diff --git a/html/index.php b/html/index.php
index ea7d25b..458ef89 100644
--- a/html/index.php
+++ b/html/index.php
@@ -194,6 +194,18 @@ if(isset($_GET['arena'])){
       break;
       
     case "validateEditBot":
+	//check if secret is ok
+	if(!isset($_GET['params'])){
+            error(404,"Page does not exists");
+            die;
+        }
+        
+        $rs=mysqli_query($lnMysql," SELECT 1 FROM bots_modifs WHERE validate_secret='".mysqli_real_escape_string($lnMysql,$_GET['params'])."';");
+        if(!$r=mysqli_fetch_row($rs)){
+            error(404,"Page doesn't exist");
+            die;
+        }
+        
         $siteTitle="Your bot is changed";
         $siteDescription="bots arena ";
         $permitIndex=false;
diff --git a/src/act.php b/src/act.php
index cb959ed..3b9c822 100644
--- a/src/act.php
+++ b/src/act.php
@@ -142,7 +142,8 @@ switch($_POST['act']){
         }
            
         mysqli_query($lnMysql,
-        " INSERT INTO bots_modifs( name, game, url, description,unclean_description, date_modification, validate_secret, author_email) VALUES (
+        " INSERT INTO bots_modifs( real_id, name, game, url, description,unclean_description, date_modification, validate_secret, author_email) VALUES (
+	    '".mysqli_real_escape_string($lnMysql,$_POST['botId'])."',
             '".mysqli_real_escape_string($lnMysql,htmlentities($_POST['botName']))."',
             '".mysqli_real_escape_string($lnMysql,$_POST['botGame'])."',
             '".mysqli_real_escape_string($lnMysql,$botUrl)."',
diff --git a/src/editBot.php b/src/editBot.php
index c9fe4bb..b935a70 100644
--- a/src/editBot.php
+++ b/src/editBot.php
@@ -1,5 +1,4 @@
 <?php
-print_r($_GET);
 if(isset($_POST['xd_check'])){
  $botName=$_POST['botName'];
  $botGame=$_POST['botGame'];
diff --git a/src/validateEditBot.php b/src/validateEditBot.php
index 1b4f06b..4826018 100644
--- a/src/validateEditBot.php
+++ b/src/validateEditBot.php
@@ -1,2 +1,21 @@
 <?php
-echo "<h1>PLOP</h1>";
\ No newline at end of file
+$rs=mysqli_query($lnMysql,"SELECT 1 FROM bots_modifs WHERE validate_secret='".mysqli_real_escape_string($lnMysql,$_GET['params'])."';");
+if(!$r=mysqli_fetch_row($rs)){
+    error(404,"Page doesn't exist");
+    die;
+}
+
+mysqli_query(
+"UPDATE bots, bots_modifs
+  SET bots.name		=	bots_modifs.name
+  , bots.game		=	bots_modifs.game
+  , bots.url		=	bots_modifs.url
+  , bots.description	=	bots_modifs.description
+  , bots.unclean_description =	bots_modifs.unclean_description
+ WHERE
+  bots.id=bots_modifs.real_id
+  AND bots_modifs.validate_secret='".mysqli_real_escape_string($lnMysql,$_GET['params'])."';");
+  
+ ?
+ <h2>Thanks!</h2>
+ <p> Votre bot est validé, merci d'avoir donné à manger à Bots'Arena</p>
\ No newline at end of file