removed not required fields in the database. This required code to be adjusted!

main
hecht 13 years ago
parent 106d4f0797
commit f42a356499

@ -12,14 +12,14 @@ include_once(ROOT_PATH.'/include/fehlerausgabe.inc.php');
include_once (ROOT_PATH . '/include/parse.inc.php');
// GET-Section
// Kritisch (SQL-Injections)
$clan_geld=validateUnsignedInteger($_GET['clan_geld'], null);
$clan_geld=validateUnsignedInteger($_GET['clan_geld'], null);
// Unkritisch
$charm=$_GET['charm'];
$mindestchar = 12;
$clan = mysql_fetch_array(mysql_query("SELECT geld FROM clan WHERE id='$user_ida[clan]' LIMIT 1"));
$user = mysql_fetch_array(mysql_Query("SELECT nickname, clan_geld, geld FROM user WHERE id='$user_ida[id]' LIMIT 1"));
$user = mysql_fetch_array(mysql_Query("SELECT nickname, geld FROM user WHERE id='$user_ida[id]' LIMIT 1"));
if ($charm == 1) {
if($clan_geld <= 0) {
@ -35,7 +35,7 @@ if ($charm == 1) {
if(strlen($clan_geld)>8) {
mysql_query("INSERT INTO cheater values('$user_ida[id]','Versuchte mehr als 99.999.999 aufeinmal zu Spenden! (Eingabe:".$clan_geld.")',now())");
displayErrorMessage(NULL,'Es kann nicht mehr als 99.999.999 aufeinmal gespendet werden!', '<a href="index.php?as=clan/spende">weiter...</a>');
exit;
exit;
}
if($clan_geld <= 0) {
@ -82,7 +82,7 @@ var aktiv;
function button_plus(feld,schritt)
{
nummer=parseInt(document.forms[0].elements[feld].value)+schritt;
document.forms[0].elements[feld].value=nummer;
@ -93,7 +93,7 @@ function button_minus(feld,min,schritt)
{
if(document.forms[0].elements[feld].value>min)
{
nummer=parseInt(document.forms[0].elements[feld].value)-schritt;
document.forms[0].elements[feld].value=nummer;
@ -179,7 +179,7 @@ $clan_untersch = 0;
for($i=0;$i<$raumanzahl;$i++){
$clan_kosten += $clanraum_a[$i]['miete']*max($mindestchar, $clanrauminfo[$clanraum_a[$i]['id']]['anzahl']);
if($clanrauminfo[$clanraum_a[$i]['id']]['anzahl'] < $mindestchar){
$clan_untersch += ($mindestchar - $clanrauminfo[$clanraum_a[$i]['id']]['anzahl']) * $clanraum_a[$i]['miete'];
$clan_untersch += ($mindestchar - $clanrauminfo[$clanraum_a[$i]['id']]['anzahl']) * $clanraum_a[$i]['miete'];
}
}
@ -239,18 +239,18 @@ while($row = mysql_fetch_assoc($clans_spend)) {
</tr>
<tr>
<th><?php echo $member; ?> Member</th>
<th><?php
<th><?php
$sql = 'SELECT sum(spende) as summe FROM user_clan WHERE clanid ='.$user_ida['clan'];
$qry = mysql_query($sql);
$row_s = mysql_fetch_assoc($qry);
echo displayMoney($row_s['summe']);
echo displayMoney($row_s['summe']);
?></th>
<?php
<?php
for($i=0;$i<$raumanzahl;$i++){
if($clanrauminfo[$clanraum_a[$i]['id']]['anzahl'] < $mindestchar){
echo '<th>'.$mindestchar.' ('.$clanrauminfo[$clanraum_a[$i]['id']]['anzahl'].')</th>';
echo '<th>'.$mindestchar.' ('.$clanrauminfo[$clanraum_a[$i]['id']]['anzahl'].')</th>';
}else{
echo '<th>'.$clanrauminfo[$clanraum_a[$i]['id']]['anzahl'].'</th>';
echo '<th>'.$clanrauminfo[$clanraum_a[$i]['id']]['anzahl'].'</th>';
}
}
?>

@ -102,17 +102,9 @@ if ($name AND $passwort) {
} else {
$geldstring = displayMoney($user_info_test['geld'] - $auktionensumme) . ' (' . $user_info_test2['geld'] . ')';
}
$points = mysql_Fetch_array(mysql_Query("SELECT pkt FROM user WHERE nickname='$name' LIMIT 1"));
$points2[pkt] = number_format($points[pkt], 0, "", ".");
$points3 = $points2[pkt];
if ($name == 'Pegasus') {
$status_009 .= "<a href='index.php?as=status'>Status</a><br>";
}
$status_009 .= "Geld: $geldstring<br>";
// $status_009 .= "IP: $points3 <br>";
$status_009 .= '<a href="index.php?as=profil">Profil</a><br>';
$status_009 .= '<a href="index.php?as=ticker">User Ticker</a><br>';

@ -530,13 +530,9 @@ function display($user, $portal, $pagenum){
} else {
$pw_exe = 'pass2';
}
if($user['scouter']) {
$ca_pl = ($char['starke'] + $char['verteidigung'] + $char['speed'] + $char['ausdauer'] + $char['glueck']);
$ca_pls = 'PL';
} else {
$ca_pl = (($char['starke'] + $char['verteidigung'] + $char['speed'] + $char['ausdauer'] + $char['glueck']) * 2) + mt_rand(1,30) * 0.8;
$ca_pls = 'Ca. PL';
}
$ca_pl = ($char['starke'] + $char['verteidigung'] + $char['speed'] + $char['ausdauer'] + $char['glueck']);
$ca_pls = 'PL';
$char_min = $row['lvlmin'];
$char_max = $row['lvlmax'];
if($char_min < 1) {

@ -125,9 +125,9 @@ $u++;
$user = mysql_fetch_array(mysql_query("SELECT geld, item_res FROM user WHERE id='$user_ida[id]'"));
$item_preis = ($item_preis / 100) * (100 - $user[item_res]);
$item_preis = ($item_preis / 100) * (100 - $user['item_res']);
$auktionensumme = mysql_fetch_assoc(mysql_query('SELECT SUM(aktuellesgebot) as summe FROM auktion WHERE bieter = '.$user_ida[id].' GROUP BY bieter'));
$auktionensumme = mysql_fetch_assoc(mysql_query('SELECT SUM(aktuellesgebot) as summe FROM auktion WHERE bieter = '.$user_ida['id'].' GROUP BY bieter'));
$auktionensumme = $auktionensumme[summe];
if($user[geld]<$item_preis+$auktionensumme) {

@ -86,7 +86,6 @@ mysql_query("DELETE FROM liga_kampf");
mysql_query("DELETE FROM wanted_kampf");
mysql_query("UPDATE chars SET status='Frei' WHERE status='Tod'");
mysql_query("UPDATE user SET pw_fight='4'");
//mysql_query("UPDATE user SET ks_points=ks_points+'1' WHERE ks_points < 30");
//////////////////////////////////NPCS!!!!

@ -1571,12 +1571,8 @@ CREATE TABLE `user` (
`bann` varchar(4) COLLATE utf8_unicode_ci NOT NULL DEFAULT 'nein',
`icq` varchar(20) COLLATE utf8_unicode_ci NOT NULL DEFAULT '',
`clan` int(11) DEFAULT NULL,
`clan_geld` int(50) NOT NULL DEFAULT '0',
`clan_train` int(20) NOT NULL DEFAULT '0',
`item_res` int(2) NOT NULL DEFAULT '0',
`scouter` int(1) NOT NULL DEFAULT '0',
`char_max` int(11) NOT NULL DEFAULT '2',
`ks_points` int(20) NOT NULL DEFAULT '5',
`agb` varchar(4) COLLATE utf8_unicode_ci NOT NULL DEFAULT 'nein',
`post` int(1) NOT NULL DEFAULT '1',
`schnelllink` int(1) NOT NULL DEFAULT '1',
@ -1586,8 +1582,6 @@ CREATE TABLE `user` (
`chat` int(1) NOT NULL DEFAULT '1',
`chat_anzahl` char(2) COLLATE utf8_unicode_ci NOT NULL DEFAULT '5',
`code` int(11) NOT NULL DEFAULT '8',
`pkt` int(10) unsigned NOT NULL DEFAULT '0',
`pkt_use` int(10) unsigned NOT NULL DEFAULT '0',
PRIMARY KEY (`id`),
UNIQUE KEY `nickname_2` (`nickname`),
KEY `passwort` (`passwort`),

Loading…
Cancel
Save