// // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU Affero General Public License for more details. // // You should have received a copy of the GNU Affero General Public License // along with this program. If not, see <http://www.gnu.org/licenses/>. // // File: bounty.php require_once './common.php'; Tki\Login::checkLogin($pdo_db, $lang, $tkireg, $template); // Database driven language entries $langvars = Tki\Translate::load($pdo_db, $lang, array('bounty', 'port', 'common', 'global_includes', 'global_funcs', 'combat', 'footer', 'news')); $title = $langvars['l_by_title']; Tki\Header::display($pdo_db, $lang, $template, $title); // Detect if this variable exists, and filter it. Returns false if anything wasn't right $response = null; $response = filter_input(INPUT_POST, 'response', FILTER_SANITIZE_STRING); if (mb_strlen(trim($response)) === 0) { $response = false; } if (array_key_exists('response', $_GET)) { $response = filter_input(INPUT_GET, 'response', FILTER_SANITIZE_STRING); } // Detect if this variable exists, and filter it. Returns false if anything wasn't right $bounty_on = null; $bounty_on = (int) filter_input(INPUT_POST, 'bounty_on', FILTER_SANITIZE_NUMBER_INT); if (mb_strlen(trim($bounty_on)) === 0) { $bounty_on = false; }
// This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU Affero General Public License for more details. // // You should have received a copy of the GNU Affero General Public License // along with this program. If not, see <http://www.gnu.org/licenses/>. // // File: port.php require_once './common.php'; Tki\Login::checkLogin($pdo_db, $lang, $tkireg, $template); // Database driven language entries $langvars = Tki\Translate::load($pdo_db, $lang, array('port', 'report', 'device', 'common', 'global_includes', 'global_funcs', 'combat', 'footer', 'news', 'bounty', 'regional')); $title = $langvars['l_title_port']; $body_class = 'port'; Tki\Header::display($pdo_db, $lang, $template, $title, $body_class); echo "<body class=" . $body_class . "><br>"; // Get playerinfo from database $sql = "SELECT * FROM ::prefix::ships WHERE email=:email LIMIT 1"; $stmt = $pdo_db->prepare($sql); $stmt->bindParam(':email', $_SESSION['username']); $stmt->execute(); $playerinfo = $stmt->fetch(PDO::FETCH_ASSOC); // Fix negative quantities. How do the quantities acutally get negative? if ($playerinfo['ship_ore'] < 0) { $fixres = $db->Execute("UPDATE {$db->prefix}ships SET ship_ore = 0 WHERE email = ?;", array($_SESSION['username'])); Tki\Db::LogDbErrors($pdo_db, $fixres, __LINE__, __FILE__); $playerinfo['ship_ore'] = 0; } if ($playerinfo['ship_organics'] < 0) { $fixres = $db->Execute("UPDATE {$db->prefix}ships SET ship_organics = 0 WHERE email = ?;", array($_SESSION['username']));
if ($langvars[$option_title] !== null) { // The language translated title for option $filename[$i]['option_title'] = $langvars[$option_title]; } else { // The placeholder text for a not translated module $filename[$i]['option_title'] = $langvars['l_admin_new_module'] . $filename[$i]['file']; } if ($menu !== null) { if ($menu == $filename[$i]['file']) { $button_main = true; $module_name = mb_substr($filename[$i]['file'], 0, -4); include_once './admin/' . $filename[$i]['file']; } } } } } $variables['body_class'] = 'admin'; $variables['lang'] = $lang; $variables['swordfish'] = $swordfish; $variables['linkback'] = array('fulltext' => $langvars['l_global_mmenu'], 'link' => 'main.php'); $variables['menu'] = $menu; $variables['filename'] = $filename; $variables['menu_location'] = $menu_location; $variables['button_main'] = $button_main; $langvars = Tki\Translate::load($pdo_db, $lang, array('admin', 'common', 'global_includes', 'global_funcs', 'combat', 'footer', 'news', 'report', 'main', 'zoneedit', 'planet')); Tki\Header::display($pdo_db, $lang, $template, $variables['title'], $variables['body_class']); $template->addVariables('langvars', $langvars); $template->addVariables('variables', $variables); $template->display('admin.tpl'); Tki\Footer::display($pdo_db, $lang, $tkireg, $template);
// but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU Affero General Public License for more details. // // You should have received a copy of the GNU Affero General Public License // along with this program. If not, see <http://www.gnu.org/licenses/>. // // File: mailto.php require_once './common.php'; Tki\Login::checkLogin($pdo_db, $lang, $tkireg, $template); $body_class = 'tki'; $include_ckeditor = true; // Database driven language entries $langvars = Tki\Translate::load($pdo_db, $lang, array('mailto', 'common', 'global_includes', 'global_funcs', 'footer', 'planet_report')); $title = $langvars['l_sendm_title']; Tki\Header::display($pdo_db, $lang, $template, $title, $body_class, $include_ckeditor); // Filter to the FILTER_SANITIZE_STRING ruleset, because we need to allow spaces for names & subject (FILTER_SANITIZE_URL doesn't allow spaces) // $name, $to, and $subject are all sent both via post and get, so we have to do a filter input for each // filter_input doesn't support INPUT_REQUEST, and also doesn't support the format INPUT_POST | INPUT_GET - I tried. $name = null; if (array_key_exists('name', $_POST)) { $name = filter_input(INPUT_POST, 'name', FILTER_SANITIZE_STRING); } elseif (array_key_exists('name', $_GET)) { $name = filter_input(INPUT_GET, 'name', FILTER_SANITIZE_STRING); } $to = null; if (array_key_exists('to', $_POST)) { $to = filter_input(INPUT_POST, 'to', FILTER_SANITIZE_STRING); } elseif (array_key_exists('to', $_GET)) { $to = filter_input(INPUT_GET, 'to', FILTER_SANITIZE_STRING); }