diff --git a/Admin/database.php b/Admin/database.php
index 605a4139..2c9e9032 100644
--- a/Admin/database.php
+++ b/Admin/database.php
@@ -55,6 +55,7 @@ class adm_DB {
for ($i = 0; $i <= count($villages)-1; $i++) {
$vid = $villages[$i]['wref'];
$this->recountPop($vid);
+ $this->recountCP($vid);
}
}
@@ -83,6 +84,33 @@ class adm_DB {
}
return $popT;
}
+
+ function buildingCP($f,$lvl){
+ $name = "bid".$f;
+ global $$name;
+ $popT = 0;
+ $dataarray = $$name;
+
+ for ($i = 0; $i <= $lvl; $i++) {
+ $popT += $dataarray[$i]['cp'];
+ }
+ return $popT;
+ }
+
+ function recountCP($vid){
+ global $database;
+ $fdata = $database->getResourceLevel($vid);
+ $popTot = 0;
+ for ($i = 1; $i <= 40; $i++) {
+ $lvl = $fdata["f".$i];
+ $building = $fdata["f".$i."t"];
+ if($building){
+ $popTot += $this->buildingCP($building,$lvl);
+ }
+ }
+ $q = "UPDATE ".TB_PREFIX."vdata set cp = $popTot where wref = $vid";
+ mysql_query($q, $this->connection);
+ }
function getWref($x,$y) {
$q = "SELECT id FROM ".TB_PREFIX."wdata where x = $x and y = $y";
@@ -359,7 +387,7 @@ class adm_DB {
function DelBan($uid,$id){
global $database;
- $name = $database->getUserField($uid,"username",0);
+ $name = addslashes($database->getUserField($uid,"username",0));
mysql_query("Insert into ".TB_PREFIX."admin_log values (0,".$_SESSION['id'].",'Unbanned user $name',".time().")");
$q = "UPDATE ".TB_PREFIX."users SET `access` = '".USER."' WHERE `id` = $uid;";
mysql_query($q, $this->connection);
@@ -369,13 +397,13 @@ class adm_DB {
function AddBan($uid,$end,$reason){
global $database;
- $name = $database->getUserField($uid,"username",0);
+ $name = addslashes($database->getUserField($uid,"username",0));
mysql_query("Insert into ".TB_PREFIX."admin_log values (0,".$_SESSION['id'].",'Banned user $name',".time().")");
$q = "UPDATE ".TB_PREFIX."users SET `access` = '0' WHERE `id` = $uid;";
mysql_query($q, $this->connection);
$time = time();
$admin = $_SESSION['id']; //$database->getUserField($_SESSION['username'],'id',1);
- $name = $database->getUserField($uid,'username',0);
+ $name = addslashes($database->getUserField($uid,'username',0));
$q = "INSERT INTO ".TB_PREFIX."banlist (`uid`, `name`, `reason`, `time`, `end`, `admin`, `active`) VALUES ($uid, '$name' , '$reason', '$time', '$end', '$admin', '1');";
mysql_query($q, $this->connection);
}