mirror of
https://github.com/Shadowss/TravianZ.git
synced 2026-07-16 01:26:07 +00:00
@@ -30,6 +30,7 @@
|
|||||||
</style>
|
</style>
|
||||||
|
|
||||||
<form action="../GameEngine/Admin/Mods/mainteneceCleanBanData.php" method="POST" onsubmit="return confirm('TRUNCATE banlist? This cannot be undone!')">
|
<form action="../GameEngine/Admin/Mods/mainteneceCleanBanData.php" method="POST" onsubmit="return confirm('TRUNCATE banlist? This cannot be undone!')">
|
||||||
|
<?php echo csrf_field(); ?>
|
||||||
<input type="hidden" name="admid" value="<?=$_SESSION['id']?>">
|
<input type="hidden" name="admid" value="<?=$_SESSION['id']?>">
|
||||||
<div class="clean-card">
|
<div class="clean-card">
|
||||||
<div class="clean-head">Clear – Banlist - Data</div>
|
<div class="clean-head">Clear – Banlist - Data</div>
|
||||||
|
|||||||
@@ -78,6 +78,7 @@ if(isset($_GET['uid']) && (int)$_GET['uid'] > 0) {
|
|||||||
</div>
|
</div>
|
||||||
|
|
||||||
<form action="../GameEngine/Admin/Mods/delUser.php" method="post" onsubmit="return confirm('ESTI SIGUR? Se va sterge tot: sate, trupe, rapoarte!')">
|
<form action="../GameEngine/Admin/Mods/delUser.php" method="post" onsubmit="return confirm('ESTI SIGUR? Se va sterge tot: sate, trupe, rapoarte!')">
|
||||||
|
<?php echo csrf_field(); ?>
|
||||||
<input type="hidden" name="uid" value="<?php echo $target['id']; ?>">
|
<input type="hidden" name="uid" value="<?php echo $target['id']; ?>">
|
||||||
<input type="hidden" name="admid" value="<?php echo $_SESSION['id']; ?>">
|
<input type="hidden" name="admid" value="<?php echo $_SESSION['id']; ?>">
|
||||||
|
|
||||||
|
|||||||
@@ -55,6 +55,7 @@ if($_SESSION['access'] < ADMIN) die("Access Denied: You are not Admin!");
|
|||||||
</div>
|
</div>
|
||||||
|
|
||||||
<form action="../GameEngine/Admin/Mods/mainteneceResetGold.php" method="POST" class="resetgold-form" onsubmit="return confirm('Are you SURE you want to reset gold to ALL players?');">
|
<form action="../GameEngine/Admin/Mods/mainteneceResetGold.php" method="POST" class="resetgold-form" onsubmit="return confirm('Are you SURE you want to reset gold to ALL players?');">
|
||||||
|
<?php echo csrf_field(); ?>
|
||||||
<input type="hidden" name="admid" value="<?php echo $_SESSION['id']; ?>">
|
<input type="hidden" name="admid" value="<?php echo $_SESSION['id']; ?>">
|
||||||
<button type="submit">
|
<button type="submit">
|
||||||
<svg width="18" height="18" viewBox="0 0 24 24" fill="none"><path d="M3 6h18M8 6V4h8v2m-1 0v14a2 2 0 0 1-2 2H9a2 2 0 0 1-2-2V6h10z" stroke="#fff" stroke-width="2" stroke-linecap="round"/></svg>
|
<svg width="18" height="18" viewBox="0 0 24 24" fill="none"><path d="M3 6h18M8 6V4h8v2m-1 0v14a2 2 0 0 1-2 2H9a2 2 0 0 1-2-2V6h10z" stroke="#fff" stroke-width="2" stroke-linecap="round"/></svg>
|
||||||
|
|||||||
@@ -55,6 +55,7 @@ if($_SESSION['access'] < ADMIN) die("Access Denied: You are not Admin!");
|
|||||||
</div>
|
</div>
|
||||||
|
|
||||||
<form action="../GameEngine/Admin/Mods/mainteneceResetPlus.php" method="POST" class="resetplus-form" onsubmit="return confirm('Are you SURE you want to reset the Plus to ALL players?');">
|
<form action="../GameEngine/Admin/Mods/mainteneceResetPlus.php" method="POST" class="resetplus-form" onsubmit="return confirm('Are you SURE you want to reset the Plus to ALL players?');">
|
||||||
|
<?php echo csrf_field(); ?>
|
||||||
<input type="hidden" name="admid" value="<?php echo $_SESSION['id']; ?>">
|
<input type="hidden" name="admid" value="<?php echo $_SESSION['id']; ?>">
|
||||||
<button type="submit">
|
<button type="submit">
|
||||||
<svg width="18" height="18" viewBox="0 0 24 24" fill="none"><path d="M3 6h18M8 6V4h8v2m-1 0v14a2 2 0 0 1-2 2H9a2 2 0 0 1-2-2V6h10z" stroke="#fff" stroke-width="2" stroke-linecap="round"/></svg>
|
<svg width="18" height="18" viewBox="0 0 24 24" fill="none"><path d="M3 6h18M8 6V4h8v2m-1 0v14a2 2 0 0 1-2 2H9a2 2 0 0 1-2-2V6h10z" stroke="#fff" stroke-width="2" stroke-linecap="round"/></svg>
|
||||||
|
|||||||
@@ -67,6 +67,7 @@ if($_SESSION['access'] < ADMIN) die("Access Denied: You are not Admin!");
|
|||||||
</div>
|
</div>
|
||||||
|
|
||||||
<form action="../GameEngine/Admin/Mods/mainteneceResetPlusBonus.php" method="POST" class="resetres-form" onsubmit="return confirm('Are you SURE you want to reset resource bonuses?');">
|
<form action="../GameEngine/Admin/Mods/mainteneceResetPlusBonus.php" method="POST" class="resetres-form" onsubmit="return confirm('Are you SURE you want to reset resource bonuses?');">
|
||||||
|
<?php echo csrf_field(); ?>
|
||||||
<input type="hidden" name="admid" value="<?php echo $_SESSION['id']; ?>">
|
<input type="hidden" name="admid" value="<?php echo $_SESSION['id']; ?>">
|
||||||
<button type="submit">
|
<button type="submit">
|
||||||
<svg width="18" height="18" viewBox="0 0 24 24" fill="none"><path d="M3 6h18M8 6V4h8v2m-1 0v14a2 2 0 0 1-2 2H9a2 2 0 0 1-2-2V6h10z" stroke="#fff" stroke-width="2" stroke-linecap="round"/></svg>
|
<svg width="18" height="18" viewBox="0 0 24 24" fill="none"><path d="M3 6h18M8 6V4h8v2m-1 0v14a2 2 0 0 1-2 2H9a2 2 0 0 1-2-2V6h10z" stroke="#fff" stroke-width="2" stroke-linecap="round"/></svg>
|
||||||
|
|||||||
@@ -10,6 +10,12 @@
|
|||||||
#################################################################################
|
#################################################################################
|
||||||
if (!isset($_SESSION)) session_start();
|
if (!isset($_SESSION)) session_start();
|
||||||
if($_SESSION['access'] < 9) die("Access Denied: You are not Admin!");
|
if($_SESSION['access'] < 9) die("Access Denied: You are not Admin!");
|
||||||
|
|
||||||
|
// Issue #139: this Mod is POSTed to directly, so it must verify the CSRF token
|
||||||
|
// itself (it does not go through admin.php's central csrf_verify()).
|
||||||
|
require_once(__DIR__ . '/../csrf.php');
|
||||||
|
csrf_verify();
|
||||||
|
|
||||||
include_once("../../config.php");
|
include_once("../../config.php");
|
||||||
|
|
||||||
// go max 5 levels up - we don't have folders that go deeper than that
|
// go max 5 levels up - we don't have folders that go deeper than that
|
||||||
|
|||||||
@@ -14,6 +14,11 @@ if (empty($_SESSION['access']) || $_SESSION['access'] < 9) {
|
|||||||
die("Access Denied: You are not Admin!");
|
die("Access Denied: You are not Admin!");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Issue #139: this Mod is POSTed to directly, so it must verify the CSRF token
|
||||||
|
// itself (it does not go through admin.php's central csrf_verify()).
|
||||||
|
require_once(__DIR__ . '/../csrf.php');
|
||||||
|
csrf_verify();
|
||||||
|
|
||||||
include_once("../../config.php");
|
include_once("../../config.php");
|
||||||
|
|
||||||
// ---------------------------------------------------------------------------
|
// ---------------------------------------------------------------------------
|
||||||
|
|||||||
@@ -17,6 +17,11 @@ if (empty($_SESSION['access']) || $_SESSION['access'] < 9) {
|
|||||||
die("Access Denied: You are not Admin!");
|
die("Access Denied: You are not Admin!");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Issue #139: this Mod is POSTed to directly, so it must verify the CSRF token
|
||||||
|
// itself (it does not go through admin.php's central csrf_verify()).
|
||||||
|
require_once(__DIR__ . '/../csrf.php');
|
||||||
|
csrf_verify();
|
||||||
|
|
||||||
include_once("../../config.php");
|
include_once("../../config.php");
|
||||||
|
|
||||||
// ---------------------------------------------------------------------------
|
// ---------------------------------------------------------------------------
|
||||||
|
|||||||
@@ -17,6 +17,11 @@ if (empty($_SESSION['access']) || $_SESSION['access'] < 9) {
|
|||||||
die("Access Denied: You are not Admin!");
|
die("Access Denied: You are not Admin!");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Issue #139: this Mod is POSTed to directly, so it must verify the CSRF token
|
||||||
|
// itself (it does not go through admin.php's central csrf_verify()).
|
||||||
|
require_once(__DIR__ . '/../csrf.php');
|
||||||
|
csrf_verify();
|
||||||
|
|
||||||
include_once("../../config.php");
|
include_once("../../config.php");
|
||||||
|
|
||||||
// ---------------------------------------------------------------------------
|
// ---------------------------------------------------------------------------
|
||||||
|
|||||||
@@ -16,6 +16,11 @@ if (empty($_SESSION['access']) || $_SESSION['access'] < 9) {
|
|||||||
die("Access Denied: You are not Admin!");
|
die("Access Denied: You are not Admin!");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Issue #139: this Mod is POSTed to directly, so it must verify the CSRF token
|
||||||
|
// itself (it does not go through admin.php's central csrf_verify()).
|
||||||
|
require_once(__DIR__ . '/../csrf.php');
|
||||||
|
csrf_verify();
|
||||||
|
|
||||||
include_once("../../config.php");
|
include_once("../../config.php");
|
||||||
|
|
||||||
// ---------------------------------------------------------------------------
|
// ---------------------------------------------------------------------------
|
||||||
|
|||||||
@@ -17,6 +17,11 @@ if (empty($_SESSION['access']) || $_SESSION['access'] < 9) {
|
|||||||
die("Access Denied: You are not Admin!");
|
die("Access Denied: You are not Admin!");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Issue #139: this Mod is POSTed to directly, so it must verify the CSRF token
|
||||||
|
// itself (it does not go through admin.php's central csrf_verify()).
|
||||||
|
require_once(__DIR__ . '/../csrf.php');
|
||||||
|
csrf_verify();
|
||||||
|
|
||||||
include_once("../../config.php");
|
include_once("../../config.php");
|
||||||
|
|
||||||
// ---------------------------------------------------------------------------
|
// ---------------------------------------------------------------------------
|
||||||
|
|||||||
@@ -17,6 +17,11 @@ if (empty($_SESSION['access']) || $_SESSION['access'] < 9) {
|
|||||||
die("Access Denied: You are not Admin!");
|
die("Access Denied: You are not Admin!");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Issue #139: this Mod is POSTed to directly, so it must verify the CSRF token
|
||||||
|
// itself (it does not go through admin.php's central csrf_verify()).
|
||||||
|
require_once(__DIR__ . '/../csrf.php');
|
||||||
|
csrf_verify();
|
||||||
|
|
||||||
include_once("../../config.php");
|
include_once("../../config.php");
|
||||||
|
|
||||||
// ---------------------------------------------------------------------------
|
// ---------------------------------------------------------------------------
|
||||||
|
|||||||
@@ -17,6 +17,11 @@ if (empty($_SESSION['access']) || $_SESSION['access'] < 9) {
|
|||||||
die("Access Denied: You are not Admin!");
|
die("Access Denied: You are not Admin!");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Issue #139: this Mod is POSTed to directly, so it must verify the CSRF token
|
||||||
|
// itself (it does not go through admin.php's central csrf_verify()).
|
||||||
|
require_once(__DIR__ . '/../csrf.php');
|
||||||
|
csrf_verify();
|
||||||
|
|
||||||
include_once("../../config.php");
|
include_once("../../config.php");
|
||||||
|
|
||||||
// ---------------------------------------------------------------------------
|
// ---------------------------------------------------------------------------
|
||||||
|
|||||||
@@ -17,6 +17,11 @@ if (empty($_SESSION['access']) || $_SESSION['access'] < 9) {
|
|||||||
die("Access Denied: You are not Admin!");
|
die("Access Denied: You are not Admin!");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Issue #139: this Mod is POSTed to directly, so it must verify the CSRF token
|
||||||
|
// itself (it does not go through admin.php's central csrf_verify()).
|
||||||
|
require_once(__DIR__ . '/../csrf.php');
|
||||||
|
csrf_verify();
|
||||||
|
|
||||||
include_once("../../config.php");
|
include_once("../../config.php");
|
||||||
|
|
||||||
// ---------------------------------------------------------------------------
|
// ---------------------------------------------------------------------------
|
||||||
|
|||||||
@@ -17,6 +17,11 @@ if (empty($_SESSION['access']) || $_SESSION['access'] < 9) {
|
|||||||
die("Access Denied: You are not Admin!");
|
die("Access Denied: You are not Admin!");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
// Issue #139: this Mod is POSTed to directly, so it must verify the CSRF token
|
||||||
|
// itself (it does not go through admin.php's central csrf_verify()).
|
||||||
|
require_once(__DIR__ . '/../csrf.php');
|
||||||
|
csrf_verify();
|
||||||
|
|
||||||
include_once("../../config.php");
|
include_once("../../config.php");
|
||||||
|
|
||||||
// ---------------------------------------------------------------------------
|
// ---------------------------------------------------------------------------
|
||||||
|
|||||||
Reference in New Issue
Block a user