prevent board master use gamble race condition to earn illegal money.

git-svn-id: http://opensvn.csie.org/pttbbs/trunk/pttbbs@3335 63ad8ddf-47c3-0310-b6dd-a9e9d9715204

1 files changed, 8 insertions, 2 deletions

diff --git a/mbbsd/bbs.c b/mbbsd/bbs.c
index 6b0c0f96..0f6141f9 100644
--- a/mbbsd/bbs.c
+++ b/mbbsd/bbs.c
@@ -1680,6 +1680,7 @@ hold_gamble(void)
 {
     char            fn_ticket[128], fn_ticket_end[128], genbuf[128], msg[256] = "",
                     yn[10] = "";
+    char tmp[128];
     boardheader_t  *bp = getbcache(currbid);
     int             i;
     FILE           *fp = NULL;
@@ -1736,11 +1737,11 @@ hold_gamble(void)
 
     clear();
     showtitle("舉辦賭盤", BBSNAME);
-    setbfile(genbuf, currboard, FN_TICKET_ITEMS);
+    setbfile(tmp, currboard, FN_TICKET_ITEMS ".tmp");
 
     //sprintf(genbuf, "%s/" FN_TICKET_ITEMS, direct);
 
-    if (!(fp = fopen(genbuf, "w")))
+    if (!(fp = fopen(tmp, "w")))
 	return FULLUPDATE;
     do {
 	getdata(2, 0, "輸入彩票價格 (價格:10-10000):", yn, 6, LCECHO);
@@ -1778,6 +1779,11 @@ hold_gamble(void)
     setbfile(genbuf, currboard, FN_TICKET_USER);
     unlink(genbuf); // Ptt: 防堵利用不同id同時舉辦賭場
 
+    setbfile(genbuf, currboard, FN_TICKET_ITEMS);
+    setbfile(tmp, currboard, FN_TICKET_ITEMS ".tmp");
+    if(!dashf(fn_ticket))
+	Rename(tmp, genbuf);
+
     snprintf(genbuf, sizeof(genbuf), "[公告] %s 板 開始賭博!", currboard);
     post_msg(currboard, genbuf, msg, cuser.userid);
     post_msg("Record", genbuf + 7, msg, "[馬路探子]");