agng/ag/include/user.inc.php

<?php
/*
 *
 * @copyright (c) 2010 animegame.eu
 * @license http://www.gnu.org/licenses/gpl-3.0.html GNU General Public Licence
 *
 */

include_once(ROOT_PATH . '/include/config/server.inc.php');
include_once(ROOT_PATH.'/include/cheater.inc.php');

$GLOBALS['user_buffered_instances'] = array ();


function getUser($userid, $buffer_enabled = true) {
	// Fehlerkontrolle
	if(!is_numeric($userid)){
		return null;
	}
	// 	Wenn Char nicht im Puffer ist, oder nicht gepuffert werden soll
	if ($GLOBALS['user_buffered_instances'][$userid] == null || !$buffer_enabled) {
		$user = mysql_fetch_assoc(mysql_query('SELECT * FROM user WHERE id = '.$userid));
		$GLOBALS['user_buffered_instances'][$userid] = $user;
	}
	return $GLOBALS['user_buffered_instances'][$userid];
}

/**
 * 
 * Returns the user of the Character. (attributes of the user-table should be added here if needed)
 * @param unknown_type $charid
 * @param unknown_type $buffer_enabled
 */
function getOwnerOfChar($charid, $buffer_enabled = true) {
	// Fehlerkontrolle
	if(!is_numeric($charid)){
		return null;
	}
	// 	Wenn Char nicht im Puffer ist, oder nicht gepuffert werden soll
	if ($GLOBALS['user_buffered_instances'][$userid] == null || !$buffer_enabled) {
		$user = mysql_fetch_assoc(mysql_query('SELECT u.nickname, u.id FROM user u INNER JOIN chars ch ON ch.besitzer=u.id WHERE ch.id = '.$charid));
		$GLOBALS['user_buffered_instances'][$userid] = $user;
	}
	return $GLOBALS['user_buffered_instances'][$userid];
}

function addMoneyToUser($userid, $amount) {
	mysql_query('update user set geld = geld + ' . $amount . ' WHERE id = ' .$userid);
}


function checkSessionPasswort($userid, $password){
	$sql = 'SELECT passwort from user where id = \''.$userid.'\'';
	$row = mysql_fetch_assoc(mysql_query($sql));
	if($row['passwort'] != null){
		//		echo $password.' == '.$row['passwort'];
		return $password == $row['passwort'];
	} else{
		return false;
	}
}


function checkCookiePassword($username, $password){
	$sql = 'SELECT passwort from user where nickname = \''.$username.'\'';
	$row = mysql_fetch_assoc(mysql_query($sql));
	if($row['passwort'] != null){
		return $password == $row['passwort'];
	} else{
		return false;
	}
}

function checkLoginPassword($username, $password){
	$sql = 'SELECT SHA1(AES_ENCRYPT(\''.$password.'\',\''.$GLOBALS['PW_AES_KEY'].'\')) as encrypt_password, passwort from user where nickname = \''.$username.'\'';
	//	echo $sql.'<br>';
	$row = mysql_fetch_assoc(mysql_query($sql));
	if($row){
		if($row['encrypt_password'] != $row['passwort'] && md5($password) == $row['passwort']){
			setPassword($username, $password);
			return true;
		} else{
			return $row['encrypt_password'] == $row['passwort'];
		}
	} else{
		return false;
	}
}

function setCookies($nick_name, $password){
	checkCookies($nick_name, $_COOKIE['yps']);
	$row = mysql_fetch_assoc(mysql_query('select SHA1(AES_ENCRYPT(\''.$password.'\',\''.$GLOBALS['PW_AES_KEY'].'\')) as pw'));
	setcookie('name',$nick_name,time()+864000);
	setcookie('passwort',$row['pw'],time()+864000);
	setcookie('yps',$nick_name.','.md5($nick_name),time()+864000);
}

function setPassword($username, $password){
	$sql = 'UPDATE user set passwort = SHA1(AES_ENCRYPT(\''.$password.'\',\''.$GLOBALS['PW_AES_KEY'].'\')) where nickname = \''.$username.'\'';
	//	echo $sql.'<br>';
	mysql_query($sql);
}

function encryptPassword($password){
	$sql = 'SELECT SHA1(AES_ENCRYPT(\''.$password.'\',\''.$GLOBALS['PW_AES_KEY'].'\')) as pw';
	$result = mysql_fetch_assoc(mysql_query($sql));
	return $result['pw'];
}

?>