This commit is contained in:
unknown
2012-07-14 11:13:03 +03:00
parent e108c061c2
commit a24a9f00e9
7 changed files with 12 additions and 13 deletions
+1 -1
View File
@@ -64,7 +64,7 @@
</td>
</tr>
<tr>
<td colspan="2" class="on"><input type="image" src="../img/admin/b/ok1.gif" value="submit"></td>
<td colspan="2" class="on"><input type="image" src="../img/admin/b/ok1.gif" value="submit"></br>Notice: if player have ' in is name, you need to write his ID to ban him.</td>
</tr>
</tbody>
</table>
+1 -1
View File
@@ -45,7 +45,7 @@ class funct {
if(is_numeric($get['uid'])){
$get['uid'] = $get['uid'];
}else{
$get['uid'] = $database->getUserField($get['uid'],'id',1);
$get['uid'] = $database->getUserField(addslashes($get['uid']),'id',1);
}
$admin->AddBan($get['uid'],$end,$get['reason']);
+3 -3
View File
@@ -224,7 +224,7 @@ class adm_DB {
function DelBan($uid,$id){
global $database;
$name = $database->getUserField($uid,"username",0);
$name = addslashes($database->getUserField($uid,"username",0));
mysql_query("Insert into ".TB_PREFIX."admin_log values (0,".$_SESSION['id'].",'Unbanned user <a href=\'admin.php?p=player&uid=$uid\'>$name</a>',".time().")");
$q = "UPDATE ".TB_PREFIX."users SET `access` = '".USER."' WHERE `id` = $uid;";
mysql_query($q, $this->connection);
@@ -234,13 +234,13 @@ class adm_DB {
function AddBan($uid,$end,$reason){
global $database;
$name = $database->getUserField($uid,"username",0);
$name = addslashes($database->getUserField($uid,"username",0));
mysql_query("Insert into ".TB_PREFIX."admin_log values (0,".$_SESSION['id'].",'Banned user <a href=\'admin.php?p=player&uid=$uid\'>$name</a>',".time().")");
$q = "UPDATE ".TB_PREFIX."users SET `access` = '0' WHERE `id` = $uid;";
mysql_query($q, $this->connection);
$time = time();
$admin = $_SESSION['id']; //$database->getUserField($_SESSION['username'],'id',1);
$name = $database->getUserField($uid,'username',0);
$name = addslashes($database->getUserField($uid,'username',0));
$q = "INSERT INTO ".TB_PREFIX."banlist (`uid`, `name`, `reason`, `time`, `end`, `admin`, `active`) VALUES ($uid, '$name' , '$reason', '$time', '$end', '$admin', '1');";
mysql_query($q, $this->connection);
}
+2 -3
View File
@@ -42,11 +42,10 @@ class funct {
case addBan:
if($get['time']){$end = time()+$get['time']; }else{$end = '';}
if(preg_match("/^[0-9]+$/",$get['uid'])){
//if(eregi("^[0-9]*+$",$get['uid'])){
if(is_numeric($get['uid'])){
$get['uid'] = $get['uid'];
}else{
$get['uid'] = $database->getUserField($get['uid'],'id',1);
$get['uid'] = $database->getUserField(addslashes($get['uid']),'id',1);
}
$admin->AddBan($get['uid'],$end,$get['reason']);
+1 -1
View File
@@ -3260,7 +3260,7 @@ $crannyimg = "<img src=\"".GP_LOCATE."img/g/g23.gif\" height=\"20\" width=\"15\"
global $database,$session,$village;
if($vid==0) { $vid=$village->wid; }
$buildarray = array();
$buildarray = $database->getResourceLevel($vid);
if($vid!=0){ $buildarray = $database->getResourceLevel($vid); }
$upkeep = 0;
switch($type) {
case 0:
+1 -1
View File
@@ -2408,7 +2408,7 @@ class MYSQL_DB {
$each *= 3;
$each = round($each);
}
$foolartefact = $database->getFoolArtefactInfo(5,$vid,$uid);
$foolartefact = $this->getFoolArtefactInfo(5,$vid,$uid);
if(count($foolartefact) > 0){
foreach($foolartefact as $arte){
if($arte['bad_effect'] == 1){
+3 -3
View File
@@ -241,11 +241,11 @@ Element.implement({
<tbody>
<tr class="top">
<th><?php echo NAME; ?></th>
<td><input class="text" type="text" name="user" value="<?php echo stripslashes($form->getDiff("user",$_COOKIE['COOKUSR'])); ?>" maxlength="15" autocomplete='off' /> <span class="error"> <?php echo $form->getError("user"); ?></span></td>
<td><input class="text" type="text" name="user" value="<?php echo stripslashes(stripslashes(stripslashes($form->getDiff("user",$_COOKIE['COOKUSR'])))); ?>" maxlength="15" autocomplete='off' /> <span class="error"> <?php echo $form->getError("user"); ?></span></td>
</tr>
<tr class="btm">
<th><?php echo PASSWORD; ?></th>
<td><input class="text" type="password" name="pw" value="<?php echo stripslashes($form->getValue("pw"));?>" maxlength="20" autocomplete='off' /> <span class="error"><?php echo $form->getError("pw"); ?></span></td>
<td><input class="text" type="password" name="pw" value="<?php echo $form->getValue("pw");?>" maxlength="20" autocomplete='off' /> <span class="error"><?php echo $form->getError("pw"); ?></span></td>
</tr>
</tbody>
</table>
@@ -289,7 +289,7 @@ Element.implement({
<tbody>
<tr class="top">
<th><?php echo NAME; ?></th>
<td><input class="text" type="text" name="user" value="<?php echo stripslashes($form->getDiff("user",$_COOKIE['COOKUSR'])); ?>" maxlength="15" autocomplete='off' /> <span class="error"> <?php echo $form->getError("user"); ?></span></td>
<td><input class="text" type="text" name="user" value="<?php echo stripslashes(stripslashes(stripslashes($form->getDiff("user",$_COOKIE['COOKUSR'])))); ?>" maxlength="15" autocomplete='off' /> <span class="error"> <?php echo $form->getError("user"); ?></span></td>
</tr>
<tr class="btm">
<th><?php echo PASSWORD; ?></th>