xinyin025/TravianZ
1
0
Fork 0
mirror of https://github.com/Shadowss/TravianZ.git synced 2026-06-28 08:34:33 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
e17bb3dec6f05cd8941ba2bb4dd70f7e1ac9512e
TravianZ/GameEngine/Admin/Mods/givePlus.php
T

77 lines
2.8 KiB
PHP
Executable File
Raw Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
<?php
#################################################################################
## -= YOU MAY NOT REMOVE OR CHANGE THIS NOTICE =- ##
## --------------------------------------------------------------------------- ##
## Filename givePlus.php ##
## Type BACKEND ##
## Developed by: aggenkeech ##
## License: TravianZ Project ##
## Copyright: TravianZ (c) 2010-2025. All rights reserved. ##
## ##
#################################################################################
if (!isset($_SESSION)) {
session_start();
}
if (empty($_SESSION['access']) || $_SESSION['access'] < 9) {
die("Access Denied: You are not Admin!");
}
// Issue #139: this Mod is POSTed to directly, so it must verify the CSRF token
// itself (it does not go through admin.php's central csrf_verify()).
require_once(__DIR__ . '/../csrf.php');
csrf_verify();
include_once("../../config.php");
// ---------------------------------------------------------------------------
// Autoloader path
// ---------------------------------------------------------------------------
$autoprefix = '';
for ($i = 0; $i < 5; $i++) {
$autoprefix = str_repeat('../', $i);
if (file_exists($autoprefix . 'autoloader.php')) {
break;
}
}
include_once($autoprefix . "GameEngine/Database.php");
// ---------------------------------------------------------------------------
// Input
// ---------------------------------------------------------------------------
$days = (int)($_POST['plus'] ?? 0);
if ($days <= 0) {
header("Location: ../../../Admin/admin.php?p=givePlus&e=0");
exit;
}
$plusdur = $days * 86400;
$time = time();
// ---------------------------------------------------------------------------
// Update în masă fără loop
// ---------------------------------------------------------------------------
// Dacă plus < now, pornește de acum, altfel adaugă la timpul existent
$database->query(
"UPDATE " . TB_PREFIX . "users
SET plus = IF(plus < $time, $time + $plusdur, plus + $plusdur)
WHERE id > 3"
);
// ---------------------------------------------------------------------------
// Log admin
// ---------------------------------------------------------------------------
$adminId = (int)$_SESSION['id'];
$logText = "Gave $days days Plus to all players";
$logEsc = $database->escape($logText);
$database->query(
"INSERT INTO " . TB_PREFIX . "admin_log (`id`, `user`, `log`, `time`) " .
"VALUES (0, '$adminId', '$logEsc', $time)"
);
header("Location: ../../../Admin/admin.php?p=givePlus&g=1");
exit;
?>
Reference in New Issue View Git Blame Copy Permalink