supernova-ws /
SuperNova
@@ -1,10 +1,10 @@ discard block |
||
| 1 | 1 | <?php |
| 2 | 2 | |
| 3 | -if(!defined('SN_IN_ALLY') || SN_IN_ALLY !== true) { |
|
| 3 | +if (!defined('SN_IN_ALLY') || SN_IN_ALLY !== true) { |
|
| 4 | 4 | classSupernova::$debug->error("Attempt to call ALLIANCE page mode {$mode} directly - not from alliance.php", 'Forbidden', 403); |
| 5 | 5 | } |
| 6 | 6 | |
| 7 | -if(!$user_admin) { |
|
| 7 | +if (!$user_admin) { |
|
| 8 | 8 | message(classLocale::$lang['Denied_access'], classLocale::$lang['ally_admin']); |
| 9 | 9 | } |
| 10 | 10 | |
@@ -20,27 +20,27 @@ discard block |
||
| 20 | 20 | $allyTextID = ($allyTextID < 1 || $allyTextID > 3) ? 1 : $allyTextID; |
| 21 | 21 | |
| 22 | 22 | |
| 23 | -if(sys_get_param_str('isSaveOptions')) { |
|
| 23 | +if (sys_get_param_str('isSaveOptions')) { |
|
| 24 | 24 | require_once('includes/includes/sys_avatar.php'); |
| 25 | 25 | |
| 26 | 26 | $fieldChange = array(); |
| 27 | - if(($new_tag = sys_get_param_str_unsafe('tag', $ally['ally_tag'])) != $ally['ally_tag']) { |
|
| 27 | + if (($new_tag = sys_get_param_str_unsafe('tag', $ally['ally_tag'])) != $ally['ally_tag']) { |
|
| 28 | 28 | $fieldChange['ally_tag'] = $new_tag; |
| 29 | - DBStaticUser::db_user_set_by_id_DEPRECATED($ally['ally_user_id'], "`username`='[" . db_escape($new_tag) . "]'"); |
|
| 29 | + DBStaticUser::db_user_set_by_id_DEPRECATED($ally['ally_user_id'], "`username`='[".db_escape($new_tag)."]'"); |
|
| 30 | 30 | } |
| 31 | - if(($new_name = sys_get_param_str_unsafe('name', $ally['ally_name'])) != $ally['ally_name']) { |
|
| 31 | + if (($new_name = sys_get_param_str_unsafe('name', $ally['ally_name'])) != $ally['ally_name']) { |
|
| 32 | 32 | $fieldChange['ally_name'] = $new_name; |
| 33 | 33 | } |
| 34 | 34 | |
| 35 | - if(($new_owner_rank = sys_get_param_str_unsafe('owner_range', $ally['ally_owner_range'])) != $ally['ally_owner_range']) { |
|
| 35 | + if (($new_owner_rank = sys_get_param_str_unsafe('owner_range', $ally['ally_owner_range'])) != $ally['ally_owner_range']) { |
|
| 36 | 36 | $fieldChange['ally_owner_range'] = $new_owner_rank; |
| 37 | 37 | } |
| 38 | 38 | |
| 39 | - if(($new_web = sys_get_param_str_unsafe('web', $ally['ally_web'])) != $ally['ally_web']) { |
|
| 39 | + if (($new_web = sys_get_param_str_unsafe('web', $ally['ally_web'])) != $ally['ally_web']) { |
|
| 40 | 40 | $fieldChange['ally_web'] = $new_web; |
| 41 | 41 | } |
| 42 | 42 | |
| 43 | - if(($new_request = sys_get_param_int('request_notallow', $ally['ally_request_notallow'])) != $ally['ally_request_notallow']) { |
|
| 43 | + if (($new_request = sys_get_param_int('request_notallow', $ally['ally_request_notallow'])) != $ally['ally_request_notallow']) { |
|
| 44 | 44 | $fieldChange['ally_request_notallow'] = sys_get_param_int('request_notallow', $ally['ally_request_notallow']); |
| 45 | 45 | } |
| 46 | 46 | |
@@ -50,11 +50,11 @@ discard block |
||
| 50 | 50 | 'AVATAR_UPLOAD_STATUS' => $avatar_upload_result['STATUS'], |
| 51 | 51 | 'AVATAR_UPLOAD_MESSAGE' => $avatar_upload_result['MESSAGE'], |
| 52 | 52 | )); |
| 53 | - if($new_image != $ally['ally_image']) { |
|
| 53 | + if ($new_image != $ally['ally_image']) { |
|
| 54 | 54 | $fieldChange['ally_image'] = $new_image; |
| 55 | 55 | } |
| 56 | 56 | |
| 57 | - if(!empty($fieldChange)) { |
|
| 57 | + if (!empty($fieldChange)) { |
|
| 58 | 58 | classSupernova::$db->doUpdateRowSet( |
| 59 | 59 | TABLE_ALLIANCE, |
| 60 | 60 | $fieldChange, |
@@ -65,17 +65,17 @@ discard block |
||
| 65 | 65 | |
| 66 | 66 | sys_redirect('alliance.php?mode=admin&edit=ally'); |
| 67 | 67 | } |
| 68 | -} elseif(sys_get_param_str('isSaveText')) { |
|
| 68 | +} elseif (sys_get_param_str('isSaveText')) { |
|
| 69 | 69 | $text_unsafe = sys_get_param_str_unsafe('text'); |
| 70 | 70 | DBStaticAlly::db_ally_update_texts($text_unsafe, $ally['id'], $text_list[$allyTextID]['db_field']); |
| 71 | 71 | $ally[$text_list[$allyTextID]['db_field']] = db_escape($text_unsafe); |
| 72 | -} elseif(sys_get_param_str('isTransfer') && $idNewLeader = sys_get_param_id('idNewLeader')) { |
|
| 73 | - if(!$isAllyOwner) { |
|
| 72 | +} elseif (sys_get_param_str('isTransfer') && $idNewLeader = sys_get_param_id('idNewLeader')) { |
|
| 73 | + if (!$isAllyOwner) { |
|
| 74 | 74 | message(classLocale::$lang['Denied_access'], classLocale::$lang['ally_admin']); |
| 75 | 75 | } |
| 76 | 76 | |
| 77 | 77 | $newLeader = DBStaticUser::db_user_by_id($idNewLeader, false, `ally_id`); |
| 78 | - if($newLeader['ally_id'] == $user['ally_id']) { |
|
| 78 | + if ($newLeader['ally_id'] == $user['ally_id']) { |
|
| 79 | 79 | sn_db_transaction_start(); |
| 80 | 80 | DBStaticUser::db_user_set_by_id_DEPRECATED($user['id'], "`ally_rank_id`='0'"); |
| 81 | 81 | DBStaticAlly::db_ally_update_owner($idNewLeader, $user['ally_id']); |
@@ -83,8 +83,8 @@ discard block |
||
| 83 | 83 | sn_db_transaction_commit(); |
| 84 | 84 | sys_redirect('alliance.php'); |
| 85 | 85 | } |
| 86 | -} elseif(sys_get_param_str('isDisband') && sys_get_param_str('isConfirmDisband')) { |
|
| 87 | - if(!$isAllyOwner) { |
|
| 86 | +} elseif (sys_get_param_str('isDisband') && sys_get_param_str('isConfirmDisband')) { |
|
| 87 | + if (!$isAllyOwner) { |
|
| 88 | 88 | message(classLocale::$lang['Denied_access'], classLocale::$lang['ally_admin']); |
| 89 | 89 | } |
| 90 | 90 | sn_db_transaction_start(); |
@@ -97,7 +97,7 @@ discard block |
||
| 97 | 97 | $request = DBStaticAlly::db_ally_request_count_by_id($ally); |
| 98 | 98 | |
| 99 | 99 | $template->assign_vars(array( |
| 100 | - 'request_count' => $request['request_count'] ? classLocale::$lang['ali_req_requestCount'] . ': ' . intval($request['request_count']) . '. ' . classLocale::$lang['ali_req_check'] : classLocale::$lang['ali_req_emptyList'], |
|
| 100 | + 'request_count' => $request['request_count'] ? classLocale::$lang['ali_req_requestCount'].': '.intval($request['request_count']).'. '.classLocale::$lang['ali_req_check'] : classLocale::$lang['ali_req_emptyList'], |
|
| 101 | 101 | 'text' => $ally[$text_list[$allyTextID]['db_field']], |
| 102 | 102 | 'request_type' => classLocale::$lang[$text_list[$allyTextID]['text_type']], |
| 103 | 103 | 't' => $allyTextID, |
@@ -130,7 +130,7 @@ discard block |
||
| 130 | 130 | $userAllyAdmins = DBStaticUser::db_user_list("`ally_id`= {$ally['id']}", false, '`id`, `username`'); |
| 131 | 131 | unset($tmp); |
| 132 | 132 | // while ($userAllyAdmin = db_fetch($userAllyAdmins)) |
| 133 | - foreach($userAllyAdmins as $userAllyAdmin) { |
|
| 133 | + foreach ($userAllyAdmins as $userAllyAdmin) { |
|
| 134 | 134 | // pdump($userAllyAdmin); |
| 135 | 135 | $tmp .= "<option value={$userAllyAdmin['id']}>{$userAllyAdmin['username']}</option>"; |
| 136 | 136 | } |
@@ -138,8 +138,8 @@ discard block |
||
| 138 | 138 | $template->assign_var('adminMembers', $tmp); |
| 139 | 139 | } |
| 140 | 140 | |
| 141 | -foreach($sn_ali_admin_internal as $sn_ali_admin_action => $sn_ali_admin_action_locale) { |
|
| 142 | - if(!$sn_ali_admin_action_locale['title']) { |
|
| 141 | +foreach ($sn_ali_admin_internal as $sn_ali_admin_action => $sn_ali_admin_action_locale) { |
|
| 142 | + if (!$sn_ali_admin_action_locale['title']) { |
|
| 143 | 143 | continue; |
| 144 | 144 | } |
| 145 | 145 | $template->assign_block_vars('admin_actions', array( |
@@ -2,28 +2,28 @@ discard block |
||
| 2 | 2 | |
| 3 | 3 | $classLocale = classLocale::$lang; |
| 4 | 4 | |
| 5 | -if(SN_IN_FLEET !== true) { |
|
| 5 | +if (SN_IN_FLEET !== true) { |
|
| 6 | 6 | classSupernova::$debug->error("Attempt to call FLEET page mode {$mode} directly - not from fleet.php", 'Forbidden', 403); |
| 7 | 7 | } |
| 8 | 8 | |
| 9 | 9 | $fleetid = sys_get_param_id('fleetid'); |
| 10 | 10 | |
| 11 | -if(!is_numeric($fleetid) || empty($fleetid)) { |
|
| 11 | +if (!is_numeric($fleetid) || empty($fleetid)) { |
|
| 12 | 12 | header("Location: fleet.php"); |
| 13 | 13 | exit(); |
| 14 | 14 | } |
| 15 | 15 | |
| 16 | 16 | $objFleet = new Fleet(); |
| 17 | 17 | $objFleet->dbLoad($fleetid); |
| 18 | -if(!$objFleet->dbId) { |
|
| 18 | +if (!$objFleet->dbId) { |
|
| 19 | 19 | message(classLocale::$lang['fl_fleet_not_exists'], classLocale::$lang['fl_error']); |
| 20 | 20 | } |
| 21 | 21 | |
| 22 | -if($objFleet->time_arrive_to_target <= SN_TIME_NOW || $objFleet->time_return_to_source < SN_TIME_NOW || $objFleet->isReturning()) { |
|
| 22 | +if ($objFleet->time_arrive_to_target <= SN_TIME_NOW || $objFleet->time_return_to_source < SN_TIME_NOW || $objFleet->isReturning()) { |
|
| 23 | 23 | message(classLocale::$lang['fl_isback'], classLocale::$lang['fl_error']); |
| 24 | 24 | } |
| 25 | 25 | |
| 26 | -if($objFleet->playerOwnerId != $user['id']) { |
|
| 26 | +if ($objFleet->playerOwnerId != $user['id']) { |
|
| 27 | 27 | classSupernova::$debug->warning(classLocale::$lang['fl_aks_hack_wrong_fleet'], 'Wrong Fleet Owner', 301); |
| 28 | 28 | message(classLocale::$lang['fl_aks_hack_wrong_fleet'], classLocale::$lang['fl_error']); |
| 29 | 29 | } |
@@ -34,19 +34,19 @@ discard block |
||
| 34 | 34 | |
| 35 | 35 | !$aks && !$userToAdd_unsafe ? $userToAdd_unsafe = $user['username'] : false; |
| 36 | 36 | |
| 37 | -if($userToAdd_unsafe) { |
|
| 37 | +if ($userToAdd_unsafe) { |
|
| 38 | 38 | $userToAdd = db_escape($userToAdd_unsafe); |
| 39 | 39 | $userToAddID = DBStaticUser::db_user_by_username($userToAdd_unsafe, false, 'id', true, true); |
| 40 | 40 | $userToAddID = $userToAddID['id']; |
| 41 | 41 | |
| 42 | - if($objFleet->target_owner_id == $userToAddID) { |
|
| 42 | + if ($objFleet->target_owner_id == $userToAddID) { |
|
| 43 | 43 | message(classLocale::$lang['flt_aks_player_same'], classLocale::$lang['fl_error']); |
| 44 | 44 | } |
| 45 | 45 | |
| 46 | - if($userToAddID) { |
|
| 47 | - if(!$aks) { |
|
| 46 | + if ($userToAddID) { |
|
| 47 | + if (!$aks) { |
|
| 48 | 48 | // No AСS exists - making one |
| 49 | - if(!$objFleet->group_id) { |
|
| 49 | + if (!$objFleet->group_id) { |
|
| 50 | 50 | DBStaticFleetACS::db_acs_insert($fleetid, $user['id'], $objFleet); |
| 51 | 51 | |
| 52 | 52 | $aks = DBStaticFleetACS::db_acs_get_by_fleet($fleetid); |
@@ -61,24 +61,24 @@ discard block |
||
| 61 | 61 | |
| 62 | 62 | $isUserExists = false; |
| 63 | 63 | $invited_ar = explode(",", $aks['eingeladen']); |
| 64 | - foreach($invited_ar as $inv) { |
|
| 65 | - if($userToAddID == $inv) { |
|
| 64 | + foreach ($invited_ar as $inv) { |
|
| 65 | + if ($userToAddID == $inv) { |
|
| 66 | 66 | $isUserExists = true; |
| 67 | 67 | } |
| 68 | 68 | } |
| 69 | 69 | |
| 70 | - if(count($invited_ar) >= 5) { |
|
| 70 | + if (count($invited_ar) >= 5) { |
|
| 71 | 71 | message(classLocale::$lang['flt_aks_error_too_much_players'], classLocale::$lang['fl_error']); |
| 72 | 72 | } |
| 73 | 73 | |
| 74 | - if($isUserExists) { |
|
| 74 | + if ($isUserExists) { |
|
| 75 | 75 | $userToAdd_unsafe != $user['username'] ? $add_user_message_mr = sprintf(classLocale::$lang['fl_aks_player_invited_already'], $userToAdd) : false; |
| 76 | 76 | } else { |
| 77 | 77 | $add_user_message_mr = sprintf(classLocale::$lang['fl_aks_player_invited'], $userToAdd); |
| 78 | - if(!(DBStaticFleetACS::db_acs_update($userToAddID, $fleetid))) { |
|
| 78 | + if (!(DBStaticFleetACS::db_acs_update($userToAddID, $fleetid))) { |
|
| 79 | 79 | die(sprintf(classLocale::$lang['fl_aks_adding_error'], classSupernova::$db->db_error())); |
| 80 | 80 | } |
| 81 | - $aks['eingeladen'] .= ',' . $userToAddID; |
|
| 81 | + $aks['eingeladen'] .= ','.$userToAddID; |
|
| 82 | 82 | } |
| 83 | 83 | DBStaticMessages::msg_send_simple_message($userToAddID, $user['id'], SN_TIME_NOW, MSG_TYPE_COMBAT, $user['username'], classLocale::$lang['fl_aks_invite_message_header'], sprintf(classLocale::$lang['fl_aks_invite_message'], $user['username'])); |
| 84 | 84 | } else { |
@@ -94,8 +94,8 @@ discard block |
||
| 94 | 94 | 'MISSION_NAME' => classLocale::$lang['type_mission'][MT_ACS], |
| 95 | 95 | )); |
| 96 | 96 | |
| 97 | -if($aks['eingeladen'] && is_array($members = classSupernova::$gc->cacheOperator->db_get_record_list(LOC_USER, "`id` in ({$aks['eingeladen']})")) && !empty($members)) { |
|
| 98 | - foreach($members as $row) { |
|
| 97 | +if ($aks['eingeladen'] && is_array($members = classSupernova::$gc->cacheOperator->db_get_record_list(LOC_USER, "`id` in ({$aks['eingeladen']})")) && !empty($members)) { |
|
| 98 | + foreach ($members as $row) { |
|
| 99 | 99 | $template->assign_block_vars('invited', array( |
| 100 | 100 | 'NAME' => $row['username'], |
| 101 | 101 | )); |
@@ -120,7 +120,7 @@ discard block |
||
| 120 | 120 | $fleet_data = tplParseFleetObject($objFleet, $i, $user); |
| 121 | 121 | |
| 122 | 122 | $template->assign_block_vars('fleets', $fleet_data['fleet']); |
| 123 | -foreach($fleet_data['ships'] as $ship_data) { |
|
| 123 | +foreach ($fleet_data['ships'] as $ship_data) { |
|
| 124 | 124 | $template->assign_block_vars('fleets.ships', $ship_data); |
| 125 | 125 | } |
| 126 | 126 | |
@@ -12,24 +12,24 @@ discard block |
||
| 12 | 12 | global $template_result, $user; |
| 13 | 13 | |
| 14 | 14 | // Напоминание для Администрации, что игра отключена |
| 15 | -if($template_result[F_GAME_DISABLE]) { |
|
| 15 | +if ($template_result[F_GAME_DISABLE]) { |
|
| 16 | 16 | echo '<div class="global_admin_warning">', $template_result[F_GAME_DISABLE_REASON], '</div>'; |
| 17 | 17 | } |
| 18 | 18 | unset($disable_reason); |
| 19 | 19 | |
| 20 | 20 | |
| 21 | -if(defined('IN_ADMIN') && IN_ADMIN === true) { |
|
| 21 | +if (defined('IN_ADMIN') && IN_ADMIN === true) { |
|
| 22 | 22 | lng_include('admin'); |
| 23 | -} elseif($sys_user_logged_in) { |
|
| 23 | +} elseif ($sys_user_logged_in) { |
|
| 24 | 24 | sys_user_vacation($user); |
| 25 | 25 | |
| 26 | 26 | $planet_id = SetSelectedPlanet($user); |
| 27 | 27 | |
| 28 | 28 | // TODO НЕ НУЖНО АЛЬЯНС КАЖДЫЙ РАЗ ОБНОВЛЯТЬ!!! |
| 29 | - if($user['ally_id']) { |
|
| 29 | + if ($user['ally_id']) { |
|
| 30 | 30 | sn_db_transaction_start(); |
| 31 | 31 | sn_ali_fill_user_ally($user); |
| 32 | - if(!$user['ally']['player']['id']) { |
|
| 32 | + if (!$user['ally']['player']['id']) { |
|
| 33 | 33 | // sn_sys_logout(false, true); |
| 34 | 34 | // core_auth::logout(false); |
| 35 | 35 | classSupernova::$auth->logout(false); |
@@ -37,7 +37,7 @@ discard block |
||
| 37 | 37 | } |
| 38 | 38 | // TODO UNCOMMENT |
| 39 | 39 | que_process($user['ally']['player']); |
| 40 | - DBStaticUser::db_user_set_by_id_DEPRECATED($user['ally']['player']['id'], '`onlinetime` = ' . SN_TIME_NOW); |
|
| 40 | + DBStaticUser::db_user_set_by_id_DEPRECATED($user['ally']['player']['id'], '`onlinetime` = '.SN_TIME_NOW); |
|
| 41 | 41 | sn_db_transaction_commit(); |
| 42 | 42 | } |
| 43 | 43 | |
@@ -48,7 +48,7 @@ discard block |
||
| 48 | 48 | sn_db_transaction_commit(); |
| 49 | 49 | |
| 50 | 50 | $planetrow = $global_data['planet']; |
| 51 | - if(!($planetrow && isset($planetrow['id']) && $planetrow['id'])) { |
|
| 51 | + if (!($planetrow && isset($planetrow['id']) && $planetrow['id'])) { |
|
| 52 | 52 | // sn_sys_logout(false, true); |
| 53 | 53 | // core_auth::logout(false); |
| 54 | 54 | classSupernova::$auth->logout(false); |
@@ -157,7 +157,7 @@ discard block |
||
| 157 | 157 | /** |
| 158 | 158 | * @param string $query |
| 159 | 159 | * |
| 160 | - * @return mixed|string |
|
| 160 | + * @return string |
|
| 161 | 161 | */ |
| 162 | 162 | public function replaceTablePlaceholders($query) { |
| 163 | 163 | $sql = $query; |
@@ -171,7 +171,7 @@ discard block |
||
| 171 | 171 | } |
| 172 | 172 | |
| 173 | 173 | /** |
| 174 | - * @param $query |
|
| 174 | + * @param string $query |
|
| 175 | 175 | */ |
| 176 | 176 | protected function logQuery($query) { |
| 177 | 177 | if (!classSupernova::$config->debug) { |
@@ -301,6 +301,11 @@ discard block |
||
| 301 | 301 | |
| 302 | 302 | |
| 303 | 303 | // INSERT/REPLACE |
| 304 | + |
|
| 305 | + /** |
|
| 306 | + * @param string $table |
|
| 307 | + * @param integer $replace |
|
| 308 | + */ |
|
| 304 | 309 | protected function doSet($table, $fieldsAndValues, $replace = DB_INSERT_PLAIN) { |
| 305 | 310 | $query = DbQuery::build($this) |
| 306 | 311 | ->setTable($table) |
@@ -338,6 +343,10 @@ discard block |
||
| 338 | 343 | |
| 339 | 344 | |
| 340 | 345 | // INSERTERS |
| 346 | + |
|
| 347 | + /** |
|
| 348 | + * @param string $query |
|
| 349 | + */ |
|
| 341 | 350 | public function doInsertComplex($query) { |
| 342 | 351 | return $this->doSql($query); |
| 343 | 352 | } |
@@ -358,7 +367,7 @@ discard block |
||
| 358 | 367 | * Values should be passed as-is |
| 359 | 368 | * |
| 360 | 369 | * @param string $table |
| 361 | - * @param array $fields |
|
| 370 | + * @param string[] $fields |
|
| 362 | 371 | * @param string[] $values |
| 363 | 372 | * |
| 364 | 373 | * @return array|bool|mysqli_result|null |
@@ -415,7 +424,7 @@ discard block |
||
| 415 | 424 | * Self-contained - means no params used |
| 416 | 425 | * Such queries usually used to make large amount of in-base calculations |
| 417 | 426 | * |
| 418 | - * @param $query |
|
| 427 | + * @param string $query |
|
| 419 | 428 | * |
| 420 | 429 | * @return array|bool|mysqli_result|null |
| 421 | 430 | */ |
@@ -423,6 +432,9 @@ discard block |
||
| 423 | 432 | return $this->doSql($query); |
| 424 | 433 | } |
| 425 | 434 | |
| 435 | + /** |
|
| 436 | + * @param boolean $isOneRecord |
|
| 437 | + */ |
|
| 426 | 438 | protected function doUpdateWhere($table, $fieldsSet, $fieldsAdjust = array(), $where = array(), $isOneRecord = DB_RECORDS_ALL) { |
| 427 | 439 | // $query = DbQuery::build($this) |
| 428 | 440 | // ->setTable($table) |
@@ -457,10 +469,16 @@ discard block |
||
| 457 | 469 | return $this->doSql($query); |
| 458 | 470 | } |
| 459 | 471 | |
| 472 | + /** |
|
| 473 | + * @param string $table |
|
| 474 | + */ |
|
| 460 | 475 | public function doUpdateRowSet($table, $fieldsAndValues, $where) { |
| 461 | 476 | return $this->doUpdateWhere($table, $fieldsAndValues, array(), $where, DB_RECORD_ONE); |
| 462 | 477 | } |
| 463 | 478 | |
| 479 | + /** |
|
| 480 | + * @param string $table |
|
| 481 | + */ |
|
| 464 | 482 | public function doUpdateTableSet($table, $fieldsAndValues, $where = array()) { |
| 465 | 483 | return $this->doUpdateWhere($table, $fieldsAndValues, array(), $where, DB_RECORDS_ALL); |
| 466 | 484 | } |
@@ -680,6 +698,10 @@ discard block |
||
| 680 | 698 | } |
| 681 | 699 | |
| 682 | 700 | // TODO Заменить это на новый логгер |
| 701 | + |
|
| 702 | + /** |
|
| 703 | + * @param string $query |
|
| 704 | + */ |
|
| 683 | 705 | protected function security_watch_user_queries($query) { |
| 684 | 706 | global $user; |
| 685 | 707 | |
@@ -703,6 +725,9 @@ discard block |
||
| 703 | 725 | } |
| 704 | 726 | |
| 705 | 727 | |
| 728 | + /** |
|
| 729 | + * @param string $query |
|
| 730 | + */ |
|
| 706 | 731 | public function security_query_check_bad_words($query) { |
| 707 | 732 | if ($this->skipQueryCheck) { |
| 708 | 733 | return; |
@@ -91,7 +91,7 @@ discard block |
||
| 91 | 91 | public function load_db_settings($configFile = '') { |
| 92 | 92 | $dbsettings = array(); |
| 93 | 93 | |
| 94 | - empty($configFile) ? $configFile = SN_ROOT_PHYSICAL . "config" . DOT_PHP_EX : false; |
|
| 94 | + empty($configFile) ? $configFile = SN_ROOT_PHYSICAL."config".DOT_PHP_EX : false; |
|
| 95 | 95 | |
| 96 | 96 | require $configFile; |
| 97 | 97 | |
@@ -111,7 +111,7 @@ discard block |
||
| 111 | 111 | } |
| 112 | 112 | |
| 113 | 113 | if (empty($this->dbsettings)) { |
| 114 | - $this->load_db_settings(SN_ROOT_PHYSICAL . "config" . DOT_PHP_EX); |
|
| 114 | + $this->load_db_settings(SN_ROOT_PHYSICAL."config".DOT_PHP_EX); |
|
| 115 | 115 | } |
| 116 | 116 | |
| 117 | 117 | // TODO - фатальные (?) ошибки на каждом шагу. Хотя - скорее Эксепшны |
@@ -163,7 +163,7 @@ discard block |
||
| 163 | 163 | $sql = $query; |
| 164 | 164 | if (strpos($sql, '{{') !== false) { |
| 165 | 165 | foreach ($this->table_list as $tableName) { |
| 166 | - $sql = str_replace("{{{$tableName}}}", $this->db_prefix . $tableName, $sql); |
|
| 166 | + $sql = str_replace("{{{$tableName}}}", $this->db_prefix.$tableName, $sql); |
|
| 167 | 167 | } |
| 168 | 168 | } |
| 169 | 169 | |
@@ -234,12 +234,12 @@ discard block |
||
| 234 | 234 | |
| 235 | 235 | $queryResult = null; |
| 236 | 236 | try { |
| 237 | - $queryResult = $this->db_sql_query($stringQuery . DbSqlHelper::quoteComment($queryTrace)); |
|
| 237 | + $queryResult = $this->db_sql_query($stringQuery.DbSqlHelper::quoteComment($queryTrace)); |
|
| 238 | 238 | if (!$queryResult) { |
| 239 | 239 | throw new Exception(); |
| 240 | 240 | } |
| 241 | 241 | } catch (Exception $e) { |
| 242 | - classSupernova::$debug->error($this->db_error() . "<br />{$query}<br />", 'SQL Error'); |
|
| 242 | + classSupernova::$debug->error($this->db_error()."<br />{$query}<br />", 'SQL Error'); |
|
| 243 | 243 | } |
| 244 | 244 | |
| 245 | 245 | return $queryResult; |
@@ -578,7 +578,7 @@ discard block |
||
| 578 | 578 | case TYPE_EMPTY: |
| 579 | 579 | // No-type defaults to string |
| 580 | 580 | default: |
| 581 | - $value = "'" . $this->db_escape((string)$value) . "'"; |
|
| 581 | + $value = "'".$this->db_escape((string) $value)."'"; |
|
| 582 | 582 | break; |
| 583 | 583 | } |
| 584 | 584 | |
@@ -606,7 +606,7 @@ discard block |
||
| 606 | 606 | if (is_int($fieldName)) { |
| 607 | 607 | $result[$fieldName] = $fieldValue; |
| 608 | 608 | } else { |
| 609 | - $result[$fieldName] = "`{$fieldName}` = " . $this->castAsDbValue($fieldValue); |
|
| 609 | + $result[$fieldName] = "`{$fieldName}` = ".$this->castAsDbValue($fieldValue); |
|
| 610 | 610 | } |
| 611 | 611 | } |
| 612 | 612 | |
@@ -635,7 +635,7 @@ discard block |
||
| 635 | 635 | if (is_int($fieldName)) { |
| 636 | 636 | $result[$fieldName] = $fieldValue; |
| 637 | 637 | } else { |
| 638 | - $result[$fieldName] = "`{$fieldName}` = `{$fieldName}` + (" . $this->castAsDbValue($fieldValue) . ")"; |
|
| 638 | + $result[$fieldName] = "`{$fieldName}` = `{$fieldName}` + (".$this->castAsDbValue($fieldValue).")"; |
|
| 639 | 639 | } |
| 640 | 640 | } |
| 641 | 641 | |
@@ -692,10 +692,10 @@ discard block |
||
| 692 | 692 | $this->isWatching = true; |
| 693 | 693 | $msg = "\$query = \"{$query}\"\n\r"; |
| 694 | 694 | if (!empty($_POST)) { |
| 695 | - $msg .= "\n\r" . dump($_POST, '$_POST'); |
|
| 695 | + $msg .= "\n\r".dump($_POST, '$_POST'); |
|
| 696 | 696 | } |
| 697 | 697 | if (!empty($_GET)) { |
| 698 | - $msg .= "\n\r" . dump($_GET, '$_GET'); |
|
| 698 | + $msg .= "\n\r".dump($_GET, '$_GET'); |
|
| 699 | 699 | } |
| 700 | 700 | classSupernova::$debug->warning($msg, "Watching user {$user['id']}", 399, array('base_dump' => true)); |
| 701 | 701 | $this->isWatching = false; |
@@ -721,37 +721,37 @@ discard block |
||
| 721 | 721 | case stripos($query, 'RPG_POINTS') != false && stripos(trim($query), 'UPDATE ') === 0 && !$dm_change_legit: |
| 722 | 722 | case stripos($query, 'METAMATTER') != false && stripos(trim($query), 'UPDATE ') === 0 && !$mm_change_legit: |
| 723 | 723 | case stripos($query, 'AUTHLEVEL') != false && $user['authlevel'] < 3 && stripos($query, 'SELECT') !== 0: |
| 724 | - $report = "Hacking attempt (" . date("d.m.Y H:i:s") . " - [" . time() . "]):\n"; |
|
| 724 | + $report = "Hacking attempt (".date("d.m.Y H:i:s")." - [".time()."]):\n"; |
|
| 725 | 725 | $report .= ">Database Inforamation\n"; |
| 726 | - $report .= "\tID - " . $user['id'] . "\n"; |
|
| 727 | - $report .= "\tUser - " . $user['username'] . "\n"; |
|
| 728 | - $report .= "\tAuth level - " . $user['authlevel'] . "\n"; |
|
| 729 | - $report .= "\tAdmin Notes - " . $user['adminNotes'] . "\n"; |
|
| 730 | - $report .= "\tCurrent Planet - " . $user['current_planet'] . "\n"; |
|
| 731 | - $report .= "\tUser IP - " . $user['user_lastip'] . "\n"; |
|
| 732 | - $report .= "\tUser IP at Reg - " . $user['ip_at_reg'] . "\n"; |
|
| 733 | - $report .= "\tUser Agent- " . $_SERVER['HTTP_USER_AGENT'] . "\n"; |
|
| 734 | - $report .= "\tCurrent Page - " . $user['current_page'] . "\n"; |
|
| 735 | - $report .= "\tRegister Time - " . $user['register_time'] . "\n"; |
|
| 726 | + $report .= "\tID - ".$user['id']."\n"; |
|
| 727 | + $report .= "\tUser - ".$user['username']."\n"; |
|
| 728 | + $report .= "\tAuth level - ".$user['authlevel']."\n"; |
|
| 729 | + $report .= "\tAdmin Notes - ".$user['adminNotes']."\n"; |
|
| 730 | + $report .= "\tCurrent Planet - ".$user['current_planet']."\n"; |
|
| 731 | + $report .= "\tUser IP - ".$user['user_lastip']."\n"; |
|
| 732 | + $report .= "\tUser IP at Reg - ".$user['ip_at_reg']."\n"; |
|
| 733 | + $report .= "\tUser Agent- ".$_SERVER['HTTP_USER_AGENT']."\n"; |
|
| 734 | + $report .= "\tCurrent Page - ".$user['current_page']."\n"; |
|
| 735 | + $report .= "\tRegister Time - ".$user['register_time']."\n"; |
|
| 736 | 736 | $report .= "\n"; |
| 737 | 737 | |
| 738 | 738 | $report .= ">Query Information\n"; |
| 739 | - $report .= "\tQuery - " . $query . "\n"; |
|
| 739 | + $report .= "\tQuery - ".$query."\n"; |
|
| 740 | 740 | $report .= "\n"; |
| 741 | 741 | |
| 742 | 742 | $report .= ">\$_SERVER Information\n"; |
| 743 | - $report .= "\tIP - " . $_SERVER['REMOTE_ADDR'] . "\n"; |
|
| 744 | - $report .= "\tHost Name - " . $_SERVER['HTTP_HOST'] . "\n"; |
|
| 745 | - $report .= "\tUser Agent - " . $_SERVER['HTTP_USER_AGENT'] . "\n"; |
|
| 746 | - $report .= "\tRequest Method - " . $_SERVER['REQUEST_METHOD'] . "\n"; |
|
| 747 | - $report .= "\tCame From - " . $_SERVER['HTTP_REFERER'] . "\n"; |
|
| 748 | - $report .= "\tPage is - " . $_SERVER['SCRIPT_NAME'] . "\n"; |
|
| 749 | - $report .= "\tUses Port - " . $_SERVER['REMOTE_PORT'] . "\n"; |
|
| 750 | - $report .= "\tServer Protocol - " . $_SERVER['SERVER_PROTOCOL'] . "\n"; |
|
| 743 | + $report .= "\tIP - ".$_SERVER['REMOTE_ADDR']."\n"; |
|
| 744 | + $report .= "\tHost Name - ".$_SERVER['HTTP_HOST']."\n"; |
|
| 745 | + $report .= "\tUser Agent - ".$_SERVER['HTTP_USER_AGENT']."\n"; |
|
| 746 | + $report .= "\tRequest Method - ".$_SERVER['REQUEST_METHOD']."\n"; |
|
| 747 | + $report .= "\tCame From - ".$_SERVER['HTTP_REFERER']."\n"; |
|
| 748 | + $report .= "\tPage is - ".$_SERVER['SCRIPT_NAME']."\n"; |
|
| 749 | + $report .= "\tUses Port - ".$_SERVER['REMOTE_PORT']."\n"; |
|
| 750 | + $report .= "\tServer Protocol - ".$_SERVER['SERVER_PROTOCOL']."\n"; |
|
| 751 | 751 | |
| 752 | 752 | $report .= "\n--------------------------------------------------------------------------------------------------\n"; |
| 753 | 753 | |
| 754 | - $fp = fopen(SN_ROOT_PHYSICAL . 'badqrys.txt', 'a'); |
|
| 754 | + $fp = fopen(SN_ROOT_PHYSICAL.'badqrys.txt', 'a'); |
|
| 755 | 755 | fwrite($fp, $report); |
| 756 | 756 | fclose($fp); |
| 757 | 757 | |
@@ -101,17 +101,17 @@ discard block |
||
| 101 | 101 | protected function buildCommand() { |
| 102 | 102 | switch ($this->command) { |
| 103 | 103 | case static::UPDATE: |
| 104 | - $this->build[] = $this->command . " " . $this->quoteTable($this->table); |
|
| 104 | + $this->build[] = $this->command." ".$this->quoteTable($this->table); |
|
| 105 | 105 | break; |
| 106 | 106 | |
| 107 | 107 | case static::DELETE: |
| 108 | - $this->build[] = $this->command . " FROM " . $this->quoteTable($this->table); |
|
| 108 | + $this->build[] = $this->command." FROM ".$this->quoteTable($this->table); |
|
| 109 | 109 | break; |
| 110 | 110 | |
| 111 | 111 | case static::REPLACE: |
| 112 | 112 | case static::INSERT_IGNORE: |
| 113 | 113 | case static::INSERT: |
| 114 | - $this->build[] = $this->command . " INTO " . $this->quoteTable($this->table); |
|
| 114 | + $this->build[] = $this->command." INTO ".$this->quoteTable($this->table); |
|
| 115 | 115 | break; |
| 116 | 116 | } |
| 117 | 117 | } |
@@ -170,7 +170,7 @@ discard block |
||
| 170 | 170 | $compiled = array(); |
| 171 | 171 | |
| 172 | 172 | foreach ($this->values as $valuesVector) { |
| 173 | - $compiled[] = '(' . implode(',', $this->safeFields($valuesVector)) . ')'; |
|
| 173 | + $compiled[] = '('.implode(',', $this->safeFields($valuesVector)).')'; |
|
| 174 | 174 | } |
| 175 | 175 | |
| 176 | 176 | $this->build[] = implode(',', $compiled); |
@@ -380,7 +380,7 @@ discard block |
||
| 380 | 380 | * @return string |
| 381 | 381 | */ |
| 382 | 382 | protected function stringValue($value) { |
| 383 | - return "'" . $this->escape((string)$value) . "'"; |
|
| 383 | + return "'".$this->escape((string) $value)."'"; |
|
| 384 | 384 | } |
| 385 | 385 | |
| 386 | 386 | /** |
@@ -391,7 +391,7 @@ discard block |
||
| 391 | 391 | * @return string |
| 392 | 392 | */ |
| 393 | 393 | protected function quote($fieldName) { |
| 394 | - return "`" . $this->escape((string)$fieldName) . "`"; |
|
| 394 | + return "`".$this->escape((string) $fieldName)."`"; |
|
| 395 | 395 | } |
| 396 | 396 | |
| 397 | 397 | /** |
@@ -402,7 +402,7 @@ discard block |
||
| 402 | 402 | * @return string |
| 403 | 403 | */ |
| 404 | 404 | protected function quoteTable($tableName) { |
| 405 | - return "`{{" . $this->escape((string)$tableName) . "}}`"; |
|
| 405 | + return "`{{".$this->escape((string) $tableName)."}}`"; |
|
| 406 | 406 | } |
| 407 | 407 | |
| 408 | 408 | protected function castAsDbValue($value) { |
@@ -482,7 +482,7 @@ discard block |
||
| 482 | 482 | foreach ($fieldValues as $fieldName => $fieldValue) { |
| 483 | 483 | // Integer $fieldName is DANGER! They skipped there! |
| 484 | 484 | if (!is_int($fieldName)) { |
| 485 | - $result[$fieldName] = $this->quote($fieldName) . " = " . $this->castAsDbValue($fieldValue); |
|
| 485 | + $result[$fieldName] = $this->quote($fieldName)." = ".$this->castAsDbValue($fieldValue); |
|
| 486 | 486 | } |
| 487 | 487 | } |
| 488 | 488 | |
@@ -524,7 +524,7 @@ discard block |
||
| 524 | 524 | foreach ($fields as $fieldName => $fieldValue) { |
| 525 | 525 | // Integer $fieldName means "leave as is" - for expressions and already processed fields |
| 526 | 526 | if (is_string($fieldName)) { |
| 527 | - $result[$fieldName] = "`{$fieldName}` = `{$fieldName}` + (" . $this->castAsDbValue($fieldValue) . ")"; |
|
| 527 | + $result[$fieldName] = "`{$fieldName}` = `{$fieldName}` + (".$this->castAsDbValue($fieldValue).")"; |
|
| 528 | 528 | } |
| 529 | 529 | } |
| 530 | 530 | |
