Skip to content

Commit

Permalink
PUSH
Browse files Browse the repository at this point in the history
-> Fixed a minimal SQL injection!
  • Loading branch information
NaysKutzu committed Oct 29, 2023
1 parent 9bbe9b5 commit 0e5d571
Show file tree
Hide file tree
Showing 3 changed files with 14 additions and 13 deletions.
6 changes: 3 additions & 3 deletions view/earn/afk.php
Original file line number Diff line number Diff line change
Expand Up @@ -26,9 +26,9 @@ function minutesToSeconds($minutes)
$data1 = $coins + SettingsManager::getSetting("afk_coins_per_min");
$data2 = $idlemins + SettingsManager::getSetting("afk_min");
try {
$conn->query("UPDATE `mythicaldash_users` SET `coins` = '$data1' WHERE `mythicaldash_users`.`api_key` = '" . $_COOKIE['token'] . "';");
$conn->query("UPDATE `mythicaldash_users` SET `minutes_afk` = '$data2' WHERE `mythicaldash_users`.`api_key` = '" . $_COOKIE['token'] . "';");
$conn->query("UPDATE `mythicaldash_users` SET `last_seen` = '$currenttimestamp' WHERE `mythicaldash_users`.`api_key` = '" . $_COOKIE['token'] . "';");
$conn->query("UPDATE `mythicaldash_users` SET `coins` = '$data1' WHERE `mythicaldash_users`.`api_key` = '" . mysqli_real_escape_string($conn, $_COOKIE['token']) . "';");
$conn->query("UPDATE `mythicaldash_users` SET `minutes_afk` = '$data2' WHERE `mythicaldash_users`.`api_key` = '" . mysqli_real_escape_string($conn, $_COOKIE['token']) . "';");
$conn->query("UPDATE `mythicaldash_users` SET `last_seen` = '$currenttimestamp' WHERE `mythicaldash_users`.`api_key` = '" . mysqli_real_escape_string($conn, $_COOKIE['token']) . "';");
echo '<script>window.location.replace("/earn/afk");</script>';
} catch (Exception $e) {
echo $e;
Expand Down
2 changes: 1 addition & 1 deletion view/earn/linkvertise.php
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@
header('location: /');
}
if (isset($_GET['key'])) {
$key = mysqli_escape_string($conn, $_GET['key']);
$key = mysqli_real_escape_string($conn, $_GET['key']);
$result = mysqli_query($conn, "SELECT * FROM mythicaldash_linkvertise WHERE skey='$key'");
if (mysqli_num_rows($result) > 0) {
$usr_coins = $session->getUserInfo("coins");
Expand Down
19 changes: 10 additions & 9 deletions view/earn/redeem.php
Original file line number Diff line number Diff line change
@@ -1,5 +1,6 @@
<?php
use MythicalDash\SettingsManager;

include(__DIR__ . '/../requirements/page.php');
if (isset($_GET['code']) && !$_GET['code'] == "") {
$user_query = "SELECT * FROM mythicaldash_redeem WHERE code = ?";
Expand All @@ -14,18 +15,18 @@
$newram = $session->getUserInfo("ram") + $redeemdb['ram'];
$newdisk = $session->getUserInfo("disk") + $redeemdb['disk'];
$newcpu = $session->getUserInfo("cpu") + $redeemdb['cpu'];
$new_server_limit = $session->getUserInfo("server_limit")+ $redeemdb['server_limit'];
$new_server_limit = $session->getUserInfo("server_limit") + $redeemdb['server_limit'];
$newports = $session->getUserInfo("ports") + $redeemdb['ports'];
$newdatabases = $session->getUserInfo("databases") + $redeemdb['databases'];
$newbackups = $session->getUserInfo("backups") + $redeemdb['backups'];
$conn->query("UPDATE `mythicaldash_users` SET `coins` = '" . $newcoins . "' WHERE `mythicaldash_users`.`api_key` = '" . $_COOKIE['token'] . "';");
$conn->query("UPDATE `mythicaldash_users` SET `ram` = '" . $newram . "' WHERE `mythicaldash_users`.`api_key` = '" . $_COOKIE['token'] . "';");
$conn->query("UPDATE `mythicaldash_users` SET `disk` = '" . $newdisk . "' WHERE `mythicaldash_users`.`api_key` = '" . $_COOKIE['token'] . "';");
$conn->query("UPDATE `mythicaldash_users` SET `cpu` = '" . $newcpu . "' WHERE `mythicaldash_users`.`api_key` = '" . $_COOKIE['token'] . "';");
$conn->query("UPDATE `mythicaldash_users` SET `server_limit` = '" . $new_server_limit . "' WHERE `mythicaldash_users`.`api_key` = '" . $_COOKIE['token'] . "';");
$conn->query("UPDATE `mythicaldash_users` SET `ports` = '" . $newports . "' WHERE `mythicaldash_users`.`api_key` = '" . $_COOKIE['token'] . "';");
$conn->query("UPDATE `mythicaldash_users` SET `databases` = '" . $newdatabases . "' WHERE `mythicaldash_users`.`api_key` = '" . $_COOKIE['token'] . "';");
$conn->query("UPDATE `mythicaldash_users` SET `backups` = '" . $newbackups . "' WHERE `mythicaldash_users`.`api_key` = '" . $_COOKIE['token'] . "';");
$conn->query("UPDATE `mythicaldash_users` SET `coins` = '" . $newcoins . "' WHERE `mythicaldash_users`.`api_key` = '" . mysqli_real_escape_string($conn, $_COOKIE['token']) . "';");
$conn->query("UPDATE `mythicaldash_users` SET `ram` = '" . $newram . "' WHERE `mythicaldash_users`.`api_key` = '" . mysqli_real_escape_string($conn, $_COOKIE['token']) . "';");
$conn->query("UPDATE `mythicaldash_users` SET `disk` = '" . $newdisk . "' WHERE `mythicaldash_users`.`api_key` = '" . mysqli_real_escape_string($conn, $_COOKIE['token']) . "';");
$conn->query("UPDATE `mythicaldash_users` SET `cpu` = '" . $newcpu . "' WHERE `mythicaldash_users`.`api_key` = '" . mysqli_real_escape_string($conn, $_COOKIE['token']) . "';");
$conn->query("UPDATE `mythicaldash_users` SET `server_limit` = '" . $new_server_limit . "' WHERE `mythicaldash_users`.`api_key` = '" . mysqli_real_escape_string($conn, $_COOKIE['token']) . "';");
$conn->query("UPDATE `mythicaldash_users` SET `ports` = '" . $newports . "' WHERE `mythicaldash_users`.`api_key` = '" . mysqli_real_escape_string($conn, $_COOKIE['token']) . "';");
$conn->query("UPDATE `mythicaldash_users` SET `databases` = '" . $newdatabases . "' WHERE `mythicaldash_users`.`api_key` = '" . mysqli_real_escape_string($conn, $_COOKIE['token']) . "';");
$conn->query("UPDATE `mythicaldash_users` SET `backups` = '" . $newbackups . "' WHERE `mythicaldash_users`.`api_key` = '" . mysqli_real_escape_string($conn, $_COOKIE['token']) . "';");
if ($redeemdb['uses'] > 1) {
$newuses = $redeemdb['uses'] - 1;
$conn->query("UPDATE `mythicaldash_redeem` SET `uses` = '" . $newuses . "' WHERE `mythicaldash_redeem`.`code` = '" . $code . "';");
Expand Down

0 comments on commit 0e5d571

Please sign in to comment.