Digitalstack/myaac
2
0
Fork 0
mirror of https://github.com/slawkens/myaac.git synced 2025-10-14 09:44:55 +02:00
Code Issues Packages Projects Releases Wiki Activity

Refactor code, better $error messages

Browse Source
This commit is contained in:
slawkens
2025-09-14 20:49:14 +02:00
parent 849944ff20
commit 05b5e703ed
9 changed files with 180 additions and 102 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
system/pages/account/lost/base.php
View File

@@ -1,8 +1,10 @@
<?php <?php
defined('MYAAC') or die('Direct access not allowed!'); defined('MYAAC') or die('Direct access not allowed!');
function lostAccountCooldown(string $nick, int $time): string function lostAccountWriteCooldown(string $nick, int $time): void
{ {
global $twig;
$inSec = $time - time(); $inSec = $time - time();
$minutesLeft = floor($inSec / 60); $minutesLeft = floor($inSec / 60);
$secondsLeft = $inSec - ($minutesLeft * 60); $secondsLeft = $inSec - ($minutesLeft * 60);
@@ -10,5 +12,7 @@ function lostAccountCooldown(string $nick, int $time): string
$timeRounded = ceil(setting('core.mail_lost_account_interval') / 60); $timeRounded = ceil(setting('core.mail_lost_account_interval') / 60);
return "Account of selected character (<b>" . escapeHtml($nick) . "</b>) received e-mail in last $timeRounded minutes. You must wait $timeLeft before you can use Lost Account Interface again."; $twig->display('error_box.html.twig', [
'errors' => ["Account of selected character (<b>" . escapeHtml($nick) . "</b>) received e-mail in last $timeRounded minutes. You must wait $timeLeft before you can use Lost Account Interface again."]
]);
} }

20
system/pages/account/lost/email/send-code.php
View File

@@ -32,7 +32,11 @@ if($account->isLoaded()) {
$account->setCustomField('email_code', $newCode); $account->setCustomField('email_code', $newCode);
$account->setCustomField('email_next', (time() + setting('core.mail_lost_account_interval'))); $account->setCustomField('email_next', (time() + setting('core.mail_lost_account_interval')));
echo '<br />Details about steps required to recover your account has been sent to <b>' . $accountEMail . '</b>. You should receive this email within 15 minutes. Please check your inbox/spam directory.'; $twig->display('success.html.twig', [
'title' => 'Email has been sent',
'description' => 'Details about steps required to recover your account has been sent to <b>' . $accountEMail . '</b>. You should receive this email within 15 minutes. Please check your inbox/spam directory.',
'custom_buttons' => '',
]);
} }
else { else {
$account->setCustomField('email_next', (time() + 60)); $account->setCustomField('email_next', (time() + 60));
@@ -40,19 +44,25 @@ if($account->isLoaded()) {
} }
} }
else { else {
echo 'Invalid e-mail to account of character <b>' . htmlspecialchars($nick) . '</b>. Try again.'; $errors[] = 'Invalid e-mail to account of character <b>' . escapeHtml($nick) . '</b>. Try again.';
} }
} }
else { else {
echo lostAccountCooldown($nick, (int)$account->getCustomField('email_next')); lostAccountWriteCooldown($nick, (int)$account->getCustomField('email_next'));
} }
} }
else { else {
echo "Player or account of player <b>" . htmlspecialchars($nick) . "</b> doesn't exist."; $errors[] = "Player or account of player <b>" . escapeHtml($nick) . "</b> doesn't exist.";
}
if (!empty($errors)) {
$twig->display('error_box.html.twig', [
'errors' => $errors,
]);
} }
$twig->display('account.back_button.html.twig', [ $twig->display('account.back_button.html.twig', [
'new_line' => true, 'new_line' => true,
'center' => true, 'center' => true,
'action' => getLink('account/lost') . '?action=step1&action_type=email&nick=' . urlencode($nick), 'action' => getLink('account/lost/step-1') . '?action=email&nick=' . urlencode($nick),
]); ]);

82
system/pages/account/lost/email/set-new-password.php
View File

@@ -10,67 +10,71 @@ $code = $_REQUEST['code'];
$character = stripslashes($_REQUEST['character']); $character = stripslashes($_REQUEST['character']);
if(empty($code) || empty($character) || empty($newPassword)) { if(empty($code) || empty($character) || empty($newPassword)) {
echo '<span style="color: red"><b>Error. Try again.</b></span><br/>Please enter code from e-mail and name of one character from account. Then press Submit.<br>'; $errors[] = 'Please enter code from e-mail and name of one character from account. Then press Submit.';
$twig->display('error_box.html.twig', [
'errors' => $errors,
]);
$twig->display('account.back_button.html.twig', [ $twig->display('account.back_button.html.twig', [
'new_line' => true, 'new_line' => true,
'center' => true, 'center' => true,
'action' => getLink('account/lost/check-code') 'action' => getLink('account/lost/check-code')
]); ]);
return;
} }
else
{
$player = new OTS_Player();
$account = new OTS_Account();
$player->find($character);
if($player->isLoaded()) {
$account = $player->getAccount();
}
if($account->isLoaded()) { $player = new OTS_Player();
if($account->getCustomField('email_code') == $code) { $account = new OTS_Account();
if(Validator::password($newPassword)) { $player->find($character);
$tmp_new_pass = $newPassword; if($player->isLoaded()) {
if(USE_ACCOUNT_SALT) { $account = $player->getAccount();
$salt = generateRandomString(10, false, true, true); }
$tmp_new_pass = $salt . $newPassword;
$account->setCustomField('salt', $salt);
}
$account->setPassword(encrypt($tmp_new_pass)); if($account->isLoaded()) {
$account->save(); if($account->getCustomField('email_code') == $code) {
$account->setCustomField('email_code', ''); if(Validator::password($newPassword)) {
$tmp_new_pass = $newPassword;
if(USE_ACCOUNT_SALT) {
$salt = generateRandomString(10, false, true, true);
$tmp_new_pass = $salt . $newPassword;
$account->setCustomField('salt', $salt);
}
$mailBody = $twig->render('mail.account.lost.new-password.html.twig', [ $account->setPassword(encrypt($tmp_new_pass));
'account' => $account, $account->save();
'newPassword' => $newPassword, $account->setCustomField('email_code', '');
]);
$statusMsg = ''; $mailBody = $twig->render('mail.account.lost.new-password.html.twig', [
if(_mail($account->getCustomField('email'), configLua('serverName') . ' - Your new password', $mailBody)) { 'account' => $account,
$statusMsg = '<br /><small>New password work! Sent e-mail with your password and account name. You should receive this e-mail in 15 minutes. You can login now with new password!'; 'newPassword' => $newPassword,
} ]);
else {
$statusMsg = '<br /><p class="error">New password work! An error occurred while sending email! You will not receive e-mail with new password. For Admin: More info can be found in system/logs/mailer-error.log';
}
$twig->display('account/lost/finish.new-password.html.twig', [ $statusMsg = '';
'statusMsg' => $statusMsg, if(_mail($account->getCustomField('email'), configLua('serverName') . ' - Your new password', $mailBody)) {
'newPassword' => $newPassword, $statusMsg = '<br /><small>New password work! Sent e-mail with your password and account name. You should receive this e-mail in 15 minutes. You can login now with new password!';
]);
} }
else { else {
$error = Validator::getLastError(); $statusMsg = '<br /><p class="error">New password work! An error occurred while sending email! You will not receive e-mail with new password. For Admin: More info can be found in system/logs/mailer-error.log';
} }
$twig->display('account/lost/finish.new-password.html.twig', [
'statusMsg' => $statusMsg,
'newPassword' => $newPassword,
]);
} }
else { else {
$error = 'Wrong code to change password.'; $error = Validator::getLastError();
} }
} }
else { else {
$error = "Account of this character or this character doesn't exist."; $error = 'Wrong code to change password.';
} }
} }
else {
$error = "Account of this character or this character doesn't exist.";
}
if(!empty($error)) { if(!empty($error)) {
$twig->display('error_box.html.twig', [ $twig->display('error_box.html.twig', [

10
system/pages/account/lost/email/step-1.php
View File

@@ -14,11 +14,17 @@ if($account->isLoaded()) {
]); ]);
} }
else { else {
echo lostAccountCooldown($nick, (int)$account->getCustomField('email_next')); lostAccountWriteCooldown($nick, (int)$account->getCustomField('email_next'));
} }
} }
else { else {
echo "Player or account of player <b>" . escapeHtml($nick) . "</b> doesn't exist."; $errors[] = "Player or account of player <b>" . escapeHtml($nick) . "</b> doesn't exist.";
}
if (!empty($errors)) {
$twig->display('error_box.html.twig', [
'errors' => $errors,
]);
} }
$twig->display('account.back_button.html.twig', [ $twig->display('account.back_button.html.twig', [

10
system/pages/account/lost/recovery-key/step-1.php
View File

@@ -14,11 +14,17 @@ if($account->isLoaded()) {
]); ]);
} }
else { else {
echo 'Account of this character has no recovery key!'; $errors[] = 'Account of this character has no recovery key!';
} }
} }
else { else {
echo "Player or account of player <b>" . escapeHtml($nick) . "</b> doesn't exist."; $errors[] = "Player or account of player <b>" . escapeHtml($nick) . "</b> doesn't exist.";
}
if (!empty($errors)) {
$twig->display('error_box.html.twig', [
'errors' => $errors,
]);
} }
$twig->display('account.back_button.html.twig', [ $twig->display('account.back_button.html.twig', [

22
system/pages/account/lost/recovery-key/step-2.php
View File

@@ -5,7 +5,7 @@ csrfProtect();
$title = 'Lost Account'; $title = 'Lost Account';
$recKey = trim($_REQUEST['key']); $key = trim($_REQUEST['key']);
$nick = stripslashes($_REQUEST['nick']); $nick = stripslashes($_REQUEST['nick']);
$player = new OTS_Player(); $player = new OTS_Player();
@@ -18,25 +18,31 @@ if($player->isLoaded()) {
if($account->isLoaded()) { if($account->isLoaded()) {
$accountKey = $account->getCustomField('key'); $accountKey = $account->getCustomField('key');
if(!empty($accountKey)) { if(!empty($accountKey)) {
if($accountKey == $recKey) { if($accountKey == $key) {
$twig->display('account/lost/step2.html.twig', [ $twig->display('account/lost/recovery-key.step-2.html.twig', [
'nick' => $nick, 'nick' => $nick,
'recKey' => $recKey, 'key' => $key,
]); ]);
} }
else { else {
echo 'Wrong recovery key!'; $errors[] = 'Wrong recovery key!';
} }
} }
else { else {
echo 'Account of this character has no recovery key!'; $errors[] = 'Account of this character has no recovery key!';
} }
} }
else else
echo "Player or account of player <b>" . escapeHtml($nick) . "</b> doesn't exist."; $errors[] = "Player or account of player <b>" . escapeHtml($nick) . "</b> doesn't exist.";
if (!empty($errors)) {
$twig->display('error_box.html.twig', [
'errors' => $errors,
]);
}
$twig->display('account.back_button.html.twig', [ $twig->display('account.back_button.html.twig', [
'new_line' => true, 'new_line' => true,
'center' => true, 'center' => true,
'action' => getLink('account/lost') . '?action=step1&action_type=reckey&nick=' . urlencode($nick), 'action' => getLink('account/lost/step-1') . '?action=recovery-key&nick=' . urlencode($nick),
]); ]);

24
system/pages/account/lost/recovery-key/step-3.php
View File

@@ -5,7 +5,7 @@ csrfProtect();
$title = 'Lost Account'; $title = 'Lost Account';
$recKey = trim($_REQUEST['key']); $key = trim($_REQUEST['key']);
$nick = stripslashes($_REQUEST['nick']); $nick = stripslashes($_REQUEST['nick']);
$newPassword = trim($_REQUEST['passor']); $newPassword = trim($_REQUEST['passor']);
$newEmail = trim($_REQUEST['email']); $newEmail = trim($_REQUEST['email']);
@@ -21,7 +21,7 @@ if($account->isLoaded()) {
$accountKey = $account->getCustomField('key'); $accountKey = $account->getCustomField('key');
if(!empty($accountKey)) { if(!empty($accountKey)) {
if($accountKey == $recKey) { if($accountKey == $key) {
if(Validator::password($newPassword)) { if(Validator::password($newPassword)) {
if(Validator::email($newEmail)) { if(Validator::email($newEmail)) {
$account->setEMail($newEmail); $account->setEMail($newEmail);
@@ -48,7 +48,7 @@ if($account->isLoaded()) {
'newEmail' => $newEmail, 'newEmail' => $newEmail,
]); ]);
if(_mail($account->getCustomField('email'), $config['lua']['serverName']." - New password to your account", $mailBody)) { if(_mail($account->getCustomField('email'), configLua('serverName') . ' - New password to your account', $mailBody)) {
$statusMsg = '<br /><small>Sent e-mail with your account name and password to new e-mail. You should receive this e-mail in 15 minutes. You can login now with new password!</small>'; $statusMsg = '<br /><small>Sent e-mail with your account name and password to new e-mail. You should receive this e-mail in 15 minutes. You can login now with new password!</small>';
} }
else { else {
@@ -67,27 +67,33 @@ if($account->isLoaded()) {
]); ]);
} }
else { else {
echo Validator::getLastError(); $errors[] = Validator::getLastError();
} }
} }
else { else {
echo Validator::getLastError(); $errors[] = Validator::getLastError();
} }
} }
else { else {
echo 'Wrong recovery key!'; $errors[] = 'Wrong recovery key!';
} }
} }
else { else {
echo 'Account of this character has no recovery key!'; $errors[] = 'Account of this character has no recovery key!';
} }
} }
else { else {
echo "Player or account of player <b>" . escapeHtml($nick) . "</b> doesn't exist."; $errors[] = "Player or account of player <b>" . escapeHtml($nick) . "</b> doesn't exist.";
}
if (!empty($errors)) {
$twig->display('error_box.html.twig', [
'errors' => $errors,
]);
} }
$twig->display('account.back_button.html.twig', [ $twig->display('account.back_button.html.twig', [
'new_line' => true, 'new_line' => true,
'center' => true, 'center' => true,
'action' => getLink('account/lost') . '?action=step1&action_type=reckey&nick=' . urlencode($nick), 'action' => getLink('account/lost/step-1') . '?action=recovery-key&nick=' . urlencode($nick),
]); ]);

71
system/templates/account/lost/recovery-key.step-2.html.twig Normal file
View File

@@ -0,0 +1,71 @@
Set new password and e-mail to your account.<br>
<form action="{{ getLink('account/lost/recovery-key/step-3') }}" method="post">
{{ csrf() }}
<input type="hidden" name="key" VALUE="{{ key }}">
<input type="hidden" name="character" value="">
<table class="myaac-table" style="width: 100%">
<thead>
<tr>
<th class="white">
<b>Please enter new password and e-mail</b>
</th>
</tr>
</thead>
<tbody>
<tr>
<td>
<table>
<tr>
<td>
<label for="nick">Account of character:</label>
</td>
<td>
<input type="text" id="nick" name="nick" value="{{ nick }}" size="40" readonly="readonly">
</td>
</tr>
<tr>
<td>
<label for="nick">New password:</label>
</td>
<td>
<input id="passor" type="password" name="passor" value="" size="40">
</td>
</tr>
<tr>
<td>
<label for="nick">Repeat new password:</label>
</td>
<td>
<input id="passor2" type="password" name="passor" value="" size="40">
</td>
</tr>
<tr>
<td>
<label for="nick">New e-mail address:</label>
</td>
<td>
<input id="email" type="text" name="email" value="" size="40">
</td>
</tr>
</table>
</td>
</tr>
</tbody>
</table>
<br>
<table style="width: 100%">
<tr>
<td align="center">
{% set button_name = 'Submit' %}
{% include('buttons.base.html.twig') %}
</td>
</tr>
</table>
</form>

35
system/templates/account/lost/step2.html.twig
View File

@@ -1,35 +0,0 @@
Set new password and e-mail to your account.<br>
<form action="{{ getLink('account/lost/step-3') }}" method="post">
<input type="hidden" name="character" value="">
<table class="myaac-table" style="width: 100%">
<thead>
<tr>
<th class="white">
<b>Please enter new password and e-mail</b>
</th>
</tr>
</thead>
<tbody>
<tr>
<td>
Account of character:&nbsp;&nbsp;<input type="text" name="nick" value="{{ nick }}" size="40" readonly="readonly"><br/>
New password:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input id="passor" type="password" name="passor" value="" size="40"><br/>
Repeat new password:&nbsp;&nbsp;<input id="passor2" type="password" name="passor" value="" size="40"><br/>
New e-mail address:&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;<input id="email" type="text" name="email" value="" size="40"><br/>
<input type="hidden" name="key" VALUE="{{ recKey }}">
</td>
</tr>
</tbody>
</table>
<br>
<table style="width: 100%">
<tr>
<td align="center">
{% set button_name = 'Submit' %}
{% include('buttons.base.html.twig') %}
</td>
</tr>
</table>
</form>