X-Git-Url: https://git.nubati.net/cgi-bin/gitweb.cgi?p=e-DoKo.git;a=blobdiff_plain;f=include%2Fcancelgame.php;h=43d32740c93014bded9fed6ef61a3d1626d906e6;hp=9f86142d66c0ec9b99227afd0e1fba70610fc57e;hb=cd4cbd4a1cce2c35a6a78b1b957c17389001b4b1;hpb=09515348107d9aab7823a12d31b082a2ebb75555;ds=sidebyside

diff --git a/include/cancelgame.php b/include/cancelgame.php
index 9f86142..43d3274 100644
--- a/include/cancelgame.php
+++ b/include/cancelgame.php
@@ -7,6 +7,12 @@ if(!isset($HOST))
 
 output_status();
 
+if(!myisset("me"))
+  {
+    echo "Hmm, you really shouldn't mess with the urls.<br />\n";
+    return;
+  }
+
 $me = $_REQUEST["me"];
 
 /* test for valid ID */
@@ -15,9 +21,7 @@ if(!$myid)
   {
     echo "Can't find you in the database, please check the url.<br />\n";
     echo "perhaps the game has been canceled, check by login in <a href=\"$INDEX\">here</a>.";
-    output_footer();
-    DB_close();
-    exit();
+    return;
   }
 
 DB_update_user_timestamp($myid);
@@ -27,8 +31,7 @@ $gameid   = DB_get_gameid_by_hash($me);
 $myname   = DB_get_name('hash',$me);
 
 /* check if game really is old enough to be canceled */
-$result = mysql_query("SELECT mod_date from Game WHERE id='$gameid' " );
-$r = mysql_fetch_array($result,MYSQL_NUM);
+$r = DB_query_array("SELECT mod_date from Game WHERE id='$gameid' " );
 if(time()-strtotime($r[0]) > 60*60*24*30) /* = 1 month */
   {
     $message = "Hello, \n\n".