diff --git a/buttons.php b/buttons.php
index ab977d8e..a92d916d 100644
--- a/buttons.php
+++ b/buttons.php
@@ -14,33 +14,20 @@ if (!defined('GAME_VERSION')) {
}
$code = PassGen::intCode();
-
-function er($e)
-{
- $link = Config::get('https');
- $err = <<
- Ошибка: $e
- Назад
-
- HTML;
- exit($err);
-}
-
-function gameexit()
-{
- setcookie('login', '', 0, '', Config::get('host'));
- setcookie('login', '', 0);
- setcookie('auth', '', 0);
- Db::sql('update users set online = unix_timestamp() - 420 where id = ?', [$u->info['id']]);
- exit(Config::get('exit'));
-}
-
Database::init();
define('IP', UserIp::get());
$u = User::start();
+function gameexit(int $uid)
+{
+ setcookie('login', '', 0, '', Config::get('host'));
+ setcookie('login', '', 0);
+ setcookie('auth', '', 0);
+ Db::sql('update users set online = unix_timestamp() - 420 where id = ?', [$uid]);
+ exit(Config::get('exit'));
+}
+
if (empty($u->info)) {
exit(Config::get('exit'));
}
@@ -49,7 +36,6 @@ $filter = new Filter();
$chat = new Chat();
$userclan = new Clan($u->info);
-
ini_set('max_execution_time', '120');
if (isset($_GET['showcode'])) {
@@ -59,10 +45,8 @@ if (isset($_GET['showcode'])) {
exit();
}
-if (isset($u->info['joinIP']) && $u->info['joinIP'] == 1 && $u->info['ip'] != IP) {
- er('#Пожалуйста авторизируйтесь с главной страницы');
-} elseif (isset($_GET['exit'])) {
- gameexit();
+if (isset($u->info['joinIP']) && $u->info['joinIP'] == 1 && $u->info['ip'] != IP || isset($_GET['exit'])) {
+ gameexit($u->info['id']);
}
if ($u->info['online'] < time() - 60) {
diff --git a/modules_data/location/dragopsh.php b/modules_data/location/dragopsh.php
index ee8b3c67..efa134d4 100644
--- a/modules_data/location/dragopsh.php
+++ b/modules_data/location/dragopsh.php
@@ -7,7 +7,6 @@ if ($u->room['file'] != 'dragopsh') {
return;
}
$d = new Dungeon;
-$d->start();
function sendSysChat(string $message, bool $hasDn = false, bool $hasReceiver = false) {
global $u;
diff --git a/news_script/index.php b/news_script/index.php
index 03c9954d..590acd77 100644
--- a/news_script/index.php
+++ b/news_script/index.php
@@ -1,6 +1,7 @@
0,
+ 'align' => 0,
+ 'admin' => 0,
+ 'level' => 0,
+ 'molch1' => 0,
+ 'molch2' => 0,
+ 'banned' => 0,
+];
/* Пользователь */
-$u = User::getInfo($_COOKIE['login']);
+if (!empty($_COOKIE['login'])) {
+ $u = array_merge($u, User::getInfo($_COOKIE['login']));
+}
$pg = 0;
$p = 1;
@@ -27,12 +39,8 @@ if ($url[2] == 'add') {
}
if ($url[2] == 'p') {
- $pal_al = ['1.1', '1.4', '1.5', '1.6', '1.7', '1.75', '1.9', '1.91', '1.92', '1.99'];
- $tar_al = ['3.01', '3.05', '3.06', '3.07', '3.075', '3.09', '3.091', '3.092', '3.99'];
-
- if (($u['admin'] > 0 || in_array($u['align'], $pal_al) || in_array($u['align'], $tar_al)) && $url[4] == 'delete') {
- mysql_query(
- 'UPDATE `events_news` SET `delete` = ' . $u['id'] . ' WHERE `id` = ' . (int)$url[5] . ' AND `delete` = 0');
+ if ($u['admin'] > 0 && $url[4] == 'delete') {
+ Db::sql('delete from events_news where id = ?', [(int)$url[5]]);
}
}
@@ -40,7 +48,15 @@ $add = [1];
if ($u['banned'] > 0 || $u['molch1'] > time() || $u['molch2'] > time()) {
if ($u['admin'] == 0 && $u['banned'] > 0) {
- unset($u);
+ $u = [
+ 'id' => 0,
+ 'align' => 0,
+ 'admin' => 0,
+ 'level' => 0,
+ 'molch1' => 0,
+ 'molch2' => 0,
+ 'banned' => 1,
+ ];
$add[0] = -1;
}
$add[0] = -2;
@@ -50,12 +66,8 @@ if ($u['level'] < 5) {
$add[0] = -4;
}
if ($add[0] == 1) {
- $pac = mysql_fetch_array(
- mysql_query(
- 'SELECT * FROM `events_news` WHERE `comment` > 0 AND `time` > "' . (time() - 60) . '" AND `uid` = "' . $u['id'] . '" LIMIT 1'
- )
- );
- if (isset($pac['id'])) {
+ $pac = Db::getValue('select id from events_news where comment > 0 and time > unix_timestamp() - 60 and uid = ?', [$u['id']]);
+ if (isset($pac)) {
$add[0] = -3;
}
unset($pac);
@@ -90,37 +102,19 @@ if ($pg < 0) {
$pg = 0;
}
-$pal_al = ['1.1', '1.4', '1.5', '1.6', '1.7', '1.75', '1.9', '1.91', '1.92', '1.99'];
-$tar_al = ['3.01', '3.05', '3.06', '3.07', '3.075', '3.09', '3.091', '3.092', '3.99'];
-
-if ($u['admin'] > 0 || in_array($u['align'], $pal_al) || in_array($u['align'], $tar_al)) {
+if ($u['admin'] > 0) {
if (isset($_GET['delete']) && isset($_GET['del2'])) {
- if (mysql_query(
- 'UPDATE `events_news` SET `delete` = "' . $u['id'] . '" WHERE `id` = "' . mysql_real_escape_string(
- $_GET['delete']
- ) . '" AND `delete` = 0 LIMIT 1'
- )) {
- mysql_query(
- 'UPDATE `events_news` SET `comments` = `comments` - 1 WHERE `id` = "' . mysql_real_escape_string(
- $_GET['del2']
- ) . '" LIMIT 1'
- );
- }
+ Db::sql('delete from events_news where id = ?', [$_GET['delete']]);
+ Db::sql('update events_news set comments = comments - 1 where id = ?', [$_GET['del2']]);
$_GET['st'] = $_GET['del2'];
}
if ($_POST['s_title'] == 'micronews1' || $_POST['s_title'] == 'micronews2') {
$micid = 1;
- if ($_POST['s_title'] == 'micronews1') {
- $micid = 1;
- } elseif ($_POST['s_title'] == 'micronews2') {
+ if ($_POST['s_title'] == 'micronews2') {
$micid = 2;
}
- mysql_query(
- 'UPDATE `events_mini` SET `text` = "' . mysql_real_escape_string(
- $_POST['s_text']
- ) . '" WHERE `id` = "' . $micid . '" LIMIT 1'
- );
- //
+ Db::sql('update events_mini set text = ? where id = ?', [$_POST['s_text'], $micid]);
+
} elseif (isset($_GET['delete'])) {
mysql_query(
'UPDATE `events_news` SET `delete` = "' . $u['id'] . '" WHERE `id` = "' . mysql_real_escape_string(