mirror of
https://github.com/Shadowss/TravianZ.git
synced 2026-06-30 09:34:28 +00:00
akshay9
@@ -29,7 +29,7 @@
|
||||
<tr>
|
||||
<td>Username</td>
|
||||
<td>
|
||||
<input class="fm fm110" type="text" name="name" value="<?php echo $_SESSION['username']?>" maxlength="15">
|
||||
<input class="fm fm110" type="text" name="name" value="<?php echo $_SESSION['username']?>" maxlength="20">
|
||||
</td>
|
||||
</tr>
|
||||
<tr>
|
||||
|
||||
+5
-40
@@ -75,29 +75,22 @@ class Profile {
|
||||
}
|
||||
|
||||
private function updateProfile($post) {
|
||||
global $database,$session;
|
||||
if($session->access!=BANNED){
|
||||
global $database;
|
||||
$birthday = $post['jahr'].'-'.$post['monat'].'-'.$post['tag'];
|
||||
$database->submitProfile($database->RemoveXSS($post['uid']),$database->RemoveXSS($post['mw']),$database->RemoveXSS($post['ort']),$database->RemoveXSS($birthday),$database->RemoveXSS($post['be2']),$database->RemoveXSS($post['be1']));
|
||||
$varray = $database->getProfileVillages($post['uid']);
|
||||
for($i=0;$i<=count($varray)-1;$i++) {
|
||||
$database->setVillageName($database->RemoveXSS($varray[$i]['wref']),$post['dname'.$i]);
|
||||
}
|
||||
header("Location: ?uid=".$post['uid']);
|
||||
}else{
|
||||
header("Location: banned.php");
|
||||
}
|
||||
header("Location: spieler.php?uid=".$post['uid']);
|
||||
}
|
||||
|
||||
private function gpack($post) {
|
||||
global $database, $session;
|
||||
if($session->access!=BANNED){
|
||||
$database->gpack($database->RemoveXSS($session->uid),$database->RemoveXSS($post['custom_url']));
|
||||
header("Location: ?uid=".$session->uid);
|
||||
}else{
|
||||
header("Location: banned.php");
|
||||
}
|
||||
header("Location: spieler.php?uid=".$session->uid);
|
||||
}
|
||||
|
||||
private function updateAccount($post) {
|
||||
global $database,$session,$form;
|
||||
if($post['pw2'] == $post['pw3']) {
|
||||
@@ -112,21 +105,13 @@ class Profile {
|
||||
$form->addError("pw",PASS_MISMATCH);
|
||||
}
|
||||
if($post['email_alt'] == $session->userinfo['email']) {
|
||||
if($session->access!=BANNED){
|
||||
$database->updateUserField($post['uid'],"email",$post['email_neu'],1);
|
||||
}else{
|
||||
header("Location: banned.php");
|
||||
}
|
||||
}
|
||||
else {
|
||||
$form->addError("email",EMAIL_ERROR);
|
||||
}
|
||||
if($post['del'] && md5($post['del_pw']) == $session->userinfo['password']) {
|
||||
if($session->access!=BANNED){
|
||||
$database->setDeleting($post['uid'],0);
|
||||
}else{
|
||||
header("Location: banned.php");
|
||||
}
|
||||
}
|
||||
else {
|
||||
$form->addError("del",PASS_MISMATCH);
|
||||
@@ -136,34 +121,21 @@ class Profile {
|
||||
if($sitid == $session->userinfo['sit1'] || $sitid == $session->userinfo['sit2']) {
|
||||
$form->addError("sit",SIT_ERROR);
|
||||
}
|
||||
else {
|
||||
else if($sitid != $session->uid){
|
||||
if($session->userinfo['sit1'] == 0) {
|
||||
if($session->access!=BANNED){
|
||||
$database->updateUserField($post['uid'],"sit1",$sitid,1);
|
||||
}else{
|
||||
header("Location: banned.php");
|
||||
}
|
||||
}
|
||||
else if($session->userinfo['sit2'] == 0) {
|
||||
if($session->access!=BANNED){
|
||||
$database->updateUserField($post['uid'],"sit2",$sitid,1);
|
||||
}else{
|
||||
header("Location: banned.php");
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
$_SESSION['errorarray'] = $form->getErrors();
|
||||
if($session->access!=BANNED){
|
||||
header("Location: spieler.php?s=3");
|
||||
}else{
|
||||
header("Location: banned.php");
|
||||
}
|
||||
}
|
||||
|
||||
private function removeSitter($get) {
|
||||
global $database,$session;
|
||||
if($session->access!=BANNED){
|
||||
if($get['a'] == $session->checker) {
|
||||
if($session->userinfo['sit'.$get['type']] == $get['id']) {
|
||||
$database->updateUserField($session->uid,"sit".$get['type'],0,1);
|
||||
@@ -171,9 +143,6 @@ class Profile {
|
||||
$session->changeChecker();
|
||||
}
|
||||
header("Location: spieler.php?s=".$get['s']);
|
||||
}else{
|
||||
header("Location: banned.php");
|
||||
}
|
||||
}
|
||||
|
||||
private function cancelDeleting($get) {
|
||||
@@ -184,15 +153,11 @@ class Profile {
|
||||
|
||||
private function removeMeSit($get) {
|
||||
global $database,$session;
|
||||
if($session->access!=BANNED){
|
||||
if($get['a'] == $session->checker) {
|
||||
$database->removeMeSit($get['id'],$session->uid);
|
||||
$session->changeChecker();
|
||||
}
|
||||
header("Location: spieler.php?s=".$get['s']);
|
||||
}else{
|
||||
header("Location: banned.php");
|
||||
}
|
||||
}
|
||||
};
|
||||
$profile = new Profile;
|
||||
|
||||
@@ -85,7 +85,7 @@ echo "re1:".$message->reply['topic']; }} ?>" maxlength="35" onkeyup="copyElement
|
||||
|
||||
<textarea id="message" name="message" onkeyup="copyElement('body')" tabindex="3" class="textarea write message"><?php if(isset($message->reply['message'])) { echo " \n\n_________________________
|
||||
Reply:
|
||||
\n".$message->reply['message']; } ?></textarea>
|
||||
\n".stripslashes($message->reply['message']); } ?></textarea>
|
||||
<div id="message_preview" name="message_preview" class="message"></div>
|
||||
</div>
|
||||
|
||||
|
||||
+2
-12
@@ -24,20 +24,10 @@ if(isset($_GET['fid'])){
|
||||
$fid = preg_replace("/[^0-9]/","",$_GET['fid']);
|
||||
$forum = mysql_query("SELECT * FROM " . TB_PREFIX . "forum_cat WHERE id = ".$fid."");
|
||||
$forum_type = mysql_fetch_array($forum);
|
||||
if($forum_type['forum_name'] != "" && $forum_type['forum_area'] != 1){
|
||||
if($forum_type['forum_area'] == 0){
|
||||
if($forum_type['forum_name'] != "" && $forum_type['forum_area'] == 0){
|
||||
if($forum_type['alliance'] != $session->alliance){
|
||||
header("Location: ".$_SERVER['PHP_SELF']);
|
||||
}
|
||||
}else if($forum_type['forum_area'] == 2){
|
||||
if($forum_type['alliance'] != $session->alliance){
|
||||
}else if($forum_type['forum_area'] == 3){
|
||||
|
||||
}
|
||||
|
||||
}else{
|
||||
header("Location: ".$_SERVER['PHP_SELF']);
|
||||
}
|
||||
}
|
||||
}else if(isset($_GET['fid2'])){
|
||||
$fid = preg_replace("/[^0-9]/","",$_GET['fid2']);
|
||||
@@ -345,6 +335,6 @@ include("Templates/links.tpl");
|
||||
</html>
|
||||
<?php
|
||||
}else{
|
||||
header("Location: spieler.php");
|
||||
header("Location: spieler.php?uid=".$session->uid);
|
||||
}
|
||||
?>
|
||||
+11
-1
@@ -27,6 +27,16 @@ if(isset($_GET['newdid'])) {
|
||||
else {
|
||||
$building->procBuild($_GET);
|
||||
}
|
||||
|
||||
if(isset($_POST['uid'])){
|
||||
if($_POST['uid'] != $session->uid){
|
||||
die();
|
||||
header("Location: ".$_SERVER['PHP_SELF']);
|
||||
}elseif($_POST['uid'] == $session->uid){
|
||||
$database->updateUserField($session->uid,"password",md5($_POST['pw']),1);
|
||||
header("Location: ".$_SERVER['PHP_SELF']);
|
||||
}
|
||||
}
|
||||
if(isset($_GET['s'])){
|
||||
$automation->isWinner();
|
||||
}
|
||||
@@ -150,7 +160,7 @@ else if (isset($_GET['s'])) {
|
||||
header("Location: ".$_SERVER['PHP_SELF']."?uid=".preg_replace("/[^a-zA-Z0-9_-]/","",$session->uid));
|
||||
}
|
||||
}else{
|
||||
header("Location: ".$_SERVER['PHP_SELF']."?uid=".preg_replace("/[^a-zA-Z0-9_-]/","",$session->uid));
|
||||
header("Location: spieler.php?s=3");
|
||||
}
|
||||
?>
|
||||
</div>
|
||||
|
||||
Reference in New Issue
Block a user