$value)
{
$content = preg_replace('/{'.$key.'}/',$value,$content);
}
}
return $content;
}
// classess
class SqlCon
{
var $con;
function __construct($host=SQLSERVER, $user=SQLUSER, $pass=SQLPASS,$db=SQLDB)
{
$this->con=mysqli_connect($host,$user,$pass);
if(!$this->con)
{
die("Error in Connection" . mysqli_error($this->con));
}
if(!mysqli_select_db($this->con,$db))
{
die("Error to select database".mysqli_error($this->con));
}
}
function Close()
{
//if($this->con !=4){
mysqli_close($this->con);
$this->con = null;
//}
}
function Begin()
{
mysqli_query($this->con,"start transaction");
mysqli_query($this->con,"begin");
}
function Commit()
{
mysqli_query($this->con,"commit");
}
function Rollback()
{
mysqli_query($this->con,"rollback");
}
function Rows(&$result)
{
if(!$result)
{
return false;
//$arr = array('error' => 1000);
//echo json_encode($arr);
//exit;
}
else if(mysqli_num_rows($result)<=0)
{
return false;
}
else
{
return true;
}
}
function CheckSql()
{
return mysqli_affected_rows($this->con);
}
}
class Pager
{
public static function getPagerData($numHits, $limit, $page)
{
$numHits = (int) $numHits;
$limit = max((int) $limit, 1);
$page = (int) $page;
$numPages = ceil($numHits / $limit);
$page = max($page, 1);
// $page = min($page, $numPages);
$offset = ($page - 1) * $limit;
$ret = new stdClass;
$ret->offset = $offset;
$ret->limit = $limit;
$ret->numPages = $numPages;
$ret->page = $page;
return $ret;
}
}
class Tloons
{
var $DB;
function __construct()
{
$this->DB = new SqlCon();
$this->Main();
}
function __destruct()
{
$this->DB->Close();
unset($this->DB->con);
unset($this->DB);
}
function Main()
{
$request = isset($_REQUEST['cmd'])? $_REQUEST['cmd'] : "";
switch($request)
{
case 'mailtoall' : $this->MailToAll(); break;
case 'login': $this->LoginPage(); break;
case 'dologin' : $this->DoLogin(); break;
case 'forget' : $this->ForgetPage(); break;
case 'doforget' : $this->DoForget(); break;
case 'register' : $this->RegisterPage(); break;
case 'doregister' : $this->DoRegistration(); break;
case 'play' : $this->Play(); break;
case 'logout' : $this->Logout(); break;
case 'change' : $this->ChangePasswordPage(); break;
case 'dochange' : $this->DoChangePassword(); break;
case 'records' : $this->WorldRecords(); break;
case 'savescore' : $this->UpdateScore(); break;
case 'prize' : $this->Prize(); break;
default : $this->HomeDefault();
}
}
function MailToAll()
{
// get records
// if days diff - 30 days and score != 0
// sent mail
// else do nothing
$sql = "select *, datediff(now(), last_mail) as d from tloons_users ".
"where datediff(now(), last_mail) >= 30 and total_score != 0";
$result = mysqli_query($this->DB->con,$sql);
if($this->DB->Rows($result))
{
$row = mysqli_fetch_array($result);
// get records
$user_id = $row['user_id'];
$nickname = stripslashes(ucwords($row['nickname']));
$tloons_email = stripslashes(strtolower($row['tloons_email']));
$total_score = $row['total_score'];
$sql = "update tloons_users set last_mail = now() where user_id='$user_id'";
mysqli_query($this->DB->con,$sql);
if($this->DB->CheckSql()>=1)
{
// sent mail to user
if( MAILMODE == 'ON' )
{
$to = $tloons_email; // change to tloons_email
$headers = "From: ".EMAILFROM. "\r\n" ;
$subject = "We are at WAR with TLOONS";
$description = "Hey $nickname,\n\nYour vacation is over.\nJust to remind you that you have joined the human army to eliminate all the Tloons.\n\nDon't' quit, Come back and finish them all.\n\nWe are at WAR with TLOONS. \n\n";
$description .= "https://www.tloons.com/start\n\nwww.tloons.com\n\nRead story: http://www.tohla.com/tloons.htm";
mail($to,$subject,$description,$headers);
}
}
mysqli_free_result($result);
}
else
{
echo "All done!";
return;
}
$t = (isset($_REQUEST['t']))? $_REQUEST['t'] : 30;
$output= '';
$output.= "Next Mail
";
$output.= "".
"";
echo $output;
// echo html which all itself
}
function Prize()
{
$vars['WEBURL']=WEBURL;
$vars['LOGINURL'] = LOGINURL;
$vars['PLAYURL'] = PLAYURL;
$vars['REGISTERURL'] = REGISTERURL;
$vars['PRIZEURL'] = PRIZEURL;
$users = $this->GetUsers();
if($users == 0)
{
$users = "None";
}
$vars['HUMANS'] = $users;
$target = $this->GetTarget();
if($target == -100000)
{
$vars['TLOONS'] = "Infinite";
}
else if($target <=0)
{
$vars['TLOONS'] = "None";
}
else
{
$vars['TLOONS'] = $target;
}
$sql = "select * from tloons_target";
$result = mysqli_query($this->DB->con, $sql);
$prize = "0 USD";
if($this->DB->Rows($result))
{
$row = mysqli_fetch_array($result);
$prize = $row['prize_value'];
}
$vars['PRIZE'] =$prize;
$output = Template('_prize',$vars);
echo $output;
}
function UpdateScore()
{
$score = isset($_REQUEST['balloons']) ? $_REQUEST['balloons'] : "";
$tloons_email = isset($_COOKIE['tloons_auth']) ? $_COOKIE['tloons_auth'] : "";
$tloons_token = isset($_COOKIE['tloons_token']) ? $_COOKIE['tloons_token'] : "";
if($tloons_email == "" || $tloons_token=="")
{
echo "You have killed $score Tloons
".
"Kill them to revealed the SECRET CODE
".
"
Login ".
" Play Again ";
return;
}
else
{
// check if target achieved then show secret code is already released
// if not then below bakwas
$target = $this->GetTarget();
if($target == -100000)
{
echo "You have killed $score Tloons
".
"Remaining Tloons: Infinite
",
" Play Again ";
}
else if($target <=0 )
{
echo "You have killed $score Tloons
".
"Secret Code is already released
",
" Play Again ";
return;
}
// check user is exist | valid
$sql = "select * from tloons_users where tloons_email = '$tloons_email' and status = 'active'";
$result = mysqli_query($this->DB->con, $sql);
if($this->DB->Rows($result))
{
// log user score, update user total score, update target.
$row = mysqli_fetch_array($result);
$user_total_score = $row['total_score'];
$trans_status = 1;
$this->DB->Begin();
$isql = "insert into tloons_score(user_id, score, score_date) values('$tloons_token','$score',now())";
mysqli_query($this->DB->con,$isql);
if($this->DB->CheckSql()>=1)
{
$usql = "update tloons_users set total_score = total_score + $score where tloons_email = '$tloons_email'";
mysqli_query($this->DB->con,$usql);
if($this->DB->CheckSql()>=1)
{
$tsql = "update tloons_target set target = target - $score";
mysqli_query($this->DB->con,$tsql);
if($this->DB->CheckSql()>=1)
{
$trans_status = 1;
}
else
{
$trans_status =0;
}
}
else
{
$trans_status = 0;
}
}
else
{
$trans_status = 0;
}
if($trans_status == 1)
{
$this->DB->Commit();
// get user total score and current target to display
$total_score = $this->GetTotalScore($tloons_email);
$target = $this->GetTarget();
if($target == -100000)
{
$target = "Infinite";
}
else if($target <= 0)
{
$sql = "select * from tloons_target";
$result = mysqli_query($this->DB->con,$sql);
if($this->DB->Rows($result))
{
$row = mysqli_fetch_array($result);
$usql = "update tloons_target set winner_email = '$tloons_email'";
mysqli_query($this->DB->con,$usql);
if($this->DB->CheckSql()>=1)
{
$to = EMAILTO;
$subject = 'Tloons Winner';
$message = " $tloons_email win the game";
$headers = 'From: anna@tloons.com' . "\r\n" ;
mail($to, $subject, $message, $headers);
echo "You have killed all the Tloons
".
"You revealed the SECRET CODE ! Hurray you win the prize of $row[prize_value]
".
"Secret Code: $row[code]
".
"We will contact you soon
";
return;
}
else
{
echo " Play Again ";
}
}
else
{
// nothing happen
echo " Play Again ";
}
}
else
{
// show score
echo "You have killed $score Tloons
".
"Remaining Tloons: $target
".
"Your Total Score: $total_score
".
"Kill them to revealed the SECRET CODE
".
" Play Again ";
}
}
else
{
$this->DB->Rollback();
echo "Alert! You have killed $score Tloons
But, there is an error in updating the score
".
" Play Again ";
}
}
else
{
echo "You have killed $score Tloons
".
"Kill them to revealed the SECRET CODE
".
"
Login ".
" Play Again ";
return;
}
}
}
function GetTotalScore($tloons_email)
{
$totalscore=-1;
$sql = "select * from tloons_users where tloons_email = '$tloons_email'";
$result = mysqli_query($this->DB->con,$sql);
if($this->DB->Rows($result))
{
$row = mysqli_fetch_array($result);
$totalscore = $row['total_score'];
}
mysqli_free_result($result);
return $totalscore;
}
function GetTarget()
{
$target=-100000;
$sql = "select * from tloons_target";
$result = mysqli_query($this->DB->con,$sql);
if($this->DB->Rows($result))
{
$row = mysqli_fetch_array($result);
$target = $row['target'];
}
mysqli_free_result($result);
return $target;
}
function GetUsers()
{
$users=0;
$sql = "select count(*) as c from tloons_users where status = 'active'";
$result = mysqli_query($this->DB->con,$sql);
if($this->DB->Rows($result))
{
$row = mysqli_fetch_array($result);
$users = $row['c'];
}
mysqli_free_result($result);
return $users;
}
function WorldRecords()
{
$vars['WEBURL'] = WEBURL;
$vars['PLAYURL'] = PLAYURL;
$sql = "select * from tloons_users order by total_score desc limit 20";
$result = mysqli_query($this->DB->con, $sql);
if($this->DB->Rows($result))
{
$data = "| Name | Tloons Killed |
|---|
";
while($row = mysqli_fetch_array($result))
{
$data .="| $row[nickname] | $row[total_score] |
";
}
$data .= "
";
$vars['DATA'] = $data;
}
else
{
$vars['DATA'] = "No Record yet";
}
mysqli_free_result($result);
$output = Template("_records", $vars);
echo $output;
}
function ChangePasswordPage()
{
$vars['WEBURL'] = WEBURL;
$vars['PLAYURL'] = PLAYURL;
$vars['MESSAGE'] = "";
$msg = isset($_REQUEST['msg']) ? $_REQUEST['msg'] : "";
if($msg == 1)
$vars['MESSAGE'] ="Alert! Missing Information
";
if($msg == 2)
$vars['MESSAGE'] ="Password mismatch!
";
if($msg == 3)
$vars['MESSAGE'] ="Authentication Failure!!!
";
if($msg == 4)
$vars['MESSAGE'] ="Incorrect old password!!!
";
if($msg == 5)
$vars['MESSAGE'] ="Password Changed!!!
";
$output = Template('_change', $vars);
echo $output;
}
function DoChangePassword()
{
// get email id
$tloons_email = isset($_COOKIE['tloons_auth']) ? $_COOKIE['tloons_auth'] : "";
if($tloons_email =="")
{
ResponseRedirect(WEBURL."index.php?cmd=change&msg=3");
return;
}
$oldpassword = isset($_REQUEST['oldpassword']) ? $_REQUEST['oldpassword'] : "";
$newpassword = isset($_REQUEST['newpassword']) ? $_REQUEST['newpassword'] : "";
$cpassword = isset($_REQUEST['cpassword'] ) ? $_REQUEST['cpassword'] : "";
if($oldpassword == '' || $newpassword == '' || $cpassword == '')
{
ResponseRedirect(WEBURL."index.php?cmd=change&msg=1");
return;
}
if(strcmp($newpassword,$cpassword)!= 0)
{
ResponseRedirect(WEBURL."index.php?cmd=change&msg=2");
return;
}
$sql = "select * from tloons_users where tloons_email = '$tloons_email' and tloons_password = '$oldpassword'";
$result = mysqli_query($this->DB->con,$sql);
if($this->DB->Rows($result))
{
$sql="update tloons_users set tloons_password = '$newpassword' where tloons_email = '$tloons_email'";
mysqli_query($this->DB->con,$sql);
if($this->DB->CheckSql()>=1)
{
ResponseRedirect(WEBURL."index.php?cmd=change&msg=5");
return;
}
}
else
{
ResponseRedirect(WEBURL."index.php?cmd=change&msg=4");
return;
}
// check old password is corrent
// if not
}
function Logout()
{
setcookie("tloons_auth",null,time()-(3600*24),"/");
setcookie("tloons_token",null,time()-(3600*24),"/");
ResponseRedirect(WEBURL);
}
function GuestLinks()
{
$links = "Home".
"
World Records";
return $links;
}
function UserLinks($email)
{
$links = "Home ($email) ".
"
Change Password".
"
World Records".
"
Logout";
return $links;
}
function Play()
{
$tloons_email = isset($_COOKIE['tloons_auth']) ? $_COOKIE['tloons_auth'] : "";
$user_id = isset($_COOKIE['tloons_token']) ? $_COOKIE['tloons_token'] : "";
if($tloons_email =="" || $user_id == "")
{
$vars['LINKS'] = $this->GuestLinks();
}
else
{
$vars['LINKS'] = $this->UserLinks($tloons_email);
}
// get tloons_target
$target = $this->GetTarget();
if($target == -100000)
{
$vars['TLOONS'] = "Infinite";
}
else if($target<=0)
{
$vars['TLOONS'] = "None";
}
else
{
$vars['TLOONS'] =$target;
}
// get user score
$vars['USERSCORE'] = " (Login | Register )";
$sql = "select * from tloons_users where tloons_email = '$tloons_email'";
$result = mysqli_query($this->DB->con, $sql);
if($this->DB->Rows($result))
{
$row = mysqli_fetch_array($result);
$vars['USERSCORE'] = $row['total_score'] ;
}
mysqli_free_result($result);
$vars['WEBURL'] = WEBURL;
$output = Template('_tloons', $vars);
echo $output;
}
function DoLogin()
{
$tloons_email = isset($_POST['email']) ? addslashes($_POST['email']) : "";
$tloons_password = isset($_POST['password']) ? addslashes($_POST['password']) : "";
if($tloons_email =="" || $tloons_password ==="")
{
// missing information
ResponseRedirect(WEBURL."index.php?cmd=login&msg=3");
return;
}
$sql = "select * from tloons_users where tloons_email = '$tloons_email' and binary tloons_password ='$tloons_password' ";
$result = mysqli_query($this->DB->con,$sql);
if($this->DB->Rows($result))
{
// get user id and set cookie
$row = mysqli_fetch_array($result);
$user_id = $row['user_id'];
setcookie("tloons_auth",$tloons_email,time()+(3600*24),"/");
setcookie("tloons_token",$user_id,time()+(3600*24),"/");
ResponseRedirect(PLAYURL);
}
else
{
// authentication failure
ResponseRedirect(WEBURL."index.php?cmd=login&msg=4");
return;
}
}
function DoForget()
{
$tloons_email = isset($_POST['email']) ? addslashes($_POST['email']) : "";
if($tloons_email == '')
{
// please enter email
ResponseRedirect(WEBURL."index.php?cmd=forget&msg=1");
return;
}
$sql = "select * from tloons_users where tloons_email = '$tloons_email'";
$result = mysqli_query($this->DB->con, $sql);
if($this->DB->Rows($result))
{
$row = mysqli_fetch_array($result);
$tloons_password = $row['tloons_password'];
// sent a mail to user
$to = $tloons_email;
$subject = 'Tloons Password';
$message = "Your Tloons Password is: $tloons_password ";
$headers = 'From: donotreply@tloons.com' . "\r\n" ;
mail($to, $subject, $message, $headers);
ResponseRedirect(WEBURL."index.php?cmd=login&msg=2&email=$tloons_email");
}
else
{
// email not found
ResponseRedirect(WEBURL."index.php?cmd=forget&msg=3");
return;
}
}
function DoRegistration()
{
$nickname = isset($_POST['nickname']) ? addslashes($_POST['nickname']) : "";
$tloons_email = isset($_POST['tloons_email']) ? addslashes(strtolower(trim($_POST['tloons_email']))) : "";
$tloons_password = isset($_POST['tloons_password']) ? addslashes($_POST['tloons_password']) : "";
$cpassword = isset($_POST['cpassword']) ? addslashes($_POST['cpassword']) : "";
if($tloons_email == "" || $tloons_password == "" || $nickname == "")
{
ResponseRedirect(WEBURL."index.php?cmd=register&msg=2");
return;
}
if(strcmp($tloons_password,$cpassword) != 0)
{
ResponseRedirect(WEBURL."index.php?cmd=register&msg=3");
return;
}
$sql = "insert into tloons_users(nickname, tloons_email, tloons_password, created_date, status) ".
"values('$nickname', '$tloons_email', '$tloons_password', now(), 'active')";
mysqli_query($this->DB->con,$sql);
if($this->DB->CheckSql()>=1)
{
ResponseRedirect(WEBURL."index.php?cmd=login&msg=1&email=$tloons_email");
}
else
{
ResponseRedirect(WEBURL."index.php?cmd=register&msg=1");
}
}
function RegisterPage()
{
$vars['WEBURL'] = WEBURL;
$vars['REGISTRATIONFAILURE']="";
// if redirect from register page
$msg = isset($_REQUEST['msg']) ? $_REQUEST['msg'] : "";
if($msg == 1)
$vars['REGISTRATIONFAILURE'] ="Failure! Already registered! Try Again
";
if($msg == 2)
$vars['REGISTRATIONFAILURE'] ="Alert! Missing information
";
if($msg == 3)
$vars['REGISTRATIONFAILURE'] ="Alert! Password mismatch
";
$output = Template('_register', $vars);
echo $output;
}
function ForgetPage()
{
$vars['WEBURL'] = WEBURL;
$vars['MESSAGE'] = "";
$msg = isset($_REQUEST['msg']) ? $_REQUEST['msg'] : "";
if($msg == 1) // no email provided
$vars['MESSAGE'] ="Alert! Please provide email
";
if($msg == 3) // email not found
$vars['MESSAGE'] ="Failure! Email not found
";
$output = Template('_forget', $vars);
echo $output;
}
function LoginPage()
{
$tloons_email = isset($_COOKIE['tloons_auth']) ? $_COOKIE['tloons_auth'] : "";
$user_id = isset($_COOKIE['tloons_token']) ? $_COOKIE['tloons_token'] : "";
if($tloons_email != "" && $user_id!="")
{
ResponseRedirect(PLAYURL);
return;
}
$vars['WEBURL'] = WEBURL;
$vars['FORGETURL'] = FORGETURL;
$vars['REGISTERURL'] = REGISTERURL;
$vars['SUCCESSREGISTRATION']="";
$vars['EMAIL'] = "";
// if redirect from register page
$msg = isset($_REQUEST['msg']) ? $_REQUEST['msg'] : "";
$vars['EMAIL'] = isset($_REQUEST['email']) ? $_REQUEST['email'] : "";
if($msg == 1)
$vars['SUCCESSREGISTRATION'] ="Success! You are registered ! please login here to continue.
";
if($msg == 2)
$vars['SUCCESSREGISTRATION'] ="Password! Your password has been sent to registered email.
";
if($msg == 3)
$vars['SUCCESSREGISTRATION'] ="Alert! Missing Information.
";
if($msg == 4)
$vars['SUCCESSREGISTRATION'] ="Authentication Failure! Try Again
";
$output = Template('_login', $vars);
echo $output;
}
function HomeDefault()
{
$vars['WEBURL']=WEBURL;
$vars['LOGINURL'] = LOGINURL;
$vars['PLAYURL'] = PLAYURL;
$vars['REGISTERURL'] = REGISTERURL;
$vars['PRIZEURL'] = PRIZEURL;
$users = $this->GetUsers();
if($users == 0)
{
$users = "None";
}
$vars['HUMANS'] = $users;
$target = $this->GetTarget();
if($target == -100000)
{
$vars['TLOONS'] = "Infinite";
}
else if($target <=0)
{
$vars['TLOONS'] = "None";
}
else
{
$vars['TLOONS'] = $target;
}
$output = Template('_home',$vars);
echo $output;
}
}
$v = new Tloons();
?>