if (!isset($_POST['txtDefensiv'])) { $_POST['txtDefensiv'] = 0; } if (!isset($_POST['txtExen_m'])) { $_POST['txtExen_m'] = 0; } if (!isset($_POST['txtExen_k'])) { $_POST['txtExen_k'] = 0; } $_POST['txtSVs'] = TextZuZahl($_POST['txtSVs']); $_POST['txtSBs'] = TextZuZahl($_POST['txtSBs']); $_POST['txtPunkte'] = TextZuZahl($_POST['txtPunkte']); $_POST['txtSchiffe'] = TextZuZahl($_POST['txtSchiffe']); $_POST['txtDefensiv'] = TextZuZahl($_POST['txtDefensiv']); $_POST['txtExen_m'] = TextZuZahl($_POST['txtExen_m']); $_POST['txtExen_k'] = TextZuZahl($_POST['txtExen_k']); if ($_POST['lstScanTyp'] != '') { $SQL_Result = tic_mysql_query('UPDATE `gn4accounts` SET svs="' . $_POST['txtSVs'] . '", sbs="' . $_POST['txtSBs'] . '", scantyp="' . $_POST['lstScanTyp'] . '" WHERE id="' . $Benutzer['id'] . '";', $SQL_DBConn) or die(mysql_errno() . " - " . mysql_error()); $SQL_Result = tic_mysql_query('delete FROM `gn4scans` where rg="' . $Benutzer['galaxie'] . '" and rp="' . $Benutzer['planet'] . '" and type="0";', $SQL_DBConn); $SQL_Result = tic_mysql_query('INSERT INTO `gn4scans` (type, zeit, g, p, rg, rp, gen, pts, s, d, me, ke) VALUES ("0", "' . date("H") . ':' . date("i") . ' ' . date("d") . '.' . date("m") . '.' . date("Y") . '", "' . $Benutzer['galaxie'] . '", "' . $Benutzer['planet'] . '", "' . $Benutzer['galaxie'] . '", "' . $Benutzer['planet'] . '", "100", "' . $_POST['txtPunkte'] . '", "' . $_POST['txtSchiffe'] . '", "' . $_POST['txtDefensiv'] . '", "' . $_POST['txtExen_m'] . '", "' . $_POST['txtExen_k'] . '")'); if ($error_code == 0) { $Benutzer['scantyp'] = $_POST['lstScanTyp']; $Benutzer['svs'] = $_POST['txtSVs']; $Benutzer['sbs'] = $_POST['txtSBs']; $Benutzer['punkte'] = $_POST['txtPunkte']; $Benutzer['schiffe'] = $_POST['txtSchiffe']; $Benutzer['defensiv'] = $_POST['txtDefensiv']; $Benutzer['exen_m'] = $_POST['txtExen_m']; $Benutzer['exen_k'] = $_POST['txtExen_k']; } } else {
<?php include './accdata.php'; // Verbindung zur Datenbank aufbauen $SQL_DBConn = @mysql_connect($db_info['host'], $db_info['user'], $db_info['password']) or $error_code = 1; @mysql_select_db($db_info['dbname'], $SQL_DBConn) or $error_code = 2; include './functions.php'; for (reset($HTTP_GET_VARS); $k = key($HTTP_GET_VARS); next($HTTP_GET_VARS)) { ${$k} = TextZuZahl(${$k}); } for (reset($HTTP_POST_VARS); $k = key($HTTP_POST_VARS); next($HTTP_POST_VARS)) { ${$k} = TextZuZahl(${$k}); } $action = $_GET['action']; $g = $_GET['g']; $p = $_GET['p']; $pw = $_GET['pw']; $rg = $_GET['rg']; $rp = $_GET['rp']; $rn = $_GET['rn']; $gen = $_GET['gen']; $pts = $_GET['pts']; $s = $_GET['s']; $d = $_GET['d']; $me = $_GET['me']; $ke = $_GET['ke']; $a = $_GET['a']; $sfj = $_GET['sfj']; $sfb = $_GET['sfb']; $sff = $_GET['sff']; $sfz = $_GET['sfz'];