PageRenderTime 109ms CodeModel.GetById 19ms RepoModel.GetById 0ms app.codeStats 1ms

/GameEngine/Account.php

https://github.com/TravianWar/Travianx
PHP | 226 lines | 199 code | 17 blank | 10 comment | 65 complexity | bf0e4fe711a17d0a9d236f2d48195ad4 MD5 | raw file
  1. <?php
  2. #################################################################################
  3. ## -= YOU MAY NOT REMOVE OR CHANGE THIS NOTICE =- ##
  4. ## --------------------------------------------------------------------------- ##
  5. ## Filename Account.php ##
  6. ## Developed by: Dzoki ##
  7. ## License: TravianX Project ##
  8. ## Copyright: TravianX (c) 2010-2011. All rights reserved. ##
  9. ## ##
  10. #################################################################################
  11. include("Session.php");
  12. class Account {
  13. function Account() {
  14. global $session;
  15. if(isset($_POST['ft'])) {
  16. switch($_POST['ft']) {
  17. case "a1":
  18. $this->Signup();
  19. break;
  20. case "a2":
  21. $this->Activate();
  22. break;
  23. case "a3":
  24. $this->Unreg();
  25. break;
  26. case "a4":
  27. $this->Login();
  28. break;
  29. }
  30. } if(isset($_GET['code'])) {
  31. $_POST['id'] = $_GET['code']; $this->Activate();
  32. }
  33. else {
  34. if($session->logged_in && in_array("logout.php",explode("/",$_SERVER['PHP_SELF']))) {
  35. $this->Logout();
  36. }
  37. }
  38. }
  39. private function Signup() {
  40. global $database,$form,$mailer,$generator,$session;
  41. if(!isset($_POST['name']) || $_POST['name'] == "") {
  42. $form->addError("name",USRNM_EMPTY);
  43. }
  44. else {
  45. if(strlen($_POST['name']) < USRNM_MIN_LENGTH) {
  46. $form->addError("name",USRNM_SHORT);
  47. }
  48. else if(!USRNM_SPECIAL && preg_match('/[^0-9A-Za-z]/',$_POST['name'])) {
  49. $form->addError("name",USRNM_CHAR);
  50. }
  51. else if($database->checkExist($_POST['name'],0)) {
  52. $form->addError("name",USRNM_TAKEN);
  53. }
  54. else if($database->checkExist_activate($_POST['name'],0)) {
  55. $form->addError("name",USRNM_TAKEN);
  56. }
  57. }
  58. if(!isset($_POST['pw']) || $_POST['pw'] == "") {
  59. $form->addError("pw",PW_EMPTY);
  60. }
  61. else {
  62. if(strlen($_POST['pw']) < PW_MIN_LENGTH) {
  63. $form->addError("pw",PW_SHORT);
  64. }
  65. else if($_POST['pw'] == $_POST['name']) {
  66. $form->addError("pw",PW_INSECURE);
  67. }
  68. }
  69. if(!isset($_POST['email'])) {
  70. $form->addError("email",EMAIL_EMPTY);
  71. }
  72. else {
  73. if(!$this->validEmail($_POST['email'])) {
  74. $form->addError("email",EMAIL_INVALID);
  75. }
  76. else if($database->checkExist($_POST['email'],1)) {
  77. $form->addError("email",EMAIL_TAKEN);
  78. }
  79. else if($database->checkExist_activate($_POST['email'],1)) {
  80. $form->addError("email",EMAIL_TAKEN);
  81. }
  82. }
  83. if(!isset($_POST['vid'])) {
  84. $form->addError("tribe",TRIBE_EMPTY);
  85. }
  86. if(!isset($_POST['agb'])) {
  87. $form->addError("agree",AGREE_ERROR);
  88. }
  89. if($form->returnErrors() > 0) {
  90. $_SESSION['errorarray'] = $form->getErrors();
  91. $_SESSION['valuearray'] = $_POST;
  92. header("Location: anmelden.php");
  93. }
  94. else {
  95. if(AUTH_EMAIL){
  96. $act = $generator->generateRandStr(10);
  97. $act2 = $generator->generateRandStr(5);
  98. $uid = $database->activate($_POST['name'],md5($_POST['pw']),$_POST['email'],$_POST['vid'],$_POST['kid'],$act,$act2);
  99. if($uid) {
  100. $mailer->sendActivate($_POST['email'],$_POST['name'],$_POST['pw'],$act);
  101. header("Location: activate.php?id=$uid&q=$act2");
  102. }
  103. }
  104. else {
  105. $uid = $database->register($_POST['name'],md5($_POST['pw']),$_POST['email'],$_POST['vid'],$_POST['kid'],$act);
  106. if($uid) {
  107. setcookie("COOKUSR",$_POST['name'],time()+COOKIE_EXPIRE,COOKIE_PATH);
  108. setcookie("COOKEMAIL",$_POST['email'],time()+COOKIE_EXPIRE,COOKIE_PATH);
  109. $database->updateUserField($uid,"act","",1);
  110. $this->generateBase($_POST['kid'],$uid,$_POST['name']);
  111. header("Location: login.php");
  112. }
  113. }
  114. }
  115. }
  116. private function Activate() {
  117. global $database;
  118. $q = "SELECT * FROM ".TB_PREFIX."activate where act = '".$_POST['id']."'";
  119. $result = mysql_query($q, $database->connection);
  120. $dbarray = mysql_fetch_array($result);
  121. if($dbarray['act'] == $_POST['id']) {
  122. $uid = $database->register($dbarray['username'],$dbarray['password'],$dbarray['email'],$dbarray['tribe'],$dbarray['location'],"");
  123. if($uid) {
  124. $database->unreg($dbarray['username']);
  125. $this->generateBase($dbarray['kid'],$uid,$dbarray['username']);
  126. header("Location: activate.php?e=2");
  127. }
  128. }
  129. else {
  130. header("Location: activate.php?e=3");
  131. }
  132. }
  133. private function Unreg() {
  134. global $database;
  135. $q = "SELECT * FROM ".TB_PREFIX."activate where id = '".$_POST['id']."'";
  136. $result = mysql_query($q, $database->connection);
  137. $dbarray = mysql_fetch_array($result);
  138. if(md5($_POST['pw']) == $dbarray['password']) {
  139. $database->unreg($dbarray['username']);
  140. header("Location: anmelden.php");
  141. }
  142. else {
  143. header("Location: activate.php?e=3");
  144. }
  145. }
  146. private function Login() {
  147. global $database,$session,$form;
  148. if(!isset($_POST['user']) || $_POST['user'] == "") {
  149. $form->addError("user",LOGIN_USR_EMPTY);
  150. }
  151. else if(!$database->checkExist($_POST['user'],0)) {
  152. $form->addError("user",USR_NT_FOUND);
  153. }
  154. if(!isset($_POST['pw']) || $_POST['pw'] == "") {
  155. $form->addError("pw",LOGIN_PASS_EMPTY);
  156. }
  157. else if(!$database->login($_POST['user'],$_POST['pw']) && !$database->sitterLogin($_POST['user'],$_POST['pw'])) {
  158. $form->addError("pw",LOGIN_PW_ERROR);
  159. }
  160. if($database->getUserField($_POST['user'],"act",1) != "") {
  161. $form->addError("activate",$_POST['user']);
  162. }
  163. if($form->returnErrors() > 0) {
  164. $_SESSION['errorarray'] = $form->getErrors();
  165. $_SESSION['valuearray'] = $_POST;
  166. header("Location: login.php");
  167. }
  168. else {
  169. setcookie("COOKUSR",$_POST['user'],time()+COOKIE_EXPIRE,COOKIE_PATH);
  170. $database->UpdateOnline("login" ,$_POST['user'],time());
  171. $session->login($_POST['user']);
  172. }
  173. }
  174. private function Logout() {
  175. global $session,$database;
  176. unset($_SESSION['wid']);
  177. $database->activeModify($session->username,1);
  178. $database->UpdateOnline("logout") or die(mysql_error());
  179. $session->Logout();
  180. }
  181. private function validEmail($email) {
  182. $regexp="/^[a-z0-9]+([_\\.-][a-z0-9]+)*@([a-z0-9]+([\.-][a-z0-9]+)*)+\\.[a-z]{2,}$/i";
  183. if ( !preg_match($regexp, $email) ) {
  184. return false;
  185. }
  186. return true;
  187. }
  188. function generateBase($kid,$uid,$username) {
  189. global $database,$message;
  190. //$database->updateUserField($uid,"location","",1);
  191. if($kid == 0) {
  192. $kid = rand(1,4);
  193. }
  194. else{
  195. $kid = $_POST['kid'];
  196. }
  197. $wid = $database->generateBase($kid);
  198. $database->setFieldTaken($wid);
  199. $database->addVillage($wid,$uid,$username,1);
  200. $database->addResourceFields($wid,$database->getVillageType($wid));
  201. $database->addUnits($wid);
  202. $database->addTech($wid);
  203. $database->addABTech($wid);
  204. $database->updateUserField($uid,"access",USER,1);
  205. $message->sendWelcome($uid,$username);
  206. }
  207. };
  208. $account = new Account;
  209. ?>