From a24a9f00e98612483b71bff3cf8e352fa3a23b7e Mon Sep 17 00:00:00 2001 From: unknown Date: Sat, 14 Jul 2012 11:13:03 +0300 Subject: [PATCH] update --- Admin/Templates/ban.tpl | 2 +- Admin/function.php | 2 +- GameEngine/Admin/database.php | 6 +++--- GameEngine/Admin/function.php | 5 ++--- GameEngine/Automation.php | 2 +- GameEngine/Database/db_MYSQL.php | 2 +- login.php | 6 +++--- 7 files changed, 12 insertions(+), 13 deletions(-) diff --git a/Admin/Templates/ban.tpl b/Admin/Templates/ban.tpl index 8e880938..8f1eb6a1 100644 --- a/Admin/Templates/ban.tpl +++ b/Admin/Templates/ban.tpl @@ -64,7 +64,7 @@ - +
Notice: if player have ' in is name, you need to write his ID to ban him. diff --git a/Admin/function.php b/Admin/function.php index 3ea01c4c..c15a3f50 100644 --- a/Admin/function.php +++ b/Admin/function.php @@ -45,7 +45,7 @@ class funct { if(is_numeric($get['uid'])){ $get['uid'] = $get['uid']; }else{ - $get['uid'] = $database->getUserField($get['uid'],'id',1); + $get['uid'] = $database->getUserField(addslashes($get['uid']),'id',1); } $admin->AddBan($get['uid'],$end,$get['reason']); diff --git a/GameEngine/Admin/database.php b/GameEngine/Admin/database.php index d73086ee..47d6ee75 100644 --- a/GameEngine/Admin/database.php +++ b/GameEngine/Admin/database.php @@ -224,7 +224,7 @@ class adm_DB { function DelBan($uid,$id){ global $database; - $name = $database->getUserField($uid,"username",0); + $name = addslashes($database->getUserField($uid,"username",0)); mysql_query("Insert into ".TB_PREFIX."admin_log values (0,".$_SESSION['id'].",'Unbanned user $name',".time().")"); $q = "UPDATE ".TB_PREFIX."users SET `access` = '".USER."' WHERE `id` = $uid;"; mysql_query($q, $this->connection); @@ -234,13 +234,13 @@ class adm_DB { function AddBan($uid,$end,$reason){ global $database; - $name = $database->getUserField($uid,"username",0); + $name = addslashes($database->getUserField($uid,"username",0)); mysql_query("Insert into ".TB_PREFIX."admin_log values (0,".$_SESSION['id'].",'Banned user $name',".time().")"); $q = "UPDATE ".TB_PREFIX."users SET `access` = '0' WHERE `id` = $uid;"; mysql_query($q, $this->connection); $time = time(); $admin = $_SESSION['id']; //$database->getUserField($_SESSION['username'],'id',1); - $name = $database->getUserField($uid,'username',0); + $name = addslashes($database->getUserField($uid,'username',0)); $q = "INSERT INTO ".TB_PREFIX."banlist (`uid`, `name`, `reason`, `time`, `end`, `admin`, `active`) VALUES ($uid, '$name' , '$reason', '$time', '$end', '$admin', '1');"; mysql_query($q, $this->connection); } diff --git a/GameEngine/Admin/function.php b/GameEngine/Admin/function.php index 3d551176..c15a3f50 100644 --- a/GameEngine/Admin/function.php +++ b/GameEngine/Admin/function.php @@ -42,11 +42,10 @@ class funct { case addBan: if($get['time']){$end = time()+$get['time']; }else{$end = '';} - if(preg_match("/^[0-9]+$/",$get['uid'])){ - //if(eregi("^[0-9]*+$",$get['uid'])){ + if(is_numeric($get['uid'])){ $get['uid'] = $get['uid']; }else{ - $get['uid'] = $database->getUserField($get['uid'],'id',1); + $get['uid'] = $database->getUserField(addslashes($get['uid']),'id',1); } $admin->AddBan($get['uid'],$end,$get['reason']); diff --git a/GameEngine/Automation.php b/GameEngine/Automation.php index d73fe3d3..621a6047 100644 --- a/GameEngine/Automation.php +++ b/GameEngine/Automation.php @@ -3260,7 +3260,7 @@ $crannyimg = "wid; } $buildarray = array(); - $buildarray = $database->getResourceLevel($vid); + if($vid!=0){ $buildarray = $database->getResourceLevel($vid); } $upkeep = 0; switch($type) { case 0: diff --git a/GameEngine/Database/db_MYSQL.php b/GameEngine/Database/db_MYSQL.php index a4d4a809..0781fc77 100644 --- a/GameEngine/Database/db_MYSQL.php +++ b/GameEngine/Database/db_MYSQL.php @@ -2408,7 +2408,7 @@ class MYSQL_DB { $each *= 3; $each = round($each); } - $foolartefact = $database->getFoolArtefactInfo(5,$vid,$uid); + $foolartefact = $this->getFoolArtefactInfo(5,$vid,$uid); if(count($foolartefact) > 0){ foreach($foolartefact as $arte){ if($arte['bad_effect'] == 1){ diff --git a/login.php b/login.php index bf3f4a9d..98947f26 100644 --- a/login.php +++ b/login.php @@ -241,11 +241,11 @@ Element.implement({ - " maxlength="15" autocomplete='off' /> getError("user"); ?> + " maxlength="15" autocomplete='off' /> getError("user"); ?> - " maxlength="20" autocomplete='off' /> getError("pw"); ?> + " maxlength="20" autocomplete='off' /> getError("pw"); ?> @@ -289,7 +289,7 @@ Element.implement({ - " maxlength="15" autocomplete='off' /> getError("user"); ?> + " maxlength="15" autocomplete='off' /> getError("user"); ?>