gnieark/botsArena
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

hide bot url

Browse Source
This commit is contained in:
gnieark 2016-06-09 13:32:34 +02:00
parent 55e25b2201
commit 7a4dc1619e
1 changed files with 57 additions and 43 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
src/act.php
View File

@ -120,23 +120,37 @@ switch($_POST['act']){
$err.="Un bot du même nom existe déjà";
}
//BotUrl
if(!preg_match("/^(http|https):\/\//", $_POST['botURL'])){
if(($_POST['botURL'] <> "") && (!preg_match("/^(http|https):\/\//", $_POST['botURL']))){
$alerts.="L'URL n'est pas valide.\n";
}
if($err == ""){
//save bot on temp table
$secret=rand_str(8, 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz1234567890');
if( $_POST['botURL'] == "" ){
$rs=mysqli_query($lnMysql,
"SELECT url FROM bots
WHERE game='".mysqli_real_escape_string($lnMysql,$_POST['botGame'])."'
AND id ='".mysqli_real_escape_string($lnMysql,$_POST['botId'])."'"
);
$r=mysqli_fetch_row($rs);
$botUrl = $r[0];
}else{
$botUrl = $_POST['botURL'];
}
mysqli_query($lnMysql,
" INSERT INTO bots_modifs( name, game, url, description, date_modification, validate_secret, author_email) VALUES (
'".mysqli_real_escape_string($lnMysql,htmlentities($_POST['botName']))."',
'".mysqli_real_escape_string($lnMysql,$_POST['botGame'])."',
'".mysqli_real_escape_string($lnMysql,$_POST['botURL'])."',
'".mysqli_real_escape_string($lnMysql,$botUrl."',
'".mysqli_real_escape_string($lnMysql,
preg_replace('#^(http|https|mailto|ftp)://(([a-z0-9\/\.\?-_=\#@:~])*)#i','<a href="$1://$2">$1://$2</a>'
,nl2br(htmlentities($_POST['botDescription'])))
)."',
NOW(),
'".$secret."',
'".mysqli_real_escape_string($lnMysql,$_POST['email'])."'"
@ -178,7 +192,7 @@ switch($_POST['act']){
break;
default:
error(500,"erf");
error(404,"erf");
break;
}