mirror of
https://github.com/slawkens/myaac.git
synced 2025-04-26 09:19:22 +02:00
a72d1a3c9f
* New admin panel Pages: Options + Config [WIP] * Forgot the plugin example of options * Rename to settings.php * Add Settings Class * New myaac_settings table * Add $limit parameter to $db->select method * Add $member var annotation * Remove useless title_separator from config * Move $menus to menus.php Also fix active link when menu item has subpage * Settings [WIP] New Settings class New Plugins::load() method Move config.php to settings.php MyAAC Settings will have plugin_name = 'core' Add compat_config.php * Change options.php to settings.php * Change name to settings * Add Settings menu * Add Sections + Add setting($key) function Reorganisation * Add email + password fields as type * Update 33.php * add settings migration * php 8 compatibility * add missing hook * Add categories in tabs, move more settings, revert back getPluginSettings Categories and sections are now not numbered Remove example settings plugin * fix typo * Update .gitignore * Add 36th migration for settings table * Execute migrations just after db connect * Update plugins.php * [WIP] Some work on settings Add hidden settings New method: parse, to parse settings from array Move base html to twig template Remove vocation loading from .xml, instead use predefined voc names * Rename * Fix path * [WIP] More work on settings Move more config to settings (mainly mail_* + some other) Remove mail_admin, wasnt used anywhere Add return type to some functions Add Twig settings(key) function Possibility to save setting to db * Add min, max, step to number field option * Re-enable plugin if disabled and already installed * Add Settings menu, including all plugins with settings One change included in previous commit, due to missclick * Nothing important * Better boolean detection * More detailed error message in settings * Lets call it settings.name instead * Add new function: only_if, to hide fields when they are not enabled [WIP] Not fully finished yet * guild_management: show_if * Hide section title on show_if * Fix: check on page load if radio button is checked * Add: show_if - account_mail_verify * nothing important * Rename team_* variables + add to deprecated * Change variable name * Extract Settings:save function * Add settings.callbacks.get * Move forum config to settings * Move status config to settings * Remove whitespaces * More config to settings: account_types, genders, highscores, admin * Move signature config to settings * Move news config to settings * Rename variable * Save config.php in Settings Egg and hen problem solved :) * Test database connection on save settings -> prevents from making website unusable if connection is wrong * Test server_path -> same There is no config.php anymore, just config.local.php, which can be edited manually and also from admin panel * Remove configs from previous commit * Fix create account, if account_create_character_create is enabled * Add more deprecated configs * Add more info into comment * Update 5-database.php * Fix menu highlighting & opening * Update template.php * Enable script option * Reword email settings + move two new settings * add last_kills_limit + move shop * google_analytics_id * add mail_lost_account_interval * Create character blocked words (by @gpedro), just moved to settings * Fix google_analytics * create character name config moved to settings * Fix for install warning - min/max length * New create character checks configurable: block monsters & spells names * fixes * Improve character npc name check * New setting: donate_column + move donate config to settings * Add super fancy No Refresh saving with a toast * Add new possibility: to deny saving setting if condition is not met * Move database settings to separate category * Fix default value displaying * Add database_hash setting * add last_kills_limit to compat config * Move create character blocked names down * Every setting needs to have default * Move rest of config to settings Remove config.php completely Add new settings category: Game Fix account_login_by_email Min textarea size = 2 + adjusted automatically
443 lines
11 KiB
PHP
443 lines
11 KiB
PHP
<?php
|
|
/**
|
|
* Validator class
|
|
*
|
|
* @package MyAAC
|
|
* @author Slawkens <slawkens@gmail.com>
|
|
* @copyright 2019 MyAAC
|
|
* @link https://my-aac.org
|
|
*/
|
|
defined('MYAAC') or die('Direct access not allowed!');
|
|
|
|
class Validator
|
|
{
|
|
private static $lastError = '';
|
|
public static function number($number) {
|
|
if(!preg_match("/^([0-9]+)$/", $number)) {
|
|
self::$lastError = 'Invalid number format.';
|
|
return false;
|
|
}
|
|
|
|
return true;
|
|
}
|
|
|
|
/**
|
|
* Validate account id
|
|
* Id lenght must be 6-10 chars
|
|
*
|
|
* @param string $id Account id to check
|
|
* @return bool Is account name valid?
|
|
*/
|
|
public static function accountId($id)
|
|
{
|
|
if(!isset($id[0]))
|
|
{
|
|
self::$lastError = 'Please enter your account number!';
|
|
return false;
|
|
}
|
|
|
|
if(!Validator::number($id)) {
|
|
self::$lastError = 'Invalid account number format. Please use only numbers 0-9.';
|
|
return false;
|
|
}
|
|
|
|
$length = strlen($id);
|
|
if($length < 6)
|
|
{
|
|
self::$lastError = 'Account is too short (min. 6 chars).';
|
|
return false;
|
|
}
|
|
|
|
if($length > 10)
|
|
{
|
|
self::$lastError = 'Account is too long (max. 10 chars).';
|
|
return false;
|
|
}
|
|
|
|
return true;
|
|
}
|
|
|
|
/**
|
|
* Validate account name
|
|
* Name lenght must be 3-32 chars
|
|
*
|
|
* @param string $name Account name to check
|
|
* @return bool Is account name valid?
|
|
*/
|
|
public static function accountName($name)
|
|
{
|
|
if(!isset($name[0]))
|
|
{
|
|
self::$lastError = 'Please enter your account name!';
|
|
return false;
|
|
}
|
|
|
|
$length = strlen($name);
|
|
if($length < 3)
|
|
{
|
|
self::$lastError = 'Account name is too short (min. 3 chars).';
|
|
return false;
|
|
}
|
|
|
|
if($length > 32)
|
|
{
|
|
self::$lastError = 'Account name is too long (max. 32 chars).';
|
|
return false;
|
|
}
|
|
|
|
if(preg_match('/ {2,}/', $name))
|
|
{
|
|
self::$lastError = 'Invalid account name format. Use only A-Z and numbers 0-9 and no double spaces.';
|
|
return false;
|
|
}
|
|
|
|
if(!preg_match("/^[A-Z0-9]+$/i", $name))
|
|
{
|
|
self::$lastError = 'Invalid account name format. Use only A-Z and numbers 0-9.';
|
|
return false;
|
|
}
|
|
|
|
return true;
|
|
}
|
|
|
|
/**
|
|
* Advanced mail validator
|
|
*
|
|
* @param string $email
|
|
* @return bool Is email valid?
|
|
*/
|
|
public static function email($email) {
|
|
if(empty($email)) {
|
|
self::$lastError = 'Please enter your new email address.';
|
|
return false;
|
|
}
|
|
|
|
if(strlen($email) > 255) {
|
|
self::$lastError = 'E-mail is too long (max. 255 chars).';
|
|
return false;
|
|
}
|
|
|
|
if(setting('core.account_mail_block_plus_sign')) {
|
|
$explode = explode('@', $email);
|
|
if(isset($explode[0]) && (strpos($explode[0],'+') !== false)) {
|
|
self::$lastError = 'Please do not use plus (+) sign in your e-mail.';
|
|
return false;
|
|
}
|
|
}
|
|
|
|
if(!preg_match('/^(?:[\w\!\#\$\%\&\'\*\+\-\/\=\?\^\`\{\|\}\~]+\.)*[\w\!\#\$\%\&\'\*\+\-\/\=\?\^\`\{\|\}\~]+@(?:(?:(?:[a-zA-Z0-9_](?:[A-z0-9_\-](?!\.)){0,61}[a-zA-Z0-9_]?\.)+[a-zA-Z0-9_](?:[a-zA-Z0-9_\-](?!$)){0,61}[a-zA-Z0-9_]?)|(?:\[(?:(?:[01]?\d{1,2}|2[0-4]\d|25[0-5])\.){3}(?:[01]?\d{1,2}|2[0-4]\d|25[0-5])\]))$/', $email)) {
|
|
self::$lastError = 'Invalid e-mail format.';
|
|
return false;
|
|
}
|
|
|
|
return true;
|
|
}
|
|
|
|
/**
|
|
* Validate account password
|
|
* Name lenght must be 3-32 chars
|
|
*
|
|
* @param string $name Account name to check
|
|
* @return bool Is account name valid?
|
|
*/
|
|
public static function password($password)
|
|
{
|
|
if (!isset($password[0])) {
|
|
self::$lastError = 'Please enter the password.';
|
|
return false;
|
|
}
|
|
|
|
if (strlen($password) < 8 || strlen($password) > 29) {
|
|
self::$lastError = 'The password must have at least 8 and maximum 29 letters!';
|
|
return false;
|
|
}
|
|
|
|
if(!preg_match('/[a-zA-Z]/', $password)) {
|
|
self::$lastError = 'The password must contain at least one letter A-Z or a-z!';
|
|
return false;
|
|
}
|
|
|
|
if(!preg_match('/[0-9]/', $password)) {
|
|
self::$lastError = 'The password must contain at least one number!';
|
|
return false;
|
|
}
|
|
|
|
return true;
|
|
}
|
|
|
|
/**
|
|
* Validate character name.
|
|
* Name lenght must be 3-25 chars
|
|
*
|
|
* @param string $name Name to check
|
|
* @return bool Is name valid?
|
|
*/
|
|
public static function characterName($name)
|
|
{
|
|
if(!isset($name[0]))
|
|
{
|
|
self::$lastError = 'Please enter character name.';
|
|
return false;
|
|
}
|
|
|
|
// installer doesn't know config.php yet
|
|
// that's why we need to ignore the nulls
|
|
if(defined('MYAAC_INSTALL')) {
|
|
$minLength = 4;
|
|
$maxLength = 21;
|
|
}
|
|
else {
|
|
$minLength = setting('core.create_character_name_min_length');
|
|
$maxLength = setting('core.create_character_name_max_length');
|
|
}
|
|
|
|
$length = strlen($name);
|
|
if($length < $minLength)
|
|
{
|
|
self::$lastError = "Character name is too short. Min. length <b>$minLength</b> characters.";
|
|
return false;
|
|
}
|
|
|
|
if($length > $maxLength)
|
|
{
|
|
self::$lastError = "Character name is too long. Max. length <b>$maxLength</b> characters.";
|
|
return false;
|
|
}
|
|
|
|
if(strspn($name, "qwertyuiopasdfghjklzxcvbnmQWERTYUIOPASDFGHJKLZXCVBNM- [ ] '") != $length)
|
|
{
|
|
self::$lastError = "Invalid name format. Use only A-Z, spaces and '.";
|
|
return false;
|
|
}
|
|
|
|
if(preg_match('/ {2,}/', $name))
|
|
{
|
|
self::$lastError = 'Invalid character name format. Use only A-Z and no double spaces.';
|
|
return false;
|
|
}
|
|
|
|
if(!preg_match("/[A-z ']/", $name))
|
|
{
|
|
self::$lastError = "Invalid name format. Use only A-Z, spaces and '.";
|
|
return false;
|
|
}
|
|
|
|
return true;
|
|
}
|
|
|
|
/**
|
|
* Validate new character name.
|
|
* Name lenght must be 3-25 chars
|
|
*
|
|
* @param string $name Name to check
|
|
* @return bool Is name valid?
|
|
*/
|
|
public static function newCharacterName($name)
|
|
{
|
|
global $db, $config;
|
|
|
|
$name_lower = strtolower($name);
|
|
|
|
$first_words_blocked = array_merge(["'", '-'], setting('core.create_character_name_blocked_prefix'));
|
|
foreach($first_words_blocked as $word) {
|
|
if($word == substr($name_lower, 0, strlen($word))) {
|
|
self::$lastError = 'Your name contains blocked words.';
|
|
return false;
|
|
}
|
|
}
|
|
|
|
if(substr($name_lower, -1) == "'" || substr($name_lower, -1) == "-") {
|
|
self::$lastError = 'Your name contains illegal characters.';
|
|
return false;
|
|
}
|
|
|
|
if(substr($name_lower, 1, 1) == ' ') {
|
|
self::$lastError = 'Your name contains illegal space.';
|
|
return false;
|
|
}
|
|
|
|
if(substr($name_lower, -2, 1) == " ") {
|
|
self::$lastError = 'Your name contains illegal space.';
|
|
return false;
|
|
}
|
|
|
|
if(preg_match('/ {2,}/', $name)) {
|
|
self::$lastError = 'Invalid character name format. Use only A-Z and numbers 0-9 and no double spaces.';
|
|
return false;
|
|
}
|
|
|
|
if(strtolower($config['lua']['serverName']) == $name_lower) {
|
|
self::$lastError = 'Your name cannot be same as server name.';
|
|
return false;
|
|
}
|
|
|
|
$names_blocked = setting('core.create_character_name_blocked_names');
|
|
foreach($names_blocked as $word) {
|
|
if($word == $name_lower) {
|
|
self::$lastError = 'Your name contains blocked words.';
|
|
return false;
|
|
}
|
|
}
|
|
|
|
$words_blocked = array_merge(['--', "''","' ", " '", '- ', ' -', "-'", "'-"], setting('core.create_character_name_blocked_words'));
|
|
foreach($words_blocked as $word) {
|
|
if(!(strpos($name_lower, $word) === false)) {
|
|
self::$lastError = 'Your name contains illegal words.';
|
|
return false;
|
|
}
|
|
}
|
|
|
|
$name_length = strlen($name_lower);
|
|
for($i = 0; $i < $name_length; $i++)
|
|
{
|
|
if(isset($name_lower[$i]) && isset($name_lower[$i + 1]) && $name_lower[$i] == $name_lower[$i + 1] && isset($name_lower[$i + 2]) && $name_lower[$i] == $name_lower[$i + 2]) {
|
|
self::$lastError = 'Your name is invalid.';
|
|
return false;
|
|
}
|
|
}
|
|
|
|
// check if was namelocked previously
|
|
if($db->hasTable('player_namelocks') && $db->hasColumn('player_namelocks', 'name')) {
|
|
$namelock = $db->query('SELECT `player_id` FROM `player_namelocks` WHERE `name` = ' . $db->quote($name));
|
|
if($namelock->rowCount() > 0) {
|
|
self::$lastError = 'Character with this name has been namelocked.';
|
|
return false;
|
|
}
|
|
}
|
|
|
|
$monstersCheck = setting('core.create_character_name_monsters_check');
|
|
if ($monstersCheck) {
|
|
$monsters = $db->query('SELECT `name` FROM `' . TABLE_PREFIX . 'monsters` WHERE `name` LIKE ' . $db->quote($name_lower));
|
|
if ($monsters->rowCount() > 0) {
|
|
self::$lastError = 'Your name cannot contains monster name.';
|
|
return false;
|
|
}
|
|
}
|
|
|
|
$spellsCheck = setting('core.create_character_name_spells_check');
|
|
if ($spellsCheck) {
|
|
$spells_name = $db->query('SELECT `name` FROM `' . TABLE_PREFIX . 'spells` WHERE `name` LIKE ' . $db->quote($name_lower));
|
|
if ($spells_name->rowCount() > 0) {
|
|
self::$lastError = 'Your name cannot contains spell name.';
|
|
return false;
|
|
}
|
|
|
|
$spells_words = $db->query('SELECT `words` FROM `' . TABLE_PREFIX . 'spells` WHERE `words` = ' . $db->quote($name_lower));
|
|
if ($spells_words->rowCount() > 0) {
|
|
self::$lastError = 'Your name cannot contains spell name.';
|
|
return false;
|
|
}
|
|
}
|
|
|
|
$npcCheck = setting('core.create_character_name_npc_check');
|
|
if ($npcCheck) {
|
|
require_once LIBS . 'npc.php';
|
|
NPCS::load();
|
|
if(NPCS::$npcs) {
|
|
foreach (NPCs::$npcs as $npc) {
|
|
if(strpos($name_lower, $npc) !== false) {
|
|
self::$lastError = 'Your name cannot contains NPC name.';
|
|
return false;
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
return true;
|
|
}
|
|
|
|
/**
|
|
* Validate guild name
|
|
* Name lenght must be 3-32 chars
|
|
*
|
|
* @param string $name Name to check
|
|
* @return bool Is name valid?
|
|
*/
|
|
public static function guildName($name)
|
|
{
|
|
if(empty($name)) {
|
|
self::$lastError = 'Please enter guild name.';
|
|
return false;
|
|
}
|
|
|
|
if(strspn($name, "qwertyuiopasdfghjklzxcvbnmQWERTYUIOPASDFGHJKLZXCVBNM0123456789- ") != strlen($name)) {
|
|
self::$lastError = 'Invalid guild name format.';
|
|
return false;
|
|
}
|
|
|
|
if(!preg_match("/[A-z ]{3,32}/", $name)) {
|
|
self::$lastError = 'Invalid guild name format.';
|
|
return false;
|
|
}
|
|
|
|
return true;
|
|
}
|
|
|
|
/**
|
|
* Validate guild nick
|
|
* Nick lenght must be 3-40 chars
|
|
*
|
|
* @param string $name Name to check
|
|
* @return bool Is name valid?
|
|
*/
|
|
public static function guildNick($name)
|
|
{
|
|
if(empty($name)) {
|
|
self::$lastError = 'Please enter guild nick.';
|
|
return false;
|
|
}
|
|
|
|
if(strspn($name, "qwertyuiopasdfghjklzxcvbnmQWERTYUIOPASDFGHJKLZXCVBNM0123456789- ") != strlen($name)) {
|
|
self::$lastError = 'Invalid guild nick format.';
|
|
return false;
|
|
}
|
|
|
|
if(!preg_match("/[A-z ]{3,40}/", $name)) {
|
|
self::$lastError = 'Invalid guild nick format.';
|
|
return false;
|
|
}
|
|
|
|
return true;
|
|
}
|
|
|
|
/**
|
|
* Validate rank name
|
|
* Rank lenght must be 1-32 chars
|
|
*
|
|
* @param string $name Name to check
|
|
* @return bool Is name valid?
|
|
*/
|
|
public static function rankName($name)
|
|
{
|
|
if(empty($name)) {
|
|
self::$lastError = 'Please enter rank name.';
|
|
return false;
|
|
}
|
|
|
|
if(strspn($name, "qwertyuiopasdfghjklzxcvbnmQWERTYUIOPASDFGHJKLZXCVBNM0123456789-[ ] ") != strlen($name)) {
|
|
self::$lastError = 'Invalid rank name. Please use only a-Z, 0-9 and spaces.';
|
|
return false;
|
|
}
|
|
|
|
if(!preg_match("/[A-z ]{1,32}/", $name)) {
|
|
self::$lastError = 'Invalid rank name. Please use only a-Z, 0-9 and spaces.';
|
|
return false;
|
|
}
|
|
|
|
return true;
|
|
}
|
|
/**
|
|
* Simple string validator, checks if string contains valid characters
|
|
*
|
|
* @param string $str String to validate
|
|
* @param boolean $numbers Numbers should be allowed?
|
|
*/
|
|
public static function str($str, $numbers = false) {
|
|
return preg_match('/^[a-z0-9\ ]*$/i', $str);
|
|
}
|
|
|
|
public static function getLastError() {
|
|
return self::$lastError;
|
|
}
|
|
}
|