xinyin025/TravianZ
1
0
Fork 0
mirror of https://github.com/Shadowss/TravianZ.git synced 2026-06-28 00:24:23 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: any alliance owner can edit any alliance forum data

Browse Source 
#410
This commit is contained in:
Martin Ambrus
2017-12-26 17:01:21 +01:00
parent bdb705c69b
commit 1f1b876651
4 changed files with 9 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files
Templates/Alliance/Forum/forum_2.tpl
+4 -4
View File
@@ -52,7 +52,7 @@ foreach($forumcat as $arr) {
}
}
echo '<tr><td class="ico">';
if($database->CheckEditRes($aid)=="1" && ($database->isAllianceOwner($session->uid) == $session->alliance || $arr['owner'] == $session->uid)){
if($database->CheckEditRes($aid)=="1" && ($database->isAllianceOwner($session->uid) == $arr['id'] || $arr['owner'] == $session->uid)){
echo '<a class="up_arr" href="allianz.php?s=2&fid='.$arr['id'].'&bid=0&admin=pos&res=-1" title="To top">
<img src="img/x.gif" alt="To top" /></a><a class="edit" href="allianz.php?s=2&idf='.$arr['id'].'&admin=editforum" title="edit">
<img src="img/x.gif" alt="edit" /></a><br />
@@ -113,7 +113,7 @@ foreach($forumcat as $arr) {
}
}
echo '<tr><td class="ico">';
if($database->CheckEditRes($aid)=="1" && ($database->isAllianceOwner($session->uid) == $session->alliance || $arr['owner'] == $session->uid)){
if($database->CheckEditRes($aid)=="1" && ($database->isAllianceOwner($session->uid) == $arr['id'] || $arr['owner'] == $session->uid)){
echo '<a class="up_arr" href="allianz.php?s=2&fid='.$arr['id'].'&bid=0&admin=pos&res=-1" title="To top"><img src="img/x.gif" alt="To top" /></a><a class="edit" href="allianz.php?s=2&idf='.$arr['id'].'&admin=editforum" title="edit"><img src="img/x.gif" alt="edit" /></a><br /><a class="down_arr" href="allianz.php?s=2&fid='.$arr['id'].'&bid=0&admin=pos&res=1" title="To bottom"><img src="img/x.gif" alt="To bottom" /></a><a class="fdel" href="allianz.php?s=2&idf='.$arr['id'].'&admin=delforum" onClick="return confirm(\'confirm delete?\');" title="delete"><img src="img/x.gif" alt="delete" /></a>';
}else{
echo '<img class="folder" src="img/x.gif" title="Thread without new posts" alt="Thread without new posts">';
@@ -168,7 +168,7 @@ foreach($forumcat as $arr) {
}
}
echo '<tr><td class="ico">';
if($database->CheckEditRes($aid)=="1" && ($database->isAllianceOwner($session->uid) == $session->alliance || $arr['owner'] == $session->uid)){
if($database->CheckEditRes($aid)=="1" && ($database->isAllianceOwner($session->uid) == $arr['id'] || $arr['owner'] == $session->uid)){
echo '<a class="up_arr" href="allianz.php?s=2&fid='.$arr['id'].'&bid=0&admin=pos&res=-1" title="To top"><img src="img/x.gif" alt="To top" /></a><a class="edit" href="allianz.php?s=2&idf='.$arr['id'].'&admin=editforum" title="edit"><img src="img/x.gif" alt="edit" /></a><br /><a class="down_arr" href="allianz.php?s=2&fid='.$arr['id'].'&bid=0&admin=pos&res=1" title="To bottom"><img src="img/x.gif" alt="To bottom" /></a><a class="fdel" href="allianz.php?s=2&idf='.$arr['id'].'&admin=delforum" onClick="return confirm(\'confirm delete?\');" title="delete"><img src="img/x.gif" alt="delete" /></a>';
}else{
echo '<img class="folder" src="img/x.gif" title="Thread without new posts" alt="Thread without new posts">';
@@ -223,7 +223,7 @@ if($closed1 != 0){
}
}
echo '<tr><td class="ico">';
if($database->CheckEditRes($aid)=="1" && ($database->isAllianceOwner($session->uid) == $session->alliance || $arr['owner'] == $session->uid)){
if($database->CheckEditRes($aid)=="1" && ($database->isAllianceOwner($session->uid) == $arr['id'] || $arr['owner'] == $session->uid)){
echo '<a class="up_arr" href="allianz.php?s=2&fid='.$arr['id'].'&bid=0&admin=pos&res=-1" title="To top"><img src="img/x.gif" alt="To top" /></a><a class="edit" href="allianz.php?s=2&idf='.$arr['id'].'&admin=editforum" title="edit"><img src="img/x.gif" alt="edit" /></a><br /><a class="down_arr" href="allianz.php?s=2&fid='.$arr['id'].'&bid=0&admin=pos&res=1" title="To bottom"><img src="img/x.gif" alt="To bottom" /></a><a class="fdel" href="allianz.php?s=2&idf='.$arr['id'].'&admin=delforum" onClick="return confirm(\'confirm delete?\');" title="delete"><img src="img/x.gif" alt="delete" /></a>';
}else{
echo '<img class="folder" src="img/x.gif" title="Thread without new posts" alt="Thread without new posts">';
Templates/Alliance/Forum/forum_4.tpl
+2 -2
View File
@@ -38,7 +38,7 @@ if($ChckTopic){
}
echo '<tr><td class="ico">';
if($database->CheckEditRes($aid)=="1" && ($database->isAllianceOwner($session->uid) == $session->alliance || $arrs['owner'] == $session->uid)){
if($database->CheckEditRes($aid)=="1" && ($database->isAllianceOwner($session->uid) == $arrs['id'] || $arrs['owner'] == $session->uid)){
if($database->CheckCloseTopic($arrs['id']) == 1){
$locks = '<a class="unlock" href="?s=2&fid='.$_GET['fid'].'&idt='.$arrs['id'].'&admin=unlock" title="open topic"><img src="img/x.gif" alt="open topic" /></a>';
}else{
@@ -72,7 +72,7 @@ if($ChckTopic){
}
echo '<tr><td class="ico">';
if($database->CheckEditRes($aid)=="1" && ($database->isAllianceOwner($session->uid) == $session->alliance || $arr['owner'] == $session->uid)){
if($database->CheckEditRes($aid)=="1" && ($database->isAllianceOwner($session->uid) == $arr['id'] || $arr['owner'] == $session->uid)){
if($database->CheckCloseTopic($arr['id']) == 1){
$lock = '<a class="unlock" href="?s=2&fid='.$_GET['fid'].'&idt='.$arr['id'].'&admin=unlock" title="open topic"><img src="img/x.gif" alt="open topic" /></a>';
}else{
Templates/Alliance/Forum/forum_6.tpl
+2 -2
View File
@@ -61,7 +61,7 @@ $bbcode_topic = stripslashes(nl2br($bbcoded));
</td>
<td class="pcontent"><div class="posted">created: <?php echo $date; ?></div>
<?php
if($database->CheckEditRes($aid)=="1" && ($database->isAllianceOwner($session->uid) == $session->alliance || $arr['owner'] == $session->uid)){
if($database->CheckEditRes($aid)=="1" && ($database->isAllianceOwner($session->uid) == $arr['id'] || $arr['owner'] == $session->uid)){
echo '<div class="admin"><a class="edit" href="allianz.php?s=2&pid='.$arr['alliance'].'&fid2='.$_GET['fid2'].'&idf='.$arr['cat'].'&idt='.$arr['id'].'&admin=editans"><img src="img/x.gif" title="edit" alt="edit" /></a><a class="fdel" href="?s=2&pid='.$arr['alliance'].'&tid='.$arr['id'].'&admin=deltopic" onClick="return confirm(\'confirm delete?\');"><img src="img/x.gif" title="delete" alt="delete" /></a></div><br />';
}
?>
@@ -154,7 +154,7 @@ echo '<tr><td class="pinfo"><a class="name" href="spieler.php?uid='.$po['owner']
'.$trip.'
</td>
<td class="pcontent"><div class="posted">created: '.$date.'</div>';
if($database->CheckEditRes($aid)=="1" && ($database->isAllianceOwner($session->uid) == $session->alliance || $po['owner'] == $session->uid)){
if($database->CheckEditRes($aid)=="1" && ($database->isAllianceOwner($session->uid) == $po['id'] || $po['owner'] == $session->uid)){
echo '<div class="admin"><a class="edit" href="allianz.php?s=2&pid='.$arr['alliance'].'&fid2='.$_GET['fid2'].'&idt='.$_GET['tid'].'&pod='.$po['id'].'&admin=editpost"><img src="img/x.gif" title="edit" alt="edit" /></a><a class="fdel" href="?s=2&pid='.$arr['alliance'].'&pod='.$po['id'].'&tid='.$_GET['tid'].'&admin=delpost" onClick="return confirm(\'confirm delete?\');"><img src="img/x.gif" title="delete" alt="delete" /></a></div><br />';
}
echo '<div class="clear dotted"></div><div class="text">'.$bbcode_post.'</div></td>
Templates/Alliance/forum.tpl
+1 -1
View File
@@ -372,7 +372,7 @@ if($opt['opt5'] == 1){
if($database->CheckResultEdit($aid) != 1){
$database->CreatResultEdit($aid,1);
}else{
if($database->CheckEditRes($aid) == 1 && $database->isAllianceOwner($session->uid) == $session->alliance){
if($database->CheckEditRes($aid) == 1){
$database->UpdateResultEdit($aid,'');
}else{
$database->UpdateResultEdit($aid,1);