yolinlin/aowow
1
0
Fork 0
mirror of https://github.com/Sarjuuk/aowow.git synced 2025-12-01 21:15:20 +08:00
Code Issues Packages Projects Releases Wiki Activity

Loot:

Browse Source 
* fixed indizes after revamp of loot-tables some time ago
User:
 * fixed IP-detection
 * moved name/pass checks to uniform function
This commit is contained in:
Sarjuuk
2015-01-18 18:46:48 +01:00
parent 4dd6ba47a7
commit c814ec7ef9
3 changed files with 68 additions and 42 deletions
Download Patch File Download Diff File Expand all files Collapse all files

50
includes/loot.class.php
View File

@@ -98,17 +98,17 @@ class Loot
foreach ($rows as $entry) foreach ($rows as $entry)
{ {
$set = array( $set = array(
'quest' => $entry['needsquest'], 'quest' => $entry['QuestRequired'],
'group' => $entry['groupid'], 'group' => $entry['GroupId'],
'parentRef' => $tableName == LOOT_REFERENCE ? $lootId : 0, 'parentRef' => $tableName == LOOT_REFERENCE ? $lootId : 0,
'realChanceMod' => $baseChance 'realChanceMod' => $baseChance
); );
// if ($entry['lootmode'] > 1) // if ($entry['LootMode'] > 1)
// { // {
$buff = []; $buff = [];
for ($i = 0; $i < 8; $i++) for ($i = 0; $i < 8; $i++)
if ($entry['lootmode'] & (1 << $i)) if ($entry['LootMode'] & (1 << $i))
$buff[] = $i + 1; $buff[] = $i + 1;
$set['mode'] = implode(', ', $buff); $set['mode'] = implode(', ', $buff);
@@ -129,50 +129,50 @@ class Loot
'25man heroic '25man heroic
*/ */
if ($entry['reference']) if ($entry['Reference'])
{ {
// bandaid.. remove when propperly handling lootmodes // bandaid.. remove when propperly handling lootmodes
if (!in_array($entry['reference'], $handledRefs)) if (!in_array($entry['Reference'], $handledRefs))
{ // todo (high): find out, why i used this in the first place. (don't do drugs, kids) { // todo (high): find out, why i used this in the first place. (don't do drugs, kids)
list($data, $raw) = self::getByContainerRecursive(LOOT_REFERENCE, $entry['reference'], $handledRefs, /*$entry['groupid'],*/ 0, $entry['chance'] / 100); list($data, $raw) = self::getByContainerRecursive(LOOT_REFERENCE, $entry['Reference'], $handledRefs, /*$entry['GroupId'],*/ 0, $entry['Chance'] / 100);
$handledRefs[] = $entry['reference']; $handledRefs[] = $entry['Reference'];
$loot = array_merge($loot, $data); $loot = array_merge($loot, $data);
$rawItems = array_merge($rawItems, $raw); $rawItems = array_merge($rawItems, $raw);
} }
$set['reference'] = $entry['reference']; $set['reference'] = $entry['Reference'];
$set['multiplier'] = $entry['maxcount']; $set['multiplier'] = $entry['MaxCount'];
} }
else else
{ {
$rawItems[] = $entry['item']; $rawItems[] = $entry['Item'];
$set['content'] = $entry['item']; $set['content'] = $entry['Item'];
$set['min'] = $entry['mincount']; $set['min'] = $entry['MinCount'];
$set['max'] = $entry['maxcount']; $set['max'] = $entry['MaxCount'];
} }
if (!isset($groupChances[$entry['groupid']])) if (!isset($groupChances[$entry['GroupId']]))
{ {
$groupChances[$entry['groupid']] = 0; $groupChances[$entry['GroupId']] = 0;
$nGroupEquals[$entry['groupid']] = 0; $nGroupEquals[$entry['GroupId']] = 0;
} }
if ($set['quest'] || !$set['group']) if ($set['quest'] || !$set['group'])
$set['groupChance'] = $entry['chance']; $set['groupChance'] = $entry['Chance'];
else if ($entry['groupid'] && !$entry['chance']) else if ($entry['GroupId'] && !$entry['Chance'])
{ {
$nGroupEquals[$entry['groupid']]++; $nGroupEquals[$entry['GroupId']]++;
$set['groupChance'] = &$groupChances[$entry['groupid']]; $set['groupChance'] = &$groupChances[$entry['GroupId']];
} }
else if ($entry['groupid'] && $entry['chance']) else if ($entry['GroupId'] && $entry['Chance'])
{ {
@$groupChances[$entry['groupid']] += $entry['chance']; @$groupChances[$entry['GroupId']] += $entry['Chance'];
$set['groupChance'] = $entry['chance']; $set['groupChance'] = $entry['Chance'];
} }
else // shouldn't have happened else // shouldn't have happened
{ {
Util::addNote(U_GROUP_EMPLOYEE, 'Loot::getByContainerRecursive: unhandled case in calculating chance for item '.$entry['item'].'!'); Util::addNote(U_GROUP_EMPLOYEE, 'Loot::getByContainerRecursive: unhandled case in calculating chance for item '.$entry['Item'].'!');
continue; continue;
} }

33
includes/user.class.php
View File

@@ -134,14 +134,17 @@ class User
foreach ($method as $m) foreach ($method as $m)
{ {
if ($ipAddr = getenv($m)) if ($rawIp = getenv($m))
{ {
if ($m == 'HTTP_X_FORWARDED')
$rawIp = explode(',', $rawIp)[0]; // [ip, proxy1, proxy2]
// check IPv4 // check IPv4
if ($ipAddr = filter_var($ipAddr, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4 | FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE)) if ($ipAddr = filter_var($rawIp, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4 | FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE))
break; break;
// check IPv6 // check IPv6
if ($ipAddr = filter_var($ipAddr, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6 | FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE)) if ($ipAddr = filter_var($rawIp, FILTER_VALIDATE_IP, FILTER_FLAG_IPV6 | FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE))
break; break;
} }
} }
@@ -363,6 +366,30 @@ class User
return self::$passHash == self::hashSHA1($name, $pass); return self::$passHash == self::hashSHA1($name, $pass);
} }
public static function isValidName($name, &$errCode = 0)
{
$errCode = 0;
if (strlen($name) < 4 || strlen($name) > 16)
$errCode = 1;
else if (preg_match('/[^\w\d]/i', $name))
$errCode = 2;
return $errCode == 0;
}
public static function isValidPass($pass, &$errCode = 0)
{
$errCode = 0;
if (strlen($pass) < 6 || strlen($pass) > 16)
$errCode = 1;
// else if (preg_match('/[^\w\d!"#\$%]/', $pass)) // such things exist..? :o
// $errCode = 2;
return $errCode == 0;
}
public static function save() public static function save()
{ {
$_SESSION['user'] = self::$id; $_SESSION['user'] = self::$id;

27
pages/account.php
View File

@@ -312,12 +312,17 @@ Markup.printHtml("description text here", "description-generic", { allow: Markup
private function doSignIn() private function doSignIn()
{ {
if (!isset($_POST['username']) || !isset($_POST['password'])) $username = @$_POST['username'];
$password = @$_POST['password'];
$doExpire = @$_POST['remember_me'] != 'yes';
// check username
if (!User::isValidName($username))
return Lang::$account['userNotFound']; return Lang::$account['userNotFound'];
$username = $_POST['username']; // check password
$password = $_POST['password']; if (!User::isValidPass($password))
$doExpire = $_POST['remember_me'] != 'yes'; return Lang::$account['wrongPass'];
switch (User::Auth($username, $password)) switch (User::Auth($username, $password))
{ {
@@ -369,18 +374,12 @@ Markup.printHtml("description text here", "description-generic", { allow: Markup
$doExpire = @$_POST['remember_me'] != 'yes'; $doExpire = @$_POST['remember_me'] != 'yes';
// check username // check username
if (strlen($username) < 4 || strlen($username) > 16) if (!User::isValidName($username, $e))
return Lang::$account['errNameLength']; return Lang::$account[$e == 1 ? 'errNameLength' : 'errNameChars'];
if (preg_match('/[^\w\d]/i', $username))
return Lang::$account['errNameChars'];
// check password // check password
if (strlen($password) < 6 || strlen($password) > 16) if (!User::isValidPass($password, $e))
return Lang::$account['errPassLength']; return Lang::$account[$e == 1 ? 'errPassLength' : 'errPassChars'];
// if (preg_match('/[^\w\d!"#\$%]/', $password)) // such things exist..? :o
// return Lang::$account['errPassChars'];
if ($password != $cPassword) if ($password != $cPassword)
return Lang::$account['passMismatch']; return Lang::$account['passMismatch'];