From 7270a69a6378df29bedcff1919c81df136264e42 Mon Sep 17 00:00:00 2001 From: Martin Ambrus Date: Sun, 22 Oct 2017 13:00:54 +0200 Subject: [PATCH] fix: all location headers need to have exit after them! --- GameEngine/Account.php | 9 ++++ GameEngine/Alliance.php | 57 +++++++++++++++------- GameEngine/Automation.php | 5 +- GameEngine/Building.php | 27 ++++++++--- GameEngine/Market.php | 45 ++++++++++++------ GameEngine/Message.php | 10 ++++ GameEngine/Profile.php | 15 ++++++ GameEngine/Session.php | 6 +++ GameEngine/Technology.php | 5 ++ GameEngine/Units.php | 15 ++++++ GameEngine/Village.php | 1 + Templates/Alliance/Forum/forum_1.tpl | 1 + Templates/Alliance/Forum/forum_10.tpl | 1 + Templates/Alliance/Forum/forum_2.tpl | 1 + Templates/Alliance/Forum/forum_3.tpl | 1 + Templates/Alliance/Forum/forum_4.tpl | 1 + Templates/Alliance/Forum/forum_5.tpl | 1 + Templates/Alliance/Forum/forum_6.tpl | 1 + Templates/Alliance/Forum/forum_7.tpl | 1 + Templates/Alliance/Forum/forum_8.tpl | 1 + Templates/Alliance/Forum/forum_9.tpl | 1 + Templates/Alliance/assignpos.tpl | 1 + Templates/Alliance/overview.tpl | 3 +- Templates/Build/15_1.tpl | 8 +++- Templates/Build/17_3.tpl | 1 + Templates/Build/17_4.tpl | 1 + Templates/Build/37_hero.tpl | 33 ++++++++----- Templates/Build/37_land.tpl | 2 + Templates/Build/37_revive.tpl | 4 +- Templates/Build/37_train.tpl | 60 ++++++++++++++++++------ Templates/Building.tpl | 1 + Templates/Plus/10.tpl | 2 + Templates/Plus/11.tpl | 2 + Templates/Plus/12.tpl | 2 + Templates/Plus/14.tpl | 2 + Templates/Plus/15.tpl | 2 + Templates/Plus/7.tpl | 2 + Templates/Plus/8.tpl | 2 + Templates/Plus/9.tpl | 2 + Templates/Profile/graphic.tpl | 1 + Templates/Profile/notfound.tpl | 3 +- Templates/Profile/preference.tpl | 2 + Templates/Ranking/ww.tpl | 3 +- Templates/a2b/startRaid.tpl | 1 + Templates/goldClub/farmlist.tpl | 1 + Templates/goldClub/farmlist_addraid.tpl | 2 + Templates/goldClub/farmlist_editraid.tpl | 2 + a2b.php | 9 +++- a2b2.php | 1 + agb.php | 1 + allianz.php | 10 ++++ banned.php | 2 +- berichte.php | 4 ++ build.php | 24 ++++++++++ celebration.php | 4 +- crop_finder.php | 4 ++ dorf1.php | 1 + dorf2.php | 1 + dorf3.php | 2 + karte.php | 4 ++ karte2.php | 2 +- login.php | 1 + massmessage.php | 5 +- nachrichten.php | 5 ++ notification/index.php | 1 + packages.php | 2 +- plus.php | 1 + plus1.php | 1 + rules.php | 1 + spieler.php | 4 ++ statistiken.php | 1 + support.php | 1 + version.php | 1 + winner.php | 2 + 74 files changed, 367 insertions(+), 78 deletions(-) diff --git a/GameEngine/Account.php b/GameEngine/Account.php index 8b7cb0b8..e8b9cb9d 100755 --- a/GameEngine/Account.php +++ b/GameEngine/Account.php @@ -109,6 +109,7 @@ private function Signup() { header("Location: anmelden.php"); + exit; } else { if(AUTH_EMAIL){ @@ -119,6 +120,7 @@ private function Signup() { $mailer->sendActivate($_POST['email'],$_POST['name'],$_POST['pw'],$act); header("Location: activate.php?id=$uid&q=$act2"); + exit; } } else { @@ -130,6 +132,7 @@ private function Signup() { $database->updateUserField($uid,"invited",$_POST['invited'],1); $this->generateBase($_POST['kid'],$uid,$_POST['name']); header("Location: login.php"); + exit; } } } @@ -148,16 +151,19 @@ private function Activate() { $database->unreg($dbarray['username']); $this->generateBase($dbarray['kid'],$uid,$dbarray['username']); header("Location: activate.php?e=2"); + exit; } } else { header("Location: activate.php?e=3"); + exit; } } else { header("Location: activate.php"); + exit; } } @@ -170,9 +176,11 @@ private function Unreg() { if(password_verify($_POST['pw'], $dbarray['password'])) { $database->unreg($dbarray['username']); header("Location: anmelden.php"); + exit; } else { header("Location: activate.php?e=3"); + exit; } } @@ -207,6 +215,7 @@ private function Login() { $_SESSION['valuearray'] = $_POST; header("Location: login.php"); + exit; } else { $userid = $database->getUserArray($_POST['user'], 0); // Vacation mode by Shadow diff --git a/GameEngine/Alliance.php b/GameEngine/Alliance.php index 8adff495..88857f7e 100755 --- a/GameEngine/Alliance.php +++ b/GameEngine/Alliance.php @@ -131,7 +131,8 @@ public function sendInvite($post) { $database->insertAlliNotice($session->alliance, '' . addslashes($session->username) . ' has invited ' . addslashes($UserData['username']) . ' into the alliance.'); } }else{ - header("Location: banned.php"); + header("Location: banned.php"); + exit; } } @@ -147,9 +148,11 @@ private function rejectInvite($get) { $database->insertAlliNotice($invite['alliance'], '' . addslashes($session->username) . ' has rejected the invitation.'); } } - header("Location: build.php?id=".$get['id']); + header("Location: build.php?id=".$get['id']); + exit; }else{ - header("Location: banned.php"); + header("Location: banned.php"); + exit; } } @@ -167,9 +170,11 @@ private function delInvite($get) { $database->insertAlliNotice($session->alliance, '' . addslashes($session->username) . ' has deleted the invitation for ' . addslashes($invitename['username']) . '.'); } } - header("Location: allianz.php?delinvite"); + header("Location: allianz.php?delinvite"); + exit; }else{ - header("Location: banned.php"); + header("Location: banned.php"); + exit; } } @@ -200,10 +205,12 @@ private function acceptInvite($get) { if($accept_error == 1){ $form->addError("ally_accept", "The alliance can contain only ".$max." peoples right now."); }else{ - header("Location: build.php?id=" . $get['id']); + header("Location: build.php?id=" . $get['id']); + exit; } }else{ - header("Location: banned.php"); + header("Location: banned.php"); + exit; } } @@ -230,6 +237,7 @@ private function createAlliance($post) { $_SESSION['valuearray'] = $post; header("Location: build.php?id=" . $post['id']); + exit; } else { $max = $bid18[$village->resarray['f' . $post['id']]]['attri']; $aid = $database->createAlliance($post['ally1'], $post['ally2'], $session->uid, $max); @@ -240,9 +248,11 @@ private function createAlliance($post) { // log the notice $database->insertAlliNotice($aid, 'The alliance has been founded by ' . addslashes($session->username) . '.'); header("Location: build.php?id=" . $post['id']); + exit; } }else{ - header("Location: banned.php"); + header("Location: banned.php"); + exit; } } @@ -277,7 +287,8 @@ private function changeAliName($get) { $database->insertAlliNotice($session->alliance, '' . addslashes($session->username) . ' has changed the alliance name.'); } }else{ - header("Location: banned.php"); + header("Location: banned.php"); + exit; } } @@ -300,7 +311,8 @@ private function updateAlliProfile($post) { $database->insertAlliNotice($session->alliance, '' . addslashes($session->username) . ' has changed the alliance description.'); } }else{ - header("Location: banned.php"); + header("Location: banned.php"); + exit; } } @@ -323,7 +335,8 @@ private function changeUserPermissions($post) { $database->insertAlliNotice($session->alliance, '' . addslashes($session->username) . ' has changed permissions.'); } }else{ - header("Location: banned.php"); + header("Location: banned.php"); + exit; } } /***************************************** @@ -351,7 +364,8 @@ private function kickAlliUser($post) { } } }else{ - header("Location: banned.php"); + header("Location: banned.php"); + exit; } } /***************************************** @@ -362,10 +376,12 @@ public function setForumLink($post) { if($session->access != BANNED){ if(isset($post['f_link'])){ $database->setAlliForumdblink($session->alliance, $post['f_link']); - header("Location: allianz.php?s=5"); + header("Location: allianz.php?s=5"); + exit; } }else{ - header("Location: banned.php"); + header("Location: banned.php"); + exit; } } /***************************************** @@ -379,9 +395,11 @@ public function Vote($post) { $text = ''.$survey['voted'].','.$session->uid.','; $database->Vote($post['tid'], $post['vote'], $text); } - header("Location: allianz.php?s=2&fid2=".$post['fid2']."&pid=".$post['pid']."&tid=".$post['tid']); + header("Location: allianz.php?s=2&fid2=".$post['fid2']."&pid=".$post['pid']."&tid=".$post['tid']); + exit; }else{ - header("Location: banned.php"); + header("Location: banned.php"); + exit; } } /***************************************** @@ -409,9 +427,11 @@ private function quitally($post) { $database->deleteAlliance($session->alliance); $database->insertAlliNotice($session->alliance, '' . addslashes($session->username) . ' has quit the alliance.'); header("Location: spieler.php?uid=".$session->uid); + exit; } }else{ - header("Location: banned.php"); + header("Location: banned.php"); + exit; } } @@ -448,7 +468,8 @@ private function changediplomacy($post) { $form->addError("name", "Alliance does not exist"); } }else{ - header("Location: banned.php"); + header("Location: banned.php"); + exit; } } diff --git a/GameEngine/Automation.php b/GameEngine/Automation.php index 37371fca..9e39fcb6 100755 --- a/GameEngine/Automation.php +++ b/GameEngine/Automation.php @@ -35,7 +35,8 @@ public function isWinner() { $isThere = mysqli_num_rows($q); if($isThere > 0) { - header('Location: winner.php'); + header('Location: winner.php'); + exit; }else{ ## there is no winner } @@ -3100,6 +3101,7 @@ private function sendTroopsBack($post) { $_SESSION['errorarray'] = $form->getErrors(); $_SESSION['valuearray'] = $_POST; header("Location: a2b.php"); + exit; } else { //change units @@ -3176,6 +3178,7 @@ private function sendTroopsBack($post) { $technology->checkReinf($post['ckey']); header("Location: build.php?id=39"); + exit; } } diff --git a/GameEngine/Building.php b/GameEngine/Building.php index f804a631..938c8157 100755 --- a/GameEngine/Building.php +++ b/GameEngine/Building.php @@ -47,14 +47,16 @@ public function canProcess($id,$tid) { global $session; if($session->access==BANNED){ header("Location: banned.php"); - exit; + exit; } else { if ($this->checkResource($id,$tid)!=4) { if($tid >= 19) { header("Location: dorf2.php"); + exit; } else { header("Location: dorf1.php"); + exit; } exit; } @@ -85,8 +87,10 @@ public function procBuild($get) { $database->modifyGold($session->uid,1,0); if($get['id'] > 18) { header("Location: dorf2.php"); + exit; } else { header("Location: dorf1.php"); + exit; } } if(isset($get['a']) && $get['c'] == $session->checker && isset($get['id'])) { @@ -319,9 +323,11 @@ private function removeBuilding($d) { } if($jobs['field'] >= 19) { header("Location: dorf2.php"); + exit; } else { header("Location: dorf1.php"); + exit; } } } @@ -370,13 +376,16 @@ private function upgradeBuilding($id) { $logging->addBuildLog($village->wid,$this->procResType($village->resarray['f'.$id.'t']),($village->resarray['f'.$id]+($loopsame>0?2:1)),0); if($id >= 19) { header("Location: dorf2.php"); + exit; } else { header("Location: dorf1.php"); + exit; } } }else{ - header("Location: banned.php"); + header("Location: banned.php"); + exit; } } } @@ -413,9 +422,11 @@ private function downgradeBuilding($id) { if($database->addBuilding($village->wid,$id,$village->resarray['f'.$id.'t'],$loop,$time,0,0,$level['f'.$id] + 1 + count($database->getBuildingByField($village->wid,$id)))) { $logging->addBuildLog($village->wid,$this->procResType($village->resarray['f'.$id.'t']),($village->resarray['f'.$id]-1),2); header("Location: dorf2.php"); + exit; } }else{ - header("Location: banned.php"); + header("Location: banned.php"); + exit; } } } @@ -449,9 +460,11 @@ private function constructBuilding($id,$tid) { $logging->addBuildLog($village->wid,$this->procResType($tid),($village->resarray['f'.$id]+1),1); $database->modifyResource($village->wid,$uprequire['wood'],$uprequire['clay'],$uprequire['iron'],$uprequire['crop'],0); header("Location: dorf2.php"); + exit; } }else{ - header("Location: banned.php"); + header("Location: banned.php"); + exit; } } } @@ -819,9 +832,11 @@ public function finishAll() { } } } - header("Location: ".$session->referrer); + header("Location: ".$session->referrer); + exit; }else{ - header("Location: banned.php"); + header("Location: banned.php"); + exit; } } diff --git a/GameEngine/Market.php b/GameEngine/Market.php index 055ddb6f..c090badd 100755 --- a/GameEngine/Market.php +++ b/GameEngine/Market.php @@ -50,7 +50,8 @@ public function procRemove($get) $vref = $village->wid; $database->getResourcesBack($vref,$type,$amt); $database->addMarket($village->wid,$get['del'],0,0,0,0,0,0,1); - header("Location: build.php?id=".$get['id']."&t=2"); + header("Location: build.php?id=".$get['id']."&t=2"); + exit; } if(isset($get['t']) && $get['t'] == 1 && isset($get['a']) && $get['a'] == $session->mchecker && !isset($get['del'])) { @@ -100,7 +101,8 @@ private function sendResource($post) $availableCrop = $database->getCropAvailable($village->wid); if($session->access == BANNED) { - header("Location: banned.php"); + header("Location: banned.php"); + exit; } else if($availableWood >= $post['r1'] AND $availableClay >= $post['r2'] AND $availableIron >= $post['r3'] AND $availableCrop >= $post['r4']) { @@ -124,7 +126,8 @@ private function sendResource($post) } } } - header("Location: build.php?id=".$post['id']); + header("Location: build.php?id=".$post['id']); + exit; } else { @@ -140,17 +143,20 @@ private function addOffer($post) if($post['rid1'] == $post['rid2']) { // Trading res for res of same type (invalid) - header("Location: build.php?id=".$post['id']."&t=2&e2"); + header("Location: build.php?id=".$post['id']."&t=2&e2"); + exit; } elseif($post['m1'] > (2 * $post['m2'])) { // Trade is for more than 2x (invalid) - header("Location: build.php?id=".$post['id']."&t=2&e2"); + header("Location: build.php?id=".$post['id']."&t=2&e2"); + exit; } elseif($post['m2'] > (2 * $post['m1'])) { // Trade is for less than 0.5x (invalid) - header("Location: build.php?id=".$post['id']."&t=2&e2"); + header("Location: build.php?id=".$post['id']."&t=2&e2"); + exit; } else { @@ -165,7 +171,8 @@ private function addOffer($post) if($session->access == BANNED) { - header("Location: banned.php"); + header("Location: banned.php"); + exit; } elseif($availableWood >= $wood AND $availableClay >= $clay AND $availableIron >= $iron AND $availableCrop >= $crop) @@ -194,18 +201,21 @@ private function addOffer($post) $database->addMarket($village->wid,$post['rid1'],$post['m1'],$post['rid2'],$post['m2'],$time,$alliance,$reqMerc,0); } // Enough merchants - header("Location: build.php?id=".$post['id']."&t=2"); + header("Location: build.php?id=".$post['id']."&t=2"); + exit; } else { // Not enough merchants - header("Location: build.php?id=".$post['id']."&t=2&e3"); + header("Location: build.php?id=".$post['id']."&t=2&e3"); + exit; } } else { // not enough resources - header("Location: build.php?id=".$post['id']."&t=2&e1"); + header("Location: build.php?id=".$post['id']."&t=2&e1"); + exit; } } } @@ -241,7 +251,8 @@ private function acceptOffer($get) $database->setMarketAcc($get['g']); $database->removeAcceptedOffer($get['g']); $logging->addMarketLog($village->wid,2,array($infoarray['vref'],$get['g'])); - header("Location: build.php?id=".$get['id']); + header("Location: build.php?id=".$get['id']); + exit; } private function loadOnsale() @@ -330,7 +341,8 @@ private function tradeResource($post) //kijken of ze niet meer gs invoeren dan ze hebben if($session->access == BANNED) { - header("Location: banned.php"); + header("Location: banned.php"); + exit; } else if (($post['m2'][0]+$post['m2'][1]+$post['m2'][2]+$post['m2'][3])<=(round($village->awood)+round($village->aclay)+round($village->airon)+round($village->acrop))) { @@ -339,16 +351,19 @@ private function tradeResource($post) $database->setVillageField($village->wid,"iron",$post['m2'][2]); $database->setVillageField($village->wid,"crop",$post['m2'][3]); $database->modifyGold($session->uid,3,0); - header("Location: build.php?id=".$post['id']."&t=3&c");; + header("Location: build.php?id=".$post['id']."&t=3&c");; + exit; } else { - header("Location: build.php?id=".$post['id']."&t=3"); + header("Location: build.php?id=".$post['id']."&t=3"); + exit; } } else { - header("Location: build.php?id=".$post['id']."&t=3"); + header("Location: build.php?id=".$post['id']."&t=3"); + exit; } } } diff --git a/GameEngine/Message.php b/GameEngine/Message.php index fcd04152..92610cf5 100755 --- a/GameEngine/Message.php +++ b/GameEngine/Message.php @@ -45,6 +45,7 @@ public function procMessage($post) { $this->sendMessage($post['an'],$post['be'],addslashes($post['message'])); } header("Location: nachrichten.php?t=2"); + exit; break; case "m3": case "m4": @@ -88,6 +89,7 @@ public function noticeType($get) { if($get['t'] == 5) { if(!$session->plus){ header("Location: berichte.php"); + exit; } else { $type = 9; } @@ -136,6 +138,7 @@ public function quoteMessage($id) { } $this->reply = $_SESSION['reply'] = $message; header("Location: nachrichten.php?t=1&id=" . $message['owner']); + exit; } } } @@ -223,6 +226,7 @@ private function removeMessage($post) { } } header("Location: nachrichten.php"); + exit; } private function archiveMessage($post) { @@ -233,6 +237,7 @@ private function archiveMessage($post) { } } header("Location: nachrichten.php"); + exit; } private function unarchiveMessage($post) { @@ -243,6 +248,7 @@ private function unarchiveMessage($post) { } } header("Location: nachrichten.php"); + exit; } private function removeNotice($post) { @@ -253,6 +259,7 @@ private function removeNotice($post) { } } header("Location: berichte.php"); + exit; } private function archiveNotice($post) { @@ -263,6 +270,7 @@ private function archiveNotice($post) { } } header("Location: berichte.php"); + exit; } private function unarchiveNotice($post) { @@ -273,6 +281,7 @@ private function unarchiveNotice($post) { } } header("Location: berichte.php"); + exit; } private function getReadNotice($id) { @@ -593,6 +602,7 @@ public function addFriends($post) { } } header("Location: nachrichten.php?t=1"); + exit; } } diff --git a/GameEngine/Profile.php b/GameEngine/Profile.php index 6657e6d7..a2978de4 100755 --- a/GameEngine/Profile.php +++ b/GameEngine/Profile.php @@ -21,6 +21,7 @@ public function procProfile($post) { $this->updateProfile($post); }else{ header("Location: banned.php"); + exit; } break; case "p3": @@ -28,6 +29,7 @@ public function procProfile($post) { $this->updateAccount($post); }else{ header("Location: banned.php"); + exit; } break; case "p4": @@ -36,6 +38,7 @@ public function procProfile($post) { $this->setvactionmode($post); }else{ header("Location: banned.php"); + exit; } break; } @@ -47,6 +50,7 @@ public function procProfile($post) { $this->gpack($post); }else{ header("Location: banned.php"); + exit; } break; } @@ -62,6 +66,7 @@ public function procSpecial($get) { $this->removeMeSit($get); }else{ header("Location: banned.php"); + exit; } break; case 3: @@ -69,6 +74,7 @@ public function procSpecial($get) { $this->removeSitter($get); }else{ header("Location: banned.php"); + exit; } break; case 4: @@ -76,6 +82,7 @@ public function procSpecial($get) { $this->cancelDeleting($get); }else{ header("Location: banned.php"); + exit; } break; } @@ -94,12 +101,14 @@ private function updateProfile($post) { $database->setVillageName($database->RemoveXSS($varray[$i]['wref']),$k); } header("Location: spieler.php?uid=".$post['uid']); + exit; } private function gpack($post) { global $database, $session; $database->gpack($database->RemoveXSS($session->uid),$database->RemoveXSS($post['custom_url'])); header("Location: spieler.php?uid=".$session->uid); + exit; } /******************************************************* @@ -123,8 +132,10 @@ private function setvactionmode($post){ $database->UpdateOnline("logout") or die(mysqli_error($database->dblink)); $session->Logout(); header("Location: login.php"); + exit; }else{ header("Location: spieler.php?s=5"); + exit; } } @@ -178,6 +189,7 @@ private function updateAccount($post) { } $_SESSION['errorarray'] = $form->getErrors(); header("Location: spieler.php?s=3"); + exit; } private function removeSitter($get) { @@ -189,12 +201,14 @@ private function removeSitter($get) { $session->changeChecker(); } header("Location: spieler.php?s=".$get['s']); + exit; } private function cancelDeleting($get) { global $database,$session; $database->setDeleting($get['id'],1); header("Location: spieler.php?s=".$get['s']); + exit; } private function removeMeSit($get) { @@ -204,6 +218,7 @@ private function removeMeSit($get) { $session->changeChecker(); } header("Location: spieler.php?s=".$get['s']); + exit; } }; $profile = new Profile; diff --git a/GameEngine/Session.php b/GameEngine/Session.php index fc09da0d..ec3c126a 100755 --- a/GameEngine/Session.php +++ b/GameEngine/Session.php @@ -21,6 +21,7 @@ if(file_exists('GameEngine/config.php') || file_exists('../../GameEngine/config.php') || file_exists('../../config.php') || file_exists('../GameEngine/config.php')) { }else{ header("Location: install/"); +exit; } $script_name = ($_SERVER['REQUEST_URI'] == 'karte.php') ? 'karte' : $_SERVER['REQUEST_URI']; @@ -123,8 +124,10 @@ public function Login($user) { if ($dbarray['id'] == 1) { header("Location: nachrichten.php"); + exit; } else { header("Location: dorf1.php"); + exit; } } @@ -257,13 +260,16 @@ private function SurfControl(){ if(!$this->logged_in) { if(!in_array($page, $pagearray) || $page == "logout.php") { header("Location: login.php"); + exit; } } else { if(in_array($page, $pagearray)) { if ($this->uid == 1) { header("Location: nachrichten.php"); + exit; } else { header("Location: dorf1.php"); + exit; } } diff --git a/GameEngine/Technology.php b/GameEngine/Technology.php index 06de28bb..f0f5f687 100755 --- a/GameEngine/Technology.php +++ b/GameEngine/Technology.php @@ -401,8 +401,10 @@ private function procTrain($post,$great=false) { } } header("Location: build.php?id=".$post['id']); + exit; }else{ header("Location: banned.php"); + exit; } } @@ -678,6 +680,7 @@ private function researchTech($get) { } $session->changeChecker(); header("Location: build.php?id=".$get['id']); + exit; } private function upgradeSword($get) { @@ -696,6 +699,7 @@ private function upgradeSword($get) { } $session->changeChecker(); header("Location: build.php?id=".$get['id']); + exit; } private function upgradeArmour($get) { @@ -714,6 +718,7 @@ private function upgradeArmour($get) { } $session->changeChecker(); header("Location: build.php?id=".$get['id']); + exit; } public function getUnitName($i) { diff --git a/GameEngine/Units.php b/GameEngine/Units.php index 240c6500..0bd10971 100755 --- a/GameEngine/Units.php +++ b/GameEngine/Units.php @@ -202,6 +202,7 @@ private function loadUnits($post) { $_SESSION['errorarray'] = $form->getErrors(); $_SESSION['valuearray'] = $_POST; header("Location: a2b.php"); + exit; }else{ // We must return an array with $ post, which contains all the data more // another variable that will define the flag is raised and is being sent and the type of shipping @@ -218,6 +219,7 @@ private function loadUnits($post) { $_SESSION['errorarray'] = $form->getErrors(); $_SESSION['valuearray'] = $_POST; header("Location: a2b.php"); + exit; }else{ $villageName = $database->getOasisField($id,"name"); @@ -364,6 +366,7 @@ private function sendTroops($post) { $_SESSION['errorarray'] = $form->getErrors(); $_SESSION['valuearray'] = $_POST; header("Location: a2b.php"); + exit; } else { if($session->access != BANNED){ @@ -523,11 +526,14 @@ private function sendTroops($post) { $_SESSION['errorarray'] = $form->getErrors(); $_SESSION['valuearray'] = $_POST; header("Location: a2b.php"); + exit; } header("Location: build.php?id=39"); + exit; }else{ header("Location: banned.php"); +exit; } }} @@ -578,6 +584,7 @@ private function sendTroopsBack($post) { $_SESSION['errorarray'] = $form->getErrors(); $_SESSION['valuearray'] = $_POST; header("Location: a2b.php"); + exit; } else { //change units @@ -654,6 +661,7 @@ private function sendTroopsBack($post) { $technology->checkReinf($post['ckey']); header("Location: build.php?id=39"); + exit; } } else { @@ -662,10 +670,12 @@ private function sendTroopsBack($post) { $_SESSION['errorarray'] = $form->getErrors(); $_SESSION['valuearray'] = $_POST; header("Location: a2b.php"); + exit; } } }else{ header("Location: banned.php"); +exit; } } @@ -684,20 +694,25 @@ public function Settlers($post) { $database->modifyUnit($village->wid,array($unit),array(3),array(0)); $database->addMovement(5,$village->wid,$post['s'],0,time(),time()+$post['timestamp']); header("Location: build.php?id=39"); + exit; if($form->returnErrors() > 0) { $_SESSION['errorarray'] = $form->getErrors(); $_SESSION['valuearray'] = $_POST; header("Location: a2b.php"); + exit; } } else { header("Location: build.php?id=39"); + exit; } }else{ header("Location: dorf1.php"); + exit; } }else{ header("Location: banned.php"); + exit; } } diff --git a/GameEngine/Village.php b/GameEngine/Village.php index 4c0450d7..ff7905ab 100755 --- a/GameEngine/Village.php +++ b/GameEngine/Village.php @@ -293,6 +293,7 @@ private function ActionControl() { if($page == "build.php" && $session->uid != $this->infoarray['owner']) { unset($_SESSION['wid']); header("Location: dorf1.php"); + exit; } } diff --git a/Templates/Alliance/Forum/forum_1.tpl b/Templates/Alliance/Forum/forum_1.tpl index 39fa3123..c275b796 100644 --- a/Templates/Alliance/Forum/forum_1.tpl +++ b/Templates/Alliance/Forum/forum_1.tpl @@ -187,5 +187,6 @@ function showCheckList() {

\ No newline at end of file diff --git a/Templates/Alliance/Forum/forum_10.tpl b/Templates/Alliance/Forum/forum_10.tpl index 71ce49dc..f361ad85 100644 --- a/Templates/Alliance/Forum/forum_10.tpl +++ b/Templates/Alliance/Forum/forum_10.tpl @@ -88,5 +88,6 @@ foreach($posts as $pos) { Warning: you can't use the values [message] or [/message] in your post because it can cause problem with bbcode system. \ No newline at end of file diff --git a/Templates/Alliance/Forum/forum_2.tpl b/Templates/Alliance/Forum/forum_2.tpl index 315c1a42..259d42f7 100644 --- a/Templates/Alliance/Forum/forum_2.tpl +++ b/Templates/Alliance/Forum/forum_2.tpl @@ -255,5 +255,6 @@ if($closed1 != 0){

\ No newline at end of file diff --git a/Templates/Alliance/Forum/forum_3.tpl b/Templates/Alliance/Forum/forum_3.tpl index 3169b6ec..756e5be4 100644 --- a/Templates/Alliance/Forum/forum_3.tpl +++ b/Templates/Alliance/Forum/forum_3.tpl @@ -47,5 +47,6 @@ $show_cat = $database->ForumCat($session->alliance);

\ No newline at end of file diff --git a/Templates/Alliance/Forum/forum_4.tpl b/Templates/Alliance/Forum/forum_4.tpl index 309a7a34..d31f2f26 100644 --- a/Templates/Alliance/Forum/forum_4.tpl +++ b/Templates/Alliance/Forum/forum_4.tpl @@ -108,5 +108,6 @@ echo '

\ No newline at end of file diff --git a/Templates/Alliance/Forum/forum_5.tpl b/Templates/Alliance/Forum/forum_5.tpl index 802f7eca..27dde5f1 100644 --- a/Templates/Alliance/Forum/forum_5.tpl +++ b/Templates/Alliance/Forum/forum_5.tpl @@ -139,5 +139,6 @@ Option 8: Warning: you can't use the values [message] or [/message] in your post because it can cause problem with bbcode system. \ No newline at end of file diff --git a/Templates/Alliance/Forum/forum_6.tpl b/Templates/Alliance/Forum/forum_6.tpl index bd6d6f08..a124293e 100644 --- a/Templates/Alliance/Forum/forum_6.tpl +++ b/Templates/Alliance/Forum/forum_6.tpl @@ -173,5 +173,6 @@ echo '
'.$bbcode_post.'
'; }else{ header("Location: banned.php"); +exit; } ?> \ No newline at end of file diff --git a/Templates/Alliance/Forum/forum_7.tpl b/Templates/Alliance/Forum/forum_7.tpl index 8328c765..55004893 100644 --- a/Templates/Alliance/Forum/forum_7.tpl +++ b/Templates/Alliance/Forum/forum_7.tpl @@ -72,5 +72,6 @@ foreach($topics as $arr) { Warning: you can't use the values [message] or [/message] in your post because it can cause problem with bbcode system. \ No newline at end of file diff --git a/Templates/Alliance/Forum/forum_8.tpl b/Templates/Alliance/Forum/forum_8.tpl index 92c919a2..3da9b7a7 100644 --- a/Templates/Alliance/Forum/forum_8.tpl +++ b/Templates/Alliance/Forum/forum_8.tpl @@ -111,5 +111,6 @@ foreach($forum_data as $cats) {

\ No newline at end of file diff --git a/Templates/Alliance/Forum/forum_9.tpl b/Templates/Alliance/Forum/forum_9.tpl index 05d4d281..3932721c 100644 --- a/Templates/Alliance/Forum/forum_9.tpl +++ b/Templates/Alliance/Forum/forum_9.tpl @@ -83,5 +83,6 @@ foreach($topics as $top) { Warning: you can't use the values [message] or [/message] in your post because it can cause problem with bbcode system. \ No newline at end of file diff --git a/Templates/Alliance/assignpos.tpl b/Templates/Alliance/assignpos.tpl index 88f72f54..0d29d2e2 100644 --- a/Templates/Alliance/assignpos.tpl +++ b/Templates/Alliance/assignpos.tpl @@ -47,5 +47,6 @@ if($session->access!=BANNED){ \ No newline at end of file diff --git a/Templates/Alliance/overview.tpl b/Templates/Alliance/overview.tpl index cb93aff9..47e2235e 100644 --- a/Templates/Alliance/overview.tpl +++ b/Templates/Alliance/overview.tpl @@ -11,7 +11,8 @@ $allianceinfo = $database->getAlliance($aid); $memberlist = $database->getAllMember($aid); $totalpop = 0; if($allianceinfo['tag']==""){ -header("Location: allianz.php"); + header("Location: allianz.php"); + exit; } foreach($memberlist as $member) { $totalpop += $database->getVSumField($member['id'],"pop"); diff --git a/Templates/Build/15_1.tpl b/Templates/Build/15_1.tpl index d4b36be3..b0bd2a78 100644 --- a/Templates/Build/15_1.tpl +++ b/Templates/Build/15_1.tpl @@ -4,8 +4,10 @@ if($_REQUEST["cancel"] == "1") { if($session->access != BANNED){ $database->delDemolition($village->wid); header("Location: build.php?gid=15&ty=$ty&cancel=0&demolish=0"); + exit; }else{ -header("Location: banned.php"); + header("Location: banned.php"); + exit; } } @@ -16,9 +18,11 @@ if($session->access != BANNED){ $database->addDemolition($village->wid,$type); $session->changeChecker(); header("Location: build.php?gid=15&ty=$type&cancel=0&demolish=0"); + exit; } }else{ -header("Location: banned.php"); + header("Location: banned.php"); + exit; } } diff --git a/Templates/Build/17_3.tpl b/Templates/Build/17_3.tpl index e8dff02c..9da79ff6 100644 --- a/Templates/Build/17_3.tpl +++ b/Templates/Build/17_3.tpl @@ -266,5 +266,6 @@ function testSum() { \ No newline at end of file diff --git a/Templates/Build/17_4.tpl b/Templates/Build/17_4.tpl index d05cad80..3236de5b 100644 --- a/Templates/Build/17_4.tpl +++ b/Templates/Build/17_4.tpl @@ -70,5 +70,6 @@ echo "".TRADE_ROUTE_TO." g diff --git a/Templates/Build/37_hero.tpl b/Templates/Build/37_hero.tpl index eb650590..02bf3482 100644 --- a/Templates/Build/37_hero.tpl +++ b/Templates/Build/37_hero.tpl @@ -45,7 +45,8 @@ if (isset($_POST['name'])) { if($session->access != BANNED){ echo "(+)"; }else{ - header("Location: banned.php"); + header("Location: banned.php"); + exit; } }else { echo "(+)"; @@ -64,7 +65,8 @@ if (isset($_POST['name'])) { if($session->access != BANNED){ echo "(+)"; }else{ - header("Location: banned.php"); + header("Location: banned.php"); + exit; } }else { echo "(+)"; @@ -83,7 +85,8 @@ if (isset($_POST['name'])) { if($session->access != BANNED){ echo "(+)"; }else{ - header("Location: banned.php"); + header("Location: banned.php"); + exit; } }else { @@ -103,7 +106,8 @@ if (isset($_POST['name'])) { if($session->access != BANNED){ echo "(+)"; }else{ - header("Location: banned.php"); + header("Location: banned.php"); + exit; } }else { @@ -123,7 +127,8 @@ if (isset($_POST['name'])) { if($session->access != BANNED){ echo "(+)"; }else{ - header("Location: banned.php"); + header("Location: banned.php"); + exit; } }else { @@ -176,7 +181,8 @@ if (isset($_POST['name'])) { mysqli_query($GLOBALS['link'],"UPDATE " . TB_PREFIX . "hero SET `attackbonus` = '0' WHERE `uid` = '" . $database->escape($session->uid) . "'"); mysqli_query($GLOBALS['link'],"UPDATE " . TB_PREFIX . "hero SET `defencebonus` = '0' WHERE `uid` = '" . $database->escape($session->uid) . "'"); mysqli_query($GLOBALS['link'],"UPDATE " . TB_PREFIX . "hero SET `regeneration` = '0' WHERE `uid` = '" . $database->escape($session->uid) . "'"); - header("Location: build.php?id=".$id.""); + header("Location: build.php?id=".$id.""); + exit; } } } @@ -184,35 +190,40 @@ if (isset($_POST['name'])) { if($hero_info['points'] > 0) { mysqli_query($GLOBALS['link'],"UPDATE " . TB_PREFIX . "hero SET `attack` = `attack` + 1 WHERE `uid` = '" . $database->escape($session->uid) . "'"); mysqli_query($GLOBALS['link'],"UPDATE " . TB_PREFIX . "hero SET `points` = `points` - 1 WHERE `uid` = '" . $database->escape($session->uid) . "'"); - header("Location: build.php?id=".$id.""); + header("Location: build.php?id=".$id.""); + exit; } } if($_GET['add'] == "deff" && $hero_info['defence'] < 100) { if($hero_info['points'] > 0) { mysqli_query($GLOBALS['link'],"UPDATE " . TB_PREFIX . "hero SET `defence` = `defence` + 1 WHERE `uid` = '" . $database->escape($session->uid) . "'"); mysqli_query($GLOBALS['link'],"UPDATE " . TB_PREFIX . "hero SET `points` = `points` - 1 WHERE `uid` = '" . $database->escape($session->uid) . "'"); - header("Location: build.php?id=".$id.""); + header("Location: build.php?id=".$id.""); + exit; } } if($_GET['add'] == "obonus" && $hero_info['attackbonus'] < 100) { if($hero_info['points'] > 0) { mysqli_query($GLOBALS['link'],"UPDATE " . TB_PREFIX . "hero SET `attackbonus` = `attackbonus` + 1 WHERE `uid` = '" . $database->escape($session->uid) . "'"); mysqli_query($GLOBALS['link'],"UPDATE " . TB_PREFIX . "hero SET `points` = `points` - 1 WHERE `uid` = '" . $database->escape($session->uid) . "'"); - header("Location: build.php?id=".$id.""); + header("Location: build.php?id=".$id.""); + exit; } } if($_GET['add'] == "dbonus" && $hero_info['defencebonus'] < 100) { if($hero_info['points'] > 0) { mysqli_query($GLOBALS['link'],"UPDATE " . TB_PREFIX . "hero SET `defencebonus` = `defencebonus` + 1 WHERE `uid` = '" . $database->escape($session->uid) . "'"); mysqli_query($GLOBALS['link'],"UPDATE " . TB_PREFIX . "hero SET `points` = `points` - 1 WHERE `uid` = '" . $database->escape($session->uid) . "'"); - header("Location: build.php?id=".$id.""); + header("Location: build.php?id=".$id.""); + exit; } } if($_GET['add'] == "reg" && $hero_info['regeneration'] < 100) { if($hero_info['points'] > 0) { mysqli_query($GLOBALS['link'],"UPDATE " . TB_PREFIX . "hero SET `regeneration` = `regeneration` + 1 WHERE `uid` = '" . $database->escape($session->uid) . "'"); mysqli_query($GLOBALS['link'],"UPDATE " . TB_PREFIX . "hero SET `points` = `points` - 1 WHERE `uid` = '" . $database->escape($session->uid) . "'"); - header("Location: build.php?id=".$id.""); + header("Location: build.php?id=".$id.""); + exit; } } } diff --git a/Templates/Build/37_land.tpl b/Templates/Build/37_land.tpl index b068249f..92727826 100644 --- a/Templates/Build/37_land.tpl +++ b/Templates/Build/37_land.tpl @@ -7,8 +7,10 @@ if($_GET['gid']==37 && isset($_GET['del'])){ if($session->access != BANNED){ $database->removeOases($_GET['del']); header("Location: build.php?id=".$id."&land"); + exit; }else{ header("Location: banned.php"); + exit; } } ?> diff --git a/Templates/Build/37_revive.tpl b/Templates/Build/37_revive.tpl index 9fd10d82..621bddbd 100644 --- a/Templates/Build/37_revive.tpl +++ b/Templates/Build/37_revive.tpl @@ -177,8 +177,10 @@ mysqli_query($GLOBALS['link'],"UPDATE " . TB_PREFIX . "vdata SET `iron` = `iron` - ".(int) $iron ." WHERE `wref` = '" . (int) $village->wid . "'"); mysqli_query($GLOBALS['link'],"UPDATE " . TB_PREFIX . "vdata SET `crop` = `crop` - ".(int) $crop." WHERE `wref` = '" . (int) $village->wid . "'"); header("Location: build.php?id=".$id.""); + exit; }else{ - header("Location: banned.php"); + header("Location: banned.php"); + exit; } } if($hero_info['inrevive'] == 0 && $hero_info['intraining'] == 0) { diff --git a/Templates/Build/37_train.tpl b/Templates/Build/37_train.tpl index 0bd55a28..09e6e6a0 100644 --- a/Templates/Build/37_train.tpl +++ b/Templates/Build/37_train.tpl @@ -543,8 +543,10 @@ $output.=" mysqli_query($GLOBALS['link'],"UPDATE " . TB_PREFIX . "vdata SET `crop` = `crop` - ".(int) $u1['crop']." WHERE `wref` = '" . (int) $village->wid . "'"); } header("Location: build.php?id=".$id.""); + exit; }else{ - header("Location: banned.php"); + header("Location: banned.php"); + exit; } } if($_GET['train'] == 2){ @@ -559,8 +561,10 @@ $output.=" mysqli_query($GLOBALS['link'],"UPDATE " . TB_PREFIX . "vdata SET `crop` = `crop` - ".(int) $u2['crop']." WHERE `wref` = '" . (int) $village->wid . "'"); } header("Location: build.php?id=".$id.""); + exit; }else{ - header("Location: banned.php"); + header("Location: banned.php"); + exit; } } if($_GET['train'] == 3){ @@ -573,8 +577,10 @@ $output.=" mysqli_query($GLOBALS['link'],"UPDATE " . TB_PREFIX . "vdata SET `iron` = `iron` - ".(int) $u3['iron']." WHERE `wref` = '" . (int) $village->wid . "'"); mysqli_query($GLOBALS['link'],"UPDATE " . TB_PREFIX . "vdata SET `crop` = `crop` - ".(int) $u3['crop']." WHERE `wref` = '" . (int) $village->wid . "'"); header("Location: build.php?id=".$id.""); + exit; }else{ - header("Location: banned.php"); + header("Location: banned.php"); + exit; } } if($_GET['train'] == 5){ @@ -589,8 +595,10 @@ $output.=" mysqli_query($GLOBALS['link'],"UPDATE " . TB_PREFIX . "vdata SET `crop` = `crop` - ".(int) $u5['crop']." WHERE `wref` = '" . (int) $village->wid . "'"); } header("Location: build.php?id=".$id.""); + exit; }else{ - header("Location: banned.php"); + header("Location: banned.php"); + exit; } } if($_GET['train'] == 6){ @@ -605,8 +613,10 @@ $output.=" mysqli_query($GLOBALS['link'],"UPDATE " . TB_PREFIX . "vdata SET `crop` = `crop` - ".(int) $u6['crop']." WHERE `wref` = '" . (int) $village->wid . "'"); } header("Location: build.php?id=".$id.""); + exit; }else{ - header("Location: banned.php"); + header("Location: banned.php"); + exit; } } } @@ -623,8 +633,10 @@ $output.=" mysqli_query($GLOBALS['link'],"UPDATE " . TB_PREFIX . "vdata SET `crop` = `crop` - ".(int) $u11['crop']." WHERE `wref` = '" . (int) $village->wid . "'"); } header("Location: build.php?id=".$id.""); + exit; }else{ - header("Location: banned.php"); + header("Location: banned.php"); + exit; } } if($_GET['train'] == 12){ @@ -639,8 +651,10 @@ $output.=" mysqli_query($GLOBALS['link'],"UPDATE " . TB_PREFIX . "vdata SET `crop` = `crop` - ".(int) $u12['crop']." WHERE `wref` = '" . (int) $village->wid . "'"); } header("Location: build.php?id=".$id.""); + exit; }else{ - header("Location: banned.php"); + header("Location: banned.php"); + exit; } } if($_GET['train'] == 13){ @@ -655,8 +669,10 @@ $output.=" mysqli_query($GLOBALS['link'],"UPDATE " . TB_PREFIX . "vdata SET `crop` = `crop` - ".(int) $u13['crop']." WHERE `wref` = '" . (int) $village->wid . "'"); } header("Location: build.php?id=".$id.""); + exit; }else{ - header("Location: banned.php"); + header("Location: banned.php"); + exit; } } if($_GET['train'] == 15){ @@ -671,8 +687,10 @@ $output.=" mysqli_query($GLOBALS['link'],"UPDATE " . TB_PREFIX . "vdata SET `crop` = `crop` - ".(int) $u15['crop']." WHERE `wref` = '" . (int) $village->wid . "'"); } header("Location: build.php?id=".$id.""); + exit; }else{ - header("Location: banned.php"); + header("Location: banned.php"); + exit; } } if($_GET['train'] == 16){ @@ -687,8 +705,10 @@ $output.=" mysqli_query($GLOBALS['link'],"UPDATE " . TB_PREFIX . "vdata SET `crop` = `crop` - ".(int) $u16['crop']." WHERE `wref` = '" . (int) $village->wid . "'"); } header("Location: build.php?id=".$id.""); + exit; }else{ - header("Location: banned.php"); + header("Location: banned.php"); + exit; } } } @@ -705,8 +725,10 @@ $output.=" mysqli_query($GLOBALS['link'],"UPDATE " . TB_PREFIX . "vdata SET `crop` = `crop` - ".(int) $u21['crop']." WHERE `wref` = '" . (int) $village->wid . "'"); } header("Location: build.php?id=".$id.""); + exit; }else{ - header("Location: banned.php"); + header("Location: banned.php"); + exit; } } if($_GET['train'] == 22){ @@ -721,8 +743,10 @@ $output.=" mysqli_query($GLOBALS['link'],"UPDATE " . TB_PREFIX . "vdata SET `crop` = `crop` - ".(int) $u22['crop']." WHERE `wref` = '" . (int) $village->wid . "'"); } header("Location: build.php?id=".$id.""); + exit; }else{ - header("Location: banned.php"); + header("Location: banned.php"); + exit; } } if($_GET['train'] == 24){ @@ -737,8 +761,10 @@ $output.=" mysqli_query($GLOBALS['link'],"UPDATE " . TB_PREFIX . "vdata SET `crop` = `crop` - ".(int) $u24['crop']." WHERE `wref` = '" . (int) $village->wid . "'"); } header("Location: build.php?id=".$id.""); + exit; }else{ - header("Location: banned.php"); + header("Location: banned.php"); + exit; } } if($_GET['train'] == 25){ @@ -753,8 +779,10 @@ $output.=" mysqli_query($GLOBALS['link'],"UPDATE " . TB_PREFIX . "vdata SET `crop` = `crop` - ".(int) $u25['crop']." WHERE `wref` = '" . (int) $village->wid . "'"); } header("Location: build.php?id=".$id.""); + exit; }else{ - header("Location: banned.php"); + header("Location: banned.php"); + exit; } } if($_GET['train'] == 26){ @@ -769,8 +797,10 @@ $output.=" mysqli_query($GLOBALS['link'],"UPDATE " . TB_PREFIX . "vdata SET `crop` = `crop` - ".(int) $u26['crop']." WHERE `wref` = '" . (int) $village->wid . "'"); } header("Location: build.php?id=".$id.""); + exit; }else{ - header("Location: banned.php"); + header("Location: banned.php"); + exit; } } } diff --git a/Templates/Building.tpl b/Templates/Building.tpl index 15585389..3b71a1eb 100644 --- a/Templates/Building.tpl +++ b/Templates/Building.tpl @@ -61,5 +61,6 @@ $building->loadBuilding(); diff --git a/Templates/Plus/10.tpl b/Templates/Plus/10.tpl index 5ffd5990..f393d63d 100644 --- a/Templates/Plus/10.tpl +++ b/Templates/Plus/10.tpl @@ -23,7 +23,9 @@ if($session->access != BANNED && $session->gold >= 5){ } } header("Location: plus.php?id=3"); + exit; } else { header("Location: banned.php"); + exit; } ?> \ No newline at end of file diff --git a/Templates/Plus/11.tpl b/Templates/Plus/11.tpl index 76684172..e7b461f0 100644 --- a/Templates/Plus/11.tpl +++ b/Templates/Plus/11.tpl @@ -23,7 +23,9 @@ if($session->access != BANNED && $session->gold >= 5){ } } header("Location: plus.php?id=3"); + exit; } else { header("Location: banned.php"); + exit; } ?> \ No newline at end of file diff --git a/Templates/Plus/12.tpl b/Templates/Plus/12.tpl index d86d96f9..80ba70e0 100644 --- a/Templates/Plus/12.tpl +++ b/Templates/Plus/12.tpl @@ -23,7 +23,9 @@ if($session->access != BANNED && $session->gold >= 5){ } } header("Location: plus.php?id=3"); + exit; } else { header("Location: banned.php"); + exit; } ?> \ No newline at end of file diff --git a/Templates/Plus/14.tpl b/Templates/Plus/14.tpl index cf573fd3..fd005405 100644 --- a/Templates/Plus/14.tpl +++ b/Templates/Plus/14.tpl @@ -27,7 +27,9 @@ echo "failed"; } header("Location: plus.php?id=3"); +exit; }else{ header("Location: banned.php"); +exit; } ?> \ No newline at end of file diff --git a/Templates/Plus/15.tpl b/Templates/Plus/15.tpl index f63e0d97..58c6f8f3 100644 --- a/Templates/Plus/15.tpl +++ b/Templates/Plus/15.tpl @@ -5,8 +5,10 @@ if($session->gold >= 100 && $session->sit == 0 && $session->goldclub == 0) { mysqli_query($GLOBALS['link'],"UPDATE ".TB_PREFIX."users set goldclub = 1, gold = gold - 100 where `id`='".$session->uid."'"); } header("Location: plus.php?id=3"); +exit; }else{ header("Location: banned.php"); +exit; } ?> \ No newline at end of file diff --git a/Templates/Plus/7.tpl b/Templates/Plus/7.tpl index 14507241..00d74b59 100644 --- a/Templates/Plus/7.tpl +++ b/Templates/Plus/7.tpl @@ -2,7 +2,9 @@ if($session->access!=BANNED){ $building->finishAll(); header("Location: plus.php?id=3"); + exit; }else{ header("Location: banned.php"); + exit; } ?> diff --git a/Templates/Plus/8.tpl b/Templates/Plus/8.tpl index f74e0fbb..824d4e6b 100644 --- a/Templates/Plus/8.tpl +++ b/Templates/Plus/8.tpl @@ -23,7 +23,9 @@ if($session->access != BANNED && $session->gold >= 10){ } } header("Location: plus.php?id=3"); + exit; } else { header("Location: banned.php"); + exit; } ?> \ No newline at end of file diff --git a/Templates/Plus/9.tpl b/Templates/Plus/9.tpl index 2beffb7c..a91d1732 100644 --- a/Templates/Plus/9.tpl +++ b/Templates/Plus/9.tpl @@ -23,7 +23,9 @@ if($session->access != BANNED && $session->gold >= 5){ } } header("Location: plus.php?id=3"); + exit; } else { header("Location: banned.php"); + exit; } ?> \ No newline at end of file diff --git a/Templates/Profile/graphic.tpl b/Templates/Profile/graphic.tpl index d069d2bb..64b6e041 100644 --- a/Templates/Profile/graphic.tpl +++ b/Templates/Profile/graphic.tpl @@ -102,5 +102,6 @@ $database->updateUserField($session->uid,gpack,$_POST["custom_url"],1); uid); + exit; } ?> \ No newline at end of file diff --git a/Templates/Profile/notfound.tpl b/Templates/Profile/notfound.tpl index dc989042..db9517c0 100644 --- a/Templates/Profile/notfound.tpl +++ b/Templates/Profile/notfound.tpl @@ -1,2 +1,3 @@ removeLinks($_GET['del'],$session->uid); header("Location: spieler.php?s=2"); + exit; } ################################################################################# ## -= YOU MAY NOT REMOVE OR CHANGE THIS NOTICE =- ## @@ -55,6 +56,7 @@ if($_POST) { $query = mysqli_query($GLOBALS['link'],'INSERT INTO `' . TB_PREFIX . 'links` (`userid`, `name`, `url`, `pos`) VALUES (' . $userid . ', \'' . $link['linkname'] . '\', \'' . $link['linkziel'] . '\', ' . $link['nr'] . ')'); }else{ header("Location: banned.php"); + exit; } } elseif(trim($link['nr']) != '' AND trim($link['linkname']) != '' AND trim($link['linkziel']) != '' AND trim($link['id']) != '') { // Update link diff --git a/Templates/Ranking/ww.tpl b/Templates/Ranking/ww.tpl index f73d1f94..c7abf3fc 100644 --- a/Templates/Ranking/ww.tpl +++ b/Templates/Ranking/ww.tpl @@ -47,6 +47,7 @@ if (WW == True) } else { - header("Location: statistiken.php"); + header("Location: statistiken.php"); + exit; } ?> \ No newline at end of file diff --git a/Templates/a2b/startRaid.tpl b/Templates/a2b/startRaid.tpl index a762a4b7..67759c82 100644 --- a/Templates/a2b/startRaid.tpl +++ b/Templates/a2b/startRaid.tpl @@ -98,4 +98,5 @@ } } header("Location: build.php?id=39&t=99"); +exit; ?> \ No newline at end of file diff --git a/Templates/goldClub/farmlist.tpl b/Templates/goldClub/farmlist.tpl index da04163b..10e7ff75 100644 --- a/Templates/goldClub/farmlist.tpl +++ b/Templates/goldClub/farmlist.tpl @@ -6,6 +6,7 @@ if(isset($_GET['t'])==99 && isset($_POST['action'])=='addList' && $_POST['did']! $database->createFarmList($_POST['did'], $session->uid, $_POST['name']); }else if(isset($_GET['t'])==99 && isset($_POST['action'])=='addList'){ header("Location: build.php?gid=16&t=99&action=addList"); + exit; } $sql = mysqli_query($GLOBALS['link'],"SELECT * FROM ".TB_PREFIX."farmlist WHERE owner = ".(int) $session->uid." ORDER BY wref = $village->wid DESC"); diff --git a/Templates/goldClub/farmlist_addraid.tpl b/Templates/goldClub/farmlist_addraid.tpl index a3081fe7..80eec92f 100644 --- a/Templates/goldClub/farmlist_addraid.tpl +++ b/Templates/goldClub/farmlist_addraid.tpl @@ -62,6 +62,7 @@ $vdata = $database->getVillage($Wref); $database->addSlotFarm($_POST['lid'], $Wref, $WrefX, $WrefY, $distance, $_POST['t1'], $_POST['t2'], $_POST['t3'], $_POST['t4'], $_POST['t5'], $_POST['t6'], $_POST['t7'], $_POST['t8'], $_POST['t9'], $_POST['t10']); header("Location: build.php?id=39&t=99"); + exit; } } ?> @@ -159,5 +160,6 @@ $vill[$towref] = 1; diff --git a/Templates/goldClub/farmlist_editraid.tpl b/Templates/goldClub/farmlist_editraid.tpl index 7d33a33f..03c3bcc0 100644 --- a/Templates/goldClub/farmlist_editraid.tpl +++ b/Templates/goldClub/farmlist_editraid.tpl @@ -64,6 +64,7 @@ $troops = "".$_POST['t1']."+".$_POST['t2']."+".$_POST['t3']."+".$_POST['t4']."+" $database->editSlotFarm($_GET['eid'], $_POST['lid'], $Wref, $WrefX, $WrefY, $distance, $_POST['t1'], $_POST['t2'], $_POST['t3'], $_POST['t4'], $_POST['t5'], $_POST['t6'], $_POST['t7'], $_POST['t8'], $_POST['t9'], $_POST['t10']); header("Location: build.php?id=39&t=99"); + exit; } } if($FLData['owner'] == $session->uid){ @@ -166,5 +167,6 @@ $vill[$towref] = 1; \ No newline at end of file diff --git a/a2b.php b/a2b.php index a1961723..1132d8af 100644 --- a/a2b.php +++ b/a2b.php @@ -16,18 +16,23 @@ $_SESSION['wid'] = $_GET['newdid']; if(isset($_GET['w'])) { header("Location: ".$_SERVER['PHP_SELF']."?w=".$_GET['w']); + exit; } else if(isset($_GET['r'])) { header("Location: ".$_SERVER['PHP_SELF']."?r=".$_GET['r']); + exit; } else if(isset($_GET['o'])) { header("Location: ".$_SERVER['PHP_SELF']."?o=".$_GET['o']); + exit; } else if(isset($_GET['z'])) { header("Location: ".$_SERVER['PHP_SELF']."?z=".$_GET['z']); + exit; } else if($_GET['id']!=0){ header("Location: ".$_SERVER['PHP_SELF']); + exit; } } else { @@ -219,7 +224,9 @@ $database->modifyUnit($prisoner['wref'],array("99o"),array($troops),array(0)); $database->deletePrisoners($prisoner['id']); } - header("Location: build.php?id=39");} else { + header("Location: build.php?id=39"); + exit; + } else { if(isset($process['0'])) { $coor = $database->getCoor($process['0']); include ("Templates/a2b/attack.tpl"); diff --git a/a2b2.php b/a2b2.php index 744f6db8..1c0b34ad 100644 --- a/a2b2.php +++ b/a2b2.php @@ -17,6 +17,7 @@ if(isset($_GET['newdid'])) { $_SESSION['wid'] = $_GET['newdid']; header("Location: ".$_SERVER['PHP_SELF']); + exit; } else { $building->procBuild($_GET); diff --git a/agb.php b/agb.php index d22be2eb..9c17ad1b 100644 --- a/agb.php +++ b/agb.php @@ -16,4 +16,5 @@ ## ## ################################################################################# header("Location: terms.php"); +exit; ?> \ No newline at end of file diff --git a/allianz.php b/allianz.php index 99850605..ff02b871 100644 --- a/allianz.php +++ b/allianz.php @@ -9,10 +9,13 @@ $_SESSION['wid'] = $_GET['newdid']; if(isset($_GET['s'])){ header("Location: ".$_SERVER['PHP_SELF']."?s=".preg_replace("/[^a-zA-Z0-9_-]/","",$_GET['s'])); + exit; }else if(isset($_GET['aid'])){ header("Location: ".$_SERVER['PHP_SELF']."?aid=".preg_replace("/[^a-zA-Z0-9_-]/","",$_GET['aid'])); + exit; }else{ header("Location: ".$_SERVER['PHP_SELF']); + exit; } } if(isset($_GET['s'])){ @@ -26,6 +29,7 @@ if($forum_type['forum_name'] != "" && $forum_type['forum_area'] == 0){ if($forum_type['alliance'] != $session->alliance){ header("Location: ".$_SERVER['PHP_SELF']); + exit; } } }else if(isset($_GET['fid2'])){ @@ -37,17 +41,21 @@ if($forum_type['forum_area'] == 0){ if($forum_type['alliance'] != $session->alliance){ header("Location: ".$_SERVER['PHP_SELF']); + exit; } }else if($forum_type['forum_area'] == 2){ if($forum_type['alliance'] != $session->alliance){ header("Location: ".$_SERVER['PHP_SELF']); + exit; } }else if($forum_type['forum_area'] == 3){ if($forum_type['alliance'] != $session->alliance){ header("Location: ".$_SERVER['PHP_SELF']); + exit; } }else{ header("Location: ".$_SERVER['PHP_SELF']); + exit; } } } @@ -220,6 +228,7 @@ function med_showDescription(coords, desc_string){ // Options }else{ header("Location: ".$_SERVER['PHP_SELF']); + exit; }}else if(isset($_GET['delinvite']) && $invite_permission == 1){ include ("Templates/Alliance/invite.tpl"); } elseif(isset($_POST['o'])) { @@ -367,5 +376,6 @@ function med_showDescription(coords, desc_string){ uid); +exit; } ?> \ No newline at end of file diff --git a/banned.php b/banned.php index 8b8dfe82..1dee3c86 100644 --- a/banned.php +++ b/banned.php @@ -93,4 +93,4 @@ +else{header("Location: dorf1.php");exit;}?> diff --git a/berichte.php b/berichte.php index 3fdd2550..fb234d3e 100644 --- a/berichte.php +++ b/berichte.php @@ -18,12 +18,16 @@ $_SESSION['wid'] = $_GET['newdid']; if(isset($_GET['t'])) { header("Location: ".$_SERVER['PHP_SELF']."?t=".$_GET['t']); + exit; }else if(isset($_GET['vill']) && isset($_GET['id'])) { header("Location: ".$_SERVER['PHP_SELF']."?id=".$_GET['id']."&vill=".$_GET['vill'].""); + exit; }else if($_GET['id']!=0) { header("Location: ".$_SERVER['PHP_SELF']."?id=".$_GET['id']); + exit; }else{ header("Location: ".$_SERVER['PHP_SELF']); + exit; } } ?> diff --git a/build.php b/build.php index 29706eca..9f05b095 100644 --- a/build.php +++ b/build.php @@ -16,9 +16,11 @@ if(isset($_GET['newdid'])) { $_SESSION['wid'] = $_GET['newdid']; header("Location: ".$_SERVER['PHP_SELF'].(isset($_GET['id'])?'?id='.$_GET['id']:(isset($_GET['gid'])?'?gid='.$_GET['gid']:''))); + exit; } if($_GET['id'] == 99 && $village->natar == 0){ header("Location: dorf2.php"); +exit; } $pagestart = $generator->pageLoadTimeStart(); @@ -78,15 +80,18 @@ if($totalres > 0){ $database->createTradeRoute($session->uid,$_POST['tvillage'],$village->wid,$_POST['r1'],$_POST['r2'],$_POST['r3'],$_POST['r4'],$_POST['start'],$_POST['deliveries'],$reqMerc,$timestamp); header("Location: build.php?gid=17&t=4"); + exit; $route = 1; }else{ header("Location: build.php?gid=17&t=4&create"); + exit; $route = 1; } } }else{ $route = 0; header("Location: banned.php"); + exit; } } if(isset($_GET['action']) && $_GET['action'] == 'extendRoute') { @@ -98,20 +103,24 @@ $newgold = $session->gold-2; $database->updateUserField($session->uid,'gold',$newgold,1); header("Location: build.php?gid=17&t=4"); + exit; $route = 1; unset($routeid); }else{ header("Location: build.php?gid=17&t=4"); + exit; $route = 1; unset($routeid); } }else{ header("Location: build.php?gid=17&t=4"); + exit; $route = 1; } }else{ $route = 0; header("Location: banned.php"); + exit; } } if(isset($_POST['action']) && $_POST['action'] == 'editRoute') { @@ -138,11 +147,13 @@ $database->editTradeRoute($_POST['routeid'],"timestamp",$timestamp,0); } header("Location: build.php?gid=17&t=4"); + exit; $route = 1; unset($routeid); }else{ $route = 0; header("Location: banned.php"); + exit; } } if(isset($_GET['action']) && $_GET['action'] == 'delRoute') { @@ -151,16 +162,19 @@ if($traderoute == $session->uid){ $database->deleteTradeRoute($_GET['routeid']); header("Location: build.php?gid=17&t=4"); + exit; $route = 1; unset($routeid); }else{ header("Location: build.php?gid=17&t=4"); + exit; $route = 1; unset($routeid); } }else{ $route = 0; header("Location: banned.php"); + exit; } } } @@ -187,15 +201,18 @@ if($_GET['action'] == 'deleteList') { $database->delFarmList($_GET['lid'], $session->uid); header("Location: build.php?id=39&t=99"); + exit; }elseif($_GET['action'] == 'deleteSlot') { $database->delSlotFarm($_GET['eid']); header("Location: build.php?id=39&t=99"); + exit; } if($_POST['action'] == 'startRaid'){ if($session->access != BANNED){ include ("Templates/a2b/startRaid.tpl"); }else{ header("Location: banned.php"); + exit; } } @@ -212,11 +229,13 @@ $database->setVillageEvasion($_GET['evasion']); } header("Location: build.php?id=39&t=99"); + exit; } if(isset($_POST['maxevasion']) && is_numeric($_POST['maxevasion'])) { $database->updateUserField($session->uid, "maxevasion", $_POST['maxevasion'], 1); header("Location: build.php?id=39&t=99"); + exit; } } }else{ @@ -228,6 +247,7 @@ $units->Settlers($_POST); }else{ header("Location: banned.php"); +exit; } } if($_GET['mode']=='troops' && $_GET['cancel']==1){ @@ -257,8 +277,10 @@ } } header("Location: ".$_SERVER['PHP_SELF']."?id=".$_GET['id']); +exit; }else{ header("Location: banned.php"); +exit; } } if(isset($_GET['id'])){ @@ -349,11 +371,13 @@ if($session->gold >= 2) { $building->finishAll(); header("Location: build.php?gid=".$_GET['id']."&ty=".$_GET['ty']); + exit; } } } }else{ header("Location: ".$_SERVER['PHP_SELF']."?id=39"); +exit; } ?> diff --git a/celebration.php b/celebration.php index 0ae3262e..036a8ef2 100644 --- a/celebration.php +++ b/celebration.php @@ -12,6 +12,7 @@ if(isset($_GET['newdid'])){ $_SESSION['wid'] = $_GET['newdid']; header("Location: ".$_SERVER['PHP_SELF']); + exit; } if($village->resarray['f'.$_GET['id'].'t'] == 24 and $village->currentcel == 0){ if(!empty($_GET['type']) && $_GET['type'] == 1){ @@ -37,4 +38,5 @@ } } } -header("Location: build.php?id=".$_GET['id']); \ No newline at end of file +header("Location: build.php?id=".$_GET['id']); +exit; \ No newline at end of file diff --git a/crop_finder.php b/crop_finder.php index a939efa4..45f33e7a 100644 --- a/crop_finder.php +++ b/crop_finder.php @@ -12,14 +12,18 @@ if($session->goldclub == 0) { header("Location: plus.php?id=3"); + exit; } if($_POST['type'] == 15) { header("Location: ".$_SERVER['PHP_SELF']."?s=1&x=" . preg_replace("/[^a-zA-Z0-9_-]/","",$_POST['x']) . '&y=' . preg_replace("/[^a-zA-Z0-9_-]/","",$_POST['y'])); + exit; } elseif($_POST['type'] == 9) { header("Location: ".$_SERVER['PHP_SELF']."?s=2&x=" . preg_replace("/[^a-zA-Z0-9_-]/","",$_POST['x']) . '&y=' . preg_replace("/[^a-zA-Z0-9_-]/","",$_POST['y'])); + exit; } elseif($_POST['type'] == 'both') { header("Location: ".$_SERVER['PHP_SELF']."?s=3&x=" . preg_replace("/[^a-zA-Z0-9_-]/","",$_POST['x']) . '&y=' . preg_replace("/[^a-zA-Z0-9_-]/","",$_POST['y'])); + exit; } ?> diff --git a/dorf1.php b/dorf1.php index 765a263e..3fdd3485 100644 --- a/dorf1.php +++ b/dorf1.php @@ -18,6 +18,7 @@ $_SESSION['wid'] = $_GET['newdid']; $database->query("UPDATE ".TB_PREFIX."users SET village_select=".$database->escape((int) $_GET['newdid'])." WHERE id=".$session->uid); header("Location: ".$_SERVER['PHP_SELF']); + exit; } else { $building->procBuild($_GET); } diff --git a/dorf2.php b/dorf2.php index 1a7628b8..0a3e425b 100644 --- a/dorf2.php +++ b/dorf2.php @@ -15,6 +15,7 @@ $_SESSION['wid'] = $_GET['newdid']; $database->query("UPDATE ".TB_PREFIX."users SET village_select=".$database->escape((int) $_GET['newdid'])." WHERE id=".$session->uid); header("Location: ".$_SERVER['PHP_SELF']); + exit; }else{ $building->procBuild($_GET); } diff --git a/dorf3.php b/dorf3.php index a9666573..943d978b 100644 --- a/dorf3.php +++ b/dorf3.php @@ -18,8 +18,10 @@ $database->query("UPDATE ".TB_PREFIX."users SET village_select=".$database->escape((int) $_GET['newdid'])." WHERE id=".$session->uid); if(isset($_GET['s'])){ header("Location: ".$_SERVER['PHP_SELF']."?s=".$_GET['s']); + exit; }else{ header("Location: ".$_SERVER['PHP_SELF']); + exit; } } ?> diff --git a/karte.php b/karte.php index 25012c05..2d65f409 100644 --- a/karte.php +++ b/karte.php @@ -17,12 +17,15 @@ $_SESSION['wid'] = $_GET['newdid']; if(isset($_GET['d']) && isset($_GET['c'])){ header("Location: ".$_SERVER['PHP_SELF']."?d=".preg_replace("/[^a-zA-Z0-9_-]/","",$_GET['d'])."&c=".preg_replace("/[^a-zA-Z0-9_-]/","",$_GET['c'])); + exit; } else if(isset($_GET['d'])){ header("Location: ".$_SERVER['PHP_SELF']."?d=".preg_replace("/[^a-zA-Z0-9_-]/","",$_GET['d'])); + exit; } else{ header("Location: ".$_SERVER['PHP_SELF']); + exit; } } else { $building->procBuild($_GET); @@ -76,6 +79,7 @@ } else { header("Location: dorf1.php"); + exit; } } else { diff --git a/karte2.php b/karte2.php index ef320eee..fd33da5d 100644 --- a/karte2.php +++ b/karte2.php @@ -36,4 +36,4 @@ +else{header("Location: karte.php");exit;}?> diff --git a/login.php b/login.php index 21019e6d..c138b323 100644 --- a/login.php +++ b/login.php @@ -16,6 +16,7 @@ if(isset($_GET['del_cookie'])) { setcookie("COOKUSR","",time()-3600*24,"/"); header("Location: login.php"); + exit; } if(!isset($_COOKIE['COOKUSR'])) { $_COOKIE['COOKUSR'] = ""; diff --git a/massmessage.php b/massmessage.php index ded3f0e5..34c98b1e 100644 --- a/massmessage.php +++ b/massmessage.php @@ -71,7 +71,10 @@ } } mysqli_query($GLOBALS['link'],$sql); - if (($users_count - $_GET['from']) > $max_per_pass) echo header("Location: massmessage.php?send=true&from=",$_GET['from'] + $max_per_pass); else $done = true; + if (($users_count - $_GET['from']) > $max_per_pass) { + header("Location: massmessage.php?send=true&from=",$_GET['from'] + $max_per_pass); + exit; + } else $done = true; } ?> diff --git a/nachrichten.php b/nachrichten.php index d2fe8562..cfbdb42c 100644 --- a/nachrichten.php +++ b/nachrichten.php @@ -21,10 +21,13 @@ $_SESSION['wid'] = $_GET['newdid']; if(isset($_GET['t'])) { header("Location: ".$_SERVER['PHP_SELF']."?t=".$_GET['t']); + exit; }else if($_GET['id']!=0) { header("Location: ".$_SERVER['PHP_SELF']."?id=".$_GET['id']); + exit; }else{ header("Location: ".$_SERVER['PHP_SELF']); + exit; } } if(isset($_GET['delfriend']) && is_numeric($_GET['delfriend'])){ @@ -44,6 +47,7 @@ $database->deleteFriend($session->uid,"friend".$_GET['delfriend']."wait"); $database->checkFriends($session->uid); header("Location: ".$_SERVER['PHP_SELF']."?t=1"); +exit; } if(isset($_GET['confirm']) && is_numeric($_GET['confirm'])){ $myid = $database->getUserArray($session->uid, 1); @@ -59,6 +63,7 @@ $database->addFriend($session->uid,"friend".$_GET['confirm'],$wait['id']); $database->addFriend($session->uid,"friend".$_GET['confirm']."wait",0); header("Location: ".$_SERVER['PHP_SELF']."?t=1"); +exit; } ?> diff --git a/notification/index.php b/notification/index.php index 99ea1ff4..ff329dae 100644 --- a/notification/index.php +++ b/notification/index.php @@ -159,5 +159,6 @@ \ No newline at end of file diff --git a/packages.php b/packages.php index 5953f14d..c8963864 100644 --- a/packages.php +++ b/packages.php @@ -110,4 +110,4 @@ +else{header("Location: banned.php");exit;}?> diff --git a/plus.php b/plus.php index e61b2cf3..33d7f8cb 100644 --- a/plus.php +++ b/plus.php @@ -16,6 +16,7 @@ if(isset($_GET['newdid'])) { $_SESSION['wid'] = $_GET['newdid']; header("Location: ".$_SERVER['PHP_SELF']); + exit; } else { $building->procBuild($_GET); diff --git a/plus1.php b/plus1.php index 20e35a0f..d25b2876 100644 --- a/plus1.php +++ b/plus1.php @@ -5,6 +5,7 @@ if(isset($_GET['newdid'])) { $_SESSION['wid'] = $_GET['newdid']; header("Location: ".$_SERVER['PHP_SELF']); + exit; } else { $building->procBuild($_GET); diff --git a/rules.php b/rules.php index 219c8702..cd8cf2c7 100644 --- a/rules.php +++ b/rules.php @@ -16,6 +16,7 @@ if(isset($_GET['newdid'])) { $_SESSION['wid'] = $_GET['newdid']; header("Location: ".$_SERVER['PHP_SELF']); + exit; } ?> diff --git a/spieler.php b/spieler.php index 5003464b..72f10d67 100644 --- a/spieler.php +++ b/spieler.php @@ -18,10 +18,13 @@ $_SESSION['wid'] = $_GET['newdid']; if(isset($_GET['s'])){ header("Location: ".$_SERVER['PHP_SELF']."?s=".preg_replace("/[^a-zA-Z0-9_-]/","",$_GET['s'])); + exit; }else if(isset($_GET['uid'])){ header("Location: ".$_SERVER['PHP_SELF']."?uid=".preg_replace("/[^a-zA-Z0-9_-]/","",$_GET['uid'])); + exit; }else{ header("Location: ".$_SERVER['PHP_SELF']); + exit; } } else { @@ -152,6 +155,7 @@ function med_showDescription(coords, desc_string){ } if($_GET['s'] > 5 or $session->sit == 1) { header("Location: ".$_SERVER['PHP_SELF']."?uid=".preg_replace("/[^a-zA-Z0-9_-]/","",$session->uid)); + exit; } } ?> diff --git a/statistiken.php b/statistiken.php index 2c4cfb52..be05c37d 100644 --- a/statistiken.php +++ b/statistiken.php @@ -21,6 +21,7 @@ if(isset($_GET['newdid'])) { $_SESSION['wid'] = $_GET['newdid']; header("Location: ".$_SERVER['PHP_SELF']."?id=".$_GET['id']); + exit; } ?> diff --git a/support.php b/support.php index d8c461b9..26a11770 100644 --- a/support.php +++ b/support.php @@ -15,6 +15,7 @@ if(isset($_GET['newdid'])) { $_SESSION['wid'] = $_GET['newdid']; header("Location: ".$_SERVER['PHP_SELF']); + exit; } else { $building->procBuild($_GET); diff --git a/version.php b/version.php index dfcdf9fe..c724852b 100644 --- a/version.php +++ b/version.php @@ -17,6 +17,7 @@ if(isset($_GET['newdid'])) { $_SESSION['wid'] = $_GET['newdid']; header("Location: ".$_SERVER['PHP_SELF']); + exit; } else { $building->procBuild($_GET); diff --git a/winner.php b/winner.php index 2743144d..52d1f52f 100644 --- a/winner.php +++ b/winner.php @@ -31,6 +31,7 @@ function mysqli_result($res, $row, $field=0) { if(isset($_GET['newdid'])) { $_SESSION['wid'] = $_GET['newdid']; header("Location: ".$_SERVER['PHP_SELF']); + exit; } else { $building->procBuild($_GET); @@ -262,5 +263,6 @@ function mysqli_result($res, $row, $field=0) {