Context Navigation

Changeset 302

Timestamp:

Feb 19, 2008, 6:09:15 PM (17 years ago)

Author:

maron

Message:

oprava ochrany, proti hacku

Location:

quests

Files:

-              r295
+              r302
       $Pass = $_SESSION['Pass'];
+    $Line = mysql_fetch_array($Database->SQLCommand("SELECT * FROM user WHERE ID = ".$_SESSION['UserID']));
+    if (!$Line) {
+       return false;
+    } else {
+      if ($Licence <= $Line['gm']) {
+      $Line = mysql_fetch_array($Database->SQLCommand("SELECT * FROM user WHERE ID = ".$_SESSION['UserID']."
+      AND GM >= $Licence AND pass = '$Pass'"));
+    //  echo "SELECT * FROM user WHERE ID = ".$_SESSION['UserID']." AND GM <= $Licence AND pass = '$Pass'";
+      if (!$Line) {
+         return false;
+      } else {
+         return true;
+    /*
+     if ($Licence <= $Line['gm']) {
           return true;
       } else return false;
 …
         return True;
       } else { return False;
+      } else { return False;
       //  die('Nemáte zde pøístup, pøihla¹te se: <a href="'.$Config['Web']['BaseURL'].'">zde</a>');
+      }   */
+      }
+    }
     } else { return False;
       //  die('Nemáte zde pøístup, pøihla¹te se: <a href="'.$Config['Web']['BaseURL'].'">zde</a>');

-              r263
+              r302
   foreach($_POST as $Index => $Item) $_POST[$Index] = addslashes($Item);
   foreach($_GET as $Index => $Item) $_GET[$Index] = addslashes($Item);
+  //ochrana proti neoprávnìnému pøístupu
+  if (Licence(0) == false) { die('Nemáte pøístup do této sekce! Pøihlaste se...'); }
   if (array_key_exists('entry', $_POST)) {

Note: See TracChangeset for help on using the changeset viewer.