<h2>Guitar Wars - Add Your High Score</h2> <?php require_once 'appvars.php'; require_once 'connectvars.php'; if (isset($_POST['submit'])) { // Connect to the database $dbc = mysqli_connect(DB_HOST, DB_USER, DB_PASSWORD, DB_NAME); // Grab the score data from the POST $name = mysqli_real_escape_string($dbc, trim($_POST['name'])); $score = mysqli_real_escape_string($dbc, trim($_POST['score'])); $screenshot = mysqli_real_escape_string($dbc, trim($_FILES['screenshot']['name'])); $screenshot_type = $_FILES['screenshot']['type']; $screenshot_size = $_FILES['screenshot']['size']; // Check the CAPTCHA pass-phrase for verification $user_pass_phrase = SHA($_POST['verify']); if ($_SESSION['pass_phrase'] == $user_pass_phrase) { if (!empty($name) && is_numeric($score) && !empty($screenshot)) { if (($screenshot_type == 'image/gif' || $screenshot_type == 'image/jpeg' || $screenshot_type == 'image/pjpeg' || $screenshot_type == 'image/png') && $screenshot_size > 0 && $screenshot_size <= GW_MAXFILESIZE) { if ($_FILES['screenshot']['error'] == 0) { // Move the file to the target upload folder $target = GW_UPLOADPATH . $screenshot; if (move_uploaded_file($_FILES['screenshot']['tmp_name'], $target)) { // Write the data to the database $query = "INSERT INTO guitarwars (date, name, score, screenshot) VALUES (NOW(), '{$name}', '{$score}', '{$screenshot}')"; mysqli_query($dbc, $query); // Confirm success with the user echo '<p>Thanks for adding your new high score! It will be reviewed and added to the high score list as soon as possible.</p>'; echo '<p><strong>Name:</strong> ' . $name . '<br />'; echo '<strong>Score:</strong> ' . $score . '<br />'; echo '<img src="' . GW_UPLOADPATH . $screenshot . '" alt="Score image" /></p>';
session_start(); // Set some important CAPTCHA constants define('CAPTCHA_NUMCHARS', 6); // number of characters in pass-phrase define('CAPTCHA_WIDTH', 100); // width of image define('CAPTCHA_HEIGHT', 25); // height of image // Generate the random pass-phrase $pass_phrase = ""; for ($i = 0; $i < CAPTCHA_NUMCHARS; $i++) { $pass_phrase .= chr(rand(97, 122)); } // Store the encrypted pass-phrase in a session variable $_SESSION['pass_phrase'] = SHA($pass_phrase); // Create the image $img = imagecreatetruecolor(CAPTCHA_WIDTH, CAPTCHA_HEIGHT); // Set a white background with black text and gray graphics $bg_color = imagecolorallocate($img, 255, 255, 255); // white $text_color = imagecolorallocate($img, 0, 0, 0); // black $graphic_color = imagecolorallocate($img, 64, 64, 64); // dark gray // Fill the background imagefilledrectangle($img, 0, 0, CAPTCHA_WIDTH, CAPTCHA_HEIGHT, $bg_color); // Draw some random lines for ($i = 0; $i < 5; $i++) { imageline($img, 0, rand() % CAPTCHA_HEIGHT, CAPTCHA_WIDTH, rand() % CAPTCHA_HEIGHT, $graphic_color); }