gnieark
/
botsArena
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

manage bots

Browse Source
pull/73/head
Gnieark 8 years ago
parent 31c2338a84
commit 62e22b2287
4 changed files with 34 additions and 3 deletions
Show Stats Download Patch File Download Diff File

12
html/index.php
Unescape Escape View File

@ -194,6 +194,18 @@ if(isset($_GET['arena'])){
break;
case "validateEditBot":
//check if secret is ok
if(!isset($_GET['params'])){
error(404,"Page does not exists");
die;
}
$rs=mysqli_query($lnMysql," SELECT 1 FROM bots_modifs WHERE validate_secret='".mysqli_real_escape_string($lnMysql,$_GET['params'])."';");
if(!$r=mysqli_fetch_row($rs)){
error(404,"Page doesn't exist");
die;
}
$siteTitle="Your bot is changed";
$siteDescription="bots arena ";
$permitIndex=false;

3
src/act.php
Unescape Escape View File

@ -142,7 +142,8 @@ switch($_POST['act']){
}
mysqli_query($lnMysql,
" INSERT INTO bots_modifs( name, game, url, description,unclean_description, date_modification, validate_secret, author_email) VALUES (
" INSERT INTO bots_modifs( real_id, name, game, url, description,unclean_description, date_modification, validate_secret, author_email) VALUES (
'".mysqli_real_escape_string($lnMysql,$_POST['botId'])."',
'".mysqli_real_escape_string($lnMysql,htmlentities($_POST['botName']))."',
'".mysqli_real_escape_string($lnMysql,$_POST['botGame'])."',
'".mysqli_real_escape_string($lnMysql,$botUrl)."',

1
src/editBot.php
Unescape Escape View File

@ -1,5 +1,4 @@
<?php
print_r($_GET);
if(isset($_POST['xd_check'])){
$botName=$_POST['botName'];
$botGame=$_POST['botGame'];

21
src/validateEditBot.php
Unescape Escape View File

@ -1,2 +1,21 @@
<?php
echo "<h1>PLOP</h1>";
$rs=mysqli_query($lnMysql,"SELECT 1 FROM bots_modifs WHERE validate_secret='".mysqli_real_escape_string($lnMysql,$_GET['params'])."';");
if(!$r=mysqli_fetch_row($rs)){
error(404,"Page doesn't exist");
die;
}
mysqli_query(
"UPDATE bots, bots_modifs
SET bots.name = bots_modifs.name
, bots.game = bots_modifs.game
, bots.url = bots_modifs.url
, bots.description = bots_modifs.description
, bots.unclean_description = bots_modifs.unclean_description
WHERE
bots.id=bots_modifs.real_id
AND bots_modifs.validate_secret='".mysqli_real_escape_string($lnMysql,$_GET['params'])."';");
?
<h2>Thanks!</h2>
<p> Votre bot est validé, merci d'avoir donné à manger à Bots'Arena</p>
Write Preview
Loading…
Cancel
Save