diff --git a/system/libs/validator.php b/system/libs/validator.php index 749234fa..7240a542 100644 --- a/system/libs/validator.php +++ b/system/libs/validator.php @@ -375,7 +375,34 @@ class Validator return true; } - + + /** + * Validate guild nick + * Nick lenght must be 3-40 chars + * + * @param string $name Name to check + * @return bool Is name valid? + */ + public static function guildNick($name) + { + if(empty($name)) { + self::$lastError = 'Please enter guild nick.'; + return false; + } + + if(strspn($name, "qwertyuiopasdfghjklzxcvbnmQWERTYUIOPASDFGHJKLZXCVBNM0123456789- ") != strlen($name)) { + self::$lastError = 'Invalid guild nick format.'; + return false; + } + + if(!preg_match("/[A-z ]{3,40}/", $name)) { + self::$lastError = 'Invalid guild nick format.'; + return false; + } + + return true; + } + /** * Validate rank name * Rank lenght must be 1-32 chars diff --git a/system/pages/guilds/change_nick.php b/system/pages/guilds/change_nick.php index 68f35315..5e900a33 100644 --- a/system/pages/guilds/change_nick.php +++ b/system/pages/guilds/change_nick.php @@ -11,56 +11,84 @@ defined('MYAAC') or die('Direct access not allowed!'); if(!$logged) { - echo 'You are not logged.'; + $errors[] = "You are not logged in. You can't change nick."; + $twig->display('error_box.html.twig', array('errors' => $errors)); $twig->display('guilds.back_button.html.twig'); return; } $name = isset($_REQUEST['name']) ? stripslashes($_REQUEST['name']) : null; $new_nick = isset($_REQUEST['nick']) ? stripslashes($_REQUEST['nick']) : null; +$guild_name = isset($_REQUEST['guild']) ? urldecode($_REQUEST['guild']) : null; if(!$name) { - echo 'Please enter new name.'; + $errors[] = 'Please enter new name.'; return; } if(!$new_nick) { - echo 'Please enter new nick.'; + $errors[] = 'Please enter new nick.'; + return; +} + +if(empty($errors)) +{ + $guild = new OTS_Guild(); + $guild->find($guild_name); + if(!$guild->isLoaded()) + $errors[] = 'Guild with name ' . $guild_name . " doesn't exist."; +} + +if(!empty($errors)) +{ + $twig->display('error_box.html.twig', array('errors' => $errors)); + $twig->display('guilds.back_button.html.twig'); return; } $player = new OTS_Player(); $player->find($name); $player_from_account = false; -if(strlen($new_nick) <= 40) -{ - if($player->isLoaded()) - { - $account_players = $account_logged->getPlayersList(); - if(count($account_players)) - { - foreach($account_players as $acc_player) - { - if($acc_player->getId() == $player->getId()) - $player_from_account = true; - } - if($player_from_account) - { - $player->setGuildNick($new_nick); - echo 'Guild nick of player '.$player->getName().' changed to '.htmlentities($new_nick).'.'; - $addtolink = '&action=show&guild='.$player->getRank()->getGuild()->getName(); - } - else - echo 'This player is not from your account.'; - } - else - echo 'This player is not from your account.'; - } - else - echo 'Unknow error occured.'; -} -else - echo 'Too long guild nick. Max. 40 chars, your length: '.strlen($new_nick); -$twig->display('guilds.back_button.html.twig'); -?> \ No newline at end of file +if(!Validator::guildNick($new_nick)) { + $errors[] = Validator::getLastError(); +} + +if(!$player->isLoaded()) { + $errors[] = 'Unknow error occured. Player cannot be loaded'; +} + +$account_players = $account_logged->getPlayersList(); +if(!count($account_players)) { + $errors[] = 'This player is not from your account.'; +} + +if(empty($errors)) { + foreach($account_players as $acc_player) { + if($acc_player->getId() == $player->getId()) + $player_from_account = true; + } + + if(!$player_from_account) { + $errors[] = 'This player is not from your account.'; + } + + if(empty($errors)) + { + $player->setGuildNick($new_nick); + $twig->display('success.html.twig', array( + 'title' => 'Nick Changed', + 'description' => 'Guild nick of player '.$player->getName().' changed to '.htmlentities($new_nick).'.', + 'custom_buttons' => '' + )); + } +} + +if(!empty($errors)) { + $twig->display('error_box.html.twig', array('errors' => $errors)); +} + +$twig->display('guilds.back_button.html.twig', array( + 'new_line' => true, + 'action' => getLink('guilds') . '/' . $guild->getName() +)); diff --git a/system/pages/guilds/change_rank.php b/system/pages/guilds/change_rank.php index 4ceaaf49..7e4fe92c 100644 --- a/system/pages/guilds/change_rank.php +++ b/system/pages/guilds/change_rank.php @@ -11,7 +11,7 @@ defined('MYAAC') or die('Direct access not allowed!'); if(!$logged) { - $errors[] = 'You are not logged in. You can\'t change rank.'; + $errors[] = "You are not logged in. You can't change rank."; } else { $guild_name = isset($_REQUEST['guild']) ? urldecode($_REQUEST['guild']) : null; @@ -190,4 +190,4 @@ function getPlayersWithLowerRank($rank_list, $guild_leader, $db, $level_in_guild } return array('players' => $players_with_lower_rank, 'ranks' => $ranks); -} \ No newline at end of file +} diff --git a/system/pages/guilds/save_ranks.php b/system/pages/guilds/save_ranks.php index 75ce0417..21479624 100644 --- a/system/pages/guilds/save_ranks.php +++ b/system/pages/guilds/save_ranks.php @@ -48,7 +48,7 @@ if(empty($errors)) { $rank->setName($name); } else { - $errors[] = 'Invalid rank name. Please use only a-Z, 0-9 and spaces. Rank ID '.$rank_id.'.'; + $errors[] = Validator::getLastError() . ' Rank ID '.$rank_id.'.'; } if($level > 0 && $level < 4) { $rank->setLevel($level); @@ -60,11 +60,7 @@ if(empty($errors)) { $rank->save(); } //show errors or redirect - if(!empty($errors)) { - $twig->display('error_box.html.twig', array('errors' => $errors)); - } - else - { + if(empty($errors)) { header("Location: ?subtopic=guilds&action=manager&guild=".$guild->getName()); } } @@ -78,8 +74,7 @@ if(empty($errors)) { $errors[] = 'You are not logged. You can\'t manage guild.'; } } + if(!empty($errors)) { $twig->display('error_box.html.twig', array('errors' => $errors)); } - -?> \ No newline at end of file diff --git a/system/templates/guilds.view.html.twig b/system/templates/guilds.view.html.twig index af5e0169..82fa87c2 100644 --- a/system/templates/guilds.view.html.twig +++ b/system/templates/guilds.view.html.twig @@ -136,7 +136,7 @@ {% set playerName = player.getName() %} -
+ {{ getPlayerLink(playerName, true)|raw }} {% set showGuildNick = false %} @@ -344,4 +344,4 @@ - \ No newline at end of file +