botsArena/src/act.php

97 lines
3.1 KiB
PHP
Raw Normal View History

2015-12-01 21:22:55 +01:00
<?php
switch($_POST['act']){
case "addBot":
//verifier les variables "botName""botGame""botURL""email""botDescription"
2015-12-02 23:13:46 +01:00
$alerts="";
2015-12-01 21:22:55 +01:00
2015-12-02 23:13:46 +01:00
//botGame -> doit exister
2015-12-04 16:24:34 +01:00
$arenaExists=false;
foreach($arenas as $arena){
if($_POST['botGame'] == $arena['id']){
$arenaExists=true;
break;
}
}
if(!$arenaExists){
2015-12-03 22:27:43 +01:00
error(404,"wrong post parameter");
2015-12-02 23:13:46 +01:00
}
2015-12-03 13:04:33 +01:00
//botname -> il ne doit pas y avoir un autre bot du même nom sur le même jeu
2015-12-02 23:13:46 +01:00
$rs=mysqli_query($lnMysql,
"SELECT 1
FROM bots
2015-12-04 16:26:05 +01:00
WHERE name='".mysqli_real_escape_string($lnMysql,htmlentities($_POST['botName']))."'
AND game='".mysqli_real_escape_string($lnMysql,$_POST['botGame'])."';");
2015-12-02 23:13:46 +01:00
if(mysqli_num_rows($rs) > 0){
$alerts.="Un bot existant pour ce je porte le même nom\n";
}
2015-12-01 21:22:55 +01:00
//BotUrl (doit retourner un code 200)
2015-12-02 23:13:46 +01:00
if(!preg_match("/^(http|https):\/\//", $_POST['botURL'])){
$alerts.="L'URL n'est pas valide\n";
}
2015-12-01 21:22:55 +01:00
//email => doit être valide
2015-12-04 22:21:44 +01:00
if (!filter_var($_POST['email'], FILTER_VALIDATE_EMAIL)) {
2015-12-02 23:13:46 +01:00
$alerts.="L'email n'est pas valide\n";
}
2015-12-03 13:04:33 +01:00
if($alerts <>""){
2015-12-04 16:27:57 +01:00
echo $alerts;
2015-12-03 13:04:33 +01:00
}else{
//enregistrer le bot et envoyer un email pour la validation
2015-12-03 22:21:33 +01:00
$secret=rand_str(8, '$-_.+!*\'(),ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz1234567890');
$rs=mysqli_query($lnMysql,
"INSERT INTO bots (name,game,url,description,active,date_inscription,validate_secret) VALUES
2015-12-04 22:27:40 +01:00
( '".mysqli_real_escape_string($lnMysql,htmlentities($_POST['botName']))."',
2015-12-03 22:21:33 +01:00
'".mysqli_real_escape_string($lnMysql,$_POST['botGame'])."',
'".mysqli_real_escape_string($lnMysql,htmlentities($_POST['botURL']))."',
'".mysqli_real_escape_string($lnMysql,
2015-12-04 22:27:40 +01:00
preg_replace('#^(http|https|mailto|ftp)://(([a-z0-9\/\.\?-_=#\@:~])*)#i','<a href="$1://$2">$1://$2</a>'
2015-12-03 22:21:33 +01:00
,nl2br(htmlentities($_POST['botDescription'])))
)."',
'NOW(),
'".$secret."'"
);
2015-12-04 22:27:40 +01:00
include (__DIR__."/config.php");
2015-12-03 22:21:33 +01:00
require_once (__DIR__."/class.phpmailer.php");
2015-12-04 15:54:18 +01:00
$mail = new PHPMailer;
$mail->isSMTP();
$mail->SMTPDebug = 2;
$mail->Debugoutput = 'html';
$mail->Host = $smtpParams['host'];
$mail->Port = $smtpParams['port'];
$mail->SMTPSecure = $smtpParams['secure'];
$mail->SMTPAuth = true;
$mail->Username = $smtpParams['username'];
$mail->Password = $smtpParams['pass'];
$mail->setFrom($smtpParams['username'], 'First Last');
$mail->Subject = 'BotsArena';
$mail->msgHTML=$lang['E_MAIL_ADD_BOT_INTRO_HTML'].'<p><a href="'.BASEURL.'validateBot/'.$secret.'">'.BASEURL.'validateBot/'.$secret.'</a></p>'.$lang['E_MAIL_ADD_BOT_SIGNATURE_HTML'];
$mail->AltBody = $lang['E_MAIL_ADD_BOT_INTRO']."\n".BASEURL.'validateBot/'.$secret."\n".$lang['E_MAIL_ADD_BOT_SIGNATURE'];
if (!$mail->send()) {
echo "Mailer Error: " . $mail->ErrorInfo;
} else {
echo "Message sent!";
}
2015-12-03 13:04:33 +01:00
}
2015-12-01 21:22:55 +01:00
echo "TODO";
break;
default:
2015-12-03 22:25:59 +01:00
error(500,"erf");
2015-12-01 21:22:55 +01:00
break;
}