edit bots
This commit is contained in:
parent
6d8f696af6
commit
f41a2a569a
85
src/act.php
85
src/act.php
|
|
@ -7,15 +7,9 @@ switch($_POST['act']){
|
||||||
$alerts="";
|
$alerts="";
|
||||||
|
|
||||||
//botGame -> doit exister
|
//botGame -> doit exister
|
||||||
$arenaExists=false;
|
if(!does_arena_exist($_POST['botGame'],$arenas)){
|
||||||
foreach($arenas as $arena){
|
|
||||||
if($_POST['botGame'] == $arena['id']){
|
|
||||||
$arenaExists=true;
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
}
|
|
||||||
if(!$arenaExists){
|
|
||||||
error(404,"wrong post parameter");
|
error(404,"wrong post parameter");
|
||||||
|
die;
|
||||||
}
|
}
|
||||||
|
|
||||||
//botname -> il ne doit pas y avoir un autre bot du même nom sur le même jeu
|
//botname -> il ne doit pas y avoir un autre bot du même nom sur le même jeu
|
||||||
|
|
@ -28,7 +22,7 @@ switch($_POST['act']){
|
||||||
$alerts.="Un bot existant pour ce jeu porte le même nom.\n";
|
$alerts.="Un bot existant pour ce jeu porte le même nom.\n";
|
||||||
}
|
}
|
||||||
|
|
||||||
//BotUrl (doit retourner un code 200)
|
//BotUrl
|
||||||
if(!preg_match("/^(http|https):\/\//", $_POST['botURL'])){
|
if(!preg_match("/^(http|https):\/\//", $_POST['botURL'])){
|
||||||
$alerts.="L'URL n'est pas valide.\n";
|
$alerts.="L'URL n'est pas valide.\n";
|
||||||
}
|
}
|
||||||
|
|
@ -39,7 +33,6 @@ switch($_POST['act']){
|
||||||
}
|
}
|
||||||
|
|
||||||
if($alerts <>""){
|
if($alerts <>""){
|
||||||
//echo $alerts;
|
|
||||||
//do nothing now
|
//do nothing now
|
||||||
}else{
|
}else{
|
||||||
//enregistrer le bot et envoyer un email pour la validation
|
//enregistrer le bot et envoyer un email pour la validation
|
||||||
|
|
@ -47,18 +40,20 @@ switch($_POST['act']){
|
||||||
$secret=rand_str(7, '$-_.+!*(),ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz1234567890');
|
$secret=rand_str(7, '$-_.+!*(),ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz1234567890');
|
||||||
//last char must be alphanum. Mail client should cut url if isn't.
|
//last char must be alphanum. Mail client should cut url if isn't.
|
||||||
$secret.=rand_str(1, 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz1234567890');
|
$secret.=rand_str(1, 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz1234567890');
|
||||||
$sql = "INSERT INTO bots (name,game,url,description,active,date_inscription,validate_secret) VALUES
|
|
||||||
( '".mysqli_real_escape_string($lnMysql,htmlentities($_POST['botName']))."',
|
$sql = "INSERT INTO bots (name,game,url,description,active,date_inscription,validate_secret,author_email) VALUES(
|
||||||
'".mysqli_real_escape_string($lnMysql,$_POST['botGame'])."',
|
'".mysqli_real_escape_string($lnMysql,htmlentities($_POST['botName']))."',
|
||||||
'".mysqli_real_escape_string($lnMysql,htmlentities($_POST['botURL']))."',
|
'".mysqli_real_escape_string($lnMysql,$_POST['botGame'])."',
|
||||||
'".mysqli_real_escape_string($lnMysql,
|
'".mysqli_real_escape_string($lnMysql,htmlentities($_POST['botURL']))."',
|
||||||
preg_replace('#^(http|https|mailto|ftp)://(([a-z0-9\/\.\?-_=\#@:~])*)#i','<a href="$1://$2">$1://$2</a>'
|
'".mysqli_real_escape_string($lnMysql,
|
||||||
,nl2br(htmlentities($_POST['botDescription'])))
|
preg_replace('#^(http|https|mailto|ftp)://(([a-z0-9\/\.\?-_=\#@:~])*)#i','<a href="$1://$2">$1://$2</a>'
|
||||||
)."',
|
,nl2br(htmlentities($_POST['botDescription'])))
|
||||||
'0',
|
)."',
|
||||||
NOW(),
|
'0',
|
||||||
'".$secret."')";
|
NOW(),
|
||||||
// echo $sql;
|
'".$secret."',
|
||||||
|
'".mysqli_real_escape_string($lnMysql,$_POST['email'])."'";
|
||||||
|
|
||||||
$rs=mysqli_query($lnMysql,$sql);
|
$rs=mysqli_query($lnMysql,$sql);
|
||||||
|
|
||||||
include __DIR__."/config.php";
|
include __DIR__."/config.php";
|
||||||
|
|
@ -87,8 +82,52 @@ switch($_POST['act']){
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
//echo "TODO";
|
|
||||||
break;
|
break;
|
||||||
|
|
||||||
|
case "editBot":
|
||||||
|
if(!does_arena_exist($_POST['botGame'],$arenas)){
|
||||||
|
error(404,"wrong post parameter");
|
||||||
|
die;
|
||||||
|
}
|
||||||
|
$err="";
|
||||||
|
|
||||||
|
//check author e-mail
|
||||||
|
$rs=mysqli_query($lnMysql,
|
||||||
|
"SELECT 1 FROM bots
|
||||||
|
WHERE author_email='".mysqli_real_escape_string($lnMysql,$_POST['email'])."'
|
||||||
|
AND id='".mysqli_real_escape_string($lnMysql,$_POST['botId'])."'"
|
||||||
|
);
|
||||||
|
if(!$r=mysqli_fetch_row($rs)){
|
||||||
|
$err.= "L'adresse e-mail ne correspond pas à celle enregitrée\n";
|
||||||
|
}
|
||||||
|
//check name
|
||||||
|
$rs=mysqli_query($lnMysql,
|
||||||
|
"SELECT 1 FROM bots
|
||||||
|
WHERE name='".mysqli_real_escape_string($lnMysql,html_entities($_POST['botName']))."'
|
||||||
|
AND game='".mysqli_real_escape_string($lnMysql,$_POST['botGame'])."'
|
||||||
|
AND id <> '".mysqli_real_escape_string($lnMysql,$_POST['botId'])."'"
|
||||||
|
);
|
||||||
|
|
||||||
|
if($r=mysql_fetch_row($rs)){
|
||||||
|
$err.="Un bot du même nom existe déjà";
|
||||||
|
}
|
||||||
|
//BotUrl
|
||||||
|
if(!preg_match("/^(http|https):\/\//", $_POST['botURL'])){
|
||||||
|
$alerts.="L'URL n'est pas valide.\n";
|
||||||
|
}
|
||||||
|
//******************* TO DO *******************************
|
||||||
|
|
||||||
|
|
||||||
|
if($err <> ""){
|
||||||
|
|
||||||
|
}else{
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
break;
|
||||||
|
|
||||||
default:
|
default:
|
||||||
error(500,"erf");
|
error(500,"erf");
|
||||||
break;
|
break;
|
||||||
|
|
|
||||||
|
|
@ -6,6 +6,12 @@ if(isset($_POST['xd_check'])){
|
||||||
$botURL=$_POST['botURL'];
|
$botURL=$_POST['botURL'];
|
||||||
$botDescription=$_POST['botDescription'];
|
$botDescription=$_POST['botDescription'];
|
||||||
$email=$_POST['email'];
|
$email=$_POST['email'];
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
}else{
|
}else{
|
||||||
$botName=$theBot['name'];
|
$botName=$theBot['name'];
|
||||||
$botGame=$theBot['game'];
|
$botGame=$theBot['game'];
|
||||||
|
|
@ -17,7 +23,7 @@ if(isset($_POST['xd_check'])){
|
||||||
?>
|
?>
|
||||||
<h2>EditBot</h2>
|
<h2>EditBot</h2>
|
||||||
<form method="POST" action="/p/editBot">
|
<form method="POST" action="/p/editBot">
|
||||||
<?php echo xd_check_input(0); ?><input type="hidden" name="act" value="addBot"/>
|
<?php echo xd_check_input(0); ?><input type="hidden" name="act" value="editBot"/><input type="hidden" name="botId" value="<?php echo $theBot['id']; ?>"/>
|
||||||
<p><label for="botName"><?php echo $lang['BOT_NAME']; ?></label><input id="botName" type="text" name="botName" value="<?php echo htmlentities($botName); ?>" placeholder="<?php echo $lang['YOUR_ALIAS_FOR_EXEMPLE'];?>"/></p>
|
<p><label for="botName"><?php echo $lang['BOT_NAME']; ?></label><input id="botName" type="text" name="botName" value="<?php echo htmlentities($botName); ?>" placeholder="<?php echo $lang['YOUR_ALIAS_FOR_EXEMPLE'];?>"/></p>
|
||||||
<p><label for="botGame"><?php echo $lang['BOT_GAME']; ?></label>
|
<p><label for="botGame"><?php echo $lang['BOT_GAME']; ?></label>
|
||||||
<select id="botGame" name="botGame">
|
<select id="botGame" name="botGame">
|
||||||
|
|
|
||||||
|
|
@ -227,3 +227,11 @@ function get_unique_id(){
|
||||||
fclose($fp);
|
fclose($fp);
|
||||||
return $count;
|
return $count;
|
||||||
}
|
}
|
||||||
|
function does_arena_exist($string,$arenasArr){
|
||||||
|
foreach($arenasArr as $arena){
|
||||||
|
if($string == $arena['id']){
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return false;
|
||||||
|
}
|
||||||
Loading…
Reference in New Issue
Block a user