xinyin025/TravianZ
1
0
Fork 0
mirror of https://github.com/Shadowss/TravianZ.git synced 2026-06-28 00:24:23 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: no double-escaping of SQL queries for login

Browse Source
This commit is contained in:
Martin Ambrus
2017-10-17 12:59:03 +02:00
parent 359f711438
commit 80c70f0f13
3 changed files with 20 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files
GameEngine/Account.php
+16 -15
View File
@@ -179,7 +179,6 @@ class Account {
private function Login() {
global $database,$session,$form;
$user = $_POST['user'];
$user = mysqli_real_escape_string($GLOBALS['link'], $user);
if(!isset($_POST['user']) || $_POST['user'] == "") {
$form->addError("user",$user);
}
@@ -192,32 +191,34 @@ class Account {
else if(!$database->login($_POST['user'],$_POST['pw']) && !$database->sitterLogin($_POST['user'],$_POST['pw'])) {
$form->addError("pw",LOGIN_PW_ERROR);
}
if($database->getUserField($_POST['user'],"act",1) != "") {
$form->addError("activate",$_POST['user']);
}
// Vacation mode by Shadow
if($database->getUserField($_POST['user'],"vac_mode",1) == 1 && $database->getUserField($_POST['user'],"vac_time",1) > time()) {
$form->addError("vacation","Vacation mode is still enabled");
$form->addError("vacation","Vacation mode is still enabled");
}
// Vacation mode by Shadow
if($form->returnErrors() > 0) {
$_SESSION['errorarray'] = $form->getErrors();
$_SESSION['valuearray'] = $_POST;
header("Location: login.php");
}
else {
$userid = $database->getUserArray($_POST['user'], 0);
// Vacation mode by Shadow
$database->removevacationmode($userid['id']);
// Vacation mode by Shadow
if($database->login($_POST['user'],$_POST['pw'])){
$database->UpdateOnline("login" ,$_POST['user'],time(),$userid['id']);
}else if($database->sitterLogin($_POST['user'],$_POST['pw'])){
$database->UpdateOnline("sitter" ,$_POST['user'],time(),$userid['id']);
}
setcookie("COOKUSR",$_POST['user'],time()+COOKIE_EXPIRE,COOKIE_PATH);
$session->login($_POST['user']);
} else {
$userid = $database->getUserArray($_POST['user'], 0);
// Vacation mode by Shadow
$database->removevacationmode($userid['id']);
// Vacation mode by Shadow
if($database->login($_POST['user'],$_POST['pw'])){
$database->UpdateOnline("login" ,$_POST['user'],time(),$userid['id']);
}else if($database->sitterLogin($_POST['user'],$_POST['pw'])){
$database->UpdateOnline("sitter" ,$_POST['user'],time(),$userid['id']);
}
setcookie("COOKUSR",$_POST['user'],time()+COOKIE_EXPIRE,COOKIE_PATH);
$session->login($_POST['user']);
}
}
GameEngine/Database.php
+3 -2
View File
@@ -29,6 +29,7 @@ class MYSQLi_DB {
}
function escape($value) {
$value = stripslashes($value);
return mysqli_real_escape_string($this->dblink, $value);
}
@@ -38,7 +39,8 @@ class MYSQLi_DB {
$ret = [];
for ($i = 0; $i < $numargs; $i++) {
if (!is_object($arg_list[$i])) {
if (is_string($arg_list[$i])) {
$arg_list[$i] = stripslashes($arg_list[$i]);
$res[] = mysqli_real_escape_string($this->dblink, $arg_list[$i]);
} else {
$res[] = $arg_list[$i];
@@ -268,7 +270,6 @@ class MYSQLi_DB {
function login($username, $password) {
list($username, $password) = $this->escape_input($username, $password);
$q = "SELECT password,sessid FROM " . TB_PREFIX . "users where username = '$username'";
$result = mysqli_query($this->dblink,$q);
$dbarray = mysqli_fetch_array($result);
GameEngine/Session.php
+1 -1
View File
@@ -84,7 +84,7 @@ class Session {
global $database, $generator, $logging;
$this->logged_in = true;
$_SESSION['sessid'] = $generator->generateRandID();
$_SESSION['username'] = $database->escape($user);
$_SESSION['username'] = $user;
$_SESSION['checker'] = $generator->generateRandStr(3);
$_SESSION['mchecker'] = $generator->generateRandStr(5);
$_SESSION['qst'] = $database->getUserField($_SESSION['username'], "quest", 1);