// initialise random seed
srand((double)microtime()*1000000);
require_once "../localise.php";
require_once "../vars.php";
require_once "$WWWROOT/../vendor/autoload.php";
# include_once "$SHAREDDIR/code.3rd/ez_sql_core.php";
# include_once "$SHAREDDIR/code.3rd/ez_sql_mysql.php";
include_once "$SHAREDDIR/code.3rd/browser.php";
include_once "$SSIDIR/shared.php";
include_once "$SSIDIR/class.user.php";
include_once "$SSIDIR/redis.php";
// block all access other than home
// if (1 | block_ip("allowed.txt")) {
if (0 & $_SERVER['HTTP_CF_CONNECTING_IP'] != "76.76.164.47") {
show_resource_page("holding");
exit;
}
// enable page compression
ob_start("ob_gzhandler");
// initialise database
// if (!($db = new ezSQL_mysqli($MYSQL_USERNAME, $MYSQL_PASSWORD, $MYSQL_DB, $MYSQL_HOST, 'UTF-8'))) show_resource_page("holding");
if (!($db = new ezSQL_mysqli($MYSQL_USERNAME, $MYSQL_PASSWORD, $MYSQL_DB, $MYSQL_HOST, 'utf8mb4'))) show_resource_page("holding");
// otherwise first $db->escape call fails for some reason
$db->query("SHOW TABLES");
// check we are using WWW.WarGear.net
// check_svr();
// check to see whether site is live or not - if not, only show pages to IP's in allowed.txt file
$SERVER_SETTINGS = cache_table_indexed("server_settings", $TBL_SETTINGS, "name", "*", "", $CACHETTL['Server Settings']);
if ($SERVER_SETTINGS['server_status']->setting == 'maintenance') {
if (!block_ip("allowed.txt")) show_resource_page("holding");
else $MAINTENANCE_MODE = TRUE;
}
// identify browser being used - used in various places to modify html / css produced
// $br = new Browser;
// retrieve all get variables from query uri
$GET = parse_uri($_SERVER['REQUEST_URI']);
// $rsection = $GET['section'];
// $action = $GET['action'];
// special case for cookies reset process
if (($rsection == "user") && ($action == "cookiereset")) {
setcookie ("np_sid", "", false, "/", "", "0");
setcookie ("p_sid", "", "10", "/", "", "0");
setcookie("cookie_check", "", false, "/", "", "0");
}
// special case for popups
if ($rsection == "popups") {
include "$POPUPDIR/$action.php";
exit;
}
if ($BOT_DETECTED = bot_detect($_SERVER['HTTP_USER_AGENT'])) system_log("Detected $BOT_DETECTED accessing " . $_SERVER['REQUEST_URI'], $LOG_BOT);
$USER = new cls_user;
// set cookie_check if we are at the login page - used to confirm whether cookies are on or off
if ($action == 'login') setcookie("cookie_check", "1", false, "/", "", "0");
// track machineid of this user
$USER->track_mid();
if ($_POST['loginbtn']) {
// check cookies are enabled on this computer by attempting to read cookie_check (set by login.php)
if (($action == 'login') && !($_COOKIE["cookie_check"])) {
include "$COMMONDIR/top.php";
include "$HTMLDIR/player/cookiefail.php";
include "$COMMONDIR/bottom.php";
exit;
}
$username = ($_POST['username']) ? safe_escape_string($_POST['username']) : "";
$password = ($_POST['password']) ? safe_escape_string($_POST['password']) : "";
$cookie_setting = ($_POST['cookie_setting']) ? safe_escape_string($_POST['cookie_setting']) : "";
$USER->login_user($username, $password, $cookie_setting);
// if login is successful and we are authenticated, redirect appropriately
if ($USER->authenticated) {
if ($_GET['urlsrc']) redirect(urldecode($_GET['urlsrc']));
else {
// check if this is their first time logging in - if so, show the welcome screen *** DISABLED ***
// if ($USER->first_login) redirect('/player/welcome');
// else redirect('');
redirect('');
}
}
}
else if ($action == 'logout') {
$USER->logout_user();
}
else {
$USER->authenticate();
setcookie ("np_un", str_replace(" ", "_", $USER->username), 0, "/");
setcookie ("np_sid2", $USER->password, 0, "/");
// pre-write username in login box when rememberme is set
if ($USER->cookie_setting == "rememberme") {
$username = $USER->username;
$cookie_setting = "rememberme";
}
}
// handle debug mode
// if (($_SERVER['REMOTE_ADDR'] == "220.235.193.145") && ($SERVER_SETTINGS['debug_mode']->setting) && $USER->security_check('System_Admin')) {
if ($USER->security_check('Display_Errors')) {
// error_reporting(E_ERROR);
// error_reporting(E_ALL & ~E_NOTICE & ~E_STRICT);
ini_set("display_errors", 1);
// error_reporting(E_ERROR | E_WARNING | E_PARSE);
// error_reporting(E_ALL & ~E_NOTICE & ~E_STRICT & ~E_DEPRECATED);
// error_reporting(E_ERROR);
// $DEBUG_MODE = TRUE;
}
else $db->hide_errors();
// output frame if appropriate and exit
if ($rsection == "frames") {
if (($USER->settings['work_mode'] == "on") && ($USER->account_type == "Premium")) $WORK_MODE = 1;
else $WORK_MODE = ($USER->account_type == "Premium") ? $_COOKIE["work_mode"] : 0;
include "$FRAMEDIR/$action.php";
include "$COMMONDIR/frame.php";
echo $body;
exit;
}
$base_uid = ($USER->session->managing_uid) ? $USER->session->managing_uid : $USER->uid;
$base_user = get_user($base_uid);
$IS_ADMIN = ($USER->security_check('System_Admin') || $USER->security_check('User_Manager')) ? 1 : 0;
$manage_uid = $_REQUEST['imp'];
// allow switching to managed accounts
if ($IS_ADMIN && $manage_uid) {
$USER->uid = $manage_uid;
$USER->session->uid = $manage_uid;
// debugstr($USER);
$USER->dbdata = $db->get_row("SELECT * FROM $TBL_USERS WHERE uid = '$manage_uid'");
$USER->setup_variables("database");
$managing_uid = ($base_uid == $manage_uid) ? "" : $base_uid;
$USER->session->managing_uid = $managing_uid;
$db->query("UPDATE $TBL_SESSIONS SET uid='" . $db->escape($manage_uid) . "', managing_uid = '$managing_uid' WHERE sid='" . $USER->session->sid . "'");
$memcache->delete("session_" . $USER->session->sid);
// redirect to get rid of the ?imp in URL
header("Location: " . strtok($_SERVER["REQUEST_URI"], '?'));
exit;
}
$IS_MANAGING_ACCOUNT = ($USER->session->managing_uid) ? 1 : 0;
// debug($USER, 0);
// count out how many games it is this player's turn in
if ($USER->authenticated) {
if ($USER->settings['timezone']) date_default_timezone_set($USER->settings['timezone']);
// set work mode if appropriate
// $WORK_MODE = (($USER->settings['work_mode'] == "on") && ($USER->account_type == "Premium")) ? 1 : 0;
if (($USER->settings['work_mode'] == "on") && ($USER->account_type == "Premium")) $WORK_MODE = 1;
else $WORK_MODE = ($USER->account_type == "Premium") ? $_COOKIE["work_mode"] : 0;
// debug($WORK_MODE, 0);
$current_turns = get_current_turns($USER->uid);
$num_turns = ($current_turns) ? count($current_turns) : 0;
if ($num_turns) foreach ($current_turns as $turn) {
if ($turn->gamestatus != "Open") $current_turnids[] = $turn->gameid;
}
if (!$current_turnids) $current_turnids = array();
}
else $USER->settings = array();
// debug(get_current_turns($USER->uid));
// if ($USER->username == "tom") $db->debug();
// SELECT gameid FROM users_games WHERE uid = '4df7287c24258a6ef3f32e77c9d39c3e' AND turn = 1
// $db->debug();
// set up variables which define if any instant notifications are enabled and if cometchat is enabled
// $NOTIFICATIONS_ENABLED = ($USER->authenticated && (($USER->settings['instant_realtime'] != "Off") || ($USER->settings['instant_regular'] != "Off") || ($USER->settings['instant_realtime_turn'] != "Off") || ($USER->settings['instant_regular_turn'] != "Off") || ($USER->settings['instant_game_events'] != "Off")) ) ? 1 : 0;
$NOTIFICATIONS_ENABLED = ($USER->authenticated) ? 1 : 0;
// $COMETCHAT_ENABLED = (!stristr($_SERVER['SERVER_SOFTWARE'], "Win32x") && $USER->authenticated && ($USER->settings['chat_bar'] != "off")) ? 1 : 0;
$COMETCHAT_ENABLED = 0;
// used by both top.php and realime notification code later on, hence need it up here
if ($open_gamelist = cache_table_indexed("open_games", "$TBL_GAMES, $TBL_BOARDS", "gameid", "$TBL_GAMES.gameid, $TBL_GAMES.name, $TBL_GAMES.host, $TBL_GAMES.createstamp, $TBL_GAMES.boot_time, $TBL_GAMES.clock_type, $TBL_GAMES.delay_time, $TBL_GAMES.boardid, $TBL_GAMES.players, $TBL_GAMES.num_players, $TBL_GAMES.flags, $TBL_BOARDS.boardname, $TBL_BOARDS.favorites, $TBL_BOARDS.image_extension", "WHERE $TBL_GAMES.gamestatus='Open' AND $TBL_GAMES.gametype='Public' AND $TBL_GAMES.flags = 0 AND $TBL_GAMES.boardid = $TBL_BOARDS.boardid ORDER BY $TBL_GAMES.gameid ASC", $CACHETTL['Open Game List'])) {
foreach ($open_gamelist as $game) if (!$USER->authenticated || !stristr($game->players, $USER->uid)) {
if (!(($USER->settings['show_open_dev_games'] != "on") && ($game->flags & $GAME_FLAGS['dev_mode_on']))) {
if ( (($game->clock_type == "Fischer") && ($game->delay_time < 1800)) || (($game->clock_type != "Fischer") && ($game->boot_time < 1800)) ) $realtime_gamecount++;
else $daily_gamecount++;
}
}
}
system_log($_SERVER['REQUEST_URI'], "access");
include "$HTMLDIR/$rsection/$action.php";
include "$COMMONDIR/top.php";
if ($DEBUG_MODE || 0) echo "Debug Info
$debugtxt
";
if ($num_errors || $infomsg || $confirmmsg) include "$WIDGETDIR/errorbox.php";
echo $body;
// always write current turn data and list of games where it is the user's turn
echo "
";
// add realtime game instant notification information
if ($NOTIFICATIONS_ENABLED) {
echo "
";
}
// check and output notifications immediately if required
if ($USER->instants) {
// debug($USER->instants);
// sinstant variable is used to suppress display of notifications - this is to ensure that if a link is clicked within a notification it doesn't
// subsequently show up even if the rails call completes after the next page loads
foreach ($USER->instants as $timestamp => $instant) if ($_GET['sinstant'] != $timestamp) {
// build options
$arroptions = array();
if ($instant->rails) $arroptions[] = "close: function(e,m) {" . '$' . ".get('/rails?function=hide_notification&uid=$USER->uid×tamp=$timestamp');}";
if ($instant->header) $arroptions[] = "header: '" . addslashes($instant->header) . "'";
if ($instant->sticky) $arroptions[] = "sticky: true";
$options = implode(",", $arroptions);
// modify click event on any links inside messages so that clicking on the link sends a rails message to stop displaying the instant notification
if ($instant->rails && stristr($instant->message, "uid×tamp=$timestamp');" . '"' . " href=", $instant->message);
$instant->message = str_replace("'>", "?sinstant=$timestamp'>", $instant->message);
}
$instant->message = addslashes($instant->message);
echo "";
// erase instants from user entry in database if we don't need a rails call to do this
if (!$instant->rails) {
unset($USER->instants[$timestamp]);
$db->query("UPDATE $TBL_USERS SET instants='" . $db->escape(serialize($USER->instants)) . "' WHERE uid = '$USER->uid'");
$memcache->delete("user_$USER->uid");
}
}
}
echo $debug;
include "$COMMONDIR/bottom.php";
?>