mirror of
https://github.com/Shadowss/TravianZ.git
synced 2026-07-13 08:06:06 +00:00
Fix CVE-2023-36995
This commit is contained in:
@@ -82,6 +82,7 @@ class adm_DB {
|
||||
$bcrypted = false;
|
||||
}
|
||||
|
||||
$username = htmlspecialchars($username);
|
||||
if($pwOk) {
|
||||
// update password to bcrypt, if correct
|
||||
if (!$dbarray['is_bcrypt'] && !$bcrypted) {
|
||||
|
||||
@@ -3109,6 +3109,8 @@ class MYSQLi_DB implements IDbConnection {
|
||||
*****************************************/
|
||||
function createAlliance($tag, $name, $uid, $max) {
|
||||
list($tag, $name, $uid, $max) = $this->escape_input($tag, $name, (int) $uid, (int) $max);
|
||||
$tag = $this->RemoveXSS($tag);
|
||||
$name = $this->RemoveXSS($name);
|
||||
|
||||
$q = "INSERT into " . TB_PREFIX . "alidata values (0,'$name','$tag',$uid,0,0,0,'','',$max,0,0,0,0,0,0,0,0,0)";
|
||||
mysqli_query($this->dblink,$q);
|
||||
|
||||
@@ -163,7 +163,7 @@
|
||||
private function getStart($search) {
|
||||
$multiplier = 1;
|
||||
if(!is_numeric($search)) {
|
||||
$_SESSION['search'] = $search;
|
||||
$_SESSION['search'] = htmlspecialchars($search);
|
||||
} else {
|
||||
if($search > count($this->rankarray)) {
|
||||
$search = count($this->rankarray) - 1;
|
||||
@@ -172,8 +172,8 @@
|
||||
$multiplier += 1;
|
||||
}
|
||||
$start = 20 * $multiplier - 19 - 1;
|
||||
$_SESSION['search'] = $search;
|
||||
$_SESSION['start'] = $start;
|
||||
$_SESSION['search'] = htmlspecialchars($search);
|
||||
$_SESSION['start'] = htmlspecialchars($start);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user