General fixes

+Fixed an exploit that permitted to starts other players' farm lists
+Fixed an exploit that permitted to save our raids to other players'
farm lists
+Fixed an exploit that permitted to edit other players' farm lists
+Fixed a rounding upkeep bug
+Moved the whole startRaid.tpl to a new method in Units.php
+A lot of clean-up
+Improoved indentation
+In the raid list, the "carry" image will now show to the left of an
attack
+Fixed a bug that displayed the wrong loot to returning troops released
by traps
+General minor bug fixing and improovements
-Deleted a lot of redundant code
This commit is contained in:
iopietro
2018-05-04 22:12:18 +02:00
parent 49bc3c5073
commit cf74514451
17 changed files with 762 additions and 1274 deletions
+100 -6
View File
@@ -40,11 +40,7 @@ class Units {
return $post;
}
break;
case "8":
$this->sendTroopsBack($post);
break;
case "3":
if (isset($post['a']) && $post['a'] == 533374 && empty($post['disabled'])) $this->sendTroops($post);
else{
@@ -67,6 +63,10 @@ class Units {
$post = $this->loadUnits($post);
return $post;
}
case "8":
$this->sendTroopsBack($post);
break;
}
}
}
@@ -77,7 +77,7 @@ class Units {
// Coordinates and look confirm name people
if(isset($post['x']) && isset($post['y']) && !empty($post['x']) && !empty($post['y'])) {
$vid = $database->getVilWref($post['x'], $post['y']);
unset($post['dname'], $_POST['dname']);
unset($post['dname'], $post['dname']);
}else if(isset($post['dname']) && !empty($post['dname'])){
$vid = $database->getVillageByName(stripslashes($post['dname']));
}
@@ -774,6 +774,100 @@ class Units {
return $generator->procDistanceTime($fromCor, $toCor, min($speeds), $mode);
}
public function startRaidList($post){
global $database, $generator, $session;
$slots = $post['slot'];
$lid = $post['lid'];
$tribe = $session->tribe;
$getFLData = $database->getFLData($lid);
if($getFLData['owner'] != $session->uid) {
header("Location: build.php?id=39&t=99");
exit();
}
$sql = "SELECT id, towref, t1, t2, t3, t4, t5, t6, t7, t8, t9, t10 FROM " . TB_PREFIX . "raidlist WHERE lid = ".$database->escape((int)$lid)." order by id asc";
$array = $database->query_return($sql);
foreach($array as $row){
$sql1 = mysqli_fetch_array(mysqli_query($database->dblink, "SELECT * FROM " . TB_PREFIX . "units WHERE vref = ".(int)$getFLData['wref']));
$sid = $row['id'];
$wref = $row['towref'];
for($i = 1; $i <= 10; $i++) ${'t'.$i} = $row['t'.$i];
$t11 = 0;
$villageOwner = $database->getVillageField($wref, 'owner');
$userAccess = $database->getUserField($villageOwner, 'access', 0);
$userID = $database->getUserField($villageOwner, 'id', 0);
if($userAccess != 0 && !($userAccess == MULTIHUNTER && $userID == 5) && ($userAccess != ADMIN || (ADMIN_ALLOW_INCOMING_RAIDS && $userAccess == ADMIN))){
if($tribe == 1){
$uname = "u";
$uname1 = "u1";
$uname2 = "";
}elseif($tribe == 2){
$uname = "u1";
$uname1 = "u2";
$uname2 = "1";
}elseif($tribe == 3){
$uname = "u2";
$uname1 = "u3";
$uname2 = "2";
}elseif($tribe == 4){
$uname = "u3";
$uname1 = "u4";
$uname2 = "3";
}else{
$uname = "u4";
$uname1 = "u5";
$uname2 = "4";
}
if($sql1[$uname.'1'] >= $t1 && $sql1[$uname.'2'] >= $t2 && $sql1[$uname.'3'] >= $t3 && $sql1[$uname.'4'] >= $t4 && $sql1[$uname.'5'] >= $t5 && $sql1[$uname.'6'] >= $t6 && $sql1[$uname.'7'] >= $t7 && $sql1[$uname.'8'] >= $t8 && $sql1[$uname.'9'] >= $t9 && $sql1[$uname1.'0'] >= $t10 && $sql1['hero'] >= $t11){
if($post['slot'.$sid] == 'on'){
$ckey = $generator->generateRandStr(6);
$time_now = time();
$id = $database->addA2b($ckey, $time_now, $wref, $t1, $t2, $t3, $t4, $t5, $t6, $t7, $t8, $t9, $t10, $t11, 4);
$data = $database->getA2b($ckey, $time_now);
$troopsTime = $this->getWalkingTroopsTime($getFLData['wref'], $data['to_vid'], $session->uid, $session->tribe, $data, 1, 'u');
$time = $database->getArtifactsValueInfluence($getFLData['owner'], $getFLData['wref'], 2, $troopsTime);
$ctar1 = $ctar2 = 0;
$abdata = $database->getABTech($getFLData['wref']);
$reference = $database->addAttack(($getFLData['wref']), $data['u1'], $data['u2'], $data['u3'], $data['u4'], $data['u5'], $data['u6'], $data['u7'], $data['u8'], $data['u9'], $data['u10'], $data['u11'], $data['type'], $ctar1, $ctar2, 0, $abdata['b1'], $abdata['b2'], $abdata['b3'], $abdata['b4'], $abdata['b5'], $abdata['b6'], $abdata['b7'], $abdata['b8']);
$troops = [];
$amounts = [];
$modes = [];
for($u = 1; $u <= 10; $u++){
if($tribe == 1) $unitKey = $uname2 . $u;
else $unitKey = $uname2.($u < 10 ? $u : 0);
$troops[] = $unitKey;
$amounts[] = $data['u'.$u];
$modes[] = 0;
}
$troops[] = 'hero';
$amounts[] = $data['u11'];
$modes[] = 0;
$database->modifyUnit($getFLData['wref'], $troops, $amounts, $modes);
$database->addMovement(3, $getFLData['wref'], $data['to_vid'], $reference, time(), ($time + time()));
// prevent re-use of the same attack via re-POSTing the same data
$database->remA2b($id);
}
}
}
}
header("Location: build.php?id=39&t=99");
exit();
}
};
$units = new Units;