<?
include './system/common.php';
include './system/functions.php';
include './system/user.php';
if(!$user) {
header('location: /');
exit;
}
if($user['save'] == 0){
if($user['akt-save'] == 0) {
header('location: /save?section=UserName');
exit;
}
if($user['akt-save'] == 1) {
header('location: /save?section=UserPassword');
exit;
}
if($user['akt-save'] == 2) {
header('location: /save?section=UserEmail');
exit;
}
if($user['akt-save'] == 3) {
header('location: /save?section=UserFemale');
exit;
}
}
$action = _string($_GET['action']);
switch($action) {
default:
$title = 'Настройки';
include './system/h.php';
?>
<div class="content">
<div class="header center block"><a href="/profile/<?=$user['id']?>/"><u><?=$user['login']?></u></a>/ <?=$title?></div>
<div class="dotted"></div><div class="menu"> <li><a href="/settings?action=login"><img src="/images/icons/settings.png" width="16" height="16" alt=""> Изменить погоняло</a></li>
<li><a href="/settings?action=password"><img src="/images/icons/settings.png" width="16" height="16" alt=""> Изменить пароль</a></li>
<li><a href="/settings?action=race"><img src="/images/icons/settings.png" width="16" height="16" alt=""> Изменить пол</a></li>
<li><a href="/settings?action=view-resources"><img src="/images/icons/settings.png" width="16" height="16" alt=""> Режим ресурсов</a></li>
<li><a href="/settings?action=coupons"><img src="/images/icons/note.png" width="16" height="16" alt=""> Использовать купон</a></li>
<li><a href="/settings?action=send-invitations"><img src="/images/icons/settings.png" width="16" height="16" alt=""> Режим приглашений</a></li>
<li><a href="/?exit"><img src="/images/icons/cross.png" width="16" height="16" alt=""> Выйти из игры</a></li></div></div>
<?
include './system/f.php';
break;
case 'login':
$title = 'Изменить логин';
include './system/h.php';
$login = _string($_POST['login']);
if($login) {
if($user['g'] < 250) $errors[] = 'Ошибка, нехватает <img src=\'/images/icon/gold.png\' alt=\'*\'> '.(250 - $user['g']).' золота<div class=\'separator\'></div><a href=\'/trade/\' class=\'button\'>Купить</a>';
if(!preg_match('/[a-z0-9а-я †‡±™®©¶°«»§~”“„’‘‹›‚′″ßæðğĥĵķľœīĩöºþýŕèŵçźñĺł]{2,20}/i', $login)) $errors[] = '<div class="alert"><span class="red">Ошибка</span><div>Имя персонажа введено неверно!</div></div><div class="dotted"></div>';
if(mysql_result(mysql_query('SELECT COUNT(*) FROM `users` WHERE `login` = \''.$login.'\''),0) != 0) $errors[] = '<div class="alert"><span class="red">Ошибка</span><div>Персонаж с такими именем уже зарегестрирован!</div></div><div class="dotted"></div>';
if($errors) {
echo '';
foreach($errors as $error) {
echo $error.'';
}
echo '</div>
<div class=\'dotted\'></div>';
}
else
{
$texy=" $user[login] сменил логин <img src=/images/icons/gold.png width=16 height=16 alt=> 250 ";
mysql_query('INSERT INTO `golds` SET `user` = "'.$user['id'].'",`time` = "'.time().'",`text` = "'.$texy.'",`loc`="1"');
mysql_query('UPDATE `users` SET `login` = \''.$login.'\',
`g` = `g` - 250 WHERE `id` = \''.$user['id'].'\'');
header('location: /');
}
}
?>
<div class="content"><div class="header center block"><a href="/settings/"><u>Настройки</u></a>/ <?=$title?></div>
<div class="dotted"></div>
<div class="block">Придумайте ваш будущий логин:<span class="blue"></span></div>
<div class="dotted"></div>
<form action="/settings?action=login" method="post">
<div class="block snow">
<input type="login" name="login" style="width:97%;height:30px">
</div><div class="dotted"></div><div class="center block"><span class="btn_start"><span class="btn_end">
<input class="btn" type="submit" name="sumbit" value="Сохранить"></span></span></span></div></form>
<div class="dotted"></div>
<div class="menu"><li><a href="/settings?section=all"><img src="/images/icons/right_white.png"> Вернуться назад</a></li></div></div>
<?
include './system/f.php';
break;
case 'coupons':
$title = 'Купоны';
include './system/h.php';
if ( isset($_POST['formCoupons']) ) {
$formCoupons = $_POST['formCoupons'];
$code = _string($formCoupons['code']);
$coupon = mysql_fetch_assoc(mysql_query('SELECT * FROM `coupons` WHERE `code` = "'.$code.'" AND `time` > '.time()));
if ( !$coupon || $coupon['use'] < 1 ) {
$_SESSION['error'] = 'Такой купон не существует';
header('Location: ?action=coupons');
exit;
}
$activated = mysql_fetch_assoc(mysql_query('SELECT `id` FROM `coupons_user` WHERE `user` = '.$user['id'].' AND `coupon` = '.$coupon['id']));
if ( $activated ) {
$_SESSION['error'] = 'Вы уже использовали этот купон';
header('Location: ?action=coupons');
exit;
}
$silver = $coupon['silver'];
$gold = $coupon['gold'];
$donate = $coupon['donate'];
$item_id = $coupon['item_id'];
mysql_query('INSERT INTO `coupons_user` (`user`, `coupon`) VALUES ('.$user['id'].', '.$coupon['id'].')');
mysql_query('UPDATE `coupons` SET `use` = `use` - 1 WHERE `id` = '.$coupon['id']);
mysql_query('UPDATE `users` SET `s` = `s` + '.$silver.', `g` = `g` + '.$gold.', `d` = `d` + '.$donate.', `donation` = `donation` + '.$item_id.' WHERE `id` = '.$user['id']);
$_SESSION['alert'] = '<div class="alert">
<div><img src="/images/icons/ok.png"> Купон успешно активирован</div>
<div class="blue">Получено:</div>
<div>
'.($silver ? ' <img src="/images/icons/silver.png" width="16" height="16" alt=""> '.n_f($silver) : false ).'
'.($gold ? ' <img src="/images/icons/gold.png" width="16" height="16" alt=""> '.n_f($gold) : false ).'
'.($donate ? ' <img src="/images/icons/donate.png" width="16" height="16" alt=""> '.n_f($donate) : false ).'
'.($item_id ? ' ₽'.n_f($item_id) : false ).'
</div>
</div>
<div class="alert_bottom"></div>';
header('Location: ?action=coupons');
exit;
}
if ( isset($_SESSION['alert']) ) {
echo $_SESSION['alert'];
unset($_SESSION['alert']);
}
echo '<div class="content">
<div class="header center block">
<a href="?">Настройки</a>/ Купоны
</div>
<div class="line"></div>
<form class="block" action="?action=coupons" method="post">
<div class="form-group field-text required '.(isset($_SESSION['error']) ? 'has-error' : false).'">
<label for="codeCoupons">Код</label>
<input type="text" class="form-control" id="codeCoupons" name="formCoupons[code]" aria-required="true">
<div class="help-block">'.(isset($_SESSION['error']) ? $_SESSION['error'] : false).'</div>
</div>
<span class="m3 btn_start middle"><span class="btn_end"><button class="btn">Использовать</button></span></span>
</form>
</div>';
if ( isset($_SESSION["error"]) ) {
unset($_SESSION["error"]);
}
include "./system/f.php";
exit;
break;
case 'password':
$title = 'Сменить пароль';
include './system/h.php';
echo '<div class="content"><div class="header center block"><a href="/settings/"><u>Настройки</u></a>/ '.$title.'</div>
<div class="dotted"></div>';
if(isset($_REQUEST['upspass'])) {
$np = _string($_POST['np']);
$npp = _string($_POST['npp']);
$hp = _string($_POST['hp']);
if(empty($hp) or empty($np) or empty($npp)) {
header("Location:/settings?action=password");
$_SESSION['err'] ='<div class="alert"><span class="red">Ошибка</span><div>Одно из полей не заполнено!</div></div><div class="dotted"></div>';
exit;}
if($np != $npp){
header("Location:/settings?action=password");
$_SESSION['err'] ='<div class="alert"><span class="red">Ошибка</span><div>Пароли не совпадают!</div></div><div class="dotted"></div>';
exit;}
if(mb_strlen($hp) < 4 or mb_strlen($np) < 4) {
header("Location:/settings?action=password");
$_SESSION['err'] ='<div class="alert"><span class="red">Ошибка</span><div>Короткий пароль!</div></div><div class="dotted"></div>';
exit;}
if (!preg_match('|^[a-z0-9\-]+$|i', $np)) {
header("Location:/settings?action=password");
$_SESSION['err'] ='<div class="alert"><span class="red">Ошибка</span><div>Кирилица запрещена!</div></div><div class="dotted"></div>';
exit;}
if (!preg_match('|^[a-z0-9\-]+$|i', $hp)) {
header("Location:/settings?action=password");
$_SESSION['err'] ='<div class="alert"><span class="red">Ошибка</span><div>Кирилица запрещена!</div></div><div class="dotted"></div>';
exit;}
$sql = mysql_fetch_assoc(mysql_query("SELECT `password` FROM `users` WHERE `id` = '".$user['id']."'"));
if($sql['password'] != $_POST['hp']) {
header("Location:/settings?action=password");
$_SESSION['err'] ='<div class="alert"><span class="red">Ошибка</span><div>Неверный старый пароль!</div></div><div class="dotted"></div>';
exit; }
mysql_query('UPDATE `users` SET `password` = \''.$_POST['np'].'\' WHERE `id` = \''.$user['id'].'\'');
setCookie('password', $_POST['np'], time() + 86400, '/');
header("Location:/settings?action=password");
$_SESSION['err'] ='<div class="alert"><span class="green">Поздравляем</span><div>Пароль успесшно изменён!</div></div><div class="dotted"></div>';
exit;
}
?>
<form action="" method="POST">
<div class="block snow">
<input type="password" name="hp" maxlength="25" style="width:97%;height:30px" placeholder="*Старый пароль"></div>
<div class="dotted"></div>
<div class="block snow">
<input type="password" name="np" maxlength="25" style="width:97%;height:30px" placeholder="*Новый пароль"></div>
<div class="dotted"></div>
<div class="block snow">
<input type="password" name="npp" maxlength="25" style="width:97%;height:30px" placeholder="*Повторите пароль"></div>
<div class="dotted"></div>
<div class="center block"><span class="btn_start"><span class="btn_end">
<input class="btn" type="submit" name="upspass" value="Сохранить"></span></span></span></div></form>
<div class="dotted"></div>
<div class="menu"><li><a href="/settings?section=all"><img src="/images/icons/right_white.png"> Вернуться назад</a></li></div></div>
<?
include './system/f.php';
break;
case 'race':
$title = 'Изменить пол';
include './system/h.php';
if(isset($_POST['submit'])){
$mail = intval($_POST['race']);
mysql_query("UPDATE users SET `r` ='$mail' WHERE id ='".$user['id']."'") or die(mysql_error());
echo '<div class="content block green">Сохранено!</div><div class="dotted"></div>';
}
?>
<div class="content"><div class="header center block"><a href="/settings/"><u>Настройки</u></a>/ <?=$title?></div>
<div class="dotted"></div>
<div class="block">Выберите ваш будущий пол:<span class="blue">(По умолчанию: мужчина)</span></div>
<div class="dotted"></div>
<form action="" method="POST"> <div class="block snow"> <select name="race" style="width:70%;height:30px">
<option value="0" >Мужчина</option>
<option value="1">Женщина</option>
</select> </div><div class="dotted"></div><div class="center block"><span class="btn_start"><span class="btn_end">
<input class="btn" type="submit" name="submit" value="Сохранить"></span></span></span></div></form>
<div class="dotted"></div>
<div class="menu content"><li><a href="/settings?section=all"><img src="/images/icons/right_white.png"> Вернуться назад</a></li></div></div>
<?
include './system/f.php';
break;
case 'view-resources':
$title = 'Режим ресурсов';
include './system/h.php';
if(isset($_POST['submit'])){
$mail = intval($_POST['view-resources']);
mysql_query("UPDATE users SET `view-resources` ='$mail' WHERE id ='".$user['id']."'") or die(mysql_error());
echo '<div class="content block green">Сохранено!</div><div class="dotted"></div>';
}
?>
<div class="content"> <div class="header center block"><a href="/settings/"><u>Настройки</u></a>/ <?=$title?></div>
<div class="dotted"></div>
<div class="block">Кто может видеть ваши ресурсы?<span class="blue">(По умолчанию: все)</span></div>
<div class="dotted"></div>
<form action="" method="POST"> <div class="block snow"> <select name="view-resources" style="width:70%;height:30px">
<option value="1" >Все</option>
<option value="0">Никто</option>
</select> </div><div class="dotted"></div><div class="center block"><span class="btn_start"><span class="btn_end">
<input class="btn" type="submit" name="submit" value="Сохранить"></span></span></span></div></form>
<div class="dotted"></div>
<div class="menu"><li><a href="/settings?section=all"><img src="/images/icons/right_white.png"> Вернуться назад</a></li></div></div>
<?
include './system/f.php';
break;
case 'send-invitations':
$title = 'Режим приглашений';
include './system/h.php';
if(isset($_POST['submit'])){
$mail = intval($_POST['send-invitations']);
mysql_query("UPDATE users SET `send-invitations` ='$mail' WHERE id ='".$user['id']."'") or die(mysql_error());
echo '<div class="content block green">Сохранено!</div><div class="dotted"></div>';
}
?>
<div class="content"><div class="header center block"><a href="/settings/"><u>Настройки</u></a>/ <?=$title?></div>
<div class="dotted"></div>
<div class="block">Кто может приглашать вас в банду?<span class="blue">(По умолчанию: все)</span></div>
<div class="dotted"></div>
<form action="" method="POST"> <div class="block snow"> <select name="send-invitations" style="width:70%;height:30px">
<option value="1" >Все</option>
<option value="0">Никто</option>
</select> </div><div class="dotted"></div><div class="center block"><span class="btn_start"><span class="btn_end">
<input class="btn" type="submit" name="submit" value="Сохранить"></span></span></span></div></form>
<div class="dotted"></div>
<div class="menu"><li><a href="/settings?section=all"><img src="/images/icons/right_white.png"> Вернуться назад</a></li></div></div>
<?
include './system/f.php';
break;
case 'email':
$title = 'Привязка EMAIL адреса';
include './system/h.php';
if(isset($_REQUEST['sumbit'])){
$email =_string($_POST['email']);
$code = md5(rand(10000000,9000000));
mysql_query('SELECT * FROM `users` WHERE `email` = "'.$email.'" AND `id` = "'.$user['id'].'"');
if(mysql_result(mysql_query('SELECT COUNT(*) FROM `users` WHERE `email` = "'.$email.'"'),0) != 0) {
header("Location:/settings?action=email");
$_SESSION['err'] = 'Такой e-mail уже занят';
exit;
}
elseif (!preg_match('/[0-9a-z_\-]+@[0-9a-z_\-^\.]+\.[a-z]{2,6}/i', $email)){
header("Location:/settings?action=email");
$_SESSION['err'] = 'Не правильный формат почтового ящика';
exit;
}
elseif($user['activation'] == 1){
header("Location:/settings?action=email");
$_SESSION['err'] = 'Вы уже подтвердили почтовый ящик';
exit;
}else{
mysql_query('UPDATE `users` SET `email` = "'.$email.'", `activation_code` = "'.$code.'", `activation` = "0" WHERE `id` = "'.$user['id'].'"');
$title = 'Подтверждение Email';
$to = $email;
$from = 'https://prison-online.tk';
$text ='
Здравствуйте, '.$user['login'].'.
Для привязки Вашего аккаунта к почтовому ящику перейдите по ссылке: http://'.$_SERVER['HTTP_HOST'].'/activation/'.$code.'
---------
Если Вы не заказывали подтверждение своего почтового ящика в нашей игре, то проигнорируйте данное письмо.';
mail($user2['ank_mail'],'=?utf-8?B?'.base64_encode($subject).'?=',$to,$from, $title, $text);
$_SESSION['err'] = 'Ссылка для подтверждения отправлена на вашу почту';
}
}
echo '<div class="cntr">';
if($user['activation'] == 0){
echo '<form action="" method="POST">';
echo 'Введите рабочую почту: <br/>';
echo '<input class="cntr" type="text" name="email" placeholder="Введите почту..."></br>';
echo '<span class="btn orange w160px mt5"><span class="be"><span class="plr10 bl"><input type="submit" class="lbl" name="sumbit" value="Подтвердить" ></span></span></span></br>';
echo '</form>';
} else {
echo 'Ваш аккаунт привязан к почте: </br><b>'.$user['email'].' </b></br>';
}
echo '</div>';
echo '<div class="bbtn mt5"><a href = "/settings/" class="lf"><span class="rt"><span class="lbl settings">Вернуться в настройки</span></span></a></div>';
include './system/f.php';
break;
}
?>