edit bots
This commit is contained in:
parent
6d8f696af6
commit
f41a2a569a
69
src/act.php
69
src/act.php
|
|
@ -7,15 +7,9 @@ switch($_POST['act']){
|
|||
$alerts="";
|
||||
|
||||
//botGame -> doit exister
|
||||
$arenaExists=false;
|
||||
foreach($arenas as $arena){
|
||||
if($_POST['botGame'] == $arena['id']){
|
||||
$arenaExists=true;
|
||||
break;
|
||||
}
|
||||
}
|
||||
if(!$arenaExists){
|
||||
if(!does_arena_exist($_POST['botGame'],$arenas)){
|
||||
error(404,"wrong post parameter");
|
||||
die;
|
||||
}
|
||||
|
||||
//botname -> il ne doit pas y avoir un autre bot du même nom sur le même jeu
|
||||
|
|
@ -28,7 +22,7 @@ switch($_POST['act']){
|
|||
$alerts.="Un bot existant pour ce jeu porte le même nom.\n";
|
||||
}
|
||||
|
||||
//BotUrl (doit retourner un code 200)
|
||||
//BotUrl
|
||||
if(!preg_match("/^(http|https):\/\//", $_POST['botURL'])){
|
||||
$alerts.="L'URL n'est pas valide.\n";
|
||||
}
|
||||
|
|
@ -39,7 +33,6 @@ switch($_POST['act']){
|
|||
}
|
||||
|
||||
if($alerts <>""){
|
||||
//echo $alerts;
|
||||
//do nothing now
|
||||
}else{
|
||||
//enregistrer le bot et envoyer un email pour la validation
|
||||
|
|
@ -47,8 +40,9 @@ switch($_POST['act']){
|
|||
$secret=rand_str(7, '$-_.+!*(),ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz1234567890');
|
||||
//last char must be alphanum. Mail client should cut url if isn't.
|
||||
$secret.=rand_str(1, 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz1234567890');
|
||||
$sql = "INSERT INTO bots (name,game,url,description,active,date_inscription,validate_secret) VALUES
|
||||
( '".mysqli_real_escape_string($lnMysql,htmlentities($_POST['botName']))."',
|
||||
|
||||
$sql = "INSERT INTO bots (name,game,url,description,active,date_inscription,validate_secret,author_email) VALUES(
|
||||
'".mysqli_real_escape_string($lnMysql,htmlentities($_POST['botName']))."',
|
||||
'".mysqli_real_escape_string($lnMysql,$_POST['botGame'])."',
|
||||
'".mysqli_real_escape_string($lnMysql,htmlentities($_POST['botURL']))."',
|
||||
'".mysqli_real_escape_string($lnMysql,
|
||||
|
|
@ -57,8 +51,9 @@ switch($_POST['act']){
|
|||
)."',
|
||||
'0',
|
||||
NOW(),
|
||||
'".$secret."')";
|
||||
// echo $sql;
|
||||
'".$secret."',
|
||||
'".mysqli_real_escape_string($lnMysql,$_POST['email'])."'";
|
||||
|
||||
$rs=mysqli_query($lnMysql,$sql);
|
||||
|
||||
include __DIR__."/config.php";
|
||||
|
|
@ -87,8 +82,52 @@ switch($_POST['act']){
|
|||
}
|
||||
}
|
||||
|
||||
//echo "TODO";
|
||||
|
||||
break;
|
||||
|
||||
case "editBot":
|
||||
if(!does_arena_exist($_POST['botGame'],$arenas)){
|
||||
error(404,"wrong post parameter");
|
||||
die;
|
||||
}
|
||||
$err="";
|
||||
|
||||
//check author e-mail
|
||||
$rs=mysqli_query($lnMysql,
|
||||
"SELECT 1 FROM bots
|
||||
WHERE author_email='".mysqli_real_escape_string($lnMysql,$_POST['email'])."'
|
||||
AND id='".mysqli_real_escape_string($lnMysql,$_POST['botId'])."'"
|
||||
);
|
||||
if(!$r=mysqli_fetch_row($rs)){
|
||||
$err.= "L'adresse e-mail ne correspond pas à celle enregitrée\n";
|
||||
}
|
||||
//check name
|
||||
$rs=mysqli_query($lnMysql,
|
||||
"SELECT 1 FROM bots
|
||||
WHERE name='".mysqli_real_escape_string($lnMysql,html_entities($_POST['botName']))."'
|
||||
AND game='".mysqli_real_escape_string($lnMysql,$_POST['botGame'])."'
|
||||
AND id <> '".mysqli_real_escape_string($lnMysql,$_POST['botId'])."'"
|
||||
);
|
||||
|
||||
if($r=mysql_fetch_row($rs)){
|
||||
$err.="Un bot du même nom existe déjà";
|
||||
}
|
||||
//BotUrl
|
||||
if(!preg_match("/^(http|https):\/\//", $_POST['botURL'])){
|
||||
$alerts.="L'URL n'est pas valide.\n";
|
||||
}
|
||||
//******************* TO DO *******************************
|
||||
|
||||
|
||||
if($err <> ""){
|
||||
|
||||
}else{
|
||||
|
||||
}
|
||||
|
||||
|
||||
break;
|
||||
|
||||
default:
|
||||
error(500,"erf");
|
||||
break;
|
||||
|
|
|
|||
|
|
@ -6,6 +6,12 @@ if(isset($_POST['xd_check'])){
|
|||
$botURL=$_POST['botURL'];
|
||||
$botDescription=$_POST['botDescription'];
|
||||
$email=$_POST['email'];
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
|
||||
}else{
|
||||
$botName=$theBot['name'];
|
||||
$botGame=$theBot['game'];
|
||||
|
|
@ -17,7 +23,7 @@ if(isset($_POST['xd_check'])){
|
|||
?>
|
||||
<h2>EditBot</h2>
|
||||
<form method="POST" action="/p/editBot">
|
||||
<?php echo xd_check_input(0); ?><input type="hidden" name="act" value="addBot"/>
|
||||
<?php echo xd_check_input(0); ?><input type="hidden" name="act" value="editBot"/><input type="hidden" name="botId" value="<?php echo $theBot['id']; ?>"/>
|
||||
<p><label for="botName"><?php echo $lang['BOT_NAME']; ?></label><input id="botName" type="text" name="botName" value="<?php echo htmlentities($botName); ?>" placeholder="<?php echo $lang['YOUR_ALIAS_FOR_EXEMPLE'];?>"/></p>
|
||||
<p><label for="botGame"><?php echo $lang['BOT_GAME']; ?></label>
|
||||
<select id="botGame" name="botGame">
|
||||
|
|
|
|||
|
|
@ -227,3 +227,11 @@ function get_unique_id(){
|
|||
fclose($fp);
|
||||
return $count;
|
||||
}
|
||||
function does_arena_exist($string,$arenasArr){
|
||||
foreach($arenasArr as $arena){
|
||||
if($string == $arena['id']){
|
||||
return true;
|
||||
}
|
||||
}
|
||||
return false;
|
||||
}
|
||||
Loading…
Reference in New Issue
Block a user