xinyin025/TravianZ
1
0
Fork 0
mirror of https://github.com/Shadowss/TravianZ.git synced 2026-06-28 00:24:23 +00:00
Code Issues Packages Projects Releases Wiki Activity

Some last fix for logs!

Browse Source
This commit is contained in:
novgorodschi catalin
2026-05-28 13:22:27 +03:00
parent 1d1f1dc72a
commit dbe20c49b5
10 changed files with 94 additions and 13 deletions
Download Patch File Download Diff File Expand all files Collapse all files
GameEngine/Admin/Mods/addABTroops.php
+7 -1
View File
@@ -50,7 +50,13 @@ $database->query($q);
* --------------------------------------------------------------------------- */
$adminId = (string)(int)$_SESSION['id'];
$time = time();
$logText = "Changed troop upgrade levels in village <a href='admin.php?p=village&did=$id'>$id</a>";
// FIX: luăm numele satului
$village = $database->getVillage($id); // dacă nu-l ai deja sus, lasă linia asta
$villageName = $village['name'] ?? 'Village';
$villageNameSafe = htmlspecialchars($villageName, ENT_QUOTES, 'UTF-8');
$logText = "Changed troop upgrade levels in village <a href='admin.php?p=village&did=$id'>$villageNameSafe</a>";
// escapăm corect pentru coloana TEXT
$adminIdEsc = $database->escape($adminId);
GameEngine/Admin/Mods/addTroops.php
+6 -1
View File
@@ -57,7 +57,12 @@ $database->query($q);
* --------------------------------------------------------------------------- */
$adminId = (string)(int)$_SESSION['id'];
$time = time();
$logText = "Changed troop amounts in village <a href='admin.php?p=village&did=$id'>$id</a>";
// FIX AICI
$villageName = $village['name'] ?? 'Village';
$villageNameSafe = htmlspecialchars($villageName, ENT_QUOTES, 'UTF-8');
$logText = "Changed troop amounts in village <a href='admin.php?p=village&did=$id'>$villageNameSafe</a>";
$adminIdEsc = $database->escape($adminId);
$logEsc = $database->escape($logText);
GameEngine/Admin/Mods/additional.php
+30 -4
View File
@@ -5,7 +5,7 @@
## --------------------------------------------------------------------------- ##
## Project: TravianZ (Refactor incremental) ##
## File: additional.tpl ##
## Type BACKEND ##
## Type BACKEND ##
## Description: Implement Gold Log ##
## Made by: Shadow ##
## License: TravianZ Project ##
@@ -35,6 +35,7 @@ $dp = (int)($_POST['def']?? 0);
$rr = (int)($_POST['res']?? 0);
$apall = (int)($_POST['ooff']?? 0);
$dpall = (int)($_POST['odef']?? 0);
$vac_mode = (int)($_POST['vac_mode']?? 0);
if($id <= 0) die("Invalid user");
@@ -42,7 +43,7 @@ if($id <= 0) die("Invalid user");
$oldGold = (int)$database->getUserField($id, 'gold', 1);
$diffGold = $newGold - $oldGold;
// --- UPDATE USER (prepared-style, fără escape manual) ---
// --- UPDATE USER ---
$database->query("
UPDATE ".TB_PREFIX."users SET
access = $access,
@@ -55,7 +56,8 @@ $database->query("
dp = $dp,
RR = $rr,
apall = $apall,
dpall = $dpall
dpall = $dpall,
vac_mode = $vac_mode
WHERE id = $id
");
@@ -74,6 +76,30 @@ if($diffGold!== 0){
");
}
// --- LOG ADMIN (cu UID, nu nume) ---
$adminUid = $admid > 0? $admid : (int)($_SESSION['id']?? 0); // FIX AICI
$adminName = $database->getUserField($adminUid, 'username', 0)?: 'Admin';
$playerName = $database->getUserField($id, 'username', 0)?: 'Unknown';
$protectDays = (int)($_POST['protect']?? 0);
$logParts = [];
$logParts[] = "Gold: $oldGold$newGold". ($diffGold!=0? " ($diffGold)" : "");
$logParts[] = "VacMode: $vac_mode";
$logParts[] = "Access: $access";
$logParts[] = "Protect: {$protectDays}d";
$logParts[] = "Sitters: $sit1/$sit2";
$logText = "[$adminName] edited Additional for [$playerName] (UID:$id) - ". implode(' | ', $logParts);
$logText = addslashes($logText);
$now = time();
$database->query("
INSERT INTO ".TB_PREFIX."admin_log
(`user`, `log`, `time`)
VALUES ('$adminUid', '$logText', $now)
");
// --- REDIRECT ---
header("Location:../../../Admin/admin.php?p=player&uid=".$id);
exit;
exit;
?>
GameEngine/Admin/Mods/editOverall.php
+6 -1
View File
@@ -63,7 +63,12 @@ $database->query("UPDATE " . TB_PREFIX . "users SET apall = $off, dpall = $def W
// ---------------------------------------------------------------------------
$adminId = (int)$_SESSION['id'];
$time = time();
$logText = "Changed overall stats for user <a href='admin.php?p=player&uid=$id'>$id</a> (off=$off, def=$def)";
// FIX: username + ID formatat
$targetName = $database->getUserField($id, 'username', 0) ?: 'UID '.$id;
$targetNameSafe = htmlspecialchars($targetName, ENT_QUOTES, 'UTF-8');
$logText = "Changed overall stats for user <a href='admin.php?p=player&uid=$id'>$targetNameSafe</a> (off=$off, def=$def)";
$logEsc = $database->escape($logText);
$database->query(
GameEngine/Admin/Mods/editPassword.php
+6 -1
View File
@@ -68,7 +68,12 @@ $database->query("UPDATE " . TB_PREFIX . "users SET password = '$passEsc' WHERE
// ---------------------------------------------------------------------------
$adminId = (int)$_SESSION['id'];
$time = time();
$logText = "Changed password for user <a href='admin.php?p=player&uid=$id'>$id</a>";
// FIX: luăm username în loc de ID brut
$targetName = $database->getUserField($id, 'username', 0) ?: 'UID '.$id;
$targetNameSafe = htmlspecialchars($targetName, ENT_QUOTES, 'UTF-8');
$logText = "Changed password for user <a href='admin.php?p=player&uid=$id'>$targetNameSafe</a>";
$logEsc = $database->escape($logText);
$database->query(
GameEngine/Admin/Mods/editProtection.php
+7 -1
View File
@@ -64,7 +64,13 @@ $database->query("UPDATE " . TB_PREFIX . "users SET protect = $protection WHERE
// Log admin
// ---------------------------------------------------------------------------
$adminId = (int)$_SESSION['id'];
$logText = "Set protection for user <a href='admin.php?p=player&uid=$id'>$id</a> to $days days";
$time = time(); // asigură-te că $time e definit înainte
// FIX: username + ID formatat
$targetName = $database->getUserField($id, 'username', 0) ?: 'UID '.$id;
$targetNameSafe = htmlspecialchars($targetName, ENT_QUOTES, 'UTF-8');
$logText = "Set protection for user <a href='admin.php?p=player&uid=$id'>$targetNameSafe</a> to $days days";
$logEsc = $database->escape($logText);
$database->query(
GameEngine/Admin/Mods/editResources.php
+7 -1
View File
@@ -80,7 +80,13 @@ $database->query(
// ---------------------------------------------------------------------------
$adminId = (int)$_SESSION['id'];
$time = time();
$logText = "Edited resources for village <a href='admin.php?p=village&did=$id'>$id</a> (w:$wood c:$clay i:$iron cr:$crop)";
// FIX: nume sat + ID formatat
$village = $database->getVillage($id); // dacă nu e deja încărcat sus
$villageName = $village['name'] ?? 'Village';
$villageNameSafe = htmlspecialchars($villageName, ENT_QUOTES, 'UTF-8');
$logText = "Edited resources for village <a href='admin.php?p=village&did=$id'>$villageNameSafe</a> (w:$wood c:$clay i:$iron cr:$crop)";
$logEsc = $database->escape($logText);
$database->query(
GameEngine/Admin/Mods/editSitter.php
+9 -1
View File
@@ -63,7 +63,15 @@ $database->query("UPDATE " . TB_PREFIX . "users SET sit1 = $sit1, sit2 = $sit2 W
// ---------------------------------------------------------------------------
$adminId = (int)$_SESSION['id'];
$time = time();
$logText = "Changed sitters for user <a href='admin.php?p=player&uid=$id'>$id</a> (sit1=$sit1, sit2=$sit2)";
// FIX: username pentru target + sitteri
$targetName = $database->getUserField($id, 'username', 0) ?: 'UID '.$id;
$targetNameSafe = htmlspecialchars($targetName, ENT_QUOTES, 'UTF-8');
$sit1Name = $sit1 > 0 ? ($database->getUserField($sit1, 'username', 0) ?: $sit1) : 'none';
$sit2Name = $sit2 > 0 ? ($database->getUserField($sit2, 'username', 0) ?: $sit2) : 'none';
$logText = "Changed sitters for user <a href='admin.php?p=player&uid=$id'>$targetNameSafe</a> (sit1=$sit1Name, sit2=$sit2Name)";
$logEsc = $database->escape($logText);
$database->query(
GameEngine/Admin/Mods/editUser.php
+6 -1
View File
@@ -80,7 +80,12 @@ $database->query(
// ---------------------------------------------------------------------------
$adminId = (int)$_SESSION['id'];
$time = time();
$logText = "Edited profile for user <a href='admin.php?p=player&uid=$id'>$id</a>";
// FIX: username + ID formatat
$targetName = $database->getUserField($id, 'username', 0) ?: 'UID '.$id;
$targetNameSafe = htmlspecialchars($targetName, ENT_QUOTES, 'UTF-8');
$logText = "Edited profile for user <a href='admin.php?p=player&uid=$id'>$targetNameSafe</a>";
$logEsc = $database->escape($logText);
$database->query(