From 92db3755c51d5f9c339ffff385fd38add1ae4f17 Mon Sep 17 00:00:00 2001
From: gnieark <gnieark@free.fr>
Date: Sun, 12 Jun 2016 01:14:56 +0200
Subject: [PATCH] check game ID on AJAX communications

---
 src/arenas/connectFour/act.php | 9 ++++++---
 src/arenas/connectFour/js.js   | 3 +++
 2 files changed, 9 insertions(+), 3 deletions(-)

diff --git a/src/arenas/connectFour/act.php b/src/arenas/connectFour/act.php
index 899112c..74902fd 100644
--- a/src/arenas/connectFour/act.php
+++ b/src/arenas/connectFour/act.php
@@ -67,10 +67,13 @@ switch ($_POST['act']){
 
   case "fight":
   
-      if(($_SESSION['game'] <> "connectFou") || ((!$new) && ($_POST['gameId'] <> $_SESSION['matchId']))){
-	error(500,"game non found");    
+      if($_SESSION['game'] <> "connectFou"){
+	error(500,"game non found"); 
+	die;
+      }
+      if((!$new) && ($_POST['gameId'] <> $_SESSION['matchId'])){
+        error (512, "not correct gameId");
       }
-        
   
       //What player has to play?
       if(!isset($_SESSION['currentPlayer'])){
diff --git a/src/arenas/connectFour/js.js b/src/arenas/connectFour/js.js
index 072bbd0..045fc2b 100644
--- a/src/arenas/connectFour/js.js
+++ b/src/arenas/connectFour/js.js
@@ -80,6 +80,9 @@ function connectFour(bot1,bot2,xd_check, gameId, newGame){
 	if(reponse['continue'] == 1){
             connectFour(bot1,bot2,xd_check,reponse['gameId'], false);
         }
+      }else if(xhr.status  == 512){
+          //just forget
+          return;
       }else{
 	  alert ('error ' + xhr.status);
 	  return;