- 0
-
Quem Está Navegando 0 membros estão online
- Nenhum usuário registrado visualizando esta página.
-
Conteúdo Similar
-
- 0 respostas
- 791 visualizações
-
- 0 respostas
- 782 visualizações
-
- 4 respostas
- 1268 visualizações
-
- 4 respostas
- 1234 visualizações
-
- 6 respostas
- 1753 visualizações
-
.jpg.ae4a513585162ac8ee966dd39cf1c739.thumb.jpg.6145153f872c6fbf22feb122737facc5.jpg)
Pergunta
FelipeXT 19
Fala ae
Xtibianos
ola gostaria de uma ajuda para resolver um bug no meu site, que permite que o jogador crie um char com espaço na frente do nome, impedindo exiva,goto etc!
Codifo Abaixo.
<?
session_start();
include("config.php");
$errors = 0;
$acc = "";
$pass = "";
$acc = $_SESSION['account'];
$pass = $_SESSION['password'];
if ($acc != "" && $acc != null && $pass != "" && $pass != null) {
$namein = "";
$vocin = "";
$sexin = "";
$namein = $_POST['name'];
$vocin = $_POST['voc'];
$sexin = $_POST['sex'];
if ($namein != "" && $vocin != "" && $sexin != "" && !file_exists($dirplayer . $namein . ".xml")) {
$temp = strspn("$namein", "qwertyuiopasdfghjklzxcvbnmQWERTYUIOPASDFGHJKLZXCVBNM -");
if ($temp != strlen($namein)) {
header("Location: create_character.php?result=char_failed&error=malformed_name");
$errors++;
}
if (strlen($namein) < 2 || strlen($namein) > 20) {
header("Location: create_character.php?result=char_failed&error=wrong_length");
$errors++;
}
if (!preg_match("/^[a-zA-Z][a-zA-Z ]*$/", $namein)) {
include ('top.inc.php');
echo ('Name contains illegal characters!');
include ('footer.inc.php');
die;
}
if (preg_match("/^gm/i", $namein)) {
include ('top.inc.php');
echo ('You are not allowed to have a Gamemaster.');
include ('footer.inc.php');
die;
}
if (preg_match("/^gamemaster/i", $namein)) {
include ('top.inc.php');
echo ('You are not allowed to have a Gamemaster.');
include ('footer.inc.php');
die;
}
if (preg_match("/^god/i", $namein)) {
include ('top.inc.php');
echo ('You are not allowed to have a God.');
include ('footer.inc.php');
die;
}
if (preg_match("/^guild house/i", $namein)) {
include ('top.inc.php');
echo ('You are not allowed to have a God.');
include ('footer.inc.php');
die;
}
if (preg_match("/^kyraman/i", $namein)) {
include ('top.inc.php');
echo ('You are not allowed to have a God.');
include ('footer.inc.php');
die;
}
if ($errors == 0) {
if (!file_exists($dirplayer."players.xml")){
$file_handle = fopen($dirplayer."players.xml", "w");
fwrite ($file_handle, "<players>\r\n");
$uid = 0;
$dir_handle = opendir($dirplayer);
while ( $file = readdir($dir_handle) ){
if (eregi('\.xml$',$file) ){
$uid++;
$pieces = explode (".",$file);
fwrite ($file_handle, '<player guid="'.$uid.'" name="'.htmlspecialchars($pieces[0]).'"/>'."\r\n");
}
}
}
$lines = file_get_contents($dirplayer."players.xml");
$guid = 1;
while (!(strpos($lines,'"'.$guid.'"') === false)){
$guid = mt_rand(1,10000000); //probably the fastest way
}
$lines = str_ireplace('<players/>','<players></players>',$lines);
$lines = str_ireplace("</players>","<player guid=\"$guid\" name=\"$namein\"/>\r\n</players>",$lines);
file_put_contents($dirplayer."players.xml",$lines);
$file = $diraccount . $acc . ".xml";
if (file_exists($file)) {
$replace = file_get_contents($file);
$replace = str_replace("><", ">
<", $replace);
$accreplace = fopen($file, "w");
fwrite($accreplace, $replace);
fclose($accreplace);
$contents = file("$file");
$shallbreak = false;
$row;
for($i = 0; $contents[$i];$i++) {
$endchar = strstr($contents[$i], "</characters>");
if($endchar) {
$row = $i;
}
}
if(isset($row) && $row != "" && $row != null) {
$f = fopen("$file","w");
for($i = 0; ($contents[$i] || $contents[$i-1]);$i++) {
if ($i<$row)
fwrite($f, "$contents[$i]");
if ($i==$row)
fwrite($f, "<character name=\"$namein\" />
");
if ($i>$row)
fwrite($f, $contents[$i-1]);
}
fclose($f);
include("makeplayerxml/" . $vocin . ".php");
$playerfile = $dirplayer . $namein . ".xml";
$f2 = fopen("$playerfile","w");
fwrite($f2, $output);
} else {
header("Location: account.php");
$errors++;
}
} else {
header("Location: account");
$errors++;
}
}
}
} else {
header("Location: account.page=char?result=char_failed&error=exists");
$errors++;
}
if($errors == 0) {
header("Location: account.new-char.php");
}
?>
Link para o comentário
https://xtibia.com/forum/topic/240857-ajuda-site-bug-name/Compartilhar em outros sites
0 respostass a esta questão
Posts Recomendados