v1.1.4
### 1.1.4 (8.23.2004) ### ### Thanks to Gary13579 and Maebius. :) - Fixed URL cheat that allowed people to get healed for free. - Changes to make babblebox more secure from html/bbcode exploits.
This commit is contained in:
Jamin Blount
parent
9bbdf67ea6
commit
96d172878f
|
|
@ -254,7 +254,7 @@ function babblebox() {
|
|||
global $userrow;
|
||||
|
||||
if (isset($_POST["submit"])) {
|
||||
$safecontent = my_htmlspecialchars($_POST["babble"]);
|
||||
$safecontent = makesafe($_POST["babble"]);
|
||||
if ($safecontent == "" || $safecontent == " ") { //blank post. do nothing.
|
||||
} else { $insert = doquery("INSERT INTO {{table}} SET id='',posttime=NOW(),author='".$userrow["charname"]."',babble='$safecontent'", "babble"); }
|
||||
header("Location: index.php?do=babblebox");
|
||||
|
|
|
|||
32
lib.php
32
lib.php
|
|
@ -2,7 +2,7 @@
|
|||
|
||||
$starttime = getmicrotime();
|
||||
$numqueries = 0;
|
||||
$version = "1.1.3a";
|
||||
$version = "1.1.4";
|
||||
$build = "";
|
||||
|
||||
function opendb() { // Open database connection.
|
||||
|
|
@ -67,28 +67,16 @@ function is_email($email) { // Thanks to "mail(at)philipp-louis.de" from php.net
|
|||
|
||||
}
|
||||
|
||||
function my_htmlspecialchars($text) { // Thanks to "etymxris at yahoo dot com" from php.net!
|
||||
function makesafe($d) {
|
||||
|
||||
$d = str_replace("\t","",$d);
|
||||
$d = str_replace("<","<",$d);
|
||||
$d = str_replace(">",">",$d);
|
||||
$d = str_replace("\n","",$d);
|
||||
$d = str_replace("|","??",$d);
|
||||
$d = str_replace(" "," ",$d);
|
||||
return $d;
|
||||
|
||||
$ALLOWABLE_TAGS = array("b", "i", "u", "p", "blockquote", "ol", "ul", "li");
|
||||
static $PATTERNS = array();
|
||||
static $REPLACEMENTS = array();
|
||||
if (count($PATTERNS) == 0) {
|
||||
foreach ($ALLOWABLE_TAGS as $tag) {
|
||||
$PATTERNS[] = "/<$tag>/i";
|
||||
$PATTERNS[] = "/<\/$tag>/i";
|
||||
$REPLACEMENTS[] = "<$tag>";
|
||||
$REPLACEMENTS[] = "</$tag>";
|
||||
}
|
||||
}
|
||||
|
||||
$result = str_replace(array(">", "<", "\"", "'"),
|
||||
array(">", "<", """, "'"),
|
||||
$text);
|
||||
|
||||
$result = preg_replace($PATTERNS, $REPLACEMENTS, $result);
|
||||
|
||||
return $result;
|
||||
|
||||
}
|
||||
|
||||
function admindisplay($content, $title) { // Finalize page and output to browser.
|
||||
|
|
|
|||
|
|
@ -5,6 +5,7 @@ function inn() { // Staying at the inn resets all expendable stats to their max
|
|||
global $userrow, $numqueries;
|
||||
|
||||
$townquery = doquery("SELECT name,innprice FROM {{table}} WHERE latitude='".$userrow["latitude"]."' AND longitude='".$userrow["longitude"]."' LIMIT 1", "towns");
|
||||
if (mysql_num_rows($townquery) != 1) { display("Cheat attempt detected.<br /><br />Get a life, loser."); }
|
||||
$townrow = mysql_fetch_array($townquery);
|
||||
|
||||
if ($userrow["gold"] < $townrow["innprice"]) { display("You do not have enough gold to stay at this Inn tonight.<br /><br />You may return to <a href=\"index.php\">town</a>, or use the direction buttons on the left to start exploring.", "Inn"); die(); }
|
||||
|
|
@ -40,6 +41,7 @@ function buy() { // Displays a list of available items for purchase.
|
|||
global $userrow, $numqueries;
|
||||
|
||||
$townquery = doquery("SELECT name,itemslist FROM {{table}} WHERE latitude='".$userrow["latitude"]."' AND longitude='".$userrow["longitude"]."' LIMIT 1", "towns");
|
||||
if (mysql_num_rows($townquery) != 1) { display("Cheat attempt detected.<br /><br />Get a life, loser."); }
|
||||
$townrow = mysql_fetch_array($townquery);
|
||||
|
||||
$itemslist = explode(",",$townrow["itemslist"]);
|
||||
|
|
|
|||
Loading…
Reference in New Issue
Block a user