forked from thekabal/tki
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathmail.php
98 lines (84 loc) · 4.91 KB
/
mail.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
<?php
// The Kabal Invasion - A web-based 4X space game
// Copyright © 2014 The Kabal Invasion development team, Ron Harwood, and the BNT development team
//
// This program is free software: you can redistribute it and/or modify
// it under the terms of the GNU Affero General Public License as
// published by the Free Software Foundation, either version 3 of the
// License, or (at your option) any later version.
//
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Affero General Public License for more details.
//
// You should have received a copy of the GNU Affero General Public License
// along with this program. If not, see <http://www.gnu.org/licenses/>.
//
// File: mail.php
require_once './common.php';
$title = $langvars['l_mail_title'];
Tki\Header::display($pdo_db, $lang, $template, $title);
// Database driven language entries
$langvars = Tki\Translate::load($pdo_db, $lang, array('mail', 'common', 'global_funcs', 'global_includes', 'global_funcs', 'combat', 'footer', 'news'));
echo "<h1>" . $title . "</h1>\n";
$result = $db->SelectLimit("SELECT character_name, email, password FROM {$db->prefix}ships WHERE email = ?", 1, -1, array('email' => $mail));
Tki\Db::LogDbErrors($pdo_db, $result, __LINE__, __FILE__);
if (!$result->EOF)
{
if ($mail == $tkireg->admin_mail)
{
echo "<div style='font-size:14px; font-weight:bold; color:#f00;'>";
echo $langvars['l_mail_admin_denied'];
echo "</div><br>\n";
if ($_SESSION['logged_in'] !== null && $_SESSION['logged_in'] === true)
{
echo str_replace("[here]", "<a href='main.php'>" . $langvars['l_here'] . "</a>", $langvars['l_global_mmenu']);
}
else
{
echo str_replace("[here]", "<a href='index.php'>" . $langvars['l_here'] . "</a>", $langvars['l_global_mlogin']);
}
}
else
{
$playerinfo = $result->fields;
$link_to_reset = "https://" . $request->server->get('HTTP_HOST') . Tki\SetPaths::setGamepath();
$link_to_reset .= "pwreset.php?code=" . mb_substr(md5($playerinfo['password']), 5, 8);
$langvars['l_mail_message'] = str_replace("[link]", htmlentities($link_to_reset, ENT_QUOTES | ENT_HTML5, 'UTF-8'), $langvars['l_mail_message']);
$langvars['l_mail_message'] = str_replace("[name]", $playerinfo['character_name'], $langvars['l_mail_message']);
$langvars['l_mail_message'] = str_replace("[ip]", $request->server->get('REMOTE_ADDR'), $langvars['l_mail_message']);
$langvars['l_mail_message'] = str_replace("[game_name]", $tkireg->game_name, $langvars['l_mail_message']);
// Some reason \r\n is broken, so replace them now.
$langvars['l_mail_message'] = str_replace('\r\n', "\r\n", $langvars['l_mail_message']);
// Need to set the topic with the game name.
$langvars['l_mail_topic'] = str_replace("[game_name]", $tkireg->game_name, $langvars['l_mail_topic']);
// Recovery time is a timestamp at the time of recovery attempt, which is valid for 30 minutes
// After 30 minutes, it will be cleared to null by scheduler. If it is used, it will also be cleared.
$recovery_update_result = $db->Execute("UPDATE {$db->prefix}ships SET recovery_time=? WHERE email = ?;", array(time(), $playerinfo['email']));
Tki\Db::LogDbErrors($pdo_db, $recovery_update_result, __LINE__, __FILE__);
mail($playerinfo['email'], $langvars['l_mail_topic'], $langvars['l_mail_message'] . "\r\n\r\n" . htmlentities($link_to_reset, ENT_QUOTES | ENT_HTML5, 'UTF-8') . "\r\n", "From: {$tkireg->admin_mail}\r\nReply-To: {$tkireg->admin_mail}\r\nX-Mailer: PHP/" . phpversion());
echo "<div style='color:#fff; text-align:left;'>" . $langvars['l_mail_sent'] . " <span style='color:#0f0;'>{$mail}</span></div>\n";
echo "<br>\n";
echo "<div style='font-size:14px; font-weight:bold; color:#f00;'>";
echo $langvars['l_mail_note_1'] . "<br><br>";
$langvars['l_mail_note_2'] = htmlentities($l_mail_note_2, ENT_QUOTES | ENT_HTML5, 'UTF-8');
echo mb_strtoupper($langvars['l_mail_note_2']);
echo "</div>\n";
}
}
else
{
$langvars['l_mail_noplayer'] = str_replace("[here]", "<a href='new.php'>" . $langvars['l_here'] . "</a>", $langvars['l_mail_noplayer']);
echo "<div style='color:#FFF; width:400px; text-align:left; font-size:12px; padding:6px;'>" . $langvars['l_mail_noplayer'] . "</div>\n";
echo "<br>\n";
if ($_SESSION['logged_in'] !== null && $_SESSION['logged_in'] === true)
{
echo str_replace("[here]", "<a href='main.php'>" . $langvars['l_here'] . "</a>", $langvars['l_global_mmenu']);
}
else
{
echo str_replace("[here]", "<a href='index.php'>" . $langvars['l_here'] . "</a>", $langvars['l_global_mlogin']);
}
}
Tki\Footer::display($pdo_db, $lang, $tkireg, $template);