SomeNet / public repos / ctf / pub / submit_bot.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
GITOLITE.txt
[ctf/pub/submit_bot.git] / submit.php
diff --git a/submit.php b/submit.php
index 3307d3ff19b30cfc9cfe58b16bf5f7a4d7d4b791..41415aa2f0cacb4c5c589e98222d7992b2f04db4 100644 (file)
--- a/submit.php
+++ b/submit.php
@@ -1,16 +1,16 @@
 <?php
 /**
 * insert flowIDs and info to submit into log_db.log_t.
-* log_db.log_t gets periodically checked by 
+* log_db.log_t gets periodically checked by
 * script whichs tries to submit flowids to gameserver.
 * Information about this status can be found in board.php
 *
-* 2014 by Jan "Someone" Vales <someone@somenet.org>
+* 2014-15 by Jan "Someone" Vales <someone@somenet.org>
 * do not publish!
 */
 
-$GLOBALS['db'] = new PDO('pgsql:host=localhost;port=5432;dbname=postgres;user=postgres;password=dba');                                                                                                              
-$GLOBALS['db']->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);                                                                                            
+$GLOBALS['db'] = new PDO('pgsql:host=localhost;port=5432;dbname=flagbot;user=flagbot;password=flagbotpw');
+$GLOBALS['db']->setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION);
 
 if (strcmp($_SERVER['REQUEST_METHOD'],"GET") === 0 || strcmp($_SERVER['REQUEST_METHOD'],"POST") === 0 ) {
   handleRequest();
@@ -20,24 +20,30 @@ if (strcmp($_SERVER['REQUEST_METHOD'],"GET") === 0 || strcmp($_SERVER['REQUEST_M
 }
 
 function handleRequest() {
-  if (isset($_REQUEST['flag']) && isset($_REQUEST['service']) && strlen($_REQUEST['flag']) == 32 ) {
-     insertData($_REQUEST['flag'],$_REQUEST['service']);
+  if (isset($_REQUEST['flag']) && isset($_REQUEST['service']) && isset($_REQUEST['flag_id']) && isset($_REQUEST['submitter'])) {
+     insertData($_REQUEST['flag'],$_REQUEST['service'], $_REQUEST['flag_id'], $_REQUEST['submitter']);
   } else {
      echo "<p><b>usage:</b><br>";
-     echo "GET /submit.php?flag=<i>STRING</i>&service=<i>STRING</i> <br>";
-     echo "POST<br> flag=<i>STRING</i>&service=<i>STRING</i></p>";
+     echo "GET /submit.php?flag=<i>STRING</i>&service=<i>STRING</i>&flag_id=<i>STRING</i>&submitter=<i>STRING</i><br>";
+     echo "POST<br> flag=<i>STRING</i>&service=<i>STRING</i>&flag_id=<i>STRING</i>&submitter=<i>STRING</i></p>";
   }
 }
 
-function insertData($flag, $service) {
+function insertData($flag, $service, $flagid, $submitter) {
   echo "<p><b>inserting data...</b></p>";
   echo "flag=".htmlentities($flag)."<br>";
   echo "service=".htmlentities($service)."</p>";
+  echo "flagid=".htmlentities($flagid)."</p>";
+  echo "submitter=".htmlentities($submitter)."</p>";
   $success = 0;
   try {
     $GLOBALS['db']->beginTransaction();
-    $stmt = $GLOBALS['db']->prepare("INSERT INTO flags (flag, service) VALUES(?, ?)");
-    $stmt->execute(array($flag, $service));
+    $stmt_fid = $GLOBALS['db']->prepare("UPDATE flag_ids set status = 1 where service = ? and flag_id = ?");
+    $stmt_fid->execute(array($service, $flagid));
+    $GLOBALS['db']->commit();
+    $GLOBALS['db']->beginTransaction();
+    $stmt = $GLOBALS['db']->prepare("INSERT INTO flags (flag, service, flag_id, submitter) VALUES(?, ?, ?, ?)");
+    $stmt->execute(array($flag, $service, $flagid, $submitter));
     $GLOBALS['db']->commit();
     $success = 1;
   }catch(PDOException $ex) {