Sky/Dragon-Knight
Sky/Dragon-Knight
1
0
Fork 0
Code Issues Pull Requests Activity

v1.1.11

Browse Source 
### 1.1.11 (3.26.2006) ###
### Thanks to r0xes & Adam. :)
- Added recursive htmlspecialchars to the rest of the superglobal
security in lib.php.
- Fixed a bug that allowed blank passwords.
- Updated copyright dates as necessary.
This commit is contained in:
Jamin Blount 2017-02-05 11:12:22 -06:00
parent 00528a7396
commit 5d0ec593d2
9 changed files with 21 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
help.php
View File

@ -317,7 +317,7 @@ All original coding and graphics for the <i>Dragon Knight</i> game engine are &c
[ <a href="#top">Top</a> ]
<br /><br />
<table class="copyright" width="100%"><tr>
<td width="50%" align="center">Powered by <a href="http://dragon.se7enet.com/dev.php" target="_new">Dragon Knight</a></td><td width="50%" align="center">&copy; 2003-2004 by renderse7en</td>
<td width="50%" align="center">Powered by <a href="http://dragon.se7enet.com/dev.php" target="_new">Dragon Knight</a></td><td width="50%" align="center">&copy; 2003-2006 by renderse7en</td>
</tr></table>
</body>
</html>

2
help_items.php
View File

@ -149,7 +149,7 @@ while ($itemsrow = mysql_fetch_array($itemsquery)) {
</table>
<br />
<table class="copyright" width="100%"><tr>
<td width="50%" align="center">Powered by <a href="http://dragon.se7enet.com/dev.php" target="_new">Dragon Knight</a></td><td width="50%" align="center">&copy; 2003-2004 by renderse7en</td>
<td width="50%" align="center">Powered by <a href="http://dragon.se7enet.com/dev.php" target="_new">Dragon Knight</a></td><td width="50%" align="center">&copy; 2003-2006 by renderse7en</td>
</tr></table>
</body>
</html>

2
help_levels.php
View File

@ -135,7 +135,7 @@ while ($itemsrow = mysql_fetch_array($itemsquery)) {
Experience points listed are total values up until that point. All other values are just the new amount that you gain for each level.
<br /><br />
<table class="copyright" width="100%"><tr>
<td width="50%" align="center">Powered by <a href="http://dragon.se7enet.com/dev.php" target="_new">Dragon Knight</a></td><td width="50%" align="center">&copy; 2003-2004 by renderse7en</td>
<td width="50%" align="center">Powered by <a href="http://dragon.se7enet.com/dev.php" target="_new">Dragon Knight</a></td><td width="50%" align="center">&copy; 2003-2006 by renderse7en</td>
</tr></table>
</body>
</html>

2
help_monsters.php
View File

@ -90,7 +90,7 @@ while ($itemsrow = mysql_fetch_array($itemsquery)) {
</table>
<br />
<table class="copyright" width="100%"><tr>
<td width="50%" align="center">Powered by <a href="http://dragon.se7enet.com/dev.php" target="_new">Dragon Knight</a></td><td width="50%" align="center">&copy; 2003-2004 by renderse7en</td>
<td width="50%" align="center">Powered by <a href="http://dragon.se7enet.com/dev.php" target="_new">Dragon Knight</a></td><td width="50%" align="center">&copy; 2003-2006 by renderse7en</td>
</tr></table>
</body>
</html>

2
help_spells.php
View File

@ -100,7 +100,7 @@ while ($itemsrow = mysql_fetch_array($itemsquery)) {
<li /><b>+Defense</b> spells reduce the total damage you take from the monster by X percent until the end of each fight.
</ul>
<table class="copyright" width="100%"><tr>
<td width="50%" align="center">Powered by <a href="http://dragon.se7enet.com/dev.php" target="_new">Dragon Knight</a></td><td width="50%" align="center">&copy; 2003-2004 by renderse7en</td>
<td width="50%" align="center">Powered by <a href="http://dragon.se7enet.com/dev.php" target="_new">Dragon Knight</a></td><td width="50%" align="center">&copy; 2003-2006 by renderse7en</td>
</tr></table>
</body>
</html>

14
lib.php
View File

@ -2,7 +2,7 @@
$starttime = getmicrotime();
$numqueries = 0;
$version = "1.1.10b";
$version = "1.1.11";
$build = "";
// Handling for servers with magic_quotes turned on.
@ -15,8 +15,11 @@ if (get_magic_quotes_gpc()) {
}
$_POST = array_map('addslashes_deep', $_POST);
$_POST = array_map('html_deep', $_POST);
$_GET = array_map('addslashes_deep', $_GET);
$_GET = array_map('html_deep', $_GET);
$_COOKIE = array_map('addslashes_deep', $_COOKIE);
$_COOKIE = array_map('html_deep', $_COOKIE);
function stripslashes_deep($value) {
@ -36,6 +39,15 @@ function addslashes_deep($value) {
}
function html_deep($value) {
$value = is_array($value) ?
array_map('html_deep', $value) :
htmlspecialchars($value);
return $value;
}
function opendb() { // Open database connection.
include('config.php');

2
templates/admin.php
View File

@ -71,7 +71,7 @@ a:hover {
</td></tr></table>
<br />
<table class="copyright" width="90%"><tr>
<td width="25%" align="center">Powered by <a href="http://dragon.se7enet.com/dev.php" target="_new">Dragon Knight</a></td><td width="25%" align="center">&copy; 2003 by renderse7en</td><td width="25%" align="center">{{totaltime}} Seconds, {{numqueries}} Queries</td><td width="25%" align="center">Version {{version}} {{build}}</td>
<td width="25%" align="center">Powered by <a href="http://dragon.se7enet.com/dev.php" target="_new">Dragon Knight</a></td><td width="25%" align="center">&copy; 2003-2006 by renderse7en</td><td width="25%" align="center">{{totaltime}} Seconds, {{numqueries}} Queries</td><td width="25%" align="center">Version {{version}} {{build}}</td>
</center></body>
</html>
THEVERYENDOFYOU;

2
templates/primary.php
View File

@ -82,7 +82,7 @@ winpops=window.open(popurl,"","width=520,height=520,scrollbars")
</tr>
</table><br />
<table class="copyright" width="90%"><tr>
<td width="25%" align="center">Powered by <a href="http://dragon.se7enet.com/dev.php" target="_new">Dragon Knight</a></td><td width="25%" align="center">&copy; 2003-2004 by renderse7en</td><td width="25%" align="center">{{totaltime}} Seconds, {{numqueries}} Queries</td><td width="25%" align="center">Version {{version}} {{build}}</td>
<td width="25%" align="center">Powered by <a href="http://dragon.se7enet.com/dev.php" target="_new">Dragon Knight</a></td><td width="25%" align="center">&copy; 2003-2006 by renderse7en</td><td width="25%" align="center">{{totaltime}} Seconds, {{numqueries}} Queries</td><td width="25%" align="center">Version {{version}} {{build}}</td>
</tr></table>
</center></body>
</html>

1
users.php
View File

@ -44,6 +44,7 @@ function register() { // Register a new account.
if (mysql_num_rows($emailquery) > 0) { $errors++; $errorlist .= "Email already taken - unique email address required.<br />"; }
// Process password.
if (trim($password1) == "") { $errors++; $errorlist .= "Password field is required.<br />"; }
if (preg_match("/[^A-z0-9_\-]/", $password1)==1) { $errors++; $errorlist .= "Password must be alphanumeric.<br />"; } // Thanks to "Carlos Pires" from php.net!
if ($password1 != $password2) { $errors++; $errorlist .= "Passwords don't match.<br />"; }
$password = md5($password1);