user.php | searchcode

/includes/user.php

Large files files are truncated, but you can click here to view the full file

<?php
/**
 * user.php Fonctions concernant les utilisateurs
 * @author Kyser
 * @package OGSpy
 * @subpackage user
 * @copyright Copyright &copy; 2007, http://ogsteam.fr/
 * @modified $Date: 2012-08-29 00:22:35 +0200 (Wed, 29 Aug 2012) $
 * @author Kyser
 * @link $HeadURL: http://svn.ogsteam.fr/trunk/ogspy/includes/user.php $
 * @version 3.04b ( $Rev: 7700 $ ) 
 * $Id: user.php 7700 2012-08-28 22:22:35Z darknoon $
 */

if (!defined('IN_SPYOGAME')) {
    die("Hacking attempt");
}

/**
 * Verification des droits utilisateurs sur une action avec redirection le cas echeant
 * @param string $action Action verifie
 * @param int $user_id identificateur optionnel de l'utilisateur teste
 */
function user_check_auth($action, $user_id = null)
{
    global $user_data, $user_auth;

    switch ($action) {
        case "user_create":
        case "usergroup_manage":
            if ($user_data["user_admin"] != 1 && $user_data["user_coadmin"] != 1 && $user_data["management_user"] !=
                1)
                redirection("index.php?action=message&id_message=forbidden&info");

            break;

        case "user_update":
            if ($user_data["user_admin"] != 1 && $user_data["user_coadmin"] != 1 && $user_data["management_user"] !=
                1)
                redirection("index.php?action=message&id_message=forbidden&info");

            $info_user = user_get($user_id);
            if ($info_user === false)
                redirection("index.php?action=message&id_message=deleteuser_failed&info");

            if (($user_data["user_admin"] != 1 && $user_data["user_coadmin"] != 1 && $user_data["management_user"] !=
                1) || ($info_user[0]["user_admin"] == 1) || (($user_data["user_coadmin"] == 1) &&
                ($info_user[0]["user_coadmin"] == 1)) || (($user_data["user_coadmin"] != 1 && $user_data["management_user"] ==
                1) && ($info_user[0]["user_coadmin"] == 1 || $info_user[0]["management_user"] ==
                1))) {
                redirection("index.php?action=message&id_message=forbidden&info");
            }

            break;


        default:
            redirection("index.php?action=message&id_message=errorfatal&info");
    }
}
/**
 * Login d'un utilisateur
 * @global string $pub_login
 * @global string $pub_password
 * @global string $pub_goto
 * @todo Query : "select user_id, user_active from " . TABLE_USER .
            " where user_name = '" .  $db->sql_escape_string($pub_login) .
            "' and user_password = '" . md5(sha1($pub_password)) . "'";
 * @todo Query : "select user_lastvisit from " . TABLE_USER . " where user_id = " . $user_id;
 * @todo Query : "update " . TABLE_USER . " set user_lastvisit = " . time() ." where user_id = " . $user_id;
 * @todo Query : "update " . TABLE_STATISTIC ." set statistic_value = statistic_value + 1" " where statistic_name = 'connection_server'";
 * @todo Query : "insert ignore into " . TABLE_STATISTIC ." values ('connection_server', '1')";
 */
function user_login()
{
    global $db;
    global $pub_login, $pub_password, $pub_goto, $url_append;

    if (!check_var($pub_login, "Pseudo_Groupname") || !check_var($pub_password,
        "Password") || !check_var($pub_goto, "Special", "#^[\w=&%+]+$#")) {
        redirection("index.php?action=message&id_message=errordata&info");
    }

    if (!isset($pub_login) || !isset($pub_password)) {
        redirection("index.php?action=message&id_message=errorfatal&info");
    } else {
        $request = "select user_id, user_active from " . TABLE_USER .
            " where user_name = '" .  $db->sql_escape_string($pub_login) .
            "' and user_password = '" . md5(sha1($pub_password)) . "'";
        $result = $db->sql_query($request);
        if (list($user_id, $user_active) = $db->sql_fetch_row($result)) {
            if ($user_active == 1) {
                $request = "select user_lastvisit from " . TABLE_USER . " where user_id = " . $user_id;
                $result = $db->sql_query($request);
                list($lastvisit) = $db->sql_fetch_row($result);

                $request = "update " . TABLE_USER . " set user_lastvisit = " . time() .
                    " where user_id = " . $user_id;
                $db->sql_query($request);
                
                $request = "update " . TABLE_STATISTIC .
                    " set statistic_value = statistic_value + 1";
                $request .= " where statistic_name = 'connection_server'";
                $db->sql_query($request);
                if ($db->sql_affectedrows() == 0) {
                    $request = "insert ignore into " . TABLE_STATISTIC .
                        " values ('connection_server', '1')";
                    $db->sql_query($request);
                }

                session_set_user_id($user_id, $lastvisit);
                log_('login');
                if(!isset($url_append)){
                	$url_append="";
                }
                redirection("index.php?action=" . $pub_goto . "" . $url_append);
            } else {
                redirection("index.php?action=message&id_message=account_lock&info");
            }
        } else {
            redirection("index.php?action=message&id_message=login_wrong&info");
        }
    }
}
/**
* Login d'un utilisateur avec redirection
* @global string $pub_login
* @global string $pub_password
* @global string $pub_goto
*/
function user_login_redirection()
{
	global $pub_login, $pub_password, $pub_goto, $url_append;
	
	if($pub_goto=='galaxy'){
		global $pub_galaxy, $pub_system;
		$url_append="&galaxy=" . $pub_galaxy . "&system=" . $pub_system;		
		user_login();
	} else {
		user_login();
	}
}

/**
 * Deconnection utilisateur
 */
function user_logout()
{
    log_("logout");
    session_close();
    redirection("index.php");
}
/**
 * Verification de la validite des inputs utilisateurs
 * @param string $type Type de variable verifie (pseudo,groupname,password,galaxy,system)
 * @param string $string La chaine teste
 * @return false|string 
 */
function string_check($type, $string)
{
    if ($type == "pseudo" || $type == "groupname") {
        $length_min = 3;
        $length_max = 15;
    } elseif ($type = "password") {
        $length_min = 6;
        $length_max = 15;
    } elseif ($type = "galaxy") {
        $length_min = 1;
        $length_max = 999;
    } elseif ($type = "system" || $type = "systems") {
        $length_min = 1;
        $length_max = 999;
    }

    $string = trim($string);
    if (strlen($string) < $length_min || strlen($string) > $length_max) {
        return false;
    }

    return $string;
}

/**
 * Modification des droits ogspy d'un utilisateur par l'admin
 */
function admin_user_set()
{
    global $user_data;
    global $pub_user_id, $pub_active, $pub_user_coadmin, $pub_management_user, $pub_management_ranking;

    if (!check_var($pub_user_id, "Num") || !check_var($pub_active, "Num") || !
        check_var($pub_user_coadmin, "Num") || !check_var($pub_management_user, "Num") ||
        !check_var($pub_management_ranking, "Num")) {
        redirection("index.php?action=message&id_message=errordata&info");
    }

    if (!isset($pub_user_id) || !isset($pub_active)) {
        redirection("index.php?action=message&id_message=admin_modifyuser_failed&info");
    }

    //Vérification des droits
    user_check_auth("user_update", $pub_user_id);

    if ($user_data["user_admin"] == 1) {
        if (!isset($pub_user_coadmin) || !isset($pub_management_user) || !isset($pub_management_ranking)) {
            redirection("index.php?action=message&id_message=admin_modifyuser_failed&info");
        }
    } elseif ($user_data["user_coadmin"] == 1) {
        $pub_user_coadmin = null;
        if (!isset($pub_management_user) || !isset($pub_management_ranking)) {
            redirection("index.php?action=message&id_message=admin_modifyuser_failed&info");
        }
    } else {
        $pub_user_coadmin = $pub_management_user = null;
    }
    if (user_get($pub_user_id) === false) {
        redirection("index.php?action=message&id_message=admin_modifyuser_failed&info");
    }
    user_set_grant($pub_user_id, null, $pub_active, $pub_user_coadmin, $pub_management_user,
        $pub_management_ranking);
    redirection("index.php?action=administration&subaction=member");
}

/**
 * Generation d'un mot de passe par l'admin pour un utilisateur
 */
function admin_regeneratepwd()
{
    global $user_data;
    global $pub_user_id; // $pub_new_pass;
    $pass_id = "pub_pass_" . $pub_user_id;
    global $$pass_id;
    $new_pass = $$pass_id;

    if (!check_var($pub_user_id, "Num")) {
        redirection("index.php?action=message&id_message=errordata&info");
    }

    if (!isset($pub_user_id)) {
        redirection("index.php?action=message&id_message=errorfatal&info");
    }

    user_check_auth("user_update", $pub_user_id);

    if (user_get($pub_user_id) === false) {
        redirection("index.php?action=message&id_message=regeneratepwd_failed&info");
    }
    if ($new_pass != "") {
        $password = $new_pass;
    } else {
        $password = password_generator();
    }
    user_set_general($pub_user_id, null, $password);

    $info = $pub_user_id . ":" . $password;
    log_("regeneratepwd", $pub_user_id);
    redirection("index.php?action=message&id_message=regeneratepwd_success&info=" .
        $info);
}

/**
 * Modification du profil par un utilisateur
 * @todo Query : x11
 */
function member_user_set()
{
    global $db, $user_data, $user_technology;
    global $pub_pseudo, $pub_old_password, $pub_new_password, $pub_new_password2, $pub_galaxy,
        $pub_system, $pub_skin, $pub_disable_ip_check, $pub_off_amiral, $pub_off_ingenieur,
        $pub_off_geologue, $pub_off_technocrate, $pub_pseudo_ingame;

    if (!check_var($pub_pseudo, "Text") || !check_var($pub_old_password, "Text") ||
        !check_var($pub_new_password, "Text") || !check_var($pub_new_password2,
        "CharNum") || !check_var($pub_galaxy, "Num") || !check_var($pub_system, "Num") ||
        !check_var($pub_skin, "URL") || !check_var($pub_disable_ip_check, "Num") || !
        check_var($pub_pseudo_ingame, "Pseudo_ingame")) {
        redirection("index.php?action=message&id_message=errordata&info");
    }

    $user_id = $user_data["user_id"];
    $user_info = user_get($user_id);
	$user_empire = user_get_empire();
	$user_technology = $user_empire["technology"];

    $password_validated = null;
    if (!isset($pub_pseudo) || !isset($pub_old_password) || !isset($pub_new_password) ||
        !isset($pub_new_password2) || !isset($pub_galaxy) || !isset($pub_system) || !
        isset($pub_skin)) {
        redirection("index.php?action=message&id_message=member_modifyuser_failed&info");
    }

    if ($pub_old_password != "" || $pub_new_password != "" || $pub_new_password2 !=
        "") {
        if ($pub_old_password == "" || $pub_new_password == "" || $pub_new_password != $pub_new_password2) {
            redirection("index.php?action=message&id_message=member_modifyuser_failed_passwordcheck&info");
        }
        if (md5(sha1($pub_old_password)) != $user_info[0]["user_password"]) {
            redirection("index.php?action=message&id_message=member_modifyuser_failed_passwordcheck&info");
        }
        if (!check_var($pub_new_password, "Password")) {
            redirection("index.php?action=message&id_message=member_modifyuser_failed_password&info");
        }
    }

    if (!check_var($pub_pseudo, "Pseudo_Groupname")) {
        redirection("index.php?action=message&id_message=member_modifyuser_failed_pseudo&info");
    }

    //pseudo ingame
    if ($user_data["user_stat_name"] !== $pub_pseudo_ingame) {
        user_set_stat_name($pub_pseudo_ingame);
    }


    //compte amiral
    if ($user_data['off_amiral'] == "0" && $pub_off_amiral == 1) {
        $db->sql_query("UPDATE " . TABLE_USER .
            " SET `off_amiral` = '1' WHERE `user_id` = " . $user_id);
    }
    if ($user_data['off_amiral'] == 1 && (is_null($pub_off_amiral) || $pub_off_amiral !=
        1)) {
        $db->sql_query("UPDATE " . TABLE_USER .
            " SET `off_amiral` = '0' WHERE `user_id` = " . $user_id);
    }

    //compte ingenieur
    if ($user_data['off_ingenieur'] == "0" && $pub_off_ingenieur == 1) {
        $db->sql_query("UPDATE " . TABLE_USER .
            " SET `off_ingenieur` = '1' WHERE `user_id` = " . $user_id);
    }
    if ($user_data['off_ingenieur'] == 1 && (is_null($pub_off_ingenieur) || $pub_off_ingenieur !=
        1)) {
        $db->sql_query("UPDATE " . TABLE_USER .
            " SET `off_ingenieur` = '0' WHERE `user_id` = " . $user_id);
    }

    //compte geologue
    if ($user_data['off_geologue'] == "0" && $pub_off_geologue == 1) {
        $db->sql_query("UPDATE " . TABLE_USER .
            " SET `off_geologue` = '1' WHERE `user_id` = " . $user_id);
    }
    if ($user_data['off_geologue'] == 1 && (is_null($pub_off_geologue) || $pub_off_geologue !=
        1)) {
        $db->sql_query("UPDATE " . TABLE_USER .
            " SET `off_geologue` = '0' WHERE `user_id` = " . $user_id);
    }

    //compte technocrate
    if ($user_data['off_technocrate'] == "0" && $pub_off_technocrate == 1) {
        $db->sql_query("UPDATE " . TABLE_USER .
            " SET `off_technocrate` = '1' WHERE `user_id` = " . $user_id);
        $tech = $user_technology['Esp'] + 2;
        $db->sql_query("UPDATE " . TABLE_USER_TECHNOLOGY . " SET `Esp` = " . $tech .
            " WHERE `user_id` = " . $user_id);
    }
    if ($user_data['off_technocrate'] == 1 && (is_null($pub_off_technocrate) || $pub_off_technocrate !=
        1)) {
        $db->sql_query("UPDATE " . TABLE_USER .
            " SET `off_technocrate` = '0' WHERE `user_id` = " . $user_id);
        $tech = $user_technology['Esp'] - 2;
        $db->sql_query("UPDATE " . TABLE_USER_TECHNOLOGY . " SET `Esp` = " . $tech .
            " WHERE `user_id` = " . $user_id);
    }

    //Contrôle que le pseudo ne soit pas déjŕ utilisé
    $request = "select * from " . TABLE_USER . " where user_name = '" .
         $db->sql_escape_string($pub_pseudo) . "' and user_id <> " . $user_id;
    $result = $db->sql_query($request);
    if ($db->sql_numrows($result) != 0) {
        redirection("index.php?action=message&id_message=member_modifyuser_failed_pseudolocked&info");
    }

    if (is_null($pub_disable_ip_check) || $pub_disable_ip_check != 1)
        $pub_disable_ip_check = 0;

    user_set_general($user_id, $pub_pseudo, $pub_new_password, null, $pub_galaxy, $pub_system,
        $pub_skin, $pub_disable_ip_check);
    redirection("index.php?action=profile");
}

/**
 * Entree en BDD de donnees utilisateur
 * @todo Query x1
 */
function user_set_general($user_id, $user_name = null, $user_password = null, $user_lastvisit = null,
    $user_galaxy = null, $user_system = null, $user_skin = null, $disable_ip_check = null)
{
    global $db, $user_data, $server_config;

    if (!isset($user_id)) {
        redirection("index.php?action=message&id_message=errorfatal&info");
    }

    if (!empty($user_galaxy)) {
        $user_galaxy = intval($user_galaxy);
        if ($user_galaxy < 1 || $user_galaxy > intval($server_config['num_of_galaxies']))
            $user_galaxy = 1;
    }
    if (!empty($user_system)) {
        $user_system = intval($user_system);
        if ($user_system < 1 || $user_system > intval($server_config['num_of_systems']))
            $user_system = 1;
    }

    $update = "";

    //Pseudo et mot de passe
    if (!empty($user_name))
        $update .= "user_name = '" .  $db->sql_escape_string($user_name) . "'";
    if (!empty($user_password))
        $update .= ((strlen($update) > 0) ? ", " : "") . "user_password = '" . md5(sha1
            ($user_password)) . "'";

    //Galaxy et systčme solaire du membre
    if (!empty($user_galaxy))
        $update .= ((strlen($update) > 0) ? ", " : "") . "user_galaxy = '" . $user_galaxy .
            "'";
    if (!empty($user_system))
        $update .= ((strlen($update) > 0) ? ", " : "") . "user_system = '" . $user_system .
            "'";

    //Derničre visite
    if (!empty($user_lastvisit))
        $update .= ((strlen($update) > 0) ? ", " : "") . "user_lastvisit = '" . $user_lastvisit .
            "'";

    //Skin
    if (!is_null($user_skin)) {
        if (strlen($user_skin) > 0 && substr($user_skin, strlen($user_skin) - 1) != "/")
            $user_skin .= "/";
        $update .= ((strlen($update) > 0) ? ", " : "") . "user_skin = '" .
             $db->sql_escape_string($user_skin) . "'";
    }

    //Désactivation de la vérification de l'adresse ip
    if (!is_null($disable_ip_check))
        $update .= ((strlen($update) > 0) ? ", " : "") . "disable_ip_check = '" . $disable_ip_check .
            "'";


    $request = "update " . TABLE_USER . " set " . $update . " where user_id = " . $user_id;
    $db->sql_query($request);

    if ($user_id == $user_data['user_id']) {
        log_("modify_account");
    } else {
        log_("modify_account_admin", $user_id);
    }
}

/**
 * Enregistrement des droits et status utilisateurs
 * @todo Query : x2
 */
function user_set_grant($user_id, $user_admin = null, $user_active = null, $user_coadmin = null,
    $management_user = null, $management_ranking = null)
{
    global $db, $user_data;

    if (!isset($user_id)) {
        redirection("index.php?action=message&id_message=errorfatal&info");
    }

    //Vérification des droits
    user_check_auth("user_update", $user_id);

    $update = "";

    //Activation membre
    if (!is_null($user_active)) {
        $update .= ((strlen($update) > 0) ? ", " : "") . "user_active = '" . intval($user_active) .
            "'";
        if (intval($user_active) == 0) {
            $request = "delete from " . TABLE_SESSIONS . " where session_user_id = " . $user_id;
            $db->sql_query($request);
        }
    }

    //Co-administration
    if (!is_null($user_coadmin)) {
        $update .= ((strlen($update) > 0) ? ", " : "") . "user_coadmin = '" . intval($user_coadmin) .
            "'";
    }

    //Gestion des membres
    if (!is_null($management_user)) {
        $update .= ((strlen($update) > 0) ? ", " : "") . "management_user = '" . intval($management_user) .
            "'";
    }

    //Gestion des classements
    if (!is_null($management_ranking)) {
        $update .= ((strlen($update) > 0) ? ", " : "") . "management_ranking = '" .
            intval($management_ranking) . "'";
    }


    $request = "update " . TABLE_USER . " set " . $update . " where user_id = " . $user_id;
    $db->sql_query($request);

    if ($user_id == $user_data['user_id']) {
        log_("modify_account");
    } else {
        log_("modify_account_admin", $user_id);
    }
}
/**
 * Enregistrement des statistiques utilisateurs
 * @todo Query : x1
 */
function user_set_stat($planet_added_web = null, $planet_added_ogs = null, $search = null,
    $spy_added_web = null, $spy_added_ogs = null, $rank_added_web = null, $rank_added_ogs = null,
    $planet_exported = null, $spy_exported = null, $rank_exported = null)
{
    global $db, $user_data;

    $update = "";

    //Statistiques envoi systčmes solaires et rapports d'espionnage
    if (!is_null($planet_added_web))
        $update .= ((strlen($update) > 0) ? ", " : "") .
            "planet_added_web = planet_added_web + " . $planet_added_web;
    if (!is_null($planet_added_ogs))
        $update .= ((strlen($update) > 0) ? ", " : "") .
            "planet_added_ogs = planet_added_ogs + " . $planet_added_ogs;
    if (!is_null($search))
        $update .= ((strlen($update) > 0) ? ", " : "") . "search = search + " . $search;
    if (!is_null($spy_added_web))
        $update .= ((strlen($update) > 0) ? ", " : "") .
            "spy_added_web = spy_added_web + " . $spy_added_web;
    if (!is_null($spy_added_ogs))
        $update .= ((strlen($update) > 0) ? ", " : "") .
            "spy_added_ogs = spy_added_ogs + " . $spy_added_ogs;
    if (!is_null($rank_added_web))
        $update .= ((strlen($update) > 0) ? ", " : "") .
            "rank_added_web = rank_added_web + " . $rank_added_web;
    if (!is_null($rank_added_ogs))
        $update .= ((strlen($update) > 0) ? ", " : "") .
            "rank_added_ogs = rank_added_ogs + " . $rank_added_ogs;
    if (!is_null($planet_exported))
        $update .= ((strlen($update) > 0) ? ", " : "") .
            "planet_exported = planet_exported + " . $planet_exported;
    if (!is_null($spy_exported))
        $update .= ((strlen($update) > 0) ? ", " : "") .
            "spy_exported = spy_exported + " . $spy_exported;
    if (!is_null($rank_exported))
        $update .= ((strlen($update) > 0) ? ", " : "") .
            "rank_exported = rank_exported + " . $rank_exported;

    $request = "update " . TABLE_USER . " set " . $update . " where user_id = " . $user_data["user_id"];
    $db->sql_query($request);
}

/**
 * Recuperation d'une ligne d'information utilisateur
 * @param int $user_id Identificateur optionnel d'1 utilisateur specifique 
 * @return Array Liste des utilisateurs ou de l'utilisateur specifique
 * @comment Pourrait peut etre avantageusement remplace par select * from TABLE_USER
 * @comment pour les eventuels champs supplementaires
 * @todo Query : x1
 */
function user_get($user_id = false)
{
    global $db;

    $request = "select user_id, user_name, user_password, user_active, user_regdate, user_lastvisit," .
        " user_galaxy, user_system, user_admin, user_coadmin, management_user, management_ranking, disable_ip_check" .
        " from " . TABLE_USER;

    if ($user_id !== false) {
        $request .= " where user_id = " . $user_id;
    }
    $request .= " order by user_name";
    $result = $db->sql_query($request);

    $info_users = array();
    while ($row = $db->sql_fetch_assoc($result)) {

        $info_users[] = $row;
    }

    if (sizeof($info_users) == 0) {
        return false;
    }

    return $info_users;
}
/**
 * Recuperation des droits d'un utilisateur
 * @param int $user_id Identificateur de l'utilisateur demande
 * @todo Query : x1
 * @return Array Tableau des droits
 */
function user_get_auth($user_id)
{
    global $db;

    $user_info = user_get($user_id);
    $user_info = $user_info[0];
    if ($user_info["user_admin"] == 1 || $user_info["user_coadmin"] == 1) {
        $user_auth = array("server_set_system" => 1, "server_set_spy" => 1,
            "server_set_rc" => 1, "server_set_ranking" => 1, "server_show_positionhided" =>
            1, "ogs_connection" => 1, "ogs_set_system" => 1, "ogs_get_system" => 1,
            "ogs_set_spy" => 1, "ogs_get_spy" => 1, "ogs_set_ranking" => 1,
            "ogs_get_ranking" => 1);

        return $user_auth;
    }

    $request = "select server_set_system, server_set_spy, server_set_rc, server_set_ranking, server_show_positionhided,";
    $request .= " ogs_connection, ogs_set_system, ogs_get_system, ogs_set_spy, ogs_get_spy, ogs_set_ranking, ogs_get_ranking";
    $request .= " from " . TABLE_GROUP . " g, " . TABLE_USER_GROUP . " u";
    $request .= " where g.group_id = u.group_id";
    $request .= " and user_id = " . $user_id;
    $result = $db->sql_query($request);

    if ($db->sql_numrows($result) > 0) {
        $user_auth = array("server_set_system" => 0, "server_set_spy" => 0,
            "server_set_rc" => 0, "server_set_ranking" => 0, "server_show_positionhided" =>
            0, "ogs_connection" => 0, "ogs_set_system" => 0, "ogs_get_system" => 0,
            "ogs_set_spy" => 0, "ogs_get_spy" => 0, "ogs_set_ranking" => 0,
            "ogs_get_ranking" => 0);

        while ($row = $db->sql_fetch_assoc($result)) {
            if ($row["server_set_system"] == 1)
                $user_auth["server_set_system"] = 1;
            if ($row["server_set_spy"] == 1)
                $user_auth["server_set_spy"] = 1;
            if ($row["server_set_rc"] == 1)
                $user_auth["server_set_rc"] = 1;
            if ($row["server_set_ranking"] == 1)
                $user_auth["server_set_ranking"] = 1;
            if ($row["server_show_positionhided"] == 1)
                $user_auth["server_show_positionhided"] = 1;
            if ($row["ogs_connection"] == 1)
                $user_auth["ogs_connection"] = 1;
            if ($row["ogs_set_system"] == 1)
                $user_auth["ogs_set_system"] = 1;
            if ($row["ogs_get_system"] == 1)
                $user_auth["ogs_get_system"] = 1;
            if ($row["ogs_set_spy"] == 1)
                $user_auth["ogs_set_spy"] = 1;
            if ($row["ogs_get_spy"] == 1)
                $user_auth["ogs_get_spy"] = 1;
            if ($row["ogs_set_ranking"] == 1)
                $user_auth["ogs_set_ranking"] = 1;
            if ($row["ogs_get_ranking"] == 1)
                $user_auth["ogs_get_ranking"] = 1;
        }
    } else {
        $user_auth = array("server_set_system" => 0, "server_set_spy" => 0,
            "server_set_ranking" => 0, "server_show_positionhided" => 0, "ogs_connection" =>
            0, "ogs_set_system" => 0, "ogs_get_system" => 0, "ogs_set_spy" => 0,
            "ogs_get_spy" => 0, "ogs_set_ranking" => 0, "ogs_get_ranking" => 0);
    }

    return $user_auth;
}

/**
 * Creation d'un utilisateur a partir des donnees du formulaire admin
 * @comment redirection si erreur de type de donnee
 * @todo Query : x3
 */
function user_create()
{
    global $db, $user_data;
    global $pub_pseudo, $pub_user_id, $pub_active, $pub_user_coadmin, $pub_management_user,
        $pub_management_ranking, $pub_group_id, $pub_pass;

    if (!check_var($pub_pseudo, "Pseudo_Groupname")) {
        redirection("index.php?action=message&id_message=errordata&info=1");
    }

    if (!isset($pub_pseudo)) {
        redirection("index.php?action=message&id_message=createuser_failed_general&info");
    }

    //Vérification des droits
    user_check_auth("user_create");

    if (!check_var($pub_pseudo, "Pseudo_Groupname")) {
        redirection("index.php?action=message&id_message=createuser_failed_pseudo&info=" .
            $pub_pseudo);
    }

    if (!check_var($pub_pass, "Password")) {
        redirection("index.php?action=message&id_message=createuser_failed_password&info=" .
            $pub_pseudo);
    }

    if ($pub_pass != "") {
        $password = $pub_pass;
    } else {
        $password = password_generator();
    }
    //$request = "select user_id from ".TABLE_USER." where user_name = '". $db->sql_escape_string($pub_pseudo)."'";
    $request = "select user_id from " . TABLE_USER . " where user_name = '" . $pub_pseudo .
        "'";
    $result = $db->sql_query($request);
    if ($db->sql_numrows($result) == 0) {
        //$request = "insert into ".TABLE_USER." (user_name, user_password, user_regdate, user_active)".
        //" values ('". $db->sql_escape_string($pub_pseudo)."', '".md5(sha1($password))."', ".time().", '1')";
        $request = "insert into " . TABLE_USER .
            " (user_name, user_password, user_regdate, user_active)" . " values ('" . $pub_pseudo .
            "', '" . md5(sha1($password)) . "', " . time() . ", '1')";
        $db->sql_query($request);
        $user_id = $db->sql_insertid();

        $request = "insert into " . TABLE_USER_GROUP . " (group_id, user_id) values (" .
            $pub_group_id . ", " . $user_id . ")";
        $db->sql_query($request);

        $info = $user_id . ":" . $password;
        log_("create_account", $user_id);
        user_set_grant($user_id, null, $pub_active, $pub_user_coadmin, $pub_management_user,
            $pub_management_ranking);
        redirection("index.php?action=message&id_message=createuser_success&info=" . $info);
    } else {
        redirection("index.php?action=message&id_message=createuser_failed_pseudolocked&info=" .
            $pub_pseudo);
    }
}
/**
 * Suppression d'un utilisateur ($pub_user_id)
 * @todo Query : x12
 */
function user_delete()
{
    global $db, $user_data;
    global $pub_user_id;

    if (!check_var($pub_user_id, "Num")) {
        redirection("index.php?action=message&id_message=errordata&info");
    }

    if (!isset($pub_user_id)) {
        redirection("index.php?action=message&id_message=createuser_failed_general&info");
    }

    user_check_auth("user_update", $pub_user_id);

    log_("delete_account", $pub_user_id);
    $request = "delete from " . TABLE_USER . " where user_id = " . $pub_user_id;
    $db->sql_query($request);

    $request = "delete from " . TABLE_USER_GROUP . " where user_id = " . $pub_user_id;
    $db->sql_query($request);

    $request = "delete from " . TABLE_USER_BUILDING . " where user_id = " . $pub_user_id;
    $db->sql_query($request);

    $request = "delete from " . TABLE_USER_FAVORITE . " where user_id = " . $pub_user_id;
    $db->sql_query($request);

    $request = "delete from " . TABLE_USER_DEFENCE . " where user_id = " . $pub_user_id;
    $db->sql_query($request);

    $request = "delete from " . TABLE_USER_SPY . " where user_id = " . $pub_user_id;
    $db->sql_query($request);

    $request = "delete from " . TABLE_USER_TECHNOLOGY . " where user_id = " . $pub_user_id;
    $db->sql_query($request);

    $request = "update " . TABLE_RANK_PLAYER_FLEET .
        " set sender_id = 0 where sender_id = " . $pub_user_id;
    $db->sql_query($request);

    $request = "update " . TABLE_RANK_PLAYER_POINTS .
        " set sender_id = 0 where sender_id = " . $pub_user_id;
    $db->sql_query($request);

    $request = "update " . TABLE_RANK_PLAYER_RESEARCH .
        " set sender_id = 0 where sender_id = " . $pub_user_id;
    $db->sql_query($request);

    $request = "update " . TABLE_UNIVERSE .
        " set last_update_user_id = 0 where last_update_user_id = " . $pub_user_id;
    $db->sql_query($request);

    session_close($pub_user_id);

    redirection("index.php?action=administration&subaction=member");
}
/**
 * Recuperation des statistiques
 * @todo Query : x1
 */
function user_statistic()
{
    global $db;

    $request = "select user_id, user_name, planet_added_web, planet_added_ogs, search, spy_added_web, spy_added_ogs, rank_added_web, rank_added_ogs, planet_exported, spy_exported, rank_exported, xtense_type, xtense_version";
    $request .= " from " . TABLE_USER .
        " order by (planet_added_web + planet_added_ogs) desc";
    $result = $db->sql_query($request);

    $user_statistic = array();
    while ($row = $db->sql_fetch_assoc($result)) {
        $here = "";
        $request = "select session_ogs from " . TABLE_SESSIONS .
            " where session_user_id = " . $row["user_id"];
        $result_2 = $db->sql_query($request);
        if ($db->sql_numrows($result_2) > 0) {
            $here = "(*)";
            list($session_ogs) = $db->sql_fetch_row($result_2);
            if ($session_ogs == 1)
                $here = "(**)";
        }
        $user_statistic[] = array_merge($row, array("here" => $here));
    }

    return $user_statistic;
}
/**
 * Enregistrement des donnees Empires d'un utilisateur
 */
function user_set_empire()
{
    global $pub_typedata, $pub_data, $pub_planet_id, $pub_planet_name, $pub_fields,
        $pub_coordinates, $pub_temperature_min, $pub_temperature_max, $pub_satellite;

    if (!isset($pub_typedata) || !isset($pub_data)) {
        redirection("index.php?action=message&id_message=errorfatal&info");
    }

    switch ($pub_typedata) {
        case "B":
            if (!isset($pub_planet_name) || !isset($pub_fields) || !isset($pub_coordinates) ||
                !isset($pub_temperature_min) || !isset($pub_temperature_max) || !isset($pub_satellite)) {
                redirection("index.php?action=message&id_message=errorfatal&info");
            }
            user_set_building($pub_data, $pub_planet_id, $pub_planet_name, $pub_fields, $pub_coordinates,
                $pub_temperature_min, $pub_temperature_max, $pub_satellite);
            break;

        case "T":
            user_set_technology($pub_data);
            break;

        case "D":
            if (!isset($pub_planet_name) || !isset($pub_fields) || !isset($pub_coordinates) ||
                !isset($pub_temperature_min) || !isset($pub_temperature_max) || !isset($pub_satellite)) {
                redirection("index.php?action=message&id_message=errorfatal&info");
            }
            user_set_defence($pub_data, $pub_planet_id, $pub_planet_name, $pub_fields, $pub_coordinates,
                $pub_temperature_min, $pub_temperature_max, $pub_satellite);
            break;

        case "E":
            user_set_all_empire($pub_data);
            break;


        default:
            redirection("index.php?action=message&id_message=errorfatal&info");
            break;
    }

    redirection("index.php?action=home&subaction=empire");
}
/**
 * Enregistrement de toutes les données empires
 */
function user_set_all_empire($data)
{
    global $db, $user_data;
    global $pub_view;
    require_once ("parameters/lang_empire.php");

    $data = str_replace("-", "0", $data);
    $data = str_replace(".", "", $data);
    $data = stripcslashes($data);
    $lines = explode(chr(10), $data);
    $OK = false;
    $etape = "";
    $planetes_total_row = false;
    foreach ($lines as $line) {
        $arr = array();
        $line = trim($line);

        if ($line == "Vue d'ensemble de votre empire") {
            $OK = true;
            continue;
        }

        if ($OK) {
            if (preg_match("#^Coordonnées\s+\[(.*)\]$#", $line, $arr)) {
                $coordonnees = preg_split("/\]\s+\[/", $arr[1]);
                $planetes_total_row = sizeof($coordonnees) + 1;
                if ($planetes_total_row > 10)
                    return false;

                $link_building = array($lang_building["M"] => "M", $lang_building["C"] => "C", $lang_building["D"] =>
                    "D", $lang_building["CES"] => "CES", $lang_building["CEF"] => "CEF", $lang_building["UdR"] =>
                    "UdR", $lang_building["UdN"] => "UdN", $lang_building["CSp"] => "CSp", $lang_building["HM"] =>
                    "HM", $lang_building["HC"] => "HC", $lang_building["HD"] => "HD", $lang_building["Lab"] =>
                    "Lab", $lang_building["Ter"] => "Ter", $lang_building["Silo"] => "Silo", $lang_building["BaLu"] =>
                    "BaLu", $lang_building["Pha"] => "Pha", $lang_building["PoSa"] => "PoSa");

                $buildings = array("M" => array_fill(0, $planetes_total_row, 0), "C" =>
                    array_fill(0, $planetes_total_row, 0), "D" => array_fill(0, $planetes_total_row,
                    0), "CES" => array_fill(0, $planetes_total_row, 0), "CEF" => array_fill(0, $planetes_total_row,
                    0), "UdR" => array_fill(0, $planetes_total_row, 0), "UdN" => array_fill(0, $planetes_total_row,
                    0), "CSp" => array_fill(0, $planetes_total_row, 0), "HM" => array_fill(0, $planetes_total_row,
                    0), "HC" => array_fill(0, $planetes_total_row, 0), "HD" => array_fill(0, $planetes_total_row,
                    0), "Lab" => array_fill(0, $planetes_total_row, 0), "Ter" => array_fill(0, $planetes_total_row,
                    0), "Silo" => array_fill(0, $planetes_total_row, 0), "BaLu" => array_fill(0, $planetes_total_row,
                    0), "Pha" => array_fill(0, $planetes_total_row, 0), "PoSa" => array_fill(0, $planetes_total_row,
                    0));

                $link_defence = array($lang_defence["LM"] => "LM", $lang_defence["LLE"] => "LLE",
                    $lang_defence["LLO"] => "LLO", $lang_defence["CG"] => "CG", $lang_defence["AI"] =>
                    "AI", $lang_defence["LP"] => "LP", $lang_defence["PB"] => "PB", $lang_defence["GB"] =>
                    "GB", $lang_defence["MIC"] => "MIC", $lang_defence["MIP"] => "MIP");

                $defences = array("LM" => array_fill(0, $planetes_total_row, 0), "LLE" =>
                    array_fill(0, $planetes_total_row, 0), "LLO" => array_fill(0, $planetes_total_row,
                    0), "CG" => array_fill(0, $planetes_total_row, 0), "AI" => array_fill(0, $planetes_total_row,
                    0), "LP" => array_fill(0, $planetes_total_row, 0), "PB" => array_fill(0, $planetes_total_row,
                    0), "GB" => array_fill(0, $planetes_total_row, 0), "MIC" => array_fill(0, $planetes_total_row,
                    0), "MIP" => array_fill(0, $planetes_total_row, 0));

                $link_technology = array($lang_technology["Esp"] => "Esp", $lang_technology["Ordi"] =>
                    "Ordi", $lang_technology["Armes"] => "Armes", $lang_technology["Bouclier"] =>
                    "Bouclier", $lang_technology["Protection"] => "Protection", $lang_technology["NRJ"] =>
                    "NRJ", $lang_technology["Hyp"] => "Hyp", $lang_technology["RC"] => "RC", $lang_technology["RI"] =>
                    "RI", $lang_technology["PH"] => "PH", $lang_technology["Laser"] => "Laser", $lang_technology["Ions"] =>
                    "Ions", $lang_technology["Plasma"] => "Plasma", $lang_technology["RRI"] => "RRI",
                    $lang_technology["Graviton"] => "Graviton", $lang_technology["Astrophysique"] =>
                    "Astrophysique");

                $technologies = array("Esp" => 0, "Ordi" => 0, "Armes" => 0, "Bouclier" => 0,
                    "Protection" => 0, "NRJ" => 0, "Hyp" => 0, "RC" => 0, "RI" => 0, "PH" => 0,
                    "Laser" => 0, "Ions" => 0, "Plasma" => 0, "RRI" => 0, "Graviton" => 0,
                    "Astrophysique" => 0);

                $satellites = array_fill(0, $planetes_total_row, 0);
                $cases = array_fill(0, $planetes_total_row, 0);

                // creation du masque ici
                $masq = "#^((?:\s?\S+)+)\s+";
                for ($i = 0; $i < ($planetes_total_row - 1); $i++) {
                    $masq .= "(\d+)(?:|\s\d+|\s\(\d+\))\s+";
                }
                $masq .= "(\d+)(?:\s\d+|\s\(\d+\))*$#";

                continue;
            }

            if ($OK && $planetes_total_row !== false) {

                if (preg_match("#^Cases\s+\d+\/((?:\d+\s+(?:\d+)\/(?:\d+)\s*){1," . $planetes_total_row .
                    "})$#", $line, $arr)) {
                    $cases = preg_split("/\s+\d+\//", $arr[1]);
                    if (sizeof($cases) != $planetes_total_row)
                        return false;
                    continue;
                }

                if (preg_match("#^(" . $lang_empire["Batiment"] . "|" . $lang_empire["Recherche"] .
                    "|" . $lang_empire["Vaisseaux"] . "|" . $lang_empire["Défense"] . ")$#", $line)) {
                    $etape = $line;
                    continue;
                }

                if ($etape != "" && preg_match($masq, $line, $arr)) {

                    $building = $arr[1];
                    $levels = array_slice($arr, 2);

                    switch ($etape) {
                        case "Bâtiments":
                            if (isset($link_building[$building])) {
                                if (sizeof($levels) != $planetes_total_row)
                                    return false;
                                $buildings[$link_building[$building]] = $levels;
                            }
                            break;
                        case "Recherche":
                            if (isset($link_technology[$building])) {
                                if (sizeof($levels) != $planetes_total_row)
                                    return false;
                                $technologies[$link_technology[$building]] = max($levels);
                            }
                            break;
                        case "Vaisseaux":
                            if ($building == "Satellite solaire") {
                                if (sizeof($levels) != $planetes_total_row)
                                    return false;
                                $satellites = $levels;
                            }
                            break;
                        case "Défense":
                            if (isset($link_defence[$building])) {
                                if (sizeof($levels) != $planetes_total_row)
                                    return false;
                                $defences[$link_defence[$building]] = $levels;
                            }
                            break;
                        default:
                            redirection("index.php?action=message&id_message=set_empire_failed_data&info");
                    }
                    continue;
                }

            }
        }
    }
    if ($OK && $planetes_total_row !== false) {
        $j = 19;
        for ($i = 0; $i < $planetes_total_row; $i++) {
            if ($pub_view == "moons") {
                $request = "select planet_id from " . TABLE_USER_BUILDING .
                    " where coordinates = '" . $coordonnees[$i] . "' and planet_id > 9";
                $result = $db->sql_query($request);
                if ($db->sql_numrows($result) > 0) {
                    list($planete_id) = $db->sql_fetch_row($result);
                } else {
                    $request = "select planet_id from " . TABLE_USER_BUILDING . " where user_id = " .
                        $user_data["user_id"] . " and coordinates = '" . $coordonnees[$i] . "'";
                    $result = $db->sql_query($request);
                    list($planete_id) = $db->sql_fetch_row($result);
                    if (!$planete_id) {
                        $planete_id = $j;
                        $j++;
                    } else
                        $planete_id += 9;
                }
            } else
                $planete_id = $i + 1;

            if ($pub_view == "planets")
                $case = $cases[$i] - 5 * $buildings["Ter"][$i];
            else
                $case = 1;

            $request = "update " . TABLE_USER_BUILDING . " set coordinates = '" . $coordonnees[$i] .
                "', `fields` = " . $case . " , Sat = " . $satellites[$i];
            $request .= ", M = " . $buildings["M"][$i] . ", C = " . $buildings["C"][$i] .
                ", D = " . $buildings["D"][$i];
            $request .= ", CES = " . $buildings["CES"][$i] . ", CEF = " . $buildings["CEF"][$i] .
                ", UdR = " . $buildings["UdR"][$i];
            $request .= ", UdN = " . $buildings["UdN"][$i] . ", CSp = " . $buildings["CSp"][$i] .
                ", HM = " . $buildings["HM"][$i];
            $request .= ", HC = " . $buildings["HC"][$i] . ", HD = " . $buildings["HD"][$i] .
                ", Lab = " . $buildings["Lab"][$i];
            $request .= ", Ter = " . $buildings["Ter"][$i] . ", Silo = " . $buildings["Silo"][$i] .
                ", BaLu = " . $buildings["BaLu"][$i];
            $request .= ", Pha = " . $buildings["Pha"][$i] . ", PoSa = " . $buildings["PoSa"][$i] . ($pub_view ==
                'lunes' ? ', planet_name = \'Lune\'' : '');
            $request .= " where user_id = " . $user_data["user_id"] . " and planet_id = " .
                $planete_id;
            $db->sql_query($request);
            if ($db->sql_affectedrows() == 0) {
                $request = "insert ignore into " . TABLE_USER_BUILDING .
                    " (user_id, planet_id, planet_name, coordinates, `fields`, temperature_min, temperature_max, Sat, M, C, D, CES, CEF, UdR, UdN, CSp, HM, HC, HD, Lab, Ter, Silo, BaLu, Pha, PoSa)";
                $request .= " values (" . $user_data["user_id"] . ", " . $planete_id . ", '" . ($pub_view ==
                    'moons' ? 'Lune' : 'planete ' . $planete_id) . "', '" . $coordonnees[$i] . "', " .
                    $case . ", 0, " . $satellites[$i];
                $request .= ", " . $buildings["M"][$i] . ", " . $buildings["C"][$i] . ", " . $buildings["D"][$i];
                $request .= ", " . $buildings["CES"][$i] . ", " . $buildings["CEF"][$i] . ", " .
                    $buildings["UdR"][$i];
                $request .= ", " . $buildings["UdN"][$i] . ", " . $buildings["CSp"][$i] . ", " .
                    $buildings["HM"][$i];
                $request .= ", " . $buildings["HC"][$i] . ", " . $buildings["HD"][$i] . ", " . $buildings["Lab"][$i];
                $request .= ", " . $buildings["Ter"][$i] . ", " . $buildings["Silo"][$i] . ", " .
                    $buildings["BaLu"][$i];
                $request .= ", " . $buildings["Pha"][$i] . ", " . $buildings["PoSa"][$i] . ")";
                $db->sql_query($request);
            }

            $request = "delete from " . TABLE_USER_DEFENCE . " where user_id = " . $user_data["user_id"] .
                " and planet_id= " . $planete_id;
            $db->sql_query($request);

            $request = "insert into " . TABLE_USER_DEFENCE .
                " (user_id, planet_id, LM, LLE, LLO, CG, AI, LP, PB, GB, MIC, MIP)";
            $request .= " values (" . $user_data["user_id"] . ", " . $planete_id . ", " . $defences["LM"][$i] .
                ", " . $defences["LLE"][$i] . "," . $defences["LLO"][$i] . ", " . $defences["CG"][$i] .
                ", " . $defences["AI"][$i] . ", " . $defences["LP"][$i] . ", " . $defences["PB"][$i] .
                ", " . $defences["GB"][$i] . ", " . $defences["MIC"][$i] . ", " . $defences["MIP"][$i] .
                ")";
            $db->sql_query($request);
        }
        if ($pub_view == "planets") {
            $request = "delete from " . TABLE_USER_TECHNOLOGY . " where user_id = " . $user_data["user_id"];
            $db->sql_query($request);

            $request = "insert into " . TABLE_USER_TECHNOLOGY .
                " (user_id, esp, Ordi, Armes, Bouclier, Protection, NRJ, Hyp, RC, RI, PH, Laser, Ions, Plasma, RRI, Graviton, Astrophysique)";
            $request .= " values (" . $user_data["user_id"] . ", " . $technologies["Esp"] .
                ", " . $technologies["Ordi"] . "," . $technologies["Armes"] . ", " . $technologies["Bouclier"] .
                ", " . $technologies["Protection"] . ", " . $technologies["NRJ"] . ", " . $technologies["Hyp"] .
                ", " . $technologies["RC"] . ", " . $technologies["RI"] . ", " . $technologies["PH"] .
                ", " . $technologies["Laser"] . ", " . $technologies["Ions"] . ", " . $technologies["Plasma"] .
                ", " . $technologies["RRI"] . ", " . $technologies["Graviton"] . ", " . $technologies["Astrophysique"] .
                ");";
            $db->sql_query($request);
        }


        if ($pub_view == "planets")
            redirection("index.php?action=home&subaction=empire&view=" . $pub_view .
                "&alert_empire=true");
        else
            redirection("index.php?action=home&subaction=empire&view=" . $pub_view);
    } else
        redirection("index.php?action=message&id_message=set_empire_failed_data&info");
}


/**
 * remise en ordre des lunes en fonctions des positions des planetes
 */
function user_set_all_empire_resync_moon()
{
    global $db, $user_data;


    // lews planetes
    $request = "select planet_id, coordinates";
    $request .= " from " . TABLE_USER_BUILDING;
    $request .= " where user_id = " . $user_data["user_id"];
    $request .= " and planet_id <= 199";
    $request .= " order by planet_id";
    $result = $db->sql_query($request);

    while (list($planet_id, $coordinates) = $db->sql_fetch_row($result)) {
        $planet_position[$coordinates] = $planet_id;
    }

    // les lunes
    $request = "select planet_id, coordinates";
    $request .= " from " . TABLE_USER_BUILDING;
    $request .= " where user_id = " . $user_data["user_id"];
    $request .= " and planet_id > 199";
    $request .= " order by planet_id";
    $result = $db->sql_query($request);

    while (list($planet_id, $coordinates) = $db->sql_fetch_row($result)) {
        $moon_position[$coordinates] = $planet_id;
    }

    // on ressort les complexes planete / lune ayant la meme cle
    $complexe = array_intersect_key($planet_position, $moon_position);

    /// on passe les id se modifiant a 300
    foreach ($complexe as $cle_com => $valeur_com) {
        $nouvelle_valeur = $planet_position[$cle_com] + 200;
        $request = "UPDATE " . TABLE_USER_DEFENCE . " SET planet_id  = " . $nouvelle_valeur .
            " WHERE  planet_id = " . $moon_position[$cle_com] . " and user_id = " . $user_data["user_id"] .
            "";
        $db->sql_query($request);
        $request = "UPDATE " . TABLE_USER_BUILDING . " SET planet_id  = " . $nouvelle_valeur .
            " WHERE  planet_id = " . $moon_position[$cle_com] . " and user_id = " . $user_data["user_id"] .
            "";
        $db->sql_query($request);
    }

    /// on remet le tout a 200 pour lunes
    $request = "UPDATE " . TABLE_USER_BUILDING .
        " SET planet_id  = planet_id -100 WHERE  planet_id > 299 and user_id = " . $user_data["user_id"] .
        "";
    $db->sql_query($request);
    $request = "UPDATE " . TABLE_USER_DEFENCE .
        " SET planet_id  = planet_id -100 WHERE  planet_id > 299 and user_id = " . $user_data["user_id"] .
        "";
    $db->sql_query($request);

}
/**
 * remise en ordre des planetes sans espaces vides ...
 * ( les id doivent se suivre 101,102,103 etc etc)
 */
function user_set_all_empire_resync_planet()
{
    global $db, $user_data;

    $nb_planete = find_nb_planete_user();

    $request = "select planet_id, coordinates";
    $request .= " from " . TABLE_USER_BUILDING;
    $request .= " where user_id = " . $user_data["user_id"];
    $request .= " and planet_id <= 199";
    $request .= " order by planet_id";
    $result = $db->sql_query($request);

    while (list($planet_id, $coordinates) = $db->sql_fetch_row($result)) {
        $planet_position[$coordinates] = $planet_id;
    }


    $i = 101;
    foreach ($planet_position as $cle => $valeur) {

        // planete
        $request = "update " . TABLE_USER_BUILDING . " set planet_id = " . $i .
            " where planet_id = " . $valeur;
        $db->sql_query($request);
        $request = "update " . TABLE_USER_DEFENCE…
Large files files are truncated, but you can click here to view the full file