escape call fails for some reason $db->query("SHOW TABLES"); // check we are using WWW.WarGear.net // check_svr(); // check to see whether site is live or not - if not, only show pages to IP's in allowed.txt file $SERVER_SETTINGS = cache_table_indexed("server_settings", $TBL_SETTINGS, "name", "*", "", $CACHETTL['Server Settings']); if ($SERVER_SETTINGS['server_status']->setting == 'maintenance') { if (!block_ip("allowed.txt")) show_resource_page("holding"); else $MAINTENANCE_MODE = TRUE; } // identify browser being used - used in various places to modify html / css produced // $br = new Browser; // retrieve all get variables from query uri $GET = parse_uri($_SERVER['REQUEST_URI']); // $rsection = $GET['section']; // $action = $GET['action']; // special case for cookies reset process if (($rsection == "user") && ($action == "cookiereset")) { setcookie ("np_sid", "", false, "/", "", "0"); setcookie ("p_sid", "", "10", "/", "", "0"); setcookie("cookie_check", "", false, "/", "", "0"); } // special case for popups if ($rsection == "popups") { include "$POPUPDIR/$action.php"; exit; } if ($BOT_DETECTED = bot_detect($_SERVER['HTTP_USER_AGENT'])) system_log("Detected $BOT_DETECTED accessing " . $_SERVER['REQUEST_URI'], $LOG_BOT); $USER = new cls_user; // set cookie_check if we are at the login page - used to confirm whether cookies are on or off if ($action == 'login') setcookie("cookie_check", "1", false, "/", "", "0"); // track machineid of this user $USER->track_mid(); if ($_POST['loginbtn']) { // check cookies are enabled on this computer by attempting to read cookie_check (set by login.php) if (($action == 'login') && !($_COOKIE["cookie_check"])) { include "$COMMONDIR/top.php"; include "$HTMLDIR/player/cookiefail.php"; include "$COMMONDIR/bottom.php"; exit; } $username = ($_POST['username']) ? safe_escape_string($_POST['username']) : ""; $password = ($_POST['password']) ? safe_escape_string($_POST['password']) : ""; $cookie_setting = ($_POST['cookie_setting']) ? safe_escape_string($_POST['cookie_setting']) : ""; $USER->login_user($username, $password, $cookie_setting); // if login is successful and we are authenticated, redirect appropriately if ($USER->authenticated) { if ($_GET['urlsrc']) redirect(urldecode($_GET['urlsrc'])); else { // check if this is their first time logging in - if so, show the welcome screen *** DISABLED *** // if ($USER->first_login) redirect('/player/welcome'); // else redirect(''); redirect(''); } } } else if ($action == 'logout') { $USER->logout_user(); } else { $USER->authenticate(); setcookie ("np_un", str_replace(" ", "_", $USER->username), 0, "/"); setcookie ("np_sid2", $USER->password, 0, "/"); // pre-write username in login box when rememberme is set if ($USER->cookie_setting == "rememberme") { $username = $USER->username; $cookie_setting = "rememberme"; } } // handle debug mode // if (($_SERVER['REMOTE_ADDR'] == "220.235.193.145") && ($SERVER_SETTINGS['debug_mode']->setting) && $USER->security_check('System_Admin')) { if ($USER->security_check('Display_Errors')) { // error_reporting(E_ERROR); // error_reporting(E_ALL & ~E_NOTICE & ~E_STRICT); ini_set("display_errors", 1); // error_reporting(E_ERROR | E_WARNING | E_PARSE); // error_reporting(E_ALL & ~E_NOTICE & ~E_STRICT & ~E_DEPRECATED); // error_reporting(E_ERROR); // $DEBUG_MODE = TRUE; } else $db->hide_errors(); // output frame if appropriate and exit if ($rsection == "frames") { if (($USER->settings['work_mode'] == "on") && ($USER->account_type == "Premium")) $WORK_MODE = 1; else $WORK_MODE = ($USER->account_type == "Premium") ? $_COOKIE["work_mode"] : 0; include "$FRAMEDIR/$action.php"; include "$COMMONDIR/frame.php"; echo $body; exit; } $base_uid = ($USER->session->managing_uid) ? $USER->session->managing_uid : $USER->uid; $base_user = get_user($base_uid); $IS_ADMIN = ($USER->security_check('System_Admin') || $USER->security_check('User_Manager')) ? 1 : 0; $manage_uid = $_REQUEST['imp']; // allow switching to managed accounts if ($IS_ADMIN && $manage_uid) { $USER->uid = $manage_uid; $USER->session->uid = $manage_uid; // debugstr($USER); $USER->dbdata = $db->get_row("SELECT * FROM $TBL_USERS WHERE uid = '$manage_uid'"); $USER->setup_variables("database"); $managing_uid = ($base_uid == $manage_uid) ? "" : $base_uid; $USER->session->managing_uid = $managing_uid; $db->query("UPDATE $TBL_SESSIONS SET uid='" . $db->escape($manage_uid) . "', managing_uid = '$managing_uid' WHERE sid='" . $USER->session->sid . "'"); $memcache->delete("session_" . $USER->session->sid); // redirect to get rid of the ?imp in URL header("Location: " . strtok($_SERVER["REQUEST_URI"], '?')); exit; } $IS_MANAGING_ACCOUNT = ($USER->session->managing_uid) ? 1 : 0; // debug($USER, 0); // count out how many games it is this player's turn in if ($USER->authenticated) { if ($USER->settings['timezone']) date_default_timezone_set($USER->settings['timezone']); // set work mode if appropriate // $WORK_MODE = (($USER->settings['work_mode'] == "on") && ($USER->account_type == "Premium")) ? 1 : 0; if (($USER->settings['work_mode'] == "on") && ($USER->account_type == "Premium")) $WORK_MODE = 1; else $WORK_MODE = ($USER->account_type == "Premium") ? $_COOKIE["work_mode"] : 0; // debug($WORK_MODE, 0); $current_turns = get_current_turns($USER->uid); $num_turns = ($current_turns) ? count($current_turns) : 0; if ($num_turns) foreach ($current_turns as $turn) { if ($turn->gamestatus != "Open") $current_turnids[] = $turn->gameid; } if (!$current_turnids) $current_turnids = array(); } else $USER->settings = array(); // debug(get_current_turns($USER->uid)); // if ($USER->username == "tom") $db->debug(); // SELECT gameid FROM users_games WHERE uid = '4df7287c24258a6ef3f32e77c9d39c3e' AND turn = 1 // $db->debug(); // set up variables which define if any instant notifications are enabled and if cometchat is enabled // $NOTIFICATIONS_ENABLED = ($USER->authenticated && (($USER->settings['instant_realtime'] != "Off") || ($USER->settings['instant_regular'] != "Off") || ($USER->settings['instant_realtime_turn'] != "Off") || ($USER->settings['instant_regular_turn'] != "Off") || ($USER->settings['instant_game_events'] != "Off")) ) ? 1 : 0; $NOTIFICATIONS_ENABLED = ($USER->authenticated) ? 1 : 0; // $COMETCHAT_ENABLED = (!stristr($_SERVER['SERVER_SOFTWARE'], "Win32x") && $USER->authenticated && ($USER->settings['chat_bar'] != "off")) ? 1 : 0; $COMETCHAT_ENABLED = 0; // used by both top.php and realime notification code later on, hence need it up here if ($open_gamelist = cache_table_indexed("open_games", "$TBL_GAMES, $TBL_BOARDS", "gameid", "$TBL_GAMES.gameid, $TBL_GAMES.name, $TBL_GAMES.host, $TBL_GAMES.createstamp, $TBL_GAMES.boot_time, $TBL_GAMES.clock_type, $TBL_GAMES.delay_time, $TBL_GAMES.boardid, $TBL_GAMES.players, $TBL_GAMES.num_players, $TBL_GAMES.flags, $TBL_BOARDS.boardname, $TBL_BOARDS.favorites, $TBL_BOARDS.image_extension", "WHERE $TBL_GAMES.gamestatus='Open' AND $TBL_GAMES.gametype='Public' AND $TBL_GAMES.flags = 0 AND $TBL_GAMES.boardid = $TBL_BOARDS.boardid ORDER BY $TBL_GAMES.gameid ASC", $CACHETTL['Open Game List'])) { foreach ($open_gamelist as $game) if (!$USER->authenticated || !stristr($game->players, $USER->uid)) { if (!(($USER->settings['show_open_dev_games'] != "on") && ($game->flags & $GAME_FLAGS['dev_mode_on']))) { if ( (($game->clock_type == "Fischer") && ($game->delay_time < 1800)) || (($game->clock_type != "Fischer") && ($game->boot_time < 1800)) ) $realtime_gamecount++; else $daily_gamecount++; } } } system_log($_SERVER['REQUEST_URI'], "access"); include "$HTMLDIR/$rsection/$action.php"; include "$COMMONDIR/top.php"; if ($DEBUG_MODE || 0) echo "Debug Info
$debugtxt
"; if ($num_errors || $infomsg || $confirmmsg) include "$WIDGETDIR/errorbox.php"; echo $body; // always write current turn data and list of games where it is the user's turn echo " "; // add realtime game instant notification information if ($NOTIFICATIONS_ENABLED) { echo " "; } // check and output notifications immediately if required if ($USER->instants) { // debug($USER->instants); // sinstant variable is used to suppress display of notifications - this is to ensure that if a link is clicked within a notification it doesn't // subsequently show up even if the rails call completes after the next page loads foreach ($USER->instants as $timestamp => $instant) if ($_GET['sinstant'] != $timestamp) { // build options $arroptions = array(); if ($instant->rails) $arroptions[] = "close: function(e,m) {" . '$' . ".get('/rails?function=hide_notification&uid=$USER->uid×tamp=$timestamp');}"; if ($instant->header) $arroptions[] = "header: '" . addslashes($instant->header) . "'"; if ($instant->sticky) $arroptions[] = "sticky: true"; $options = implode(",", $arroptions); // modify click event on any links inside messages so that clicking on the link sends a rails message to stop displaying the instant notification if ($instant->rails && stristr($instant->message, "uid×tamp=$timestamp');" . '"' . " href=", $instant->message); $instant->message = str_replace("'>", "?sinstant=$timestamp'>", $instant->message); } $instant->message = addslashes($instant->message); echo ""; // erase instants from user entry in database if we don't need a rails call to do this if (!$instant->rails) { unset($USER->instants[$timestamp]); $db->query("UPDATE $TBL_USERS SET instants='" . $db->escape(serialize($USER->instants)) . "' WHERE uid = '$USER->uid'"); $memcache->delete("user_$USER->uid"); } } } echo $debug; include "$COMMONDIR/bottom.php"; ?>