fix chat system by SalmonPlus

This commit is contained in:
unknown
2012-05-25 16:25:54 +03:00
parent 17003dbbc9
commit 63ed7b4e7f
3 changed files with 23 additions and 26 deletions
+12 -10
View File
@@ -100,7 +100,7 @@ if (!isset($SAJAX_INCLUDED)) {
else
$args = array();
}
if (! in_array($func_name, $sajax_export_list))
echo "-:$func_name not callable";
else {
@@ -175,7 +175,7 @@ if (!isset($SAJAX_INCLUDED)) {
var uri;
var post_data;
var target_id;
sajax_debug("in sajax_do_call().." + sajax_request_type + "/" + sajax_target_id);
target_id = sajax_target_id;
if (typeof(sajax_request_type) == "undefined" || sajax_request_type == "")
@@ -183,7 +183,7 @@ if (!isset($SAJAX_INCLUDED)) {
uri = "<?php echo $sajax_remote_uri; ?>";
if (sajax_request_type == "GET") {
// alert(args);
if (uri.indexOf("?") == -1)
uri += "?rs=" + escape(func_name);
else
@@ -191,16 +191,16 @@ if (!isset($SAJAX_INCLUDED)) {
uri += "&rst=" + escape(sajax_target_id);
uri += "&rsrnd=" + new Date().getTime();
for (i = 0; i < args.length-1; i++)
uri += "&rsargs[]=" + escape(args[i]);
for (i = 0; i < args.length-1; i++) {
uri += "&rsargs[]=" + args[i];
}
post_data = null;
}
else if (sajax_request_type == "POST") {
post_data = "rs=" + escape(func_name);
post_data += "&rst=" + escape(sajax_target_id);
post_data += "&rsrnd=" + new Date().getTime();
for (i = 0; i < args.length-1; i++)
post_data = post_data + "&rsargs[]=" + escape(args[i]);
}
@@ -352,13 +352,15 @@ if (!isset($SAJAX_INCLUDED)) {
function add_data($data) {
global $session,$database;
$data = explode("|",$data);
//$data = explode("|",$data);
if (is_array($data)){$msg = htmlspecialchars($data[1]);}else{$msg = htmlspecialchars($data);};
// $msg=htmlspecialchars($msg);
$name = $session->username;
$msg = htmlspecialchars($data[1]);
$id_user = $session->uid;
$alliance = $session->alliance;
$now = time();
$q = "INSERT into ".TB_PREFIX."chat (id_user,name,alli,date,msg) values ('$id_user','$name','$alliance','$now','$msg')";
echo $q = "INSERT into ".TB_PREFIX."chat (id_user,name,alli,date,msg) values ('$id_user','$name','$alliance','$now','$msg')";
mysql_query($q, $database->connection);
}
+2 -5
View File
@@ -17,13 +17,10 @@ if(isset($_POST)){
$_POST = array_map('htmlspecialchars', $_POST);
}
}
$rsargs=$_GET['rsargs'];
$_GET = array_map('mysql_real_escape_string', $_GET);
$_GET = array_map('htmlspecialchars', $_GET);
$_GET['rsargs']=$rsargs;
$_COOKIE = array_map('mysql_real_escape_string', $_COOKIE);
$_COOKIE = array_map('htmlspecialchars', $_COOKIE);
$rsargs=$_GET['rsargs'];
$_GET = array_map('mysql_real_escape_string', $_GET);
$_GET = array_map('htmlspecialchars', $_GET);
$_GET['rsargs']=$rsargs;
?>
+9 -11
View File
@@ -1,6 +1,6 @@
<?php
////////////// made by TTMTT //////////////
ob_start();
if(isset($aid)) {
$aid = $aid;
}
@@ -20,14 +20,17 @@ function show_data_cb(text) { document.getElementById("masnun").innerHTML = text
function start_it() { x_get_data(show_data_cb); setTimeout("start_it()",1000); }
function add_cb() {}
function send_data() {
//alert( document.form1.msg.value);
msg = document.form1.msg.value;
x_add_data(name +"|"+msg,add_cb); }
//alert(msg);
//x_add_data(name +"|"+msg,add_cb);
x_add_data(msg,add_cb);
document.form1.msg.value="";
}
</script>
<?php
if($session->access!=BANNED){
?>
<body onload="start_it()">
<form name="form1" onSubmit="send_data()">
<div id="TitleName" class="chatHeader">Ally-Chat</div>
@@ -51,9 +54,4 @@ if($session->access!=BANNED){
</body>
<div id="rooms">
</div>
<?php
}else{
header("Location: banned.php");
}
?>
</div>