diff --git a/GameEngine/Alliance.php b/GameEngine/Alliance.php
index c25dd21b..868170c5 100644
--- a/GameEngine/Alliance.php
+++ b/GameEngine/Alliance.php
@@ -107,43 +107,30 @@
*****************************************/
public function sendInvite($post) {
global $form, $database, $session;
- // ¿El campo posee informacion?
- if(!isset($post['a_name']) || $post['a_name'] == "") {
- $form->addError("name1", NAME_EMPTY);
- }
- // ¿Existe el usuario?
- if(!$database->checkExist($post['a_name'], 0)) {
- $form->addError("name2", NAME_NO_EXIST);
- }
- // ¿La invitacion es a si mismo?
- if($post['a_name'] == ($session->username)) {
- $form->addError("name3", SAME_NAME);
- }
- // ¿Esta ya invitado a la alianza?
+ if($session->access != BANNED){
$UserData = $database->getUserArray($post['a_name'], 0);
- if($database->getInvitation($UserData['id'])) {
- $form->addError("name4", OLRADY_INVITED);
- }
- // ¿Esta ya en la alianza?
- $UserData = $database->getUserArray($post['a_name'], 0);
- if($UserData['alliance'] == $session->alliance) {
- $form->addError("name5", OLRADY_IN_ALLY);
- }
- // ¿La invitación la envia un autorizado?
if($this->userPermArray['opt4'] == 0) {
$form->addError("perm", NO_PERMISSION);
- }
- if($form->returnErrors() != 0) {
- $_SESSION['errorarray'] = $form->getErrors();
- $_SESSION['valuearray'] = $post;
- print_r($form->getErrors());
- } else {
+ }elseif(!isset($post['a_name']) || $post['a_name'] == "") {
+ $form->addError("name1", NAME_EMPTY);
+ }elseif(!$database->checkExist($post['a_name'], 0)) {
+ $form->addError("name2", NAME_NO_EXIST.$post['a_name']);
+ }elseif($post['a_name'] == (addslashes($session->username))) {
+ $form->addError("name3", SAME_NAME);
+ }elseif($database->getInvitation2($UserData['id'],$session->alliance)) {
+ $form->addError("name4", $post['a_name'].ALREADY_INVITED);
+ }elseif($UserData['alliance'] == $session->alliance) {
+ $form->addError("name5", $post['a_name'].ALREADY_IN_ALLY);
+ }else{
// Obtenemos la informacion necesaria
$aid = $session->alliance;
// Insertamos invitacion
$database->sendInvitation($UserData['id'], $aid, $session->uid);
// Log the notice
- $database->insertAlliNotice($session->alliance, '' . $session->username . ' has invited ' . $UserData['username'] . ' into the alliance.');
+ $database->insertAlliNotice($session->alliance, '' . addslashes($session->username) . ' has invited ' . $UserData['username'] . ' into the alliance.');
+ }
+ }else{
+ header("Location: banned.php");
}
}
@@ -152,13 +139,17 @@
*****************************************/
private function rejectInvite($get) {
global $database, $session;
+ if($session->access != BANNED){
foreach($this->inviteArray as $invite) {
if($invite['id'] == $get['d']) {
$database->removeInvitation($get['d']);
- $database->insertAlliNotice($invite['alliance'], '' . $session->username . ' has rejected the invitation.');
+ $database->insertAlliNotice($invite['alliance'], '' . addslashes($session->username) . ' has rejected the invitation.');
}
}
header("Location: build.php?id=".$get['id']);
+ }else{
+ header("Location: banned.php");
+ }
}
/*****************************************
@@ -166,14 +157,19 @@
*****************************************/
private function delInvite($get) {
global $database, $session;
+ if($session->access != BANNED){
$inviteArray = $database->getAliInvitations($session->alliance);
foreach($inviteArray as $invite) {
if($invite['id'] == $get['d']) {
$invitename = $database->getUserArray($invite['uid'], 1);
$database->removeInvitation($get['d']);
- $database->insertAlliNotice($session->alliance, '' . $session->username . ' has deleted the invitation for ' . $invitename['username'] . ' .');
+ $database->insertAlliNotice($session->alliance, '' . addslashes($session->username) . ' has deleted the invitation for ' . $invitename['username'] . ' .');
}
}
+ header("Location: allianz.php?delinvite");
+ }else{
+ header("Location: banned.php");
+ }
}
/*****************************************
@@ -181,8 +177,10 @@
*****************************************/
private function acceptInvite($get) {
global $form, $database, $session;
+ if($session->access != BANNED){
foreach($this->inviteArray as $invite) {
- if($invite['id'] == $get['d']) {
+ if($session->alliance == 0){
+ if($invite['id'] == $get['d'] && $invite['uid'] == $session->uid) {
$memberlist = $database->getAllMember($invite['alliance']);
$alliance_info = $database->getAlliance($invite['alliance']);
if(count($memberlist) < $alliance_info['max']){
@@ -190,18 +188,22 @@
$database->updateUserField($database->RemoveXSS($invite['uid']), "alliance", $database->RemoveXSS($invite['alliance']), 1);
$database->createAlliPermissions($database->RemoveXSS($invite['uid']), $database->RemoveXSS($invite['alliance']), '', '0', '0', '0', '0', '0', '0', '0', '0');
// Log the notice
- $database->insertAlliNotice($invite['alliance'], '' . $session->username . ' has joined the alliance.');
+ $database->insertAlliNotice($invite['alliance'], '' . addslashes($session->username) . ' has joined the alliance.');
}else{
$accept_error = 1;
$max = $alliance_info['max'];
}
}
}
+ }
if($accept_error == 1){
$form->addError("ally_accept", "The alliance can contain only ".$max." peoples right now.");
}else{
header("Location: build.php?id=" . $get['id']);
}
+ }else{
+ header("Location: banned.php");
+ }
}
/*****************************************
@@ -209,6 +211,7 @@
*****************************************/
private function createAlliance($post) {
global $form, $database, $session, $bid18, $village;
+ if($session->access != BANNED){
if(!isset($post['ally1']) || $post['ally1'] == "") {
$form->addError("ally1", ATAG_EMPTY);
}
@@ -233,9 +236,12 @@
// Asign Permissions
$database->createAlliPermissions($database->RemoveXSS($session->uid), $database->RemoveXSS($aid), 'Alliance founder', '1', '1', '1', '1', '1', '1', '1', '1');
// log the notice
- $database->insertAlliNotice($aid, 'The alliance has been founded by ' . $session->username . ' .');
+ $database->insertAlliNotice($aid, 'The alliance has been founded by ' . addslashes($session->username) . ' .');
header("Location: build.php?id=" . $post['id']);
}
+ }else{
+ header("Location: banned.php");
+ }
}
/*****************************************
@@ -243,7 +249,7 @@
*****************************************/
private function changeAliName($get) {
global $form, $database, $session;
-
+ if($session->access != BANNED){
if(!isset($get['ally1']) || $get['ally1'] == "") {
$form->addError("ally1", ATAG_EMPTY);
}
@@ -266,7 +272,10 @@
} else {
$database->setAlliName($database->RemoveXSS($session->alliance), $database->RemoveXSS($get['ally2']), $database->RemoveXSS($get['ally1']));
// log the notice
- $database->insertAlliNotice($session->alliance, '' . $session->username . ' has changed the alliance name.');
+ $database->insertAlliNotice($session->alliance, '' . addslashes($session->username) . ' has changed the alliance name.');
+ }
+ }else{
+ header("Location: banned.php");
}
}
@@ -275,6 +284,7 @@
*****************************************/
private function updateAlliProfile($post) {
global $database, $session, $form;
+ if($session->access != BANNED){
if($this->userPermArray['opt3'] == 0) {
$form->addError("perm", NO_PERMISSION);
}
@@ -285,7 +295,10 @@
} else {
$database->submitAlliProfile($database->RemoveXSS($session->alliance), $database->RemoveXSS($post['be2']), $database->RemoveXSS($post['be1']));
// log the notice
- $database->insertAlliNotice($session->alliance, '' . $session->username . ' has changed the alliance description.');
+ $database->insertAlliNotice($session->alliance, '' . addslashes($session->username) . ' has changed the alliance description.');
+ }
+ }else{
+ header("Location: banned.php");
}
}
@@ -294,6 +307,7 @@
*****************************************/
private function changeUserPermissions($post) {
global $database, $session, $form;
+ if($session->access != BANNED){
if($this->userPermArray['opt1'] == 0) {
$form->addError("perm", NO_PERMISSION);
}
@@ -304,30 +318,30 @@
} else {
$database->updateAlliPermissions($post['a_user'], $session->alliance, $post['a_titel'], $post['e1'], $post['e2'], $post['e3'], $post['e4'], $post['e5'], $post['e6'], $post['e7']);
// log the notice
- $database->insertAlliNotice($session->alliance, '' . $session->username . ' has changed permissions.');
+ $database->insertAlliNotice($session->alliance, '' . addslashes($session->username) . ' has changed permissions.');
+ }
+ }else{
+ header("Location: banned.php");
}
-
}
/*****************************************
Function to kick a user from alliance
*****************************************/
private function kickAlliUser($post) {
global $database, $session, $form;
-
+ if($session->access != BANNED){
+ $UserData = $database->getUserArray($post['a_user'], 0);
if($this->userPermArray['opt2'] == 0) {
$form->addError("perm", NO_PERMISSION);
- }
- if($form->returnErrors() != 0) {
- $_SESSION['errorarray'] = $form->getErrors();
- $_SESSION['valuearray'] = $post;
- //header("Location: build.php?id=".$post['id']);
- } else {
+ } else if($UserData['id'] != $session->uid){
$database->updateUserField($post['a_user'], 'alliance', 0, 1);
$database->deleteAlliPermissions($post['a_user']);
$database->deleteAlliance($session->alliance);
// log the notice
- $database->insertAlliNotice($session->alliance, '' . $session->username . ' kicked ' . $UserData['username'] . ' .');
- //header("Location: build.php?id=".$post['id']);
+ $database->insertAlliNotice($session->alliance, '' . $post['a_user'] . ' has quit the alliance.');
+ }
+ }else{
+ header("Location: banned.php");
}
}
/*****************************************
@@ -335,9 +349,13 @@
*****************************************/
public function setForumLink($post) {
global $database, $session;
+ if($session->access != BANNED){
if(isset($post['f_link'])){
$database->setAlliForumLink($session->alliance, $post['f_link']);
header("Location: allianz.php?s=5");
+ }else{
+ header("Location: banned.php");
+ }
}
}
/*****************************************
@@ -345,6 +363,7 @@
*****************************************/
private function quitally($post) {
global $database, $session, $form;
+ if($session->access != BANNED){
if(!isset($post['pw']) || $post['pw'] == "") {
$form->addError("pw1", PW_EMPTY);
} elseif(md5($post['pw']) !== $session->userinfo['password']) {
@@ -354,14 +373,17 @@
$database->deleteAlliPermissions($session->uid);
// log the notice
$database->deleteAlliance($session->alliance);
- $database->insertAlliNotice($session->alliance, '' . $session->username . ' has quit the alliance.');
+ $database->insertAlliNotice($session->alliance, '' . addslashes($session->username) . ' has quit the alliance.');
header("Location: spieler.php?uid=".$session->uid);
}
+ }else{
+ header("Location: banned.php");
+ }
}
private function changediplomacy($post) {
global $database, $session, $form;
-
+ if($session->access != BANNED){
$aName = $database->RemoveXSS($_POST['a_name']);
$aType = (int)intval($_POST['dipl']);
if($database->aExist($aName, "tag")) {
@@ -391,6 +413,9 @@
} else {
$form->addError("name", "Alliance does not exist");
}
+ }else{
+ header("Location: banned.php");
+ }
}
}
diff --git a/GameEngine/Database/db_MYSQL.php b/GameEngine/Database/db_MYSQL.php
index b53568a3..9b34762d 100644
--- a/GameEngine/Database/db_MYSQL.php
+++ b/GameEngine/Database/db_MYSQL.php
@@ -1462,6 +1462,12 @@ class MYSQL_DB {
$result = mysql_query($q, $this->connection);
return $this->mysql_fetch_all($result);
}
+
+ function getInvitation2($uid, $aid) {
+ $q = "SELECT * FROM " . TB_PREFIX . "ali_invite where uid = $uid and alliance = $aid";
+ $result = mysql_query($q, $this->connection);
+ return $this->mysql_fetch_all($result);
+ }
function getAliInvitations($aid) {
$q = "SELECT * FROM " . TB_PREFIX . "ali_invite where alliance = $aid && accept = 0";
diff --git a/GameEngine/Lang/en.php b/GameEngine/Lang/en.php
index 6859e203..21b49693 100644
--- a/GameEngine/Lang/en.php
+++ b/GameEngine/Lang/en.php
@@ -69,6 +69,11 @@ define("ATAG_EXIST","Tag taken");
define("ANAME_EXIST","Name taken");
define("NOT_OPENED_YET","Server not started yet.");
define("REGISTER_CLOSED","The register is closed. You can't register to this server.");
+define("NAME_EMPTY","Please insert name");
+define("NAME_NO_EXIST","There is no user with the name ");
+define("SAME_NAME","You can't invite yourself");
+define("ALREADY_INVITED"," already invited");
+define("ALREADY_IN_ALLY"," already in this alliance");
//COPYRIGHT
define("TRAVIAN_COPYRIGHT","TravianZ 100% Open Source Travian Clone.");
diff --git a/Templates/Alliance/allidesc.tpl b/Templates/Alliance/allidesc.tpl
index 30a59773..f60732e0 100644
--- a/Templates/Alliance/allidesc.tpl
+++ b/Templates/Alliance/allidesc.tpl
@@ -15,8 +15,7 @@ foreach($memberlist as $member) {
}
echo "".$allianceinfo['tag']." - ".$allianceinfo['name']." ";
-include("alli_menu.tpl");
-if($session->access!=BANNED){
+include("alli_menu.tpl");
?>
-
-
\ No newline at end of file
+
\ No newline at end of file
diff --git a/Templates/Alliance/changename.tpl b/Templates/Alliance/changename.tpl
index d7dd4e30..337b2520 100644
--- a/Templates/Alliance/changename.tpl
+++ b/Templates/Alliance/changename.tpl
@@ -8,7 +8,6 @@ $aid = $session->alliance;
$allianceinfo = $database->getAlliance($aid);
echo "".$allianceinfo['tag']." - ".$allianceinfo['name']." ";
include("alli_menu.tpl");
-if($session->access!=BANNED){
?>
-
\ No newline at end of file
+
\ No newline at end of file
diff --git a/Templates/Alliance/invite.tpl b/Templates/Alliance/invite.tpl
index 44eff4f7..3d71d5fd 100644
--- a/Templates/Alliance/invite.tpl
+++ b/Templates/Alliance/invite.tpl
@@ -9,7 +9,6 @@ $allianceinfo = $database->getAlliance($aid);
$allianceInvitations = $database->getAliInvitations($aid);
echo "".$allianceinfo['tag']." - ".$allianceinfo['name']." ";
include("alli_menu.tpl");
-if($session->access!=BANNED){
?>
-
+
getError("name1"); ?>
@@ -53,9 +52,4 @@ if (count($allianceInvitations) == 0) {
}
?>
-
-
\ No newline at end of file
+
\ No newline at end of file
diff --git a/Templates/Alliance/kick.tpl b/Templates/Alliance/kick.tpl
index 0be73ee8..1bbf815b 100644
--- a/Templates/Alliance/kick.tpl
+++ b/Templates/Alliance/kick.tpl
@@ -9,7 +9,6 @@ $memberlist = $database->getAllMember($aid);
$allianceinfo = $database->getAlliance($aid);
echo "".$allianceinfo['tag']." - ".$allianceinfo['name']." ";
include("alli_menu.tpl");
-if($session->access!=BANNED){
?>
-
\ No newline at end of file
+
\ No newline at end of file
diff --git a/Templates/Alliance/option.tpl b/Templates/Alliance/option.tpl
index ad55f440..66afe7ed 100644
--- a/Templates/Alliance/option.tpl
+++ b/Templates/Alliance/option.tpl
@@ -82,4 +82,4 @@ if ($alliance->userPermArray['opt5']==1){
-
\ No newline at end of file
+
\ No newline at end of file
diff --git a/Templates/Alliance/quitalli.tpl b/Templates/Alliance/quitalli.tpl
index fe1842f8..8e0fe702 100644
--- a/Templates/Alliance/quitalli.tpl
+++ b/Templates/Alliance/quitalli.tpl
@@ -8,7 +8,6 @@ $aid = $session->alliance;
$allianceinfo = $database->getAlliance($aid);
echo "".$allianceinfo['tag']." - ".$allianceinfo['name']." ";
include("alli_menu.tpl");
-if($session->access!=BANNED){
?>
-
-
\ No newline at end of file
+
\ No newline at end of file
diff --git a/Templates/Build/18.tpl b/Templates/Build/18.tpl
index 27a51288..cc407552 100644
--- a/Templates/Build/18.tpl
+++ b/Templates/Build/18.tpl
@@ -46,15 +46,9 @@ echo "
gotInvite) {
foreach($alliance->inviteArray as $invite) {
- if($session->access!=BANNED){
echo " ".$database->getAllianceName($invite['alliance'])." accept ".$database->getAllianceName($invite['alliance'])." accept accept ";
}
}
else {
diff --git a/Templates/text.tpl b/Templates/text.tpl
index cd277cec..93b4abb4 100644
--- a/Templates/text.tpl
+++ b/Templates/text.tpl
@@ -2,7 +2,7 @@
#################################################################################
## -= YOU MAY NOT REMOVE OR CHANGE THIS NOTICE =- ##
## --------------------------------------------------------------------------- ##
-## Filename text.tpl ##
+## Filename text_format.tpl ##
## Developed by: Dixie ##
## License: TravianX Project ##
## Copyright: TravianX (c) 2010-2011. All rights reserved. ##
@@ -10,7 +10,7 @@
#################################################################################
-$txt="ssss";
+$txt="1";
//bbcode = html code
$txt = preg_replace("/\[b\]/is",'', $txt);
diff --git a/allianz.php b/allianz.php
index 65885fb8..71176502 100644
--- a/allianz.php
+++ b/allianz.php
@@ -164,7 +164,7 @@ if($_GET['aid'] or $_GET['fid'] or $_GET['fid2'] or $session->alliance!=0){
?>
getAlliancePermission($session->uid, "opt4", 0);
include ("Templates/menu.tpl");
if(isset($_GET['s']) && $_GET['s'] == 2) {
@@ -199,7 +199,9 @@ if($_GET['aid'] or $_GET['fid'] or $_GET['fid2'] or $session->alliance!=0){
// Options
}else{
header("Location: ".$_SERVER['PHP_SELF']);
- }} elseif(isset($_POST['o'])) {
+ }}else if(isset($_GET['delinvite']) && $invite_permission == 1){
+ include ("Templates/Alliance/invite.tpl");
+ } elseif(isset($_POST['o'])) {
switch($_POST['o']) {
case 1:
if(isset($_POST['s']) == 5 && isset($_POST['a_user'])) {
@@ -285,10 +287,9 @@ if($_GET['aid'] or $_GET['fid'] or $_GET['fid2'] or $session->alliance!=0){
$database->diplomacyCancelExistingRelationship($_POST['id'], $_POST['alli2']);
include ("Templates/Alliance/chgdiplo.tpl");
}
- } else {
-
+ } else {
include ("Templates/Alliance/overview.tpl");
- }
+ }
?>
![\"refuse\"](\"img/x.gif\" "\\"refuse\\"")