Merge pull request #46 from gnieark/dev

Dev
This commit is contained in:
Gnieark 2016-05-09 21:28:54 +02:00
commit ef522c61a2
6 changed files with 189 additions and 28 deletions

View File

@ -162,6 +162,27 @@ if(isset($_GET['arena'])){
break;
case "editBot":
if(!isset($_GET['params'])){
error(404,"Page does not exists");
die;
}
$rs=mysqli_query($lnMysql,
"SELECT id,name,game,url,description,date_inscription
FROM bots
WHERE id='".mysqli_real_escape_string($lnMysql,$_GET['params'])."'
AND active='1'");
if(!$r=mysqli_fetch_row($rs)){
error(404,"Page doesn't exist");
die;
}
$theBot=array(
'id' => $r[0],
'name' => $r[1],
'game' => $r[2],
'url' => $r[3],
'description' => $r[4],
'date_inscription' => $r[5]
);
$siteTitle="Modifier un bot";
$siteDescription="bots arena ";
$permitIndex=false;

View File

@ -6,8 +6,7 @@ $lang = array(
'SITE_NAME' => 'Bots\' Arena',
'SITE_DESCRIPTION' => '<p>
Welcome on the Bots\' Arena.<br/>
<b>This website is still in developpement. It doesn\'t work yet.</b><br/>
This vhost is a mirror of dev branch <a href="https://github.com/gnieark/botsArena/tree/dev">this github repo</a>
<b>This website is still in developpement.</b>
</p>
<p>
Many games will be proposed here. You wont play to, but you will developp the bot who will play for you.<br/>
@ -46,5 +45,7 @@ $lang = array(
'BOT_URL' => 'The URL of your bot',
'BOT_DESCRIPTION' => 'Description (html code will not be interpreted, URL will be converted into link):',
'YOUR_EMAIL_FOR_BOT_VALIDATION' => 'Your email address (will serve to validate your bot)',
'SAVE_BOT' => 'Save'
'SAVE_BOT' => 'Save',
'E_MAIL_EDIT_BOT' => "Hello Dude! \n Please Folow the next URL in order to validate your bot update.",
'YOUR_EMAIL_FOR_BOT_EDIT' => 'E-mail used for add this bot:'
);

View File

@ -45,5 +45,7 @@ $lang = array(
'BOT_URL' => 'L\'adresse URL de votre bot',
'BOT_DESCRIPTION' => 'Description (le code html ne sera pas interprété, les URL seront transformées en lien)',
'YOUR_EMAIL_FOR_BOT_VALIDATION' => 'Votre adresse e-mail (servira pour la validation de votre bot)',
'SAVE_BOT' => 'Enregistrer'
'SAVE_BOT' => 'Enregistrer',
'E_MAIL_EDIT_BOT' => "Bonjour Dude! \n Suivez l'URL suivante pour valider les modifications sur votre bot.",
'YOUR_EMAIL_FOR_BOT_EDIT' => 'L\'adresse e-mail qui a servi à l\'inscription du bot:'
);

View File

@ -1,5 +1,9 @@
<?php
//Del unvalidated bots
mysqli_query($lnMysql, "DELETE FROM bots WHERE active='0' AND TIMESTAMPDIFF(DAY, NOW(), date_inscription) > 2");
mysqli_query($lnMysql, "DELETE FROM bot_modifs WHERE TIMESTAMPDIFF(DAY, NOW(), date_modification) > 2");
switch($_POST['act']){
case "addBot":
//verifier les variables "botName""botGame""botURL""email""botDescription"
@ -7,15 +11,9 @@ switch($_POST['act']){
$alerts="";
//botGame -> doit exister
$arenaExists=false;
foreach($arenas as $arena){
if($_POST['botGame'] == $arena['id']){
$arenaExists=true;
break;
}
}
if(!$arenaExists){
if(!does_arena_exist($_POST['botGame'],$arenas)){
error(404,"wrong post parameter");
die;
}
//botname -> il ne doit pas y avoir un autre bot du même nom sur le même jeu
@ -28,7 +26,7 @@ switch($_POST['act']){
$alerts.="Un bot existant pour ce jeu porte le même nom.\n";
}
//BotUrl (doit retourner un code 200)
//BotUrl
if(!preg_match("/^(http|https):\/\//", $_POST['botURL'])){
$alerts.="L'URL n'est pas valide.\n";
}
@ -39,7 +37,6 @@ switch($_POST['act']){
}
if($alerts <>""){
//echo $alerts;
//do nothing now
}else{
//enregistrer le bot et envoyer un email pour la validation
@ -47,18 +44,20 @@ switch($_POST['act']){
$secret=rand_str(7, '$-_.+!*(),ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz1234567890');
//last char must be alphanum. Mail client should cut url if isn't.
$secret.=rand_str(1, 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz1234567890');
$sql = "INSERT INTO bots (name,game,url,description,active,date_inscription,validate_secret) VALUES
( '".mysqli_real_escape_string($lnMysql,htmlentities($_POST['botName']))."',
'".mysqli_real_escape_string($lnMysql,$_POST['botGame'])."',
'".mysqli_real_escape_string($lnMysql,htmlentities($_POST['botURL']))."',
'".mysqli_real_escape_string($lnMysql,
preg_replace('#^(http|https|mailto|ftp)://(([a-z0-9\/\.\?-_=\#@:~])*)#i','<a href="$1://$2">$1://$2</a>'
,nl2br(htmlentities($_POST['botDescription'])))
)."',
'0',
NOW(),
'".$secret."')";
// echo $sql;
$sql = "INSERT INTO bots (name,game,url,description,active,date_inscription,validate_secret,author_email) VALUES(
'".mysqli_real_escape_string($lnMysql,htmlentities($_POST['botName']))."',
'".mysqli_real_escape_string($lnMysql,$_POST['botGame'])."',
'".mysqli_real_escape_string($lnMysql,htmlentities($_POST['botURL']))."',
'".mysqli_real_escape_string($lnMysql,
preg_replace('#^(http|https|mailto|ftp)://(([a-z0-9\/\.\?-_=\#@:~])*)#i','<a href="$1://$2">$1://$2</a>'
,nl2br(htmlentities($_POST['botDescription'])))
)."',
'0',
NOW(),
'".$secret."',
'".mysqli_real_escape_string($lnMysql,$_POST['email'])."'";
$rs=mysqli_query($lnMysql,$sql);
include __DIR__."/config.php";
@ -87,8 +86,94 @@ switch($_POST['act']){
}
}
//echo "TODO";
break;
case "editBot":
if(!does_arena_exist($_POST['botGame'],$arenas)){
error(404,"wrong post parameter");
die;
}
$err="";
//check author e-mail
$rs=mysqli_query($lnMysql,
"SELECT 1 FROM bots
WHERE author_email='".mysqli_real_escape_string($lnMysql,$_POST['email'])."'
AND id='".mysqli_real_escape_string($lnMysql,$_POST['botId'])."'"
);
if(!$r=mysqli_fetch_row($rs)){
$err.= "L'adresse e-mail ne correspond pas à celle enregistrée\n";
}
//check name
$rs=mysqli_query($lnMysql,
"SELECT 1 FROM bots
WHERE name='".mysqli_real_escape_string($lnMysql,htmlentities($_POST['botName']))."'
AND game='".mysqli_real_escape_string($lnMysql,$_POST['botGame'])."'
AND id <> '".mysqli_real_escape_string($lnMysql,$_POST['botId'])."'"
);
if($r=mysqli_fetch_row($rs)){
$err.="Un bot du même nom existe déjà";
}
//BotUrl
if(!preg_match("/^(http|https):\/\//", $_POST['botURL'])){
$alerts.="L'URL n'est pas valide.\n";
}
if($err == ""){
//save bot on temp table
$secret=rand_str(8, 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz1234567890');
mysqli_query($lnMysql,
" INSERT INTO bots_modifs( name, game, url, description, date_modification, validate_secret, author_email) VALUES (
'".mysqli_real_escape_string($lnMysql,htmlentities($_POST['botName']))."',
'".mysqli_real_escape_string($lnMysql,$_POST['botGame'])."',
'".mysqli_real_escape_string($lnMysql,$_POST['botURL'])."',
'".mysqli_real_escape_string($lnMysql,
preg_replace('#^(http|https|mailto|ftp)://(([a-z0-9\/\.\?-_=\#@:~])*)#i','<a href="$1://$2">$1://$2</a>'
,nl2br(htmlentities($_POST['botDescription'])))
)."',
NOW(),
'".$secret."',
'".mysqli_real_escape_string($lnMysql,$_POST['email'])."'"
);
//send e-mail
include __DIR__."/config.php";
require __DIR__.'/PHPMailer/PHPMailerAutoload.php';
$mail = new PHPMailer;
$mail->isSMTP();
//$mail->IsHTML(true);
//$mail->SMTPDebug = 2;
$mail->Debugoutput = 'html';
$mail->Host = $smtpParams['host'];
$mail->Port = $smtpParams['port'];
$mail->SMTPSecure = $smtpParams['secure'];
$mail->SMTPAuth = true;
$mail->Username = $smtpParams['username'];
$mail->Password = $smtpParams['pass'];
$mail->setFrom($smtpParams['username'], 'Bots Arena');
$mail->Subject = 'BotsArena';
$mail->addAddress($_POST['email']);
$mail->Body = $lang['E_MAIL_EDIT_BOT']."\n".$siteParam['BASEURL'].'p/editBot/'.$secret."\n".$lang['E_MAIL_ADD_BOT_SIGNATURE'];
if (!$mail->send()) {
error(500,"Mailer Error: " . $mail->ErrorInfo);
} else {
//echo "Message sent!";
}
}else{
//echo "plop".$err."plop"; die;
}
break;
default:
error(500,"erf");
break;

View File

@ -1 +1,45 @@
<h2>EditBot</h2>
<?php
if(isset($_POST['xd_check'])){
$botName=$_POST['botName'];
$botGame=$_POST['botGame'];
$botURL=$_POST['botURL'];
$botDescription=$_POST['botDescription'];
$email=$_POST['email'];
}else{
$botName=$theBot['name'];
$botGame=$theBot['game'];
$botURL=$theBot['url'];
$botDescription=$theBot['description'];
$email="";
}
?>
<h2>EditBot</h2>
<form method="POST" action="/p/editBot/<?php echo $theBot['id']; ?>">
<?php echo xd_check_input(0); ?><input type="hidden" name="act" value="editBot"/><input type="hidden" name="botId" value="<?php echo $theBot['id']; ?>"/>
<p><label for="botName"><?php echo $lang['BOT_NAME']; ?></label><input id="botName" type="text" name="botName" value="<?php echo htmlentities($botName); ?>" placeholder="<?php echo $lang['YOUR_ALIAS_FOR_EXEMPLE'];?>"/></p>
<p><label for="botGame"><?php echo $lang['BOT_GAME']; ?></label>
<select id="botGame" name="botGame">
<?php
foreach($arenas as $arena){
if($arena['id'] == $botGame){
$selected='selected="selected"';
}else{
$selected='';
}
echo '<option value="'.$arena['id'].'" '.$selected.'>'.$arena['id'].'</option>';
}
?>
</select></p>
<p><label for="botURL"><?php echo $lang['BOT_URL']; ?></label><input type="text" name="botURL" id="botURL" value="<?php echo htmlentities($botURL);?>" placeholder="http://"/></p>
<p><label><?php echo $lang['BOT_DESCRIPTION']; ?></label><textarea name="botDescription"><?php echo htmlentities($botDescription);?></textarea></p>
<p><label for="email"><?php echo $lang['YOUR_EMAIL_FOR_BOT_EDIT']; ?></label><input type="text" name="email" value="<?php echo htmlentities($email);?>" id="email"/></p>
<p><label for="sub"></label><input id="sub" type="submit" value="<?php echo $lang['SAVE_BOT']; ?>"/></p>
</form>

View File

@ -227,3 +227,11 @@ function get_unique_id(){
fclose($fp);
return $count;
}
function does_arena_exist($string,$arenasArr){
foreach($arenasArr as $arena){
if($string == $arena['id']){
return true;
}
}
return false;
}