xinyin025/TravianZ
1
0
Fork 0
mirror of https://github.com/Shadowss/TravianZ.git synced 2026-06-28 00:24:23 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: super-strange id + 0 query that totally prevents the use of indexes

Browse Source
This commit is contained in:
Martin Ambrus
2017-10-24 09:55:18 +02:00
parent d12be30634
commit aab1010906
4 changed files with 6 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files
sysmsg.php
+2 -2
View File
@@ -14,7 +14,7 @@ $max_per_pass = 1000;
if (mysqli_num_rows(mysqli_query($GLOBALS['link'],"SELECT id FROM ".TB_PREFIX."users WHERE access = 9 AND id = ".$session->uid)) != '1') die("Hacking attempt!");
if(isset($_GET['del'])){
$query="SELECT * FROM ".TB_PREFIX."users ORDER BY id + 0 DESC";
$query="SELECT * FROM ".TB_PREFIX."users ORDER BY id DESC";
$result=mysqli_query($GLOBALS['link'],$query) or die (mysqli_error($database->dblink));
for ($i=0; $row=mysqli_fetch_row($result); $i++) {
$updateattquery = mysqli_query($GLOBALS['link'],"UPDATE ".TB_PREFIX."users SET ok = '0' WHERE id = '".$row[0]."'")
@@ -46,7 +46,7 @@ if (@isset($_POST['confirm']))
// $text = utf8_encode($text);
fwrite($fh, $text);
$query="SELECT * FROM ".TB_PREFIX."users ORDER BY id + 0 DESC";
$query="SELECT * FROM ".TB_PREFIX."users ORDER BY id DESC";
$result=mysqli_query($GLOBALS['link'],$query) or die (mysqli_error($database->dblink));
for ($i=0; $row=mysqli_fetch_row($result); $i++) {
$updateattquery = mysqli_query($GLOBALS['link'],"UPDATE ".TB_PREFIX."users SET ok = '1' WHERE id = '".$row[0]."'")