requirePostDataFields('oldhash', 'newhash');
$oldhash = $_POST['oldhash'];
$newhash = $athena . '/' . htmlentities(substr($_POST['newhash'], 0, 36));
if (!$loggedin) {
dieJSON(array('error' => true, 'errorDesc' => 'Not logged in', 'hash' => $oldhash));
}
if (preg_match('/\\/.*?[^\\w\\-]/', $newhash) || !strlen($_POST['newhash'])) {
dieJSON(array('error' => true, 'errorDesc' => 'Malformed hash supplied', 'hash' => $oldhash));
}
if ($athena !== hashOwner($oldhash) && $oldhash !== 'null') {
dieJSON(array('error' => true, 'errorDesc' => 'Bad owner or hash', 'hash' => $oldhash));
}
if (CourseRoadDB::hashExists($newhash)) {
dieJSON(array('error' => true, 'errorDesc' => 'New hash is already taken', 'hash' => $oldhash));
}
CourseRoadDB::changeRoadHash($oldhash, $newhash, $athena);
dieJSON(array('success' => true, 'hash' => $newhash));
}
// And when the user adds a comment
if (isset($_POST['setRoadComment'])) {
requireCSRF();
requirePostDataFields('hash', 'comment');
$hash = $_POST['hash'];
$comment = htmlentities(substr($_POST['comment'], 0, 100));
if (!$loggedin) {
dieJSON(array('error' => true, 'errorDesc' => 'Not logged in', 'hash' => $oldhash));
}
if ($athena !== hashOwner($hash) && $hash !== 'null') {
dieJSON(array('error' => true, 'errorDesc' => 'Bad owner or hash', 'hash' => $oldhash));
}
CourseRoadDB::setRoadComment($hash, $comment, $athena);
