hide bot url

2016-06-09 13:32:34 +02:00 · 2016-06-09 13:32:34 +02:00 · 7a4dc1619e
commit 7a4dc1619e
parent 55e25b2201
1 changed files with 57 additions and 43 deletions
--- a/src/act.php
+++ b/src/act.php
@ -27,7 +27,7 @@ switch($_POST['act']){
    }
    
    //BotUrl
-    if(!preg_match("/^(http|https):\/\//", $_POST['botURL'])){
+    if (!preg_match("/^(http|https):\/\//", $_POST['botURL'])){
    $alerts.="L'URL n'est pas valide.\n";
    }
    
@ -120,23 +120,37 @@ switch($_POST['act']){
      $err.="Un bot du même nom existe déjà";
    }
    //BotUrl
-    if(!preg_match("/^(http|https):\/\//", $_POST['botURL'])){
+    if(($_POST['botURL'] <> "") && (!preg_match("/^(http|https):\/\//", $_POST['botURL']))){
      $alerts.="L'URL n'est pas valide.\n";
    }
    if($err == ""){
 
        //save bot on temp table
        $secret=rand_str(8, 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz1234567890');
+        
+        if( $_POST['botURL'] == "" ){ 
+            $rs=mysqli_query($lnMysql,
+                "SELECT url FROM bots 
+                WHERE game='".mysqli_real_escape_string($lnMysql,$_POST['botGame'])."'
+                AND id ='".mysqli_real_escape_string($lnMysql,$_POST['botId'])."'"
+            );
+            $r=mysqli_fetch_row($rs);
+            $botUrl = $r[0];        
+        }else{
+            
+            $botUrl = $_POST['botURL'];
+        }
+            
+            
        mysqli_query($lnMysql,
        " INSERT INTO bots_modifs( name, game, url, description, date_modification, validate_secret, author_email) VALUES (
            '".mysqli_real_escape_string($lnMysql,htmlentities($_POST['botName']))."',
            '".mysqli_real_escape_string($lnMysql,$_POST['botGame'])."',
-	  '".mysqli_real_escape_string($lnMysql,$_POST['botURL'])."',
+            '".mysqli_real_escape_string($lnMysql,$botUrl."',
            '".mysqli_real_escape_string($lnMysql,
                preg_replace('#^(http|https|mailto|ftp)://(([a-z0-9\/\.\?-_=\#@:~])*)#i','<a href="$1://$2">$1://$2</a>'
                ,nl2br(htmlentities($_POST['botDescription'])))
            )."',
-	   
            NOW(),
            '".$secret."',
            '".mysqli_real_escape_string($lnMysql,$_POST['email'])."'"
@ -178,7 +192,7 @@ switch($_POST['act']){
    break;
    
   default:
-    error(500,"erf");
+    error(404,"erf");
    break;

 }