From ac039188e2e7cfe7b4e7b372baeff0f3b4cd9677 Mon Sep 17 00:00:00 2001 From: Dan Hemberger Date: Mon, 25 May 2020 17:55:18 -0700 Subject: [PATCH 1/7] changelog_set_live_processing.php: clarify insert Make the code a little clearer and explain a bit what is going on, since it is not obvious. --- admin/Default/changelog_set_live_processing.php | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/admin/Default/changelog_set_live_processing.php b/admin/Default/changelog_set_live_processing.php index 9a20c465d..0a0a5949e 100644 --- a/admin/Default/changelog_set_live_processing.php +++ b/admin/Default/changelog_set_live_processing.php @@ -5,9 +5,15 @@ WHERE version_id = ' . $db->escapeNumber($var['version_id']) ); +// Initialize the next version (since the version set live is not always the +// last one, we INSERT IGNORE to skip this step in this case). $db->query('SELECT * FROM version WHERE version_id = ' . $db->escapeNumber($var['version_id'])); $db->nextRecord(); +$versionID = $db->getInt('version_id') + 1; +$major = $db->getInt('major_version'); +$minor = $db->getInt('minor_version'); +$patch = $db->getInt('patch_level') + 1; $db->query('INSERT IGNORE INTO version (version_id, major_version, minor_version, patch_level, went_live) VALUES - ('.$db->escapeNumber($db->getInt('version_id') + 1) . ',' . $db->escapeNumber($db->getInt('major_version')) . ',' . $db->escapeNumber($db->getInt('minor_version')) . ',' . $db->escapeNumber($db->getInt('patch_level') + 1) . ',0);'); + ('.$db->escapeNumber($versionID) . ',' . $db->escapeNumber($major) . ',' . $db->escapeNumber($minor) . ',' . $db->escapeNumber($patch) . ',0);'); forward(create_container('skeleton.php', 'changelog.php')); From e093eec6f904710388e423df0d4dc22337f9a87d Mon Sep 17 00:00:00 2001 From: Dan Hemberger Date: Mon, 25 May 2020 19:29:17 -0700 Subject: [PATCH 2/7] MySqlDatabase: add requireRecord This new method should be used in place of `nextRecord` when we demand that there is one (and only one) result from the active query. In most cases, a missing record would result in some error (though this will provide a clearer error message). However, since indexing `null` is only a warning, sometimes this could lead to silently wrong behavior. --- admin/Default/changelog_set_live_processing.php | 2 +- admin/Default/ip_view.php | 2 +- engine/Default/alliance_message_view.php | 2 +- engine/Default/alliance_mod.php | 2 +- engine/Default/alliance_option.php | 2 +- engine/Default/alliance_roster.php | 2 +- engine/Default/bank_alliance.php | 2 +- engine/Default/bank_alliance_processing.php | 2 +- engine/Default/bank_anon_detail_processing.php | 2 +- engine/Default/bar_buy_drink_processing.php | 2 +- engine/Default/bar_lotto_buy_processing.php | 2 +- engine/Default/feature_request.php | 2 +- engine/Default/galactic_post_delete_confirm.php | 4 ++-- engine/Default/galactic_post_paper_edit.php | 2 +- engine/Default/galactic_post_read.php | 2 +- engine/Default/galactic_post_view_article.php | 2 +- .../galactic_post_write_article_processing.php | 2 +- engine/Default/history_alliance_detail.php | 2 +- engine/Default/history_games.php | 4 ++-- engine/Default/message_view.php | 4 ++-- engine/Default/planet_land_processing.php | 2 +- engine/Default/planet_list_financial.php | 2 +- engine/Default/rankings_alliance_death.php | 4 ++-- engine/Default/rankings_alliance_experience.php | 4 ++-- engine/Default/rankings_alliance_kills.php | 4 ++-- engine/Default/rankings_alliance_profit.php | 4 ++-- engine/Default/rankings_player_profit.php | 2 +- engine/Default/trader_savings.php | 6 +++--- engine/Default/trader_status.php | 4 ++-- lib/Default/MySqlDatabase.class.php | 17 +++++++++++++++-- lib/Default/SmrAlliance.class.php | 2 +- lib/Default/bar.functions.inc | 2 +- lib/Default/smr.inc | 2 +- tools/chat_helpers/channel_msg_seed.php | 2 +- 34 files changed, 58 insertions(+), 45 deletions(-) diff --git a/admin/Default/changelog_set_live_processing.php b/admin/Default/changelog_set_live_processing.php index 0a0a5949e..e219ea218 100644 --- a/admin/Default/changelog_set_live_processing.php +++ b/admin/Default/changelog_set_live_processing.php @@ -8,7 +8,7 @@ // Initialize the next version (since the version set live is not always the // last one, we INSERT IGNORE to skip this step in this case). $db->query('SELECT * FROM version WHERE version_id = ' . $db->escapeNumber($var['version_id'])); -$db->nextRecord(); +$db->requireRecord(); $versionID = $db->getInt('version_id') + 1; $major = $db->getInt('major_version'); $minor = $db->getInt('minor_version'); diff --git a/admin/Default/ip_view.php b/admin/Default/ip_view.php index 94dae1797..8554b4542 100644 --- a/admin/Default/ip_view.php +++ b/admin/Default/ip_view.php @@ -2,7 +2,7 @@ $template->assign('PageTopic', 'IP Search'); $db->query('SELECT max(account_id) max_account_id FROM account'); -$db->nextRecord(); +$db->requireRecord(); $template->assign('MaxAccountID', $db->getInt('max_account_id')); $template->assign('IpFormHref', SmrSession::getNewHREF(create_container('skeleton.php', 'ip_view_results.php'))); diff --git a/engine/Default/alliance_message_view.php b/engine/Default/alliance_message_view.php index 598b5cfba..d6eb7ed11 100644 --- a/engine/Default/alliance_message_view.php +++ b/engine/Default/alliance_message_view.php @@ -54,7 +54,7 @@ } $db->query('SELECT mb_messages FROM player_has_alliance_role JOIN alliance_has_roles USING(game_id,alliance_id,role_id) WHERE account_id = ' . $db->escapeNumber($player->getAccountID()) . ' AND game_id = ' . $db->escapeNumber($player->getGameID()) . ' AND alliance_id=' . $db->escapeNumber($alliance->getAllianceID()) . ' LIMIT 1'); -$db->nextRecord(); +$db->requireRecord(); $thread['CanDelete'] = $db->getBoolean('mb_messages'); $db->query('SELECT text, sender_id, time, reply_id diff --git a/engine/Default/alliance_mod.php b/engine/Default/alliance_mod.php index b5b2d4647..956574f0f 100644 --- a/engine/Default/alliance_mod.php +++ b/engine/Default/alliance_mod.php @@ -36,7 +36,7 @@ // Does the player have edit permission? $role_id = $player->getAllianceRole($alliance->getAllianceID()); $db->query('SELECT * FROM alliance_has_roles WHERE alliance_id = ' . $db->escapeNumber($player->getAllianceID()) . ' AND game_id = ' . $db->escapeNumber($player->getGameID()) . ' AND role_id = ' . $db->escapeNumber($role_id)); -$db->nextRecord(); +$db->requireRecord(); if ($db->getBoolean('change_mod') || $db->getBoolean('change_pass')) { $container = create_container('skeleton.php', 'alliance_stat.php'); $container['alliance_id'] = $alliance->getAllianceID(); diff --git a/engine/Default/alliance_option.php b/engine/Default/alliance_option.php index 000d05083..1615e707b 100644 --- a/engine/Default/alliance_option.php +++ b/engine/Default/alliance_option.php @@ -25,7 +25,7 @@ $role_id = $player->getAllianceRole($alliance->getAllianceID()); $db->query('SELECT * FROM alliance_has_roles WHERE alliance_id = ' . $db->escapeNumber($player->getAllianceID()) . ' AND game_id = ' . $db->escapeNumber($player->getGameID()) . ' AND role_id = ' . $db->escapeNumber($role_id)); -$db->nextRecord(); +$db->requireRecord(); $container['url'] = 'skeleton.php'; $container['alliance_id'] = $alliance->getAllianceID(); diff --git a/engine/Default/alliance_roster.php b/engine/Default/alliance_roster.php index b04ffe727..74436dbe1 100644 --- a/engine/Default/alliance_roster.php +++ b/engine/Default/alliance_roster.php @@ -46,7 +46,7 @@ GROUP BY alliance_id' ); -$db->nextRecord(); +$db->requireRecord(); $template->assign('AllianceExp', $db->getInt('alliance_xp')); $template->assign('AllianceAverageExp', $db->getInt('alliance_avg')); diff --git a/engine/Default/bank_alliance.php b/engine/Default/bank_alliance.php index 818d7b9ad..cd08f766d 100644 --- a/engine/Default/bank_alliance.php +++ b/engine/Default/bank_alliance.php @@ -52,7 +52,7 @@ } $db->query('SELECT * FROM alliance_has_roles WHERE alliance_id = ' . $db->escapeNumber($alliance->getAllianceID()) . ' AND game_id = ' . $db->escapeNumber($alliance->getGameID()) . ' AND ' . $query); -$db->nextRecord(); +$db->requireRecord(); $template->assign('CanExempt', $db->getBoolean('exempt_with')); $withdrawalPerDay = $db->getInt('with_per_day'); diff --git a/engine/Default/bank_alliance_processing.php b/engine/Default/bank_alliance_processing.php index 450bcb06c..630fe364f 100644 --- a/engine/Default/bank_alliance_processing.php +++ b/engine/Default/bank_alliance_processing.php @@ -49,7 +49,7 @@ $query = 'role = ' . $db->escapeString($player->getAlliance()->getAllianceName()); } $db->query('SELECT * FROM alliance_has_roles WHERE alliance_id = ' . $db->escapeNumber($alliance_id) . ' AND game_id = ' . $db->escapeNumber($player->getGameID()) . ' AND ' . $query); - $db->nextRecord(); + $db->requireRecord(); $withdrawalPerDay = $db->getInt('with_per_day'); if ($db->getBoolean('positive_balance')) { $db->query('SELECT transaction, sum(amount) as total FROM alliance_bank_transactions diff --git a/engine/Default/bank_anon_detail_processing.php b/engine/Default/bank_anon_detail_processing.php index 9dd4a8738..e714154df 100644 --- a/engine/Default/bank_anon_detail_processing.php +++ b/engine/Default/bank_anon_detail_processing.php @@ -28,7 +28,7 @@ $account->log(LOG_TYPE_BANK, 'Deposits ' . $amount . ' credits in anonymous account #' . $account_num, $player->getSectorID()); } else { $db->query('SELECT * FROM anon_bank WHERE anon_id = ' . $db->escapeNumber($account_num) . ' AND game_id = ' . $db->escapeNumber($player->getGameID())); - $db->nextRecord(); + $db->requireRecord(); if ($db->getInt('amount') < $amount) { create_error('You don\'t have that much money on your account!'); } diff --git a/engine/Default/bar_buy_drink_processing.php b/engine/Default/bar_buy_drink_processing.php index fae1951cb..152cf3883 100644 --- a/engine/Default/bar_buy_drink_processing.php +++ b/engine/Default/bar_buy_drink_processing.php @@ -59,7 +59,7 @@ } $db->query('SELECT count(*) FROM player_has_drinks WHERE game_id=' . $db->escapeNumber($player->getGameID()) . ' AND account_id=' . $db->escapeNumber($player->getAccountID())); - $db->nextRecord(); + $db->requireRecord(); $num_drinks = $db->getInt('count(*)'); //display woozy message $message .= '
You feel a little W' . str_repeat('oO', $num_drinks) . 'zy
'; diff --git a/engine/Default/bar_lotto_buy_processing.php b/engine/Default/bar_lotto_buy_processing.php index 41adaf6e7..97af79359 100644 --- a/engine/Default/bar_lotto_buy_processing.php +++ b/engine/Default/bar_lotto_buy_processing.php @@ -21,7 +21,7 @@ $player->increaseHOF(1, array('Bar', 'Lotto', 'Tickets Bought'), HOF_PUBLIC); $db->query('SELECT count(*) as num FROM player_has_ticket WHERE game_id = ' . $db->escapeNumber($player->getGameID()) . ' AND account_id = ' . $db->escapeNumber($player->getAccountID()) . ' AND time > 0 GROUP BY account_id'); -$db->nextRecord(); +$db->requireRecord(); $num = $db->getInt('num'); $message = ('
Thanks for your purchase and good luck! You currently'); $message .= (' own ' . $num . ' ' . pluralise('ticket', $num) . '!

'); diff --git a/engine/Default/feature_request.php b/engine/Default/feature_request.php index fe97e96ac..d8c94ac07 100644 --- a/engine/Default/feature_request.php +++ b/engine/Default/feature_request.php @@ -112,6 +112,6 @@ function getFeaturesCount($status, $daysNew = false) { AND status = ' . $db->escapeString($status) . ($daysNew ? ' AND EXISTS(SELECT posting_time FROM feature_request_comments WHERE feature_request_id = super.feature_request_id AND posting_time > ' . (TIME - $daysNew * 86400) . ')' : '') ); - $db->nextRecord(); + $db->requireRecord(); return $db->getInt('count'); } diff --git a/engine/Default/galactic_post_delete_confirm.php b/engine/Default/galactic_post_delete_confirm.php index 1ebe09d90..209d62d6a 100644 --- a/engine/Default/galactic_post_delete_confirm.php +++ b/engine/Default/galactic_post_delete_confirm.php @@ -3,7 +3,7 @@ if (isset($var['article'])) { $template->assign('PageTopic', 'Delete Article - Confirm'); $db->query('SELECT * FROM galactic_post_article WHERE article_id = ' . $db->escapeNumber($var['id']) . ' AND game_id = ' . $db->escapeNumber($player->getGameID())); - $db->nextRecord(); + $db->requireRecord(); $template->assign('ArticleTitle', $db->getField('title')); $container = create_container('galactic_post_delete_processing.php'); transfer('article'); @@ -13,7 +13,7 @@ // Delete paper $template->assign('PageTopic', 'Delete Paper - Confirm'); $db->query('SELECT * FROM galactic_post_paper WHERE game_id = ' . $db->escapeNumber($player->getGameID()) . ' AND paper_id = ' . $db->escapeNumber($var['id'])); - $db->nextRecord(); + $db->requireRecord(); $template->assign('PaperTitle', $db->getField('title')); $articles = []; diff --git a/engine/Default/galactic_post_paper_edit.php b/engine/Default/galactic_post_paper_edit.php index dc3da6e54..cb2292583 100644 --- a/engine/Default/galactic_post_paper_edit.php +++ b/engine/Default/galactic_post_paper_edit.php @@ -4,7 +4,7 @@ Menu::galactic_post(); $db->query('SELECT * FROM galactic_post_paper WHERE paper_id = ' . $db->escapeNumber($var['id']) . ' AND game_id = ' . $db->escapeNumber($player->getGameID())); -$db->nextRecord(); +$db->requireRecord(); $template->assign('PaperTitle', bbifyMessage($db->getField('title'))); $db->query('SELECT * FROM galactic_post_paper_content JOIN galactic_post_article USING (game_id, article_id) WHERE paper_id = ' . $db->escapeNumber($var['id']) . ' AND game_id = ' . $db->escapeNumber($player->getGameID())); diff --git a/engine/Default/galactic_post_read.php b/engine/Default/galactic_post_read.php index 7f453a903..79f92cb47 100644 --- a/engine/Default/galactic_post_read.php +++ b/engine/Default/galactic_post_read.php @@ -15,7 +15,7 @@ } $db->query('SELECT * FROM galactic_post_paper WHERE game_id = ' . $db->escapeNumber($var['game_id']) . ' AND paper_id = ' . $var['paper_id']); - $db->nextRecord(); + $db->requireRecord(); $paper_name = bbifyMessage($db->getField('title')); $template->assign('PageTopic', 'Reading Galactic Post Edition : ' . $paper_name); diff --git a/engine/Default/galactic_post_view_article.php b/engine/Default/galactic_post_view_article.php index b53c52d51..7fc45303d 100644 --- a/engine/Default/galactic_post_view_article.php +++ b/engine/Default/galactic_post_view_article.php @@ -29,7 +29,7 @@ // Details about a selected article if (isset($var['id'])) { $db->query('SELECT * FROM galactic_post_article WHERE game_id = ' . $db->escapeNumber($player->getGameID()) . ' AND article_id = ' . $db->escapeNumber($var['id'])); - $db->nextRecord(); + $db->requireRecord(); $container = create_container('skeleton.php', 'galactic_post_write_article.php'); transfer('id'); diff --git a/engine/Default/galactic_post_write_article_processing.php b/engine/Default/galactic_post_write_article_processing.php index c26df03a7..dc6f413d5 100644 --- a/engine/Default/galactic_post_write_article_processing.php +++ b/engine/Default/galactic_post_write_article_processing.php @@ -31,7 +31,7 @@ } $db->query('SELECT MAX(article_id) article_id FROM galactic_post_article WHERE game_id = ' . $db->escapeNumber($player->getGameID()) . ' LIMIT 1'); - $db->nextRecord(); + $db->requireRecord(); $num = $db->getInt('article_id') + 1; $db->query('INSERT INTO galactic_post_article (game_id, article_id, writer_id, title, text, last_modified) VALUES (' . $db->escapeNumber($player->getGameID()) . ', ' . $db->escapeNumber($num) . ', ' . $db->escapeNumber($player->getAccountID()) . ', ' . $db->escapeString($title) . ' , ' . $db->escapeString($message) . ' , ' . $db->escapeNumber(TIME) . ')'); $db->query('UPDATE galactic_post_writer SET last_wrote = ' . $db->escapeNumber(TIME) . ' WHERE account_id = ' . $db->escapeNumber($account->getAccountID())); diff --git a/engine/Default/history_alliance_detail.php b/engine/Default/history_alliance_detail.php index a8b8e6faa..b8467cba6 100644 --- a/engine/Default/history_alliance_detail.php +++ b/engine/Default/history_alliance_detail.php @@ -11,7 +11,7 @@ $id = $var['alliance_id']; $db = new $var['HistoryDatabase'](); $db->query('SELECT * FROM alliance WHERE alliance_id = ' . $db->escapeNumber($id) . ' AND game_id = ' . $db->escapeNumber($game_id)); -$db->nextRecord(); +$db->requireRecord(); $template->assign('PageTopic', 'Alliance Roster - ' . htmlentities($db->getField('alliance_name'))); //get alliance members diff --git a/engine/Default/history_games.php b/engine/Default/history_games.php index 56f3d5cd5..c603b85b4 100644 --- a/engine/Default/history_games.php +++ b/engine/Default/history_games.php @@ -12,7 +12,7 @@ $db = new $var['HistoryDatabase'](); $db->query('SELECT start_date, type, end_date, game_name, speed, game_id ' . 'FROM game WHERE game_id = ' . $db->escapeNumber($game_id)); -$db->nextRecord(); +$db->requireRecord(); $template->assign('GameName', $game_name); $template->assign('Start', date(DATE_DATE_SHORT, $db->getInt('start_date'))); $template->assign('End', date(DATE_DATE_SHORT, $db->getInt('end_date'))); @@ -28,7 +28,7 @@ $template->assign('MaxKills', $db->getInt('max(kills)')); } $db->query('SELECT count(*) FROM alliance WHERE game_id = ' . $db->escapeNumber($game_id)); -$db->nextRecord(); +$db->requireRecord(); $template->assign('NumAlliances', $db->getInt('count(*)')); $playerExp = []; diff --git a/engine/Default/message_view.php b/engine/Default/message_view.php index c38a9e094..ca829d096 100644 --- a/engine/Default/message_view.php +++ b/engine/Default/message_view.php @@ -95,11 +95,11 @@ $db->query('SELECT count(*) as count FROM message ' . $whereClause . ' AND msg_read = ' . $db->escapeBoolean(false)); - $db->nextRecord(); + $db->requireRecord(); $messageBox['UnreadMessages'] = $db->getInt('count'); } $db->query('SELECT count(*) as count FROM message ' . $whereClause); - $db->nextRecord(); + $db->requireRecord(); $messageBox['TotalMessages'] = $db->getInt('count'); $messageBox['Type'] = $var['folder_id']; diff --git a/engine/Default/planet_land_processing.php b/engine/Default/planet_land_processing.php index a477d507c..ba916076b 100644 --- a/engine/Default/planet_land_processing.php +++ b/engine/Default/planet_land_processing.php @@ -23,7 +23,7 @@ if ($player->hasAlliance()) { $role_id = $player->getAllianceRole(); $db->query('SELECT * FROM alliance_has_roles WHERE alliance_id = ' . $db->escapeNumber($player->getAllianceID()) . ' AND game_id = ' . $db->escapeNumber($player->getGameID()) . ' AND role_id = ' . $db->escapeNumber($role_id)); - $db->nextRecord(); + $db->requireRecord(); if (!$db->getBoolean('planet_access')) { if ($planet->hasOwner() && $planet->getOwnerID() != $player->getAccountID()) { create_error('Your alliance doesn\'t allow you to dock at their planet.'); diff --git a/engine/Default/planet_list_financial.php b/engine/Default/planet_list_financial.php index 75373fc2a..8a4a087d6 100644 --- a/engine/Default/planet_list_financial.php +++ b/engine/Default/planet_list_financial.php @@ -14,7 +14,7 @@ AND game_id = ' . $db->escapeNumber($player->getGameID()) . ' AND role_id = ' . $db->escapeNumber($role_id) ); - $db->nextRecord(); + $db->requireRecord(); $viewBonds = $db->getBoolean('view_bonds'); } $template->assign('CanViewBonds', $viewBonds); diff --git a/engine/Default/rankings_alliance_death.php b/engine/Default/rankings_alliance_death.php index cebd68121..9e7664996 100644 --- a/engine/Default/rankings_alliance_death.php +++ b/engine/Default/rankings_alliance_death.php @@ -4,7 +4,7 @@ $db->query('SELECT count(*) FROM alliance WHERE game_id = ' . $db->escapeNumber($player->getGameID())); -$db->nextRecord(); +$db->requireRecord(); $numAlliances = $db->getInt('count(*)'); $ourRank = 0; @@ -19,7 +19,7 @@ AND alliance_name <= ' . $db->escapeString($player->getAlliance()->getAllianceName()) . ' ) )'); - $db->nextRecord(); + $db->requireRecord(); $ourRank = $db->getInt('count(*)'); $template->assign('OurRank', $ourRank); } diff --git a/engine/Default/rankings_alliance_experience.php b/engine/Default/rankings_alliance_experience.php index 956746cd4..cb4c3c2e6 100644 --- a/engine/Default/rankings_alliance_experience.php +++ b/engine/Default/rankings_alliance_experience.php @@ -4,7 +4,7 @@ $db->query('SELECT count(*) FROM alliance WHERE game_id = ' . $db->escapeNumber($player->getGameID())); -$db->nextRecord(); +$db->requireRecord(); $numAlliances = $db->getInt('count(*)'); $ourRank = 0; @@ -30,7 +30,7 @@ AND alliance_name <= ' . $db->escapeString($player->getAlliance()->getAllianceName()) . ' ) )'); - $db->nextRecord(); + $db->requireRecord(); $ourRank = $db->getInt('count(*)'); $template->assign('OurRank', $ourRank); } diff --git a/engine/Default/rankings_alliance_kills.php b/engine/Default/rankings_alliance_kills.php index 41b154a35..c015b3cf5 100644 --- a/engine/Default/rankings_alliance_kills.php +++ b/engine/Default/rankings_alliance_kills.php @@ -4,7 +4,7 @@ $db->query('SELECT count(*) FROM alliance WHERE game_id = ' . $db->escapeNumber($player->getGameID())); -$db->nextRecord(); +$db->requireRecord(); $numAlliances = $db->getInt('count(*)'); $ourRank = 0; @@ -19,7 +19,7 @@ AND alliance_name <= ' . $db->escapeString($player->getAlliance()->getAllianceName()) . ' ) )'); - $db->nextRecord(); + $db->requireRecord(); $ourRank = $db->getInt('count(*)'); $template->assign('OurRank', $ourRank); } diff --git a/engine/Default/rankings_alliance_profit.php b/engine/Default/rankings_alliance_profit.php index a8dec2f5d..4320ce66e 100644 --- a/engine/Default/rankings_alliance_profit.php +++ b/engine/Default/rankings_alliance_profit.php @@ -4,7 +4,7 @@ $db->query('SELECT count(*) FROM alliance WHERE game_id = ' . $db->escapeNumber($player->getGameID())); -$db->nextRecord(); +$db->requireRecord(); $numAlliances = $db->getInt('count(*)'); $profitType = array('Trade', 'Money', 'Profit'); $profitTypeEscaped = $db->escapeArray($profitType, false, true, ':', false); @@ -34,7 +34,7 @@ AND alliance_name <= ' . $db->escapeString($player->getAlliance()->getAllianceName()) . ' ) )'); - $db->nextRecord(); + $db->requireRecord(); $ourRank = $db->getInt('count(*)'); $template->assign('OurRank', $ourRank); } diff --git a/engine/Default/rankings_player_profit.php b/engine/Default/rankings_player_profit.php index 90934249c..23f45563b 100644 --- a/engine/Default/rankings_player_profit.php +++ b/engine/Default/rankings_player_profit.php @@ -19,7 +19,7 @@ AND player_name <= ' . $db->escapeString($player->getPlayerName()) . ' ) )'); -$db->nextRecord(); +$db->requireRecord(); $ourRank = $db->getInt('count(*)'); $template->assign('OurRank', $ourRank); diff --git a/engine/Default/trader_savings.php b/engine/Default/trader_savings.php index 057bf6813..235ba6351 100644 --- a/engine/Default/trader_savings.php +++ b/engine/Default/trader_savings.php @@ -20,13 +20,13 @@ // Number of active lotto tickets this player has $db->query('SELECT count(*) FROM player_has_ticket WHERE game_id = ' . $db->escapeNumber($player->getGameID()) . ' AND account_id = ' . $db->escapeNumber($player->getAccountID()) . ' AND time > 0'); -$db->nextRecord(); +$db->requireRecord(); $tickets = $db->getInt('count(*)'); $template->assign('LottoTickets', $tickets); // Number of active lotto tickets all players have $db->query('SELECT count(*) FROM player_has_ticket WHERE game_id = ' . $db->escapeNumber($player->getGameID()) . ' AND time > 0'); -$db->nextRecord(); +$db->requireRecord(); $tickets_tot = $db->getInt('count(*)'); if ($tickets == 0) { $win_chance = 0; @@ -37,5 +37,5 @@ // Number of winning lotto tickets this player has to claim $db->query('SELECT count(*) FROM player_has_ticket WHERE game_id = ' . $db->escapeNumber($player->getGameID()) . ' AND account_id = ' . $db->escapeNumber($player->getAccountID()) . ' AND time = 0'); -$db->nextRecord(); +$db->requireRecord(); $template->assign('WinningTickets', $db->getInt('count(*)')); diff --git a/engine/Default/trader_status.php b/engine/Default/trader_status.php index b77078ce3..2ac728aa8 100644 --- a/engine/Default/trader_status.php +++ b/engine/Default/trader_status.php @@ -20,7 +20,7 @@ $template->assign('BountiesHREF', SmrSession::getNewHREF($container)); $db->query('SELECT count(*) FROM bounty WHERE claimer_id=' . $db->escapeNumber($player->getAccountID()) . ' AND game_id=' . $db->escapeNumber($player->getGameID())); -$db->nextRecord(); +$db->requireRecord(); $template->assign('BountiesClaimable', $db->getInt('count(*)')); // Ship @@ -51,7 +51,7 @@ $db->query('SELECT level_name,requirement FROM level WHERE requirement>' . $db->escapeNumber($player->getExperience()) . ' ORDER BY requirement ASC LIMIT 1'); if (!$db->nextRecord()) { $db->query('SELECT level_name,requirement FROM level ORDER BY requirement DESC LIMIT 1'); - $db->nextRecord(); + $db->requireRecord(); } $template->assign('NextLevelName', $db->getField('level_name')); diff --git a/lib/Default/MySqlDatabase.class.php b/lib/Default/MySqlDatabase.class.php index 307cf0e2d..542ca53fb 100644 --- a/lib/Default/MySqlDatabase.class.php +++ b/lib/Default/MySqlDatabase.class.php @@ -56,8 +56,11 @@ public function close() { public function query($query) { $this->dbResult = self::$dbConn->query($query); } - - public function nextRecord() { + + /** + * Use to populate this instance with the next record of the active query. + */ + public function nextRecord() : bool { if (!$this->dbResult) { $this->error('No resource to get record from.'); } @@ -68,6 +71,16 @@ public function nextRecord() { return false; } + /** + * Use instead of nextRecord when exactly one record is expected from the + * active query. + */ + public function requireRecord() : void { + if (!$this->nextRecord() || $this->getNumRows() != 1) { + $this->error('One record required, but found ' . $this->getNumRows()); + } + } + public function hasField($name) { return isset($this->dbRecord[$name]); } diff --git a/lib/Default/SmrAlliance.class.php b/lib/Default/SmrAlliance.class.php index 29a084852..dd6e687f7 100644 --- a/lib/Default/SmrAlliance.class.php +++ b/lib/Default/SmrAlliance.class.php @@ -116,7 +116,7 @@ public static function createAlliance($gameID, $name) { // get the next alliance id (ignoring reserved ID's) $db->query('SELECT max(alliance_id) FROM alliance WHERE game_id = ' . $db->escapeNumber($gameID) . ' AND (alliance_id < ' . $db->escapeNumber(NHA_ID) . ' OR alliance_id > ' . $db->escapeNumber(NHA_ID + 7) . ') LIMIT 1'); - $db->nextRecord(); + $db->requireRecord(); $allianceID = $db->getInt('max(alliance_id)') + 1; if ($allianceID >= NHA_ID && $allianceID <= NHA_ID + 7) { $allianceID = NHA_ID + 8; diff --git a/lib/Default/bar.functions.inc b/lib/Default/bar.functions.inc index 63e21fd43..98a3fbe2b 100644 --- a/lib/Default/bar.functions.inc +++ b/lib/Default/bar.functions.inc @@ -50,7 +50,7 @@ function getLottoInfo($gameID) { $firstBuy = TIME; $db->query('SELECT count(*) as num, min(time) as time FROM player_has_ticket WHERE game_id = '.$db->escapeNumber($gameID) . ' AND time > 0'); - $db->nextRecord(); + $db->requireRecord(); if ($db->getInt('num') > 0) { $amount += $db->getInt('num') * 1000000 * .9; $firstBuy = $db->getInt('time'); diff --git a/lib/Default/smr.inc b/lib/Default/smr.inc index bb501781c..71b780cc9 100644 --- a/lib/Default/smr.inc +++ b/lib/Default/smr.inc @@ -427,7 +427,7 @@ function do_voodoo() { // We need to acquire locks BEFORE getting the player information // Otherwise we could be working on stale information $db->query('SELECT sector_id FROM player WHERE account_id=' . $db->escapeNumber($account->getAccountID()) . ' AND game_id=' . $db->escapeNumber(SmrSession::getGameID()) . ' LIMIT 1'); - $db->nextRecord(); + $db->requireRecord(); $sector_id = $db->getInt('sector_id'); global $locksFailed; diff --git a/tools/chat_helpers/channel_msg_seed.php b/tools/chat_helpers/channel_msg_seed.php index 57b08ab92..b084d36c4 100644 --- a/tools/chat_helpers/channel_msg_seed.php +++ b/tools/chat_helpers/channel_msg_seed.php @@ -33,7 +33,7 @@ function shared_channel_msg_seed($player) { FROM alliance_has_seedlist WHERE alliance_id = ' . $db->escapeNumber($player->getAllianceID()) . ' AND game_id = ' . $db->escapeNumber($player->getGameID())); - $db->nextRecord(); + $db->requireRecord(); $numSectors = $db->getInt('count(*)'); if ($numSectors == 0) { From ceb89c67a2d9153af061495d0bfd4371c2d3810b Mon Sep 17 00:00:00 2001 From: Dan Hemberger Date: Mon, 25 May 2020 19:58:41 -0700 Subject: [PATCH 3/7] trader_savings.php: escape anon password Since anonymous account passwords can contain any character, we need to escape HTML entities when displaying it to avoid rendering issues. See 675daa25a6. --- templates/Default/engine/Default/trader_savings.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/templates/Default/engine/Default/trader_savings.php b/templates/Default/engine/Default/trader_savings.php index ea5ca2039..96a178f87 100644 --- a/templates/Default/engine/Default/trader_savings.php +++ b/templates/Default/engine/Default/trader_savings.php @@ -5,7 +5,7 @@ if ($AnonAccounts) { ?> You own the following accounts:

- Account with password + Account with password
From 2f03179973f2cb46828a6c0807d092c2e4551e7f Mon Sep 17 00:00:00 2001 From: Dan Hemberger Date: Mon, 25 May 2020 21:04:12 -0700 Subject: [PATCH 4/7] ChessGame: fix PHP warning If `$moveInfo['Castling'] === false`, then unconditionally accessing `$moveInfo['Castling']['Type']` resulted in the following warning: PHP Notice: Trying to access array offset on value of type bool We can fix this by only indexing array types. --- lib/Default/ChessGame.class.php | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/lib/Default/ChessGame.class.php b/lib/Default/ChessGame.class.php index 4fcda3356..094b6b3c3 100644 --- a/lib/Default/ChessGame.class.php +++ b/lib/Default/ChessGame.class.php @@ -632,9 +632,11 @@ public function tryMove($x, $y, $toX, $toY, $forAccountID, $pawnPromotionPiece) $pieceID = $p->pieceID; $pieceNo = $p->pieceNo; + $promotionPieceID = null; if($moveInfo['PawnPromotion'] !== false) { $p->pieceID = $moveInfo['PawnPromotion']['PieceID']; $p->pieceNo = $moveInfo['PawnPromotion']['PieceNo']; + $promotionPieceID = $p->pieceID; } $checking = null; @@ -644,8 +646,11 @@ public function tryMove($x, $y, $toX, $toY, $forAccountID, $pawnPromotionPiece) if($this->isCheckmated(self::getOtherColour($p->colour))) { $checking = 'MATE'; } + + $castlingType = $moveInfo['Castling'] === false ? null : $moveInfo['Castling']['Type']; + if($this->moves!=null) { - $this->moves[] = $this->createMove($pieceID, $x, $y, $toX, $toY, $pieceTakenID, $checking, $this->getCurrentTurnColour(), $moveInfo['Castling']['Type'], $moveInfo['EnPassant'], $moveInfo['PawnPromotion'] === false ? null : $moveInfo['PawnPromotion']['PieceID']); + $this->moves[] = $this->createMove($pieceID, $x, $y, $toX, $toY, $pieceTakenID, $checking, $this->getCurrentTurnColour(), $castlingType, $moveInfo['EnPassant'], $promotionPieceID); } if(self::isPlayerChecked($this->board, $this->getHasMoved(), $p->colour)) { return 3; @@ -660,7 +665,6 @@ public function tryMove($x, $y, $toX, $toY, $forAccountID, $pawnPromotionPiece) $otherPlayer->increaseHOF(1, array($chessType,'Moves','Opponent Pawns Promoted',$piecePromotedSymbol), HOF_PUBLIC); } - $castlingType = $moveInfo['Castling'] === false ? null : $moveInfo['Castling']['Type']; $this->db->query('INSERT INTO chess_game_moves (chess_game_id,piece_id,start_x,start_y,end_x,end_y,checked,piece_taken,castling,en_passant,promote_piece_id) VALUES From 22c0420ce10109fcfe3f290efb0635d3b32264e3 Mon Sep 17 00:00:00 2001 From: Dan Hemberger Date: Mon, 25 May 2020 21:18:14 -0700 Subject: [PATCH 5/7] history_alliance_detail.php: bold linked account Display the linked account in bold in the Alliance Roster page for history games (for consistency with the history games Hall of Fame). --- engine/Default/history_alliance_detail.php | 2 ++ templates/Default/engine/Default/history_alliance_detail.php | 2 +- 2 files changed, 3 insertions(+), 1 deletion(-) diff --git a/engine/Default/history_alliance_detail.php b/engine/Default/history_alliance_detail.php index b8467cba6..6f7b5f6f4 100644 --- a/engine/Default/history_alliance_detail.php +++ b/engine/Default/history_alliance_detail.php @@ -15,10 +15,12 @@ $template->assign('PageTopic', 'Alliance Roster - ' . htmlentities($db->getField('alliance_name'))); //get alliance members +$oldAccountID = $account->getOldAccountID($var['HistoryDatabase']); $db->query('SELECT * FROM player WHERE alliance_id = ' . $db->escapeNumber($id) . ' AND game_id = ' . $db->escapeNumber($game_id) . ' ORDER BY experience DESC'); $players = []; while ($db->nextRecord()) { $players[] = [ + 'bold' => $db->getInt('account_id') == $oldAccountID ? 'class="bold"' : '', 'player_name' => $db->getField('player_name'), 'experience' => number_format($db->getInt('experience')), 'alignment' => number_format($db->getInt('alignment')), diff --git a/templates/Default/engine/Default/history_alliance_detail.php b/templates/Default/engine/Default/history_alliance_detail.php index a44a82d60..cea3f7075 100644 --- a/templates/Default/engine/Default/history_alliance_detail.php +++ b/templates/Default/engine/Default/history_alliance_detail.php @@ -12,7 +12,7 @@ Bounty - + > From 0b018fe294250338714377a0d91863f782ee67f6 Mon Sep 17 00:00:00 2001 From: Dan Hemberger Date: Mon, 25 May 2020 22:50:16 -0700 Subject: [PATCH 6/7] history_games.php: bold linked account Display the linked account (and associated alliance) in bold in the Experience/Kill Rankings. --- engine/Default/history_games.php | 9 +++++++++ templates/Default/engine/Default/history_games.php | 8 ++++---- 2 files changed, 13 insertions(+), 4 deletions(-) diff --git a/engine/Default/history_games.php b/engine/Default/history_games.php index c603b85b4..0d454774b 100644 --- a/engine/Default/history_games.php +++ b/engine/Default/history_games.php @@ -31,10 +31,16 @@ $db->requireRecord(); $template->assign('NumAlliances', $db->getInt('count(*)')); +// Get linked player information, if available +$oldAccountID = $account->getOldAccountID($var['HistoryDatabase']); +$db->query('SELECT alliance_id FROM player WHERE game_id = ' . $db->escapeNumber($game_id) . ' AND account_id = ' . $db->escapeNumber($oldAccountID)); +$oldAllianceID = $db->nextRecord() ? $db->getInt('alliance_id') : 0; + $playerExp = []; $db->query('SELECT * FROM player WHERE game_id = ' . $db->escapeNumber($game_id) . ' ORDER BY experience DESC LIMIT 10'); while ($db->nextRecord()) { $playerExp[] = [ + 'bold' => $db->getInt('account_id') == $oldAccountID ? 'class="bold"' : '', 'exp' => $db->getInt('experience'), 'name' => stripslashes($db->getField('player_name')), ]; @@ -45,6 +51,7 @@ $db->query('SELECT * FROM player WHERE game_id = ' . $db->escapeNumber($game_id) . ' ORDER BY kills DESC LIMIT 10'); while ($db->nextRecord()) { $playerKills[] = [ + 'bold' => $db->getInt('account_id') == $oldAccountID ? 'class="bold"' : '', 'kills' => $db->getInt('kills'), 'name' => stripslashes($db->getField('player_name')), ]; @@ -65,6 +72,7 @@ $id = $db->getInt('alliance_id'); $container['alliance_id'] = $id; $allianceExp[] = [ + 'bold' => $db->getInt('alliance_id') == $oldAllianceID ? 'class="bold"' : '', 'exp' => $db->getInt('exp'), 'link' => create_link($container, $alliance), ]; @@ -78,6 +86,7 @@ $id = $db->getInt('alliance_id'); $container['alliance_id'] = $id; $allianceKills[] = [ + 'bold' => $db->getInt('alliance_id') == $oldAllianceID ? 'class="bold"' : '', 'kills' => $db->getInt('kills'), 'link' => create_link($container, $alliance), ]; diff --git a/templates/Default/engine/Default/history_games.php b/templates/Default/engine/Default/history_games.php index e97052344..3c037d1c9 100644 --- a/templates/Default/engine/Default/history_games.php +++ b/templates/Default/engine/Default/history_games.php @@ -73,7 +73,7 @@ Experience $player) { ?> - + > @@ -90,7 +90,7 @@ Kills $player) { ?> - + > @@ -116,7 +116,7 @@ Experience $alliance) { ?> - + > @@ -133,7 +133,7 @@ Kills $alliance) { ?> - + > From 7cb187ddf12a6bb32b8ab37ace68ca5fa4ea4c9d Mon Sep 17 00:00:00 2001 From: Dan Hemberger Date: Mon, 25 May 2020 21:23:46 -0700 Subject: [PATCH 7/7] Escape player names in history games Player names were not stored in the history databases with HTML entities already escaped. Therefore, we must escape them at the time when the names are displayed. --- templates/Default/engine/Default/history_alliance_detail.php | 2 +- templates/Default/engine/Default/history_games.php | 4 ++-- templates/Default/engine/Default/history_games_hof.php | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/templates/Default/engine/Default/history_alliance_detail.php b/templates/Default/engine/Default/history_alliance_detail.php index cea3f7075..ad3d9d217 100644 --- a/templates/Default/engine/Default/history_alliance_detail.php +++ b/templates/Default/engine/Default/history_alliance_detail.php @@ -13,7 +13,7 @@ > - + diff --git a/templates/Default/engine/Default/history_games.php b/templates/Default/engine/Default/history_games.php index 3c037d1c9..3b2efa4b0 100644 --- a/templates/Default/engine/Default/history_games.php +++ b/templates/Default/engine/Default/history_games.php @@ -75,7 +75,7 @@ foreach ($PlayerExp as $index => $player) { ?> > - + @@ -92,7 +92,7 @@ foreach ($PlayerKills as $index => $player) { ?> > - + diff --git a/templates/Default/engine/Default/history_games_hof.php b/templates/Default/engine/Default/history_games_hof.php index 5efcf4112..d1459225c 100644 --- a/templates/Default/engine/Default/history_games_hof.php +++ b/templates/Default/engine/Default/history_games_hof.php @@ -20,7 +20,7 @@ foreach ($Rankings as $index => $ranking) { ?> > - +