2015-12-01 21:22:55 +01:00
|
|
|
<?php
|
|
|
|
|
|
|
|
|
|
switch($_POST['act']){
|
|
|
|
|
case "addBot":
|
|
|
|
|
//verifier les variables "botName""botGame""botURL""email""botDescription"
|
|
|
|
|
|
2015-12-02 23:13:46 +01:00
|
|
|
$alerts="";
|
2015-12-01 21:22:55 +01:00
|
|
|
|
2015-12-02 23:13:46 +01:00
|
|
|
//botGame -> doit exister
|
|
|
|
|
if(!in_array($_POST['$arenas'],$arenas)){
|
|
|
|
|
erreur(404,"wrong post parameter");
|
|
|
|
|
}
|
|
|
|
|
|
2015-12-03 13:04:33 +01:00
|
|
|
//botname -> il ne doit pas y avoir un autre bot du même nom sur le même jeu
|
2015-12-02 23:13:46 +01:00
|
|
|
$rs=mysqli_query($lnMysql,
|
|
|
|
|
"SELECT 1
|
|
|
|
|
FROM bots
|
2015-12-03 22:21:33 +01:00
|
|
|
WHERE name='".mysqli_real_escape_string($lnMysql,htmlentities($_POST['botname']))."'
|
2015-12-02 23:13:46 +01:00
|
|
|
AND game='".mysqli_real_escape_string($lnMysql,$_POST['game'])."';");
|
|
|
|
|
if(mysqli_num_rows($rs) > 0){
|
|
|
|
|
$alerts.="Un bot existant pour ce je porte le même nom\n";
|
|
|
|
|
}
|
2015-12-01 21:22:55 +01:00
|
|
|
|
|
|
|
|
//BotUrl (doit retourner un code 200)
|
2015-12-02 23:13:46 +01:00
|
|
|
if(!preg_match("/^(http|https):\/\//", $_POST['botURL'])){
|
|
|
|
|
$alerts.="L'URL n'est pas valide\n";
|
|
|
|
|
}
|
2015-12-01 21:22:55 +01:00
|
|
|
|
|
|
|
|
//email => doit être valide
|
2015-12-02 23:13:46 +01:00
|
|
|
//only oner @
|
|
|
|
|
if(
|
|
|
|
|
(substr_count('@',$_POST['email']) <> 1)
|
|
|
|
|
|| (substr_count('.@',$_POST['email']) > 0)
|
|
|
|
|
|| (substr_count('@.',$_POST['email']) > 0)
|
|
|
|
|
|| (substr_count('..',$_POST['email']) > 0)
|
|
|
|
|
|| (substr_count('.',$_POST['email']) == 1)
|
|
|
|
|
){
|
|
|
|
|
$alerts.="L'email n'est pas valide\n";
|
|
|
|
|
}
|
|
|
|
|
|
2015-12-03 13:04:33 +01:00
|
|
|
//BotDescription=> a voir
|
2015-12-02 23:13:46 +01:00
|
|
|
|
2015-12-03 22:21:33 +01:00
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
2015-12-03 13:04:33 +01:00
|
|
|
if($alerts <>""){
|
|
|
|
|
|
|
|
|
|
}else{
|
|
|
|
|
//enregistrer le bot et envoyer un email pour la validation
|
|
|
|
|
|
2015-12-03 22:21:33 +01:00
|
|
|
$secret=rand_str(8, '$-_.+!*\'(),ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz1234567890');
|
|
|
|
|
|
|
|
|
|
$rs=mysqli_query($lnMysql,
|
|
|
|
|
"INSERT INTO bots (name,game,url,description,active,date_inscription,validate_secret) VALUES
|
|
|
|
|
( '".mysqli_real_escape_string($lnMysql,htmlentities($_POST['botname']))."',
|
|
|
|
|
'".mysqli_real_escape_string($lnMysql,$_POST['botGame'])."',
|
|
|
|
|
'".mysqli_real_escape_string($lnMysql,htmlentities($_POST['botURL']))."',
|
|
|
|
|
'".mysqli_real_escape_string($lnMysql,
|
|
|
|
|
preg_replace('#^(http|https|mailto|ftp)://(([a-z0-9\/\.\?-_=#@:~])*)#i','<a href="$1://$2">$1://$2</a>'
|
|
|
|
|
,nl2br(htmlentities($_POST['botDescription'])))
|
|
|
|
|
)."',
|
|
|
|
|
'NOW(),
|
|
|
|
|
'".$secret."'"
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
require_once (__DIR__."/class.phpmailer.php");
|
|
|
|
|
|
2015-12-03 13:04:33 +01:00
|
|
|
}
|
2015-12-01 21:22:55 +01:00
|
|
|
|
|
|
|
|
|
|
|
|
|
echo "TODO";
|
|
|
|
|
break;
|
|
|
|
|
default:
|
2015-12-03 22:25:59 +01:00
|
|
|
error(500,"erf");
|
2015-12-01 21:22:55 +01:00
|
|
|
break;
|
|
|
|
|
|
|
|
|
|
}
|
