diff --git a/htdocs/index.php b/htdocs/index.php index 99e6da2..38ec788 100644 --- a/htdocs/index.php +++ b/htdocs/index.php @@ -64,7 +64,7 @@ if (isset($SESS) && !(empty($SESS->values["connected"]) && empty($SESS->values[' //On gère les demande de changement de planète if (isset($_POST["planete"])) { - if (ereg("A", $_POST["planete"])) + if (preg_match("#A#", $_POST["planete"])) { $idAsteroideTest = intval(substr(gpc("planete", "post"), 1)); if ($bdd->unique_query("SELECT id FROM $table_alliances WHERE id = $idAsteroideTest;") && $bdd->unique_query("SELECT id FROM $table_user WHERE id = $id_user AND id_alliance = $idAsteroideTest;")) diff --git a/onyx2/include/Class/asteroide.php b/onyx2/include/Class/asteroide.php index 69cc3d2..f4f174f 100644 --- a/onyx2/include/Class/asteroide.php +++ b/onyx2/include/Class/asteroide.php @@ -60,7 +60,7 @@ class Asteroide extends Surface parent::User($SESS->values['id']); //On utilise le numéro d'utilisateur enregistré en session $this->galaxie = $plan["galaxie"]; $this->ss = $plan["ss"]; - $this->points_alliance = $plan["points_alliance"]; + $this->points_alliance = @$plan["points_alliance"]; $this->nom_asteroide = $plan["nom_asteroide"]; $this->image = $this->image_asteroide = $plan["image_asteroide"]; $this->debris_met = $plan["debris_met"]; diff --git a/onyx2/include/Class/planete.php b/onyx2/include/Class/planete.php index dd80e75..067f1de 100644 --- a/onyx2/include/Class/planete.php +++ b/onyx2/include/Class/planete.php @@ -80,7 +80,7 @@ class Planete extends Surface $this->nom_planete = $plan["nom_planete"]; $this->image = $plan["image"]; $this->cases = $plan["cases"]; - $this->energieCentrale = $plan["energieCentrale"]; + $this->energieCentrale = @$plan["energieCentrale"]; $this->debris_met = $plan["debris_met"]; $this->debris_cri = $plan["debris_cri"]; $this->metal = $plan["metal"]; diff --git a/onyx2/include/Class/user.php b/onyx2/include/Class/user.php index 447d642..48a5a87 100644 --- a/onyx2/include/Class/user.php +++ b/onyx2/include/Class/user.php @@ -56,7 +56,7 @@ class User{ $this->pseudo = $user["pseudo"]; $this->auth_level = $user["auth_level"]; $this->race = $user["race"]; - $this->options = intval($user["options"]); + $this->options = @intval($user["options"]); $this->mv = $user["mv"]; $this->id_alliance = $user["id_alliance"]; $this->id_grade_alliance = $user["id_grade_alliance"]; diff --git a/onyx2/include/admin/flottes.php b/onyx2/include/admin/flottes.php index 302ae29..42240bd 100644 --- a/onyx2/include/admin/flottes.php +++ b/onyx2/include/admin/flottes.php @@ -6,10 +6,12 @@ $titre = 'Vérification flottes'; //Vérification des flottes if (!isset($_GET['ceil'])) $_GET['ceil'] = 5000; -$chapeau->connexion(); -$req = mysql_query("SELECT * FROM `$table_flottes` ORDER BY `start_time` DESC"); +$bdd = new BDD(); +$res = $bdd->query("SELECT * FROM `$table_flottes` ORDER BY `start_time` DESC"); +$bdd->deconnexion(); $tableau = array(); -while($resultat = mysql_fetch_array($req)) { +if (isset($resultat)) + foreach($resultat as $res) { $user_source = infoPlan($resultat['end_galaxie'], $resultat['end_ss'], $resultat['end_position'], 'id_user'); if ($resultat['contenu_metal'] + $resultat['contenu_cristal'] + $resultat['contenu_hydrogene'] >= $_GET['ceil']) $color = 'FF0000'; elseif ($user_source != $resultat['id_user']) $color = 'DFBF00'; diff --git a/onyx2/include/admin/ip.php b/onyx2/include/admin/ip.php index 3bcb4c6..72395ff 100644 --- a/onyx2/include/admin/ip.php +++ b/onyx2/include/admin/ip.php @@ -40,6 +40,7 @@ $bdd->deconnexion(); $anc = array('ip' => 0, 'id_util' => 0); $tableau = array(); +if (isset($resultat)) foreach($req as $resultat) { if ($resultat['mv'] == 3) diff --git a/onyx2/include/common.php b/onyx2/include/common.php index 8f12806..568caab 100644 --- a/onyx2/include/common.php +++ b/onyx2/include/common.php @@ -50,7 +50,7 @@ if (!empty($sess->values["connected"])) unset($header); //Evite les attaques CSRF -if (!empty($_SERVER["HTTP_REFERER"]) && !(preg_match('#^http://'.$_SERVER['HTTP_HOST'].'#', $_SERVER["HTTP_REFERER"]) && defined("xCSRF"))) +if (!empty($_SERVER["HTTP_REFERER"]) && !(preg_match('#^https://'.$_SERVER['HTTP_HOST'].'#', $_SERVER["HTTP_REFERER"]) && defined("xCSRF"))) { elog("Possibilité d'attaque CSRF\n".var_export($_REQUEST, TRUE), 2); unset($_POST, $_GET); diff --git a/onyx2/include/game/flottes/principal.php b/onyx2/include/game/flottes/principal.php index 4a8941b..a62ec4a 100644 --- a/onyx2/include/game/flottes/principal.php +++ b/onyx2/include/game/flottes/principal.php @@ -46,7 +46,10 @@ $page = 'flotte1'; } //Calcul du nombre de slot disponible et vérouillage de l'envoie si besoin - $nbFlottes = count($flottes); + if ($flottes) + $nbFlottes = count($flottes); + else + $nbFlottes = 0; if (SURFACE == "asteroide") { if ($planete->batiments[2] == 1) diff --git a/onyx2/include/game/rename.php b/onyx2/include/game/rename.php index 2089d78..b45fdfb 100644 --- a/onyx2/include/game/rename.php +++ b/onyx2/include/game/rename.php @@ -10,7 +10,7 @@ if (isset($_POST['planete'])) erreur('Vous n\'avez indiqué aucun nom de planète.', "red", '?p=rename'); elseif (limite($nouvNom, 18)) erreur('Le nom de votre planète est trop long.', "red", '?p=rename'); - elseif (ereg('staf', strtolower($nouvNom)) && $SESS->level < 4) + elseif (preg_match('#staf#', strtolower($nouvNom)) && $SESS->level < 4) erreur('Vous devez faire parti du staff pour afficher le nom "staff" dans le nom de votre planète !', "red", '?p=rename'); else { diff --git a/onyx2/include/server/avertmulti.php b/onyx2/include/server/avertmulti.php index ed74e8d..2834b0d 100644 --- a/onyx2/include/server/avertmulti.php +++ b/onyx2/include/server/avertmulti.php @@ -9,7 +9,7 @@ $bdd->reconnexion(); $multi = $bdd->query("SELECT U.pseudo, R.id_util FROM $table_registre_identification R INNER JOIN $table_user U ON U.id = R.id_util WHERE R.ip = '".$_SERVER["REMOTE_ADDR"]."' GROUP BY R.ip, R.id_util"); $bdd->deconnexion(); -$cnt = count($multi); +$cnt = @count($multi); $joueurs = ''; for($i = 0; $i < $cnt; $i++){ if ($multi[$i]['id_util'] == $id_user) continue; @@ -21,9 +21,9 @@ for($i = 0; $i < $cnt; $i++){ //Si pas de multi-compte, on redirige vers la page d'accueil if ($cnt) - redirection('./'.$config['first_page']); + redirection('./'.$VAR['first_page']); -$template->assign('contenu', '