mirror of
https://github.com/Shadowss/TravianZ.git
synced 2026-07-11 07:06:06 +00:00
fix: security patching due to mysql injection vulnerabilities everywhere
This commit is contained in:
@@ -139,7 +139,7 @@ class Account {
|
||||
if(START_DATE < date('m/d/Y') or START_DATE == date('m/d/Y') && START_TIME <= date('H:i'))
|
||||
{
|
||||
global $database;
|
||||
$q = "SELECT * FROM ".TB_PREFIX."activate where act = '".$_POST['id']."'";
|
||||
$q = "SELECT * FROM ".TB_PREFIX."activate where act = '".$database->escape($_POST['id'])."'";
|
||||
$result = mysqli_query($GLOBALS['link'],$q);
|
||||
$dbarray = mysqli_fetch_array($result);
|
||||
if($dbarray['act'] == $_POST['id']) {
|
||||
@@ -164,7 +164,7 @@ class Account {
|
||||
|
||||
private function Unreg() {
|
||||
global $database;
|
||||
$q = "SELECT * FROM ".TB_PREFIX."activate where id = '".$_POST['id']."'";
|
||||
$q = "SELECT * FROM ".TB_PREFIX."activate where id = '".$database->escape($_POST['id'])."'";
|
||||
$result = mysqli_query($GLOBALS['link'],$q);
|
||||
$dbarray = mysqli_fetch_array($result);
|
||||
if(md5($_POST['pw']) == $dbarray['password']) {
|
||||
|
||||
@@ -354,6 +354,7 @@ if (!isset($SAJAX_INCLUDED)) {
|
||||
|
||||
//$data = explode("|",$data);
|
||||
if (is_array($data)){$msg = htmlspecialchars($data[1]);}else{$msg = htmlspecialchars($data);};
|
||||
$msg = $database->escape($msg);
|
||||
// $msg=htmlspecialchars($msg);
|
||||
$name = addslashes($session->username);
|
||||
|
||||
|
||||
+677
-3
File diff suppressed because it is too large
Load Diff
@@ -208,6 +208,7 @@ class Message {
|
||||
|
||||
private function removeMessage($post) {
|
||||
global $database,$session;
|
||||
$post = $database->escape($post);
|
||||
for($i = 1; $i <= 10; $i++) {
|
||||
if(isset($post['n' . $i])) {
|
||||
$message1 = mysqli_query($GLOBALS['link'],"SELECT * FROM " . TB_PREFIX . "mdata where id = ".$post['n' . $i]."");
|
||||
|
||||
@@ -292,7 +292,8 @@
|
||||
}
|
||||
|
||||
public function procRankRaceArray($race) {
|
||||
global $multisort;
|
||||
global $multisort,$database;
|
||||
$race = $database->escape($race);
|
||||
//$array = $GLOBALS['db']->getRanking();
|
||||
$holder = array();
|
||||
//$value['totalvillage'] = count($GLOBALS['db']->getVillagesID($value['id']));
|
||||
|
||||
@@ -84,7 +84,7 @@ class Session {
|
||||
global $database, $generator, $logging;
|
||||
$this->logged_in = true;
|
||||
$_SESSION['sessid'] = $generator->generateRandID();
|
||||
$_SESSION['username'] = $user;
|
||||
$_SESSION['username'] = $database->escape($user);
|
||||
$_SESSION['checker'] = $generator->generateRandStr(3);
|
||||
$_SESSION['mchecker'] = $generator->generateRandStr(5);
|
||||
$_SESSION['qst'] = $database->getUserField($_SESSION['username'], "quest", 1);
|
||||
|
||||
Reference in New Issue
Block a user