From 07de3f728310238a3fe64b730641c107a617b106 Mon Sep 17 00:00:00 2001 From: yi12345 Date: Wed, 17 Jul 2013 12:20:51 +0300 Subject: [PATCH] update --- GameEngine/Chat.php | 2 +- GameEngine/Database/db_MYSQL.php | 1 + GameEngine/Database/db_MYSQLi.php | 1 + 3 files changed, 3 insertions(+), 1 deletion(-) diff --git a/GameEngine/Chat.php b/GameEngine/Chat.php index 67b0c0ab..b4e4ef5e 100644 --- a/GameEngine/Chat.php +++ b/GameEngine/Chat.php @@ -355,7 +355,7 @@ if (!isset($SAJAX_INCLUDED)) { //$data = explode("|",$data); if (is_array($data)){$msg = htmlspecialchars($data[1]);}else{$msg = htmlspecialchars($data);}; // $msg=htmlspecialchars($msg); - $name = $session->username; + $name = addslashes($session->username); $id_user = $session->uid; $alliance = $session->alliance; diff --git a/GameEngine/Database/db_MYSQL.php b/GameEngine/Database/db_MYSQL.php index 9422aa57..2a7cb0c2 100644 --- a/GameEngine/Database/db_MYSQL.php +++ b/GameEngine/Database/db_MYSQL.php @@ -24,6 +24,7 @@ class MYSQL_DB { if($stime > time()){ $time = $stime; } + $time = time(); $timep = $time + PROTECTION; $q = "INSERT INTO " . TB_PREFIX . "users (username,password,access,email,timestamp,tribe,act,protect,lastupdate,regtime) VALUES ('$username', '$password', " . USER . ", '$email', $time, $tribe, '$act', $timep, $time, $time)"; if(mysql_query($q, $this->connection)) { diff --git a/GameEngine/Database/db_MYSQLi.php b/GameEngine/Database/db_MYSQLi.php index cea3a429..66ae45d7 100644 --- a/GameEngine/Database/db_MYSQLi.php +++ b/GameEngine/Database/db_MYSQLi.php @@ -28,6 +28,7 @@ class MYSQLi_DB { $time = $stime; } $timep = $time + PROTECTION; + $time = time(); $q = "INSERT INTO " . TB_PREFIX . "users (username,password,access,email,timestamp,tribe,act,protect,lastupdate,regtime) VALUES ('$username', '$password', " . USER . ", '$email', $time, $tribe, '$act', $timep, $time, $time)"; if(mysql_query($this->connection, $q)) { return mysql_insert_id($this->connection);