X-Git-Url: https://mop.ddnsfree.com/gitweb/?a=blobdiff_plain;f=web%2Findex_wr.php;h=dd2d9db20043150470d3a79fda9510cde93a2923;hb=3bbccb8ce2566cabb37199c1e8ed7e9bdc23e426;hp=da0868b911528e68790a57f0082d14e1aeaeadb9;hpb=7f526939ded24298104cacd02b5f364bcc7bfa56;p=brisk.git
diff --git a/web/index_wr.php b/web/index_wr.php
index da0868b..dd2d9db 100644
--- a/web/index_wr.php
+++ b/web/index_wr.php
@@ -2,7 +2,7 @@
/*
* brisk - index_wr.php
*
- * Copyright (C) 2006-2014 Matteo Nastasi
+ * Copyright (C) 2006-2015 Matteo Nastasi
* mailto: nastasi@alternativeoutput.it
* matteo.nastasi@milug.org
* web: http://www.alternativeoutput.it
@@ -42,6 +42,8 @@ $mlang_indwr = array( 'unknownerr' => array( 'it' => 'errore sconosciuto',
'en' => 'To send a message to the administrator you have to be authenticated'),
'shutmsg' => array( 'it' => 'Il server sta per essere riavviato, non possono avere inizio nuove partite.',
'en' => 'The server is going to be rebooted, new games are not allowed.'),
+ 'mustappr' => array( 'it' => 'Il tavolo a cui volevi sederti richiede autentifica o apprendistato.',
+ 'en' => 'The table where you want to sit require authentication or apprentice'),
'mustauth' => array( 'it' => 'Il tavolo a cui volevi sederti richiede autentifica.',
'en' => 'The table where you want to sit require authentication'),
'mustcert' => array( 'it' => 'Il tavolo a cui volevi sederti richiede autentifica e certificazione.',
@@ -70,6 +72,10 @@ $mlang_indwr = array( 'unknownerr' => array( 'it' => 'errore sconosciuto',
'en' => '
You or someone with your same IP address is standing up from a table without the permission of the other players
You will wait '),
'badsit_b' => array( 'it' => ' prima di poterti sedere nuovamente.
Se non sei stato tu ad alzarti e possiedi un login con password, autenticandoti con quello, potrai accedere.',
'en' => ' before you can sit down again. If you don\'t leave the table and you have a login with a password, authenticating with this one you will access'),
+ 'nu_netguard' => array('it' => "Di recente è già arrivata una richiesta da un indirizzo IP simile al tuo, riprova tra qualche tempo.",
+ 'en' => "EN di recente è già arrivata una richiesta da un indirizzo IP simile al tuo, riprova tra qualche tempo."),
+ 'nu_unkerr' => array('it' => "Si è verificato un errore inatteso, contattare l'amministratore.",
+ 'en' => "EN Si è verificato un errore inatteso, contattare l'amministratore."),
'nu_loginau' => array('it' => "login già in uso",
'en' => "login already in use"),
'nu_emailau' => array('it' => "email già utilizzata",
@@ -113,6 +119,10 @@ Ti sei registrato col nickname \'%s\',
Ciò è necessario per ottenere la password.
Saluti e buone partite, mop.
',
'en' => 'EN mhtml [%s] [%s]'),
+ 'info_err' => array( 'it' => 'E\' occorso un errore (%d), riprova più tardi.',
+ 'en' => 'Some error occurs (%d), retry later.'),
+ 'info_auth' => array('it' => 'Non essendo autenticato non puoi costruire una rete di preferenze.',
+ 'en' => 'Some error occurs (%d), retry later.')
);
define('LICMGR_CHO_ACCEPT', 0);
@@ -121,13 +131,14 @@ define('LICMGR_CHO_AFTER', 2);
function index_wr_main(&$brisk, $remote_addr_full, $get, $post, $cookie)
{
- GLOBAL $G_domain, $G_webbase, $G_mail_seed;
+ GLOBAL $G_proto, $G_domain, $G_webbase, $G_mail_seed, $G_notguar_code;
GLOBAL $G_shutdown, $G_alarm_passwd, $G_ban_list, $G_black_list, $G_lang, $G_room_help, $G_room_about;
GLOBAL $G_room_passwdhowto, $mlang_indwr;
GLOBAL $G_tos_vers;
log_load("index_wr.php");
$remote_addr = addrtoipv4($remote_addr_full);
+ $remote_ip = ip2int($remote_addr);
if (($mesg = gpcs_var('mesg', $get, $post, $cookie)) === FALSE)
unset($mesg);
@@ -155,7 +166,7 @@ function index_wr_main(&$brisk, $remote_addr_full, $get, $post, $cookie)
$curtime = time();
$dt = date("H:i ", $curtime);
- if (($user = $brisk->get_user($sess, &$idx)) == FALSE) {
+ if (($user = $brisk->get_user($sess, $idx)) == FALSE) {
$argz = explode('|', xcapemesg($mesg));
if ($argz[0] == 'getchallenge') {
@@ -185,7 +196,7 @@ function index_wr_main(&$brisk, $remote_addr_full, $get, $post, $cookie)
echo '1|';
}
if ($chals->ismod()) {
- Challenges::save_data(&$chals);
+ Challenges::save_data($chals);
}
}
@@ -219,11 +230,7 @@ function index_wr_main(&$brisk, $remote_addr_full, $get, $post, $cookie)
echo show_notify(str_replace("\n", " ", placings_show(FALSE)), 0, $mlang_indwr['btn_close'][$G_lang], 800, 600);
}
- else if ($argz[0] == 'whysupport') {
- echo show_notify(str_replace("\n", " ", $G_room_whysupport[$G_lang]), 0, $mlang_indwr['btn_close'][$G_lng], 400, 200);
- }
- else if ($argz[0] == 'apprendice') {
- log_step("APPREND");
+ else if ($argz[0] == 'apprentice') {
if (($cli_name = gpcs_var('cli_name', $get, $post, $cookie)) === FALSE)
$cli_name = "";
@@ -235,11 +242,22 @@ function index_wr_main(&$brisk, $remote_addr_full, $get, $post, $cookie)
// check existence of username or email
$is_trans = FALSE;
do {
- if (($bdb = BriskDB::create()) == FALSE)
+ error_log($cli_name);
+ if (login_consistency($cli_name) == FALSE) {
+ $mesg_to_user = "Il nickname non è conforme alle regole per la sua costruzione.";
break;
+ }
- log_step("APPREND1");
- // FIXME: CHECK IP AS PREVIOUS REQUIRER
+ if (($bdb = BriskDB::create()) == FALSE) {
+ $mesg_to_user = "Connessione al database fallita";
+ break;
+ }
+
+ // check IP address as previous requirer
+ if ($bdb->selfreg_check($remote_ip) == FALSE) {
+ $mesg_to_user = $mlang_indwr['nu_netguard'][$G_lang];
+ break;
+ }
$cli_name = urldecode($cli_name);
$cli_email = urldecode($cli_email);
@@ -251,7 +269,6 @@ function index_wr_main(&$brisk, $remote_addr_full, $get, $post, $cookie)
$mlang_indwr['unknownerr'][$G_lang]));
break;
}
- log_step("APPREND2");
$bdb->transaction('BEGIN');
$is_trans = TRUE;
@@ -259,20 +276,21 @@ function index_wr_main(&$brisk, $remote_addr_full, $get, $post, $cookie)
// FIXME: move 'no-guaran' user into configuration file
if (($usr_obj = $bdb->user_add($cli_name, 'THE_PASS', $cli_email,
USER_FLAG_TY_DISABLE | USER_FLAG_TY_APPR,
- USER_DIS_REA_NU_MAILED, 10103)) == FALSE) {
+ USER_DIS_REA_NU_MAILED, $G_notguar_code)) == FALSE) {
fprintf(STDERR, "ERROR: user_add FAILED\n");
+ $mesg_to_user = "Fallito inserimento nel database.";
break;
}
- log_step("APPREND3");
if (($mail_code = $bdb->mail_reserve_code()) == FALSE) {
fprintf(STDERR, "ERROR: mail reserve code FAILED\n");
+ $mesg_to_user = "Fallita creazione codice email.";
break;
}
$hash = md5($curtime . $G_alarm_passwd . $cli_name . $cli_email);
- $confirm_page = sprintf("http://%s/%s/mailmgr.php?f_act=checkmail&f_code=%d&f_hash=%s",
- $G_domain, $G_webbase, $mail_code, $hash);
+ $confirm_page = sprintf("%s://%s/%s/mailmgr.php?f_act=checkmail&f_code=%d&f_hash=%s",
+ $G_proto, $G_domain, $G_webbase, $mail_code, $hash);
$subj = $mlang_indwr['nu_msubj'][$G_lang];
$body_txt = sprintf($mlang_indwr['ap_mtext'][$G_lang],
$cli_name, $confirm_page);
@@ -281,28 +299,35 @@ function index_wr_main(&$brisk, $remote_addr_full, $get, $post, $cookie)
$mail_item = new MailDBItem($mail_code, $usr_obj->code, MAIL_TYP_CHECK,
$curtime, $subj, $body_txt, $body_htm, $hash);
- log_step("APPREND4");
-
- if (brisk_mail($cli_email, $subj, $body_txt, $body_htm) == FALSE) {
- // mail error
- fprintf(STDERR, "ERROR: mail send FAILED\n");
- break;
- }
- log_step("APPREND5");
// save the mail
if ($mail_item->store($bdb) == FALSE) {
// store mail error
fprintf(STDERR, "ERROR: store mail FAILED\n");
+ $mesg_to_user = "Fallita procedura di store.";
+ break;
+ }
+
+ // check IP address as previous requirer
+ if ($bdb->selfreg_set($remote_ip) == FALSE) {
+ $mesg_to_user = $mlang_indwr['nu_unkerr'][$G_lang];
+ break;
+ }
+
+ if (brisk_mail($cli_email, $subj, $body_txt, $body_htm) == FALSE) {
+ // mail error
+ fprintf(STDERR, "ERROR: mail send FAILED\n");
+ $mesg_to_user = "Fallito invio email.";
break;
}
- log_step("APPREND6");
- echo "1";
$bdb->transaction('COMMIT');
+ // fprintf(STDERR, "REMOTE: %d\n", $remote_ip);
+ echo "1";
return TRUE;
} while(FALSE);
- $bdb->transaction('ROLLBACK');
+ if ($is_trans)
+ $bdb->transaction('ROLLBACK');
echo "$mesg_to_user";
return FALSE;
}
@@ -335,6 +360,26 @@ function index_wr_main(&$brisk, $remote_addr_full, $get, $post, $cookie)
if ($argz[0] == 'ping') {
log_wr("PING RECEIVED");
}
+ else if ($argz[0] == 'info') {
+ if ($user->is_auth()) {
+ if ($argz[1] == 'save') {
+ if (!isset($post['info'])) {
+ return FALSE;
+ }
+ if (($ret = $brisk->info_save($user, $post['info'])) == 0) {
+ echo "1";
+ return TRUE;
+ }
+
+ printf($mlang_indwr['info_err'][$G_lang], $ret);
+ return FALSE;
+ }
+ }
+ else {
+ printf($mlang_indwr['info_auth'][$G_lang]);
+ return FALSE;
+ }
+ }
else if ($argz[0] == 'prefs') {
if ($argz[1] == 'save') {
if (!isset($post['prefs'])) {
@@ -376,7 +421,7 @@ function index_wr_main(&$brisk, $remote_addr_full, $get, $post, $cookie)
if ($user->subst == 'sitdown' || $user->stat == 'table')
$brisk->room_wakeup($user);
else if ($user->subst == 'standup')
- $brisk->room_outstandup(&$user);
+ $brisk->room_outstandup($user);
else {
log_rd2("SHUTDOWN FROM WHAT ???");
}
@@ -396,7 +441,7 @@ function index_wr_main(&$brisk, $remote_addr_full, $get, $post, $cookie)
if (($wa_lock = Warrant::lock_data(TRUE)) != FALSE) {
if (($fp = @fopen(LEGAL_PATH."/warrant.txt", 'a')) != FALSE) {
/* Unix time | session | nickname | IP | where was | mesg */
- fwrite($fp, sprintf("%ld|%s|%s|%s|\n", $curtime, xcapelt($user->name), xcapelt(urldecode($cli_name)), xcapelt(urldecode($cli_email))));
+ fwrite($fp, sprintf("%ld|%s|%s|%s|\n", $curtime, xcapelt($user->name), xcapelt(trim(urldecode($cli_name))), xcapelt(trim(urldecode($cli_email)))));
fclose($fp);
}
Warrant::unlock_data($wa_lock);
@@ -418,8 +463,8 @@ function index_wr_main(&$brisk, $remote_addr_full, $get, $post, $cookie)
if (($bdb = BriskDB::create()) == FALSE)
break;
- $cli_name = urldecode($cli_name);
- $cli_email = urldecode($cli_email);
+ $cli_name = trim(urldecode($cli_name));
+ $cli_email = trim(urldecode($cli_email));
// check for already used fields
if (($idret = $bdb->check_record_by_login_or_email($cli_name, $cli_email)) != 0) {
@@ -443,8 +488,8 @@ function index_wr_main(&$brisk, $remote_addr_full, $get, $post, $cookie)
}
$hash = md5($curtime . $G_alarm_passwd . $cli_name . $cli_email);
- $confirm_page = sprintf("http://%s/%s/mailmgr.php?f_act=checkmail&f_code=%d&f_hash=%s",
- $G_domain, $G_webbase, $mail_code, $hash);
+ $confirm_page = sprintf("%s://%s/%s/mailmgr.php?f_act=checkmail&f_code=%d&f_hash=%s",
+ $G_proto, $G_domain, $G_webbase, $mail_code, $hash);
$subj = $mlang_indwr['nu_msubj'][$G_lang];
$body_txt = sprintf($mlang_indwr['nu_mtext'][$G_lang],
$user->name, $cli_name, $confirm_page);
@@ -577,7 +622,7 @@ function index_wr_main(&$brisk, $remote_addr_full, $get, $post, $cookie)
$dobreak = FALSE;
do {
log_wr("INFO:SKIP:argz == poll name: [".$cli_poll_name."] AUTH: ".$user->is_auth());
- if ( ! $user->is_auth() ) {
+ if ( ! $user->is_auth() || $user->is_appr() ) {
// MLANG: Per partecipare al sondaggio devi essere autenticato.
$mesg_to_user = nickserv_msg($dt, $mlang_indwr['pollmust'][$G_lang]);
log_wr("break1");
@@ -720,17 +765,9 @@ function index_wr_main(&$brisk, $remote_addr_full, $get, $post, $cookie)
log_wr($user->comm[$user->step % COMM_N]);
$user->step_inc();
- }
- else if ($argz[0] == 'whysupport') {
- $user->comm[$user->step % COMM_N] = "gst.st = ".($user->step+1)."; ";
- $user->comm[$user->step % COMM_N] .= show_notify(str_replace("\n", " ", $G_room_whysupport[$G_lang]), 0, $mlang_indwr['btn_backtotab'][$G_lang], 400, 200);
-
- log_wr($user->comm[$user->step % COMM_N]);
- $user->step_inc();
-
}
else if ($argz[0] == 'chatt') {
- $brisk->chatt_send(&$user, xcapemesg($mesg));
+ $brisk->chatt_send($user, xcapemesg($mesg), $mlang_indwr);
}
else if ($argz[0] == 'tosmgr') {
// check IF is authnticated user, both terms of service versions matches
@@ -787,12 +824,18 @@ function index_wr_main(&$brisk, $remote_addr_full, $get, $post, $cookie)
$not_allowed_msg = nickserv_msg($dt, sprintf($mlang_indwr['tabwait'][$G_lang],
$table->wakeup_time - $curtime));
}
- else if ($table->auth_type == TABLE_AUTH_TY_CERT && ( ! $user->is_cert() ) ) {
+ else if ( $table->auth_type == TABLE_AUTH_TY_CERT &&
+ (!$user->is_cert() || $user->is_appr()) ) {
$not_allowed_msg = nickserv_msg($dt, $mlang_indwr['mustcert'][$G_lang]);
}
- else if ($table->auth_type == TABLE_AUTH_TY_AUTH && ( ! $user->is_auth() ) ) {
+ else if ( $table->auth_type == TABLE_AUTH_TY_AUTH &&
+ (!$user->is_auth() || $user->is_appr()) ) {
$not_allowed_msg = nickserv_msg($dt, $mlang_indwr['mustauth'][$G_lang]);
}
+ else if ( $table->auth_type == TABLE_AUTH_TY_APPR &&
+ (!$user->is_auth()) ) {
+ $not_allowed_msg = nickserv_msg($dt, $mlang_indwr['mustappr'][$G_lang]);
+ }
else if ($user->flags & USER_FLAG_TY_FIRONLY && $table->player_n > 0) {
$not_allowed_msg = nickserv_msg($dt, $mlang_indwr['mustfirst'][$G_lang]);
}
@@ -880,7 +923,9 @@ function index_wr_main(&$brisk, $remote_addr_full, $get, $post, $cookie)
$bin5_user_cur->trans_step = $user_cur->step + 1;
$bin5_user_cur->comm[$bin5_user_cur->step % COMM_N] = "";
$bin5_user_cur->step_inc();
- $bin5_user_cur->comm[$bin5_user_cur->step % COMM_N] = show_table(&$bin5,&$bin5_user_cur,$bin5_user_cur->step+1,TRUE,FALSE);
+ $bin5_user_cur->comm[$bin5_user_cur->step % COMM_N] = show_table($bin5, $bin5_user_cur,
+ $bin5_user_cur->step+1,
+ TRUE, FALSE);
$bin5_user_cur->step_inc();
log_wr("TRY PRESAVE: ".$bin5_user_cur->step." TRANS STEP: ".$bin5_user_cur->trans_step);
@@ -911,16 +956,13 @@ function index_wr_main(&$brisk, $remote_addr_full, $get, $post, $cookie)
}
else if ($argz[0] == 'logout') {
$brisk->ghost_sess->push($curtime, $user->sess, GHOST_SESS_REAS_LOUT);
+
$user->the_end = TRUE;
+ $brisk->room_outstandup($user);
- if ($user->subst == 'sitdown') {
- log_load("ROOM WAKEUP");
- $brisk->room_wakeup($user);
- }
- else if ($user->subst == 'standup')
- $brisk->room_outstandup($user);
- else
- log_rd2("LOGOUT FROM WHAT ???");
+ $user->comm[$user->step % COMM_N] = "gst.st = ".($user->step+1)."; ";
+ $user->comm[$user->step % COMM_N] .= sprintf('gst.st_loc++; xstm.stop(); window.onbeforeunload = null; window.onunload = null; document.location.assign("index.php");');
+ $user->step_inc();
}
}
/**********************
@@ -939,9 +981,13 @@ function index_wr_main(&$brisk, $remote_addr_full, $get, $post, $cookie)
}
else if ($argz[0] == 'logout') {
$brisk->ghost_sess->push($curtime, $user->sess, GHOST_SESS_REAS_LOUT);
- $user->the_end = TRUE;
+ $user->the_end = TRUE;
$brisk->room_wakeup($user);
+
+ $user->comm[$user->step % COMM_N] = "gst.st = ".($user->step+1)."; ";
+ $user->comm[$user->step % COMM_N] .= sprintf('gst.st_loc++; xstm.stop(); window.onbeforeunload = null; window.onunload = null; document.location.assign("index.php");');
+ $user->step_inc();
}
}
}