From 52ba99d2f0a3dd42130687eefbc70ccc6a086e1f Mon Sep 17 00:00:00 2001 From: Martin Ambrus Date: Mon, 28 Aug 2017 23:32:56 +0200 Subject: [PATCH] fix: Admin DB file used MySQLi --- Admin/database.php | 136 ++++++++++++++++++++++----------------------- 1 file changed, 68 insertions(+), 68 deletions(-) diff --git a/Admin/database.php b/Admin/database.php index 12012599..4986d35f 100644 --- a/Admin/database.php +++ b/Admin/database.php @@ -31,20 +31,20 @@ class adm_DB { function adm_DB(){ global $database; - $this->connection = mysql_connect(SQL_SERVER, SQL_USER, SQL_PASS) or die(mysql_error()); - mysql_select_db(SQL_DB, $this->connection) or die(mysql_error()); + $this->connection = mysqli_connect(SQL_SERVER, SQL_USER, SQL_PASS) or die(mysqli_error()); + mysqli_select_db($this->connection, SQL_DB) or die(mysqli_error()); } function Login($username,$password){ $q = "SELECT password FROM ".TB_PREFIX."users where username = '$username' and access >= ".MULTIHUNTER; - $result = mysql_query($q, $this->connection); - $dbarray = mysql_fetch_array($result); + $result = mysqli_query($this->connection, $q); + $dbarray = mysqli_fetch_array($result); if($dbarray['password'] == md5($password)) { - mysql_query("Insert into ".TB_PREFIX."admin_log values (0,'X','$username logged in (IP: ".$_SERVER['REMOTE_ADDR'].")',".time().")"); + mysqli_query("Insert into ".TB_PREFIX."admin_log values (0,'X','$username logged in (IP: ".$_SERVER['REMOTE_ADDR'].")',".time().")"); return true; } else { - mysql_query("Insert into ".TB_PREFIX."admin_log values (0,'X','IP: ".$_SERVER['REMOTE_ADDR']." tried to log in with username $username but access was denied!',".time().")"); + mysqli_query("Insert into ".TB_PREFIX."admin_log values (0,'X','IP: ".$_SERVER['REMOTE_ADDR']." tried to log in with username $username but access was denied!',".time().")"); return false; } } @@ -71,7 +71,7 @@ class adm_DB { } } $q = "UPDATE ".TB_PREFIX."vdata set pop = $popTot where wref = $vid"; - mysql_query($q, $this->connection); + mysqli_query($this->connection, $q); } function buildingPOP($f,$lvl){ @@ -109,13 +109,13 @@ class adm_DB { } } $q = "UPDATE ".TB_PREFIX."vdata set cp = $popTot where wref = $vid"; - mysql_query($q, $this->connection); + mysqli_query($this->connection, $q); } function getWref($x,$y) { $q = "SELECT id FROM ".TB_PREFIX."wdata where x = $x and y = $y"; - $result = mysql_query($q, $this->connection); - $r = mysql_fetch_array($result); + $result = mysqli_query($this->connection, $q); + $r = mysqli_fetch_array($result); return $r['id']; } @@ -126,7 +126,7 @@ class adm_DB { $status = $database->getVillageState($wid); $status = 0; if($status == 0){ - mysql_query("Insert into ".TB_PREFIX."admin_log values (0,".$_SESSION['id'].",'Added new village $wid to user $uid',".time().")"); + mysqli_query("Insert into ".TB_PREFIX."admin_log values (0,".$_SESSION['id'].",'Added new village $wid to user $uid',".time().")"); $database->setFieldTaken($wid); $database->addVillage($wid,$uid,'new village','0'); $database->addResourceFields($wid,$database->getVillageType($wid)); @@ -164,23 +164,23 @@ class adm_DB { if($post['clean_ware']){ $time = time(); $q = "UPDATE ".TB_PREFIX."vdata SET `wood` = '0', `clay` = '0', `iron` = '0', `crop` = '0', `lastupdate` = '$time' WHERE wref = $vid;"; - mysql_query($q, $this->connection); + mysqli_query($this->connection, $q); } } - mysql_query("Insert into ".TB_PREFIX."admin_log values (0,".$_SESSION['id'].",'Punished user: ".$post['uid']." with -".$post['punish']."% population',".time().")"); + mysqli_query("Insert into ".TB_PREFIX."admin_log values (0,".$_SESSION['id'].",'Punished user: ".$post['uid']." with -".$post['punish']."% population',".time().")"); } function PunishBuilding($vid,$proc,$pop){ global $database; $q = "UPDATE ".TB_PREFIX."vdata set pop = $pop where wref = $vid;"; - mysql_query($q, $this->connection); + mysqli_query($this->connection, $q); $fdata = $database->getResourceLevel($vid); for ($i = 1; $i <= 40; $i++) { if($fdata['f'.$i]>1){ $zm = ($fdata['f'.$i]/100)*$proc; if($zm < 1){$zm = 1;}else{$zm = floor($zm);} $q = "UPDATE ".TB_PREFIX."fdata SET `f$i` = '$zm' WHERE `vref` = $vid;"; - mysql_query($q, $this->connection); + mysqli_query($this->connection, $q); } } } @@ -193,7 +193,7 @@ class adm_DB { function DelUnits2($vid,$unit){ $q = "UPDATE ".TB_PREFIX."units SET `u$unit` = '0' WHERE `vref` = $vid;"; - mysql_query($q, $this->connection); + mysqli_query($this->connection, $q); } function DelPlayer($uid,$pass){ @@ -205,26 +205,26 @@ class adm_DB { $this->DelVillage($villages[$i]['wref'], 1); } $q = "DELETE FROM ".TB_PREFIX."hero where uid = $uid"; - mysql_query($q, $this->connection); + mysqli_query($this->connection, $q); $name = $database->getUserField($uid,"username",0); - mysql_query("Insert into ".TB_PREFIX."admin_log values (0,$ID,'Deleted user $name',".time().")"); + mysqli_query("Insert into ".TB_PREFIX."admin_log values (0,$ID,'Deleted user $name',".time().")"); $q = "DELETE FROM ".TB_PREFIX."users WHERE `id` = $uid;"; - mysql_query($q, $this->connection); + mysqli_query($this->connection, $q); } } function getUserActive() { $time = time() - (60*5); $q = "SELECT * FROM ".TB_PREFIX."users where timestamp > $time and username != 'support'"; - $result = mysql_query($q, $this->connection); - return $this->mysql_fetch_all($result); + $result = mysqli_query($this->connection, $q); + return $this->mysqli_fetch_all($result); } function CheckPass($password,$uid){ $q = "SELECT password FROM ".TB_PREFIX."users where id = '$uid' and access = ".ADMIN; - $result = mysql_query($q, $this->connection); - $dbarray = mysql_fetch_array($result); + $result = mysqli_query($this->connection, $q); + $dbarray = mysqli_fetch_array($result); if($dbarray['password'] == md5($password)) { return true; }else{ @@ -239,37 +239,37 @@ class adm_DB { }else{ $q = "SELECT * FROM ".TB_PREFIX."vdata WHERE `wref` = $wref"; } - $result = mysql_query($q, $this->connection); - if(mysql_num_rows($result) > 0){ - mysql_query("Insert into ".TB_PREFIX."admin_log values (0,".$_SESSION['id'].",'Deleted village $wref',".time().")"); + $result = mysqli_query($this->connection, $q); + if(mysqli_num_rows($result) > 0){ + mysqli_query("Insert into ".TB_PREFIX."admin_log values (0,".$_SESSION['id'].",'Deleted village $wref',".time().")"); $database->clearExpansionSlot($wref); $q = "DELETE FROM ".TB_PREFIX."abdata where vref = $wref"; - mysql_query($q, $this->connection); + mysqli_query($this->connection, $q); $q = "DELETE FROM ".TB_PREFIX."bdata where wid = $wref"; - mysql_query($q, $this->connection); + mysqli_query($this->connection, $q); $q = "DELETE FROM ".TB_PREFIX."market where vref = $wref"; - mysql_query($q, $this->connection); + mysqli_query($this->connection, $q); $q = "DELETE FROM ".TB_PREFIX."odata where wref = $wref"; - mysql_query($q, $this->connection); + mysqli_query($this->connection, $q); $q = "DELETE FROM ".TB_PREFIX."research where vref = $wref"; - mysql_query($q, $this->connection); + mysqli_query($this->connection, $q); $q = "DELETE FROM ".TB_PREFIX."tdata where vref = $wref"; - mysql_query($q, $this->connection); + mysqli_query($this->connection, $q); $q = "DELETE FROM ".TB_PREFIX."fdata where vref = $wref"; - mysql_query($q, $this->connection); + mysqli_query($this->connection, $q); $q = "DELETE FROM ".TB_PREFIX."training where vref = $wref"; - mysql_query($q, $this->connection); + mysqli_query($this->connection, $q); $q = "DELETE FROM ".TB_PREFIX."units where vref = $wref"; - mysql_query($q, $this->connection); + mysqli_query($this->connection, $q); $q = "DELETE FROM ".TB_PREFIX."farmlist where wref = $wref"; - mysql_query($q, $this->connection); + mysqli_query($this->connection, $q); $q = "DELETE FROM ".TB_PREFIX."raidlist where towref = $wref"; - mysql_query($q, $this->connection); + mysqli_query($this->connection, $q); $q = "DELETE FROM ".TB_PREFIX."movement where `from` = $wref and proc=0"; - mysql_query($q, $this->connection); + mysqli_query($this->connection, $q); $getmovement = $database->getMovement(3,$wref,1); foreach($getmovement as $movedata) { @@ -284,11 +284,11 @@ class adm_DB { $this->returnTroops($wref); $q = "DELETE FROM ".TB_PREFIX."vdata WHERE `wref` = $wref"; - mysql_query($q, $this->connection); + mysqli_query($this->connection, $q); - if (mysql_affected_rows()>0) { + if (mysqli_affected_rows()>0) { $q = "UPDATE ".TB_PREFIX."wdata set occupied = 0 where id = $wref"; - mysql_query($q, $this->connection); + mysqli_query($this->connection, $q); $getprisoners = $database->getPrisoners($wref); foreach($getprisoners as $pris) { @@ -355,8 +355,8 @@ class adm_DB { if( intval($enforce['hero']) > 0){ $q = "SELECT * FROM ".TB_PREFIX."hero WHERE uid = ".$from['owner'].""; - $result = mysql_query($q); - $hero_f=mysql_fetch_array($result); + $result = mysqli_query($q); + $hero_f=mysqli_fetch_array($result); $hero_unit=$hero_f['unit']; $speeds[] = $GLOBALS['u'.$hero_unit]['speed']; } else { @@ -471,83 +471,83 @@ class adm_DB { function DelBan($uid,$id){ global $database; $name = addslashes($database->getUserField($uid,"username",0)); - mysql_query("Insert into ".TB_PREFIX."admin_log values (0,".$_SESSION['id'].",'Unbanned user $name',".time().")"); + mysqli_query("Insert into ".TB_PREFIX."admin_log values (0,".$_SESSION['id'].",'Unbanned user $name',".time().")"); $q = "UPDATE ".TB_PREFIX."users SET `access` = '".USER."' WHERE `id` = $uid;"; - mysql_query($q, $this->connection); + mysqli_query($this->connection, $q); $q = "UPDATE ".TB_PREFIX."banlist SET `active` = '0' WHERE `id` = $id;"; - mysql_query($q, $this->connection); + mysqli_query($this->connection, $q); } function AddBan($uid,$end,$reason){ global $database; $name = addslashes($database->getUserField($uid,"username",0)); - mysql_query("Insert into ".TB_PREFIX."admin_log values (0,".$_SESSION['id'].",'Banned user $name',".time().")"); + mysqli_query("Insert into ".TB_PREFIX."admin_log values (0,".$_SESSION['id'].",'Banned user $name',".time().")"); $q = "UPDATE ".TB_PREFIX."users SET `access` = '0' WHERE `id` = $uid;"; - mysql_query($q, $this->connection); + mysqli_query($this->connection, $q); $time = time(); $admin = $_SESSION['id']; //$database->getUserField($_SESSION['username'],'id',1); $name = addslashes($database->getUserField($uid,'username',0)); $q = "INSERT INTO ".TB_PREFIX."banlist (`uid`, `name`, `reason`, `time`, `end`, `admin`, `active`) VALUES ($uid, '$name' , '$reason', '$time', '$end', '$admin', '1');"; - mysql_query($q, $this->connection); + mysqli_query($this->connection, $q); } function search_player($player){ $q = "SELECT id,username FROM ".TB_PREFIX."users WHERE `username` LIKE '%$player%' and username != 'support'"; - $result = mysql_query($q, $this->connection); - return $this->mysql_fetch_all($result); + $result = mysqli_query($this->connection, $q); + return $this->mysqli_fetch_all($result); } function search_email($email){ $q = "SELECT id,email FROM ".TB_PREFIX."users WHERE `email` LIKE '%$email%' and username != 'support'"; - $result = mysql_query($q, $this->connection); - return $this->mysql_fetch_all($result); + $result = mysqli_query($this->connection, $q); + return $this->mysqli_fetch_all($result); } function search_village($village){ $q = "SELECT * FROM ".TB_PREFIX."vdata WHERE `name` LIKE '%$village%' or `wref` LIKE '%$village%'"; - $result = mysql_query($q, $this->connection); - return $this->mysql_fetch_all($result); + $result = mysqli_query($this->connection, $q); + return $this->mysqli_fetch_all($result); } function search_alliance($alliance){ $q = "SELECT * FROM ".TB_PREFIX."alidata WHERE `name` LIKE '%$alliance%' or `tag` LIKE '%$alliance%' or `id` LIKE '%$alliance%'"; - $result = mysql_query($q, $this->connection); - return $this->mysql_fetch_all($result); + $result = mysqli_query($this->connection, $q); + return $this->mysqli_fetch_all($result); } function search_ip($ip){ $q = "SELECT * FROM ".TB_PREFIX."login_log WHERE `ip` LIKE '%$ip%'"; - $result = mysql_query($q, $this->connection); - return $this->mysql_fetch_all($result); + $result = mysqli_query($this->connection, $q); + return $this->mysqli_fetch_all($result); } function search_banned(){ $q = "SELECT * FROM ".TB_PREFIX."banlist where active = '1'"; - $result = mysql_query($q, $this->connection); - return $this->mysql_fetch_all($result); + $result = mysqli_query($this->connection, $q); + return $this->mysqli_fetch_all($result); } function Del_banned(){ //$q = "SELECT * FROM ".TB_PREFIX."banlist"; - $result = mysql_query($q, $this->connection); - return $this->mysql_fetch_all($result); + $result = mysqli_query($this->connection, $q); + return $this->mysqli_fetch_all($result); } /*************************** Function to process MYSQLi->fetch_all (Only exist in MYSQL) References: Result ***************************/ - function mysql_fetch_all($result) { + function mysqli_fetch_all($result) { $all = array(); if($result) { - while ($row = mysql_fetch_assoc($result)){ $all[] = $row; } + while ($row = mysqli_fetch_assoc($result)){ $all[] = $row; } return $all; } } function query_return($q) { - $result = mysql_query($q, $this->connection); - return $this->mysql_fetch_all($result); + $result = mysqli_query($this->connection, $q); + return $this->mysqli_fetch_all($result); } /*************************** @@ -555,7 +555,7 @@ class adm_DB { References: Query ***************************/ function query($query) { - return mysql_query($query, $this->connection); + return mysqli_query($query, $this->connection); }