From 0df3fc59ee3abe65137ca1463d1bd16685c5a598 Mon Sep 17 00:00:00 2001
From: Shadowss <cata7007@gmail.com>
Date: Sun, 29 Sep 2013 17:24:03 +0300
Subject: [PATCH] Vulnerability closed , now you cannot send more then 5
 message / minute at same user

---
 GameEngine/Message.php | 25 +++++++++++++++++++++++--
 1 file changed, 23 insertions(+), 2 deletions(-)

diff --git a/GameEngine/Message.php b/GameEngine/Message.php
index 39f96cc3..503c00c5 100644
--- a/GameEngine/Message.php
+++ b/GameEngine/Message.php
@@ -317,10 +317,20 @@ class Message {
 
 	private function sendAMessage($topic,$text) {
 		global $session,$database;
+		
+		// Vulnerability closed by Shadow
+
+		$q = "SELECT * FROM ".TB_PREFIX."mdata WHERE owner='".$session->uid."' AND time > ".time()." - 60";
+		$res = mysql_query($q) or die(mysql_error(). " query  ".$q);
+		$flood = mysql_num_rows($res);
+		if($flood > 5)
+		return; //flood
+
+		// Vulnerability closed by Shadow
+			
 		$allmembersQ = mysql_query("SELECT id FROM ".TB_PREFIX."users WHERE alliance='".$session->alliance."'");
 		$userally = $database->getUserField($session->uid,"alliance",0);
 		$permission=mysql_fetch_array(mysql_query("SELECT opt7 FROM ".TB_PREFIX."ali_permission WHERE uid='".$session->uid."'"));
-
 		if(WORD_CENSOR) {
 		$topic = $this->wordCensor($topic);
 		$text = $this->wordCensor($text);
@@ -396,6 +406,17 @@ class Message {
 	private function sendMessage($recieve, $topic, $text) {
 		global $session, $database;
 		$user = $database->getUserField($recieve, "id", 1);
+
+		// Vulnerability closed by Shadow
+
+		$q = "SELECT * FROM ".TB_PREFIX."mdata WHERE owner='".$session->uid."' AND time > ".time()." - 60";
+		$res = mysql_query($q) or die(mysql_error(). " query  ".$q);
+		$flood = mysql_num_rows($res);
+		if($flood > 5)
+		return; //flood
+
+		// Vulnerability closed by Shadow
+
 		if(WORD_CENSOR) {
 			$topic = $this->wordCensor($topic);
 			$text = $this->wordCensor($text);
@@ -478,7 +499,7 @@ class Message {
 		$welcomemsg = preg_replace("'%ALLI%'", $database->countAlli(), $welcomemsg);
 		$welcomemsg = preg_replace("'%SERVER_NAME%'", SERVER_NAME, $welcomemsg);
 		$welcomemsg = "[message]".$welcomemsg."[/message]";
-		return $database->sendMessage($uid, 5, WEL_TOPIC, addslashes($welcomemsg), 0, 0, 0, 0, 0);
+		return $database->sendMessage($uid, 1, WEL_TOPIC, addslashes($welcomemsg), 0, 0, 0, 0, 0);
 	}
 
 	private function wordCensor($text) {