X-Git-Url: http://mop.ddnsfree.com/gitweb/?a=blobdiff_plain;f=web%2Findex_wr.php;h=2d514af4e45413ca39960658e2bb25258f619888;hb=bbd72460bcf4269ffd21cfb97e0ab616ac7276e7;hp=05e8a73b5aebad548f0b7c6df51553fcf6b213b2;hpb=d5d23bed102b17c9561b2006165bc6acaa390688;p=brisk.git
diff --git a/web/index_wr.php b/web/index_wr.php
index 05e8a73..2d514af 100644
--- a/web/index_wr.php
+++ b/web/index_wr.php
@@ -2,7 +2,7 @@
/*
* brisk - index_wr.php
*
- * Copyright (C) 2006-2014 Matteo Nastasi
+ * Copyright (C) 2006-2015 Matteo Nastasi
* mailto: nastasi@alternativeoutput.it
* matteo.nastasi@milug.org
* web: http://www.alternativeoutput.it
@@ -42,6 +42,8 @@ $mlang_indwr = array( 'unknownerr' => array( 'it' => 'errore sconosciuto',
'en' => 'To send a message to the administrator you have to be authenticated'),
'shutmsg' => array( 'it' => 'Il server sta per essere riavviato, non possono avere inizio nuove partite.',
'en' => 'The server is going to be rebooted, new games are not allowed.'),
+ 'mustappr' => array( 'it' => 'Il tavolo a cui volevi sederti richiede autentifica o apprendistato.',
+ 'en' => 'The table where you want to sit require authentication or apprentice'),
'mustauth' => array( 'it' => 'Il tavolo a cui volevi sederti richiede autentifica.',
'en' => 'The table where you want to sit require authentication'),
'mustcert' => array( 'it' => 'Il tavolo a cui volevi sederti richiede autentifica e certificazione.',
@@ -70,6 +72,10 @@ $mlang_indwr = array( 'unknownerr' => array( 'it' => 'errore sconosciuto',
'en' => '
You or someone with your same IP address is standing up from a table without the permission of the other players
You will wait '),
'badsit_b' => array( 'it' => ' prima di poterti sedere nuovamente.
Se non sei stato tu ad alzarti e possiedi un login con password, autenticandoti con quello, potrai accedere.',
'en' => ' before you can sit down again. If you don\'t leave the table and you have a login with a password, authenticating with this one you will access'),
+ 'nu_netguard' => array('it' => "Di recente è già arrivata una richiesta da un indirizzo IP simile al tuo, riprova tra qualche tempo.",
+ 'en' => "EN di recente è già arrivata una richiesta da un indirizzo IP simile al tuo, riprova tra qualche tempo."),
+ 'nu_unkerr' => array('it' => "Si è verificato un errore inatteso, contattare l'amministratore.",
+ 'en' => "EN Si è verificato un errore inatteso, contattare l'amministratore."),
'nu_loginau' => array('it' => "login già in uso",
'en' => "login already in use"),
'nu_emailau' => array('it' => "email già utilizzata",
@@ -113,6 +119,8 @@ Ti sei registrato col nickname \'%s\',
Ciò è necessario per ottenere la password.
Saluti e buone partite, mop.
',
'en' => 'EN mhtml [%s] [%s]'),
+ 'info_err' => array( 'it' => 'E\' occorso un errore (%d), riprova più tardi.',
+ 'en' => 'Some error occurs (%d), retry later.')
);
define('LICMGR_CHO_ACCEPT', 0);
@@ -121,13 +129,14 @@ define('LICMGR_CHO_AFTER', 2);
function index_wr_main(&$brisk, $remote_addr_full, $get, $post, $cookie)
{
- GLOBAL $G_domain, $G_webbase, $G_mail_seed;
+ GLOBAL $G_domain, $G_webbase, $G_mail_seed, $G_notguar_code;
GLOBAL $G_shutdown, $G_alarm_passwd, $G_ban_list, $G_black_list, $G_lang, $G_room_help, $G_room_about;
GLOBAL $G_room_passwdhowto, $mlang_indwr;
GLOBAL $G_tos_vers;
log_load("index_wr.php");
$remote_addr = addrtoipv4($remote_addr_full);
+ $remote_ip = ip2int($remote_addr);
if (($mesg = gpcs_var('mesg', $get, $post, $cookie)) === FALSE)
unset($mesg);
@@ -222,7 +231,7 @@ function index_wr_main(&$brisk, $remote_addr_full, $get, $post, $cookie)
else if ($argz[0] == 'whysupport') {
echo show_notify(str_replace("\n", " ", $G_room_whysupport[$G_lang]), 0, $mlang_indwr['btn_close'][$G_lng], 400, 200);
}
- else if ($argz[0] == 'apprendice') {
+ else if ($argz[0] == 'apprentice') {
if (($cli_name = gpcs_var('cli_name', $get, $post, $cookie)) === FALSE)
$cli_name = "";
@@ -234,10 +243,22 @@ function index_wr_main(&$brisk, $remote_addr_full, $get, $post, $cookie)
// check existence of username or email
$is_trans = FALSE;
do {
- if (($bdb = BriskDB::create()) == FALSE)
+ error_log($cli_name);
+ if (login_consistency($cli_name) == FALSE) {
+ $mesg_to_user = "Il nickname non è conforme alle regole per la sua costruzione.";
break;
+ }
- // FIXME: CHECK IP AS PREVIOUS REQUIRER
+ if (($bdb = BriskDB::create()) == FALSE) {
+ $mesg_to_user = "Connessione al database fallita";
+ break;
+ }
+
+ // check IP address as previous requirer
+ if ($bdb->selfreg_check($remote_ip) == FALSE) {
+ $mesg_to_user = $mlang_indwr['nu_netguard'][$G_lang];
+ break;
+ }
$cli_name = urldecode($cli_name);
$cli_email = urldecode($cli_email);
@@ -256,13 +277,15 @@ function index_wr_main(&$brisk, $remote_addr_full, $get, $post, $cookie)
// FIXME: move 'no-guaran' user into configuration file
if (($usr_obj = $bdb->user_add($cli_name, 'THE_PASS', $cli_email,
USER_FLAG_TY_DISABLE | USER_FLAG_TY_APPR,
- USER_DIS_REA_NU_MAILED, 10103)) == FALSE) {
+ USER_DIS_REA_NU_MAILED, $G_notguar_code)) == FALSE) {
fprintf(STDERR, "ERROR: user_add FAILED\n");
+ $mesg_to_user = "Fallito inserimento nel database.";
break;
}
if (($mail_code = $bdb->mail_reserve_code()) == FALSE) {
fprintf(STDERR, "ERROR: mail reserve code FAILED\n");
+ $mesg_to_user = "Fallita creazione codice email.";
break;
}
$hash = md5($curtime . $G_alarm_passwd . $cli_name . $cli_email);
@@ -278,24 +301,34 @@ function index_wr_main(&$brisk, $remote_addr_full, $get, $post, $cookie)
$mail_item = new MailDBItem($mail_code, $usr_obj->code, MAIL_TYP_CHECK,
$curtime, $subj, $body_txt, $body_htm, $hash);
- if (brisk_mail($cli_email, $subj, $body_txt, $body_htm) == FALSE) {
- // mail error
- fprintf(STDERR, "ERROR: mail send FAILED\n");
- break;
- }
-
// save the mail
if ($mail_item->store($bdb) == FALSE) {
// store mail error
fprintf(STDERR, "ERROR: store mail FAILED\n");
+ $mesg_to_user = "Fallita procedura di store.";
+ break;
+ }
+
+ // check IP address as previous requirer
+ if ($bdb->selfreg_set($remote_ip) == FALSE) {
+ $mesg_to_user = $mlang_indwr['nu_unkerr'][$G_lang];
+ break;
+ }
+
+ if (brisk_mail($cli_email, $subj, $body_txt, $body_htm) == FALSE) {
+ // mail error
+ fprintf(STDERR, "ERROR: mail send FAILED\n");
+ $mesg_to_user = "Fallito invio email.";
break;
}
- echo "1";
$bdb->transaction('COMMIT');
+ fprintf(STDERR, "REMOTE: %d\n", $remote_ip);
+ echo "1";
return TRUE;
} while(FALSE);
- $bdb->transaction('ROLLBACK');
+ if ($is_trans)
+ $bdb->transaction('ROLLBACK');
echo "$mesg_to_user";
return FALSE;
}
@@ -328,6 +361,20 @@ function index_wr_main(&$brisk, $remote_addr_full, $get, $post, $cookie)
if ($argz[0] == 'ping') {
log_wr("PING RECEIVED");
}
+ else if ($argz[0] == 'info') {
+ if ($argz[1] == 'save') {
+ if (!isset($post['info'])) {
+ return FALSE;
+ }
+ if (($ret = $brisk->info_save($user, $post['info'])) == 0) {
+ echo "1";
+ return TRUE;
+ }
+
+ printf($mlang_indwr['info_err'][$G_lang], $ret);
+ return FALSE;
+ }
+ }
else if ($argz[0] == 'prefs') {
if ($argz[1] == 'save') {
if (!isset($post['prefs'])) {
@@ -389,7 +436,7 @@ function index_wr_main(&$brisk, $remote_addr_full, $get, $post, $cookie)
if (($wa_lock = Warrant::lock_data(TRUE)) != FALSE) {
if (($fp = @fopen(LEGAL_PATH."/warrant.txt", 'a')) != FALSE) {
/* Unix time | session | nickname | IP | where was | mesg */
- fwrite($fp, sprintf("%ld|%s|%s|%s|\n", $curtime, xcapelt($user->name), xcapelt(urldecode($cli_name)), xcapelt(urldecode($cli_email))));
+ fwrite($fp, sprintf("%ld|%s|%s|%s|\n", $curtime, xcapelt($user->name), xcapelt(trim(urldecode($cli_name))), xcapelt(trim(urldecode($cli_email)))));
fclose($fp);
}
Warrant::unlock_data($wa_lock);
@@ -411,8 +458,8 @@ function index_wr_main(&$brisk, $remote_addr_full, $get, $post, $cookie)
if (($bdb = BriskDB::create()) == FALSE)
break;
- $cli_name = urldecode($cli_name);
- $cli_email = urldecode($cli_email);
+ $cli_name = trim(urldecode($cli_name));
+ $cli_email = trim(urldecode($cli_email));
// check for already used fields
if (($idret = $bdb->check_record_by_login_or_email($cli_name, $cli_email)) != 0) {
@@ -570,7 +617,7 @@ function index_wr_main(&$brisk, $remote_addr_full, $get, $post, $cookie)
$dobreak = FALSE;
do {
log_wr("INFO:SKIP:argz == poll name: [".$cli_poll_name."] AUTH: ".$user->is_auth());
- if ( ! $user->is_auth() ) {
+ if ( ! $user->is_auth() || $user->is_appr() ) {
// MLANG: Per partecipare al sondaggio devi essere autenticato.
$mesg_to_user = nickserv_msg($dt, $mlang_indwr['pollmust'][$G_lang]);
log_wr("break1");
@@ -780,12 +827,18 @@ function index_wr_main(&$brisk, $remote_addr_full, $get, $post, $cookie)
$not_allowed_msg = nickserv_msg($dt, sprintf($mlang_indwr['tabwait'][$G_lang],
$table->wakeup_time - $curtime));
}
- else if ($table->auth_type == TABLE_AUTH_TY_CERT && ( ! $user->is_cert() ) ) {
+ else if ( $table->auth_type == TABLE_AUTH_TY_CERT &&
+ (!$user->is_cert() || $user->is_appr()) ) {
$not_allowed_msg = nickserv_msg($dt, $mlang_indwr['mustcert'][$G_lang]);
}
- else if ($table->auth_type == TABLE_AUTH_TY_AUTH && ( ! $user->is_auth() ) ) {
+ else if ( $table->auth_type == TABLE_AUTH_TY_AUTH &&
+ (!$user->is_auth() || $user->is_appr()) ) {
$not_allowed_msg = nickserv_msg($dt, $mlang_indwr['mustauth'][$G_lang]);
}
+ else if ( $table->auth_type == TABLE_AUTH_TY_APPR &&
+ (!$user->is_auth()) ) {
+ $not_allowed_msg = nickserv_msg($dt, $mlang_indwr['mustappr'][$G_lang]);
+ }
else if ($user->flags & USER_FLAG_TY_FIRONLY && $table->player_n > 0) {
$not_allowed_msg = nickserv_msg($dt, $mlang_indwr['mustfirst'][$G_lang]);
}