&id_message=regeneratepwd_success&info=" .
  228. $info);
  229. }
  230. /**
  231. * Modification du profil par un utilisateur
  232. * @todo Query : x11
  233. */
  234. function member_user_set()
  235. {
  236. global $db, $user_data, $user_technology;
  237. global $pub_pseudo, $pub_old_password, $pub_new_password, $pub_new_password2, $pub_galaxy,
  238. $pub_system, $pub_skin, $pub_disable_ip_check, $pub_off_commandant, $pub_off_amiral, $pub_off_ingenieur,
  239. $pub_off_geologue, $pub_off_technocrate, $pub_pseudo_ingame, $pub_pseudo_email;
  240. if (!check_var($pub_pseudo, "Text") || !check_var($pub_old_password, "Text") ||
  241. !check_var($pub_new_password, "Text") || !check_var($pub_new_password2,
  242. "CharNum") || !check_var($pub_pseudo_email, "Email")
  243. || !check_var($pub_galaxy, "Num") || !check_var($pub_system, "Num") ||
  244. !check_var($pub_skin, "URL") || !check_var($pub_disable_ip_check, "Num") || !
  245. check_var($pub_pseudo_ingame, "Pseudo_ingame")) {
  246. redirection("index.php?action=message&id_message=errordata&info");
  247. }
  248. $user_id = $user_data["user_id"];
  249. $user_info = user_get($user_id);
  250. $user_empire = user_get_empire();
  251. $user_technology = $user_empire["technology"];
  252. $password_validated = null;
  253. if (!isset($pub_pseudo) || !isset($pub_old_password) || !isset($pub_new_password) ||
  254. !isset($pub_new_password2) || !isset($pub_pseudo_email) || !isset($pub_galaxy) || !isset($pub_system) || !
  255. isset($pub_skin)) {
  256. redirection("index.php?action=message&id_message=member_modifyuser_failed&info");
  257. }
  258. if ($pub_old_password != "" || $pub_new_password != "" || $pub_new_password2 !=
  259. "") {
  260. if ($pub_old_password == "" || $pub_new_password == "" || $pub_new_password != $pub_new_password2) {
  261. redirection("index.php?action=message&id_message=member_modifyuser_failed_passwordcheck&info");
  262. }
  263. if (md5(sha1($pub_old_password)) != $user_info[0]["user_password"]) {
  264. redirection("index.php?action=message&id_message=member_modifyuser_failed_passwordcheck&info");
  265. }
  266. if (!check_var($pub_new_password, "Password")) {
  267. redirection("index.php?action=message&id_message=member_modifyuser_failed_password&info");
  268. }
  269. }
  270. if (!check_var($pub_pseudo, "Pseudo_Groupname")) {
  271. redirection("index.php?action=message&id_message=member_modifyuser_failed_pseudo&info");
  272. }
  273. //pseudo ingame
  274. if ($user_data["user_stat_name"] !== $pub_pseudo_ingame) {
  275. user_set_stat_name($pub_pseudo_ingame);
  276. }
  277. //compte Commandant
  278. if ($user_data['off_commandant'] == "0" && $pub_off_commandant == 1) {
  279. $db->sql_query("UPDATE " . TABLE_USER .
  280. " SET `off_commandant` = '1' WHERE `user_id` = " . $user_id);
  281. }
  282. if ($user_data['off_commandant'] == 1 && (is_null($pub_off_commandant) || $pub_off_commandant !=
  283. 1)) {
  284. $db->sql_query("UPDATE " . TABLE_USER .
  285. " SET `off_commandant` = '0' WHERE `user_id` = " . $user_id);
  286. }
  287. //compte amiral
  288. if ($user_data['off_amiral'] == "0" && $pub_off_amiral == 1) {
  289. $db->sql_query("UPDATE " . TABLE_USER .
  290. " SET `off_amiral` = '1' WHERE `user_id` = " . $user_id);
  291. }
  292. if ($user_data['off_amiral'] == 1 && (is_null($pub_off_amiral) || $pub_off_amiral !=
  293. 1)) {
  294. $db->sql_query("UPDATE " . TABLE_USER .
  295. " SET `off_amiral` = '0' WHERE `user_id` = " . $user_id);
  296. }
  297. //compte ingenieur
  298. if ($user_data['off_ingenieur'] == "0" && $pub_off_ingenieur == 1) {
  299. $db->sql_query("UPDATE " . TABLE_USER .
  300. " SET `off_ingenieur` = '1' WHERE `user_id` = " . $user_id);
  301. }
  302. if ($user_data['off_ingenieur'] == 1 && (is_null($pub_off_ingenieur) || $pub_off_ingenieur !=
  303. 1)) {
  304. $db->sql_query("UPDATE " . TABLE_USER .
  305. " SET `off_ingenieur` = '0' WHERE `user_id` = " . $user_id);
  306. }
  307. //compte geologue
  308. if ($user_data['off_geologue'] == "0" && $pub_off_geologue == 1) {
  309. $db->sql_query("UPDATE " . TABLE_USER .
  310. " SET `off_geologue` = '1' WHERE `user_id` = " . $user_id);
  311. }
  312. if ($user_data['off_geologue'] == 1 && (is_null($pub_off_geologue) || $pub_off_geologue !=
  313. 1)) {
  314. $db->sql_query("UPDATE " . TABLE_USER .
  315. " SET `off_geologue` = '0' WHERE `user_id` = " . $user_id);
  316. }
  317. //compte technocrate
  318. if ($user_data['off_technocrate'] == "0" && $pub_off_technocrate == 1) {
  319. $db->sql_query("UPDATE " . TABLE_USER .
  320. " SET `off_technocrate` = '1' WHERE `user_id` = " . $user_id);
  321. $tech = $user_technology['Esp'] + 2;
  322. $db->sql_query("UPDATE " . TABLE_USER_TECHNOLOGY . " SET `Esp` = " . $tech .
  323. " WHERE `user_id` = " . $user_id);
  324. }
  325. if ($user_data['off_technocrate'] == 1 && (is_null($pub_off_technocrate) || $pub_off_technocrate !=
  326. 1)) {
  327. $db->sql_query("UPDATE " . TABLE_USER .
  328. " SET `off_technocrate` = '0' WHERE `user_id` = " . $user_id);
  329. $tech = $user_technology['Esp'] - 2;
  330. $db->sql_query("UPDATE " . TABLE_USER_TECHNOLOGY . " SET `Esp` = " . $tech .
  331. " WHERE `user_id` = " . $user_id);
  332. }
  333. //Contrôle que le pseudo ne soit pas déjà utilisé
  334. $request = "select * from " . TABLE_USER . " where user_name = '" .
  335. $db->sql_escape_string($pub_pseudo) . "' and user_id <> " . $user_id;
  336. $result = $db->sql_query($request);
  337. if ($db->sql_numrows($result) != 0) {
  338. redirection("index.php?action=message&id_message=member_modifyuser_failed_pseudolocked&info");
  339. }
  340. if (is_null($pub_disable_ip_check) || $pub_disable_ip_check != 1)
  341. $pub_disable_ip_check = 0;
  342. user_set_general($user_id, $pub_pseudo, $pub_new_password, $pub_pseudo_email, null, $pub_galaxy, $pub_system,
  343. $pub_skin, $pub_disable_ip_check);
  344. redirection("index.php?action=profile");
  345. }
  346. /**
  347. * Entree en BDD de donnees utilisateur
  348. * @todo Query x1
  349. */
  350. function user_set_general($user_id, $user_name = null, $user_password = null, $user_email = null, $user_lastvisit = null,
  351. $user_galaxy = null, $user_system = null, $user_skin = null, $disable_ip_check = null)
  352. {
  353. global $db, $user_data, $server_config;
  354. if (!isset($user_id)) {
  355. redirection("index.php?action=message&id_message=errorfatal&info");
  356. }
  357. if (!empty($user_galaxy)) {
  358. $user_galaxy = intval($user_galaxy);
  359. if ($user_galaxy < 1 || $user_galaxy > intval($server_config['num_of_galaxies']))
  360. $user_galaxy = 1;
  361. }
  362. if (!empty($user_system)) {
  363. $user_system = intval($user_system);
  364. if ($user_system < 1 || $user_system > intval($server_config['num_of_systems']))
  365. $user_system = 1;
  366. }
  367. $update = "";
  368. //Pseudo et mot de passe
  369. if (!empty($user_name))
  370. $update .= "user_name = '" . $db->sql_escape_string($user_name) . "'";
  371. if (!empty($user_password))
  372. $update .= ((strlen($update) > 0) ? ", " : "") . "user_password = '" . md5(sha1
  373. ($user_password)) . "'";
  374. //Galaxy et système solaire du membre
  375. if (!empty($user_galaxy))
  376. $update .= ((strlen($update) > 0) ? ", " : "") . "user_galaxy = '" . $user_galaxy .
  377. "'";
  378. if (!empty($user_system))
  379. $update .= ((strlen($update) > 0) ? ", " : "") . "user_system = '" . $user_system .
  380. "'";
  381. //Dernière visite
  382. if (!empty($user_lastvisit))
  383. $update .= ((strlen($update) > 0) ? ", " : "") . "user_lastvisit = '" . $user_lastvisit .
  384. "'";
  385. //Email
  386. if (!empty($user_email))
  387. $update .= ((strlen($update) > 0) ? ", " : "") . "user_email = '" . $user_email .
  388. "'";
  389. //Skin
  390. if (!is_null($user_skin)) {
  391. if (strlen($user_skin) > 0 && substr($user_skin, strlen($user_skin) - 1) != "/")
  392. $user_skin .= "/";
  393. $update .= ((strlen($update) > 0) ? ", " : "") . "user_skin = '" .
  394. $db->sql_escape_string($user_skin) . "'";
  395. }
  396. //Désactivation de la vérification de l'adresse ip
  397. if (!is_null($disable_ip_check))
  398. $update .= ((strlen($update) > 0) ? ", " : "") . "disable_ip_check = '" . $disable_ip_check .
  399. "'";
  400. $request = "update " . TABLE_USER . " set " . $update . " where user_id = " . $user_id;
  401. $db->sql_query($request);
  402. if ($user_id == $user_data['user_id']) {
  403. log_("modify_account");
  404. } else {
  405. log_("modify_account_admin", $user_id);
  406. }
  407. }
  408. /**
  409. * Enregistrement des droits et status utilisateurs
  410. * @todo Query : x2
  411. */
  412. function user_set_grant($user_id, $user_admin = null, $user_active = null, $user_coadmin = null,
  413. $management_user = null, $management_ranking = null)
  414. {
  415. global $db, $user_data;
  416. if (!isset($user_id)) {
  417. redirection("index.php?action=message&id_message=errorfatal&info");
  418. }
  419. //Vérification des droits
  420. user_check_auth("user_update", $user_id);
  421. $update = "";
  422. //Activation membre
  423. if (!is_null($user_active)) {
  424. $update .= ((strlen($update) > 0) ? ", " : "") . "user_active = '" . intval($user_active) .
  425. "'";
  426. if (intval($user_active) == 0) {
  427. $request = "delete from " . TABLE_SESSIONS . " where session_user_id = " . $user_id;
  428. $db->sql_query($request);
  429. }
  430. }
  431. //Co-administration
  432. if (!is_null($user_coadmin)) {
  433. $update .= ((strlen($update) > 0) ? ", " : "") . "user_coadmin = '" . intval($user_coadmin) .
  434. "'";
  435. }
  436. //Gestion des membres
  437. if (!is_null($management_user)) {
  438. $update .= ((strlen($update) > 0) ? ", " : "") . "management_user = '" . intval($management_user) .
  439. "'";
  440. }
  441. //Gestion des classements
  442. if (!is_null($management_ranking)) {
  443. $update .= ((strlen($update) > 0) ? ", " : "") . "management_ranking = '" .
  444. intval($management_ranking) . "'";
  445. }
  446. $request = "update " . TABLE_USER . " set " . $update . " where user_id = " . $user_id;
  447. $db->sql_query($request);
  448. if ($user_id == $user_data['user_id']) {
  449. log_("modify_account");
  450. } else {
  451. log_("modify_account_admin", $user_id);
  452. }
  453. }
  454. /**
  455. * Enregistrement des statistiques utilisateurs
  456. * @todo Query : x1
  457. */
  458. function user_set_stat($planet_added_web = null, $planet_added_ogs = null, $search = null,
  459. $spy_added_web = null, $spy_added_ogs = null, $rank_added_web = null, $rank_added_ogs = null,
  460. $planet_exported = null, $spy_exported = null, $rank_exported = null)
  461. {
  462. global $db, $user_data;
  463. $update = "";
  464. //Statistiques envoi systèmes solaires et rapports d'espionnage
  465. if (!is_null($planet_added_web))
  466. $update .= ((strlen($update) > 0) ? ", " : "") .
  467. "planet_added_web = planet_added_web + " . $planet_added_web;
  468. if (!is_null($planet_added_ogs))
  469. $update .= ((strlen($update) > 0) ? ", " : "") .
  470. "planet_added_ogs = planet_added_ogs + " . $planet_added_ogs;
  471. if (!is_null($search))
  472. $update .= ((strlen($update) > 0) ? ", " : "") . "search = search + " . $search;
  473. if (!is_null($spy_added_web))
  474. $update .= ((strlen($update) > 0) ? ", " : "") .
  475. "spy_added_web = spy_added_web + " . $spy_added_web;
  476. if (!is_null($spy_added_ogs))
  477. $update .= ((strlen($update) > 0) ? ", " : "") .
  478. "spy_added_ogs = spy_added_ogs + " . $spy_added_ogs;
  479. if (!is_null($rank_added_web))
  480. $update .= ((strlen($update) > 0) ? ", " : "") .
  481. "rank_added_web = rank_added_web + " . $rank_added_web;
  482. if (!is_null($rank_added_ogs))
  483. $update .= ((strlen($update) > 0) ? ", " : "") .
  484. "rank_added_ogs = rank_added_ogs + " . $rank_added_ogs;
  485. if (!is_null($planet_exported))
  486. $update .= ((strlen($update) > 0) ? ", " : "") .
  487. "planet_exported = planet_exported + " . $planet_exported;
  488. if (!is_null($spy_exported))
  489. $update .= ((strlen($update) > 0) ? ", " : "") .
  490. "spy_exported = spy_exported + " . $spy_exported;
  491. if (!is_null($rank_exported))
  492. $update .= ((strlen($update) > 0) ? ", " : "") .
  493. "rank_exported = rank_exported + " . $rank_exported;
  494. $request = "update " . TABLE_USER . " set " . $update . " where user_id = " . $user_data["user_id"];
  495. $db->sql_query($request);
  496. }
  497. /**
  498. * Recuperation d'une ligne d'information utilisateur
  499. * @param int $user_id Identificateur optionnel d'1 utilisateur specifique
  500. * @return Array Liste des utilisateurs ou de l'utilisateur specifique
  501. * @comment Pourrait peut etre avantageusement remplace par select * from TABLE_USER
  502. * @comment pour les eventuels champs supplementaires
  503. * @todo Query : x1
  504. */
  505. function user_get($user_id = false)
  506. {
  507. global $db;
  508. $request = "select user_id, user_name, user_password, user_email, user_active, user_regdate, user_lastvisit," .
  509. " user_galaxy, user_system, user_admin, user_coadmin, management_user, management_ranking, disable_ip_check," .
  510. " off_commandant, off_amiral, off_ingenieur, off_geologue, off_technocrate" .
  511. " from " . TABLE_USER;
  512. if ($user_id !== false) {
  513. $request .= " where user_id = " . $user_id;
  514. }
  515. $request .= " order by user_name";
  516. $result = $db->sql_query($request);
  517. $info_users = array();
  518. while ($row = $db->sql_fetch_assoc($result)) {
  519. $info_users[] = $row;
  520. }
  521. if (sizeof($info_users) == 0) {
  522. return false;
  523. }
  524. return $info_users;
  525. }
  526. /**
  527. * Recuperation des droits d'un utilisateur
  528. * @param int $user_id Identificateur de l'utilisateur demande
  529. * @todo Query : x1
  530. * @return Array Tableau des droits
  531. */
  532. function user_get_auth($user_id)
  533. {
  534. global $db;
  535. $user_info = user_get($user_id);
  536. $user_info = $user_info[0];
  537. if ($user_info["user_admin"] == 1 || $user_info["user_coadmin"] == 1) {
  538. $user_auth = array("server_set_system" => 1, "server_set_spy" => 1,
  539. "server_set_rc" => 1, "server_set_ranking" => 1, "server_show_positionhided" =>
  540. 1, "ogs_connection" => 1, "ogs_set_system" => 1, "ogs_get_system" => 1,
  541. "ogs_set_spy" => 1, "ogs_get_spy" => 1, "ogs_set_ranking" => 1,
  542. "ogs_get_ranking" => 1);
  543. return $user_auth;
  544. }
  545. $request = "select server_set_system, server_set_spy, server_set_rc, server_set_ranking, server_show_positionhided,";
  546. $request .= " ogs_connection, ogs_set_system, ogs_get_system, ogs_set_spy, ogs_get_spy, ogs_set_ranking, ogs_get_ranking";
  547. $request .= " from " . TABLE_GROUP . " g, " . TABLE_USER_GROUP . " u";
  548. $request .= " where g.group_id = u.group_id";
  549. $request .= " and user_id = " . $user_id;
  550. $result = $db->sql_query($request);
  551. if ($db->sql_numrows($result) > 0) {
  552. $user_auth = array("server_set_system" => 0, "server_set_spy" => 0,
  553. "server_set_rc" => 0, "server_set_ranking" => 0, "server_show_positionhided" =>
  554. 0, "ogs_connection" => 0, "ogs_set_system" => 0, "ogs_get_system" => 0,
  555. "ogs_set_spy" => 0, "ogs_get_spy" => 0, "ogs_set_ranking" => 0,
  556. "ogs_get_ranking" => 0);
  557. while ($row = $db->sql_fetch_assoc($result)) {
  558. if ($row["server_set_system"] == 1)
  559. $user_auth["server_set_system"] = 1;
  560. if ($row["server_set_spy"] == 1)
  561. $user_auth["server_set_spy"] = 1;
  562. if ($row["server_set_rc"] == 1)
  563. $user_auth["server_set_rc"] = 1;
  564. if ($row["server_set_ranking"] == 1)
  565. $user_auth["server_set_ranking"] = 1;
  566. if ($row["server_show_positionhided"] == 1)
  567. $user_auth["server_show_positionhided"] = 1;
  568. if ($row["ogs_connection"] == 1)
  569. $user_auth["ogs_connection"] = 1;
  570. if ($row["ogs_set_system"] == 1)
  571. $user_auth["ogs_set_system"] = 1;
  572. if ($row["ogs_get_system"] == 1)
  573. $user_auth["ogs_get_system"] = 1;
  574. if ($row["ogs_set_spy"] == 1)
  575. $user_auth["ogs_set_spy"] = 1;
  576. if ($row["ogs_get_spy"] == 1)
  577. $user_auth["ogs_get_spy"] = 1;
  578. if ($row["ogs_set_ranking"] == 1)
  579. $user_auth["ogs_set_ranking"] = 1;
  580. if ($row["ogs_get_ranking"] == 1)
  581. $user_auth["ogs_get_ranking"] = 1;
  582. }
  583. } else {
  584. $user_auth = array("server_set_system" => 0, "server_set_spy" => 0,
  585. "server_set_ranking" => 0, "server_show_positionhided" => 0, "ogs_connection" =>
  586. 0, "ogs_set_system" => 0, "ogs_get_system" => 0, "ogs_set_spy" => 0,
  587. "ogs_get_spy" => 0, "ogs_set_ranking" => 0, "ogs_get_ranking" => 0);
  588. }
  589. return $user_auth;
  590. }
  591. /**
  592. * Creation d'un utilisateur a partir des donnees du formulaire admin
  593. * @comment redirection si erreur de type de donnee
  594. * @todo Query : x3
  595. */
  596. function user_create()
  597. {
  598. global $db, $user_data;
  599. global $pub_pseudo, $pub_user_id, $pub_active, $pub_user_coadmin, $pub_management_user,
  600. $pub_management_ranking, $pub_group_id, $pub_pass;
  601. if (!check_var($pub_pseudo, "Pseudo_Groupname")) {
  602. redirection("index.php?action=message&id_message=errordata&info=1");
  603. }
  604. if (!isset($pub_pseudo)) {
  605. redirection("index.php?action=message&id_message=createuser_failed_general&info");
  606. }
  607. //Vérification des droits
  608. user_check_auth("user_create");
  609. if (!check_var($pub_pseudo, "Pseudo_Groupname")) {
  610. redirection("index.php?action=message&id_message=createuser_failed_pseudo&info=" .
  611. $pub_pseudo);
  612. }
  613. if (!check_var($pub_pass, "Password")) {
  614. redirection("index.php?action=message&id_message=createuser_failed_password&info=" .
  615. $pub_pseudo);
  616. }
  617. if ($pub_pass != "") {
  618. $password = $pub_pass;
  619. } else {
  620. $password = password_generator();
  621. }
  622. //$request = "select user_id from ".TABLE_USER." where user_name = '". $db->sql_escape_string($pub_pseudo)."'";
  623. $request = "select user_id from " . TABLE_USER . " where user_name = '" . $pub_pseudo .
  624. "'";
  625. $result = $db->sql_query($request);
  626. if ($db->sql_numrows($result) == 0) {
  627. $request = "insert into " . TABLE_USER .
  628. " (user_name, user_password, user_regdate, user_active)" . " values ('" . $pub_pseudo .
  629. "', '" . md5(sha1($password)) . "', " . time() . ", '1')";
  630. $db->sql_query($request);
  631. $user_id = $db->sql_insertid();
  632. $request = "insert into " . TABLE_USER_GROUP . " (group_id, user_id) values (" .
  633. $pub_group_id . ", " . $user_id . ")";
  634. $db->sql_query($request);
  635. $info = $user_id . ":" . $password;
  636. log_("create_account", $user_id);
  637. user_set_grant($user_id, null, $pub_active, $pub_user_coadmin, $pub_management_user,
  638. $pub_management_ranking);
  639. redirection("index.php?action=message&id_message=createuser_success&info=" . $info);
  640. } else {
  641. redirection("index.php?action=message&id_message=createuser_failed_pseudolocked&info=" .
  642. $pub_pseudo);
  643. }
  644. }
  645. /**
  646. * Suppression d'un utilisateur ($pub_user_id)
  647. * @todo Query : x12
  648. */
  649. function user_delete()
  650. {
  651. global $db, $user_data;
  652. global $pub_user_id;
  653. if (!check_var($pub_user_id, "Num")) {
  654. redirection("index.php?action=message&id_message=errordata&info");
  655. }
  656. if (!isset($pub_user_id)) {
  657. redirection("index.php?action=message&id_message=createuser_failed_general&info");
  658. }
  659. user_check_auth("user_update", $pub_user_id);
  660. log_("delete_account", $pub_user_id);
  661. $request = "delete from " . TABLE_USER . " where user_id = " . $pub_user_id;
  662. $db->sql_query($request);
  663. $request = "delete from " . TABLE_USER_GROUP . " where user_id = " . $pub_user_id;
  664. $db->sql_query($request);
  665. $request = "delete from " . TABLE_USER_BUILDING . " where user_id = " . $pub_user_id;
  666. $db->sql_query($request);
  667. $request = "delete from " . TABLE_USER_FAVORITE . " where user_id = " . $pub_user_id;
  668. $db->sql_query($request);
  669. $request = "delete from " . TABLE_USER_DEFENCE . " where user_id = " . $pub_user_id;
  670. $db->sql_query($request);
  671. $request = "delete from " . TABLE_USER_SPY . " where user_id = " . $pub_user_id;
  672. $db->sql_query($request);
  673. $request = "delete from " . TABLE_USER_TECHNOLOGY . " where user_id = " . $pub_user_id;
  674. $db->sql_query($request);
  675. $request = "update " . TABLE_RANK_PLAYER_POINTS ." set sender_id = 0 where sender_id = " . $pub_user_id;
  676. $db->sql_query($request);
  677. $request = "update " . TABLE_RANK_PLAYER_ECO ." set sender_id = 0 where sender_id = " . $pub_user_id;
  678. $db->sql_query($request);
  679. $request = "update " . TABLE_RANK_PLAYER_TECHNOLOGY ." set sender_id = 0 where sender_id = " . $pub_user_id;
  680. $db->sql_query($request);
  681. $request = "update " . TABLE_RANK_PLAYER_MILITARY ." set sender_id = 0 where sender_id = " . $pub_user_id;
  682. $db->sql_query($request);
  683. $request = "update " . TABLE_RANK_PLAYER_MILITARY_BUILT ." set sender_id = 0 where sender_id = " . $pub_user_id;
  684. $db->sql_query($request);
  685. $request = "update " . TABLE_RANK_PLAYER_MILITARY_LOOSE ." set sender_id = 0 where sender_id = " . $pub_user_id;
  686. $db->sql_query($request);
  687. $request = "update " . TABLE_RANK_PLAYER_MILITARY_DESTRUCT ." set sender_id = 0 where sender_id = " . $pub_user_id;
  688. $db->sql_query($request);
  689. $request = "update " . TABLE_RANK_PLAYER_HONOR ." set sender_id = 0 where sender_id = " . $pub_user_id;
  690. $db->sql_query($request);
  691. $request = "update " . TABLE_RANK_ALLY_POINTS ." set sender_id = 0 where sender_id = " . $pub_user_id;
  692. $db->sql_query($request);
  693. $request = "update " . TABLE_RANK_ALLY_ECO ." set sender_id = 0 where sender_id = " . $pub_user_id;
  694. $db->sql_query($request);
  695. $request = "update " . TABLE_RANK_ALLY_TECHNOLOGY ." set sender_id = 0 where sender_id = " . $pub_user_id;
  696. $db->sql_query($request);
  697. $request = "update " . TABLE_RANK_ALLY_MILITARY ." set sender_id = 0 where sender_id = " . $pub_user_id;
  698. $db->sql_query($request);
  699. $request = "update " . TABLE_RANK_ALLY_MILITARY_BUILT ." set sender_id = 0 where sender_id = " . $pub_user_id;
  700. $db->sql_query($request);
  701. $request = "update " . TABLE_RANK_ALLY_MILITARY_LOOSE ." set sender_id = 0 where sender_id = " . $pub_user_id;
  702. $db->sql_query($request);
  703. $request = "update " . TABLE_RANK_ALLY_MILITARY_DESTRUCT ." set sender_id = 0 where sender_id = " . $pub_user_id;
  704. $db->sql_query($request);
  705. $request = "update " . TABLE_RANK_ALLY_HONOR ." set sender_id = 0 where sender_id = " . $pub_user_id;
  706. $db->sql_query($request);
  707. $request = "update " . TABLE_UNIVERSE ." set last_update_user_id = 0 where last_update_user_id = " . $pub_user_id;
  708. $db->sql_query($request);
  709. session_close($pub_user_id);
  710. redirection("index.php?action=administration&subaction=member");
  711. }
  712. /**
  713. * Recuperation des statistiques
  714. * @todo Query : x1
  715. */
  716. function user_statistic()
  717. {
  718. global $db;
  719. $request = "select user_id, user_name, planet_added_web, planet_added_ogs, search, spy_added_web, spy_added_ogs, rank_added_web, rank_added_ogs, planet_exported, spy_exported, rank_exported, xtense_type, xtense_version, user_active, user_admin";
  720. $request .= " from " . TABLE_USER .
  721. " order by (planet_added_web + planet_added_ogs) desc";
  722. $result = $db->sql_query($request);
  723. $user_statistic = array();
  724. while ($row = $db->sql_fetch_assoc($result)) {
  725. $here = "";
  726. $request = "select session_ogs from " . TABLE_SESSIONS .
  727. " where session_user_id = " . $row["user_id"];
  728. $result_2 = $db->sql_query($request);
  729. if ($db->sql_numrows($result_2) > 0) {
  730. $here = "(*)";
  731. list($session_ogs) = $db->sql_fetch_row($result_2);
  732. if ($session_ogs == 1)
  733. $here = "(**)";
  734. }
  735. $user_statistic[] = array_merge($row, array("here" => $here));
  736. }
  737. return $user_statistic;
  738. }
  739. /**
  740. * Enregistrement des donnees Empires d'un utilisateur
  741. */
  742. function user_set_empire()
  743. {
  744. global $pub_typedata, $pub_data, $pub_planet_id, $pub_planet_name, $pub_fields,
  745. $pub_coordinates, $pub_temperature_min, $pub_temperature_max, $pub_satellite;
  746. if (!isset($pub_typedata) || !isset($pub_data)) {
  747. redirection("index.php?action=message&id_message=errorfatal&info");
  748. }
  749. switch ($pub_typedata) {
  750. case "B":
  751. if (!isset($pub_planet_name) || !isset($pub_fields) || !isset($pub_coordinates) ||
  752. !isset($pub_temperature_min) || !isset($pub_temperature_max) || !isset($pub_satellite)) {
  753. redirection("index.php?action=message&id_message=errorfatal&info");
  754. }
  755. user_set_building($pub_data, $pub_planet_id, $pub_planet_name, $pub_fields, $pub_coordinates,
  756. $pub_temperature_min, $pub_temperature_max, $pub_satellite);
  757. break;
  758. case "T":
  759. user_set_technology($pub_data);
  760. break;
  761. case "D":
  762. if (!isset($pub_planet_name) || !isset($pub_fields) || !isset($pub_coordinates) ||
  763. !isset($pub_temperature_min) || !isset($pub_temperature_max) || !isset($pub_satellite)) {
  764. redirection("index.php?action=message&id_message=errorfatal&info");
  765. }
  766. user_set_defence($pub_data, $pub_planet_id, $pub_planet_name, $pub_fields, $pub_coordinates,
  767. $pub_temperature_min, $pub_temperature_max, $pub_satellite);
  768. break;
  769. case "E":
  770. user_set_all_empire($pub_data);
  771. break;
  772. default:
  773. redirection("index.php?action=message&id_message=errorfatal&info");
  774. break;
  775. }
  776. redirection("index.php?action=home&subaction=empire");
  777. }
  778. /**
  779. * Enregistrement de toutes les donnees empires
  780. * @param array $data All data related to the empire
  781. * @todo Query : x5
  782. */
  783. function user_set_all_empire($data)
  784. {
  785. global $db, $user_data;
  786. global $pub_view;
  787. require_once ("parameters/lang_empire.php");
  788. $data = str_replace("-", "0", $data);
  789. $data = str_replace(".", "", $data);
  790. $data = stripcslashes($data);
  791. $lines = explode(chr(10), $data);
  792. $OK = false;
  793. $etape = "";
  794. $planetes_total_row = false;
  795. foreach ($lines as $line) {
  796. $arr = array();
  797. $line = trim($line);
  798. if ($line == "Vue d'ensemble de votre empire") {
  799. $OK = true;
  800. continue;
  801. }
  802. if ($OK) {
  803. if (preg_match("#^Coordonnées\s+\[(.*)\]$#", $line, $arr)) {
  804. $coordonnees = preg_split("/\]\s+\[/", $arr[1]);
  805. $planetes_total_row = sizeof($coordonnees) + 1;
  806. if ($planetes_total_row > 10)
  807. return false;
  808. $link_building = array($lang_building["M"] => "M", $lang_building["C"] => "C", $lang_building["D"] =>
  809. "D", $lang_building["CES"] => "CES", $lang_building["CEF"] => "CEF", $lang_building["UdR"] =>
  810. "UdR", $lang_building["UdN"] => "UdN", $lang_building["CSp"] => "CSp", $lang_building["HM"] =>
  811. "HM", $lang_building["HC"] => "HC", $lang_building["HD"] => "HD", $lang_building["Lab"] =>
  812. "Lab", $lang_building["Ter"] => "Ter", $lang_building["Silo"] => "Silo", $lang_building["BaLu"] =>
  813. "BaLu", $lang_building["Pha"] => "Pha", $lang_building["PoSa"] => "PoSa");
  814. $buildings = array("M" => array_fill(0, $planetes_total_row, 0), "C" =>
  815. array_fill(0, $planetes_total_row, 0), "D" => array_fill(0, $planetes_total_row,
  816. 0), "CES" => array_fill(0, $planetes_total_row, 0), "CEF" => array_fill(0, $planetes_total_row,
  817. 0), "UdR" => array_fill(0, $planetes_total_row, 0), "UdN" => array_fill(0, $planetes_total_row,
  818. 0), "CSp" => array_fill(0, $planetes_total_row, 0), "HM" => array_fill(0, $planetes_total_row,
  819. 0), "HC" => array_fill(0, $planetes_total_row, 0), "HD" => array_fill(0, $planetes_total_row,
  820. 0), "Lab" => array_fill(0, $planetes_total_row, 0), "Ter" => array_fill(0, $planetes_total_row,
  821. 0), "Silo" => array_fill(0, $planetes_total_row, 0), "BaLu" => array_fill(0, $planetes_total_row,
  822. 0), "Pha" => array_fill(0, $planetes_total_row, 0), "PoSa" => array_fill(0, $planetes_total_row,
  823. 0));
  824. $link_defence = array($lang_defence["LM"] => "LM", $lang_defence["LLE"] => "LLE",
  825. $lang_defence["LLO"] => "LLO", $lang_defence["CG"] => "CG", $lang_defence["AI"] =>
  826. "AI", $lang_defence["LP"] => "LP", $lang_defence["PB"] => "PB", $lang_defence["GB"] =>
  827. "GB", $lang_defence["MIC"] => "MIC", $lang_defence["MIP"] => "MIP");
  828. $defences = array("LM" => array_fill(0, $planetes_total_row, 0), "LLE" =>
  829. array_fill(0, $planetes_total_row, 0), "LLO" => array_fill(0, $planetes_total_row,
  830. 0), "CG" => array_fill(0, $planetes_total_row, 0), "AI" => array_fill(0, $planetes_total_row,
  831. 0), "LP" => array_fill(0, $planetes_total_row, 0), "PB" => array_fill(0, $planetes_total_row,
  832. 0), "GB" => array_fill(0, $planetes_total_row, 0), "MIC" => array_fill(0, $planetes_total_row,
  833. 0), "MIP" => array_fill(0, $planetes_total_row, 0));
  834. $link_technology = array($lang_technology["Esp"] => "Esp", $lang_technology["Ordi"] =>
  835. "Ordi", $lang_technology["Armes"] => "Armes", $lang_technology["Bouclier"] =>
  836. "Bouclier", $lang_technology["Protection"] => "Protection", $lang_technology["NRJ"] =>
  837. "NRJ", $lang_technology["Hyp"] => "Hyp", $lang_technology["RC"] => "RC", $lang_technology["RI"] =>
  838. "RI", $lang_technology["PH"] => "PH", $lang_technology["Laser"] => "Laser", $lang_technology["Ions"] =>
  839. "Ions", $lang_technology["Plasma"] => "Plasma", $lang_technology["RRI"] => "RRI",
  840. $lang_technology["Graviton"] => "Graviton", $lang_technology["Astrophysique"] =>
  841. "Astrophysique");
  842. $technologies = array("Esp" => 0, "Ordi" => 0, "Armes" => 0, "Bouclier" => 0,
  843. "Protection" => 0, "NRJ" => 0, "Hyp" => 0, "RC" => 0, "RI" => 0, "PH" => 0,
  844. "Laser" => 0, "Ions" => 0, "Plasma" => 0, "RRI" => 0, "Graviton" => 0,
  845. "Astrophysique" => 0);
  846. $satellites = array_fill(0, $planetes_total_row, 0);
  847. $cases = array_fill(0, $planetes_total_row, 0);
  848. // creation du masque ici
  849. $masq = "#^((?:\s?\S+)+)\s+";
  850. for ($i = 0; $i < ($planetes_total_row - 1); $i++) {
  851. $masq .= "(\d+)(?:|\s\d+|\s\(\d+\))\s+";
  852. }
  853. $masq .= "(\d+)(?:\s\d+|\s\(\d+\))*$#";
  854. continue;
  855. }
  856. if ($OK && $planetes_total_row !== false) {
  857. if (preg_match("#^Cases\s+\d+\/((?:\d+\s+(?:\d+)\/(?:\d+)\s*){1," . $planetes_total_row .
  858. "})$#", $line, $arr)) {
  859. $cases = preg_split("/\s+\d+\//", $arr[1]);
  860. if (sizeof($cases) != $planetes_total_row)
  861. return false;
  862. continue;
  863. }
  864. if (preg_match("#^(" . $lang_empire["Batiment"] . "|" . $lang_empire["Recherche"] .
  865. "|" . $lang_empire["Vaisseaux"] . "|" . $lang_empire["Défense"] . ")$#", $line)) {
  866. $etape = $line;
  867. continue;
  868. }
  869. if ($etape != "" && preg_match($masq, $line, $arr)) {
  870. $building = $arr[1];
  871. $levels = array_slice($arr, 2);
  872. switch ($etape) {
  873. case "Bâtiments":
  874. if (isset($link_building[$building])) {
  875. if (sizeof($levels) != $planetes_total_row)
  876. return false;
  877. $buildings[$link_building[$building]] = $levels;
  878. }
  879. break;
  880. case "Recherche":
  881. if (isset($link_technology[$building])) {
  882. if (sizeof($levels) != $planetes_total_row)
  883. return false;
  884. $technologies[$link_technology[$building]] = max($levels);
  885. }
  886. break;
  887. case "Vaisseaux":
  888. if ($building == "Satellite solaire") {
  889. if (sizeof($levels) != $planetes_total_row)
  890. return false;
  891. $satellites = $levels;
  892. }
  893. break;
  894. case "Défense":
  895. if (isset($link_defence[$building])) {
  896. if (sizeof($levels) != $planetes_total_row)
  897. return false;
  898. $defences[$link_defence[$building]] = $levels;
  899. }
  900. break;
  901. default:
  902. redirection("index.php?action=message&id_message=set_empire_failed_data&info");
  903. }
  904. continue;
  905. }
  906. }
  907. }
  908. }
  909. if ($OK && $planetes_total_row !== false) {
  910. $j = 19;
  911. for ($i = 0; $i < $planetes_total_row; $i++) {
  912. if ($pub_view == "moons") {
  913. $request = "select planet_id from " . TABLE_USER_BUILDING .
  914. " where coordinates = '" . $coordonnees[$i] . "' and planet_id > 9";
  915. $result = $db->sql_query($request);
  916. if ($db->sql_numrows($result) > 0) {
  917. list($planete_id) = $db->sql_fetch_row($result);
  918. } else {
  919. $request = "select planet_id from " . TABLE_USER_BUILDING . " where user_id = " .
  920. $user_data["user_id"] . " and coordinates = '" . $coordonnees[$i] . "'";
  921. $result = $db->sql_query($request);
  922. list($planete_id) = $db->sql_fetch_row($result);
  923. if (!$planete_id) {
  924. $planete_id = $j;
  925. $j++;
  926. } else
  927. $planete_id += 9;
  928. }
  929. } else
  930. $planete_id = $i + 1;
  931. if ($pub_view == "planets")
  932. $case = $cases[$i] - 5 * $buildings["Ter"][$i];
  933. else
  934. $case = 1;
  935. $request = "update " . TABLE_USER_BUILDING . " set coordinates = '" . $coordonnees[$i] .
  936. "', `fields` = " . $case . " , Sat = " . $satellites[$i];
  937. $request .= ", M = " . $buildings["M"][$i] . ", C = " . $buildings["C"][$i] .
  938. ", D = " . $buildings["D"][$i];
  939. $request .= ", CES = " . $buildings["CES"][$i] . ", CEF = " . $buildings["CEF"][$i] .
  940. ", UdR = " . $buildings["UdR"][$i];
  941. $request .= ", UdN = " . $buildings["UdN"][$i] . ", CSp = " . $buildings["CSp"][$i] .
  942. ", HM = " . $buildings["HM"][$i];
  943. $request .= ", HC = " . $buildings["HC"][$i] . ", HD = " . $buildings["HD"][$i] .
  944. ", Lab = " . $buildings["Lab"][$i];
  945. $request .= ", Ter = " . $buildings["Ter"][$i] . ", Silo = " . $buildings["Silo"][$i] .
  946. ", BaLu = " . $buildings["BaLu"][$i];
  947. $request .= ", Pha = " . $buildings["Pha"][$i] . ", PoSa = " . $buildings["PoSa"][$i] . ($pub_view ==
  948. 'lunes' ? ', planet_name = \'Lune\'' : '');
  949. $request .= " where user_id = " . $user_data["user_id"] . " and planet_id = " .
  950. $planete_id;
  951. $db->sql_query($request);
  952. if ($db->sql_affectedrows() == 0) {
  953. $request = "insert ignore into " . TABLE_USER_BUILDING .
  954. " (user_id, planet_id, planet_name, coordinates, `fields`, temperature_min, temperature_max, Sat, M, C, D, CES, CEF, UdR, UdN, CSp, HM, HC, HD, Lab, Ter, Silo, BaLu, Pha, PoSa)";
  955. $request .= " values (" . $user_data["user_id"] . ", " . $planete_id . ", '" . ($pub_view ==
  956. 'moons' ? 'Lune' : 'planete ' . $planete_id) . "', '" . $coordonnees[$i] . "', " .
  957. $case . ", 0, " . $satellites[$i];
  958. $request .= ", " . $buildings["M"][$i] . ", " . $buildings["C"][$i] . ", " . $buildings["D"][$i];
  959. $request .= ", " . $buildings["CES"][$i] . ", " . $buildings["CEF"][$i] . ", " .
  960. $buildings["UdR"][$i];
  961. $request .= ", " . $buildings["UdN"][$i] . ", " . $buildings["CSp"][$i] . ", " .
  962. $buildings["HM"][$i];
  963. $request .= ", " . $buildings["HC"][$i] . ", " . $buildings["HD"][$i] . ", " . $buildings["Lab"][$i];
  964. $request .= ", " . $buildings["Ter"][$i] . ", " . $buildings["Silo"][$i] . ", " .
  965. $buildings["BaLu"][$i];
  966. $request .= ", " . $buildings["Pha"][$i] . ", " . $buildings["PoSa"][$i] . ")";
  967. $db->sql_query($request);
  968. }
  969. $request = "delete from " . TABLE_USER_DEFENCE . " where user_id = " . $user_data["user_id"] .
  970. " and planet_id= " . $planete_id;
  971. $db->sql_query($request);
  972. $request = "insert into " . TABLE_USER_DEFENCE .
  973. " (user_id, planet_id, LM, LLE, LLO, CG, AI, LP, PB, GB, MIC, MIP)";
  974. $request .= " values (" . $user_data["user_id"] . ", " . $planete_id . ", " . $defences["LM"][$i] .
  975. ", " . $defences["LLE"][$i] . "," . $defences["LLO"][$i] . ", " . $defences["CG"][$i] .
  976. ", " . $defences["AI"][$i] . ", " . $defences["LP"][$i] . ", " . $defences["PB"][$i] .
  977. ", " . $defences["GB"][$i] . ", " . $defences["MIC"][$i] . ", " . $defences["MIP"][$i] .
  978. ")";
  979. $db->sql_query($request);
  980. }
  981. if ($pub_view == "planets") {
  982. $request = "delete from " . TABLE_USER_TECHNOLOGY . " where user_id = " . $user_data["user_id"];
  983. $db->sql_query($request);
  984. $request = "insert into " . TABLE_USER_TECHNOLOGY .
  985. " (user_id, esp, Ordi, Armes, Bouclier, Protection, NRJ, Hyp, RC, RI, PH, Laser, Ions, Plasma, RRI, Graviton, Astrophysique)";
  986. $request .= " values (" . $user_data["user_id"] . ", " . $technologies["Esp"] .
  987. ", " . $technologies["Ordi"] . "," . $technologies["Armes"] . ", " . $technologies["Bouclier"] .
  988. ", " . $technologies["Protection"] . ", " . $technologies["NRJ"] . ", " . $technologies["Hyp"] .
  989. ", " . $technologies["RC"] . ", " . $technologies["RI"] . ", " . $technologies["PH"] .
  990. ", " . $technologies["Laser"] . ", " . $technologies["Ions"] . ", " . $technologies["Plasma"] .
  991. ", " . $technologies["RRI"] . ", " . $technologies["Graviton"] . ", " . $technologies["Astrophysique"] .
  992. ");";
  993. $db->sql_query($request);
  994. }
  995. if ($pub_view == "planets")
  996. redirection("index.php?action=home&subaction=empire&view=" . $pub_view .
  997. "&alert_empire=true");
  998. else
  999. redirection("index.php?action=home&subaction=empire&view=" . $pub_view);
  1000. } else
  1001. redirection("index.php?action=message&id_message=set_empire_failed_data&info");
  1002. }
  1003. /**
  1004. * remise en ordre des lunes en fonctions des positions des planetes
  1005. * @todo Query : x6
  1006. */
  1007. function user_set_all_empire_resync_moon()
  1008. {
  1009. global $db, $user_data;
  1010. // lews planetes
  1011. $request = "select planet_id, coordinates";
  1012. $request .= " from " . TABLE_USER_BUILDING;
  1013. $request .= " where user_id = " . $user_data["user_id"];
  1014. $request .= " and planet_id <= 199";
  1015. $request .= " order by planet_id";
  1016. $result = $db->sql_query($request);
  1017. while (list($planet_id, $coordinates) = $db->sql_fetch_row($result)) {
  1018. $planet_position[$coordinates] = $planet_id;
  1019. }
  1020. // les lunes
  1021. $request = "select planet_id, coo…

Large files files are truncated, but you can click here to view the full file