function Init() { LoadConfig(); LoadUsers(); LoadEntries(); LoadThemes(); LoadAssets(); InitStream(); GetNextJamDateAndTime(); }
function SubmitEntry($gameName, $gameURL, $gameURLWeb, $gameURLWin, $gameURLMac, $gameURLLinux, $gameURLiOS, $gameURLAndroid, $screenshotURL, $description) { global $loggedInUser, $_FILES, $dbConn, $ip, $userAgent, $jams; $gameName = trim($gameName); $gameURL = trim($gameURL); $gameURLWeb = trim($gameURLWeb); $gameURLWin = trim($gameURLWin); $gameURLMac = trim($gameURLMac); $gameURLLinux = trim($gameURLLinux); $gameURLiOS = trim($gameURLiOS); $gameURLAndroid = trim($gameURLAndroid); $screenshotURL = trim($screenshotURL); $description = trim($description); //Authorize user if (IsLoggedIn() === false) { die("Not logged in."); } //Validate game name if (strlen($gameName) < 1) { die("Game name not provided"); } $urlValid = FALSE; //Validate that at least one of the provided game URLs is valid if (SanitizeURL($gameURL) !== false) { $urlValid = TRUE; } if (SanitizeURL($gameURLWeb) !== false) { $urlValid = TRUE; } if (SanitizeURL($gameURLWin) !== false) { $urlValid = TRUE; } if (SanitizeURL($gameURLMac) !== false) { $urlValid = TRUE; } if (SanitizeURL($gameURLLinux) !== false) { $urlValid = TRUE; } if (SanitizeURL($gameURLiOS) !== false) { $urlValid = TRUE; } if (SanitizeURL($gameURLAndroid) !== false) { $urlValid = TRUE; } //Did at least one url pass validation? if ($urlValid == FALSE) { die("Invalid game url"); } //Validate description if (strlen($description) <= 0) { die("Invalid description"); } //Check that a jam exists $currentJam = GetCurrentJamNumberAndID(); if ($currentJam == null || $currentJam["NUMBER"] == 0) { die("No jam to submit to"); } if (count($jams) == 0) { die("No jam to submit to"); } $currentJamNumber = intval($currentJam["NUMBER"]); $jam_folder = "data/jams/jam_{$currentJamNumber}"; //print $loggedInUser["username"]; if (isset($_FILES["screenshotfile"]) && $_FILES["screenshotfile"] != null && $_FILES["screenshotfile"]["size"] != 0) { $uploadPass = 0; $imageFileType = strtolower(pathinfo($_FILES["screenshotfile"]["name"], PATHINFO_EXTENSION)); $target_file = $jam_folder . "/" . $loggedInUser["username"] . "." . $imageFileType; $check = getimagesize($_FILES["screenshotfile"]["tmp_name"]); if ($check !== false) { $uploadPass = 1; } else { die("Uploaded screenshot is not an image"); $uploadPass = 0; } if ($_FILES["screenshotfile"]["size"] > 5000000) { die("Uploaded screenshot is too big (max 5MB)"); $uploadPass = 0; } if ($imageFileType != "jpg" && $imageFileType != "png" && $imageFileType != "jpeg" && $imageFileType != "gif") { die("Uploaded screenshot is not jpeg, png or gif"); $uploadPass = 0; } if ($uploadPass == 1) { if (!file_exists($jam_folder)) { mkdir($jam_folder); file_put_contents($jam_folder . "/.htaccess", "Order allow,deny\nAllow from all"); } move_uploaded_file($_FILES["screenshotfile"]["tmp_name"], $target_file); $screenshotURL = $target_file; } } //Validate Screenshot URL if ($screenshotURL == "") { $screenshotURL = "logo.png"; } $currentJam = $jams[0]; if (isset($currentJam["entries"])) { $entryUpdated = false; foreach ($currentJam["entries"] as $i => $entry) { if ($entry["author"] == $loggedInUser["username"]) { //Updating existing entry $existingScreenshot = $currentJam["entries"][$i]["screenshot_url"]; if ($screenshotURL == "logo.png") { if ($existingScreenshot != "" && $existingScreenshot != "logo.png") { $screenshotURL = $existingScreenshot; } } $escapedGameName = mysqli_real_escape_string($dbConn, $gameName); $escapedGameURL = mysqli_real_escape_string($dbConn, $gameURL); $escapedGameURLWeb = mysqli_real_escape_string($dbConn, $gameURLWeb); $escapedGameURLWin = mysqli_real_escape_string($dbConn, $gameURLWin); $escapedGameURLMac = mysqli_real_escape_string($dbConn, $gameURLMac); $escapedGameURLLinux = mysqli_real_escape_string($dbConn, $gameURLLinux); $escapedGameURLiOS = mysqli_real_escape_string($dbConn, $gameURLiOS); $escapedGameURLAndroid = mysqli_real_escape_string($dbConn, $gameURLAndroid); $escapedScreenshotURL = mysqli_real_escape_string($dbConn, $screenshotURL); $escapedDescription = mysqli_real_escape_string($dbConn, $description); $escapedAuthorName = mysqli_real_escape_string($dbConn, $entry["author"]); $escaped_jamNumber = mysqli_real_escape_string($dbConn, $currentJamNumber); $sql = "\n\t\t\t\tUPDATE entry\n\t\t\t\tSET\n\t\t\t\t\tentry_title = '{$escapedGameName}',\n\t\t\t\t\tentry_url = '{$escapedGameURL}',\n\t\t\t\t\tentry_url_web = '{$escapedGameURLWeb}',\n\t\t\t\t\tentry_url_windows = '{$escapedGameURLWin}',\n\t\t\t\t\tentry_url_mac = '{$escapedGameURLMac}',\n\t\t\t\t\tentry_url_linux = '{$escapedGameURLLinux}',\n\t\t\t\t\tentry_url_ios = '{$escapedGameURLiOS}',\n\t\t\t\t\tentry_url_android = '{$escapedGameURLAndroid}',\n\t\t\t\t\tentry_screenshot_url = '{$escapedScreenshotURL}',\n\t\t\t\t\tentry_description = '{$escapedDescription}'\n\t\t\t\tWHERE \n\t\t\t\t\tentry_author = '{$escapedAuthorName}'\n\t\t\t\tAND entry_jam_number = {$escaped_jamNumber};\n\n\t\t\t\t"; $data = mysqli_query($dbConn, $sql); $sql = ""; $entryUpdated = true; } } if (!$entryUpdated) { $jamData = GetCurrentJamNumberAndID(); $escaped_ip = mysqli_real_escape_string($dbConn, $ip); $escaped_userAgent = mysqli_real_escape_string($dbConn, $userAgent); $escaped_jamId = mysqli_real_escape_string($dbConn, $jamData["ID"]); $escaped_jamNumber = mysqli_real_escape_string($dbConn, $jamData["NUMBER"]); $escaped_gameName = mysqli_real_escape_string($dbConn, $gameName); $escaped_description = mysqli_real_escape_string($dbConn, $description); $escaped_aurhor = mysqli_real_escape_string($dbConn, $loggedInUser["username"]); $escaped_gameURL = mysqli_real_escape_string($dbConn, $gameURL); $escaped_gameURLWeb = mysqli_real_escape_string($dbConn, $gameURLWeb); $escaped_gameURLWin = mysqli_real_escape_string($dbConn, $gameURLWin); $escaped_gameURLMac = mysqli_real_escape_string($dbConn, $gameURLMac); $escaped_gameURLLinux = mysqli_real_escape_string($dbConn, $gameURLLinux); $escaped_gameURLiOS = mysqli_real_escape_string($dbConn, $gameURLiOS); $escaped_gameURLAndroid = mysqli_real_escape_string($dbConn, $gameURLAndroid); $escaped_ssURL = mysqli_real_escape_string($dbConn, $screenshotURL); $sql = "\n\t\t\t\tINSERT INTO entry\n\t\t\t\t(entry_id,\n\t\t\t\tentry_datetime,\n\t\t\t\tentry_ip,\n\t\t\t\tentry_user_agent,\n\t\t\t\tentry_jam_id,\n\t\t\t\tentry_jam_number,\n\t\t\t\tentry_title,\n\t\t\t\tentry_description,\n\t\t\t\tentry_author,\n\t\t\t\tentry_url,\n\t\t\t\tentry_url_web,\n\t\t\t\tentry_url_windows,\n\t\t\t\tentry_url_mac,\n\t\t\t\tentry_url_linux,\n\t\t\t\tentry_url_ios,\n\t\t\t\tentry_url_android,\n\t\t\t\tentry_screenshot_url)\n\t\t\t\tVALUES\n\t\t\t\t(null,\n\t\t\t\tNow(),\n\t\t\t\t'{$escaped_ip}',\n\t\t\t\t'{$escaped_userAgent}',\n\t\t\t\t{$escaped_jamId},\n\t\t\t\t{$escaped_jamNumber},\n\t\t\t\t'{$escaped_gameName}',\n\t\t\t\t'{$escaped_description}',\n\t\t\t\t'{$escaped_aurhor}',\n\t\t\t\t'{$escaped_gameURL}',\n\t\t\t\t'{$escaped_gameURLWeb}',\n\t\t\t\t'{$escaped_gameURLWin}',\n\t\t\t\t'{$escaped_gameURLMac}',\n\t\t\t\t'{$escaped_gameURLLinux}',\n\t\t\t\t'{$escaped_gameURLiOS}',\n\t\t\t\t'{$escaped_gameURLAndroid}',\n\t\t\t\t'{$escaped_ssURL}');\n\t\t\t"; $data = mysqli_query($dbConn, $sql); $sql = ""; } } LoadEntries(); }