From 500ff10ead3f37aaf34ce7fe8ae44b8cc517007c Mon Sep 17 00:00:00 2001
From: Gnieark <gnieark@free.fr>
Date: Thu, 9 Jun 2016 20:32:48 +0200
Subject: [PATCH] .

---
 src/act.php | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/act.php b/src/act.php
index 0d44ed2..09e6264 100644
--- a/src/act.php
+++ b/src/act.php
@@ -45,7 +45,7 @@ switch($_POST['act']){
       //last char must be alphanum. Mail client should cut url if isn't.
       $secret.=rand_str(1, 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz1234567890');
       
-      $sql =  "INSERT INTO bots (name,game,url,description,active,date_inscription,validate_secret,author_email) VALUES(
+      $sql =  "INSERT INTO bots (name,game,url,description,unclean_description,active,date_inscription,validate_secret,author_email) VALUES(
 		'".mysqli_real_escape_string($lnMysql,htmlentities($_POST['botName']))."',
 		'".mysqli_real_escape_string($lnMysql,$_POST['botGame'])."',
 		'".mysqli_real_escape_string($lnMysql,htmlentities($_POST['botURL']))."',
@@ -53,6 +53,7 @@ switch($_POST['act']){
 		    preg_replace('#^(http|https|mailto|ftp)://(([a-z0-9\/\.\?-_=\#@:~])*)#i','<a href="$1://$2">$1://$2</a>'
 		    ,nl2br(htmlentities($_POST['botDescription'])))
 		    )."',
+		'".mysqli_real_escape_string($lnMysql,htmlentities($_POST['botDescription']))."',    
 		'0',
 		NOW(),
 		'".$secret."',