forked from halo-battle/game
Version 1.14a
This commit is contained in:
parent
ba8f323879
commit
dc48225dc9
1094 changed files with 189052 additions and 13889 deletions
|
|
@ -1,4 +1,5 @@
|
|||
<?php
|
||||
if(!defined('ONYX')) exit;
|
||||
|
||||
if (empty($sess->values["connected"]) && !defined("xCSRF"))
|
||||
define("xCSRF", true);
|
||||
|
|
@ -18,39 +19,41 @@ $SESS = new Session();
|
|||
//Extraction des données en cache pour le header, sinon création du cache
|
||||
$header = Cache::read("headerNB");
|
||||
if (empty($header))
|
||||
{
|
||||
$bdd = new BDD();
|
||||
{
|
||||
$bdd = new BDD();
|
||||
|
||||
$nbcovie = $bdd->unique_query("SELECT COUNT(id) AS covenants FROM $table_user WHERE race = 'covenant';");
|
||||
$nbhumain = $bdd->unique_query("SELECT COUNT(id) AS humains FROM $table_user WHERE race = 'humain';");
|
||||
$enligne = $bdd->unique_query("SELECT COUNT(session) AS enligne FROM sessions WHERE active = true AND var != '0';");
|
||||
$infos = $bdd->query("SELECT * FROM $table_infoshead ORDER BY id DESC;");
|
||||
$msgdem = $bdd->unique_query("SELECT titre FROM $table_messages_demarrage ORDER BY id DESC LIMIT 1;");
|
||||
$nbcovie = $bdd->unique_query("SELECT COUNT(id) AS covenants FROM $table_user WHERE race = 'covenant';");
|
||||
$nbhumain = $bdd->unique_query("SELECT COUNT(id) AS humains FROM $table_user WHERE race = 'humain';");
|
||||
$enligne = $bdd->unique_query("SELECT COUNT(session) AS enligne FROM sessions WHERE active = true AND var != '0';");
|
||||
$infos = $bdd->query("SELECT * FROM $table_infoshead ORDER BY id DESC;");
|
||||
$msgdem = $bdd->unique_query("SELECT titre FROM $table_messages_demarrage ORDER BY id DESC LIMIT 1;");
|
||||
|
||||
$bdd->deconnexion();
|
||||
$bdd->deconnexion();
|
||||
|
||||
Cache::set("headerNB", array("count" => array($nbcovie["covenants"], $nbhumain["humains"], "cette", $enligne["enligne"]), "infos" => $infos, "messagedemarrage" => $msgdem["titre"]));
|
||||
unset($nbcovie, $nbhumain, $enligne, $infos, $msgdem, $bdd);
|
||||
Cache::set("headerNB", array("count" => array($nbcovie["covenants"], $nbhumain["humains"], "cette", $enligne["enligne"]), "infos" => $infos, "messagedemarrage" => $msgdem["titre"]));
|
||||
unset($nbcovie, $nbhumain, $enligne, $infos, $msgdem, $bdd);
|
||||
|
||||
$header = Cache::read("headerNB");
|
||||
}
|
||||
$header = Cache::read("headerNB");
|
||||
}
|
||||
$template->assign("header", $header);
|
||||
$template->assign("version", $VAR["version"]);
|
||||
$template->assign("serveur_name", $VAR["serveur_name"]);
|
||||
$template->assign("first_page", $VAR["first_page"]);
|
||||
$template->assign("LANG", $LANG);
|
||||
|
||||
define("VITESSE", $VAR["vitesse"]);
|
||||
define("debut_d_univers", true); //Constante pour savoir si l'on offre ou pas un vaisseau de colonisation et s'il est possible de se désangager d'une signature
|
||||
define("nb_signatures", 4);
|
||||
|
||||
//Si l'on est pas connecté, on garde le header pour comparer lors de la connexion
|
||||
if (!empty($sess->values["connected"]))
|
||||
unset($header);
|
||||
|
||||
//Evite les attaques CSRF
|
||||
//TODO remplacer les ereg par des preg !
|
||||
if (!empty($_SERVER["HTTP_REFERER"]) && !ereg(time()."http://".$_SERVER['HTTP_HOST'], time().$_SERVER["HTTP_REFERER"]) && !defined("xCSRF"))
|
||||
{
|
||||
elog("Possibilité d'attaque CSRF\n".var_export($_REQUEST, TRUE), 2);
|
||||
unset($_POST, $_GET);
|
||||
$_GET = $_POST = array();
|
||||
}
|
||||
if (!empty($_SERVER["HTTP_REFERER"]) && !(preg_match('#^http://'.$_SERVER['HTTP_HOST'].'#', $_SERVER["HTTP_REFERER"]) && defined("xCSRF")))
|
||||
{
|
||||
elog("Possibilité d'attaque CSRF\n".var_export($_REQUEST, TRUE), 2);
|
||||
unset($_POST, $_GET);
|
||||
$_GET = $_POST = array();
|
||||
}
|
||||
?>
|
||||
Loading…
Add table
Add a link
Reference in a new issue