[Problem] ingame itemshop autologin fail

[Mr.Oz J. 5]

i need help i got this error ingame




and this is the index.php  ( a part of it, if u want the full part , just tell me)

 

 

 

<?php

 

session_name("m2hp"); 

 

session_start();

require './includes/php/config.php';
require './includes/php/funzioni.inc.php';

$dc = '';
$dm = '';

$page_title = "Itemshop - $servername!";
?>
<?php require 'includes/php/header.php'; ?>
  <?php 
  if ((isset($_GET['pid'])) && (isset($_GET['sas']))) {

    //SAS Confirmed
    $pid = mysqli_real_escape_string($_GET['pid']);
    $sas = mysqli_real_escape_string($_GET['sas']);

    if ((strlen($_GET['pid'])) == (strlen(mysqli_real_escape_string($pid))) &&  (strlen($_GET['sas'])) == (strlen(mysqli_real_escape_string($sas))))  // SQL INJECT PARAMETRI GET FIX
    { 
    
    $convalida = mysqli_query($conn, "SELECT account_id FROM ".$_CONFIG['db_player'].".player WHERE id = '".$pid."' LIMIT 1");
    while ($data = mysqli_fetch_array($convalida))

    { 
    $account_id = $data['account_id'];
    }





Please help me

 

Edited August 20, 2022 by Metin2 Dev
Core X - External 2 Internal

[ondry 331]

    //SAS Confirmed
    $pid = mysqli_real_escape_string($conn, $_GET['pid']);
    $sas = mysqli_real_escape_string($conn, $_GET['sas']);

    if ((strlen($_GET['pid'])) == (strlen(mysqli_real_escape_string($conn, $pid))) &&  (strlen($_GET['sas'])) == (strlen(mysqli_real_escape_string($conn, $sas))))  // SQL INJECT PARAMETRI GET FIX