xinyin025/TravianZ
1
0
Fork 0
mirror of https://github.com/Shadowss/TravianZ.git synced 2026-06-30 01:24:23 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
58475a03580d540fd29cbcb54406d36941eb70bc
TravianZ/GameEngine/Admin/Mods/delUser.php
T
Ferywir 8c1a6ad05b fix(admin): render a proper error page instead of a blank page on denial [#299] (#307) 
Issue #299: posting to an admin Mod (eg editBuildings.php) could show an
essentially blank page. The admin panel and the game share the same PHP
session, so a game logout (session_destroy) — or a mobile browser dropping the
session cookie / serving a cached form with a stale token — wipes the admin
session. The Mod then stopped on a bare die('<h1>Access Denied</h1>') (or the
403 die() in csrf_verify()), which renders as a blank/broken page outside the
panel.

Add a shared admin_deny() helper in GameEngine/Admin/csrf.php that renders a
clean, self-contained, styled error page (with a "Return to Admin Panel" link)
and a no-store header, then exits. Wire it into csrf_verify() and replace every
bare "Access Denied" die() across the 42 admin Mods. Each Mod now loads
csrf.php at the top so admin_deny() is available before its first access check.

This is the presentation fix Shadow asked for ("we must receive an error not
blank page"). The deeper root cause (admin and game sharing one PHP session) is
left for a follow-up: giving the admin panel its own session cookie name.

Co-authored-by: Claude Opus 4.8 <noreply@anthropic.com>
2026-06-29 10:25:18 +03:00

147 lines
7.9 KiB
PHP
Raw Blame History

<?php
#################################################################################
## -= YOU MAY NOT REMOVE OR CHANGE THIS NOTICE =- ##
## --------------------------------------------------------------------------- ##
## Filename delUser.php ##
## Type BACKEND ##
## Developed by: Shadow (după model delAli) ##
## License: TravianZ Project ##
## Copyright: TravianZ (c) 2010-2025. All rights reserved. ##
#################################################################################
// #299: load CSRF helpers + admin_deny() before the access check below.
require_once(__DIR__ . '/../csrf.php');
if (!isset($_SESSION)) { session_start(); }
if (empty($_SESSION['access']) || $_SESSION['access'] < 9) {
admin_deny('You must be signed in as an administrator to view this page. Your session may have expired — please return to the admin panel and sign in again.');
}
// Issue #139: this Mod is POSTed to directly, so it must verify the CSRF token
// itself (it does not go through admin.php's central csrf_verify()).
require_once(__DIR__ . '/../csrf.php');
csrf_verify();
include_once("../../config.php");
// ---------------------------------------------------------------------------
// Autoloader - identic cu delAli.php
// ---------------------------------------------------------------------------
$autoprefix = '';
for ($i = 0; $i < 5; $i++) {
$autoprefix = str_repeat('../', $i);
if (file_exists($autoprefix . 'autoloader.php')) { break; }
}
include_once($autoprefix . "GameEngine/Database.php");
// ---------------------------------------------------------------------------
// Input
// ---------------------------------------------------------------------------
$uid = (int)($_POST['uid'] ?? 0);
$admid = (int)($_POST['admid'] ?? 0);
$pass = $_POST['pass'] ?? '';
if ($uid <= 0 || $admid <= 0) {
header("Location: ../../../Admin/admin.php?p=search&e=bad");
exit;
}
// ---------------------------------------------------------------------------
// Verificare admin + parolă
// ---------------------------------------------------------------------------
$admin = $database->getUserArray($admid, 1);
if (!$admin || (int)$admin['access'] !== 9) {
admin_deny('You must be signed in as an administrator to view this page. Your session may have expired — please return to the admin panel and sign in again.');
}
if (!password_verify($pass, $admin['password'])) {
die('<script>alert("Parola admin gresita!");history.back();</script>');
}
if ($uid == $admid) {
die('<script>alert("Nu te poti sterge pe tine!");history.back();</script>');
}
$target = $database->getUserArray($uid, 1);
if (!$target) { die("User not found"); }
$username = $database->escape($target['username']);
// ---------------------------------------------------------------------------
// 1. Ia toate satele
// ---------------------------------------------------------------------------
$vilIds = [];
$res = $database->query("SELECT wref FROM " . TB_PREFIX . "vdata WHERE owner = $uid");
while ($r = mysqli_fetch_assoc($res)) { $vilIds[] = (int)$r['wref']; }
$ids = $vilIds ? implode(',', $vilIds) : '0';
// ---------------------------------------------------------------------------
// 2. Șterge tot ce ține de sate (doar tabele din dump)
// ---------------------------------------------------------------------------
if ($ids !== '0') {
$database->query("UPDATE " . TB_PREFIX . "wdata SET occupied = 0 WHERE id IN ($ids)");
$database->query("DELETE FROM " . TB_PREFIX . "vdata WHERE wref IN ($ids)");
$database->query("DELETE FROM " . TB_PREFIX . "fdata WHERE vref IN ($ids)");
$database->query("DELETE FROM " . TB_PREFIX . "bdata WHERE wid IN ($ids)");
$database->query("DELETE FROM " . TB_PREFIX . "abdata WHERE vref IN ($ids)");
$database->query("DELETE FROM " . TB_PREFIX . "tdata WHERE vref IN ($ids)");
$database->query("DELETE FROM " . TB_PREFIX . "units WHERE vref IN ($ids)");
$database->query("DELETE FROM " . TB_PREFIX . "training WHERE vref IN ($ids)");
$database->query("DELETE FROM " . TB_PREFIX . "research WHERE vref IN ($ids)");
$database->query("DELETE FROM " . TB_PREFIX . "demolition WHERE vref IN ($ids)");
$database->query("DELETE FROM " . TB_PREFIX . "build_log WHERE wid IN ($ids)");
$database->query("DELETE FROM " . TB_PREFIX . "tech_log WHERE wid IN ($ids)");
$database->query("DELETE FROM " . TB_PREFIX . "market WHERE vref IN ($ids)");
$database->query("DELETE FROM " . TB_PREFIX . "movement WHERE `from` IN ($ids) OR `to` IN ($ids)");
$database->query("DELETE FROM " . TB_PREFIX . "attacks WHERE vref IN ($ids)");
$database->query("DELETE FROM " . TB_PREFIX . "enforcement WHERE vref IN ($ids) OR `from` IN ($ids)");
$database->query("DELETE FROM " . TB_PREFIX . "prisoners WHERE wref IN ($ids) OR `from` IN ($ids)");
$database->query("DELETE FROM " . TB_PREFIX . "route WHERE wid IN ($ids)");
$database->query("DELETE FROM " . TB_PREFIX . "ww_attacks WHERE vid IN ($ids)");
// farmlist + raidlist
$fl = $database->query("SELECT id FROM " . TB_PREFIX . "farmlist WHERE wref IN ($ids)");
$flIds = [];
while($f = mysqli_fetch_assoc($fl)) { $flIds[] = (int)$f['id']; }
if ($flIds) {
$fids = implode(',', $flIds);
$database->query("DELETE FROM " . TB_PREFIX . "raidlist WHERE lid IN ($fids)");
}
$database->query("DELETE FROM " . TB_PREFIX . "farmlist WHERE wref IN ($ids)");
}
// ---------------------------------------------------------------------------
// 3. Șterge datele de user (doar tabele existente în dump)
// ---------------------------------------------------------------------------
$database->query("DELETE FROM " . TB_PREFIX . "users WHERE id = $uid");
$database->query("DELETE FROM " . TB_PREFIX . "hero WHERE uid = $uid");
$database->query("DELETE FROM " . TB_PREFIX . "mdata WHERE target = $uid OR owner = $uid");
$database->query("DELETE FROM " . TB_PREFIX . "ndata WHERE uid = $uid");
$database->query("DELETE FROM " . TB_PREFIX . "medal WHERE userid = $uid");
$database->query("DELETE FROM " . TB_PREFIX . "gold_fin_log WHERE uid = $uid");
$database->query("DELETE FROM " . TB_PREFIX . "links WHERE userid = $uid");
$database->query("DELETE FROM " . TB_PREFIX . "active WHERE username = '$username'");
$database->query("DELETE FROM " . TB_PREFIX . "online WHERE uid = $uid");
$database->query("DELETE FROM " . TB_PREFIX . "chat WHERE id_user = $uid");
$database->query("DELETE FROM " . TB_PREFIX . "login_log WHERE uid = $uid");
$database->query("DELETE FROM " . TB_PREFIX . "banlist WHERE uid = $uid");
$database->query("DELETE FROM " . TB_PREFIX . "deleting WHERE uid = $uid");
$database->query("DELETE FROM " . TB_PREFIX . "password WHERE uid = $uid");
$database->query("DELETE FROM " . TB_PREFIX . "illegal_log WHERE user = $uid");
$database->query("DELETE FROM " . TB_PREFIX . "ali_invite WHERE uid = $uid");
$database->query("DELETE FROM " . TB_PREFIX . "ali_permission WHERE uid = $uid");
$database->query("DELETE FROM " . TB_PREFIX . "forum_post WHERE owner = $uid");
$database->query("DELETE FROM " . TB_PREFIX . "forum_topic WHERE owner = $uid");
$database->query("DELETE FROM " . TB_PREFIX . "artefacts WHERE owner = $uid");
$database->query("DELETE FROM " . TB_PREFIX . "artefacts_chrono WHERE uid = $uid");
// ---------------------------------------------------------------------------
// 4. Log admin - identic cu delAli
// ---------------------------------------------------------------------------
$time = time();
$logText = "Deleted player ID $uid ($username)";
$logEsc = $database->escape($logText);
$database->query(
"INSERT INTO " . TB_PREFIX . "admin_log (`id`, `user`, `log`, `time`) " .
"VALUES (0, '$admid', '$logEsc', $time)"
);
header("Location: ../../../Admin/admin.php?p=search&deluser=1");
exit;
?>
Reference in New Issue View Git Blame Copy Permalink