Помощь по скриптам | Проверьте скрипт на ошибки
EvilLord
<?php
if (isset($_GET['action']) && $_GET['action'] == 'keepalive')
{
header('Content-Type: image/gif');
exit("\x47\x49\x46\x38\x39\x61\x01\x00\x01\x00\x80\x00\x00\x00\x00\x00\x00\x00\x00\x21\xF9\x04\x01\x00\x00\x00\x00\x2C\x00\x00\x00\x00\x01\x00\x01\x00\x00\x02\x02\x44\x01\x00\x3B");
}
define('INSIDE', true );
define('LOGIN', true );
define('ROOT_PATH', str_replace('\\', '/',dirname(__FILE__)).'/');
if(!file_exists(ROOT_PATH.'includes/config.php')) {
header('Location: install/index.php');
exit;
}
require(ROOT_PATH . 'includes/common.php');
$template= new template();
$template->cache = true;
$THEME->isHome();
$page = request_var('page', '');
$action = request_var('action', '');
$mode = request_var('mode', '');
switch ($page) {
case 'lostpassword':
if($CONF['mail_active'] == 0)
redirectTo("index.php");
$Username = request_var('username', '', UTF8_SUPPORT);
$Usermail = request_var('email', '');
if(empty($Username) || empty($Usermail) || !ValidateAddress($Usermail)) {
echo json_encode(array('message' => $LNG['lost_empty'], 'error' => true));
exit;
}
$UserID = $db->countquery("SELECT `id` FROM ".USERS."
WHERE `universe` = '".$UNI."'
AND `username` = '".$db->sql_escape($Username)."'
AND (`email` = '".$db->sql_escape($Usermail)."'
OR `email_2` = '".$db->sql_escape($Usermail)."');");
if (!isset($UserID)) {
echo json_encode(array('message' => $LNG['lost_not_exists'], 'error' => true));
exit;
} else {
$NewPass= uniqid();
$MailRAW= $LANG->getMail('email_lost_password');
$MailContent= sprintf($MailRAW, $Usermail, $CONF['game_name'], $NewPass, "http://".$_SERVER['SERVER_NAME'].$_SERVER["PHP_SELF"]);
$Mail= MailSend($Usermail, $Username, $LNG['mail_title'], $MailContent);
$db->query("UPDATE ".USERS." SET `password` = '".md5($NewPass)."' WHERE `id` = '".$UserID."';");
echo json_encode(array('message' => $LNG['mail_sended'], 'error' => false));
}
break;
case 'reg' :
switch ($action) {
case 'check' :
$value= request_var('value', '', UTF8_SUPPORT);
switch($mode) {
case 'username' :
$Count = $db->countquery("SELECT (SELECT COUNT(*) FROM ".USERS." WHERE `universe` = '".$UNI."' AND `username` = '".$db->sql_escape($value)."') + (SELECT COUNT(*) FROM ".USERS_VALID." WHERE `universe` = '".$Universe."' AND `username` = '".$db->sql_escape($value)."')");
break;
case 'email' :
$Count = $db->countquery("SELECT (SELECT COUNT(*) FROM ".USERS." WHERE `universe` = '".$UNI."' AND (`email` = '".$db->sql_escape($value)."' OR `email_2` = '".$db->sql_escape($value)."')) + (SELECT COUNT(*) FROM ".USERS_VALID." WHERE `universe` = '".$Universe."' AND `email` = '".$db->sql_escape($value)."')");
break;
case 'fbid' :
$Count = $db->countquery("SELECT COUNT(*) FROM ".USERS." WHERE `universe` = '".$UNI."' AND `fb_id` = '".$db->sql_escape($value)."';");
break;
case 'ref' :
$Count = $db->countquery("SELECT `universe` FROM ".USERS." WHERE `id` = '".$db->sql_escape($value)."';");
break;
}
if($Count == 0)
echo json_encode(array('exists' => false));
else
echo json_encode(array('exists' => true, 'Message' => $Count));
break;
case 'send' :
if($CONF['reg_closed'] == 1) {
echo json_encode(array('error' => true, 'message' => array(array('universe', $LNG['register_closed']))));
exit;
}
$UserName = request_var('username', '', UTF8_SUPPORT);
$UserPass = request_var('password', '');
$UserPass2 = request_var('password_2', '');
$UserEmail = request_var('email', '');
$UserEmail2= request_var('email_2', '');
$agbrules = request_var('rgt', '');
$UserPlanet= request_var('planetname', '', UTF8_SUPPORT);
$UserLang = request_var('lang', '');
$FACEBOOK = request_var('fb_id', 0);
$RefID = request_var('ref_id', 0);
$errors = array();
if ($CONF['capaktiv'] === '1') {
require_once('includes/libs/reCAPTCHA/recaptchalib.php');
$resp = recaptcha_check_answer($CONF['capprivate'], $_SERVER['REMOTE_ADDR'], $_REQUEST['recaptcha_challenge_field'], $_REQUEST['recaptcha_response_field']);
if (!$resp->is_valid)
$errors[]= array('captcha', $LNG['wrong_captcha']);
}
$ExistsUser = $db->countquery("SELECT (SELECT COUNT(*) FROM ".USERS." WHERE `universe` = '".$UNI."' AND `username` = '".$db->sql_escape($UserName)."') + (SELECT COUNT(*) FROM ".USERS_VALID." WHERE `universe` = '".$UNI."' AND `username` = '".$db->sql_escape($UserName)."')");
$ExistsMails= $db->countquery("SELECT (SELECT COUNT(*) FROM ".USERS." WHERE `universe` = '".$UNI."' AND (`email` = '".$db->sql_escape($UserEmail)."' OR `email_2` = '".$db->sql_escape($UserEmail)."')) + (SELECT COUNT(*) FROM ".USERS_VALID." WHERE `universe` = '".$UNI."' AND `email` = '".$db->sql_escape($UserEmail)."')");
if(empty($UserName))
$errors[]= array('username', $LNG['empty_user_field']);
if(!CheckName($UserName))
$errors[]= array('username', UTF8_SUPPORT ? $LNG['user_field_no_space'] : $LNG['user_field_no_alphanumeric']);
if($ExistsUser != 0)
$errors[]= array('username', $LNG['user_already_exists']);
if(!
DELETED if (isset($_GET['action']) && $_GET['action'] == 'keepalive')
{
header('Content-Type: image/gif');
exit("\x47\x49\x46\x38\x39\x61\x01\x00\x01\x00\x80\x00\x00\x00\x00\x00\x00\x00\x00\x21\xF9\x04\x01\x00\x00\x00\x00\x2C\x00\x00\x00\x00\x01\x00\x01\x00\x00\x02\x02\x44\x01\x00\x3B");
}
define('INSIDE', true );
define('LOGIN', true );
define('ROOT_PATH', str_replace('\\', '/',dirname(__FILE__)).'/');
if(!file_exists(ROOT_PATH.'includes/config.php')) {
header('Location: install/index.php');
exit;
}
require(ROOT_PATH . 'includes/common.php');
$template= new template();
$template->cache = true;
$THEME->isHome();
$page = request_var('page', '');
$action = request_var('action', '');
$mode = request_var('mode', '');
switch ($page) {
case 'lostpassword':
if($CONF['mail_active'] == 0)
redirectTo("index.php");
$Username = request_var('username', '', UTF8_SUPPORT);
$Usermail = request_var('email', '');
if(empty($Username) || empty($Usermail) || !ValidateAddress($Usermail)) {
echo json_encode(array('message' => $LNG['lost_empty'], 'error' => true));
exit;
}
$UserID = $db->countquery("SELECT `id` FROM ".USERS."
WHERE `universe` = '".$UNI."'
AND `username` = '".$db->sql_escape($Username)."'
AND (`email` = '".$db->sql_escape($Usermail)."'
OR `email_2` = '".$db->sql_escape($Usermail)."');");
if (!isset($UserID)) {
echo json_encode(array('message' => $LNG['lost_not_exists'], 'error' => true));
exit;
} else {
$NewPass= uniqid();
$MailRAW= $LANG->getMail('email_lost_password');
$MailContent= sprintf($MailRAW, $Usermail, $CONF['game_name'], $NewPass, "http://".$_SERVER['SERVER_NAME'].$_SERVER["PHP_SELF"]);
$Mail= MailSend($Usermail, $Username, $LNG['mail_title'], $MailContent);
$db->query("UPDATE ".USERS." SET `password` = '".md5($NewPass)."' WHERE `id` = '".$UserID."';");
echo json_encode(array('message' => $LNG['mail_sended'], 'error' => false));
}
break;
case 'reg' :
switch ($action) {
case 'check' :
$value= request_var('value', '', UTF8_SUPPORT);
switch($mode) {
case 'username' :
$Count = $db->countquery("SELECT (SELECT COUNT(*) FROM ".USERS." WHERE `universe` = '".$UNI."' AND `username` = '".$db->sql_escape($value)."') + (SELECT COUNT(*) FROM ".USERS_VALID." WHERE `universe` = '".$Universe."' AND `username` = '".$db->sql_escape($value)."')");
break;
case 'email' :
$Count = $db->countquery("SELECT (SELECT COUNT(*) FROM ".USERS." WHERE `universe` = '".$UNI."' AND (`email` = '".$db->sql_escape($value)."' OR `email_2` = '".$db->sql_escape($value)."')) + (SELECT COUNT(*) FROM ".USERS_VALID." WHERE `universe` = '".$Universe."' AND `email` = '".$db->sql_escape($value)."')");
break;
case 'fbid' :
$Count = $db->countquery("SELECT COUNT(*) FROM ".USERS." WHERE `universe` = '".$UNI."' AND `fb_id` = '".$db->sql_escape($value)."';");
break;
case 'ref' :
$Count = $db->countquery("SELECT `universe` FROM ".USERS." WHERE `id` = '".$db->sql_escape($value)."';");
break;
}
if($Count == 0)
echo json_encode(array('exists' => false));
else
echo json_encode(array('exists' => true, 'Message' => $Count));
break;
case 'send' :
if($CONF['reg_closed'] == 1) {
echo json_encode(array('error' => true, 'message' => array(array('universe', $LNG['register_closed']))));
exit;
}
$UserName = request_var('username', '', UTF8_SUPPORT);
$UserPass = request_var('password', '');
$UserPass2 = request_var('password_2', '');
$UserEmail = request_var('email', '');
$UserEmail2= request_var('email_2', '');
$agbrules = request_var('rgt', '');
$UserPlanet= request_var('planetname', '', UTF8_SUPPORT);
$UserLang = request_var('lang', '');
$FACEBOOK = request_var('fb_id', 0);
$RefID = request_var('ref_id', 0);
$errors = array();
if ($CONF['capaktiv'] === '1') {
require_once('includes/libs/reCAPTCHA/recaptchalib.php');
$resp = recaptcha_check_answer($CONF['capprivate'], $_SERVER['REMOTE_ADDR'], $_REQUEST['recaptcha_challenge_field'], $_REQUEST['recaptcha_response_field']);
if (!$resp->is_valid)
$errors[]= array('captcha', $LNG['wrong_captcha']);
}
$ExistsUser = $db->countquery("SELECT (SELECT COUNT(*) FROM ".USERS." WHERE `universe` = '".$UNI."' AND `username` = '".$db->sql_escape($UserName)."') + (SELECT COUNT(*) FROM ".USERS_VALID." WHERE `universe` = '".$UNI."' AND `username` = '".$db->sql_escape($UserName)."')");
$ExistsMails= $db->countquery("SELECT (SELECT COUNT(*) FROM ".USERS." WHERE `universe` = '".$UNI."' AND (`email` = '".$db->sql_escape($UserEmail)."' OR `email_2` = '".$db->sql_escape($UserEmail)."')) + (SELECT COUNT(*) FROM ".USERS_VALID." WHERE `universe` = '".$UNI."' AND `email` = '".$db->sql_escape($UserEmail)."')");
if(empty($UserName))
$errors[]= array('username', $LNG['empty_user_field']);
if(!CheckName($UserName))
$errors[]= array('username', UTF8_SUPPORT ? $LNG['user_field_no_space'] : $LNG['user_field_no_alphanumeric']);
if($ExistsUser != 0)
$errors[]= array('username', $LNG['user_already_exists']);
if(!