diff --git a/images/global/general/blank.gif b/images/global/general/blank.gif new file mode 100755 index 00000000..e0144fbc Binary files /dev/null and b/images/global/general/blank.gif differ diff --git a/images/global/general/box-bottom.gif b/images/global/general/box-bottom.gif new file mode 100755 index 00000000..e9e0aa0e Binary files /dev/null and b/images/global/general/box-bottom.gif differ diff --git a/images/global/general/box-top.gif b/images/global/general/box-top.gif new file mode 100755 index 00000000..ba0e821f Binary files /dev/null and b/images/global/general/box-top.gif differ diff --git a/images/global/general/chain.gif b/images/global/general/chain.gif new file mode 100755 index 00000000..ff3120f8 Binary files /dev/null and b/images/global/general/chain.gif differ diff --git a/images/global/general/favicon.ico b/images/global/general/favicon.ico new file mode 100755 index 00000000..26e19005 Binary files /dev/null and b/images/global/general/favicon.ico differ diff --git a/images/global/general/hide.gif b/images/global/general/hide.gif new file mode 100755 index 00000000..fe35728e Binary files /dev/null and b/images/global/general/hide.gif differ diff --git a/images/global/general/minus.gif b/images/global/general/minus.gif new file mode 100755 index 00000000..ee030eb2 Binary files /dev/null and b/images/global/general/minus.gif differ diff --git a/images/global/general/nok.gif b/images/global/general/nok.gif new file mode 100755 index 00000000..4b8f2c23 Binary files /dev/null and b/images/global/general/nok.gif differ diff --git a/images/global/general/ok.gif b/images/global/general/ok.gif new file mode 100755 index 00000000..aaa36a95 Binary files /dev/null and b/images/global/general/ok.gif differ diff --git a/images/global/general/plus.gif b/images/global/general/plus.gif new file mode 100755 index 00000000..2346f79a Binary files /dev/null and b/images/global/general/plus.gif differ diff --git a/images/global/general/show.gif b/images/global/general/show.gif new file mode 100755 index 00000000..a27a1748 Binary files /dev/null and b/images/global/general/show.gif differ diff --git a/index.php b/index.php index b6dbc7ce..e10e0a80 100644 --- a/index.php +++ b/index.php @@ -30,6 +30,11 @@ // ini_set('display_startup_errors', 1); // error_reporting(E_ALL); +if(preg_match("/^(.*)\.(gif|png|jpg|jpeg|tiff|bmp|css|js|less|map|html|php|zip|rar|gz)$/i", $_SERVER['REQUEST_URI'])) { + header("HTTP/1.0 404 Not Found"); + exit; +} + require_once('common.php'); require_once(BASE . 'config.local.php'); @@ -80,11 +85,6 @@ else { '/^characters\/[A-Za-z0-9-_%+\']+$/' => array('subtopic' => 'characters', 'name' => '$1'), '/^commands\/add\/?$/' => array('subtopic' => 'commands', 'action' => 'add'), '/^commands\/edit\/?$/' => array('subtopic' => 'commands', 'action' => 'edit'), - '/^news\/add\/?$/' => array('subtopic' => 'news', 'action' => 'add'), - '/^news\/edit\/?$/' => array('subtopic' => 'news', 'action' => 'edit'), - '/^news\/archive\/?$/' => array('subtopic' => 'newsarchive'), - '/^news\/archive\/[0-9]+\/?$/' => array('subtopic' => 'newsarchive', 'id' => '$2'), - '/^guilds\/[A-Za-z0-9-_%+\']+$/' => array('subtopic' => 'guilds', 'action' => 'show', 'guild' => '$1'), '/^faq\/add\/?$/' => array('subtopic' => 'faq', 'action' => 'add'), '/^faq\/edit\/?$/' => array('subtopic' => 'faq', 'action' => 'edit'), '/^forum\/add_board\/?$/' => array('subtopic' => 'forum', 'action' => 'add_board'),# @@ -93,11 +93,19 @@ else { '/^forum\/board\/[0-9]+\/[0-9]+\/?$/' => array('subtopic' => 'forum', 'action' => 'show_board', 'id' => '$2', 'page' => '$3'), '/^forum\/thread\/[0-9]+\/?$/' => array('subtopic' => 'forum', 'action' => 'show_thread', 'id' => '$2'), '/^forum\/thread\/[0-9]+\/[0-9]+\/?$/' => array('subtopic' => 'forum', 'action' => 'show_thread', 'id' => '$2', 'page' => '$3'), + '/^gallery\/add\/?$/' => array('subtopic' => 'gallery', 'action' => 'add'), + '/^gallery\/edit\/?$/' => array('subtopic' => 'gallery', 'action' => 'edit'), + '/^gallery\/[0-9]+\/?$/' => array('subtopic' => 'gallery', 'image' => '$1'), '/^gifts\/history\/?$/' => array('subtopic' => 'gifts', 'action' => 'show_history'), + '/^guilds\/[A-Za-z0-9-_%+\']+$/' => array('subtopic' => 'guilds', 'action' => 'show', 'guild' => '$1'), '/^highscores\/[A-Za-z0-9-_]+\/[A-Za-z0-9-_]+\/[0-9]+\/?$/' => array('subtopic' => 'highscores', 'list' => '$1', 'vocation' => '$2', 'page' => '$3'), '/^highscores\/[A-Za-z0-9-_]+\/[0-9]+\/?$/' => array('subtopic' => 'highscores', 'list' => '$1', 'page' => '$2'), '/^highscores\/[A-Za-z0-9-_]+\/[A-Za-z0-9-_]+\/?$/' => array('subtopic' => 'highscores', 'list' => '$1', 'vocation' => '$2'), '/^highscores\/[A-Za-z0-9-_\']+\/?$/' => array('subtopic' => 'highscores', 'list' => '$1'), + '/^news\/add\/?$/' => array('subtopic' => 'news', 'action' => 'add'), + '/^news\/edit\/?$/' => array('subtopic' => 'news', 'action' => 'edit'), + '/^news\/archive\/?$/' => array('subtopic' => 'newsarchive'), + '/^news\/archive\/[0-9]+\/?$/' => array('subtopic' => 'newsarchive', 'id' => '$2'), '/^polls\/[0-9]+\/?$/' => array('subtopic' => 'polls', 'id' => '$1') ); diff --git a/install/steps/database.php b/install/steps/database.php index 0f3d0ea5..aebe68d9 100644 --- a/install/steps/database.php +++ b/install/steps/database.php @@ -1,5 +1,6 @@ enabled()) { $value = 0; - if(!$cache->fetch('views_counter', $value)) + if(!$cache->fetch('views_counter', $value) || $value <= 1) { $value = 0; if(fetchDatabaseConfig('views_counter', $value)) $views_counter = $value; else - registerDatabaseConfig('views_counter', 1); // save in the database + registerDatabaseConfig('views_counter', 2); // save in the database } - else + else { $views_counter = $value; + } $cache->set('views_counter', ++$views_counter, 60 * 60); - if(($views_counter % COUNTER_SYNC) == 0) // sync with database + if($views_counter > 1 && ($views_counter % COUNTER_SYNC) == 0) // sync with database updateDatabaseConfig('views_counter', $views_counter); /* { diff --git a/system/functions.php b/system/functions.php index 3069e161..4efa85c0 100644 --- a/system/functions.php +++ b/system/functions.php @@ -383,294 +383,6 @@ function delete_guild($id) return true; } -/** - * Validate character name. - * Name lenght must be 3-25 chars - * - * @param string $name Name to check - * @param string $error Error description will be placed here - * @return bool Is name valid? - */ -function check_name($name, &$error = '') -{ - if(!isset($name[0])) - { - $error = 'Please enter character name.'; - return false; - } - - $length = strlen($name); - if($length < 3) - { - $error = 'Character name is too short. Min. lenght 3 characters.'; - return false; - } - - if($length > 25) - { - $error = 'Character name is too long. Max. lenght 25 characters.'; - return false; - } - - if(strspn($name, "qwertyuiopasdfghjklzxcvbnmQWERTYUIOPASDFGHJKLZXCVBNM- [ ] '") != $length) - { - $error = 'Invalid name format. Use only A-Z.'; - return false; - } - - return preg_match("/[A-z ']/", $name); -} - -/** - * Validate account id - * Id lenght must be 6-10 chars - * - * @param string $name Account name to check - * @param string $error Error description will be placed here - * @return bool Is account name valid? - */ -function check_account_id($id, &$error = '') -{ - if(!isset($id[0])) - { - $error = 'Please enter an account.'; - return false; - } - - if(!check_number($id)) { - $error = 'Invalid account name format. Use only numbers 0-9.'; - return false; - } - - $length = strlen($id); - if($length < 6) - { - $error = 'Account is too short (min. 6 chars).'; - return false; - } - - if($length > 10) - { - $error = 'Account is too long (max. 10 chars).'; - return false; - } - - return true; -} - -/** - * Validate account name - * Name lenght must be 3-32 chars - * - * @param string $name Account name to check - * @param string $error Error description will be placed here - * @return bool Is account name valid? - */ -function check_account_name($name, &$error = '') -{ - if(!isset($name[0])) - { - $error = 'Please enter an account name.'; - return false; - } - - $length = strlen($name); - if($length < 3) - { - $error = 'Account name is too short (min. 3 chars).'; - return false; - } - - if($length > 32) - { - $error = 'Account name is too long (max. 32 chars).'; - return false; - } - - if(strspn($name, "QWERTYUIOPASDFGHJKLZXCVBNM0123456789") != $length) - { - $error = 'Invalid account name format. Use only A-Z and numbers 0-9.'; - return false; - } - - return preg_match("/[A-Z0-9]/", $name); -} - -//is it valid nick for new char? -function check_name_new_char($name, &$error = '') -{ - global $db, $config; - - $name_lower = strtolower($name); - - $first_words_blocked = array('admin ', 'administrator ', 'gm ', 'cm ', 'god ','tutor ', "'", '-'); - foreach($first_words_blocked as $word) - { - if($word == substr($name_lower, 0, strlen($word))) { - $error = 'Your name contains blocked words.'; - return false; - } - } - - if(substr($name_lower, -1) == "'" || substr($name_lower, -1) == "-") { - $error = 'Your name contains illegal characters.'; - return false; - } - - if(substr($name_lower, 1, 1) == ' ') { - $error = 'Your name contains illegal space.'; - return false; - } - - if(substr($name_lower, -2, 1) == " ") { - $error = 'Your name contains illegal space.'; - return false; - } - - if(strtolower($config['lua']['serverName']) == $name_lower) { - $error = 'Your name cannot be same as server name.'; - return false; - } - - $names_blocked = array('admin', 'administrator', 'gm', 'cm', 'god', 'tutor'); - foreach($names_blocked as $word) - { - if($word == $name_lower) { - $error = 'Your name contains blocked words.'; - return false; - } - } - - $words_blocked = array('admin', 'administrator', 'gamemaster', 'game master', 'game-master', "game'master", '--', "''","' ", " '", '- ', ' -', "-'", "'-", 'fuck', 'sux', 'suck', 'noob', 'tutor'); - foreach($words_blocked as $word) - { - if(!(strpos($name_lower, $word) === false)) { - $error = 'Your name contains illegal words.'; - return false; - } - } - - $name_length = strlen($name_lower); - for($i = 0; $i < $name_length; $i++) - { - if(isset($name_lower[$i]) && isset($name_lower[$i + 1]) && $name_lower[$i] == $name_lower[$i + 1] && isset($name_lower[$i + 2]) && $name_lower[$i] == $name_lower[$i + 2]) { - $error = 'Your name is invalid.'; - return false; - } - } - - for($i = 0; $i < $name_length; $i++) - { - if(isset($name_lower[$i - 1]) && $name_lower[$i - 1] == ' ' && isset($name_lower[$i + 1]) && $name_lower[$i + 1] == ' ') { - $error = 'Your name contains too many spaces.'; - return false; - } - } - - if(isset($config['monsters'])) - { - if(in_array($name_lower, $config['monsters'])) { - $error = 'Your name cannot contains monster name.'; - return false; - } - } - - $player = new OTS_Player(); - $player->find($name); - if($player->isLoaded()) { - $error = 'Character with this name already exist.'; - return false; - } - - //check if was namelocked previously - if(tableExist('player_namelocks') && fieldExist('name', 'player_namelocks')) { - $namelock = $db->query('SELECT `player_id` FROM `player_namelocks` WHERE `name` = ' . $db->quote($name)); - if($namelock->rowCount() > 0) { - $error = 'Character with this name has been namelocked.'; - return false; - } - } - - $monsters = $db->query('SELECT `name` FROM `' . TABLE_PREFIX . 'monsters` WHERE `name` LIKE ' . $db->quote($name_lower)); - if($monsters->rowCount() > 0) { - $error = 'Your name cannot contains monster name.'; - return false; - } - - $spells_name = $db->query('SELECT `name` FROM `' . TABLE_PREFIX . 'spells` WHERE `name` LIKE ' . $db->quote($name_lower)); - if($spells_name->rowCount() > 0) { - $error = 'Your name cannot contains spell name.'; - return false; - } - - $spells_words = $db->query('SELECT `words` FROM `' . TABLE_PREFIX . 'spells` WHERE `words` = ' . $db->quote($name_lower)); - if($spells_words->rowCount() > 0) { - $error = 'Your name cannot contains spell name.'; - return false; - } - - if(isset($config['npc'])) - { - if(in_array($name_lower, $config['npc'])) { - $error = 'Your name cannot contains NPC name.'; - return false; - } - } - - if(strspn($name, "qwertyuiopasdfghjklzxcvbnmQWERTYUIOPASDFGHJKLZXCVBNM- '") != $name_length) { - $error = 'This name contains invalid letters, words or format. Please use only a-Z, - , \' and space.'; - return false; - } - - if($name_length < 3 || $name_length > 28) { - $error = 'Your name cannot be shorter than 3 characters and longer than 28 characters.'; - return false; - } - - - if(!preg_match("/[A-z ']{3,28}/", $name)) { - $error = 'Your name containst illegal characters.'; - return false; - } - - return true; -} - -function check_rank_name($name) -{ - if(strspn($name, "qwertyuiopasdfghjklzxcvbnmQWERTYUIOPASDFGHJKLZXCVBNM0123456789-[ ] ") != strlen($name)) - return false; - - return preg_match("/[A-z ]{1,32}/", $name); -} - -function check_guild_name($name) -{ - if(strspn($name, "qwertyuiopasdfghjklzxcvbnmQWERTYUIOPASDFGHJKLZXCVBNM0123456789- ") != strlen($name)) - return false; - - return preg_match("/[A-z ]{3,32}/", $name); -} - -function check_password($pass) -{ - if(strspn($pass, "qwertyuiopasdfghjklzxcvbnmQWERTYUIOPASDFGHJKLZXCVBNM1234567890") != strlen($pass)) - return false; - - return preg_match("/[A-z0-9]/", $pass); -} - -function check_mail($email) -{ - return preg_match('/^(?:[\w\!\#\$\%\&\'\*\+\-\/\=\?\^\`\{\|\}\~]+\.)*[\w\!\#\$\%\&\'\*\+\-\/\=\?\^\`\{\|\}\~]+@(?:(?:(?:[a-zA-Z0-9_](?:[A-z0-9_\-](?!\.)){0,61}[a-zA-Z0-9_]?\.)+[a-zA-Z0-9_](?:[a-zA-Z0-9_\-](?!$)){0,61}[a-zA-Z0-9_]?)|(?:\[(?:(?:[01]?\d{1,2}|2[0-4]\d|25[0-5])\.){3}(?:[01]?\d{1,2}|2[0-4]\d|25[0-5])\]))$/', $email); - //return preg_match("/[A-z0-9._-]+@[A-z0-9-]+\.[A-z]{2,4}/", $email); -} - -function check_number($number) -{ - return preg_match ("/^([0-9]+)$/", $number); -} - //################### DISPLAY FUNCTIONS ##################### //return shorter text (news ticker) function short_text($text, $limit) @@ -1224,10 +936,13 @@ function load_config_lua($filename) } function str_replace_first($search, $replace, $subject) { - $pos = strpos($subject, $search); - if ($pos !== false) { - return substr_replace($subject, $replace, $pos, strlen($search)); - } - return $subject; + $pos = strpos($subject, $search); + if ($pos !== false) { + return substr_replace($subject, $replace, $pos, strlen($search)); + } + return $subject; } + +// validator functions +require_once(LIBS . 'validator.php'); ?> diff --git a/system/init.php b/system/init.php index 82e319ca..7807cd18 100644 --- a/system/init.php +++ b/system/init.php @@ -32,7 +32,7 @@ require_once(SYSTEM . 'libs/cache.php'); $cache = Cache::getInstance($config['cache_engine'], $config['cache_prefix']); // twig -require_once LIBS . 'Twig/Autoloader.php'; +require_once(LIBS . 'Twig/Autoloader.php'); Twig_Autoloader::register(); $twig_loader = new Twig_Loader_Filesystem(SYSTEM . 'templates'); diff --git a/system/libs/pot/OTS_Player.php b/system/libs/pot/OTS_Player.php index 3b8a79aa..4033fd8e 100644 --- a/system/libs/pot/OTS_Player.php +++ b/system/libs/pot/OTS_Player.php @@ -2363,7 +2363,7 @@ class OTS_Player extends OTS_Row_DAO 'skill_shielding' => POT::SKILL_SHIELD, 'skill_fishing' => POT::SKILL_FISH ); - if(check_number($skill)) + if(Validator::number($skill)) $this->skills[ (int) $skill]['value'] = (int) $value; else { $this->skills[ (int) $skill_ids[$skill]]['value'] = (int) $value; @@ -2409,7 +2409,7 @@ class OTS_Player extends OTS_Row_DAO 'skill_fishing' => POT::SKILL_FISH ); - if(check_number($skill)) + if(Validator::number($skill)) $this->skills[ (int) $skill]['tries'] = (int) $tries; else { $this->skills[ (int) $skill_ids[$skill]]['tries'] = (int) $tries; diff --git a/system/libs/spells.php b/system/libs/spells.php index 8c671b4c..35695a6d 100644 --- a/system/libs/spells.php +++ b/system/libs/spells.php @@ -1,5 +1,4 @@ 10) + { + self::$lastError = 'Account is too long (max. 10 chars).'; + return false; + } + + return true; + } + + /** + * Validate account name + * Name lenght must be 3-32 chars + * + * @param string $name Account name to check + * @return bool Is account name valid? + */ + public static function accountName($name) + { + if(!isset($name[0])) + { + self::$lastError = 'Please enter your account name!'; + return false; + } + + $length = strlen($name); + if($length < 3) + { + self::$lastError = 'Account name is too short (min. 3 chars).'; + return false; + } + + if($length > 32) + { + self::$lastError = 'Account name is too long (max. 32 chars).'; + return false; + } + + if(strspn($name, "QWERTYUIOPASDFGHJKLZXCVBNM0123456789") != $length) + { + self::$lastError = 'Invalid account name format. Use only A-Z and numbers 0-9.'; + return false; + } + + if(!preg_match("/[A-Z0-9]/", $name)) + { + self::$lastError = 'Invalid account name format. Use only A-Z and numbers 0-9.'; + return false; + } + + return true; + } + /** * Advanced mail validator * * @param string $email + * @return bool Is email valid? */ public static function email($email) { - return preg_match('/^(?:[\w\!\#\$\%\&\'\*\+\-\/\=\?\^\`\{\|\}\~]+\.)*[\w\!\#\$\%\&\'\*\+\-\/\=\?\^\`\{\|\}\~]+@(?:(?:(?:[a-zA-Z0-9_](?:[A-z0-9_\-](?!\.)){0,61}[a-zA-Z0-9_]?\.)+[a-zA-Z0-9_](?:[a-zA-Z0-9_\-](?!$)){0,61}[a-zA-Z0-9_]?)|(?:\[(?:(?:[01]?\d{1,2}|2[0-4]\d|25[0-5])\.){3}(?:[01]?\d{1,2}|2[0-4]\d|25[0-5])\]))$/', $email); + if(empty($email)) { + self::$lastError = 'Please enter your new email address.'; + return false; + } + + if(strlen($email) > 255) { + self::$lastError = 'E-mail is too long (max. 255 chars).'; + return false; + } + + if(!preg_match('/^(?:[\w\!\#\$\%\&\'\*\+\-\/\=\?\^\`\{\|\}\~]+\.)*[\w\!\#\$\%\&\'\*\+\-\/\=\?\^\`\{\|\}\~]+@(?:(?:(?:[a-zA-Z0-9_](?:[A-z0-9_\-](?!\.)){0,61}[a-zA-Z0-9_]?\.)+[a-zA-Z0-9_](?:[a-zA-Z0-9_\-](?!$)){0,61}[a-zA-Z0-9_]?)|(?:\[(?:(?:[01]?\d{1,2}|2[0-4]\d|25[0-5])\.){3}(?:[01]?\d{1,2}|2[0-4]\d|25[0-5])\]))$/', $email)) { + self::$lastError = 'Invalid e-mail format.'; + return false; + } + + return true; } + /** + * Validate account password + * Name lenght must be 3-32 chars + * + * @param string $name Account name to check + * @return bool Is account name valid? + */ + public static function password($password) + { + if (!isset($password[0])) { + self::$lastError = 'Please enter the password.'; + return false; + } + + if (strlen($password) < 8 || strlen($password) > 30) { + self::$lastError = 'The password must have at least 8 and maximum 30 letters!'; + return false; + } + + if(strspn($password, "qwertyuiopasdfghjklzxcvbnmQWERTYUIOPASDFGHJKLZXCVBNM1234567890") != strlen($password)) { + self::$lastError = 'Password contains illegal letters (a-z, A-Z and 0-9 only!).'; + return false; + } + + if(!ctype_alnum($password)) { + self::$lastError = 'Password contains illegal letters (a-z, A-Z and 0-9 only!).'; + return false; + } + + if(!preg_match('/[a-zA-Z]/', $password)) { + self::$lastError = 'The password must contain at least one letter A-Z or a-z!'; + return false; + } + + if(!preg_match('/[0-9]/', $password)) { + self::$lastError = 'The password must contain at least one letter other than A-Z or a-z!'; + return false; + } + + return true; + } + + /** + * Validate character name. + * Name lenght must be 3-25 chars + * + * @param string $name Name to check + * @return bool Is name valid? + */ + public static function characterName($name) + { + if(!isset($name[0])) + { + self::$lastError = 'Please enter character name.'; + return false; + } + + $length = strlen($name); + if($length < 3) + { + self::$lastError = 'Character name is too short. Min. lenght 3 characters.'; + return false; + } + + if($length > 25) + { + self::$lastError = 'Character name is too long. Max. lenght 25 characters.'; + return false; + } + + if(strspn($name, "qwertyuiopasdfghjklzxcvbnmQWERTYUIOPASDFGHJKLZXCVBNM- [ ] '") != $length) + { + self::$lastError = "Invalid name format. Use only A-Z, spaces and '."; + return false; + } + if(!preg_match("/[A-z ']/", $name)) + { + self::$lastError = "Invalid name format. Use only A-Z, spaces and '."; + return false; + } + + return true; + } + + /** + * Validate new character name. + * Name lenght must be 3-25 chars + * + * @param string $name Name to check + * @return bool Is name valid? + */ + public static function newCharacterName($name) + { + global $db, $config; + + $name_lower = strtolower($name); + + $first_words_blocked = array('admin ', 'administrator ', 'gm ', 'cm ', 'god ','tutor ', "'", '-'); + foreach($first_words_blocked as $word) + { + if($word == substr($name_lower, 0, strlen($word))) { + self::$lastError = 'Your name contains blocked words.'; + return false; + } + } + + if(substr($name_lower, -1) == "'" || substr($name_lower, -1) == "-") { + self::$lastError = 'Your name contains illegal characters.'; + return false; + } + + if(substr($name_lower, 1, 1) == ' ') { + self::$lastError = 'Your name contains illegal space.'; + return false; + } + + if(substr($name_lower, -2, 1) == " ") { + self::$lastError = 'Your name contains illegal space.'; + return false; + } + + if(strtolower($config['lua']['serverName']) == $name_lower) { + self::$lastError = 'Your name cannot be same as server name.'; + return false; + } + + $names_blocked = array('admin', 'administrator', 'gm', 'cm', 'god', 'tutor'); + foreach($names_blocked as $word) + { + if($word == $name_lower) { + self::$lastError = 'Your name contains blocked words.'; + return false; + } + } + + $words_blocked = array('admin', 'administrator', 'gamemaster', 'game master', 'game-master', "game'master", '--', "''","' ", " '", '- ', ' -', "-'", "'-", 'fuck', 'sux', 'suck', 'noob', 'tutor'); + foreach($words_blocked as $word) + { + if(!(strpos($name_lower, $word) === false)) { + self::$lastError = 'Your name contains illegal words.'; + return false; + } + } + + $name_length = strlen($name_lower); + for($i = 0; $i < $name_length; $i++) + { + if(isset($name_lower[$i]) && isset($name_lower[$i + 1]) && $name_lower[$i] == $name_lower[$i + 1] && isset($name_lower[$i + 2]) && $name_lower[$i] == $name_lower[$i + 2]) { + self::$lastError = 'Your name is invalid.'; + return false; + } + } + + for($i = 0; $i < $name_length; $i++) + { + if(isset($name_lower[$i - 1]) && $name_lower[$i - 1] == ' ' && isset($name_lower[$i + 1]) && $name_lower[$i + 1] == ' ') { + self::$lastError = 'Your name contains too many spaces.'; + return false; + } + } + + if(isset($config['monsters'])) + { + if(in_array($name_lower, $config['monsters'])) { + self::$lastError = 'Your name cannot contains monster name.'; + return false; + } + } + + $player = new OTS_Player(); + $player->find($name); + if($player->isLoaded()) { + self::$lastError = 'Character with this name already exist.'; + return false; + } + + //check if was namelocked previously + if(tableExist('player_namelocks') && fieldExist('name', 'player_namelocks')) { + $namelock = $db->query('SELECT `player_id` FROM `player_namelocks` WHERE `name` = ' . $db->quote($name)); + if($namelock->rowCount() > 0) { + self::$lastError = 'Character with this name has been namelocked.'; + return false; + } + } + + $monsters = $db->query('SELECT `name` FROM `' . TABLE_PREFIX . 'monsters` WHERE `name` LIKE ' . $db->quote($name_lower)); + if($monsters->rowCount() > 0) { + self::$lastError = 'Your name cannot contains monster name.'; + return false; + } + + $spells_name = $db->query('SELECT `name` FROM `' . TABLE_PREFIX . 'spells` WHERE `name` LIKE ' . $db->quote($name_lower)); + if($spells_name->rowCount() > 0) { + self::$lastError = 'Your name cannot contains spell name.'; + return false; + } + + $spells_words = $db->query('SELECT `words` FROM `' . TABLE_PREFIX . 'spells` WHERE `words` = ' . $db->quote($name_lower)); + if($spells_words->rowCount() > 0) { + self::$lastError = 'Your name cannot contains spell name.'; + return false; + } + + if(isset($config['npc'])) + { + if(in_array($name_lower, $config['npc'])) { + self::$lastError = 'Your name cannot contains NPC name.'; + return false; + } + } + + if(strspn($name, "qwertyuiopasdfghjklzxcvbnmQWERTYUIOPASDFGHJKLZXCVBNM- '") != $name_length) { + self::$lastError = 'This name contains invalid letters, words or format. Please use only a-Z, - , \' and space.'; + return false; + } + + if($name_length < 3 || $name_length > 28) { + self::$lastError = 'Your name cannot be shorter than 3 characters and longer than 28 characters.'; + return false; + } + + + if(!preg_match("/[A-z ']{3,28}/", $name)) { + self::$lastError = 'Your name containst illegal characters.'; + return false; + } + + return true; + } + + /** + * Validate guild name + * Name lenght must be 3-32 chars + * + * @param string $name Name to check + * @return bool Is name valid? + */ + public static function guildName($name) + { + if(strspn($name, "qwertyuiopasdfghjklzxcvbnmQWERTYUIOPASDFGHJKLZXCVBNM0123456789- ") != strlen($name)) { + self::$lastError = 'Invalid guild name format.'; + return false; + } + + if(!preg_match("/[A-z ]{3,32}/", $name)) { + self::$lastError = 'Invalid guild name format.'; + return false; + } + + return true; + } + + /** + * Validate rank name + * Rank lenght must be 1-32 chars + * + * @param string $name Name to check + * @return bool Is name valid? + */ + public static function rankName($name) + { + if(strspn($name, "qwertyuiopasdfghjklzxcvbnmQWERTYUIOPASDFGHJKLZXCVBNM0123456789-[ ] ") != strlen($name)) { + self::$lastError = 'Invalid rank name. Please use only a-Z, 0-9 and spaces.'; + return false; + } + + if(!preg_match("/[A-z ]{1,32}/", $name)) { + self::$lastError = 'Invalid rank name. Please use only a-Z, 0-9 and spaces.'; + return false; + } + + return true; + } /** * Simple string validator, checks if string contains valid characters * @@ -30,5 +408,9 @@ class Validator public static function str($str, $numbers = false) { return preg_match('/^[a-z0-9\ ]*$/i', $str); } + + public static function getLastError() { + return self::$lastError; + } } ?> diff --git a/system/pages/accountmanagement.php b/system/pages/accountmanagement.php index b2186b5a..001a6f8e 100644 --- a/system/pages/accountmanagement.php +++ b/system/pages/accountmanagement.php @@ -141,17 +141,12 @@ $errors = array(); if($new_password != $new_password2) { $errors[] = "The new passwords do not match!"; } - else if($password_strlen < 8) { - $errors[] = "New password minimal length is 8 characters."; - } - else if($password_strlen > 32) { - $errors[] = "New password maximal length is 32 characters."; - } if(empty($errors)) { - if(!check_password($new_password)) { - $errors[] = "New password contains illegal chars (a-z, A-Z and 0-9 only!). Minimum password length is 7 characters and maximum 32."; + if(!Validator::password($new_password)) { + $errors[] = Validator::getLastError(); } + $old_password = encrypt(($config_salt_enabled ? $account_logged->getCustomField('salt') : '') . $old_password); if($old_password != $account_logged->getPassword()) { $errors[] = "Current password is incorrect!"; @@ -215,14 +210,8 @@ if($action == "changeemail") { $email_new = $_POST['new_email']; $post_password = $_POST['password']; - if(empty($email_new)) { - $errors[] = 'Please enter your new email address.'; - } - else - { - if(!check_mail($email_new)) { - $errors[] = 'Email address is not correct.'; - } + if(!Validator::email($email_new)) { + $errors[] = Validator::getLastError(); } if(empty($post_password)) { @@ -536,7 +525,7 @@ if($action == "changeemail") { $new_hideacc = isset($_POST['accountvisible']) ? (int)$_POST['accountvisible'] : NULL; if($player_name != null) { - if (check_name($player_name)) { + if (Validator::characterName($player_name)) { $player = new OTS_Player(); $player->find($player_name); if ($player->isLoaded()) { @@ -609,9 +598,8 @@ if($action == "changeemail") { if(empty($errors)) { - $error = ''; - if(!admin() && !check_name_new_char($name, $error)) - $errors[] = $error; + if(!admin() && !Validator::newCharacterName($name)) + $errors[] = Validator::getLastError(); } if(empty($errors)) { @@ -654,6 +642,7 @@ if($action == "changeemail") { echo $twig->render('account.change_name.html.twig', array( 'points' => $points, + 'errors' => $errors //'account_players' => $account_logged->getPlayersList() )); } @@ -743,7 +732,7 @@ if($action == "changeemail") { $password_verify = encrypt(($config_salt_enabled ? $account_logged->getCustomField('salt') : '') . $password_verify); if(isset($_POST['deletecharactersave']) && $_POST['deletecharactersave'] == 1) { if(!empty($player_name) && !empty($password_verify)) { - if(check_name($player_name)) { + if(Validator::characterName($player_name)) { $player = new OTS_Player(); $player->find($player_name); if($player->isLoaded()) { @@ -805,18 +794,23 @@ if($action == "changeemail") { $newchar_town = isset($_POST['town']) ? $_POST['town'] : NULL; $newchar_created = false; - if(isset($_POST['savecharacter']) && $_POST['savecharacter'] == 1) { + $save = isset($_POST['save']) && $_POST['save'] == 1; + if($save) { if(empty($newchar_name)) - $errors[] = 'Please enter a name for your character!'; + $errors['name'] = 'Please enter a name for your character!'; else if(strlen($newchar_name) > 25) - $errors[] = 'Name is too long. Max. lenght 25 letters.'; + $errors['name'] = 'Name is too long. Max. lenght 25 letters.'; else if(strlen($newchar_name) < 3) - $errors[] = 'Name is too short. Min. lenght 3 letters.'; + $errors['name'] = 'Name is too short. Min. lenght 3 letters.'; else { + if(!admin() && !Validator::newCharacterName($newchar_name)) { + $errors['name'] = Validator::getLastError(); + } + $exist = new OTS_Player(); $exist->find($newchar_name); if($exist->isLoaded()) { - $errors[] = 'Character with this name already exist.'; + $errors['name'] = 'Character with this name already exist.'; } } @@ -840,10 +834,6 @@ if($action == "changeemail") { } if(empty($errors)) { - $error = ''; - if(!admin() && !check_name_new_char($newchar_name, $error)) { - $errors[] = $error; - } if(!isset($config['genders'][$newchar_sex])) $errors[] = 'Sex is invalid.'; if(!in_array($newchar_town, $config['character_towns'])) @@ -865,7 +855,7 @@ if($action == "changeemail") { { $number_of_players_on_account = $account_logged->getPlayersList()->count(); if($number_of_players_on_account >= $config['characters_per_account']) - $errors[] .= 'You have too many characters on your account ('.$number_of_players_on_account.'/'.$config['characters_per_account'].')!'; + $errors[] = 'You have too many characters on your account ('.$number_of_players_on_account.'/'.$config['characters_per_account'].')!'; } if(empty($errors)) @@ -874,7 +864,7 @@ if($action == "changeemail") { $char_to_copy = new OTS_Player(); $char_to_copy->find($char_to_copy_name); if(!$char_to_copy->isLoaded()) - $errors[] .= 'Wrong characters configuration. Try again or contact with admin. ADMIN: Edit file config/config.php and set valid characters to copy names. Character to copy: '.$char_to_copy_name.' doesn\'t exist.'; + $errors[] = 'Wrong characters configuration. Try again or contact with admin. ADMIN: Edit file config/config.php and set valid characters to copy names. Character to copy: '.$char_to_copy_name.' doesn\'t exist.'; } if(empty($errors)) @@ -986,7 +976,9 @@ if($action == "changeemail") { 'name' => $newchar_name, 'sex' => $newchar_sex, 'vocation' => $newchar_vocation, - 'town' => $newchar_town + 'town' => $newchar_town, + 'save' => $save, + 'errors' => $errors )); } } diff --git a/system/pages/admin/players.php b/system/pages/admin/players.php index 0e1d2f07..ad9f17f0 100644 --- a/system/pages/admin/players.php +++ b/system/pages/admin/players.php @@ -23,7 +23,7 @@ function echo_error($message) { } function verify_number($number, $name, $max_length) { - if(!check_number($number)) + if(!Validator::number($number)) echo_error($name . ' can contain only numbers.'); $number_length = strlen($number); @@ -50,11 +50,11 @@ $id = 0; if(isset($_REQUEST['id'])) $id = (int)$_REQUEST['id']; else if(isset($_REQUEST['search_name'])) { - if(strlen($_REQUEST['search_name']) < 3 && !check_number($_REQUEST['search_name'])) { + if(strlen($_REQUEST['search_name']) < 3 && !Validator::number($_REQUEST['search_name'])) { echo 'Player name is too short.'; } else { - if(check_number($_REQUEST['search_name'])) + if(Validator::number($_REQUEST['search_name'])) $id = $_REQUEST['search_name']; else { $query = $db->query('SELECT `id` FROM `players` WHERE `name` = ' . $db->quote($_REQUEST['search_name'])); @@ -90,11 +90,11 @@ if($id > 0) { $name = $_POST['name']; $_error = ''; - if(!check_name($name, $_error)) - echo_error($_error); + if(!Validator::characterName($name)) + echo_error(Validator::getLastError()); - //if(!check_name_new_char($name, $_error)) - // echo_error($_error); + //if(!Validator::newCharacterName($name) + // echo_error(Validator::getLastError()); $player_db = $ots->createObject('Player'); $player_db->find($name); diff --git a/system/pages/characters.php b/system/pages/characters.php index c5ba3420..70078ab5 100644 --- a/system/pages/characters.php +++ b/system/pages/characters.php @@ -12,7 +12,8 @@ defined('MYAAC') or die('Direct access not allowed!'); $title = 'Characters'; -require(SYSTEM . 'item.php'); +require_once(SYSTEM . 'item.php'); + $groups = new OTS_Groups_List(); function generate_search_form($autofocus = false) { @@ -213,7 +214,7 @@ if($player->isLoaded() && !$player->isDeleted()) for($i = 1; $i < 11; $i++) { - if(check_number($equipment[$i])) + if(Validator::number($equipment[$i])) $equipment[$i] = getItemImage($equipment[$i]); else $equipment[$i] = ' ' . $equipment[$i] . ''; diff --git a/system/pages/createaccount.php b/system/pages/createaccount.php index c5ea73e6..8e3c8a73 100644 --- a/system/pages/createaccount.php +++ b/system/pages/createaccount.php @@ -22,8 +22,8 @@ if($logged) } $errors = array(); -$step = isset($_POST['step']) ? $_POST['step'] : ''; -if($step == 'save') +$save = isset($_POST['save']) && $_POST['save'] == 1; +if($save) { if(USE_ACCOUNT_NAME) { $account_name = $_POST['account']; @@ -38,23 +38,15 @@ if($step == 'save') // account if(isset($account_id)) { - if(empty($account_id)) - $errors['account'] = 'Please enter your account number!'; - else if(!check_number($account_id)) - $errors['account'] = 'Invalid account number format. Please use only numbers 0-9.'; - } - else { - if(empty($account_name)) - $errors['account'] = 'Please enter your account name!'; - else if(!check_account_name($account_name_up)) - $errors['account'] = 'Invalid account name format. Please use only A-Z and numbers 0-9.'; + if(!Validator::accountId($account_id)) + $errors['account'] = Validator::getLastError(); } + else if(!Validator::accountName($account_name_up)) + $errors['account'] = Validator::getLastError(); // email - if(empty($email)) - $errors['email'] = 'Please enter your email address!'; - else if(!check_mail($email)) - $errors['email'] = 'Email address is not correct.'; + if(!Validator::email($email)) + $errors['email'] = Validator::getLastError(); // country $country = ''; @@ -81,14 +73,14 @@ if($step == 'save') } // password - if(empty($password)) + if(!isset($password[0])) { $errors['password'] = 'Please enter the password for your new account.'; - elseif($password != $password2) + } + elseif($password != $password2) { $errors['password'] = 'Passwords are not the same.'; - else - { - if(!check_password($password)) - $errors['password'] = 'Password contains illegal chars (a-z, A-Z and 0-9 only!). Minimum password length is 7 characters and maximum 32.'; + } + else if(!Validator::password($password)) { + $errors['password'] = Validator::getLastError(); } // check if account name is not equal to password @@ -246,6 +238,7 @@ if($step == 'save') 'accept_rules' => isset($_POST['accept_rules']) ? $_POST['accept_rules'] : false, 'country_recognized' => $country_recognized, 'country' => isset($country) ? $country : null, - 'errors' => $errors + 'errors' => $errors, + 'save' => $save )); ?> \ No newline at end of file diff --git a/system/pages/gallery.php b/system/pages/gallery.php index 17e86818..8bd37d91 100644 --- a/system/pages/gallery.php +++ b/system/pages/gallery.php @@ -76,17 +76,17 @@ if(isset($_GET['image'])) $image = $image->fetch(); else { - echo 'Image with this name does not exists.'; + echo 'Image with this id does not exists.'; return; } - $previous_image = $db->query('SELECT * FROM `' . TABLE_PREFIX . 'gallery` WHERE `id` = ' . $db->quote($image['id'] - 1) . ' ORDER by `ordering`;'); + $previous_image = $db->query('SELECT `id` FROM `' . TABLE_PREFIX . 'gallery` WHERE `id` = ' . $db->quote($image['id'] - 1) . ' ORDER by `ordering`;'); if($previous_image->rowCount() == 1) $previous_image = $previous_image->fetch(); else $previous_image = NULL; - $next_image = $db->query('SELECT * FROM `' . TABLE_PREFIX . 'gallery` WHERE `id` = ' . $db->quote($image['id'] + 1) . ' ORDER by `ordering`;'); + $next_image = $db->query('SELECT `id` FROM `' . TABLE_PREFIX . 'gallery` WHERE `id` = ' . $db->quote($image['id'] + 1) . ' ORDER by `ordering`;'); if($next_image->rowCount() == 1) $next_image = $next_image->fetch(); else diff --git a/system/pages/guilds.php b/system/pages/guilds.php index 55f37089..766b9cf1 100644 --- a/system/pages/guilds.php +++ b/system/pages/guilds.php @@ -159,8 +159,8 @@ if($action == '') if($action == 'show') { $guild_name = $_REQUEST['guild']; - if(!check_guild_name($guild_name)) - $guild_errors[] = 'Invalid guild name format.'; + if(!Validator::guildName($guild_name)) + $guild_errors[] = Validator::getLastError(); if(empty($guild_errors)) { $guild = $ots->createObject('Guild'); @@ -424,8 +424,8 @@ if($action == 'show') if($action == 'changerank') { $guild_name = $_REQUEST['guild']; - if(!check_guild_name($guild_name)) - $guild_errors[] = 'Invalid guild name format.'; + if(!Validator::guildName($guild_name)) + $guild_errors[] = Validator::getLastError(); if(!$logged) $guild_errors[] = 'You are not logged in. You can\'t change rank.'; if(empty($guild_errors)) @@ -513,7 +513,7 @@ echo ' { $player_name = stripslashes($_REQUEST['name']); $new_rank = (int) $_REQUEST['rankid']; - if(!check_name($player_name)) + if(!Validator::characterName($player_name)) $change_errors[] = 'Invalid player name format.'; $rank = $ots->createObject('GuildRank'); $rank->load($new_rank); @@ -625,9 +625,9 @@ if($action == 'deleteinvite') $name = stripslashes($_REQUEST['name']); if(!$logged) $guild_errors[] = 'You are not logged in. You can\'t delete invitations.'; - if(!check_guild_name($guild_name)) - $guild_errors[] = 'Invalid guild name format.'; - if(!check_name($name)) + if(!Validator::guildName($guild_name)) + $guild_errors[] = Validator::getLastError(); + if(!Validator($name)) $guild_errors[] = 'Invalid name format.'; if(empty($guild_errors)) { @@ -726,8 +726,8 @@ if($action == 'invite') $guild_errors[] = 'You are not logged in. You can\'t invite players.'; } - if(!check_guild_name($guild_name)) { - $guild_errors[] = 'Invalid guild name format.'; + if(!Validator::guildName($guild_name)) { + $guild_errors[] = Validator::getLastError(); } if(empty($guild_errors)) { @@ -770,7 +770,7 @@ if($action == 'invite') } if(isset($_REQUEST['todo']) && $_REQUEST['todo'] == 'save') { - if(!check_name($name)) { + if(!Validator::characterName($name)) { $guild_errors[] = 'Invalid name format.'; } @@ -831,8 +831,8 @@ if($action == 'acceptinvite') { if(!$logged) { $errors[] = 'You are not logged in. You can\'t accept invitations.'; } - if(!check_guild_name($guild_name)) { - $errors[] = 'Invalid guild name format.'; + if(!Validator::guildName($guild_name)) { + $errors[] = Validator::getLastError(); } if(empty($errors)) { $guild = $ots->createObject('Guild'); @@ -843,7 +843,7 @@ if($action == 'acceptinvite') { } if(isset($_REQUEST['todo']) && $_REQUEST['todo'] == 'save') { - if(!check_name($name)) { + if(!Validator::characterName($name)) { $errors[] = 'Invalid name format.'; } @@ -947,11 +947,11 @@ if($action == 'kickplayer') { $errors[] = 'You are not logged in. You can\'t kick characters.'; } - if(!check_guild_name($guild_name)) { - $errors[] = 'Invalid guild name format.'; + if(!Validator::guildName($guild_name)) { + $errors[] = Validator::getLastError(); } - if(!check_name($name)) { + if(!Validator::characterName($name)) { $errors[] = 'Invalid name format.'; } @@ -1052,8 +1052,8 @@ if($action == 'leaveguild') { $errors[] = 'You are not logged in. You can\'t leave guild.'; } - if(!check_guild_name($guild_name)) { - $errors[] = 'Invalid guild name format.'; + if(!Validator::guildName($guild_name)) { + $errors[] = Validator::getLastError(); } if(empty($errors)) { @@ -1068,7 +1068,7 @@ if($action == 'leaveguild') { if(empty($errors)) { $guild_owner_name = $guild->getOwner()->getName(); if(isset($_REQUEST['todo']) && $_REQUEST['todo'] == 'save') { - if(!check_name($name)) { + if(!Validator::characterName($name)) { $errors[] = 'Invalid name format.'; } @@ -1198,12 +1198,12 @@ if($action == 'createguild') if($todo == 'save') { - if(!check_guild_name($guild_name)) { - $guild_errors[] = 'Invalid guild name format.'; + if(!Validator::guildName($guild_name)) { + $guild_errors[] = Validator::getLastError(); $guild_name = ''; } - if(!check_name($name)) { + if(!Validator::characterName($name)) { $guild_errors[] = 'Invalid character name format.'; $name = ''; } @@ -1293,8 +1293,8 @@ else { //-----------------------------------------------------------------------------//----------------------------------------------------------------------------- if($action == 'manager') { $guild_name = $_REQUEST['guild']; - if(!check_guild_name($guild_name)) { - $guild_errors[] = 'Invalid guild name format.'; + if(!Validator::guildName($guild_name)) { + $guild_errors[] = Validator::getLastError(); } if(empty($guild_errors)) { @@ -1345,8 +1345,8 @@ if(!empty($guild_errors)) { //-----------------------------------------------------------------------------//----------------------------------------------------------------------------- if($action == 'changelogo') { $guild_name = $_REQUEST['guild']; - if(!check_guild_name($guild_name)) { - $errors[] = 'Invalid guild name format.'; + if(!Validator::guildName($guild_name)) { + $errors[] = Validator::getLastError(); } if(empty($errors)) { @@ -1463,8 +1463,8 @@ if($action == 'changelogo') { if($action == 'deleterank') { $guild_name = $_REQUEST['guild']; $rank_to_delete = (int) $_REQUEST['rankid']; -if(!check_guild_name($guild_name)) { -$guild_errors[] = 'Invalid guild name format.'; +if(!Validator::guildName($guild_name)) { +$guild_errors[] = Validator::getLastError(); } if(empty($guild_errors)) { $guild = $ots->createObject('Guild'); @@ -1567,11 +1567,11 @@ echo '
query('SELECT * FROM ' . $db->tableName('houses') . ' WHERE ' . $db->fieldName('name') . ' LIKE ' . $db->quote($houseName) . ' OR `id` = ' . $db->quote($houseId)); if($house->rowCount() > 0) diff --git a/system/pages/lostaccount.php b/system/pages/lostaccount.php index cc03efc4..b066aaae 100644 --- a/system/pages/lostaccount.php +++ b/system/pages/lostaccount.php @@ -30,7 +30,7 @@ else if($action == 'step1' && $action_type == '') { elseif($action == 'step1' && $action_type == 'email') { $nick = stripslashes($_REQUEST['nick']); - if(check_name($nick)) + if(Validator::characterName($nick)) { $player = new OTS_Player(); $account = new OTS_Account(); @@ -77,7 +77,7 @@ elseif($action == 'sendcode') { $email = $_REQUEST['email']; $nick = stripslashes($_REQUEST['nick']); - if(check_name($nick)) + if(Validator::characterName($nick)) { $player = new OTS_Player(); $account = new OTS_Account(); @@ -139,7 +139,7 @@ elseif($action == 'sendcode') elseif($action == 'step1' && $action_type == 'reckey') { $nick = stripslashes($_REQUEST['nick']); - if(check_name($nick)) + if(Validator::characterName($nick)) { $player = new OTS_Player(); $account = new OTS_Account(); @@ -181,7 +181,7 @@ elseif($action == 'step2') { $rec_key = trim($_REQUEST['key']); $nick = stripslashes($_REQUEST['nick']); - if(check_name($nick)) + if(Validator::characterName($nick)) { $player = new OTS_Player(); $account = new OTS_Account(); @@ -272,7 +272,7 @@ elseif($action == 'step3') $nick = stripslashes($_REQUEST['nick']); $new_pass = trim($_REQUEST['passor']); $new_email = trim($_REQUEST['email']); - if(check_name($nick)) + if(Validator::characterName($nick)) { $player = new OTS_Player(); $account = new OTS_Account(); @@ -286,9 +286,9 @@ elseif($action == 'step3') { if($account_key == $rec_key) { - if(check_password($new_pass)) + if(Validator::password($new_pass)) { - if(check_mail($new_email)) + if(Validator::email($new_email)) { $account->setEMail($new_email); @@ -345,10 +345,10 @@ elseif($action == 'step3') '; } else - echo 'Wrong e-mail format.'; + echo Validator::getLastError(); } else - echo 'Wrong password format. Use only a-Z, A-Z, 0-9. Minimum password length is 7 characters and maximum 32.'; + echo Validator::getLastError(); } else echo 'Wrong recovery key!'; @@ -478,7 +478,7 @@ elseif($action == 'setnewpassword') { if($account->getCustomField('email_code') == $code) { - if(check_password($newpassword)) + if(Validator::password($newpassword)) { if($config_salt_enabled) { @@ -523,7 +523,7 @@ elseif($action == 'setnewpassword') '; } else - $error= 'Wrong password format. Use only a-z, A-Z, 0-9. Minimum password length is 7 characters and maximum 32.'; + $error= Validator::getLastError(); } else $error= 'Wrong code to change password.'; diff --git a/system/templates/account.change_name.html.twig b/system/templates/account.change_name.html.twig index ccf5fad1..a4376390 100644 --- a/system/templates/account.change_name.html.twig +++ b/system/templates/account.change_name.html.twig @@ -34,9 +34,11 @@ To change a name of character select player and choose a new name.
New Name: - + + +
-
Please enter your character name.
+
Please enter your character name.
 diff --git a/system/templates/account.create.html.twig b/system/templates/account.create.html.twig index 6ce4ab96..a5f30886 100644 --- a/system/templates/account.create.html.twig +++ b/system/templates/account.create.html.twig @@ -26,25 +26,21 @@ Also you have to agree to the terms presented below. If you have done so, your a Account {% if constant('USE_ACCOUNT_NAME') %}Name{% else %}Number{% endif %}: - - + + - {% if errors.account is defined %} - {{ errors.account }} - {% endif %} + {% if errors.account is defined %}{{ errors.account }}{% endif %} Email Address: - - + + - {% if errors.email is defined %} - {{ errors.email }} - {% endif %} + {% if errors.email is defined %}{{ errors.email }}{% endif %} {% if config.account_country %} @@ -57,27 +53,6 @@ Also you have to agree to the terms presented below. If you have done so, your a {% endfor %} - {% if errors.country is defined %} @@ -89,23 +64,21 @@ Also you have to agree to the terms presented below. If you have done so, your a Password: - + + - {% if errors.password is defined %} - {{ errors.password }} - {% endif %} + {% if errors.password is defined %}{{ errors.password }}{% endif %} Repeat password: - + + - {% if errors.password is defined %} - {{ errors.password }} - {% endif %} + {% if errors.password is defined %}{{ errors.password }}{% endif %} {% if config.recaptcha_enabled %} diff --git a/system/templates/account.create.js.html.twig b/system/templates/account.create.js.html.twig index 57182b07..95484786 100644 --- a/system/templates/account.create.js.html.twig +++ b/system/templates/account.create.js.html.twig @@ -1,28 +1,60 @@