mirror of
https://github.com/Shadowss/TravianZ.git
synced 2026-07-07 21:34:22 +00:00
fix: super-strange id + 0 query that totally prevents the use of indexes
This commit is contained in:
@@ -45,7 +45,7 @@ for($i=1;$i<=$amt;$i++) {
|
||||
$text = preg_replace("'%TEKST%'",PLAN_INFO ,$text);
|
||||
fwrite($fh, $text);
|
||||
|
||||
$query="SELECT * FROM ".TB_PREFIX."users ORDER BY id + 0 DESC";
|
||||
$query="SELECT * FROM ".TB_PREFIX."users ORDER BY id DESC";
|
||||
$result=mysqli_query($GLOBALS["link"], $query) or die (mysqli_error($database->dblink));
|
||||
for ($i=0; $row=mysqli_fetch_row($result); $i++) {
|
||||
$updateattquery = mysqli_query($GLOBALS["link"], "UPDATE ".TB_PREFIX."users SET ok = '1' WHERE id = '".$row[0]."'")
|
||||
|
||||
@@ -335,7 +335,7 @@ class Message {
|
||||
|
||||
// Vulnerability closed by Shadow
|
||||
|
||||
$q = "SELECT * FROM ".TB_PREFIX."mdata WHERE owner='".$session->uid."' AND time > ".time()." - 60";
|
||||
$q = "SELECT * FROM ".TB_PREFIX."mdata WHERE owner='".$session->uid."' AND time > ".(time() - 60);
|
||||
$res = mysqli_query($GLOBALS['link'],$q) or die(mysqli_error($database->dblink). " query ".$q);
|
||||
$flood = mysqli_num_rows($res);
|
||||
if($flood > 5)
|
||||
@@ -425,7 +425,7 @@ class Message {
|
||||
// Vulnerability closed by Shadow
|
||||
|
||||
if ($security_check) {
|
||||
$q = "SELECT * FROM ".TB_PREFIX."mdata WHERE owner='".$session->uid."' AND time > ".time()." - 60";
|
||||
$q = "SELECT * FROM ".TB_PREFIX."mdata WHERE owner='".$session->uid."' AND time > ".time() - 60;
|
||||
$res = mysqli_query($GLOBALS['link'],$q) or die(mysqli_error($database->dblink). " query ".$q);
|
||||
$flood = mysqli_num_rows($res);
|
||||
if($flood > 5)
|
||||
|
||||
Reference in New Issue
Block a user