<?php session_start(); if (!isset($_SESSION["USERID"])) { header("Location: logout.php"); exit; } // require_once(dirname(__file__) . '/functions.php'); require_once dirname(dirname(dirname(__FILE__))) . '/functions.php'; require_once dirname(dirname(__FILE__)) . '/wp-load.php'; $threadSha = json_decode(file_get_contents("php://input"), true); if (!wp_verify_nonce($threadSha["nonce"])) { die; } date_default_timezone_set('Asia/Tokyo'); $queryList = getSQLQuery(getPDO()); $censorList = getCensorList(getPDO(), $queryList["SELECT_CENSOR"]); $regexList = getRegex(getPDO(), $queryList["SELECT_REGEX"]); $fixedList = getFix(getPDO(), $queryList["SELECT_FIX"]); updeateToDeleatFlag(getPDO(), $threadSha["thread_sha"], $queryList["UPDATE_THREAD_DELEATE_FLAG"]); updeateToDeleatFlag(getPDO(), $threadSha["thread_sha"], $queryList["UPDATE_RES_DELEATE_FLAG"]); $jsonData = json_encode($threadSha); header("Content-Type: text/html; X-Content-Type-Options: nosniff; charset=utf-8"); echo $jsonData; die;
{ return get_GET('resultId', '/[^0-9]/'); } function getToken() { return get_GET('token'); } // script // prevent CSRF if (!isset($_SESSION)) { session_start(); } if (!paramExists('token') || !array_key_exists('anticsrf_key', $_SESSION) || getToken() != $_SESSION['anticsrf_key']) { error('Invalid access attempt'); } if (getFix()) { // fix data if (($resultId = getResultId()) === null) { error('Invalid calling - no resultId'); } $values = array($resultId); if (!($values[] = getCompetitionId())) { error('Invalid calling - no competitionId'); } if (!($values[] = getEventId())) { error('Invalid calling - no eventId'); } if (!($values[] = getRoundId())) { error('Invalid calling - no roundId'); } if (!($values[] = getPersonId())) {