It has come to our attention that people have been adding ad credits through their my ads pages. Here is the fix:
Go to your members/retract_credits_banner.php file around lines 24 to 40, remove what is in bold:
if($action == "retract") {
if($credits < 1) {
$error_msg="You must enter at least 1 credit!";
}
else if($thisad[username] != $username) {
$error_msg="You do not have permission to edit this!!";
}
else {
if($credits > $thisad[credits]) {
$credits=$thisad[credits];
}
$sql=$Db1->query("UPDATE banners SET credits=credits-$credits WHERE id='$id'");
$sql=$Db1->query("UPDATE user SET banner_credits=banner_credits+$credits WHERE username='$username'");
$Db1->sql_close();
header("Location: index.php?view=account&ac=myads&adtype=banner&".$url_variables."");
}
}
and then add what is in bold so it looks like the code below:
if($action == "retract") {
if($credits < 1) {
$error_msg="You must enter at least 1 credit!";
}
else if($thisad[username] != $username) {
$error_msg="You do not have permission to edit this!!";
}
else if( ereg("[^0-9]", $credits) ){
$error_msg="You can only put in numbers 0 to 9";
}
else if($credits > $thisad[credits]) {
$error_msg="You can not remove more credits than you have!!";
}
else {
$credits=asql($credits);
$username=asql($username);
$sql=$Db1->query("UPDATE banners SET credits=credits-$credits WHERE id='$id'");
$sql=$Db1->query("UPDATE user SET banner_credits=banner_credits+$credits WHERE username='$username'");
$Db1->sql_close();
header("Location: index.php?view=account&ac=myads&adtype=banner&".$url_variables."");
}
}
