Merge pull request #46 from gnieark/dev

Dev
This commit is contained in:
Gnieark 2016-05-09 21:28:54 +02:00
commit ef522c61a2
6 changed files with 189 additions and 28 deletions

View File

@ -162,6 +162,27 @@ if(isset($_GET['arena'])){
break; break;
case "editBot": case "editBot":
if(!isset($_GET['params'])){
error(404,"Page does not exists");
die;
}
$rs=mysqli_query($lnMysql,
"SELECT id,name,game,url,description,date_inscription
FROM bots
WHERE id='".mysqli_real_escape_string($lnMysql,$_GET['params'])."'
AND active='1'");
if(!$r=mysqli_fetch_row($rs)){
error(404,"Page doesn't exist");
die;
}
$theBot=array(
'id' => $r[0],
'name' => $r[1],
'game' => $r[2],
'url' => $r[3],
'description' => $r[4],
'date_inscription' => $r[5]
);
$siteTitle="Modifier un bot"; $siteTitle="Modifier un bot";
$siteDescription="bots arena "; $siteDescription="bots arena ";
$permitIndex=false; $permitIndex=false;

View File

@ -6,8 +6,7 @@ $lang = array(
'SITE_NAME' => 'Bots\' Arena', 'SITE_NAME' => 'Bots\' Arena',
'SITE_DESCRIPTION' => '<p> 'SITE_DESCRIPTION' => '<p>
Welcome on the Bots\' Arena.<br/> Welcome on the Bots\' Arena.<br/>
<b>This website is still in developpement. It doesn\'t work yet.</b><br/> <b>This website is still in developpement.</b>
This vhost is a mirror of dev branch <a href="https://github.com/gnieark/botsArena/tree/dev">this github repo</a>
</p> </p>
<p> <p>
Many games will be proposed here. You wont play to, but you will developp the bot who will play for you.<br/> Many games will be proposed here. You wont play to, but you will developp the bot who will play for you.<br/>
@ -46,5 +45,7 @@ $lang = array(
'BOT_URL' => 'The URL of your bot', 'BOT_URL' => 'The URL of your bot',
'BOT_DESCRIPTION' => 'Description (html code will not be interpreted, URL will be converted into link):', 'BOT_DESCRIPTION' => 'Description (html code will not be interpreted, URL will be converted into link):',
'YOUR_EMAIL_FOR_BOT_VALIDATION' => 'Your email address (will serve to validate your bot)', 'YOUR_EMAIL_FOR_BOT_VALIDATION' => 'Your email address (will serve to validate your bot)',
'SAVE_BOT' => 'Save' 'SAVE_BOT' => 'Save',
'E_MAIL_EDIT_BOT' => "Hello Dude! \n Please Folow the next URL in order to validate your bot update.",
'YOUR_EMAIL_FOR_BOT_EDIT' => 'E-mail used for add this bot:'
); );

View File

@ -45,5 +45,7 @@ $lang = array(
'BOT_URL' => 'L\'adresse URL de votre bot', 'BOT_URL' => 'L\'adresse URL de votre bot',
'BOT_DESCRIPTION' => 'Description (le code html ne sera pas interprété, les URL seront transformées en lien)', 'BOT_DESCRIPTION' => 'Description (le code html ne sera pas interprété, les URL seront transformées en lien)',
'YOUR_EMAIL_FOR_BOT_VALIDATION' => 'Votre adresse e-mail (servira pour la validation de votre bot)', 'YOUR_EMAIL_FOR_BOT_VALIDATION' => 'Votre adresse e-mail (servira pour la validation de votre bot)',
'SAVE_BOT' => 'Enregistrer' 'SAVE_BOT' => 'Enregistrer',
'E_MAIL_EDIT_BOT' => "Bonjour Dude! \n Suivez l'URL suivante pour valider les modifications sur votre bot.",
'YOUR_EMAIL_FOR_BOT_EDIT' => 'L\'adresse e-mail qui a servi à l\'inscription du bot:'
); );

View File

@ -1,5 +1,9 @@
<?php <?php
//Del unvalidated bots
mysqli_query($lnMysql, "DELETE FROM bots WHERE active='0' AND TIMESTAMPDIFF(DAY, NOW(), date_inscription) > 2");
mysqli_query($lnMysql, "DELETE FROM bot_modifs WHERE TIMESTAMPDIFF(DAY, NOW(), date_modification) > 2");
switch($_POST['act']){ switch($_POST['act']){
case "addBot": case "addBot":
//verifier les variables "botName""botGame""botURL""email""botDescription" //verifier les variables "botName""botGame""botURL""email""botDescription"
@ -7,15 +11,9 @@ switch($_POST['act']){
$alerts=""; $alerts="";
//botGame -> doit exister //botGame -> doit exister
$arenaExists=false; if(!does_arena_exist($_POST['botGame'],$arenas)){
foreach($arenas as $arena){
if($_POST['botGame'] == $arena['id']){
$arenaExists=true;
break;
}
}
if(!$arenaExists){
error(404,"wrong post parameter"); error(404,"wrong post parameter");
die;
} }
//botname -> il ne doit pas y avoir un autre bot du même nom sur le même jeu //botname -> il ne doit pas y avoir un autre bot du même nom sur le même jeu
@ -28,7 +26,7 @@ switch($_POST['act']){
$alerts.="Un bot existant pour ce jeu porte le même nom.\n"; $alerts.="Un bot existant pour ce jeu porte le même nom.\n";
} }
//BotUrl (doit retourner un code 200) //BotUrl
if(!preg_match("/^(http|https):\/\//", $_POST['botURL'])){ if(!preg_match("/^(http|https):\/\//", $_POST['botURL'])){
$alerts.="L'URL n'est pas valide.\n"; $alerts.="L'URL n'est pas valide.\n";
} }
@ -39,7 +37,6 @@ switch($_POST['act']){
} }
if($alerts <>""){ if($alerts <>""){
//echo $alerts;
//do nothing now //do nothing now
}else{ }else{
//enregistrer le bot et envoyer un email pour la validation //enregistrer le bot et envoyer un email pour la validation
@ -47,18 +44,20 @@ switch($_POST['act']){
$secret=rand_str(7, '$-_.+!*(),ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz1234567890'); $secret=rand_str(7, '$-_.+!*(),ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz1234567890');
//last char must be alphanum. Mail client should cut url if isn't. //last char must be alphanum. Mail client should cut url if isn't.
$secret.=rand_str(1, 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz1234567890'); $secret.=rand_str(1, 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz1234567890');
$sql = "INSERT INTO bots (name,game,url,description,active,date_inscription,validate_secret) VALUES
( '".mysqli_real_escape_string($lnMysql,htmlentities($_POST['botName']))."', $sql = "INSERT INTO bots (name,game,url,description,active,date_inscription,validate_secret,author_email) VALUES(
'".mysqli_real_escape_string($lnMysql,$_POST['botGame'])."', '".mysqli_real_escape_string($lnMysql,htmlentities($_POST['botName']))."',
'".mysqli_real_escape_string($lnMysql,htmlentities($_POST['botURL']))."', '".mysqli_real_escape_string($lnMysql,$_POST['botGame'])."',
'".mysqli_real_escape_string($lnMysql, '".mysqli_real_escape_string($lnMysql,htmlentities($_POST['botURL']))."',
preg_replace('#^(http|https|mailto|ftp)://(([a-z0-9\/\.\?-_=\#@:~])*)#i','<a href="$1://$2">$1://$2</a>' '".mysqli_real_escape_string($lnMysql,
,nl2br(htmlentities($_POST['botDescription']))) preg_replace('#^(http|https|mailto|ftp)://(([a-z0-9\/\.\?-_=\#@:~])*)#i','<a href="$1://$2">$1://$2</a>'
)."', ,nl2br(htmlentities($_POST['botDescription'])))
'0', )."',
NOW(), '0',
'".$secret."')"; NOW(),
// echo $sql; '".$secret."',
'".mysqli_real_escape_string($lnMysql,$_POST['email'])."'";
$rs=mysqli_query($lnMysql,$sql); $rs=mysqli_query($lnMysql,$sql);
include __DIR__."/config.php"; include __DIR__."/config.php";
@ -87,8 +86,94 @@ switch($_POST['act']){
} }
} }
//echo "TODO";
break; break;
case "editBot":
if(!does_arena_exist($_POST['botGame'],$arenas)){
error(404,"wrong post parameter");
die;
}
$err="";
//check author e-mail
$rs=mysqli_query($lnMysql,
"SELECT 1 FROM bots
WHERE author_email='".mysqli_real_escape_string($lnMysql,$_POST['email'])."'
AND id='".mysqli_real_escape_string($lnMysql,$_POST['botId'])."'"
);
if(!$r=mysqli_fetch_row($rs)){
$err.= "L'adresse e-mail ne correspond pas à celle enregistrée\n";
}
//check name
$rs=mysqli_query($lnMysql,
"SELECT 1 FROM bots
WHERE name='".mysqli_real_escape_string($lnMysql,htmlentities($_POST['botName']))."'
AND game='".mysqli_real_escape_string($lnMysql,$_POST['botGame'])."'
AND id <> '".mysqli_real_escape_string($lnMysql,$_POST['botId'])."'"
);
if($r=mysqli_fetch_row($rs)){
$err.="Un bot du même nom existe déjà";
}
//BotUrl
if(!preg_match("/^(http|https):\/\//", $_POST['botURL'])){
$alerts.="L'URL n'est pas valide.\n";
}
if($err == ""){
//save bot on temp table
$secret=rand_str(8, 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz1234567890');
mysqli_query($lnMysql,
" INSERT INTO bots_modifs( name, game, url, description, date_modification, validate_secret, author_email) VALUES (
'".mysqli_real_escape_string($lnMysql,htmlentities($_POST['botName']))."',
'".mysqli_real_escape_string($lnMysql,$_POST['botGame'])."',
'".mysqli_real_escape_string($lnMysql,$_POST['botURL'])."',
'".mysqli_real_escape_string($lnMysql,
preg_replace('#^(http|https|mailto|ftp)://(([a-z0-9\/\.\?-_=\#@:~])*)#i','<a href="$1://$2">$1://$2</a>'
,nl2br(htmlentities($_POST['botDescription'])))
)."',
NOW(),
'".$secret."',
'".mysqli_real_escape_string($lnMysql,$_POST['email'])."'"
);
//send e-mail
include __DIR__."/config.php";
require __DIR__.'/PHPMailer/PHPMailerAutoload.php';
$mail = new PHPMailer;
$mail->isSMTP();
//$mail->IsHTML(true);
//$mail->SMTPDebug = 2;
$mail->Debugoutput = 'html';
$mail->Host = $smtpParams['host'];
$mail->Port = $smtpParams['port'];
$mail->SMTPSecure = $smtpParams['secure'];
$mail->SMTPAuth = true;
$mail->Username = $smtpParams['username'];
$mail->Password = $smtpParams['pass'];
$mail->setFrom($smtpParams['username'], 'Bots Arena');
$mail->Subject = 'BotsArena';
$mail->addAddress($_POST['email']);
$mail->Body = $lang['E_MAIL_EDIT_BOT']."\n".$siteParam['BASEURL'].'p/editBot/'.$secret."\n".$lang['E_MAIL_ADD_BOT_SIGNATURE'];
if (!$mail->send()) {
error(500,"Mailer Error: " . $mail->ErrorInfo);
} else {
//echo "Message sent!";
}
}else{
//echo "plop".$err."plop"; die;
}
break;
default: default:
error(500,"erf"); error(500,"erf");
break; break;

View File

@ -1 +1,45 @@
<?php
if(isset($_POST['xd_check'])){
$botName=$_POST['botName'];
$botGame=$_POST['botGame'];
$botURL=$_POST['botURL'];
$botDescription=$_POST['botDescription'];
$email=$_POST['email'];
}else{
$botName=$theBot['name'];
$botGame=$theBot['game'];
$botURL=$theBot['url'];
$botDescription=$theBot['description'];
$email="";
}
?>
<h2>EditBot</h2> <h2>EditBot</h2>
<form method="POST" action="/p/editBot/<?php echo $theBot['id']; ?>">
<?php echo xd_check_input(0); ?><input type="hidden" name="act" value="editBot"/><input type="hidden" name="botId" value="<?php echo $theBot['id']; ?>"/>
<p><label for="botName"><?php echo $lang['BOT_NAME']; ?></label><input id="botName" type="text" name="botName" value="<?php echo htmlentities($botName); ?>" placeholder="<?php echo $lang['YOUR_ALIAS_FOR_EXEMPLE'];?>"/></p>
<p><label for="botGame"><?php echo $lang['BOT_GAME']; ?></label>
<select id="botGame" name="botGame">
<?php
foreach($arenas as $arena){
if($arena['id'] == $botGame){
$selected='selected="selected"';
}else{
$selected='';
}
echo '<option value="'.$arena['id'].'" '.$selected.'>'.$arena['id'].'</option>';
}
?>
</select></p>
<p><label for="botURL"><?php echo $lang['BOT_URL']; ?></label><input type="text" name="botURL" id="botURL" value="<?php echo htmlentities($botURL);?>" placeholder="http://"/></p>
<p><label><?php echo $lang['BOT_DESCRIPTION']; ?></label><textarea name="botDescription"><?php echo htmlentities($botDescription);?></textarea></p>
<p><label for="email"><?php echo $lang['YOUR_EMAIL_FOR_BOT_EDIT']; ?></label><input type="text" name="email" value="<?php echo htmlentities($email);?>" id="email"/></p>
<p><label for="sub"></label><input id="sub" type="submit" value="<?php echo $lang['SAVE_BOT']; ?>"/></p>
</form>

View File

@ -227,3 +227,11 @@ function get_unique_id(){
fclose($fp); fclose($fp);
return $count; return $count;
} }
function does_arena_exist($string,$arenasArr){
foreach($arenasArr as $arena){
if($string == $arena['id']){
return true;
}
}
return false;
}