PageRenderTime 80ms CodeModel.GetById 19ms RepoModel.GetById 0ms app.codeStats 1ms

/GameEngine/Account.php

https://github.com/TravianWar/Travianx
PHP | 226 lines | 199 code | 17 blank | 10 comment | 65 complexity | bf0e4fe711a17d0a9d236f2d48195ad4 MD5 | raw file
    

  1. <?php
    2. 

  2. #################################################################################
    3. 

  3. ##              -= YOU MAY NOT REMOVE OR CHANGE THIS NOTICE =-                 ##
    4. 

  4. ## --------------------------------------------------------------------------- ##
    5. 

  5. ##  Filename       Account.php                                                 ##
    6. 

  6. ##  Developed by:  Dzoki                                                       ##
    7. 

  7. ##  License:       TravianX Project                                            ##
    8. 

  8. ##  Copyright:     TravianX (c) 2010-2011. All rights reserved.                ##
    9. 

  9. ##                                                                             ##
    10. 

  10. #################################################################################
    11. 

  11. 

  12. include("Session.php");
    13. 

  13. 

  14. class Account {
    15. 

  15. 	
    16. 

  16. 	function Account() {
    17. 

  17. 		global $session;
    18. 

  18. 		if(isset($_POST['ft'])) {
    19. 

  19. 			switch($_POST['ft']) {
    20. 

  20. 				case "a1":
    21. 

  21. 				$this->Signup();
    22. 

  22. 				break;
    23. 

  23. 				case "a2":
    24. 

  24. 				$this->Activate();
    25. 

  25. 				break;
    26. 

  26. 				case "a3":
    27. 

  27. 				$this->Unreg();
    28. 

  28. 				break;
    29. 

  29. 				case "a4":
    30. 

  30. 				$this->Login();
    31. 

  31. 				break;
    32. 

  32. 			}
    33. 

  33. 		} if(isset($_GET['code'])) {
    34. 

  34. 		$_POST['id'] = $_GET['code']; $this->Activate();
    35. 

  35. 		}
    36. 

  36. 		else {
    37. 

  37. 			if($session->logged_in && in_array("logout.php",explode("/",$_SERVER['PHP_SELF']))) {
    38. 

  38. 				$this->Logout();
    39. 

  39. 			}
    40. 

  40. 		}
    41. 

  41. 	}
    42. 

  42. 	
    43. 

  43. 	private function Signup() {
    44. 

  44. 		global $database,$form,$mailer,$generator,$session;
    45. 

  45. 		if(!isset($_POST['name']) || $_POST['name'] == "") {
    46. 

  46. 			$form->addError("name",USRNM_EMPTY);
    47. 

  47. 		}
    48. 

  48. 		else {
    49. 

  49. 			if(strlen($_POST['name']) < USRNM_MIN_LENGTH) {
    50. 

  50. 				$form->addError("name",USRNM_SHORT);
    51. 

  51. 			}
    52. 

  52. 			else if(!USRNM_SPECIAL && preg_match('/[^0-9A-Za-z]/',$_POST['name'])) {
    53. 

  53. 				$form->addError("name",USRNM_CHAR);
    54. 

  54. 			}
    55. 

  55. 			else if($database->checkExist($_POST['name'],0)) {
    56. 

  56. 				$form->addError("name",USRNM_TAKEN);
    57. 

  57. 			}
    58. 

  58. 			else if($database->checkExist_activate($_POST['name'],0)) {
    59. 

  59. 				$form->addError("name",USRNM_TAKEN);
    60. 

  60. 			}
    61. 

  61. 			
    62. 

  62. 		}
    63. 

  63. 		if(!isset($_POST['pw']) || $_POST['pw'] == "") {
    64. 

  64. 			$form->addError("pw",PW_EMPTY);
    65. 

  65. 		}
    66. 

  66. 		else {
    67. 

  67. 			if(strlen($_POST['pw']) < PW_MIN_LENGTH) {
    68. 

  68. 				$form->addError("pw",PW_SHORT);
    69. 

  69. 			}
    70. 

  70. 			else if($_POST['pw'] == $_POST['name']) {
    71. 

  71. 				$form->addError("pw",PW_INSECURE);
    72. 

  72. 			}
    73. 

  73. 		}
    74. 

  74. 		if(!isset($_POST['email'])) {
    75. 

  75. 			$form->addError("email",EMAIL_EMPTY);
    76. 

  76. 		}
    77. 

  77. 		else {
    78. 

  78. 			if(!$this->validEmail($_POST['email'])) {
    79. 

  79. 				$form->addError("email",EMAIL_INVALID);
    80. 

  80. 			}
    81. 

  81. 			else if($database->checkExist($_POST['email'],1)) {
    82. 

  82. 				$form->addError("email",EMAIL_TAKEN);
    83. 

  83. 			}
    84. 

  84. 			else if($database->checkExist_activate($_POST['email'],1)) {
    85. 

  85. 				$form->addError("email",EMAIL_TAKEN);
    86. 

  86. 			}
    87. 

  87. 		}
    88. 

  88. 		if(!isset($_POST['vid'])) {
    89. 

  89. 			$form->addError("tribe",TRIBE_EMPTY);
    90. 

  90. 		}
    91. 

  91. 		if(!isset($_POST['agb'])) {
    92. 

  92. 			$form->addError("agree",AGREE_ERROR);
    93. 

  93. 		}
    94. 

  94. 		if($form->returnErrors() > 0) {
    95. 

  95. 			$_SESSION['errorarray'] = $form->getErrors();
    96. 

  96. 			$_SESSION['valuearray'] = $_POST;
    97. 

  97. 			
    98. 

  98. 			header("Location: anmelden.php");
    99. 

  99. 		}
    100. 

  100. 		else {
    101. 

  101. 			if(AUTH_EMAIL){
    102. 

  102. 			$act = $generator->generateRandStr(10);
    103. 

  103. 			$act2 = $generator->generateRandStr(5);
    104. 

  104. 				$uid = $database->activate($_POST['name'],md5($_POST['pw']),$_POST['email'],$_POST['vid'],$_POST['kid'],$act,$act2);
    105. 

  105. 				if($uid) {
    106. 

  106. 	
    107. 

  107. 					$mailer->sendActivate($_POST['email'],$_POST['name'],$_POST['pw'],$act);
    108. 

  108. 					header("Location: activate.php?id=$uid&q=$act2");
    109. 

  109. 				}
    110. 

  110. 			}
    111. 

  111. 			else {
    112. 

  112. 				$uid = $database->register($_POST['name'],md5($_POST['pw']),$_POST['email'],$_POST['vid'],$_POST['kid'],$act);
    113. 

  113. 				if($uid) {
    114. 

  114. 					setcookie("COOKUSR",$_POST['name'],time()+COOKIE_EXPIRE,COOKIE_PATH);
    115. 

  115. 					setcookie("COOKEMAIL",$_POST['email'],time()+COOKIE_EXPIRE,COOKIE_PATH);
    116. 

  116. 	
    117. 

  117. 					$database->updateUserField($uid,"act","",1);
    118. 

  118. 					$this->generateBase($_POST['kid'],$uid,$_POST['name']);
    119. 

  119. 					header("Location: login.php");
    120. 

  120. 				}
    121. 

  121. 			}
    122. 

  122. 		}
    123. 

  123. 	}
    124. 

  124. 	
    125. 

  125. 	private function Activate() {
    126. 

  126. 		global $database;
    127. 

  127. 		$q = "SELECT * FROM ".TB_PREFIX."activate where act = '".$_POST['id']."'";
    128. 

  128. 		$result = mysql_query($q, $database->connection);
    129. 

  129. 		$dbarray = mysql_fetch_array($result);
    130. 

  130. 		if($dbarray['act'] == $_POST['id']) {
    131. 

  131. 			$uid = $database->register($dbarray['username'],$dbarray['password'],$dbarray['email'],$dbarray['tribe'],$dbarray['location'],"");
    132. 

  132. 			if($uid) {
    133. 

  133. 			$database->unreg($dbarray['username']);
    134. 

  134. 			$this->generateBase($dbarray['kid'],$uid,$dbarray['username']);
    135. 

  135. 			header("Location: activate.php?e=2");
    136. 

  136. 			}
    137. 

  137. 		}
    138. 

  138. 		else {
    139. 

  139. 			header("Location: activate.php?e=3");
    140. 

  140. 		}
    141. 

  141. 	}
    142. 

  142. 	
    143. 

  143. 	private function Unreg() {
    144. 

  144. 		global $database;
    145. 

  145. 		$q = "SELECT * FROM ".TB_PREFIX."activate where id = '".$_POST['id']."'";
    146. 

  146. 		$result = mysql_query($q, $database->connection);
    147. 

  147. 		$dbarray = mysql_fetch_array($result);
    148. 

  148. 		if(md5($_POST['pw']) == $dbarray['password']) {
    149. 

  149. 			$database->unreg($dbarray['username']);
    150. 

  150. 			header("Location: anmelden.php");
    151. 

  151. 		}
    152. 

  152. 		else {
    153. 

  153. 			header("Location: activate.php?e=3");
    154. 

  154. 		}
    155. 

  155. 	}
    156. 

  156. 	
    157. 

  157. 	private function Login() {
    158. 

  158. 		global $database,$session,$form;
    159. 

  159. 		if(!isset($_POST['user']) || $_POST['user'] == "") {
    160. 

  160. 			$form->addError("user",LOGIN_USR_EMPTY);
    161. 

  161. 		}
    162. 

  162. 		else if(!$database->checkExist($_POST['user'],0)) {
    163. 

  163. 			$form->addError("user",USR_NT_FOUND);
    164. 

  164. 		}
    165. 

  165. 		if(!isset($_POST['pw']) || $_POST['pw'] == "") {
    166. 

  166. 			$form->addError("pw",LOGIN_PASS_EMPTY);
    167. 

  167. 		}
    168. 

  168. 		else if(!$database->login($_POST['user'],$_POST['pw']) && !$database->sitterLogin($_POST['user'],$_POST['pw'])) {
    169. 

  169. 			$form->addError("pw",LOGIN_PW_ERROR);
    170. 

  170. 		}
    171. 

  171. 		if($database->getUserField($_POST['user'],"act",1) != "") {
    172. 

  172. 			$form->addError("activate",$_POST['user']);
    173. 

  173. 		}
    174. 

  174. 		if($form->returnErrors() > 0) {
    175. 

  175. 			$_SESSION['errorarray'] = $form->getErrors();
    176. 

  176. 			$_SESSION['valuearray'] = $_POST;
    177. 

  177. 			
    178. 

  178. 			header("Location: login.php");
    179. 

  179. 		}
    180. 

  180. 		else {
    181. 

  181. 			setcookie("COOKUSR",$_POST['user'],time()+COOKIE_EXPIRE,COOKIE_PATH);
    182. 

  182. 			$database->UpdateOnline("login" ,$_POST['user'],time());
    183. 

  183. 			$session->login($_POST['user']);
    184. 

  184. 		}
    185. 

  185. 	}
    186. 

  186. 	
    187. 

  187. 	private function Logout() {
    188. 

  188. 		global $session,$database;
    189. 

  189. 		unset($_SESSION['wid']);
    190. 

  190. 		$database->activeModify($session->username,1);
    191. 

  191. 		$database->UpdateOnline("logout") or die(mysql_error());
    192. 

  192. 		$session->Logout();
    193. 

  193. 	}
    194. 

  194. 	
    195. 

  195. 	private function validEmail($email) {
    196. 

  196. 	  $regexp="/^[a-z0-9]+([_\\.-][a-z0-9]+)*@([a-z0-9]+([\.-][a-z0-9]+)*)+\\.[a-z]{2,}$/i";
    197. 

  197. 	  if ( !preg_match($regexp, $email) ) {
    198. 

  198. 		   return false;
    199. 

  199. 	  }
    200. 

  200. 	  return true;
    201. 

  201. 	}
    202. 

  202. 	
    203. 

  203. 	function generateBase($kid,$uid,$username) {
    204. 

  204. 		global $database,$message;
    205. 

  205. 		//$database->updateUserField($uid,"location","",1);
    206. 

  206. 		if($kid == 0) {
    207. 

  207. 			$kid = rand(1,4);
    208. 

  208. 		}
    209. 

  209. 		else{
    210. 

  210. 			$kid = $_POST['kid'];
    211. 

  211. 		}
    212. 

  212. 		
    213. 

  213. 		$wid = $database->generateBase($kid);
    214. 

  214. 		$database->setFieldTaken($wid);
    215. 

  215. 		$database->addVillage($wid,$uid,$username,1);
    216. 

  216. 		$database->addResourceFields($wid,$database->getVillageType($wid));
    217. 

  217. 		$database->addUnits($wid);
    218. 

  218. 		$database->addTech($wid);
    219. 

  219. 		$database->addABTech($wid);
    220. 

  220. 		$database->updateUserField($uid,"access",USER,1);
    221. 

  221. 		$message->sendWelcome($uid,$username);
    222. 

  222. 	}
    223. 

  223. 	
    224. 

  224. };
    225. 

  225. $account = new Account;
    226. 

  226. ?>
    227.