echo __("Game error!"); exit; } $newName = mysql_real_escape_string($_POST['name']); if (!valid_name($newName, false)) { echo __("Invalid name!"); exit; } if (!($usr = initUser())) { echo __("You cannot access this page!"); } if ($usr->numTown > MAXTOWN) { echo __("You have too many towns!"); exit; } $newTownID = addTown($newName); mysql_query("UPDATE user SET `townID` = CONCAT(`townID`, ',{$newTownID}') WHERE `id`= '{$usr->id}';"); echo "ok"; break; case 'deleteTown': if (!isset($_POST['town'])) { echo __("Game error!"); exit; } if (!($usr = initUser())) { echo __("You cannot access this page!"); } $id = intval($_POST['town']); if (!$usr->hasTown($id)) { echo __("You don't own that town!"); exit;
$timeStart = microtime(true); session_start(); if (empty($_SESSION)) { exit(header("Location: ../../index.php")); } require_once $_SESSION['File_Root'] . '/Kernel/Include.php'; require_once $_SESSION['File_Root'] . '/HTML/Header.php'; require_once 'Functions/SQL.php'; redirectToLogin($accountID, $linkRoot); redirectToBattle($verifyBattle, $linkRoot); hasAdmin($accountAccess); $townPicture = htmlspecialchars(addslashes($_POST['townPicture'])); $townName = htmlspecialchars(addslashes($_POST['townName'])); $townDescription = htmlspecialchars(addslashes($_POST['townDescription'])); $townPriceInn = htmlspecialchars(addslashes($_POST['townPriceInn'])); $townChapter = htmlspecialchars(addslashes($_POST['townChapter'])); addTown($bdd, $townPicture, $townName, $townDescription, $townPriceInn, $townChapter); ?> <?php echo $atown15; ?> <br> <form method="POST" action="index.php"> <input class="btn btn-success" type="submit" value="Ok"> </form> <br/> <?php require_once $_SESSION['File_Root'] . '/HTML/Footer.php';