Changeset 1801 for trunk/site/admin/adminwizard.php
- Timestamp:
- 09/07/10 19:27:32 (21 months ago)
- Files:
-
- 1 modified
-
trunk/site/admin/adminwizard.php (modified) (5 diffs)
Legend:
- Unmodified
- Added
- Removed
-
trunk/site/admin/adminwizard.php
r1702 r1801 131 131 case "unlock_boat": 132 132 $query = "UPDATE users " ; 133 if ( quote_smart($_REQUEST['lock']) ) {133 if ( get_cgi_var('lock') ) { 134 134 $querysgo = "SELECT coastpenalty FROM races WHERE idraces = ".$race; 135 135 $resgo = wrapper_mysql_db_query_writer($querysgo) or die("Query [$query] failed \n"); 136 136 $row = mysql_fetch_assoc($resgo); 137 137 $coastpenalty = $row['coastpenalty']; 138 if ( intval( quote_smart($_REQUEST['coastpenalty'])) != $coastpenalty ) {139 $coastpenalty = intval( quote_smart($_REQUEST['coastpenalty']));138 if ( intval(get_cgi_var('coastpenalty')) != $coastpenalty ) { 139 $coastpenalty = intval(get_cgi_var('coastpenalty')); 140 140 } 141 141 $reltime = time() + $coastpenalty; … … 152 152 break; 153 153 case "maj_nextwp": 154 $nwp =quote_smart($_REQUEST['nwp']);154 $nwp = get_cgi_var('nwp'); 155 155 $query = "update users set nextwaypoint= " . $nwp . 156 156 " where idusers = " . $boat . … … 163 163 break; 164 164 case "maj_position": 165 $longitude =quote_smart($_REQUEST['targetlong']);166 $latitude =quote_smart($_REQUEST['targetlat']);165 $longitude = get_cgi_var('targetlong'); 166 $latitude = get_cgi_var('targetlat'); 167 167 $query = "insert into positions (time, `long`, `lat`, idusers, race) " . 168 168 "values (" . … … 178 178 break; 179 179 case "reset_pass": 180 $newpass =quote_smart($_REQUEST['newpass']);180 $newpass = get_cgi_var('newpass'); 181 181 $query = "update users set password= '" . $newpass . "'" . 182 182 " where idusers = " . $boat . … … 187 187 break; 188 188 case "reset_username": 189 $newusern =quote_smart($_REQUEST['newusern']);189 $newusern = get_cgi_var('newusern'); 190 190 $query = "update users set username= '" . addslashes($newusern) . "'" . 191 191 " where idusers = " . $boat .
