TravianZ Official (yi12345) - bugs list

[lauris3722]

Had 20lvl walls/horses..

 

[mandee]

Had 20lvl walls/horses..

Add Military in admin or not.

 

[lauris3722]

No, I haven't added military thru admin, as Im just a player.

 

[cata7007]

What server ? Are you user last version of TravianZ ?

 

[lauris3722]

herovian.com server, I don't know the version..
Please tell me if this is the right thread im posting in, Im not really sure if the server is using yi12345. I found another bugs, not sure where to post them.

 

[cata7007]

Yeah i think is my version or yi12345 version. But is modified and i think is not updated. So we cannot confirm that bug. If you want to test last version you can try on our test server in here :

You must be registered to see links

ronix : and in combat simulator please if you can put Hero Def-Bonus on Defender to make sure all is correct.

And also have a problem ronix type on your server that : /dorf2.php?master=39&id=24&time=3439 and will start building .... lol

39 level big hambar, 24 nombers klrtki and 3439 level bilding
dorf2.php? master = 39 & id = 24 & time = 3439
You can build any desired building, knowing his number with the game.

Thanks

 

[lauris3722]

In a few minutes @ test server

 

[cata7007]

I don't understand. Bug or what? Explain.

I see your village have 23 population

 

[lauris3722]

A serious security bug..

Aaand found another one, now Im into admin panel.. Hey eduard :

 

[F6Q]

please say bug to fix shadow or ronix :/:

 

[lauris3722]

Done testing..
For me, as a novice hacker and (almost) good PHP developer, found way too many security issues.
I added gold, troops, buildings to my city easily (by just knowing HTML and using Logic), then I found sql-injection exploitable files (many) and obtained all database data (including admin password, which I used to log in admin panel).
The script is written poorly, making performance leaks and longer compiling times, doing many useless jobs and uses almost no caching at all.. No offence, I wish you luck in php learning and fulfilling the script.
I will PM the exploits to cata7007.

 

[mandee]

Done testing..
For me, as a novice hacker and good PHP developer, found way too many security issues.
I added gold, troops, buildings to my city easily (by just knowing HTML and using Logic), then I found sql-injection exploitable files (many) and obtained all database data (including admin password, which I used to log in admin panel).
The script is written poorly, making performance leaks and longer compiling times, doing many useless jobs and uses almost no caching at all.. No offence, I wish you luck in php learning and fulfilling the script.
I will PM the exploits to cata7007.

Can you fix it?

 

[lauris3722]

Can you fix it?

I can, but I have my own things to make. TravianZ developers will fix it.

 

[ronix]

Done testing..
For me, as a novice hacker and (almost) good PHP developer, found way too many security issues.
I added gold, troops, buildings to my city easily (by just knowing HTML and using Logic), then I found sql-injection exploitable files (many) and obtained all database data (including admin password, which I used to log in admin panel).
The script is written poorly, making performance leaks and longer compiling times, doing many useless jobs and uses almost no caching at all.. No offence, I wish you luck in php learning and fulfilling the script.
I will PM the exploits to cata7007.

just insert first line at tpl file in folder Admin Templates and php file in folder Admin Mod
:

if (!isset($_SESSION)) session_start();
if($_SESSION['access'] < ADMIN) die("Access Denied: You are not Admin!");

please try if you can exploits

 

[mandee]

@ronix , cata7007

How anti clips

Soldiers grew more than 3000000 changed to 0 automatically.

in barracks and enforcement

 

[cata7007]

@ronix modified in all file ... please look at other big problem

In combat simulator please if you can put Hero Def-Bonus on Defender to make sure all is correct.

And also have a problem ronix type on your server that : /dorf2.php?master=39&id=24&time=3439 and will start building .... lol

39 level big hambar, 24 nombers klrtki and 3439 level bilding
dorf2.php? master = 39 & id = 24 & time = 3439
You can build any desired building, knowing his number with the game.

Thanks

 

[lauris3722]

I recommend to re-write automation.php thing, such thing should not even exist in PHP.. Remove classes, add switches and put functions in seperate files. There should be a short string (aka. compressed) in DB telling what actions is player doing (string:B02TbTs...), so the server doesn't need to go thru other tables and obtain 999x more information, neither will it compile the whole automation.php thing, but only included, necessary functions you're actually using.
Also, OOP should not be used in large scripts, especially games.

 

[Diogarcia]

Hey! this version is nice, but if it were translated into Spanish would be great!

I'll try to translate

 

[cata7007]

Original version is in english so if you want to translate , you can do that in GameEngine/Lang/es.php

 

[ronix]

==================================================================
new fix battle
scout fix with moral bonus/wall
hero def bonus in battle sim
(ALL battle in simulator are 100% like offical)
i don't try in real battle..not much time.. please try at your own.
==================================================================
file \GameEngine\Battle.php
file \Templates\Simulator\def_end.tpl
--------------------------------------
download and replace file

You must be registered to see links

-----------------------------------
file \GameEngine\sendunitsComplete
-----------------------------------
replace this line code:

$battlepart = $battle->calculateBattle($Attacker,$Defender,$def_wall,$att_tribe,$def_tribe,$residence,$attpop,$defpop,$type,$def_ab,$att_ab1,$att_ab2,$att_ab3,$att_ab4,$att_ab5,$att_ab6,$att_ab7,$att_ab8,$tblevel,$stonemason,$walllevel,0,0,0,$AttackerID,$DefenderID,$AttackerWref,$DefenderWref,$conqureby);

Edited:
file \GameEngine\Automation.php
function sendunitsComplete