tfs 0.3.4 Ajuda site bug name

FelipeXT · Maio 24, 2016

Fala ae

Xtibianos

ola gostaria de uma ajuda para resolver um bug no meu site, que permite que o jogador crie um char com espaço na frente do nome, impedindo exiva,goto etc!

Codifo Abaixo.

Spoiler

<?

session_start();

include("config.php");

$errors = 0;

$acc = "";
$pass = "";
$acc = $_SESSION['account'];
$pass = $_SESSION['password'];

if ($acc != "" && $acc != null && $pass != "" && $pass != null) {

$namein = "";
$vocin = "";
$sexin = "";

$namein = $_POST['name'];
$vocin = $_POST['voc'];
$sexin = $_POST['sex'];

if ($namein != "" && $vocin != "" && $sexin != "" && !file_exists($dirplayer . $namein . ".xml")) {

$temp = strspn("$namein", "qwertyuiopasdfghjklzxcvbnmQWERTYUIOPASDFGHJKLZXCVBNM -");

if ($temp != strlen($namein)) {
   header("Location: create_character.php?result=char_failed&error=malformed_name");
   $errors++;
}
if (strlen($namein) < 2 || strlen($namein) > 20) {
   header("Location: create_character.php?result=char_failed&error=wrong_length");
   $errors++;
}

if (!preg_match("/^[a-zA-Z][a-zA-Z ]*$/", $namein)) {
   include ('top.inc.php');
   echo ('Name contains illegal characters!');
   include ('footer.inc.php');
   die;
}
if (preg_match("/^gm/i", $namein)) {
   include ('top.inc.php');
   echo ('You are not allowed to have a Gamemaster.');
   include ('footer.inc.php');
   die;
}
if (preg_match("/^gamemaster/i", $namein)) {
   include ('top.inc.php');
   echo ('You are not allowed to have a Gamemaster.');
   include ('footer.inc.php');
   die;
}
if (preg_match("/^god/i", $namein)) {
   include ('top.inc.php');
   echo ('You are not allowed to have a God.');
   include ('footer.inc.php');
   die;
}
if (preg_match("/^guild house/i", $namein)) {
   include ('top.inc.php');
   echo ('You are not allowed to have a God.');
   include ('footer.inc.php');
   die;
}
if (preg_match("/^kyraman/i", $namein)) {
   include ('top.inc.php');
   echo ('You are not allowed to have a God.');
   include ('footer.inc.php');
   die;
}

if ($errors == 0) {

   if (!file_exists($dirplayer."players.xml")){
       $file_handle = fopen($dirplayer."players.xml", "w");
       fwrite ($file_handle, "<players>\r\n");

$uid = 0;

       $dir_handle = opendir($dirplayer);
       while ( $file = readdir($dir_handle) ){
           if (eregi('\.xml$',$file) ){
               $uid++;
               $pieces = explode (".",$file);
               fwrite ($file_handle, '<player guid="'.$uid.'" name="'.htmlspecialchars($pieces[0]).'"/>'."\r\n");
           }
       }
   }

   $lines = file_get_contents($dirplayer."players.xml");
   $guid = 1;

   while (!(strpos($lines,'"'.$guid.'"') === false)){
       $guid = mt_rand(1,10000000); //probably the fastest way
   }

   $lines = str_ireplace('<players/>','<players></players>',$lines);
   $lines = str_ireplace("</players>","<player guid=\"$guid\" name=\"$namein\"/>\r\n</players>",$lines);
   file_put_contents($dirplayer."players.xml",$lines);

$file = $diraccount . $acc . ".xml";

if (file_exists($file)) {
$replace = file_get_contents($file);
$replace = str_replace("><", ">
<", $replace);
$accreplace = fopen($file, "w");
fwrite($accreplace, $replace);
fclose($accreplace);
    $contents = file("$file");
    $shallbreak = false;
    $row;
    for($i = 0; $contents[$i];$i++) {
        $endchar = strstr($contents[$i], "</characters>");
        if($endchar) {
            $row = $i;
        }
    }

    if(isset($row) && $row != "" && $row != null) {
    $f = fopen("$file","w");
    for($i = 0; ($contents[$i] || $contents[$i-1]);$i++) {
        if ($i<$row)
           fwrite($f, "$contents[$i]");
        if ($i==$row)
           fwrite($f, "<character name=\"$namein\" />
");
        if ($i>$row)
           fwrite($f, $contents[$i-1]);

   }
   fclose($f);
   include("makeplayerxml/" . $vocin . ".php");
   $playerfile = $dirplayer . $namein . ".xml";
   $f2 = fopen("$playerfile","w");
   fwrite($f2, $output);

   } else {
       header("Location: account.php");
       $errors++;
   }

} else {
header("Location: account");
$errors++;
}
}

}
} else {
header("Location: account.page=char?result=char_failed&error=exists");
$errors++;
}
if($errors == 0) {
header("Location: account.new-char.php");
}
?>

Entrar

tfs 0.3.4 Ajuda site bug name

Pergunta

FelipeXT 19

Link para o comentário

Compartilhar em outros sites

0 respostass a esta questão

Posts Recomendados

Quem Está Navegando 0 membros estão online

Conteúdo Similar

tfs 0.3.4 SYSTEM DE RESETE POR STAGES

tfs 0.3.4 Erro Mega Evoluçao

tfs 0.3.4 Sobre Shiny Stone !!

tfs 0.3.4 [Pedido]Identificação de direção

tfs 0.3.4 [Pedido de npc]

Fóruns

Tutoriais

Suporte