} $html .= '</table>'; dieJSON(array('success' => true, 'html' => $html)); } // Runs when the user sets one of their roads to be their public road if (isset($_POST['setPublicRoad'])) { requireCSRF(); requirePostDataFields('hash'); $hash = $_POST['hash']; if (!$loggedin) { dieJSON(array('error' => true, 'errorDesc' => 'not logged in')); } if ($athena !== hashOwner($hash) && $hash !== 'null') { dieJSON(array('error' => true, 'errorDesc' => 'bad hash')); } CourseRoadDB::setPublicRoad($hash, $athena); dieJSON(array('success' => true)); } // When the user changes a road's hash if (isset($_POST['changeRoadHash'])) { requireCSRF(); requirePostDataFields('oldhash', 'newhash'); $oldhash = $_POST['oldhash']; $newhash = $athena . '/' . htmlentities(substr($_POST['newhash'], 0, 36)); if (!$loggedin) { dieJSON(array('error' => true, 'errorDesc' => 'Not logged in', 'hash' => $oldhash)); } if (preg_match('/\\/.*?[^\\w\\-]/', $newhash) || !strlen($_POST['newhash'])) { dieJSON(array('error' => true, 'errorDesc' => 'Malformed hash supplied', 'hash' => $oldhash)); } if ($athena !== hashOwner($oldhash) && $oldhash !== 'null') {