Khaganat-NeL/khanat-opennel-code
1
0
Fork 0
Code Issues 21 Pull requests Packages Projects Releases 1 Wiki Activity

Merge

Browse source
This commit is contained in:
kaetemi 2014-09-03 07:07:55 +02:00
parent 82aaca7eea 50a3791553
commit 591a038ad3
44 changed files with 579 additions and 581 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
code/web/private_php/ams/smarty/libs/sysplugins/smarty_internal_utility.php
View file

@ -827,4 +827,4 @@ class Smarty_Internal_Utility {
} }
?> ?>

26
code/web/public_php/ams/func/activate_plugin.php
View file

@ -4,14 +4,14 @@
* This can be done by providing id using $_GET global variable of the plugin which * This can be done by providing id using $_GET global variable of the plugin which
* we want to activate. After getting id we update the respective plugin with status * we want to activate. After getting id we update the respective plugin with status
* activate which here means '1' . * activate which here means '1' .
* *
* @author Shubham Meena, mentored by Matthew Lagoe * @author Shubham Meena, mentored by Matthew Lagoe
*/ */
function activate_plugin() { function activate_plugin() {
// if logged in // if logged in
if ( WebUsers :: isLoggedIn() ) { if ( WebUsers :: isLoggedIn() ) {
if ( isset( $_GET['id'] ) ) if ( isset( $_GET['id'] ) )
{ {
// id of plugin to activate // id of plugin to activate
@ -22,20 +22,20 @@ function activate_plugin() {
{ {
// if result is successfull it redirects and shows success message // if result is successfull it redirects and shows success message
header( "Location: index.php?page=plugins&result=3" ); header( "Location: index.php?page=plugins&result=3" );
exit; die();
} }
else else
{ {
//if result is unsuccessfull it redirects and throws error //if result is unsuccessfull it redirects and throws error
header( "Location: index.php?page=plugins&result=4" ); header( "Location: index.php?page=plugins&result=4" );
exit; die();
} }
} }
else else
{ {
//if $_GET variable is not set it redirects and shows error //if $_GET variable is not set it redirects and shows error
header( "Location: index.php?page=plugins&result=4" ); header( "Location: index.php?page=plugins&result=4" );
exit; die();
} }
} }
} }

8
code/web/public_php/ams/func/add_sgroup.php
View file

@ -9,7 +9,7 @@ function add_sgroup(){
global $INGAME_WEBPATH; global $INGAME_WEBPATH;
global $WEBPATH; global $WEBPATH;
if(WebUsers::isLoggedIn()){ if(WebUsers::isLoggedIn()){
//check if admin //check if admin
if( Ticket_User::isAdmin(unserialize($_SESSION['ticket_user']))){ if( Ticket_User::isAdmin(unserialize($_SESSION['ticket_user']))){
$name = filter_var($_POST['Name'],FILTER_SANITIZE_STRING); $name = filter_var($_POST['Name'],FILTER_SANITIZE_STRING);
@ -20,7 +20,7 @@ function add_sgroup(){
$imap_mailserver = filter_var($_POST['IMAP_MailServer'], FILTER_SANITIZE_STRING); $imap_mailserver = filter_var($_POST['IMAP_MailServer'], FILTER_SANITIZE_STRING);
$imap_username = filter_var($_POST['IMAP_Username'], FILTER_SANITIZE_STRING); $imap_username = filter_var($_POST['IMAP_Username'], FILTER_SANITIZE_STRING);
$imap_password = filter_var($_POST['IMAP_Password'], FILTER_SANITIZE_STRING); $imap_password = filter_var($_POST['IMAP_Password'], FILTER_SANITIZE_STRING);
//create a new support group //create a new support group
$result['RESULT_OF_ADDING'] = Support_Group::createSupportGroup($name, $tag, $groupemail, $imap_mailserver, $imap_username, $imap_password); $result['RESULT_OF_ADDING'] = Support_Group::createSupportGroup($name, $tag, $groupemail, $imap_mailserver, $imap_username, $imap_password);
$result['permission'] = unserialize($_SESSION['ticket_user'])->getPermission(); $result['permission'] = unserialize($_SESSION['ticket_user'])->getPermission();
@ -41,12 +41,12 @@ function add_sgroup(){
//ERROR: No access! //ERROR: No access!
$_SESSION['error_code'] = "403"; $_SESSION['error_code'] = "403";
header("Location: index.php?page=error"); header("Location: index.php?page=error");
exit; die();
} }
}else{ }else{
//ERROR: not logged in! //ERROR: not logged in!
header("Location: index.php"); header("Location: index.php");
exit; die();
} }
} }

28
code/web/public_php/ams/func/add_user.php
View file

@ -11,7 +11,7 @@ function add_user(){
global $INGAME_WEBPATH; global $INGAME_WEBPATH;
$params = Array('Username' => $_POST["Username"], 'Password' => $_POST["Password"], 'ConfirmPass' => $_POST["ConfirmPass"], 'Email' => $_POST["Email"]); $params = Array('Username' => $_POST["Username"], 'Password' => $_POST["Password"], 'ConfirmPass' => $_POST["ConfirmPass"], 'Email' => $_POST["Email"]);
$webUser = new WebUsers(); $webUser = new WebUsers();
//check if the POST variables are valid, before actual registering //check if the POST variables are valid, before actual registering
$result = $webUser->check_Register($params); $result = $webUser->check_Register($params);
@ -30,14 +30,14 @@ function add_user(){
if(Helpers::check_if_game_client()){ if(Helpers::check_if_game_client()){
//if registering ingame then we have to set the header and dont need to reload the template. //if registering ingame then we have to set the header and dont need to reload the template.
header('Location: email_sent.php'); header('Location: email_sent.php');
exit; die();
} }
$pageElements['status'] = $status; $pageElements['status'] = $status;
$pageElements['no_visible_elements'] = 'TRUE'; $pageElements['no_visible_elements'] = 'TRUE';
$pageElements['ingame_webpath'] = $INGAME_WEBPATH; $pageElements['ingame_webpath'] = $INGAME_WEBPATH;
helpers :: loadtemplate( 'register_feedback', $pageElements); helpers :: loadtemplate( 'register_feedback', $pageElements);
exit; die();
}elseif ($_POST['page']=="settings"){ }elseif (isset($_POST['page']) && $_POST['page']=="settings"){
// pass error and reload template accordingly // pass error and reload template accordingly
$result['prevUsername'] = $_POST["Username"]; $result['prevUsername'] = $_POST["Username"];
$result['prevPassword'] = $_POST["Password"]; $result['prevPassword'] = $_POST["Password"];
@ -45,7 +45,7 @@ function add_user(){
$result['prevEmail'] = $_POST["Email"]; $result['prevEmail'] = $_POST["Email"];
$result['no_visible_elements'] = 'TRUE'; $result['no_visible_elements'] = 'TRUE';
helpers :: loadtemplate( 'settings', $result); helpers :: loadtemplate( 'settings', $result);
exit; die();
}else{ }else{
// pass error and reload template accordingly // pass error and reload template accordingly
$result['prevUsername'] = $_POST["Username"]; $result['prevUsername'] = $_POST["Username"];
@ -55,37 +55,35 @@ function add_user(){
$result['no_visible_elements'] = 'TRUE'; $result['no_visible_elements'] = 'TRUE';
$pageElements['ingame_webpath'] = $INGAME_WEBPATH; $pageElements['ingame_webpath'] = $INGAME_WEBPATH;
helpers :: loadtemplate( 'register', $result); helpers :: loadtemplate( 'register', $result);
exit; die();
} }
} }
//use the valid userdata to create the new user. //use the valid userdata to create the new user.
function write_user($newUser){ function write_user($newUser){
//create salt here, because we want it to be the same on the web/server //create salt here, because we want it to be the same on the web/server
$hashpass = crypt($newUser["pass"], WebUsers::generateSALT()); $hashpass = crypt($newUser["pass"], WebUsers::generateSALT());
$params = array( $params = array(
'Login' => $newUser["name"], 'Login' => $newUser["name"],
'Password' => $hashpass, 'Password' => $hashpass,
'Email' => $newUser["mail"] 'Email' => $newUser["mail"]
); );
try{ try{
//make new webuser //make new webuser
$user_id = WebUsers::createWebuser($params['Login'], $params['Password'], $params['Email']); $user_id = WebUsers::createWebuser($params['Login'], $params['Password'], $params['Email']);
//Create the user on the shard + in case shard is offline put copy of query in query db //Create the user on the shard + in case shard is offline put copy of query in query db
//returns: ok, shardoffline or liboffline //returns: ok, shardoffline or liboffline
$result = WebUsers::createUser($params, $user_id); $result = WebUsers::createUser($params, $user_id);
Users::createPermissions(array($newUser["name"])); Users::createPermissions(array($newUser["name"]));
}catch (PDOException $e) { }catch (PDOException $e) {
//go to error page or something, because can't access website db //go to error page or something, because can't access website db
print_r($e); print_r($e);
exit; die();
} }
return $result;
} }

14
code/web/public_php/ams/func/add_user_to_sgroup.php
View file

@ -9,7 +9,7 @@ function add_user_to_sgroup(){
global $INGAME_WEBPATH; global $INGAME_WEBPATH;
global $WEBPATH; global $WEBPATH;
if(WebUsers::isLoggedIn()){ if(WebUsers::isLoggedIn()){
//check if the that executed the task is an admin. //check if the that executed the task is an admin.
if( Ticket_User::isAdmin(unserialize($_SESSION['ticket_user'])) && isset($_POST['target_id'])){ if( Ticket_User::isAdmin(unserialize($_SESSION['ticket_user'])) && isset($_POST['target_id'])){
$name = filter_var($_POST['Name'],FILTER_SANITIZE_STRING); $name = filter_var($_POST['Name'],FILTER_SANITIZE_STRING);
@ -24,7 +24,7 @@ function add_user_to_sgroup(){
//return error message. //return error message.
$result['RESULT_OF_ADDING'] = "NOT_MOD_OR_ADMIN"; $result['RESULT_OF_ADDING'] = "NOT_MOD_OR_ADMIN";
} }
}else{ }else{
$result['RESULT_OF_ADDING'] = "USER_NOT_EXISTING"; $result['RESULT_OF_ADDING'] = "USER_NOT_EXISTING";
} }
@ -40,18 +40,18 @@ function add_user_to_sgroup(){
}else{ }else{
header("Location: ".$WEBPATH."?page=show_sgroup&id=".$id); header("Location: ".$WEBPATH."?page=show_sgroup&id=".$id);
} }
exit; die();
}else{ }else{
//ERROR: No access! //ERROR: No access!
$_SESSION['error_code'] = "403"; $_SESSION['error_code'] = "403";
header("Location: index.php?page=error"); header("Location: index.php?page=error");
exit; die();
} }
}else{ }else{
//ERROR: not logged in! //ERROR: not logged in!
header("Location: index.php"); header("Location: index.php");
exit; die();
} }
} }

42
code/web/public_php/ams/func/change_info.php
View file

@ -7,14 +7,14 @@
* @author Daan Janssens, mentored by Matthew Lagoe * @author Daan Janssens, mentored by Matthew Lagoe
*/ */
function change_info(){ function change_info(){
try{ try{
//if logged in //if logged in
if(WebUsers::isLoggedIn()){ if(WebUsers::isLoggedIn()){
if(isset($_POST['target_id'])){ if(isset($_POST['target_id'])){
// check if the user who executed this function is the person of whom the information is or if it's a mod/admin. // check if the user who executed this function is the person of whom the information is or if it's a mod/admin.
if( ($_POST['target_id'] == $_SESSION['id']) || Ticket_User::isMod(unserialize($_SESSION['ticket_user']) ) ){ if( ($_POST['target_id'] == $_SESSION['id']) || Ticket_User::isMod(unserialize($_SESSION['ticket_user']) ) ){
if($_POST['target_id'] == $_SESSION['id']){ if($_POST['target_id'] == $_SESSION['id']){
//if the info is of the executing user himself //if the info is of the executing user himself
@ -24,21 +24,21 @@ function change_info(){
$webUser = new WebUsers($_POST['target_id']); $webUser = new WebUsers($_POST['target_id']);
$target_username = $webUser->getUsername(); $target_username = $webUser->getUsername();
} }
$webUser = new WebUsers($_POST['target_id']); $webUser = new WebUsers($_POST['target_id']);
//use current info to check for changes //use current info to check for changes
$current_info = $webUser->getInfo(); $current_info = $webUser->getInfo();
$current_info['FirstName'] = filter_var($current_info['FirstName'], FILTER_SANITIZE_STRING); $current_info['FirstName'] = filter_var($current_info['FirstName'], FILTER_SANITIZE_STRING);
$current_info['LastName'] = filter_var($current_info['LastName'], FILTER_SANITIZE_STRING); $current_info['LastName'] = filter_var($current_info['LastName'], FILTER_SANITIZE_STRING);
$current_info['Country'] = filter_var($current_info['Country'], FILTER_SANITIZE_STRING); $current_info['Country'] = filter_var($current_info['Country'], FILTER_SANITIZE_STRING);
$current_info['Gender'] = filter_var($current_info['Gender'], FILTER_SANITIZE_NUMBER_INT); $current_info['Gender'] = filter_var($current_info['Gender'], FILTER_SANITIZE_NUMBER_INT);
$updated = false; $updated = false;
$values = Array(); $values = Array();
$values['user'] = $target_username; $values['user'] = $target_username;
//make the query that will update the data. //make the query that will update the data.
$query = "UPDATE ams_user SET "; $query = "UPDATE ams_user SET ";
if(($_POST['FirstName'] != "") && ($_POST['FirstName'] != $current_info['FirstName'])){ if(($_POST['FirstName'] != "") && ($_POST['FirstName'] != $current_info['FirstName'])){
@ -72,7 +72,7 @@ function change_info(){
} }
$updated = true; $updated = true;
$values['gender'] = filter_var($_POST['Gender'], FILTER_SANITIZE_NUMBER_INT); $values['gender'] = filter_var($_POST['Gender'], FILTER_SANITIZE_NUMBER_INT);
} }
//finish the query! //finish the query!
$query = $query . "WHERE Login = :user"; $query = $query . "WHERE Login = :user";
@ -80,7 +80,7 @@ function change_info(){
if($updated){ if($updated){
//execute the query in the web DB. //execute the query in the web DB.
$dbw = new DBLayer("web"); $dbw = new DBLayer("web");
$dbw->execute($query,$values); $dbw->execute($query,$values);
} }
//reload the settings inc function before recalling the settings template. //reload the settings inc function before recalling the settings template.
@ -97,29 +97,29 @@ function change_info(){
global $INGAME_WEBPATH; global $INGAME_WEBPATH;
$result['ingame_webpath'] = $INGAME_WEBPATH; $result['ingame_webpath'] = $INGAME_WEBPATH;
helpers :: loadtemplate( 'settings', $result); helpers :: loadtemplate( 'settings', $result);
exit; die();
}else{ }else{
//ERROR: permission denied! //ERROR: permission denied!
$_SESSION['error_code'] = "403"; $_SESSION['error_code'] = "403";
header("Location: index.php?page=error"); header("Location: index.php?page=error");
exit; die();
} }
}else{ }else{
//ERROR: The form was not filled in correclty //ERROR: The form was not filled in correclty
header("Location: index.php?page=settings"); header("Location: index.php?page=settings");
exit; die();
} }
}else{ }else{
//ERROR: user is not logged in //ERROR: user is not logged in
header("Location: index.php"); header("Location: index.php");
exit; die();
} }
}catch (PDOException $e) { }catch (PDOException $e) {
//go to error page or something, because can't access website db //go to error page or something, because can't access website db
print_r($e); print_r($e);
exit; die();
} }
} }

38
code/web/public_php/ams/func/change_mail.php
View file

@ -7,13 +7,13 @@
* @author Daan Janssens, mentored by Matthew Lagoe * @author Daan Janssens, mentored by Matthew Lagoe
*/ */
function change_mail(){ function change_mail(){
try{ try{
//if logged in //if logged in
if(WebUsers::isLoggedIn()){ if(WebUsers::isLoggedIn()){
if(isset($_POST['target_id'])){ if(isset($_POST['target_id'])){
//check if the user who executed this function is the person of whom the emailaddress is or if it's a mod/admin. //check if the user who executed this function is the person of whom the emailaddress is or if it's a mod/admin.
if( ($_POST['target_id'] == $_SESSION['id']) || Ticket_User::isMod(unserialize($_SESSION['ticket_user'])) ){ if( ($_POST['target_id'] == $_SESSION['id']) || Ticket_User::isMod(unserialize($_SESSION['ticket_user'])) ){
if($_POST['target_id'] == $_SESSION['id']){ if($_POST['target_id'] == $_SESSION['id']){
@ -24,22 +24,22 @@ function change_mail(){
$webUser = new WebUsers($_POST['target_id']); $webUser = new WebUsers($_POST['target_id']);
$target_username = $webUser->getUsername(); $target_username = $webUser->getUsername();
} }
$webUser = new WebUsers($_POST['target_id']); $webUser = new WebUsers($_POST['target_id']);
//check if emailaddress is valid. //check if emailaddress is valid.
$reply = $webUser->checkEmail($_POST['NewEmail']); $reply = $webUser->checkEmail($_POST['NewEmail']);
global $SITEBASE; global $SITEBASE;
require_once($SITEBASE . '/inc/settings.php'); require_once($SITEBASE . '/inc/settings.php');
$result = settings(); $result = settings();
if ( $reply != "success" ){ if ( $reply != "success" ){
$result['EMAIL_ERROR'] = 'TRUE'; $result['EMAIL_ERROR'] = 'TRUE';
}else{ }else{
$result['EMAIL_ERROR'] = 'FALSE'; $result['EMAIL_ERROR'] = 'FALSE';
} }
$result['prevNewEmail'] = filter_var($_POST["NewEmail"], FILTER_SANITIZE_EMAIL); $result['prevNewEmail'] = filter_var($_POST["NewEmail"], FILTER_SANITIZE_EMAIL);
if ($reply== "success"){ if ($reply== "success"){
//if validation was successful, update the emailaddress //if validation was successful, update the emailaddress
$status = WebUsers::setEmail($target_username, filter_var($_POST["NewEmail"], FILTER_SANITIZE_EMAIL) ); $status = WebUsers::setEmail($target_username, filter_var($_POST["NewEmail"], FILTER_SANITIZE_EMAIL) );
@ -58,8 +58,8 @@ function change_mail(){
} }
} }
helpers :: loadtemplate( 'settings', $result); helpers :: loadtemplate( 'settings', $result);
exit; die();
}else{ }else{
$result['EMAIL'] = $reply; $result['EMAIL'] = $reply;
$result['permission'] = unserialize($_SESSION['ticket_user'])->getPermission(); $result['permission'] = unserialize($_SESSION['ticket_user'])->getPermission();
@ -72,32 +72,32 @@ function change_mail(){
} }
} }
helpers :: loadtemplate( 'settings', $result); helpers :: loadtemplate( 'settings', $result);
exit; die();
} }
}else{ }else{
//ERROR: permission denied! //ERROR: permission denied!
$_SESSION['error_code'] = "403"; $_SESSION['error_code'] = "403";
header("Location: index.php?page=error"); header("Location: index.php?page=error");
exit; die();
} }
}else{ }else{
//ERROR: The form was not filled in correclty //ERROR: The form was not filled in correclty
header("Location: index.php?page=settings"); header("Location: index.php?page=settings");
exit; die();
} }
}else{ }else{
//ERROR: user is not logged in //ERROR: user is not logged in
header("Location: index.php"); header("Location: index.php");
exit; die();
} }
}catch (PDOException $e) { }catch (PDOException $e) {
//go to error page or something, because can't access website db //go to error page or something, because can't access website db
print_r($e); print_r($e);
exit; die();
} }
} }

34
code/web/public_php/ams/func/change_password.php
View file

@ -7,11 +7,11 @@
* @author Daan Janssens, mentored by Matthew Lagoe * @author Daan Janssens, mentored by Matthew Lagoe
*/ */
function change_password(){ function change_password(){
try{ try{
//if logged in //if logged in
if(WebUsers::isLoggedIn()){ if(WebUsers::isLoggedIn()){
if(isset($_POST['target_id'])){ if(isset($_POST['target_id'])){
$adminChangesOther = false; $adminChangesOther = false;
//if target_id is the same as session id or is admin //if target_id is the same as session id or is admin
@ -27,7 +27,7 @@ function change_password(){
$adminChangesOther = true; $adminChangesOther = true;
$_POST["CurrentPass"] = "dummypass"; $_POST["CurrentPass"] = "dummypass";
} }
$webUser = new WebUsers($_POST['target_id']); $webUser = new WebUsers($_POST['target_id']);
$params = Array( 'user' => $target_username, 'CurrentPass' => $_POST["CurrentPass"], 'NewPass' => $_POST["NewPass"], 'ConfirmNewPass' => $_POST["ConfirmNewPass"], 'adminChangesOther' => $adminChangesOther); $params = Array( 'user' => $target_username, 'CurrentPass' => $_POST["CurrentPass"], 'NewPass' => $_POST["NewPass"], 'ConfirmNewPass' => $_POST["ConfirmNewPass"], 'adminChangesOther' => $adminChangesOther);
$result = $webUser->check_change_password($params); $result = $webUser->check_change_password($params);
@ -47,10 +47,10 @@ function change_password(){
$succresult['username'] = $_SESSION['user']; $succresult['username'] = $_SESSION['user'];
$succresult['target_id'] = $_POST['target_id']; $succresult['target_id'] = $_POST['target_id'];
helpers :: loadtemplate( 'settings', $succresult); helpers :: loadtemplate( 'settings', $succresult);
exit; die();
}else{ }else{
$result['prevCurrentPass'] = filter_var($_POST["CurrentPass"], FILTER_SANITIZE_STRING); $result['prevCurrentPass'] = filter_var($_POST["CurrentPass"], FILTER_SANITIZE_STRING);
$result['prevNewPass'] = filter_var($_POST["NewPass"], FILTER_SANITIZE_STRING); $result['prevNewPass'] = filter_var($_POST["NewPass"], FILTER_SANITIZE_STRING);
$result['prevConfirmNewPass'] = filter_var($_POST["ConfirmNewPass"], FILTER_SANITIZE_STRING); $result['prevConfirmNewPass'] = filter_var($_POST["ConfirmNewPass"], FILTER_SANITIZE_STRING);
@ -62,35 +62,35 @@ function change_password(){
global $SITEBASE; global $SITEBASE;
require_once($SITEBASE . '/inc/settings.php'); require_once($SITEBASE . '/inc/settings.php');
$settings = settings(); $settings = settings();
$result = array_merge($result,$settings); $result = array_merge($result,$settings);
helpers :: loadtemplate( 'settings', $result); helpers :: loadtemplate( 'settings', $result);
exit; die();
} }
}else{ }else{
//ERROR: permission denied! //ERROR: permission denied!
$_SESSION['error_code'] = "403"; $_SESSION['error_code'] = "403";
header("Location: index.php?page=error"); header("Location: index.php?page=error");
exit; die();
} }
}else{ }else{
//ERROR: The form was not filled in correclty //ERROR: The form was not filled in correclty
header("Location: index.php?page=settings"); header("Location: index.php?page=settings");
exit; die();
} }
}else{ }else{
//ERROR: user is not logged in //ERROR: user is not logged in
header("Location: index.php"); header("Location: index.php");
exit; die();
} }
}catch (PDOException $e) { }catch (PDOException $e) {
//go to error page or something, because can't access website db //go to error page or something, because can't access website db
print_r($e); print_r($e);
exit; die();
} }
} }

26
code/web/public_php/ams/func/change_receivemail.php
View file

@ -6,15 +6,15 @@
* @author Daan Janssens, mentored by Matthew Lagoe * @author Daan Janssens, mentored by Matthew Lagoe
*/ */
function change_receivemail(){ function change_receivemail(){
try{ try{
//if logged in //if logged in
global $INGAME_WEBPATH; global $INGAME_WEBPATH;
global $WEBPATH; global $WEBPATH;
if(WebUsers::isLoggedIn()){ if(WebUsers::isLoggedIn()){
if(isset($_POST['target_id'])){ if(isset($_POST['target_id'])){
//check if the user who executed this function is the person of whom the setting is or if it's a mod/admin. //check if the user who executed this function is the person of whom the setting is or if it's a mod/admin.
if( ( ($_POST['target_id'] == $_SESSION['id']) || Ticket_User::isMod(unserialize($_SESSION['ticket_user']))) && isset($_POST['ReceiveMail']) ){ if( ( ($_POST['target_id'] == $_SESSION['id']) || Ticket_User::isMod(unserialize($_SESSION['ticket_user']))) && isset($_POST['ReceiveMail']) ){
$user_id = filter_var($_POST['target_id'], FILTER_SANITIZE_NUMBER_INT); $user_id = filter_var($_POST['target_id'], FILTER_SANITIZE_NUMBER_INT);
@ -27,32 +27,32 @@ function change_receivemail(){
}else{ }else{
header("Location: ".$WEBPATH."?page=settings&id=".$user_id); header("Location: ".$WEBPATH."?page=settings&id=".$user_id);
} }
exit; die();
}else{ }else{
//ERROR: permission denied! //ERROR: permission denied!
$_SESSION['error_code'] = "403"; $_SESSION['error_code'] = "403";
header("Location: index.php?page=error"); header("Location: index.php?page=error");
exit; die();
} }
}else{ }else{
//ERROR: The form was not filled in correclty //ERROR: The form was not filled in correclty
header("Location: index.php?page=settings"); header("Location: index.php?page=settings");
exit; die();
} }
}else{ }else{
//ERROR: user is not logged in //ERROR: user is not logged in
header("Location: index.php"); header("Location: index.php");
exit; die();
} }
}catch (PDOException $e) { }catch (PDOException $e) {
//go to error page or something, because can't access website db //go to error page or something, because can't access website db
print_r($e); print_r($e);
exit; die();
} }
} }

30
code/web/public_php/ams/func/create_ticket.php
View file

@ -10,12 +10,12 @@ function create_ticket(){
global $INGAME_WEBPATH; global $INGAME_WEBPATH;
global $WEBPATH; global $WEBPATH;
if(WebUsers::isLoggedIn() && isset($_SESSION['ticket_user'])){ if(WebUsers::isLoggedIn() && isset($_SESSION['ticket_user'])){
if(isset($_POST['target_id'])){ if(isset($_POST['target_id'])){
//if target_id is the same as session id or is admin //if target_id is the same as session id or is admin
if( ($_POST['target_id'] == $_SESSION['id']) || Ticket_User::isMod(unserialize($_SESSION['ticket_user'])) ){ if( ($_POST['target_id'] == $_SESSION['id']) || Ticket_User::isMod(unserialize($_SESSION['ticket_user'])) ){
$category = filter_var($_POST['Category'], FILTER_SANITIZE_NUMBER_INT); $category = filter_var($_POST['Category'], FILTER_SANITIZE_NUMBER_INT);
$title = filter_var($_POST['Title'], FILTER_SANITIZE_STRING); $title = filter_var($_POST['Title'], FILTER_SANITIZE_STRING);
$content = filter_var($_POST['Content'], FILTER_SANITIZE_STRING); $content = filter_var($_POST['Content'], FILTER_SANITIZE_STRING);
@ -35,33 +35,33 @@ function create_ticket(){
}else{ }else{
header("Location: ".$WEBPATH."?page=show_ticket&id=".$ticket_id); header("Location: ".$WEBPATH."?page=show_ticket&id=".$ticket_id);
} }
exit; die();
}catch (PDOException $e) { }catch (PDOException $e) {
//ERROR: LIB DB is not online! //ERROR: LIB DB is not online!
print_r($e); print_r($e);
exit; die();
header("Location: index.php"); header("Location: index.php");
exit; die();
} }
}else{ }else{
//ERROR: permission denied! //ERROR: permission denied!
$_SESSION['error_code'] = "403"; $_SESSION['error_code'] = "403";
header("Location: index.php?page=error"); header("Location: index.php?page=error");
exit; die();
} }
}else{ }else{
//ERROR: The form was not filled in correclty //ERROR: The form was not filled in correclty
header("Location: index.php?page=create_ticket"); header("Location: index.php?page=create_ticket");
exit; die();
} }
}else{ }else{
//ERROR: user is not logged in //ERROR: user is not logged in
header("Location: index.php"); header("Location: index.php");
exit; die();
} }
} }

36
code/web/public_php/ams/func/deactivate_plugin.php
View file

@ -4,15 +4,15 @@
* This can be done by providing id using $_GET global variable of the plugin which * This can be done by providing id using $_GET global variable of the plugin which
* we want to activate. After getting id we update the respective plugin with status * we want to activate. After getting id we update the respective plugin with status
* deactivate which here means '0'. * deactivate which here means '0'.
* *
* @author Shubham Meena, mentored by Matthew Lagoe * @author Shubham Meena, mentored by Matthew Lagoe
*/ */
function deactivate_plugin() { function deactivate_plugin() {
// if logged in // if logged in
if ( WebUsers :: isLoggedIn() ) { if ( WebUsers :: isLoggedIn() ) {
if ( isset( $_GET['id'] ) ) if ( isset( $_GET['id'] ) )
{ {
// id of plugin to deactivate // id of plugin to deactivate
@ -20,24 +20,24 @@ function deactivate_plugin() {
$db = new DBLayer( 'lib' ); $db = new DBLayer( 'lib' );
$result = $db -> update( "plugins", array( 'Status' => '0' ), "Id = $id" ); $result = $db -> update( "plugins", array( 'Status' => '0' ), "Id = $id" );
if ( $result ) if ( $result )
{ {
// if result is successfull it redirects and shows success message // if result is successfull it redirects and shows success message
header( "Location: index.php?page=plugins&result=5" ); header( "Location: index.php?page=plugins&result=5" );
exit; die();
} }
else else
{ {
// if result is unsuccessfull it redirects and shows success message // if result is unsuccessfull it redirects and shows success message
header( "Location: index.php?page=plugins&result=6" ); header( "Location: index.php?page=plugins&result=6" );
exit; die();
} }
} }
else else
{ {
//if $_GET variable is not set it redirects and shows error //if $_GET variable is not set it redirects and shows error
header( "Location: index.php?page=plugins&result=6" ); header( "Location: index.php?page=plugins&result=6" );
exit; die();
} }
} }
} }

42
code/web/public_php/ams/func/delete_plugin.php
View file

@ -3,49 +3,49 @@
* This function is used in deleting plugins. * This function is used in deleting plugins.
* It removes the plugin from the codebase as well as * It removes the plugin from the codebase as well as
* from the Database. When user request to delete a plugin * from the Database. When user request to delete a plugin
* id of that plugin is sent in $_GET global variable. * id of that plugin is sent in $_GET global variable.
* *
* @author Shubham Meena, mentored by Matthew Lagoe * @author Shubham Meena, mentored by Matthew Lagoe
*/ */
function delete_plugin() { function delete_plugin() {
// if logged in // if logged in
if ( WebUsers :: isLoggedIn() ) { if ( WebUsers :: isLoggedIn() ) {
if ( isset( $_GET['id'] ) ) if ( isset( $_GET['id'] ) )
{ {
// id of plugin to delete after filtering // id of plugin to delete after filtering
$id = filter_var( $_GET['id'], FILTER_SANITIZE_FULL_SPECIAL_CHARS ); $id = filter_var( $_GET['id'], FILTER_SANITIZE_FULL_SPECIAL_CHARS );
$db = new DBLayer( 'lib' ); $db = new DBLayer( 'lib' );
$sth = $db -> selectWithParameter( "FileName", "plugins", array( 'id' => $id ), "Id=:id" ); $sth = $db -> selectWithParameter( "FileName", "plugins", array( 'id' => $id ), "Id=:id" );
$name = $sth -> fetch(); $name = $sth -> fetch();
if ( is_dir( "$name[FileName]" ) ) if ( is_dir( "$name[FileName]" ) )
{ {
// removing plugin directory from the code base // removing plugin directory from the code base
if ( Plugincache::rrmdir( "$name[FileName]" ) ) if ( Plugincache::rrmdir( "$name[FileName]" ) )
{ {
$db -> delete( 'plugins', array( 'id' => $id ), "Id=:id" ); $db -> delete( 'plugins', array( 'id' => $id ), "Id=:id" );
//if result successfull redirect and show success message //if result successfull redirect and show success message
header( "Location: index.php?page=plugins&result=2" ); header( "Location: index.php?page=plugins&result=2" );
exit; die();
} }
else else
{ {
// if result unsuccessfull redirect and show error message // if result unsuccessfull redirect and show error message
header( "Location: index.php?page=plugins&result=0" ); header( "Location: index.php?page=plugins&result=0" );
exit; die();
} }
} }
} }
else else
{ {
// if result unsuccessfull redirect and show error message // if result unsuccessfull redirect and show error message
header( "Location: index.php?page=plugins&result=0" ); header( "Location: index.php?page=plugins&result=0" );
exit; die();
} }
} }
} }

20
code/web/public_php/ams/func/forgot_password.php
View file

@ -1,9 +1,9 @@
<?php <?php
function forgot_password(){ function forgot_password(){
$email = filter_var($_POST["Email"], FILTER_SANITIZE_EMAIL); $email = filter_var($_POST["Email"], FILTER_SANITIZE_EMAIL);
$target_id = WebUsers::getIdFromEmail($email); $target_id = WebUsers::getIdFromEmail($email);
if ($target_id == "FALSE"){ if ($target_id == "FALSE"){
//the email address doesn't exist. //the email address doesn't exist.
@ -11,27 +11,27 @@ function forgot_password(){
$result['EMAIL_ERROR'] = 'TRUE'; $result['EMAIL_ERROR'] = 'TRUE';
$result['no_visible_elements'] = 'TRUE'; $result['no_visible_elements'] = 'TRUE';
helpers :: loadtemplate( 'forgot_password', $result); helpers :: loadtemplate( 'forgot_password', $result);
exit; die();
} }
$webUser = new WebUsers($target_id); $webUser = new WebUsers($target_id);
$target_username = $webUser->getUsername(); $target_username = $webUser->getUsername();
$target_hashedPass = $webUser->getHashedPass(); $target_hashedPass = $webUser->getHashedPass();
$hashed_key = hash('sha512',$target_hashedPass); $hashed_key = hash('sha512',$target_hashedPass);
if ( isset( $_COOKIE['Language'] ) ) { if ( isset( $_COOKIE['Language'] ) ) {
$lang = $_COOKIE['Language']; $lang = $_COOKIE['Language'];
}else{ }else{
global $DEFAULT_LANGUAGE; global $DEFAULT_LANGUAGE;
$lang = $DEFAULT_LANGUAGE; $lang = $DEFAULT_LANGUAGE;
} }
global $AMS_TRANS; global $AMS_TRANS;
$variables = parse_ini_file( $AMS_TRANS . '/' . $lang . '.ini', true ); $variables = parse_ini_file( $AMS_TRANS . '/' . $lang . '.ini', true );
$mailText = array(); $mailText = array();
foreach ( $variables['email'] as $key => $value ){ foreach ( $variables['email'] as $key => $value ){
$mailText[$key] = $value; $mailText[$key] = $value;
} }
//create the reset url //create the reset url
global $WEBPATH; global $WEBPATH;
$resetURL = $WEBPATH . "?page=reset_password&user=". $target_username . "&email=" . $email . "&key=" . $hashed_key; $resetURL = $WEBPATH . "?page=reset_password&user=". $target_username . "&email=" . $email . "&key=" . $hashed_key;
@ -44,7 +44,7 @@ function forgot_password(){
$result['prevEmail'] = $email; $result['prevEmail'] = $email;
$result['no_visible_elements'] = 'TRUE'; $result['no_visible_elements'] = 'TRUE';
helpers :: loadtemplate( 'forgot_password', $result); helpers :: loadtemplate( 'forgot_password', $result);
exit; die();
}
}

180
code/web/public_php/ams/func/install_plugin.php
View file

@ -3,11 +3,11 @@
/** /**
* This module contains the function to install plugins * This module contains the function to install plugins
* or check if the uploaded file is an update for a plugin. * or check if the uploaded file is an update for a plugin.
* *
* When user uploads a file with .zip extension(neccessary requirement) * When user uploads a file with .zip extension(neccessary requirement)
* steps that should perform: * steps that should perform:
* --> Check if the file type is .zip. * --> Check if the file type is .zip.
* --> Extract it to a temp folder. * --> Extract it to a temp folder.
* --> Check for the .info file. If not exists throw error * --> Check for the .info file. If not exists throw error
* --> Extract the information from the .info file. * --> Extract the information from the .info file.
* --> Check for the plugin name already exists or not. * --> Check for the plugin name already exists or not.
@ -16,35 +16,35 @@
* --> if UpdateInfo not found throw error. * --> if UpdateInfo not found throw error.
* --> if UpdateInfo found add the update to the ryzom_ams_lib.updates table. * --> if UpdateInfo found add the update to the ryzom_ams_lib.updates table.
* --> if it's not an update and plugin with same name already exists throw error. * --> if it's not an update and plugin with same name already exists throw error.
* --> if plugin with same name not present provide option to install plugin * --> if plugin with same name not present provide option to install plugin
* *
* @author Shubham Meena, mentored by Matthew Lagoe * @author Shubham Meena, mentored by Matthew Lagoe
* *
*/ */
/** /**
* This function is used in installing plugins or adding updates * This function is used in installing plugins or adding updates
* for previously installed plugins. * for previously installed plugins.
* *
*/ */
function install_plugin() { function install_plugin() {
$result = array(); $result = array();
// if logged in // if logged in
if ( WebUsers :: isLoggedIn() ) { if ( WebUsers :: isLoggedIn() ) {
// path of temporary folder for storing files // path of temporary folder for storing files
$temp_path = "../../ams_lib/temp"; $temp_path = "../../ams_lib/temp";
// create a temp directory if not exist // create a temp directory if not exist
// temp folder where we first store all uploaded plugins before install // temp folder where we first store all uploaded plugins before install
if ( !file_exists( "$temp_path" ) ) if ( !file_exists( "$temp_path" ) )
{ {
mkdir( $temp_path ); mkdir( $temp_path );
} }
// checking the server if file is uploaded or not // checking the server if file is uploaded or not
if ( ( isset( $_FILES["file"] ) ) && ( $_FILES["file"]["size"] > 0 ) ) if ( ( isset( $_FILES["file"] ) ) && ( $_FILES["file"]["size"] > 0 ) )
{ {
@ -53,26 +53,26 @@ function install_plugin() {
$dir = trim( $_FILES["file"]["name"], ".zip" ); $dir = trim( $_FILES["file"]["name"], ".zip" );
$target_path = "../../ams_lib/plugins/$dir"; //path in which the zip extraction is to be done $target_path = "../../ams_lib/plugins/$dir"; //path in which the zip extraction is to be done
$destination = "../../ams_lib/plugins/"; $destination = "../../ams_lib/plugins/";
// scanning plugin folder if plugin with same name is already exists or not // scanning plugin folder if plugin with same name is already exists or not
$x = checkForUpdate( $dir, $destination, $fileTmpLoc, $temp_path ); $x = checkForUpdate( $dir, $destination, $fileTmpLoc, $temp_path );
if ( $x == '1' ) if ( $x == '1' )
{ {
echo "update found"; echo "update found";
exit(); die();
} }
else if ( $x == '2' ) else if ( $x == '2' )
{ {
echo "Plugin already exists with same name ."; echo "Plugin already exists with same name .";
exit(); die();
} }
else if ( $x == '3' ) else if ( $x == '3' )
{ {
echo "Update info is not present in the update"; echo "Update info is not present in the update";
exit(); die();
} }
// checking for the command to install plugin is given or not // checking for the command to install plugin is given or not
if ( !isset( $_POST['install_plugin'] ) ) if ( !isset( $_POST['install_plugin'] ) )
{ {
@ -80,30 +80,30 @@ function install_plugin() {
{ {
if ( move_uploaded_file( $fileTmpLoc, $temp_path . "/" . $fileName ) ) { if ( move_uploaded_file( $fileTmpLoc, $temp_path . "/" . $fileName ) ) {
echo "$fileName upload is complete.</br>" . "<button type='submit' class='btn btn-primary' style='margin-left:5px; margin-top:10px;' name='install_plugin'>Install Plugin</button></br>"; echo "$fileName upload is complete.</br>" . "<button type='submit' class='btn btn-primary' style='margin-left:5px; margin-top:10px;' name='install_plugin'>Install Plugin</button></br>";
exit(); die();
} }
else else
{ {
echo "Error in uploading file."; echo "Error in uploading file.";
exit(); die();
} }
} }
else else
{ {
echo "Please select a file with .zip extension to upload."; echo "Please select a file with .zip extension to upload.";
exit(); die();
} }
} }
else else
{ {
// calling function to unzip archives // calling function to unzip archives
if ( zipExtraction( $temp_path . "/" . $fileName , $destination ) ) if ( zipExtraction( $temp_path . "/" . $fileName , $destination ) )
{ {
if ( file_exists( $target_path . "/.info" ) ) if ( file_exists( $target_path . "/.info" ) )
{ {
$result = readPluginFile( ".info", $target_path ); $result = readPluginFile( ".info", $target_path );
// sending all info to the database // sending all info to the database
$install_result = array(); $install_result = array();
$install_result['FileName'] = $target_path; $install_result['FileName'] = $target_path;
@ -112,52 +112,52 @@ function install_plugin() {
if ( Ticket_User :: isMod( unserialize( $_SESSION['ticket_user'] ) ) ) if ( Ticket_User :: isMod( unserialize( $_SESSION['ticket_user'] ) ) )
{ {
$install_result['Permission'] = 'admin'; $install_result['Permission'] = 'admin';
} }
else else
{ {
$install_result['Permission'] = 'user'; $install_result['Permission'] = 'user';
} }
$install_result['Info'] = json_encode( $result ); $install_result['Info'] = json_encode( $result );
// connection with the database // connection with the database
$dbr = new DBLayer( "lib" ); $dbr = new DBLayer( "lib" );
$dbr -> insert( "plugins", $install_result ); $dbr -> insert( "plugins", $install_result );
// if everything is successfull redirecting to the plugin template // if everything is successfull redirecting to the plugin template
header( "Location: index.php?page=plugins&result=1" ); header( "Location: index.php?page=plugins&result=1" );
exit; die();
} }
else else
{ {
// file .info not exists // file .info not exists
rmdir( $target_path ); rmdir( $target_path );
header( "Location: index.php?page=install_plugin&result=2" ); header( "Location: index.php?page=install_plugin&result=2" );
exit; die();
} }
} else } else
{ {
// extraction failed // extraction failed
header( "Location: index.php?page=install_plugin&result=0" ); header( "Location: index.php?page=install_plugin&result=0" );
exit; die();
} }
} }
} }
else else
{ {
echo "Please Browse for a file before clicking the upload button"; echo "Please Browse for a file before clicking the upload button";
exit(); die();
} }
} }
} }
/** /**
* function to unzip the zipped files * function to unzip the zipped files
* *
* @param $target_path path to the target zipped file * @param $target_path path to the target zipped file
* @param $destination path to the destination * @param $destination path to the destination
* @return boolean * @return boolean
*/ */
function zipExtraction( $target_path, $destination ) function zipExtraction( $target_path, $destination )
{ {
@ -168,31 +168,31 @@ function zipExtraction( $target_path, $destination )
{ {
$zip -> close(); $zip -> close();
return true; return true;
} }
else else
{ {
$zip -> close(); $zip -> close();
return false; return false;
} }
} }
} }
/** /**
* function to read text files and extract * function to read text files and extract
* the information into an array * the information into an array
* *
* ----------------------------------------------------------- * -----------------------------------------------------------
* format: * format:
* ----------------------------------------------------------- * -----------------------------------------------------------
* PluginName = Name of the plugin * PluginName = Name of the plugin
* Version = version of the plugin * Version = version of the plugin
* Type = type of the plugin * Type = type of the plugin
* TemplatePath = path to the template * TemplatePath = path to the template
* Description = Description of the plugin ,it's functionality * Description = Description of the plugin ,it's functionality
* ----------------------------------------------------------- * -----------------------------------------------------------
* *
* reads only files with name .info * reads only files with name .info
* *
* @param $fileName file to read * @param $fileName file to read
* @param $target_path path to the folder containing .info file * @param $target_path path to the folder containing .info file
* @return array containing above information in array(value => key) * @return array containing above information in array(value => key)
@ -205,17 +205,17 @@ function readPluginFile( $fileName, $target_path )
$line_of_text = fgets( $file_handle ); $line_of_text = fgets( $file_handle );
$parts = array_map( 'trim', explode( '=', $line_of_text, 2 ) ); $parts = array_map( 'trim', explode( '=', $line_of_text, 2 ) );
@$result[$parts[0]] = $parts[1]; @$result[$parts[0]] = $parts[1];
} }
fclose( $file_handle ); fclose( $file_handle );
return $result; return $result;
} }
/** /**
* function to check for updates or * function to check for updates or
* if the same plugin already exists * if the same plugin already exists
* also, if the update founds ,check for the UpdateInfo in the .info file. * also, if the update founds ,check for the UpdateInfo in the .info file.
* Update is saved in the temp directory with pluginName_version.zip * Update is saved in the temp directory with pluginName_version.zip
* *
* @param $fileName file which is uploaded in .zip extension * @param $fileName file which is uploaded in .zip extension
* @param $findPath where we have to look for the installed plugins * @param $findPath where we have to look for the installed plugins
* @param $tempFile path for the temporary file * @param $tempFile path for the temporary file
@ -234,23 +234,23 @@ function checkForUpdate( $fileName, $findPath, $tempFile, $tempPath )
if ( !file_exists( $tempPath . "/test" ) ) if ( !file_exists( $tempPath . "/test" ) )
{ {
mkdir( $tempPath . "/test" ); mkdir( $tempPath . "/test" );
} }
// extracting the update // extracting the update
if ( zipExtraction( $tempFile, $tempPath . "/test/" ) ) if ( zipExtraction( $tempFile, $tempPath . "/test/" ) )
{ {
$result = readPluginFile( ".info", $tempPath . "/test/" . $fileName ); $result = readPluginFile( ".info", $tempPath . "/test/" . $fileName );
// check for the version for the plugin // check for the version for the plugin
$db = new DBLayer( "lib" ); $db = new DBLayer( "lib" );
$sth = $db -> select( "plugins", array( 'Name' => $result['PluginName'] ), "Name = :Name" ); $sth = $db -> select( "plugins", array( 'Name' => $result['PluginName'] ), "Name = :Name" );
$info = $sth -> fetch(); $info = $sth -> fetch();
$info['Info'] = json_decode( $info['Info'] ); $info['Info'] = json_decode( $info['Info'] );
// the two versions from main plugin and the updated part // the two versions from main plugin and the updated part
$new_version = explode( '.', $result['Version'] ); $new_version = explode( '.', $result['Version'] );
$pre_version = explode( '.', $info['Info'] -> Version ); $pre_version = explode( '.', $info['Info'] -> Version );
// For all plugins we have used semantic versioning // For all plugins we have used semantic versioning
// Format: X.Y.Z ,X->Major, Y->Minor, Z->Patch // Format: X.Y.Z ,X->Major, Y->Minor, Z->Patch
// change in the X Y & Z values refer the type of change in the plugin. // change in the X Y & Z values refer the type of change in the plugin.
@ -265,22 +265,22 @@ function checkForUpdate( $fileName, $findPath, $tempFile, $tempPath )
// removing the uploaded file // removing the uploaded file
Plugincache :: rrmdir( $tempPath . "/test/" . $fileName ); Plugincache :: rrmdir( $tempPath . "/test/" . $fileName );
return '2'; //plugin already exists return '2'; //plugin already exists
} }
else else
{ {
// check for update info if exists // check for update info if exists
if ( !array_key_exists( 'UpdateInfo', $result ) ) if ( !array_key_exists( 'UpdateInfo', $result ) )
{ {
return '3'; //update info tag not found return '3'; //update info tag not found
} }
else else
{ {
// check if update already exists // check if update already exists
if ( pluginUpdateExists( $info['Id'], $tempPath . "/" . trim( $fileName, ".zip" ) . "_" . $result['Version'] . ".zip" ) ) if ( pluginUpdateExists( $info['Id'], $tempPath . "/" . trim( $fileName, ".zip" ) . "_" . $result['Version'] . ".zip" ) )
{ {
echo "Update already exists"; echo "Update already exists";
exit; die();
} }
else { else {
// removing the preivous update // removing the preivous update
$dbr = new DBLayer( "lib" ); $dbr = new DBLayer( "lib" );
@ -294,23 +294,23 @@ function checkForUpdate( $fileName, $findPath, $tempFile, $tempPath )
$update['UpdateInfo'] = json_encode( $result ); $update['UpdateInfo'] = json_encode( $result );
$dbr -> insert( "updates", $update ); $dbr -> insert( "updates", $update );
header( "Location: index.php?page=plugins&result=7" ); header( "Location: index.php?page=plugins&result=7" );
exit; die();
} }
} }
} }
} }
} }
} }
} }
} }
/** /**
* Function to check for the update of a plugin already exists * Function to check for the update of a plugin already exists
* *
* @param $pluginId id of the plugin for which update is available * @param $pluginId id of the plugin for which update is available
* @param $updatePath path of the new update * @param $updatePath path of the new update
* @return boolean True if update already exists else False * @return boolean True if update already exists else False
* *
*/ */
function PluginUpdateExists( $pluginId, $updatePath ) function PluginUpdateExists( $pluginId, $updatePath )
{ {
@ -320,10 +320,10 @@ function PluginUpdateExists( $pluginId, $updatePath )
if ( $updatePath == $row['UpdatePath'] ) if ( $updatePath == $row['UpdatePath'] )
{ {
return true; return true;
} }
else else
{ {
rmdir( $row['UpdatePath'] ); rmdir( $row['UpdatePath'] );
return false; return false;
} }
} }

20
code/web/public_php/ams/func/login.php
View file

@ -14,7 +14,7 @@ function login(){
//check if the filtered sent POST data returns a match with the DB //check if the filtered sent POST data returns a match with the DB
$result = WebUsers::checkLoginMatch($login_value, $password); $result = WebUsers::checkLoginMatch($login_value, $password);
if( $result != "fail"){ if( $result != "fail"){
//handle successful login //handle successful login
$_SESSION['user'] = $result['Login']; $_SESSION['user'] = $result['Login'];
@ -22,11 +22,11 @@ function login(){
$_SESSION['ticket_user'] = serialize(Ticket_User::constr_ExternId($_SESSION['id'])); $_SESSION['ticket_user'] = serialize(Ticket_User::constr_ExternId($_SESSION['id']));
$user = new WebUsers($_SESSION['id']); $user = new WebUsers($_SESSION['id']);
$_SESSION['Language'] = $user->getLanguage(); $_SESSION['Language'] = $user->getLanguage();
$GETString = ""; $GETString = "";
foreach($_GET as $key => $value){ foreach($_GET as $key => $value){
$GETString = $GETString . $key . '=' . $value . "&"; $GETString = $GETString . $key . '=' . $value . "&";
} }
if($GETString != ""){ if($GETString != ""){
$GETString = '?'.$GETString; $GETString = '?'.$GETString;
} }
@ -38,21 +38,21 @@ function login(){
}else{ }else{
header( 'Location: '. $WEBPATH . $GETString); header( 'Location: '. $WEBPATH . $GETString);
} }
exit; die();
}else{ }else{
//handle login failure //handle login failure
$result = Array(); $result = Array();
$result['login_error'] = 'TRUE'; $result['login_error'] = 'TRUE';
$result['no_visible_elements'] = 'TRUE'; $result['no_visible_elements'] = 'TRUE';
helpers :: loadtemplate( 'login', $result); helpers :: loadtemplate( 'login', $result);
exit; die();
} }
}catch (PDOException $e) { }catch (PDOException $e) {
//go to error page or something, because can't access website db //go to error page or something, because can't access website db
print_r($e); print_r($e);
exit; die();
} }
} }

18
code/web/public_php/ams/func/modify_email_of_sgroup.php
View file

@ -10,7 +10,7 @@ function modify_email_of_sgroup(){
global $INGAME_WEBPATH; global $INGAME_WEBPATH;
global $WEBPATH; global $WEBPATH;
if(WebUsers::isLoggedIn()){ if(WebUsers::isLoggedIn()){
//check if user is an admin //check if user is an admin
if( Ticket_User::isAdmin(unserialize($_SESSION['ticket_user'])) && isset($_POST['target_id'])){ if( Ticket_User::isAdmin(unserialize($_SESSION['ticket_user'])) && isset($_POST['target_id'])){
@ -18,11 +18,11 @@ function modify_email_of_sgroup(){
$group = Support_Group::getGroup($sgroupid); $group = Support_Group::getGroup($sgroupid);
$groupemail = filter_var($_POST['GroupEmail'],FILTER_SANITIZE_STRING); $groupemail = filter_var($_POST['GroupEmail'],FILTER_SANITIZE_STRING);
if(Users::validEmail($groupemail) || $groupemail == ""){ if(Users::validEmail($groupemail) || $groupemail == ""){
$password = filter_var($_POST['IMAP_Password'],FILTER_SANITIZE_STRING); $password = filter_var($_POST['IMAP_Password'],FILTER_SANITIZE_STRING);
$group->setGroupEmail($groupemail); $group->setGroupEmail($groupemail);
$group->setIMAP_MailServer(filter_var($_POST['IMAP_MailServer'],FILTER_SANITIZE_STRING)); $group->setIMAP_MailServer(filter_var($_POST['IMAP_MailServer'],FILTER_SANITIZE_STRING));
$group->setIMAP_Username(filter_var($_POST['IMAP_Username'],FILTER_SANITIZE_STRING)); $group->setIMAP_Username(filter_var($_POST['IMAP_Username'],FILTER_SANITIZE_STRING));
//encrypt password! //encrypt password!
global $cfg; global $cfg;
$crypter = new MyCrypt($cfg['crypt']); $crypter = new MyCrypt($cfg['crypt']);
@ -36,7 +36,7 @@ function modify_email_of_sgroup(){
}else{ }else{
$result['RESULT_OF_MODIFYING'] = "EMAIL_NOT_VALID"; $result['RESULT_OF_MODIFYING'] = "EMAIL_NOT_VALID";
} }
$result['permission'] = unserialize($_SESSION['ticket_user'])->getPermission(); $result['permission'] = unserialize($_SESSION['ticket_user'])->getPermission();
$result['no_visible_elements'] = 'FALSE'; $result['no_visible_elements'] = 'FALSE';
$result['username'] = $_SESSION['user']; $result['username'] = $_SESSION['user'];
@ -49,18 +49,18 @@ function modify_email_of_sgroup(){
}else{ }else{
header("Location: ".$WEBPATH."?page=show_sgroup&id=".$sgroupid); header("Location: ".$WEBPATH."?page=show_sgroup&id=".$sgroupid);
} }
exit; die();
}else{ }else{
//ERROR: No access! //ERROR: No access!
$_SESSION['error_code'] = "403"; $_SESSION['error_code'] = "403";
header("Location: index.php?page=error"); header("Location: index.php?page=error");
exit; die();
} }
}else{ }else{
//ERROR: not logged in! //ERROR: not logged in!
header("Location: index.php"); header("Location: index.php");
exit; die();
} }
} }

32
code/web/public_php/ams/func/reply_on_ticket.php
View file

@ -11,14 +11,14 @@ function reply_on_ticket(){
global $WEBPATH; global $WEBPATH;
//if logged in //if logged in
if(WebUsers::isLoggedIn() && isset($_POST['ticket_id'])){ if(WebUsers::isLoggedIn() && isset($_POST['ticket_id'])){
$ticket_id = filter_var($_POST['ticket_id'], FILTER_SANITIZE_NUMBER_INT); $ticket_id = filter_var($_POST['ticket_id'], FILTER_SANITIZE_NUMBER_INT);
$target_ticket = new Ticket(); $target_ticket = new Ticket();
$target_ticket->load_With_TId($ticket_id); $target_ticket->load_With_TId($ticket_id);
//check if the user who executed this function is a mod/admin or the topic creator himself. //check if the user who executed this function is a mod/admin or the topic creator himself.
if(($target_ticket->getAuthor() == unserialize($_SESSION['ticket_user'])->getTUserId()) || Ticket_User::isMod(unserialize($_SESSION['ticket_user'])) ){ if(($target_ticket->getAuthor() == unserialize($_SESSION['ticket_user'])->getTUserId()) || Ticket_User::isMod(unserialize($_SESSION['ticket_user'])) ){
try{ try{
$author = unserialize($_SESSION['ticket_user'])->getTUserId(); $author = unserialize($_SESSION['ticket_user'])->getTUserId();
if(isset($_POST['Content'])){ if(isset($_POST['Content'])){
@ -27,18 +27,18 @@ function reply_on_ticket(){
$content=""; $content="";
} }
$hidden = 0; $hidden = 0;
if(isset($_POST['hidden']) && Ticket_User::isMod(unserialize($_SESSION['ticket_user']))){ if(isset($_POST['hidden']) && Ticket_User::isMod(unserialize($_SESSION['ticket_user']))){
$hidden = 1; $hidden = 1;
} }
//create the reply //create the reply
Ticket::createReply($content, $author, $ticket_id, $hidden); Ticket::createReply($content, $author, $ticket_id, $hidden);
//try to update the status & priority in case these are set. //try to update the status & priority in case these are set.
if(isset($_POST['ChangeStatus']) && isset($_POST['ChangePriority']) && Ticket_User::isMod(unserialize($_SESSION['ticket_user']))){ if(isset($_POST['ChangeStatus']) && isset($_POST['ChangePriority']) && Ticket_User::isMod(unserialize($_SESSION['ticket_user']))){
$newStatus = filter_var($_POST['ChangeStatus'], FILTER_SANITIZE_NUMBER_INT); $newStatus = filter_var($_POST['ChangeStatus'], FILTER_SANITIZE_NUMBER_INT);
$newPriority = filter_var($_POST['ChangePriority'], FILTER_SANITIZE_NUMBER_INT); $newPriority = filter_var($_POST['ChangePriority'], FILTER_SANITIZE_NUMBER_INT);
Ticket::updateTicketStatusAndPriority($ticket_id,$newStatus, $newPriority, $author); Ticket::updateTicketStatusAndPriority($ticket_id,$newStatus, $newPriority, $author);
} }
if (Helpers::check_if_game_client()) { if (Helpers::check_if_game_client()) {
@ -46,25 +46,25 @@ function reply_on_ticket(){
}else{ }else{
header("Location: ".$WEBPATH."?page=show_ticket&id=".$ticket_id); header("Location: ".$WEBPATH."?page=show_ticket&id=".$ticket_id);
} }
exit; die();
}catch (PDOException $e) { }catch (PDOException $e) {
//ERROR: LIB DB is not online! //ERROR: LIB DB is not online!
print_r($e); print_r($e);
//header("Location: index.php"); //header("Location: index.php");
exit; die();
} }
}else{ }else{
//ERROR: No access! //ERROR: No access!
$_SESSION['error_code'] = "403"; $_SESSION['error_code'] = "403";
header("Location: index.php?page=error"); header("Location: index.php?page=error");
exit; die();
} }
}else{ }else{
//ERROR: not logged in! //ERROR: not logged in!
header("Location: index.php"); header("Location: index.php");
exit; die();
} }
} }

14
code/web/public_php/ams/func/reset_password.php
View file

@ -5,7 +5,7 @@ function reset_password(){
$email = filter_var($_GET["email"], FILTER_SANITIZE_EMAIL); $email = filter_var($_GET["email"], FILTER_SANITIZE_EMAIL);
$user = filter_var($_GET["user"], FILTER_SANITIZE_STRING); $user = filter_var($_GET["user"], FILTER_SANITIZE_STRING);
$key = filter_var($_GET["key"], FILTER_SANITIZE_STRING); $key = filter_var($_GET["key"], FILTER_SANITIZE_STRING);
$password = filter_var($_POST['NewPass'], FILTER_SANITIZE_STRING); $password = filter_var($_POST['NewPass'], FILTER_SANITIZE_STRING);
$confirmpass = filter_var($_POST['ConfirmNewPass'], FILTER_SANITIZE_STRING); $confirmpass = filter_var($_POST['ConfirmNewPass'], FILTER_SANITIZE_STRING);
@ -24,12 +24,12 @@ function reset_password(){
} }
$result['no_visible_elements'] = 'TRUE'; $result['no_visible_elements'] = 'TRUE';
helpers :: loadtemplate( 'reset_success', $result); helpers :: loadtemplate( 'reset_success', $result);
exit; die();
} }
$GETString = ""; $GETString = "";
foreach($_GET as $key => $value){ foreach($_GET as $key => $value){
$GETString = $GETString . $key . '=' . $value . "&"; $GETString = $GETString . $key . '=' . $value . "&";
} }
if($GETString != ""){ if($GETString != ""){
$GETString = '?'.$GETString; $GETString = '?'.$GETString;
} }
@ -38,7 +38,7 @@ function reset_password(){
$result['prevConfirmNewPass'] = $confirmpass; $result['prevConfirmNewPass'] = $confirmpass;
$result['no_visible_elements'] = 'TRUE'; $result['no_visible_elements'] = 'TRUE';
helpers :: loadtemplate( 'reset_password', $result); helpers :: loadtemplate( 'reset_password', $result);
exit; die();
} }
} }

26
code/web/public_php/ams/func/update_plugin.php
View file

@ -2,16 +2,16 @@
/** /**
* This function is used in installing updates for plugins. * This function is used in installing updates for plugins.
* It takes id of the plugin whose update is available using * It takes id of the plugin whose update is available using
* $_GET global variable and then extract the update details * $_GET global variable and then extract the update details
* from db and then install it in the plugin. * from db and then install it in the plugin.
* *
* @author Shubham Meena, mentored by Matthew Lagoe * @author Shubham Meena, mentored by Matthew Lagoe
*/ */
function update_plugin() { function update_plugin() {
// if logged in // if logged in
if ( WebUsers :: isLoggedIn() ) { if ( WebUsers :: isLoggedIn() ) {
if ( isset( $_GET['id'] ) ) if ( isset( $_GET['id'] ) )
{ {
// id of plugin to update // id of plugin to update
@ -19,20 +19,20 @@ function update_plugin() {
$db = new DBLayer( 'lib' ); $db = new DBLayer( 'lib' );
$sth = $db -> executeWithoutParams( "SELECT * FROM plugins INNER JOIN updates ON plugins.Id=updates.PluginId Where plugins.Id=$id" ); $sth = $db -> executeWithoutParams( "SELECT * FROM plugins INNER JOIN updates ON plugins.Id=updates.PluginId Where plugins.Id=$id" );
$row = $sth -> fetch(); $row = $sth -> fetch();
// replacing update in the database // replacing update in the database
Plugincache :: rrmdir( $row['FileName'] ); Plugincache :: rrmdir( $row['FileName'] );
Plugincache :: zipExtraction( $row['UpdatePath'], rtrim( $row['FileName'], strtolower( $row['Name'] ) ) ); Plugincache :: zipExtraction( $row['UpdatePath'], rtrim( $row['FileName'], strtolower( $row['Name'] ) ) );
$db -> update( "plugins", array( 'Info' => $row['UpdateInfo'] ), "Id=$row[Id]" ); $db -> update( "plugins", array( 'Info' => $row['UpdateInfo'] ), "Id=$row[Id]" );
// deleting the previous update // deleting the previous update
$db -> delete( "updates", array( 'id' => $row['s.no'] ), "s.no=:id" ); $db -> delete( "updates", array( 'id' => $row['s.no'] ), "s.no=:id" );
// if update is installed succesffully redirect to show success message // if update is installed succesffully redirect to show success message
header( "Location: index.php?page=plugins&result=8" ); header( "Location: index.php?page=plugins&result=8" );
exit; die();
} }
} }
} }

30
code/web/public_php/ams/inc/change_permission.php
View file

@ -11,15 +11,15 @@ function change_permission(){
global $WEBPATH; global $WEBPATH;
//if logged in //if logged in
if(WebUsers::isLoggedIn()){ if(WebUsers::isLoggedIn()){
//check if user who executed this function is an admin //check if user who executed this function is an admin
if(ticket_user::isAdmin(unserialize($_SESSION['ticket_user']))){ if(ticket_user::isAdmin(unserialize($_SESSION['ticket_user']))){
//in case the $_GET['value'] is smaller than 4 and the user whoes permission is being changed is different from the admin(id 1) //in case the $_GET['value'] is smaller than 4 and the user whoes permission is being changed is different from the admin(id 1)
if(isset($_GET['user_id']) && isset($_GET['value']) && $_GET['user_id'] != 1 && $_GET['value'] < 4 ){ if(isset($_GET['user_id']) && isset($_GET['value']) && $_GET['user_id'] != 1 && $_GET['value'] < 4 ){
$user_id = filter_var($_GET['user_id'], FILTER_SANITIZE_NUMBER_INT); $user_id = filter_var($_GET['user_id'], FILTER_SANITIZE_NUMBER_INT);
$value = filter_var($_GET['value'], FILTER_SANITIZE_NUMBER_INT); $value = filter_var($_GET['value'], FILTER_SANITIZE_NUMBER_INT);
//execute change. //execute change.
Ticket_User::change_permission(Ticket_User::constr_ExternId($user_id)->getTUserId(), $value); Ticket_User::change_permission(Ticket_User::constr_ExternId($user_id)->getTUserId(), $value);
if (Helpers::check_if_game_client()) { if (Helpers::check_if_game_client()) {
@ -27,9 +27,9 @@ function change_permission(){
}else{ }else{
header("Location: ".$WEBPATH."?page=show_user&id=".$user_id); header("Location: ".$WEBPATH."?page=show_user&id=".$user_id);
} }
exit; die();
}else{ }else{
//ERROR: GET PARAMS not given or trying to change admin //ERROR: GET PARAMS not given or trying to change admin
if (Helpers::check_if_game_client()) { if (Helpers::check_if_game_client()) {
@ -37,22 +37,22 @@ function change_permission(){
}else{ }else{
header("Location: ".$WEBPATH."?page=show_user&id=".$user_id); header("Location: ".$WEBPATH."?page=show_user&id=".$user_id);
} }
exit; die();
} }
}else{ }else{
//ERROR: No access! //ERROR: No access!
$_SESSION['error_code'] = "403"; $_SESSION['error_code'] = "403";
header("Location: index.php?page=error"); header("Location: index.php?page=error");
exit; die();
} }
}else{ }else{
//ERROR: not logged in! //ERROR: not logged in!
header("Location: index.php"); header("Location: index.php");
exit; die();
} }
} }

26
code/web/public_php/ams/inc/createticket.php
View file

@ -11,44 +11,44 @@ function createticket(){
if(WebUsers::isLoggedIn()){ if(WebUsers::isLoggedIn()){
//in case user_id-GET param set it's value as target_id, if no user_id-param is given, use the session id. //in case user_id-GET param set it's value as target_id, if no user_id-param is given, use the session id.
if(isset($_GET['user_id'])){ if(isset($_GET['user_id'])){
//check if you are a mod/admin or you try to create a ticket for your own, if this is not the case redirect to error page //check if you are a mod/admin or you try to create a ticket for your own, if this is not the case redirect to error page
if(($_GET['user_id'] != $_SESSION['id']) && ( ! ticket_user::isMod(unserialize($_SESSION['ticket_user']))) ){ if(($_GET['user_id'] != $_SESSION['id']) && ( ! ticket_user::isMod(unserialize($_SESSION['ticket_user']))) ){
//ERROR: No access! //ERROR: No access!
$_SESSION['error_code'] = "403"; $_SESSION['error_code'] = "403";
header("Location: index.php?page=error"); header("Location: index.php?page=error");
exit; die();
}else{ }else{
//if user_id is given, then set it as the target_id //if user_id is given, then set it as the target_id
$result['target_id'] = filter_var($_GET['user_id'], FILTER_SANITIZE_NUMBER_INT); $result['target_id'] = filter_var($_GET['user_id'], FILTER_SANITIZE_NUMBER_INT);
} }
}else{ }else{
//set session_id as target_id //set session_id as target_id
$result['target_id'] = $_SESSION['id']; $result['target_id'] = $_SESSION['id'];
} }
if(Helpers::check_if_game_client()){ if(Helpers::check_if_game_client()){
//get all additional info, which is needed for adding the extra info page //get all additional info, which is needed for adding the extra info page
$result[] = $_GET; $result[] = $_GET;
$result['ingame'] = true; $result['ingame'] = true;
} }
//create array of category id & names //create array of category id & names
$catArray = Ticket_Category::getAllCategories(); $catArray = Ticket_Category::getAllCategories();
$result['category'] = Gui_Elements::make_table_with_key_is_id($catArray, Array("getName"), "getTCategoryId" ); $result['category'] = Gui_Elements::make_table_with_key_is_id($catArray, Array("getName"), "getTCategoryId" );
global $INGAME_WEBPATH; global $INGAME_WEBPATH;
$result['ingame_webpath'] = $INGAME_WEBPATH; $result['ingame_webpath'] = $INGAME_WEBPATH;
return $result; return $result;
}else{ }else{
//ERROR: not logged in! //ERROR: not logged in!
header("Location: index.php"); header("Location: index.php");
exit; die();
} }
} }

20
code/web/public_php/ams/inc/dashboard.php
View file

@ -7,10 +7,10 @@
* @author Daan Janssens, mentored by Matthew Lagoe * @author Daan Janssens, mentored by Matthew Lagoe
*/ */
function dashboard(){ function dashboard(){
//if logged in //if logged in
if(WebUsers::isLoggedIn()){ if(WebUsers::isLoggedIn()){
//is Mod //is Mod
if(ticket_user::isMod(unserialize($_SESSION['ticket_user']))){ if(ticket_user::isMod(unserialize($_SESSION['ticket_user']))){
//return useful information about the status of the ticket system. //return useful information about the status of the ticket system.
@ -25,20 +25,20 @@ function dashboard(){
global $INGAME_WEBPATH; global $INGAME_WEBPATH;
$result['ingame_webpath'] = $INGAME_WEBPATH; $result['ingame_webpath'] = $INGAME_WEBPATH;
return $result; return $result;
}else{ }else{
//ERROR: No access! //ERROR: No access!
$_SESSION['error_code'] = "403"; $_SESSION['error_code'] = "403";
header("Location: index.php?page=error"); header("Location: index.php?page=error");
exit; die();
} }
}else{ }else{
//ERROR: not logged in! //ERROR: not logged in!
header("Location: index.php"); header("Location: index.php");
exit; die();
} }
} }

2
code/web/public_php/ams/inc/login.php
View file

@ -22,7 +22,7 @@ function login() {
} else { } else {
header('Location: ' . $WEBPATH); header('Location: ' . $WEBPATH);
} }
exit; die();
} }
} }
$pageElements['ingame_webpath'] = $INGAME_WEBPATH; $pageElements['ingame_webpath'] = $INGAME_WEBPATH;

20
code/web/public_php/ams/inc/plugins.php
View file

@ -3,37 +3,37 @@
/** /**
* function plugins to get * function plugins to get
* plugins from the Database using pagination object * plugins from the Database using pagination object
* *
* @author shubham meena mentored by Matthew Lagoe * @author shubham meena mentored by Matthew Lagoe
*/ */
function plugins() function plugins()
{ {
if ( Ticket_User :: isMod( unserialize( $_SESSION['ticket_user'] ) ) ) { if ( Ticket_User :: isMod( unserialize( $_SESSION['ticket_user'] ) ) ) {
$pagination = new Pagination( "SELECT * FROM plugins", "lib", 5, "Plugincache" ); $pagination = new Pagination( "SELECT * FROM plugins", "lib", 5, "Plugincache" );
$pageResult['plug'] = Gui_Elements :: make_table( $pagination -> getElements(), Array( "getId", "getPluginName", "getPluginType", "getPluginPermission", "getPluginStatus", "getPluginInfo" ), Array( "id", "plugin_name", "plugin_type", "plugin_permission", "plugin_status", "plugin_info" ) ); $pageResult['plug'] = Gui_Elements :: make_table( $pagination -> getElements(), Array( "getId", "getPluginName", "getPluginType", "getPluginPermission", "getPluginStatus", "getPluginInfo" ), Array( "id", "plugin_name", "plugin_type", "plugin_permission", "plugin_status", "plugin_info" ) );
$pageResult['links'] = $pagination -> getLinks( 5 ); $pageResult['links'] = $pagination -> getLinks( 5 );
$pageResult['lastPage'] = $pagination -> getLast(); $pageResult['lastPage'] = $pagination -> getLast();
$pageResult['currentPage'] = $pagination -> getCurrent(); $pageResult['currentPage'] = $pagination -> getCurrent();
global $INGAME_WEBPATH; global $INGAME_WEBPATH;
$pageResult['ingame_webpath'] = $INGAME_WEBPATH; $pageResult['ingame_webpath'] = $INGAME_WEBPATH;
// check if shard is online // check if shard is online
try { try {
$dbs = new DBLayer( "shard" ); $dbs = new DBLayer( "shard" );
$pageResult['shard'] = "online"; $pageResult['shard'] = "online";
} }
catch( PDOException $e ) { catch( PDOException $e ) {
$pageResult['shard'] = "offline"; $pageResult['shard'] = "offline";
} }
return( $pageResult ); return( $pageResult );
} else { } else {
// ERROR: No access! // ERROR: No access!
$_SESSION['error_code'] = "403"; $_SESSION['error_code'] = "403";
header( "Location: index.php?page=error" ); header( "Location: index.php?page=error" );
exit; die();
} }
} }

16
code/web/public_php/ams/inc/plugins_update.php
View file

@ -2,8 +2,8 @@
/** /**
* function plugins_update to get * function plugins_update to get
* plugins updates from the Database using pagination object. * plugins updates from the Database using pagination object.
* *
* @author shubham meena mentored by Matthew Lagoe * @author shubham meena mentored by Matthew Lagoe
*/ */
function plugins_update() function plugins_update()
@ -14,23 +14,23 @@ function plugins_update()
$pageResult['links'] = $pagination -> getLinks( 5 ); $pageResult['links'] = $pagination -> getLinks( 5 );
$pageResult['lastPage'] = $pagination -> getLast(); $pageResult['lastPage'] = $pagination -> getLast();
$pageResult['currentPage'] = $pagination -> getCurrent(); $pageResult['currentPage'] = $pagination -> getCurrent();
global $INGAME_WEBPATH; global $INGAME_WEBPATH;
$pageResult['ingame_webpath'] = $INGAME_WEBPATH; $pageResult['ingame_webpath'] = $INGAME_WEBPATH;
// check if shard is online // check if shard is online
try { try {
$dbs = new DBLayer( "shard" ); $dbs = new DBLayer( "shard" );
$pageResult['shard'] = "online"; $pageResult['shard'] = "online";
} }
catch( PDOException $e ) { catch( PDOException $e ) {
$pageResult['shard'] = "offline"; $pageResult['shard'] = "offline";
} }
return( $pageResult ); return( $pageResult );
} else { } else {
// ERROR: No access! // ERROR: No access!
$_SESSION['error_code'] = "403"; $_SESSION['error_code'] = "403";
header( "Location: index.php?page=error" ); header( "Location: index.php?page=error" );
exit; die();
} }
} }

16
code/web/public_php/ams/inc/reset_password.php
View file

@ -4,28 +4,28 @@ function reset_password(){
$email = filter_var($_GET["email"], FILTER_SANITIZE_EMAIL); $email = filter_var($_GET["email"], FILTER_SANITIZE_EMAIL);
$user = filter_var($_GET["user"], FILTER_SANITIZE_STRING); $user = filter_var($_GET["user"], FILTER_SANITIZE_STRING);
$key = filter_var($_GET["key"], FILTER_SANITIZE_STRING); $key = filter_var($_GET["key"], FILTER_SANITIZE_STRING);
$target_id = WebUsers::getId($user); $target_id = WebUsers::getId($user);
$webUser = new WebUsers($target_id); $webUser = new WebUsers($target_id);
if( (WebUsers::getIdFromEmail($email) == $target_id) && (hash('sha512',$webUser->getHashedPass()) == $key) ){ if( (WebUsers::getIdFromEmail($email) == $target_id) && (hash('sha512',$webUser->getHashedPass()) == $key) ){
//you are allowed on the page! //you are allowed on the page!
$GETString = ""; $GETString = "";
foreach($_GET as $key => $value){ foreach($_GET as $key => $value){
$GETString = $GETString . $key . '=' . $value . "&"; $GETString = $GETString . $key . '=' . $value . "&";
} }
if($GETString != ""){ if($GETString != ""){
$GETString = '?'.$GETString; $GETString = '?'.$GETString;
} }
$pageElements['getstring'] = $GETString; $pageElements['getstring'] = $GETString;
return $pageElements; return $pageElements;
}else{ }else{
global $WEBPATH; global $WEBPATH;
$_SESSION['error_code'] = "403"; $_SESSION['error_code'] = "403";
header("Location: ".$WEBPATH."?page=error"); header("Location: ".$WEBPATH."?page=error");
exit; die();
} }
} }

4
code/web/public_php/ams/inc/settings.php
View file

@ -13,7 +13,7 @@ function settings(){
//ERROR: No access! //ERROR: No access!
$_SESSION['error_code'] = "403"; $_SESSION['error_code'] = "403";
header("Location: index.php?page=error"); header("Location: index.php?page=error");
exit; die();
}else{ }else{
$webUser = new Webusers($_GET['id']); $webUser = new Webusers($_GET['id']);
$result = $webUser->getInfo(); $result = $webUser->getInfo();
@ -47,7 +47,7 @@ function settings(){
}else{ }else{
//ERROR: not logged in! //ERROR: not logged in!
header("Location: index.php"); header("Location: index.php");
exit; die();
} }
} }

14
code/web/public_php/ams/inc/sgroup_list.php
View file

@ -8,10 +8,10 @@
function sgroup_list(){ function sgroup_list(){
global $INGAME_WEBPATH; global $INGAME_WEBPATH;
global $WEBPATH; global $WEBPATH;
//if logged in //if logged in
if(WebUsers::isLoggedIn()){ if(WebUsers::isLoggedIn()){
if(Ticket_User::isMod(unserialize($_SESSION['ticket_user']))){ if(Ticket_User::isMod(unserialize($_SESSION['ticket_user']))){
//if delete GET var is set and user is admin, then delete the groups entry. //if delete GET var is set and user is admin, then delete the groups entry.
if(isset($_GET['delete']) && Ticket_User::isAdmin(unserialize($_SESSION['ticket_user']))){ if(isset($_GET['delete']) && Ticket_User::isAdmin(unserialize($_SESSION['ticket_user']))){
$delete_id = filter_var($_GET['delete'], FILTER_SANITIZE_NUMBER_INT); $delete_id = filter_var($_GET['delete'], FILTER_SANITIZE_NUMBER_INT);
@ -21,7 +21,7 @@ function sgroup_list(){
}else{ }else{
header("Location: ".$WEBPATH."?page=sgroup_list"); header("Location: ".$WEBPATH."?page=sgroup_list");
} }
exit; die();
} }
if(Ticket_User::isAdmin(unserialize($_SESSION['ticket_user']))){ if(Ticket_User::isAdmin(unserialize($_SESSION['ticket_user']))){
$result['isAdmin'] = "TRUE"; $result['isAdmin'] = "TRUE";
@ -34,12 +34,12 @@ function sgroup_list(){
//ERROR: No access! //ERROR: No access!
$_SESSION['error_code'] = "403"; $_SESSION['error_code'] = "403";
header("Location: index.php?page=error"); header("Location: index.php?page=error");
exit; die();
} }
}else{ }else{
//ERROR: not logged in! //ERROR: not logged in!
header("Location: index.php"); header("Location: index.php");
exit; die();
} }
} }

64
code/web/public_php/ams/inc/show_queue.php
View file

@ -14,33 +14,33 @@ function show_queue(){
global $WEBPATH; global $WEBPATH;
//if logged in & queue id is given //if logged in & queue id is given
if(WebUsers::isLoggedIn() && isset($_GET['get'])){ if(WebUsers::isLoggedIn() && isset($_GET['get'])){
if( Ticket_User::isMod(unserialize($_SESSION['ticket_user']))){ if( Ticket_User::isMod(unserialize($_SESSION['ticket_user']))){
//the queue you want to see. //the queue you want to see.
$result['queue_view'] = filter_var($_GET['get'], FILTER_SANITIZE_STRING); $result['queue_view'] = filter_var($_GET['get'], FILTER_SANITIZE_STRING);
$user_id = unserialize($_SESSION['ticket_user'])->getTUserId(); $user_id = unserialize($_SESSION['ticket_user'])->getTUserId();
$queueArray = array(); $queueArray = array();
$queue_handler = new Ticket_Queue_handler(); $queue_handler = new Ticket_Queue_handler();
//Pagination Base Links //Pagination Base Links
if (Helpers::check_if_game_client()) { if (Helpers::check_if_game_client()) {
$result['pagination_base_link'] = $INGAME_WEBPATH."?page=show_queue&get=".$result['queue_view'] ; $result['pagination_base_link'] = $INGAME_WEBPATH."?page=show_queue&get=".$result['queue_view'] ;
}else{ }else{
$result['pagination_base_link'] = $WEBPATH."?page=show_queue&get=".$result['queue_view'] ; $result['pagination_base_link'] = $WEBPATH."?page=show_queue&get=".$result['queue_view'] ;
} }
//form url to keep the getters constant //form url to keep the getters constant
if (Helpers::check_if_game_client()) { if (Helpers::check_if_game_client()) {
$result['getURL'] = $INGAME_WEBPATH."?page=show_queue&get=" . $result['queue_view']; $result['getURL'] = $INGAME_WEBPATH."?page=show_queue&get=" . $result['queue_view'];
}else{ }else{
$result['getURL'] = $WEBPATH."?page=show_queue&get=" . $result['queue_view']; $result['getURL'] = $WEBPATH."?page=show_queue&get=" . $result['queue_view'];
} }
if(isset($_GET['pagenum'])){ if(isset($_GET['pagenum'])){
$result['getURL'] = $result['getURL'] . "&pagenum=".$_GET['pagenum']; $result['getURL'] = $result['getURL'] . "&pagenum=".$_GET['pagenum'];
} }
if(isset($_GET['get']) && ($_GET['get'] == "create") && isset($_GET['userid']) && isset($_GET['groupid']) && isset($_GET['what']) && isset($_GET['how']) && isset($_GET['who'])){ if(isset($_GET['get']) && ($_GET['get'] == "create") && isset($_GET['userid']) && isset($_GET['groupid']) && isset($_GET['what']) && isset($_GET['how']) && isset($_GET['who'])){
$userid = filter_var($_GET['userid'], FILTER_SANITIZE_NUMBER_INT); $userid = filter_var($_GET['userid'], FILTER_SANITIZE_NUMBER_INT);
$groupid = filter_var($_GET['groupid'], FILTER_SANITIZE_NUMBER_INT); $groupid = filter_var($_GET['groupid'], FILTER_SANITIZE_NUMBER_INT);
@ -49,24 +49,24 @@ function show_queue(){
$who = filter_var($_GET['who'], FILTER_SANITIZE_STRING); $who = filter_var($_GET['who'], FILTER_SANITIZE_STRING);
//create the custom queue //create the custom queue
$queue_handler->CreateQueue($userid, $groupid, $what, $how, $who); $queue_handler->CreateQueue($userid, $groupid, $what, $how, $who);
if (Helpers::check_if_game_client()) { if (Helpers::check_if_game_client()) {
$result['pagination_base_link'] = $INGAME_WEBPATH."?page=show_queue&get=create&userid=".$userid."&groupid=".$groupid."&what=".$what."&how=".$how."&who=".$who; $result['pagination_base_link'] = $INGAME_WEBPATH."?page=show_queue&get=create&userid=".$userid."&groupid=".$groupid."&what=".$what."&how=".$how."&who=".$who;
}else{ }else{
$result['pagination_base_link'] = $WEBPATH."?page=show_queue&get=create&userid=".$userid."&groupid=".$groupid."&what=".$what."&how=".$how."&who=".$who; $result['pagination_base_link'] = $WEBPATH."?page=show_queue&get=create&userid=".$userid."&groupid=".$groupid."&what=".$what."&how=".$how."&who=".$who;
} }
$result['prev_created_userid'] = $userid; $result['prev_created_userid'] = $userid;
$result['prev_created_groupid'] = $groupid; $result['prev_created_groupid'] = $groupid;
$result['prev_created_what'] = $what; $result['prev_created_what'] = $what;
$result['prev_created_how'] = $how; $result['prev_created_how'] = $how;
$result['prev_created_who'] = $who; $result['prev_created_who'] = $who;
$result['getURL'] = $result['getURL'] . "&userid=".$userid."&groupid=".$groupid."&what=".$what."&how=".$how."&who=".$who; $result['getURL'] = $result['getURL'] . "&userid=".$userid."&groupid=".$groupid."&what=".$what."&how=".$how."&who=".$who;
} }
//if an action is set //if an action is set
if(isset($_POST['action'])){ if(isset($_POST['action'])){
switch($_POST['action']){ switch($_POST['action']){
@ -74,12 +74,12 @@ function show_queue(){
$ticket_id = filter_var($_POST['ticket_id'], FILTER_SANITIZE_NUMBER_INT); $ticket_id = filter_var($_POST['ticket_id'], FILTER_SANITIZE_NUMBER_INT);
$result['ACTION_RESULT'] = Ticket::assignTicket($user_id, $ticket_id); $result['ACTION_RESULT'] = Ticket::assignTicket($user_id, $ticket_id);
break; break;
case "unAssignTicket": case "unAssignTicket":
$ticket_id = filter_var($_POST['ticket_id'], FILTER_SANITIZE_NUMBER_INT); $ticket_id = filter_var($_POST['ticket_id'], FILTER_SANITIZE_NUMBER_INT);
$result['ACTION_RESULT'] = Ticket::unAssignTicket($user_id, $ticket_id); $result['ACTION_RESULT'] = Ticket::unAssignTicket($user_id, $ticket_id);
break; break;
case "create_queue": case "create_queue":
$userid = filter_var($_POST['userid'], FILTER_SANITIZE_NUMBER_INT); $userid = filter_var($_POST['userid'], FILTER_SANITIZE_NUMBER_INT);
if (isset($_POST['groupid'])) { if (isset($_POST['groupid'])) {
@ -95,7 +95,7 @@ function show_queue(){
if (Helpers::check_if_game_client()) { if (Helpers::check_if_game_client()) {
$result['pagination_base_link'] = $INGAME_WEBPATH."?page=show_queue&get=create&userid=".$userid."&groupid=".$groupid."&what=".$what."&how=".$how."&who=".$who; $result['pagination_base_link'] = $INGAME_WEBPATH."?page=show_queue&get=create&userid=".$userid."&groupid=".$groupid."&what=".$what."&how=".$how."&who=".$who;
}else{ }else{
$result['pagination_base_link'] = $WEBPATH."?page=show_queue&get=create&userid=".$userid."&groupid=".$groupid."&what=".$what."&how=".$how."&who=".$who; $result['pagination_base_link'] = $WEBPATH."?page=show_queue&get=create&userid=".$userid."&groupid=".$groupid."&what=".$what."&how=".$how."&who=".$who;
} }
$result['prev_created_userid'] = $userid; $result['prev_created_userid'] = $userid;
$result['prev_created_groupid'] = $groupid; $result['prev_created_groupid'] = $groupid;
@ -103,20 +103,20 @@ function show_queue(){
$result['prev_created_how'] = $how; $result['prev_created_how'] = $how;
$result['prev_created_who'] = $who; $result['prev_created_who'] = $who;
$result['getURL'] = $result['getURL'] . "&userid=".$userid."&groupid=".$groupid."&what=".$what."&how=".$how."&who=".$who; $result['getURL'] = $result['getURL'] . "&userid=".$userid."&groupid=".$groupid."&what=".$what."&how=".$how."&who=".$who;
break; break;
} }
} }
$queueArray = $queue_handler->getTickets($result['queue_view'], $user_id); $queueArray = $queue_handler->getTickets($result['queue_view'], $user_id);
//pagination //pagination
$result['links'] = $queue_handler->getPagination()->getLinks(5); $result['links'] = $queue_handler->getPagination()->getLinks(5);
$result['lastPage'] = $queue_handler->getPagination()->getLast(); $result['lastPage'] = $queue_handler->getPagination()->getLast();
$result['currentPage'] = $queue_handler->getPagination()->getCurrent(); $result['currentPage'] = $queue_handler->getPagination()->getCurrent();
//if queue_view is a valid parameter value //if queue_view is a valid parameter value
if ($queueArray != "ERROR"){ if ($queueArray != "ERROR"){
$result['tickets'] = Gui_Elements::make_table($queueArray, Array("getTId","getTitle","getTimestamp","getAuthor()->getExternId","getTicket_Category()->getName","getStatus","getStatusText","getAssigned","getForwardedGroupName","getForwardedGroupId"), Array("tId","title","timestamp","authorExtern","category","status","statusText","assigned","forwardedGroupName","forwardedGroupId")); $result['tickets'] = Gui_Elements::make_table($queueArray, Array("getTId","getTitle","getTimestamp","getAuthor()->getExternId","getTicket_Category()->getName","getStatus","getStatusText","getAssigned","getForwardedGroupName","getForwardedGroupId"), Array("tId","title","timestamp","authorExtern","category","status","statusText","assigned","forwardedGroupName","forwardedGroupId"));
@ -130,8 +130,8 @@ function show_queue(){
$i++; $i++;
} }
$result['user_id'] = unserialize($_SESSION['ticket_user'])->getTUserId(); $result['user_id'] = unserialize($_SESSION['ticket_user'])->getTUserId();
//Queue creator field info //Queue creator field info
$result['grouplist'] = Gui_Elements::make_table(Support_Group::getGroups(), Array("getSGroupId","getName"), Array("sGroupId","name")); $result['grouplist'] = Gui_Elements::make_table(Support_Group::getGroups(), Array("getSGroupId","getName"), Array("sGroupId","name"));
$result['teamlist'] = Gui_Elements::make_table(Ticket_User::getModsAndAdmins(), Array("getTUserId","getExternId"), Array("tUserId","externId")); $result['teamlist'] = Gui_Elements::make_table(Ticket_User::getModsAndAdmins(), Array("getTUserId","getExternId"), Array("tUserId","externId"));
$i = 0; $i = 0;
@ -143,25 +143,25 @@ function show_queue(){
global $INGAME_WEBPATH; global $INGAME_WEBPATH;
$result['ingame_webpath'] = $INGAME_WEBPATH; $result['ingame_webpath'] = $INGAME_WEBPATH;
return $result; return $result;
}else{ }else{
//ERROR: Doesn't exist! //ERROR: Doesn't exist!
$_SESSION['error_code'] = "404"; $_SESSION['error_code'] = "404";
header("Location: ams?page=error"); header("Location: ams?page=error");
exit; die();
} }
}else{ }else{
//ERROR: No access! //ERROR: No access!
$_SESSION['error_code'] = "403"; $_SESSION['error_code'] = "403";
header("Location: index.php?page=error"); header("Location: index.php?page=error");
exit; die();
} }
}else{ }else{
//ERROR: not logged in! //ERROR: not logged in!
header("Location: index.php"); header("Location: index.php");
exit; die();
} }
} }

20
code/web/public_php/ams/inc/show_reply.php
View file

@ -8,23 +8,23 @@
function show_reply(){ function show_reply(){
//if logged in //if logged in
if(WebUsers::isLoggedIn() && isset($_GET['id'])){ if(WebUsers::isLoggedIn() && isset($_GET['id'])){
$result['reply_id'] = filter_var($_GET['id'], FILTER_SANITIZE_NUMBER_INT); $result['reply_id'] = filter_var($_GET['id'], FILTER_SANITIZE_NUMBER_INT);
$reply = new Ticket_Reply(); $reply = new Ticket_Reply();
$reply->load_With_TReplyId($result['reply_id']); $reply->load_With_TReplyId($result['reply_id']);
$ticket = new Ticket(); $ticket = new Ticket();
$ticket->load_With_TId($reply->getTicket()); $ticket->load_With_TId($reply->getTicket());
//check if the user is allowed to see the reply //check if the user is allowed to see the reply
if(( $ticket->getAuthor() == unserialize($_SESSION['ticket_user'])->getTUserId() && ! $reply->getHidden()) || Ticket_User::isMod(unserialize($_SESSION['ticket_user']) )){ if(( $ticket->getAuthor() == unserialize($_SESSION['ticket_user'])->getTUserId() && ! $reply->getHidden()) || Ticket_User::isMod(unserialize($_SESSION['ticket_user']) )){
$content = new Ticket_Content(); $content = new Ticket_Content();
$content->load_With_TContentId($reply->getContent()); $content->load_With_TContentId($reply->getContent());
$author = new Ticket_User(); $author = new Ticket_User();
$author->load_With_TUserId($reply->getAuthor()); $author->load_With_TUserId($reply->getAuthor());
$result['hidden'] = $reply->getHidden(); $result['hidden'] = $reply->getHidden();
$result['ticket_id'] = $reply->getTicket(); $result['ticket_id'] = $reply->getTicket();
$result['reply_timestamp'] = $reply->getTimestamp(); $result['reply_timestamp'] = $reply->getTimestamp();
@ -39,16 +39,16 @@ function show_reply(){
global $INGAME_WEBPATH; global $INGAME_WEBPATH;
$result['ingame_webpath'] = $INGAME_WEBPATH; $result['ingame_webpath'] = $INGAME_WEBPATH;
return $result; return $result;
}else{ }else{
//ERROR: No access! //ERROR: No access!
$_SESSION['error_code'] = "403"; $_SESSION['error_code'] = "403";
header("Location: index.php?page=error"); header("Location: index.php?page=error");
exit; die();
} }
}else{ }else{
//ERROR: not logged in! //ERROR: not logged in!
header("Location: index.php"); header("Location: index.php");
exit; die();
} }
} }

28
code/web/public_php/ams/inc/show_sgroup.php
View file

@ -15,7 +15,7 @@ function show_sgroup(){
if( isset($_GET['id'])){ if( isset($_GET['id'])){
//['target_id'] holds the id of the group! //['target_id'] holds the id of the group!
$result['target_id'] = filter_var($_GET['id'], FILTER_SANITIZE_NUMBER_INT); $result['target_id'] = filter_var($_GET['id'], FILTER_SANITIZE_NUMBER_INT);
//if the $_GET['delete'] var is set and the user executing is an admin, an entry will be deleted out of the support group. //if the $_GET['delete'] var is set and the user executing is an admin, an entry will be deleted out of the support group.
if(isset($_GET['delete']) && Ticket_User::isAdmin(unserialize($_SESSION['ticket_user']))){ if(isset($_GET['delete']) && Ticket_User::isAdmin(unserialize($_SESSION['ticket_user']))){
$delete_id = filter_var($_GET['delete'], FILTER_SANITIZE_NUMBER_INT); $delete_id = filter_var($_GET['delete'], FILTER_SANITIZE_NUMBER_INT);
@ -25,14 +25,14 @@ function show_sgroup(){
}else{ }else{
header("Location: ".$WEBPATH."?page=show_sgroup&id=" . $result['target_id']); header("Location: ".$WEBPATH."?page=show_sgroup&id=" . $result['target_id']);
} }
exit; die();
} }
if(Ticket_User::isAdmin(unserialize($_SESSION['ticket_user']))){ if(Ticket_User::isAdmin(unserialize($_SESSION['ticket_user']))){
$result['isAdmin'] = "TRUE"; $result['isAdmin'] = "TRUE";
} }
$group = Support_Group::getGroup($result['target_id']); $group = Support_Group::getGroup($result['target_id']);
$result['groupsname'] = $group->getName(); $result['groupsname'] = $group->getName();
$result['groupemail'] = $group->getGroupEmail(); $result['groupemail'] = $group->getGroupEmail();
@ -58,26 +58,26 @@ function show_sgroup(){
} }
return $result; return $result;
}else{ }else{
//ERROR: No page specified! //ERROR: No page specified!
$_SESSION['error_code'] = "404"; $_SESSION['error_code'] = "404";
header("Location: ams?page=error"); header("Location: ams?page=error");
exit; die();
} }
}else{ }else{
//ERROR: No access! //ERROR: No access!
$_SESSION['error_code'] = "403"; $_SESSION['error_code'] = "403";
header("Location: index.php?page=error"); header("Location: index.php?page=error");
exit; die();
} }
}else{ }else{
//ERROR: not logged in! //ERROR: not logged in!
header("Location: index.php"); header("Location: index.php");
exit; die();
} }
} }

24
code/web/public_php/ams/inc/show_ticket.php
View file

@ -10,13 +10,13 @@
function show_ticket(){ function show_ticket(){
//if logged in //if logged in
if(WebUsers::isLoggedIn() && isset($_GET['id'])){ if(WebUsers::isLoggedIn() && isset($_GET['id'])){
$result['user_id'] = unserialize($_SESSION['ticket_user'])->getTUserId(); $result['user_id'] = unserialize($_SESSION['ticket_user'])->getTUserId();
$result['ticket_id'] = filter_var($_GET['id'], FILTER_SANITIZE_NUMBER_INT); $result['ticket_id'] = filter_var($_GET['id'], FILTER_SANITIZE_NUMBER_INT);
$target_ticket = new Ticket(); $target_ticket = new Ticket();
$target_ticket->load_With_TId($result['ticket_id']); $target_ticket->load_With_TId($result['ticket_id']);
if(Ticket_User::isMod(unserialize($_SESSION['ticket_user'] ))){ if(Ticket_User::isMod(unserialize($_SESSION['ticket_user'] ))){
if(isset($_POST['action'])){ if(isset($_POST['action'])){
switch($_POST['action']){ switch($_POST['action']){
case "forward": case "forward":
@ -32,18 +32,18 @@ function show_ticket(){
$ticket_id = filter_var($_POST['ticket_id'], FILTER_SANITIZE_NUMBER_INT); $ticket_id = filter_var($_POST['ticket_id'], FILTER_SANITIZE_NUMBER_INT);
$result['ACTION_RESULT'] = Ticket::unAssignTicket($result['user_id'], $ticket_id); $result['ACTION_RESULT'] = Ticket::unAssignTicket($result['user_id'], $ticket_id);
break; break;
} }
} }
} }
if(($target_ticket->getAuthor() == unserialize($_SESSION['ticket_user'])->getTUserId()) || Ticket_User::isMod(unserialize($_SESSION['ticket_user']) )){ if(($target_ticket->getAuthor() == unserialize($_SESSION['ticket_user'])->getTUserId()) || Ticket_User::isMod(unserialize($_SESSION['ticket_user']) )){
$show_as_admin = false; $show_as_admin = false;
if(Ticket_User::isMod(unserialize($_SESSION['ticket_user']))){ if(Ticket_User::isMod(unserialize($_SESSION['ticket_user']))){
$show_as_admin = true; $show_as_admin = true;
} }
$entire_ticket = Ticket::getEntireTicket( $result['ticket_id'],$show_as_admin); $entire_ticket = Ticket::getEntireTicket( $result['ticket_id'],$show_as_admin);
Ticket_Log::createLogEntry($result['ticket_id'],unserialize($_SESSION['ticket_user'])->getTUserId(), 3); Ticket_Log::createLogEntry($result['ticket_id'],unserialize($_SESSION['ticket_user'])->getTUserId(), 3);
$result['ticket_tId'] = $entire_ticket['ticket_obj']->getTId(); $result['ticket_tId'] = $entire_ticket['ticket_obj']->getTId();
@ -78,16 +78,16 @@ function show_ticket(){
global $INGAME_WEBPATH; global $INGAME_WEBPATH;
$result['ingame_webpath'] = $INGAME_WEBPATH; $result['ingame_webpath'] = $INGAME_WEBPATH;
return $result; return $result;
}else{ }else{
//ERROR: No access! //ERROR: No access!
$_SESSION['error_code'] = "403"; $_SESSION['error_code'] = "403";
header("Location: index.php?page=error"); header("Location: index.php?page=error");
exit; die();
} }
}else{ }else{
//ERROR: not logged in! //ERROR: not logged in!
header("Location: index.php"); header("Location: index.php");
exit; die();
} }
} }

20
code/web/public_php/ams/inc/show_ticket_info.php
View file

@ -6,18 +6,18 @@
* @author Daan Janssens, mentored by Matthew Lagoe * @author Daan Janssens, mentored by Matthew Lagoe
*/ */
function show_ticket_info(){ function show_ticket_info(){
//if logged in //if logged in
if(WebUsers::isLoggedIn() && isset($_GET['id'])){ if(WebUsers::isLoggedIn() && isset($_GET['id'])){
$result['ticket_id'] = filter_var($_GET['id'], FILTER_SANITIZE_NUMBER_INT); $result['ticket_id'] = filter_var($_GET['id'], FILTER_SANITIZE_NUMBER_INT);
$target_ticket = new Ticket(); $target_ticket = new Ticket();
$target_ticket->load_With_TId($result['ticket_id']); $target_ticket->load_With_TId($result['ticket_id']);
if( $target_ticket->hasInfo() && (($target_ticket->getAuthor() == unserialize($_SESSION['ticket_user'])->getTUserId()) || Ticket_User::isMod(unserialize($_SESSION['ticket_user']) ))){ if( $target_ticket->hasInfo() && (($target_ticket->getAuthor() == unserialize($_SESSION['ticket_user'])->getTUserId()) || Ticket_User::isMod(unserialize($_SESSION['ticket_user']) ))){
$result['ticket_title'] = $target_ticket->getTitle(); $result['ticket_title'] = $target_ticket->getTitle();
$result['ticket_author'] = $target_ticket->getAuthor(); $result['ticket_author'] = $target_ticket->getAuthor();
$ticket_info = new Ticket_Info(); $ticket_info = new Ticket_Info();
$ticket_info->load_With_Ticket($result['ticket_id']); $ticket_info->load_With_Ticket($result['ticket_id']);
$result['shard_id'] = $ticket_info->getShardId(); $result['shard_id'] = $ticket_info->getShardId();
@ -38,23 +38,23 @@ function show_ticket_info(){
$result['user_id'] = $ticket_info->getUser_Id(); $result['user_id'] = $ticket_info->getUser_Id();
global $IMAGELOC_WEBPATH; global $IMAGELOC_WEBPATH;
$result['IMAGELOC_WEBPATH'] = $IMAGELOC_WEBPATH; $result['IMAGELOC_WEBPATH'] = $IMAGELOC_WEBPATH;
if(Ticket_User::isMod(unserialize($_SESSION['ticket_user']))){ if(Ticket_User::isMod(unserialize($_SESSION['ticket_user']))){
$result['isMod'] = "TRUE"; $result['isMod'] = "TRUE";
} }
global $INGAME_WEBPATH; global $INGAME_WEBPATH;
$result['ingame_webpath'] = $INGAME_WEBPATH; $result['ingame_webpath'] = $INGAME_WEBPATH;
return $result; return $result;
}else{ }else{
//ERROR: No access! //ERROR: No access!
$_SESSION['error_code'] = "403"; $_SESSION['error_code'] = "403";
header("Location: index.php?page=error"); header("Location: index.php?page=error");
exit; die();
} }
}else{ }else{
//ERROR: not logged in! //ERROR: not logged in!
header("Location: index.php"); header("Location: index.php");
exit; die();
} }
} }

20
code/web/public_php/ams/inc/show_ticket_log.php
View file

@ -10,15 +10,15 @@ function show_ticket_log(){
global $WEBPATH; global $WEBPATH;
//if logged in //if logged in
if(WebUsers::isLoggedIn() && isset($_GET['id'])){ if(WebUsers::isLoggedIn() && isset($_GET['id'])){
//only allow admins to browse the log! //only allow admins to browse the log!
if(Ticket_User::isMod(unserialize($_SESSION['ticket_user'])) ){ if(Ticket_User::isMod(unserialize($_SESSION['ticket_user'])) ){
$result['ticket_id'] = filter_var($_GET['id'], FILTER_SANITIZE_NUMBER_INT); $result['ticket_id'] = filter_var($_GET['id'], FILTER_SANITIZE_NUMBER_INT);
$target_ticket = new Ticket(); $target_ticket = new Ticket();
$target_ticket->load_With_TId($result['ticket_id']); $target_ticket->load_With_TId($result['ticket_id']);
$result['ticket_title'] = $target_ticket->getTitle(); $result['ticket_title'] = $target_ticket->getTitle();
//return all logs related to a ticket. //return all logs related to a ticket.
$ticket_logs = Ticket_Log::getLogsOfTicket( $result['ticket_id']); $ticket_logs = Ticket_Log::getLogsOfTicket( $result['ticket_id']);
$log_action_array = Ticket_Log::getActionTextArray(); $log_action_array = Ticket_Log::getActionTextArray();
@ -56,23 +56,23 @@ function show_ticket_log(){
$result['ticket_logs'][$i]['query'] = $author . " " . $log_action_array[$log['action']] . " " . $query_backpart; $result['ticket_logs'][$i]['query'] = $author . " " . $log_action_array[$log['action']] . " " . $query_backpart;
$result['ticket_logs'][$i]['timestamp_elapsed'] = Gui_Elements::time_elapsed_string($log['timestamp']); $result['ticket_logs'][$i]['timestamp_elapsed'] = Gui_Elements::time_elapsed_string($log['timestamp']);
$i++; $i++;
} }
if(Ticket_User::isMod(unserialize($_SESSION['ticket_user']))){ if(Ticket_User::isMod(unserialize($_SESSION['ticket_user']))){
$result['isMod'] = "TRUE"; $result['isMod'] = "TRUE";
} }
global $INGAME_WEBPATH; global $INGAME_WEBPATH;
$result['ingame_webpath'] = $INGAME_WEBPATH; $result['ingame_webpath'] = $INGAME_WEBPATH;
return $result; return $result;
}else{ }else{
//ERROR: No access! //ERROR: No access!
$_SESSION['error_code'] = "403"; $_SESSION['error_code'] = "403";
header("Location: index.php?page=error"); header("Location: index.php?page=error");
exit; die();
} }
}else{ }else{
//ERROR: not logged in! //ERROR: not logged in!
header("Location: index.php"); header("Location: index.php");
exit; die();
} }
} }

20
code/web/public_php/ams/inc/show_user.php
View file

@ -8,14 +8,14 @@
function show_user(){ function show_user(){
//if logged in //if logged in
if(WebUsers::isLoggedIn()){ if(WebUsers::isLoggedIn()){
//Users can only browse their own user page, while mods/admins can browse all user pages //Users can only browse their own user page, while mods/admins can browse all user pages
if( !isset($_GET['id']) || Ticket_User::isMod(unserialize($_SESSION['ticket_user'])) || $_GET['id'] == $_SESSION['id'] ){ if( !isset($_GET['id']) || Ticket_User::isMod(unserialize($_SESSION['ticket_user'])) || $_GET['id'] == $_SESSION['id'] ){
if(isset($_GET['id'])){ if(isset($_GET['id'])){
$result['target_id'] = filter_var($_GET['id'], FILTER_SANITIZE_NUMBER_INT); $result['target_id'] = filter_var($_GET['id'], FILTER_SANITIZE_NUMBER_INT);
}else{ }else{
$result['target_id'] = $_SESSION['id']; $result['target_id'] = $_SESSION['id'];
} }
$webUser = new WebUsers($result['target_id']); $webUser = new WebUsers($result['target_id']);
$result['target_name'] = $webUser->getUsername(); $result['target_name'] = $webUser->getUsername();
@ -25,28 +25,28 @@ function show_user(){
$result['lastName'] = $info['LastName']; $result['lastName'] = $info['LastName'];
$result['country'] = $info['Country']; $result['country'] = $info['Country'];
$result['gender'] = $info['Gender']; $result['gender'] = $info['Gender'];
$ticket_user = Ticket_User::constr_ExternId($result['target_id']); $ticket_user = Ticket_User::constr_ExternId($result['target_id']);
$result['userPermission'] = $ticket_user->getPermission(); $result['userPermission'] = $ticket_user->getPermission();
if(Ticket_User::isAdmin(unserialize($_SESSION['ticket_user']))){ if(Ticket_User::isAdmin(unserialize($_SESSION['ticket_user']))){
$result['isAdmin'] = "TRUE"; $result['isAdmin'] = "TRUE";
} }
$ticketlist = Ticket::getTicketsOf($ticket_user->getTUserId()); $ticketlist = Ticket::getTicketsOf($ticket_user->getTUserId());
$result['ticketlist'] = Gui_Elements::make_table($ticketlist, Array("getTId","getTimestamp","getTitle","getStatus","getStatusText","getStatusText","getCategoryName"), Array("tId","timestamp","title","status","statustext","statusText","category")); $result['ticketlist'] = Gui_Elements::make_table($ticketlist, Array("getTId","getTimestamp","getTitle","getStatus","getStatusText","getStatusText","getCategoryName"), Array("tId","timestamp","title","status","statustext","statusText","category"));
global $INGAME_WEBPATH; global $INGAME_WEBPATH;
$result['ingame_webpath'] = $INGAME_WEBPATH; $result['ingame_webpath'] = $INGAME_WEBPATH;
return $result; return $result;
}else{ }else{
//ERROR: No access! //ERROR: No access!
$_SESSION['error_code'] = "403"; $_SESSION['error_code'] = "403";
header("Location: index.php?page=error"); header("Location: index.php?page=error");
exit; die();
} }
}else{ }else{
//ERROR: not logged in! //ERROR: not logged in!
header("Location: index.php"); header("Location: index.php");
exit; die();
} }
} }

12
code/web/public_php/ams/inc/syncing.php
View file

@ -6,19 +6,19 @@
* @author Daan Janssens, mentored by Matthew Lagoe * @author Daan Janssens, mentored by Matthew Lagoe
*/ */
function syncing(){ function syncing(){
if(Ticket_User::isAdmin(unserialize($_SESSION['ticket_user']))){ if(Ticket_User::isAdmin(unserialize($_SESSION['ticket_user']))){
//return a paginated version of all unsynced changes. //return a paginated version of all unsynced changes.
$pagination = new Pagination("SELECT * FROM ams_querycache","lib",5,"Querycache"); $pagination = new Pagination("SELECT * FROM ams_querycache","lib",5,"Querycache");
$pageResult['liblist'] = Gui_Elements::make_table($pagination->getElements() , Array("getSID","getType"), Array("id","type")); $pageResult['liblist'] = Gui_Elements::make_table($pagination->getElements() , Array("getSID","getType"), Array("id","type"));
$pageResult['links'] = $pagination->getLinks(5); $pageResult['links'] = $pagination->getLinks(5);
$pageResult['lastPage'] = $pagination->getLast(); $pageResult['lastPage'] = $pagination->getLast();
$pageResult['currentPage'] = $pagination->getCurrent(); $pageResult['currentPage'] = $pagination->getCurrent();
global $INGAME_WEBPATH; global $INGAME_WEBPATH;
$pageResult['ingame_webpath'] = $INGAME_WEBPATH; $pageResult['ingame_webpath'] = $INGAME_WEBPATH;
//check if shard is online //check if shard is online
try{ try{
$dbs = new DBLayer("shard"); $dbs = new DBLayer("shard");
@ -31,6 +31,6 @@ function syncing(){
//ERROR: No access! //ERROR: No access!
$_SESSION['error_code'] = "403"; $_SESSION['error_code'] = "403";
header("Location: index.php?page=error"); header("Location: index.php?page=error");
exit; die();
} }
} }

8
code/web/public_php/ams/inc/userlist.php
View file

@ -6,19 +6,19 @@
*/ */
function userlist(){ function userlist(){
if(Ticket_User::isMod(unserialize($_SESSION['ticket_user']))){ if(Ticket_User::isMod(unserialize($_SESSION['ticket_user']))){
$pagination = new Pagination(WebUsers::getAllUsersQuery(),"web",10,"WebUsers"); $pagination = new Pagination(WebUsers::getAllUsersQuery(),"web",10,"WebUsers");
$pageResult['userlist'] = Gui_Elements::make_table($pagination->getElements() , Array("getUId","getUsername","getEmail"), Array("id","username","email")); $pageResult['userlist'] = Gui_Elements::make_table($pagination->getElements() , Array("getUId","getUsername","getEmail"), Array("id","username","email"));
$pageResult['links'] = $pagination->getLinks(5); $pageResult['links'] = $pagination->getLinks(5);
$pageResult['lastPage'] = $pagination->getLast(); $pageResult['lastPage'] = $pagination->getLast();
$pageResult['currentPage'] = $pagination->getCurrent(); $pageResult['currentPage'] = $pagination->getCurrent();
$i = 0; $i = 0;
foreach( $pageResult['userlist'] as $user ){ foreach( $pageResult['userlist'] as $user ){
$pageResult['userlist'][$i]['permission'] = Ticket_User::constr_ExternId($pageResult['userlist'][$i]['id'])->getPermission(); $pageResult['userlist'][$i]['permission'] = Ticket_User::constr_ExternId($pageResult['userlist'][$i]['id'])->getPermission();
$i++; $i++;
} }
if (Ticket_User::isAdmin(unserialize($_SESSION['ticket_user']))){ if (Ticket_User::isAdmin(unserialize($_SESSION['ticket_user']))){
$pageResult['isAdmin'] = "TRUE"; $pageResult['isAdmin'] = "TRUE";
} }
@ -31,6 +31,6 @@ function userlist(){
//ERROR: No access! //ERROR: No access!
$_SESSION['error_code'] = "403"; $_SESSION['error_code'] = "403";
header("Location: index.php?page=error"); header("Location: index.php?page=error");
exit; die();
} }
} }

4
code/web/public_php/api/common/auth.php
View file

@ -101,7 +101,7 @@ function ryzom_app_authenticate(&$user, $ask_login=true, $welcome_message='', $w
$c .= '<div style="text-align: center"><strong style="color: #FF5555">'._t($user['message']).'</strong></div><br />'; $c .= '<div style="text-align: center"><strong style="color: #FF5555">'._t($user['message']).'</strong></div><br />';
$c .= ryzom_render_login_form($name, false); $c .= ryzom_render_login_form($name, false);
echo ryzom_app_render(_t('app_'.APP_NAME), $c); echo ryzom_app_render(_t('app_'.APP_NAME), $c);
exit; die();
} }
return false; return false;
} }
@ -118,7 +118,7 @@ function ryzom_app_authenticate(&$user, $ask_login=true, $welcome_message='', $w
$user['id'] = ryzom_get_user_id($cid, $user['char_name'], $user['creation_date'], $user); $user['id'] = ryzom_get_user_id($cid, $user['char_name'], $user['creation_date'], $user);
$user['gender'] = ryzom_get_user_gender($user['id']); $user['gender'] = ryzom_get_user_gender($user['id']);
$user['ig'] = $ig; $user['ig'] = $ig;
$user['lang'] = $_SESSION['lang']; $user['lang'] = $_SESSION['lang'];
if (!isset($user['groups'])) if (!isset($user['groups']))

52
code/web/public_php/api/common/utils.php
View file

@ -121,14 +121,14 @@ if(!function_exists('_i')){
function _i($img, $alt=''){ function _i($img, $alt=''){
if (substr($img, strlen($img)-4) == '.tga') // img from client texture : ig only if (substr($img, strlen($img)-4) == '.tga') // img from client texture : ig only
return $img; return $img;
if (is_file(RYAPI_PATH.'/data/icons/'.$img.'.png')) if (is_file(RYAPI_PATH.'/data/icons/'.$img.'.png'))
$img = RYAPI_URL.'/data/icons/'.$img.'.png'; $img = RYAPI_URL.'/data/icons/'.$img.'.png';
else if (is_file(RYAPP_PATH.'/data/icons/'.$img.'.png')) else if (is_file(RYAPP_PATH.'/data/icons/'.$img.'.png'))
$img = RYAPP_URL.'/data/icons/'.$img.'.png'; $img = RYAPP_URL.'/data/icons/'.$img.'.png';
else else
$img = 'view_remove'; $img = 'view_remove';
if ($alt) if ($alt)
return '<img src="'.$img.'" title="'.$alt.'" alt="'.utf8_decode($alt).'" />'; return '<img src="'.$img.'" title="'.$alt.'" alt="'.utf8_decode($alt).'" />';
else else
@ -272,30 +272,30 @@ function ryzom_absolute_time($timestamp) {
/*** /***
* *
* Ryzom utilities * Ryzom utilities
* *
* *
* ***/ * ***/
function ryzom_generate_password($length=8, $level=2, $oneofeach=false) { function ryzom_generate_password($length=8, $level=2, $oneofeach=false) {
$validchars[1] = "0123456789abcdfghjkmnpqrstvwxyz"; $validchars[1] = "0123456789abcdfghjkmnpqrstvwxyz";
$validchars[2] = "0123456789abcdfghjkmnpqrstvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"; $validchars[2] = "0123456789abcdfghjkmnpqrstvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ";
$validchars[3] = "0123456789_!@#$%&*()-=+/abcdfghjkmnpqrstvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ_!@#$%&*()-=+/"; $validchars[3] = "0123456789_!@#$%&*()-=+/abcdfghjkmnpqrstvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ_!@#$%&*()-=+/";
$password = ""; $password = "";
$counter = 0; $counter = 0;
while ($counter < $length) { while ($counter < $length) {
$actChar = substr($validchars[$level], rand(0, strlen($validchars[$level])-1), 1); $actChar = substr($validchars[$level], rand(0, strlen($validchars[$level])-1), 1);
// if $oneofeach then All character must be different (slower) // if $oneofeach then All character must be different (slower)
if (!$oneofeach || !strstr($password, $actChar)) { if (!$oneofeach || !strstr($password, $actChar)) {
$password .= $actChar; $password .= $actChar;
$counter++; $counter++;
} }
} }
return $password; return $password;
} }
@ -304,7 +304,7 @@ function file_get_contents_cached($fn, $cache_time=300) {
global $ryzom_bench_text; global $ryzom_bench_text;
$lfn = 'tmp/'.strtr($fn, ':/.?&=', '____________'); $lfn = 'tmp/'.strtr($fn, ':/.?&=', '____________');
// get the new file from internet every $cache_time (default=5min) // get the new file from internet every $cache_time (default=5min)
if (file_exists($lfn) && filesize($lfn) > 0 && time() < filemtime($lfn) + $cache_time) { if (file_exists($lfn) && filesize($lfn) > 0 && time() < filemtime($lfn) + $cache_time) {
$content = file_get_contents($lfn); $content = file_get_contents($lfn);
@ -328,10 +328,10 @@ function ryzom_redirect($url, $group='', $extra_lua='') {
$lua .= 'getUI("ui:interface:'.$group.':content:html"):browse("'.str_replace('&', '&amp;', $url).'")'; $lua .= 'getUI("ui:interface:'.$group.':content:html"):browse("'.str_replace('&', '&amp;', $url).'")';
} }
echo '<lua>'.$lua.'</lua>'; echo '<lua>'.$lua.'</lua>';
exit(); die();
} else { } else {
header('Location: '.$url); header('Location: '.$url);
exit(); die();
} }
} }
@ -357,12 +357,12 @@ function p($var, $value=pNULL, $color='#FFFF00', $level=0) {
$bt1 = explode('[', $bt[$level]); $bt1 = explode('[', $bt[$level]);
else else
$bt1 = array(''); $bt1 = array('');
if (isset($bt[$level+1])) if (isset($bt[$level+1]))
$bt2 = explode('[', $bt[$level+1]); $bt2 = explode('[', $bt[$level+1]);
else else
$bt2 = array(''); $bt2 = array('');
$c = ''; $c = '';
if ($value !== pNULL) { if ($value !== pNULL) {
$c .= '<font color="#FFFFFF">'.$var.' : </font>'; $c .= '<font color="#FFFFFF">'.$var.' : </font>';
@ -381,8 +381,8 @@ function p($var, $value=pNULL, $color='#FFFF00', $level=0) {
* *
* Lua tools * Lua tools
* *
* ***/ * ***/
class ryLua { class ryLua {
static private $lua = array(); static private $lua = array();
@ -390,7 +390,7 @@ function p($var, $value=pNULL, $color='#FFFF00', $level=0) {
static private $indent; static private $indent;
static private $indentend; static private $indentend;
static private $linkTargetId = 0; static private $linkTargetId = 0;
static function add($code, $indent=NULL) { static function add($code, $indent=NULL) {
if ($indent !== NULL) if ($indent !== NULL)
self::$indent += $indent; self::$indent += $indent;
@ -398,7 +398,7 @@ function p($var, $value=pNULL, $color='#FFFF00', $level=0) {
$a = $tabs.str_replace("\n", "\n ".$tabs, $code); $a = $tabs.str_replace("\n", "\n ".$tabs, $code);
self::$lua[] = $a; self::$lua[] = $a;
} }
static function addEnd($code, $indent=NULL) { static function addEnd($code, $indent=NULL) {
if ($indent !== NULL) if ($indent !== NULL)
self::$indentend += $indent; self::$indentend += $indent;
@ -406,8 +406,8 @@ function p($var, $value=pNULL, $color='#FFFF00', $level=0) {
$a = $tabs.str_replace("\n", "\n ".$tabs, $code); $a = $tabs.str_replace("\n", "\n ".$tabs, $code);
self::$luaend[] = $a; self::$luaend[] = $a;
} }
static function get($ig) { static function get($ig) {
ryLogger::getInstance()->addPrint(implode("\n", self::$lua), '#FF00FF'); ryLogger::getInstance()->addPrint(implode("\n", self::$lua), '#FF00FF');
$ret = ($ig)?"<lua>\n".implode("\n", self::$lua)."\n</lua>":''; $ret = ($ig)?"<lua>\n".implode("\n", self::$lua)."\n</lua>":'';
@ -421,16 +421,16 @@ function p($var, $value=pNULL, $color='#FFFF00', $level=0) {
self::$luaend = array(); self::$luaend = array();
return $ret; return $ret;
} }
static function text($text) { static function text($text) {
return str_replace('"', '\"', $text); return str_replace('"', '\"', $text);
} }
static function url($base_params=null, $add_params=array()) { static function url($base_params=null, $add_params=array()) {
return str_replace('&', '&amp;', _url($base_params, $add_params)); return str_replace('&', '&amp;', _url($base_params, $add_params));
} }
function openLink($text, $target='webig', $base_params=array(), $add_params=array(), $urllua='', $runlua='') function openLink($text, $target='webig', $base_params=array(), $add_params=array(), $urllua='', $runlua='')
{ {
$url = self::url($base_params, $add_params); $url = self::url($base_params, $add_params);
@ -448,7 +448,7 @@ END;
return '<a href="ah:lua&openLink'.$id.'()">'.$text.'</a>'; return '<a href="ah:lua&openLink'.$id.'()">'.$text.'</a>';
return $text; return $text;
} }
static function link($id, $luacode, $text) { static function link($id, $luacode, $text) {
$lua = <<<END $lua = <<<END
function runLua{$id}() function runLua{$id}()
@ -460,7 +460,7 @@ END;
return '<a href="ah:lua&runLua'.$id.'()">'.$text.'</a>'; return '<a href="ah:lua&runLua'.$id.'()">'.$text.'</a>';
return $text; return $text;
} }
} }
?> ?>

16
code/web/public_php/api/server/scripts/achievement_script/AchWebParser.php
View file

@ -10,7 +10,7 @@
$MY_PATH = dirname(__FILE__); $MY_PATH = dirname(__FILE__);
if(file_exists("parser.stop")) { if(file_exists("parser.stop")) {
exit(0); die();
} }
require_once("class/mySQL_class.php"); require_once("class/mySQL_class.php");
@ -58,7 +58,7 @@
require_once("class/Stats_class.php"); require_once("class/Stats_class.php");
$atom_insert = array(); $atom_insert = array();
$_CACHE = new ValueCache(); $_CACHE = new ValueCache();
//new generator for API xml files. //new generator for API xml files.
@ -109,7 +109,7 @@
$stop_time = $microstop[0] + $microstop[1]; $stop_time = $microstop[0] + $microstop[1];
#$log->logf("Expired time: ".($stop_time - $start_time)); #$log->logf("Expired time: ".($stop_time - $start_time));
#foreach($chars as $cid) { #foreach($chars as $cid) {
#STEP 1: load and register atoms #STEP 1: load and register atoms
@ -149,7 +149,7 @@
#$log->logf("Expired time: ".($stop_time - $start_time)); #$log->logf("Expired time: ".($stop_time - $start_time));
#$log->logi("Driving data... ",false); #$log->logi("Driving data... ",false);
#STEP 2: drive data #STEP 2: drive data
$_CACHE->setChar($cdata); $_CACHE->setChar($cdata);
$res = $DBc->sendSQL("SELECT sum(at_value) as anz FROM ach_task,ach_player_task WHERE at_id=apt_task AND apt_player='".$cdata['cid']."'","ARRAY"); $res = $DBc->sendSQL("SELECT sum(at_value) as anz FROM ach_task,ach_player_task WHERE at_id=apt_task AND apt_player='".$cdata['cid']."'","ARRAY");
@ -266,7 +266,7 @@ for($dtrun=0;$dtrun<2;$dtrun++) {
#$log->logf("Expired time: ".($stop_time - $start_time)); #$log->logf("Expired time: ".($stop_time - $start_time));
#$log->logi("Clearing atom data [PASS ".$dtrun."]... ",false); #$log->logi("Clearing atom data [PASS ".$dtrun."]... ",false);
//clear atom state for completed objectives //clear atom state for completed objectives
#$DBc->sendSQL("DELETE FROM ach_player_atom WHERE EXISTS (SELECT * FROM ach_player_objective,ach_atom WHERE atom_id=apa_atom AND apa_player='".$cdata['cid']."' AND atom_objective=apo_objective)"); #$DBc->sendSQL("DELETE FROM ach_player_atom WHERE EXISTS (SELECT * FROM ach_player_objective,ach_atom WHERE atom_id=apa_atom AND apa_player='".$cdata['cid']."' AND atom_objective=apo_objective)");
@ -357,8 +357,8 @@ for($dtrun=0;$dtrun<2;$dtrun++) {
if(sizeof($DBc->longQuery) > 0) { if(sizeof($DBc->longQuery) > 0) {
$log->logf("Longer queries: ".var_export($DBc->longQuery,true)); $log->logf("Longer queries: ".var_export($DBc->longQuery,true));
} }
#$log->logf("Run complete; exiting..."); #$log->logf("Run complete; exiting...");
$log->close(); $log->close();
exit(0); die();
?> ?>

6
code/web/public_php/app/app_achievements/_API/ach_progress.php
View file

@ -34,8 +34,8 @@
} }
echo "</open>"; echo "</open>";
echo "</objectives>"; echo "</objectives>";
echo "</ryzom_progress>"; echo "</ryzom_progress>";
exit(0); die();
?> ?>

8
code/web/public_php/app/app_achievements/_API/ach_struct.php
View file

@ -47,7 +47,7 @@
} }
$_USER = new RUser(); $_USER = new RUser();
//create database connection //create database connection
$DBc = new mySQL($_CONF['mysql_error']); $DBc = new mySQL($_CONF['mysql_error']);
@ -106,8 +106,8 @@
print_cat($iter3); print_cat($iter3);
echo "</category>"; echo "</category>";
} }
echo "</ryzom_achievements>"; echo "</ryzom_achievements>";
exit(0); die();
?> ?>

46
code/web/public_php/app/app_achievements/index.php
View file

@ -46,32 +46,32 @@ if ( isset( $_GET['search'] ) && isset( $_GET['format'] ) )
{ {
// getting the headers when the request is sent // getting the headers when the request is sent
$header = getallheaders(); $header = getallheaders();
// this block is to get the posted data // this block is to get the posted data
$fp = fopen( 'php://input', 'r' ); $fp = fopen( 'php://input', 'r' );
$rawData = stream_get_contents( $fp ); $rawData = stream_get_contents( $fp );
$userd = json_decode( $rawData, true ); $userd = json_decode( $rawData, true );
// authenticate the user using data we get from server // authenticate the user using data we get from server
appAuthenticateRest( $user, $userd ); appAuthenticateRest( $user, $userd );
// create a ryzom user object whose achievements we have to send in response // create a ryzom user object whose achievements we have to send in response
$_USER = new RyzomUser( $user ); $_USER = new RyzomUser( $user );
require_once( "include/ach_render_web.php" ); require_once( "include/ach_render_web.php" );
$c .= ach_render(); $c .= ach_render();
$response = $c; $response = $c;
// sending the response // sending the response
echo( $response ); echo( $response );
exit; die();
} }
} }
else else
{ {
echo 'Invalid response'; echo 'Invalid response';
exit; die();
} }
@ -100,10 +100,10 @@ $_USER = new RyzomUser( $user );
if ( $_USER -> isIG() ) { if ( $_USER -> isIG() ) {
require_once( "include/ach_render_ig.php" ); require_once( "include/ach_render_ig.php" );
} }
else { else {
require_once( "include/ach_render_web.php" ); require_once( "include/ach_render_web.php" );
} }
// require_once("fb/facebook.php"); // require_once("fb/facebook.php");
@ -115,15 +115,15 @@ if ( !$_USER -> isIG() ) {
* 'secret' => $_CONF['fb_secret'], * 'secret' => $_CONF['fb_secret'],
* 'cookie' => true * 'cookie' => true
* )); * ));
* *
* #code taken from facebook tutorial * #code taken from facebook tutorial
* *
* // Get the url to redirect for login to facebook * // Get the url to redirect for login to facebook
* // and request permission to write on the user's wall. * // and request permission to write on the user's wall.
* $login_url = $facebook->getLoginUrl( * $login_url = $facebook->getLoginUrl(
* array('scope' => 'publish_stream') * array('scope' => 'publish_stream')
* ); * );
* *
* // If not authenticated, redirect to the facebook login dialog. * // If not authenticated, redirect to the facebook login dialog.
* // The $login_url will take care of redirecting back to us * // The $login_url will take care of redirecting back to us
* // after successful login. * // after successful login.
@ -136,21 +136,21 @@ if ( !$_USER -> isIG() ) {
* $DBc->sqlQuery("INSERT INTO ach_fb_token (aft_player,aft_token,aft_date,aft_allow) VALUES ('".$_USER->getID()."','".$DBc->sqlEscape($facebook->getAccessToken())."','".time()."','1') ON DUPLICATE KEY UPDATE aft_token='".$DBc->sqlEscape($facebook->getAccessToken())."', aft_date='".time()."'"); * $DBc->sqlQuery("INSERT INTO ach_fb_token (aft_player,aft_token,aft_date,aft_allow) VALUES ('".$_USER->getID()."','".$DBc->sqlEscape($facebook->getAccessToken())."','".time()."','1') ON DUPLICATE KEY UPDATE aft_token='".$DBc->sqlEscape($facebook->getAccessToken())."', aft_date='".time()."'");
* } * }
*/ */
} }
if ( !$_USER -> isIG && $_CONF['enable_webig'] == false ) { if ( !$_USER -> isIG && $_CONF['enable_webig'] == false ) {
$c .= ach_render_forbidden( false ); $c .= ach_render_forbidden( false );
} }
elseif ( $_USER -> isIG && $_CONF['enable_offgame'] == false ) { elseif ( $_USER -> isIG && $_CONF['enable_offgame'] == false ) {
$c .= ach_render_forbidden( true ); $c .= ach_render_forbidden( true );
} }
else { else {
$c .= ach_render(); $c .= ach_render();
} }
echo ryzom_app_render( strtoupper( get_translation( 'ach_app_name', $_USER -> getLang() ) ), $c, $_USER -> isIG() ); echo ryzom_app_render( strtoupper( get_translation( 'ach_app_name', $_USER -> getLang() ) ), $c, $_USER -> isIG() );

28
code/web/public_php/ring/join_shard.php
View file

@ -51,7 +51,7 @@ class JoinShardCb extends CRingSessionManagerWeb
function getShardsResult($userId, $resultStr) function getShardsResult($userId, $resultStr)
{ {
global $getShardListCallback; global $getShardListCallback;
$onlineShardsBySessionId = array(); $onlineShardsBySessionId = array();
$resultArray = split(';', $resultStr); $resultArray = split(';', $resultStr);
foreach ($resultArray as $shardInfo) foreach ($resultArray as $shardInfo)
@ -63,7 +63,7 @@ class JoinShardCb extends CRingSessionManagerWeb
$getShardListCallback($onlineShardsBySessionId); $getShardListCallback($onlineShardsBySessionId);
} }
} }
// External use // External use
$FSHostLuaMode = false; $FSHostLuaMode = false;
$FSHostResultStr = 0; $FSHostResultStr = 0;
@ -123,7 +123,7 @@ function joinShardFromId( $userId, $domainId, $destSessionId )
$addr = split(":", $domainInfo["session_manager_address"]); $addr = split(":", $domainInfo["session_manager_address"]);
$RSMHost = $addr[0]; $RSMHost = $addr[0];
$RSMPort = $addr[1]; $RSMPort = $addr[1];
// request join to the session manager // request join to the session manager
$joinShard = new JoinShardCb; $joinShard = new JoinShardCb;
$res = ""; $res = "";
@ -132,14 +132,14 @@ function joinShardFromId( $userId, $domainId, $destSessionId )
$charId = ($userId<<4) + $charSlot; $charId = ($userId<<4) + $charSlot;
echo "Requesting teleportation of $charId/$userId to shard session ".$destSessionId."...<br>"; echo "Requesting teleportation of $charId/$userId to shard session ".$destSessionId."...<br>";
$joinShard->joinSession($charId, $destSessionId, $domainInfo["domain_name"]); $joinShard->joinSession($charId, $destSessionId, $domainInfo["domain_name"]);
// wait the the return message // wait the the return message
if ($joinShard->waitCallback() == false) if ($joinShard->waitCallback() == false)
{ {
// Note: the answer is a joinSessionResult message // Note: the answer is a joinSessionResult message
echo "No response from server, joinShard failed<br>"; echo "No response from server, joinShard failed<br>";
} }
exit; die();
} }
/** /**
@ -151,7 +151,7 @@ function getShardList($userId, $domainId)
$addr = split(":", $domainInfo["session_manager_address"]); $addr = split(":", $domainInfo["session_manager_address"]);
$RSMHost = $addr[0]; $RSMHost = $addr[0];
$RSMPort = $addr[1]; $RSMPort = $addr[1];
// request get to the session manager // request get to the session manager
$joinShard = new JoinShardCb; $joinShard = new JoinShardCb;
$res = ""; $res = "";
@ -160,13 +160,13 @@ function getShardList($userId, $domainId)
$charId = ($userId<<4)+15; $charId = ($userId<<4)+15;
echo "Retrieving online shards for $charId...<br>"; echo "Retrieving online shards for $charId...<br>";
$joinShard->getShards($charId); $joinShard->getShards($charId);
// wait the the return message // wait the the return message
if ($joinShard->waitCallback() == false) if ($joinShard->waitCallback() == false)
{ {
echo "No response from server, getShards failed<br>"; echo "No response from server, getShards failed<br>";
} }
exit; die();
} }
/** /**
@ -182,7 +182,7 @@ function displayAllShards(&$onlineShardsBySessionId)
echo "Invalid cookie !"; echo "Invalid cookie !";
die(); die();
} }
// List all shards of the domain, including offline ones // List all shards of the domain, including offline ones
global $DBName, $DBHost, $DBUserName, $DBPassword; global $DBName, $DBHost, $DBUserName, $DBPassword;
$link = mysqli_connect($DBHost, $DBUserName, $DBPassword) or die("Can't connect to nel database"); $link = mysqli_connect($DBHost, $DBUserName, $DBPassword) or die("Can't connect to nel database");
@ -208,10 +208,10 @@ function displayAllShards(&$onlineShardsBySessionId)
echo "<input type='submit' name='button' value='Teleport' />"; echo "<input type='submit' name='button' value='Teleport' />";
echo "</form><br>"; echo "</form><br>";
} }
//echo "<input type='submit' name='button' value='Teleport' />"; //echo "<input type='submit' name='button' value='Teleport' />";
//echo "</form></font>"; //echo "</form></font>";
exit; die();
} }
@ -226,19 +226,19 @@ function joinMainland($userId, $domainId)
$addr = split(":", $domainInfo["session_manager_address"]); $addr = split(":", $domainInfo["session_manager_address"]);
$RSMHost = $addr[0]; $RSMHost = $addr[0];
$RSMPort = $addr[1]; $RSMPort = $addr[1];
// request get to the session manager // request get to the session manager
$joinsShard = new JoinShardCb; $joinsShard = new JoinShardCb;
$res = ""; $res = "";
$joinsShard->connect($RSMHost, $RSMPort, $res); $joinsShard->connect($RSMHost, $RSMPort, $res);
// set the shard Id to allow any character (by using the special value '15') // set the shard Id to allow any character (by using the special value '15')
$charId = ($userId<<4)+15; $charId = ($userId<<4)+15;
global $FSHostLuaMode, $verbose; global $FSHostLuaMode, $verbose;
if ($FSHostLuaMode && $verbose) if ($FSHostLuaMode && $verbose)
echo "Joining a mainland shard for $charId...<br>"; echo "Joining a mainland shard for $charId...<br>";
$joinsShard->joinMainland($charId, $domainInfo["domain_name"]); $joinsShard->joinMainland($charId, $domainInfo["domain_name"]);
// wait the the return message // wait the the return message
if ($joinsShard->waitCallback() == false) if ($joinsShard->waitCallback() == false)
{ {