new-combats/game
3
0
Fork 0
Code Issues 23 Pull Requests Releases Wiki Activity

Remove cp1251. Я сильно недооценивал трудолюбие неизвестного кодера.

Browse Source
This commit is contained in:
Ivor Barhansky
2023-01-10 19:26:14 +02:00
parent 008f36c094
commit b3810d2349
147 changed files with 267 additions and 1295 deletions
Download Patch File Download Diff File Expand all files Collapse all files
modules_data/location/an/bank.php
+1 -1
View File
@@ -147,7 +147,7 @@ if ($u->room['file'] == 'an/bank') {
$re2 = 'У вас недостаточно кр.';
} elseif ($u->info['align'] != 2) {
$pass = rand(10000, 91191);
$pass = htmlspecialchars($_POST['pass1'], null, 'cp1251');
$pass = htmlspecialchars($_POST['pass1'], null);
$ins = mysql_query(
'INSERT INTO `bank` (`uid`,`create`,`pass`) VALUES ("' . $u->info['id'] . '","' . time(
) . '","' . $pass . '")'
modules_data/location/an/post.php
+2 -2
View File
@@ -326,7 +326,7 @@ if(isset($pu['id'])) {
$ttest['time'] = -$ttest['time'];
}
if( !isset($ttest['id']) || ( $ttest['time']-$tmgo*60-time()+10 ) <= 0 ) {
$_POST['snd_telegraf'] = htmlspecialchars($_POST['snd_telegraf'],NULL,'cp1251');
$_POST['snd_telegraf'] = htmlspecialchars($_POST['snd_telegraf'],NULL);
$_POST['snd_telegraf'] = substr($_POST['snd_telegraf'],0,100);
$_POST['snd_telegraf'] = str_replace('<','&lt;',$_POST['snd_telegraf']);
$_POST['snd_telegraf'] = str_replace('\x3e','&lt;',$_POST['snd_telegraf']);
@@ -351,7 +351,7 @@ if(isset($pu['id'])) {
}elseif(isset($_POST['send3'])) {
if($u->info['money'] >= 1) {
//max_text
$_POST['snd_post'] = htmlspecialchars($_POST['snd_post'],NULL,'cp1251');
$_POST['snd_post'] = htmlspecialchars($_POST['snd_post'],NULL);
$_POST['snd_post'] = substr($_POST['snd_post'],0,500);
$_POST['snd_post'] = str_replace('<','&lt;',$_POST['snd_post']);
$_POST['snd_post'] = str_replace('\x3e','&lt;',$_POST['snd_post']);
modules_data/location/an/room_hostel.php
+1 -1
View File
@@ -447,7 +447,7 @@ if( $hostel['balance'] <= 0 && $u->room['id'] != 253 && $sleep['vars'] != 'sleep
if($u->info['money']>0 && (int)$_POST['payarenda']>0 && ((int)$_POST['payarenda']<=$u->info['money'])) {
$paytime = ($_POST['payarenda']/$hostel['weekcost'])*604800;
mysql_query("UPDATE `house`,`users` SET `house`.`endtime` = `house`.`endtime`+'".$paytime."', `house`.`balance` = `house`.`balance`+'".mysql_real_escape_string($_POST['payarenda'])."' WHERE `house`.`owner` = `users`.`id` AND `house`.`owner` = '".mysql_real_escape_string($u->info['id'])."';");
$err = '<FONT COLOR=red><B>Вы положили на счет '.htmlspecialchars($_POST['payarenda'],NULL,'cp1251').'.00 кр.</B></FONT> ';
$err = '<FONT COLOR=red><B>Вы положили на счет '.htmlspecialchars($_POST['payarenda'],NULL).'.00 кр.</B></FONT> ';
$u->info['money'] -= round((int)$_POST['payarenda']);
mysql_query('UPDATE `users` SET `money` = "'.mysql_real_escape_string($u->info['money']).'" WHERE `id` = "'.$u->info['id'].'" LIMIT 1');
$hostel['balance'] +=$_POST['payarenda'];
modules_data/location/an/shop_.php
+4 -4
View File
@@ -39,10 +39,10 @@ if($u->room['file']=='an/shop_')
$itm['gtxt1'] = str_replace('\x3C','<',$itm['gtxt1']);
$itm['gtxt1'] = str_replace('\x3','>',$itm['gtxt1']);
$itm['gtxt1'] = htmlspecialchars($itm['gtxt1'],NULL,'cp1251');
$itm['gtxt1'] = htmlspecialchars($itm['gtxt1']);
$itm['gtxt2'] = str_replace('\x3C','<',$itm['gtxt2']);
$itm['gtxt2'] = str_replace('\x3','>',$itm['gtxt2']);
$itm['gtxt2'] = htmlspecialchars($itm['gtxt2'],NULL,'cp1251');
$itm['gtxt2'] = htmlspecialchars($itm['gtxt2'],NULL);
$upd = mysql_query('UPDATE `items_users` SET `data` = "'.$itm['data'].'",`gtxt1` = "'.mysql_real_escape_string($itm['gtxt1']).'",`gtxt2` = "'.mysql_real_escape_string($itm['gtxt2']).'", `uid` = "'.$to['id'].'", `gift` = "'.$u->info['login'].'",`time_create` = "'.time().'" WHERE `id` = "'.$itm['id'].'" LIMIT 1');
$whos = mysql_fetch_array(mysql_query('SELECT `login` FROM `users` WHERE `id` = "'.$to['id'].'" LIMIT 1'));
@@ -76,10 +76,10 @@ if($u->room['file']=='an/shop_')
$itm['gtxt1'] = str_replace('\x3C','<',$itm['gtxt1']);
$itm['gtxt1'] = str_replace('\x3','>',$itm['gtxt1']);
$itm['gtxt1'] = htmlspecialchars($itm['gtxt1'],NULL,'cp1251');
$itm['gtxt1'] = htmlspecialchars($itm['gtxt1'],NULL);
$itm['gtxt2'] = str_replace('\x3C','<',$itm['gtxt2']);
$itm['gtxt2'] = str_replace('\x3','>',$itm['gtxt2']);
$itm['gtxt2'] = htmlspecialchars($itm['gtxt2'],NULL,'cp1251');
$itm['gtxt2'] = htmlspecialchars($itm['gtxt2'],NULL);
$upd = mysql_query('UPDATE `items_users` SET `data` = "'.$itm['data'].'",`gtxt1` = "'.mysql_real_escape_string($itm['gtxt1']).'",`gtxt2` = "'.mysql_real_escape_string($itm['gtxt2']).'", `uid` = "'.$to['id'].'", `gift` = "'.$u->info['login'].'",`time_create` = "'.time().'" WHERE `id` = "'.$itm['id'].'" LIMIT 1');
$whos = mysql_fetch_array(mysql_query('SELECT `login` FROM `users` WHERE `id` = "'.$to['id'].'" LIMIT 1'));