Changeset 1801
- Timestamp:
- 09/07/10 19:27:32 (17 months ago)
- Location:
- trunk/site/admin
- Files:
-
- 7 modified
-
adminwizard.php (modified) (5 diffs)
-
importrace.php (modified) (3 diffs)
-
players_pending_for_too_much_time.fixreport.php (modified) (1 diff)
-
strange_engaged_in_unknown.php (modified) (1 diff)
-
strange_results_for_unknown_races.php (modified) (1 diff)
-
strange_unknown_flag.php (modified) (1 diff)
-
uploadflag.php (modified) (1 diff)
Legend:
- Unmodified
- Added
- Removed
-
trunk/site/admin/adminwizard.php
r1702 r1801 131 131 case "unlock_boat": 132 132 $query = "UPDATE users " ; 133 if ( quote_smart($_REQUEST['lock']) ) {133 if ( get_cgi_var('lock') ) { 134 134 $querysgo = "SELECT coastpenalty FROM races WHERE idraces = ".$race; 135 135 $resgo = wrapper_mysql_db_query_writer($querysgo) or die("Query [$query] failed \n"); 136 136 $row = mysql_fetch_assoc($resgo); 137 137 $coastpenalty = $row['coastpenalty']; 138 if ( intval( quote_smart($_REQUEST['coastpenalty'])) != $coastpenalty ) {139 $coastpenalty = intval( quote_smart($_REQUEST['coastpenalty']));138 if ( intval(get_cgi_var('coastpenalty')) != $coastpenalty ) { 139 $coastpenalty = intval(get_cgi_var('coastpenalty')); 140 140 } 141 141 $reltime = time() + $coastpenalty; … … 152 152 break; 153 153 case "maj_nextwp": 154 $nwp =quote_smart($_REQUEST['nwp']);154 $nwp = get_cgi_var('nwp'); 155 155 $query = "update users set nextwaypoint= " . $nwp . 156 156 " where idusers = " . $boat . … … 163 163 break; 164 164 case "maj_position": 165 $longitude =quote_smart($_REQUEST['targetlong']);166 $latitude =quote_smart($_REQUEST['targetlat']);165 $longitude = get_cgi_var('targetlong'); 166 $latitude = get_cgi_var('targetlat'); 167 167 $query = "insert into positions (time, `long`, `lat`, idusers, race) " . 168 168 "values (" . … … 178 178 break; 179 179 case "reset_pass": 180 $newpass =quote_smart($_REQUEST['newpass']);180 $newpass = get_cgi_var('newpass'); 181 181 $query = "update users set password= '" . $newpass . "'" . 182 182 " where idusers = " . $boat . … … 187 187 break; 188 188 case "reset_username": 189 $newusern =quote_smart($_REQUEST['newusern']);189 $newusern = get_cgi_var('newusern'); 190 190 $query = "update users set username= '" . addslashes($newusern) . "'" . 191 191 " where idusers = " . $boat . -
trunk/site/admin/importrace.php
r1754 r1801 180 180 // Main code 181 181 182 if ( $_REQUEST["action"]!= "import") {182 if (get_cgi_var("action") != "import") { 183 183 //Display the import form, import not started 184 184 ?> … … 196 196 197 197 //check from input 198 $idracefrom = intval( $_REQUEST['idracefrom']) ;199 $idraceto = intval( $_REQUEST['idraceto']) ;200 $importserver = htmlentities( quote_smart($_REQUEST['importserver']));198 $idracefrom = intval(get_cgi_var('idracefrom')) ; 199 $idraceto = intval(get_cgi_var('idraceto')) ; 200 $importserver = htmlentities(get_cgi_var('importserver')); 201 201 202 202 //Default is to print sql … … 209 209 //FIXME: we should 'ping' the import server and check availability 210 210 211 if ( $_REQUEST['confirm']!= 'yes') {211 if (get_cgi_var('confirm') != 'yes') { 212 212 //import first pass, checking in dryrun mode 213 213 echo "<h3>Testing import of race #<b>$idracefrom</b> from server <b>$importserver</b> to race id #<b>$idraceto</b></h3>"; -
trunk/site/admin/players_pending_for_too_much_time.fixreport.php
r1638 r1801 4 4 include ("htmlstart.php"); 5 5 include_once ("functions.php"); 6 7 6 8 if ( $_REQUEST["action"] == "go" and $_REQUEST['confirm']== "on" ) {7 if (get_cgi_var("action") == "go" and get_cgi_var('confirm') == "on" ) { 9 8 wrapper_mysql_db_query_writer("DELETE FROM players_pending WHERE updated < DATE_SUB(NOW(), INTERVAL $pending_limit DAY)"); 10 9 insertAdminChangelog(Array("operation" => "Deleting too old pending players")); -
trunk/site/admin/strange_engaged_in_unknown.php
r1247 r1801 4 4 include_once ("functions.php"); 5 5 6 if ( $_REQUEST["action"] == "go" and $_REQUEST['confirm']== "on" ) {6 if (get_cgi_var("action") == "go" and get_cgi_var('confirm') == "on" ) { 7 7 wrapper_mysql_db_query_writer("UPDATE users SET engaged=0 WHERE engaged != 0 AND engaged NOT IN (SELECT DISTINCT idraces FROM races)"); 8 8 insertAdminChangelog(Array("operation" => "Update users engaged in unknown race")); -
trunk/site/admin/strange_results_for_unknown_races.php
r1508 r1801 4 4 include_once ("functions.php"); 5 5 6 if ( $_REQUEST["action"] == "go" and $_REQUEST['confirm']== "on" ) {6 if (get_cgi_var("action") == "go" and get_cgi_var('confirm') == "on" ) { 7 7 wrapper_mysql_db_query_writer("DELETE FROM races_results WHERE races_results.idraces NOT IN (SELECT DISTINCT idraces FROM races)"); 8 8 insertAdminChangelog(Array("operation" => "Delete results for unknown races")); -
trunk/site/admin/strange_unknown_flag.php
r1509 r1801 4 4 include_once ("functions.php"); 5 5 6 if ( $_REQUEST["action"] == "go" and $_REQUEST['confirm']== "on" ) {6 if (get_cgi_var("action") == "go" and get_cgi_var('confirm') == "on" ) { 7 7 wrapper_mysql_db_query_writer("UPDATE users SET country='000' WHERE country NOT IN (SELECT DISTINCT idflags FROM flags)"); 8 8 insertAdminChangelog(Array("operation" => "Update users with unknown flag")); -
trunk/site/admin/uploadflag.php
r1214 r1801 4 4 include_once ("functions.php"); 5 5 6 $idflags = "". $_REQUEST['idflags'];6 $idflags = "".get_cgi_var('idflags', ''); 7 7 8 if ( $_REQUEST["action"]== "upload") {8 if (get_cgi_var("action") == "upload") { 9 9 if (function_exists("exif_imagetype") and exif_imagetype($_FILES['fic']['tmp_name']) != IMAGETYPE_PNG) { 10 10 die("<h1>ERROR : Not a PNG file...</h1>");
