diff --git a/GameEngine/Database.php b/GameEngine/Database.php index dd05cc6e..dea2e3fd 100755 --- a/GameEngine/Database.php +++ b/GameEngine/Database.php @@ -385,7 +385,7 @@ class MYSQLi_DB implements IDbConnection { function getVilWref($x, $y) { list($x, $y) = $this->escape_input((int) $x, (int) $y); - $q = "SELECT * FROM " . TB_PREFIX . "wdata where x = $x AND y = $y"; + $q = "SELECT id FROM " . TB_PREFIX . "wdata where x = $x AND y = $y"; $result = mysqli_query($this->dblink,$q); $dbarray = mysqli_fetch_array($result); return $dbarray['id']; @@ -395,7 +395,7 @@ class MYSQLi_DB implements IDbConnection { list($user) = $this->escape_input((int) $user); //loop search village user - $query = mysqli_query($this->dblink,"SELECT * FROM ".TB_PREFIX."vdata WHERE owner = ".$user); + $query = mysqli_query($this->dblink,"SELECT wref FROM ".TB_PREFIX."vdata WHERE owner = ".$user); while($villaggi_array = mysqli_fetch_array($query)) //loop structure village @@ -1383,7 +1383,7 @@ class MYSQLi_DB implements IDbConnection { function getVillageType2($wref) { list($wref) = $this->escape_input((int) $wref); - $q = "SELECT * FROM " . TB_PREFIX . "wdata where id = $wref"; + $q = "SELECT oasistype FROM " . TB_PREFIX . "wdata where id = $wref"; $result = mysqli_query($this->dblink,$q); $dbarray = mysqli_fetch_array($result); return $dbarray['oasistype']; @@ -1549,7 +1549,7 @@ class MYSQLi_DB implements IDbConnection { function checkVote($topic, $uid) { list($topic, $uid) = $this->escape_input((int) $topic, $uid); - $q = "SELECT * FROM " . TB_PREFIX . "forum_survey where topic = $topic"; + $q = "SELECT voted FROM " . TB_PREFIX . "forum_survey where topic = $topic"; $result = mysqli_query($this->dblink,$q); $array = mysqli_fetch_array($result); $text = $array['voted']; @@ -1991,7 +1991,7 @@ class MYSQLi_DB implements IDbConnection { function getAllianceDipProfile($aid, $type) { list($aid, $type) = $this->escape_input($aid, $type); - $q = "SELECT * FROM ".TB_PREFIX."diplomacy WHERE alli1 = '$aid' AND type = '$type' AND accepted = '1' OR alli2 = '$aid' AND type = '$type' AND accepted = '1'"; + $q = "SELECT alli1, alli2 FROM ".TB_PREFIX."diplomacy WHERE alli1 = '$aid' AND type = '$type' AND accepted = '1' OR alli2 = '$aid' AND type = '$type' AND accepted = '1'"; $array = $this->query_return($q); $text = ""; @@ -2014,7 +2014,7 @@ class MYSQLi_DB implements IDbConnection { function getAllianceWar($aid) { list($aid) = $this->escape_input($aid); - $q = "SELECT * FROM ".TB_PREFIX."diplomacy WHERE alli1 = '$aid' AND type = '3' OR alli2 = '$aid' AND type = '3' AND accepted = '1'"; + $q = "SELECT alli1, alli2 FROM ".TB_PREFIX."diplomacy WHERE alli1 = '$aid' AND type = '3' OR alli2 = '$aid' AND type = '3' AND accepted = '1'"; $array = $this->query_return($q); $text = ""; @@ -2075,12 +2075,12 @@ class MYSQLi_DB implements IDbConnection { function checkDiplomacyInviteAccept($aid, $type) { list($aid, $type) = $this->escape_input((int) $aid, (int) $type); - $q = "SELECT * FROM " . TB_PREFIX . "diplomacy WHERE alli1 = $aid AND type = $type AND accepted = 1 OR alli2 = $aid AND type = $type AND accepted = 1"; - $result = mysqli_query($this->dblink,$q); + $q = "SELECT Count(*) as Total FROM " . TB_PREFIX . "diplomacy WHERE alli1 = $aid AND type = $type AND accepted = 1 OR alli2 = $aid AND type = $type AND accepted = 1"; + $result = mysqli_fetch_array(mysqli_query($this->dblink,$q), MYSQLI_ASSOC); if($type == 3){ return true; }else{ - if(mysqli_num_rows($result) < 4) { + if($result['Total'] < 4) { return true; } else { return false; @@ -2266,13 +2266,13 @@ class MYSQLi_DB implements IDbConnection { function getFieldDistance($wid) { list($wid) = $this->escape_input((int) $wid); - $q = "SELECT * FROM " . TB_PREFIX . "vdata where owner > 4 and wref != $wid"; + $q = "SELECT wref FROM " . TB_PREFIX . "vdata where owner > 4 and wref != $wid"; $array = $this->query_return($q); $coor = $this->getCoor($wid); $x1 = intval($coor['x']); $y1 = intval($coor['y']); $prevdist = 0; - $q2 = "SELECT * FROM " . TB_PREFIX . "vdata where owner = 4"; + $q2 = "SELECT wref FROM " . TB_PREFIX . "vdata where owner = 4"; $array2 = mysqli_fetch_array(mysqli_query($this->dblink,$q2)); $vill = $array2['wref']; if(mysqli_num_rows(mysqli_query($this->dblink,$q)) > 0){ @@ -2648,7 +2648,7 @@ class MYSQLi_DB implements IDbConnection { function getTradeRouteUid($id) { list($id) = $this->escape_input((int) $id); - $q = "SELECT * FROM " . TB_PREFIX . "route where id = $id"; + $q = "SELECT uid FROM " . TB_PREFIX . "route where id = $id"; $result = mysqli_query($this->dblink,$q) or die(mysqli_error($this->dblink)); $dbarray = mysqli_fetch_array($result); return $dbarray['uid']; @@ -3246,16 +3246,16 @@ class MYSQLi_DB implements IDbConnection { list($wid) = $this->escape_input((int) $wid); $time = time()-1; - $q = "SELECT * FROM " . TB_PREFIX . "bdata where wid = $wid and type = 1 order by master,timestamp ASC"; + $q = "SELECT id, timestamp FROM " . TB_PREFIX . "bdata where wid = $wid and type = 1 order by master,timestamp ASC"; $result = mysqli_query($this->dblink,$q); $dbarray = mysqli_fetch_array($result); $q = "UPDATE ".TB_PREFIX."bdata SET timestamp = $time WHERE id = '".$dbarray['id']."'"; $this->query($q); $tribe = $this->getUserField($this->getVillageField($wid, "owner"), "tribe", 0); if($tribe == 1){ - $q2 = "SELECT * FROM " . TB_PREFIX . "bdata where wid = $wid and loopcon = 1 and field >= 19 order by master,timestamp ASC"; + $q2 = "SELECT id FROM " . TB_PREFIX . "bdata where wid = $wid and loopcon = 1 and field >= 19 order by master,timestamp ASC"; }else{ - $q2 = "SELECT * FROM " . TB_PREFIX . "bdata where wid = $wid and loopcon = 1 order by master,timestamp ASC"; + $q2 = "SELECT id FROM " . TB_PREFIX . "bdata where wid = $wid and loopcon = 1 order by master,timestamp ASC"; } $result2 = mysqli_query($this->dblink,$q2); if(mysqli_num_rows($result2) > 0){ @@ -4932,7 +4932,7 @@ class MYSQLi_DB implements IDbConnection { function getAttackByDate($time) { list($time) = $this->escape_input($time); - $q = "SELECT * FROM " . TB_PREFIX . "general where shown = 1"; + $q = "SELECT time FROM " . TB_PREFIX . "general where shown = 1"; $result = $this->query_return($q); $attack = 0; foreach($result as $general) { @@ -4946,7 +4946,7 @@ class MYSQLi_DB implements IDbConnection { function getAttackCasualties($time) { list($time) = $this->escape_input($time); - $q = "SELECT * FROM " . TB_PREFIX . "general where shown = 1"; + $q = "SELECT casualties FROM " . TB_PREFIX . "general where shown = 1"; $result = $this->query_return($q); $casualties = 0; foreach($result as $general){ @@ -5211,7 +5211,7 @@ References: function FindHeroInVil($wid) { list($wid) = $this->escape_input($wid); - $result = $this->query("SELECT * FROM ".TB_PREFIX."units WHERE hero>0 AND vref='".$wid."'"); + $result = $this->query("SELECT hero FROM ".TB_PREFIX."units WHERE hero>0 AND vref='".$wid."'"); if (!empty($result)) { $dbarray = mysqli_fetch_array($result); if(isset($dbarray['hero'])) { diff --git a/GameEngine/Message.php b/GameEngine/Message.php index 48432759..f13d1a70 100755 --- a/GameEngine/Message.php +++ b/GameEngine/Message.php @@ -219,7 +219,7 @@ class Message { $post = $database->escape($post); for($i = 1; $i <= 10; $i++) { if(isset($post['n' . $i])) { - $message1 = mysqli_query($GLOBALS['link'],"SELECT * FROM " . TB_PREFIX . "mdata where id = ".(int) $post['n' . $i].""); + $message1 = mysqli_query($GLOBALS['link'],"SELECT target, owner FROM " . TB_PREFIX . "mdata where id = ".(int) $post['n' . $i].""); $message = mysqli_fetch_array($message1); if($message['target'] == $session->uid && $message['owner'] == $session->uid){ $database->getMessage($post['n' . $i], 8); diff --git a/GameEngine/Session.php b/GameEngine/Session.php index 24582447..2442b6d0 100755 --- a/GameEngine/Session.php +++ b/GameEngine/Session.php @@ -111,18 +111,18 @@ class Session { if ($dbarray['id'] > 1) { if(!isset($_SESSION['wid'])) { if($selected_village!='') { - $query = mysqli_query($GLOBALS['link'],'SELECT * FROM `' . TB_PREFIX . 'vdata` WHERE `wref` = '.$selected_village); + $query = mysqli_query($GLOBALS['link'],'SELECT wref FROM `' . TB_PREFIX . 'vdata` WHERE `wref` = '.$selected_village); }else{ - $query = mysqli_query($GLOBALS['link'],'SELECT * FROM `' . TB_PREFIX . 'vdata` WHERE `owner` = ' . (int) $database->getUserField($user_sanitized, "id", 1) . ' LIMIT 1'); + $query = mysqli_query($GLOBALS['link'],'SELECT wref FROM `' . TB_PREFIX . 'vdata` WHERE `owner` = ' . (int) $database->getUserField($user_sanitized, "id", 1) . ' LIMIT 1'); } $data = mysqli_fetch_assoc($query); $_SESSION['wid'] = $data['wref']; } else if($_SESSION['wid'] == '') { if($selected_village!='') { - $query = mysqli_query($GLOBALS['link'],'SELECT * FROM `' . TB_PREFIX . 'vdata` WHERE `wref` = '.$selected_village); + $query = mysqli_query($GLOBALS['link'],'SELECT wref FROM `' . TB_PREFIX . 'vdata` WHERE `wref` = '.$selected_village); }else{ - $query = mysqli_query($GLOBALS['link'],'SELECT * FROM `' . TB_PREFIX . 'vdata` WHERE `owner` = ' . (int) $database->getUserField($user_sanitized, "id", 1) . ' LIMIT 1'); + $query = mysqli_query($GLOBALS['link'],'SELECT wref FROM `' . TB_PREFIX . 'vdata` WHERE `owner` = ' . (int) $database->getUserField($user_sanitized, "id", 1) . ' LIMIT 1'); } $data = mysqli_fetch_assoc($query); $_SESSION['wid'] = $data['wref']; diff --git a/GameEngine/Units.php b/GameEngine/Units.php index 4b28943f..9dfe436c 100755 --- a/GameEngine/Units.php +++ b/GameEngine/Units.php @@ -283,7 +283,7 @@ class Units { } } if( intval($enforce['hero']) > 0){ - $q = "SELECT * FROM ".TB_PREFIX."hero WHERE uid = ".(int) $from['owner']." AND dead = 0"; + $q = "SELECT unit FROM ".TB_PREFIX."hero WHERE uid = ".(int) $from['owner']." AND dead = 0"; $result = mysqli_query($GLOBALS['link'],$q); $hero_f=mysqli_fetch_array($result); $hero_unit=$hero_f['unit']; @@ -376,13 +376,11 @@ if($session->access != BANNED){ array(0,0,0,0,0,0,0,0,0,0,0) ); - $query1 = mysqli_query($GLOBALS['link'],'SELECT * FROM `' . TB_PREFIX . 'vdata` WHERE `wref` = ' . mysqli_escape_string($GLOBALS['link'],(int) $data['to_vid'])); + $query1 = mysqli_query($GLOBALS['link'],'SELECT owner FROM `' . TB_PREFIX . 'vdata` WHERE `wref` = ' . mysqli_escape_string($GLOBALS['link'],(int) $data['to_vid'])); $data1 = mysqli_fetch_assoc($query1); - $query2 = mysqli_query($GLOBALS['link'],'SELECT * FROM `' . TB_PREFIX . 'users` WHERE `id` = ' . (int) $data1['owner']); - $data2 = mysqli_fetch_assoc($query2); - $query11 = mysqli_query($GLOBALS['link'],'SELECT * FROM `' . TB_PREFIX . 'vdata` WHERE `wref` = ' . mysqli_escape_string($GLOBALS['link'],(int) $village->wid)); + $query11 = mysqli_query($GLOBALS['link'],'SELECT owner FROM `' . TB_PREFIX . 'vdata` WHERE `wref` = ' . mysqli_escape_string($GLOBALS['link'],(int) $village->wid)); $data11 = mysqli_fetch_assoc($query11); - $query21 = mysqli_query($GLOBALS['link'],'SELECT * FROM `' . TB_PREFIX . 'users` WHERE `id` = ' . (int) $data11['owner']); + $query21 = mysqli_query($GLOBALS['link'],'SELECT tribe FROM `' . TB_PREFIX . 'users` WHERE `id` = ' . (int) $data11['owner']); $data21 = mysqli_fetch_assoc($query21); @@ -616,7 +614,7 @@ if($session->access != BANNED){ } if (isset($post['t11'])){ if( $post['t11'] != '' && $post['t11'] > 0){ - $qh = "SELECT * FROM ".TB_PREFIX."hero WHERE uid = ".(int) $from['owner']." AND dead = 0"; + $qh = "SELECT unit FROM ".TB_PREFIX."hero WHERE uid = ".(int) $from['owner']." AND dead = 0"; $resulth = mysqli_query($GLOBALS['link'],$qh); $hero_f=mysqli_fetch_array($resulth); $hero_unit=$hero_f['unit']; diff --git a/Templates/Build/16_incomming.tpl b/Templates/Build/16_incomming.tpl index b917a2ce..3b083500 100644 --- a/Templates/Build/16_incomming.tpl +++ b/Templates/Build/16_incomming.tpl @@ -8,7 +8,7 @@ $total_for2 = count($send); for($y=0;$y < $total_for;$y++){ for($i=0;$i < $total_for2;$i++){ if($units[$y]['ref'] == $send[$i]['ref2']){ -$res1 = mysqli_query($GLOBALS['link'],"SELECT * FROM " . TB_PREFIX . "send where id = ".(int) $send[$i]['ref'].""); +$res1 = mysqli_query($GLOBALS['link'],"SELECT wood, clay, iron, crop FROM " . TB_PREFIX . "send where id = ".(int) $send[$i]['ref'].""); $res = mysqli_fetch_array($res1); } } diff --git a/Templates/Build/26.tpl b/Templates/Build/26.tpl index 9826d75e..896fad99 100644 --- a/Templates/Build/26.tpl +++ b/Templates/Build/26.tpl @@ -6,10 +6,10 @@ if(time() - (!empty($_SESSION['time_p']) ? $_SESSION['time_p'] : 0) > 5) { if($_POST AND $_GET['action'] == 'change_capital') { $pass = mysqli_escape_string($GLOBALS['link'],$_POST['pass']); - $query = mysqli_query($GLOBALS['link'],'SELECT * FROM `' . TB_PREFIX . 'users` WHERE `id` = ' . (int) $session->uid); + $query = mysqli_query($GLOBALS['link'],'SELECT password FROM `' . TB_PREFIX . 'users` WHERE `id` = ' . (int) $session->uid); $data = mysqli_fetch_assoc($query); if(password_verify($pass, $data['password'])) { - $query1 = mysqli_query($GLOBALS['link'],'SELECT * FROM `' . TB_PREFIX . 'vdata` WHERE `owner` = ' .(int) $session->uid . ' AND `capital` = 1'); + $query1 = mysqli_query($GLOBALS['link'],'SELECT wref FROM `' . TB_PREFIX . 'vdata` WHERE `owner` = ' .(int) $session->uid . ' AND `capital` = 1'); $data1 = mysqli_fetch_assoc($query1); $query2 = mysqli_query($GLOBALS['link'],'SELECT * FROM `' . TB_PREFIX . 'fdata` WHERE `vref` = ' . (int) $data1['wref']); $data2 = mysqli_fetch_assoc($query2); @@ -67,7 +67,7 @@ else{ ?> uid . ' AND `capital` = 1'); +$query = mysqli_query($GLOBALS['link'],'SELECT wref FROM `' . TB_PREFIX . 'vdata` WHERE `owner` = ' . (int) $session->uid . ' AND `capital` = 1'); $data = mysqli_fetch_assoc($query); if($data['wref'] == $village->wid) { ?> diff --git a/Templates/Build/27_1.tpl b/Templates/Build/27_1.tpl index 3dfa1281..9783a57d 100644 --- a/Templates/Build/27_1.tpl +++ b/Templates/Build/27_1.tpl @@ -103,10 +103,10 @@ if($count == 0) { unset($reqlvl); unset($effect); - $arts = mysqli_query($GLOBALS['link'],"SELECT * FROM " . TB_PREFIX . "artefacts"); + $arts = mysqli_query($GLOBALS['link'],"SELECT type, vref, id, name, size, owner, effect FROM " . TB_PREFIX . "artefacts"); $rows = array(); while($row = mysqli_fetch_array($arts)) { - $query = mysqli_query($GLOBALS['link'],'SELECT * FROM `' . TB_PREFIX . 'wdata` WHERE `id` = ' . (int) $row['vref']); + $query = mysqli_query($GLOBALS['link'],'SELECT x, y FROM `' . TB_PREFIX . 'wdata` WHERE `id` = ' . (int) $row['vref']); $coor2 = mysqli_fetch_assoc($query); diff --git a/Templates/Build/27_2.tpl b/Templates/Build/27_2.tpl index ba1b1346..dd77a9b5 100644 --- a/Templates/Build/27_2.tpl +++ b/Templates/Build/27_2.tpl @@ -38,7 +38,7 @@ } else { - $artefact = mysqli_query($GLOBALS['link'],"SELECT * FROM `" . TB_PREFIX . "artefacts` WHERE size = 1 AND type = 1"); + $artefact = mysqli_query($GLOBALS['link'],"SELECT type, id, name, effect, vref, owner FROM `" . TB_PREFIX . "artefacts` WHERE size = 1 AND type = 1"); while($row = mysqli_fetch_array($artefact)) { echo ''; echo ''; @@ -58,7 +58,7 @@ unset($artefact); unset($row); - $artefact = mysqli_query($GLOBALS['link'],"SELECT * FROM `" . TB_PREFIX . "artefacts` WHERE size = 1 AND type = 2"); + $artefact = mysqli_query($GLOBALS['link'],"SELECT type, id, name, effect, vref, owner FROM `" . TB_PREFIX . "artefacts` WHERE size = 1 AND type = 2"); while($row = mysqli_fetch_array($artefact)) { echo ''; echo ''; @@ -78,7 +78,7 @@ unset($artefact); unset($row); - $artefact = mysqli_query($GLOBALS['link'],"SELECT * FROM `" . TB_PREFIX . "artefacts` WHERE size = 1 AND type = 3"); + $artefact = mysqli_query($GLOBALS['link'],"SELECT type, id, name, effect, vref, owner FROM `" . TB_PREFIX . "artefacts` WHERE size = 1 AND type = 3"); while($row = mysqli_fetch_array($artefact)) { echo ''; echo ''; @@ -98,7 +98,7 @@ unset($artefact); unset($row); - $artefact = mysqli_query($GLOBALS['link'],"SELECT * FROM `" . TB_PREFIX . "artefacts` WHERE size = 1 AND type = 4"); + $artefact = mysqli_query($GLOBALS['link'],"SELECT type, id, name, effect, vref, owner FROM `" . TB_PREFIX . "artefacts` WHERE size = 1 AND type = 4"); while($row = mysqli_fetch_array($artefact)) { echo ''; echo ''; @@ -117,7 +117,7 @@ unset($artefact); unset($row); - $artefact = mysqli_query($GLOBALS['link'],"SELECT * FROM `" . TB_PREFIX . "artefacts` WHERE size = 1 AND type = 5"); + $artefact = mysqli_query($GLOBALS['link'],"SELECT type, id, name, effect, vref, owner FROM `" . TB_PREFIX . "artefacts` WHERE size = 1 AND type = 5"); while($row = mysqli_fetch_array($artefact)) { echo ''; echo ''; @@ -136,7 +136,7 @@ unset($artefact); unset($row); - $artefact = mysqli_query($GLOBALS['link'],"SELECT * FROM `" . TB_PREFIX . "artefacts` WHERE size = 1 AND type = 6"); + $artefact = mysqli_query($GLOBALS['link'],"SELECT type, id, name, effect, vref, owner FROM `" . TB_PREFIX . "artefacts` WHERE size = 1 AND type = 6"); while($row = mysqli_fetch_array($artefact)) { echo ''; echo ''; @@ -155,7 +155,7 @@ unset($artefact); unset($row); - $artefact = mysqli_query($GLOBALS['link'],"SELECT * FROM `" . TB_PREFIX . "artefacts` WHERE size = 1 AND type = 7"); + $artefact = mysqli_query($GLOBALS['link'],"SELECT type, id, name, effect, vref, owner FROM `" . TB_PREFIX . "artefacts` WHERE size = 1 AND type = 7"); while($row = mysqli_fetch_array($artefact)) { echo ''; echo ''; @@ -174,7 +174,7 @@ unset($artefact); unset($row); - $artefact = mysqli_query($GLOBALS['link'],"SELECT * FROM `" . TB_PREFIX . "artefacts` WHERE size = 2 AND type = 8"); + $artefact = mysqli_query($GLOBALS['link'],"SELECT type, id, name, effect, vref, owner FROM `" . TB_PREFIX . "artefacts` WHERE size = 2 AND type = 8"); while($row = mysqli_fetch_array($artefact)) { echo ''; echo ''; @@ -188,7 +188,7 @@ unset($artefact); unset($row); - $artefact = mysqli_query($GLOBALS['link'],"SELECT * FROM `" . TB_PREFIX . "artefacts` WHERE size = 1 AND type = 8"); + $artefact = mysqli_query($GLOBALS['link'],"SELECT type, id, name, effect, vref, owner FROM `" . TB_PREFIX . "artefacts` WHERE size = 1 AND type = 8"); while($row = mysqli_fetch_array($artefact)) { echo ''; echo ''; diff --git a/Templates/Build/27_3.tpl b/Templates/Build/27_3.tpl index d07d8f28..2b2c814d 100644 --- a/Templates/Build/27_3.tpl +++ b/Templates/Build/27_3.tpl @@ -37,7 +37,7 @@ echo ''.NO_ARTIFACTS.''; } else { - $artefact = mysqli_query($GLOBALS['link'],"SELECT * FROM `" . TB_PREFIX . "artefacts` WHERE size = 2 AND type = 1"); + $artefact = mysqli_query($GLOBALS['link'],"SELECT type, id, name, effect, vref, owner FROM `" . TB_PREFIX . "artefacts` WHERE size = 2 AND type = 1"); while($row = mysqli_fetch_array($artefact)) { echo ''; echo ''; @@ -51,7 +51,7 @@ unset($artefact); unset($row); - $artefact = mysqli_query($GLOBALS['link'],"SELECT * FROM `" . TB_PREFIX . "artefacts` WHERE size = 3 AND type = 1"); + $artefact = mysqli_query($GLOBALS['link'],"SELECT type, id, name, effect, vref, owner FROM `" . TB_PREFIX . "artefacts` WHERE size = 3 AND type = 1"); while($row = mysqli_fetch_array($artefact)) { echo ''; echo ''; @@ -71,7 +71,7 @@ unset($artefact); unset($row); - $artefact = mysqli_query($GLOBALS['link'],"SELECT * FROM `" . TB_PREFIX . "artefacts` WHERE size = 2 AND type = 2"); + $artefact = mysqli_query($GLOBALS['link'],"SELECT type, id, name, effect, vref, owner FROM `" . TB_PREFIX . "artefacts` WHERE size = 2 AND type = 2"); while($row = mysqli_fetch_array($artefact)) { echo ''; echo ''; @@ -85,7 +85,7 @@ unset($artefact); unset($row); - $artefact = mysqli_query($GLOBALS['link'],"SELECT * FROM `" . TB_PREFIX . "artefacts` WHERE size = 3 AND type = 2"); + $artefact = mysqli_query($GLOBALS['link'],"SELECT type, id, name, effect, vref, owner FROM `" . TB_PREFIX . "artefacts` WHERE size = 3 AND type = 2"); while($row = mysqli_fetch_array($artefact)) { echo ''; echo ''; @@ -105,7 +105,7 @@ unset($artefact); unset($row); - $artefact = mysqli_query($GLOBALS['link'],"SELECT * FROM `" . TB_PREFIX . "artefacts` WHERE size = 2 AND type = 3"); + $artefact = mysqli_query($GLOBALS['link'],"SELECT type, id, name, effect, vref, owner FROM `" . TB_PREFIX . "artefacts` WHERE size = 2 AND type = 3"); while($row = mysqli_fetch_array($artefact)) { echo ''; echo ''; @@ -119,7 +119,7 @@ unset($artefact); unset($row); - $artefact = mysqli_query($GLOBALS['link'],"SELECT * FROM `" . TB_PREFIX . "artefacts` WHERE size = 3 AND type = 3"); + $artefact = mysqli_query($GLOBALS['link'],"SELECT type, id, name, effect, vref, owner FROM `" . TB_PREFIX . "artefacts` WHERE size = 3 AND type = 3"); while($row = mysqli_fetch_array($artefact)) { echo ''; echo ''; @@ -139,7 +139,7 @@ unset($artefact); unset($row); - $artefact = mysqli_query($GLOBALS['link'],"SELECT * FROM `" . TB_PREFIX . "artefacts` WHERE size = 2 AND type = 4"); + $artefact = mysqli_query($GLOBALS['link'],"SELECT type, id, name, effect, vref, owner FROM `" . TB_PREFIX . "artefacts` WHERE size = 2 AND type = 4"); while($row = mysqli_fetch_array($artefact)) { echo ''; echo ''; @@ -153,7 +153,7 @@ unset($artefact); unset($row); - $artefact = mysqli_query($GLOBALS['link'],"SELECT * FROM `" . TB_PREFIX . "artefacts` WHERE size = 3 AND type = 4"); + $artefact = mysqli_query($GLOBALS['link'],"SELECT type, id, name, effect, vref, owner FROM `" . TB_PREFIX . "artefacts` WHERE size = 3 AND type = 4"); while($row = mysqli_fetch_array($artefact)) { echo ''; echo ''; @@ -172,7 +172,7 @@ unset($artefact); unset($row); - $artefact = mysqli_query($GLOBALS['link'],"SELECT * FROM `" . TB_PREFIX . "artefacts` WHERE size = 2 AND type = 5"); + $artefact = mysqli_query($GLOBALS['link'],"SELECT type, id, name, effect, vref, owner FROM `" . TB_PREFIX . "artefacts` WHERE size = 2 AND type = 5"); while($row = mysqli_fetch_array($artefact)) { echo ''; echo ''; @@ -186,7 +186,7 @@ unset($artefact); unset($row); - $artefact = mysqli_query($GLOBALS['link'],"SELECT * FROM `" . TB_PREFIX . "artefacts` WHERE size = 3 AND type = 5"); + $artefact = mysqli_query($GLOBALS['link'],"SELECT type, id, name, effect, vref, owner FROM `" . TB_PREFIX . "artefacts` WHERE size = 3 AND type = 5"); while($row = mysqli_fetch_array($artefact)) { echo ''; echo ''; @@ -205,7 +205,7 @@ unset($artefact); unset($row); - $artefact = mysqli_query($GLOBALS['link'],"SELECT * FROM `" . TB_PREFIX . "artefacts` WHERE size = 2 AND type = 6"); + $artefact = mysqli_query($GLOBALS['link'],"SELECT type, id, name, effect, vref, owner FROM `" . TB_PREFIX . "artefacts` WHERE size = 2 AND type = 6"); while($row = mysqli_fetch_array($artefact)) { echo ''; echo ''; @@ -219,7 +219,7 @@ unset($artefact); unset($row); - $artefact = mysqli_query($GLOBALS['link'],"SELECT * FROM `" . TB_PREFIX . "artefacts` WHERE size = 3 AND type = 6"); + $artefact = mysqli_query($GLOBALS['link'],"SELECT type, id, name, effect, vref, owner FROM `" . TB_PREFIX . "artefacts` WHERE size = 3 AND type = 6"); while($row = mysqli_fetch_array($artefact)) { echo ''; echo ''; @@ -238,7 +238,7 @@ unset($artefact); unset($row); - $artefact = mysqli_query($GLOBALS['link'],"SELECT * FROM `" . TB_PREFIX . "artefacts` WHERE size = 2 AND type = 7"); + $artefact = mysqli_query($GLOBALS['link'],"SELECT type, id, name, effect, vref, owner FROM `" . TB_PREFIX . "artefacts` WHERE size = 2 AND type = 7"); while($row = mysqli_fetch_array($artefact)) { echo ''; echo ''; @@ -252,7 +252,7 @@ unset($artefact); unset($row); - $artefact = mysqli_query($GLOBALS['link'],"SELECT * FROM `" . TB_PREFIX . "artefacts` WHERE size = 3 AND type = 7"); + $artefact = mysqli_query($GLOBALS['link'],"SELECT type, id, name, effect, vref, owner FROM `" . TB_PREFIX . "artefacts` WHERE size = 3 AND type = 7"); while($row = mysqli_fetch_array($artefact)) { echo ''; echo ''; @@ -271,7 +271,7 @@ unset($artefact); unset($row); - $artefact = mysqli_query($GLOBALS['link'],"SELECT * FROM `" . TB_PREFIX . "artefacts` WHERE size = 3 AND type = 8"); + $artefact = mysqli_query($GLOBALS['link'],"SELECT type, id, name, effect, vref, owner FROM `" . TB_PREFIX . "artefacts` WHERE size = 3 AND type = 8"); while($row = mysqli_fetch_array($artefact)) { echo ''; echo ''; diff --git a/Templates/Build/avaliable.tpl b/Templates/Build/avaliable.tpl index db80e2ad..00be5fb5 100644 --- a/Templates/Build/avaliable.tpl +++ b/Templates/Build/avaliable.tpl @@ -164,7 +164,7 @@ $user = $session->uid; //loop search village user -$query = mysqli_query($GLOBALS['link'],"SELECT * FROM ".TB_PREFIX."vdata WHERE owner = ".(int) $user.""); +$query = mysqli_query($GLOBALS['link'],"SELECT wref FROM ".TB_PREFIX."vdata WHERE owner = ".(int) $user.""); while($villaggi_array = mysqli_fetch_array($query)){ //loop structure village @@ -288,7 +288,7 @@ $user = $session->uid; //mysqli_select_db(SQL_DB); //loop search village user -$query = mysqli_query($GLOBALS['link'],"SELECT * FROM ".TB_PREFIX."vdata WHERE owner = ".(int) $user.""); +$query = mysqli_query($GLOBALS['link'],"SELECT wref FROM ".TB_PREFIX."vdata WHERE owner = ".(int) $user.""); while($villaggi_array = mysqli_fetch_array($query)){ //loop structure village diff --git a/Templates/Map/vilview.tpl b/Templates/Map/vilview.tpl index 15f9b611..2bd77278 100644 --- a/Templates/Map/vilview.tpl +++ b/Templates/Map/vilview.tpl @@ -2,7 +2,7 @@ getMInfo($_GET['d']); $uinfo = $database->getVillage($basearray['id']); -$oasis1 = mysqli_query($GLOBALS['link'],'SELECT * FROM `' . TB_PREFIX . 'odata` WHERE `wref` = ' . mysqli_real_escape_string($GLOBALS['link'],$_GET['d'])); +$oasis1 = mysqli_query($GLOBALS['link'],'SELECT conqured, owner FROM `' . TB_PREFIX . 'odata` WHERE `wref` = ' . mysqli_real_escape_string($GLOBALS['link'],$_GET['d'])); $oasis = mysqli_fetch_assoc($oasis1); $access=$session->access; $oasislink = ''; @@ -167,7 +167,7 @@ if($session->uid == $database->getVillage($_GET['d'])){ } $toWref = $_GET['d']; if($session->alliance!=0){ -$result = mysqli_query($GLOBALS['link'],"SELECT * FROM ".TB_PREFIX."ndata WHERE $limit AND ally = ".$session->alliance." AND toWref = ".$toWref." ORDER BY time DESC Limit 5"); +$result = mysqli_query($GLOBALS['link'],"SELECT data, ntype, id, topic, time FROM ".TB_PREFIX."ndata WHERE $limit AND ally = ".$session->alliance." AND toWref = ".$toWref." ORDER BY time DESC Limit 5"); $query = mysqli_num_rows($result); if($query != 0){ while($row = mysqli_fetch_array($result)){ @@ -191,7 +191,7 @@ if($type==18 or $type==19 or $type==20 or $type==21){ uid." AND toWref = ".$toWref." ORDER BY time DESC Limit 5"); +$result = mysqli_query($GLOBALS['link'],"SELECT data, ntype, id, topic, time FROM ".TB_PREFIX."ndata WHERE uid = ".$session->uid." AND toWref = ".$toWref." ORDER BY time DESC Limit 5"); $query = mysqli_num_rows($result); if($query != 0){ while($row = mysqli_fetch_array($result)){ @@ -266,7 +266,7 @@ if($session->uid == $database->getVillage($_GET['d'])){ } $toWref = $_GET['d']; if($session->alliance!=0){ -$result = mysqli_query($GLOBALS['link'],"SELECT * FROM ".TB_PREFIX."ndata WHERE $limit AND ally = ".$session->alliance." AND toWref = ".$toWref." ORDER BY time DESC Limit 5"); +$result = mysqli_query($GLOBALS['link'],"SELECT data, ntype, id, topic, time FROM ".TB_PREFIX."ndata WHERE $limit AND ally = ".$session->alliance." AND toWref = ".$toWref." ORDER BY time DESC Limit 5"); $query = mysqli_num_rows($result); if($query != 0){ while($row = mysqli_fetch_array($result)){ @@ -290,7 +290,7 @@ if($type==18 or $type==19 or $type==20 or $type==21){ uid." AND toWref = ".$toWref." ORDER BY time DESC Limit 5"); +$result = mysqli_query($GLOBALS['link'],"SELECT data, ntype, id, topic, time FROM ".TB_PREFIX."ndata WHERE uid = ".$session->uid." AND toWref = ".$toWref." ORDER BY time DESC Limit 5"); $query = mysqli_num_rows($result); if($query != 0){ while($row = mysqli_fetch_array($result)){ @@ -392,7 +392,7 @@ if($session->uid == $database->getVillage($_GET['d'])){ } $toWref = $_GET['d']; if($session->alliance!=0){ -$result = mysqli_query($GLOBALS['link'],"SELECT * FROM ".TB_PREFIX."ndata WHERE $limit AND ally = ".$session->alliance." AND toWref = ".$toWref." ORDER BY time DESC Limit 5"); +$result = mysqli_query($GLOBALS['link'],"SELECT data, ntype, id, topic, time FROM ".TB_PREFIX."ndata WHERE $limit AND ally = ".$session->alliance." AND toWref = ".$toWref." ORDER BY time DESC Limit 5"); $query = mysqli_num_rows($result); if($query != 0){ while($row = mysqli_fetch_array($result)){ @@ -416,7 +416,7 @@ if($type==18 or $type==19 or $type==20 or $type==21 or $type==22){ uid." AND toWref = ".$toWref." ORDER BY time DESC Limit 5"); +$result = mysqli_query($GLOBALS['link'],"SELECT data, ntype, id, topic, time FROM ".TB_PREFIX."ndata WHERE $limit AND uid = ".$session->uid." AND toWref = ".$toWref." ORDER BY time DESC Limit 5"); $query = mysqli_num_rows($result); if($query != 0){ while($row = mysqli_fetch_array($result)){ diff --git a/Templates/Message/inbox.tpl b/Templates/Message/inbox.tpl index 5fc69be4..14ef7283 100644 --- a/Templates/Message/inbox.tpl +++ b/Templates/Message/inbox.tpl @@ -11,7 +11,7 @@ Sent uid."'") or die(mysqli_error($database->dblink)); + $MyGold = mysqli_query($GLOBALS['link'],"SELECT plus FROM ".TB_PREFIX."users WHERE `id`='".(int) $session->uid."'") or die(mysqli_error($database->dblink)); $golds = mysqli_fetch_array($MyGold); $date2=strtotime("NOW"); if ($golds['plus'] <= $date2) { ?> diff --git a/Templates/Message/sent.tpl b/Templates/Message/sent.tpl index 7ceb97de..08dcd8e9 100644 --- a/Templates/Message/sent.tpl +++ b/Templates/Message/sent.tpl @@ -22,7 +22,7 @@ Recipient Sent uid."'") or die(mysqli_error($database->dblink)); + $MyGold = mysqli_query($GLOBALS['link'],"SELECT plus FROM ".TB_PREFIX."users WHERE `id`='".(int) $session->uid."'") or die(mysqli_error($database->dblink)); $golds = mysqli_fetch_array($MyGold); $date2=strtotime("NOW"); if ($golds['plus'] <= $date2) { ?> diff --git a/Templates/News/newsbox1.tpl b/Templates/News/newsbox1.tpl index 1d7ab953..dd224e3f 100644 --- a/Templates/News/newsbox1.tpl +++ b/Templates/News/newsbox1.tpl @@ -2,7 +2,7 @@ ".(time() - (60*10))." AND tribe!=0 AND tribe!=4 AND tribe!=5"); -$top_rank = mysqli_fetch_assoc(mysqli_query($GLOBALS['link'],"SELECT * FROM ".TB_PREFIX."users WHERE ".(INCLUDE_ADMIN ? '' : 'access< 8 AND ')."id > 5 AND tribe<=3 AND tribe > 0 ORDER BY oldrank ASC Limit 1")); +$top_rank = mysqli_fetch_assoc(mysqli_query($GLOBALS['link'],"SELECT username FROM ".TB_PREFIX."users WHERE ".(INCLUDE_ADMIN ? '' : 'access< 8 AND ')."id > 5 AND tribe<=3 AND tribe > 0 ORDER BY oldrank ASC Limit 1")); ?> diff --git a/Templates/Notice/all.tpl b/Templates/Notice/all.tpl index 6e7a1194..57c48166 100644 --- a/Templates/Notice/all.tpl +++ b/Templates/Notice/all.tpl @@ -12,7 +12,7 @@ $noticeClass = array("Scout Report","Won as attacker without losses","Won as att uid."'") or die(mysqli_error($database->dblink)); + $MyGold = mysqli_query($GLOBALS['link'],"SELECT plus FROM ".TB_PREFIX."users WHERE `id`='".(int) $session->uid."'") or die(mysqli_error($database->dblink)); $golds = mysqli_fetch_array($MyGold); $date2=strtotime("NOW"); if ($golds['plus'] <= $date2) { ?> diff --git a/Templates/Plus/10.tpl b/Templates/Plus/10.tpl index f393d63d..3b2ff7f4 100644 --- a/Templates/Plus/10.tpl +++ b/Templates/Plus/10.tpl @@ -1,7 +1,7 @@ access != BANNED && $session->gold >= 5){ - $MyGold = mysqli_query($GLOBALS['link'],"SELECT * FROM ".TB_PREFIX."users WHERE `id`='".$session->uid."'") or die(mysqli_error($database->dblink)); + $MyGold = mysqli_query($GLOBALS['link'],"SELECT gold, b2 FROM ".TB_PREFIX."users WHERE `id`='".$session->uid."'") or die(mysqli_error($database->dblink)); $golds = mysqli_fetch_array($MyGold); if($session->sit == 0) { if (mysqli_num_rows($MyGold) == 1) { diff --git a/Templates/Plus/11.tpl b/Templates/Plus/11.tpl index e7b461f0..ea9ccae1 100644 --- a/Templates/Plus/11.tpl +++ b/Templates/Plus/11.tpl @@ -1,7 +1,7 @@ access != BANNED && $session->gold >= 5){ - $MyGold = mysqli_query($GLOBALS['link'],"SELECT * FROM ".TB_PREFIX."users WHERE `id`='".$session->uid."'") or die(mysqli_error($database->dblink)); + $MyGold = mysqli_query($GLOBALS['link'],"SELECT gold, b3 FROM ".TB_PREFIX."users WHERE `id`='".$session->uid."'") or die(mysqli_error($database->dblink)); $golds = mysqli_fetch_array($MyGold); if($session->sit == 0) { if (mysqli_num_rows($MyGold)) { diff --git a/Templates/Plus/12.tpl b/Templates/Plus/12.tpl index 80ba70e0..baa2006b 100644 --- a/Templates/Plus/12.tpl +++ b/Templates/Plus/12.tpl @@ -1,7 +1,7 @@ access != BANNED && $session->gold >= 5){ - $MyGold = mysqli_query($GLOBALS['link'],"SELECT * FROM ".TB_PREFIX."users WHERE `id`='".$session->uid."'") or die(mysqli_error($database->dblink)); + $MyGold = mysqli_query($GLOBALS['link'],"SELECT gold, b4 FROM ".TB_PREFIX."users WHERE `id`='".$session->uid."'") or die(mysqli_error($database->dblink)); $golds = mysqli_fetch_array($MyGold); if($session->sit == 0) { if (mysqli_num_rows($MyGold)) { diff --git a/Templates/Plus/14.tpl b/Templates/Plus/14.tpl index b256c280..97023d29 100644 --- a/Templates/Plus/14.tpl +++ b/Templates/Plus/14.tpl @@ -1,9 +1,6 @@ access != BANNED){ - $MyGold = mysqli_query($GLOBALS['link'],"SELECT * FROM ".TB_PREFIX."users WHERE `id`='".$session->uid."'") or die(mysqli_error($database->dblink)); - $golds = mysqli_fetch_array($MyGold); - $MyVilId = mysqli_query($GLOBALS['link'],"SELECT * FROM ".TB_PREFIX."vdata WHERE `wref`='".$village->wid."'") or die(mysqli_error($database->dblink)); $uuVilid = mysqli_fetch_array($MyVilId); diff --git a/Templates/Plus/8.tpl b/Templates/Plus/8.tpl index 824d4e6b..5a2f9e54 100644 --- a/Templates/Plus/8.tpl +++ b/Templates/Plus/8.tpl @@ -1,7 +1,7 @@ access != BANNED && $session->gold >= 10){ - $MyGold = mysqli_query($GLOBALS['link'],"SELECT * FROM ".TB_PREFIX."users WHERE `id`='".$session->uid."'") or die(mysqli_error($database->dblink)); + $MyGold = mysqli_query($GLOBALS['link'],"SELECT gold, plus FROM ".TB_PREFIX."users WHERE `id`='".$session->uid."'") or die(mysqli_error($database->dblink)); $golds = mysqli_fetch_array($MyGold); if($session->sit == 0) { if (mysqli_num_rows($MyGold) == 1) { diff --git a/Templates/Plus/9.tpl b/Templates/Plus/9.tpl index a91d1732..98d8a92d 100644 --- a/Templates/Plus/9.tpl +++ b/Templates/Plus/9.tpl @@ -1,7 +1,7 @@ access != BANNED && $session->gold >= 5){ - $MyGold = mysqli_query($GLOBALS['link'],"SELECT * FROM ".TB_PREFIX."users WHERE `id`='".$session->uid."'") or die(mysqli_error($database->dblink)); + $MyGold = mysqli_query($GLOBALS['link'],"SELECT gold, b1 FROM ".TB_PREFIX."users WHERE `id`='".$session->uid."'") or die(mysqli_error($database->dblink)); $golds = mysqli_fetch_array($MyGold); if($session->sit == 0) { if (mysqli_num_rows($MyGold) == 1) { diff --git a/Templates/Plus/getplus.tpl b/Templates/Plus/getplus.tpl index 3a61a069..0cbd7076 100644 --- a/Templates/Plus/getplus.tpl +++ b/Templates/Plus/getplus.tpl @@ -50,8 +50,8 @@ EOT; $plusTime = 604800; // 7 days $time = time(); $giveplus = ($time + $plustime); - $accountCheck = mysqli_query($GLOBALS['link'],"SELECT * FROM ".TB_PREFIX."users WHERE `id`='".$session->uid."'") or die(mysqli_error($database->dblink)); - if(mysqli_num_rows($accountCheck) <= 0){ + $accountCheck = mysqli_fetch_array(mysqli_query($GLOBALS['link'],"SELECT Count(*) as Total FROM ".TB_PREFIX."users WHERE `id`='".$session->uid."'"), MYSQLI_ASSOC) or die(mysqli_error($database->dblink)); + if($accountCheck['Total'] <= 0){ echo "ERROR:
"; echo "The account name you entered does not exist."; echo "

"; @@ -59,7 +59,6 @@ EOT; } if(!$valid) break; $valid=TRUE; - $acc = mysqli_fetch_array($accountCheck); $plusCheck = mysqli_query($GLOBALS['link'],"SELECT * FROM ".TB_PREFIX."users WHERE `id`='".$session->uid."'") or die(mysqli_error($database->dblink)); $pluss = mysqli_fetch_array($plusCheck); diff --git a/Templates/Profile/preference.tpl b/Templates/Profile/preference.tpl index 4d2a84c8..08b9d518 100644 --- a/Templates/Profile/preference.tpl +++ b/Templates/Profile/preference.tpl @@ -60,7 +60,7 @@ if($_POST) { } } elseif(trim($link['nr']) != '' AND trim($link['linkname']) != '' AND trim($link['linkziel']) != '' AND trim($link['id']) != '') { // Update link - $query = mysqli_query($GLOBALS['link'],'SELECT * FROM `' . TB_PREFIX . 'links` WHERE `id` = ' . $link['id']); + $query = mysqli_query($GLOBALS['link'],'SELECT userid FROM `' . TB_PREFIX . 'links` WHERE `id` = ' . $link['id']); $data = mysqli_fetch_assoc($query); // May the user update this entry? @@ -69,7 +69,7 @@ if($_POST) { } } elseif(trim($link['nr']) == '' AND trim($link['linkname']) == '' AND trim($link['linkziel']) == '' AND trim($link['id']) != '') { // Delete entry - $query = mysqli_query($GLOBALS['link'],'SELECT * FROM `' . TB_PREFIX . 'links` WHERE `id` = ' . $link['id']); + $query = mysqli_query($GLOBALS['link'],'SELECT userid FROM `' . TB_PREFIX . 'links` WHERE `id` = ' . $link['id']); $data = mysqli_fetch_assoc($query); // May the user delete this entry? diff --git a/Templates/a2b/attack.tpl b/Templates/a2b/attack.tpl index e5dbf0b3..386cd1e0 100644 --- a/Templates/a2b/attack.tpl +++ b/Templates/a2b/attack.tpl @@ -380,7 +380,7 @@ $end = ($tribe*10); else { //$uid - $q = "SELECT * FROM ".TB_PREFIX."hero WHERE uid = ".(int) $uid." AND dead = 0"; + $q = "SELECT unit FROM ".TB_PREFIX."hero WHERE uid = ".(int) $uid." AND dead = 0"; $result = mysqli_query($GLOBALS['link'],$q); $hero_f=mysqli_fetch_array($result); $hero_unit=$hero_f['unit']; diff --git a/Templates/a2b/sendback_1.tpl b/Templates/a2b/sendback_1.tpl index d3b99864..8ab27b80 100644 --- a/Templates/a2b/sendback_1.tpl +++ b/Templates/a2b/sendback_1.tpl @@ -137,7 +137,7 @@ $tocoor = $database->getCoor($enforce['vref']); } } if ($enforce['hero']>0){ - $qh = "SELECT * FROM ".TB_PREFIX."hero WHERE uid = ".(int) $to['owner']." AND dead = 0"; + $qh = "SELECT unit FROM ".TB_PREFIX."hero WHERE uid = ".(int) $to['owner']." AND dead = 0"; $resulth = mysqli_query($GLOBALS['link'],$qh); $hero_f=mysqli_fetch_array($resulth); $hero_unit=$hero_f['unit']; diff --git a/Templates/a2b/sendback_2.tpl b/Templates/a2b/sendback_2.tpl index ca3ddb39..0f415003 100644 --- a/Templates/a2b/sendback_2.tpl +++ b/Templates/a2b/sendback_2.tpl @@ -138,7 +138,7 @@ $tocoor = $database->getCoor($enforce['vref']); } } if ($enforce['hero']>0){ - $qh = "SELECT * FROM ".TB_PREFIX."hero WHERE uid = ".(int) $to['owner']." AND dead = 0"; + $qh = "SELECT unit FROM ".TB_PREFIX."hero WHERE uid = ".(int) $to['owner']." AND dead = 0"; $resulth = mysqli_query($GLOBALS['link'],$qh); $hero_f=mysqli_fetch_array($resulth); $hero_unit=$hero_f['unit']; diff --git a/Templates/a2b/sendback_3.tpl b/Templates/a2b/sendback_3.tpl index 8d765ee8..4c60593b 100644 --- a/Templates/a2b/sendback_3.tpl +++ b/Templates/a2b/sendback_3.tpl @@ -137,7 +137,7 @@ $tocoor = $database->getCoor($enforce['vref']); } } if ($enforce['hero']>0){ - $qh = "SELECT * FROM ".TB_PREFIX."hero WHERE uid = ".(int) $to['owner']." AND dead = 0"; + $qh = "SELECT unit FROM ".TB_PREFIX."hero WHERE uid = ".(int) $to['owner']." AND dead = 0"; $resulth = mysqli_query($GLOBALS['link'],$qh); $hero_f=mysqli_fetch_array($resulth); $hero_unit=$hero_f['unit']; diff --git a/Templates/a2b/sendback_4.tpl b/Templates/a2b/sendback_4.tpl index 3b1e0b3b..5db9fb56 100644 --- a/Templates/a2b/sendback_4.tpl +++ b/Templates/a2b/sendback_4.tpl @@ -138,7 +138,7 @@ $tocoor = $database->getCoor($enforce['vref']); } } if ($enforce['hero']>0){ - $qh = "SELECT * FROM ".TB_PREFIX."hero WHERE uid = ".(int) $to['owner']." AND dead = 0"; + $qh = "SELECT unit FROM ".TB_PREFIX."hero WHERE uid = ".(int) $to['owner']." AND dead = 0"; $resulth = mysqli_query($GLOBALS['link'],$qh); $hero_f=mysqli_fetch_array($resulth); $hero_unit=$hero_f['unit']; diff --git a/Templates/a2b/sendback_5.tpl b/Templates/a2b/sendback_5.tpl index dab7e903..95623f64 100644 --- a/Templates/a2b/sendback_5.tpl +++ b/Templates/a2b/sendback_5.tpl @@ -137,7 +137,7 @@ $tocoor = $database->getCoor($enforce['vref']); } } if ($enforce['hero']>0){ - $qh = "SELECT * FROM ".TB_PREFIX."hero WHERE uid = ".(int) $to['owner']." AND dead = 0"; + $qh = "SELECT unit FROM ".TB_PREFIX."hero WHERE uid = ".(int) $to['owner']." AND dead = 0"; $resulth = mysqli_query($GLOBALS['link'],$qh); $hero_f=mysqli_fetch_array($resulth); $hero_unit=$hero_f['unit']; diff --git a/Templates/a2b/startRaid.tpl b/Templates/a2b/startRaid.tpl index f63bf49c..eb359daf 100644 --- a/Templates/a2b/startRaid.tpl +++ b/Templates/a2b/startRaid.tpl @@ -4,7 +4,7 @@ $lid = $_POST['lid']; $tribe = $_POST['tribe']; $getFLData = $database->getFLData($lid); - $sql = "SELECT * FROM ".TB_PREFIX."raidlist WHERE lid = ".$database->escape((int) $lid)." order by id asc"; + $sql = "SELECT id, towref, t1, t2, t3, t4, t5, t6, t7, t8, t9, t10 FROM ".TB_PREFIX."raidlist WHERE lid = ".$database->escape((int) $lid)." order by id asc"; $array = $database->query_return($sql); foreach($array as $row){ $sql1 = mysqli_fetch_array(mysqli_query($GLOBALS['link'],"SELECT * FROM ".TB_PREFIX."units WHERE vref = ".(int) $getFLData['wref'])); diff --git a/Templates/goldClub/farmlist.tpl b/Templates/goldClub/farmlist.tpl index f420697a..a4e59b0c 100644 --- a/Templates/goldClub/farmlist.tpl +++ b/Templates/goldClub/farmlist.tpl @@ -9,7 +9,7 @@ if(isset($_GET['t'])==99 && isset($_POST['action'])=='addList' && $_POST['did']! exit; } -$sql = mysqli_query($GLOBALS['link'],"SELECT * FROM ".TB_PREFIX."farmlist WHERE owner = ".(int) $session->uid." ORDER BY wref DESC"); +$sql = mysqli_query($GLOBALS['link'],"SELECT id, name, owner, wref FROM ".TB_PREFIX."farmlist WHERE owner = ".(int) $session->uid." ORDER BY wref DESC"); $query = mysqli_num_rows($sql); while($row = mysqli_fetch_array($sql)){ $lid = $row["id"]; @@ -193,7 +193,7 @@ $vdata = $database->getVillage($towref); uid." ORDER BY time DESC Limit 1"); +$getnotice = mysqli_query($GLOBALS['link'],"SELECT ntype, data, time, id FROM ".TB_PREFIX."ndata WHERE $limits AND toWref = ".(int) $towref." AND uid = ".(int) $session->uid." ORDER BY time DESC Limit 1"); if(mysqli_num_rows($getnotice) > 0){ while($row2 = mysqli_fetch_array($getnotice)){ $dataarray = explode(",",$row2['data']); @@ -316,7 +316,7 @@ if(!$database->getVilFarmlist($village->wid)){ { Travian.Game.RaidList.setData({ wid.''); +$result = mysqli_query($GLOBALS['link'],'SELECT id FROM '.TB_PREFIX.'farmlist WHERE wref = '.(int) $village->wid.''); $query1 = mysqli_num_rows($result); $NUM1 = 1; while($row = mysqli_fetch_array($result)){ diff --git a/Templates/goldClub/farmlist_addraid.tpl b/Templates/goldClub/farmlist_addraid.tpl index 80eec92f..84aefb69 100644 --- a/Templates/goldClub/farmlist_addraid.tpl +++ b/Templates/goldClub/farmlist_addraid.tpl @@ -86,7 +86,7 @@ $vdata = $database->getVillage($Wref); escape((int) $_GET['lid']).""; +$getwref = "SELECT towref FROM ".TB_PREFIX."raidlist WHERE lid = ".$database->escape((int) $_GET['lid']).""; $arraywref = $database->query_return($getwref); echo ''; if(mysqli_num_rows(mysqli_query($GLOBALS['link'],$getwref)) != 0){ diff --git a/Templates/goldClub/farmlist_editraid.tpl b/Templates/goldClub/farmlist_editraid.tpl index 03c3bcc0..8afb82ec 100644 --- a/Templates/goldClub/farmlist_editraid.tpl +++ b/Templates/goldClub/farmlist_editraid.tpl @@ -93,7 +93,7 @@ $lid2 = $getlid['lid']; query_return($getwref); echo ''; if(mysqli_num_rows(mysqli_query($GLOBALS['link'],$getwref)) != 0){ diff --git a/a2b.php b/a2b.php index 0978f46b..26428a0a 100644 --- a/a2b.php +++ b/a2b.php @@ -193,7 +193,7 @@ if(isset($_GET['o'])) { } if ($prisoner['t11']>0){ - $p_qh = "SELECT * FROM ".TB_PREFIX."hero WHERE uid = ".(int) $p_owner." AND dead = 0"; + $p_qh = "SELECT unit FROM ".TB_PREFIX."hero WHERE uid = ".(int) $p_owner." AND dead = 0"; $p_resulth = mysqli_query($GLOBALS['link'],$p_qh); $p_hero_f=mysqli_fetch_array($p_resulth); $p_hero_unit=$p_hero_f['unit'];