Changeset 302 for quests/includes


Ignore:
Timestamp:
Feb 19, 2008, 6:09:15 PM (17 years ago)
Author:
maron
Message:

oprava ochrany, proti hacku

Location:
quests/includes
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • quests/includes/global.php

    r297 r302  
    4949       $_SESSION['UserID'] = '';
    5050       $_SESSION['User'] = '';
     51       $_SESSION['Pass'] = '';
    5152    } else {
    5253      $_SESSION['UserID'] = $Line['ID'];
  • quests/includes/global_function.php

    r295 r302  
    1717      $Pass = $_SESSION['Pass'];
    1818   
    19     $Line = mysql_fetch_array($Database->SQLCommand("SELECT * FROM user WHERE ID = ".$_SESSION['UserID']));
    20     if (!$Line) {
    21        return false;
    22     } else {
    23       if ($Licence <= $Line['gm']) {
     19      $Line = mysql_fetch_array($Database->SQLCommand("SELECT * FROM user WHERE ID = ".$_SESSION['UserID']."
     20      AND GM >= $Licence AND pass = '$Pass'"));
     21    //  echo "SELECT * FROM user WHERE ID = ".$_SESSION['UserID']." AND GM <= $Licence AND pass = '$Pass'";
     22      if (!$Line) {
     23         return false;
     24      } else {
     25         return true;
     26    /*
     27     if ($Licence <= $Line['gm']) {
    2428          return true;
    2529      } else return false;
     
    3135
    3236        return True;
    33       } else { return False;
     37      } else { return False; 
    3438      //  die('Nemáte zde pøístup, pøihla¹te se: <a href="'.$Config['Web']['BaseURL'].'">zde</a>');
     39      }   */
    3540      }
    36     }
    3741    } else { return False;
    3842      //  die('Nemáte zde pøístup, pøihla¹te se: <a href="'.$Config['Web']['BaseURL'].'">zde</a>');
Note: See TracChangeset for help on using the changeset viewer.