Skip to content

Commit

Permalink
Browse files Browse the repository at this point in the history
sql injection fix 
and some cleanup
  • Loading branch information
@FiveEYZ
FiveEYZ committed May 6, 2020
1 parent 44e3f89 commit 8d45ce7
Show file tree
Hide file tree
Showing 2 changed files with 18 additions and 16 deletions.
6 changes: 3 additions & 3 deletions esx_kashacters/html/js/app.js
View file
Expand Up @@ -41,15 +41,15 @@ $(".character-box").click(function () {

$("#play-char").click(function () {
$.post("http://esx_kashacters/CharacterChosen", JSON.stringify({
charid: $('.active-char').attr("data-charid"),
ischar: $('.active-char').attr("data-ischar"),
charid: Number($('.active-char').attr("data-charid")),
ischar: ($('.active-char').attr("data-ischar") == "true"),
}));
Kashacter.CloseUI();
});

$("#deletechar").click(function () {
$.post("http://esx_kashacters/DeleteCharacter", JSON.stringify({
charid: $('.active-char').attr("data-charid"),
charid: Number($('.active-char').attr("data-charid")),
}));
Kashacter.CloseUI();
});
Expand Down
28 changes: 15 additions & 13 deletions esx_kashacters/server/main.lua
View file
Expand Up @@ -13,12 +13,14 @@ local IdentifierTables = {
{table = "phone_messages", column = "owner"},
{table = "private_vehicles", column = "owner"},
{table = "rented_vehicles", column = "owner"},
{table = "user_documents", column = "owner"},
{table = "user_licenses", column = "owner"},
{table = "billing", column = "identifier"},
{table = "crimerecord", column = "identifier"},
{table = "phone_users_contacts", column = "identifier"},
{table = "society_moneywash", column = "identifier"},
{table = "users", column = "identifier"},
{table = "invest", column = "identifier"},
{table = "twitter_tweets", column = "realUser"}
}

Expand All @@ -35,20 +37,20 @@ end)
RegisterServerEvent("kashactersS:CharacterChosen")
AddEventHandler('kashactersS:CharacterChosen', function(charid, ischar)
local src = source
-- local spawn = {}

local isnew = true
SetLastCharacter(src, tonumber(charid))
SetCharToIdentifier(GetPlayerIdentifiers(src)[2], tonumber(charid))
if ischar == "true" then
isnew = false
--spawn = GetSpawnPos(src)
--TriggerClientEvent("kashactersC:SpawnCharacter", src, spawn)
else
TriggerClientEvent('skinchanger:loadDefaultModel', src, true, cb)
--TriggerEvent('esx_identity:showRegisterIdentity')
--TriggerClientEvent("kashactersC:SpawnCharacter", src, spawn)
end
TriggerClientEvent("kashactersC:SpawnCharacter", src, isnew)
if type(charid) == "number" and type(ischar) == "boolean" then
SetLastCharacter(src, charid)
SetCharToIdentifier(GetPlayerIdentifiers(src)[2], charid)
if ischar == true then
isnew = false
else
TriggerClientEvent('skinchanger:loadDefaultModel', src, isnew, cb)
end
TriggerClientEvent("kashactersC:SpawnCharacter", src, isnew)
else
-- Trigger Ban Event here to ban individuals trying to use SQL Injections
end
end)

RegisterServerEvent("kashactersS:DeleteCharacter")
Expand Down

0 comments on commit 8d45ce7

Please sign in to comment.