new-combats/game
3
0
Fork 0
Code Issues 23 Pull Requests Releases Wiki Activity

Remove cp1251. Я сильно недооценивал трудолюбие неизвестного кодера.

Browse Source
This commit is contained in:
Ivor Barhansky
2023-01-10 19:26:14 +02:00
parent 008f36c094
commit b3810d2349
147 changed files with 267 additions and 1295 deletions
Download Patch File Download Diff File Expand all files Collapse all files
forum_script/_forum.class.php
+2 -2
View File
@@ -13,7 +13,7 @@ class forum
{
if (isset($_GET['search'])) {
$where = '( `text` LIKE "%' . mysql_real_escape_string($_GET['search']) . '%" OR `title` LIKE "%' . mysql_real_escape_string($_GET['search']) . '%" OR `login` LIKE "%' . mysql_real_escape_string($_GET['search']) . '%" ) AND `topic` < "0" AND `delete` = "0"';
$pre_url = 'search=' . htmlspecialchars($_GET['search'], null, 'cp1251') . '&read=' . $pagers . '&';
$pre_url = 'search=' . htmlspecialchars($_GET['search'], null) . '&read=' . $pagers . '&';
$idpaginator = $pagers;
} elseif ($pagers != 0) {
$where = '`topic` = "' . $pagers . '" AND `delete` = "0"';
@@ -506,7 +506,7 @@ class forum
$tl['id'] = $uid;
}
$lst = mysql_fetch_array(mysql_query('SELECT * FROM `forum_msg` WHERE `topic` = "' . mysql_real_escape_string($topic) . '" OR (`topic` = "-1" AND `id` = "' . mysql_real_escape_string($topic) . '") ORDER BY `time` DESC LIMIT 1'));
$ins = mysql_query('INSERT INTO `forum_msg` (`cityreg`,`city`,`align`,`clan`,`level`,`login`,`fid`,`title`,`topic`,`ico`,`text`,`time`,`ip`,`uid`) VALUES ("' . mysql_real_escape_string($tl['cityreg']) . '","' . mysql_real_escape_string($tl['city']) . '","' . mysql_real_escape_string($tl['align']) . '","' . mysql_real_escape_string($tl['clan']) . '","' . mysql_real_escape_string($tl['level']) . '","' . mysql_real_escape_string($tl['login']) . '","' . mysql_real_escape_string($fid) . '","' . mysql_real_escape_string(htmlspecialchars($title, null, 'cp1251')) . '","' . mysql_real_escape_string($topic) . '","' . mysql_real_escape_string($ico) . '","' . mysql_real_escape_string(htmlspecialchars($text, null, 'cp1251')) . '","' . mysql_real_escape_string($time) . '","' . $_SERVER['HTTP_X_REAL_IP'] . '","' . $tl['id'] . '")');
$ins = mysql_query('INSERT INTO `forum_msg` (`cityreg`,`city`,`align`,`clan`,`level`,`login`,`fid`,`title`,`topic`,`ico`,`text`,`time`,`ip`,`uid`) VALUES ("' . mysql_real_escape_string($tl['cityreg']) . '","' . mysql_real_escape_string($tl['city']) . '","' . mysql_real_escape_string($tl['align']) . '","' . mysql_real_escape_string($tl['clan']) . '","' . mysql_real_escape_string($tl['level']) . '","' . mysql_real_escape_string($tl['login']) . '","' . mysql_real_escape_string($fid) . '","' . mysql_real_escape_string(htmlspecialchars($title, null)) . '","' . mysql_real_escape_string($topic) . '","' . mysql_real_escape_string($ico) . '","' . mysql_real_escape_string(htmlspecialchars($text, null)) . '","' . mysql_real_escape_string($time) . '","' . $_SERVER['HTTP_X_REAL_IP'] . '","' . $tl['id'] . '")');
if (!$ins) {
$this->error = 'Ошибка создания топика';
return false;
forum_script/index.php
+2 -2
View File
@@ -135,7 +135,7 @@ $dost = [0 => 'всем пользователям', 1 => 'только чтен
<!DOCTYPE html>
<html>
<head>
<meta charset="windows-1251"/>
<link rel="canonical" href="https://new-combats.com/forum"/>
<title>Форум браузерной онлайн игры Новый «Бойцовский клуб»</title>
<meta name="description"
@@ -532,7 +532,7 @@ function MM_jumpMenu(targ, selObj, restore) { //v3.0
$_POST['search'] = $_GET['search'];
}
$word = $_POST['search'];
$word = htmlspecialchars($word, null, 'cp1251');
$word = htmlspecialchars($word, null);
$limw = mysql_fetch_array(
mysql_query(
'SELECT COUNT(*) FROM `forum_msg` WHERE ( `text` LIKE "%' . mysql_real_escape_string(