Merged in nimetu/ryzomcore/php-mysqli-refactor-fixed (pull request #48)

Replace deprecated mysql functions with mysqli in login and ring scripts
This commit is contained in:
Matthew Lagoe 2014-02-05 13:05:14 -08:00
commit d3912094cf
8 changed files with 131 additions and 110 deletions

View file

@ -74,19 +74,21 @@
die2();
}
$domainName = getPost("domain");
$nelLink = mysql_connect($DBHost, $DBUserName, $DBPassword) or die2 (__FILE__. " " .__LINE__." Can't connect to database host:$DBHost user:$DBUserName");
mysql_select_db ($DBName, $nelLink) or die2 (__FILE__. " " .__LINE__." Can't access to the table dbname:$DBName");
$query = "SELECT backup_patch_url, patch_urls FROM domain WHERE domain_name='$domainName'";
$result = mysql_query ($query, $nelLink) or die2 (__FILE__. " " .__LINE__." Can't execute the query: ".$query);
$nelLink = mysqli_connect($DBHost, $DBUserName, $DBPassword) or die2 (__FILE__. " " .__LINE__." Can't connect to database host:$DBHost user:$DBUserName");
mysqli_select_db ($nelLink, $DBName) or die2 (__FILE__. " " .__LINE__." Can't access to the table dbname:$DBName");
if (mysql_num_rows($result) != 1)
$domainName = mysqli_real_escape_string($nelLink, $domainName);
$query = "SELECT backup_patch_url, patch_urls FROM domain WHERE domain_name='$domainName'";
$result = mysqli_query ($nelLink, $query) or die2 (__FILE__. " " .__LINE__." Can't execute the query: ".$query);
if (mysqli_num_rows($result) != 1)
{
// unrecoverable error, we must giveup
$reason = "Can't find domain '".$domainName."' (error code x)";
$res = false;
}
$req = mysql_fetch_array($result);
$req = mysqli_fetch_array($result);
$backup_patch_url = $req["backup_patch_url"];
$patch_urls = $req["patch_urls"];
@ -114,7 +116,7 @@
}
echo "</version>\n";
mysql_close($nelLink);
mysqli_close($nelLink);
unset($nelLink);
break;
@ -124,4 +126,3 @@
}
?>

View file

@ -34,16 +34,16 @@
// gather the domain information (server version, patch urls and backup patch url
global $DBHost, $DBUserName, $DBPassword, $DBName, $AutoInsertInRing;
$link = mysql_connect($DBHost, $DBUserName, $DBPassword) or die (errorMsgBlock(3004, 'main', $DBHost, $DBUserName));
mysql_select_db ($DBName) or die (errorMsgBlock(3005, 'main', $DBName, $DBHost, $DBUserName));
$link = mysqli_connect($DBHost, $DBUserName, $DBPassword) or die (errorMsgBlock(3004, 'main', $DBHost, $DBUserName));
mysqli_select_db ($link, $DBName) or die (errorMsgBlock(3005, 'main', $DBName, $DBHost, $DBUserName));
$query = "SELECT * FROM domain WHERE domain_id=$domainId";
$result = mysql_query ($query) or die (errorMsgBlock(3006, $query, 'main', $DBName, $DBHost, $DBUserName, mysql_error()));
$result = mysqli_query ($link, $query) or die (errorMsgBlock(3006, $query, 'main', $DBName, $DBHost, $DBUserName, mysqli_error($link)));
if( mysql_num_rows($result) != 1)
if( mysqli_num_rows($result) != 1)
{
die(errorMsgBlock(3001, $domainId));
}
$row = mysql_fetch_array($result);
$row = mysqli_fetch_array($result);
// set the cookie
setcookie ( "ryzomId" , $cookie, 0, "/");
@ -178,27 +178,28 @@
{
////////////// Temporary code alpha 0 only /////////////////////////////////////
// check if the ring user exist, and create it if not
$ringDb = mysql_connect($DBHost, $RingDBUserName, $RingDBPassword) or die(errorMsgBlock(3004, 'Ring', $DBHost, $RingDBUserName));
mysql_select_db ($domainInfo['ring_db_name'], $ringDb) or die(errorMsgBlock(3005, 'Ring', $domainInfo['ring_db_name'], $DBHost, $RingDBUserName));
$ringDb = mysqli_connect($DBHost, $RingDBUserName, $RingDBPassword) or die(errorMsgBlock(3004, 'Ring', $DBHost, $RingDBUserName));
mysqli_select_db ($ringDb, $domainInfo['ring_db_name']) or die(errorMsgBlock(3005, 'Ring', $domainInfo['ring_db_name'], $DBHost, $RingDBUserName));
$query = "SELECT user_id FROM ring_users where user_id = '".$id."'";
$result = mysql_query ($query) or die(errorMsgBlock(3006, $query, 'Ring', $domainInfo['ring_db_name'], $DBHost, $RingDBUserName, mysql_error()));
$result = mysqli_query ($ringDb, $query) or die(errorMsgBlock(3006, $query, 'Ring', $domainInfo['ring_db_name'], $DBHost, $RingDBUserName, mysqli_error($ringDb)));
if (mysql_num_rows($result) == 0)
if (mysqli_num_rows($result) == 0)
{
// no ring user record, build one
$query = "INSERT INTO ring_users SET user_id = '".$id."', user_name = '".$_GET["login"]."', user_type='ut_pioneer'";
$result = mysql_query ($query) or die(errorMsgBlock(3006, $query, 'Ring', $domainInfo['ring_db_name'], $DBHost, $RingDBUserName, mysql_error()));
$login = mysqli_real_escape_string($ringDb, $_GET['login']);
$query = "INSERT INTO ring_users SET user_id = '$id', user_name = '$login', user_type='ut_pioneer'";
$result = mysqli_query ($ringDb, $query) or die(errorMsgBlock(3006, $query, 'Ring', $domainInfo['ring_db_name'], $DBHost, $RingDBUserName, mysqli_error($ringDb)));
}
// // check that there is a character record (deprecated)
// $query = "SELECT user_id FROM characters where user_id = '".$id."'";
// $result = mysql_query ($query) or die("Query ".$query." failed");
// if (mysql_num_rows($result) == 0)
// $result = mysqli_query ($ringDb, $query) or die("Query ".$query." failed");
// if (mysqli_num_rows($result) == 0)
// {
// // no characters record, build a default one
// $charId = ($id * 16);
// $query = "INSERT INTO characters SET char_id='".$charId."', char_name='".$_GET["login"]."_default', user_id = '".$id."'";
// $result = mysql_query ($query) or die("Query ".$query." failed");
// $result = mysqli_query ($ringDb, $query) or die("Query ".$query." failed");
// }
}
@ -269,24 +270,25 @@
setMsgLanguage($lang);
// we map the client application to the domain name
$domainName = $clientApplication;
$link = mysqli_connect($DBHost, $DBUserName, $DBPassword) or die (errorMsgBlock(3004, 'main', $DBHost, $DBUserName));
mysqli_select_db ($link, $DBName) or die (errorMsgBlock(3005, 'main', $DBName, $DBHost, $DBUserName));
// we map the client application to the domain name
$domainName = mysqli_real_escape_string($link, $clientApplication);
$link = mysql_connect($DBHost, $DBUserName, $DBPassword) or die (errorMsgBlock(3004, 'main', $DBHost, $DBUserName));
mysql_select_db ($DBName) or die (errorMsgBlock(3005, 'main', $DBName, $DBHost, $DBUserName));
// retreive the domain id
$query = "SELECT domain_id FROM domain WHERE domain_name='$domainName'";
$result = mysql_query ($query) or die (errorMsgBlock(3006, $query, 'main', $DBName, $DBHost, $DBUserName, mysql_error()));
$result = mysqli_query ($link, $query) or die (errorMsgBlock(3006, $query, 'main', $DBName, $DBHost, $DBUserName, mysqli_error($link)));
if (mysql_num_rows($result) == 0)
if (mysqli_num_rows($result) == 0)
{
// unrecoverable error, we must giveup
$reason = errorMsg(3007, $domainName);
mysql_close($link);
mysqli_close($link);
return false;
}
$row = mysql_fetch_array($result);
$row = mysqli_fetch_array($result);
$domainId = $row[0];
// retreive the domain info
@ -296,32 +298,34 @@
$accessPriv = strtoupper(substr($domainInfo['status'], 3));
// now, retrieve the user infos
$login = mysqli_real_escape_string($link, $login);
$query = "SELECT * FROM user where Login='$login'";
$result = mysql_query ($query) or die (errorMsgBlock(3006, $query, 'main', $DBName, $DBHost, $DBUserName, mysql_error()));
$result = mysqli_query ($link, $query) or die (errorMsgBlock(3006, $query, 'main', $DBName, $DBHost, $DBUserName, mysqli_error($link)));
if (mysql_num_rows ($result) == 0)
if (mysqli_num_rows ($result) == 0)
{
if ($AcceptUnknownUser)
{
// login doesn't exist, create it
$password = mysqli_real_escape_string($link, $password);
$query = "INSERT INTO user (Login, Password) VALUES ('$login', '$password')";
$result = mysql_query ($query) or die (errorMsgBlock(3006, $query, 'main', $DBName, $DBHost, $DBUserName, mysql_error()));
$result = mysqli_query ($link, $query) or die (errorMsgBlock(3006, $query, 'main', $DBName, $DBHost, $DBUserName, mysqli_error($link)));
// get the user to have his UId
$query = "SELECT * FROM user WHERE Login='$login'";
$result = mysql_query ($query) or die (errorMsgBlock(3006, $query, 'main', $DBName, $DBHost, $DBUserName, mysql_error()));
$result = mysqli_query ($link, $query) or die (errorMsgBlock(3006, $query, 'main', $DBName, $DBHost, $DBUserName, mysqli_error($link)));
if (mysql_num_rows ($result) == 1)
if (mysqli_num_rows ($result) == 1)
{
$reason = errorMsg(3008, $login);
$row = mysql_fetch_array ($result);
$row = mysqli_fetch_assoc ($result);
$id = $row["UId"];
$priv = $row["Privilege"];
$extended = $row["ExtendedPrivilege"];
// add the default permission
$query = "INSERT INTO permission (UId, ClientApplication, AccessPrivilege) VALUES ('$id', 'r2', '$accessPriv')";
$result = mysql_query ($query) or die (errorMsgBlock(3006, $query, 'main', $DBName, $DBHost, $DBUserName, mysql_error()));
$result = mysqli_query ($link, $query) or die (errorMsgBlock(3006, $query, 'main', $DBName, $DBHost, $DBUserName, mysqli_error($link)));
$res = false;
}
@ -335,9 +339,9 @@
{
// Check if this is not an unconfirmed account
$query = "SELECT GamePassword, Email, Language FROM signup_data WHERE login='$login'";
$result = mysql_query($query) or die (errorMsgBlock(3006, $query, 'main', $DBName, $DBHost, $DBUserName, mysql_error()));
$result = mysqli_query($link, $query) or die (errorMsgBlock(3006, $query, 'main', $DBName, $DBHost, $DBUserName, mysqli_error($link)));
if (mysql_num_rows($result) == 0)
if (mysqli_num_rows($result) == 0)
{
$reason = errorMsg(2001, $login, 'checkUserValidity');
$res = false;
@ -346,7 +350,7 @@
{
// Check password to avoid revealing email address to third-party
$passwordMatchedRow = false;
while ($row = mysql_fetch_array($result))
while ($row = mysqli_fetch_assoc($result))
{
$salt = substr($row['GamePassword'],0,2);
if (($cp && $row['GamePassword'] == $password) || (!$cp && $row['GamePassword'] == crypt($password, $salt)))
@ -369,7 +373,7 @@
}
else
{
$row = mysql_fetch_array ($result);
$row = mysqli_fetch_assoc ($result);
$salt = substr($row["Password"],0,2);
if (($cp && $row["Password"] == $password) || (!$cp && $row["Password"] == crypt($password, $salt)))
{
@ -377,15 +381,16 @@
$_GET['login'] = $row['Login'];
// check if the user can use this application
$clientApplication = mysqli_real_escape_string($link, $clientApplication);
$query = "SELECT * FROM permission WHERE UId='".$row["UId"]."' AND ClientApplication='$clientApplication'";
$result = mysql_query ($query) or die (errorMsgBlock(3006, $query, 'main', $DBName, $DBHost, $DBUserName, mysql_error()));
if (mysql_num_rows ($result) == 0)
$result = mysqli_query ($link, $query) or die (errorMsgBlock(3006, $query, 'main', $DBName, $DBHost, $DBUserName, mysqli_error($link)));
if (mysqli_num_rows ($result) == 0)
{
if ($AcceptUnknownUser)
{
// add default permission
$query = "INSERT INTO permission (UId, ClientApplication, ShardId, AccessPrivilege) VALUES ('".$row["UId"]."', '$clientApplication', -1, '$domainStatus')";
$result = mysql_query ($query) or die (errorMsgBlock(3006, $query, 'main', $DBName, $DBHost, $DBUserName, mysql_error()));
$result = mysqli_query ($link, $query) or die (errorMsgBlock(3006, $query, 'main', $DBName, $DBHost, $DBUserName, mysqli_error($link)));
$reason = errorMsg(3010);
$res = false;
@ -400,7 +405,7 @@
else
{
// check that the access privilege for the domain
$permission = mysql_fetch_array($result);
$permission = mysqli_fetch_assoc($result);
if (!strstr($permission['AccessPrivilege'], $accessPriv))
{
@ -409,7 +414,7 @@
{
// set an additionnal privilege for this player
$query = "UPDATE permission set AccessPrivilege='".$permission['AccessPrivilege'].",$accessPriv' WHERE prim=".$permission['prim'];
$result = mysql_query ($query) or die (errorMsgBlock(3006, $query, 'main', $DBName, $DBHost, $DBUserName, mysql_error()));
$result = mysqli_query ($link, $query) or die (errorMsgBlock(3006, $query, 'main', $DBName, $DBHost, $DBUserName, mysqli_error($link)));
$reason = errorMsg(3012, $accessPriv);
$res = false;
@ -435,10 +440,10 @@
// $reason = $reason."was just disconnected. Now you can retry the identification (error code 54)";
//
// $query = "update shard set NbPlayers=NbPlayers-1 where ShardId=".$row["ShardId"];
// $result = mysql_query ($query) or die ("Can't execute the query: '$query' errno:".mysql_errno().": ".mysql_error());
// $result = mysqli_query ($link, $query) or die ("Can't execute the query: '$query' errno:".mysqli_errno($link).": ".mysqli_error($link));
//
// $query = "update user set ShardId=-1, State='Offline' where UId=".$row["UId"];
// $result = mysql_query ($query) or die ("Can't execute the query: '$query' errno:".mysql_errno().": ".mysql_error());
// $result = mysqli_query ($link, $query) or die ("Can't execute the query: '$query' errno:".mysqli_errno($link).": ".mysqli_error($link));
// }
// else
// {
@ -462,7 +467,7 @@
$res = false;
}
}
mysql_close($link);
mysqli_close($link);
return $res;
}
@ -474,13 +479,14 @@
setMsgLanguage($lang);
$link = mysql_connect($DBHost, $DBUserName, $DBPassword) or die (errorMsgBlock(3004, 'main', $DBHost, $DBUserName));
mysql_select_db ($DBName) or die (errorMsgBlock(3005, 'main', $DBName, $DBHost, $DBUserName));
$link = mysqli_connect($DBHost, $DBUserName, $DBPassword) or die (errorMsgBlock(3004, 'main', $DBHost, $DBUserName));
mysqli_select_db ($link, $DBName) or die (errorMsgBlock(3005, 'main', $DBName, $DBHost, $DBUserName));
$login = mysqli_real_escape_string($link, $login);
$query = "SELECT Password FROM user WHERE Login='$login'";
$result = mysql_query ($query) or die (errorMsgBlock(3006, $query, 'main', $DBName, $DBHost, $DBUserName, mysql_error()));
$result = mysqli_query ($link, $query) or die (errorMsgBlock(3006, $query, 'main', $DBName, $DBHost, $DBUserName, mysqli_error($link)));
if (mysql_num_rows ($result) != 1)
if (mysqli_num_rows ($result) != 1)
{
if ($AcceptUnknownUser)
{
@ -492,17 +498,17 @@
{
// Check if this is not an unconfirmed account
$query = "SELECT GamePassword, Language FROM signup_data WHERE login='$login'";
$result = mysql_query($query) or die (errorMsgBlock(3006, $query, 'main', $DBName, $DBHost, $DBUserName, mysql_error()));
$result = mysqli_query($link, $query) or die (errorMsgBlock(3006, $query, 'main', $DBName, $DBHost, $DBUserName, mysqli_error($link)));
if (mysql_num_rows($result) == 0)
if (mysqli_num_rows($result) == 0)
{
// no user record, reject it
die (errorMsgBlock(2001, $login, 'askSalt'));
}
else if (mysql_num_rows($result) == 1)
else if (mysqli_num_rows($result) == 1)
{
// one unconfirmed record, let the client send the encrypted password to get the corresponding email address
$row = mysql_fetch_array($result);
$row = mysqli_fetch_assoc($result);
$salt = substr($row['GamePassword'], 0, 2);
}
else
@ -511,7 +517,7 @@
{
// several matching records => display a multi-language message now
$languages = array();
while ($row = mysql_fetch_array($result))
while ($row = mysqli_fetch_assoc($result))
{
$languages[$row['Language']] = true;
}
@ -523,12 +529,11 @@
}
else
{
$res_array = mysql_fetch_array($result);
$res_array = mysqli_fetch_assoc($result);
$salt = substr($res_array['Password'], 0, 2);
}
echo "1:".$salt;
mysql_close($link);
mysqli_close($link);
}
?>

View file

@ -16,9 +16,10 @@
$domainInfo = getDomainInfo($domainId);
global $DBHost, $DBUserName, $DBPassword, $DBName, $RingDBName;
$link = mysql_connect($DBHost, $DBUserName, $DBPassword) or die ("Can't connect to database host:$DBHost user:$DBUserName");
mysql_select_db ($RingDBName) or die ("Can't access to the db dbname:$RingDBName");
global $DBHost, $RingDBUserName, $RingDBPassword, $RingDBName;
$link = mysqli_connect($DBHost, $RingDBUserName, $RingDBPassword) or die ("Can't connect to database host:$DBHost user:$RingDBUserName");
mysqli_select_db($link, $RingDBName) or die ("Can't access to the db dbname:$RingDBName");
// Find out if the character has an open editing session
$query = "SELECT session_id, state ";
@ -26,8 +27,8 @@
$query .= " WHERE (owner = '".$charId."')";
$query .= " AND (session_type = 'st_edit')";
$query .= " AND (NOT (state IN ('ss_closed', 'ss_locked')))";
$result = mysql_query ($query) or die ("Can't execute the query: ".$query);
$num = mysql_num_rows ($result);
$result = mysqli_query($link, $query) or die ("Can't execute the query: ".$query);
$num = mysqli_num_rows($result);
if ($num > 1)
{
echo "Error: more than one editing sessions for char".$charId;
@ -39,11 +40,14 @@
{
// Not found => first, create an editing session for this character, start the session and invite himself
$query = "SELECT char_name FROM characters WHERE char_id = $charId";
$result = mysql_query ($query) or die ("Can't execute the query: ".$query);
$num = mysql_num_rows ($result);
$result = mysqli_query($link, $query) or die ("Can't execute the query: ".$query);
$num = mysqli_num_rows($result);
$characterName = "";
if ($num > 0)
$characterName = mysql_result($result, 0, 0);
{
$row = mysqli_fetch_assoc($result);
$characterName = $row['char_name'];
}
global $SessionId, $SessionToolsResult;
planEditSession($charId, $domainId, "st_edit", $characterName, "");
if ($SessionToolsResult === false)
@ -55,7 +59,7 @@
}
else
{
$row = mysql_fetch_array($result);
$row = mysqli_fetch_assoc($result);
$sessionId = $row['session_id'];
$state = $row['state'];
echo "Found your session: $sessionId ($state)<br>";
@ -73,13 +77,12 @@
}
// check that we character have a participation in the session and invite him if needed
mysql_select_db ($RingDBName) or die ("Can't access to the db dbname:$RingDBName");
$query = "SELECT count(*) FROM session_participant WHERE session_id = $sessionId AND char_id = $charId";
$result = mysql_query ($query) or die ("Can't execute the query: ".$query);
$num = mysql_num_rows ($result);
$result = mysqli_query($link, $query) or die ("Can't execute the query: ".$query);
$num = mysqli_num_rows($result);
if ($num != 1)
die ("Invalid result whil checking participation for char $charId in session $sessionId<br>");
$value = mysql_fetch_array($result);
$value = mysqli_fetch_row($result);
if ($value[0] == 0)
{
// the character have not is own invitation !
@ -91,4 +94,4 @@
// Join the session
joinSessionFromId($userId, $domainId, $sessionId);
?>

View file

@ -42,24 +42,25 @@
if (isset($_POST["execute"]))
{
// lookup in the database to convert character name into
global $DBHost, $DBUserName, $DBPassword, $RingDBName;
global $DBHost, $RingDBUserName, $RingDBPassword, $RingDBName;
$link = mysql_connect($DBHost, $DBUserName, $DBPassword) or die ("Can't connect to database host:$DBHost user:$DBUserName");
mysql_select_db ($RingDBName) or die ("Can't access to the table dbname:$RingDBName");
$link = mysqli_connect($DBHost, $RingDBUserName, $RingDBPassword) or die ("Can't connect to database host:$DBHost user:$RingDBUserName");
mysqli_select_db($link, $RingDBName) or die ("Can't access to the table dbname:$RingDBName");
// extract the character that have the specified name
$query = "select * from characters where char_name = '".$_POST["charName"]."'";
$result = mysql_query ($query) or die ("Can't execute the query: ".$query);
$charName = mysqli_real_escape_string($link, $_POST['charName']);
$query = "select char_id, char_name from characters where char_name = '$charName'";
$result = mysqli_query($link, $query) or die ("Can't execute the query: ".$query);
if (mysql_num_rows ($result) == 0)
if (mysqli_num_rows($result) == 0)
{
echo "<h1>Can't find the character ".$_POST["charName"]."<h1>";
}
else
{
$row = mysql_fetch_row($result);
$currentSession = $row[0];
$currentchar = $row[1];
$row = mysqli_fetch_assoc($result);
$currentSession = $row['char_id'];
$currentchar = $row['char_name'];
// send the invitation info to the session manager
$invitePioneer = new InvitePioneerCb;

View file

@ -184,13 +184,17 @@ function displayAllShards(&$onlineShardsBySessionId)
}
// List all shards of the domain, including offline ones
global $DBName;
mysql_select_db ($DBName) or die ("Can't access to the db dbname:$DBName");
global $DBName, $DBHost, $DBUserName, $DBPassword;
$link = mysqli_connect($DBHost, $DBUserName, $DBPassword) or die("Can't connect to nel database");
mysqli_select_db($link, $DBName) or die ("Can't access to the db dbname:$DBName");
$domainId = (int) $domainId;
$query = "select * from shard where domain_id = $domainId";
$resShards = mysql_query ($query) or die ("Can't execute the query: ".$query." ".mysql_error());
$resShards = mysqli_query($link, $query) or die ("Can't execute the query: ".$query." ".mysqli_error($link));
echo "Select a shard to join:<br>";
//echo "<form name='far_tp' action='join_shard.php' method='post'>";
while ($rowShard = mysql_fetch_array($resShards))
while ($rowShard = mysqli_fetch_assoc($resShards))
{
$mainlandSessionId = $rowShard['FixedSessionId'];
$isOnline = isset($onlineShardsBySessionId[$mainlandSessionId]);
@ -245,4 +249,4 @@ function joinMainland($userId, $domainId)
global $FSHostResult;
return $FSHostResult;
}
?>

View file

@ -108,19 +108,23 @@ function inviteOwnerInSession($charId, $domainId, $sessionId)
$RSMPort = $addr[1];
global $rsmProxy, $rsmSkel, $userId, $charId, $callbackClient, $RingDBName, /*$SessionId,*/ $SessionToolsResult;
global $DBHost, $RingDBUserName, $RingDBPassword;
$SessionId = $sessionId;
$DomainId = $domainId;
mysql_select_db ($RingDBName) or die ("Can't access to the db dbname:$RingDBName");
$link = mysqli_connect($DBHost, $RingDBUserName, $RingDBPassword) or die("Can't connect to ring database");
mysqli_select_db($link, $RingDBName) or die ("Can't access to the db dbname:$RingDBName");
$sessionId = (int) $sessionId;
$query = "select session_type from sessions where session_id=".$sessionId;
$result = mysql_query ($query) or die ("Can't execute the query: ".$query);
if (mysql_num_rows ($result) != 1)
$result = mysqli_query($link, $query) or die ("Can't execute the query: ".$query);
if (mysqli_num_rows($result) != 1)
{
echo "Can't find 1 row for ring session ".$sessionId."<br>";
die();
}
$row = mysql_fetch_row($result);
$row = mysqli_fetch_row($result);
$session_type = $row[0];
$mode = ($session_type == "st_edit") ? "sps_edit_invited" : "sps_anim_invited";
echo "Inviting character ".$charId." of user ".$userId." in session ".$sessionId."<br>";
@ -184,4 +188,4 @@ class InviteOwnerCb extends CRingSessionManagerWeb
echo '<p><p><a href="web_start.php">Back to menu</a>';
}
}
?>

View file

@ -6,19 +6,20 @@
{
global $DBHost, $DBUserName, $DBPassword, $DBName;
$nelDb = mysql_connect($DBHost, $DBUserName, $DBPassword) or die("can't connect to nel db");
mysql_select_db ($DBName, $nelDb) or die("can't select nel db");
$query = "SELECT * FROM domain WHERE domain_id = '".$domainId."'";
$result = mysql_query ($query) or die("query ".$query." failed");
$link = mysqli_connect($DBHost, $DBUserName, $DBPassword) or die("can't connect to nel db");
mysqli_select_db ($link, $DBName) or die("can't select nel db");
if (mysql_num_rows($result) == 0)
$domainId = (int)$domainId;
$query = "SELECT * FROM domain WHERE domain_id = $domainId";
$result = mysqli_query($link, $query) or die("query ($query) failed");
if (mysqli_num_rows($result) == 0)
{
die("Can't find row for domain ".$domainId);
}
$domainInfo = mysql_fetch_array($result);
$domainInfo = mysqli_fetch_array($result);
return $domainInfo;
}
?>

View file

@ -16,7 +16,7 @@
function validateCookie(&$userId, &$domainId, &$charId)
{
global $DBHost, $DBUserName, $DBPassword, $DBName, $RingDBName, $AcceptUnknownUser;
global $DBHost, $RingDBUserName, $RingDBPassword, $RingDBName, $AcceptUnknownUser;
if (!isset($_COOKIE["ryzomId"]))
{
@ -40,18 +40,20 @@
}
// check the cookie in the database
$link = mysql_connect($DBHost, $DBUserName, $DBPassword) or die ("Can't connect to database host:$DBHost user:$DBUserName");
mysql_select_db ($RingDBName) or die ("Can't access to the table dbname:$RingDBName");
$query = "SELECT user_id, current_status, current_domain_id FROM ring_users where cookie='$cookie'";
$result = mysql_query ($query) or die ("Can't execute the query: ".$query);
$link = mysqli_connect($DBHost, $RingDBUserName, $RingDBPassword) or die ("Can't connect to database host:$DBHost user:$RingDBUserName");
mysqli_select_db($link, $RingDBName) or die ("Can't access to the table dbname:$RingDBName");
if (mysql_num_rows ($result) == 0)
$cookie = mysqli_real_escape_string($link, $cookie);
$query = "SELECT user_id, current_status, current_domain_id FROM ring_users where cookie='$cookie'";
$result = mysqli_query($link, $query) or die ("Can't execute the query: ".$query);
if (mysqli_num_rows($result) == 0)
{
echo "Can't find cookie $cookie in database<BR>";
return false;
}
$row = mysql_fetch_array($result);
$row = mysqli_fetch_assoc($result);
if ($row["current_status"] != "cs_logged" && $row["current_status"] != "cs_online" )
{
@ -77,4 +79,4 @@
else
return 0; // temp dev: use 0 as the "ring character"
}
?>