Trying to fix this monstrosity #2

This commit is contained in:
evader1337
2016-09-13 18:54:25 +02:00
parent 2cf2f3c343
commit 2d26af7c46
69 changed files with 4516 additions and 4583 deletions
+4 -4
View File
@@ -140,7 +140,7 @@ class Account {
{
global $database;
$q = "SELECT * FROM ".TB_PREFIX."activate where act = '".$_POST['id']."'";
$result = mysqli_query($q, $database->connection);
$result = mysqli_query($GLOBALS['link'],$q);
$dbarray = mysqli_fetch_array($result);
if($dbarray['act'] == $_POST['id']) {
$uid = $database->register($dbarray['username'],$dbarray['password'],$dbarray['email'],$dbarray['tribe'],"");
@@ -165,7 +165,7 @@ class Account {
private function Unreg() {
global $database;
$q = "SELECT * FROM ".TB_PREFIX."activate where id = '".$_POST['id']."'";
$result = mysqli_query($database->connection,$q);
$result = mysqli_query($GLOBALS['link'],$q);
$dbarray = mysqli_fetch_array($result);
if(md5($_POST['pw']) == $dbarray['password']) {
$database->unreg($dbarray['username']);
@@ -179,7 +179,7 @@ class Account {
private function Login() {
global $database,$session,$form;
$user = $_POST['user'];
$user = mysqli_real_escape_string($link, $user);
$user = mysqli_real_escape_string($GLOBALS['link'], $user);
if(!isset($_POST['user']) || $_POST['user'] == "") {
$form->addError("user",$user);
}
@@ -225,7 +225,7 @@ class Account {
global $session,$database;
unset($_SESSION['wid']);
$database->activeModify(addslashes($session->username),1);
$database->UpdateOnline("logout") or die(mysql_error());
$database->UpdateOnline("logout") or die(mysqli_error());
$session->Logout();
}
+2 -2
View File
@@ -454,8 +454,8 @@
private function updateMax($leader) {
global $bid18, $database;
$q = mysql_query("SELECT * FROM " . TB_PREFIX . "alidata where leader = $leader");
if(mysql_num_rows($q) > 0){
$q = mysqli_query($GLOBALS['link'],"SELECT * FROM " . TB_PREFIX . "alidata where leader = $leader");
if(mysqli_num_rows($q) > 0){
$villages = $database->getVillagesID2($leader);
$max = 0;
foreach($villages as $village){
+15 -15
View File
@@ -652,8 +652,8 @@ class Battle {
if (isset($units['Att_unit']['hero']) && $units['Att_unit']['hero'] >0){
$_result=mysql_query("select * from " . TB_PREFIX . "hero where `dead`='0' and `heroid`='".$atkhero['heroid']."'");
$fdb = mysql_fetch_array($_result);
$_result=mysqli_query($GLOBALS['link'],"select * from " . TB_PREFIX . "hero where `dead`='0' and `heroid`='".$atkhero['heroid']."'");
$fdb = mysqli_fetch_array($_result);
$hero_id=$fdb['heroid'];
$hero_health=$fdb['health'];
$damage_health=round(100*$result[1]);
@@ -661,10 +661,10 @@ class Battle {
if ($hero_health<=$damage_health or $damage_health>90){
//hero die
$result['casualties_attacker']['11'] = 1;
mysql_query("update " . TB_PREFIX . "hero set `dead`='1' where `heroid`='".$hero_id."'");
mysql_query("update " . TB_PREFIX . "hero set `health`='0' where `heroid`='".$hero_id."'");
mysqli_query($GLOBALS['link'],"update " . TB_PREFIX . "hero set `dead`='1' where `heroid`='".$hero_id."'");
mysqli_query($GLOBALS['link'],"update " . TB_PREFIX . "hero set `health`='0' where `heroid`='".$hero_id."'");
}else{
mysql_query("update " . TB_PREFIX . "hero set `health`=`health`-".$damage_health." where `heroid`='".$hero_id."'");
mysqli_query($GLOBALS['link'],"update " . TB_PREFIX . "hero set `health`=`health`-".$damage_health." where `heroid`='".$hero_id."'");
}
}
unset($_result,$fdb,$hero_id,$hero_health,$damage_health);
@@ -672,19 +672,19 @@ class Battle {
if (isset($units['Def_unit']['hero']) && $units['Def_unit']['hero'] >0){
$_result=mysql_query("select * from " . TB_PREFIX . "hero where `dead`='0' and `heroid`='".$defenderhero['heroid']."'");
$fdb = mysql_fetch_array($_result);
$_result=mysqli_query($GLOBALS['link'],"select * from " . TB_PREFIX . "hero where `dead`='0' and `heroid`='".$defenderhero['heroid']."'");
$fdb = mysqli_fetch_array($_result);
$hero_id=$fdb['heroid'];
$hero_health=$fdb['health'];
$damage_health=round(100*$result[2]);
if ($hero_health<=$damage_health or $damage_health>90){
//hero die
$result['deadherodef'] = 1;
mysql_query("update " . TB_PREFIX . "hero set `dead`='1' where `heroid`='".$hero_id."'");
mysql_query("update " . TB_PREFIX . "hero set `health`='0' where `heroid`='".$hero_id."'");
mysqli_query($GLOBALS['link'],"update " . TB_PREFIX . "hero set `dead`='1' where `heroid`='".$hero_id."'");
mysqli_query($GLOBALS['link'],"update " . TB_PREFIX . "hero set `health`='0' where `heroid`='".$hero_id."'");
}else{
$result['deadherodef'] = 0;
mysql_query("update " . TB_PREFIX . "hero set `health`=`health`-".$damage_health." where `heroid`='".$hero_id."'");
mysqli_query($GLOBALS['link'],"update " . TB_PREFIX . "hero set `health`=`health`-".$damage_health." where `heroid`='".$hero_id."'");
}
}
unset($_result,$fdb,$hero_id,$hero_health,$damage_health);
@@ -696,19 +696,19 @@ class Battle {
if(!empty($heroarray)) { reset($heroarray); }
$Reinforcer = $database->getVillageField($defenders['from'],"owner");
$heroarraydefender = $this->getBattleHero($Reinforcer);
$_result=mysql_query("select * from " . TB_PREFIX . "hero where `dead`='0' and `heroid`='".$heroarraydefender['heroid']."'");
$fdb = mysql_fetch_array($_result);
$_result=mysqli_query($GLOBALS['link'],"select * from " . TB_PREFIX . "hero where `dead`='0' and `heroid`='".$heroarraydefender['heroid']."'");
$fdb = mysqli_fetch_array($_result);
$hero_id=$fdb['heroid'];
$hero_health=$fdb['health'];
$damage_health=round(100*$result[2]);
if ($hero_health<=$damage_health or $damage_health>90){
//hero die
$result['deadheroref'][$defenders['id']] = 1;
mysql_query("update " . TB_PREFIX . "hero set `dead`='1' where `heroid`='".$hero_id."'");
mysql_query("update " . TB_PREFIX . "hero set `health`='0' where `heroid`='".$hero_id."'");
mysqli_query($GLOBALS['link'],"update " . TB_PREFIX . "hero set `dead`='1' where `heroid`='".$hero_id."'");
mysqli_query($GLOBALS['link'],"update " . TB_PREFIX . "hero set `health`='0' where `heroid`='".$hero_id."'");
}else{
$result['deadheroref'][$defenders['id']] = 0;
mysql_query("update " . TB_PREFIX . "hero set `health`=`health`-".$damage_health." where `heroid`='".$hero_id."'");
mysqli_query($GLOBALS['link'],"update " . TB_PREFIX . "hero set `health`=`health`-".$damage_health." where `heroid`='".$hero_id."'");
}
}
}
+3 -3
View File
@@ -362,7 +362,7 @@ if (!isset($SAJAX_INCLUDED)) {
$alliance = $session->alliance;
$now = time();
echo $q = "INSERT into ".TB_PREFIX."chat (id_user,name,alli,date,msg) values ('$id_user','$name','$alliance','$now','$msg')";
mysql_query($q, $database->connection);
mysqli_query($GLOBALS['link'],$q);
}
}
@@ -370,8 +370,8 @@ if (!isset($SAJAX_INCLUDED)) {
global $session,$database;
$alliance = $session->alliance;
$query = mysql_query("select * from ".TB_PREFIX."chat where alli='$alliance' order by id desc limit 0,13");
while ($r = mysql_fetch_array($query)) {
$query = mysqli_query($GLOBALS['link'],"select * from ".TB_PREFIX."chat where alli='$alliance' order by id desc limit 0,13");
while ($r = mysqli_fetch_array($query)) {
$dates = date("g:i",$r[date]);
$data .= "[{$dates}] <a href='spieler.php?uid={$r['id_user']}'>{$r['name']}</a>: {$r[msg]} <br>";
}
+3866 -8
View File
File diff suppressed because it is too large Load Diff
File diff suppressed because it is too large Load Diff
-19
View File
@@ -1,19 +0,0 @@
<?php
#################################################################################
## -= YOU MAY NOT REMOVE OR CHANGE THIS NOTICE =- ##
## --------------------------------------------------------------------------- ##
## Filename 404.tpl ##
## Developed by: aggenkeech ##
## License: TravianX Project ##
## Copyright: TravianX (c) 2010-2012. All rights reserved. ##
## ##
#################################################################################
?>
<div style="margin-top: 50px;">
<center>
<h1>404 - File not found</h1>
<img src="../../gpack/travian_default/img/misc/404.gif" title="Not Found" alt="Not Found"><br />
<p>We looked 404 times already but can't find anything, Not even an X marking the spot.</p>
<p>This system is not complete yet. So the page probably does not exist.</p><br>
</center>
</div>
+9 -9
View File
@@ -210,8 +210,8 @@ class Message {
global $database,$session;
for($i = 1; $i <= 10; $i++) {
if(isset($post['n' . $i])) {
$message1 = mysql_query("SELECT * FROM " . TB_PREFIX . "mdata where id = ".$post['n' . $i]."");
$message = mysql_fetch_array($message1);
$message1 = mysqli_query($GLOBALS['link'],"SELECT * FROM " . TB_PREFIX . "mdata where id = ".$post['n' . $i]."");
$message = mysqli_fetch_array($message1);
if($message['target'] == $session->uid && $message['owner'] == $session->uid){
$database->getMessage($post['n' . $i], 8);
}else if($message['target'] == $session->uid){
@@ -321,16 +321,16 @@ class Message {
// Vulnerability closed by Shadow
$q = "SELECT * FROM ".TB_PREFIX."mdata WHERE owner='".$session->uid."' AND time > ".time()." - 60";
$res = mysql_query($q) or die(mysql_error(). " query ".$q);
$flood = mysql_num_rows($res);
$res = mysqli_query($GLOBALS['link'],$q) or die(mysqli_error(). " query ".$q);
$flood = mysqli_num_rows($res);
if($flood > 5)
return; //flood
// Vulnerability closed by Shadow
$allmembersQ = mysql_query("SELECT id FROM ".TB_PREFIX."users WHERE alliance='".$session->alliance."'");
$allmembersQ = mysqli_query($GLOBALS['link'],"SELECT id FROM ".TB_PREFIX."users WHERE alliance='".$session->alliance."'");
$userally = $database->getUserField($session->uid,"alliance",0);
$permission=mysql_fetch_array(mysql_query("SELECT opt7 FROM ".TB_PREFIX."ali_permission WHERE uid='".$session->uid."'"));
$permission=mysqli_fetch_array(mysqli_query($GLOBALS['link'],"SELECT opt7 FROM ".TB_PREFIX."ali_permission WHERE uid='".$session->uid."'"));
if(WORD_CENSOR) {
$topic = $this->wordCensor($topic);
$text = $this->wordCensor($text);
@@ -395,7 +395,7 @@ class Message {
}
if($permission[opt7]==1){
if ($userally != 0) {
while ($allmembers = mysql_fetch_array($allmembersQ)) {
while ($allmembers = mysqli_fetch_array($allmembersQ)) {
$database->sendMessage($allmembers[id],$session->uid,htmlspecialchars(addslashes($topic)),htmlspecialchars(addslashes($text)),0,$alliance,$player,$coor,$report);
}
}
@@ -410,8 +410,8 @@ class Message {
// Vulnerability closed by Shadow
$q = "SELECT * FROM ".TB_PREFIX."mdata WHERE owner='".$session->uid."' AND time > ".time()." - 60";
$res = mysql_query($q) or die(mysql_error(). " query ".$q);
$flood = mysql_num_rows($res);
$res = mysqli_query($GLOBALS['link'],$q) or die(mysqli_error(). " query ".$q);
$flood = mysqli_num_rows($res);
if($flood > 5)
return; //flood
+1 -1
View File
@@ -120,7 +120,7 @@ class Profile {
if($set){
unset($_SESSION['wid']);
$database->activeModify(addslashes($session->username),1);
$database->UpdateOnline("logout") or die(mysql_error());
$database->UpdateOnline("logout") or die(mysqli_error());
$session->Logout();
header("Location: login.php");
}else{
+8 -8
View File
@@ -88,23 +88,23 @@ class Session {
$_SESSION['checker'] = $generator->generateRandStr(3);
$_SESSION['mchecker'] = $generator->generateRandStr(5);
$_SESSION['qst'] = $database->getUserField($_SESSION['username'], "quest", 1);
$result = mysqli_query($link,"SELECT village_select FROM `". TB_PREFIX."users` WHERE `username`='".$_SESSION['username']."'");
$result = mysqli_query($GLOBALS['link'],"SELECT village_select FROM `". TB_PREFIX."users` WHERE `username`='".$_SESSION['username']."'");
$dbarray = mysqli_fetch_assoc($result);
$selected_village=$dbarray['village_select'];
if(!isset($_SESSION['wid'])) {
if($selected_village!='') {
$query = mysqli_query($link,'SELECT * FROM `' . TB_PREFIX . 'vdata` WHERE `wref` = '.$selected_village);
$query = mysqli_query($GLOBALS['link'],'SELECT * FROM `' . TB_PREFIX . 'vdata` WHERE `wref` = '.$selected_village);
}else{
$query = mysqli_query($link,'SELECT * FROM `' . TB_PREFIX . 'vdata` WHERE `owner` = ' . $database->getUserField($_SESSION['username'], "id", 1) . ' LIMIT 1');
$query = mysqli_query($GLOBALS['link'],'SELECT * FROM `' . TB_PREFIX . 'vdata` WHERE `owner` = ' . $database->getUserField($_SESSION['username'], "id", 1) . ' LIMIT 1');
}
$data = mysqli_fetch_assoc($query);
$_SESSION['wid'] = $data['wref'];
} else
if($_SESSION['wid'] == '') {
if($selected_village!='') {
$query = mysqli_query($link,'SELECT * FROM `' . TB_PREFIX . 'vdata` WHERE `wref` = '.$selected_village);
$query = mysqli_query($GLOBALS['link'],'SELECT * FROM `' . TB_PREFIX . 'vdata` WHERE `wref` = '.$selected_village);
}else{
$query = mysqli_query($link,'SELECT * FROM `' . TB_PREFIX . 'vdata` WHERE `owner` = ' . $database->getUserField($_SESSION['username'], "id", 1) . ' LIMIT 1');
$query = mysqli_query($GLOBALS['link'],'SELECT * FROM `' . TB_PREFIX . 'vdata` WHERE `owner` = ' . $database->getUserField($_SESSION['username'], "id", 1) . ' LIMIT 1');
}
$data = mysqli_fetch_assoc($query);
$_SESSION['wid'] = $data['wref'];
@@ -161,18 +161,18 @@ class Session {
$hero=0;
foreach($this->villages as $myvill){
$q1 = "SELECT SUM(hero) from " . TB_PREFIX . "enforcement where `from` = ".$myvill; // check if hero is send as reinforcement
$result1 = mysqli_query($link,$q1);
$result1 = mysqli_query($GLOBALS['link'],$q1);
if(mysqli_num_rows($result1) != 0) {
$he1=mysqli_fetch_array($result1);
$hero+=$he1[0];
}
$q2 = "SELECT SUM(hero) from " . TB_PREFIX . "units where `vref` = ".$myvill; // check if hero is on my account (all villages)
$result2 = mysqli_query($link,$q2);
$result2 = mysqli_query($GLOBALS['link'],$q2);
$he2=mysqli_fetch_array($result2);
$hero+=$he2[0];
$q3 = "SELECT SUM(t11) from " . TB_PREFIX . "prisoners where `from` = ".$myvill; // check if hero is prisoner
$result3 = mysqli_query($link,$q3);
$result3 = mysqli_query($GLOBALS['link'],$q3);
$he3=mysqli_fetch_array($result3);
$hero+=$he3[0];
$hero+=$database->HeroNotInVil($myvill); // check if hero is not in village (come back from attack , raid , etc.)
+15 -15
View File
@@ -287,8 +287,8 @@ class Units {
}
if( intval($enforce['hero']) > 0){
$q = "SELECT * FROM ".TB_PREFIX."hero WHERE uid = ".$from['owner']."";
$result = mysql_query($q);
$hero_f=mysql_fetch_array($result);
$result = mysqli_query($GLOBALS['link'],$q);
$hero_f=mysqli_fetch_array($result);
$hero_unit=$hero_f['unit'];
$speeds[] = $GLOBALS['u'.$hero_unit]['speed'];
}else{
@@ -378,14 +378,14 @@ if($session->access != BANNED){
array(0,0,0,0,0,0,0,0,0,0,0)
);
$query1 = mysql_query('SELECT * FROM `' . TB_PREFIX . 'vdata` WHERE `wref` = ' . mysql_escape_string($data['to_vid']));
$data1 = mysql_fetch_assoc($query1);
$query2 = mysql_query('SELECT * FROM `' . TB_PREFIX . 'users` WHERE `id` = ' . $data1['owner']);
$data2 = mysql_fetch_assoc($query2);
$query11 = mysql_query('SELECT * FROM `' . TB_PREFIX . 'vdata` WHERE `wref` = ' . mysql_escape_string($village->wid));
$data11 = mysql_fetch_assoc($query11);
$query21 = mysql_query('SELECT * FROM `' . TB_PREFIX . 'users` WHERE `id` = ' . $data11['owner']);
$data21 = mysql_fetch_assoc($query21);
$query1 = mysqli_query($GLOBALS['link'],'SELECT * FROM `' . TB_PREFIX . 'vdata` WHERE `wref` = ' . mysqli_escape_string($GLOBALS['link'],$data['to_vid']));
$data1 = mysqli_fetch_assoc($query1);
$query2 = mysqli_query($GLOBALS['link'],'SELECT * FROM `' . TB_PREFIX . 'users` WHERE `id` = ' . $data1['owner']);
$data2 = mysqli_fetch_assoc($query2);
$query11 = mysqli_query($GLOBALS['link'],'SELECT * FROM `' . TB_PREFIX . 'vdata` WHERE `wref` = ' . mysqli_escape_string($GLOBALS['link'],$village->wid));
$data11 = mysqli_fetch_assoc($query11);
$query21 = mysqli_query($GLOBALS['link'],'SELECT * FROM `' . TB_PREFIX . 'users` WHERE `id` = ' . $data11['owner']);
$data21 = mysqli_fetch_assoc($query21);
@@ -445,8 +445,8 @@ if($session->access != BANNED){
// If is a WW village you can target on WW , if is not a WW village catapults will target randomly.
// Like it says : Exceptions are the WW which can always be targeted and the treasure chamber which can always be targeted, except with the unique artifact.
// Fixed by Advocaite and Shadow
$q = mysql_query("SELECT vref FROM ".TB_PREFIX."fdata WHERE f99t = '40' AND vref = ".$data['to_vid']."");
$isThere = mysql_num_rows($q);
$q = mysqli_query($GLOBALS['link'],"SELECT vref FROM ".TB_PREFIX."fdata WHERE f99t = '40' AND vref = ".$data['to_vid']."");
$isThere = mysqli_num_rows($q);
if($isThere > 0)
{
$iswwvilla = 1;
@@ -515,7 +515,7 @@ if($session->access != BANNED){
if($checkexist or $checkoexist){
$database->addMovement(3,$village->wid,$data['to_vid'],$reference,time(),($time+time()));
if(($database->hasBeginnerProtection($village->wid)==1)&&($checkexist)){
mysql_query("UPDATE ".TB_PREFIX."users SET protect = 0 WHERE id = $session->uid");
mysqli_query($GLOBALS['link'],"UPDATE ".TB_PREFIX."users SET protect = 0 WHERE id = $session->uid");
}
}
@@ -615,8 +615,8 @@ if($session->access != BANNED){
if (isset($post['t11'])){
if( $post['t11'] != '' && $post['t11'] > 0){
$qh = "SELECT * FROM ".TB_PREFIX."hero WHERE uid = ".$from['owner']."";
$resulth = mysql_query($qh);
$hero_f=mysql_fetch_array($resulth);
$resulth = mysqli_query($GLOBALS['link'],$qh);
$hero_f=mysqli_fetch_array($resulth);
$hero_unit=$hero_f['unit'];
$speeds[] = $GLOBALS['u'.$hero_unit]['speed'];
} else {