manage bots

This commit is contained in:
Gnieark 2016-06-09 15:05:13 +02:00
parent f7aeeb0c0e
commit d578d3bfaf
3 changed files with 8 additions and 10 deletions

View File

@ -167,7 +167,7 @@ if(isset($_GET['arena'])){
die; die;
} }
$rs=mysqli_query($lnMysql, $rs=mysqli_query($lnMysql,
"SELECT id,name,game,url,description,date_inscription "SELECT id,name,game,url,description,unclean_description,date_inscription
FROM bots FROM bots
WHERE id='".mysqli_real_escape_string($lnMysql,$_GET['params'])."' WHERE id='".mysqli_real_escape_string($lnMysql,$_GET['params'])."'
AND active='1'"); AND active='1'");
@ -181,7 +181,8 @@ if(isset($_GET['arena'])){
'game' => $r[2], 'game' => $r[2],
'url' => $r[3], 'url' => $r[3],
'description' => $r[4], 'description' => $r[4],
'date_inscription' => $r[5] 'unclean_description'=> $r[5],
'date_inscription' => $r[6]
); );
$siteTitle="Modifier un bot"; $siteTitle="Modifier un bot";
$siteDescription="bots arena "; $siteDescription="bots arena ";

View File

@ -142,7 +142,7 @@ switch($_POST['act']){
} }
mysqli_query($lnMysql, mysqli_query($lnMysql,
" INSERT INTO bots_modifs( name, game, url, description, date_modification, validate_secret, author_email) VALUES ( " INSERT INTO bots_modifs( name, game, url, description,unclean_description, date_modification, validate_secret, author_email) VALUES (
'".mysqli_real_escape_string($lnMysql,htmlentities($_POST['botName']))."', '".mysqli_real_escape_string($lnMysql,htmlentities($_POST['botName']))."',
'".mysqli_real_escape_string($lnMysql,$_POST['botGame'])."', '".mysqli_real_escape_string($lnMysql,$_POST['botGame'])."',
'".mysqli_real_escape_string($lnMysql,$botUrl)."', '".mysqli_real_escape_string($lnMysql,$botUrl)."',
@ -150,6 +150,7 @@ switch($_POST['act']){
preg_replace('#^(http|https|mailto|ftp)://(([a-z0-9\/\.\?-_=\#@:~])*)#i','<a href="$1://$2">$1://$2</a>' preg_replace('#^(http|https|mailto|ftp)://(([a-z0-9\/\.\?-_=\#@:~])*)#i','<a href="$1://$2">$1://$2</a>'
,nl2br(htmlentities($_POST['botDescription']))) ,nl2br(htmlentities($_POST['botDescription'])))
)."', )."',
'".mysqli_real_escape_string($lnMysql,$_POST['botDescription'])."',
NOW(), NOW(),
'".$secret."', '".$secret."',
'".mysqli_real_escape_string($lnMysql,$_POST['email'])."')" '".mysqli_real_escape_string($lnMysql,$_POST['email'])."')"

View File

@ -1,5 +1,5 @@
<?php <?php
print_r($_GET);
if(isset($_POST['xd_check'])){ if(isset($_POST['xd_check'])){
$botName=$_POST['botName']; $botName=$_POST['botName'];
$botGame=$_POST['botGame']; $botGame=$_POST['botGame'];
@ -8,15 +8,11 @@ if(isset($_POST['xd_check'])){
$email=$_POST['email']; $email=$_POST['email'];
}else{ }else{
$botName=$theBot['name']; $botName=$theBot['name'];
$botGame=$theBot['game']; $botGame=$theBot['game'];
$botURL=$theBot['url']; $botURL=$theBot['url'];
$botDescription=$theBot['description']; $botDescription=$theBot['unclean_description'];
$email=""; $email="";
} }